1 /* SPDX-License-Identifier: LGPL-2.1+ */
11 #include "sd-messages.h"
13 #include "all-units.h"
14 #include "alloc-util.h"
15 #include "bpf-firewall.h"
16 #include "bus-common-errors.h"
18 #include "cgroup-util.h"
19 #include "dbus-unit.h"
25 #include "fileio-label.h"
27 #include "format-util.h"
29 #include "id128-util.h"
32 #include "load-dropin.h"
33 #include "load-fragment.h"
38 #include "parse-util.h"
39 #include "path-util.h"
40 #include "process-util.h"
41 #include "serialize.h"
43 #include "signal-util.h"
44 #include "sparse-endian.h"
46 #include "specifier.h"
47 #include "stat-util.h"
48 #include "stdio-util.h"
49 #include "string-table.h"
50 #include "string-util.h"
52 #include "terminal-util.h"
53 #include "tmpfile-util.h"
54 #include "umask-util.h"
55 #include "unit-name.h"
57 #include "user-util.h"
60 const UnitVTable
* const unit_vtable
[_UNIT_TYPE_MAX
] = {
61 [UNIT_SERVICE
] = &service_vtable
,
62 [UNIT_SOCKET
] = &socket_vtable
,
63 [UNIT_TARGET
] = &target_vtable
,
64 [UNIT_DEVICE
] = &device_vtable
,
65 [UNIT_MOUNT
] = &mount_vtable
,
66 [UNIT_AUTOMOUNT
] = &automount_vtable
,
67 [UNIT_SWAP
] = &swap_vtable
,
68 [UNIT_TIMER
] = &timer_vtable
,
69 [UNIT_PATH
] = &path_vtable
,
70 [UNIT_SLICE
] = &slice_vtable
,
71 [UNIT_SCOPE
] = &scope_vtable
,
74 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
);
76 Unit
*unit_new(Manager
*m
, size_t size
) {
80 assert(size
>= sizeof(Unit
));
86 u
->names
= set_new(&string_hash_ops
);
91 u
->type
= _UNIT_TYPE_INVALID
;
92 u
->default_dependencies
= true;
93 u
->unit_file_state
= _UNIT_FILE_STATE_INVALID
;
94 u
->unit_file_preset
= -1;
95 u
->on_failure_job_mode
= JOB_REPLACE
;
96 u
->cgroup_control_inotify_wd
= -1;
97 u
->cgroup_memory_inotify_wd
= -1;
98 u
->job_timeout
= USEC_INFINITY
;
99 u
->job_running_timeout
= USEC_INFINITY
;
100 u
->ref_uid
= UID_INVALID
;
101 u
->ref_gid
= GID_INVALID
;
102 u
->cpu_usage_last
= NSEC_INFINITY
;
103 u
->cgroup_invalidated_mask
|= CGROUP_MASK_BPF_FIREWALL
;
104 u
->failure_action_exit_status
= u
->success_action_exit_status
= -1;
106 u
->ip_accounting_ingress_map_fd
= -1;
107 u
->ip_accounting_egress_map_fd
= -1;
108 u
->ipv4_allow_map_fd
= -1;
109 u
->ipv6_allow_map_fd
= -1;
110 u
->ipv4_deny_map_fd
= -1;
111 u
->ipv6_deny_map_fd
= -1;
113 u
->last_section_private
= -1;
115 RATELIMIT_INIT(u
->start_limit
, m
->default_start_limit_interval
, m
->default_start_limit_burst
);
116 RATELIMIT_INIT(u
->auto_stop_ratelimit
, 10 * USEC_PER_SEC
, 16);
118 for (CGroupIOAccountingMetric i
= 0; i
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; i
++)
119 u
->io_accounting_last
[i
] = UINT64_MAX
;
124 int unit_new_for_name(Manager
*m
, size_t size
, const char *name
, Unit
**ret
) {
125 _cleanup_(unit_freep
) Unit
*u
= NULL
;
128 u
= unit_new(m
, size
);
132 r
= unit_add_name(u
, name
);
141 bool unit_has_name(const Unit
*u
, const char *name
) {
145 return set_contains(u
->names
, (char*) name
);
148 static void unit_init(Unit
*u
) {
155 assert(u
->type
>= 0);
157 cc
= unit_get_cgroup_context(u
);
159 cgroup_context_init(cc
);
161 /* Copy in the manager defaults into the cgroup
162 * context, _before_ the rest of the settings have
163 * been initialized */
165 cc
->cpu_accounting
= u
->manager
->default_cpu_accounting
;
166 cc
->io_accounting
= u
->manager
->default_io_accounting
;
167 cc
->blockio_accounting
= u
->manager
->default_blockio_accounting
;
168 cc
->memory_accounting
= u
->manager
->default_memory_accounting
;
169 cc
->tasks_accounting
= u
->manager
->default_tasks_accounting
;
170 cc
->ip_accounting
= u
->manager
->default_ip_accounting
;
172 if (u
->type
!= UNIT_SLICE
)
173 cc
->tasks_max
= u
->manager
->default_tasks_max
;
176 ec
= unit_get_exec_context(u
);
178 exec_context_init(ec
);
180 ec
->keyring_mode
= MANAGER_IS_SYSTEM(u
->manager
) ?
181 EXEC_KEYRING_SHARED
: EXEC_KEYRING_INHERIT
;
184 kc
= unit_get_kill_context(u
);
186 kill_context_init(kc
);
188 if (UNIT_VTABLE(u
)->init
)
189 UNIT_VTABLE(u
)->init(u
);
192 int unit_add_name(Unit
*u
, const char *text
) {
193 _cleanup_free_
char *s
= NULL
, *i
= NULL
;
200 if (unit_name_is_valid(text
, UNIT_NAME_TEMPLATE
)) {
205 r
= unit_name_replace_instance(text
, u
->instance
, &s
);
214 if (set_contains(u
->names
, s
))
216 if (hashmap_contains(u
->manager
->units
, s
))
219 if (!unit_name_is_valid(s
, UNIT_NAME_PLAIN
|UNIT_NAME_INSTANCE
))
222 t
= unit_name_to_type(s
);
226 if (u
->type
!= _UNIT_TYPE_INVALID
&& t
!= u
->type
)
229 r
= unit_name_to_instance(s
, &i
);
233 if (i
&& !unit_type_may_template(t
))
236 /* Ensure that this unit is either instanced or not instanced,
237 * but not both. Note that we do allow names with different
238 * instance names however! */
239 if (u
->type
!= _UNIT_TYPE_INVALID
&& !u
->instance
!= !i
)
242 if (!unit_type_may_alias(t
) && !set_isempty(u
->names
))
245 if (hashmap_size(u
->manager
->units
) >= MANAGER_MAX_NAMES
)
248 r
= set_put(u
->names
, s
);
253 r
= hashmap_put(u
->manager
->units
, s
, u
);
255 (void) set_remove(u
->names
, s
);
259 if (u
->type
== _UNIT_TYPE_INVALID
) {
262 u
->instance
= TAKE_PTR(i
);
264 LIST_PREPEND(units_by_type
, u
->manager
->units_by_type
[t
], u
);
271 unit_add_to_dbus_queue(u
);
275 int unit_choose_id(Unit
*u
, const char *name
) {
276 _cleanup_free_
char *t
= NULL
;
283 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
288 r
= unit_name_replace_instance(name
, u
->instance
, &t
);
295 /* Selects one of the names of this unit as the id */
296 s
= set_get(u
->names
, (char*) name
);
300 /* Determine the new instance from the new id */
301 r
= unit_name_to_instance(s
, &i
);
310 unit_add_to_dbus_queue(u
);
315 int unit_set_description(Unit
*u
, const char *description
) {
320 r
= free_and_strdup(&u
->description
, empty_to_null(description
));
324 unit_add_to_dbus_queue(u
);
329 bool unit_may_gc(Unit
*u
) {
330 UnitActiveState state
;
335 /* Checks whether the unit is ready to be unloaded for garbage collection.
336 * Returns true when the unit may be collected, and false if there's some
337 * reason to keep it loaded.
339 * References from other units are *not* checked here. Instead, this is done
340 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
349 state
= unit_active_state(u
);
351 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
352 if (UNIT_IS_INACTIVE_OR_FAILED(state
) &&
353 UNIT_VTABLE(u
)->release_resources
)
354 UNIT_VTABLE(u
)->release_resources(u
);
359 if (sd_bus_track_count(u
->bus_track
) > 0)
362 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
363 switch (u
->collect_mode
) {
365 case COLLECT_INACTIVE
:
366 if (state
!= UNIT_INACTIVE
)
371 case COLLECT_INACTIVE_OR_FAILED
:
372 if (!IN_SET(state
, UNIT_INACTIVE
, UNIT_FAILED
))
378 assert_not_reached("Unknown garbage collection mode");
381 if (u
->cgroup_path
) {
382 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
383 * around. Units with active processes should never be collected. */
385 r
= cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
);
387 log_unit_debug_errno(u
, r
, "Failed to determine whether cgroup %s is empty: %m", u
->cgroup_path
);
392 if (UNIT_VTABLE(u
)->may_gc
&& !UNIT_VTABLE(u
)->may_gc(u
))
398 void unit_add_to_load_queue(Unit
*u
) {
400 assert(u
->type
!= _UNIT_TYPE_INVALID
);
402 if (u
->load_state
!= UNIT_STUB
|| u
->in_load_queue
)
405 LIST_PREPEND(load_queue
, u
->manager
->load_queue
, u
);
406 u
->in_load_queue
= true;
409 void unit_add_to_cleanup_queue(Unit
*u
) {
412 if (u
->in_cleanup_queue
)
415 LIST_PREPEND(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
416 u
->in_cleanup_queue
= true;
419 void unit_add_to_gc_queue(Unit
*u
) {
422 if (u
->in_gc_queue
|| u
->in_cleanup_queue
)
428 LIST_PREPEND(gc_queue
, u
->manager
->gc_unit_queue
, u
);
429 u
->in_gc_queue
= true;
432 void unit_add_to_dbus_queue(Unit
*u
) {
434 assert(u
->type
!= _UNIT_TYPE_INVALID
);
436 if (u
->load_state
== UNIT_STUB
|| u
->in_dbus_queue
)
439 /* Shortcut things if nobody cares */
440 if (sd_bus_track_count(u
->manager
->subscribed
) <= 0 &&
441 sd_bus_track_count(u
->bus_track
) <= 0 &&
442 set_isempty(u
->manager
->private_buses
)) {
443 u
->sent_dbus_new_signal
= true;
447 LIST_PREPEND(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
448 u
->in_dbus_queue
= true;
451 void unit_submit_to_stop_when_unneeded_queue(Unit
*u
) {
454 if (u
->in_stop_when_unneeded_queue
)
457 if (!u
->stop_when_unneeded
)
460 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
463 LIST_PREPEND(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
464 u
->in_stop_when_unneeded_queue
= true;
467 static void bidi_set_free(Unit
*u
, Hashmap
*h
) {
474 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
476 HASHMAP_FOREACH_KEY(v
, other
, h
, i
) {
479 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
480 hashmap_remove(other
->dependencies
[d
], u
);
482 unit_add_to_gc_queue(other
);
488 static void unit_remove_transient(Unit
*u
) {
496 if (u
->fragment_path
)
497 (void) unlink(u
->fragment_path
);
499 STRV_FOREACH(i
, u
->dropin_paths
) {
500 _cleanup_free_
char *p
= NULL
, *pp
= NULL
;
502 p
= dirname_malloc(*i
); /* Get the drop-in directory from the drop-in file */
506 pp
= dirname_malloc(p
); /* Get the config directory from the drop-in directory */
510 /* Only drop transient drop-ins */
511 if (!path_equal(u
->manager
->lookup_paths
.transient
, pp
))
519 static void unit_free_requires_mounts_for(Unit
*u
) {
