]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/socket.c
projects / thirdparty / systemd.git / blob
? search:


0ccda2fe3cf22a9fd3d01325822c9ed51b2436d1
[thirdparty/systemd.git] / src / core / socket.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2010 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/types.h>
23 #include <sys/stat.h>
24 #include <unistd.h>
25 #include <errno.h>
26 #include <fcntl.h>
27 #include <sys/epoll.h>
28 #include <signal.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
31 #include <mqueue.h>
32 #ifdef HAVE_XATTR
33 #include <attr/xattr.h>
34 #endif
35
36 #include "sd-event.h"
37 #include "log.h"
38 #include "load-dropin.h"
39 #include "load-fragment.h"
40 #include "strv.h"
41 #include "mkdir.h"
42 #include "path-util.h"
43 #include "unit-name.h"
44 #include "unit-printf.h"
45 #include "missing.h"
46 #include "special.h"
47 #include "label.h"
48 #include "exit-status.h"
49 #include "def.h"
50 #include "smack-util.h"
51 #include "bus-util.h"
52 #include "bus-error.h"
53 #include "dbus-socket.h"
54 #include "unit.h"
55 #include "socket.h"
56
57 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
58 [SOCKET_DEAD] = UNIT_INACTIVE,
59 [SOCKET_START_PRE] = UNIT_ACTIVATING,
60 [SOCKET_START_POST] = UNIT_ACTIVATING,
61 [SOCKET_LISTENING] = UNIT_ACTIVE,
62 [SOCKET_RUNNING] = UNIT_ACTIVE,
63 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
66 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
68 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
69 [SOCKET_FAILED] = UNIT_FAILED
70 };
71
72 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
73 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74
75 static void socket_init(Unit *u) {
76 Socket *s = SOCKET(u);
77
78 assert(u);
79 assert(u->load_state == UNIT_STUB);
80
81 s->backlog = SOMAXCONN;
82 s->timeout_usec = u->manager->default_timeout_start_usec;
83 s->directory_mode = 0755;
84 s->socket_mode = 0666;
85
86 s->max_connections = 64;
87
88 s->priority = -1;
89 s->ip_tos = -1;
90 s->ip_ttl = -1;
91 s->mark = -1;
92
93 exec_context_init(&s->exec_context);
94 s->exec_context.std_output = u->manager->default_std_output;
95 s->exec_context.std_error = u->manager->default_std_error;
96 kill_context_init(&s->kill_context);
97 cgroup_context_init(&s->cgroup_context);
98
99 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
100 }
101
102 static void socket_unwatch_control_pid(Socket *s) {
103 assert(s);
104
105 if (s->control_pid <= 0)
106 return;
107
108 unit_unwatch_pid(UNIT(s), s->control_pid);
109 s->control_pid = 0;
110 }
111
112 void socket_free_ports(Socket *s) {
113 SocketPort *p;
114
115 assert(s);
116
117 while ((p = s->ports)) {
118 LIST_REMOVE(port, s->ports, p);
119
120 sd_event_source_unref(p->event_source);
121
122 if (p->fd >= 0)
123 close_nointr_nofail(p->fd);
124
125 free(p->path);
126 free(p);
127 }
128 }
129
130 static void socket_done(Unit *u) {
131 Socket *s = SOCKET(u);
132
133 assert(s);
134
135 socket_free_ports(s);
136
137 cgroup_context_done(&s->cgroup_context);
138 exec_context_done(&s->exec_context);
139 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
140 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
141 s->control_command = NULL;
142
143 socket_unwatch_control_pid(s);
144
145 unit_ref_unset(&s->service);
146
147 free(s->tcp_congestion);
148 s->tcp_congestion = NULL;
149
150 free(s->bind_to_device);
151 s->bind_to_device = NULL;
152
153 free(s->smack);
154 free(s->smack_ip_in);
155 free(s->smack_ip_out);
156
157 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
158 }
159
160 static int socket_arm_timer(Socket *s) {
161 int r;
162
163 assert(s);
164
165 if (s->timeout_usec <= 0) {
166 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 return 0;
168 }
169
170 if (s->timer_event_source) {
171 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 if (r < 0)
173 return r;
174
175 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
176 }
177
178 return sd_event_add_monotonic(UNIT(s)->manager->event, &s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec, 0, socket_dispatch_timer, s);
179 }
180
181 static int socket_instantiate_service(Socket *s) {
182 _cleanup_free_ char *prefix = NULL;
183 _cleanup_free_ char *name = NULL;
184 int r;
185 Unit *u;
186
187 assert(s);
188
189 /* This fills in s->service if it isn't filled in yet. For
190 * Accept=yes sockets we create the next connection service
191 * here. For Accept=no this is mostly a NOP since the service
192 * is figured out at load time anyway. */
193
194 if (UNIT_DEREF(s->service))
195 return 0;
196
197 assert(s->accept);
198
199 if (!(prefix = unit_name_to_prefix(UNIT(s)->id)))
200 return -ENOMEM;
201
202 r = asprintf(&name, "%s@%u.service", prefix, s->n_accepted);
203
204 if (r < 0)
205 return -ENOMEM;
206
207 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
208
209 if (r < 0)
210 return r;
211
212 #ifdef HAVE_SYSV_COMPAT
213 if (SERVICE(u)->is_sysv) {
214 log_error("Using SysV services for socket activation is not supported. Refusing.");
215 return -ENOENT;
216 }
217 #endif
218
219 u->no_gc = true;
220 unit_ref_set(&s->service, u);
221
222 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
223 }
224
225 static bool have_non_accept_socket(Socket *s) {
226 SocketPort *p;
227
228 assert(s);
229
230 if (!s->accept)
231 return true;
232
233 LIST_FOREACH(port, p, s->ports) {
234
235 if (p->type != SOCKET_SOCKET)
236 return true;
237
238 if (!socket_address_can_accept(&p->address))
239 return true;
240 }
241
242 return false;
243 }
244
245 static int socket_add_mount_links(Socket *s) {
246 SocketPort *p;
247 int r;
248
249 assert(s);
250
251 LIST_FOREACH(port, p, s->ports) {
252 const char *path = NULL;
253
254 if (p->type == SOCKET_SOCKET)
255 path = socket_address_get_path(&p->address);
256 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
257 path = p->path;
258
259 if (!path)
260 continue;
261
262 r = unit_require_mounts_for(UNIT(s), path);
263 if (r < 0)
264 return r;
265 }
266
267 return 0;
268 }
269
270 static int socket_add_device_link(Socket *s) {
271 char *t;
272
273 assert(s);
274
275 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
276 return 0;
277
278 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
279 return unit_add_node_link(UNIT(s), t, false);
280 }
281
282 static int socket_add_default_dependencies(Socket *s) {
283 int r;
284 assert(s);
285
286 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
287 if (r < 0)
288 return r;
289
290 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
291 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
292 if (r < 0)
293 return r;
294 }
295
296 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
297 }
298
299 _pure_ static bool socket_has_exec(Socket *s) {
300 unsigned i;
301 assert(s);
302
303 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
304 if (s->exec_command[i])
305 return true;
306
307 return false;
308 }
309
310 static int socket_add_extras(Socket *s) {
311 Unit *u = UNIT(s);
312 int r;
313
314 assert(s);
315
316 if (have_non_accept_socket(s)) {
317
