1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 This file is part of systemd.
5 Copyright 2010 Lennart Poettering
7 systemd is free software; you can redistribute it and/or modify it
8 under the terms of the GNU Lesser General Public License as published by
9 the Free Software Foundation; either version 2.1 of the License, or
10 (at your option) any later version.
12 systemd is distributed in the hope that it will be useful, but
13 WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 Lesser General Public License for more details.
17 You should have received a copy of the GNU Lesser General Public License
18 along with systemd; If not, see <http://www.gnu.org/licenses/>.
26 #include <sys/epoll.h>
27 #include <sys/inotify.h>
28 #include <sys/ioctl.h>
29 #include <sys/reboot.h>
30 #include <sys/timerfd.h>
38 #include "sd-daemon.h"
39 #include "sd-messages.h"
42 #include "alloc-util.h"
44 #include "boot-timestamps.h"
45 #include "bus-common-errors.h"
46 #include "bus-error.h"
47 #include "bus-kernel.h"
49 #include "clean-ipc.h"
51 #include "dbus-manager.h"
52 #include "dbus-unit.h"
54 #include "dirent-util.h"
57 #include "exec-util.h"
59 #include "exit-status.h"
66 #include "locale-setup.h"
72 #include "parse-util.h"
73 #include "path-lookup.h"
74 #include "path-util.h"
75 #include "process-util.h"
76 #include "ratelimit.h"
78 #include "signal-util.h"
80 #include "stat-util.h"
81 #include "string-table.h"
82 #include "string-util.h"
84 #include "terminal-util.h"
85 #include "time-util.h"
86 #include "transaction.h"
87 #include "umask-util.h"
88 #include "unit-name.h"
89 #include "user-util.h"
94 #define NOTIFY_RCVBUF_SIZE (8*1024*1024)
95 #define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
97 /* Initial delay and the interval for printing status messages about running jobs */
98 #define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
99 #define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
100 #define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
102 static int manager_dispatch_notify_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
103 static int manager_dispatch_cgroups_agent_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
104 static int manager_dispatch_signal_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
105 static int manager_dispatch_time_change_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
106 static int manager_dispatch_idle_pipe_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
107 static int manager_dispatch_user_lookup_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
);
108 static int manager_dispatch_jobs_in_progress(sd_event_source
*source
, usec_t usec
, void *userdata
);
109 static int manager_dispatch_run_queue(sd_event_source
*source
, void *userdata
);
110 static int manager_run_environment_generators(Manager
*m
);
111 static int manager_run_generators(Manager
*m
);
113 static void manager_watch_jobs_in_progress(Manager
*m
) {
119 /* We do not want to show the cylon animation if the user
120 * needs to confirm service executions otherwise confirmation
121 * messages will be screwed by the cylon animation. */
122 if (!manager_is_confirm_spawn_disabled(m
))
125 if (m
->jobs_in_progress_event_source
)
128 next
= now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_WAIT_USEC
;
129 r
= sd_event_add_time(
131 &m
->jobs_in_progress_event_source
,
134 manager_dispatch_jobs_in_progress
, m
);
138 (void) sd_event_source_set_description(m
->jobs_in_progress_event_source
, "manager-jobs-in-progress");
141 #define CYLON_BUFFER_EXTRA (2*(sizeof(ANSI_RED)-1) + sizeof(ANSI_HIGHLIGHT_RED)-1 + 2*(sizeof(ANSI_NORMAL)-1))
143 static void draw_cylon(char buffer
[], size_t buflen
, unsigned width
, unsigned pos
) {
146 assert(buflen
>= CYLON_BUFFER_EXTRA
+ width
+ 1);
147 assert(pos
<= width
+1); /* 0 or width+1 mean that the center light is behind the corner */
151 p
= mempset(p
, ' ', pos
-2);
152 if (log_get_show_color())
153 p
= stpcpy(p
, ANSI_RED
);
157 if (pos
> 0 && pos
<= width
) {
158 if (log_get_show_color())
159 p
= stpcpy(p
, ANSI_HIGHLIGHT_RED
);
163 if (log_get_show_color())
164 p
= stpcpy(p
, ANSI_NORMAL
);
167 if (log_get_show_color())
168 p
= stpcpy(p
, ANSI_RED
);
171 p
= mempset(p
, ' ', width
-1-pos
);
172 if (log_get_show_color())
173 strcpy(p
, ANSI_NORMAL
);
177 void manager_flip_auto_status(Manager
*m
, bool enable
) {
181 if (m
->show_status
== SHOW_STATUS_AUTO
)
182 manager_set_show_status(m
, SHOW_STATUS_TEMPORARY
);
184 if (m
->show_status
== SHOW_STATUS_TEMPORARY
)
185 manager_set_show_status(m
, SHOW_STATUS_AUTO
);
189 static void manager_print_jobs_in_progress(Manager
*m
) {
190 _cleanup_free_
char *job_of_n
= NULL
;
193 unsigned counter
= 0, print_nr
;
194 char cylon
[6 + CYLON_BUFFER_EXTRA
+ 1];
196 char time
[FORMAT_TIMESPAN_MAX
], limit
[FORMAT_TIMESPAN_MAX
] = "no limit";
200 assert(m
->n_running_jobs
> 0);
202 manager_flip_auto_status(m
, true);
204 print_nr
= (m
->jobs_in_progress_iteration
/ JOBS_IN_PROGRESS_PERIOD_DIVISOR
) % m
->n_running_jobs
;
206 HASHMAP_FOREACH(j
, m
->jobs
, i
)
207 if (j
->state
== JOB_RUNNING
&& counter
++ == print_nr
)
210 /* m->n_running_jobs must be consistent with the contents of m->jobs,
211 * so the above loop must have succeeded in finding j. */
212 assert(counter
== print_nr
+ 1);
215 cylon_pos
= m
->jobs_in_progress_iteration
% 14;
217 cylon_pos
= 14 - cylon_pos
;
218 draw_cylon(cylon
, sizeof(cylon
), 6, cylon_pos
);
220 m
->jobs_in_progress_iteration
++;
222 if (m
->n_running_jobs
> 1) {
223 if (asprintf(&job_of_n
, "(%u of %u) ", counter
, m
->n_running_jobs
) < 0)
227 format_timespan(time
, sizeof(time
), now(CLOCK_MONOTONIC
) - j
->begin_usec
, 1*USEC_PER_SEC
);
228 if (job_get_timeout(j
, &x
) > 0)
229 format_timespan(limit
, sizeof(limit
), x
- j
->begin_usec
, 1*USEC_PER_SEC
);
231 manager_status_printf(m
, STATUS_TYPE_EPHEMERAL
, cylon
,
232 "%sA %s job is running for %s (%s / %s)",
234 job_type_to_string(j
->type
),
235 unit_description(j
->unit
),
239 static int have_ask_password(void) {
240 _cleanup_closedir_
DIR *dir
;
243 dir
= opendir("/run/systemd/ask-password");
251 FOREACH_DIRENT_ALL(de
, dir
, return -errno
) {
252 if (startswith(de
->d_name
, "ask."))
258 static int manager_dispatch_ask_password_fd(sd_event_source
*source
,
259 int fd
, uint32_t revents
, void *userdata
) {
260 Manager
*m
= userdata
;
266 m
->have_ask_password
= have_ask_password();
267 if (m
->have_ask_password
< 0)
268 /* Log error but continue. Negative have_ask_password
269 * is treated as unknown status. */
270 log_error_errno(m
->have_ask_password
, "Failed to list /run/systemd/ask-password: %m");
275 static void manager_close_ask_password(Manager
*m
) {
278 m
->ask_password_event_source
= sd_event_source_unref(m
->ask_password_event_source
);
279 m
->ask_password_inotify_fd
= safe_close(m
->ask_password_inotify_fd
);
280 m
->have_ask_password
= -EINVAL
;
283 static int manager_check_ask_password(Manager
*m
) {
288 if (!m
->ask_password_event_source
) {
289 assert(m
->ask_password_inotify_fd
< 0);
291 mkdir_p_label("/run/systemd/ask-password", 0755);
293 m
->ask_password_inotify_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
294 if (m
->ask_password_inotify_fd
< 0)
295 return log_error_errno(errno
, "inotify_init1() failed: %m");
297 if (inotify_add_watch(m
->ask_password_inotify_fd
, "/run/systemd/ask-password", IN_CREATE
|IN_DELETE
|IN_MOVE
) < 0) {
298 log_error_errno(errno
, "Failed to add watch on /run/systemd/ask-password: %m");
299 manager_close_ask_password(m
);
303 r
= sd_event_add_io(m
->event
, &m
->ask_password_event_source
,
304 m
->ask_password_inotify_fd
, EPOLLIN
,
305 manager_dispatch_ask_password_fd
, m
);
307 log_error_errno(errno
, "Failed to add event source for /run/systemd/ask-password: %m");
308 manager_close_ask_password(m
);
312 (void) sd_event_source_set_description(m
->ask_password_event_source
, "manager-ask-password");
314 /* Queries might have been added meanwhile... */
315 manager_dispatch_ask_password_fd(m
->ask_password_event_source
,
316 m
->ask_password_inotify_fd
, EPOLLIN
, m
);
319 return m
->have_ask_password
;
322 static int manager_watch_idle_pipe(Manager
*m
) {
327 if (m
->idle_pipe_event_source
)
330 if (m
->idle_pipe
[2] < 0)
333 r
= sd_event_add_io(m
->event
, &m
->idle_pipe_event_source
, m
->idle_pipe
[2], EPOLLIN
, manager_dispatch_idle_pipe_fd
, m
);
335 return log_error_errno(r
, "Failed to watch idle pipe: %m");
337 (void) sd_event_source_set_description(m
->idle_pipe_event_source
, "manager-idle-pipe");
342 static void manager_close_idle_pipe(Manager
*m
) {
345 m
->idle_pipe_event_source
= sd_event_source_unref(m
->idle_pipe_event_source
);
347 safe_close_pair(m
->idle_pipe
);
348 safe_close_pair(m
->idle_pipe
+ 2);
351 static int manager_setup_time_change(Manager
*m
) {
354 /* We only care for the cancellation event, hence we set the
355 * timeout to the latest possible value. */
356 struct itimerspec its
= {
357 .it_value
.tv_sec
= TIME_T_MAX
,
361 assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX
));
363 if (m
->test_run_flags
)
366 /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
367 * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
369 m
->time_change_fd
= timerfd_create(CLOCK_REALTIME
, TFD_NONBLOCK
|TFD_CLOEXEC
);
370 if (m
->time_change_fd
< 0)
371 return log_error_errno(errno
, "Failed to create timerfd: %m");
373 if (timerfd_settime(m
->time_change_fd
, TFD_TIMER_ABSTIME
|TFD_TIMER_CANCEL_ON_SET
, &its
, NULL
) < 0) {
374 log_debug_errno(errno
, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
375 m
->time_change_fd
= safe_close(m
->time_change_fd
);
379 r
= sd_event_add_io(m
->event
, &m
->time_change_event_source
, m
->time_change_fd
, EPOLLIN
, manager_dispatch_time_change_fd
, m
);
381 return log_error_errno(r
, "Failed to create time change event source: %m");
383 (void) sd_event_source_set_description(m
->time_change_event_source
, "manager-time-change");
385 log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
390 static int enable_special_signals(Manager
*m
) {
391 _cleanup_close_
int fd
= -1;
395 if (m
->test_run_flags
)
398 /* Enable that we get SIGINT on control-alt-del. In containers
399 * this will fail with EPERM (older) or EINVAL (newer), so
401 if (reboot(RB_DISABLE_CAD
) < 0 && !IN_SET(errno
, EPERM
, EINVAL
))
402 log_warning_errno(errno
, "Failed to enable ctrl-alt-del handling: %m");
404 fd
= open_terminal("/dev/tty0", O_RDWR
|O_NOCTTY
|O_CLOEXEC
);
406 /* Support systems without virtual console */
408 log_warning_errno(errno
, "Failed to open /dev/tty0: %m");
410 /* Enable that we get SIGWINCH on kbrequest */
411 if (ioctl(fd
, KDSIGACCEPT
, SIGWINCH
) < 0)
412 log_warning_errno(errno
, "Failed to enable kbrequest handling: %m");
418 static int manager_setup_signals(Manager
*m
) {
419 struct sigaction sa
= {
420 .sa_handler
= SIG_DFL
,
421 .sa_flags
= SA_NOCLDSTOP
|SA_RESTART
,
428 assert_se(sigaction(SIGCHLD
, &sa
, NULL
) == 0);
430 /* We make liberal use of realtime signals here. On
431 * Linux/glibc we have 30 of them (with the exception of Linux
432 * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
435 assert_se(sigemptyset(&mask
) == 0);
436 sigset_add_many(&mask
,
437 SIGCHLD
, /* Child died */
438 SIGTERM
, /* Reexecute daemon */
439 SIGHUP
, /* Reload configuration */
440 SIGUSR1
, /* systemd/upstart: reconnect to D-Bus */
441 SIGUSR2
, /* systemd: dump status */
442 SIGINT
, /* Kernel sends us this on control-alt-del */
443 SIGWINCH
, /* Kernel sends us this on kbrequest (alt-arrowup) */
444 SIGPWR
, /* Some kernel drivers and upsd send us this on power failure */
446 SIGRTMIN
+0, /* systemd: start default.target */
447 SIGRTMIN
+1, /* systemd: isolate rescue.target */
448 SIGRTMIN
+2, /* systemd: isolate emergency.target */
449 SIGRTMIN
+3, /* systemd: start halt.target */
450 SIGRTMIN
+4, /* systemd: start poweroff.target */
451 SIGRTMIN
+5, /* systemd: start reboot.target */
452 SIGRTMIN
+6, /* systemd: start kexec.target */
454 /* ... space for more special targets ... */
456 SIGRTMIN
+13, /* systemd: Immediate halt */
457 SIGRTMIN
+14, /* systemd: Immediate poweroff */
458 SIGRTMIN
+15, /* systemd: Immediate reboot */
459 SIGRTMIN
+16, /* systemd: Immediate kexec */
461 /* ... space for more immediate system state changes ... */
463 SIGRTMIN
+20, /* systemd: enable status messages */
464 SIGRTMIN
+21, /* systemd: disable status messages */
465 SIGRTMIN
+22, /* systemd: set log level to LOG_DEBUG */
466 SIGRTMIN
+23, /* systemd: set log level to LOG_INFO */
467 SIGRTMIN
+24, /* systemd: Immediate exit (--user only) */
469 /* .. one free signal here ... */
471 #if !defined(__hppa64__) && !defined(__hppa__)
472 /* Apparently Linux on hppa has fewer RT
473 * signals (SIGRTMAX is SIGRTMIN+25 there),
474 * hence let's not try to make use of them
475 * here. Since these commands are accessible
476 * by different means and only really a safety
477 * net, the missing functionality on hppa
478 * shouldn't matter. */
480 SIGRTMIN
+26, /* systemd: set log target to journal-or-kmsg */
481 SIGRTMIN
+27, /* systemd: set log target to console */
482 SIGRTMIN
+28, /* systemd: set log target to kmsg */
483 SIGRTMIN
+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
485 /* ... one free signal here SIGRTMIN+30 ... */
488 assert_se(sigprocmask(SIG_SETMASK
, &mask
, NULL
) == 0);
490 m
->signal_fd
= signalfd(-1, &mask
, SFD_NONBLOCK
|SFD_CLOEXEC
);
491 if (m
->signal_fd
< 0)
494 r
= sd_event_add_io(m
->event
, &m
->signal_event_source
, m
->signal_fd
, EPOLLIN
, manager_dispatch_signal_fd
, m
);
498 (void) sd_event_source_set_description(m
->signal_event_source
, "manager-signal");
500 /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
501 * notify processing can still figure out to which process/service a message belongs, before we reap the
502 * process. Also, process this before handling cgroup notifications, so that we always collect child exit
503 * status information before detecting that there's no process in a cgroup. */
504 r
= sd_event_source_set_priority(m
->signal_event_source
, SD_EVENT_PRIORITY_NORMAL
-6);
508 if (MANAGER_IS_SYSTEM(m
))
509 return enable_special_signals(m
);
514 static void manager_clean_environment(Manager
*m
) {
517 /* Let's remove some environment variables that we
518 * need ourselves to communicate with our clients */
533 static int manager_default_environment(Manager
*m
) {
536 if (MANAGER_IS_SYSTEM(m
)) {
537 /* The system manager always starts with a clean
538 * environment for its children. It does not import
539 * the kernel's or the parents' exported variables.
