]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:


445cf6695c8cdae0400272c32c60700344f8f1fc
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <string.h>
6 #include <sys/prctl.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #include "sd-id128.h"
11 #include "sd-messages.h"
12
13 #include "all-units.h"
14 #include "alloc-util.h"
15 #include "bus-common-errors.h"
16 #include "bus-util.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
19 #include "dbus.h"
20 #include "dropin.h"
21 #include "escape.h"
22 #include "execute.h"
23 #include "fd-util.h"
24 #include "fileio-label.h"
25 #include "fileio.h"
26 #include "format-util.h"
27 #include "fs-util.h"
28 #include "id128-util.h"
29 #include "io-util.h"
30 #include "load-dropin.h"
31 #include "load-fragment.h"
32 #include "log.h"
33 #include "macro.h"
34 #include "missing.h"
35 #include "mkdir.h"
36 #include "parse-util.h"
37 #include "path-util.h"
38 #include "process-util.h"
39 #include "serialize.h"
40 #include "set.h"
41 #include "signal-util.h"
42 #include "sparse-endian.h"
43 #include "special.h"
44 #include "specifier.h"
45 #include "stat-util.h"
46 #include "stdio-util.h"
47 #include "string-table.h"
48 #include "string-util.h"
49 #include "strv.h"
50 #include "terminal-util.h"
51 #include "tmpfile-util.h"
52 #include "umask-util.h"
53 #include "unit-name.h"
54 #include "unit.h"
55 #include "user-util.h"
56 #include "virt.h"
57
58 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
59 [UNIT_SERVICE] = &service_vtable,
60 [UNIT_SOCKET] = &socket_vtable,
61 [UNIT_TARGET] = &target_vtable,
62 [UNIT_DEVICE] = &device_vtable,
63 [UNIT_MOUNT] = &mount_vtable,
64 [UNIT_AUTOMOUNT] = &automount_vtable,
65 [UNIT_SWAP] = &swap_vtable,
66 [UNIT_TIMER] = &timer_vtable,
67 [UNIT_PATH] = &path_vtable,
68 [UNIT_SLICE] = &slice_vtable,
69 [UNIT_SCOPE] = &scope_vtable,
70 };
71
72 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
73
74 Unit *unit_new(Manager *m, size_t size) {
75 Unit *u;
76
77 assert(m);
78 assert(size >= sizeof(Unit));
79
80 u = malloc0(size);
81 if (!u)
82 return NULL;
83
84 u->names = set_new(&string_hash_ops);
85 if (!u->names)
86 return mfree(u);
87
88 u->manager = m;
89 u->type = _UNIT_TYPE_INVALID;
90 u->default_dependencies = true;
91 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
92 u->unit_file_preset = -1;
93 u->on_failure_job_mode = JOB_REPLACE;
94 u->cgroup_inotify_wd = -1;
95 u->job_timeout = USEC_INFINITY;
96 u->job_running_timeout = USEC_INFINITY;
97 u->ref_uid = UID_INVALID;
98 u->ref_gid = GID_INVALID;
99 u->cpu_usage_last = NSEC_INFINITY;
100 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
101 u->failure_action_exit_status = u->success_action_exit_status = -1;
102
103 u->ip_accounting_ingress_map_fd = -1;
104 u->ip_accounting_egress_map_fd = -1;
105 u->ipv4_allow_map_fd = -1;
106 u->ipv6_allow_map_fd = -1;
107 u->ipv4_deny_map_fd = -1;
108 u->ipv6_deny_map_fd = -1;
109
110 u->last_section_private = -1;
111
112 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
113 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
114
115 return u;
116 }
117
118 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
119 _cleanup_(unit_freep) Unit *u = NULL;
120 int r;
121
122 u = unit_new(m, size);
123 if (!u)
124 return -ENOMEM;
125
126 r = unit_add_name(u, name);
127 if (r < 0)
128 return r;
129
130 *ret = TAKE_PTR(u);
131
132 return r;
133 }
134
135 bool unit_has_name(const Unit *u, const char *name) {
136 assert(u);
137 assert(name);
138
139 return set_contains(u->names, (char*) name);
140 }
141
142 static void unit_init(Unit *u) {
143 CGroupContext *cc;
144 ExecContext *ec;
145 KillContext *kc;
146
147 assert(u);
148 assert(u->manager);
149 assert(u->type >= 0);
150
151 cc = unit_get_cgroup_context(u);
152 if (cc) {
153 cgroup_context_init(cc);
154
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
158
159 cc->cpu_accounting = u->manager->default_cpu_accounting;
160 cc->io_accounting = u->manager->default_io_accounting;
161 cc->ip_accounting = u->manager->default_ip_accounting;
162 cc->blockio_accounting = u->manager->default_blockio_accounting;
163 cc->memory_accounting = u->manager->default_memory_accounting;
164 cc->tasks_accounting = u->manager->default_tasks_accounting;
165 cc->ip_accounting = u->manager->default_ip_accounting;
166
167 if (u->type != UNIT_SLICE)
168 cc->tasks_max = u->manager->default_tasks_max;
169 }
170
171 ec = unit_get_exec_context(u);
172 if (ec) {
173 exec_context_init(ec);
174
175 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
176 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
177 }
178
179 kc = unit_get_kill_context(u);
180 if (kc)
181 kill_context_init(kc);
182
183 if (UNIT_VTABLE(u)->init)
184 UNIT_VTABLE(u)->init(u);
185 }
186
187 int unit_add_name(Unit *u, const char *text) {
188 _cleanup_free_ char *s = NULL, *i = NULL;
189 UnitType t;
190 int r;
191
192 assert(u);
193 assert(text);
194
195 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
196
197 if (!u->instance)
198 return -EINVAL;
199
200 r = unit_name_replace_instance(text, u->instance, &s);
201 if (r < 0)
202 return r;
203 } else {
204 s = strdup(text);
205 if (!s)
206 return -ENOMEM;
207 }
208
209 if (set_contains(u->names, s))
210 return 0;
211 if (hashmap_contains(u->manager->units, s))
212 return -EEXIST;
213
214 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
215 return -EINVAL;
216
217 t = unit_name_to_type(s);
218 if (t < 0)
219 return -EINVAL;
220
221 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
222 return -EINVAL;
223
224 r = unit_name_to_instance(s, &i);
225 if (r < 0)
226 return r;
227
228 if (i && !unit_type_may_template(t))
229 return -EINVAL;
230
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
235 return -EINVAL;
236
237 if (!unit_type_may_alias(t) && !set_isempty(u->names))
238 return -EEXIST;
239
240 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
241 return -E2BIG;
242
243 r = set_put(u->names, s);
244 if (r < 0)
245 return r;
246 assert(r > 0);
247
248 r = hashmap_put(u->manager->units, s, u);
249 if (r < 0) {
250 (void) set_remove(u->names, s);
251 return r;
252 }
253
254 if (u->type == _UNIT_TYPE_INVALID) {
255 u->type = t;
256 u->id = s;
257 u->instance = TAKE_PTR(i);
258
259 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
260
261 unit_init(u);
262 }
263
264 s = NULL;
265
266 unit_add_to_dbus_queue(u);
267 return 0;
268 }
269
270 int unit_choose_id(Unit *u, const char *name) {
271 _cleanup_free_ char *t = NULL;
272 char *s, *i;
273 int r;
274
275 assert(u);
276 assert(name);
277
278 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
279
280 if (!u->instance)
281 return -EINVAL;
282
283 r = unit_name_replace_instance(name, u->instance, &t);
284 if (r < 0)
285 return r;
286
287 name = t;
288 }
289
290 /* Selects one of the names of this unit as the id */
291 s = set_get(u->names, (char*) name);
292 if (!s)
293 return -ENOENT;
294
295 /* Determine the new instance from the new id */
296 r = unit_name_to_instance(s, &i);
297 if (r < 0)
298 return r;
299
300 u->id = s;
301
302 free(u->instance);
303 u->instance = i;
304
305 unit_add_to_dbus_queue(u);
306
307 return 0;
308 }
309
310 int unit_set_description(Unit *u, const char *description) {
311 int r;
312
313 assert(u);
314
315 r = free_and_strdup(&u->description, empty_to_null(description));
316 if (r < 0)
317 return r;
318 if (r > 0)
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 bool unit_may_gc(Unit *u) {
325 UnitActiveState state;
326 int r;
327
328 assert(u);
329
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
333 *
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
336 */
337
338 if (u->job)
339 return false;
340
341 if (u->nop_job)
342 return false;
343
344 state = unit_active_state(u);
345
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
348 UNIT_VTABLE(u)->release_resources)
349 UNIT_VTABLE(u)->release_resources(u);
350
351 if (u->perpetual)
352 return false;
353
354 if (sd_bus_track_count(u->bus_track) > 0)
355 return false;
356
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u->collect_mode) {
359
360 case COLLECT_INACTIVE:
361 if (state != UNIT_INACTIVE)
362 return false;
363
364 break;
365
366 case COLLECT_INACTIVE_OR_FAILED:
367 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
368 return false;
369
370 break;
371
372 default:
373 assert_not_reached("Unknown garbage collection mode");
374 }
375
376 if (u->cgroup_path) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
379
380 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
381 if (r < 0)
382 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
383 if (r <= 0)
384 return false;
385 }
386
387 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
388 return false;
389
390 return true;
391 }
392
393 void unit_add_to_load_queue(Unit *u) {
394 assert(u);
395 assert(u->type != _UNIT_TYPE_INVALID);
396
397 if (u->load_state != UNIT_STUB || u->in_load_queue)
398 return;
399
400 LIST_PREPEND(load_queue, u->manager->load_queue, u);
401 u->in_load_queue = true;
402 }
403
404 void unit_add_to_cleanup_queue(Unit *u) {
405 assert(u);
406
407 if (u->in_cleanup_queue)
408 return;
409
410 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
411 u->in_cleanup_queue = true;
412 }
413
414 void unit_add_to_gc_queue(Unit *u) {
415 assert(u);
416
417 if (u->in_gc_queue || u->in_cleanup_queue)
418 return;
419
420 if (!unit_may_gc(u))
421 return;
422
423 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
424 u->in_gc_queue = true;
425 }
426
427 void unit_add_to_dbus_queue(Unit *u) {
428 assert(u);
429 assert(u->type != _UNIT_TYPE_INVALID);
430
431 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
432 return;
433
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
436 sd_bus_track_count(u->bus_track) <= 0 &&
437 set_isempty(u->manager->private_buses)) {
438 u->sent_dbus_new_signal = true;
439 return;
440 }
441
442 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
443 u->in_dbus_queue = true;
444 }
445
446 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
447 assert(u);
448
449 if (u->in_stop_when_unneeded_queue)
450 return;
451
452 if (!u->stop_when_unneeded)
453 return;
454
455 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
456 return;
457
458 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
459 u->in_stop_when_unneeded_queue = true;
460 }
461
462 static void bidi_set_free(Unit *u, Hashmap *h) {
463 Unit *other;
464 Iterator i;
465 void *v;
466
467 assert(u);
468
469 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
470
471 HASHMAP_FOREACH_KEY(v, other, h, i) {
472 UnitDependency d;
473
474 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
475 hashmap_remove(other->dependencies[d], u);
476
477 unit_add_to_gc_queue(other);
478 }
479
480 hashmap_free(h);
481 }
482
483 static void unit_remove_transient(Unit *u) {
484 char **i;
485
486 assert(u);
487
488 if (!u->transient)
489 return;
490
491 if (u->fragment_path)
492 (void) unlink(u->fragment_path);
493
494 STRV_FOREACH(i, u->dropin_paths) {
495 _cleanup_free_ char *p = NULL, *pp = NULL;
496
497 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
498 if (!p)
499 continue;
500
501 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
502 if (!pp)
503 continue;
504
505 /* Only drop transient drop-ins */
506 if (!path_equal(u->manager->lookup_paths.transient, pp))
507 continue;
508
509 (void) unlink(*i);
510 (void) rmdir(p);
511 }
512 }
513
514 static void unit_free_requires_mounts_for(Unit *u) {
515 assert(u);
516
517 for (;;) {
518 _cleanup_free_ char *path;
519
520 path = hashmap_steal_first_key(u->requires_mounts_for);
521 if (!path)
522 break;
523 else {
524 char s[strlen(path) + 1];
525
526 PATH_FOREACH_PREFIX_MORE(s, path) {
527 char *y;
528 Set *x;
529
530 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
531 if (!x)
532 continue;
533
534 (void) set_remove(x, u);
535
536 if (set_isempty(x)) {
537 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
538 free(y);
539 set_free(x);
540 }
541 }
542 }
543 }
544
545 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
546 }
547
548 static void unit_done(Unit *u) {
549 ExecContext *ec;
550 CGroupContext *cc;
551
552 assert(u);
553
554 if (u->type < 0)
555 return;
556
557 if (UNIT_VTABLE(u)->done)
558 UNIT_VTABLE(u)->done(u);
559
560 ec = unit_get_exec_context(u);
561 if (ec)
562 exec_context_done(ec);
563
564 cc = unit_get_cgroup_context(u);
565 if (cc)
566 cgroup_context_done(cc);
567 }
568
569 void unit_free(Unit *u) {
570 UnitDependency d;
571 Iterator i;
572 char *t;
573
574 if (!u)
575 return;
576
577 if (UNIT_ISSET(u->slice)) {
578 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
579 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u->slice));
580
581 /* And make sure the parent is realized again, updating cgroup memberships */
582 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u->slice));
583 }
584
585 u->transient_file = safe_fclose(u->transient_file);
586
587 if (!MANAGER_IS_RELOADING(u->manager))
588 unit_remove_transient(u);
589
590 bus_unit_send_removed_signal(u);
591
592 unit_done(u);
593
594 unit_dequeue_rewatch_pids(u);
595
596 sd_bus_slot_unref(u->match_bus_slot);
597 sd_bus_track_unref(u->bus_track);
598 u->deserialized_refs = strv_free(u->deserialized_refs);
599
600 unit_free_requires_mounts_for(u);
601
602 SET_FOREACH(t, u->names, i)
603 hashmap_remove_value(u->manager->units, t, u);
604
605 if (!sd_id128_is_null(u->invocation_id))
606 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
607
608 if (u->job) {
609 Job *j = u->job;
610 job_uninstall(j);
611 job_free(j);
612 }
613
614 if (u->nop_job) {
615 Job *j = u->nop_job;
616 job_uninstall(j);
617 job_free(j);
618 }
619
620 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
621 bidi_set_free(u, u->dependencies[d]);
622
623 if (u->on_console)
624 manager_unref_console(u->manager);
625
626 unit_release_cgroup(u);
627
628 if (!MANAGER_IS_RELOADING(u->manager))
629 unit_unlink_state_files(u);
630
631 unit_unref_uid_gid(u, false);
632
633 (void) manager_update_failed_units(u->manager, u, false);
634 set_remove(u->manager->startup_units, u);
635
636 unit_unwatch_all_pids(u);
637
638 unit_ref_unset(&u->slice);
639 while (u->refs_by_target)
640 unit_ref_unset(u->refs_by_target);
641
642 if (u->type != _UNIT_TYPE_INVALID)
643 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
644
645 if (u->in_load_queue)
646 LIST_REMOVE(load_queue, u->manager->load_queue, u);
647
648 if (u->in_dbus_queue)
649 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
650
651 if (u->in_gc_queue)
652 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
653
654 if (u->in_cgroup_realize_queue)
655 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
656
657 if (u->in_cgroup_empty_queue)
658 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
659
660 if (u->in_cleanup_queue)
661 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
662
663 if (u->in_target_deps_queue)
664 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
665
666 if (u->in_stop_when_unneeded_queue)
667 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
668
669 safe_close(u->ip_accounting_ingress_map_fd);
670 safe_close(u->ip_accounting_egress_map_fd);
671
672 safe_close(u->ipv4_allow_map_fd);
673 safe_close(u->ipv6_allow_map_fd);
674 safe_close(u->ipv4_deny_map_fd);
675 safe_close(u->ipv6_deny_map_fd);
676
677 bpf_program_unref(u->ip_bpf_ingress);
678 bpf_program_unref(u->ip_bpf_ingress_installed);
679 bpf_program_unref(u->ip_bpf_egress);
680 bpf_program_unref(u->ip_bpf_egress_installed);
681
682 bpf_program_unref(u->bpf_device_control_installed);
683
684 condition_free_list(u->conditions);
685 condition_free_list(u->asserts);
686
687 free(u->description);
688 strv_free(u->documentation);
689 free(u->fragment_path);
690 free(u->source_path);
691 strv_free(u->dropin_paths);
692 free(u->instance);
693
694 free(u->job_timeout_reboot_arg);
695
696 set_free_free(u->names);
697
698 free(u->reboot_arg);
699
700 free(u);
701 }
702
703 UnitActiveState unit_active_state(Unit *u) {
704 assert(u);
705
706 if (u->load_state == UNIT_MERGED)
707 return unit_active_state(unit_follow_merge(u));
708
709 /* After a reload it might happen that a unit is not correctly
710 * loaded but still has a process around. That's why we won't
711 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
712
713 return UNIT_VTABLE(u)->active_state(u);
714 }
715
716 const char* unit_sub_state_to_string(Unit *u) {
717 assert(u);
718
719 return UNIT_VTABLE(u)->sub_state_to_string(u);
720 }
721
722 static int set_complete_move(Set **s, Set **other) {
723 assert(s);
724 assert(other);
725
726 if (!other)
727 return 0;
728
729 if (*s)
730 return set_move(*s, *other);
731 else
732 *s = TAKE_PTR(*other);
733
734 return 0;
735 }
736
737 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
738 assert(s);
739 assert(other);
740
741 if (!*other)
742 return 0;
743
744 if (*s)
745 return hashmap_move(*s, *other);
746 else
747 *s = TAKE_PTR(*other);
748
749 return 0;
750 }
751
752 static int merge_names(Unit *u, Unit *other) {
753 char *t;
754 Iterator i;
755 int r;
756
757 assert(u);
758 assert(other);
759
760 r = set_complete_move(&u->names, &other->names);
761 if (r < 0)
762 return r;
763
764 set_free_free(other->names);
765 other->names = NULL;
766 other->id = NULL;
767
768 SET_FOREACH(t, u->names, i)
769 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
770
771 return 0;
772 }
773
774 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
775 unsigned n_reserve;
776
777 assert(u);
778 assert(other);
779 assert(d < _UNIT_DEPENDENCY_MAX);
780
781 /*
782 * If u does not have this dependency set allocated, there is no need
783 * to reserve anything. In that case other's set will be transferred
784 * as a whole to u by complete_move().
