src/core/manager.h

   1 /* SPDX-License-Identifier: LGPL-2.1+ */
   2 #pragma once
   3
   4 /***
   5   This file is part of systemd.
   6
   7   Copyright 2010 Lennart Poettering
   8 ***/
   9
  10 #include <stdbool.h>
  11 #include <stdio.h>
  12
  13 #include "sd-bus.h"
  14 #include "sd-event.h"
  15
  16 #include "cgroup-util.h"
  17 #include "fdset.h"
  18 #include "hashmap.h"
  19 #include "ip-address-access.h"
  20 #include "list.h"
  21 #include "ratelimit.h"
  22
  23 struct libmnt_monitor;
  24 typedef struct Unit Unit;
  25
  26 /* Enforce upper limit how many names we allow */
  27 #define MANAGER_MAX_NAMES 131072 /* 128K */
  28
  29 typedef struct Manager Manager;
  30
  31 typedef enum ManagerState {
  32         MANAGER_INITIALIZING,
  33         MANAGER_STARTING,
  34         MANAGER_RUNNING,
  35         MANAGER_DEGRADED,
  36         MANAGER_MAINTENANCE,
  37         MANAGER_STOPPING,
  38         _MANAGER_STATE_MAX,
  39         _MANAGER_STATE_INVALID = -1
  40 } ManagerState;
  41
  42 typedef enum ManagerExitCode {
  43         MANAGER_OK,
  44         MANAGER_EXIT,
  45         MANAGER_RELOAD,
  46         MANAGER_REEXECUTE,
  47         MANAGER_REBOOT,
  48         MANAGER_POWEROFF,
  49         MANAGER_HALT,
  50         MANAGER_KEXEC,
  51         MANAGER_SWITCH_ROOT,
  52         _MANAGER_EXIT_CODE_MAX,
  53         _MANAGER_EXIT_CODE_INVALID = -1
  54 } ManagerExitCode;
  55
  56 typedef enum StatusType {
  57         STATUS_TYPE_EPHEMERAL,
  58         STATUS_TYPE_NORMAL,
  59         STATUS_TYPE_EMERGENCY,
  60 } StatusType;
  61
  62 typedef enum ManagerTimestamp {
  63         MANAGER_TIMESTAMP_FIRMWARE,
  64         MANAGER_TIMESTAMP_LOADER,
  65         MANAGER_TIMESTAMP_KERNEL,
  66         MANAGER_TIMESTAMP_INITRD,
  67         MANAGER_TIMESTAMP_USERSPACE,
  68         MANAGER_TIMESTAMP_FINISH,
  69
  70         MANAGER_TIMESTAMP_SECURITY_START,
  71         MANAGER_TIMESTAMP_SECURITY_FINISH,
  72         MANAGER_TIMESTAMP_GENERATORS_START,
  73         MANAGER_TIMESTAMP_GENERATORS_FINISH,
  74         MANAGER_TIMESTAMP_UNITS_LOAD_START,
  75         MANAGER_TIMESTAMP_UNITS_LOAD_FINISH,
  76         _MANAGER_TIMESTAMP_MAX,
  77         _MANAGER_TIMESTAMP_INVALID = -1,
  78 } ManagerTimestamp;
  79
  80 #include "execute.h"
  81 #include "job.h"
  82 #include "path-lookup.h"
  83 #include "show-status.h"
  84 #include "unit-name.h"
  85
  86 enum {
  87         /* 0 = run normally */
  88         MANAGER_TEST_RUN_MINIMAL        = 1 << 1,  /* create basic data structures */
  89         MANAGER_TEST_RUN_BASIC          = 1 << 2,  /* interact with the environment */
  90         MANAGER_TEST_RUN_ENV_GENERATORS = 1 << 3,  /* also run env generators  */
  91         MANAGER_TEST_RUN_GENERATORS     = 1 << 4,  /* also run unit generators */
  92         MANAGER_TEST_FULL = MANAGER_TEST_RUN_BASIC | MANAGER_TEST_RUN_ENV_GENERATORS | MANAGER_TEST_RUN_GENERATORS,
  93 };
  94 assert_cc((MANAGER_TEST_FULL & UINT8_MAX) == MANAGER_TEST_FULL);
  95
  96 struct Manager {
  97         /* Note that the set of units we know of is allowed to be
  98          * inconsistent. However the subset of it that is loaded may
  99          * not, and the list of jobs may neither. */
 100
 101         /* Active jobs and units */
 102         Hashmap *units;  /* name string => Unit object n:1 */
 103         Hashmap *units_by_invocation_id;
 104         Hashmap *jobs;   /* job id => Job object 1:1 */
 105
 106         /* To make it easy to iterate through the units of a specific
 107          * type we maintain a per type linked list */
 108         LIST_HEAD(Unit, units_by_type[_UNIT_TYPE_MAX]);
 109
 110         /* Units that need to be loaded */
 111         LIST_HEAD(Unit, load_queue); /* this is actually more a stack than a queue, but uh. */