523 _cleanup_free_
char *path
;
525 path
= hashmap_steal_first_key(u
->requires_mounts_for
);
529 char s
[strlen(path
) + 1];
531 PATH_FOREACH_PREFIX_MORE(s
, path
) {
535 x
= hashmap_get2(u
->manager
->units_requiring_mounts_for
, s
, (void**) &y
);
539 (void) set_remove(x
, u
);
541 if (set_isempty(x
)) {
542 (void) hashmap_remove(u
->manager
->units_requiring_mounts_for
, y
);
550 u
->requires_mounts_for
= hashmap_free(u
->requires_mounts_for
);
553 static void unit_done(Unit
*u
) {
562 if (UNIT_VTABLE(u
)->done
)
563 UNIT_VTABLE(u
)->done(u
);
565 ec
= unit_get_exec_context(u
);
567 exec_context_done(ec
);
569 cc
= unit_get_cgroup_context(u
);
571 cgroup_context_done(cc
);
574 void unit_free(Unit
*u
) {
582 if (UNIT_ISSET(u
->slice
)) {
583 /* A unit is being dropped from the tree, make sure our parent slice recalculates the member mask */
584 unit_invalidate_cgroup_members_masks(UNIT_DEREF(u
->slice
));
586 /* And make sure the parent is realized again, updating cgroup memberships */
587 unit_add_to_cgroup_realize_queue(UNIT_DEREF(u
->slice
));
590 u
->transient_file
= safe_fclose(u
->transient_file
);
592 if (!MANAGER_IS_RELOADING(u
->manager
))
593 unit_remove_transient(u
);
595 bus_unit_send_removed_signal(u
);
599 unit_dequeue_rewatch_pids(u
);
601 sd_bus_slot_unref(u
->match_bus_slot
);
602 sd_bus_track_unref(u
->bus_track
);
603 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
605 unit_free_requires_mounts_for(u
);
607 SET_FOREACH(t
, u
->names
, i
)
608 hashmap_remove_value(u
->manager
->units
, t
, u
);
610 if (!sd_id128_is_null(u
->invocation_id
))
611 hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
625 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
626 bidi_set_free(u
, u
->dependencies
[d
]);
629 manager_unref_console(u
->manager
);
631 unit_release_cgroup(u
);
633 if (!MANAGER_IS_RELOADING(u
->manager
))
634 unit_unlink_state_files(u
);
636 unit_unref_uid_gid(u
, false);
638 (void) manager_update_failed_units(u
->manager
, u
, false);
639 set_remove(u
->manager
->startup_units
, u
);
641 unit_unwatch_all_pids(u
);
643 unit_ref_unset(&u
->slice
);
644 while (u
->refs_by_target
)
645 unit_ref_unset(u
->refs_by_target
);
647 if (u
->type
!= _UNIT_TYPE_INVALID
)
648 LIST_REMOVE(units_by_type
, u
->manager
->units_by_type
[u
->type
], u
);
650 if (u
->in_load_queue
)
651 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
653 if (u
->in_dbus_queue
)
654 LIST_REMOVE(dbus_queue
, u
->manager
->dbus_unit_queue
, u
);
657 LIST_REMOVE(gc_queue
, u
->manager
->gc_unit_queue
, u
);
659 if (u
->in_cgroup_realize_queue
)
660 LIST_REMOVE(cgroup_realize_queue
, u
->manager
->cgroup_realize_queue
, u
);
662 if (u
->in_cgroup_empty_queue
)
663 LIST_REMOVE(cgroup_empty_queue
, u
->manager
->cgroup_empty_queue
, u
);
665 if (u
->in_cleanup_queue
)
666 LIST_REMOVE(cleanup_queue
, u
->manager
->cleanup_queue
, u
);
668 if (u
->in_target_deps_queue
)
669 LIST_REMOVE(target_deps_queue
, u
->manager
->target_deps_queue
, u
);
671 if (u
->in_stop_when_unneeded_queue
)
672 LIST_REMOVE(stop_when_unneeded_queue
, u
->manager
->stop_when_unneeded_queue
, u
);
674 safe_close(u
->ip_accounting_ingress_map_fd
);
675 safe_close(u
->ip_accounting_egress_map_fd
);
677 safe_close(u
->ipv4_allow_map_fd
);
678 safe_close(u
->ipv6_allow_map_fd
);
679 safe_close(u
->ipv4_deny_map_fd
);
680 safe_close(u
->ipv6_deny_map_fd
);
682 bpf_program_unref(u
->ip_bpf_ingress
);
683 bpf_program_unref(u
->ip_bpf_ingress_installed
);
684 bpf_program_unref(u
->ip_bpf_egress
);
685 bpf_program_unref(u
->ip_bpf_egress_installed
);
687 set_free(u
->ip_bpf_custom_ingress
);
688 set_free(u
->ip_bpf_custom_egress
);
689 set_free(u
->ip_bpf_custom_ingress_installed
);
690 set_free(u
->ip_bpf_custom_egress_installed
);
692 bpf_program_unref(u
->bpf_device_control_installed
);
694 condition_free_list(u
->conditions
);
695 condition_free_list(u
->asserts
);
697 free(u
->description
);
698 strv_free(u
->documentation
);
699 free(u
->fragment_path
);
700 free(u
->source_path
);
701 strv_free(u
->dropin_paths
);
704 free(u
->job_timeout_reboot_arg
);
706 set_free_free(u
->names
);
713 UnitActiveState
unit_active_state(Unit
*u
) {
716 if (u
->load_state
== UNIT_MERGED
)
717 return unit_active_state(unit_follow_merge(u
));
719 /* After a reload it might happen that a unit is not correctly
720 * loaded but still has a process around. That's why we won't
721 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
723 return UNIT_VTABLE(u
)->active_state(u
);
726 const char* unit_sub_state_to_string(Unit
*u
) {
729 return UNIT_VTABLE(u
)->sub_state_to_string(u
);
732 static int set_complete_move(Set
**s
, Set
**other
) {
740 return set_move(*s
, *other
);
742 *s
= TAKE_PTR(*other
);
747 static int hashmap_complete_move(Hashmap
**s
, Hashmap
**other
) {
755 return hashmap_move(*s
, *other
);
757 *s
= TAKE_PTR(*other
);
762 static int merge_names(Unit
*u
, Unit
*other
) {
770 r
= set_complete_move(&u
->names
, &other
->names
);
774 set_free_free(other
->names
);
778 SET_FOREACH(t
, u
->names
, i
)
779 assert_se(hashmap_replace(u
->manager
->units
, t
, u
) == 0);
784 static int reserve_dependencies(Unit
*u
, Unit
*other
, UnitDependency d
) {
789 assert(d
< _UNIT_DEPENDENCY_MAX
);
792 * If u does not have this dependency set allocated, there is no need
793 * to reserve anything. In that case other's set will be transferred
794 * as a whole to u by complete_move().
796 if (!u
->dependencies
[d
])
799 /* merge_dependencies() will skip a u-on-u dependency */
800 n_reserve
= hashmap_size(other
->dependencies
[d
]) - !!hashmap_get(other
->dependencies
[d
], u
);
802 return hashmap_reserve(u
->dependencies
[d
], n_reserve
);
805 static void merge_dependencies(Unit
*u
, Unit
*other
, const char *other_id
, UnitDependency d
) {
811 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
815 assert(d
< _UNIT_DEPENDENCY_MAX
);
817 /* Fix backwards pointers. Let's iterate through all dependent units of the other unit. */
818 HASHMAP_FOREACH_KEY(v
, back
, other
->dependencies
[d
], i
) {
821 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
822 * pointers back, and let's fix them up, to instead point to 'u'. */
824 for (k
= 0; k
< _UNIT_DEPENDENCY_MAX
; k
++) {
826 /* Do not add dependencies between u and itself. */
827 if (hashmap_remove(back
->dependencies
[k
], other
))
828 maybe_warn_about_dependency(u
, other_id
, k
);
830 UnitDependencyInfo di_u
, di_other
, di_merged
;
832 /* Let's drop this dependency between "back" and "other", and let's create it between
833 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
834 * and any such dependency which might already exist */
836 di_other
.data
= hashmap_get(back
->dependencies
[k
], other
);
838 continue; /* dependency isn't set, let's try the next one */
840 di_u
.data
= hashmap_get(back
->dependencies
[k
], u
);
842 di_merged
= (UnitDependencyInfo
) {
843 .origin_mask
= di_u
.origin_mask
| di_other
.origin_mask
,
844 .destination_mask
= di_u
.destination_mask
| di_other
.destination_mask
,
847 r
= hashmap_remove_and_replace(back
->dependencies
[k
], other
, u
, di_merged
.data
);
849 log_warning_errno(r
, "Failed to remove/replace: back=%s other=%s u=%s: %m", back
->id
, other_id
, u
->id
);
852 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
858 /* Also do not move dependencies on u to itself */
859 back
= hashmap_remove(other
->dependencies
[d
], u
);
861 maybe_warn_about_dependency(u
, other_id
, d
);
863 /* The move cannot fail. The caller must have performed a reservation. */
864 assert_se(hashmap_complete_move(&u
->dependencies
[d
], &other
->dependencies
[d
]) == 0);
866 other
->dependencies
[d
] = hashmap_free(other
->dependencies
[d
]);
869 int unit_merge(Unit
*u
, Unit
*other
) {
871 const char *other_id
= NULL
;
876 assert(u
->manager
== other
->manager
);
877 assert(u
->type
!= _UNIT_TYPE_INVALID
);
879 other
= unit_follow_merge(other
);
884 if (u
->type
!= other
->type
)
887 if (!u
->instance
!= !other
->instance
)
890 if (!unit_type_may_alias(u
->type
)) /* Merging only applies to unit names that support aliases */
893 if (!IN_SET(other
->load_state
, UNIT_STUB
, UNIT_NOT_FOUND
))
902 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
906 other_id
= strdupa(other
->id
);
908 /* Make reservations to ensure merge_dependencies() won't fail */
909 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
910 r
= reserve_dependencies(u
, other
, d
);
912 * We don't rollback reservations if we fail. We don't have
913 * a way to undo reservations. A reservation is not a leak.
920 r
= merge_names(u
, other
);
924 /* Redirect all references */
925 while (other
->refs_by_target
)
926 unit_ref_set(other
->refs_by_target
, other
->refs_by_target
->source
, u
);
928 /* Merge dependencies */
929 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++)
930 merge_dependencies(u
, other
, other_id
, d
);
932 other
->load_state
= UNIT_MERGED
;
933 other
->merged_into
= u
;
935 /* If there is still some data attached to the other node, we
936 * don't need it anymore, and can free it. */
937 if (other
->load_state
!= UNIT_STUB
)
938 if (UNIT_VTABLE(other
)->done
)
939 UNIT_VTABLE(other
)->done(other
);
941 unit_add_to_dbus_queue(u
);
942 unit_add_to_cleanup_queue(other
);
947 int unit_merge_by_name(Unit
*u
, const char *name
) {
948 _cleanup_free_
char *s
= NULL
;
952 /* Either add name to u, or if a unit with name already exists, merge it with u.