785 */
786 if (!u->dependencies[d])
787 return 0;
788
789 /* merge_dependencies() will skip a u-on-u dependency */
790 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
791
792 return hashmap_reserve(u->dependencies[d], n_reserve);
793 }
794
795 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
796 Iterator i;
797 Unit *back;
798 void *v;
799 int r;
800
801 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
802
803 assert(u);
804 assert(other);
805 assert(d < _UNIT_DEPENDENCY_MAX);
806
807 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
808 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
809 UnitDependency k;
810
811 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
812 * pointers back, and let's fix them up, to instead point to 'u'. */
813
814 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
815 if (back == u) {
816 /* Do not add dependencies between u and itself. */
817 if (hashmap_remove(back->dependencies[k], other))
818 maybe_warn_about_dependency(u, other_id, k);
819 } else {
820 UnitDependencyInfo di_u, di_other, di_merged;
821
822 /* Let's drop this dependency between "back" and "other", and let's create it between
823 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
824 * and any such dependency which might already exist */
825
826 di_other.data = hashmap_get(back->dependencies[k], other);
827 if (!di_other.data)
828 continue; /* dependency isn't set, let's try the next one */
829
830 di_u.data = hashmap_get(back->dependencies[k], u);
831
832 di_merged = (UnitDependencyInfo) {
833 .origin_mask = di_u.origin_mask | di_other.origin_mask,
834 .destination_mask = di_u.destination_mask | di_other.destination_mask,
835 };
836
837 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
838 if (r < 0)
839 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
840 assert(r >= 0);
841
842 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
843 }
844 }
845
846 }
847
848 /* Also do not move dependencies on u to itself */
849 back = hashmap_remove(other->dependencies[d], u);
850 if (back)
851 maybe_warn_about_dependency(u, other_id, d);
852
853 /* The move cannot fail. The caller must have performed a reservation. */
854 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
855
856 other->dependencies[d] = hashmap_free(other->dependencies[d]);
857 }
858
859 int unit_merge(Unit *u, Unit *other) {
860 UnitDependency d;
861 const char *other_id = NULL;
862 int r;
863
864 assert(u);
865 assert(other);
866 assert(u->manager == other->manager);
867 assert(u->type != _UNIT_TYPE_INVALID);
868
869 other = unit_follow_merge(other);
870
871 if (other == u)
872 return 0;
873
874 if (u->type != other->type)
875 return -EINVAL;
876
877 if (!u->instance != !other->instance)
878 return -EINVAL;
879
880 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
881 return -EEXIST;
882
883 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
884 return -EEXIST;
885
886 if (other->job)
887 return -EEXIST;
888
889 if (other->nop_job)
890 return -EEXIST;
891
892 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
893 return -EEXIST;
894
895 if (other->id)
896 other_id = strdupa(other->id);
897
898 /* Make reservations to ensure merge_dependencies() won't fail */
899 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
900 r = reserve_dependencies(u, other, d);
901 /*
902 * We don't rollback reservations if we fail. We don't have
903 * a way to undo reservations. A reservation is not a leak.
904 */
905 if (r < 0)
906 return r;
907 }
908
909 /* Merge names */
910 r = merge_names(u, other);
911 if (r < 0)
912 return r;
913
914 /* Redirect all references */
915 while (other->refs_by_target)
916 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
917
918 /* Merge dependencies */
919 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
920 merge_dependencies(u, other, other_id, d);
921
922 other->load_state = UNIT_MERGED;
923 other->merged_into = u;
924
925 /* If there is still some data attached to the other node, we
926 * don't need it anymore, and can free it. */
927 if (other->load_state != UNIT_STUB)
928 if (UNIT_VTABLE(other)->done)
929 UNIT_VTABLE(other)->done(other);
930
931 unit_add_to_dbus_queue(u);
932 unit_add_to_cleanup_queue(other);
933
934 return 0;
935 }
936
937 int unit_merge_by_name(Unit *u, const char *name) {
938 _cleanup_free_ char *s = NULL;
939 Unit *other;
940 int r;
941
942 assert(u);
943 assert(name);
944
945 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
946 if (!u->instance)
947 return -EINVAL;
948
949 r = unit_name_replace_instance(name, u->instance, &s);
950 if (r < 0)
951 return r;
952
953 name = s;
954 }
955
956 other = manager_get_unit(u->manager, name);
957 if (other)
958 return unit_merge(u, other);
959
960 return unit_add_name(u, name);
961 }
962
963 Unit* unit_follow_merge(Unit *u) {
964 assert(u);
965
966 while (u->load_state == UNIT_MERGED)
967 assert_se(u = u->merged_into);
968
969 return u;
970 }
971
972 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
973 ExecDirectoryType dt;
974 char **dp;
975 int r;
976
977 assert(u);
978 assert(c);
979
980 if (c->working_directory && !c->working_directory_missing_ok) {
981 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
982 if (r < 0)
983 return r;
984 }
985
986 if (c->root_directory) {
987 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
988 if (r < 0)
989 return r;
990 }
991
992 if (c->root_image) {
993 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
994 if (r < 0)
995 return r;
996 }
997
998 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
999 if (!u->manager->prefix[dt])
1000 continue;
1001
1002 STRV_FOREACH(dp, c->directories[dt].paths) {
1003 _cleanup_free_ char *p;
1004
1005 p = strjoin(u->manager->prefix[dt], "/", *dp);
1006 if (!p)
1007 return -ENOMEM;
1008
1009 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1010 if (r < 0)
1011 return r;
1012 }
1013 }
1014
1015 if (!MANAGER_IS_SYSTEM(u->manager))
1016 return 0;
1017
1018 if (c->private_tmp) {
1019 const char *p;
1020
1021 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1022 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1023 if (r < 0)
1024 return r;
1025 }
1026
1027 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1028 if (r < 0)
1029 return r;
1030 }
1031
1032 if (!IN_SET(c->std_output,
1033 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1034 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1035 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1036 !IN_SET(c->std_error,
1037 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1038 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1039 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1040 return 0;
1041
1042 /* If syslog or kernel logging is requested, make sure our own
1043 * logging daemon is run first. */
1044
1045 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1046 if (r < 0)
1047 return r;
1048
1049 return 0;
1050 }
1051
1052 const char *unit_description(Unit *u) {
1053 assert(u);
1054
1055 if (u->description)
1056 return u->description;
1057
1058 return strna(u->id);
1059 }
1060
1061 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1062 const struct {
1063 UnitDependencyMask mask;
1064 const char *name;
1065 } table[] = {
1066 { UNIT_DEPENDENCY_FILE, "file" },
1067 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1068 { UNIT_DEPENDENCY_DEFAULT, "default" },
1069 { UNIT_DEPENDENCY_UDEV, "udev" },
1070 { UNIT_DEPENDENCY_PATH, "path" },
1071 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1072 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1073 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1074 };
1075 size_t i;
1076
1077 assert(f);
1078 assert(kind);
1079 assert(space);
1080
1081 for (i = 0; i < ELEMENTSOF(table); i++) {
1082
1083 if (mask == 0)
1084 break;
1085
1086 if (FLAGS_SET(mask, table[i].mask)) {
1087 if (*space)
1088 fputc(' ', f);
1089 else
1090 *space = true;
1091
1092 fputs(kind, f);
1093 fputs("-", f);
1094 fputs(table[i].name, f);
1095
1096 mask &= ~table[i].mask;
1097 }
1098 }
1099
1100 assert(mask == 0);
1101 }
1102
1103 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1104 char *t, **j;
1105 UnitDependency d;
1106 Iterator i;
1107 const char *prefix2;
1108 char
1109 timestamp0[FORMAT_TIMESTAMP_MAX],
1110 timestamp1[FORMAT_TIMESTAMP_MAX],
1111 timestamp2[FORMAT_TIMESTAMP_MAX],
1112 timestamp3[FORMAT_TIMESTAMP_MAX],
1113 timestamp4[FORMAT_TIMESTAMP_MAX],
1114 timespan[FORMAT_TIMESPAN_MAX];
1115 Unit *following;
1116 _cleanup_set_free_ Set *following_set = NULL;
1117 const char *n;
1118 CGroupMask m;
1119 int r;
1120
1121 assert(u);
1122 assert(u->type >= 0);
1123
1124 prefix = strempty(prefix);
1125 prefix2 = strjoina(prefix, "\t");
1126
1127 fprintf(f,
1128 "%s-> Unit %s:\n"
1129 "%s\tDescription: %s\n"
1130 "%s\tInstance: %s\n"
1131 "%s\tUnit Load State: %s\n"
1132 "%s\tUnit Active State: %s\n"
1133 "%s\tState Change Timestamp: %s\n"
1134 "%s\tInactive Exit Timestamp: %s\n"
1135 "%s\tActive Enter Timestamp: %s\n"
1136 "%s\tActive Exit Timestamp: %s\n"
1137 "%s\tInactive Enter Timestamp: %s\n"
1138 "%s\tMay GC: %s\n"
1139 "%s\tNeed Daemon Reload: %s\n"
1140 "%s\tTransient: %s\n"
1141 "%s\tPerpetual: %s\n"
1142 "%s\tGarbage Collection Mode: %s\n"
1143 "%s\tSlice: %s\n"
1144 "%s\tCGroup: %s\n"
1145 "%s\tCGroup realized: %s\n",
1146 prefix, u->id,
1147 prefix, unit_description(u),
1148 prefix, strna(u->instance),
1149 prefix, unit_load_state_to_string(u->load_state),
1150 prefix, unit_active_state_to_string(unit_active_state(u)),
1151 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1152 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1153 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1154 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1155 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1156 prefix, yes_no(unit_may_gc(u)),
1157 prefix, yes_no(unit_need_daemon_reload(u)),
1158 prefix, yes_no(u->transient),
1159 prefix, yes_no(u->perpetual),
1160 prefix, collect_mode_to_string(u->collect_mode),
1161 prefix, strna(unit_slice_name(u)),
1162 prefix, strna(u->cgroup_path),
1163 prefix, yes_no(u->cgroup_realized));
1164
1165 if (u->cgroup_realized_mask != 0) {
1166 _cleanup_free_ char *s = NULL;
1167 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1168 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1169 }
1170
1171 if (u->cgroup_enabled_mask != 0) {
1172 _cleanup_free_ char *s = NULL;
1173 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1174 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1175 }
1176
1177 m = unit_get_own_mask(u);
1178 if (m != 0) {
1179 _cleanup_free_ char *s = NULL;
1180 (void) cg_mask_to_string(m, &s);
1181 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1182 }
1183
1184 m = unit_get_members_mask(u);
1185 if (m != 0) {
1186 _cleanup_free_ char *s = NULL;
1187 (void) cg_mask_to_string(m, &s);
1188 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1189 }
1190
1191 m = unit_get_delegate_mask(u);
1192 if (m != 0) {
1193 _cleanup_free_ char *s = NULL;
1194 (void) cg_mask_to_string(m, &s);
1195 fprintf(f, "%s\tCGroup delegate mask: %s\n", prefix, strnull(s));
1196 }
1197
1198 SET_FOREACH(t, u->names, i)
1199 fprintf(f, "%s\tName: %s\n", prefix, t);
1200
1201 if (!sd_id128_is_null(u->invocation_id))
1202 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1203 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1204
1205 STRV_FOREACH(j, u->documentation)
1206 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1207
1208 following = unit_following(u);
1209 if (following)
1210 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1211
1212 r = unit_following_set(u, &following_set);
1213 if (r >= 0) {
1214 Unit *other;
1215
1216 SET_FOREACH(other, following_set, i)
1217 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1218 }
1219
1220 if (u->fragment_path)
1221 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1222
1223 if (u->source_path)
1224 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1225
1226 STRV_FOREACH(j, u->dropin_paths)
1227 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1228
1229 if (u->failure_action != EMERGENCY_ACTION_NONE)
1230 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1231 if (u->failure_action_exit_status >= 0)
1232 fprintf(f, "%s\tFailure Action Exit Status: %i\n", prefix, u->failure_action_exit_status);
1233 if (u->success_action != EMERGENCY_ACTION_NONE)
1234 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1235 if (u->success_action_exit_status >= 0)
1236 fprintf(f, "%s\tSuccess Action Exit Status: %i\n", prefix, u->success_action_exit_status);
1237
1238 if (u->job_timeout != USEC_INFINITY)
1239 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1240
1241 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1242 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1243
1244 if (u->job_timeout_reboot_arg)
1245 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1246
1247 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1248 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1249
1250 if (dual_timestamp_is_set(&u->condition_timestamp))
1251 fprintf(f,
1252 "%s\tCondition Timestamp: %s\n"
1253 "%s\tCondition Result: %s\n",
1254 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1255 prefix, yes_no(u->condition_result));
1256
1257 if (dual_timestamp_is_set(&u->assert_timestamp))
1258 fprintf(f,
1259 "%s\tAssert Timestamp: %s\n"
1260 "%s\tAssert Result: %s\n",
1261 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1262 prefix, yes_no(u->assert_result));
1263
1264 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1265 UnitDependencyInfo di;
1266 Unit *other;
1267
1268 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1269 bool space = false;
1270
1271 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1272
1273 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1274 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1275
1276 fputs(")\n", f);
1277 }
1278 }
1279
1280 if (!hashmap_isempty(u->requires_mounts_for)) {
1281 UnitDependencyInfo di;
1282 const char *path;
1283
1284 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1285 bool space = false;
1286
1287 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1288
1289 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1290 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1291
1292 fputs(")\n", f);
1293 }
1294 }
1295
1296 if (u->load_state == UNIT_LOADED) {
1297
1298 fprintf(f,
1299 "%s\tStopWhenUnneeded: %s\n"
1300 "%s\tRefuseManualStart: %s\n"
1301 "%s\tRefuseManualStop: %s\n"
1302 "%s\tDefaultDependencies: %s\n"
1303 "%s\tOnFailureJobMode: %s\n"
1304 "%s\tIgnoreOnIsolate: %s\n",
1305 prefix, yes_no(u->stop_when_unneeded),
1306 prefix, yes_no(u->refuse_manual_start),
1307 prefix, yes_no(u->refuse_manual_stop),
1308 prefix, yes_no(u->default_dependencies),
1309 prefix, job_mode_to_string(u->on_failure_job_mode),
1310 prefix, yes_no(u->ignore_on_isolate));
1311
1312 if (UNIT_VTABLE(u)->dump)
1313 UNIT_VTABLE(u)->dump(u, f, prefix2);
1314
1315 } else if (u->load_state == UNIT_MERGED)
1316 fprintf(f,
1317 "%s\tMerged into: %s\n",
1318 prefix, u->merged_into->id);
1319 else if (u->load_state == UNIT_ERROR)
1320 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1321
1322 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1323 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1324
1325 if (u->job)
1326 job_dump(u->job, f, prefix2);
1327
1328 if (u->nop_job)
1329 job_dump(u->nop_job, f, prefix2);
1330 }
1331
1332 /* Common implementation for multiple backends */
1333 int unit_load_fragment_and_dropin(Unit *u) {
1334 int r;
1335
1336 assert(u);
1337
1338 /* Load a .{service,socket,...} file */
1339 r = unit_load_fragment(u);
1340 if (r < 0)
1341 return r;