 112
 113         /* Jobs that need to be run */
 114         LIST_HEAD(Job, run_queue);   /* more a stack than a queue, too */
 115
 116         /* Units and jobs that have not yet been announced via
 117          * D-Bus. When something about a job changes it is added here
 118          * if it is not in there yet. This allows easy coalescing of
 119          * D-Bus change signals. */
 120         LIST_HEAD(Unit, dbus_unit_queue);
 121         LIST_HEAD(Job, dbus_job_queue);
 122
 123         /* Units to remove */
 124         LIST_HEAD(Unit, cleanup_queue);
 125
 126         /* Units and jobs to check when doing GC */
 127         LIST_HEAD(Unit, gc_unit_queue);
 128         LIST_HEAD(Job, gc_job_queue);
 129
 130         /* Units that should be realized */
 131         LIST_HEAD(Unit, cgroup_realize_queue);
 132
 133         /* Units whose cgroup ran empty */
 134         LIST_HEAD(Unit, cgroup_empty_queue);
 135
 136         /* Target units whose default target dependencies haven't been set yet */
 137         LIST_HEAD(Unit, target_deps_queue);
 138
 139         sd_event *event;
 140
 141         /* This maps PIDs we care about to units that are interested in. We allow multiple units to he interested in
 142          * the same PID and multiple PIDs to be relevant to the same unit. Since in most cases only a single unit will
 143          * be interested in the same PID we use a somewhat special encoding here: the first unit interested in a PID is
 144          * stored directly in the hashmap, keyed by the PID unmodified. If there are other units interested too they'll
 145          * be stored in a NULL-terminated array, and keyed by the negative PID. This is safe as pid_t is signed and
 146          * negative PIDs are not used for regular processes but process groups, which we don't care about in this
 147          * context, but this allows us to use the negative range for our own purposes. */
 148         Hashmap *watch_pids;  /* pid => unit as well as -pid => array of units */
 149
 150         /* A set contains all units which cgroup should be refreshed after startup */
 151         Set *startup_units;
 152
 153         /* A set which contains all currently failed units */
 154         Set *failed_units;
 155
 156         sd_event_source *run_queue_event_source;
 157
 158         char *notify_socket;
 159         int notify_fd;
 160         sd_event_source *notify_event_source;
 161
 162         int cgroups_agent_fd;
 163         sd_event_source *cgroups_agent_event_source;
 164
 165         int signal_fd;
 166         sd_event_source *signal_event_source;
 167
 168         sd_event_source *sigchld_event_source;
 169
 170         int time_change_fd;
 171         sd_event_source *time_change_event_source;
 172
 173         sd_event_source *timezone_change_event_source;
 174
 175         sd_event_source *jobs_in_progress_event_source;
 176
 177         int user_lookup_fds[2];
 178         sd_event_source *user_lookup_event_source;
 179
 180         sd_event_source *sync_bus_names_event_source;
 181
 182         UnitFileScope unit_file_scope;
 183         LookupPaths lookup_paths;
 184         Set *unit_path_cache;
 185
 186         char **environment;
 187
 188         usec_t runtime_watchdog;
 189         usec_t shutdown_watchdog;
 190
 191         dual_timestamp timestamps[_MANAGER_TIMESTAMP_MAX];
 192
 193         struct udev* udev;
 194
 195         /* Data specific to the device subsystem */
 196         struct udev_monitor* udev_monitor;
 197         sd_event_source *udev_event_source;
 198         Hashmap *devices_by_sysfs;
 199
 200         /* Data specific to the mount subsystem */
 201         struct libmnt_monitor *mount_monitor;
 202         sd_event_source *mount_event_source;
 203
