1 /* SPDX-License-Identifier: LGPL-2.1+ */
11 #include "sd-messages.h"
13 #include "all-units.h"
14 #include "alloc-util.h"
15 #include "bus-common-errors.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
24 #include "fileio-label.h"
26 #include "format-util.h"
28 #include "id128-util.h"
30 #include "load-dropin.h"
31 #include "load-fragment.h"
36 #include "parse-util.h"
37 #include "path-util.h"
38 #include "process-util.h"
39 #include "serialize.h"
41 #include "signal-util.h"
42 #include "sparse-endian.h"
44 #include "specifier.h"
45 #include "stat-util.h"
46 #include "stdio-util.h"
47 #include "string-table.h"
48 #include "string-util.h"
50 #include "terminal-util.h"
51 #include "tmpfile-util.h"
52 #include "umask-util.h"
53 #include "unit-name.h"
55 #include "user-util.h"
58 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
59 [UNIT_SERVICE
] = &service_vtable
,
60 [UNIT_SOCKET
] = &socket_vtable
,
61 [UNIT_TARGET
] = &target_vtable
,
62 [UNIT_DEVICE
] = &device_vtable
,
63 [UNIT_MOUNT
] = &mount_vtable
,
64 [UNIT_AUTOMOUNT
] = &automount_vtable
,
65 [UNIT_SWAP
] = &swap_vtable
,
66 [UNIT_TIMER
] = &timer_vtable
,
67 [UNIT_PATH
] = &path_vtable
,
68 [UNIT_SLICE
] = &slice_vtable
,
69 [UNIT_SCOPE
] = &scope_vtable
,
72 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
);
74 Unit
*unit_new(Manager
*m
, size_t size
) {
78 assert(size
>= sizeof(Unit
));
84 u
->names
= set_new(&string_hash_ops
);
89 u
->type
= _UNIT_TYPE_INVALID
;
90 u
->default_dependencies
= true;
91 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
92 u
->unit_file_preset
= -1;
93 u
->on_failure_job_mode
= JOB_REPLACE
;
94 u
->cgroup_inotify_wd
= -1;
95 u
->job_timeout
= USEC_INFINITY
;
96 u
->job_running_timeout
= USEC_INFINITY
;
97 u
->ref_uid
= UID_INVALID
;
98 u
->ref_gid
= GID_INVALID
;
99 u
->cpu_usage_last
= NSEC_INFINITY
;
100 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
101 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
103 u
->ip_accounting_ingress_map_fd
= -1;
104 u
->ip_accounting_egress_map_fd
= -1;
105 u
->ipv4_allow_map_fd
= -1;
106 u
->ipv6_allow_map_fd
= -1;
107 u
->ipv4_deny_map_fd
= -1;
108 u
->ipv6_deny_map_fd
= -1;
110 u
->last_section_private
= -1;
112 RATELIMIT_INIT(u
->start_limit
, m
->default_start_limit_interval
, m
->default_start_limit_burst
);
113 RATELIMIT_INIT(u
->auto_stop_ratelimit
, 10 * USEC_PER_SEC
, 16);
118 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
119 _cleanup_(unit_freep
) Unit
*u
= NULL
;
122 u
= unit_new(m
, size
);
126 r
= unit_add_name(u
, name
);
135 bool unit_has_name(const Unit
*u
, const char *name
) {
139 return set_contains(u
->names
, (char*) name
);
142 static void unit_init(Unit
*u
) {
149 assert(u
->type
>= 0);
151 cc
= unit_get_cgroup_context(u
);
153 cgroup_context_init(cc
);
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
159 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
160 cc
->io_accounting
= u
->manager
->default_io_accounting
;
161 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
162 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
163 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
164 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
165 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
167 if (u
->type
!= UNIT_SLICE
)
168 cc
->tasks_max
= u
->manager
->default_tasks_max
;
171 ec
= unit_get_exec_context(u
);
173 exec_context_init(ec
);
175 ec
->keyring_mode
= MANAGER_IS_SYSTEM(u
->manager
) ?
176 EXEC_KEYRING_SHARED
: EXEC_KEYRING_INHERIT
;
179 kc
= unit_get_kill_context(u
);
181 kill_context_init(kc
);
183 if (UNIT_VTABLE(u
)->init
)
184 UNIT_VTABLE(u
)->init(u
);
187 int unit_add_name(Unit
*u
, const char *text
) {
188 _cleanup_free_
char *s
= NULL
, *i
= NULL
;
195 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
200 r
= unit_name_replace_instance(text
, u
->instance
, &s
);
209 if (set_contains(u
->names
, s
))
211 if (hashmap_contains(u
->manager
->units
, s
))
214 if (!unit_name_is_valid(s
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
217 t
= unit_name_to_type(s
);
221 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
224 r
= unit_name_to_instance(s
, &i
);
228 if (i
&& !unit_type_may_template(t
))
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u
->type
!= _UNIT_TYPE_INVALID
&& !u
->instance
!= !i
)
237 if (!unit_type_may_alias(t
) && !set_isempty(u
->names
))
240 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
243 r
= set_put(u
->names
, s
);
248 r
= hashmap_put(u
->manager
->units
, s
, u
);
250 (void) set_remove(u
->names
, s
);
254 if (u
->type
== _UNIT_TYPE_INVALID
) {
257 u
->instance
= TAKE_PTR(i
);
259 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
266 unit_add_to_dbus_queue(u
);
270 int unit_choose_id(Unit
*u
, const char *name
) {
271 _cleanup_free_
char *t
= NULL
;
278 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
283 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
290 /* Selects one of the names of this unit as the id */
291 s
= set_get(u
->names
, (char*) name
);
295 /* Determine the new instance from the new id */
296 r
= unit_name_to_instance(s
, &i
);
305 unit_add_to_dbus_queue(u
);
310 int unit_set_description(Unit
*u
, const char *description
) {
315 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
319 unit_add_to_dbus_queue(u
);
324 bool unit_may_gc(Unit
*u
) {
325 UnitActiveState state
;
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
344 state
= unit_active_state(u
);
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
348 UNIT_VTABLE(u
)->release_resources
)
349 UNIT_VTABLE(u
)->release_resources(u
);
354 if (sd_bus_track_count(u
->bus_track
) > 0)
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u
->collect_mode
) {
360 case COLLECT_INACTIVE
:
361 if (state
!= UNIT_INACTIVE
)
366 case COLLECT_INACTIVE_OR_FAILED
:
367 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
373 assert_not_reached("Unknown garbage collection mode");
376 if (u
->cgroup_path
) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
380 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
382 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", u
->cgroup_path
);
387 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
393 void unit_add_to_load_queue(Unit
*u
) {
395 assert(u
->type
!= _UNIT_TYPE_INVALID
);
397 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
400 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
401 u
->in_load_queue
= true;
404 void unit_add_to_cleanup_queue(Unit
*u
) {
407 if (u
->in_cleanup_queue
)
410 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
411 u
->in_cleanup_queue
= true;
414 void unit_add_to_gc_queue(Unit
*u
) {
417 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
423 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
424 u
->in_gc_queue
= true;
427 void unit_add_to_dbus_queue(Unit
*u
) {
429 assert(u
->type
!= _UNIT_TYPE_INVALID
);
431 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
436 sd_bus_track_count(u
->bus_track
) <= 0 &&
437 set_isempty(u
->manager
->private_buses
)) {
438 u
->sent_dbus_new_signal
= true;
442 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
443 u
->in_dbus_queue
= true;
446 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
449 if (u
->in_stop_when_unneeded_queue
)
452 if (!u
->stop_when_unneeded
)
455 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
458 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
459 u
->in_stop_when_unneeded_queue
= true;
462 static void bidi_set_free(Unit
*u
, Hashmap
*h
) {
469 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
471 HASHMAP_FOREACH_KEY(v
, other
, h
, i
) {
474 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
475 hashmap_remove(other
->dependencies
[d
], u
);
477 unit_add_to_gc_queue(other
);
483 static void unit_remove_transient(Unit
*u
) {
491 if (u
->fragment_path
)
492 (void) unlink(u
->fragment_path
);
494 STRV_FOREACH(i
, u
->dropin_paths
) {
495 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
497 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
501 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
505 /* Only drop transient drop-ins */
506 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
514 static void unit_free_requires_mounts_for(Unit
*u
) {
518 _cleanup_free_
char *path
;
520 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
524 char s
[strlen(path
) + 1];
526 PATH_FOREACH_PREFIX_MORE(s
, path
) {
530 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
534 (void) set_remove(x
, u
);
536 if (set_isempty(x
)) {
537 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
545 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
548 static void unit_done(Unit
*u
) {
557 if (UNIT_VTABLE(u
)->done
)
558 UNIT_VTABLE(u
)->done(u
);
560 ec
= unit_get_exec_context(u
);
562 exec_context_done(ec
);
564 cc
= unit_get_cgroup_context(u
);
566 cgroup_context_done(cc
);
569 void unit_free(Unit
*u
) {
577 if (UNIT_ISSET(u
->slice
)) {
578 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
579 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u
->slice
));
581 /* And make sure the parent is realized again, updating cgroup memberships */
582 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u
->slice
));
585 u
->transient_file
= safe_fclose(u
->transient_file
);
587 if (!MANAGER_IS_RELOADING(u
->manager
))
588 unit_remove_transient(u
);
590 bus_unit_send_removed_signal(u
);
594 unit_dequeue_rewatch_pids(u
);
596 sd_bus_slot_unref(u
->match_bus_slot
);
597 sd_bus_track_unref(u
->bus_track
);
598 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
600 unit_free_requires_mounts_for(u
);
602 SET_FOREACH(t
, u
->names
, i
)
603 hashmap_remove_value(u
->manager
->units
, t
, u
);
605 if (!sd_id128_is_null(u
->invocation_id
))
606 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
620 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
621 bidi_set_free(u
, u
->dependencies
[d
]);
624 manager_unref_console(u
->manager
);
626 unit_release_cgroup(u
);
628 if (!MANAGER_IS_RELOADING(u
->manager
))
629 unit_unlink_state_files(u
);
631 unit_unref_uid_gid(u
, false);
633 (void) manager_update_failed_units(u
->manager
, u
, false);
634 set_remove(u
->manager
->startup_units
, u
);
636 unit_unwatch_all_pids(u
);
638 unit_ref_unset(&u
->slice
);
639 while (u
->refs_by_target
)
640 unit_ref_unset(u
->refs_by_target
);
642 if (u
->type
!= _UNIT_TYPE_INVALID
)
643 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
645 if (u
->in_load_queue
)
646 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
648 if (u
->in_dbus_queue
)
649 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
652 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
654 if (u
->in_cgroup_realize_queue
)
655 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
657 if (u
->in_cgroup_empty_queue
)
658 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
660 if (u
->in_cleanup_queue
)
661 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
663 if (u
->in_target_deps_queue
)
664 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
666 if (u
->in_stop_when_unneeded_queue
)
667 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
669 safe_close(u
->ip_accounting_ingress_map_fd
);
670 safe_close(u
->ip_accounting_egress_map_fd
);
672 safe_close(u
->ipv4_allow_map_fd
);
673 safe_close(u
->ipv6_allow_map_fd
);
674 safe_close(u
->ipv4_deny_map_fd
);
675 safe_close(u
->ipv6_deny_map_fd
);
677 bpf_program_unref(u
->ip_bpf_ingress
);
678 bpf_program_unref(u
->ip_bpf_ingress_installed
);
679 bpf_program_unref(u
->ip_bpf_egress
);
680 bpf_program_unref(u
->ip_bpf_egress_installed
);
682 bpf_program_unref(u
->bpf_device_control_installed
);
684 condition_free_list(u
->conditions
);
685 condition_free_list(u
->asserts
);
687 free(u
->description
);
688 strv_free(u
->documentation
);
689 free(u
->fragment_path
);
690 free(u
->source_path
);
691 strv_free(u
->dropin_paths
);
694 free(u
->job_timeout_reboot_arg
);
696 set_free_free(u
->names
);
703 UnitActiveState
unit_active_state(Unit
*u
) {
706 if (u
->load_state
== UNIT_MERGED
)
707 return unit_active_state(unit_follow_merge(u
));
709 /* After a reload it might happen that a unit is not correctly
710 * loaded but still has a process around. That's why we won't
711 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
713 return UNIT_VTABLE(u
)->active_state(u
);
716 const char* unit_sub_state_to_string(Unit
*u
) {
719 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
722 static int set_complete_move(Set
**s
, Set
**other
) {
730 return set_move(*s
, *other
);
732 *s
= TAKE_PTR(*other
);
737 static int hashmap_complete_move(Hashmap
**s
, Hashmap
**other
) {
745 return hashmap_move(*s
, *other
);
747 *s
= TAKE_PTR(*other
);
752 static int merge_names(Unit
*u
, Unit
*other
) {
760 r
= set_complete_move(&u
->names
, &other
->names
);
764 set_free_free(other
->names
);
768 SET_FOREACH(t
, u
->names
, i
)
769 assert_se(hashmap_replace(u
->manager
->units
, t
, u
) == 0);
774 static int reserve_dependencies(Unit
*u
, Unit
*other
, UnitDependency d
) {
779 assert(d
< _UNIT_DEPENDENCY_MAX
);
782 * If u does not have this dependency set allocated, there is no need
783 * to reserve anything. In that case other's set will be transferred
784 * as a whole to u by complete_move().