1342
1343 if (u->load_state == UNIT_STUB)
1344 return -ENOENT;
1345
1346 /* Load drop-in directory data. If u is an alias, we might be reloading the
1347 * target unit needlessly. But we cannot be sure which drops-ins have already
1348 * been loaded and which not, at least without doing complicated book-keeping,
1349 * so let's always reread all drop-ins. */
1350 return unit_load_dropin(unit_follow_merge(u));
1351 }
1352
1353 /* Common implementation for multiple backends */
1354 int unit_load_fragment_and_dropin_optional(Unit *u) {
1355 int r;
1356
1357 assert(u);
1358
1359 /* Same as unit_load_fragment_and_dropin(), but whether
1360 * something can be loaded or not doesn't matter. */
1361
1362 /* Load a .service/.socket/.slice/… file */
1363 r = unit_load_fragment(u);
1364 if (r < 0)
1365 return r;
1366
1367 if (u->load_state == UNIT_STUB)
1368 u->load_state = UNIT_LOADED;
1369
1370 /* Load drop-in directory data */
1371 return unit_load_dropin(unit_follow_merge(u));
1372 }
1373
1374 void unit_add_to_target_deps_queue(Unit *u) {
1375 Manager *m = u->manager;
1376
1377 assert(u);
1378
1379 if (u->in_target_deps_queue)
1380 return;
1381
1382 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1383 u->in_target_deps_queue = true;
1384 }
1385
1386 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1387 assert(u);
1388 assert(target);
1389
1390 if (target->type != UNIT_TARGET)
1391 return 0;
1392
1393 /* Only add the dependency if both units are loaded, so that
1394 * that loop check below is reliable */
1395 if (u->load_state != UNIT_LOADED ||
1396 target->load_state != UNIT_LOADED)
1397 return 0;
1398
1399 /* If either side wants no automatic dependencies, then let's
1400 * skip this */
1401 if (!u->default_dependencies ||
1402 !target->default_dependencies)
1403 return 0;
1404
1405 /* Don't create loops */
1406 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1407 return 0;
1408
1409 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1410 }
1411
1412 static int unit_add_slice_dependencies(Unit *u) {
1413 UnitDependencyMask mask;
1414 assert(u);
1415
1416 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1417 return 0;
1418
1419 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1420 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1421 relationship). */
1422 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1423
1424 if (UNIT_ISSET(u->slice))
1425 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1426
1427 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1428 return 0;
1429
1430 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1431 }
1432
1433 static int unit_add_mount_dependencies(Unit *u) {
1434 UnitDependencyInfo di;
1435 const char *path;
1436 Iterator i;
1437 int r;
1438
1439 assert(u);
1440
1441 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1442 char prefix[strlen(path) + 1];
1443
1444 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1445 _cleanup_free_ char *p = NULL;
1446 Unit *m;
1447
1448 r = unit_name_from_path(prefix, ".mount", &p);
1449 if (r < 0)
1450 return r;
1451
1452 m = manager_get_unit(u->manager, p);
1453 if (!m) {
1454 /* Make sure to load the mount unit if
1455 * it exists. If so the dependencies
1456 * on this unit will be added later
1457 * during the loading of the mount
1458 * unit. */
1459 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1460 continue;
1461 }
1462 if (m == u)
1463 continue;
1464
1465 if (m->load_state != UNIT_LOADED)
1466 continue;
1467
1468 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1469 if (r < 0)
1470 return r;
1471
1472 if (m->fragment_path) {
1473 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1474 if (r < 0)
1475 return r;
1476 }
1477 }
1478 }
1479
1480 return 0;
1481 }
1482
1483 static int unit_add_startup_units(Unit *u) {
1484 CGroupContext *c;
1485 int r;
1486
1487 c = unit_get_cgroup_context(u);
1488 if (!c)
1489 return 0;
1490
1491 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1492 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1493 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1494 return 0;
1495
1496 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1497 if (r < 0)
1498 return r;
1499
1500 return set_put(u->manager->startup_units, u);
1501 }
1502
1503 int unit_load(Unit *u) {
1504 int r;
1505
1506 assert(u);
1507
1508 if (u->in_load_queue) {
1509 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1510 u->in_load_queue = false;
1511 }
1512
1513 if (u->type == _UNIT_TYPE_INVALID)
1514 return -EINVAL;
1515
1516 if (u->load_state != UNIT_STUB)
1517 return 0;
1518
1519 if (u->transient_file) {
1520 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1521 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1522
1523 r = fflush_and_check(u->transient_file);
1524 if (r < 0)
1525 goto fail;
1526
1527 u->transient_file = safe_fclose(u->transient_file);
1528 u->fragment_mtime = now(CLOCK_REALTIME);
1529 }
1530
1531 if (UNIT_VTABLE(u)->load) {
1532 r = UNIT_VTABLE(u)->load(u);
1533 if (r < 0)
1534 goto fail;
1535 }
1536
1537 if (u->load_state == UNIT_STUB) {
1538 r = -ENOENT;
1539 goto fail;
1540 }
1541
1542 if (u->load_state == UNIT_LOADED) {
1543 unit_add_to_target_deps_queue(u);
1544
1545 r = unit_add_slice_dependencies(u);
1546 if (r < 0)
1547 goto fail;
1548
1549 r = unit_add_mount_dependencies(u);
1550 if (r < 0)
1551 goto fail;
1552
1553 r = unit_add_startup_units(u);
1554 if (r < 0)
1555 goto fail;
1556
1557 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1558 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1559 r = -ENOEXEC;
1560 goto fail;
1561 }
1562
1563 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1564 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1565
1566 /* We finished loading, let's ensure our parents recalculate the members mask */
1567 unit_invalidate_cgroup_members_masks(u);
1568 }
1569
1570 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1571
1572 unit_add_to_dbus_queue(unit_follow_merge(u));
1573 unit_add_to_gc_queue(u);
1574
1575 return 0;
1576
1577 fail:
1578 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1579 * return ENOEXEC to ensure units are placed in this state after loading */
1580
1581 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1582 r == -ENOEXEC ? UNIT_BAD_SETTING :
1583 UNIT_ERROR;
1584 u->load_error = r;
1585
1586 unit_add_to_dbus_queue(u);
1587 unit_add_to_gc_queue(u);
1588
1589 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1590 }
1591
1592 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1593 Condition *c;
1594 int triggered = -1;
1595
1596 assert(u);
1597 assert(to_string);
1598
1599 /* If the condition list is empty, then it is true */
1600 if (!first)
1601 return true;
1602
1603 /* Otherwise, if all of the non-trigger conditions apply and
1604 * if any of the trigger conditions apply (unless there are
1605 * none) we return true */
1606 LIST_FOREACH(conditions, c, first) {
1607 int r;
1608
1609 r = condition_test(c);
1610 if (r < 0)
1611 log_unit_warning(u,
1612 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1613 to_string(c->type),
1614 c->trigger ? "|" : "",
1615 c->negate ? "!" : "",
1616 c->parameter);
1617 else
1618 log_unit_debug(u,
1619 "%s=%s%s%s %s.",
1620 to_string(c->type),
1621 c->trigger ? "|" : "",
1622 c->negate ? "!" : "",
1623 c->parameter,
1624 condition_result_to_string(c->result));
1625
1626 if (!c->trigger && r <= 0)
1627 return false;
1628
1629 if (c->trigger && triggered <= 0)
1630 triggered = r > 0;
1631 }
1632
1633 return triggered != 0;
1634 }
1635
1636 static bool unit_test_condition(Unit *u) {
1637 assert(u);
1638
1639 dual_timestamp_get(&u->condition_timestamp);
1640 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1641
1642 unit_add_to_dbus_queue(u);
1643
1644 return u->condition_result;
1645 }
1646
1647 static bool unit_test_assert(Unit *u) {
1648 assert(u);
1649
1650 dual_timestamp_get(&u->assert_timestamp);
1651 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1652
1653 unit_add_to_dbus_queue(u);
1654
1655 return u->assert_result;
1656 }
1657
1658 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1659 const char *d;
1660
1661 d = unit_description(u);
1662 if (log_get_show_color())
1663 d = strjoina(ANSI_HIGHLIGHT, d, ANSI_NORMAL);
1664
1665 DISABLE_WARNING_FORMAT_NONLITERAL;
1666 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, d);
1667 REENABLE_WARNING;
1668 }
1669
1670 int unit_test_start_limit(Unit *u) {
1671 const char *reason;
1672
1673 assert(u);
1674
1675 if (ratelimit_below(&u->start_limit)) {
1676 u->start_limit_hit = false;
1677 return 0;
1678 }
1679
1680 log_unit_warning(u, "Start request repeated too quickly.");
1681 u->start_limit_hit = true;
1682
1683 reason = strjoina("unit ", u->id, " failed");
1684
1685 emergency_action(u->manager, u->start_limit_action,
1686 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1687 u->reboot_arg, -1, reason);
1688
1689 return -ECANCELED;
1690 }
1691
1692 bool unit_shall_confirm_spawn(Unit *u) {
1693 assert(u);
1694
1695 if (manager_is_confirm_spawn_disabled(u->manager))
1696 return false;
1697
1698 /* For some reasons units remaining in the same process group
1699 * as PID 1 fail to acquire the console even if it's not used
1700 * by any process. So skip the confirmation question for them. */
1701 return !unit_get_exec_context(u)->same_pgrp;
1702 }
1703
1704 static bool unit_verify_deps(Unit *u) {
1705 Unit *other;
1706 Iterator j;
1707 void *v;
1708
1709 assert(u);
1710
1711 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1712 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1713 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1714 * conjunction with After= as for them any such check would make things entirely racy. */
1715
1716 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1717
1718 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1719 continue;
1720
1721 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1722 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1723 return false;
1724 }
1725 }
1726
1727 return true;
1728 }
1729
1730 /* Errors that aren't really errors:
1731 * -EALREADY: Unit is already started.
1732 * -ECOMM: Condition failed
1733 * -EAGAIN: An operation is already in progress. Retry later.
1734 *
1735 * Errors that are real errors:
1736 * -EBADR: This unit type does not support starting.
1737 * -ECANCELED: Start limit hit, too many requests for now
1738 * -EPROTO: Assert failed
1739 * -EINVAL: Unit not loaded
1740 * -EOPNOTSUPP: Unit type not supported
1741 * -ENOLINK: The necessary dependencies are not fulfilled.
1742 * -ESTALE: This unit has been started before and can't be started a second time
1743 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1744 */
1745 int unit_start(Unit *u) {
1746 UnitActiveState state;
1747 Unit *following;
1748 int r;
1749
1750 assert(u);
1751
1752 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1753 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1754 * waiting is finished. */
1755 state = unit_active_state(u);
1756 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1757 return -EALREADY;
1758
1759 /* Units that aren't loaded cannot be started */
1760 if (u->load_state != UNIT_LOADED)
1761 return -EINVAL;
1762
1763 /* Refuse starting scope units more than once */
1764 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1765 return -ESTALE;
1766
1767 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1768 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1769 * recheck the condition in that case. */
1770 if (state != UNIT_ACTIVATING &&
1771 !unit_test_condition(u)) {
1772
1773 /* Let's also check the start limit here. Normally, the start limit is only checked by the
1774 * .start() method of the unit type after it did some additional checks verifying everything
1775 * is in order (so that those other checks can propagate errors properly). However, if a
1776 * condition check doesn't hold we don't get that far but we should still ensure we are not
1777 * called in a tight loop without a rate limit check enforced, hence do the check here. Note
1778 * that ECOMM is generally not a reason for a job to fail, unlike most other errors here,
1779 * hence the chance is big that any triggering unit for us will trigger us again. Note this
1780 * condition check is a bit different from the condition check inside the per-unit .start()
1781 * function, as this one will not change the unit's state in any way (and we shouldn't here,
1782 * after all the condition failed). */
1783
1784 r = unit_test_start_limit(u);
1785 if (r < 0)
1786 return r;
1787
1788 return log_unit_debug_errno(u, SYNTHETIC_ERRNO(ECOMM), "Starting requested but condition failed. Not starting unit.");
1789 }
1790
1791 /* If the asserts failed, fail the entire job */
1792 if (state != UNIT_ACTIVATING &&
1793 !unit_test_assert(u))
1794 return log_unit_notice_errno(u, SYNTHETIC_ERRNO(EPROTO), "Starting requested but asserts failed.");
1795
1796 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1797 * condition checks, so that we rather return condition check errors (which are usually not
1798 * considered a true failure) than "not supported" errors (which are considered a failure).
1799 */
1800 if (!unit_supported(u))
1801 return -EOPNOTSUPP;
1802
1803 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1804 * should have taken care of this already, but let's check this here again. After all, our
1805 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1806 if (!unit_verify_deps(u))
1807 return -ENOLINK;
1808
1809 /* Forward to the main object, if we aren't it. */
1810 following = unit_following(u);
1811 if (following) {
1812 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1813 return unit_start(following);
1814 }
1815
1816 /* If it is stopped, but we cannot start it, then fail */
1817 if (!UNIT_VTABLE(u)->start)
1818 return -EBADR;
1819
1820 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1821 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1822 * waits for a holdoff timer to elapse before it will start again. */
1823
1824 unit_add_to_dbus_queue(u);
1825
1826 return UNIT_VTABLE(u)->start(u);
1827 }
1828
1829 bool unit_can_start(Unit *u) {
1830 assert(u);
1831
1832 if (u->load_state != UNIT_LOADED)
1833 return false;
1834
1835 if (!unit_supported(u))
1836 return false;
1837
1838 /* Scope units may be started only once */
1839 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1840 return false;
1841
1842 return !!UNIT_VTABLE(u)->start;
1843 }
1844
1845 bool unit_can_isolate(Unit *u) {
1846 assert(u);
1847
1848 return unit_can_start(u) &&
1849 u->allow_isolate;
1850 }
1851
1852 /* Errors:
1853 * -EBADR: This unit type does not support stopping.
1854 * -EALREADY: Unit is already stopped.
1855 * -EAGAIN: An operation is already in progress. Retry later.
1856 */
1857 int unit_stop(Unit *u) {
1858 UnitActiveState state;
1859 Unit *following;
1860
1861 assert(u);
1862
1863 state = unit_active_state(u);
1864 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1865 return -EALREADY;
1866
1867 following = unit_following(u);
1868 if (following) {
1869 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1870 return unit_stop(following);
1871 }
1872
1873 if (!UNIT_VTABLE(u)->stop)
1874 return -EBADR;
1875
1876 unit_add_to_dbus_queue(u);
1877
1878 return UNIT_VTABLE(u)->stop(u);
1879 }
1880
1881 bool unit_can_stop(Unit *u) {
1882 assert(u);
1883
1884 if (!unit_supported(u))
1885 return false;
1886
1887 if (u->perpetual)
1888 return false;
1889
1890 return !!UNIT_VTABLE(u)->stop;
1891 }
1892
1893 /* Errors:
1894 * -EBADR: This unit type does not support reloading.
1895 * -ENOEXEC: Unit is not started.
1896 * -EAGAIN: An operation is already in progress. Retry later.