 204         /* Data specific to the swap filesystem */
 205         FILE *proc_swaps;
 206         sd_event_source *swap_event_source;
 207         Hashmap *swaps_by_devnode;
 208
 209         /* Data specific to the D-Bus subsystem */
 210         sd_bus *api_bus, *system_bus;
 211         Set *private_buses;
 212         int private_listen_fd;
 213         sd_event_source *private_listen_event_source;
 214
 215         /* Contains all the clients that are subscribed to signals via
 216         the API bus. Note that private bus connections are always
 217         considered subscribes, since they last for very short only,
 218         and it is much simpler that way. */
 219         sd_bus_track *subscribed;
 220         char **deserialized_subscribed;
 221
 222         /* This is used during reloading: before the reload we queue
 223          * the reply message here, and afterwards we send it */
 224         sd_bus_message *queued_message;
 225
 226         Hashmap *watch_bus;  /* D-Bus names => Unit object n:1 */
 227
 228         bool send_reloading_done;
 229
 230         uint32_t current_job_id;
 231         uint32_t default_unit_job_id;
 232
 233         /* Data specific to the Automount subsystem */
 234         int dev_autofs_fd;
 235
 236         /* Data specific to the cgroup subsystem */
 237         Hashmap *cgroup_unit;
 238         CGroupMask cgroup_supported;
 239         char *cgroup_root;
 240
 241         /* Notifications from cgroups, when the unified hierarchy is used is done via inotify. */
 242         int cgroup_inotify_fd;
 243         sd_event_source *cgroup_inotify_event_source;
 244         Hashmap *cgroup_inotify_wd_unit;
 245
 246         /* A defer event for handling cgroup empty events and processing them after SIGCHLD in all cases. */
 247         sd_event_source *cgroup_empty_event_source;
 248
 249         /* Make sure the user cannot accidentally unmount our cgroup
 250          * file system */
 251         int pin_cgroupfs_fd;
 252
 253         unsigned gc_marker;
 254
 255         /* The stat() data the last time we saw /etc/localtime */
 256         usec_t etc_localtime_mtime;
 257         bool etc_localtime_accessible:1;
 258
 259         /* Flags */
 260         ManagerExitCode exit_code:5;
 261
 262         bool dispatching_load_queue:1;
 263         bool dispatching_dbus_queue:1;
 264
 265         bool taint_usr:1;
 266
 267         /* Have we already sent out the READY=1 notification? */
 268         bool ready_sent:1;
 269
 270         /* Have we already printed the taint line if necessary? */
 271         bool taint_logged:1;
 272
 273         /* Have we ever changed the "kernel.pid_max" sysctl? */
 274         bool sysctl_pid_max_changed:1;
 275
 276         unsigned test_run_flags:8;
 277
 278         /* If non-zero, exit with the following value when the systemd
 279          * process terminate. Useful for containers: systemd-nspawn could get
 280          * the return value. */
 281         uint8_t return_value;
 282
 283         ShowStatus show_status;
 284         char *confirm_spawn;
 285         bool no_console_output;
 286         bool service_watchdogs;
 287
 288         ExecOutput default_std_output, default_std_error;
 289
 290         usec_t default_restart_usec, default_timeout_start_usec, default_timeout_stop_usec;
 291
 292         usec_t default_start_limit_interval;
 293         unsigned default_start_limit_burst;
 294
 295         bool default_cpu_accounting;
 296         bool default_memory_accounting;
 297         bool default_io_accounting;
 298         bool default_blockio_accounting;
 299         bool default_tasks_accounting;
 300         bool default_ip_accounting;
 301
 302         uint64_t default_tasks_max;
 303         usec_t default_timer_accuracy_usec;