318 if (!UNIT_DEREF(s->service)) {
319 Unit *x;
320
321 r = unit_load_related_unit(u, ".service", &x);
322 if (r < 0)
323 return r;
324
325 unit_ref_set(&s->service, x);
326 }
327
328 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
329 if (r < 0)
330 return r;
331 }
332
333 r = socket_add_mount_links(s);
334 if (r < 0)
335 return r;
336
337 r = socket_add_device_link(s);
338 if (r < 0)
339 return r;
340
341 r = unit_exec_context_defaults(u, &s->exec_context);
342 if (r < 0)
343 return r;
344
345 if (socket_has_exec(s)) {
346 r = unit_add_exec_dependencies(u, &s->exec_context);
347 if (r < 0)
348 return r;
349
350 r = unit_add_default_slice(u);
351 if (r < 0)
352 return r;
353 }
354
355 if (u->default_dependencies) {
356 r = socket_add_default_dependencies(s);
357 if (r < 0)
358 return r;
359 }
360
361 return 0;
362 }
363
364 static int socket_verify(Socket *s) {
365 assert(s);
366
367 if (UNIT(s)->load_state != UNIT_LOADED)
368 return 0;
369
370 if (!s->ports) {
371 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
372 return -EINVAL;
373 }
374
375 if (s->accept && have_non_accept_socket(s)) {
376 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
377 UNIT(s)->id);
378 return -EINVAL;
379 }
380
381 if (s->accept && s->max_connections <= 0) {
382 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
383 return -EINVAL;
384 }
385
386 if (s->accept && UNIT_DEREF(s->service)) {
387 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
388 return -EINVAL;
389 }
390
391 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
392 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
393 return -EINVAL;
394 }
395
396 return 0;
397 }
398
399 static int socket_load(Unit *u) {
400 Socket *s = SOCKET(u);
401 int r;
402
403 assert(u);
404 assert(u->load_state == UNIT_STUB);
405
406 r = unit_load_fragment_and_dropin(u);
407 if (r < 0)
408 return r;
409
410 if (u->load_state == UNIT_LOADED) {
411 /* This is a new unit? Then let's add in some extras */
412 r = socket_add_extras(s);
413 if (r < 0)
414 return r;
415 }
416
417 return socket_verify(s);
418 }
419
420 _const_ static const char* listen_lookup(int family, int type) {
421
422 if (family == AF_NETLINK)
423 return "ListenNetlink";
424
425 if (type == SOCK_STREAM)
426 return "ListenStream";
427 else if (type == SOCK_DGRAM)
428 return "ListenDatagram";
429 else if (type == SOCK_SEQPACKET)
430 return "ListenSequentialPacket";
431
432 assert_not_reached("Unknown socket type");
433 return NULL;
434 }
435
436 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
437 SocketExecCommand c;
438 Socket *s = SOCKET(u);
439 SocketPort *p;
440 const char *prefix2;
441
442 assert(s);
443 assert(f);
444
445 prefix2 = strappenda(prefix, "\t");
446
447 fprintf(f,
448 "%sSocket State: %s\n"
449 "%sResult: %s\n"
450 "%sBindIPv6Only: %s\n"
451 "%sBacklog: %u\n"
452 "%sSocketMode: %04o\n"
453 "%sDirectoryMode: %04o\n"
454 "%sKeepAlive: %s\n"
455 "%sFreeBind: %s\n"
456 "%sTransparent: %s\n"
457 "%sBroadcast: %s\n"
458 "%sPassCredentials: %s\n"
459 "%sPassSecurity: %s\n"
460 "%sTCPCongestion: %s\n",
461 prefix, socket_state_to_string(s->state),
462 prefix, socket_result_to_string(s->result),
463 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
464 prefix, s->backlog,
465 prefix, s->socket_mode,
466 prefix, s->directory_mode,
467 prefix, yes_no(s->keep_alive),
468 prefix, yes_no(s->free_bind),
469 prefix, yes_no(s->transparent),
470 prefix, yes_no(s->broadcast),
471 prefix, yes_no(s->pass_cred),
472 prefix, yes_no(s->pass_sec),
473 prefix, strna(s->tcp_congestion));
474
475 if (s->control_pid > 0)
476 fprintf(f,
477 "%sControl PID: %lu\n",
478 prefix, (unsigned long) s->control_pid);
479
480 if (s->bind_to_device)
481 fprintf(f,
482 "%sBindToDevice: %s\n",
483 prefix, s->bind_to_device);
484
485 if (s->accept)
486 fprintf(f,
487 "%sAccepted: %u\n"
488 "%sNConnections: %u\n"
489 "%sMaxConnections: %u\n",
490 prefix, s->n_accepted,
491 prefix, s->n_connections,
492 prefix, s->max_connections);
493
494 if (s->priority >= 0)
495 fprintf(f,
496 "%sPriority: %i\n",
497 prefix, s->priority);
498
499 if (s->receive_buffer > 0)
500 fprintf(f,
501 "%sReceiveBuffer: %zu\n",
502 prefix, s->receive_buffer);
503
504 if (s->send_buffer > 0)
505 fprintf(f,
506 "%sSendBuffer: %zu\n",
507 prefix, s->send_buffer);
508
509 if (s->ip_tos >= 0)
510 fprintf(f,
511 "%sIPTOS: %i\n",
512 prefix, s->ip_tos);
513
514 if (s->ip_ttl >= 0)
515 fprintf(f,
516 "%sIPTTL: %i\n",
517 prefix, s->ip_ttl);
518
519 if (s->pipe_size > 0)
520 fprintf(f,
521 "%sPipeSize: %zu\n",
522 prefix, s->pipe_size);
523
524 if (s->mark >= 0)
525 fprintf(f,
526 "%sMark: %i\n",
527 prefix, s->mark);
528
529 if (s->mq_maxmsg > 0)
530 fprintf(f,
531 "%sMessageQueueMaxMessages: %li\n",
532 prefix, s->mq_maxmsg);
533
534 if (s->mq_msgsize > 0)
535 fprintf(f,
536 "%sMessageQueueMessageSize: %li\n",
537 prefix, s->mq_msgsize);
538
539 if (s->reuse_port)
540 fprintf(f,
541 "%sReusePort: %s\n",
542 prefix, yes_no(s->reuse_port));
543
544 if (s->smack)
545 fprintf(f,
546 "%sSmackLabel: %s\n",
547 prefix, s->smack);
548
549 if (s->smack_ip_in)
550 fprintf(f,
551 "%sSmackLabelIPIn: %s\n",
552 prefix, s->smack_ip_in);
553
554 if (s->smack_ip_out)
555 fprintf(f,
556 "%sSmackLabelIPOut: %s\n",
557 prefix, s->smack_ip_out);
558
559 LIST_FOREACH(port, p, s->ports) {
560
561 if (p->type == SOCKET_SOCKET) {
562 const char *t;
563 int r;
564 char *k = NULL;
565
566 if ((r = socket_address_print(&p->address, &k)) < 0)
567 t = strerror(-r);
568 else
569 t = k;
570
571 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
572 free(k);
573 } else if (p->type == SOCKET_SPECIAL)
574 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
575 else if (p->type == SOCKET_MQUEUE)
576 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
577 else
578 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
579 }
580
581 exec_context_dump(&s->exec_context, f, prefix);
582 kill_context_dump(&s->kill_context, f, prefix);
583
584 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
585 if (!s->exec_command[c])
586 continue;
587
588 fprintf(f, "%s-> %s:\n",
589 prefix, socket_exec_command_to_string(c));
590
591 exec_command_dump_list(s->exec_command[c], f, prefix2);
592 }
593 }
594
595 static int instance_from_socket(int fd, unsigned nr, char **instance) {
596 socklen_t l;
597 char *r;
598 union {
599 struct sockaddr sa;
600 struct sockaddr_un un;
601 struct sockaddr_in in;
602 struct sockaddr_in6 in6;
603 struct sockaddr_storage storage;
604 } local, remote;
605
606 assert(fd >= 0);
607 assert(instance);
608
609 l = sizeof(local);
610 if (getsockname(fd, &local.sa, &l) < 0)
611 return -errno;
612
613 l = sizeof(remote);
614 if (getpeername(fd, &remote.sa, &l) < 0)
615 return -errno;
616
617 switch (local.sa.sa_family) {
618
619 case AF_INET: {
620 uint32_t
621 a = ntohl(local.in.sin_addr.s_addr),
622 b = ntohl(remote.in.sin_addr.s_addr);
623
624 if (asprintf(&r,
625 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
626 nr,
627 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
628 ntohs(local.in.sin_port),