541 * The initial passed environment is untouched to keep
542 * /proc/self/environ valid; it is used for tagging
543 * the init process inside containers. */
544 m
->environment
= strv_new("PATH=" DEFAULT_PATH
,
547 /* Import locale variables LC_*= from configuration */
548 locale_setup(&m
->environment
);
550 /* The user manager passes its own environment
551 * along to its children. */
552 m
->environment
= strv_copy(environ
);
557 manager_clean_environment(m
);
558 strv_sort(m
->environment
);
563 static int manager_setup_prefix(Manager
*m
) {
569 static const struct table_entry paths_system
[_EXEC_DIRECTORY_TYPE_MAX
] = {
570 [EXEC_DIRECTORY_RUNTIME
] = { SD_PATH_SYSTEM_RUNTIME
, NULL
},
571 [EXEC_DIRECTORY_STATE
] = { SD_PATH_SYSTEM_STATE_PRIVATE
, NULL
},
572 [EXEC_DIRECTORY_CACHE
] = { SD_PATH_SYSTEM_STATE_CACHE
, NULL
},
573 [EXEC_DIRECTORY_LOGS
] = { SD_PATH_SYSTEM_STATE_LOGS
, NULL
},
574 [EXEC_DIRECTORY_CONFIGURATION
] = { SD_PATH_SYSTEM_CONFIGURATION
, NULL
},
577 static const struct table_entry paths_user
[_EXEC_DIRECTORY_TYPE_MAX
] = {
578 [EXEC_DIRECTORY_RUNTIME
] = { SD_PATH_USER_RUNTIME
, NULL
},
579 [EXEC_DIRECTORY_STATE
] = { SD_PATH_USER_CONFIGURATION
, NULL
},
580 [EXEC_DIRECTORY_CACHE
] = { SD_PATH_USER_STATE_CACHE
, NULL
},
581 [EXEC_DIRECTORY_LOGS
] = { SD_PATH_USER_CONFIGURATION
, "log" },
582 [EXEC_DIRECTORY_CONFIGURATION
] = { SD_PATH_USER_CONFIGURATION
, NULL
},
585 const struct table_entry
*p
;
591 if (MANAGER_IS_SYSTEM(m
))
596 for (i
= 0; i
< _EXEC_DIRECTORY_TYPE_MAX
; i
++) {
597 r
= sd_path_home(p
[i
].type
, p
[i
].suffix
, &m
->prefix
[i
]);
605 int manager_new(UnitFileScope scope
, unsigned test_run_flags
, Manager
**_m
) {
610 assert(IN_SET(scope
, UNIT_FILE_SYSTEM
, UNIT_FILE_USER
));
612 m
= new0(Manager
, 1);
616 m
->unit_file_scope
= scope
;
617 m
->exit_code
= _MANAGER_EXIT_CODE_INVALID
;
618 m
->default_timer_accuracy_usec
= USEC_PER_MINUTE
;
619 m
->default_tasks_accounting
= true;
620 m
->default_tasks_max
= UINT64_MAX
;
621 m
->default_timeout_start_usec
= DEFAULT_TIMEOUT_USEC
;
622 m
->default_timeout_stop_usec
= DEFAULT_TIMEOUT_USEC
;
623 m
->default_restart_usec
= DEFAULT_RESTART_USEC
;
626 if (MANAGER_IS_SYSTEM(m
) && detect_container() <= 0)
627 boot_timestamps(&m
->userspace_timestamp
, &m
->firmware_timestamp
, &m
->loader_timestamp
);
630 /* Prepare log fields we can use for structured logging */
631 if (MANAGER_IS_SYSTEM(m
)) {
632 m
->unit_log_field
= "UNIT=";
633 m
->unit_log_format_string
= "UNIT=%s";
635 m
->invocation_log_field
= "INVOCATION_ID=";
636 m
->invocation_log_format_string
= "INVOCATION_ID=%s";
638 m
->unit_log_field
= "USER_UNIT=";
639 m
->unit_log_format_string
= "USER_UNIT=%s";
641 m
->invocation_log_field
= "USER_INVOCATION_ID=";
642 m
->invocation_log_format_string
= "USER_INVOCATION_ID=%s";
645 m
->idle_pipe
[0] = m
->idle_pipe
[1] = m
->idle_pipe
[2] = m
->idle_pipe
[3] = -1;
647 m
->pin_cgroupfs_fd
= m
->notify_fd
= m
->cgroups_agent_fd
= m
->signal_fd
= m
->time_change_fd
=
648 m
->dev_autofs_fd
= m
->private_listen_fd
= m
->cgroup_inotify_fd
=
649 m
->ask_password_inotify_fd
= -1;
651 m
->user_lookup_fds
[0] = m
->user_lookup_fds
[1] = -1;
653 m
->current_job_id
= 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
655 m
->have_ask_password
= -EINVAL
; /* we don't know */
658 m
->test_run_flags
= test_run_flags
;
660 /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
661 RATELIMIT_INIT(m
->ctrl_alt_del_ratelimit
, 2 * USEC_PER_SEC
, 7);
663 r
= manager_default_environment(m
);
667 r
= hashmap_ensure_allocated(&m
->units
, &string_hash_ops
);
671 r
= hashmap_ensure_allocated(&m
->jobs
, NULL
);
675 r
= hashmap_ensure_allocated(&m
->cgroup_unit
, &string_hash_ops
);
679 r
= hashmap_ensure_allocated(&m
->watch_bus
, &string_hash_ops
);
683 r
= sd_event_default(&m
->event
);
687 r
= sd_event_add_defer(m
->event
, &m
->run_queue_event_source
, manager_dispatch_run_queue
, m
);
691 r
= sd_event_source_set_priority(m
->run_queue_event_source
, SD_EVENT_PRIORITY_IDLE
);
695 r
= sd_event_source_set_enabled(m
->run_queue_event_source
, SD_EVENT_OFF
);
699 (void) sd_event_source_set_description(m
->run_queue_event_source
, "manager-run-queue");
701 r
= manager_setup_signals(m
);
705 r
= manager_setup_cgroup(m
);
709 r
= manager_setup_time_change(m
);
713 m
->udev
= udev_new();
719 if (MANAGER_IS_SYSTEM(m
)) {
720 r
= mkdir_label("/run/systemd/units", 0755);
721 if (r
< 0 && r
!= -EEXIST
)
725 /* Note that we do not set up the notify fd here. We do that after deserialization,
726 * since they might have gotten serialized across the reexec. */
728 m
->taint_usr
= dir_is_empty("/usr") > 0;
730 r
= manager_setup_prefix(m
);
742 static int manager_setup_notify(Manager
*m
) {
745 if (m
->test_run_flags
)
748 if (m
->notify_fd
< 0) {
749 _cleanup_close_
int fd
= -1;
750 union sockaddr_union sa
= {
751 .sa
.sa_family
= AF_UNIX
,
753 static const int one
= 1;
755 /* First free all secondary fields */
756 m
->notify_socket
= mfree(m
->notify_socket
);
757 m
->notify_event_source
= sd_event_source_unref(m
->notify_event_source
);
759 fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
761 return log_error_errno(errno
, "Failed to allocate notification socket: %m");
763 fd_inc_rcvbuf(fd
, NOTIFY_RCVBUF_SIZE
);
765 m
->notify_socket
= strappend(m
->prefix
[EXEC_DIRECTORY_RUNTIME
], "/systemd/notify");
766 if (!m
->notify_socket
)
769 (void) mkdir_parents_label(m
->notify_socket
, 0755);
770 (void) unlink(m
->notify_socket
);
772 strncpy(sa
.un
.sun_path
, m
->notify_socket
, sizeof(sa
.un
.sun_path
)-1);
773 r
= bind(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
775 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
777 r
= setsockopt(fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
));
779 return log_error_errno(errno
, "SO_PASSCRED failed: %m");
784 log_debug("Using notification socket %s", m
->notify_socket
);
787 if (!m
->notify_event_source
) {
788 r
= sd_event_add_io(m
->event
, &m
->notify_event_source
, m
->notify_fd
, EPOLLIN
, manager_dispatch_notify_fd
, m
);
790 return log_error_errno(r
, "Failed to allocate notify event source: %m");
792 /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
793 * service an exit message belongs. */
794 r
= sd_event_source_set_priority(m
->notify_event_source
, SD_EVENT_PRIORITY_NORMAL
-7);
796 return log_error_errno(r
, "Failed to set priority of notify event source: %m");
798 (void) sd_event_source_set_description(m
->notify_event_source
, "manager-notify");
804 static int manager_setup_cgroups_agent(Manager
*m
) {
806 static const union sockaddr_union sa
= {
807 .un
.sun_family
= AF_UNIX
,
808 .un
.sun_path
= "/run/systemd/cgroups-agent",
812 /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
813 * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
814 * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
815 * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
816 * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
817 * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
818 * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
819 * we thus won't lose messages.