953 * If name is a template, do the same for name@instance, where instance is u's instance. */
958 if (unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
962 r
= unit_name_replace_instance(name
, u
->instance
, &s
);
969 other
= manager_get_unit(u
->manager
, name
);
971 return unit_merge(u
, other
);
973 return unit_add_name(u
, name
);
976 Unit
* unit_follow_merge(Unit
*u
) {
979 while (u
->load_state
== UNIT_MERGED
)
980 assert_se(u
= u
->merged_into
);
985 int unit_add_exec_dependencies(Unit
*u
, ExecContext
*c
) {
986 ExecDirectoryType dt
;
993 if (c
->working_directory
&& !c
->working_directory_missing_ok
) {
994 r
= unit_require_mounts_for(u
, c
->working_directory
, UNIT_DEPENDENCY_FILE
);
999 if (c
->root_directory
) {
1000 r
= unit_require_mounts_for(u
, c
->root_directory
, UNIT_DEPENDENCY_FILE
);
1005 if (c
->root_image
) {
1006 r
= unit_require_mounts_for(u
, c
->root_image
, UNIT_DEPENDENCY_FILE
);
1011 for (dt
= 0; dt
< _EXEC_DIRECTORY_TYPE_MAX
; dt
++) {
1012 if (!u
->manager
->prefix
[dt
])
1015 STRV_FOREACH(dp
, c
->directories
[dt
].paths
) {
1016 _cleanup_free_
char *p
;
1018 p
= path_join(u
->manager
->prefix
[dt
], *dp
);
1022 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1028 if (!MANAGER_IS_SYSTEM(u
->manager
))
1031 if (c
->private_tmp
) {
1034 FOREACH_STRING(p
, "/tmp", "/var/tmp") {
1035 r
= unit_require_mounts_for(u
, p
, UNIT_DEPENDENCY_FILE
);
1040 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_TMPFILES_SETUP_SERVICE
, true, UNIT_DEPENDENCY_FILE
);
1045 if (!IN_SET(c
->std_output
,
1046 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1047 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
,
1048 EXEC_OUTPUT_SYSLOG
, EXEC_OUTPUT_SYSLOG_AND_CONSOLE
) &&
1049 !IN_SET(c
->std_error
,
1050 EXEC_OUTPUT_JOURNAL
, EXEC_OUTPUT_JOURNAL_AND_CONSOLE
,
1051 EXEC_OUTPUT_KMSG
, EXEC_OUTPUT_KMSG_AND_CONSOLE
,
1052 EXEC_OUTPUT_SYSLOG
, EXEC_OUTPUT_SYSLOG_AND_CONSOLE
))
1055 /* If syslog or kernel logging is requested, make sure our own
1056 * logging daemon is run first. */
1058 r
= unit_add_dependency_by_name(u
, UNIT_AFTER
, SPECIAL_JOURNALD_SOCKET
, true, UNIT_DEPENDENCY_FILE
);
1065 const char *unit_description(Unit
*u
) {
1069 return u
->description
;
1071 return strna(u
->id
);
1074 const char *unit_status_string(Unit
*u
) {
1077 if (u
->manager
->status_unit_format
== STATUS_UNIT_FORMAT_NAME
&& u
->id
)
1080 return unit_description(u
);
1083 static void print_unit_dependency_mask(FILE *f
, const char *kind
, UnitDependencyMask mask
, bool *space
) {
1085 UnitDependencyMask mask
;
1088 { UNIT_DEPENDENCY_FILE
, "file" },
1089 { UNIT_DEPENDENCY_IMPLICIT
, "implicit" },
1090 { UNIT_DEPENDENCY_DEFAULT
, "default" },
1091 { UNIT_DEPENDENCY_UDEV
, "udev" },
1092 { UNIT_DEPENDENCY_PATH
, "path" },
1093 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT
, "mountinfo-implicit" },
1094 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT
, "mountinfo-default" },
1095 { UNIT_DEPENDENCY_PROC_SWAP
, "proc-swap" },
1103 for (i
= 0; i
< ELEMENTSOF(table
); i
++) {
1108 if (FLAGS_SET(mask
, table
[i
].mask
)) {
1116 fputs(table
[i
].name
, f
);
1118 mask
&= ~table
[i
].mask
;
1125 void unit_dump(Unit
*u
, FILE *f
, const char *prefix
) {
1129 const char *prefix2
;
1130 char timestamp
[5][FORMAT_TIMESTAMP_MAX
], timespan
[FORMAT_TIMESPAN_MAX
];
1132 _cleanup_set_free_ Set
*following_set
= NULL
;
1138 assert(u
->type
>= 0);
1140 prefix
= strempty(prefix
);
1141 prefix2
= strjoina(prefix
, "\t");
1147 SET_FOREACH(t
, u
->names
, i
)
1148 if (!streq(t
, u
->id
))
1149 fprintf(f
, "%s\tAlias: %s\n", prefix
, t
);
1152 "%s\tDescription: %s\n"
1153 "%s\tInstance: %s\n"
1154 "%s\tUnit Load State: %s\n"
1155 "%s\tUnit Active State: %s\n"
1156 "%s\tState Change Timestamp: %s\n"
1157 "%s\tInactive Exit Timestamp: %s\n"
1158 "%s\tActive Enter Timestamp: %s\n"
1159 "%s\tActive Exit Timestamp: %s\n"
1160 "%s\tInactive Enter Timestamp: %s\n"
1162 "%s\tNeed Daemon Reload: %s\n"
1163 "%s\tTransient: %s\n"
1164 "%s\tPerpetual: %s\n"
1165 "%s\tGarbage Collection Mode: %s\n"
1168 "%s\tCGroup realized: %s\n",
1169 prefix
, unit_description(u
),
1170 prefix
, strna(u
->instance
),
1171 prefix
, unit_load_state_to_string(u
->load_state
),
1172 prefix
, unit_active_state_to_string(unit_active_state(u
)),
1173 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->state_change_timestamp
.realtime
)),
1174 prefix
, strna(format_timestamp(timestamp
[1], sizeof(timestamp
[1]), u
->inactive_exit_timestamp
.realtime
)),
1175 prefix
, strna(format_timestamp(timestamp
[2], sizeof(timestamp
[2]), u
->active_enter_timestamp
.realtime
)),
1176 prefix
, strna(format_timestamp(timestamp
[3], sizeof(timestamp
[3]), u
->active_exit_timestamp
.realtime
)),
1177 prefix
, strna(format_timestamp(timestamp
[4], sizeof(timestamp
[4]), u
->inactive_enter_timestamp
.realtime
)),
1178 prefix
, yes_no(unit_may_gc(u
)),
1179 prefix
, yes_no(unit_need_daemon_reload(u
)),
1180 prefix
, yes_no(u
->transient
),
1181 prefix
, yes_no(u
->perpetual
),
1182 prefix
, collect_mode_to_string(u
->collect_mode
),
1183 prefix
, strna(unit_slice_name(u
)),
1184 prefix
, strna(u
->cgroup_path
),
1185 prefix
, yes_no(u
->cgroup_realized
));
1187 if (u
->cgroup_realized_mask
!= 0) {
1188 _cleanup_free_
char *s
= NULL
;
1189 (void) cg_mask_to_string(u
->cgroup_realized_mask
, &s
);
1190 fprintf(f
, "%s\tCGroup realized mask: %s\n", prefix
, strnull(s
));
1193 if (u
->cgroup_enabled_mask
!= 0) {
1194 _cleanup_free_
char *s
= NULL
;
1195 (void) cg_mask_to_string(u
->cgroup_enabled_mask
, &s
);
1196 fprintf(f
, "%s\tCGroup enabled mask: %s\n", prefix
, strnull(s
));
1199 m
= unit_get_own_mask(u
);
1201 _cleanup_free_
char *s
= NULL
;
1202 (void) cg_mask_to_string(m
, &s
);
1203 fprintf(f
, "%s\tCGroup own mask: %s\n", prefix
, strnull(s
));
1206 m
= unit_get_members_mask(u
);
1208 _cleanup_free_
char *s
= NULL
;
1209 (void) cg_mask_to_string(m
, &s
);
1210 fprintf(f
, "%s\tCGroup members mask: %s\n", prefix
, strnull(s
));
1213 m
= unit_get_delegate_mask(u
);
1215 _cleanup_free_
char *s
= NULL
;
1216 (void) cg_mask_to_string(m
, &s
);
1217 fprintf(f
, "%s\tCGroup delegate mask: %s\n", prefix
, strnull(s
));
1220 if (!sd_id128_is_null(u
->invocation_id
))
1221 fprintf(f
, "%s\tInvocation ID: " SD_ID128_FORMAT_STR
"\n",
1222 prefix
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
1224 STRV_FOREACH(j
, u
->documentation
)
1225 fprintf(f
, "%s\tDocumentation: %s\n", prefix
, *j
);
1227 following
= unit_following(u
);
1229 fprintf(f
, "%s\tFollowing: %s\n", prefix
, following
->id
);
1231 r
= unit_following_set(u
, &following_set
);
1235 SET_FOREACH(other
, following_set
, i
)
1236 fprintf(f
, "%s\tFollowing Set Member: %s\n", prefix
, other
->id
);
1239 if (u
->fragment_path
)
1240 fprintf(f
, "%s\tFragment Path: %s\n", prefix
, u
->fragment_path
);
1243 fprintf(f
, "%s\tSource Path: %s\n", prefix
, u
->source_path
);
1245 STRV_FOREACH(j
, u
->dropin_paths
)
1246 fprintf(f
, "%s\tDropIn Path: %s\n", prefix
, *j
);
1248 if (u
->failure_action
!= EMERGENCY_ACTION_NONE
)
1249 fprintf(f
, "%s\tFailure Action: %s\n", prefix
, emergency_action_to_string(u
->failure_action
));
1250 if (u
->failure_action_exit_status
>= 0)
1251 fprintf(f
, "%s\tFailure Action Exit Status: %i\n", prefix
, u
->failure_action_exit_status
);
1252 if (u
->success_action
!= EMERGENCY_ACTION_NONE
)
1253 fprintf(f
, "%s\tSuccess Action: %s\n", prefix
, emergency_action_to_string(u
->success_action
));
1254 if (u
->success_action_exit_status
>= 0)
1255 fprintf(f
, "%s\tSuccess Action Exit Status: %i\n", prefix
, u
->success_action_exit_status
);
1257 if (u
->job_timeout
!= USEC_INFINITY
)
1258 fprintf(f
, "%s\tJob Timeout: %s\n", prefix
, format_timespan(timespan
, sizeof(timespan
), u
->job_timeout
, 0));
1260 if (u
->job_timeout_action
!= EMERGENCY_ACTION_NONE
)
1261 fprintf(f
, "%s\tJob Timeout Action: %s\n", prefix
, emergency_action_to_string(u
->job_timeout_action
));
1263 if (u
->job_timeout_reboot_arg
)
1264 fprintf(f
, "%s\tJob Timeout Reboot Argument: %s\n", prefix
, u
->job_timeout_reboot_arg
);
1266 condition_dump_list(u
->conditions
, f
, prefix
, condition_type_to_string
);
1267 condition_dump_list(u
->asserts
, f
, prefix
, assert_type_to_string
);
1269 if (dual_timestamp_is_set(&u
->condition_timestamp
))
1271 "%s\tCondition Timestamp: %s\n"
1272 "%s\tCondition Result: %s\n",
1273 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->condition_timestamp
.realtime
)),
1274 prefix
, yes_no(u
->condition_result
));
1276 if (dual_timestamp_is_set(&u
->assert_timestamp
))
1278 "%s\tAssert Timestamp: %s\n"
1279 "%s\tAssert Result: %s\n",
1280 prefix
, strna(format_timestamp(timestamp
[0], sizeof(timestamp
[0]), u
->assert_timestamp
.realtime
)),
1281 prefix
, yes_no(u
->assert_result
));
1283 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
1284 UnitDependencyInfo di
;
1287 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
1290 fprintf(f
, "%s\t%s: %s (", prefix
, unit_dependency_to_string(d
), other
->id
);
1292 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1293 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1299 if (!hashmap_isempty(u
->requires_mounts_for
)) {
1300 UnitDependencyInfo di
;
1303 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1306 fprintf(f
, "%s\tRequiresMountsFor: %s (", prefix
, path
);
1308 print_unit_dependency_mask(f
, "origin", di
.origin_mask
, &space
);
1309 print_unit_dependency_mask(f
, "destination", di
.destination_mask
, &space
);
1315 if (u
->load_state
== UNIT_LOADED
) {
1318 "%s\tStopWhenUnneeded: %s\n"
1319 "%s\tRefuseManualStart: %s\n"
1320 "%s\tRefuseManualStop: %s\n"
1321 "%s\tDefaultDependencies: %s\n"
1322 "%s\tOnFailureJobMode: %s\n"
1323 "%s\tIgnoreOnIsolate: %s\n",
1324 prefix
, yes_no(u
->stop_when_unneeded
),
1325 prefix
, yes_no(u
->refuse_manual_start
),
1326 prefix
, yes_no(u
->refuse_manual_stop
),
1327 prefix
, yes_no(u
->default_dependencies
),
1328 prefix
, job_mode_to_string(u
->on_failure_job_mode
),
1329 prefix
, yes_no(u
->ignore_on_isolate
));
1331 if (UNIT_VTABLE(u
)->dump
)
1332 UNIT_VTABLE(u
)->dump(u
, f
, prefix2
);
1334 } else if (u
->load_state
== UNIT_MERGED
)
1336 "%s\tMerged into: %s\n",
1337 prefix
, u
->merged_into
->id
);
1338 else if (u
->load_state
== UNIT_ERROR
)
1339 fprintf(f
, "%s\tLoad Error Code: %s\n", prefix
, strerror_safe(u
->load_error
));
1341 for (n
= sd_bus_track_first(u
->bus_track
); n
; n
= sd_bus_track_next(u
->bus_track
))
1342 fprintf(f
, "%s\tBus Ref: %s\n", prefix
, n
);
1345 job_dump(u
->job
, f
, prefix2
);
1348 job_dump(u
->nop_job
, f
, prefix2
);
1351 /* Common implementation for multiple backends */
1352 int unit_load_fragment_and_dropin(Unit
*u
) {
1357 /* Load a .{service,socket,...} file */
1358 r
= unit_load_fragment(u
);
1362 if (u
->load_state
== UNIT_STUB
)
1365 /* Load drop-in directory data. If u is an alias, we might be reloading the
1366 * target unit needlessly. But we cannot be sure which drops-ins have already
1367 * been loaded and which not, at least without doing complicated book-keeping,
1368 * so let's always reread all drop-ins. */
1369 return unit_load_dropin(unit_follow_merge(u
));
1372 /* Common implementation for multiple backends */
1373 int unit_load_fragment_and_dropin_optional(Unit
*u
) {
1378 /* Same as unit_load_fragment_and_dropin(), but whether
1379 * something can be loaded or not doesn't matter. */
1381 /* Load a .service/.socket/.slice/… file */
1382 r
= unit_load_fragment(u
);
1386 if (u
->load_state
== UNIT_STUB
)
1387 u
->load_state
= UNIT_LOADED
;
1389 /* Load drop-in directory data */
1390 return unit_load_dropin(unit_follow_merge(u
));
1393 void unit_add_to_target_deps_queue(Unit
*u
) {
1394 Manager
*m
= u
->manager
;
1398 if (u
->in_target_deps_queue
)
1401 LIST_PREPEND(target_deps_queue
, m
->target_deps_queue
, u
);
1402 u
->in_target_deps_queue
= true;
1405 int unit_add_default_target_dependency(Unit
*u
, Unit
*target
) {
1409 if (target
->type
!= UNIT_TARGET
)
1412 /* Only add the dependency if both units are loaded, so that
1413 * that loop check below is reliable */
1414 if (u
->load_state
!= UNIT_LOADED
||
1415 target
->load_state
!= UNIT_LOADED
)
1418 /* If either side wants no automatic dependencies, then let's
1420 if (!u
->default_dependencies
||
1421 !target
->default_dependencies