786 if (!u
->dependencies
[d
])
789 /* merge_dependencies() will skip a u-on-u dependency */
790 n_reserve
= hashmap_size(other
->dependencies
[d
]) - !!hashmap_get(other
->dependencies
[d
], u
);
792 return hashmap_reserve(u
->dependencies
[d
], n_reserve
);
795 static void merge_dependencies(Unit
*u
, Unit
*other
, const char *other_id
, UnitDependency d
) {
801 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
805 assert(d
< _UNIT_DEPENDENCY_MAX
);
807 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
808 HASHMAP_FOREACH_KEY(v
, back
, other
->dependencies
[d
], i
) {
811 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
812 * pointers back, and let's fix them up, to instead point to 'u'. */
814 for (k
= 0; k
< _UNIT_DEPENDENCY_MAX
; k
++) {
816 /* Do not add dependencies between u and itself. */
817 if (hashmap_remove(back
->dependencies
[k
], other
))
818 maybe_warn_about_dependency(u
, other_id
, k
);
820 UnitDependencyInfo di_u
, di_other
, di_merged
;
822 /* Let's drop this dependency between "back" and "other", and let's create it between
823 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
824 * and any such dependency which might already exist */
826 di_other
.data
= hashmap_get(back
->dependencies
[k
], other
);
828 continue; /* dependency isn't set, let's try the next one */
830 di_u
.data
= hashmap_get(back
->dependencies
[k
], u
);
832 di_merged
= (UnitDependencyInfo
) {
833 .origin_mask
= di_u
.origin_mask
| di_other
.origin_mask
,
834 .destination_mask
= di_u
.destination_mask
| di_other
.destination_mask
,
837 r
= hashmap_remove_and_replace(back
->dependencies
[k
], other
, u
, di_merged
.data
);
839 log_warning_errno(r
, "Failed to remove/replace: back=%s other=%s u=%s: %m", back
->id
, other_id
, u
->id
);
842 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
848 /* Also do not move dependencies on u to itself */
849 back
= hashmap_remove(other
->dependencies
[d
], u
);
851 maybe_warn_about_dependency(u
, other_id
, d
);
853 /* The move cannot fail. The caller must have performed a reservation. */
854 assert_se(hashmap_complete_move(&u
->dependencies
[d
], &other
->dependencies
[d
]) == 0);
856 other
->dependencies
[d
] = hashmap_free(other
->dependencies
[d
]);
859 int unit_merge(Unit
*u
, Unit
*other
) {
861 const char *other_id
= NULL
;
866 assert(u
->manager
== other
->manager
);
867 assert(u
->type
!= _UNIT_TYPE_INVALID
);
869 other
= unit_follow_merge(other
);
874 if (u
->type
!= other
->type
)
877 if (!u
->instance
!= !other
->instance
)
880 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
883 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
892 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
896 other_id
= strdupa(other
->id
);
898 /* Make reservations to ensure merge_dependencies() won't fail */
899 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
900 r
= reserve_dependencies(u
, other
, d
);
902 * We don't rollback reservations if we fail. We don't have
903 * a way to undo reservations. A reservation is not a leak.
910 r
= merge_names(u
, other
);
914 /* Redirect all references */
915 while (other
->refs_by_target
)
916 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
918 /* Merge dependencies */
919 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
920 merge_dependencies(u
, other
, other_id
, d
);
922 other
->load_state
= UNIT_MERGED
;
923 other
->merged_into
= u
;
925 /* If there is still some data attached to the other node, we
926 * don't need it anymore, and can free it. */
927 if (other
->load_state
!= UNIT_STUB
)
928 if (UNIT_VTABLE(other
)->done
)
929 UNIT_VTABLE(other
)->done(other
);
931 unit_add_to_dbus_queue(u
);
932 unit_add_to_cleanup_queue(other
);
937 int unit_merge_by_name(Unit
*u
, const char *name
) {
938 _cleanup_free_
char *s
= NULL
;
945 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
949 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
956 other
= manager_get_unit(u
->manager
, name
);
958 return unit_merge(u
, other
);
960 return unit_add_name(u
, name
);
963 Unit
* unit_follow_merge(Unit
*u
) {
966 while (u
->load_state
== UNIT_MERGED
)
967 assert_se(u
= u
->merged_into
);
972 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
973 ExecDirectoryType dt
;
980 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
981 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
986 if (c
->root_directory
) {
987 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
993 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
998 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
999 if (!u
->manager
->prefix
[dt
])
1002 STRV_FOREACH(dp
, c
->directories
[dt
].paths
) {
1003 _cleanup_free_
char *p
;
1005 p
= strjoin(u
->manager
->prefix
[dt
], "/", *dp
);
1009 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1015 if (!MANAGER_IS_SYSTEM(u
->manager
))
1018 if (c
->private_tmp
) {
1021 FOREACH_STRING(p
, "/tmp", "/var/tmp") {
1022 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1027 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1032 if (!IN_SET(c
->std_output
,
1033 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1034 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
,
1035 EXEC_OUTPUT_SYSLOG
, EXEC_OUTPUT_SYSLOG_AND_CONSOLE
) &&
1036 !IN_SET(c
->std_error
,
1037 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1038 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
,
1039 EXEC_OUTPUT_SYSLOG
, EXEC_OUTPUT_SYSLOG_AND_CONSOLE
))
1042 /* If syslog or kernel logging is requested, make sure our own
1043 * logging daemon is run first. */
1045 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1052 const char *unit_description(Unit
*u
) {
1056 return u
->description
;
1058 return strna(u
->id
);
1061 static void print_unit_dependency_mask(FILE *f
, const char *kind
, UnitDependencyMask mask
, bool *space
) {
1063 UnitDependencyMask mask
;
1066 { UNIT_DEPENDENCY_FILE
, "file" },
1067 { UNIT_DEPENDENCY_IMPLICIT
, "implicit" },
1068 { UNIT_DEPENDENCY_DEFAULT
, "default" },
1069 { UNIT_DEPENDENCY_UDEV
, "udev" },
1070 { UNIT_DEPENDENCY_PATH
, "path" },
1071 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT
, "mountinfo-implicit" },
1072 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
, "mountinfo-default" },
1073 { UNIT_DEPENDENCY_PROC_SWAP
, "proc-swap" },
1081 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
1086 if (FLAGS_SET(mask
, table
[i
].mask
)) {
1094 fputs(table
[i
].name
, f
);
1096 mask
&= ~table
[i
].mask
;
1103 void unit_dump(Unit
*u
, FILE *f
, const char *prefix
) {
1107 const char *prefix2
;
1109 timestamp0
[FORMAT_TIMESTAMP_MAX
],
1110 timestamp1
[FORMAT_TIMESTAMP_MAX
],
1111 timestamp2
[FORMAT_TIMESTAMP_MAX
],
1112 timestamp3
[FORMAT_TIMESTAMP_MAX
],
1113 timestamp4
[FORMAT_TIMESTAMP_MAX
],
1114 timespan
[FORMAT_TIMESPAN_MAX
];
1116 _cleanup_set_free_ Set
*following_set
= NULL
;
1122 assert(u
->type
>= 0);
1124 prefix
= strempty(prefix
);
1125 prefix2
= strjoina(prefix
, "\t");
1129 "%s\tDescription: %s\n"
1130 "%s\tInstance: %s\n"
1131 "%s\tUnit Load State: %s\n"
1132 "%s\tUnit Active State: %s\n"
1133 "%s\tState Change Timestamp: %s\n"
1134 "%s\tInactive Exit Timestamp: %s\n"
1135 "%s\tActive Enter Timestamp: %s\n"
1136 "%s\tActive Exit Timestamp: %s\n"
1137 "%s\tInactive Enter Timestamp: %s\n"
1139 "%s\tNeed Daemon Reload: %s\n"
1140 "%s\tTransient: %s\n"
1141 "%s\tPerpetual: %s\n"
1142 "%s\tGarbage Collection Mode: %s\n"
1145 "%s\tCGroup realized: %s\n",
1147 prefix
, unit_description(u
),
1148 prefix
, strna(u
->instance
),
1149 prefix
, unit_load_state_to_string(u
->load_state
),
1150 prefix
, unit_active_state_to_string(unit_active_state(u
)),
1151 prefix
, strna(format_timestamp(timestamp0
, sizeof(timestamp0
), u
->state_change_timestamp
.realtime
)),
1152 prefix
, strna(format_timestamp(timestamp1
, sizeof(timestamp1
), u
->inactive_exit_timestamp
.realtime
)),
1153 prefix
, strna(format_timestamp(timestamp2
, sizeof(timestamp2
), u
->active_enter_timestamp
.realtime
)),
1154 prefix
, strna(format_timestamp(timestamp3
, sizeof(timestamp3
), u
->active_exit_timestamp
.realtime
)),
1155 prefix
, strna(format_timestamp(timestamp4
, sizeof(timestamp4
), u
->inactive_enter_timestamp
.realtime
)),
1156 prefix
, yes_no(unit_may_gc(u
)),
1157 prefix
, yes_no(unit_need_daemon_reload(u
)),
1158 prefix
, yes_no(u
->transient
),
1159 prefix
, yes_no(u
->perpetual
),
1160 prefix
, collect_mode_to_string(u
->collect_mode
),
1161 prefix
, strna(unit_slice_name(u
)),
1162 prefix
, strna(u
->cgroup_path
),
1163 prefix
, yes_no(u
->cgroup_realized
));
1165 if (u
->cgroup_realized_mask
!= 0) {
1166 _cleanup_free_
char *s
= NULL
;
1167 (void) cg_mask_to_string(u
->cgroup_realized_mask
, &s
);
1168 fprintf(f
, "%s\tCGroup realized mask: %s\n", prefix
, strnull(s
));
1171 if (u
->cgroup_enabled_mask
!= 0) {
1172 _cleanup_free_
char *s
= NULL
;
1173 (void) cg_mask_to_string(u
->cgroup_enabled_mask
, &s
);
1174 fprintf(f
, "%s\tCGroup enabled mask: %s\n", prefix
, strnull(s
));
1177 m
= unit_get_own_mask(u
);
1179 _cleanup_free_
char *s
= NULL
;
1180 (void) cg_mask_to_string(m
, &s
);
1181 fprintf(f
, "%s\tCGroup own mask: %s\n", prefix
, strnull(s
));
1184 m
= unit_get_members_mask(u
);
1186 _cleanup_free_
char *s
= NULL
;
1187 (void) cg_mask_to_string(m
, &s
);
1188 fprintf(f
, "%s\tCGroup members mask: %s\n", prefix
, strnull(s
));
1191 m
= unit_get_delegate_mask(u
);
1193 _cleanup_free_
char *s
= NULL
;
1194 (void) cg_mask_to_string(m
, &s
);
1195 fprintf(f
, "%s\tCGroup delegate mask: %s\n", prefix
, strnull(s
));
1198 SET_FOREACH(t
, u
->names
, i
)
1199 fprintf(f
, "%s\tName: %s\n", prefix
, t
);
1201 if (!sd_id128_is_null(u
->invocation_id
))
1202 fprintf(f
, "%s\tInvocation ID: " SD_ID128_FORMAT_STR
"\n",
1203 prefix
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
1205 STRV_FOREACH(j
, u
->documentation
)
1206 fprintf(f
, "%s\tDocumentation: %s\n", prefix
, *j
);
1208 following
= unit_following(u
);
1210 fprintf(f
, "%s\tFollowing: %s\n", prefix
, following
->id
);
1212 r
= unit_following_set(u
, &following_set
);
1216 SET_FOREACH(other
, following_set
, i
)
1217 fprintf(f
, "%s\tFollowing Set Member: %s\n", prefix
, other
->id
);
1220 if (u
->fragment_path
)
1221 fprintf(f
, "%s\tFragment Path: %s\n", prefix
, u
->fragment_path
);
1224 fprintf(f
, "%s\tSource Path: %s\n", prefix
, u
->source_path
);
1226 STRV_FOREACH(j
, u
->dropin_paths
)
1227 fprintf(f
, "%s\tDropIn Path: %s\n", prefix
, *j
);
1229 if (u
->failure_action
!= EMERGENCY_ACTION_NONE
)
1230 fprintf(f
, "%s\tFailure Action: %s\n", prefix
, emergency_action_to_string(u
->failure_action
));
1231 if (u
->failure_action_exit_status
>= 0)
1232 fprintf(f
, "%s\tFailure Action Exit Status: %i\n", prefix
, u
->failure_action_exit_status
);
1233 if (u
->success_action
!= EMERGENCY_ACTION_NONE
)
1234 fprintf(f
, "%s\tSuccess Action: %s\n", prefix
, emergency_action_to_string(u
->success_action
));
1235 if (u
->success_action_exit_status
>= 0)
1236 fprintf(f
, "%s\tSuccess Action Exit Status: %i\n", prefix
, u
->success_action_exit_status
);
1238 if (u
->job_timeout
!= USEC_INFINITY
)
1239 fprintf(f
, "%s\tJob Timeout: %s\n", prefix
, format_timespan(timespan
, sizeof(timespan
), u
->job_timeout
, 0));
1241 if (u
->job_timeout_action
!= EMERGENCY_ACTION_NONE
)
1242 fprintf(f
, "%s\tJob Timeout Action: %s\n", prefix
, emergency_action_to_string(u
->job_timeout_action
));
1244 if (u
->job_timeout_reboot_arg
)
1245 fprintf(f
, "%s\tJob Timeout Reboot Argument: %s\n", prefix
, u
->job_timeout_reboot_arg
);
1247 condition_dump_list(u
->conditions
, f
, prefix
, condition_type_to_string
);
1248 condition_dump_list(u
->asserts
, f
, prefix
, assert_type_to_string
);
1250 if (dual_timestamp_is_set(&u
->condition_timestamp
))
1252 "%s\tCondition Timestamp: %s\n"
1253 "%s\tCondition Result: %s\n",
1254 prefix
, strna(format_timestamp(timestamp1
, sizeof(timestamp1
), u
->condition_timestamp
.realtime
)),
1255 prefix
, yes_no(u
->condition_result
));
1257 if (dual_timestamp_is_set(&u
->assert_timestamp
))
1259 "%s\tAssert Timestamp: %s\n"
1260 "%s\tAssert Result: %s\n",
1261 prefix
, strna(format_timestamp(timestamp1
, sizeof(timestamp1
), u
->assert_timestamp
.realtime
)),
1262 prefix
, yes_no(u
->assert_result
));
1264 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
1265 UnitDependencyInfo di
;
1268 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
1271 fprintf(f
, "%s\t%s: %s (", prefix
, unit_dependency_to_string(d
), other
->id
);
1273 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1274 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1280 if (!hashmap_isempty(u