 304
 305         int original_log_level;
 306         LogTarget original_log_target;
 307         bool log_level_overridden:1;
 308         bool log_target_overridden:1;
 309
 310         struct rlimit *rlimit[_RLIMIT_MAX];
 311
 312         /* non-zero if we are reloading or reexecuting, */
 313         int n_reloading;
 314         /* A set which contains all jobs that started before reload and finished
 315          * during it */
 316         Set *pending_finished_jobs;
 317
 318         unsigned n_installed_jobs;
 319         unsigned n_failed_jobs;
 320
 321         /* Jobs in progress watching */
 322         unsigned n_running_jobs;
 323         unsigned n_on_console;
 324         unsigned jobs_in_progress_iteration;
 325
 326         /* Do we have any outstanding password prompts? */
 327         int have_ask_password;
 328         int ask_password_inotify_fd;
 329         sd_event_source *ask_password_event_source;
 330
 331         /* Type=idle pipes */
 332         int idle_pipe[4];
 333         sd_event_source *idle_pipe_event_source;
 334
 335         char *switch_root;
 336         char *switch_root_init;
 337
 338         /* This maps all possible path prefixes to the units needing
 339          * them. It's a hashmap with a path string as key and a Set as
 340          * value where Unit objects are contained. */
 341         Hashmap *units_requiring_mounts_for;
 342
 343         /* Used for processing polkit authorization responses */
 344         Hashmap *polkit_registry;
 345
 346         /* Dynamic users/groups, indexed by their name */
 347         Hashmap *dynamic_users;
 348
 349         /* Keep track of all UIDs and GIDs any of our services currently use. This is useful for the RemoveIPC= logic. */
 350         Hashmap *uid_refs;
 351         Hashmap *gid_refs;
 352
 353         /* ExecRuntime, indexed by their owner unit id */
 354         Hashmap *exec_runtime_by_id;
 355
 356         /* When the user hits C-A-D more than 7 times per 2s, do something immediately... */
 357         RateLimit ctrl_alt_del_ratelimit;
 358         EmergencyAction cad_burst_action;
 359
 360         const char *unit_log_field;
 361         const char *unit_log_format_string;
 362
 363         const char *invocation_log_field;
 364         const char *invocation_log_format_string;
 365
 366         int first_boot; /* tri-state */
 367
 368         /* Prefixes of e.g. RuntimeDirectory= */
 369         char *prefix[_EXEC_DIRECTORY_TYPE_MAX];
 370
 371         /* Used in the SIGCHLD and sd_notify() message invocation logic to avoid that we dispatch the same event
 372          * multiple times on the same unit. */
 373         unsigned sigchldgen;
 374         unsigned notifygen;
 375 };
 376
 377 #define MANAGER_IS_SYSTEM(m) ((m)->unit_file_scope == UNIT_FILE_SYSTEM)
 378 #define MANAGER_IS_USER(m) ((m)->unit_file_scope != UNIT_FILE_SYSTEM)
 379
 380 #define MANAGER_IS_RELOADING(m) ((m)->n_reloading > 0)
 381
 382 #define MANAGER_IS_FINISHED(m) (dual_timestamp_is_set((m)->timestamps + MANAGER_TIMESTAMP_FINISH))
 383
 384 /* The exit code is set to OK as soon as we enter the main loop, and set otherwise as soon as we are done with it */
 385 #define MANAGER_IS_RUNNING(m) ((m)->exit_code == MANAGER_OK)
 386
 387 int manager_new(UnitFileScope scope, unsigned test_run_flags, Manager **m);
 388 Manager* manager_free(Manager *m);
 389 DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_free);
 390
 391 int manager_startup(Manager *m, FILE *serialization, FDSet *fds);
 392
 393 Job *manager_get_job(Manager *m, uint32_t id);
 394 Unit *manager_get_unit(Manager *m, const char *name);
 395
 396 int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j);
 397
 398 int manager_load_unit_prepare(Manager *m, const char *name, const char *path, sd_bus_error *e, Unit **_ret);