629 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
630 ntohs(remote.in.sin_port)) < 0)
631 return -ENOMEM;
632
633 break;
634 }
635
636 case AF_INET6: {
637 static const unsigned char ipv4_prefix[] = {
638 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
639 };
640
641 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
642 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
643 const uint8_t
644 *a = local.in6.sin6_addr.s6_addr+12,
645 *b = remote.in6.sin6_addr.s6_addr+12;
646
647 if (asprintf(&r,
648 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
649 nr,
650 a[0], a[1], a[2], a[3],
651 ntohs(local.in6.sin6_port),
652 b[0], b[1], b[2], b[3],
653 ntohs(remote.in6.sin6_port)) < 0)
654 return -ENOMEM;
655 } else {
656 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
657
658 if (asprintf(&r,
659 "%u-%s:%u-%s:%u",
660 nr,
661 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
662 ntohs(local.in6.sin6_port),
663 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
664 ntohs(remote.in6.sin6_port)) < 0)
665 return -ENOMEM;
666 }
667
668 break;
669 }
670
671 case AF_UNIX: {
672 struct ucred ucred;
673 int k;
674
675 k = getpeercred(fd, &ucred);
676 if (k < 0)
677 return k;
678
679 if (asprintf(&r,
680 "%u-%lu-%lu",
681 nr,
682 (unsigned long) ucred.pid,
683 (unsigned long) ucred.uid) < 0)
684 return -ENOMEM;
685
686 break;
687 }
688
689 default:
690 assert_not_reached("Unhandled socket type.");
691 }
692
693 *instance = r;
694 return 0;
695 }
696
697 static void socket_close_fds(Socket *s) {
698 SocketPort *p;
699
700 assert(s);
701
702 LIST_FOREACH(port, p, s->ports) {
703
704 p->event_source = sd_event_source_unref(p->event_source);
705
706 if (p->fd < 0)
707 continue;
708
709 close_nointr_nofail(p->fd);
710
711 /* One little note: we should never delete any sockets
712 * in the file system here! After all some other
713 * process we spawned might still have a reference of
714 * this fd and wants to continue to use it. Therefore
715 * we delete sockets in the file system before we
716 * create a new one, not after we stopped using
717 * one! */
718
719 p->fd = -1;
720 }
721 }
722
723 static void socket_apply_socket_options(Socket *s, int fd) {
724 assert(s);
725 assert(fd >= 0);
726
727 if (s->keep_alive) {
728 int b = s->keep_alive;
729 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
730 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
731 }
732
733 if (s->broadcast) {
734 int one = 1;
735 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
736 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
737 }
738
739 if (s->pass_cred) {
740 int one = 1;
741 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
742 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
743 }
744
745 if (s->pass_sec) {
746 int one = 1;
747 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
748 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
749 }
750
751 if (s->priority >= 0)
752 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
753 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
754
755 if (s->receive_buffer > 0) {
756 int value = (int) s->receive_buffer;
757
758 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
759
760 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
761 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
762 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
763 }
764
765 if (s->send_buffer > 0) {
766 int value = (int) s->send_buffer;
767 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
768 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
769 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
770 }
771
772 if (s->mark >= 0)
773 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
774 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
775
776 if (s->ip_tos >= 0)
777 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
778 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
779
780 if (s->ip_ttl >= 0) {
781 int r, x;
782
783 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
784
785 if (socket_ipv6_is_supported())
786 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
787 else {
788 x = -1;
789 errno = EAFNOSUPPORT;
790 }
791
792 if (r < 0 && x < 0)
793 log_warning_unit(UNIT(s)->id,
794 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
795 }
796
797 if (s->tcp_congestion)
798 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
799 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
800
801 if (s->reuse_port) {
802 int b = s->reuse_port;
803 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
804 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
805 }
806
807 if (s->smack_ip_in)
808 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
809 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
810
811 if (s->smack_ip_out)
812 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
813 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
814 }
815
816 static void socket_apply_fifo_options(Socket *s, int fd) {
817 assert(s);
818 assert(fd >= 0);
819
820 if (s->pipe_size > 0)
821 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
822 log_warning_unit(UNIT(s)->id,
823 "F_SETPIPE_SZ: %m");
824
825 if (s->smack)
826 if (smack_label_fd(fd, s->smack) < 0)
827 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
828 }
829
830 static int fifo_address_create(
831 const char *path,
832 mode_t directory_mode,
833 mode_t socket_mode,
834 int *_fd) {
835
836 int fd = -1, r = 0;
837 struct stat st;
838 mode_t old_mask;
839
840 assert(path);
841 assert(_fd);
842
843 mkdir_parents_label(path, directory_mode);
844
845 r = label_context_set(path, S_IFIFO);
846 if (r < 0)
847 goto fail;
848
849 /* Enforce the right access mode for the fifo */
850 old_mask = umask(~ socket_mode);
851
852 /* Include the original umask in our mask */
853 umask(~socket_mode | old_mask);
854
855 r = mkfifo(path, socket_mode);
856 umask(old_mask);
857
858 if (r < 0 && errno != EEXIST) {
859 r = -errno;
860 goto fail;
861 }
862
863 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
864 r = -errno;
865 goto fail;
866 }
867
868 label_context_clear();
869
870 if (fstat(fd, &st) < 0) {
871 r = -errno;
872 goto fail;
873 }
874
875 if (!S_ISFIFO(st.st_mode) ||
876 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
877 st.st_uid != getuid() ||
878 st.st_gid != getgid()) {
879
880 r = -EEXIST;
881 goto fail;
882 }
883
884 *_fd = fd;
885 return 0;
886
887 fail:
888 label_context_clear();
889
890 if (fd >= 0)
891 close_nointr_nofail(fd);
892
893 return r;
894 }
895
896 static int special_address_create(
897 const char *path,
898 int *_fd) {
899
900 int fd = -1, r = 0;
901 struct stat st;
902
903 assert(path);
904 assert(_fd);
905
906 if ((fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
907 r = -errno;
908 goto fail;
909 }
910
911 if (fstat(fd, &st) < 0) {
912 r = -errno;
913 goto fail;
914 }
915
916 /* Check whether this is a /proc, /sys or /dev file or char device */
917 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
918 r = -EEXIST;
919 goto fail;
920 }
921
922 *_fd = fd;
923 return 0;
924
925 fail:
926 if (fd >= 0)
927 close_nointr_nofail(fd);
928
929 return r;
930 }
931
932 static int mq_address_create(
933 const char *path,
934 mode_t mq_mode,
935 long maxmsg,
936 long msgsize,
937 int *_fd) {
938
939 int fd = -1, r = 0;
940 struct stat st;
941 mode_t old_mask;
942 struct mq_attr _attr, *attr = NULL;
943
944 assert(path);
945 assert(_fd);
946
947 if (maxmsg > 0 && msgsize > 0) {
948 zero(_attr);
949 _attr.mq_flags = O_NONBLOCK;
950 _attr.mq_maxmsg = maxmsg;
951 _attr.mq_msgsize = msgsize;
952 attr = &_attr;
953 }
954
955 /* Enforce the right access mode for the mq */
956 old_mask = umask(~ mq_mode);
957
958 /* Include the original umask in our mask */
959 umask(~mq_mode | old_mask);
960
961 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
962 umask(old_mask);
963
964 if (fd < 0) {
965 r = -errno;
966 goto fail;
967 }
968
969 if (fstat(fd, &st) < 0) {
970 r = -errno;
971 goto fail;
972 }
973
974 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
975 st.st_uid != getuid() ||
976 st.st_gid != getgid()) {
977
978 r = -EEXIST;
979 goto fail;
980 }
981
982 *_fd = fd;
983 return 0;
984
985 fail:
986 if (fd >= 0)
987 close_nointr_nofail(fd);
988
989 return r;
990 }
991
992 static int socket_open_fds(Socket *s) {
993 SocketPort *p;
994 int r;
995 char *label = NULL;
996 bool know_label = false;
997
998 assert(s);
999
1000 LIST_FOREACH(port, p, s->ports) {
1001
1002 if (p->fd >= 0)
1003 continue;
1004
1005 if (p->type == SOCKET_SOCKET) {
1006
1007 if (!know_label) {
1008
1009 if ((r = socket_instantiate_service(s)) < 0)
1010 return r;
1011
1012 if (UNIT_ISSET(s->service) &&
1013 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1014 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1015
1016 if (r < 0) {
1017 if (r != -EPERM)
1018 return r;
1019 }
1020 }
1021
1022 know_label = true;
1023 }
1024
1025 r = socket_address_listen(
1026 &p->address,
1027 SOCK_CLOEXEC|SOCK_NONBLOCK,
1028 s->backlog,
1029 s->bind_ipv6_only,
1030 s->bind_to_device,
1031 s->free_bind,
1032 s->transparent,
1033 s->directory_mode,
1034 s->socket_mode,
1035 label);
1036 if (r < 0)
1037 goto rollback;
1038
1039 p->fd = r;
1040 socket_apply_socket_options(s, p->fd);
1041
1042 } else if (p->type == SOCKET_SPECIAL) {
1043
1044 r = special_address_create(
1045 p->path,
1046 &p->fd);
1047 if (r < 0)
1048 goto rollback;
1049
1050 } else if (p->type == SOCKET_FIFO) {
1051
1052 r = fifo_address_create(
1053 p->path,
1054 s->directory_mode,
1055 s->socket_mode,
1056 &p->fd);
1057 if (r < 0)
1058 goto rollback;
1059
1060 socket_apply_fifo_options(s, p->fd);
1061 } else if (p->type == SOCKET_MQUEUE) {
1062
1063 r = mq_address_create(
1064 p->path,
1065 s->socket_mode,
1066 s->mq_maxmsg,
1067 s->mq_msgsize,
1068 &p->fd);
1069 if (r < 0)
1070 goto rollback;
1071 } else
1072 assert_not_reached("Unknown port type");
1073 }
1074
1075 label_free(label);
1076 return 0;
1077
1078 rollback:
1079 socket_close_fds(s);
1080 label_free(label);
1081 return r;
1082 }
1083
1084 static void socket_unwatch_fds(Socket *s) {
1085 SocketPort *p;
1086 int r;
1087
1088 assert(s);
1089
1090 LIST_FOREACH(port, p, s->ports) {
1091 if (p->fd < 0)
1092 continue;
1093
1094 if (p->event_source) {
1095 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1096 if (r < 0)
1097 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1098 }
1099 }
1100 }
1101
1102 static int socket_watch_fds(Socket *s) {
1103 SocketPort *p;
1104 int r;
1105
1106 assert(s);
1107
1108 LIST_FOREACH(port, p, s->ports) {
1109 if (p->fd < 0)
1110 continue;
1111
1112 if (p->event_source)
1113 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1114 else
1115 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1116
1117 if (r < 0) {
1118 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1119 goto fail;
1120 }
1121 }
1122
1123 return 0;
1124
1125 fail:
1126 socket_unwatch_fds(s);
1127 return r;
1128 }
1129
1130 static void socket_set_state(Socket *s, SocketState state) {
1131 SocketState old_state;
1132 assert(s);
1133
1134 old_state = s->state;
1135 s->state = state;
1136
1137 if (state != SOCKET_START_PRE &&
1138 state != SOCKET_START_POST &&
1139 state != SOCKET_STOP_PRE &&
1140 state != SOCKET_STOP_PRE_SIGTERM &&
1141 state != SOCKET_STOP_PRE_SIGKILL &&
1142 state != SOCKET_STOP_POST &&
1143 state != SOCKET_FINAL_SIGTERM &&
1144 state != SOCKET_FINAL_SIGKILL) {
1145
1146 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1147 socket_unwatch_control_pid(s);
1148 s->control_command = NULL;
1149 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1150 }
1151
1152 if (state != SOCKET_LISTENING)
1153 socket_unwatch_fds(s);
1154
1155 if (state != SOCKET_START_POST &&
1156 state != SOCKET_LISTENING &&
1157 state != SOCKET_RUNNING &&
1158 state != SOCKET_STOP_PRE &&
1159 state != SOCKET_STOP_PRE_SIGTERM &&
1160 state != SOCKET_STOP_PRE_SIGKILL)
1161 socket_close_fds(s);
1162
1163 if (state != old_state)
1164 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1165 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1166
1167 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1168 }
1169
1170 static int socket_coldplug(Unit *u) {
1171 Socket *s = SOCKET(u);
1172 int r;
1173
1174 assert(s);
1175 assert(s->state == SOCKET_DEAD);
1176
1177 if (s->deserialized_state == s->state)
1178 return 0;
1179
1180 if (s->deserialized_state == SOCKET_START_PRE ||
1181 s->deserialized_state == SOCKET_START_POST ||
1182 s->deserialized_state == SOCKET_STOP_PRE ||
1183 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1184 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL ||
1185 s->deserialized_state == SOCKET_STOP_POST ||
1186 s->deserialized_state == SOCKET_FINAL_SIGTERM ||
1187 s->deserialized_state == SOCKET_FINAL_SIGKILL) {
1188
1189 if (s->control_pid <= 0)
1190 return -EBADMSG;
1191
1192 r = unit_watch_pid(UNIT(s), s->control_pid);
1193 if (r < 0)
1194 return r;
1195
1196 r = socket_arm_timer(s);
1197 if (r < 0)
1198 return r;
1199 }
1200
1201 if (s->deserialized_state == SOCKET_START_POST ||
1202 s->deserialized_state == SOCKET_LISTENING ||
1203 s->deserialized_state == SOCKET_RUNNING ||
1204 s->deserialized_state == SOCKET_STOP_PRE ||
1205 s->deserialized_state == SOCKET_STOP_PRE_SIGTERM ||
1206 s->deserialized_state == SOCKET_STOP_PRE_SIGKILL) {
1207 r = socket_open_fds(s);
1208 if (r < 0)
1209 return r;
1210 }
1211
1212 if (s->deserialized_state == SOCKET_LISTENING) {
1213 r = socket_watch_fds(s);
1214 if (r < 0)
1215 return r;
1216 }
1217
1218 socket_set_state(s, s->deserialized_state);
1219 return 0;
1220 }
1221
1222 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1223 pid_t pid;
1224 int r;
1225 char **argv;
1226
1227 assert(s);
1228 assert(c);
1229 assert(_pid);
1230
1231 unit_realize_cgroup(UNIT(s));
1232
1233 r = unit_setup_exec_runtime(UNIT(s));
1234 if (r < 0)
1235 goto fail;
1236
1237 r = socket_arm_timer(s);
1238 if (r < 0)
1239 goto fail;
1240
1241 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1242 if (r < 0)
1243 goto fail;
1244
1245 r = exec_spawn(c,
1246 argv,
1247 &s->exec_context,
1248 NULL, 0,
1249 UNIT(s)->manager->environment,