)
1424 /* Don't create loops */
1425 if (hashmap_get(target
->dependencies
[UNIT_BEFORE
], u
))
1428 return unit_add_dependency(target
, UNIT_AFTER
, u
, true, UNIT_DEPENDENCY_DEFAULT
);
1431 static int unit_add_slice_dependencies(Unit
*u
) {
1432 UnitDependencyMask mask
;
1435 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
1438 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1439 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1441 mask
= u
->type
== UNIT_SLICE
? UNIT_DEPENDENCY_IMPLICIT
: UNIT_DEPENDENCY_FILE
;
1443 if (UNIT_ISSET(u
->slice
))
1444 return unit_add_two_dependencies(u
, UNIT_AFTER
, UNIT_REQUIRES
, UNIT_DEREF(u
->slice
), true, mask
);
1446 if (unit_has_name(u
, SPECIAL_ROOT_SLICE
))
1449 return unit_add_two_dependencies_by_name(u
, UNIT_AFTER
, UNIT_REQUIRES
, SPECIAL_ROOT_SLICE
, true, mask
);
1452 static int unit_add_mount_dependencies(Unit
*u
) {
1453 UnitDependencyInfo di
;
1460 HASHMAP_FOREACH_KEY(di
.data
, path
, u
->requires_mounts_for
, i
) {
1461 char prefix
[strlen(path
) + 1];
1463 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
1464 _cleanup_free_
char *p
= NULL
;
1467 r
= unit_name_from_path(prefix
, ".mount", &p
);
1471 m
= manager_get_unit(u
->manager
, p
);
1473 /* Make sure to load the mount unit if
1474 * it exists. If so the dependencies
1475 * on this unit will be added later
1476 * during the loading of the mount
1478 (void) manager_load_unit_prepare(u
->manager
, p
, NULL
, NULL
, &m
);
1484 if (m
->load_state
!= UNIT_LOADED
)
1487 r
= unit_add_dependency(u
, UNIT_AFTER
, m
, true, di
.origin_mask
);
1491 if (m
->fragment_path
) {
1492 r
= unit_add_dependency(u
, UNIT_REQUIRES
, m
, true, di
.origin_mask
);
1502 static int unit_add_startup_units(Unit
*u
) {
1506 c
= unit_get_cgroup_context(u
);
1510 if (c
->startup_cpu_shares
== CGROUP_CPU_SHARES_INVALID
&&
1511 c
->startup_io_weight
== CGROUP_WEIGHT_INVALID
&&
1512 c
->startup_blockio_weight
== CGROUP_BLKIO_WEIGHT_INVALID
)
1515 r
= set_ensure_allocated(&u
->manager
->startup_units
, NULL
);
1519 return set_put(u
->manager
->startup_units
, u
);
1522 int unit_load(Unit
*u
) {
1527 if (u
->in_load_queue
) {
1528 LIST_REMOVE(load_queue
, u
->manager
->load_queue
, u
);
1529 u
->in_load_queue
= false;
1532 if (u
->type
== _UNIT_TYPE_INVALID
)
1535 if (u
->load_state
!= UNIT_STUB
)
1538 if (u
->transient_file
) {
1539 /* Finalize transient file: if this is a transient unit file, as soon as we reach unit_load() the setup
1540 * is complete, hence let's synchronize the unit file we just wrote to disk. */
1542 r
= fflush_and_check(u
->transient_file
);
1546 u
->transient_file
= safe_fclose(u
->transient_file
);
1547 u
->fragment_mtime
= now(CLOCK_REALTIME
);
1550 if (UNIT_VTABLE(u
)->load
) {
1551 r
= UNIT_VTABLE(u
)->load(u
);
1556 if (u
->load_state
== UNIT_STUB
) {
1561 if (u
->load_state
== UNIT_LOADED
) {
1562 unit_add_to_target_deps_queue(u
);
1564 r
= unit_add_slice_dependencies(u
);
1568 r
= unit_add_mount_dependencies(u
);
1572 r
= unit_add_startup_units(u
);
1576 if (u
->on_failure_job_mode
== JOB_ISOLATE
&& hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) > 1) {
1577 log_unit_error(u
, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1582 if (u
->job_running_timeout
!= USEC_INFINITY
&& u
->job_running_timeout
> u
->job_timeout
)
1583 log_unit_warning(u
, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1585 /* We finished loading, let's ensure our parents recalculate the members mask */
1586 unit_invalidate_cgroup_members_masks(u
);
1589 assert((u
->load_state
!= UNIT_MERGED
) == !u
->merged_into
);
1591 unit_add_to_dbus_queue(unit_follow_merge(u
));
1592 unit_add_to_gc_queue(u
);
1597 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1598 * return ENOEXEC to ensure units are placed in this state after loading */
1600 u
->load_state
= u
->load_state
== UNIT_STUB
? UNIT_NOT_FOUND
:
1601 r
== -ENOEXEC
? UNIT_BAD_SETTING
:
1605 unit_add_to_dbus_queue(u
);
1606 unit_add_to_gc_queue(u
);
1608 return log_unit_debug_errno(u
, r
, "Failed to load configuration: %m");
1612 static int log_unit_internal(void *userdata
, int level
, int error
, const char *file
, int line
, const char *func
, const char *format
, ...) {
1617 va_start(ap
, format
);
1619 r
= log_object_internalv(level
, error
, file
, line
, func
,
1620 u
->manager
->unit_log_field
,
1622 u
->manager
->invocation_log_field
,
1623 u
->invocation_id_string
,
1626 r
= log_internalv(level
, error
, file
, line
, func
, format
, ap
);
1632 static bool unit_test_condition(Unit
*u
) {
1635 dual_timestamp_get(&u
->condition_timestamp
);
1636 u
->condition_result
= condition_test_list(u
->conditions
, condition_type_to_string
, log_unit_internal
, u
);
1638 unit_add_to_dbus_queue(u
);
1640 return u
->condition_result
;
1643 static bool unit_test_assert(Unit
*u
) {
1646 dual_timestamp_get(&u
->assert_timestamp
);
1647 u
->assert_result
= condition_test_list(u
->asserts
, assert_type_to_string
, log_unit_internal
, u
);
1649 unit_add_to_dbus_queue(u
);
1651 return u
->assert_result
;
1654 void unit_status_printf(Unit
*u
, const char *status
, const char *unit_status_msg_format
) {
1657 d
= unit_status_string(u
);
1658 if (log_get_show_color())
1659 d
= strjoina(ANSI_HIGHLIGHT
, d
, ANSI_NORMAL
);
1661 DISABLE_WARNING_FORMAT_NONLITERAL
;
1662 manager_status_printf(u
->manager
, STATUS_TYPE_NORMAL
, status
, unit_status_msg_format
, d
);
1666 int unit_test_start_limit(Unit
*u
) {
1671 if (ratelimit_below(&u
->start_limit
)) {
1672 u
->start_limit_hit
= false;
1676 log_unit_warning(u
, "Start request repeated too quickly.");
1677 u
->start_limit_hit
= true;
1679 reason
= strjoina("unit ", u
->id
, " failed");
1681 emergency_action(u
->manager
, u
->start_limit_action
,
1682 EMERGENCY_ACTION_IS_WATCHDOG
|EMERGENCY_ACTION_WARN
,
1683 u
->reboot_arg
, -1, reason
);
1688 bool unit_shall_confirm_spawn(Unit
*u
) {
1691 if (manager_is_confirm_spawn_disabled(u
->manager
))
1694 /* For some reasons units remaining in the same process group
1695 * as PID 1 fail to acquire the console even if it's not used
1696 * by any process. So skip the confirmation question for them. */
1697 return !unit_get_exec_context(u
)->same_pgrp
;
1700 static bool unit_verify_deps(Unit
*u
) {
1707 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1708 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1709 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1710 * conjunction with After= as for them any such check would make things entirely racy. */
1712 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], j
) {
1714 if (!hashmap_contains(u
->dependencies
[UNIT_AFTER
], other
))
1717 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other
))) {
1718 log_unit_notice(u
, "Bound to unit %s, but unit isn't active.", other
->id
);
1726 /* Errors that aren't really errors:
1727 * -EALREADY: Unit is already started.
1728 * -ECOMM: Condition failed
1729 * -EAGAIN: An operation is already in progress. Retry later.
1731 * Errors that are real errors:
1732 * -EBADR: This unit type does not support starting.
1733 * -ECANCELED: Start limit hit, too many requests for now
1734 * -EPROTO: Assert failed
1735 * -EINVAL: Unit not loaded
1736 * -EOPNOTSUPP: Unit type not supported
1737 * -ENOLINK: The necessary dependencies are not fulfilled.
1738 * -ESTALE: This unit has been started before and can't be started a second time
1739 * -ENOENT: This is a triggering unit and unit to trigger is not loaded
1741 int unit_start(Unit
*u
) {
1742 UnitActiveState state
;
1748 /* If this is already started, then this will succeed. Note that this will even succeed if this unit
1749 * is not startable by the user. This is relied on to detect when we need to wait for units and when
1750 * waiting is finished. */
1751 state
= unit_active_state(u
);
1752 if (UNIT_IS_ACTIVE_OR_RELOADING(state
))
1754 if (state
== UNIT_MAINTENANCE
)
1757 /* Units that aren't loaded cannot be started */
1758 if (u
->load_state
!= UNIT_LOADED
)
1761 /* Refuse starting scope units more than once */
1762 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_enter_timestamp
))
1765 /* If the conditions failed, don't do anything at all. If we already are activating this call might
1766 * still be useful to speed up activation in case there is some hold-off time, but we don't want to
1767 * recheck the condition in that case. */
1768 if (state
!= UNIT_ACTIVATING
&&
1769 !unit_test_condition(u
)) {
1771 /* Let's also check the start limit here. Normally, the start limit is only checked by the
1772 * .start() method of the unit type after it did some additional checks verifying everything
1773 * is in order (so that those other checks can propagate errors properly). However, if a
1774 * condition check doesn't hold we don't get that far but we should still ensure we are not
1775 * called in a tight loop without a rate limit check enforced, hence do the check here. Note
1776 * that ECOMM is generally not a reason for a job to fail, unlike most other errors here,
1777 * hence the chance is big that any triggering unit for us will trigger us again. Note this
1778 * condition check is a bit different from the condition check inside the per-unit .start()
1779 * function, as this one will not change the unit's state in any way (and we shouldn't here,
1780 * after all the condition failed). */
1782 r
= unit_test_start_limit(u
);
1786 return log_unit_debug_errno(u
, SYNTHETIC_ERRNO(ECOMM
), "Starting requested but condition failed. Not starting unit.");
1789 /* If the asserts failed, fail the entire job */
1790 if (state
!= UNIT_ACTIVATING
&&
1791 !unit_test_assert(u
))
1792 return log_unit_notice_errno(u
, SYNTHETIC_ERRNO(EPROTO
), "Starting requested but asserts failed.");
1794 /* Units of types that aren't supported cannot be started. Note that we do this test only after the
1795 * condition checks, so that we rather return condition check errors (which are usually not
1796 * considered a true failure) than "not supported" errors (which are considered a failure).
1798 if (!unit_type_supported(u
->type
))
1801 /* Let's make sure that the deps really are in order before we start this. Normally the job engine
1802 * should have taken care of this already, but let's check this here again. After all, our
1803 * dependencies might not be in effect anymore, due to a reload or due to a failed condition. */
1804 if (!unit_verify_deps(u
))
1807 /* Forward to the main object, if we aren't it. */
1808 following
= unit_following(u
);
1810 log_unit_debug(u
, "Redirecting start request from %s to %s.", u
->id
, following
->id
);
1811 return unit_start(following
);
1814 /* If it is stopped, but we cannot start it, then fail */
1815 if (!UNIT_VTABLE(u
)->start
)
1818 /* We don't suppress calls to ->start() here when we are already starting, to allow this request to
1819 * be used as a "hurry up" call, for example when the unit is in some "auto restart" state where it
1820 * waits for a holdoff timer to elapse before it will start again. */
1822 unit_add_to_dbus_queue(u
);
1824 return UNIT_VTABLE(u
)->start(u
);
1827 bool unit_can_start(Unit
*u
) {
1830 if (u
->load_state
!= UNIT_LOADED
)
1833 if (!unit_type_supported(u
->type
))
1836 /* Scope units may be started only once */
1837 if (UNIT_VTABLE(u
)->once_only
&& dual_timestamp_is_set(&u
->inactive_exit_timestamp
))
1840 return !!UNIT_VTABLE(u
)->start
;
1843 bool unit_can_isolate(Unit
*u
) {
1846 return unit_can_start(u
) &&
1851 * -EBADR: This unit type does not support stopping.
1852 * -EALREADY: Unit is already stopped.
1853 * -EAGAIN: An operation is already in progress. Retry later.
1855 int unit_stop(Unit
*u
) {
1856 UnitActiveState state
;
1861 state
= unit_active_state(u
);
1862 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
1865 following
= unit_following(u
);
1867 log_unit_debug(u
, "Redirecting stop request from %s to %s.", u
->id
, following
->id
);
1868 return unit_stop(following
);
1871 if (!UNIT_VTABLE(u
)->stop
)
1874 unit_add_to_dbus_queue(u
);
1876 return UNIT_VTABLE(u
)->stop(u
);
1879 bool unit_can_stop(Unit
*u
) {
1882 if (!unit_type_supported(u
->type
))
1888 return !!UNIT_VTABLE(u
)->stop
;
1892 * -EBADR: This unit type does not support reloading.
1893 * -ENOEXEC: Unit is not started.
1894 * -EAGAIN: An operation is already in progress. Retry later.