821 * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
822 * to it. The system instance hence listens on this special socket, but the user instances listen on the system
823 * bus for these messages. */
825 if (m
->test_run_flags
)
828 if (!MANAGER_IS_SYSTEM(m
))
831 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
833 return log_error_errno(r
, "Failed to determine whether unified cgroups hierarchy is used: %m");
834 if (r
> 0) /* We don't need this anymore on the unified hierarchy */
837 if (m
->cgroups_agent_fd
< 0) {
838 _cleanup_close_
int fd
= -1;
840 /* First free all secondary fields */
841 m
->cgroups_agent_event_source
= sd_event_source_unref(m
->cgroups_agent_event_source
);
843 fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
845 return log_error_errno(errno
, "Failed to allocate cgroups agent socket: %m");
847 fd_inc_rcvbuf(fd
, CGROUPS_AGENT_RCVBUF_SIZE
);
849 (void) unlink(sa
.un
.sun_path
);
851 /* Only allow root to connect to this socket */
853 r
= bind(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
855 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
857 m
->cgroups_agent_fd
= fd
;
861 if (!m
->cgroups_agent_event_source
) {
862 r
= sd_event_add_io(m
->event
, &m
->cgroups_agent_event_source
, m
->cgroups_agent_fd
, EPOLLIN
, manager_dispatch_cgroups_agent_fd
, m
);
864 return log_error_errno(r
, "Failed to allocate cgroups agent event source: %m");
866 /* Process cgroups notifications early, but after having processed service notification messages or
867 * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
868 * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
869 * cgroup inotify for the unified cgroup stuff. */
870 r
= sd_event_source_set_priority(m
->cgroups_agent_event_source
, SD_EVENT_PRIORITY_NORMAL
-4);
872 return log_error_errno(r
, "Failed to set priority of cgroups agent event source: %m");
874 (void) sd_event_source_set_description(m
->cgroups_agent_event_source
, "manager-cgroups-agent");
880 static int manager_setup_user_lookup_fd(Manager
*m
) {
885 /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
886 * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
887 * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
888 * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
889 * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
890 * hence we establish this communication channel so that forked off processes can pass their UID/GID
891 * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
892 * datagram, along with their unit name, so that we can share one communication socket pair among all units for
895 * You might wonder why we need a communication channel for this that is independent of the usual notification
896 * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
897 * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
898 * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
900 * Note that this function is called under two circumstances: when we first initialize (in which case we
901 * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
902 * (in which case the socket pair already exists but we still need to allocate the event source for it). */
904 if (m
->user_lookup_fds
[0] < 0) {
906 /* Free all secondary fields */
907 safe_close_pair(m
->user_lookup_fds
);
908 m
->user_lookup_event_source
= sd_event_source_unref(m
->user_lookup_event_source
);
910 if (socketpair(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
, 0, m
->user_lookup_fds
) < 0)
911 return log_error_errno(errno
, "Failed to allocate user lookup socket: %m");
913 (void) fd_inc_rcvbuf(m
->user_lookup_fds
[0], NOTIFY_RCVBUF_SIZE
);
916 if (!m
->user_lookup_event_source
) {
917 r
= sd_event_add_io(m
->event
, &m
->user_lookup_event_source
, m
->user_lookup_fds
[0], EPOLLIN
, manager_dispatch_user_lookup_fd
, m
);
919 return log_error_errno(errno
, "Failed to allocate user lookup event source: %m");
921 /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
923 r
= sd_event_source_set_priority(m
->user_lookup_event_source
, SD_EVENT_PRIORITY_NORMAL
-8);
925 return log_error_errno(errno
, "Failed to set priority ot user lookup event source: %m");
927 (void) sd_event_source_set_description(m
->user_lookup_event_source
, "user-lookup");
933 static int manager_connect_bus(Manager
*m
, bool reexecuting
) {
934 bool try_bus_connect
;
939 if (m
->test_run_flags
)
942 u
= manager_get_unit(m
, SPECIAL_DBUS_SERVICE
);
945 (u
&& SERVICE(u
)->deserialized_state
== SERVICE_RUNNING
) &&
947 (MANAGER_IS_USER(m
) && getenv("DBUS_SESSION_BUS_ADDRESS")));
949 /* Try to connect to the buses, if possible. */
950 return bus_init(m
, try_bus_connect
);
953 static unsigned manager_dispatch_cleanup_queue(Manager
*m
) {
959 while ((u
= m
->cleanup_queue
)) {
960 assert(u
->in_cleanup_queue
);
970 GC_OFFSET_IN_PATH
, /* This one is on the path we were traveling */
971 GC_OFFSET_UNSURE
, /* No clue */
972 GC_OFFSET_GOOD
, /* We still need this unit */
973 GC_OFFSET_BAD
, /* We don't need this unit anymore */
977 static void unit_gc_mark_good(Unit
*u
, unsigned gc_marker
) {
982 u
->gc_marker
= gc_marker
+ GC_OFFSET_GOOD
;
984 /* Recursively mark referenced units as GOOD as well */
985 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REFERENCES
], i
)
986 if (other
->gc_marker
== gc_marker
+ GC_OFFSET_UNSURE
)
987 unit_gc_mark_good(other
, gc_marker
);
990 static void unit_gc_sweep(Unit
*u
, unsigned gc_marker
) {
998 if (IN_SET(u
->gc_marker
- gc_marker
,
999 GC_OFFSET_GOOD
, GC_OFFSET_BAD
, GC_OFFSET_UNSURE
, GC_OFFSET_IN_PATH
))
1002 if (u
->in_cleanup_queue
)
1005 if (unit_check_gc(u
))
1008 u
->gc_marker
= gc_marker
+ GC_OFFSET_IN_PATH
;
1012 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REFERENCED_BY
], i
) {
1013 unit_gc_sweep(other
, gc_marker
);
1015 if (other
->gc_marker
== gc_marker
+ GC_OFFSET_GOOD
)
1018 if (other
->gc_marker
!= gc_marker
+ GC_OFFSET_BAD
)
1025 /* We were unable to find anything out about this entry, so
1026 * let's investigate it later */
1027 u
->gc_marker
= gc_marker
+ GC_OFFSET_UNSURE
;
1028 unit_add_to_gc_queue(u
);
1032 /* We definitely know that this one is not useful anymore, so
1033 * let's mark it for deletion */
1034 u
->gc_marker
= gc_marker
+ GC_OFFSET_BAD
;
1035 unit_add_to_cleanup_queue(u
);
1039 unit_gc_mark_good(u
, gc_marker
);
1042 static unsigned manager_dispatch_gc_unit_queue(Manager
*m
) {
1043 unsigned n
= 0, gc_marker
;
1048 /* log_debug("Running GC..."); */
1050 m
->gc_marker
+= _GC_OFFSET_MAX
;
1051 if (m
->gc_marker
+ _GC_OFFSET_MAX
<= _GC_OFFSET_MAX
)
1054 gc_marker
= m
->gc_marker
;
1056 while ((u
= m
->gc_unit_queue
)) {
1057 assert(u
->in_gc_queue
);
1059 unit_gc_sweep(u
, gc_marker
);
1061 LIST_REMOVE(gc_queue
, m
->gc_unit_queue
, u
);
1062 u
->in_gc_queue
= false;
1066 if (IN_SET(u
->gc_marker
- gc_marker
,
1067 GC_OFFSET_BAD
, GC_OFFSET_UNSURE
)) {
1069 log_unit_debug(u
, "Collecting.");
1070 u
->gc_marker
= gc_marker
+ GC_OFFSET_BAD
;
1071 unit_add_to_cleanup_queue(u
);
1078 static unsigned manager_dispatch_gc_job_queue(Manager
*m
) {
1084 while ((j
= m
->gc_job_queue
)) {
1085 assert(j
->in_gc_queue
);
1087 LIST_REMOVE(gc_queue
, m
->gc_job_queue
, j
);
1088 j
->in_gc_queue
= false;
1092 if (job_check_gc(j
))
1095 log_unit_debug(j
->unit
, "Collecting job.");
1096 (void) job_finish_and_invalidate(j
, JOB_COLLECTED
, false, false);
1102 static void manager_clear_jobs_and_units(Manager
*m
) {
1107 while ((u
= hashmap_first(m
->units
)))
1110 manager_dispatch_cleanup_queue(m
);
1112 assert(!m
->load_queue
);
1113 assert(!m
->run_queue
);
1114 assert(!m
->dbus_unit_queue
);
1115 assert(!m
->dbus_job_queue
);
1116 assert(!m
->cleanup_queue
);
1117 assert(!m
->gc_unit_queue
);
1118 assert(!m
->gc_job_queue
);
1120 assert(hashmap_isempty(m
->jobs
));
1121 assert(hashmap_isempty(m
->units
));
1123 m
->n_on_console
= 0;
1124 m
->n_running_jobs
= 0;
1127 Manager
* manager_free(Manager
*m
) {
1130 ExecDirectoryType dt
;
1135 manager_clear_jobs_and_units(m
);
1137 for (c
= 0; c
< _UNIT_TYPE_MAX
; c
++)
1138 if (unit_vtable
[c
]->shutdown
)
1139 unit_vtable
[c
]->shutdown(m
);
1141 /* If we reexecute ourselves, we keep the root cgroup around */
1142 manager_shutdown_cgroup(m
, m
->exit_code
!= MANAGER_REEXECUTE
);
1144 lookup_paths_flush_generator(&m
->lookup_paths
);
1148 dynamic_user_vacuum(m
, false);
1149 hashmap_free(m
->dynamic_users
);
1151 hashmap_free(m
->units
);
1152 hashmap_free(m
->units_by_invocation_id
);
1153 hashmap_free(m
->jobs
);
1154 hashmap_free(m
->watch_pids1
);
1155 hashmap_free(m
->watch_pids2
);
1156 hashmap_free(m
->watch_bus
);
1158 set_free(m
->startup_units
);
1159 set_free(m
->failed_units
);
1161 sd_event_source_unref(m
->signal_event_source
);
1162 sd_event_source_unref(m
->notify_event_source
);
1163 sd_event_source_unref(m
->cgroups_agent_event_source
);
1164 sd_event_source_unref(m
->time_change_event_source
);
1165 sd_event_source_unref(m
->jobs_in_progress_event_source
);
1166 sd_event_source_unref(m
->run_queue_event_source
);
1167 sd_event_source_unref(m
->user_lookup_event_source
);
1169 safe_close(m
->signal_fd
);
1170 safe_close(m
->notify_fd
);
1171 safe_close(m
->cgroups_agent_fd
);
1172 safe_close(m
->time_change_fd
);
1173 safe_close_pair(m
->user_lookup_fds
);
1175 manager_close_ask_password(m
);
1177 manager_close_idle_pipe(m
);
1179 udev_unref(m
->udev
);
1180 sd_event_unref(m
->event
);
1182 free(m
->notify_socket
);
1184 lookup_paths_free(&m
->lookup_paths
);
1185 strv_free(m
->environment
);
1187 hashmap_free(m
->cgroup_unit
);
1188 set_free_free(m
->unit_path_cache
);
1190 free(m
->switch_root
);
1191 free(m
->switch_root_init
);
1193 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
1194 m
->rlimit
[i
] = mfree(m
->rlimit
[i
]);
1196 assert(hashmap_isempty(m
->units_requiring_mounts_for
));
1197 hashmap_free(m
->units_requiring_mounts_for
);
1199 hashmap_free(m
->uid_refs
);
1200 hashmap_free(m
->gid_refs
);
1202 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++)
1203 m
->prefix
[dt
] = mfree(m
->prefix
[dt
]);
1208 void manager_enumerate(Manager
*m
) {
1213 /* Let's ask every type to load all units from disk/kernel
1214 * that it might know */
1215 for (c
= 0; c
< _UNIT_TYPE_MAX
; c
++) {
1216 if (!unit_type_supported(c
)) {
1217 log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c
));
1221 if (!unit_vtable
[c
]->enumerate
)
1224 unit_vtable
[c
]->enumerate(m
);
1227 manager_dispatch_load_queue(m
);
1230 static void manager_coldplug(Manager
*m
) {
1238 /* Then, let's set up their initial state. */
1239 HASHMAP_FOREACH_KEY(u
, k
, m
->units
, i
) {
1241 /* ignore aliases */
1245 r
= unit_coldplug(u
);
1247 log_warning_errno(r
, "We couldn't coldplug %s, proceeding anyway: %m", u
->id
);
1251 static void manager_build_unit_path_cache(Manager
*m
) {
1257 set_free_free(m
->unit_path_cache
);
1259 m
->unit_path_cache
= set_new(&string_hash_ops
);
1260 if (!m
->unit_path_cache
) {
1265 /* This simply builds a list of files we know exist, so that
1266 * we don't always have to go to disk */
1268 STRV_FOREACH(i
, m
->lookup_paths
.search_path
) {
1269 _cleanup_closedir_
DIR *d
= NULL
;
1274 if (errno
!= ENOENT
)
1275 log_warning_errno(errno
, "Failed to open directory %s, ignoring: %m", *i
);
1279 FOREACH_DIRENT(de
, d
, r
= -errno
; goto fail
) {
1282 p
= strjoin(streq(*i
, "/") ? "" : *i
, "/", de
->d_name
);
1288 r
= set_consume(m
->unit_path_cache
, p
);
1297 log_warning_errno(r
, "Failed to build unit path cache, proceeding without: %m");
1298 m
->unit_path_cache
= set_free_free(m
->unit_path_cache
);
1301 static void manager_distribute_fds(Manager
*m
, FDSet
*fds
) {
1307 HASHMAP_FOREACH(u
, m
->units
, i
) {
1309 if (fdset_size(fds
) <= 0)
1312 if (!UNIT_VTABLE(u
)->distribute_fds
)
1315 UNIT_VTABLE(u
)->distribute_fds(u
, fds
);
1319 int manager_startup(Manager
*m
, FILE *serialization
, FDSet
*fds
) {
1324 /* If we are running in test mode, we still want to run the generators,
1325 * but we should not touch the real generator directories. */
1326 r
= lookup_paths_init(&m
->lookup_paths
, m
->unit_file_scope
,
1327 m
->test_run_flags
? LOOKUP_PATHS_TEMPORARY_GENERATED
: 0,
1332 r
= manager_run_environment_generators(m
);
1336 /* Make sure the transient directory always exists, so that it remains
1337 * in the search path */
1338 r
= mkdir_p_label(m
->lookup_paths
.transient
, 0755);
1340 return log_error_errno(r
, "Failed to create transient generator directory \"%s\": %m",
1341 m
->lookup_paths
.transient
);
1343 dual_timestamp_get(&m
->generators_start_timestamp
);
1344 r
= manager_run_generators(m
);
1345 dual_timestamp_get(&m