1897 */
1898 int unit_reload(Unit *u) {
1899 UnitActiveState state;
1900 Unit *following;
1901
1902 assert(u);
1903
1904 if (u->load_state != UNIT_LOADED)
1905 return -EINVAL;
1906
1907 if (!unit_can_reload(u))
1908 return -EBADR;
1909
1910 state = unit_active_state(u);
1911 if (state == UNIT_RELOADING)
1912 return -EAGAIN;
1913
1914 if (state != UNIT_ACTIVE) {
1915 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1916 return -ENOEXEC;
1917 }
1918
1919 following = unit_following(u);
1920 if (following) {
1921 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1922 return unit_reload(following);
1923 }
1924
1925 unit_add_to_dbus_queue(u);
1926
1927 if (!UNIT_VTABLE(u)->reload) {
1928 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1929 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1930 return 0;
1931 }
1932
1933 return UNIT_VTABLE(u)->reload(u);
1934 }
1935
1936 bool unit_can_reload(Unit *u) {
1937 assert(u);
1938
1939 if (UNIT_VTABLE(u)->can_reload)
1940 return UNIT_VTABLE(u)->can_reload(u);
1941
1942 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1943 return true;
1944
1945 return UNIT_VTABLE(u)->reload;
1946 }
1947
1948 bool unit_is_unneeded(Unit *u) {
1949 static const UnitDependency deps[] = {
1950 UNIT_REQUIRED_BY,
1951 UNIT_REQUISITE_OF,
1952 UNIT_WANTED_BY,
1953 UNIT_BOUND_BY,
1954 };
1955 size_t j;
1956
1957 assert(u);
1958
1959 if (!u->stop_when_unneeded)
1960 return false;
1961
1962 /* Don't clean up while the unit is transitioning or is even inactive. */
1963 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
1964 return false;
1965 if (u->job)
1966 return false;
1967
1968 for (j = 0; j < ELEMENTSOF(deps); j++) {
1969 Unit *other;
1970 Iterator i;
1971 void *v;
1972
1973 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
1974 * restart, then don't clean this one up. */
1975
1976 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i) {
1977 if (other->job)
1978 return false;
1979
1980 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
1981 return false;
1982
1983 if (unit_will_restart(other))
1984 return false;
1985 }
1986 }
1987
1988 return true;
1989 }
1990
1991 static void check_unneeded_dependencies(Unit *u) {
1992
1993 static const UnitDependency deps[] = {
1994 UNIT_REQUIRES,
1995 UNIT_REQUISITE,
1996 UNIT_WANTS,
1997 UNIT_BINDS_TO,
1998 };
1999 size_t j;
2000
2001 assert(u);
2002
2003 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2004
2005 for (j = 0; j < ELEMENTSOF(deps); j++) {
2006 Unit *other;
2007 Iterator i;
2008 void *v;
2009
2010 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i)
2011 unit_submit_to_stop_when_unneeded_queue(other);
2012 }
2013 }
2014
2015 static void unit_check_binds_to(Unit *u) {
2016 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2017 bool stop = false;
2018 Unit *other;
2019 Iterator i;
2020 void *v;
2021 int r;
2022
2023 assert(u);
2024
2025 if (u->job)
2026 return;
2027
2028 if (unit_active_state(u) != UNIT_ACTIVE)
2029 return;
2030
2031 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2032 if (other->job)
2033 continue;
2034
2035 if (!other->coldplugged)
2036 /* We might yet create a job for the other unit… */
2037 continue;
2038
2039 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2040 continue;
2041
2042 stop = true;
2043 break;
2044 }
2045
2046 if (!stop)
2047 return;
2048
2049 /* If stopping a unit fails continuously we might enter a stop
2050 * loop here, hence stop acting on the service being
2051 * unnecessary after a while. */
2052 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2053 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2054 return;
2055 }
2056
2057 assert(other);
2058 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2059
2060 /* A unit we need to run is gone. Sniff. Let's stop this. */
2061 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2062 if (r < 0)
2063 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2064 }
2065
2066 static void retroactively_start_dependencies(Unit *u) {
2067 Iterator i;
2068 Unit *other;
2069 void *v;
2070
2071 assert(u);
2072 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2073
2074 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2075 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2076 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2077 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2078
2079 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2080 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2081 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2082 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2083
2084 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2085 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2086 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2087 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2088
2089 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2090 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2091 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2092
2093 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2094 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2095 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2096 }
2097
2098 static void retroactively_stop_dependencies(Unit *u) {
2099 Unit *other;
2100 Iterator i;
2101 void *v;
2102
2103 assert(u);
2104 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2105
2106 /* Pull down units which are bound to us recursively if enabled */
2107 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2108 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2109 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2110 }
2111
2112 void unit_start_on_failure(Unit *u) {
2113 Unit *other;
2114 Iterator i;
2115 void *v;
2116 int r;
2117
2118 assert(u);
2119
2120 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2121 return;
2122
2123 log_unit_info(u, "Triggering OnFailure= dependencies.");
2124
2125 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2126 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2127
2128 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2129 if (r < 0)
2130 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2131 }
2132 }
2133
2134 void unit_trigger_notify(Unit *u) {
2135 Unit *other;
2136 Iterator i;
2137 void *v;
2138
2139 assert(u);
2140
2141 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2142 if (UNIT_VTABLE(other)->trigger_notify)
2143 UNIT_VTABLE(other)->trigger_notify(other, u);
2144 }
2145
2146 static int unit_log_resources(Unit *u) {
2147 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2148 bool any_traffic = false, have_ip_accounting = false;
2149 _cleanup_free_ char *igress = NULL, *egress = NULL;
2150 size_t n_message_parts = 0, n_iovec = 0;
2151 char* message_parts[3 + 1], *t;
2152 nsec_t nsec = NSEC_INFINITY;
2153 CGroupIPAccountingMetric m;
2154 size_t i;
2155 int r;
2156 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2157 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2158 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2159 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2160 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2161 };
2162
2163 assert(u);
2164
2165 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2166 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2167 * information and the complete data in structured fields. */
2168
2169 (void) unit_get_cpu_usage(u, &nsec);
2170 if (nsec != NSEC_INFINITY) {
2171 char buf[FORMAT_TIMESPAN_MAX] = "";
2172
2173 /* Format the CPU time for inclusion in the structured log message */
2174 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2175 r = log_oom();
2176 goto finish;
2177 }
2178 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2179
2180 /* Format the CPU time for inclusion in the human language message string */
2181 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2182 t = strjoin("consumed ", buf, " CPU time");
2183 if (!t) {
2184 r = log_oom();
2185 goto finish;
2186 }
2187
2188 message_parts[n_message_parts++] = t;
2189 }
2190
2191 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2192 char buf[FORMAT_BYTES_MAX] = "";
2193 uint64_t value = UINT64_MAX;
2194
2195 assert(ip_fields[m]);
2196
2197 (void) unit_get_ip_accounting(u, m, &value);
2198 if (value == UINT64_MAX)
2199 continue;
2200
2201 have_ip_accounting = true;
2202 if (value > 0)
2203 any_traffic = true;
2204
2205 /* Format IP accounting data for inclusion in the structured log message */
2206 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2207 r = log_oom();
2208 goto finish;
2209 }
2210 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2211
2212 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2213 * bytes counters (and not for the packets counters) */
2214 if (m == CGROUP_IP_INGRESS_BYTES) {
2215 assert(!igress);
2216 igress = strjoin("received ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2217 if (!igress) {
2218 r = log_oom();
2219 goto finish;
2220 }
2221 } else if (m == CGROUP_IP_EGRESS_BYTES) {
2222 assert(!egress);
2223 egress = strjoin("sent ", format_bytes(buf, sizeof(buf), value), " IP traffic");
2224 if (!egress) {
2225 r = log_oom();
2226 goto finish;
2227 }
2228 }
2229 }
2230
2231 if (have_ip_accounting) {
2232 if (any_traffic) {
2233 if (igress)
2234 message_parts[n_message_parts++] = TAKE_PTR(igress);
2235 if (egress)
2236 message_parts[n_message_parts++] = TAKE_PTR(egress);
2237
2238 } else {
2239 char *k;
2240
2241 k = strdup("no IP traffic");
2242 if (!k) {
2243 r = log_oom();
2244 goto finish;
2245 }
2246
2247 message_parts[n_message_parts++] = k;
2248 }
2249 }
2250
2251 /* Is there any accounting data available at all? */
2252 if (n_iovec == 0) {
2253 r = 0;
2254 goto finish;
2255 }
2256
2257 if (n_message_parts == 0)
2258 t = strjoina("MESSAGE=", u->id, ": Completed.");
2259 else {
2260 _cleanup_free_ char *joined;
2261
2262 message_parts[n_message_parts] = NULL;
2263
2264 joined = strv_join(message_parts, ", ");
2265 if (!joined) {
2266 r = log_oom();
2267 goto finish;
2268 }
2269
2270 joined[0] = ascii_toupper(joined[0]);
2271 t = strjoina("MESSAGE=", u->id, ": ", joined, ".");
2272 }
2273
2274 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2275 * and hence don't increase n_iovec for them */
2276 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2277 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2278
2279 t = strjoina(u->manager->unit_log_field, u->id);
2280 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2281
2282 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2283 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2284
2285 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2286 r = 0;
2287
2288 finish:
2289 for (i = 0; i < n_message_parts; i++)
2290 free(message_parts[i]);
2291
2292 for (i = 0; i < n_iovec; i++)
2293 free(iovec[i].iov_base);
2294
2295 return r;
2296
2297 }
2298
2299 static void unit_update_on_console(Unit *u) {
2300 bool b;
2301
2302 assert(u);
2303
2304 b = unit_needs_console(u);
2305 if (u->on_console == b)
2306 return;
2307
2308 u->on_console = b;
2309 if (b)
2310 manager_ref_console(u->manager);
2311 else
2312 manager_unref_console(u->manager);
2313 }
2314
2315 static void unit_emit_audit_start(Unit *u) {
2316 assert(u);
2317
2318 if (u->type != UNIT_SERVICE)
2319 return;
2320
2321 /* Write audit record if we have just finished starting up */
2322 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, true);
2323 u->in_audit = true;
2324 }
2325
2326 static void unit_emit_audit_stop(Unit *u, UnitActiveState state) {
2327 assert(u);
2328
2329 if (u->type != UNIT_SERVICE)
2330 return;
2331
2332 if (u->in_audit) {
2333 /* Write audit record if we have just finished shutting down */
2334 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, state == UNIT_INACTIVE);
2335 u->in_audit = false;
2336 } else {
2337 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2338 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_START, state == UNIT_INACTIVE);
2339
2340 if (state == UNIT_INACTIVE)
2341 manager_send_unit_audit(u->manager, u, AUDIT_SERVICE_STOP, true);
2342 }
2343 }
2344
2345 static bool unit_process_job(Job *j, UnitActiveState ns, UnitNotifyFlags flags) {
2346 bool unexpected = false;
2347
2348 assert(j);
2349
2350 if (j->state == JOB_WAITING)
2351
2352 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2353 * due to EAGAIN. */
2354 job_add_to_run_queue(j);
2355
2356 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2357 * hence needs to invalidate jobs. */
2358
2359 switch (j->type) {
2360
2361 case JOB_START:
2362 case JOB_VERIFY_ACTIVE:
2363
2364 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2365 job_finish_and_invalidate(j, JOB_DONE, true, false);
2366 else if (j->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2367 unexpected = true;
2368
2369 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2370 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2371 }
2372
2373 break;
2374
2375 case JOB_RELOAD:
2376 case JOB_RELOAD_OR_START:
2377 case JOB_TRY_RELOAD:
2378
2379 if (j->state == JOB_RUNNING) {
2380 if (ns == UNIT_ACTIVE)
2381 job_finish_and_invalidate(j, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2382 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2383 unexpected = true;
2384
2385 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2386 job_finish_and_invalidate(j, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2387 }
2388 }
2389
2390 break;
2391
2392 case JOB_STOP:
2393 case JOB_RESTART:
2394 case JOB_TRY_RESTART:
2395
2396 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2397 job_finish_and_invalidate(j, JOB_DONE, true, false);
2398 else if (j->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2399 unexpected = true;
2400 job_finish_and_invalidate(j, JOB_FAILED, true, false);
2401 }
2402
2403 break;
2404
2405 default:
2406 assert_not_reached("Job type unknown");
2407 }
2408
2409 return unexpected;
2410 }
2411
2412 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2413 const char *reason;
2414 Manager *m;
2415
2416 assert(u);
2417 assert(os < _UNIT_ACTIVE_STATE_MAX);
2418 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2419
2420 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2421 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2422 * remounted this function will be called too! */
2423
2424 m = u->manager;
2425
2426 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2427 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2428 unit_add_to_dbus_queue(u);
2429
2430 /* Update timestamps for state changes */
2431 if (!MANAGER_IS_RELOADING(m)) {
2432 dual_timestamp_get(&u->state_change_timestamp);
2433
2434 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2435 u->inactive_exit_timestamp = u->state_change_timestamp;
2436 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2437 u->inactive_enter_timestamp = u->state_change_timestamp;
2438
2439 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2440 u->active_enter_timestamp = u->state_change_timestamp;
2441 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2442 u->active_exit_timestamp = u->state_change_timestamp;
2443 }
2444
2445 /* Keep track of failed units */
2446 (void) manager_update_failed_units(m, u, ns == UNIT_FAILED);
2447
2448 /* Make sure the cgroup and state files are always removed when we become inactive */
2449 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2450 unit_prune_cgroup(u);
2451 unit_unlink_state_files(u);
2452 }
2453
2454 unit_update_on_console(u);
2455
2456 if (!MANAGER_IS_RELOADING(m)) {
2457 bool unexpected;
2458
2459 /* Let's propagate state changes to the job */
2460 if (u->job)
2461 unexpected = unit_process_job(u->job, ns, flags);
2462 else
2463 unexpected = true;
2464
2465 /* If this state change happened without being requested by a job, then let's retroactively start or
2466 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2467 * additional jobs just because something is already activated. */
2468
2469 if (unexpected) {
2470 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2471 retroactively_start_dependencies(u);
2472 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2473 retroactively_stop_dependencies(u);
2474 }
2475
2476 /* stop unneeded units regardless if going down was expected or not */
2477 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2478 check_unneeded_dependencies(u);
2479
2480 if (ns != os && ns == UNIT_FAILED) {
2481 log_unit_debug(u, "Unit entered failed state.");
2482
2483 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2484 unit_start_on_failure(u);
2485 }
2486
2487 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2488 /* This unit just finished starting up */
2489
2490 unit_emit_audit_start(u);
2491 manager_send_unit_plymouth(m, u);
2492 }
2493
2494 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2495 /* This unit just stopped/failed. */
2496
2497 unit_emit_audit_stop(u, ns);
2498 unit_log_resources(u);
2499 }
2500 }
2501
2502 manager_recheck_journal(m);
2503 manager_recheck_dbus(m);
2504
2505 unit_trigger_notify(u);
2506
2507 if (!MANAGER_IS_RELOADING(m)) {
2508 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2509 unit_submit_to_stop_when_unneeded_queue(u);
2510
2511 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2512 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2513 * without ever entering started.) */
2514 unit_check_binds_to(u);
2515
2516 if (os != UNIT_FAILED && ns == UNIT_FAILED) {
2517 reason = strjoina("unit ", u->id, " failed");
2518 emergency_action(m, u->failure_action, 0, u->reboot_arg, unit_failure_action_exit_status(u), reason);
2519 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE) {
2520 reason = strjoina("unit ", u->id, " succeeded");
2521 emergency_action(m, u->success_action, 0, u->reboot_arg, unit_success_action_exit_status(u), reason);
2522 }
2523 }
2524
2525 unit_add_to_gc_queue(u);
2526 }
2527
2528 int unit_watch_pid(Unit *u, pid_t pid) {
2529 int r;
2530
2531 assert(u);
2532 assert(pid_is_valid(pid));
2533
2534 /* Watch a specific PID */
2535
2536 r = set_ensure_allocated(&u->pids, NULL);
2537 if (r < 0)
2538 return r;
2539
2540 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2541 if (r < 0)
2542 return r;
2543
2544 /* First try, let's add the unit keyed by "pid". */
2545 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2546 if (r == -EEXIST) {
2547 Unit **array;
2548 bool found = false;
2549 size_t n = 0;
2550
2551 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2552 * to an array of Units rather than just a Unit), lists us already. */
2553
2554 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2555 if (array)
2556 for (; array[n]; n++)
2557 if (array[n] == u)
2558 found = true;
2559
2560 if (found) /* Found it already? if so, do nothing */
2561 r = 0;
2562 else {
2563 Unit **new_array;
2564
2565 /* Allocate a new array */
2566 new_array = new(Unit*, n + 2);
2567 if (!new_array)
2568 return -ENOMEM;
2569
2570 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2571 new_array[n] = u;
2572 new_array[n+1] = NULL;
2573
2574 /* Add or replace the old array */
2575 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2576 if (r < 0) {
2577 free(new_array);
2578 return r;
2579 }
2580
2581 free(array);
2582 }
2583 } else if (r < 0)
2584 return r;
2585
2586 r = set_put(u->pids, PID_TO_PTR(pid));
2587 if (r < 0)
2588 return r;
2589
2590 return 0;
2591 }
2592
2593 void unit_unwatch_pid(Unit *u, pid_t pid) {