->requires_mounts_for
)) {
1281 UnitDependencyInfo di
;
1284 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1287 fprintf(f
, "%s\tRequiresMountsFor: %s (", prefix
, path
);
1289 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1290 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1296 if (u
->load_state
== UNIT_LOADED
) {
1299 "%s\tStopWhenUnneeded: %s\n"
1300 "%s\tRefuseManualStart: %s\n"
1301 "%s\tRefuseManualStop: %s\n"
1302 "%s\tDefaultDependencies: %s\n"
1303 "%s\tOnFailureJobMode: %s\n"
1304 "%s\tIgnoreOnIsolate: %s\n",
1305 prefix
, yes_no(u
->stop_when_unneeded
),
1306 prefix
, yes_no(u
->refuse_manual_start
),
1307 prefix
, yes_no(u
->refuse_manual_stop
),
1308 prefix
, yes_no(u
->default_dependencies
),
1309 prefix
, job_mode_to_string(u
->on_failure_job_mode
),
1310 prefix
, yes_no(u
->ignore_on_isolate
));
1312 if (UNIT_VTABLE(u
)->dump
)
1313 UNIT_VTABLE(u
)->dump(u
, f
, prefix2
);
1315 } else if (u
->load_state
== UNIT_MERGED
)
1317 "%s\tMerged into: %s\n",
1318 prefix
, u
->merged_into
->id
);
1319 else if (u
->load_state
== UNIT_ERROR
)
1320 fprintf(f
, "%s\tLoad Error Code: %s\n", prefix
, strerror(-u
->load_error
));
1322 for (n
= sd_bus_track_first(u
->bus_track
); n
; n
= sd_bus_track_next(u
->bus_track
))
1323 fprintf(f
, "%s\tBus Ref: %s\n", prefix
, n
);
1326 job_dump(u
->job
, f
, prefix2
);
1329 job_dump(u
->nop_job
, f
, prefix2
);
1332 /* Common implementation for multiple backends */
1333 int unit_load_fragment_and_dropin(Unit
*u
) {
1338 /* Load a .{service,socket,...} file */
1339 r
= unit_load_fragment(u
);
1343 if (u
->load_state
== UNIT_STUB
)
1346 /* Load drop-in directory data. If u is an alias, we might be reloading the
1347 * target unit needlessly. But we cannot be sure which drops-ins have already
1348 * been loaded and which not, at least without doing complicated book-keeping,
1349 * so let's always reread all drop-ins. */
1350 return unit_load_dropin(unit_follow_merge(u
));
1353 /* Common implementation for multiple backends */
1354 int unit_load_fragment_and_dropin_optional(Unit
*u
) {
1359 /* Same as unit_load_fragment_and_dropin(), but whether
1360 * something can be loaded or not doesn't matter. */
1362 /* Load a .service/.socket/.slice/… file */
1363 r
= unit_load_fragment(u
);
1367 if (u
->load_state
== UNIT_STUB
)
1368 u
->load_state
= UNIT_LOADED
;
1370 /* Load drop-in directory data */
1371 return unit_load_dropin(unit_follow_merge(u
));
1374 void unit_add_to_target_deps_queue(Unit
*u
) {
1375 Manager
*m
= u
->manager
;
1379 if (u
->in_target_deps_queue
)
1382 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1383 u
->in_target_deps_queue
= true;
1386 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1390 if (target
->type
!= UNIT_TARGET
)
1393 /* Only add the dependency if both units are loaded, so that
1394 * that loop check below is reliable */
1395 if (u
->load_state
!= UNIT_LOADED
||
1396 target
->load_state
!= UNIT_LOADED
)
1399 /* If either side wants no automatic dependencies, then let's
1401 if (!u
->default_dependencies
||
1402 !target
->default_dependencies
)
1405 /* Don't create loops */
1406 if (hashmap_get(target
->dependencies
[UNIT_BEFORE
], u
))
1409 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1412 static int unit_add_slice_dependencies(Unit
*u
) {
1413 UnitDependencyMask mask
;
1416 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1419 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1420 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1422 mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1424 if (UNIT_ISSET(u
->slice
))
1425 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, UNIT_DEREF(u
->slice
), true, mask
);
1427 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1430 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1433 static int unit_add_mount_dependencies(Unit
*u
) {
1434 UnitDependencyInfo di
;
1441 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1442 char prefix
[strlen(path
) + 1];
1444 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1445 _cleanup_free_
char *p
= NULL
;
1448 r
= unit_name_from_path(prefix
, ".mount", &p
);
1452 m
= manager_get_unit(u
->manager
, p
);
1454 /* Make sure to load the mount unit if
1455 * it exists. If so the dependencies
1456 * on this unit will be added later
1457 * during the loading of the mount
1459 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1465 if (m
->load_state
!= UNIT_LOADED
)
1468 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1472 if (m
->fragment_path
) {
1473 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1483 static int unit_add_startup_units(Unit
*u
) {
1487 c
= unit_get_cgroup_context(u
);
1491 if (c
->startup_cpu_shares
== CGROUP_CPU_SHARES_INVALID
&&
1492 c
->startup_io_weight
== CGROUP_WEIGHT_INVALID
&&
1493 c
->startup_blockio_weight
== CGROUP_BLKIO_WEIGHT_INVALID
)
1496 r
= set_ensure_allocated(&u
->manager
->startup_units
, NULL
);
1500 return set_put(u
->manager
->startup_units
, u
);
1503 int unit_load(Unit
*u
) {
1508 if (u
->in_load_queue
) {
1509 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1510 u
->in_load_queue
= false;
1513 if (u
->type
== _UNIT_TYPE_INVALID
)
1516 if (u
->load_state
!= UNIT_STUB
)
1519 if (u
->transient_file
) {
1520 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1521 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1523 r
= fflush_and_check(u
->transient_file
);
1527 u
->transient_file
= safe_fclose(u
->transient_file
);
1528 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1531 if (UNIT_VTABLE(u
)->load
) {
1532 r
= UNIT_VTABLE(u
)->load(u
);
1537 if (u
->load_state
== UNIT_STUB
) {
1542 if (u
->load_state
== UNIT_LOADED
) {
1543 unit_add_to_target_deps_queue(u
);
1545 r
= unit_add_slice_dependencies(u
);
1549 r
= unit_add_mount_dependencies(u
);
1553 r
= unit_add_startup_units(u
);
1557 if (u
->on_failure_job_mode
== JOB_ISOLATE
&& hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) > 1) {
1558 log_unit_error(u
, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1563 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1564 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1566 /* We finished loading, let's ensure our parents recalculate the members mask */
1567 unit_invalidate_cgroup_members_masks(u
);
1570 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1572 unit_add_to_dbus_queue(unit_follow_merge(u
));
1573 unit_add_to_gc_queue(u
);
1578 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1579 * return ENOEXEC to ensure units are placed in this state after loading */
1581 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1582 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1586 unit_add_to_dbus_queue(u
);
1587 unit_add_to_gc_queue(u
);
1589 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1592 static bool unit_condition_test_list(Unit
*u
, Condition
*first
, const char *(*to_string
)(ConditionType t
)) {
1599 /* If the condition list is empty, then it is true */
1603 /* Otherwise, if all of the non-trigger conditions apply and
1604 * if any of the trigger conditions apply (unless there are
1605 * none) we return true */
1606 LIST_FOREACH(conditions
, c
, first
) {
1609 r
= condition_test(c
);
1612 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1614 c
->trigger
? "|" : "",
1615 c
->negate
? "!" : "",
1621 c
->trigger
? "|" : "",
1622 c
->negate
? "!" : "",
1624 condition_result_to_string(c
->result
));
1626 if (!c
->trigger
&& r
<= 0)
1629 if (c
->trigger
&& triggered
<= 0)
1633 return triggered
!= 0;
1636 static bool unit_test_condition(Unit
*u
) {
1639 dual_timestamp_get(&u
->condition_timestamp
);
1640 u
->condition_result
= unit_condition_test_list(u
, u
->conditions
, condition_type_to_string
);
1642 unit_add_to_dbus_queue(u
);
1644 return u
->condition_result
;
1647 static bool unit_test_assert(Unit
*u
) {
1650 dual_timestamp_get(&u
->assert_timestamp
);
1651 u
->assert_result
= unit_condition_test_list(u
, u
->asserts
, assert_type_to_string
);
1653 unit_add_to_dbus_queue(u
);
1655 return u
->assert_result
;
1658 void unit_status_printf(Unit
*u
, const char *status
, const char *unit_status_msg_format
) {
1661 d
= unit_description(u
);
1662 if (log_get_show_color())
1663 d
= strjoina(ANSI_HIGHLIGHT
, d
, ANSI_NORMAL
);
1665 DISABLE_WARNING_FORMAT_NONLITERAL
;
1666 manager_status_printf(u
->manager
, STATUS_TYPE_NORMAL
, status
, unit_status_msg_format
, d
);
1670 int unit_test_start_limit(Unit
*u
) {
1675 if (ratelimit_below(&u
->start_limit
)) {
1676 u
->start_limit_hit
= false;
1680 log_unit_warning(u
, "Start request repeated too quickly.");
1681 u
->start_limit_hit
= true;
1683 reason
= strjoina("unit ", u
->id
, " failed");
1685 emergency_action(u
->manager
, u
->start_limit_action
,
1686 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1687 u
->reboot_arg
, -1, reason
);
1692 bool unit_shall_confirm_spawn(Unit
*u
) {
1695 if (manager_is_confirm_spawn_disabled(u
->manager
))
1698 /* For some reasons units remaining in the same process group
1699 * as PID 1 fail to acquire the console even if it's not used
1700 * by any process. So skip the confirmation question for them. */
1701 return !unit_get_exec_context(u
)->same_pgrp
;
1704 static bool unit_verify_deps(Unit
*u
) {
1711 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1712 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1713 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1714 * conjunction with After= as for them any such check would make things entirely racy. */
1716 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], j
) {
1718 if (!hashmap_contains(u
->dependencies
[UNIT_AFTER
], other
))
1721 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1722 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1730 /* Errors that aren't really errors:
1731 * -EALREADY: Unit is already started.
1732 * -ECOMM: Condition failed
1733 * -EAGAIN: An operation is already in progress. Retry later.
1735 * Errors that are real errors:
1736 * -EBADR: This unit type does not support starting.
1737 * -ECANCELED: Start limit hit, too many requests for now
1738 * -EPROTO: Assert failed
1739 * -EINVAL: Unit not loaded
1740 * -EOPNOTSUPP: Unit type not supported
1741 * -ENOLINK: The necessary dependencies are not fulfilled.
1742 * -ESTALE: This unit has been started before and can't be started a second time
1743 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1745 int unit_start(Unit
*u
) {
1746 UnitActiveState state
;
1752 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1753 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1754 * waiting is finished. */
1755 state
= unit_active_state(u
);
1756 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1759 /* Units that aren't loaded cannot be started */
1760 if (u
->load_state
!= UNIT_LOADED
)
1763 /* Refuse starting scope units more than once */
1764 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1767 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1768 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1769 * recheck the condition in that case. */
1770 if (state
!= UNIT_ACTIVATING
&&
1771 !unit_test_condition(u
)) {
1773 /* Let's also check the start limit here. Normally, the start limit is only checked by the
1774 * .start() method of the unit type after it did some additional checks verifying everything
1775 * is in order (so that those other checks can propagate errors properly). However, if a
1776 * condition check doesn't hold we don't get that far but we should still ensure we are not
1777 * called in a tight loop without a rate limit check enforced, hence do the check here. Note
1778 * that ECOMM is generally not a reason for a job to fail, unlike most other errors here,
1779 * hence the chance is big that any triggering unit for us will trigger us again. Note this
1780 * condition check is a bit different from the condition check inside the per-unit .start()
1781 * function, as this one will not change the unit's state in any way (and we shouldn't here,
1782 * after all the condition failed). */
1784 r
= unit_test_start_limit(u
);
1788 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1791 /* If the asserts failed, fail the entire job */
1792 if (state
!= UNIT_ACTIVATING
&&
1793 !unit_test_assert(u
))
1794 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1796 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1797 * condition checks, so that we rather return condition check errors (which are usually not
1798 * considered a true failure) than "not supported" errors (which are considered a failure).