->generators_finish_timestamp
);
1349 /* If this is the first boot, and we are in the host system, then preset everything */
1350 if (m
->first_boot
> 0 &&
1351 MANAGER_IS_SYSTEM(m
) &&
1352 !m
->test_run_flags
) {
1354 r
= unit_file_preset_all(UNIT_FILE_SYSTEM
, 0, NULL
, UNIT_FILE_PRESET_ENABLE_ONLY
, NULL
, 0);
1356 log_full_errno(r
== -EEXIST
? LOG_NOTICE
: LOG_WARNING
, r
,
1357 "Failed to populate /etc with preset unit settings, ignoring: %m");
1359 log_info("Populated /etc with preset unit settings.");
1362 lookup_paths_reduce(&m
->lookup_paths
);
1363 manager_build_unit_path_cache(m
);
1365 /* If we will deserialize make sure that during enumeration
1366 * this is already known, so we increase the counter here
1371 /* First, enumerate what we can from all config files */
1372 dual_timestamp_get(&m
->units_load_start_timestamp
);
1373 manager_enumerate(m
);
1374 dual_timestamp_get(&m
->units_load_finish_timestamp
);
1376 /* Second, deserialize if there is something to deserialize */
1377 if (serialization
) {
1378 r
= manager_deserialize(m
, serialization
, fds
);
1380 return log_error_errno(r
, "Deserialization failed: %m");
1383 /* Any fds left? Find some unit which wants them. This is
1384 * useful to allow container managers to pass some file
1385 * descriptors to us pre-initialized. This enables
1386 * socket-based activation of entire containers. */
1387 manager_distribute_fds(m
, fds
);
1389 /* We might have deserialized the notify fd, but if we didn't
1390 * then let's create the bus now */
1391 r
= manager_setup_notify(m
);
1393 /* No sense to continue without notifications, our children would fail anyway. */
1396 r
= manager_setup_cgroups_agent(m
);
1398 /* Likewise, no sense to continue without empty cgroup notifications. */
1401 r
= manager_setup_user_lookup_fd(m
);
1403 /* This shouldn't fail, except if things are really broken. */
1406 /* Let's connect to the bus now. */
1407 (void) manager_connect_bus(m
, !!serialization
);
1409 (void) bus_track_coldplug(m
, &m
->subscribed
, false, m
->deserialized_subscribed
);
1410 m
->deserialized_subscribed
= strv_free(m
->deserialized_subscribed
);
1412 /* Third, fire things up! */
1413 manager_coldplug(m
);
1415 /* Release any dynamic users no longer referenced */
1416 dynamic_user_vacuum(m
, true);
1418 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
1419 manager_vacuum_uid_refs(m
);
1420 manager_vacuum_gid_refs(m
);
1422 if (serialization
) {
1423 assert(m
->n_reloading
> 0);
1426 /* Let's wait for the UnitNew/JobNew messages being
1427 * sent, before we notify that the reload is
1429 m
->send_reloading_done
= true;
1435 int manager_add_job(Manager
*m
, JobType type
, Unit
*unit
, JobMode mode
, sd_bus_error
*e
, Job
**_ret
) {
1440 assert(type
< _JOB_TYPE_MAX
);
1442 assert(mode
< _JOB_MODE_MAX
);
1444 if (mode
== JOB_ISOLATE
&& type
!= JOB_START
)
1445 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Isolate is only valid for start.");
1447 if (mode
== JOB_ISOLATE
&& !unit
->allow_isolate
)
1448 return sd_bus_error_setf(e
, BUS_ERROR_NO_ISOLATION
, "Operation refused, unit may not be isolated.");
1450 log_unit_debug(unit
, "Trying to enqueue job %s/%s/%s", unit
->id
, job_type_to_string(type
), job_mode_to_string(mode
));
1452 type
= job_type_collapse(type
, unit
);
1454 tr
= transaction_new(mode
== JOB_REPLACE_IRREVERSIBLY
);
1458 r
= transaction_add_job_and_dependencies(tr
, type
, unit
, NULL
, true, false,
1459 IN_SET(mode
, JOB_IGNORE_DEPENDENCIES
, JOB_IGNORE_REQUIREMENTS
),
1460 mode
== JOB_IGNORE_DEPENDENCIES
, e
);
1464 if (mode
== JOB_ISOLATE
) {
1465 r
= transaction_add_isolate_jobs(tr
, m
);
1470 r
= transaction_activate(tr
, m
, mode
, e
);
1474 log_unit_debug(unit
,
1475 "Enqueued job %s/%s as %u", unit
->id
,
1476 job_type_to_string(type
), (unsigned) tr
->anchor_job
->id
);
1479 *_ret
= tr
->anchor_job
;
1481 transaction_free(tr
);
1485 transaction_abort(tr
);
1486 transaction_free(tr
);
1490 int manager_add_job_by_name(Manager
*m
, JobType type
, const char *name
, JobMode mode
, sd_bus_error
*e
, Job
**ret
) {
1491 Unit
*unit
= NULL
; /* just to appease gcc, initialization is not really necessary */
1495 assert(type
< _JOB_TYPE_MAX
);
1497 assert(mode
< _JOB_MODE_MAX
);
1499 r
= manager_load_unit(m
, name
, NULL
, NULL
, &unit
);
1504 return manager_add_job(m
, type
, unit
, mode
, e
, ret
);
1507 int manager_add_job_by_name_and_warn(Manager
*m
, JobType type
, const char *name
, JobMode mode
, Job
**ret
) {
1508 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
1512 assert(type
< _JOB_TYPE_MAX
);
1514 assert(mode
< _JOB_MODE_MAX
);
1516 r
= manager_add_job_by_name(m
, type
, name
, mode
, &error
, ret
);
1518 return log_warning_errno(r
, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode
), name
, bus_error_message(&error
, r
));
1523 int manager_propagate_reload(Manager
*m
, Unit
*unit
, JobMode mode
, sd_bus_error
*e
) {
1529 assert(mode
< _JOB_MODE_MAX
);
1530 assert(mode
!= JOB_ISOLATE
); /* Isolate is only valid for start */
1532 tr
= transaction_new(mode
== JOB_REPLACE_IRREVERSIBLY
);
1536 /* We need an anchor job */
1537 r
= transaction_add_job_and_dependencies(tr
, JOB_NOP
, unit
, NULL
, false, false, true, true, e
);
1541 /* Failure in adding individual dependencies is ignored, so this always succeeds. */
1542 transaction_add_propagate_reload_jobs(tr
, unit
, tr
->anchor_job
, mode
== JOB_IGNORE_DEPENDENCIES
, e
);
1544 r
= transaction_activate(tr
, m
, mode
, e
);
1548 transaction_free(tr
);
1552 transaction_abort(tr
);
1553 transaction_free(tr
);
1557 Job
*manager_get_job(Manager
*m
, uint32_t id
) {
1560 return hashmap_get(m
->jobs
, UINT32_TO_PTR(id
));
1563 Unit
*manager_get_unit(Manager
*m
, const char *name
) {
1567 return hashmap_get(m
->units
, name
);
1570 unsigned manager_dispatch_load_queue(Manager
*m
) {
1576 /* Make sure we are not run recursively */
1577 if (m
->dispatching_load_queue
)
1580 m
->dispatching_load_queue
= true;
1582 /* Dispatches the load queue. Takes a unit from the queue and
1583 * tries to load its data until the queue is empty */
1585 while ((u
= m
->load_queue
)) {
1586 assert(u
->in_load_queue
);
1592 m
->dispatching_load_queue
= false;
1596 int manager_load_unit_prepare(
1608 assert(name
|| path
);
1611 /* This will prepare the unit for loading, but not actually
1612 * load anything from disk. */
1614 if (path
&& !is_path(path
))
1615 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Path %s is not absolute.", path
);
1618 name
= basename(path
);
1620 t
= unit_name_to_type(name
);
1622 if (t
== _UNIT_TYPE_INVALID
|| !unit_name_is_valid(name
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
)) {
1623 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
))
1624 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is missing the instance name.", name
);
1626 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is not valid.", name
);
1629 ret
= manager_get_unit(m
, name
);
1635 ret
= unit_new(m
, unit_vtable
[t
]->object_size
);
1640 ret
->fragment_path
= strdup(path
);
1641 if (!ret
->fragment_path
) {
1647 r
= unit_add_name(ret
, name
);
1653 unit_add_to_load_queue(ret
);
1654 unit_add_to_dbus_queue(ret
);
1655 unit_add_to_gc_queue(ret
);
1662 int manager_load_unit(
1674 /* This will load the service information files, but not actually
1675 * start any services or anything. */
1677 r
= manager_load_unit_prepare(m
, name
, path
, e
, _ret
);
1681 manager_dispatch_load_queue(m
);
1683 *_ret
= unit_follow_merge(*_ret
);
1688 void manager_dump_jobs(Manager
*s
, FILE *f
, const char *prefix
) {
1695 HASHMAP_FOREACH(j
, s
->jobs
, i
)
1696 job_dump(j
, f
, prefix
);
1699 void manager_dump_units(Manager
*s
, FILE *f
, const char *prefix
) {
1707 HASHMAP_FOREACH_KEY(u
, t
, s
->units
, i
)
1709 unit_dump(u
, f
, prefix
);
1712 void manager_clear_jobs(Manager
*m
) {
1717 while ((j
= hashmap_first(m
->jobs
)))
1718 /* No need to recurse. We're cancelling all jobs. */
1719 job_finish_and_invalidate(j
, JOB_CANCELED
, false, false);
1722 static int manager_dispatch_run_queue(sd_event_source
*source
, void *userdata
) {
1723 Manager
*m
= userdata
;
1729 while ((j
= m
->run_queue
)) {
1730 assert(j
->installed
);
1731 assert(j
->in_run_queue
);
1733 job_run_and_invalidate(j
);
1736 if (m
->n_running_jobs
> 0)
1737 manager_watch_jobs_in_progress(m
);
1739 if (m
->n_on_console
> 0)
1740 manager_watch_idle_pipe(m
);
1745 static unsigned manager_dispatch_dbus_queue(Manager
*m
) {
1752 if (m
->dispatching_dbus_queue
)
1755 m
->dispatching_dbus_queue
= true;
1757 while ((u
= m
->dbus_unit_queue
)) {
1758 assert(u
->in_dbus_queue
);
1760 bus_unit_send_change_signal(u
);
1764 while ((j
= m
->dbus_job_queue
)) {
1765 assert(j
->in_dbus_queue
);
1767 bus_job_send_change_signal(j
);
1771 m
->dispatching_dbus_queue
= false;
1773 if (m
->send_reloading_done
) {
1774 m
->send_reloading_done
= false;
1776 bus_manager_send_reloading(m
, false);
1779 if (m
->queued_message
)
1780 bus_send_queued_message(m
);
1785 static int manager_dispatch_cgroups_agent_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
1786 Manager
*m
= userdata
;
1787 char buf
[PATH_MAX
+1];
1790 n
= recv(fd
, buf
, sizeof(buf
), 0);
1792 return log_error_errno(errno
, "Failed to read cgroups agent message: %m");
1794 log_error("Got zero-length cgroups agent message, ignoring.");
1797 if ((size_t) n
>= sizeof(buf
)) {
1798 log_error("Got overly long cgroups agent message, ignoring.");
1802 if (memchr(buf
, 0, n
)) {
1803 log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
1808 manager_notify_cgroup_empty(m
, buf
);
1809 (void) bus_forward_agent_released(m
, buf
);
1814 static void manager_invoke_notify_message(Manager
*m
, Unit
*u
, pid_t pid
, const char *buf
, FDSet
*fds
) {
1815 _cleanup_strv_free_
char **tags
= NULL
;
1821 tags
= strv_split(buf
, "\n\r");
1827 if (UNIT_VTABLE(u
)->notify_message
)
1828 UNIT_VTABLE(u
)->notify_message(u
, pid
, tags
, fds
);
1829 else if (_unlikely_(log_get_max_level() >= LOG_DEBUG
)) {
1830 _cleanup_free_
char *x
= NULL
, *y
= NULL
;
1834 y
= ellipsize(x
, 20, 90);
1835 log_unit_debug(u
, "Got notification message \"%s\", ignoring.", strnull(y
));
1839 static int manager_dispatch_notify_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
1841 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1842 Manager
*m
= userdata
;
1843 char buf
[NOTIFY_BUFFER_MAX
+1];
1844 struct iovec iovec
= {
1846 .iov_len
= sizeof(buf
)-1,
1849 struct cmsghdr cmsghdr
;
1850 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1851 CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX
)];
1853 struct msghdr msghdr
= {
1856 .msg_control
= &control
,
1857 .msg_controllen
= sizeof(control
),
1860 struct cmsghdr
*cmsg
;
1861 struct ucred
*ucred
= NULL
;
1863 int r
, *fd_array
= NULL
;
1868 assert(m
->notify_fd
== fd
);
1870 if (revents
!= EPOLLIN
) {
1871 log_warning("Got unexpected poll event for notify fd.");
1875 n
= recvmsg(m
->notify_fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
|MSG_TRUNC
);
1877 if (IN_SET(errno
, EAGAIN
, EINTR
))
1878 return 0; /* Spurious wakeup, try again */
1880 /* If this is any other, real error, then let's stop processing this socket. This of course means we
1881 * won't take notification messages anymore, but that's still better than busy looping around this:
1882 * being woken up over and over again but being unable to actually read the message off the socket. */
1883 return log_error_errno(errno
, "Failed to receive notification message: %m");
1886 CMSG_FOREACH(cmsg
, &msghdr
) {
1887 if (cmsg
->cmsg_level
== SOL_SOCKET
&& cmsg
->cmsg_type
== SCM_RIGHTS
) {
1889 fd_array
= (int*) CMSG_DATA(cmsg
);
1890 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1892 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1893 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1894 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
))) {
1896 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1903 r
= fdset_new_array(&fds
, fd_array
, n_fds
);
1905 close_many(fd_array
, n_fds
);
1911 if (!ucred
|| ucred
->pid
<= 0) {
1912 log_warning("Received notify message without valid credentials. Ignoring.");
1916 if ((size_t) n
>= sizeof(buf
) || (msghdr
.msg_flags
& MSG_TRUNC
)) {
1917 log_warning("Received notify message exceeded maximum size. Ignoring.");
1921 /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
1922 * trailing NUL byte in the message, but don't expect it. */
1923 if (n
> 1 && memchr(buf
, 0, n
-1)) {
1924 log_warning("Received notify message with embedded NUL bytes. Ignoring.");
1928 /* Make sure it's NUL-terminated. */