1896 int unit_reload(Unit
*u
) {
1897 UnitActiveState state
;
1902 if (u
->load_state
!= UNIT_LOADED
)
1905 if (!unit_can_reload(u
))
1908 state
= unit_active_state(u
);
1909 if (state
== UNIT_RELOADING
)
1912 if (state
!= UNIT_ACTIVE
) {
1913 log_unit_warning(u
, "Unit cannot be reloaded because it is inactive.");
1917 following
= unit_following(u
);
1919 log_unit_debug(u
, "Redirecting reload request from %s to %s.", u
->id
, following
->id
);
1920 return unit_reload(following
);
1923 unit_add_to_dbus_queue(u
);
1925 if (!UNIT_VTABLE(u
)->reload
) {
1926 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1927 unit_notify(u
, unit_active_state(u
), unit_active_state(u
), 0);
1931 return UNIT_VTABLE(u
)->reload(u
);
1934 bool unit_can_reload(Unit
*u
) {
1937 if (UNIT_VTABLE(u
)->can_reload
)
1938 return UNIT_VTABLE(u
)->can_reload(u
);
1940 if (!hashmap_isempty(u
->dependencies
[UNIT_PROPAGATES_RELOAD_TO
]))
1943 return UNIT_VTABLE(u
)->reload
;
1946 bool unit_is_unneeded(Unit
*u
) {
1947 static const UnitDependency deps
[] = {
1957 if (!u
->stop_when_unneeded
)
1960 /* Don't clean up while the unit is transitioning or is even inactive. */
1961 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u
)))
1966 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
1971 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
1972 * restart, then don't clean this one up. */
1974 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
) {
1978 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
1981 if (unit_will_restart(other
))
1989 static void check_unneeded_dependencies(Unit
*u
) {
1991 static const UnitDependency deps
[] = {
2001 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2003 for (j
= 0; j
< ELEMENTSOF(deps
); j
++) {
2008 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[deps
[j
]], i
)
2009 unit_submit_to_stop_when_unneeded_queue(other
);
2013 static void unit_check_binds_to(Unit
*u
) {
2014 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2026 if (unit_active_state(u
) != UNIT_ACTIVE
)
2029 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
) {
2033 if (!other
->coldplugged
)
2034 /* We might yet create a job for the other unit… */
2037 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other
)))
2047 /* If stopping a unit fails continuously we might enter a stop
2048 * loop here, hence stop acting on the service being
2049 * unnecessary after a while. */
2050 if (!ratelimit_below(&u
->auto_stop_ratelimit
)) {
2051 log_unit_warning(u
, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other
->id
);
2056 log_unit_info(u
, "Unit is bound to inactive unit %s. Stopping, too.", other
->id
);
2058 /* A unit we need to run is gone. Sniff. Let's stop this. */
2059 r
= manager_add_job(u
->manager
, JOB_STOP
, u
, JOB_FAIL
, NULL
, &error
, NULL
);
2061 log_unit_warning_errno(u
, r
, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error
, r
));
2064 static void retroactively_start_dependencies(Unit
*u
) {
2070 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)));
2072 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_REQUIRES
], i
)
2073 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2074 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2075 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2077 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BINDS_TO
], i
)
2078 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2079 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2080 manager_add_job(u
->manager
, JOB_START
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2082 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_WANTS
], i
)
2083 if (!hashmap_get(u
->dependencies
[UNIT_AFTER
], other
) &&
2084 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other
)))
2085 manager_add_job(u
->manager
, JOB_START
, other
, JOB_FAIL
, NULL
, NULL
, NULL
);
2087 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTS
], i
)
2088 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2089 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2091 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_CONFLICTED_BY
], i
)
2092 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2093 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2096 static void retroactively_stop_dependencies(Unit
*u
) {
2102 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)));
2104 /* Pull down units which are bound to us recursively if enabled */
2105 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_BOUND_BY
], i
)
2106 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other
)))
2107 manager_add_job(u
->manager
, JOB_STOP
, other
, JOB_REPLACE
, NULL
, NULL
, NULL
);
2110 void unit_start_on_failure(Unit
*u
) {
2118 if (hashmap_size(u
->dependencies
[UNIT_ON_FAILURE
]) <= 0)
2121 log_unit_info(u
, "Triggering OnFailure= dependencies.");
2123 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_ON_FAILURE
], i
) {
2124 _cleanup_(sd_bus_error_free
) sd_bus_error error
= SD_BUS_ERROR_NULL
;
2126 r
= manager_add_job(u
->manager
, JOB_START
, other
, u
->on_failure_job_mode
, NULL
, &error
, NULL
);
2128 log_unit_warning_errno(u
, r
, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error
, r
));
2132 void unit_trigger_notify(Unit
*u
) {
2139 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_TRIGGERED_BY
], i
)
2140 if (UNIT_VTABLE(other
)->trigger_notify
)
2141 UNIT_VTABLE(other
)->trigger_notify(other
, u
);
2144 static int unit_log_resources(Unit
*u
) {
2145 struct iovec iovec
[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX
+ _CGROUP_IO_ACCOUNTING_METRIC_MAX
+ 4];
2146 bool any_traffic
= false, have_ip_accounting
= false, any_io
= false, have_io_accounting
= false;
2147 _cleanup_free_
char *igress
= NULL
, *egress
= NULL
, *rr
= NULL
, *wr
= NULL
;
2148 size_t n_message_parts
= 0, n_iovec
= 0;
2149 char* message_parts
[1 + 2 + 2 + 1], *t
;
2150 nsec_t nsec
= NSEC_INFINITY
;
2151 CGroupIPAccountingMetric m
;
2154 const char* const ip_fields
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
2155 [CGROUP_IP_INGRESS_BYTES
] = "IP_METRIC_INGRESS_BYTES",
2156 [CGROUP_IP_INGRESS_PACKETS
] = "IP_METRIC_INGRESS_PACKETS",
2157 [CGROUP_IP_EGRESS_BYTES
] = "IP_METRIC_EGRESS_BYTES",
2158 [CGROUP_IP_EGRESS_PACKETS
] = "IP_METRIC_EGRESS_PACKETS",
2160 const char* const io_fields
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
2161 [CGROUP_IO_READ_BYTES
] = "IO_METRIC_READ_BYTES",
2162 [CGROUP_IO_WRITE_BYTES
] = "IO_METRIC_WRITE_BYTES",
2163 [CGROUP_IO_READ_OPERATIONS
] = "IO_METRIC_READ_OPERATIONS",
2164 [CGROUP_IO_WRITE_OPERATIONS
] = "IO_METRIC_WRITE_OPERATIONS",
2169 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2170 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2171 * information and the complete data in structured fields. */
2173 (void) unit_get_cpu_usage(u
, &nsec
);
2174 if (nsec
!= NSEC_INFINITY
) {
2175 char buf
[FORMAT_TIMESPAN_MAX
] = "";
2177 /* Format the CPU time for inclusion in the structured log message */
2178 if (asprintf(&t
, "CPU_USAGE_NSEC=%" PRIu64
, nsec
) < 0) {
2182 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2184 /* Format the CPU time for inclusion in the human language message string */
2185 format_timespan(buf
, sizeof(buf
), nsec
/ NSEC_PER_USEC
, USEC_PER_MSEC
);
2186 t
= strjoin("consumed ", buf
, " CPU time");
2192 message_parts
[n_message_parts
++] = t
;
2195 for (CGroupIOAccountingMetric k
= 0; k
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; k
++) {
2196 char buf
[FORMAT_BYTES_MAX
] = "";
2197 uint64_t value
= UINT64_MAX
;
2199 assert(io_fields
[k
]);
2201 (void) unit_get_io_accounting(u
, k
, k
> 0, &value
);
2202 if (value
== UINT64_MAX
)
2205 have_io_accounting
= true;
2209 /* Format IO accounting data for inclusion in the structured log message */
2210 if (asprintf(&t
, "%s=%" PRIu64
, io_fields
[k
], value
) < 0) {
2214 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2216 /* Format the IO accounting data for inclusion in the human language message string, but only
2217 * for the bytes counters (and not for the operations counters) */
2218 if (k
== CGROUP_IO_READ_BYTES
) {
2220 rr
= strjoin("read ", format_bytes(buf
, sizeof(buf
), value
), " from disk");
2225 } else if (k
== CGROUP_IO_WRITE_BYTES
) {
2227 wr
= strjoin("written ", format_bytes(buf
, sizeof(buf
), value
), " to disk");
2235 if (have_io_accounting
) {
2238 message_parts
[n_message_parts
++] = TAKE_PTR(rr
);
2240 message_parts
[n_message_parts
++] = TAKE_PTR(wr
);
2245 k
= strdup("no IO");
2251 message_parts
[n_message_parts
++] = k
;
2255 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
2256 char buf
[FORMAT_BYTES_MAX
] = "";
2257 uint64_t value
= UINT64_MAX
;
2259 assert(ip_fields
[m
]);
2261 (void) unit_get_ip_accounting(u
, m
, &value
);
2262 if (value
== UINT64_MAX
)
2265 have_ip_accounting
= true;
2269 /* Format IP accounting data for inclusion in the structured log message */
2270 if (asprintf(&t
, "%s=%" PRIu64
, ip_fields
[m
], value
) < 0) {
2274 iovec
[n_iovec
++] = IOVEC_MAKE_STRING(t
);
2276 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2277 * bytes counters (and not for the packets counters) */
2278 if (m
== CGROUP_IP_INGRESS_BYTES
) {
2280 igress
= strjoin("received ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2285 } else if (m
== CGROUP_IP_EGRESS_BYTES
) {
2287 egress
= strjoin("sent ", format_bytes(buf
, sizeof(buf
), value
), " IP traffic");
2295 if (have_ip_accounting
) {
2298 message_parts
[n_message_parts
++] = TAKE_PTR(igress
);
2300 message_parts
[n_message_parts
++] = TAKE_PTR(egress
);
2305 k
= strdup("no IP traffic");
2311 message_parts
[n_message_parts
++] = k
;
2315 /* Is there any accounting data available at all? */
2321 if (n_message_parts
== 0)
2322 t
= strjoina("MESSAGE=", u
->id
, ": Completed.");
2324 _cleanup_free_
char *joined
;
2326 message_parts
[n_message_parts
] = NULL
;
2328 joined
= strv_join(message_parts
, ", ");
2334 joined
[0] = ascii_toupper(joined
[0]);
2335 t
= strjoina("MESSAGE=", u
->id
, ": ", joined
, ".");
2338 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2339 * and hence don't increase n_iovec for them */
2340 iovec
[n_iovec
] = IOVEC_MAKE_STRING(t
);
2341 iovec
[n_iovec
+ 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR
);
2343 t
= strjoina(u
->manager
->unit_log_field
, u
->id
);
2344 iovec
[n_iovec
+ 2] = IOVEC_MAKE_STRING(t
);
2346 t
= strjoina(u
->manager
->invocation_log_field
, u
->invocation_id_string
);
2347 iovec
[n_iovec
+ 3] = IOVEC_MAKE_STRING(t
);
2349 log_struct_iovec(LOG_INFO
, iovec
, n_iovec
+ 4);
2353 for (i
= 0; i
< n_message_parts
; i
++)
2354 free(message_parts
[i
]);
2356 for (i
= 0; i
< n_iovec
; i
++)
2357 free(iovec
[i
].iov_base
);
2363 static void unit_update_on_console(Unit
*u
) {
2368 b
= unit_needs_console(u
);
2369 if (u
->on_console
== b
)
2374 manager_ref_console(u
->manager
);
2376 manager_unref_console(u
->manager
);
2379 static void unit_emit_audit_start(Unit
*u
) {
2382 if (u
->type
!= UNIT_SERVICE
)
2385 /* Write audit record if we have just finished starting up */
2386 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, true);
2390 static void unit_emit_audit_stop(Unit
*u
, UnitActiveState state
) {
2393 if (u
->type
!= UNIT_SERVICE
)
2397 /* Write audit record if we have just finished shutting down */