1800 if (!unit_supported(u
))
1803 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1804 * should have taken care of this already, but let's check this here again. After all, our
1805 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1806 if (!unit_verify_deps(u
))
1809 /* Forward to the main object, if we aren't it. */
1810 following
= unit_following(u
);
1812 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1813 return unit_start(following
);
1816 /* If it is stopped, but we cannot start it, then fail */
1817 if (!UNIT_VTABLE(u
)->start
)
1820 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1821 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1822 * waits for a holdoff timer to elapse before it will start again. */
1824 unit_add_to_dbus_queue(u
);
1826 return UNIT_VTABLE(u
)->start(u
);
1829 bool unit_can_start(Unit
*u
) {
1832 if (u
->load_state
!= UNIT_LOADED
)
1835 if (!unit_supported(u
))
1838 /* Scope units may be started only once */
1839 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1842 return !!UNIT_VTABLE(u
)->start
;
1845 bool unit_can_isolate(Unit
*u
) {
1848 return unit_can_start(u
) &&
1853 * -EBADR: This unit type does not support stopping.
1854 * -EALREADY: Unit is already stopped.
1855 * -EAGAIN: An operation is already in progress. Retry later.
1857 int unit_stop(Unit
*u
) {
1858 UnitActiveState state
;
1863 state
= unit_active_state(u
);
1864 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1867 following
= unit_following(u
);
1869 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1870 return unit_stop(following
);
1873 if (!UNIT_VTABLE(u
)->stop
)
1876 unit_add_to_dbus_queue(u
);
1878 return UNIT_VTABLE(u
)->stop(u
);
1881 bool unit_can_stop(Unit
*u
) {
1884 if (!unit_supported(u
))
1890 return !!UNIT_VTABLE(u
)->stop
;
1894 * -EBADR: This unit type does not support reloading.
1895 * -ENOEXEC: Unit is not started.
1896 * -EAGAIN: An operation is already in progress. Retry later.
1898 int unit_reload(Unit
*u
) {
1899 UnitActiveState state
;
1904 if (u
->load_state
!= UNIT_LOADED
)
1907 if (!unit_can_reload(u
))
1910 state
= unit_active_state(u
);
1911 if (state
== UNIT_RELOADING
)
1914 if (state
!= UNIT_ACTIVE
) {
1915 log_unit_warning(u
, "Unit cannot be reloaded because it is inactive.");
1919 following
= unit_following(u
);
1921 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
1922 return unit_reload(following
);
1925 unit_add_to_dbus_queue(u
);
1927 if (!UNIT_VTABLE(u
)->reload
) {
1928 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1929 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
1933 return UNIT_VTABLE(u
)->reload(u
);
1936 bool unit_can_reload(Unit
*u
) {
1939 if (UNIT_VTABLE(u
)->can_reload
)
1940 return UNIT_VTABLE(u
)->can_reload(u
);
1942 if (!hashmap_isempty(u
->dependencies
[UNIT_PROPAGATES_RELOAD_TO
]))
1945 return UNIT_VTABLE(u
)->reload
;
1948 bool unit_is_unneeded(Unit
*u
) {
1949 static const UnitDependency deps
[] = {
1959 if (!u
->stop_when_unneeded
)
1962 /* Don't clean up while the unit is transitioning or is even inactive. */
1963 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
1968 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
1973 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
1974 * restart, then don't clean this one up. */
1976 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
) {
1980 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1983 if (unit_will_restart(other
))
1991 static void check_unneeded_dependencies(Unit
*u
) {
1993 static const UnitDependency deps
[] = {
2003 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2005 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
2010 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
)
2011 unit_submit_to_stop_when_unneeded_queue(other
);
2015 static void unit_check_binds_to(Unit
*u
) {
2016 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2028 if (unit_active_state(u
) != UNIT_ACTIVE
)
2031 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
) {
2035 if (!other
->coldplugged
)
2036 /* We might yet create a job for the other unit… */
2039 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2049 /* If stopping a unit fails continuously we might enter a stop
2050 * loop here, hence stop acting on the service being
2051 * unnecessary after a while. */
2052 if (!ratelimit_below(&u
->auto_stop_ratelimit
)) {
2053 log_unit_warning(u
, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other
->id
);
2058 log_unit_info(u
, "Unit is bound to inactive unit %s. Stopping, too.", other
->id
);
2060 /* A unit we need to run is gone. Sniff. Let's stop this. */
2061 r
= manager_add_job(u
->manager
, JOB_STOP
, u
, JOB_FAIL
, &error
, NULL
);
2063 log_unit_warning_errno(u
, r
, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error
, r
));
2066 static void retroactively_start_dependencies(Unit
*u
) {
2072 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2074 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REQUIRES
], i
)
2075 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2076 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2077 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
);
2079 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
)
2080 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2081 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2082 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
);
2084 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_WANTS
], i
)
2085 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2086 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2087 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
);
2089 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTS
], i
)
2090 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2091 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
);
2093 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTED_BY
], i
)
2094 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2095 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
);
2098 static void retroactively_stop_dependencies(Unit
*u
) {
2104 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2106 /* Pull down units which are bound to us recursively if enabled */
2107 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BOUND_BY
], i
)
2108 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2109 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
);
2112 void unit_start_on_failure(Unit
*u
) {
2120 if (hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) <= 0)
2123 log_unit_info(u
, "Triggering OnFailure= dependencies.");
2125 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_ON_FAILURE
], i
) {
2126 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2128 r
= manager_add_job(u
->manager
, JOB_START
, other
, u
->on_failure_job_mode
, &error
, NULL
);
2130 log_unit_warning_errno(u
, r
, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error
, r
));
2134 void unit_trigger_notify(Unit
*u
) {
2141 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_TRIGGERED_BY
], i
)
2142 if (UNIT_VTABLE(other
)->trigger_notify
)
2143 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2146 static int unit_log_resources(Unit
*u
) {
2147 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ 4];
2148 bool any_traffic
= false, have_ip_accounting
= false;
2149 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
;
2150 size_t n_message_parts
= 0, n_iovec
= 0;
2151 char* message_parts
[3 + 1], *t
;
2152 nsec_t nsec
= NSEC_INFINITY
;
2153 CGroupIPAccountingMetric m
;
2156 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2157 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2158 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2159 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2160 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2165 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2166 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2167 * information and the complete data in structured fields. */
2169 (void) unit_get_cpu_usage(u
, &nsec
);
2170 if (nsec
!= NSEC_INFINITY
) {
2171 char buf
[FORMAT_TIMESPAN_MAX
] = "";
2173 /* Format the CPU time for inclusion in the structured log message */
2174 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2178 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2180 /* Format the CPU time for inclusion in the human language message string */
2181 format_timespan(buf
, sizeof(buf
), nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
);
2182 t
= strjoin("consumed ", buf
, " CPU time");
2188 message_parts
[n_message_parts
++] = t
;
2191 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2192 char buf
[FORMAT_BYTES_MAX
] = "";
2193 uint64_t value
= UINT64_MAX
;
2195 assert(ip_fields
[m
]);
2197 (void) unit_get_ip_accounting(u
, m
, &value
);
2198 if (value
== UINT64_MAX
)
2201 have_ip_accounting
= true;
2205 /* Format IP accounting data for inclusion in the structured log message */
2206 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2210 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2212 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2213 * bytes counters (and not for the packets counters) */
2214 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2216 igress
= strjoin("received ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2221 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2223 egress
= strjoin("sent ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2231 if (have_ip_accounting
) {
2234 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2236 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2241 k
= strdup("no IP traffic");
2247 message_parts
[n_message_parts
++] = k
;
2251 /* Is there any accounting data available at all? */
2257 if (n_message_parts
== 0)
2258 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2260 _cleanup_free_
char *joined
;
2262 message_parts
[n_message_parts
] = NULL
;
2264 joined
= strv_join(message_parts
, ", ");
2270 joined
[0] = ascii_toupper(joined
[0]);
2271 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2274 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2275 * and hence don't increase n_iovec for them */
2276 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2277 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2279 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2280 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2282 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2283 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2285 log_struct_iovec(LOG_INFO
, iovec
, n_iovec
+ 4);
2289 for (i
= 0; i
< n_message_parts
; i
++)
2290 free(message_parts
[i
]);
2292 for (i
= 0; i
< n_iovec
; i
++)
2293 free(iovec
[i
].iov_base
);
2299 static void unit_update_on_console(Unit
*u
) {
2304 b
= unit_needs_console(u
);
2305 if (u
->on_console
== b
)
2310 manager_ref_console(u
->manager
);
2312 manager_unref_console(u
->manager
);
2315 static void unit_emit_audit_start(Unit
*u
) {
2318 if (u
->type
!= UNIT_SERVICE
)
2321 /* Write audit record if we have just finished starting up */
2322 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2326 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2329 if (u
->type
!= UNIT_SERVICE
)
2333 /* Write audit record if we have just finished shutting down */
2334 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2335 u
->in_audit
= false;
2337 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2338 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2340 if (state
== UNIT_INACTIVE
)
2341 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2345 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2346 bool unexpected
= false;
2350 if (j
->state
== JOB_WAITING
)
2352 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2354 job_add_to_run_queue(j
);
2356 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2357 * hence needs to invalidate jobs. */
2362 case JOB_VERIFY_ACTIVE
:
2364 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2365 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2366 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2369 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2370 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2376 case JOB_RELOAD_OR_START
:
2377 case JOB_TRY_RELOAD
:
2379 if (j
->state
== JOB_RUNNING
) {
2380 if (ns
== UNIT_ACTIVE
)
2381 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2382 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2385 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2386 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2394 case JOB_TRY_RESTART
:
2396 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2397 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2398 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2400 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2406 assert_not_reached("Job type unknown");
2412 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2417 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2418 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2420 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2421 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2422 * remounted this function will be called too! */
2426 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2427 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2428 unit_add_to_dbus_queue(u
);
2430 /* Update timestamps for state changes */
2431 if (!MANAGER_IS_RELOADING(m
)) {
2432 dual_timestamp_get(&u
->state_change_timestamp
);
2434 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2435 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2436 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2437 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2439 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2440 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2441 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2442 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2445 /* Keep track of failed units */
2446 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2448 /* Make sure the cgroup and state files are always removed when we become inactive */
2449 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2450 unit_prune_cgroup(u
);
2451 unit_unlink_state_files(u
);
2454 unit_update_on_console(u
);
2456 if (!MANAGER_IS_RELOADING(m
)) {
2459 /* Let's propagate state changes to the job */
2461 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2465 /* If this state change happened without being requested by a job, then let's retroactively start or
2466 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2467 * additional jobs just because something is already activated. */
2470 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2471 retroactively_start_dependencies(u
);
2472 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2473 retroactively_stop_dependencies(u
);
2476 /* stop unneeded units regardless if going down was expected or not */
2477 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2478 check_unneeded_dependencies(u
);
2480 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2481 log_unit_debug(u
, "Unit entered failed state.");
2483 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2484 unit_start_on_failure(u
);
2487 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2488 /* This unit just finished starting up */
2490 unit_emit_audit_start(u
);
2491 manager_send_unit_plymouth(m