1931 /* Notify every unit that might be interested, but try
1932 * to avoid notifying the same one multiple times. */
1933 u1
= manager_get_unit_by_pid_cgroup(m
, ucred
->pid
);
1935 manager_invoke_notify_message(m
, u1
, ucred
->pid
, buf
, fds
);
1937 u2
= hashmap_get(m
->watch_pids1
, PID_TO_PTR(ucred
->pid
));
1939 manager_invoke_notify_message(m
, u2
, ucred
->pid
, buf
, fds
);
1941 u3
= hashmap_get(m
->watch_pids2
, PID_TO_PTR(ucred
->pid
));
1942 if (u3
&& u3
!= u2
&& u3
!= u1
)
1943 manager_invoke_notify_message(m
, u3
, ucred
->pid
, buf
, fds
);
1945 if (!u1
&& !u2
&& !u3
)
1946 log_warning("Cannot find unit for notify message of PID "PID_FMT
".", ucred
->pid
);
1948 if (fdset_size(fds
) > 0)
1949 log_warning("Got extra auxiliary fds with notification message, closing them.");
1954 static void invoke_sigchld_event(Manager
*m
, Unit
*u
, const siginfo_t
*si
) {
1961 sd_event_get_iteration(m
->event
, &iteration
);
1963 log_unit_debug(u
, "Child "PID_FMT
" belongs to %s", si
->si_pid
, u
->id
);
1965 unit_unwatch_pid(u
, si
->si_pid
);
1967 if (UNIT_VTABLE(u
)->sigchld_event
) {
1968 if (set_size(u
->pids
) <= 1 ||
1969 iteration
!= u
->sigchldgen
||
1970 unit_main_pid(u
) == si
->si_pid
||
1971 unit_control_pid(u
) == si
->si_pid
) {
1972 UNIT_VTABLE(u
)->sigchld_event(u
, si
->si_pid
, si
->si_code
, si
->si_status
);
1973 u
->sigchldgen
= iteration
;
1975 log_debug("%s already issued a sigchld this iteration %" PRIu64
", skipping. Pids still being watched %d", u
->id
, iteration
, set_size(u
->pids
));
1979 static int manager_dispatch_sigchld(Manager
*m
) {
1985 /* First we call waitd() for a PID and do not reap the
1986 * zombie. That way we can still access /proc/$PID for
1987 * it while it is a zombie. */
1988 if (waitid(P_ALL
, 0, &si
, WEXITED
|WNOHANG
|WNOWAIT
) < 0) {
1990 if (errno
== ECHILD
)
2002 if (IN_SET(si
.si_code
, CLD_EXITED
, CLD_KILLED
, CLD_DUMPED
)) {
2003 _cleanup_free_
char *name
= NULL
;
2006 get_process_comm(si
.si_pid
, &name
);
2008 log_debug("Child "PID_FMT
" (%s) died (code=%s, status=%i/%s)",
2009 si
.si_pid
, strna(name
),
2010 sigchld_code_to_string(si
.si_code
),
2012 strna(si
.si_code
== CLD_EXITED
2013 ? exit_status_to_string(si
.si_status
, EXIT_STATUS_FULL
)
2014 : signal_to_string(si
.si_status
)));
2016 /* And now figure out the unit this belongs
2017 * to, it might be multiple... */
2018 u1
= manager_get_unit_by_pid_cgroup(m
, si
.si_pid
);
2020 invoke_sigchld_event(m
, u1
, &si
);
2021 u2
= hashmap_get(m
->watch_pids1
, PID_TO_PTR(si
.si_pid
));
2023 invoke_sigchld_event(m
, u2
, &si
);
2024 u3
= hashmap_get(m
->watch_pids2
, PID_TO_PTR(si
.si_pid
));
2025 if (u3
&& u3
!= u2
&& u3
!= u1
)
2026 invoke_sigchld_event(m
, u3
, &si
);
2029 /* And now, we actually reap the zombie. */
2030 if (waitid(P_PID
, si
.si_pid
, &si
, WEXITED
) < 0) {
2041 static void manager_start_target(Manager
*m
, const char *name
, JobMode mode
) {
2042 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2045 log_debug("Activating special unit %s", name
);
2047 r
= manager_add_job_by_name(m
, JOB_START
, name
, mode
, &error
, NULL
);
2049 log_error("Failed to enqueue %s job: %s", name
, bus_error_message(&error
, r
));
2052 static void manager_handle_ctrl_alt_del(Manager
*m
) {
2053 /* If the user presses C-A-D more than
2054 * 7 times within 2s, we reboot/shutdown immediately,
2055 * unless it was disabled in system.conf */
2057 if (ratelimit_test(&m
->ctrl_alt_del_ratelimit
) || m
->cad_burst_action
== EMERGENCY_ACTION_NONE
)
2058 manager_start_target(m
, SPECIAL_CTRL_ALT_DEL_TARGET
, JOB_REPLACE_IRREVERSIBLY
);
2060 emergency_action(m
, m
->cad_burst_action
, NULL
,
2061 "Ctrl-Alt-Del was pressed more than 7 times within 2s");
2064 static int manager_dispatch_signal_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2065 Manager
*m
= userdata
;
2067 struct signalfd_siginfo sfsi
;
2068 bool sigchld
= false;
2072 assert(m
->signal_fd
== fd
);
2074 if (revents
!= EPOLLIN
) {
2075 log_warning("Got unexpected events from signal file descriptor.");
2080 n
= read(m
->signal_fd
, &sfsi
, sizeof(sfsi
));
2081 if (n
!= sizeof(sfsi
)) {
2083 log_warning("Truncated read from signal fd (%zu bytes)!", n
);
2087 if (IN_SET(errno
, EINTR
, EAGAIN
))
2090 /* We return an error here, which will kill this handler,
2091 * to avoid a busy loop on read error. */
2092 return log_error_errno(errno
, "Reading from signal fd failed: %m");
2095 log_received_signal(sfsi
.ssi_signo
== SIGCHLD
||
2096 (sfsi
.ssi_signo
== SIGTERM
&& MANAGER_IS_USER(m
))
2097 ? LOG_DEBUG
: LOG_INFO
,
2100 switch (sfsi
.ssi_signo
) {
2107 if (MANAGER_IS_SYSTEM(m
)) {
2108 /* This is for compatibility with the
2109 * original sysvinit */
2110 r
= verify_run_space_and_log("Refusing to reexecute");
2112 m
->exit_code
= MANAGER_REEXECUTE
;
2119 if (MANAGER_IS_SYSTEM(m
))
2120 manager_handle_ctrl_alt_del(m
);
2122 manager_start_target(m
, SPECIAL_EXIT_TARGET
,
2123 JOB_REPLACE_IRREVERSIBLY
);
2127 if (MANAGER_IS_SYSTEM(m
))
2128 manager_start_target(m
, SPECIAL_KBREQUEST_TARGET
, JOB_REPLACE
);
2130 /* This is a nop on non-init */
2134 if (MANAGER_IS_SYSTEM(m
))
2135 manager_start_target(m
, SPECIAL_SIGPWR_TARGET
, JOB_REPLACE
);
2137 /* This is a nop on non-init */
2143 u
= manager_get_unit(m
, SPECIAL_DBUS_SERVICE
);
2145 if (!u
|| UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
))) {
2146 log_info("Trying to reconnect to bus...");
2150 if (!u
|| !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
))) {
2151 log_info("Loading D-Bus service...");
2152 manager_start_target(m
, SPECIAL_DBUS_SERVICE
, JOB_REPLACE
);
2159 _cleanup_free_
char *dump
= NULL
;
2160 _cleanup_fclose_
FILE *f
= NULL
;
2163 f
= open_memstream(&dump
, &size
);
2165 log_warning_errno(errno
, "Failed to allocate memory stream: %m");
2169 manager_dump_units(m
, f
, "\t");
2170 manager_dump_jobs(m
, f
, "\t");
2172 r
= fflush_and_check(f
);
2174 log_warning_errno(r
, "Failed to write status stream: %m");
2178 log_dump(LOG_INFO
, dump
);
2183 r
= verify_run_space_and_log("Refusing to reload");
2185 m
->exit_code
= MANAGER_RELOAD
;
2190 /* Starting SIGRTMIN+0 */
2191 static const struct {
2194 } target_table
[] = {
2195 [0] = { SPECIAL_DEFAULT_TARGET
, JOB_ISOLATE
},
2196 [1] = { SPECIAL_RESCUE_TARGET
, JOB_ISOLATE
},
2197 [2] = { SPECIAL_EMERGENCY_TARGET
, JOB_ISOLATE
},
2198 [3] = { SPECIAL_HALT_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2199 [4] = { SPECIAL_POWEROFF_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2200 [5] = { SPECIAL_REBOOT_TARGET
, JOB_REPLACE_IRREVERSIBLY
},
2201 [6] = { SPECIAL_KEXEC_TARGET
, JOB_REPLACE_IRREVERSIBLY
}
2204 /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
2205 static const ManagerExitCode code_table
[] = {
2207 [1] = MANAGER_POWEROFF
,
2208 [2] = MANAGER_REBOOT
,
2212 if ((int) sfsi
.ssi_signo
>= SIGRTMIN
+0 &&
2213 (int) sfsi
.ssi_signo
< SIGRTMIN
+(int) ELEMENTSOF(target_table
)) {
2214 int idx
= (int) sfsi
.ssi_signo
- SIGRTMIN
;
2215 manager_start_target(m
, target_table
[idx
].target
,
2216 target_table
[idx
].mode
);
2220 if ((int) sfsi
.ssi_signo
>= SIGRTMIN
+13 &&
2221 (int) sfsi
.ssi_signo
< SIGRTMIN
+13+(int) ELEMENTSOF(code_table
)) {
2222 m
->exit_code
= code_table
[sfsi
.ssi_signo
- SIGRTMIN
- 13];
2226 switch (sfsi
.ssi_signo
- SIGRTMIN
) {
2229 manager_set_show_status(m
, SHOW_STATUS_YES
);
2233 manager_set_show_status(m
, SHOW_STATUS_NO
);
2237 log_set_max_level(LOG_DEBUG
);
2238 log_info("Setting log level to debug.");
2242 log_set_max_level(LOG_INFO
);
2243 log_info("Setting log level to info.");
2247 if (MANAGER_IS_USER(m
)) {
2248 m
->exit_code
= MANAGER_EXIT
;
2252 /* This is a nop on init */
2256 case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
2257 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG
);
2258 log_notice("Setting log target to journal-or-kmsg.");
2262 log_set_target(LOG_TARGET_CONSOLE
);
2263 log_notice("Setting log target to console.");
2267 log_set_target(LOG_TARGET_KMSG
);
2268 log_notice("Setting log target to kmsg.");
2272 log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi
.ssi_signo
));
2279 manager_dispatch_sigchld(m
);
2284 static int manager_dispatch_time_change_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2285 Manager
*m
= userdata
;
2290 assert(m
->time_change_fd
== fd
);
2292 log_struct(LOG_DEBUG
,
2293 "MESSAGE_ID=" SD_MESSAGE_TIME_CHANGE_STR
,
2294 LOG_MESSAGE("Time has been changed"),
2297 /* Restart the watch */
2298 m
->time_change_event_source
= sd_event_source_unref(m
->time_change_event_source
);
2299 m
->time_change_fd
= safe_close(m
->time_change_fd
);
2301 manager_setup_time_change(m
);
2303 HASHMAP_FOREACH(u
, m
->units
, i
)
2304 if (UNIT_VTABLE(u
)->time_change
)
2305 UNIT_VTABLE(u
)->time_change(u
);
2310 static int manager_dispatch_idle_pipe_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
2311 Manager
*m
= userdata
;
2314 assert(m
->idle_pipe
[2] == fd
);
2316 m
->no_console_output
= m
->n_on_console
> 0;
2318 manager_close_idle_pipe(m
);
2323 static int manager_dispatch_jobs_in_progress(sd_event_source
*source
, usec_t usec
, void *userdata
) {
2324 Manager
*m
= userdata
;
2331 manager_print_jobs_in_progress(m
);
2333 next
= now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_PERIOD_USEC
;
2334 r
= sd_event_source_set_time(source
, next
);
2338 return sd_event_source_set_enabled(source
, SD_EVENT_ONESHOT
);
2341 int manager_loop(Manager
*m
) {
2344 RATELIMIT_DEFINE(rl
, 1*USEC_PER_SEC
, 50000);
2347 m
->exit_code
= MANAGER_OK
;
2349 /* Release the path cache */
2350 m
->unit_path_cache
= set_free_free(m
->unit_path_cache
);
2352 manager_check_finished(m
);
2354 /* There might still be some zombies hanging around from
2355 * before we were exec()'ed. Let's reap them. */
2356 r
= manager_dispatch_sigchld(m
);
2360 while (m
->exit_code
== MANAGER_OK
) {
2363 if (m
->runtime_watchdog
> 0 && m
->runtime_watchdog
!= USEC_INFINITY
&& MANAGER_IS_SYSTEM(m
))
2366 if (!ratelimit_test(&rl
)) {
2367 /* Yay, something is going seriously wrong, pause a little */
2368 log_warning("Looping too fast. Throttling execution a little.");
2372 if (manager_dispatch_load_queue(m
) > 0)
2375 if (manager_dispatch_gc_job_queue(m
) > 0)
2378 if (manager_dispatch_gc_unit_queue(m
) > 0)
2381 if (manager_dispatch_cleanup_queue(m
) > 0)
2384 if (manager_dispatch_cgroup_realize_queue(m
) > 0)
2387 if (manager_dispatch_dbus_queue(m
) > 0)
2390 /* Sleep for half the watchdog time */
2391 if (m
->runtime_watchdog
> 0 && m
->runtime_watchdog
!= USEC_INFINITY
&& MANAGER_IS_SYSTEM(m
)) {
2392 wait_usec
= m
->runtime_watchdog
/ 2;
2396 wait_usec
= USEC_INFINITY
;
2398 r
= sd_event_run(m
->event
, wait_usec
);
2400 return log_error_errno(r
, "Failed to run event loop: %m");
2403 return m
->exit_code
;
2406 int manager_load_unit_from_dbus_path(Manager
*m
, const char *s
, sd_bus_error
*e
, Unit
**_u
) {
2407 _cleanup_free_
char *n
= NULL
;
2408 sd_id128_t invocation_id
;
2416 r
= unit_name_from_dbus_path(s
, &n
);
2420 /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
2421 * as invocation ID. */
2422 r
= sd_id128_from_string(n
, &invocation_id
);
2424 u
= hashmap_get(m
->units_by_invocation_id
, &invocation_id
);
2430 return sd_bus_error_setf(e
, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID
, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR
" known.", SD_ID128_FORMAT_VAL(invocation_id
));
2433 /* If this didn't work, we check if this is a unit name */
2434 if (!unit_name_is_valid(n
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
2435 return sd_bus_error_setf(e
, SD_BUS_ERROR_INVALID_ARGS
, "Unit name %s is neither a valid invocation ID nor unit name.", n
);
2437 r
= manager_load_unit(m
, n
, NULL
, e
, &u
);
2445 int manager_get_job_from_dbus_path(Manager
*m
, const char *s
, Job
**_j
) {
2455 p
= startswith(s
, "/org/freedesktop/systemd1/job/");
2459 r
= safe_atou(p
, &id
);
2463 j
= manager_get_job(m
, id
);
2472 void manager_send_unit_audit(Manager
*m
, Unit
*u
, int type
, bool success
) {
2475 _cleanup_free_
char *p
= NULL
;
2479 if (!MANAGER_IS_SYSTEM(m
))
2482 audit_fd
= get_audit_fd();
2486 /* Don't generate audit events if the service was already
2487 * started and we're just deserializing */
2488 if (MANAGER_IS_RELOADING(m
))
2491 if (u
->type
!= UNIT_SERVICE
)
2494 r
= unit_name_to_prefix_and_instance(u
->id
, &p
);
2496 log_error_errno(r
, "Failed to extract prefix and instance of unit name: %m");
2500 msg
= strjoina("unit=", p
);
2501 if (audit_log_user_comm_message(audit_fd
, type
, msg
, "systemd", NULL
, NULL
, NULL
, success
) < 0) {
2503 /* We aren't allowed to send audit messages?