2594 Unit **array;
2595
2596 assert(u);
2597 assert(pid_is_valid(pid));
2598
2599 /* First let's drop the unit in case it's keyed as "pid". */
2600 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2601
2602 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2603 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2604 if (array) {
2605 size_t n, m = 0;
2606
2607 /* Let's iterate through the array, dropping our own entry */
2608 for (n = 0; array[n]; n++)
2609 if (array[n] != u)
2610 array[m++] = array[n];
2611 array[m] = NULL;
2612
2613 if (m == 0) {
2614 /* The array is now empty, remove the entire entry */
2615 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2616 free(array);
2617 }
2618 }
2619
2620 (void) set_remove(u->pids, PID_TO_PTR(pid));
2621 }
2622
2623 void unit_unwatch_all_pids(Unit *u) {
2624 assert(u);
2625
2626 while (!set_isempty(u->pids))
2627 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2628
2629 u->pids = set_free(u->pids);
2630 }
2631
2632 static void unit_tidy_watch_pids(Unit *u) {
2633 pid_t except1, except2;
2634 Iterator i;
2635 void *e;
2636
2637 assert(u);
2638
2639 /* Cleans dead PIDs from our list */
2640
2641 except1 = unit_main_pid(u);
2642 except2 = unit_control_pid(u);
2643
2644 SET_FOREACH(e, u->pids, i) {
2645 pid_t pid = PTR_TO_PID(e);
2646
2647 if (pid == except1 || pid == except2)
2648 continue;
2649
2650 if (!pid_is_unwaited(pid))
2651 unit_unwatch_pid(u, pid);
2652 }
2653 }
2654
2655 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2656 Unit *u = userdata;
2657
2658 assert(s);
2659 assert(u);
2660
2661 unit_tidy_watch_pids(u);
2662 unit_watch_all_pids(u);
2663
2664 /* If the PID set is empty now, then let's finish this off. */
2665 unit_synthesize_cgroup_empty_event(u);
2666
2667 return 0;
2668 }
2669
2670 int unit_enqueue_rewatch_pids(Unit *u) {
2671 int r;
2672
2673 assert(u);
2674
2675 if (!u->cgroup_path)
2676 return -ENOENT;
2677
2678 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2679 if (r < 0)
2680 return r;
2681 if (r > 0) /* On unified we can use proper notifications */
2682 return 0;
2683
2684 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2685 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2686 * involves issuing kill(pid, 0) on all processes we watch. */
2687
2688 if (!u->rewatch_pids_event_source) {
2689 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2690
2691 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2692 if (r < 0)
2693 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2694
2695 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2696 if (r < 0)
2697 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2698
2699 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2700
2701 u->rewatch_pids_event_source = TAKE_PTR(s);
2702 }
2703
2704 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2705 if (r < 0)
2706 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2707
2708 return 0;
2709 }
2710
2711 void unit_dequeue_rewatch_pids(Unit *u) {
2712 int r;
2713 assert(u);
2714
2715 if (!u->rewatch_pids_event_source)
2716 return;
2717
2718 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2719 if (r < 0)
2720 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2721
2722 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2723 }
2724
2725 bool unit_job_is_applicable(Unit *u, JobType j) {
2726 assert(u);
2727 assert(j >= 0 && j < _JOB_TYPE_MAX);
2728
2729 switch (j) {
2730
2731 case JOB_VERIFY_ACTIVE:
2732 case JOB_START:
2733 case JOB_NOP:
2734 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2735 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2736 * jobs for it. */
2737 return true;
2738
2739 case JOB_STOP:
2740 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2741 * external events), hence it makes no sense to permit enqueing such a request either. */
2742 return !u->perpetual;
2743
2744 case JOB_RESTART:
2745 case JOB_TRY_RESTART:
2746 return unit_can_stop(u) && unit_can_start(u);
2747
2748 case JOB_RELOAD:
2749 case JOB_TRY_RELOAD:
2750 return unit_can_reload(u);
2751
2752 case JOB_RELOAD_OR_START:
2753 return unit_can_reload(u) && unit_can_start(u);
2754
2755 default:
2756 assert_not_reached("Invalid job type");
2757 }
2758 }
2759
2760 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2761 assert(u);
2762
2763 /* Only warn about some unit types */
2764 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2765 return;
2766
2767 if (streq_ptr(u->id, other))
2768 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2769 else
2770 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2771 }
2772
2773 static int unit_add_dependency_hashmap(
2774 Hashmap **h,
2775 Unit *other,
2776 UnitDependencyMask origin_mask,
2777 UnitDependencyMask destination_mask) {
2778
2779 UnitDependencyInfo info;
2780 int r;
2781
2782 assert(h);
2783 assert(other);
2784 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2785 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2786 assert(origin_mask > 0 || destination_mask > 0);
2787
2788 r = hashmap_ensure_allocated(h, NULL);
2789 if (r < 0)
2790 return r;
2791
2792 assert_cc(sizeof(void*) == sizeof(info));
2793
2794 info.data = hashmap_get(*h, other);
2795 if (info.data) {
2796 /* Entry already exists. Add in our mask. */
2797
2798 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2799 FLAGS_SET(destination_mask, info.destination_mask))
2800 return 0; /* NOP */
2801
2802 info.origin_mask |= origin_mask;
2803 info.destination_mask |= destination_mask;
2804
2805 r = hashmap_update(*h, other, info.data);
2806 } else {
2807 info = (UnitDependencyInfo) {
2808 .origin_mask = origin_mask,
2809 .destination_mask = destination_mask,
2810 };
2811
2812 r = hashmap_put(*h, other, info.data);
2813 }
2814 if (r < 0)
2815 return r;
2816
2817 return 1;
2818 }
2819
2820 int unit_add_dependency(
2821 Unit *u,
2822 UnitDependency d,
2823 Unit *other,
2824 bool add_reference,
2825 UnitDependencyMask mask) {
2826
2827 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2828 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2829 [UNIT_WANTS] = UNIT_WANTED_BY,
2830 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2831 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2832 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2833 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2834 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2835 [UNIT_WANTED_BY] = UNIT_WANTS,
2836 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2837 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2838 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2839 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2840 [UNIT_BEFORE] = UNIT_AFTER,
2841 [UNIT_AFTER] = UNIT_BEFORE,
2842 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2843 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2844 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2845 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2846 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2847 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2848 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2849 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2850 };
2851 Unit *original_u = u, *original_other = other;
2852 int r;
2853
2854 assert(u);
2855 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2856 assert(other);
2857
2858 u = unit_follow_merge(u);
2859 other = unit_follow_merge(other);
2860
2861 /* We won't allow dependencies on ourselves. We will not
2862 * consider them an error however. */
2863 if (u == other) {
2864 maybe_warn_about_dependency(original_u, original_other->id, d);
2865 return 0;
2866 }
2867
2868 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2869 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2870 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2871 return 0;
2872 }
2873
2874 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2875 if (r < 0)
2876 return r;
2877
2878 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2879 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2880 if (r < 0)
2881 return r;
2882 }
2883
2884 if (add_reference) {
2885 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2886 if (r < 0)
2887 return r;
2888
2889 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2890 if (r < 0)
2891 return r;
2892 }
2893
2894 unit_add_to_dbus_queue(u);
2895 return 0;
2896 }
2897
2898 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2899 int r;
2900
2901 assert(u);
2902
2903 r = unit_add_dependency(u, d, other, add_reference, mask);
2904 if (r < 0)
2905 return r;
2906
2907 return unit_add_dependency(u, e, other, add_reference, mask);
2908 }
2909
2910 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
2911 int r;
2912
2913 assert(u);
2914 assert(name);
2915 assert(buf);
2916 assert(ret);
2917
2918 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2919 *buf = NULL;
2920 *ret = name;
2921 return 0;
2922 }
2923
2924 if (u->instance)
2925 r = unit_name_replace_instance(name, u->instance, buf);
2926 else {
2927 _cleanup_free_ char *i = NULL;
2928
2929 r = unit_name_to_prefix(u->id, &i);
2930 if (r < 0)
2931 return r;
2932
2933 r = unit_name_replace_instance(name, i, buf);
2934 }
2935 if (r < 0)
2936 return r;
2937
2938 *ret = *buf;
2939 return 0;
2940 }
2941
2942 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
2943 _cleanup_free_ char *buf = NULL;
2944 Unit *other;
2945 int r;
2946
2947 assert(u);
2948 assert(name);
2949
2950 r = resolve_template(u, name, &buf, &name);
2951 if (r < 0)
2952 return r;
2953
2954 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
2955 if (r < 0)
2956 return r;
2957
2958 return unit_add_dependency(u, d, other, add_reference, mask);
2959 }
2960
2961 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
2962 _cleanup_free_ char *buf = NULL;
2963 Unit *other;
2964 int r;
2965
2966 assert(u);
2967 assert(name);
2968
2969 r = resolve_template(u, name, &buf, &name);
2970 if (r < 0)
2971 return r;
2972
2973 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
2974 if (r < 0)
2975 return r;
2976
2977 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2978 }
2979
2980 int set_unit_path(const char *p) {
2981 /* This is mostly for debug purposes */
2982 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2983 return -errno;
2984
2985 return 0;
2986 }
2987
2988 char *unit_dbus_path(Unit *u) {
2989 assert(u);
2990
2991 if (!u->id)
2992 return NULL;
2993
2994 return unit_dbus_path_from_name(u->id);
2995 }
2996
2997 char *unit_dbus_path_invocation_id(Unit *u) {
2998 assert(u);
2999
3000 if (sd_id128_is_null(u->invocation_id))
3001 return NULL;
3002
3003 return unit_dbus_path_from_name(u->invocation_id_string);
3004 }
3005
3006 int unit_set_slice(Unit *u, Unit *slice) {
3007 assert(u);
3008 assert(slice);
3009
3010 /* Sets the unit slice if it has not been set before. Is extra
3011 * careful, to only allow this for units that actually have a
3012 * cgroup context. Also, we don't allow to set this for slices
3013 * (since the parent slice is derived from the name). Make
3014 * sure the unit we set is actually a slice. */
3015
3016 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3017 return -EOPNOTSUPP;
3018
3019 if (u->type == UNIT_SLICE)
3020 return -EINVAL;
3021
3022 if (unit_active_state(u) != UNIT_INACTIVE)
3023 return -EBUSY;
3024
3025 if (slice->type != UNIT_SLICE)
3026 return -EINVAL;
3027
3028 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3029 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3030 return -EPERM;
3031
3032 if (UNIT_DEREF(u->slice) == slice)
3033 return 0;
3034
3035 /* Disallow slice changes if @u is already bound to cgroups */
3036 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3037 return -EBUSY;
3038
3039 unit_ref_set(&u->slice, u, slice);
3040 return 1;
3041 }
3042
3043 int unit_set_default_slice(Unit *u) {
3044 const char *slice_name;
3045 Unit *slice;
3046 int r;
3047
3048 assert(u);
3049
3050 if (UNIT_ISSET(u->slice))
3051 return 0;
3052
3053 if (u->instance) {
3054 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3055
3056 /* Implicitly place all instantiated units in their
3057 * own per-template slice */
3058
3059 r = unit_name_to_prefix(u->id, &prefix);
3060 if (r < 0)
3061 return r;
3062
3063 /* The prefix is already escaped, but it might include
3064 * "-" which has a special meaning for slice units,
3065 * hence escape it here extra. */
3066 escaped = unit_name_escape(prefix);
3067 if (!escaped)
3068 return -ENOMEM;
3069
3070 if (MANAGER_IS_SYSTEM(u->manager))
3071 slice_name = strjoina("system-", escaped, ".slice");
3072 else
3073 slice_name = strjoina(escaped, ".slice");
3074 } else
3075 slice_name =
3076 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3077 ? SPECIAL_SYSTEM_SLICE
3078 : SPECIAL_ROOT_SLICE;
3079
3080 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3081 if (r < 0)
3082 return r;
3083
3084 return unit_set_slice(u, slice);
3085 }
3086
3087 const char *unit_slice_name(Unit *u) {
3088 assert(u);
3089
3090 if (!UNIT_ISSET(u->slice))
3091 return NULL;
3092
3093 return UNIT_DEREF(u->slice)->id;
3094 }
3095
3096 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3097 _cleanup_free_ char *t = NULL;
3098 int r;
3099
3100 assert(u);
3101 assert(type);
3102 assert(_found);
3103
3104 r = unit_name_change_suffix(u->id, type, &t);
3105 if (r < 0)
3106 return r;
3107 if (unit_has_name(u, t))
3108 return -EINVAL;
3109
3110 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3111 assert(r < 0 || *_found != u);
3112 return r;
3113 }
3114
3115 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3116 const char *name, *old_owner, *new_owner;
3117 Unit *u = userdata;
3118 int r;
3119
3120 assert(message);
3121 assert(u);
3122
3123 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3124 if (r < 0) {
3125 bus_log_parse_error(r);
3126 return 0;
3127 }
3128
3129 old_owner = empty_to_null(old_owner);
3130 new_owner = empty_to_null(new_owner);
3131
3132 if (UNIT_VTABLE(u)->bus_name_owner_change)
3133 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3134
3135 return 0;
3136 }
3137
3138 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3139 const char *match;
3140
3141 assert(u);
3142 assert(bus);
3143 assert(name);
3144
3145 if (u->match_bus_slot)
3146 return -EBUSY;
3147
3148 match = strjoina("type='signal',"
3149 "sender='org.freedesktop.DBus',"
3150 "path='/org/freedesktop/DBus',"
3151 "interface='org.freedesktop.DBus',"
3152 "member='NameOwnerChanged',"
3153 "arg0='", name, "'");
3154
3155 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3156 }
3157
3158 int unit_watch_bus_name(Unit *u, const char *name) {
3159 int r;
3160
3161 assert(u);
3162 assert(name);
3163
3164 /* Watch a specific name on the bus. We only support one unit
3165 * watching each name for now. */
3166
3167 if (u->manager->api_bus) {
3168 /* If the bus is already available, install the match directly.
3169 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3170 r = unit_install_bus_match(u, u->manager->api_bus, name);
3171 if (r < 0)
3172 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3173 }
3174
3175 r = hashmap_put(u->manager->watch_bus, name, u);
3176 if (r < 0) {
3177 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3178 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3179 }
3180
3181 return 0;
3182 }
3183
3184 void unit_unwatch_bus_name(Unit *u, const char *name) {
3185 assert(u);
3186 assert(name);
3187
3188 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3189 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3190 }
3191
3192 bool unit_can_serialize(Unit *u) {
3193 assert(u);
3194
3195 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3196 }
3197
3198 static int serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3199 _cleanup_free_ char *s = NULL;
3200 int r;
3201
3202 assert(f);
3203 assert(key);
3204
3205 if (mask == 0)
3206 return 0;
3207
3208 r = cg_mask_to_string(mask, &s);
3209 if (r < 0)
3210 return log_error_errno(r, "Failed to format cgroup mask: %m");
3211
3212 return serialize_item(f, key, s);
3213 }
3214
3215 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3216 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3217 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3218 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3219 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3220 };
3221
3222 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3223 CGroupIPAccountingMetric m;
3224 int r;
3225
3226 assert(u);
3227 assert(f);
3228 assert(fds);
3229
3230 if (unit_can_serialize(u)) {
3231 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3232 if (r < 0)
3233 return r;
3234 }
3235
3236 (void) serialize_dual_timestamp(f, "state-change-timestamp", &u->state_change_timestamp);
3237
3238 (void) serialize_dual_timestamp(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3239 (void) serialize_dual_timestamp(f, "active-enter-timestamp", &u->active_enter_timestamp);
3240 (void) serialize_dual_timestamp(f, "active-exit-timestamp", &u->active_exit_timestamp);
3241 (void) serialize_dual_timestamp(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3242
3243 (void) serialize_dual_timestamp(f, "condition-timestamp", &u->condition_timestamp);
3244 (void) serialize_dual_timestamp(f, "assert-timestamp", &u->assert_timestamp);
3245
3246 if (dual_timestamp_is_set(&u->condition_timestamp))
3247 (void) serialize_bool(f, "condition-result", u->condition_result);
3248
3249 if (dual_timestamp_is_set(&u->assert_timestamp))
3250 (void) serialize_bool(f, "assert-result", u->assert_result);
3251
3252 (void) serialize_bool(f, "transient", u->transient);
3253 (void) serialize_bool(f, "in-audit", u->in_audit);
3254
3255 (void) serialize_bool(f, "exported-invocation-id", u->exported_invocation_id);
3256 (void) serialize_bool(f, "exported-log-level-max", u->exported_log_level_max);
3257 (void) serialize_bool(f, "exported-log-extra-fields", u->exported_log_extra_fields);
3258 (void) serialize_bool(f, "exported-log-rate-limit-interval", u->exported_log_rate_limit_interval);
3259 (void) serialize_bool(f, "exported-log-rate-limit-burst", u->exported_log_rate_limit_burst);
3260
3261 (void) serialize_item_format(f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3262 if (u->cpu_usage_last != NSEC_INFINITY)
3263 (void) serialize_item_format(f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3264
3265 if (u->cgroup_path)
3266 (void) serialize_item(f, "cgroup", u->cgroup_path);
3267
3268 (void) serialize_bool(f, "cgroup-realized", u->cgroup_realized);
3269 (void) serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3270 (void) serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3271 (void) serialize_cgroup_mask(f, "cgroup-invalidated-mask", u->cgroup_invalidated_mask);
3272
3273 if (uid_is_valid(u->ref_uid))
3274 (void) serialize_item_format(f, "ref-uid", UID_FMT, u->ref_uid);
3275 if (gid_is_valid(u->ref_gid))
3276 (void) serialize_item_format(f, "ref-gid", GID_FMT, u->ref_gid);
3277
3278 if (!sd_id128_is_null(u->invocation_id))
3279 (void) serialize_item_format(f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3280
3281 bus_track_serialize(u->bus_track, f, "ref");
3282
3283 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3284 uint64_t v;
3285
3286 r = unit_get_ip_accounting(u, m, &v);
3287 if (r >= 0)
3288 (void) serialize_item_format(f, ip_accounting_metric_field[m], "%" PRIu64, v);
3289 }
3290
3291 if (serialize_jobs) {
3292 if (u->job) {