, u
);
2494 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2495 /* This unit just stopped/failed. */
2497 unit_emit_audit_stop(u
, ns
);
2498 unit_log_resources(u
);
2502 manager_recheck_journal(m
);
2503 manager_recheck_dbus(m
);
2505 unit_trigger_notify(u
);
2507 if (!MANAGER_IS_RELOADING(m
)) {
2508 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2509 unit_submit_to_stop_when_unneeded_queue(u
);
2511 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2512 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2513 * without ever entering started.) */
2514 unit_check_binds_to(u
);
2516 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2517 reason
= strjoina("unit ", u
->id
, " failed");
2518 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2519 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2520 reason
= strjoina("unit ", u
->id
, " succeeded");
2521 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2525 unit_add_to_gc_queue(u
);
2528 int unit_watch_pid(Unit
*u
, pid_t pid
) {
2532 assert(pid_is_valid(pid
));
2534 /* Watch a specific PID */
2536 r
= set_ensure_allocated(&u
->pids
, NULL
);
2540 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2544 /* First try, let's add the unit keyed by "pid". */
2545 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2551 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2552 * to an array of Units rather than just a Unit), lists us already. */
2554 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2556 for (; array
[n
]; n
++)
2560 if (found
) /* Found it already? if so, do nothing */
2565 /* Allocate a new array */
2566 new_array
= new(Unit
*, n
+ 2);
2570 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2572 new_array
[n
+1] = NULL
;
2574 /* Add or replace the old array */
2575 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2586 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2593 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2597 assert(pid_is_valid(pid
));
2599 /* First let's drop the unit in case it's keyed as "pid". */
2600 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2602 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2603 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2607 /* Let's iterate through the array, dropping our own entry */
2608 for (n
= 0; array
[n
]; n
++)
2610 array
[m
++] = array
[n
];
2614 /* The array is now empty, remove the entire entry */
2615 assert(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2620 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2623 void unit_unwatch_all_pids(Unit
*u
) {
2626 while (!set_isempty(u
->pids
))
2627 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2629 u
->pids
= set_free(u
->pids
);
2632 static void unit_tidy_watch_pids(Unit
*u
) {
2633 pid_t except1
, except2
;
2639 /* Cleans dead PIDs from our list */
2641 except1
= unit_main_pid(u
);
2642 except2
= unit_control_pid(u
);
2644 SET_FOREACH(e
, u
->pids
, i
) {
2645 pid_t pid
= PTR_TO_PID(e
);
2647 if (pid
== except1
|| pid
== except2
)
2650 if (!pid_is_unwaited(pid
))
2651 unit_unwatch_pid(u
, pid
);
2655 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2661 unit_tidy_watch_pids(u
);
2662 unit_watch_all_pids(u
);
2664 /* If the PID set is empty now, then let's finish this off. */
2665 unit_synthesize_cgroup_empty_event(u
);
2670 int unit_enqueue_rewatch_pids(Unit
*u
) {
2675 if (!u
->cgroup_path
)
2678 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2681 if (r
> 0) /* On unified we can use proper notifications */
2684 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2685 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2686 * involves issuing kill(pid, 0) on all processes we watch. */
2688 if (!u
->rewatch_pids_event_source
) {
2689 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2691 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2693 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2695 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2697 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: m");
2699 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2701 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2704 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2706 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2711 void unit_dequeue_rewatch_pids(Unit
*u
) {
2715 if (!u
->rewatch_pids_event_source
)
2718 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2720 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2722 u
->rewatch_pids_event_source
= sd_event_source_unref(u
->rewatch_pids_event_source
);
2725 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2727 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2731 case JOB_VERIFY_ACTIVE
:
2734 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2735 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2740 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2741 * external events), hence it makes no sense to permit enqueing such a request either. */
2742 return !u
->perpetual
;
2745 case JOB_TRY_RESTART
:
2746 return unit_can_stop(u
) && unit_can_start(u
);
2749 case JOB_TRY_RELOAD
:
2750 return unit_can_reload(u
);
2752 case JOB_RELOAD_OR_START
:
2753 return unit_can_reload(u
) && unit_can_start(u
);
2756 assert_not_reached("Invalid job type");
2760 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
) {
2763 /* Only warn about some unit types */
2764 if (!IN_SET(dependency
, UNIT_CONFLICTS
, UNIT_CONFLICTED_BY
, UNIT_BEFORE
, UNIT_AFTER
, UNIT_ON_FAILURE
, UNIT_TRIGGERS
, UNIT_TRIGGERED_BY
))
2767 if (streq_ptr(u
->id
, other
))
2768 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
2770 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other
), u
->id
);
2773 static int unit_add_dependency_hashmap(
2776 UnitDependencyMask origin_mask
,
2777 UnitDependencyMask destination_mask
) {
2779 UnitDependencyInfo info
;
2784 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2785 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2786 assert(origin_mask
> 0 || destination_mask
> 0);
2788 r
= hashmap_ensure_allocated(h
, NULL
);
2792 assert_cc(sizeof(void*) == sizeof(info
));
2794 info
.data
= hashmap_get(*h
, other
);
2796 /* Entry already exists. Add in our mask. */
2798 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
2799 FLAGS_SET(destination_mask
, info
.destination_mask
))
2802 info
.origin_mask
|= origin_mask
;
2803 info
.destination_mask
|= destination_mask
;
2805 r
= hashmap_update(*h
, other
, info
.data
);
2807 info
= (UnitDependencyInfo
) {
2808 .origin_mask
= origin_mask
,
2809 .destination_mask
= destination_mask
,
2812 r
= hashmap_put(*h
, other
, info
.data
);
2820 int unit_add_dependency(
2825 UnitDependencyMask mask
) {
2827 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
2828 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
2829 [UNIT_WANTS
] = UNIT_WANTED_BY
,
2830 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
2831 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
2832 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
2833 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
2834 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
2835 [UNIT_WANTED_BY
] = UNIT_WANTS
,
2836 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
2837 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
2838 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
2839 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
2840 [UNIT_BEFORE
] = UNIT_AFTER
,
2841 [UNIT_AFTER
] = UNIT_BEFORE
,
2842 [UNIT_ON_FAILURE
] = _UNIT_DEPENDENCY_INVALID
,
2843 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
2844 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
2845 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
2846 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
2847 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
2848 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
2849 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
,
2851 Unit
*original_u
= u
, *original_other
= other
;
2855 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
2858 u
= unit_follow_merge(u
);
2859 other
= unit_follow_merge(other
);
2861 /* We won't allow dependencies on ourselves. We will not
2862 * consider them an error however. */
2864 maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
2868 if ((d
== UNIT_BEFORE
&& other
->type
== UNIT_DEVICE
) ||
2869 (d
== UNIT_AFTER
&& u
->type
== UNIT_DEVICE
)) {
2870 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
2874 r
= unit_add_dependency_hashmap(u
->dependencies
+ d
, other
, mask
, 0);
2878 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
2879 r
= unit_add_dependency_hashmap(other
->dependencies
+ inverse_table
[d
], u
, 0, mask
);
2884 if (add_reference
) {
2885 r
= unit_add_dependency_hashmap(u
->dependencies
+ UNIT_REFERENCES
, other
, mask
, 0);
2889 r
= unit_add_dependency_hashmap(other
->dependencies
+ UNIT_REFERENCED_BY
, u
, 0, mask
);
2894 unit_add_to_dbus_queue(u
);
2898 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
2903 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
2907 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
2910 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
2918 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
2925 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
2927 _cleanup_free_
char *i
= NULL
;
2929 r
= unit_name_to_prefix(u
->id
, &i
);
2933 r
= unit_name_replace_instance(name
, i
, buf
);
2942 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
2943 _cleanup_free_
char *buf
= NULL
;
2950 r
= resolve_template(u
, name
, &buf
, &name
);
2954 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
2958 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
2961 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
2962 _cleanup_free_
char *buf
= NULL
;
2969 r
= resolve_template(u
, name
, &buf
, &name
);
2973 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
2977 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
2980 int set_unit_path(const char *p
) {
2981 /* This is mostly for debug purposes */
2982 if (setenv("SYSTEMD_UNIT_PATH", p
, 1) < 0)
2988 char *unit_dbus_path(Unit
*u
) {
2994 return unit_dbus_path_from_name(u
->id
);
2997 char *unit_dbus_path_invocation_id(Unit
*u
) {
3000 if (sd_id128_is_null(u
->invocation_id
))
3003 return unit_dbus_path_from_name(u
->invocation_id_string
);
3006 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3010 /* Sets the unit slice if it has not been set before. Is extra
3011 * careful, to only allow this for units that actually have a
3012 * cgroup context. Also, we don't allow to set this for slices
3013 * (since the parent slice is derived from the name). Make
3014 * sure the unit we set is actually a slice. */
3016 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3019 if (u
->type
== UNIT_SLICE
)
3022 if (unit_active_state(u
) != UNIT_INACTIVE
)
3025 if (slice
->type
!= UNIT_SLICE
)
3028 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3029 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3032 if (UNIT_DEREF(u
->slice
) == slice
)
3035 /* Disallow slice changes if @u is already bound to cgroups */
3036 if (UNIT_ISSET(u
->slice
) && u
->cgroup_realized
)
3039 unit_ref_set(&u
->slice
, u
, slice
);
3043 int unit_set_default_slice(Unit
*u
) {
3044 const char *slice_name
;
3050 if (UNIT_ISSET(u
->slice
))
3054 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3056 /* Implicitly place all instantiated units in their
3057 * own per-template slice */
3059 r
= unit_name_to_prefix(u
->id
, &prefix
);
3063 /* The prefix is already escaped, but it might include
3064 * "-" which has a special meaning for slice units,
3065 * hence escape it here extra. */
3066 escaped
= unit_name_escape(prefix
);
3070 if (MANAGER_IS_SYSTEM(u
->manager
))
3071 slice_name
= strjoina("system-", escaped
, ".slice");
3073 slice_name
= strjoina(escaped
, ".slice");
3076 MANAGER_IS_SYSTEM(u
->manager
) && !unit_has_name(u
, SPECIAL_INIT_SCOPE
)
3077 ? SPECIAL_SYSTEM_SLICE
3078 : SPECIAL_ROOT_SLICE
;
3080 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3084 return unit_set_slice(u
, slice
);
3087 const char *unit_slice_name(Unit
*u
) {
3090 if (!UNIT_ISSET(u
->slice
))
3093 return UNIT_DEREF(u
->slice
)->id
;
3096 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3097 _cleanup_free_
char *t
= NULL
;
3104 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3107 if (unit_has_name(u
, t
))
3110 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3111 assert(r
< 0 || *_found
!= u
);
3115 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3116 const char *name
, *old_owner
, *new_owner
;
3123 r
= sd_bus_message_read(message
, "sss", &name
, &old_owner
, &new_owner
);
3125 bus_log_parse_error(r
);
3129 old_owner
= empty_to_null(old_owner
);
3130 new_owner
= empty_to_null(new_owner
);
3132 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3133 UNIT_VTABLE(u
)->bus_name_owner_change(u
, name
, old_owner
, new_owner
);
3138 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3145 if (u
->match_bus_slot
)
3148 match
= strjoina("type='signal',"
3149 "sender='org.freedesktop.DBus',"
3150 "path='/org/freedesktop/DBus',"
3151 "interface='org.freedesktop.DBus',"
3152 "member='NameOwnerChanged',"
3153 "arg0='", name
, "'");
3155 return sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3158 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3164 /* Watch a specific name on the bus. We only support one unit
3165 * watching each name for now. */
3167 if (u
->manager
->api_bus
) {
3168 /* If the bus is already available, install the match directly.
3169 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3170 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3172 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3175 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3177 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3178 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3184 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3188 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3189 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3192 bool unit_can_serialize(Unit
*u
) {
3195 return UNIT_VTABLE(u
)->serialize
&& UNIT_VTABLE(u
)->deserialize_item
;
3198 static int serialize_cgroup_mask(FILE *f
, const char *key
, CGroupMask mask
) {
3199 _cleanup_free_
char *s
= NULL
;
3208 r
= cg_mask_to_string(mask
, &s
);
3210 return log_error_errno(r
, "Failed to format cgroup mask: %m");
3212 return serialize_item(f
, key
, s
);
3215 static const char *ip_accounting_metric_field
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
3216 [CGROUP_IP_INGRESS_BYTES
] = "ip-accounting-ingress-bytes",
3217 [CGROUP_IP_INGRESS_PACKETS
] = "ip-accounting-ingress-packets",
3218 [CGROUP_IP_EGRESS_BYTES
] = "ip-accounting-egress-bytes",
3219 [CGROUP_IP_EGRESS_PACKETS
] = "ip-accounting-egress-packets",
3222 int unit_serialize(Unit
*u
, FILE *f
, FDSet
*fds
, bool serialize_jobs
) {
3223 CGroupIPAccountingMetric m
;
3230 if (unit_can_serialize(u
)) {
3231 r
= UNIT_VTABLE(u
)->serialize(u
, f
, fds
);
3236 (void) serialize_dual_timestamp(f
, "state-change-timestamp", &u
->state_change_timestamp
);
3238 (void) serialize_dual_timestamp(f
, "inactive-exit-timestamp", &u
->inactive_exit_timestamp
);
3239 (void) serialize_dual_timestamp(f
, "active-enter-timestamp", &u
->active_enter_timestamp
);
3240 (void) serialize_dual_timestamp(f