2398 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, state
== UNIT_INACTIVE
);
2399 u
->in_audit
= false;
2401 /* Hmm, if there was no start record written write it now, so that we always have a nice pair */
2402 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_START
, state
== UNIT_INACTIVE
);
2404 if (state
== UNIT_INACTIVE
)
2405 manager_send_unit_audit(u
->manager
, u
, AUDIT_SERVICE_STOP
, true);
2409 static bool unit_process_job(Job
*j
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2410 bool unexpected
= false;
2415 if (j
->state
== JOB_WAITING
)
2417 /* So we reached a different state for this job. Let's see if we can run it now if it failed previously
2419 job_add_to_run_queue(j
);
2421 /* Let's check whether the unit's new state constitutes a finished job, or maybe contradicts a running job and
2422 * hence needs to invalidate jobs. */
2427 case JOB_VERIFY_ACTIVE
:
2429 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2430 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2431 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_ACTIVATING
) {
2434 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2435 if (ns
== UNIT_FAILED
)
2436 result
= JOB_FAILED
;
2437 else if (FLAGS_SET(flags
, UNIT_NOTIFY_SKIP_CONDITION
))
2438 result
= JOB_SKIPPED
;
2442 job_finish_and_invalidate(j
, result
, true, false);
2449 case JOB_RELOAD_OR_START
:
2450 case JOB_TRY_RELOAD
:
2452 if (j
->state
== JOB_RUNNING
) {
2453 if (ns
== UNIT_ACTIVE
)
2454 job_finish_and_invalidate(j
, (flags
& UNIT_NOTIFY_RELOAD_FAILURE
) ? JOB_FAILED
: JOB_DONE
, true, false);
2455 else if (!IN_SET(ns
, UNIT_ACTIVATING
, UNIT_RELOADING
)) {
2458 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2459 job_finish_and_invalidate(j
, ns
== UNIT_FAILED
? JOB_FAILED
: JOB_DONE
, true, false);
2467 case JOB_TRY_RESTART
:
2469 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2470 job_finish_and_invalidate(j
, JOB_DONE
, true, false);
2471 else if (j
->state
== JOB_RUNNING
&& ns
!= UNIT_DEACTIVATING
) {
2473 job_finish_and_invalidate(j
, JOB_FAILED
, true, false);
2479 assert_not_reached("Job type unknown");
2485 void unit_notify(Unit
*u
, UnitActiveState os
, UnitActiveState ns
, UnitNotifyFlags flags
) {
2490 assert(os
< _UNIT_ACTIVE_STATE_MAX
);
2491 assert(ns
< _UNIT_ACTIVE_STATE_MAX
);
2493 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2494 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2495 * remounted this function will be called too! */
2499 /* Let's enqueue the change signal early. In case this unit has a job associated we want that this unit is in
2500 * the bus queue, so that any job change signal queued will force out the unit change signal first. */
2501 unit_add_to_dbus_queue(u
);
2503 /* Update timestamps for state changes */
2504 if (!MANAGER_IS_RELOADING(m
)) {
2505 dual_timestamp_get(&u
->state_change_timestamp
);
2507 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && !UNIT_IS_INACTIVE_OR_FAILED(ns
))
2508 u
->inactive_exit_timestamp
= u
->state_change_timestamp
;
2509 else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_INACTIVE_OR_FAILED(ns
))
2510 u
->inactive_enter_timestamp
= u
->state_change_timestamp
;
2512 if (!UNIT_IS_ACTIVE_OR_RELOADING(os
) && UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2513 u
->active_enter_timestamp
= u
->state_change_timestamp
;
2514 else if (UNIT_IS_ACTIVE_OR_RELOADING(os
) && !UNIT_IS_ACTIVE_OR_RELOADING(ns
))
2515 u
->active_exit_timestamp
= u
->state_change_timestamp
;
2518 /* Keep track of failed units */
2519 (void) manager_update_failed_units(m
, u
, ns
== UNIT_FAILED
);
2521 /* Make sure the cgroup and state files are always removed when we become inactive */
2522 if (UNIT_IS_INACTIVE_OR_FAILED(ns
)) {
2523 unit_prune_cgroup(u
);
2524 unit_unlink_state_files(u
);
2527 unit_update_on_console(u
);
2529 if (!MANAGER_IS_RELOADING(m
)) {
2532 /* Let's propagate state changes to the job */
2534 unexpected
= unit_process_job(u
->job
, ns
, flags
);
2538 /* If this state change happened without being requested by a job, then let's retroactively start or
2539 * stop dependencies. We skip that step when deserializing, since we don't want to create any
2540 * additional jobs just because something is already activated. */
2543 if (UNIT_IS_INACTIVE_OR_FAILED(os
) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns
))
2544 retroactively_start_dependencies(u
);
2545 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os
) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns
))
2546 retroactively_stop_dependencies(u
);
2549 /* stop unneeded units regardless if going down was expected or not */
2550 if (UNIT_IS_INACTIVE_OR_FAILED(ns
))
2551 check_unneeded_dependencies(u
);
2553 if (ns
!= os
&& ns
== UNIT_FAILED
) {
2554 log_unit_debug(u
, "Unit entered failed state.");
2556 if (!(flags
& UNIT_NOTIFY_WILL_AUTO_RESTART
))
2557 unit_start_on_failure(u
);
2560 if (UNIT_IS_ACTIVE_OR_RELOADING(ns
) && !UNIT_IS_ACTIVE_OR_RELOADING(os
)) {
2561 /* This unit just finished starting up */
2563 unit_emit_audit_start(u
);
2564 manager_send_unit_plymouth(m
, u
);
2567 if (UNIT_IS_INACTIVE_OR_FAILED(ns
) && !UNIT_IS_INACTIVE_OR_FAILED(os
)) {
2568 /* This unit just stopped/failed. */
2570 unit_emit_audit_stop(u
, ns
);
2571 unit_log_resources(u
);
2575 manager_recheck_journal(m
);
2576 manager_recheck_dbus(m
);
2578 unit_trigger_notify(u
);
2580 if (!MANAGER_IS_RELOADING(m
)) {
2581 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2582 unit_submit_to_stop_when_unneeded_queue(u
);
2584 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2585 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2586 * without ever entering started.) */
2587 unit_check_binds_to(u
);
2589 if (os
!= UNIT_FAILED
&& ns
== UNIT_FAILED
) {
2590 reason
= strjoina("unit ", u
->id
, " failed");
2591 emergency_action(m
, u
->failure_action
, 0, u
->reboot_arg
, unit_failure_action_exit_status(u
), reason
);
2592 } else if (!UNIT_IS_INACTIVE_OR_FAILED(os
) && ns
== UNIT_INACTIVE
) {
2593 reason
= strjoina("unit ", u
->id
, " succeeded");
2594 emergency_action(m
, u
->success_action
, 0, u
->reboot_arg
, unit_success_action_exit_status(u
), reason
);
2598 unit_add_to_gc_queue(u
);
2601 int unit_watch_pid(Unit
*u
, pid_t pid
, bool exclusive
) {
2605 assert(pid_is_valid(pid
));
2607 /* Watch a specific PID */
2609 /* Caller might be sure that this PID belongs to this unit only. Let's take this
2610 * opportunity to remove any stalled references to this PID as they can be created
2611 * easily (when watching a process which is not our direct child). */
2613 manager_unwatch_pid(u
->manager
, pid
);
2615 r
= set_ensure_allocated(&u
->pids
, NULL
);
2619 r
= hashmap_ensure_allocated(&u
->manager
->watch_pids
, NULL
);
2623 /* First try, let's add the unit keyed by "pid". */
2624 r
= hashmap_put(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2630 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2631 * to an array of Units rather than just a Unit), lists us already. */
2633 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2635 for (; array
[n
]; n
++)
2639 if (found
) /* Found it already? if so, do nothing */
2644 /* Allocate a new array */
2645 new_array
= new(Unit
*, n
+ 2);
2649 memcpy_safe(new_array
, array
, sizeof(Unit
*) * n
);
2651 new_array
[n
+1] = NULL
;
2653 /* Add or replace the old array */
2654 r
= hashmap_replace(u
->manager
->watch_pids
, PID_TO_PTR(-pid
), new_array
);
2665 r
= set_put(u
->pids
, PID_TO_PTR(pid
));
2672 void unit_unwatch_pid(Unit
*u
, pid_t pid
) {
2676 assert(pid_is_valid(pid
));
2678 /* First let's drop the unit in case it's keyed as "pid". */
2679 (void) hashmap_remove_value(u
->manager
->watch_pids
, PID_TO_PTR(pid
), u
);
2681 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2682 array
= hashmap_get(u
->manager
->watch_pids
, PID_TO_PTR(-pid
));
2686 /* Let's iterate through the array, dropping our own entry */
2687 for (n
= 0; array
[n
]; n
++)
2689 array
[m
++] = array
[n
];
2693 /* The array is now empty, remove the entire entry */
2694 assert(hashmap_remove(u
->manager
->watch_pids
, PID_TO_PTR(-pid
)) == array
);
2699 (void) set_remove(u
->pids
, PID_TO_PTR(pid
));
2702 void unit_unwatch_all_pids(Unit
*u
) {
2705 while (!set_isempty(u
->pids
))
2706 unit_unwatch_pid(u
, PTR_TO_PID(set_first(u
->pids
)));
2708 u
->pids
= set_free(u
->pids
);
2711 static void unit_tidy_watch_pids(Unit
*u
) {
2712 pid_t except1
, except2
;
2718 /* Cleans dead PIDs from our list */
2720 except1
= unit_main_pid(u
);
2721 except2
= unit_control_pid(u
);
2723 SET_FOREACH(e
, u
->pids
, i
) {
2724 pid_t pid
= PTR_TO_PID(e
);
2726 if (pid
== except1
|| pid
== except2
)
2729 if (!pid_is_unwaited(pid
))
2730 unit_unwatch_pid(u
, pid
);
2734 static int on_rewatch_pids_event(sd_event_source
*s
, void *userdata
) {
2740 unit_tidy_watch_pids(u
);
2741 unit_watch_all_pids(u
);
2743 /* If the PID set is empty now, then let's finish this off. */
2744 unit_synthesize_cgroup_empty_event(u
);
2749 int unit_enqueue_rewatch_pids(Unit
*u
) {
2754 if (!u
->cgroup_path
)
2757 r
= cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
);
2760 if (r
> 0) /* On unified we can use proper notifications */
2763 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2764 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2765 * involves issuing kill(pid, 0) on all processes we watch. */
2767 if (!u
->rewatch_pids_event_source
) {
2768 _cleanup_(sd_event_source_unrefp
) sd_event_source
*s
= NULL
;
2770 r
= sd_event_add_defer(u
->manager
->event
, &s
, on_rewatch_pids_event
, u
);
2772 return log_error_errno(r
, "Failed to allocate event source for tidying watched PIDs: %m");
2774 r
= sd_event_source_set_priority(s
, SD_EVENT_PRIORITY_IDLE
);
2776 return log_error_errno(r
, "Failed to adjust priority of event source for tidying watched PIDs: m");
2778 (void) sd_event_source_set_description(s
, "tidy-watch-pids");
2780 u
->rewatch_pids_event_source
= TAKE_PTR(s
);
2783 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_ONESHOT
);
2785 return log_error_errno(r
, "Failed to enable event source for tidying watched PIDs: %m");
2790 void unit_dequeue_rewatch_pids(Unit
*u
) {
2794 if (!u
->rewatch_pids_event_source
)
2797 r
= sd_event_source_set_enabled(u
->rewatch_pids_event_source
, SD_EVENT_OFF
);
2799 log_warning_errno(r
, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2801 u
->rewatch_pids_event_source
= sd_event_source_unref(u
->rewatch_pids_event_source
);
2804 bool unit_job_is_applicable(Unit
*u
, JobType j
) {
2806 assert(j
>= 0 && j
< _JOB_TYPE_MAX
);
2810 case JOB_VERIFY_ACTIVE
:
2813 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2814 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2819 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2820 * external events), hence it makes no sense to permit enqueing such a request either. */
2821 return !u
->perpetual
;
2824 case JOB_TRY_RESTART
:
2825 return unit_can_stop(u
) && unit_can_start(u
);
2828 case JOB_TRY_RELOAD
:
2829 return unit_can_reload(u
);
2831 case JOB_RELOAD_OR_START
:
2832 return unit_can_reload(u
) && unit_can_start(u
);
2835 assert_not_reached("Invalid job type");
2839 static void maybe_warn_about_dependency(Unit
*u
, const char *other
, UnitDependency dependency
) {