3293 fputs("job\n", f);
3294 job_serialize(u->job, f);
3295 }
3296
3297 if (u->nop_job) {
3298 fputs("job\n", f);
3299 job_serialize(u->nop_job, f);
3300 }
3301 }
3302
3303 /* End marker */
3304 fputc('\n', f);
3305 return 0;
3306 }
3307
3308 static int unit_deserialize_job(Unit *u, FILE *f) {
3309 _cleanup_(job_freep) Job *j = NULL;
3310 int r;
3311
3312 assert(u);
3313 assert(f);
3314
3315 j = job_new_raw(u);
3316 if (!j)
3317 return log_oom();
3318
3319 r = job_deserialize(j, f);
3320 if (r < 0)
3321 return r;
3322
3323 r = job_install_deserialized(j);
3324 if (r < 0)
3325 return r;
3326
3327 TAKE_PTR(j);
3328 return 0;
3329 }
3330
3331 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3332 int r;
3333
3334 assert(u);
3335 assert(f);
3336 assert(fds);
3337
3338 for (;;) {
3339 _cleanup_free_ char *line = NULL;
3340 CGroupIPAccountingMetric m;
3341 char *l, *v;
3342 size_t k;
3343
3344 r = read_line(f, LONG_LINE_MAX, &line);
3345 if (r < 0)
3346 return log_error_errno(r, "Failed to read serialization line: %m");
3347 if (r == 0) /* eof */
3348 break;
3349
3350 l = strstrip(line);
3351 if (isempty(l)) /* End marker */
3352 break;
3353
3354 k = strcspn(l, "=");
3355
3356 if (l[k] == '=') {
3357 l[k] = 0;
3358 v = l+k+1;
3359 } else
3360 v = l+k;
3361
3362 if (streq(l, "job")) {
3363 if (v[0] == '\0') {
3364 /* New-style serialized job */
3365 r = unit_deserialize_job(u, f);
3366 if (r < 0)
3367 return r;
3368 } else /* Legacy for pre-44 */
3369 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3370 continue;
3371 } else if (streq(l, "state-change-timestamp")) {
3372 (void) deserialize_dual_timestamp(v, &u->state_change_timestamp);
3373 continue;
3374 } else if (streq(l, "inactive-exit-timestamp")) {
3375 (void) deserialize_dual_timestamp(v, &u->inactive_exit_timestamp);
3376 continue;
3377 } else if (streq(l, "active-enter-timestamp")) {
3378 (void) deserialize_dual_timestamp(v, &u->active_enter_timestamp);
3379 continue;
3380 } else if (streq(l, "active-exit-timestamp")) {
3381 (void) deserialize_dual_timestamp(v, &u->active_exit_timestamp);
3382 continue;
3383 } else if (streq(l, "inactive-enter-timestamp")) {
3384 (void) deserialize_dual_timestamp(v, &u->inactive_enter_timestamp);
3385 continue;
3386 } else if (streq(l, "condition-timestamp")) {
3387 (void) deserialize_dual_timestamp(v, &u->condition_timestamp);
3388 continue;
3389 } else if (streq(l, "assert-timestamp")) {
3390 (void) deserialize_dual_timestamp(v, &u->assert_timestamp);
3391 continue;
3392 } else if (streq(l, "condition-result")) {
3393
3394 r = parse_boolean(v);
3395 if (r < 0)
3396 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3397 else
3398 u->condition_result = r;
3399
3400 continue;
3401
3402 } else if (streq(l, "assert-result")) {
3403
3404 r = parse_boolean(v);
3405 if (r < 0)
3406 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3407 else
3408 u->assert_result = r;
3409
3410 continue;
3411
3412 } else if (streq(l, "transient")) {
3413
3414 r = parse_boolean(v);
3415 if (r < 0)
3416 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3417 else
3418 u->transient = r;
3419
3420 continue;
3421
3422 } else if (streq(l, "in-audit")) {
3423
3424 r = parse_boolean(v);
3425 if (r < 0)
3426 log_unit_debug(u, "Failed to parse in-audit bool %s, ignoring.", v);
3427 else
3428 u->in_audit = r;
3429
3430 continue;
3431
3432 } else if (streq(l, "exported-invocation-id")) {
3433
3434 r = parse_boolean(v);
3435 if (r < 0)
3436 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3437 else
3438 u->exported_invocation_id = r;
3439
3440 continue;
3441
3442 } else if (streq(l, "exported-log-level-max")) {
3443
3444 r = parse_boolean(v);
3445 if (r < 0)
3446 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3447 else
3448 u->exported_log_level_max = r;
3449
3450 continue;
3451
3452 } else if (streq(l, "exported-log-extra-fields")) {
3453
3454 r = parse_boolean(v);
3455 if (r < 0)
3456 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3457 else
3458 u->exported_log_extra_fields = r;
3459
3460 continue;
3461
3462 } else if (streq(l, "exported-log-rate-limit-interval")) {
3463
3464 r = parse_boolean(v);
3465 if (r < 0)
3466 log_unit_debug(u, "Failed to parse exported log rate limit interval %s, ignoring.", v);
3467 else
3468 u->exported_log_rate_limit_interval = r;
3469
3470 continue;
3471
3472 } else if (streq(l, "exported-log-rate-limit-burst")) {
3473
3474 r = parse_boolean(v);
3475 if (r < 0)
3476 log_unit_debug(u, "Failed to parse exported log rate limit burst %s, ignoring.", v);
3477 else
3478 u->exported_log_rate_limit_burst = r;
3479
3480 continue;
3481
3482 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3483
3484 r = safe_atou64(v, &u->cpu_usage_base);
3485 if (r < 0)
3486 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3487
3488 continue;
3489
3490 } else if (streq(l, "cpu-usage-last")) {
3491
3492 r = safe_atou64(v, &u->cpu_usage_last);
3493 if (r < 0)
3494 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3495
3496 continue;
3497
3498 } else if (streq(l, "cgroup")) {
3499
3500 r = unit_set_cgroup_path(u, v);
3501 if (r < 0)
3502 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3503
3504 (void) unit_watch_cgroup(u);
3505
3506 continue;
3507 } else if (streq(l, "cgroup-realized")) {
3508 int b;
3509
3510 b = parse_boolean(v);
3511 if (b < 0)
3512 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3513 else
3514 u->cgroup_realized = b;
3515
3516 continue;
3517
3518 } else if (streq(l, "cgroup-realized-mask")) {
3519
3520 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3521 if (r < 0)
3522 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3523 continue;
3524
3525 } else if (streq(l, "cgroup-enabled-mask")) {
3526
3527 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3528 if (r < 0)
3529 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3530 continue;
3531
3532 } else if (streq(l, "cgroup-invalidated-mask")) {
3533
3534 r = cg_mask_from_string(v, &u->cgroup_invalidated_mask);
3535 if (r < 0)
3536 log_unit_debug(u, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v);
3537 continue;
3538
3539 } else if (streq(l, "ref-uid")) {
3540 uid_t uid;
3541
3542 r = parse_uid(v, &uid);
3543 if (r < 0)
3544 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3545 else
3546 unit_ref_uid_gid(u, uid, GID_INVALID);
3547
3548 continue;
3549
3550 } else if (streq(l, "ref-gid")) {
3551 gid_t gid;
3552
3553 r = parse_gid(v, &gid);
3554 if (r < 0)
3555 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3556 else
3557 unit_ref_uid_gid(u, UID_INVALID, gid);
3558
3559 continue;
3560
3561 } else if (streq(l, "ref")) {
3562
3563 r = strv_extend(&u->deserialized_refs, v);
3564 if (r < 0)
3565 return log_oom();
3566
3567 continue;
3568 } else if (streq(l, "invocation-id")) {
3569 sd_id128_t id;
3570
3571 r = sd_id128_from_string(v, &id);
3572 if (r < 0)
3573 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3574 else {
3575 r = unit_set_invocation_id(u, id);
3576 if (r < 0)
3577 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3578 }
3579
3580 continue;
3581 }
3582
3583 /* Check if this is an IP accounting metric serialization field */
3584 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3585 if (streq(l, ip_accounting_metric_field[m]))
3586 break;
3587 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3588 uint64_t c;
3589
3590 r = safe_atou64(v, &c);
3591 if (r < 0)
3592 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3593 else
3594 u->ip_accounting_extra[m] = c;
3595 continue;
3596 }
3597
3598 if (unit_can_serialize(u)) {
3599 r = exec_runtime_deserialize_compat(u, l, v, fds);
3600 if (r < 0) {
3601 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3602 continue;
3603 }
3604
3605 /* Returns positive if key was handled by the call */
3606 if (r > 0)
3607 continue;
3608
3609 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3610 if (r < 0)
3611 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3612 }
3613 }
3614
3615 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3616 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3617 * before 228 where the base for timeouts was not persistent across reboots. */
3618
3619 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3620 dual_timestamp_get(&u->state_change_timestamp);
3621
3622 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3623 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3624 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3625 unit_invalidate_cgroup_bpf(u);
3626
3627 return 0;
3628 }
3629
3630 int unit_deserialize_skip(FILE *f) {
3631 int r;
3632 assert(f);
3633
3634 /* Skip serialized data for this unit. We don't know what it is. */
3635
3636 for (;;) {
3637 _cleanup_free_ char *line = NULL;
3638 char *l;
3639
3640 r = read_line(f, LONG_LINE_MAX, &line);
3641 if (r < 0)
3642 return log_error_errno(r, "Failed to read serialization line: %m");
3643 if (r == 0)
3644 return 0;
3645
3646 l = strstrip(line);
3647
3648 /* End marker */
3649 if (isempty(l))
3650 return 1;
3651 }
3652 }
3653
3654 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3655 Unit *device;
3656 _cleanup_free_ char *e = NULL;
3657 int r;
3658
3659 assert(u);
3660
3661 /* Adds in links to the device node that this unit is based on */
3662 if (isempty(what))
3663 return 0;
3664
3665 if (!is_device_path(what))
3666 return 0;
3667
3668 /* When device units aren't supported (such as in a
3669 * container), don't create dependencies on them. */
3670 if (!unit_type_supported(UNIT_DEVICE))
3671 return 0;
3672
3673 r = unit_name_from_path(what, ".device", &e);
3674 if (r < 0)
3675 return r;
3676
3677 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3678 if (r < 0)
3679 return r;
3680
3681 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3682 dep = UNIT_BINDS_TO;
3683
3684 r = unit_add_two_dependencies(u, UNIT_AFTER,
3685 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3686 device, true, mask);
3687 if (r < 0)
3688 return r;
3689
3690 if (wants) {
3691 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3692 if (r < 0)
3693 return r;
3694 }
3695
3696 return 0;
3697 }
3698
3699 int unit_coldplug(Unit *u) {
3700 int r = 0, q;
3701 char **i;
3702
3703 assert(u);
3704
3705 /* Make sure we don't enter a loop, when coldplugging recursively. */
3706 if (u->coldplugged)
3707 return 0;
3708
3709 u->coldplugged = true;
3710
3711 STRV_FOREACH(i, u->deserialized_refs) {
3712 q = bus_unit_track_add_name(u, *i);
3713 if (q < 0 && r >= 0)
3714 r = q;
3715 }
3716 u->deserialized_refs = strv_free(u->deserialized_refs);
3717
3718 if (UNIT_VTABLE(u)->coldplug) {
3719 q = UNIT_VTABLE(u)->coldplug(u);
3720 if (q < 0 && r >= 0)
3721 r = q;
3722 }
3723
3724 if (u->job) {
3725 q = job_coldplug(u->job);
3726 if (q < 0 && r >= 0)
3727 r = q;
3728 }
3729
3730 return r;
3731 }
3732
3733 void unit_catchup(Unit *u) {
3734 assert(u);
3735
3736 if (UNIT_VTABLE(u)->catchup)
3737 UNIT_VTABLE(u)->catchup(u);
3738 }
3739
3740 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3741 struct stat st;
3742
3743 if (!path)
3744 return false;
3745
3746 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3747 * are never out-of-date. */
3748 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3749 return false;
3750
3751 if (stat(path, &st) < 0)
3752 /* What, cannot access this anymore? */
3753 return true;
3754
3755 if (path_masked)
3756 /* For masked files check if they are still so */
3757 return !null_or_empty(&st);
3758 else
3759 /* For non-empty files check the mtime */
3760 return timespec_load(&st.st_mtim) > mtime;
3761
3762 return false;
3763 }
3764
3765 bool unit_need_daemon_reload(Unit *u) {
3766 _cleanup_strv_free_ char **t = NULL;
3767 char **path;
3768
3769 assert(u);
3770
3771 /* For unit files, we allow masking… */
3772 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3773 u->load_state == UNIT_MASKED))
3774 return true;
3775
3776 /* Source paths should not be masked… */
3777 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3778 return true;
3779
3780 if (u->load_state == UNIT_LOADED)
3781 (void) unit_find_dropin_paths(u, &t);
3782 if (!strv_equal(u->dropin_paths, t))
3783 return true;
3784
3785 /* … any drop-ins that are masked are simply omitted from the list. */
3786 STRV_FOREACH(path, u->dropin_paths)
3787 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3788 return true;
3789
3790 return false;
3791 }
3792
3793 void unit_reset_failed(Unit *u) {
3794 assert(u);
3795
3796 if (UNIT_VTABLE(u)->reset_failed)
3797 UNIT_VTABLE(u)->reset_failed(u);
3798
3799 RATELIMIT_RESET(u->start_limit);
3800 u->start_limit_hit = false;
3801 }
3802
3803 Unit *unit_following(Unit *u) {
3804 assert(u);
3805
3806 if (UNIT_VTABLE(u)->following)
3807 return UNIT_VTABLE(u)->following(u);
3808
3809 return NULL;
3810 }
3811
3812 bool unit_stop_pending(Unit *u) {
3813 assert(u);
3814
3815 /* This call does check the current state of the unit. It's
3816 * hence useful to be called from state change calls of the
3817 * unit itself, where the state isn't updated yet. This is
3818 * different from unit_inactive_or_pending() which checks both
3819 * the current state and for a queued job. */
3820
3821 return u->job && u->job->type == JOB_STOP;
3822 }
3823
3824 bool unit_inactive_or_pending(Unit *u) {
3825 assert(u);
3826
3827 /* Returns true if the unit is inactive or going down */
3828
3829 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3830 return true;
3831
3832 if (unit_stop_pending(u))
3833 return true;
3834
3835 return false;
3836 }
3837
3838 bool unit_active_or_pending(Unit *u) {
3839 assert(u);
3840
3841 /* Returns true if the unit is active or going up */
3842
3843 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3844 return true;
3845
3846 if (u->job &&
3847 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3848 return true;
3849
3850 return false;
3851 }
3852
3853 bool unit_will_restart(Unit *u) {
3854 assert(u);
3855
3856 if (!UNIT_VTABLE(u)->will_restart)
3857 return false;
3858
3859 return UNIT_VTABLE(u)->will_restart(u);
3860 }
3861
3862 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3863 assert(u);
3864 assert(w >= 0 && w < _KILL_WHO_MAX);
3865 assert(SIGNAL_VALID(signo));
3866
3867 if (!UNIT_VTABLE(u)->kill)
3868 return -EOPNOTSUPP;
3869
3870 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3871 }
3872
3873 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3874 _cleanup_set_free_ Set *pid_set = NULL;
3875 int r;
3876
3877 pid_set = set_new(NULL);
3878 if (!pid_set)
3879 return NULL;
3880
3881 /* Exclude the main/control pids from being killed via the cgroup */
3882 if (main_pid > 0) {
3883 r = set_put(pid_set, PID_TO_PTR(main_pid));
3884 if (r < 0)
3885 return NULL;
3886 }
3887
3888 if (control_pid > 0) {
3889 r = set_put(pid_set, PID_TO_PTR(control_pid));
3890 if (r < 0)
3891 return NULL;
3892 }
3893
3894 return TAKE_PTR(pid_set);
3895 }
3896
3897 int unit_kill_common(
3898 Unit *u,
3899 KillWho who,
3900 int signo,
3901 pid_t main_pid,
3902 pid_t control_pid,
3903 sd_bus_error *error) {
3904
3905 int r = 0;
3906 bool killed = false;
3907
3908 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3909 if (main_pid < 0)
3910 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3911 else if (main_pid == 0)
3912 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3913 }
3914
3915 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3916 if (control_pid < 0)
3917 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3918 else if (control_pid == 0)
3919 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3920 }
3921
3922 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3923 if (control_pid > 0) {
3924 if (kill(control_pid, signo) < 0)
3925 r = -errno;
3926 else
3927 killed = true;
3928 }
3929
3930 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3931 if (main_pid > 0) {
3932 if (kill(main_pid, signo) < 0)
3933 r = -errno;
3934 else
3935 killed = true;
3936 }
3937
3938 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3939 _cleanup_set_free_ Set *pid_set = NULL;
3940 int q;
3941
3942 /* Exclude the main/control pids from being killed via the cgroup */
3943 pid_set = unit_pid_set(main_pid, control_pid);
3944 if (!pid_set)
3945 return -ENOMEM;
3946
3947 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3948 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3949 r = q;
3950 else
3951 killed = true;
3952 }
3953
3954 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3955 return -ESRCH;
3956
3957 return r;
3958 }
3959
3960 int unit_following_set(Unit *u, Set **s) {
3961 assert(u);
3962 assert(s);
3963
3964 if (UNIT_VTABLE(u)->following_set)
3965 return UNIT_VTABLE(u)->following_set(u, s);
3966
3967 *s = NULL;
3968 return 0;
3969 }
3970
3971 UnitFileState unit_get_unit_file_state(Unit *u) {
3972 int r;
3973
3974 assert(u);
3975
3976 if (u->unit_file_state < 0 && u->fragment_path) {
3977 r = unit_file_get_state(
3978 u->manager->unit_file_scope,
3979 NULL,
3980 u->id,
3981 &u->unit_file_state);
3982 if (r < 0)
3983 u->unit_file_state = UNIT_FILE_BAD;
3984 }
3985
3986 return u->unit_file_state;
3987 }
3988
3989 int unit_get_unit_file_preset(Unit *u) {
3990 assert(u);
3991
3992 if (u->unit_file_preset < 0 && u->fragment_path)
3993 u->unit_file_preset = unit_file_query_preset(
3994 u->manager->unit_file_scope,
3995 NULL,
3996 basename(u->fragment_path));
3997
3998 return u->unit_file_preset;
3999 }
4000
4001 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4002 assert(ref);
4003 assert(source);
4004 assert(target);
4005
4006 if (ref->target)
4007 unit_ref_unset(ref);
4008
4009 ref->source = source;
4010 ref->target = target;
4011 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4012 return target;
4013 }
4014
4015 void unit_ref_unset(UnitRef *ref) {
4016 assert(ref);
4017
4018 if (!ref->target)
4019 return;
4020
4021 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4022 * be unreferenced now. */
4023 unit_add_to_gc_queue(ref->target);
4024
4025 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4026 ref->source = ref->target = NULL;
4027 }
4028
4029 static int user_from_unit_name(Unit *u, char **ret) {
4030
4031 static const uint8_t hash_key[] = {
4032 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4033 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4034 };
4035
4036 _cleanup_free_ char *n = NULL;
4037 int r;
4038
4039 r = unit_name_to_prefix(u->id, &n);
4040 if (r < 0)
4041 return r;
4042
4043 if (valid_user_group_name(n)) {
4044 *ret = TAKE_PTR(n);
4045 return 0;
4046 }
4047
4048 /* If we can't use the unit name as a user name, then let's hash it and use that */
4049 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4050 return -ENOMEM;
4051
4052 return 0;
4053 }
4054
4055 int unit_patch_contexts(Unit *u) {
4056 CGroupContext *cc;
4057 ExecContext *ec;
4058 unsigned i;
4059 int r;
4060
4061 assert(u);
4062
4063 /* Patch in the manager defaults into the exec and cgroup
4064 * contexts, _after_ the rest of the settings have been
4065 * initialized */
4066
4067 ec = unit_get_exec_context(u);
4068 if (ec) {
4069 /* This only copies in the ones that need memory */
4070 for (i = 0; i < _RLIMIT_MAX; i++)
4071 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4072 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4073 if (!ec->rlimit[i])
4074 return -ENOMEM;
4075 }
4076
4077 if (MANAGER_IS_USER(u->manager) &&
4078 !ec->working_directory) {
4079
4080 r = get_home_dir(&ec->working_directory);
4081 if (r < 0)
4082 return r;