, "active-exit-timestamp", &u
->active_exit_timestamp
);
3241 (void) serialize_dual_timestamp(f
, "inactive-enter-timestamp", &u
->inactive_enter_timestamp
);
3243 (void) serialize_dual_timestamp(f
, "condition-timestamp", &u
->condition_timestamp
);
3244 (void) serialize_dual_timestamp(f
, "assert-timestamp", &u
->assert_timestamp
);
3246 if (dual_timestamp_is_set(&u
->condition_timestamp
))
3247 (void) serialize_bool(f
, "condition-result", u
->condition_result
);
3249 if (dual_timestamp_is_set(&u
->assert_timestamp
))
3250 (void) serialize_bool(f
, "assert-result", u
->assert_result
);
3252 (void) serialize_bool(f
, "transient", u
->transient
);
3253 (void) serialize_bool(f
, "in-audit", u
->in_audit
);
3255 (void) serialize_bool(f
, "exported-invocation-id", u
->exported_invocation_id
);
3256 (void) serialize_bool(f
, "exported-log-level-max", u
->exported_log_level_max
);
3257 (void) serialize_bool(f
, "exported-log-extra-fields", u
->exported_log_extra_fields
);
3258 (void) serialize_bool(f
, "exported-log-rate-limit-interval", u
->exported_log_rate_limit_interval
);
3259 (void) serialize_bool(f
, "exported-log-rate-limit-burst", u
->exported_log_rate_limit_burst
);
3261 (void) serialize_item_format(f
, "cpu-usage-base", "%" PRIu64
, u
->cpu_usage_base
);
3262 if (u
->cpu_usage_last
!= NSEC_INFINITY
)
3263 (void) serialize_item_format(f
, "cpu-usage-last", "%" PRIu64
, u
->cpu_usage_last
);
3266 (void) serialize_item(f
, "cgroup", u
->cgroup_path
);
3268 (void) serialize_bool(f
, "cgroup-realized", u
->cgroup_realized
);
3269 (void) serialize_cgroup_mask(f
, "cgroup-realized-mask", u
->cgroup_realized_mask
);
3270 (void) serialize_cgroup_mask(f
, "cgroup-enabled-mask", u
->cgroup_enabled_mask
);
3271 (void) serialize_cgroup_mask(f
, "cgroup-invalidated-mask", u
->cgroup_invalidated_mask
);
3273 if (uid_is_valid(u
->ref_uid
))
3274 (void) serialize_item_format(f
, "ref-uid", UID_FMT
, u
->ref_uid
);
3275 if (gid_is_valid(u
->ref_gid
))
3276 (void) serialize_item_format(f
, "ref-gid", GID_FMT
, u
->ref_gid
);
3278 if (!sd_id128_is_null(u
->invocation_id
))
3279 (void) serialize_item_format(f
, "invocation-id", SD_ID128_FORMAT_STR
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
3281 bus_track_serialize(u
->bus_track
, f
, "ref");
3283 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
3286 r
= unit_get_ip_accounting(u
, m
, &v
);
3288 (void) serialize_item_format(f
, ip_accounting_metric_field
[m
], "%" PRIu64
, v
);
3291 if (serialize_jobs
) {
3294 job_serialize(u
->job
, f
);
3299 job_serialize(u
->nop_job
, f
);
3308 static int unit_deserialize_job(Unit
*u
, FILE *f
) {
3309 _cleanup_(job_freep
) Job
*j
= NULL
;
3319 r
= job_deserialize(j
, f
);
3323 r
= job_install_deserialized(j
);
3331 int unit_deserialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
3339 _cleanup_free_
char *line
= NULL
;
3340 CGroupIPAccountingMetric m
;
3344 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3346 return log_error_errno(r
, "Failed to read serialization line: %m");
3347 if (r
== 0) /* eof */
3351 if (isempty(l
)) /* End marker */
3354 k
= strcspn(l
, "=");
3362 if (streq(l
, "job")) {
3364 /* New-style serialized job */
3365 r
= unit_deserialize_job(u
, f
);
3368 } else /* Legacy for pre-44 */
3369 log_unit_warning(u
, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v
);
3371 } else if (streq(l
, "state-change-timestamp")) {
3372 (void) deserialize_dual_timestamp(v
, &u
->state_change_timestamp
);
3374 } else if (streq(l
, "inactive-exit-timestamp")) {
3375 (void) deserialize_dual_timestamp(v
, &u
->inactive_exit_timestamp
);
3377 } else if (streq(l
, "active-enter-timestamp")) {
3378 (void) deserialize_dual_timestamp(v
, &u
->active_enter_timestamp
);
3380 } else if (streq(l
, "active-exit-timestamp")) {
3381 (void) deserialize_dual_timestamp(v
, &u
->active_exit_timestamp
);
3383 } else if (streq(l
, "inactive-enter-timestamp")) {
3384 (void) deserialize_dual_timestamp(v
, &u
->inactive_enter_timestamp
);
3386 } else if (streq(l
, "condition-timestamp")) {
3387 (void) deserialize_dual_timestamp(v
, &u
->condition_timestamp
);
3389 } else if (streq(l
, "assert-timestamp")) {
3390 (void) deserialize_dual_timestamp(v
, &u
->assert_timestamp
);
3392 } else if (streq(l
, "condition-result")) {
3394 r
= parse_boolean(v
);
3396 log_unit_debug(u
, "Failed to parse condition result value %s, ignoring.", v
);
3398 u
->condition_result
= r
;
3402 } else if (streq(l
, "assert-result")) {
3404 r
= parse_boolean(v
);
3406 log_unit_debug(u
, "Failed to parse assert result value %s, ignoring.", v
);
3408 u
->assert_result
= r
;
3412 } else if (streq(l
, "transient")) {
3414 r
= parse_boolean(v
);
3416 log_unit_debug(u
, "Failed to parse transient bool %s, ignoring.", v
);
3422 } else if (streq(l
, "in-audit")) {
3424 r
= parse_boolean(v
);
3426 log_unit_debug(u
, "Failed to parse in-audit bool %s, ignoring.", v
);
3432 } else if (streq(l
, "exported-invocation-id")) {
3434 r
= parse_boolean(v
);
3436 log_unit_debug(u
, "Failed to parse exported invocation ID bool %s, ignoring.", v
);
3438 u
->exported_invocation_id
= r
;
3442 } else if (streq(l
, "exported-log-level-max")) {
3444 r
= parse_boolean(v
);
3446 log_unit_debug(u
, "Failed to parse exported log level max bool %s, ignoring.", v
);
3448 u
->exported_log_level_max
= r
;
3452 } else if (streq(l
, "exported-log-extra-fields")) {
3454 r
= parse_boolean(v
);
3456 log_unit_debug(u
, "Failed to parse exported log extra fields bool %s, ignoring.", v
);
3458 u
->exported_log_extra_fields
= r
;
3462 } else if (streq(l
, "exported-log-rate-limit-interval")) {
3464 r
= parse_boolean(v
);
3466 log_unit_debug(u
, "Failed to parse exported log rate limit interval %s, ignoring.", v
);
3468 u
->exported_log_rate_limit_interval
= r
;
3472 } else if (streq(l
, "exported-log-rate-limit-burst")) {
3474 r
= parse_boolean(v
);
3476 log_unit_debug(u
, "Failed to parse exported log rate limit burst %s, ignoring.", v
);
3478 u
->exported_log_rate_limit_burst
= r
;
3482 } else if (STR_IN_SET(l
, "cpu-usage-base", "cpuacct-usage-base")) {
3484 r
= safe_atou64(v
, &u
->cpu_usage_base
);
3486 log_unit_debug(u
, "Failed to parse CPU usage base %s, ignoring.", v
);
3490 } else if (streq(l
, "cpu-usage-last")) {
3492 r
= safe_atou64(v
, &u
->cpu_usage_last
);
3494 log_unit_debug(u
, "Failed to read CPU usage last %s, ignoring.", v
);
3498 } else if (streq(l
, "cgroup")) {
3500 r
= unit_set_cgroup_path(u
, v
);
3502 log_unit_debug_errno(u
, r
, "Failed to set cgroup path %s, ignoring: %m", v
);
3504 (void) unit_watch_cgroup(u
);
3507 } else if (streq(l
, "cgroup-realized")) {
3510 b
= parse_boolean(v
);
3512 log_unit_debug(u
, "Failed to parse cgroup-realized bool %s, ignoring.", v
);
3514 u
->cgroup_realized
= b
;
3518 } else if (streq(l
, "cgroup-realized-mask")) {
3520 r
= cg_mask_from_string(v
, &u
->cgroup_realized_mask
);
3522 log_unit_debug(u
, "Failed to parse cgroup-realized-mask %s, ignoring.", v
);
3525 } else if (streq(l
, "cgroup-enabled-mask")) {
3527 r
= cg_mask_from_string(v
, &u
->cgroup_enabled_mask
);
3529 log_unit_debug(u
, "Failed to parse cgroup-enabled-mask %s, ignoring.", v
);
3532 } else if (streq(l
, "cgroup-invalidated-mask")) {
3534 r
= cg_mask_from_string(v
, &u
->cgroup_invalidated_mask
);
3536 log_unit_debug(u
, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v
);
3539 } else if (streq(l
, "ref-uid")) {
3542 r
= parse_uid(v
, &uid
);
3544 log_unit_debug(u
, "Failed to parse referenced UID %s, ignoring.", v
);
3546 unit_ref_uid_gid(u
, uid
, GID_INVALID
);
3550 } else if (streq(l
, "ref-gid")) {
3553 r
= parse_gid(v
, &gid
);
3555 log_unit_debug(u
, "Failed to parse referenced GID %s, ignoring.", v
);
3557 unit_ref_uid_gid(u
, UID_INVALID
, gid
);
3561 } else if (streq(l
, "ref")) {
3563 r
= strv_extend(&u
->deserialized_refs
, v
);
3568 } else if (streq(l
, "invocation-id")) {
3571 r
= sd_id128_from_string(v
, &id
);
3573 log_unit_debug(u
, "Failed to parse invocation id %s, ignoring.", v
);
3575 r
= unit_set_invocation_id(u
, id
);
3577 log_unit_warning_errno(u
, r
, "Failed to set invocation ID for unit: %m");
3583 /* Check if this is an IP accounting metric serialization field */
3584 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++)
3585 if (streq(l
, ip_accounting_metric_field
[m
]))
3587 if (m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
) {
3590 r
= safe_atou64(v
, &c
);
3592 log_unit_debug(u
, "Failed to parse IP accounting value %s, ignoring.", v
);
3594 u
->ip_accounting_extra
[m
] = c
;
3598 if (unit_can_serialize(u
)) {
3599 r
= exec_runtime_deserialize_compat(u
, l
, v
, fds
);
3601 log_unit_warning(u
, "Failed to deserialize runtime parameter '%s', ignoring.", l
);
3605 /* Returns positive if key was handled by the call */
3609 r
= UNIT_VTABLE(u
)->deserialize_item(u
, l
, v
, fds
);
3611 log_unit_warning(u
, "Failed to deserialize unit parameter '%s', ignoring.", l
);
3615 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3616 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3617 * before 228 where the base for timeouts was not persistent across reboots. */
3619 if (!dual_timestamp_is_set(&u
->state_change_timestamp
))
3620 dual_timestamp_get(&u
->state_change_timestamp
);
3622 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3623 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3624 unit_invalidate_cgroup(u
, _CGROUP_MASK_ALL
);
3625 unit_invalidate_cgroup_bpf(u
);
3630 int unit_deserialize_skip(FILE *f
) {
3634 /* Skip serialized data for this unit. We don't know what it is. */
3637 _cleanup_free_
char *line
= NULL
;
3640 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3642 return log_error_errno(r
, "Failed to read serialization line: %m");
3654 int unit_add_node_dependency(Unit
*u
, const char *what
, bool wants
, UnitDependency dep
, UnitDependencyMask mask
) {
3656 _cleanup_free_
char *e
= NULL
;
3661 /* Adds in links to the device node that this unit is based on */
3665 if (!is_device_path(what
))
3668 /* When device units aren't supported (such as in a
3669 * container), don't create dependencies on them. */
3670 if (!unit_type_supported(UNIT_DEVICE
))
3673 r
= unit_name_from_path(what
, ".device", &e
);
3677 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3681 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3682 dep
= UNIT_BINDS_TO
;
3684 r
= unit_add_two_dependencies(u
, UNIT_AFTER
,
3685 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3686 device
, true, mask
);
3691 r
= unit_add_dependency(device
, UNIT_WANTS
, u
, false, mask
);
3699 int unit_coldplug(Unit
*u
) {
3705 /* Make sure we don't enter a loop, when coldplugging recursively. */
3709 u
->coldplugged
= true;
3711 STRV_FOREACH(i
, u
->deserialized_refs
) {
3712 q
= bus_unit_track_add_name(u
, *i
);
3713 if (q
< 0 && r
>= 0)
3716 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3718 if (UNIT_VTABLE(u
)->coldplug
) {
3719 q
= UNIT_VTABLE(u
)->coldplug(u
);
3720 if (q
< 0 && r
>= 0)
3725 q
= job_coldplug(u
->job
);
3726 if (q
< 0 && r
>= 0)
3733 void unit_catchup(Unit
*u
) {
3736 if (UNIT_VTABLE(u
)->catchup
)
3737 UNIT_VTABLE(u
)->catchup(u
);
3740 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3746 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3747 * are never out-of-date. */
3748 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3751 if (stat(path
, &st
) < 0)
3752 /* What, cannot access this anymore? */
3756 /* For masked files check if they are still so */
3757 return !null_or_empty(&st
);
3759 /* For non-empty files check the mtime */
3760 return timespec_load(&st
.st_mtim
) > mtime
;
3765 bool unit_need_daemon_reload(Unit
*u
) {
3766 _cleanup_strv_free_
char **t
= NULL
;
3771 /* For unit files, we allow masking… */
3772 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3773 u
->load_state
== UNIT_MASKED
))
3776 /* Source paths should not be masked… */
3777 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3780 if (u
->load_state
== UNIT_LOADED
)
3781 (void) unit_find_dropin_paths(u
, &t
);
3782 if (!strv_equal(u
->dropin_paths
, t
))
3785 /* … any drop-ins that are masked are simply omitted from the list. */
3786 STRV_FOREACH(path
, u
->dropin_paths
)
3787 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3793 void unit_reset_failed(Unit
*u
) {
3796 if (UNIT_VTABLE(u
)->reset_failed
)
3797 UNIT_VTABLE(u
)->reset_failed(u
);
3799 RATELIMIT_RESET(u
->start_limit
);
3800 u
->start_limit_hit
= false;
3803 Unit
*unit_following(Unit
*u
) {
3806 if (UNIT_VTABLE(u
)->following
)
3807 return UNIT_VTABLE(u
)->following(u
);
3812 bool unit_stop_pending(Unit
*u
) {
3815 /* This call does check the current state of the unit. It's
3816 * hence useful to be called from state change calls of the
3817 * unit itself, where the state isn't updated yet. This is
3818 * different from unit_inactive_or_pending() which checks both
3819 * the current state and for a queued job. */
3821 return u
->job
&& u
->job
->type
== JOB_STOP
;
3824 bool unit_inactive_or_pending(Unit
*u
) {
3827 /* Returns true if the unit is inactive or going down */
3829 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3832 if (unit_stop_pending(u
))
3838 bool unit_active_or_pending(Unit
*u
) {
3841 /* Returns true if the unit is active or going up */
3843 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3847 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
3853 bool unit_will_restart(Unit
*u
) {
3856 if (!UNIT_VTABLE(u
)->will_restart
)
3859 return UNIT_VTABLE(u
)->will_restart(u
);
3862 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
3864 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
3865 assert(SIGNAL_VALID(signo
));
3867 if (!UNIT_VTABLE(u
)->kill
)
3870 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
3873 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
3874 _cleanup_set_free_ Set
*pid_set
= NULL
;
3877 pid_set
= set_new(NULL
);
3881 /* Exclude the main/control pids from being killed via the cgroup */
3883 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
3888 if (control_pid
> 0) {
3889 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
3894 return TAKE_PTR(pid_set
);
3897 int unit_kill_common(
3903 sd_bus_error
*error
) {
3906 bool killed
= false;
3908 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
3910 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
3911 else if (main_pid
== 0)
3912 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
3915 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
3916 if (control_pid
< 0)
3917 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
3918 else if (control_pid
== 0)
3919 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
3922 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3923 if (control_pid
> 0) {
3924 if (kill(control_pid
, signo
) < 0)
3930 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
3932 if (kill(main_pid
, signo
) < 0)
3938 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
3939 _cleanup_set_free_ Set
*pid_set
= NULL
;
3942 /* Exclude the main/control pids from being killed via the cgroup */
3943 pid_set
= unit_pid_set(main_pid
, control_pid
);
3947 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, NULL
, NULL
);
3948 if (q
< 0 && !IN_SET(q
, -EAGAIN
, -ESRCH
, -ENOENT
))
3954 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
))
3960 int unit_following_set(Unit
*u
, Set
**s
) {
3964 if (UNIT_VTABLE(u
)->following_set
)
3965 return UNIT_VTABLE(u
)->following_set(u
, s
);