2504 * Then let's not retry again. */
2507 log_warning_errno(errno
, "Failed to send audit message: %m");
2513 void manager_send_unit_plymouth(Manager
*m
, Unit
*u
) {
2514 static const union sockaddr_union sa
= PLYMOUTH_SOCKET
;
2515 _cleanup_free_
char *message
= NULL
;
2516 _cleanup_close_
int fd
= -1;
2519 /* Don't generate plymouth events if the service was already
2520 * started and we're just deserializing */
2521 if (MANAGER_IS_RELOADING(m
))
2524 if (!MANAGER_IS_SYSTEM(m
))
2527 if (detect_container() > 0)
2530 if (!IN_SET(u
->type
, UNIT_SERVICE
, UNIT_MOUNT
, UNIT_SWAP
))
2533 /* We set SOCK_NONBLOCK here so that we rather drop the
2534 * message then wait for plymouth */
2535 fd
= socket(AF_UNIX
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
2537 log_error_errno(errno
, "socket() failed: %m");
2541 if (connect(fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
)) < 0) {
2543 if (!IN_SET(errno
, EPIPE
, EAGAIN
, ENOENT
, ECONNREFUSED
, ECONNRESET
, ECONNABORTED
))
2544 log_error_errno(errno
, "connect() failed: %m");
2548 if (asprintf(&message
, "U\002%c%s%n", (int) (strlen(u
->id
) + 1), u
->id
, &n
) < 0) {
2554 if (write(fd
, message
, n
+ 1) != n
+ 1)
2555 if (!IN_SET(errno
, EPIPE
, EAGAIN
, ENOENT
, ECONNREFUSED
, ECONNRESET
, ECONNABORTED
))
2556 log_error_errno(errno
, "Failed to write Plymouth message: %m");
2559 int manager_open_serialization(Manager
*m
, FILE **_f
) {
2565 fd
= open_serialization_fd("systemd-state");
2569 f
= fdopen(fd
, "w+");
2579 int manager_serialize(Manager
*m
, FILE *f
, FDSet
*fds
, bool switching_root
) {
2591 fprintf(f
, "current-job-id=%"PRIu32
"\n", m
->current_job_id
);
2592 fprintf(f
, "n-installed-jobs=%u\n", m
->n_installed_jobs
);
2593 fprintf(f
, "n-failed-jobs=%u\n", m
->n_failed_jobs
);
2594 fprintf(f
, "taint-usr=%s\n", yes_no(m
->taint_usr
));
2595 fprintf(f
, "ready-sent=%s\n", yes_no(m
->ready_sent
));
2597 dual_timestamp_serialize(f
, "firmware-timestamp", &m
->firmware_timestamp
);
2598 dual_timestamp_serialize(f
, "loader-timestamp", &m
->loader_timestamp
);
2599 dual_timestamp_serialize(f
, "kernel-timestamp", &m
->kernel_timestamp
);
2600 dual_timestamp_serialize(f
, "initrd-timestamp", &m
->initrd_timestamp
);
2603 dual_timestamp_serialize(f
, "userspace-timestamp", &m
->userspace_timestamp
);
2604 dual_timestamp_serialize(f
, "finish-timestamp", &m
->finish_timestamp
);
2605 dual_timestamp_serialize(f
, "security-start-timestamp", &m
->security_start_timestamp
);
2606 dual_timestamp_serialize(f
, "security-finish-timestamp", &m
->security_finish_timestamp
);
2607 dual_timestamp_serialize(f
, "generators-start-timestamp", &m
->generators_start_timestamp
);
2608 dual_timestamp_serialize(f
, "generators-finish-timestamp", &m
->generators_finish_timestamp
);
2609 dual_timestamp_serialize(f
, "units-load-start-timestamp", &m
->units_load_start_timestamp
);
2610 dual_timestamp_serialize(f
, "units-load-finish-timestamp", &m
->units_load_finish_timestamp
);
2613 if (!switching_root
)
2614 (void) serialize_environment(f
, m
->environment
);
2616 if (m
->notify_fd
>= 0) {
2619 copy
= fdset_put_dup(fds
, m
->notify_fd
);
2623 fprintf(f
, "notify-fd=%i\n", copy
);
2624 fprintf(f
, "notify-socket=%s\n", m
->notify_socket
);
2627 if (m
->cgroups_agent_fd
>= 0) {
2630 copy
= fdset_put_dup(fds
, m
->cgroups_agent_fd
);
2634 fprintf(f
, "cgroups-agent-fd=%i\n", copy
);
2637 if (m
->user_lookup_fds
[0] >= 0) {
2640 copy0
= fdset_put_dup(fds
, m
->user_lookup_fds
[0]);
2644 copy1
= fdset_put_dup(fds
, m
->user_lookup_fds
[1]);
2648 fprintf(f
, "user-lookup=%i %i\n", copy0
, copy1
);
2651 bus_track_serialize(m
->subscribed
, f
, "subscribed");
2653 r
= dynamic_user_serialize(m
, f
, fds
);
2657 manager_serialize_uid_refs(m
, f
);
2658 manager_serialize_gid_refs(m
, f
);
2660 fputc_unlocked('\n', f
);
2662 HASHMAP_FOREACH_KEY(u
, t
, m
->units
, i
) {
2667 fputs_unlocked(u
->id
, f
);
2668 fputc_unlocked('\n', f
);
2670 r
= unit_serialize(u
, f
, fds
, !switching_root
);
2677 assert(m
->n_reloading
> 0);
2683 r
= bus_fdset_add_all(m
, fds
);
2690 int manager_deserialize(Manager
*m
, FILE *f
, FDSet
*fds
) {
2696 log_debug("Deserializing state...");
2701 char line
[LINE_MAX
];
2702 const char *val
, *l
;
2704 if (!fgets(line
, sizeof(line
), f
)) {
2719 if ((val
= startswith(l
, "current-job-id="))) {
2722 if (safe_atou32(val
, &id
) < 0)
2723 log_notice("Failed to parse current job id value %s", val
);
2725 m
->current_job_id
= MAX(m
->current_job_id
, id
);
2727 } else if ((val
= startswith(l
, "n-installed-jobs="))) {
2730 if (safe_atou32(val
, &n
) < 0)
2731 log_notice("Failed to parse installed jobs counter %s", val
);
2733 m
->n_installed_jobs
+= n
;
2735 } else if ((val
= startswith(l
, "n-failed-jobs="))) {
2738 if (safe_atou32(val
, &n
) < 0)
2739 log_notice("Failed to parse failed jobs counter %s", val
);
2741 m
->n_failed_jobs
+= n
;
2743 } else if ((val
= startswith(l
, "taint-usr="))) {
2746 b
= parse_boolean(val
);
2748 log_notice("Failed to parse taint /usr flag %s", val
);
2750 m
->taint_usr
= m
->taint_usr
|| b
;
2752 } else if ((val
= startswith(l
, "ready-sent="))) {
2755 b
= parse_boolean(val
);
2757 log_notice("Failed to parse ready-sent flag %s", val
);
2759 m
->ready_sent
= m
->ready_sent
|| b
;
2761 } else if ((val
= startswith(l
, "firmware-timestamp=")))
2762 dual_timestamp_deserialize(val
, &m
->firmware_timestamp
);
2763 else if ((val
= startswith(l
, "loader-timestamp=")))
2764 dual_timestamp_deserialize(val
, &m
->loader_timestamp
);
2765 else if ((val
= startswith(l
, "kernel-timestamp=")))
2766 dual_timestamp_deserialize(val
, &m
->kernel_timestamp
);
2767 else if ((val
= startswith(l
, "initrd-timestamp=")))
2768 dual_timestamp_deserialize(val
, &m
->initrd_timestamp
);
2769 else if ((val
= startswith(l
, "userspace-timestamp=")))
2770 dual_timestamp_deserialize(val
, &m
->userspace_timestamp
);
2771 else if ((val
= startswith(l
, "finish-timestamp=")))
2772 dual_timestamp_deserialize(val
, &m
->finish_timestamp
);
2773 else if ((val
= startswith(l
, "security-start-timestamp=")))
2774 dual_timestamp_deserialize(val
, &m
->security_start_timestamp
);
2775 else if ((val
= startswith(l
, "security-finish-timestamp=")))
2776 dual_timestamp_deserialize(val
, &m
->security_finish_timestamp
);
2777 else if ((val
= startswith(l
, "generators-start-timestamp=")))
2778 dual_timestamp_deserialize(val
, &m
->generators_start_timestamp
);
2779 else if ((val
= startswith(l
, "generators-finish-timestamp=")))
2780 dual_timestamp_deserialize(val
, &m
->generators_finish_timestamp
);
2781 else if ((val
= startswith(l
, "units-load-start-timestamp=")))
2782 dual_timestamp_deserialize(val
, &m
->units_load_start_timestamp
);
2783 else if ((val
= startswith(l
, "units-load-finish-timestamp=")))
2784 dual_timestamp_deserialize(val
, &m
->units_load_finish_timestamp
);
2785 else if (startswith(l
, "env=")) {
2786 r
= deserialize_environment(&m
->environment
, l
);
2790 log_notice_errno(r
, "Failed to parse environment entry: \"%s\": %m", l
);
2792 } else if ((val
= startswith(l
, "notify-fd="))) {
2795 if (safe_atoi(val
, &fd
) < 0 || fd
< 0 || !fdset_contains(fds
, fd
))
2796 log_notice("Failed to parse notify fd: \"%s\"", val
);
2798 m
->notify_event_source
= sd_event_source_unref(m
->notify_event_source
);
2799 safe_close(m
->notify_fd
);
2800 m
->notify_fd
= fdset_remove(fds
, fd
);
2803 } else if ((val
= startswith(l
, "notify-socket="))) {
2812 free(m
->notify_socket
);
2813 m
->notify_socket
= n
;
2815 } else if ((val
= startswith(l
, "cgroups-agent-fd="))) {
2818 if (safe_atoi(val
, &fd
) < 0 || fd
< 0 || !fdset_contains(fds
, fd
))
2819 log_notice("Failed to parse cgroups agent fd: %s", val
);
2821 m
->cgroups_agent_event_source
= sd_event_source_unref(m
->cgroups_agent_event_source
);
2822 safe_close(m
->cgroups_agent_fd
);
2823 m
->cgroups_agent_fd
= fdset_remove(fds
, fd
);
2826 } else if ((val
= startswith(l
, "user-lookup="))) {
2829 if (sscanf(val
, "%i %i", &fd0
, &fd1
) != 2 || fd0
< 0 || fd1
< 0 || fd0
== fd1
|| !fdset_contains(fds
, fd0
) || !fdset_contains(fds
, fd1
))
2830 log_notice("Failed to parse user lookup fd: %s", val
);
2832 m
->user_lookup_event_source
= sd_event_source_unref(m
->user_lookup_event_source
);
2833 safe_close_pair(m
->user_lookup_fds
);
2834 m
->user_lookup_fds
[0] = fdset_remove(fds
, fd0
);
2835 m
->user_lookup_fds
[1] = fdset_remove(fds
, fd1
);
2838 } else if ((val
= startswith(l
, "dynamic-user=")))
2839 dynamic_user_deserialize_one(m
, val
, fds
);
2840 else if ((val
= startswith(l
, "destroy-ipc-uid=")))
2841 manager_deserialize_uid_refs_one(m
, val
);
2842 else if ((val
= startswith(l
, "destroy-ipc-gid=")))
2843 manager_deserialize_gid_refs_one(m
, val
);
2844 else if ((val
= startswith(l
, "subscribed="))) {
2846 if (strv_extend(&m
->deserialized_subscribed
, val
) < 0)
2849 } else if (!startswith(l
, "kdbus-fd=")) /* ignore this one */
2850 log_notice("Unknown serialization item '%s'", l
);
2855 char name
[UNIT_NAME_MAX
+2];
2856 const char* unit_name
;
2859 if (!fgets(name
, sizeof(name
), f
)) {
2869 unit_name
= strstrip(name
);
2871 r
= manager_load_unit(m
, unit_name
, NULL
, NULL
, &u
);
2873 log_notice_errno(r
, "Failed to load unit \"%s\", skipping deserialization: %m", unit_name
);
2876 unit_deserialize_skip(f
);
2880 r
= unit_deserialize(u
, f
, fds
);
2882 log_notice_errno(r
, "Failed to deserialize unit \"%s\": %m", unit_name
);
2892 assert(m
->n_reloading
> 0);
2898 int manager_reload(Manager
*m
) {
2900 _cleanup_fclose_
FILE *f
= NULL
;
2901 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
2905 r
= manager_open_serialization(m
, &f
);
2910 bus_manager_send_reloading(m
, true);
2918 r
= manager_serialize(m
, f
, fds
, false);
2924 if (fseeko(f
, 0, SEEK_SET
) < 0) {
2929 /* From here on there is no way back. */
2930 manager_clear_jobs_and_units(m
);
2931 lookup_paths_flush_generator(&m
->lookup_paths
);
2932 lookup_paths_free(&m
->lookup_paths
);
2933 dynamic_user_vacuum(m
, false);
2934 m
->uid_refs
= hashmap_free(m
->uid_refs
);
2935 m
->gid_refs
= hashmap_free(m
->gid_refs
);
2937 q
= lookup_paths_init(&m
->lookup_paths
, m
->unit_file_scope
, 0, NULL
);
2938 if (q
< 0 && r
>= 0)
2941 q
= manager_run_environment_generators(m
);
2942 if (q
< 0 && r
>= 0)
2945 /* Find new unit paths */
2946 q
= manager_run_generators(m
);
2947 if (q
< 0 && r
>= 0)
2950 lookup_paths_reduce(&m
->lookup_paths
);
2951 manager_build_unit_path_cache(m
);
2953 /* First, enumerate what we can from all config files */