1250 true,
1251 true,
1252 true,
1253 UNIT(s)->manager->confirm_spawn,
1254 UNIT(s)->manager->cgroup_supported,
1255 UNIT(s)->cgroup_path,
1256 UNIT(s)->id,
1257 0,
1258 NULL,
1259 s->exec_runtime,
1260 &pid);
1261
1262 strv_free(argv);
1263 if (r < 0)
1264 goto fail;
1265
1266 r = unit_watch_pid(UNIT(s), pid);
1267 if (r < 0)
1268 /* FIXME: we need to do something here */
1269 goto fail;
1270
1271 *_pid = pid;
1272
1273 return 0;
1274
1275 fail:
1276 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1277
1278 return r;
1279 }
1280
1281 static void socket_enter_dead(Socket *s, SocketResult f) {
1282 assert(s);
1283
1284 if (f != SOCKET_SUCCESS)
1285 s->result = f;
1286
1287 exec_runtime_destroy(s->exec_runtime);
1288 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1289
1290 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1291 }
1292
1293 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1294
1295 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1296 int r;
1297 assert(s);
1298
1299 if (f != SOCKET_SUCCESS)
1300 s->result = f;
1301
1302 socket_unwatch_control_pid(s);
1303
1304 s->control_command_id = SOCKET_EXEC_STOP_POST;
1305
1306 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST])) {
1307 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1308 goto fail;
1309
1310 socket_set_state(s, SOCKET_STOP_POST);
1311 } else
1312 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1313
1314 return;
1315
1316 fail:
1317 log_warning_unit(UNIT(s)->id,
1318 "%s failed to run 'stop-post' task: %s",
1319 UNIT(s)->id, strerror(-r));
1320 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1321 }
1322
1323 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1324 int r;
1325
1326 assert(s);
1327
1328 if (f != SOCKET_SUCCESS)
1329 s->result = f;
1330
1331 r = unit_kill_context(
1332 UNIT(s),
1333 &s->kill_context,
1334 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1335 -1,
1336 s->control_pid,
1337 false);
1338 if (r < 0)
1339 goto fail;
1340
1341 if (r > 0) {
1342 r = socket_arm_timer(s);
1343 if (r < 0)
1344 goto fail;
1345
1346 socket_set_state(s, state);
1347 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1348 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1349 else if (state == SOCKET_STOP_PRE_SIGKILL)
1350 socket_enter_stop_post(s, SOCKET_SUCCESS);
1351 else if (state == SOCKET_FINAL_SIGTERM)
1352 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1353 else
1354 socket_enter_dead(s, SOCKET_SUCCESS);
1355
1356 return;
1357
1358 fail:
1359 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1360
1361 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1362 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1363 else
1364 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1365 }
1366
1367 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1368 int r;
1369 assert(s);
1370
1371 if (f != SOCKET_SUCCESS)
1372 s->result = f;
1373
1374 socket_unwatch_control_pid(s);
1375
1376 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1377
1378 if ((s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE])) {
1379 if ((r = socket_spawn(s, s->control_command, &s->control_pid)) < 0)
1380 goto fail;
1381
1382 socket_set_state(s, SOCKET_STOP_PRE);
1383 } else
1384 socket_enter_stop_post(s, SOCKET_SUCCESS);
1385
1386 return;
1387
1388 fail:
1389 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1390 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1391 }
1392
1393 static void socket_enter_listening(Socket *s) {
1394 int r;
1395 assert(s);
1396
1397 r = socket_watch_fds(s);
1398 if (r < 0) {
1399 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1400 goto fail;
1401 }
1402
1403 socket_set_state(s, SOCKET_LISTENING);
1404 return;
1405
1406 fail:
1407 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1408 }
1409
1410 static void socket_enter_start_post(Socket *s) {
1411 int r;
1412 assert(s);
1413
1414 r = socket_open_fds(s);
1415 if (r < 0) {
1416 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1417 goto fail;
1418 }
1419
1420 socket_unwatch_control_pid(s);
1421
1422 s->control_command_id = SOCKET_EXEC_START_POST;
1423
1424 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_POST])) {
1425 r = socket_spawn(s, s->control_command, &s->control_pid);
1426 if (r < 0) {
1427 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1428 goto fail;
1429 }
1430
1431 socket_set_state(s, SOCKET_START_POST);
1432 } else
1433 socket_enter_listening(s);
1434
1435 return;
1436
1437 fail:
1438 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1439 }
1440
1441 static void socket_enter_start_pre(Socket *s) {
1442 int r;
1443 assert(s);
1444
1445 socket_unwatch_control_pid(s);
1446
1447 s->control_command_id = SOCKET_EXEC_START_PRE;
1448
1449 if ((s->control_command = s->exec_command[SOCKET_EXEC_START_PRE])) {
1450 r = socket_spawn(s, s->control_command, &s->control_pid);
1451 if (r < 0)
1452 goto fail;
1453
1454 socket_set_state(s, SOCKET_START_PRE);
1455 } else
1456 socket_enter_start_post(s);
1457
1458 return;
1459
1460 fail:
1461 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1462 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1463 }
1464
1465 static void socket_enter_running(Socket *s, int cfd) {
1466 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1467 int r;
1468
1469 assert(s);
1470
1471 /* We don't take connections anymore if we are supposed to
1472 * shut down anyway */
1473 if (unit_stop_pending(UNIT(s))) {
1474
1475 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1476
1477 if (cfd >= 0)
1478 close_nointr_nofail(cfd);
1479 else {
1480 /* Flush all sockets by closing and reopening them */
1481 socket_close_fds(s);
1482
1483 r = socket_open_fds(s);
1484 if (r < 0) {
1485 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1486 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1487 return;
1488 }
1489
1490 r = socket_watch_fds(s);
1491 if (r < 0) {
1492 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1493 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1494 }
1495 }
1496
1497 return;
1498 }
1499
1500 if (cfd < 0) {
1501 Iterator i;
1502 Unit *other;
1503 bool pending = false;
1504
1505 /* If there's already a start pending don't bother to
1506 * do anything */
1507 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1508 if (unit_active_or_pending(other)) {
1509 pending = true;
1510 break;
1511 }
1512
1513 if (!pending) {
1514 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1515 if (r < 0)
1516 goto fail;
1517 }
1518
1519 socket_set_state(s, SOCKET_RUNNING);
1520 } else {
1521 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1522 Service *service;
1523
1524 if (s->n_connections >= s->max_connections) {
1525 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1526 close_nointr_nofail(cfd);
1527 return;
1528 }
1529
1530 r = socket_instantiate_service(s);
1531 if (r < 0)
1532 goto fail;
1533
1534 r = instance_from_socket(cfd, s->n_accepted, &instance);
1535 if (r < 0) {
1536 if (r != -ENOTCONN)
1537 goto fail;
1538
1539 /* ENOTCONN is legitimate if TCP RST was received.