4083
4084 /* Allow user services to run, even if the
4085 * home directory is missing */
4086 ec->working_directory_missing_ok = true;
4087 }
4088
4089 if (ec->private_devices)
4090 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4091
4092 if (ec->protect_kernel_modules)
4093 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4094
4095 if (ec->dynamic_user) {
4096 if (!ec->user) {
4097 r = user_from_unit_name(u, &ec->user);
4098 if (r < 0)
4099 return r;
4100 }
4101
4102 if (!ec->group) {
4103 ec->group = strdup(ec->user);
4104 if (!ec->group)
4105 return -ENOMEM;
4106 }
4107
4108 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4109 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4110
4111 ec->private_tmp = true;
4112 ec->remove_ipc = true;
4113 ec->protect_system = PROTECT_SYSTEM_STRICT;
4114 if (ec->protect_home == PROTECT_HOME_NO)
4115 ec->protect_home = PROTECT_HOME_READ_ONLY;
4116 }
4117 }
4118
4119 cc = unit_get_cgroup_context(u);
4120 if (cc && ec) {
4121
4122 if (ec->private_devices &&
4123 cc->device_policy == CGROUP_AUTO)
4124 cc->device_policy = CGROUP_CLOSED;
4125
4126 if (ec->root_image &&
4127 (cc->device_policy != CGROUP_AUTO || cc->device_allow)) {
4128
4129 /* When RootImage= is specified, the following devices are touched. */
4130 r = cgroup_add_device_allow(cc, "/dev/loop-control", "rw");
4131 if (r < 0)
4132 return r;
4133
4134 r = cgroup_add_device_allow(cc, "block-loop", "rwm");
4135 if (r < 0)
4136 return r;
4137
4138 r = cgroup_add_device_allow(cc, "block-blkext", "rwm");
4139 if (r < 0)
4140 return r;
4141 }
4142 }
4143
4144 return 0;
4145 }
4146
4147 ExecContext *unit_get_exec_context(Unit *u) {
4148 size_t offset;
4149 assert(u);
4150
4151 if (u->type < 0)
4152 return NULL;
4153
4154 offset = UNIT_VTABLE(u)->exec_context_offset;
4155 if (offset <= 0)
4156 return NULL;
4157
4158 return (ExecContext*) ((uint8_t*) u + offset);
4159 }
4160
4161 KillContext *unit_get_kill_context(Unit *u) {
4162 size_t offset;
4163 assert(u);
4164
4165 if (u->type < 0)
4166 return NULL;
4167
4168 offset = UNIT_VTABLE(u)->kill_context_offset;
4169 if (offset <= 0)
4170 return NULL;
4171
4172 return (KillContext*) ((uint8_t*) u + offset);
4173 }
4174
4175 CGroupContext *unit_get_cgroup_context(Unit *u) {
4176 size_t offset;
4177
4178 if (u->type < 0)
4179 return NULL;
4180
4181 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4182 if (offset <= 0)
4183 return NULL;
4184
4185 return (CGroupContext*) ((uint8_t*) u + offset);
4186 }
4187
4188 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4189 size_t offset;
4190
4191 if (u->type < 0)
4192 return NULL;
4193
4194 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4195 if (offset <= 0)
4196 return NULL;
4197
4198 return *(ExecRuntime**) ((uint8_t*) u + offset);
4199 }
4200
4201 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4202 assert(u);
4203
4204 if (UNIT_WRITE_FLAGS_NOOP(flags))
4205 return NULL;
4206
4207 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4208 return u->manager->lookup_paths.transient;
4209
4210 if (flags & UNIT_PERSISTENT)
4211 return u->manager->lookup_paths.persistent_control;
4212
4213 if (flags & UNIT_RUNTIME)
4214 return u->manager->lookup_paths.runtime_control;
4215
4216 return NULL;
4217 }
4218
4219 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4220 char *ret = NULL;
4221
4222 if (!s)
4223 return NULL;
4224
4225 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4226 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4227 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4228 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4229 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4230 * allocations. */
4231
4232 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4233 ret = specifier_escape(s);
4234 if (!ret)
4235 return NULL;
4236
4237 s = ret;
4238 }
4239
4240 if (flags & UNIT_ESCAPE_C) {
4241 char *a;
4242
4243 a = cescape(s);
4244 free(ret);
4245 if (!a)
4246 return NULL;
4247
4248 ret = a;
4249 }
4250
4251 if (buf) {
4252 *buf = ret;
4253 return ret ?: (char*) s;
4254 }
4255
4256 return ret ?: strdup(s);
4257 }
4258
4259 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4260 _cleanup_free_ char *result = NULL;
4261 size_t n = 0, allocated = 0;
4262 char **i;
4263
4264 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4265 * way suitable for ExecStart= stanzas */
4266
4267 STRV_FOREACH(i, l) {
4268 _cleanup_free_ char *buf = NULL;
4269 const char *p;
4270 size_t a;
4271 char *q;
4272
4273 p = unit_escape_setting(*i, flags, &buf);
4274 if (!p)
4275 return NULL;
4276
4277 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4278 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4279 return NULL;
4280
4281 q = result + n;
4282 if (n > 0)
4283 *(q++) = ' ';
4284
4285 *(q++) = '"';
4286 q = stpcpy(q, p);
4287 *(q++) = '"';
4288
4289 n += a;
4290 }
4291
4292 if (!GREEDY_REALLOC(result, allocated, n + 1))
4293 return NULL;
4294
4295 result[n] = 0;
4296
4297 return TAKE_PTR(result);
4298 }
4299
4300 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4301 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4302 const char *dir, *wrapped;
4303 int r;
4304
4305 assert(u);
4306 assert(name);
4307 assert(data);
4308
4309 if (UNIT_WRITE_FLAGS_NOOP(flags))
4310 return 0;
4311
4312 data = unit_escape_setting(data, flags, &escaped);
4313 if (!data)
4314 return -ENOMEM;
4315
4316 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4317 * previous section header is the same */
4318
4319 if (flags & UNIT_PRIVATE) {
4320 if (!UNIT_VTABLE(u)->private_section)
4321 return -EINVAL;
4322
4323 if (!u->transient_file || u->last_section_private < 0)
4324 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4325 else if (u->last_section_private == 0)
4326 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4327 } else {
4328 if (!u->transient_file || u->last_section_private < 0)
4329 data = strjoina("[Unit]\n", data);
4330 else if (u->last_section_private > 0)
4331 data = strjoina("\n[Unit]\n", data);
4332 }
4333
4334 if (u->transient_file) {
4335 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4336 * write to the transient unit file. */
4337 fputs(data, u->transient_file);
4338
4339 if (!endswith(data, "\n"))
4340 fputc('\n', u->transient_file);
4341
4342 /* Remember which section we wrote this entry to */
4343 u->last_section_private = !!(flags & UNIT_PRIVATE);
4344 return 0;
4345 }
4346
4347 dir = unit_drop_in_dir(u, flags);
4348 if (!dir)
4349 return -EINVAL;
4350
4351 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4352 "# or an equivalent operation. Do not edit.\n",
4353 data,
4354 "\n");
4355
4356 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4357 if (r < 0)
4358 return r;
4359
4360 (void) mkdir_p_label(p, 0755);
4361 r = write_string_file_atomic_label(q, wrapped);
4362 if (r < 0)
4363 return r;
4364
4365 r = strv_push(&u->dropin_paths, q);
4366 if (r < 0)
4367 return r;
4368 q = NULL;
4369
4370 strv_uniq(u->dropin_paths);
4371
4372 u->dropin_mtime = now(CLOCK_REALTIME);
4373
4374 return 0;
4375 }
4376
4377 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4378 _cleanup_free_ char *p = NULL;
4379 va_list ap;
4380 int r;
4381
4382 assert(u);
4383 assert(name);
4384 assert(format);
4385
4386 if (UNIT_WRITE_FLAGS_NOOP(flags))
4387 return 0;
4388
4389 va_start(ap, format);
4390 r = vasprintf(&p, format, ap);
4391 va_end(ap);
4392
4393 if (r < 0)
4394 return -ENOMEM;
4395
4396 return unit_write_setting(u, flags, name, p);
4397 }
4398
4399 int unit_make_transient(Unit *u) {
4400 _cleanup_free_ char *path = NULL;
4401 FILE *f;
4402
4403 assert(u);
4404
4405 if (!UNIT_VTABLE(u)->can_transient)
4406 return -EOPNOTSUPP;
4407
4408 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4409
4410 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4411 if (!path)
4412 return -ENOMEM;
4413
4414 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4415 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4416
4417 RUN_WITH_UMASK(0022) {
4418 f = fopen(path, "we");
4419 if (!f)
4420 return -errno;
4421 }
4422
4423 safe_fclose(u->transient_file);
4424 u->transient_file = f;
4425
4426 free_and_replace(u->fragment_path, path);
4427
4428 u->source_path = mfree(u->source_path);
4429 u->dropin_paths = strv_free(u->dropin_paths);
4430 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4431
4432 u->load_state = UNIT_STUB;
4433 u->load_error = 0;
4434 u->transient = true;
4435
4436 unit_add_to_dbus_queue(u);
4437 unit_add_to_gc_queue(u);
4438
4439 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4440 u->transient_file);
4441
4442 return 0;
4443 }
4444
4445 static int log_kill(pid_t pid, int sig, void *userdata) {
4446 _cleanup_free_ char *comm = NULL;
4447
4448 (void) get_process_comm(pid, &comm);
4449
4450 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4451 only, like for example systemd's own PAM stub process. */
4452 if (comm && comm[0] == '(')
4453 return 0;
4454
4455 log_unit_notice(userdata,
4456 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4457 pid,
4458 strna(comm),
4459 signal_to_string(sig));
4460
4461 return 1;
4462 }
4463
4464 static int operation_to_signal(KillContext *c, KillOperation k) {
4465 assert(c);
4466
4467 switch (k) {
4468
4469 case KILL_TERMINATE:
4470 case KILL_TERMINATE_AND_LOG:
4471 return c->kill_signal;
4472
4473 case KILL_KILL:
4474 return c->final_kill_signal;
4475
4476 case KILL_WATCHDOG:
4477 return c->watchdog_signal;
4478
4479 default:
4480 assert_not_reached("KillOperation unknown");
4481 }
4482 }
4483
4484 int unit_kill_context(
4485 Unit *u,
4486 KillContext *c,
4487 KillOperation k,
4488 pid_t main_pid,
4489 pid_t control_pid,
4490 bool main_pid_alien) {
4491
4492 bool wait_for_exit = false, send_sighup;
4493 cg_kill_log_func_t log_func = NULL;
4494 int sig, r;
4495
4496 assert(u);
4497 assert(c);
4498
4499 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4500 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4501
4502 if (c->kill_mode == KILL_NONE)
4503 return 0;
4504
4505 sig = operation_to_signal(c, k);
4506
4507 send_sighup =
4508 c->send_sighup &&
4509 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4510 sig != SIGHUP;
4511
4512 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4513 log_func = log_kill;
4514
4515 if (main_pid > 0) {
4516 if (log_func)
4517 log_func(main_pid, sig, u);
4518
4519 r = kill_and_sigcont(main_pid, sig);
4520 if (r < 0 && r != -ESRCH) {
4521 _cleanup_free_ char *comm = NULL;
4522 (void) get_process_comm(main_pid, &comm);
4523
4524 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4525 } else {
4526 if (!main_pid_alien)
4527 wait_for_exit = true;
4528
4529 if (r != -ESRCH && send_sighup)
4530 (void) kill(main_pid, SIGHUP);
4531 }
4532 }
4533
4534 if (control_pid > 0) {
4535 if (log_func)
4536 log_func(control_pid, sig, u);
4537
4538 r = kill_and_sigcont(control_pid, sig);
4539 if (r < 0 && r != -ESRCH) {
4540 _cleanup_free_ char *comm = NULL;
4541 (void) get_process_comm(control_pid, &comm);
4542
4543 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4544 } else {
4545 wait_for_exit = true;
4546
4547 if (r != -ESRCH && send_sighup)
4548 (void) kill(control_pid, SIGHUP);
4549 }
4550 }
4551
4552 if (u->cgroup_path &&
4553 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4554 _cleanup_set_free_ Set *pid_set = NULL;
4555
4556 /* Exclude the main/control pids from being killed via the cgroup */
4557 pid_set = unit_pid_set(main_pid, control_pid);
4558 if (!pid_set)
4559 return -ENOMEM;
4560
4561 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4562 sig,
4563 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4564 pid_set,
4565 log_func, u);
4566 if (r < 0) {
4567 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4568 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4569
4570 } else if (r > 0) {
4571
4572 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4573 * we are running in a container or if this is a delegation unit, simply because cgroup
4574 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4575 * of containers it can be confused easily by left-over directories in the cgroup — which
4576 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4577 * there we get proper events. Hence rely on them. */
4578
4579 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4580 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4581 wait_for_exit = true;
4582
4583 if (send_sighup) {
4584 set_free(pid_set);
4585
4586 pid_set = unit_pid_set(main_pid, control_pid);
4587 if (!pid_set)
4588 return -ENOMEM;
4589
4590 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4591 SIGHUP,
4592 CGROUP_IGNORE_SELF,
4593 pid_set,
4594 NULL, NULL);
4595 }
4596 }
4597 }
4598
4599 return wait_for_exit;
4600 }
4601
4602 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4603 _cleanup_free_ char *p = NULL;
4604 UnitDependencyInfo di;
4605 int r;
4606
4607 assert(u);
4608 assert(path);
4609
4610 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4611 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4612 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4613 * determine which units to make themselves a dependency of. */
4614
4615 if (!path_is_absolute(path))
4616 return -EINVAL;
4617
4618 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4619 if (r < 0)
4620 return r;
4621
4622 p = strdup(path);
4623 if (!p)
4624 return -ENOMEM;
4625
4626 path = path_simplify(p, true);
4627
4628 if (!path_is_normalized(path))
4629 return -EPERM;
4630
4631 if (hashmap_contains(u->requires_mounts_for, path))
4632 return 0;
4633
4634 di = (UnitDependencyInfo) {
4635 .origin_mask = mask
4636 };
4637
4638 r = hashmap_put(u->requires_mounts_for, path, di.data);
4639 if (r < 0)
4640 return r;
4641 p = NULL;
4642
4643 char prefix[strlen(path) + 1];
4644 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4645 Set *x;
4646
4647 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4648 if (!x) {
4649 _cleanup_free_ char *q = NULL;
4650
4651 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4652 if (r < 0)
4653 return r;
4654
4655 q = strdup(prefix);
4656 if (!q)
4657 return -ENOMEM;
4658
4659 x = set_new(NULL);
4660 if (!x)
4661 return -ENOMEM;
4662
4663 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4664 if (r < 0) {
4665 set_free(x);
4666 return r;
4667 }
4668 q = NULL;
4669 }
4670
4671 r = set_put(x, u);
4672 if (r < 0)
4673 return r;
4674 }
4675
4676 return 0;
4677 }
4678
4679 int unit_setup_exec_runtime(Unit *u) {
4680 ExecRuntime **rt;
4681 size_t offset;
4682 Unit *other;
4683 Iterator i;
4684 void *v;
4685 int r;
4686
4687 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4688 assert(offset > 0);
4689
4690 /* Check if there already is an ExecRuntime for this unit? */
4691 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4692 if (*rt)
4693 return 0;
4694
4695 /* Try to get it from somebody else */
4696 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4697 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4698 if (r == 1)
4699 return 1;
4700 }
4701
4702 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4703 }
4704
4705 int unit_setup_dynamic_creds(Unit *u) {
4706 ExecContext *ec;
4707 DynamicCreds *dcreds;
4708 size_t offset;
4709
4710 assert(u);
4711
4712 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4713 assert(offset > 0);
4714 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4715
4716 ec = unit_get_exec_context(u);
4717 assert(ec);
4718
4719 if (!ec->dynamic_user)
4720 return 0;
4721
4722 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4723 }
4724
4725 bool unit_type_supported(UnitType t) {
4726 if (_unlikely_(t < 0))
4727 return false;
4728 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4729 return false;
4730
4731 if (!unit_vtable[t]->supported)
4732 return true;
4733
4734 return unit_vtable[t]->supported();
4735 }
4736
4737 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4738 int r;
4739
4740 assert(u);
4741 assert(where);
4742
4743 r = dir_is_empty(where);
4744 if (r > 0 || r == -ENOTDIR)
4745 return;
4746 if (r < 0) {
4747 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4748 return;
4749 }
4750
4751 log_struct(LOG_NOTICE,
4752 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4753 LOG_UNIT_ID(u),
4754 LOG_UNIT_INVOCATION_ID(u),
4755 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4756 "WHERE=%s", where);
4757 }
4758
4759 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4760 _cleanup_free_ char *canonical_where = NULL;
4761 int r;
4762
4763 assert(u);
4764 assert(where);
4765
4766 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4767 if (r < 0) {
4768 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4769 return 0;
4770 }
4771
4772 /* We will happily ignore a trailing slash (or any redundant slashes) */
4773 if (path_equal(where, canonical_where))
4774 return 0;
4775
4776 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4777 log_struct(LOG_ERR,
4778 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4779 LOG_UNIT_ID(u),
4780 LOG_UNIT_INVOCATION_ID(u),
4781 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4782 "WHERE=%s", where);
4783
4784 return -ELOOP;
4785 }
4786
4787 bool unit_is_pristine(Unit *u) {
4788 assert(u);
4789
4790 /* Check if the unit already exists or is already around,
4791 * in a number of different ways. Note that to cater for unit
4792 * types such as slice, we are generally fine with units that
4793 * are marked UNIT_LOADED even though nothing was actually
4794 * loaded, as those unit types don't require a file on disk. */
4795
4796 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4797 u->fragment_path ||
4798 u->source_path ||
4799 !strv_isempty(u->dropin_paths) ||
4800 u->job ||
4801 u->merged_into);
4802 }
4803
4804 pid_t unit_control_pid(Unit *u) {
4805 assert(u);
4806
4807 if (UNIT_VTABLE(u)->control_pid)
4808 return UNIT_VTABLE(u)->control_pid(u);
4809
4810 return 0;
4811 }
4812
4813 pid_t unit_main_pid(Unit *u) {
4814 assert(u);
4815
4816 if (UNIT_VTABLE(u)->main_pid)
4817 return UNIT_VTABLE(u)->main_pid(u);
4818
4819 return 0;
4820 }
4821
4822 static void unit_unref_uid_internal(
4823 Unit *u,
4824 uid_t *ref_uid,
4825 bool destroy_now,
4826 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4827
4828 assert(u);
4829 assert(ref_uid);
4830 assert(_manager_unref_uid);
4831
4832 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4833 * gid_t are actually the same time, with the same validity rules.
4834 *
4835 * Drops a reference to UID/GID from a unit. */
4836
4837 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4838 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4839
4840 if (!uid_is_valid(*ref_uid))
4841 return;
4842
4843 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4844 *ref_uid = UID_INVALID;
4845 }
4846
4847 void unit_unref_uid(Unit *u, bool destroy_now) {
4848 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4849 }
4850
4851 void unit_unref_gid(Unit *u, bool destroy_now) {
4852 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4853 }
4854
4855 static int unit_ref_uid_internal(
4856 Unit *u,
4857 uid_t *ref_uid,
4858 uid_t uid,
4859 bool clean_ipc,
4860 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4861
4862 int r;
4863
4864 assert(u);
4865 assert(ref_uid);
4866 assert(uid_is_valid(uid));
4867 assert(_manager_ref_uid);
4868
4869 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4870 * are actually the same type, and have the same validity rules.