2954 manager_enumerate(m
);
2956 /* Second, deserialize our stored data */
2957 q
= manager_deserialize(m
, f
, fds
);
2959 log_error_errno(q
, "Deserialization failed: %m");
2968 /* Re-register notify_fd as event source */
2969 q
= manager_setup_notify(m
);
2970 if (q
< 0 && r
>= 0)
2973 q
= manager_setup_cgroups_agent(m
);
2974 if (q
< 0 && r
>= 0)
2977 q
= manager_setup_user_lookup_fd(m
);
2978 if (q
< 0 && r
>= 0)
2981 /* Third, fire things up! */
2982 manager_coldplug(m
);
2984 /* Release any dynamic users no longer referenced */
2985 dynamic_user_vacuum(m
, true);
2987 /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
2988 manager_vacuum_uid_refs(m
);
2989 manager_vacuum_gid_refs(m
);
2991 /* Sync current state of bus names with our set of listening units */
2993 manager_sync_bus_names(m
, m
->api_bus
);
2995 assert(m
->n_reloading
> 0);
2998 m
->send_reloading_done
= true;
3003 void manager_reset_failed(Manager
*m
) {
3009 HASHMAP_FOREACH(u
, m
->units
, i
)
3010 unit_reset_failed(u
);
3013 bool manager_unit_inactive_or_pending(Manager
*m
, const char *name
) {
3019 /* Returns true if the unit is inactive or going down */
3020 u
= manager_get_unit(m
, name
);
3024 return unit_inactive_or_pending(u
);
3027 static void manager_notify_finished(Manager
*m
) {
3028 char userspace
[FORMAT_TIMESPAN_MAX
], initrd
[FORMAT_TIMESPAN_MAX
], kernel
[FORMAT_TIMESPAN_MAX
], sum
[FORMAT_TIMESPAN_MAX
];
3029 usec_t firmware_usec
, loader_usec
, kernel_usec
, initrd_usec
, userspace_usec
, total_usec
;
3031 if (m
->test_run_flags
)
3034 if (MANAGER_IS_SYSTEM(m
) && detect_container() <= 0) {
3036 /* Note that m->kernel_usec.monotonic is always at 0,
3037 * and m->firmware_usec.monotonic and
3038 * m->loader_usec.monotonic should be considered
3039 * negative values. */
3041 firmware_usec
= m
->firmware_timestamp
.monotonic
- m
->loader_timestamp
.monotonic
;
3042 loader_usec
= m
->loader_timestamp
.monotonic
- m
->kernel_timestamp
.monotonic
;
3043 userspace_usec
= m
->finish_timestamp
.monotonic
- m
->userspace_timestamp
.monotonic
;
3044 total_usec
= m
->firmware_timestamp
.monotonic
+ m
->finish_timestamp
.monotonic
;
3046 if (dual_timestamp_is_set(&m
->initrd_timestamp
)) {
3048 kernel_usec
= m
->initrd_timestamp
.monotonic
- m
->kernel_timestamp
.monotonic
;
3049 initrd_usec
= m
->userspace_timestamp
.monotonic
- m
->initrd_timestamp
.monotonic
;
3051 log_struct(LOG_INFO
,
3052 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR
,
3053 "KERNEL_USEC="USEC_FMT
, kernel_usec
,
3054 "INITRD_USEC="USEC_FMT
, initrd_usec
,
3055 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3056 LOG_MESSAGE("Startup finished in %s (kernel) + %s (initrd) + %s (userspace) = %s.",
3057 format_timespan(kernel
, sizeof(kernel
), kernel_usec
, USEC_PER_MSEC
),
3058 format_timespan(initrd
, sizeof(initrd
), initrd_usec
, USEC_PER_MSEC
),
3059 format_timespan(userspace
, sizeof(userspace
), userspace_usec
, USEC_PER_MSEC
),
3060 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3063 kernel_usec
= m
->userspace_timestamp
.monotonic
- m
->kernel_timestamp
.monotonic
;
3066 log_struct(LOG_INFO
,
3067 "MESSAGE_ID=" SD_MESSAGE_STARTUP_FINISHED_STR
,
3068 "KERNEL_USEC="USEC_FMT
, kernel_usec
,
3069 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3070 LOG_MESSAGE("Startup finished in %s (kernel) + %s (userspace) = %s.",
3071 format_timespan(kernel
, sizeof(kernel
), kernel_usec
, USEC_PER_MSEC
),
3072 format_timespan(userspace
, sizeof(userspace
), userspace_usec
, USEC_PER_MSEC
),
3073 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3077 firmware_usec
= loader_usec
= initrd_usec
= kernel_usec
= 0;
3078 total_usec
= userspace_usec
= m
->finish_timestamp
.monotonic
- m
->userspace_timestamp
.monotonic
;
3080 log_struct(LOG_INFO
,
3081 "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR
,
3082 "USERSPACE_USEC="USEC_FMT
, userspace_usec
,
3083 LOG_MESSAGE("Startup finished in %s.",
3084 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
)),
3088 bus_manager_send_finished(m
, firmware_usec
, loader_usec
, kernel_usec
, initrd_usec
, userspace_usec
, total_usec
);
3091 m
->ready_sent
? "STATUS=Startup finished in %s."
3093 "STATUS=Startup finished in %s.",
3094 format_timespan(sum
, sizeof(sum
), total_usec
, USEC_PER_MSEC
));
3095 m
->ready_sent
= true;
3098 void manager_check_finished(Manager
*m
) {
3101 if (MANAGER_IS_RELOADING(m
))
3104 /* Verify that we are actually running currently. Initially
3105 * the exit code is set to invalid, and during operation it is
3106 * then set to MANAGER_OK */
3107 if (m
->exit_code
!= MANAGER_OK
)
3110 /* For user managers, send out READY=1 as soon as we reach basic.target */
3111 if (MANAGER_IS_USER(m
) && !m
->ready_sent
) {
3114 u
= manager_get_unit(m
, SPECIAL_BASIC_TARGET
);
3118 "STATUS=Reached " SPECIAL_BASIC_TARGET
".");
3119 m
->ready_sent
= true;
3123 if (hashmap_size(m
->jobs
) > 0) {
3124 if (m
->jobs_in_progress_event_source
)
3125 /* Ignore any failure, this is only for feedback */
3126 (void) sd_event_source_set_time(m
->jobs_in_progress_event_source
, now(CLOCK_MONOTONIC
) + JOBS_IN_PROGRESS_WAIT_USEC
);
3131 manager_flip_auto_status(m
, false);
3133 /* Notify Type=idle units that we are done now */
3134 manager_close_idle_pipe(m
);
3136 /* Turn off confirm spawn now */
3137 m
->confirm_spawn
= NULL
;
3139 /* No need to update ask password status when we're going non-interactive */
3140 manager_close_ask_password(m
);
3142 /* This is no longer the first boot */
3143 manager_set_first_boot(m
, false);
3145 if (dual_timestamp_is_set(&m
->finish_timestamp
))
3148 dual_timestamp_get(&m
->finish_timestamp
);
3150 manager_notify_finished(m
);
3152 manager_invalidate_startup_units(m
);
3155 static bool generator_path_any(const char* const* paths
) {
3159 /* Optimize by skipping the whole process by not creating output directories
3160 * if no generators are found. */
3161 STRV_FOREACH(path
, (char**) paths
)
3162 if (access(*path
, F_OK
) == 0)
3164 else if (errno
!= ENOENT
)
3165 log_warning_errno(errno
, "Failed to open generator directory %s: %m", *path
);
3170 static const char* system_env_generator_binary_paths
[] = {
3171 "/run/systemd/system-environment-generators",
3172 "/etc/systemd/system-environment-generators",
3173 "/usr/local/lib/systemd/system-environment-generators",
3174 SYSTEM_ENV_GENERATOR_PATH
,
3178 static const char* user_env_generator_binary_paths
[] = {
3179 "/run/systemd/user-environment-generators",
3180 "/etc/systemd/user-environment-generators",
3181 "/usr/local/lib/systemd/user-environment-generators",
3182 USER_ENV_GENERATOR_PATH
,
3186 static int manager_run_environment_generators(Manager
*m
) {
3187 char **tmp
= NULL
; /* this is only used in the forked process, no cleanup here */
3189 void* args
[] = {&tmp
, &tmp
, &m
->environment
};
3191 if (m
->test_run_flags
&& !(m
->test_run_flags
& MANAGER_TEST_RUN_ENV_GENERATORS
))
3194 paths
= MANAGER_IS_SYSTEM(m
) ? system_env_generator_binary_paths
: user_env_generator_binary_paths
;
3196 if (!generator_path_any(paths
))
3199 return execute_directories(paths
, DEFAULT_TIMEOUT_USEC
, gather_environment
, args
, NULL
);
3202 static int manager_run_generators(Manager
*m
) {
3203 _cleanup_strv_free_
char **paths
= NULL
;
3204 const char *argv
[5];
3209 if (m
->test_run_flags
&& !(m
->test_run_flags
& MANAGER_TEST_RUN_GENERATORS
))
3212 paths
= generator_binary_paths(m
->unit_file_scope
);
3216 if (!generator_path_any((const char* const*) paths
))
3219 r
= lookup_paths_mkdir_generator(&m
->lookup_paths
);
3223 argv
[0] = NULL
; /* Leave this empty, execute_directory() will fill something in */
3224 argv
[1] = m
->lookup_paths
.generator
;
3225 argv
[2] = m
->lookup_paths
.generator_early
;
3226 argv
[3] = m
->lookup_paths
.generator_late
;
3229 RUN_WITH_UMASK(0022)
3230 execute_directories((const char* const*) paths
, DEFAULT_TIMEOUT_USEC
,
3231 NULL
, NULL
, (char**) argv
);
3234 lookup_paths_trim_generator(&m
->lookup_paths
);
3238 int manager_environment_add(Manager
*m
, char **minus
, char **plus
) {
3239 char **a
= NULL
, **b
= NULL
, **l
;
3244 if (!strv_isempty(minus
)) {
3245 a
= strv_env_delete(l
, 1, minus
);
3252 if (!strv_isempty(plus
)) {
3253 b
= strv_env_merge(2, l
, plus
);
3262 if (m
->environment
!= l
)
3263 strv_free(m
->environment
);
3270 manager_clean_environment(m
);
3271 strv_sort(m
->environment
);
3276 int manager_set_default_rlimits(Manager
*m
, struct rlimit
**default_rlimit
) {
3281 for (i
= 0; i
< _RLIMIT_MAX
; i
++) {
3282 m
->rlimit
[i
] = mfree(m
->rlimit
[i
]);
3284 if (!default_rlimit
[i
])
3287 m
->rlimit
[i
] = newdup(struct rlimit
, default_rlimit
[i
], 1);
3295 void manager_recheck_journal(Manager
*m
) {
3300 if (!MANAGER_IS_SYSTEM(m
))
3303 u
= manager_get_unit(m
, SPECIAL_JOURNALD_SOCKET
);
3304 if (u
&& SOCKET(u
)->state
!= SOCKET_RUNNING
) {
3305 log_close_journal();
3309 u
= manager_get_unit(m
, SPECIAL_JOURNALD_SERVICE
);
3310 if (u
&& SERVICE(u
)->state
!= SERVICE_RUNNING
) {
3311 log_close_journal();
3315 /* Hmm, OK, so the socket is fully up and the service is up
3316 * too, then let's make use of the thing. */
3320 void manager_set_show_status(Manager
*m
, ShowStatus mode
) {
3322 assert(IN_SET(mode
, SHOW_STATUS_AUTO
, SHOW_STATUS_NO
, SHOW_STATUS_YES
, SHOW_STATUS_TEMPORARY
));
3324 if (!MANAGER_IS_SYSTEM(m
))
3327 if (m
->show_status
!= mode
)
3328 log_debug("%s showing of status.",
3329 mode
== SHOW_STATUS_NO
? "Disabling" : "Enabling");
3330 m
->show_status
= mode
;
3333 (void) touch("/run/systemd/show-status");
3335 (void) unlink("/run/systemd/show-status");
3338 static bool manager_get_show_status(Manager
*m
, StatusType type
) {
3341 if (!MANAGER_IS_SYSTEM(m
))
3344 if (m
->no_console_output
)
3347 if (!IN_SET(manager_state(m
), MANAGER_INITIALIZING
, MANAGER_STARTING
, MANAGER_STOPPING
))
3350 /* If we cannot find out the status properly, just proceed. */
3351 if (type
!= STATUS_TYPE_EMERGENCY
&& manager_check_ask_password(m
) > 0)
3354 if (m
->show_status
> 0)
3360 const char *manager_get_confirm_spawn(Manager
*m
) {
3361 static int last_errno
= 0;
3362 const char *vc
= m
->confirm_spawn
;
3366 /* Here's the deal: we want to test the validity of the console but don't want
3367 * PID1 to go through the whole console process which might block. But we also
3368 * want to warn the user only once if something is wrong with the console so we
3369 * cannot do the sanity checks after spawning our children. So here we simply do
3370 * really basic tests to hopefully trap common errors.