1540 * This connection is over, but the socket unit lives on. */
1541 close_nointr_nofail(cfd);
1542 return;
1543 }
1544
1545 prefix = unit_name_to_prefix(UNIT(s)->id);
1546 if (!prefix) {
1547 r = -ENOMEM;
1548 goto fail;
1549 }
1550
1551 name = unit_name_build(prefix, instance, ".service");
1552 if (!name) {
1553 r = -ENOMEM;
1554 goto fail;
1555 }
1556
1557 r = unit_add_name(UNIT_DEREF(s->service), name);
1558 if (r < 0)
1559 goto fail;
1560
1561 service = SERVICE(UNIT_DEREF(s->service));
1562 unit_ref_unset(&s->service);
1563 s->n_accepted ++;
1564
1565 UNIT(service)->no_gc = false;
1566
1567 unit_choose_id(UNIT(service), name);
1568
1569 r = service_set_socket_fd(service, cfd, s);
1570 if (r < 0)
1571 goto fail;
1572
1573 cfd = -1;
1574 s->n_connections ++;
1575
1576 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1577 if (r < 0)
1578 goto fail;
1579
1580 /* Notify clients about changed counters */
1581 unit_add_to_dbus_queue(UNIT(s));
1582 }
1583
1584 return;
1585
1586 fail:
1587 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1588 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1589 bus_error_message(&error, r));
1590
1591 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1592
1593 if (cfd >= 0)
1594 close_nointr_nofail(cfd);
1595 }
1596
1597 static void socket_run_next(Socket *s) {
1598 int r;
1599
1600 assert(s);
1601 assert(s->control_command);
1602 assert(s->control_command->command_next);
1603
1604 socket_unwatch_control_pid(s);
1605
1606 s->control_command = s->control_command->command_next;
1607
1608 r = socket_spawn(s, s->control_command, &s->control_pid);
1609 if (r < 0)
1610 goto fail;
1611
1612 return;
1613
1614 fail:
1615 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1616
1617 if (s->state == SOCKET_START_POST)
1618 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1619 else if (s->state == SOCKET_STOP_POST)
1620 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1621 else
1622 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1623 }
1624
1625 static int socket_start(Unit *u) {
1626 Socket *s = SOCKET(u);
1627
1628 assert(s);
1629
1630 /* We cannot fulfill this request right now, try again later
1631 * please! */
1632 if (s->state == SOCKET_STOP_PRE ||
1633 s->state == SOCKET_STOP_PRE_SIGKILL ||
1634 s->state == SOCKET_STOP_PRE_SIGTERM ||
1635 s->state == SOCKET_STOP_POST ||
1636 s->state == SOCKET_FINAL_SIGTERM ||
1637 s->state == SOCKET_FINAL_SIGKILL)
1638 return -EAGAIN;
1639
1640 if (s->state == SOCKET_START_PRE ||
1641 s->state == SOCKET_START_POST)
1642 return 0;
1643
1644 /* Cannot run this without the service being around */
1645 if (UNIT_ISSET(s->service)) {
1646 Service *service;
1647
1648 service = SERVICE(UNIT_DEREF(s->service));
1649
1650 if (UNIT(service)->load_state != UNIT_LOADED) {
1651 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1652 return -ENOENT;
1653 }
1654
1655 /* If the service is already active we cannot start the
1656 * socket */
1657 if (service->state != SERVICE_DEAD &&
1658 service->state != SERVICE_FAILED &&
1659 service->state != SERVICE_AUTO_RESTART) {
1660 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1661 return -EBUSY;
1662 }
1663
1664 #ifdef HAVE_SYSV_COMPAT
1665 if (service->is_sysv) {
1666 log_error_unit(u->id,
1667 "Using SysV services for socket activation is not supported. Refusing.");
1668 return -ENOENT;
1669 }
1670 #endif
1671 }
1672
1673 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1674
1675 s->result = SOCKET_SUCCESS;
1676 socket_enter_start_pre(s);
1677
1678 return 0;
1679 }
1680
1681 static int socket_stop(Unit *u) {
1682 Socket *s = SOCKET(u);
1683
1684 assert(s);
1685
1686 /* Already on it */
1687 if (s->state == SOCKET_STOP_PRE ||
1688 s->state == SOCKET_STOP_PRE_SIGTERM ||
1689 s->state == SOCKET_STOP_PRE_SIGKILL ||
1690 s->state == SOCKET_STOP_POST ||
1691 s->state == SOCKET_FINAL_SIGTERM ||
1692 s->state == SOCKET_FINAL_SIGKILL)
1693 return 0;
1694
1695 /* If there's already something running we go directly into
1696 * kill mode. */
1697 if (s->state == SOCKET_START_PRE ||
1698 s->state == SOCKET_START_POST) {
1699 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1700 return -EAGAIN;
1701 }
1702
1703 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1704
1705 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1706 return 0;
1707 }
1708
1709 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1710 Socket *s = SOCKET(u);
1711 SocketPort *p;
1712 int r;
1713
1714 assert(u);
1715 assert(f);
1716 assert(fds);
1717
1718 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1719 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1720 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1721
1722 if (s->control_pid > 0)
1723 unit_serialize_item_format(u, f, "control-pid", "%lu", (unsigned long) s->control_pid);
1724
1725 if (s->control_command_id >= 0)
1726 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1727
1728 LIST_FOREACH(port, p, s->ports) {
1729 int copy;
1730
1731 if (p->fd < 0)
1732 continue;
1733
1734 copy = fdset_put_dup(fds, p->fd);
1735 if (copy < 0)
1736 return copy;
1737
1738 if (p->type == SOCKET_SOCKET) {
1739 _cleanup_free_ char *t = NULL;
1740
1741 r = socket_address_print(&p->address, &t);
1742 if (r < 0)
1743 return r;
1744
1745 if (socket_address_family(&p->address) == AF_NETLINK)
1746 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1747 else
1748 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1749
1750 } else if (p->type == SOCKET_SPECIAL)
1751 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1752 else if (p->type == SOCKET_MQUEUE)
1753 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1754 else {
1755 assert(p->type == SOCKET_FIFO);
1756 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1757 }
1758 }
1759
1760 return 0;
1761 }
1762
1763 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1764 Socket *s = SOCKET(u);
1765
1766 assert(u);
1767 assert(key);
1768 assert(value);
1769
1770 if (streq(key, "state")) {
1771 SocketState state;
1772
1773 state = socket_state_from_string(value);
1774 if (state < 0)
1775 log_debug_unit(u->id, "Failed to parse state value %s", value);
1776 else
1777 s->deserialized_state = state;
1778 } else if (streq(key, "result")) {
1779 SocketResult f;
1780
1781 f = socket_result_from_string(value);
1782 if (f < 0)
1783 log_debug_unit(u->id, "Failed to parse result value %s", value);
1784 else if (f != SOCKET_SUCCESS)
1785 s->result = f;
1786
1787 } else if (streq(key, "n-accepted")) {
1788 unsigned k;
1789
1790 if (safe_atou(value, &k) < 0)
1791 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1792 else
1793 s->n_accepted += k;
1794 } else if (streq(key, "control-pid")) {
1795 pid_t pid;
1796
1797 if (parse_pid(value, &pid) < 0)
1798 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
1799 else
1800 s->control_pid = pid;
1801 } else if (streq(key, "control-command")) {
1802 SocketExecCommand id;
1803
1804 id = socket_exec_command_from_string(value);
1805 if (id < 0)
1806 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
1807 else {
1808 s->control_command_id = id;
1809 s->control_command = s->exec_command[id];
1810 }
1811 } else if (streq(key, "fifo")) {
1812 int fd, skip = 0;
1813 SocketPort *p;
1814
1815 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1816 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
1817 else {
1818
1819 LIST_FOREACH(port, p, s->ports)
1820 if (p->type == SOCKET_FIFO &&
1821 streq_ptr(p->path, value+skip))
1822 break;
1823
1824 if (p) {
1825 if (p->fd >= 0)
1826 close_nointr_nofail(p->fd);
1827 p->fd = fdset_remove(fds, fd);
1828 }
1829 }
1830
1831 } else if (streq(key, "special")) {
1832 int fd, skip = 0;
1833 SocketPort *p;
1834
1835 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1836 log_debug_unit(u->id, "Failed to parse special value %s", value);
1837 else {
1838
1839 LIST_FOREACH(port, p, s->ports)
1840 if (p->type == SOCKET_SPECIAL &&
1841 streq_ptr(p->path, value+skip))
1842 break;
1843
1844 if (p) {
1845 if (p->fd >= 0)
1846 close_nointr_nofail(p->fd);
1847 p->fd = fdset_remove(fds, fd);
1848 }
1849 }
1850
1851 } else if (streq(key, "mqueue")) {
1852 int fd, skip = 0;
1853 SocketPort *p;
1854
1855 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1856 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
1857 else {
1858
1859 LIST_FOREACH(port, p, s->ports)
1860 if (p->type == SOCKET_MQUEUE &&
1861 streq_ptr(p->path, value+skip))
1862 break;
1863
1864 if (p) {
1865 if (p->fd >= 0)
1866 close_nointr_nofail(p->fd);
1867 p->fd = fdset_remove(fds, fd);
1868 }
1869 }
1870
1871 } else if (streq(key, "socket")) {
1872 int fd, type, skip = 0;
1873 SocketPort *p;
1874
1875 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
1876 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1877 else {
1878
1879 LIST_FOREACH(port, p, s->ports)
1880 if (socket_address_is(&p->address, value+skip, type))
1881 break;
1882
1883 if (p) {
1884 if (p->fd >= 0)
1885 close_nointr_nofail(p->fd);
1886 p->fd = fdset_remove(fds, fd);
1887 }
1888 }
1889
1890 } else if (streq(key, "netlink")) {
1891 int fd, skip = 0;
1892 SocketPort *p;
1893