3971 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
3976 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
3977 r
= unit_file_get_state(
3978 u
->manager
->unit_file_scope
,
3981 &u
->unit_file_state
);
3983 u
->unit_file_state
= UNIT_FILE_BAD
;
3986 return u
->unit_file_state
;
3989 int unit_get_unit_file_preset(Unit
*u
) {
3992 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
3993 u
->unit_file_preset
= unit_file_query_preset(
3994 u
->manager
->unit_file_scope
,
3996 basename(u
->fragment_path
));
3998 return u
->unit_file_preset
;
4001 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4007 unit_ref_unset(ref
);
4009 ref
->source
= source
;
4010 ref
->target
= target
;
4011 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4015 void unit_ref_unset(UnitRef
*ref
) {
4021 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4022 * be unreferenced now. */
4023 unit_add_to_gc_queue(ref
->target
);
4025 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4026 ref
->source
= ref
->target
= NULL
;
4029 static int user_from_unit_name(Unit
*u
, char **ret
) {
4031 static const uint8_t hash_key
[] = {
4032 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4033 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4036 _cleanup_free_
char *n
= NULL
;
4039 r
= unit_name_to_prefix(u
->id
, &n
);
4043 if (valid_user_group_name(n
)) {
4048 /* If we can't use the unit name as a user name, then let's hash it and use that */
4049 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4055 int unit_patch_contexts(Unit
*u
) {
4063 /* Patch in the manager defaults into the exec and cgroup
4064 * contexts, _after_ the rest of the settings have been
4067 ec
= unit_get_exec_context(u
);
4069 /* This only copies in the ones that need memory */
4070 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
4071 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4072 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4077 if (MANAGER_IS_USER(u
->manager
) &&
4078 !ec
->working_directory
) {
4080 r
= get_home_dir(&ec
->working_directory
);
4084 /* Allow user services to run, even if the
4085 * home directory is missing */
4086 ec
->working_directory_missing_ok
= true;
4089 if (ec
->private_devices
)
4090 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4092 if (ec
->protect_kernel_modules
)
4093 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4095 if (ec
->dynamic_user
) {
4097 r
= user_from_unit_name(u
, &ec
->user
);
4103 ec
->group
= strdup(ec
->user
);
4108 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4109 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4111 ec
->private_tmp
= true;
4112 ec
->remove_ipc
= true;
4113 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4114 if (ec
->protect_home
== PROTECT_HOME_NO
)
4115 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4119 cc
= unit_get_cgroup_context(u
);
4122 if (ec
->private_devices
&&
4123 cc
->device_policy
== CGROUP_AUTO
)
4124 cc
->device_policy
= CGROUP_CLOSED
;
4126 if (ec
->root_image
&&
4127 (cc
->device_policy
!= CGROUP_AUTO
|| cc
->device_allow
)) {
4129 /* When RootImage= is specified, the following devices are touched. */
4130 r
= cgroup_add_device_allow(cc
, "/dev/loop-control", "rw");
4134 r
= cgroup_add_device_allow(cc
, "block-loop", "rwm");
4138 r
= cgroup_add_device_allow(cc
, "block-blkext", "rwm");
4147 ExecContext
*unit_get_exec_context(Unit
*u
) {
4154 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4158 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4161 KillContext
*unit_get_kill_context(Unit
*u
) {
4168 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4172 return (KillContext
*) ((uint8_t*) u
+ offset
);
4175 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4181 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4185 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4188 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4194 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4198 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4201 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4204 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4207 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4208 return u
->manager
->lookup_paths
.transient
;
4210 if (flags
& UNIT_PERSISTENT
)
4211 return u
->manager
->lookup_paths
.persistent_control
;
4213 if (flags
& UNIT_RUNTIME
)
4214 return u
->manager
->lookup_paths
.runtime_control
;
4219 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4225 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4226 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4227 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4228 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4229 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4232 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4233 ret
= specifier_escape(s
);
4240 if (flags
& UNIT_ESCAPE_C
) {
4253 return ret
?: (char*) s
;
4256 return ret
?: strdup(s
);
4259 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4260 _cleanup_free_
char *result
= NULL
;
4261 size_t n
= 0, allocated
= 0;
4264 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4265 * way suitable for ExecStart= stanzas */
4267 STRV_FOREACH(i
, l
) {
4268 _cleanup_free_
char *buf
= NULL
;
4273 p
= unit_escape_setting(*i
, flags
, &buf
);
4277 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4278 if (!GREEDY_REALLOC(result
, allocated
, n
+ a
+ 1))
4292 if (!GREEDY_REALLOC(result
, allocated
, n
+ 1))
4297 return TAKE_PTR(result
);
4300 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4301 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4302 const char *dir
, *wrapped
;
4309 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4312 data
= unit_escape_setting(data
, flags
, &escaped
);
4316 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4317 * previous section header is the same */
4319 if (flags
& UNIT_PRIVATE
) {
4320 if (!UNIT_VTABLE(u
)->private_section
)
4323 if (!u
->transient_file
|| u
->last_section_private
< 0)
4324 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4325 else if (u
->last_section_private
== 0)
4326 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4328 if (!u
->transient_file
|| u
->last_section_private
< 0)
4329 data
= strjoina("[Unit]\n", data
);
4330 else if (u
->last_section_private
> 0)
4331 data
= strjoina("\n[Unit]\n", data
);
4334 if (u
->transient_file
) {
4335 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4336 * write to the transient unit file. */
4337 fputs(data
, u
->transient_file
);
4339 if (!endswith(data
, "\n"))
4340 fputc('\n', u
->transient_file
);
4342 /* Remember which section we wrote this entry to */
4343 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4347 dir
= unit_drop_in_dir(u
, flags
);
4351 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4352 "# or an equivalent operation. Do not edit.\n",
4356 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4360 (void) mkdir_p_label(p
, 0755);
4361 r
= write_string_file_atomic_label(q
, wrapped
);
4365 r
= strv_push(&u
->dropin_paths
, q
);
4370 strv_uniq(u
->dropin_paths
);
4372 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4377 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4378 _cleanup_free_
char *p
= NULL
;
4386 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4389 va_start(ap
, format
);
4390 r
= vasprintf(&p
, format
, ap
);
4396 return unit_write_setting(u
, flags
, name
, p
);
4399 int unit_make_transient(Unit
*u
) {
4400 _cleanup_free_
char *path
= NULL
;
4405 if (!UNIT_VTABLE(u
)->can_transient
)
4408 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4410 path
= strjoin(u
->manager
->lookup_paths
.transient
, "/", u
->id
);
4414 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4415 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4417 RUN_WITH_UMASK(0022) {
4418 f
= fopen(path
, "we");
4423 safe_fclose(u
->transient_file
);
4424 u
->transient_file
= f
;
4426 free_and_replace(u
->fragment_path
, path
);
4428 u
->source_path
= mfree(u
->source_path
);
4429 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4430 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4432 u
->load_state
= UNIT_STUB
;
4434 u
->transient
= true;
4436 unit_add_to_dbus_queue(u
);
4437 unit_add_to_gc_queue(u
);
4439 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4445 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4446 _cleanup_free_
char *comm
= NULL
;
4448 (void) get_process_comm(pid
, &comm
);
4450 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4451 only, like for example systemd's own PAM stub process. */
4452 if (comm
&& comm
[0] == '(')
4455 log_unit_notice(userdata
,
4456 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4459 signal_to_string(sig
));
4464 static int operation_to_signal(KillContext
*c
, KillOperation k
) {
4469 case KILL_TERMINATE
:
4470 case KILL_TERMINATE_AND_LOG
:
4471 return c
->kill_signal
;
4474 return c
->final_kill_signal
;
4477 return c
->watchdog_signal
;
4480 assert_not_reached("KillOperation unknown");
4484 int unit_kill_context(
4490 bool main_pid_alien
) {
4492 bool wait_for_exit
= false, send_sighup
;
4493 cg_kill_log_func_t log_func
= NULL
;
4499 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4500 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4502 if (c
->kill_mode
== KILL_NONE
)
4505 sig
= operation_to_signal(c
, k
);
4509 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4512 if (k
!= KILL_TERMINATE
|| IN_SET(sig
, SIGKILL
, SIGABRT
))
4513 log_func
= log_kill
;
4517 log_func(main_pid
, sig
, u
);
4519 r
= kill_and_sigcont(main_pid
, sig
);
4520 if (r
< 0 && r
!= -ESRCH
) {
4521 _cleanup_free_
char *comm
= NULL
;
4522 (void) get_process_comm(main_pid
, &comm
);
4524 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4526 if (!main_pid_alien
)
4527 wait_for_exit
= true;
4529 if (r
!= -ESRCH
&& send_sighup
)
4530 (void) kill(main_pid
, SIGHUP
);
4534 if (control_pid
> 0) {
4536 log_func(control_pid
, sig
, u
);
4538 r
= kill_and_sigcont(control_pid
, sig
);
4539 if (r
< 0 && r
!= -ESRCH
) {
4540 _cleanup_free_
char *comm
= NULL
;
4541 (void) get_process_comm(control_pid
, &comm
);
4543 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4545 wait_for_exit
= true;
4547 if (r
!= -ESRCH
&& send_sighup
)
4548 (void) kill(control_pid
, SIGHUP
);
4552 if (u
->cgroup_path
&&
4553 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4554 _cleanup_set_free_ Set
*pid_set
= NULL
;
4556 /* Exclude the main/control pids from being killed via the cgroup */
4557 pid_set
= unit_pid_set(main_pid
, control_pid
);
4561 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4563 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4567 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4568 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", u
->cgroup_path
);
4572 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4573 * we are running in a container or if this is a delegation unit, simply because cgroup
4574 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4575 * of containers it can be confused easily by left-over directories in the cgroup — which
4576 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4577 * there we get proper events. Hence rely on them. */
4579 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4580 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4581 wait_for_exit
= true;
4586 pid_set
= unit_pid_set(main_pid
, control_pid
);
4590 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4599 return wait_for_exit
;
4602 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4603 _cleanup_free_
char *p
= NULL
;
4604 UnitDependencyInfo di
;
4610 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4611 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4612 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4613 * determine which units to make themselves a dependency of. */
4615 if (!path_is_absolute(path
))
4618 r
= hashmap_ensure_allocated(&u
->requires_mounts_for
, &path_hash_ops
);
4626 path
= path_simplify(p
, true);
4628 if (!path_is_normalized(path
))
4631 if (hashmap_contains(u
->requires_mounts_for
, path
))
4634 di
= (UnitDependencyInfo
) {
4638 r
= hashmap_put(u
->requires_mounts_for
, path
, di
.data
);
4643 char prefix
[strlen(path
) + 1];
4644 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4647 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4649 _cleanup_free_
char *q
= NULL
;
4651 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
4663 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
4679 int unit_setup_exec_runtime(Unit
*u
) {
4687 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4690 /* Check if there already is an ExecRuntime for this unit? */
4691 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
4695 /* Try to get it from somebody else */
4696 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_JOINS_NAMESPACE_OF
], i
) {
4697 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
4702 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
4705 int unit_setup_dynamic_creds(Unit
*u
) {
4707 DynamicCreds
*dcreds
;
4712 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
4714 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
4716 ec
= unit_get_exec_context(u
);
4719 if (!ec
->dynamic_user
)
4722 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
4725 bool unit_type_supported(UnitType t
) {
4726 if (_unlikely_(t
< 0))
4728 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
4731 if (!unit_vtable
[t
]->supported
)
4734 return unit_vtable
[t
]->supported();
4737 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
4743 r
= dir_is_empty(where
);
4744 if (r
> 0 || r
== -ENOTDIR
)
4747 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
4751 log_struct(LOG_NOTICE
,
4752 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4754 LOG_UNIT_INVOCATION_ID(u
),
4755 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
4759 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
4760 _cleanup_free_
char *canonical_where
= NULL
;
4766 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
);
4768 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
4772 /* We will happily ignore a trailing slash (or any redundant slashes) */
4773 if (path_equal(where
, canonical_where
))
4776 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4778 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4780 LOG_UNIT_INVOCATION_ID(u
),
4781 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
4787 bool unit_is_pristine(Unit
*u
) {
4790 /* Check if the unit already exists or is already around,
4791 * in a number of different ways. Note that to cater for unit
4792 * types such as slice, we are generally fine with units that
4793 * are marked UNIT_LOADED even though nothing was actually
4794 * loaded, as those unit types don't require a file on disk. */
4796 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
4799 !strv_isempty(u
->dropin_paths
) ||
4804 pid_t
unit_control_pid(Unit
*u
) {
4807 if (UNIT_VTABLE(u
)->control_pid
)
4808 return UNIT_VTABLE(u
)->control_pid(u
);
4813 pid_t
unit_main_pid(Unit
*u
) {
4816 if (UNIT_VTABLE(u
)->main_pid
)
4817 return UNIT_VTABLE(u
)->main_pid(u
);
4822 static void unit_unref_uid_internal(
4826 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
4830 assert(_manager_unref_uid
);
4832 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4833 * gid_t are actually the same time, with the same validity rules.