3372 * If the console suddenly disappear at the time our children will really it
3373 * then they will simply fail to acquire it and a positive answer will be
3374 * assumed. New children will fallback to /dev/console though.
3376 * Note: TTYs are devices that can come and go any time, and frequently aren't
3377 * available yet during early boot (consider a USB rs232 dongle...). If for any
3378 * reason the configured console is not ready, we fallback to the default
3381 if (!vc
|| path_equal(vc
, "/dev/console"))
3388 if (!S_ISCHR(st
.st_mode
)) {
3396 if (last_errno
!= errno
) {
3398 log_warning_errno(errno
, "Failed to open %s: %m, using default console", vc
);
3400 return "/dev/console";
3403 void manager_set_first_boot(Manager
*m
, bool b
) {
3406 if (!MANAGER_IS_SYSTEM(m
))
3409 if (m
->first_boot
!= (int) b
) {
3411 (void) touch("/run/systemd/first-boot");
3413 (void) unlink("/run/systemd/first-boot");
3419 void manager_disable_confirm_spawn(void) {
3420 (void) touch("/run/systemd/confirm_spawn_disabled");
3423 bool manager_is_confirm_spawn_disabled(Manager
*m
) {
3424 if (!m
->confirm_spawn
)
3427 return access("/run/systemd/confirm_spawn_disabled", F_OK
) >= 0;
3430 void manager_status_printf(Manager
*m
, StatusType type
, const char *status
, const char *format
, ...) {
3433 /* If m is NULL, assume we're after shutdown and let the messages through. */
3435 if (m
&& !manager_get_show_status(m
, type
))
3438 /* XXX We should totally drop the check for ephemeral here
3439 * and thus effectively make 'Type=idle' pointless. */
3440 if (type
== STATUS_TYPE_EPHEMERAL
&& m
&& m
->n_on_console
> 0)
3443 va_start(ap
, format
);
3444 status_vprintf(status
, true, type
== STATUS_TYPE_EPHEMERAL
, format
, ap
);
3448 Set
*manager_get_units_requiring_mounts_for(Manager
*m
, const char *path
) {
3449 char p
[strlen(path
)+1];
3455 path_kill_slashes(p
);
3457 return hashmap_get(m
->units_requiring_mounts_for
, streq(p
, "/") ? "" : p
);
3460 void manager_set_exec_params(Manager
*m
, ExecParameters
*p
) {
3464 p
->environment
= m
->environment
;
3465 p
->confirm_spawn
= manager_get_confirm_spawn(m
);
3466 p
->cgroup_supported
= m
->cgroup_supported
;
3467 p
->prefix
= m
->prefix
;
3469 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(m
));
3472 int manager_update_failed_units(Manager
*m
, Unit
*u
, bool failed
) {
3477 assert(u
->manager
== m
);
3479 size
= set_size(m
->failed_units
);
3482 r
= set_ensure_allocated(&m
->failed_units
, NULL
);
3486 if (set_put(m
->failed_units
, u
) < 0)
3489 (void) set_remove(m
->failed_units
, u
);
3491 if (set_size(m
->failed_units
) != size
)
3492 bus_manager_send_change_signal(m
);
3497 ManagerState
manager_state(Manager
*m
) {
3502 /* Did we ever finish booting? If not then we are still starting up */
3503 if (!dual_timestamp_is_set(&m
->finish_timestamp
)) {
3505 u
= manager_get_unit(m
, SPECIAL_BASIC_TARGET
);
3506 if (!u
|| !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
3507 return MANAGER_INITIALIZING
;
3509 return MANAGER_STARTING
;
3512 /* Is the special shutdown target queued? If so, we are in shutdown state */
3513 u
= manager_get_unit(m
, SPECIAL_SHUTDOWN_TARGET
);
3514 if (u
&& u
->job
&& IN_SET(u
->job
->type
, JOB_START
, JOB_RESTART
, JOB_RELOAD_OR_START
))
3515 return MANAGER_STOPPING
;
3517 /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
3518 u
= manager_get_unit(m
, SPECIAL_RESCUE_TARGET
);
3519 if (u
&& (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)) ||
3520 (u
->job
&& IN_SET(u
->job
->type
, JOB_START
, JOB_RESTART
, JOB_RELOAD_OR_START
))))
3521 return MANAGER_MAINTENANCE
;
3523 u
= manager_get_unit(m
, SPECIAL_EMERGENCY_TARGET
);
3524 if (u
&& (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)) ||
3525 (u
->job
&& IN_SET(u
->job
->type
, JOB_START
, JOB_RESTART
, JOB_RELOAD_OR_START
))))
3526 return MANAGER_MAINTENANCE
;
3528 /* Are there any failed units? If so, we are in degraded mode */
3529 if (set_size(m
->failed_units
) > 0)
3530 return MANAGER_DEGRADED
;
3532 return MANAGER_RUNNING
;
3535 #define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
3537 static void manager_unref_uid_internal(
3542 int (*_clean_ipc
)(uid_t uid
)) {
3548 assert(uid_is_valid(uid
));
3551 /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
3552 * that uid_t and gid_t are actually defined the same way, with the same validity rules.
3554 * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
3555 * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
3556 * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
3557 * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
3559 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
3560 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
3562 if (uid
== 0) /* We don't keep track of root, and will never destroy it */
3565 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3567 n
= c
& ~DESTROY_IPC_FLAG
;
3571 if (destroy_now
&& n
== 0) {
3572 hashmap_remove(*uid_refs
, UID_TO_PTR(uid
));
3574 if (c
& DESTROY_IPC_FLAG
) {
3575 log_debug("%s " UID_FMT
" is no longer referenced, cleaning up its IPC.",
3576 _clean_ipc
== clean_ipc_by_uid
? "UID" : "GID",
3578 (void) _clean_ipc(uid
);
3581 c
= n
| (c
& DESTROY_IPC_FLAG
);
3582 assert_se(hashmap_update(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
)) >= 0);
3586 void manager_unref_uid(Manager
*m
, uid_t uid
, bool destroy_now
) {
3587 manager_unref_uid_internal(m
, &m
->uid_refs
, uid
, destroy_now
, clean_ipc_by_uid
);
3590 void manager_unref_gid(Manager
*m
, gid_t gid
, bool destroy_now
) {
3591 manager_unref_uid_internal(m
, &m
->gid_refs
, (uid_t
) gid
, destroy_now
, clean_ipc_by_gid
);
3594 static int manager_ref_uid_internal(
3605 assert(uid_is_valid(uid
));
3607 /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
3608 * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
3610 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
3611 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
3613 if (uid
== 0) /* We don't keep track of root, and will never destroy it */
3616 r
= hashmap_ensure_allocated(uid_refs
, &trivial_hash_ops
);
3620 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3622 n
= c
& ~DESTROY_IPC_FLAG
;
3625 if (n
& DESTROY_IPC_FLAG
) /* check for overflow */
3628 c
= n
| (c
& DESTROY_IPC_FLAG
) | (clean_ipc
? DESTROY_IPC_FLAG
: 0);
3630 return hashmap_replace(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
));
3633 int manager_ref_uid(Manager
*m
, uid_t uid
, bool clean_ipc
) {
3634 return manager_ref_uid_internal(m
, &m
->uid_refs
, uid
, clean_ipc
);
3637 int manager_ref_gid(Manager
*m
, gid_t gid
, bool clean_ipc
) {
3638 return manager_ref_uid_internal(m
, &m
->gid_refs
, (uid_t
) gid
, clean_ipc
);
3641 static void manager_vacuum_uid_refs_internal(
3644 int (*_clean_ipc
)(uid_t uid
)) {
3653 HASHMAP_FOREACH_KEY(p
, k
, *uid_refs
, i
) {
3657 uid
= PTR_TO_UID(k
);
3658 c
= PTR_TO_UINT32(p
);
3660 n
= c
& ~DESTROY_IPC_FLAG
;
3664 if (c
& DESTROY_IPC_FLAG
) {
3665 log_debug("Found unreferenced %s " UID_FMT
" after reload/reexec. Cleaning up.",
3666 _clean_ipc
== clean_ipc_by_uid
? "UID" : "GID",
3668 (void) _clean_ipc(uid
);
3671 assert_se(hashmap_remove(*uid_refs
, k
) == p
);
3675 void manager_vacuum_uid_refs(Manager
*m
) {
3676 manager_vacuum_uid_refs_internal(m
, &m
->uid_refs
, clean_ipc_by_uid
);
3679 void manager_vacuum_gid_refs(Manager
*m
) {
3680 manager_vacuum_uid_refs_internal(m
, &m
->gid_refs
, clean_ipc_by_gid
);
3683 static void manager_serialize_uid_refs_internal(
3687 const char *field_name
) {
3697 /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
3698 * of it is better rebuild after a reload/reexec. */
3700 HASHMAP_FOREACH_KEY(p
, k
, *uid_refs
, i
) {
3704 uid
= PTR_TO_UID(k
);
3705 c
= PTR_TO_UINT32(p
);
3707 if (!(c
& DESTROY_IPC_FLAG
))
3710 fprintf(f
, "%s=" UID_FMT
"\n", field_name
, uid
);
3714 void manager_serialize_uid_refs(Manager
*m
, FILE *f
) {
3715 manager_serialize_uid_refs_internal(m
, f
, &m
->uid_refs
, "destroy-ipc-uid");
3718 void manager_serialize_gid_refs(Manager
*m
, FILE *f
) {
3719 manager_serialize_uid_refs_internal(m
, f
, &m
->gid_refs
, "destroy-ipc-gid");
3722 static void manager_deserialize_uid_refs_one_internal(
3725 const char *value
) {
3735 r
= parse_uid(value
, &uid
);
3736 if (r
< 0 || uid
== 0) {
3737 log_debug("Unable to parse UID reference serialization");
3741 r
= hashmap_ensure_allocated(uid_refs
, &trivial_hash_ops
);
3747 c
= PTR_TO_UINT32(hashmap_get(*uid_refs
, UID_TO_PTR(uid
)));
3748 if (c
& DESTROY_IPC_FLAG
)
3751 c
|= DESTROY_IPC_FLAG
;
3753 r
= hashmap_replace(*uid_refs
, UID_TO_PTR(uid
), UINT32_TO_PTR(c
));
3755 log_debug("Failed to add UID reference entry");
3760 void manager_deserialize_uid_refs_one(Manager
*m
, const char *value
) {
3761 manager_deserialize_uid_refs_one_internal(m
, &m
->uid_refs
, value
);
3764 void manager_deserialize_gid_refs_one(Manager
*m
, const char *value
) {
3765 manager_deserialize_uid_refs_one_internal(m
, &m
->gid_refs
, value
);
3768 int manager_dispatch_user_lookup_fd(sd_event_source
*source
, int fd
, uint32_t revents
, void *userdata
) {
3772 char unit_name
[UNIT_NAME_MAX
+1];
3775 Manager
*m
= userdata
;
3783 /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
3784 * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
3785 * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
3787 l
= recv(fd
, &buffer
, sizeof(buffer
), MSG_DONTWAIT
);
3789 if (IN_SET(errno
, EINTR
, EAGAIN
))
3792 return log_error_errno(errno
, "Failed to read from user lookup fd: %m");
3795 if ((size_t) l
<= offsetof(struct buffer
, unit_name
)) {
3796 log_warning("Received too short user lookup message, ignoring.");
3800 if ((size_t) l
> offsetof(struct buffer
, unit_name
) + UNIT_NAME_MAX
) {
3801 log_warning("Received too long user lookup message, ignoring.");
3805 if (!uid_is_valid(buffer
.uid
) && !gid_is_valid(buffer
.gid
)) {
3806 log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
3810 n
= (size_t) l
- offsetof(struct buffer
, unit_name
);
3811 if (memchr(buffer
.unit_name
, 0, n
)) {
3812 log_warning("Received lookup message with embedded NUL character, ignoring.");
3816 buffer
.unit_name
[n
] = 0;
3817 u
= manager_get_unit(m
, buffer
.unit_name
);
3819 log_debug("Got user lookup message but unit doesn't exist, ignoring.");
3823 log_unit_debug(u
, "User lookup succeeded: uid=" UID_FMT
" gid=" GID_FMT
, buffer
.uid
, buffer
.gid
);
3825 unit_notify_user_lookup(u
, buffer
.uid
, buffer
.gid
);
3829 static const char *const manager_state_table
[_MANAGER_STATE_MAX
] = {
3830 [MANAGER_INITIALIZING
] = "initializing",
3831 [MANAGER_STARTING
] = "starting",
3832 [MANAGER_RUNNING
] = "running",
3833 [MANAGER_DEGRADED
] = "degraded",
3834 [MANAGER_MAINTENANCE
] = "maintenance",
3835 [MANAGER_STOPPING
] = "stopping",
3838 DEFINE_STRING_TABLE_LOOKUP(manager_state
, ManagerState
);