1894 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
1895 log_debug_unit(u->id, "Failed to parse socket value %s", value);
1896 else {
1897
1898 LIST_FOREACH(port, p, s->ports)
1899 if (socket_address_is_netlink(&p->address, value+skip))
1900 break;
1901
1902 if (p) {
1903 if (p->fd >= 0)
1904 close_nointr_nofail(p->fd);
1905 p->fd = fdset_remove(fds, fd);
1906 }
1907 }
1908 } else
1909 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
1910
1911 return 0;
1912 }
1913
1914 static int socket_distribute_fds(Unit *u, FDSet *fds) {
1915 Socket *s = SOCKET(u);
1916 SocketPort *p;
1917
1918 assert(u);
1919
1920 LIST_FOREACH(port, p, s->ports) {
1921 Iterator i;
1922 int fd;
1923
1924 if (p->type != SOCKET_SOCKET)
1925 continue;
1926
1927 if (p->fd >= 0)
1928 continue;
1929
1930 FDSET_FOREACH(fd, fds, i) {
1931 if (socket_address_matches_fd(&p->address, fd)) {
1932 p->fd = fdset_remove(fds, fd);
1933 s->deserialized_state = SOCKET_LISTENING;
1934 break;
1935 }
1936 }
1937 }
1938
1939 return 0;
1940 }
1941
1942 _pure_ static UnitActiveState socket_active_state(Unit *u) {
1943 assert(u);
1944
1945 return state_translation_table[SOCKET(u)->state];
1946 }
1947
1948 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
1949 assert(u);
1950
1951 return socket_state_to_string(SOCKET(u)->state);
1952 }
1953
1954 const char* socket_port_type_to_string(SocketPort *p) {
1955
1956 assert(p);
1957
1958 switch (p->type) {
1959
1960 case SOCKET_SOCKET:
1961
1962 switch (p->address.type) {
1963
1964 case SOCK_STREAM:
1965 return "Stream";
1966
1967 case SOCK_DGRAM:
1968 return "Datagram";
1969
1970 case SOCK_SEQPACKET:
1971 return "SequentialPacket";
1972
1973 case SOCK_RAW:
1974 if (socket_address_family(&p->address) == AF_NETLINK)
1975 return "Netlink";
1976
1977 default:
1978 return NULL;
1979 }
1980
1981 case SOCKET_SPECIAL:
1982 return "Special";
1983
1984 case SOCKET_MQUEUE:
1985 return "MessageQueue";
1986
1987 case SOCKET_FIFO:
1988 return "FIFO";
1989
1990 default:
1991 return NULL;
1992 }
1993 }
1994
1995 _pure_ static bool socket_check_gc(Unit *u) {
1996 Socket *s = SOCKET(u);
1997
1998 assert(u);
1999
2000 return s->n_connections > 0;
2001 }
2002
2003 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2004 SocketPort *p = userdata;
2005 int cfd = -1;
2006
2007 assert(p);
2008 assert(fd >= 0);
2009
2010 if (p->socket->state != SOCKET_LISTENING)
2011 return 0;
2012
2013 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2014
2015 if (revents != EPOLLIN) {
2016
2017 if (revents & EPOLLHUP)
2018 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2019 UNIT(p->socket)->id);
2020 else
2021 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2022 UNIT(p->socket)->id, revents);
2023
2024 goto fail;
2025 }
2026
2027 if (p->socket->accept &&
2028 p->type == SOCKET_SOCKET &&
2029 socket_address_can_accept(&p->address)) {
2030
2031 for (;;) {
2032
2033 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2034 if (cfd < 0) {
2035
2036 if (errno == EINTR)
2037 continue;
2038
2039 log_error_unit(UNIT(p->socket)->id,
2040 "Failed to accept socket: %m");
2041 goto fail;
2042 }
2043
2044 break;
2045 }
2046
2047 socket_apply_socket_options(p->socket, cfd);
2048 }
2049
2050 socket_enter_running(p->socket, cfd);
2051 return 0;
2052
2053 fail:
2054 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2055 return 0;
2056 }
2057
2058 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2059 Socket *s = SOCKET(u);
2060 SocketResult f;
2061
2062 assert(s);
2063 assert(pid >= 0);
2064
2065 if (pid != s->control_pid)
2066 return;
2067
2068 s->control_pid = 0;
2069
2070 if (is_clean_exit(code, status, NULL))
2071 f = SOCKET_SUCCESS;
2072 else if (code == CLD_EXITED)
2073 f = SOCKET_FAILURE_EXIT_CODE;
2074 else if (code == CLD_KILLED)
2075 f = SOCKET_FAILURE_SIGNAL;
2076 else if (code == CLD_DUMPED)
2077 f = SOCKET_FAILURE_CORE_DUMP;
2078 else
2079 assert_not_reached("Unknown code");
2080
2081 if (s->control_command) {
2082 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2083
2084 if (s->control_command->ignore)
2085 f = SOCKET_SUCCESS;
2086 }
2087
2088 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2089 u->id,
2090 "%s control process exited, code=%s status=%i",
2091 u->id, sigchld_code_to_string(code), status);
2092
2093 if (f != SOCKET_SUCCESS)
2094 s->result = f;
2095
2096 if (s->control_command &&
2097 s->control_command->command_next &&
2098 f == SOCKET_SUCCESS) {
2099
2100 log_debug_unit(u->id,
2101 "%s running next command for state %s",
2102 u->id, socket_state_to_string(s->state));
2103 socket_run_next(s);
2104 } else {
2105 s->control_command = NULL;
2106 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2107
2108 /* No further commands for this step, so let's figure
2109 * out what to do next */
2110
2111 log_debug_unit(u->id,
2112 "%s got final SIGCHLD for state %s",
2113 u->id, socket_state_to_string(s->state));
2114
2115 switch (s->state) {
2116
2117 case SOCKET_START_PRE:
2118 if (f == SOCKET_SUCCESS)
2119 socket_enter_start_post(s);
2120 else
2121 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2122 break;
2123
2124 case SOCKET_START_POST:
2125 if (f == SOCKET_SUCCESS)
2126 socket_enter_listening(s);
2127 else
2128 socket_enter_stop_pre(s, f);
2129 break;
2130
2131 case SOCKET_STOP_PRE:
2132 case SOCKET_STOP_PRE_SIGTERM:
2133 case SOCKET_STOP_PRE_SIGKILL:
2134 socket_enter_stop_post(s, f);
2135 break;
2136
2137 case SOCKET_STOP_POST:
2138 case SOCKET_FINAL_SIGTERM:
2139 case SOCKET_FINAL_SIGKILL:
2140 socket_enter_dead(s, f);
2141 break;
2142
2143 default:
2144 assert_not_reached("Uh, control process died at wrong time.");
2145 }
2146 }
2147
2148 /* Notify clients about changed exit status */
2149 unit_add_to_dbus_queue(u);
2150 }
2151
2152 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2153 Socket *s = SOCKET(userdata);
2154
2155 assert(s);
2156 assert(s->timer_event_source == source);
2157
2158 switch (s->state) {
2159
2160 case SOCKET_START_PRE:
2161 log_warning_unit(UNIT(s)->id,
2162 "%s starting timed out. Terminating.", UNIT(s)->id);
2163 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2164 break;
2165
2166 case SOCKET_START_POST:
2167 log_warning_unit(UNIT(s)->id,
2168 "%s starting timed out. Stopping.", UNIT(s)->id);
2169 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2170 break;
2171
2172 case SOCKET_STOP_PRE:
2173 log_warning_unit(UNIT(s)->id,
2174 "%s stopping timed out. Terminating.", UNIT(s)->id);
2175 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2176 break;
2177
2178 case SOCKET_STOP_PRE_SIGTERM:
2179 if (s->kill_context.send_sigkill) {
2180 log_warning_unit(UNIT(s)->id,
2181 "%s stopping timed out. Killing.", UNIT(s)->id);
2182 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2183 } else {
2184 log_warning_unit(UNIT(s)->id,
2185 "%s stopping timed out. Skipping SIGKILL. Ignoring.",
2186 UNIT(s)->id);
2187 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2188 }
2189 break;
2190
2191 case SOCKET_STOP_PRE_SIGKILL:
2192 log_warning_unit(UNIT(s)->id,
2193 "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2194 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2195 break;
2196
2197 case SOCKET_STOP_POST:
2198 log_warning_unit(UNIT(s)->id,
2199 "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2200 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2201 break;
2202
2203 case SOCKET_FINAL_SIGTERM:
2204 if (s->kill_context.send_sigkill) {
2205 log_warning_unit(UNIT(s)->id,
2206 "%s stopping timed out (2). Killing.", UNIT(s)->id);
2207 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2208 } else {
2209 log_warning_unit(UNIT(s)->id,
2210 "%s stopping timed out (2). Skipping SIGKILL. Ignoring.",
2211 UNIT(s)->id);
2212 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2213 }
2214 break;
2215
2216 case SOCKET_FINAL_SIGKILL:
2217 log_warning_unit(UNIT(s)->id,
2218 "%s still around after SIGKILL (2). Entering failed mode.",
2219 UNIT(s)->id);
2220 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2221 break;
2222
2223 default:
2224 assert_not_reached("Timeout at wrong time.");
2225 }
2226
2227 return 0;
2228 }
2229
2230 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2231 int *rfds;
2232 unsigned rn_fds, k;
2233 SocketPort *p;
2234
2235 assert(s);
2236 assert(fds);
2237 assert(n_fds);
2238
2239 /* Called from the service code for requesting our fds */
2240
2241 rn_fds = 0;
2242 LIST_FOREACH(port, p, s->ports)
2243 if (p->fd >= 0)
2244 rn_fds++;
2245
2246 if (rn_fds <= 0) {
2247 *fds = NULL;
2248 *n_fds = 0;
2249 return 0;
2250 }
2251
2252 if (!(rfds = new(int, rn_fds)))
2253 return -ENOMEM;
2254
2255 k = 0;
2256 LIST_FOREACH(port, p, s->ports)
2257 if (p->fd >= 0)
2258 rfds[k++] = p->fd;
2259
2260 assert(k == rn_fds);
2261
2262 *fds = rfds;
2263 *n_fds = rn_fds;
2264
2265 return 0;
2266 }
2267
2268 static void socket_reset_failed(Unit *u) {
2269 Socket *s = SOCKET(u);
2270
2271 assert(s);
2272
2273 if (s->state == SOCKET_FAILED)
2274 socket_set_state(s, SOCKET_DEAD);
2275
2276 s->result = SOCKET_SUCCESS;
2277 }
2278
2279 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2280 assert(s);
2281
2282 /* The service is dead. Dang!