2842 /* Only warn about some unit types */
2843 if (!IN_SET(dependency
, UNIT_CONFLICTS
, UNIT_CONFLICTED_BY
, UNIT_BEFORE
, UNIT_AFTER
, UNIT_ON_FAILURE
, UNIT_TRIGGERS
, UNIT_TRIGGERED_BY
))
2846 if (streq_ptr(u
->id
, other
))
2847 log_unit_warning(u
, "Dependency %s=%s dropped", unit_dependency_to_string(dependency
), u
->id
);
2849 log_unit_warning(u
, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency
), strna(other
), u
->id
);
2852 static int unit_add_dependency_hashmap(
2855 UnitDependencyMask origin_mask
,
2856 UnitDependencyMask destination_mask
) {
2858 UnitDependencyInfo info
;
2863 assert(origin_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2864 assert(destination_mask
< _UNIT_DEPENDENCY_MASK_FULL
);
2865 assert(origin_mask
> 0 || destination_mask
> 0);
2867 r
= hashmap_ensure_allocated(h
, NULL
);
2871 assert_cc(sizeof(void*) == sizeof(info
));
2873 info
.data
= hashmap_get(*h
, other
);
2875 /* Entry already exists. Add in our mask. */
2877 if (FLAGS_SET(origin_mask
, info
.origin_mask
) &&
2878 FLAGS_SET(destination_mask
, info
.destination_mask
))
2881 info
.origin_mask
|= origin_mask
;
2882 info
.destination_mask
|= destination_mask
;
2884 r
= hashmap_update(*h
, other
, info
.data
);
2886 info
= (UnitDependencyInfo
) {
2887 .origin_mask
= origin_mask
,
2888 .destination_mask
= destination_mask
,
2891 r
= hashmap_put(*h
, other
, info
.data
);
2899 int unit_add_dependency(
2904 UnitDependencyMask mask
) {
2906 static const UnitDependency inverse_table
[_UNIT_DEPENDENCY_MAX
] = {
2907 [UNIT_REQUIRES
] = UNIT_REQUIRED_BY
,
2908 [UNIT_WANTS
] = UNIT_WANTED_BY
,
2909 [UNIT_REQUISITE
] = UNIT_REQUISITE_OF
,
2910 [UNIT_BINDS_TO
] = UNIT_BOUND_BY
,
2911 [UNIT_PART_OF
] = UNIT_CONSISTS_OF
,
2912 [UNIT_REQUIRED_BY
] = UNIT_REQUIRES
,
2913 [UNIT_REQUISITE_OF
] = UNIT_REQUISITE
,
2914 [UNIT_WANTED_BY
] = UNIT_WANTS
,
2915 [UNIT_BOUND_BY
] = UNIT_BINDS_TO
,
2916 [UNIT_CONSISTS_OF
] = UNIT_PART_OF
,
2917 [UNIT_CONFLICTS
] = UNIT_CONFLICTED_BY
,
2918 [UNIT_CONFLICTED_BY
] = UNIT_CONFLICTS
,
2919 [UNIT_BEFORE
] = UNIT_AFTER
,
2920 [UNIT_AFTER
] = UNIT_BEFORE
,
2921 [UNIT_ON_FAILURE
] = _UNIT_DEPENDENCY_INVALID
,
2922 [UNIT_REFERENCES
] = UNIT_REFERENCED_BY
,
2923 [UNIT_REFERENCED_BY
] = UNIT_REFERENCES
,
2924 [UNIT_TRIGGERS
] = UNIT_TRIGGERED_BY
,
2925 [UNIT_TRIGGERED_BY
] = UNIT_TRIGGERS
,
2926 [UNIT_PROPAGATES_RELOAD_TO
] = UNIT_RELOAD_PROPAGATED_FROM
,
2927 [UNIT_RELOAD_PROPAGATED_FROM
] = UNIT_PROPAGATES_RELOAD_TO
,
2928 [UNIT_JOINS_NAMESPACE_OF
] = UNIT_JOINS_NAMESPACE_OF
,
2930 Unit
*original_u
= u
, *original_other
= other
;
2934 assert(d
>= 0 && d
< _UNIT_DEPENDENCY_MAX
);
2937 u
= unit_follow_merge(u
);
2938 other
= unit_follow_merge(other
);
2940 /* We won't allow dependencies on ourselves. We will not
2941 * consider them an error however. */
2943 maybe_warn_about_dependency(original_u
, original_other
->id
, d
);
2947 if ((d
== UNIT_BEFORE
&& other
->type
== UNIT_DEVICE
) ||
2948 (d
== UNIT_AFTER
&& u
->type
== UNIT_DEVICE
)) {
2949 log_unit_warning(u
, "Dependency Before=%s ignored (.device units cannot be delayed)", other
->id
);
2953 r
= unit_add_dependency_hashmap(u
->dependencies
+ d
, other
, mask
, 0);
2957 if (inverse_table
[d
] != _UNIT_DEPENDENCY_INVALID
&& inverse_table
[d
] != d
) {
2958 r
= unit_add_dependency_hashmap(other
->dependencies
+ inverse_table
[d
], u
, 0, mask
);
2963 if (add_reference
) {
2964 r
= unit_add_dependency_hashmap(u
->dependencies
+ UNIT_REFERENCES
, other
, mask
, 0);
2968 r
= unit_add_dependency_hashmap(other
->dependencies
+ UNIT_REFERENCED_BY
, u
, 0, mask
);
2973 unit_add_to_dbus_queue(u
);
2977 int unit_add_two_dependencies(Unit
*u
, UnitDependency d
, UnitDependency e
, Unit
*other
, bool add_reference
, UnitDependencyMask mask
) {
2982 r
= unit_add_dependency(u
, d
, other
, add_reference
, mask
);
2986 return unit_add_dependency(u
, e
, other
, add_reference
, mask
);
2989 static int resolve_template(Unit
*u
, const char *name
, char **buf
, const char **ret
) {
2997 if (!unit_name_is_valid(name
, UNIT_NAME_TEMPLATE
)) {
3004 r
= unit_name_replace_instance(name
, u
->instance
, buf
);
3006 _cleanup_free_
char *i
= NULL
;
3008 r
= unit_name_to_prefix(u
->id
, &i
);
3012 r
= unit_name_replace_instance(name
, i
, buf
);
3021 int unit_add_dependency_by_name(Unit
*u
, UnitDependency d
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3022 _cleanup_free_
char *buf
= NULL
;
3029 r
= resolve_template(u
, name
, &buf
, &name
);
3033 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3037 return unit_add_dependency(u
, d
, other
, add_reference
, mask
);
3040 int unit_add_two_dependencies_by_name(Unit
*u
, UnitDependency d
, UnitDependency e
, const char *name
, bool add_reference
, UnitDependencyMask mask
) {
3041 _cleanup_free_
char *buf
= NULL
;
3048 r
= resolve_template(u
, name
, &buf
, &name
);
3052 r
= manager_load_unit(u
->manager
, name
, NULL
, NULL
, &other
);
3056 return unit_add_two_dependencies(u
, d
, e
, other
, add_reference
, mask
);
3059 int set_unit_path(const char *p
) {
3060 /* This is mostly for debug purposes */
3061 if (setenv("SYSTEMD_UNIT_PATH", p
, 1) < 0)
3067 char *unit_dbus_path(Unit
*u
) {
3073 return unit_dbus_path_from_name(u
->id
);
3076 char *unit_dbus_path_invocation_id(Unit
*u
) {
3079 if (sd_id128_is_null(u
->invocation_id
))
3082 return unit_dbus_path_from_name(u
->invocation_id_string
);
3085 int unit_set_slice(Unit
*u
, Unit
*slice
) {
3089 /* Sets the unit slice if it has not been set before. Is extra
3090 * careful, to only allow this for units that actually have a
3091 * cgroup context. Also, we don't allow to set this for slices
3092 * (since the parent slice is derived from the name). Make
3093 * sure the unit we set is actually a slice. */
3095 if (!UNIT_HAS_CGROUP_CONTEXT(u
))
3098 if (u
->type
== UNIT_SLICE
)
3101 if (unit_active_state(u
) != UNIT_INACTIVE
)
3104 if (slice
->type
!= UNIT_SLICE
)
3107 if (unit_has_name(u
, SPECIAL_INIT_SCOPE
) &&
3108 !unit_has_name(slice
, SPECIAL_ROOT_SLICE
))
3111 if (UNIT_DEREF(u
->slice
) == slice
)
3114 /* Disallow slice changes if @u is already bound to cgroups */
3115 if (UNIT_ISSET(u
->slice
) && u
->cgroup_realized
)
3118 unit_ref_set(&u
->slice
, u
, slice
);
3122 int unit_set_default_slice(Unit
*u
) {
3123 const char *slice_name
;
3129 if (UNIT_ISSET(u
->slice
))
3133 _cleanup_free_
char *prefix
= NULL
, *escaped
= NULL
;
3135 /* Implicitly place all instantiated units in their
3136 * own per-template slice */
3138 r
= unit_name_to_prefix(u
->id
, &prefix
);
3142 /* The prefix is already escaped, but it might include
3143 * "-" which has a special meaning for slice units,
3144 * hence escape it here extra. */
3145 escaped
= unit_name_escape(prefix
);
3149 if (MANAGER_IS_SYSTEM(u
->manager
))
3150 slice_name
= strjoina("system-", escaped
, ".slice");
3152 slice_name
= strjoina(escaped
, ".slice");
3155 MANAGER_IS_SYSTEM(u
->manager
) && !unit_has_name(u
, SPECIAL_INIT_SCOPE
)
3156 ? SPECIAL_SYSTEM_SLICE
3157 : SPECIAL_ROOT_SLICE
;
3159 r
= manager_load_unit(u
->manager
, slice_name
, NULL
, NULL
, &slice
);
3163 return unit_set_slice(u
, slice
);
3166 const char *unit_slice_name(Unit
*u
) {
3169 if (!UNIT_ISSET(u
->slice
))
3172 return UNIT_DEREF(u
->slice
)->id
;
3175 int unit_load_related_unit(Unit
*u
, const char *type
, Unit
**_found
) {
3176 _cleanup_free_
char *t
= NULL
;
3183 r
= unit_name_change_suffix(u
->id
, type
, &t
);
3186 if (unit_has_name(u
, t
))
3189 r
= manager_load_unit(u
->manager
, t
, NULL
, NULL
, _found
);
3190 assert(r
< 0 || *_found
!= u
);
3194 static int signal_name_owner_changed(sd_bus_message
*message
, void *userdata
, sd_bus_error
*error
) {
3195 const char *name
, *old_owner
, *new_owner
;
3202 r
= sd_bus_message_read(message
, "sss", &name
, &old_owner
, &new_owner
);
3204 bus_log_parse_error(r
);
3208 old_owner
= empty_to_null(old_owner
);
3209 new_owner
= empty_to_null(new_owner
);
3211 if (UNIT_VTABLE(u
)->bus_name_owner_change
)
3212 UNIT_VTABLE(u
)->bus_name_owner_change(u
, name
, old_owner
, new_owner
);
3217 int unit_install_bus_match(Unit
*u
, sd_bus
*bus
, const char *name
) {
3224 if (u
->match_bus_slot
)
3227 match
= strjoina("type='signal',"
3228 "sender='org.freedesktop.DBus',"
3229 "path='/org/freedesktop/DBus',"
3230 "interface='org.freedesktop.DBus',"
3231 "member='NameOwnerChanged',"
3232 "arg0='", name
, "'");
3234 return sd_bus_add_match_async(bus
, &u
->match_bus_slot
, match
, signal_name_owner_changed
, NULL
, u
);
3237 int unit_watch_bus_name(Unit
*u
, const char *name
) {
3243 /* Watch a specific name on the bus. We only support one unit
3244 * watching each name for now. */
3246 if (u
->manager
->api_bus
) {
3247 /* If the bus is already available, install the match directly.
3248 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3249 r
= unit_install_bus_match(u
, u
->manager
->api_bus
, name
);
3251 return log_warning_errno(r
, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name
);
3254 r
= hashmap_put(u
->manager
->watch_bus
, name
, u
);
3256 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3257 return log_warning_errno(r
, "Failed to put bus name to hashmap: %m");
3263 void unit_unwatch_bus_name(Unit
*u
, const char *name
) {
3267 (void) hashmap_remove_value(u
->manager
->watch_bus
, name
, u
);
3268 u
->match_bus_slot
= sd_bus_slot_unref(u
->match_bus_slot
);
3271 bool unit_can_serialize(Unit
*u
) {
3274 return UNIT_VTABLE(u
)->serialize
&& UNIT_VTABLE(u
)->deserialize_item
;
3277 static int serialize_cgroup_mask(FILE *f
, const char *key
, CGroupMask mask
) {
3278 _cleanup_free_
char *s
= NULL
;
3287 r
= cg_mask_to_string(mask
, &s
);
3289 return log_error_errno(r
, "Failed to format cgroup mask: %m");
3291 return serialize_item(f
, key
, s
);
3294 static const char *const ip_accounting_metric_field
[_CGROUP_IP_ACCOUNTING_METRIC_MAX
] = {
3295 [CGROUP_IP_INGRESS_BYTES
] = "ip-accounting-ingress-bytes",
3296 [CGROUP_IP_INGRESS_PACKETS
] = "ip-accounting-ingress-packets",
3297 [CGROUP_IP_EGRESS_BYTES
] = "ip-accounting-egress-bytes",
3298 [CGROUP_IP_EGRESS_PACKETS
] = "ip-accounting-egress-packets",
3301 static const char *const io_accounting_metric_field_base
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
3302 [CGROUP_IO_READ_BYTES
] = "io-accounting-read-bytes-base",
3303 [CGROUP_IO_WRITE_BYTES
] = "io-accounting-write-bytes-base",
3304 [CGROUP_IO_READ_OPERATIONS
] = "io-accounting-read-operations-base",
3305 [CGROUP_IO_WRITE_OPERATIONS
] = "io-accounting-write-operations-base",
3308 static const char *const io_accounting_metric_field_last
[_CGROUP_IO_ACCOUNTING_METRIC_MAX
] = {
3309 [CGROUP_IO_READ_BYTES
] = "io-accounting-read-bytes-last",
3310 [CGROUP_IO_WRITE_BYTES
] = "io-accounting-write-bytes-last",
3311 [CGROUP_IO_READ_OPERATIONS
] = "io-accounting-read-operations-last",
3312 [CGROUP_IO_WRITE_OPERATIONS
] = "io-accounting-write-operations-last",
3315 int unit_serialize(Unit
*u
, FILE *f
, FDSet
*fds
, bool serialize_jobs
) {
3316 CGroupIPAccountingMetric m
;
3323 if (unit_can_serialize(u
)) {
3324 r
= UNIT_VTABLE(u
)->serialize(u
, f
, fds
);
3329 (void) serialize_dual_timestamp(f
, "state-change-timestamp", &u
->state_change_timestamp
);
3331 (void) serialize_dual_timestamp(f
, "inactive-exit-timestamp", &u
->inactive_exit_timestamp
);
3332 (void) serialize_dual_timestamp(f