4835 * Drops a reference to UID/GID from a unit. */
4837 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4838 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4840 if (!uid_is_valid(*ref_uid
))
4843 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
4844 *ref_uid
= UID_INVALID
;
4847 void unit_unref_uid(Unit
*u
, bool destroy_now
) {
4848 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
4851 void unit_unref_gid(Unit
*u
, bool destroy_now
) {
4852 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
4855 static int unit_ref_uid_internal(
4860 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
4866 assert(uid_is_valid(uid
));
4867 assert(_manager_ref_uid
);
4869 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4870 * are actually the same type, and have the same validity rules.
4872 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4873 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4876 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4877 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4879 if (*ref_uid
== uid
)
4882 if (uid_is_valid(*ref_uid
)) /* Already set? */
4885 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
4893 int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
4894 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
4897 int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
4898 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
4901 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
4906 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4908 if (uid_is_valid(uid
)) {
4909 r
= unit_ref_uid(u
, uid
, clean_ipc
);
4914 if (gid_is_valid(gid
)) {
4915 q
= unit_ref_gid(u
, gid
, clean_ipc
);
4918 unit_unref_uid(u
, false);
4924 return r
> 0 || q
> 0;
4927 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
4933 c
= unit_get_exec_context(u
);
4935 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
4937 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4942 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
4945 unit_unref_uid(u
, destroy_now
);
4946 unit_unref_gid(u
, destroy_now
);
4949 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
4954 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4955 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4956 * objects when no service references the UID/GID anymore. */
4958 r
= unit_ref_uid_gid(u
, uid
, gid
);
4960 unit_add_to_dbus_queue(u
);
4963 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
4968 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4970 if (sd_id128_equal(u
->invocation_id
, id
))
4973 if (!sd_id128_is_null(u
->invocation_id
))
4974 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
4976 if (sd_id128_is_null(id
)) {
4981 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
4985 u
->invocation_id
= id
;
4986 sd_id128_to_string(id
, u
->invocation_id_string
);
4988 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
4995 u
->invocation_id
= SD_ID128_NULL
;
4996 u
->invocation_id_string
[0] = 0;
5000 int unit_acquire_invocation_id(Unit
*u
) {
5006 r
= sd_id128_randomize(&id
);
5008 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5010 r
= unit_set_invocation_id(u
, id
);
5012 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5014 unit_add_to_dbus_queue(u
);
5018 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5024 /* Copy parameters from manager */
5025 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5029 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5030 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5031 p
->prefix
= u
->manager
->prefix
;
5032 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5034 /* Copy paramaters from unit */
5035 p
->cgroup_path
= u
->cgroup_path
;
5036 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5041 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5047 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5048 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5050 (void) unit_realize_cgroup(u
);
5052 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5056 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
, -1);
5057 (void) ignore_signals(SIGPIPE
, -1);
5059 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5061 if (u
->cgroup_path
) {
5062 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5064 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", u
->cgroup_path
);
5072 static void unit_update_dependency_mask(Unit
*u
, UnitDependency d
, Unit
*other
, UnitDependencyInfo di
) {
5075 assert(d
< _UNIT_DEPENDENCY_MAX
);
5078 if (di
.origin_mask
== 0 && di
.destination_mask
== 0) {
5079 /* No bit set anymore, let's drop the whole entry */
5080 assert_se(hashmap_remove(u
->dependencies
[d
], other
));
5081 log_unit_debug(u
, "%s lost dependency %s=%s", u
->id
, unit_dependency_to_string(d
), other
->id
);
5083 /* Mask was reduced, let's update the entry */
5084 assert_se(hashmap_update(u
->dependencies
[d
], other
, di
.data
) == 0);
5087 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5092 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5097 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
5101 UnitDependencyInfo di
;
5107 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
5110 if ((di
.origin_mask
& ~mask
) == di
.origin_mask
)
5112 di
.origin_mask
&= ~mask
;
5113 unit_update_dependency_mask(u
, d
, other
, di
);
5115 /* We updated the dependency from our unit to the other unit now. But most dependencies
5116 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5117 * all dependency types on the other unit and delete all those which point to us and
5118 * have the right mask set. */
5120 for (q
= 0; q
< _UNIT_DEPENDENCY_MAX
; q
++) {
5121 UnitDependencyInfo dj
;
5123 dj
.data
= hashmap_get(other
->dependencies
[q
], u
);
5124 if ((dj
.destination_mask
& ~mask
) == dj
.destination_mask
)
5126 dj
.destination_mask
&= ~mask
;
5128 unit_update_dependency_mask(other
, q
, u
, dj
);
5131 unit_add_to_gc_queue(other
);
5141 static int unit_export_invocation_id(Unit
*u
) {
5147 if (u
->exported_invocation_id
)
5150 if (sd_id128_is_null(u
->invocation_id
))
5153 p
= strjoina("/run/systemd/units/invocation:", u
->id
);
5154 r
= symlink_atomic(u
->invocation_id_string
, p
);
5156 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5158 u
->exported_invocation_id
= true;
5162 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5170 if (u
->exported_log_level_max
)
5173 if (c
->log_level_max
< 0)
5176 assert(c
->log_level_max
<= 7);
5178 buf
[0] = '0' + c
->log_level_max
;
5181 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5182 r
= symlink_atomic(buf
, p
);
5184 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5186 u
->exported_log_level_max
= true;
5190 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5191 _cleanup_close_
int fd
= -1;
5192 struct iovec
*iovec
;
5200 if (u
->exported_log_extra_fields
)
5203 if (c
->n_log_extra_fields
<= 0)
5206 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5207 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5209 for (i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5210 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5212 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5213 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5216 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5217 pattern
= strjoina(p
, ".XXXXXX");
5219 fd
= mkostemp_safe(pattern
);
5221 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5223 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5225 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5229 (void) fchmod(fd
, 0644);
5231 if (rename(pattern
, p
) < 0) {
5232 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5236 u
->exported_log_extra_fields
= true;
5240 (void) unlink(pattern
);
5244 static int unit_export_log_rate_limit_interval(Unit
*u
, const ExecContext
*c
) {
5245 _cleanup_free_
char *buf
= NULL
;
5252 if (u
->exported_log_rate_limit_interval
)
5255 if (c
->log_rate_limit_interval_usec
== 0)
5258 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5260 if (asprintf(&buf
, "%" PRIu64
, c
->log_rate_limit_interval_usec
) < 0)
5263 r
= symlink_atomic(buf
, p
);
5265 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5267 u
->exported_log_rate_limit_interval
= true;
5271 static int unit_export_log_rate_limit_burst(Unit
*u
, const ExecContext
*c
) {
5272 _cleanup_free_
char *buf
= NULL
;
5279 if (u
->exported_log_rate_limit_burst
)
5282 if (c
->log_rate_limit_burst
== 0)
5285 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5287 if (asprintf(&buf
, "%u", c
->log_rate_limit_burst
) < 0)
5290 r
= symlink_atomic(buf
, p
);
5292 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5294 u
->exported_log_rate_limit_burst
= true;
5298 void unit_export_state_files(Unit
*u
) {
5299 const ExecContext
*c
;
5306 if (!MANAGER_IS_SYSTEM(u
->manager
))
5309 if (MANAGER_IS_TEST_RUN(u
->manager
))
5312 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5313 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5314 * the IPC system itself and PID 1 also log to the journal.
5316 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5317 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5318 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5319 * namespace at least.
5321 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5322 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5325 (void) unit_export_invocation_id(u
);
5327 c
= unit_get_exec_context(u
);
5329 (void) unit_export_log_level_max(u
, c
);
5330 (void) unit_export_log_extra_fields(u
, c
);
5331 (void) unit_export_log_rate_limit_interval(u
, c
);
5332 (void) unit_export_log_rate_limit_burst(u
, c
);
5336 void unit_unlink_state_files(Unit
*u
) {
5344 if (!MANAGER_IS_SYSTEM(u
->manager
))
5347 /* Undoes the effect of unit_export_state() */
5349 if (u
->exported_invocation_id
) {
5350 p
= strjoina("/run/systemd/units/invocation:", u
->id
);
5353 u
->exported_invocation_id
= false;
5356 if (u
->exported_log_level_max
) {
5357 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5360 u
->exported_log_level_max
= false;
5363 if (u
->exported_log_extra_fields
) {
5364 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5367 u
->exported_log_extra_fields
= false;
5370 if (u
->exported_log_rate_limit_interval
) {
5371 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5374 u
->exported_log_rate_limit_interval
= false;
5377 if (u
->exported_log_rate_limit_burst
) {
5378 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5381 u
->exported_log_rate_limit_burst
= false;
5385 int unit_prepare_exec(Unit
*u
) {
5390 /* Prepares everything so that we can fork of a process for this unit */
5392 (void) unit_realize_cgroup(u
);
5394 if (u
->reset_accounting
) {
5395 (void) unit_reset_cpu_accounting(u
);
5396 (void) unit_reset_ip_accounting(u
);
5397 u
->reset_accounting
= false;
5400 unit_export_state_files(u
);
5402 r
= unit_setup_exec_runtime(u
);
5406 r
= unit_setup_dynamic_creds(u
);
5413 static int log_leftover(pid_t pid
, int sig
, void *userdata
) {
5414 _cleanup_free_
char *comm
= NULL
;
5416 (void) get_process_comm(pid
, &comm
);
5418 if (comm
&& comm
[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5421 log_unit_warning(userdata
,
5422 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5423 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5429 int unit_warn_leftover_processes(Unit
*u
) {
5432 (void) unit_pick_cgroup_path(u
);
5434 if (!u
->cgroup_path
)
5437 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_leftover
, u
);
5440 bool unit_needs_console(Unit
*u
) {
5442 UnitActiveState state
;
5446 state
= unit_active_state(u
);
5448 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5451 if (UNIT_VTABLE(u
)->needs_console
)
5452 return UNIT_VTABLE(u
)->needs_console(u
);
5454 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5455 ec
= unit_get_exec_context(u
);
5459 return exec_context_may_touch_console(ec
);
5462 const char *unit_label_path(Unit
*u
) {
5465 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5466 * when validating access checks. */
5468 p
= u
->source_path
?: u
->fragment_path
;
5472 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5473 if (path_equal(p
, "/dev/null"))
5479 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5484 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5485 * and not a kernel thread either */
5487 /* First, a simple range check */
5488 if (!pid_is_valid(pid
))
5489 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5491 /* Some extra safety check */
5492 if (pid
== 1 || pid
== getpid_cached())
5493 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5495 /* Don't even begin to bother with kernel threads */
5496 r
= is_kernel_thread(pid
);
5498 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5500 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5502 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5507 void unit_log_success(Unit
*u
) {
5510 log_struct(LOG_INFO
,
5511 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5513 LOG_UNIT_INVOCATION_ID(u
),
5514 LOG_UNIT_MESSAGE(u
, "Succeeded."));
5517 void unit_log_failure(Unit
*u
, const char *result
) {
5521 log_struct(LOG_WARNING
,
5522 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
5524 LOG_UNIT_INVOCATION_ID(u
),
5525 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
5526 "UNIT_RESULT=%s", result
);
5529 void unit_log_process_exit(
5533 const char *command
,
5540 if (code
!= CLD_EXITED
)
5541 level
= LOG_WARNING
;
5544 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
5545 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s",
5547 sigchld_code_to_string(code
), status
,
5548 strna(code
== CLD_EXITED
5549 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
5550 : signal_to_string(status
))),
5551 "EXIT_CODE=%s", sigchld_code_to_string(code
),
5552 "EXIT_STATUS=%i", status
,
5553 "COMMAND=%s", strna(command
),
5555 LOG_UNIT_INVOCATION_ID(u
));
5558 int unit_exit_status(Unit
*u
) {
5561 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5562 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5563 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5564 * service process has exited abnormally (signal/coredump). */
5566 if (!UNIT_VTABLE(u
)->exit_status
)
5569 return UNIT_VTABLE(u
)->exit_status(u
);
5572 int unit_failure_action_exit_status(Unit
*u
) {
5577 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5579 if (u
->failure_action_exit_status
>= 0)
5580 return u
->failure_action_exit_status
;
5582 r
= unit_exit_status(u
);
5583 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5589 int unit_success_action_exit_status(Unit
*u
) {
5594 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5596 if (u
->success_action_exit_status
>= 0)
5597 return u
->success_action_exit_status
;
5599 r
= unit_exit_status(u
);
5600 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5606 int unit_test_trigger_loaded(Unit
*u
) {
5609 /* Tests whether the unit to trigger is loaded */
5611 trigger
= UNIT_TRIGGER(u
);
5613 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
), "Refusing to start, unit to trigger not loaded.");
5614 if (trigger
->load_state
!= UNIT_LOADED
)
5615 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
), "Refusing to start, unit %s to trigger not loaded.", u
->id
);
5620 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
5621 [COLLECT_INACTIVE
] = "inactive",
5622 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
5625 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);