2283 *
2284 * This is strictly for one-instance-for-all-connections
2285 * services. */
2286
2287 if (s->state == SOCKET_RUNNING) {
2288 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2289 if (failed_permanent)
2290 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2291 else
2292 socket_enter_listening(s);
2293 }
2294 }
2295
2296 void socket_connection_unref(Socket *s) {
2297 assert(s);
2298
2299 /* The service is dead. Yay!
2300 *
2301 * This is strictly for one-instance-per-connection
2302 * services. */
2303
2304 assert(s->n_connections > 0);
2305 s->n_connections--;
2306
2307 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2308 }
2309
2310 static void socket_trigger_notify(Unit *u, Unit *other) {
2311 Socket *s = SOCKET(u);
2312 Service *se;
2313
2314 assert(u);
2315 assert(other);
2316
2317 /* Don't propagate state changes from the service if we are
2318 already down or accepting connections */
2319 if ((s->state != SOCKET_RUNNING &&
2320 s->state != SOCKET_LISTENING) ||
2321 s->accept)
2322 return;
2323
2324 if (other->load_state != UNIT_LOADED ||
2325 other->type != UNIT_SERVICE)
2326 return;
2327
2328 se = SERVICE(other);
2329
2330 if (se->state == SERVICE_FAILED)
2331 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2332
2333 if (se->state == SERVICE_DEAD ||
2334 se->state == SERVICE_STOP ||
2335 se->state == SERVICE_STOP_SIGTERM ||
2336 se->state == SERVICE_STOP_SIGKILL ||
2337 se->state == SERVICE_STOP_POST ||
2338 se->state == SERVICE_FINAL_SIGTERM ||
2339 se->state == SERVICE_FINAL_SIGKILL ||
2340 se->state == SERVICE_AUTO_RESTART)
2341 socket_notify_service_dead(s, false);
2342
2343 if (se->state == SERVICE_RUNNING)
2344 socket_set_state(s, SOCKET_RUNNING);
2345 }
2346
2347 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2348 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2349 }
2350
2351 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2352 Socket *s = SOCKET(u);
2353 int r;
2354
2355 if (!s->timer_event_source)
2356 return 0;
2357
2358 r = sd_event_source_get_time(s->timer_event_source, timeout);
2359 if (r < 0)
2360 return r;
2361
2362 return 1;
2363 }
2364
2365 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2366 [SOCKET_DEAD] = "dead",
2367 [SOCKET_START_PRE] = "start-pre",
2368 [SOCKET_START_POST] = "start-post",
2369 [SOCKET_LISTENING] = "listening",
2370 [SOCKET_RUNNING] = "running",
2371 [SOCKET_STOP_PRE] = "stop-pre",
2372 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2373 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2374 [SOCKET_STOP_POST] = "stop-post",
2375 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2376 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2377 [SOCKET_FAILED] = "failed"
2378 };
2379
2380 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2381
2382 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2383 [SOCKET_EXEC_START_PRE] = "StartPre",
2384 [SOCKET_EXEC_START_POST] = "StartPost",
2385 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2386 [SOCKET_EXEC_STOP_POST] = "StopPost"
2387 };
2388
2389 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2390
2391 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2392 [SOCKET_SUCCESS] = "success",
2393 [SOCKET_FAILURE_RESOURCES] = "resources",
2394 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2395 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2396 [SOCKET_FAILURE_SIGNAL] = "signal",
2397 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2398 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2399 };
2400
2401 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2402
2403 const UnitVTable socket_vtable = {
2404 .object_size = sizeof(Socket),
2405 .exec_context_offset = offsetof(Socket, exec_context),
2406 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2407 .kill_context_offset = offsetof(Socket, kill_context),
2408 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2409
2410 .sections =
2411 "Unit\0"
2412 "Socket\0"
2413 "Install\0",
2414 .private_section = "Socket",
2415
2416 .init = socket_init,
2417 .done = socket_done,
2418 .load = socket_load,
2419
2420 .coldplug = socket_coldplug,
2421
2422 .dump = socket_dump,
2423
2424 .start = socket_start,
2425 .stop = socket_stop,
2426
2427 .kill = socket_kill,
2428
2429 .get_timeout = socket_get_timeout,
2430
2431 .serialize = socket_serialize,
2432 .deserialize_item = socket_deserialize_item,
2433 .distribute_fds = socket_distribute_fds,
2434
2435 .active_state = socket_active_state,
2436 .sub_state_to_string = socket_sub_state_to_string,
2437
2438 .check_gc = socket_check_gc,
2439
2440 .sigchld_event = socket_sigchld_event,
2441
2442 .trigger_notify = socket_trigger_notify,
2443
2444 .reset_failed = socket_reset_failed,
2445
2446 .bus_interface = "org.freedesktop.systemd1.Socket",
2447 .bus_vtable = bus_socket_vtable,
2448 .bus_set_property = bus_socket_set_property,
2449 .bus_commit_properties = bus_socket_commit_properties,
2450
2451 .status_message_formats = {
2452 /*.starting_stopping = {
2453 [0] = "Starting socket %s...",
2454 [1] = "Stopping socket %s...",
2455 },*/
2456 .finished_start_job = {
2457 [JOB_DONE] = "Listening on %s.",
2458 [JOB_FAILED] = "Failed to listen on %s.",
2459 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2460 [JOB_TIMEOUT] = "Timed out starting %s.",
2461 },
2462 .finished_stop_job = {
2463 [JOB_DONE] = "Closed %s.",
2464 [JOB_FAILED] = "Failed stopping %s.",
2465 [JOB_TIMEOUT] = "Timed out stopping %s.",
2466 },
2467 },
2468 };
Unnamed repository; edit this file 'description' to name the repository.