 399 int manager_load_unit(Manager *m, const char *name, const char *path, sd_bus_error *e, Unit **_ret);
 400 int manager_load_startable_unit_or_warn(Manager *m, const char *name, const char *path, Unit **ret);
 401 int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u);
 402
 403 int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret);
 404 int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **_ret);
 405 int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret);
 406 int manager_propagate_reload(Manager *m, Unit *unit, JobMode mode, sd_bus_error *e);
 407
 408 void manager_dump_units(Manager *s, FILE *f, const char *prefix);
 409 void manager_dump_jobs(Manager *s, FILE *f, const char *prefix);
 410 void manager_dump(Manager *s, FILE *f, const char *prefix);
 411 int manager_get_dump_string(Manager *m, char **ret);
 412
 413 void manager_clear_jobs(Manager *m);
 414
 415 unsigned manager_dispatch_load_queue(Manager *m);
 416
 417 int manager_environment_add(Manager *m, char **minus, char **plus);
 418 int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit);
 419
 420 int manager_loop(Manager *m);
 421
 422 int manager_open_serialization(Manager *m, FILE **_f);
 423
 424 int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root);
 425 int manager_deserialize(Manager *m, FILE *f, FDSet *fds);
 426
 427 int manager_reload(Manager *m);
 428
 429 void manager_reset_failed(Manager *m);
 430
 431 void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success);
 432 void manager_send_unit_plymouth(Manager *m, Unit *u);
 433
 434 bool manager_unit_inactive_or_pending(Manager *m, const char *name);
 435
 436 void manager_check_finished(Manager *m);
 437
 438 void manager_recheck_dbus(Manager *m);
 439 void manager_recheck_journal(Manager *m);
 440
 441 void manager_set_show_status(Manager *m, ShowStatus mode);
 442 void manager_set_first_boot(Manager *m, bool b);
 443
 444 void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) _printf_(4,5);
 445 void manager_flip_auto_status(Manager *m, bool enable);
 446
 447 Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path);
 448
 449 ManagerState manager_state(Manager *m);
 450
 451 int manager_update_failed_units(Manager *m, Unit *u, bool failed);
 452
 453 void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now);
 454 int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc);
 455
 456 void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now);
 457 int manager_ref_gid(Manager *m, gid_t gid, bool destroy_now);
 458
 459 void manager_vacuum_uid_refs(Manager *m);
 460 void manager_vacuum_gid_refs(Manager *m);
 461
 462 void manager_serialize_uid_refs(Manager *m, FILE *f);
 463 void manager_deserialize_uid_refs_one(Manager *m, const char *value);
 464
 465 void manager_serialize_gid_refs(Manager *m, FILE *f);
 466 void manager_deserialize_gid_refs_one(Manager *m, const char *value);
 467
 468 char *manager_taint_string(Manager *m);
 469
 470 void manager_ref_console(Manager *m);
 471 void manager_unref_console(Manager *m);
 472
 473 void manager_override_log_level(Manager *m, int level);
 474 void manager_restore_original_log_level(Manager *m);
 475
 476 void manager_override_log_target(Manager *m, LogTarget target);
 477 void manager_restore_original_log_target(Manager *m);
 478
 479 const char *manager_state_to_string(ManagerState m) _const_;
 480 ManagerState manager_state_from_string(const char *s) _pure_;
 481
 482 const char *manager_get_confirm_spawn(Manager *m);
 483 bool manager_is_confirm_spawn_disabled(Manager *m);
 484 void manager_disable_confirm_spawn(void);
 485
 486 const char *manager_timestamp_to_string(ManagerTimestamp m) _const_;
 487 ManagerTimestamp manager_timestamp_from_string(const char *s) _pure_;