4871 *
4872 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4873 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4874 * drops to zero. */
4875
4876 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4877 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4878
4879 if (*ref_uid == uid)
4880 return 0;
4881
4882 if (uid_is_valid(*ref_uid)) /* Already set? */
4883 return -EBUSY;
4884
4885 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4886 if (r < 0)
4887 return r;
4888
4889 *ref_uid = uid;
4890 return 1;
4891 }
4892
4893 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4894 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4895 }
4896
4897 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4898 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4899 }
4900
4901 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4902 int r = 0, q = 0;
4903
4904 assert(u);
4905
4906 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4907
4908 if (uid_is_valid(uid)) {
4909 r = unit_ref_uid(u, uid, clean_ipc);
4910 if (r < 0)
4911 return r;
4912 }
4913
4914 if (gid_is_valid(gid)) {
4915 q = unit_ref_gid(u, gid, clean_ipc);
4916 if (q < 0) {
4917 if (r > 0)
4918 unit_unref_uid(u, false);
4919
4920 return q;
4921 }
4922 }
4923
4924 return r > 0 || q > 0;
4925 }
4926
4927 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4928 ExecContext *c;
4929 int r;
4930
4931 assert(u);
4932
4933 c = unit_get_exec_context(u);
4934
4935 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4936 if (r < 0)
4937 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4938
4939 return r;
4940 }
4941
4942 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4943 assert(u);
4944
4945 unit_unref_uid(u, destroy_now);
4946 unit_unref_gid(u, destroy_now);
4947 }
4948
4949 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4950 int r;
4951
4952 assert(u);
4953
4954 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4955 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4956 * objects when no service references the UID/GID anymore. */
4957
4958 r = unit_ref_uid_gid(u, uid, gid);
4959 if (r > 0)
4960 unit_add_to_dbus_queue(u);
4961 }
4962
4963 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4964 int r;
4965
4966 assert(u);
4967
4968 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4969
4970 if (sd_id128_equal(u->invocation_id, id))
4971 return 0;
4972
4973 if (!sd_id128_is_null(u->invocation_id))
4974 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4975
4976 if (sd_id128_is_null(id)) {
4977 r = 0;
4978 goto reset;
4979 }
4980
4981 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4982 if (r < 0)
4983 goto reset;
4984
4985 u->invocation_id = id;
4986 sd_id128_to_string(id, u->invocation_id_string);
4987
4988 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4989 if (r < 0)
4990 goto reset;
4991
4992 return 0;
4993
4994 reset:
4995 u->invocation_id = SD_ID128_NULL;
4996 u->invocation_id_string[0] = 0;
4997 return r;
4998 }
4999
5000 int unit_acquire_invocation_id(Unit *u) {
5001 sd_id128_t id;
5002 int r;
5003
5004 assert(u);
5005
5006 r = sd_id128_randomize(&id);
5007 if (r < 0)
5008 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5009
5010 r = unit_set_invocation_id(u, id);
5011 if (r < 0)
5012 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5013
5014 unit_add_to_dbus_queue(u);
5015 return 0;
5016 }
5017
5018 int unit_set_exec_params(Unit *u, ExecParameters *p) {
5019 int r;
5020
5021 assert(u);
5022 assert(p);
5023
5024 /* Copy parameters from manager */
5025 r = manager_get_effective_environment(u->manager, &p->environment);
5026 if (r < 0)
5027 return r;
5028
5029 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5030 p->cgroup_supported = u->manager->cgroup_supported;
5031 p->prefix = u->manager->prefix;
5032 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5033
5034 /* Copy paramaters from unit */
5035 p->cgroup_path = u->cgroup_path;
5036 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5037
5038 return 0;
5039 }
5040
5041 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5042 int r;
5043
5044 assert(u);
5045 assert(ret);
5046
5047 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5048 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5049
5050 (void) unit_realize_cgroup(u);
5051
5052 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5053 if (r != 0)
5054 return r;
5055
5056 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5057 (void) ignore_signals(SIGPIPE, -1);
5058
5059 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5060
5061 if (u->cgroup_path) {
5062 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5063 if (r < 0) {
5064 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5065 _exit(EXIT_CGROUP);
5066 }
5067 }
5068
5069 return 0;
5070 }
5071
5072 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5073 assert(u);
5074 assert(d >= 0);
5075 assert(d < _UNIT_DEPENDENCY_MAX);
5076 assert(other);
5077
5078 if (di.origin_mask == 0 && di.destination_mask == 0) {
5079 /* No bit set anymore, let's drop the whole entry */
5080 assert_se(hashmap_remove(u->dependencies[d], other));
5081 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5082 } else
5083 /* Mask was reduced, let's update the entry */
5084 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5085 }
5086
5087 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5088 UnitDependency d;
5089
5090 assert(u);
5091
5092 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5093
5094 if (mask == 0)
5095 return;
5096
5097 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5098 bool done;
5099
5100 do {
5101 UnitDependencyInfo di;
5102 Unit *other;
5103 Iterator i;
5104
5105 done = true;
5106
5107 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5108 UnitDependency q;
5109
5110 if ((di.origin_mask & ~mask) == di.origin_mask)
5111 continue;
5112 di.origin_mask &= ~mask;
5113 unit_update_dependency_mask(u, d, other, di);
5114
5115 /* We updated the dependency from our unit to the other unit now. But most dependencies
5116 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5117 * all dependency types on the other unit and delete all those which point to us and
5118 * have the right mask set. */
5119
5120 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5121 UnitDependencyInfo dj;
5122
5123 dj.data = hashmap_get(other->dependencies[q], u);
5124 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5125 continue;
5126 dj.destination_mask &= ~mask;
5127
5128 unit_update_dependency_mask(other, q, u, dj);
5129 }
5130
5131 unit_add_to_gc_queue(other);
5132
5133 done = false;
5134 break;
5135 }
5136
5137 } while (!done);
5138 }
5139 }
5140
5141 static int unit_export_invocation_id(Unit *u) {
5142 const char *p;
5143 int r;
5144
5145 assert(u);
5146
5147 if (u->exported_invocation_id)
5148 return 0;
5149
5150 if (sd_id128_is_null(u->invocation_id))
5151 return 0;
5152
5153 p = strjoina("/run/systemd/units/invocation:", u->id);
5154 r = symlink_atomic(u->invocation_id_string, p);
5155 if (r < 0)
5156 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5157
5158 u->exported_invocation_id = true;
5159 return 0;
5160 }
5161
5162 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5163 const char *p;
5164 char buf[2];
5165 int r;
5166
5167 assert(u);
5168 assert(c);
5169
5170 if (u->exported_log_level_max)
5171 return 0;
5172
5173 if (c->log_level_max < 0)
5174 return 0;
5175
5176 assert(c->log_level_max <= 7);
5177
5178 buf[0] = '0' + c->log_level_max;
5179 buf[1] = 0;
5180
5181 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5182 r = symlink_atomic(buf, p);
5183 if (r < 0)
5184 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5185
5186 u->exported_log_level_max = true;
5187 return 0;
5188 }
5189
5190 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5191 _cleanup_close_ int fd = -1;
5192 struct iovec *iovec;
5193 const char *p;
5194 char *pattern;
5195 le64_t *sizes;
5196 ssize_t n;
5197 size_t i;
5198 int r;
5199
5200 if (u->exported_log_extra_fields)
5201 return 0;
5202
5203 if (c->n_log_extra_fields <= 0)
5204 return 0;
5205
5206 sizes = newa(le64_t, c->n_log_extra_fields);
5207 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5208
5209 for (i = 0; i < c->n_log_extra_fields; i++) {
5210 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5211
5212 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5213 iovec[i*2+1] = c->log_extra_fields[i];
5214 }
5215
5216 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5217 pattern = strjoina(p, ".XXXXXX");
5218
5219 fd = mkostemp_safe(pattern);
5220 if (fd < 0)
5221 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5222
5223 n = writev(fd, iovec, c->n_log_extra_fields*2);
5224 if (n < 0) {
5225 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5226 goto fail;
5227 }
5228
5229 (void) fchmod(fd, 0644);
5230
5231 if (rename(pattern, p) < 0) {
5232 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5233 goto fail;
5234 }
5235
5236 u->exported_log_extra_fields = true;
5237 return 0;
5238
5239 fail:
5240 (void) unlink(pattern);
5241 return r;
5242 }
5243
5244 static int unit_export_log_rate_limit_interval(Unit *u, const ExecContext *c) {
5245 _cleanup_free_ char *buf = NULL;
5246 const char *p;
5247 int r;
5248
5249 assert(u);
5250 assert(c);
5251
5252 if (u->exported_log_rate_limit_interval)
5253 return 0;
5254
5255 if (c->log_rate_limit_interval_usec == 0)
5256 return 0;
5257
5258 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5259
5260 if (asprintf(&buf, "%" PRIu64, c->log_rate_limit_interval_usec) < 0)
5261 return log_oom();
5262
5263 r = symlink_atomic(buf, p);
5264 if (r < 0)
5265 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5266
5267 u->exported_log_rate_limit_interval = true;
5268 return 0;
5269 }
5270
5271 static int unit_export_log_rate_limit_burst(Unit *u, const ExecContext *c) {
5272 _cleanup_free_ char *buf = NULL;
5273 const char *p;
5274 int r;
5275
5276 assert(u);
5277 assert(c);
5278
5279 if (u->exported_log_rate_limit_burst)
5280 return 0;
5281
5282 if (c->log_rate_limit_burst == 0)
5283 return 0;
5284
5285 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5286
5287 if (asprintf(&buf, "%u", c->log_rate_limit_burst) < 0)
5288 return log_oom();
5289
5290 r = symlink_atomic(buf, p);
5291 if (r < 0)
5292 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5293
5294 u->exported_log_rate_limit_burst = true;
5295 return 0;
5296 }
5297
5298 void unit_export_state_files(Unit *u) {
5299 const ExecContext *c;
5300
5301 assert(u);
5302
5303 if (!u->id)
5304 return;
5305
5306 if (!MANAGER_IS_SYSTEM(u->manager))
5307 return;
5308
5309 if (MANAGER_IS_TEST_RUN(u->manager))
5310 return;
5311
5312 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5313 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5314 * the IPC system itself and PID 1 also log to the journal.
5315 *
5316 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5317 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5318 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5319 * namespace at least.
5320 *
5321 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5322 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5323 * them with one. */
5324
5325 (void) unit_export_invocation_id(u);
5326
5327 c = unit_get_exec_context(u);
5328 if (c) {
5329 (void) unit_export_log_level_max(u, c);
5330 (void) unit_export_log_extra_fields(u, c);
5331 (void) unit_export_log_rate_limit_interval(u, c);
5332 (void) unit_export_log_rate_limit_burst(u, c);
5333 }
5334 }
5335
5336 void unit_unlink_state_files(Unit *u) {
5337 const char *p;
5338
5339 assert(u);
5340
5341 if (!u->id)
5342 return;
5343
5344 if (!MANAGER_IS_SYSTEM(u->manager))
5345 return;
5346
5347 /* Undoes the effect of unit_export_state() */
5348
5349 if (u->exported_invocation_id) {
5350 p = strjoina("/run/systemd/units/invocation:", u->id);
5351 (void) unlink(p);
5352
5353 u->exported_invocation_id = false;
5354 }
5355
5356 if (u->exported_log_level_max) {
5357 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5358 (void) unlink(p);
5359
5360 u->exported_log_level_max = false;
5361 }
5362
5363 if (u->exported_log_extra_fields) {
5364 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5365 (void) unlink(p);
5366
5367 u->exported_log_extra_fields = false;
5368 }
5369
5370 if (u->exported_log_rate_limit_interval) {
5371 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5372 (void) unlink(p);
5373
5374 u->exported_log_rate_limit_interval = false;
5375 }
5376
5377 if (u->exported_log_rate_limit_burst) {
5378 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5379 (void) unlink(p);
5380
5381 u->exported_log_rate_limit_burst = false;
5382 }
5383 }
5384
5385 int unit_prepare_exec(Unit *u) {
5386 int r;
5387
5388 assert(u);
5389
5390 /* Prepares everything so that we can fork of a process for this unit */
5391
5392 (void) unit_realize_cgroup(u);
5393
5394 if (u->reset_accounting) {
5395 (void) unit_reset_cpu_accounting(u);
5396 (void) unit_reset_ip_accounting(u);
5397 u->reset_accounting = false;
5398 }
5399
5400 unit_export_state_files(u);
5401
5402 r = unit_setup_exec_runtime(u);
5403 if (r < 0)
5404 return r;
5405
5406 r = unit_setup_dynamic_creds(u);
5407 if (r < 0)
5408 return r;
5409
5410 return 0;
5411 }
5412
5413 static int log_leftover(pid_t pid, int sig, void *userdata) {
5414 _cleanup_free_ char *comm = NULL;
5415
5416 (void) get_process_comm(pid, &comm);
5417
5418 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5419 return 0;
5420
5421 log_unit_warning(userdata,
5422 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5423 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5424 pid, strna(comm));
5425
5426 return 1;
5427 }
5428
5429 int unit_warn_leftover_processes(Unit *u) {
5430 assert(u);
5431
5432 (void) unit_pick_cgroup_path(u);
5433
5434 if (!u->cgroup_path)
5435 return 0;
5436
5437 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5438 }
5439
5440 bool unit_needs_console(Unit *u) {
5441 ExecContext *ec;
5442 UnitActiveState state;
5443
5444 assert(u);
5445
5446 state = unit_active_state(u);
5447
5448 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5449 return false;
5450
5451 if (UNIT_VTABLE(u)->needs_console)
5452 return UNIT_VTABLE(u)->needs_console(u);
5453
5454 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5455 ec = unit_get_exec_context(u);
5456 if (!ec)
5457 return false;
5458
5459 return exec_context_may_touch_console(ec);
5460 }
5461
5462 const char *unit_label_path(Unit *u) {
5463 const char *p;
5464
5465 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5466 * when validating access checks. */
5467
5468 p = u->source_path ?: u->fragment_path;
5469 if (!p)
5470 return NULL;
5471
5472 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5473 if (path_equal(p, "/dev/null"))
5474 return NULL;
5475
5476 return p;
5477 }
5478
5479 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5480 int r;
5481
5482 assert(u);
5483
5484 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5485 * and not a kernel thread either */
5486
5487 /* First, a simple range check */
5488 if (!pid_is_valid(pid))
5489 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5490
5491 /* Some extra safety check */
5492 if (pid == 1 || pid == getpid_cached())
5493 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5494
5495 /* Don't even begin to bother with kernel threads */
5496 r = is_kernel_thread(pid);
5497 if (r == -ESRCH)
5498 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5499 if (r < 0)
5500 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5501 if (r > 0)
5502 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5503
5504 return 0;
5505 }
5506
5507 void unit_log_success(Unit *u) {
5508 assert(u);
5509
5510 log_struct(LOG_INFO,
5511 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR,
5512 LOG_UNIT_ID(u),
5513 LOG_UNIT_INVOCATION_ID(u),
5514 LOG_UNIT_MESSAGE(u, "Succeeded."));
5515 }
5516
5517 void unit_log_failure(Unit *u, const char *result) {
5518 assert(u);
5519 assert(result);
5520
5521 log_struct(LOG_WARNING,
5522 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR,
5523 LOG_UNIT_ID(u),
5524 LOG_UNIT_INVOCATION_ID(u),
5525 LOG_UNIT_MESSAGE(u, "Failed with result '%s'.", result),
5526 "UNIT_RESULT=%s", result);
5527 }
5528
5529 void unit_log_process_exit(
5530 Unit *u,
5531 int level,
5532 const char *kind,
5533 const char *command,
5534 int code,
5535 int status) {
5536
5537 assert(u);
5538 assert(kind);
5539
5540 if (code != CLD_EXITED)
5541 level = LOG_WARNING;
5542
5543 log_struct(level,
5544 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR,
5545 LOG_UNIT_MESSAGE(u, "%s exited, code=%s, status=%i/%s",
5546 kind,
5547 sigchld_code_to_string(code), status,
5548 strna(code == CLD_EXITED
5549 ? exit_status_to_string(status, EXIT_STATUS_FULL)
5550 : signal_to_string(status))),
5551 "EXIT_CODE=%s", sigchld_code_to_string(code),
5552 "EXIT_STATUS=%i", status,
5553 "COMMAND=%s", strna(command),
5554 LOG_UNIT_ID(u),
5555 LOG_UNIT_INVOCATION_ID(u));
5556 }
5557
5558 int unit_exit_status(Unit *u) {
5559 assert(u);
5560
5561 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5562 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5563 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5564 * service process has exited abnormally (signal/coredump). */
5565
5566 if (!UNIT_VTABLE(u)->exit_status)
5567 return -EOPNOTSUPP;
5568
5569 return UNIT_VTABLE(u)->exit_status(u);
5570 }
5571
5572 int unit_failure_action_exit_status(Unit *u) {
5573 int r;
5574
5575 assert(u);
5576
5577 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5578
5579 if (u->failure_action_exit_status >= 0)
5580 return u->failure_action_exit_status;
5581
5582 r = unit_exit_status(u);
5583 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5584 return 255;
5585
5586 return r;
5587 }
5588
5589 int unit_success_action_exit_status(Unit *u) {
5590 int r;
5591
5592 assert(u);
5593
5594 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5595
5596 if (u->success_action_exit_status >= 0)
5597 return u->success_action_exit_status;
5598
5599 r = unit_exit_status(u);
5600 if (r == -EBADE) /* Exited, but not cleanly (i.e. by signal or such) */
5601 return 255;
5602
5603 return r;
5604 }
5605
5606 int unit_test_trigger_loaded(Unit *u) {
5607 Unit *trigger;
5608
5609 /* Tests whether the unit to trigger is loaded */
5610
5611 trigger = UNIT_TRIGGER(u);
5612 if (!trigger)
5613 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT), "Refusing to start, unit to trigger not loaded.");
5614 if (trigger->load_state != UNIT_LOADED)
5615 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT), "Refusing to start, unit %s to trigger not loaded.", u->id);
5616
5617 return 0;
5618 }
5619
5620 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5621 [COLLECT_INACTIVE] = "inactive",
5622 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5623 };
5624
5625 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.