, "active-enter-timestamp", &u
->active_enter_timestamp
);
3333 (void) serialize_dual_timestamp(f
, "active-exit-timestamp", &u
->active_exit_timestamp
);
3334 (void) serialize_dual_timestamp(f
, "inactive-enter-timestamp", &u
->inactive_enter_timestamp
);
3336 (void) serialize_dual_timestamp(f
, "condition-timestamp", &u
->condition_timestamp
);
3337 (void) serialize_dual_timestamp(f
, "assert-timestamp", &u
->assert_timestamp
);
3339 if (dual_timestamp_is_set(&u
->condition_timestamp
))
3340 (void) serialize_bool(f
, "condition-result", u
->condition_result
);
3342 if (dual_timestamp_is_set(&u
->assert_timestamp
))
3343 (void) serialize_bool(f
, "assert-result", u
->assert_result
);
3345 (void) serialize_bool(f
, "transient", u
->transient
);
3346 (void) serialize_bool(f
, "in-audit", u
->in_audit
);
3348 (void) serialize_bool(f
, "exported-invocation-id", u
->exported_invocation_id
);
3349 (void) serialize_bool(f
, "exported-log-level-max", u
->exported_log_level_max
);
3350 (void) serialize_bool(f
, "exported-log-extra-fields", u
->exported_log_extra_fields
);
3351 (void) serialize_bool(f
, "exported-log-rate-limit-interval", u
->exported_log_rate_limit_interval
);
3352 (void) serialize_bool(f
, "exported-log-rate-limit-burst", u
->exported_log_rate_limit_burst
);
3354 (void) serialize_item_format(f
, "cpu-usage-base", "%" PRIu64
, u
->cpu_usage_base
);
3355 if (u
->cpu_usage_last
!= NSEC_INFINITY
)
3356 (void) serialize_item_format(f
, "cpu-usage-last", "%" PRIu64
, u
->cpu_usage_last
);
3358 if (u
->oom_kill_last
> 0)
3359 (void) serialize_item_format(f
, "oom-kill-last", "%" PRIu64
, u
->oom_kill_last
);
3361 for (CGroupIOAccountingMetric im
= 0; im
< _CGROUP_IO_ACCOUNTING_METRIC_MAX
; im
++) {
3362 (void) serialize_item_format(f
, io_accounting_metric_field_base
[im
], "%" PRIu64
, u
->io_accounting_base
[im
]);
3364 if (u
->io_accounting_last
[im
] != UINT64_MAX
)
3365 (void) serialize_item_format(f
, io_accounting_metric_field_last
[im
], "%" PRIu64
, u
->io_accounting_last
[im
]);
3369 (void) serialize_item(f
, "cgroup", u
->cgroup_path
);
3371 (void) serialize_bool(f
, "cgroup-realized", u
->cgroup_realized
);
3372 (void) serialize_cgroup_mask(f
, "cgroup-realized-mask", u
->cgroup_realized_mask
);
3373 (void) serialize_cgroup_mask(f
, "cgroup-enabled-mask", u
->cgroup_enabled_mask
);
3374 (void) serialize_cgroup_mask(f
, "cgroup-invalidated-mask", u
->cgroup_invalidated_mask
);
3376 if (uid_is_valid(u
->ref_uid
))
3377 (void) serialize_item_format(f
, "ref-uid", UID_FMT
, u
->ref_uid
);
3378 if (gid_is_valid(u
->ref_gid
))
3379 (void) serialize_item_format(f
, "ref-gid", GID_FMT
, u
->ref_gid
);
3381 if (!sd_id128_is_null(u
->invocation_id
))
3382 (void) serialize_item_format(f
, "invocation-id", SD_ID128_FORMAT_STR
, SD_ID128_FORMAT_VAL(u
->invocation_id
));
3384 bus_track_serialize(u
->bus_track
, f
, "ref");
3386 for (m
= 0; m
< _CGROUP_IP_ACCOUNTING_METRIC_MAX
; m
++) {
3389 r
= unit_get_ip_accounting(u
, m
, &v
);
3391 (void) serialize_item_format(f
, ip_accounting_metric_field
[m
], "%" PRIu64
, v
);
3394 if (serialize_jobs
) {
3397 job_serialize(u
->job
, f
);
3402 job_serialize(u
->nop_job
, f
);
3411 static int unit_deserialize_job(Unit
*u
, FILE *f
) {
3412 _cleanup_(job_freep
) Job
*j
= NULL
;
3422 r
= job_deserialize(j
, f
);
3426 r
= job_install_deserialized(j
);
3434 int unit_deserialize(Unit
*u
, FILE *f
, FDSet
*fds
) {
3442 _cleanup_free_
char *line
= NULL
;
3447 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3449 return log_error_errno(r
, "Failed to read serialization line: %m");
3450 if (r
== 0) /* eof */
3454 if (isempty(l
)) /* End marker */
3457 k
= strcspn(l
, "=");
3465 if (streq(l
, "job")) {
3467 /* New-style serialized job */
3468 r
= unit_deserialize_job(u
, f
);
3471 } else /* Legacy for pre-44 */
3472 log_unit_warning(u
, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v
);
3474 } else if (streq(l
, "state-change-timestamp")) {
3475 (void) deserialize_dual_timestamp(v
, &u
->state_change_timestamp
);
3477 } else if (streq(l
, "inactive-exit-timestamp")) {
3478 (void) deserialize_dual_timestamp(v
, &u
->inactive_exit_timestamp
);
3480 } else if (streq(l
, "active-enter-timestamp")) {
3481 (void) deserialize_dual_timestamp(v
, &u
->active_enter_timestamp
);
3483 } else if (streq(l
, "active-exit-timestamp")) {
3484 (void) deserialize_dual_timestamp(v
, &u
->active_exit_timestamp
);
3486 } else if (streq(l
, "inactive-enter-timestamp")) {
3487 (void) deserialize_dual_timestamp(v
, &u
->inactive_enter_timestamp
);
3489 } else if (streq(l
, "condition-timestamp")) {
3490 (void) deserialize_dual_timestamp(v
, &u
->condition_timestamp
);
3492 } else if (streq(l
, "assert-timestamp")) {
3493 (void) deserialize_dual_timestamp(v
, &u
->assert_timestamp
);
3495 } else if (streq(l
, "condition-result")) {
3497 r
= parse_boolean(v
);
3499 log_unit_debug(u
, "Failed to parse condition result value %s, ignoring.", v
);
3501 u
->condition_result
= r
;
3505 } else if (streq(l
, "assert-result")) {
3507 r
= parse_boolean(v
);
3509 log_unit_debug(u
, "Failed to parse assert result value %s, ignoring.", v
);
3511 u
->assert_result
= r
;
3515 } else if (streq(l
, "transient")) {
3517 r
= parse_boolean(v
);
3519 log_unit_debug(u
, "Failed to parse transient bool %s, ignoring.", v
);
3525 } else if (streq(l
, "in-audit")) {
3527 r
= parse_boolean(v
);
3529 log_unit_debug(u
, "Failed to parse in-audit bool %s, ignoring.", v
);
3535 } else if (streq(l
, "exported-invocation-id")) {
3537 r
= parse_boolean(v
);
3539 log_unit_debug(u
, "Failed to parse exported invocation ID bool %s, ignoring.", v
);
3541 u
->exported_invocation_id
= r
;
3545 } else if (streq(l
, "exported-log-level-max")) {
3547 r
= parse_boolean(v
);
3549 log_unit_debug(u
, "Failed to parse exported log level max bool %s, ignoring.", v
);
3551 u
->exported_log_level_max
= r
;
3555 } else if (streq(l
, "exported-log-extra-fields")) {
3557 r
= parse_boolean(v
);
3559 log_unit_debug(u
, "Failed to parse exported log extra fields bool %s, ignoring.", v
);
3561 u
->exported_log_extra_fields
= r
;
3565 } else if (streq(l
, "exported-log-rate-limit-interval")) {
3567 r
= parse_boolean(v
);
3569 log_unit_debug(u
, "Failed to parse exported log rate limit interval %s, ignoring.", v
);
3571 u
->exported_log_rate_limit_interval
= r
;
3575 } else if (streq(l
, "exported-log-rate-limit-burst")) {
3577 r
= parse_boolean(v
);
3579 log_unit_debug(u
, "Failed to parse exported log rate limit burst %s, ignoring.", v
);
3581 u
->exported_log_rate_limit_burst
= r
;
3585 } else if (STR_IN_SET(l
, "cpu-usage-base", "cpuacct-usage-base")) {
3587 r
= safe_atou64(v
, &u
->cpu_usage_base
);
3589 log_unit_debug(u
, "Failed to parse CPU usage base %s, ignoring.", v
);
3593 } else if (streq(l
, "cpu-usage-last")) {
3595 r
= safe_atou64(v
, &u
->cpu_usage_last
);
3597 log_unit_debug(u
, "Failed to read CPU usage last %s, ignoring.", v
);
3601 } else if (streq(l
, "oom-kill-last")) {
3603 r
= safe_atou64(v
, &u
->oom_kill_last
);
3605 log_unit_debug(u
, "Failed to read OOM kill last %s, ignoring.", v
);
3609 } else if (streq(l
, "cgroup")) {
3611 r
= unit_set_cgroup_path(u
, v
);
3613 log_unit_debug_errno(u
, r
, "Failed to set cgroup path %s, ignoring: %m", v
);
3615 (void) unit_watch_cgroup(u
);
3616 (void) unit_watch_cgroup_memory(u
);
3619 } else if (streq(l
, "cgroup-realized")) {
3622 b
= parse_boolean(v
);
3624 log_unit_debug(u
, "Failed to parse cgroup-realized bool %s, ignoring.", v
);
3626 u
->cgroup_realized
= b
;
3630 } else if (streq(l
, "cgroup-realized-mask")) {
3632 r
= cg_mask_from_string(v
, &u
->cgroup_realized_mask
);
3634 log_unit_debug(u
, "Failed to parse cgroup-realized-mask %s, ignoring.", v
);
3637 } else if (streq(l
, "cgroup-enabled-mask")) {
3639 r
= cg_mask_from_string(v
, &u
->cgroup_enabled_mask
);
3641 log_unit_debug(u
, "Failed to parse cgroup-enabled-mask %s, ignoring.", v
);
3644 } else if (streq(l
, "cgroup-invalidated-mask")) {
3646 r
= cg_mask_from_string(v
, &u
->cgroup_invalidated_mask
);
3648 log_unit_debug(u
, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v
);
3651 } else if (streq(l
, "ref-uid")) {
3654 r
= parse_uid(v
, &uid
);
3656 log_unit_debug(u
, "Failed to parse referenced UID %s, ignoring.", v
);
3658 unit_ref_uid_gid(u
, uid
, GID_INVALID
);
3662 } else if (streq(l
, "ref-gid")) {
3665 r
= parse_gid(v
, &gid
);
3667 log_unit_debug(u
, "Failed to parse referenced GID %s, ignoring.", v
);
3669 unit_ref_uid_gid(u
, UID_INVALID
, gid
);
3673 } else if (streq(l
, "ref")) {
3675 r
= strv_extend(&u
->deserialized_refs
, v
);
3680 } else if (streq(l
, "invocation-id")) {
3683 r
= sd_id128_from_string(v
, &id
);
3685 log_unit_debug(u
, "Failed to parse invocation id %s, ignoring.", v
);
3687 r
= unit_set_invocation_id(u
, id
);
3689 log_unit_warning_errno(u
, r
, "Failed to set invocation ID for unit: %m");
3695 /* Check if this is an IP accounting metric serialization field */
3696 m
= string_table_lookup(ip_accounting_metric_field
, ELEMENTSOF(ip_accounting_metric_field
), l
);
3700 r
= safe_atou64(v
, &c
);
3702 log_unit_debug(u
, "Failed to parse IP accounting value %s, ignoring.", v
);
3704 u
->ip_accounting_extra
[m
] = c
;
3708 m
= string_table_lookup(io_accounting_metric_field_base
, ELEMENTSOF(io_accounting_metric_field_base
), l
);
3712 r
= safe_atou64(v
, &c
);
3714 log_unit_debug(u
, "Failed to parse IO accounting base value %s, ignoring.", v
);
3716 u
->io_accounting_base
[m
] = c
;
3720 m
= string_table_lookup(io_accounting_metric_field_last
, ELEMENTSOF(io_accounting_metric_field_last
), l
);
3724 r
= safe_atou64(v
, &c
);
3726 log_unit_debug(u
, "Failed to parse IO accounting last value %s, ignoring.", v
);
3728 u
->io_accounting_last
[m
] = c
;
3732 if (unit_can_serialize(u
)) {
3733 r
= exec_runtime_deserialize_compat(u
, l
, v
, fds
);
3735 log_unit_warning(u
, "Failed to deserialize runtime parameter '%s', ignoring.", l
);
3739 /* Returns positive if key was handled by the call */
3743 r
= UNIT_VTABLE(u
)->deserialize_item(u
, l
, v
, fds
);
3745 log_unit_warning(u
, "Failed to deserialize unit parameter '%s', ignoring.", l
);
3749 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3750 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3751 * before 228 where the base for timeouts was not persistent across reboots. */
3753 if (!dual_timestamp_is_set(&u
->state_change_timestamp
))
3754 dual_timestamp_get(&u
->state_change_timestamp
);
3756 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3757 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3758 unit_invalidate_cgroup(u
, _CGROUP_MASK_ALL
);
3759 unit_invalidate_cgroup_bpf(u
);
3764 int unit_deserialize_skip(FILE *f
) {
3768 /* Skip serialized data for this unit. We don't know what it is. */
3771 _cleanup_free_
char *line
= NULL
;
3774 r
= read_line(f
, LONG_LINE_MAX
, &line
);
3776 return log_error_errno(r
, "Failed to read serialization line: %m");
3788 int unit_add_node_dependency(Unit
*u
, const char *what
, bool wants
, UnitDependency dep
, UnitDependencyMask mask
) {
3790 _cleanup_free_
char *e
= NULL
;
3795 /* Adds in links to the device node that this unit is based on */
3799 if (!is_device_path(what
))
3802 /* When device units aren't supported (such as in a
3803 * container), don't create dependencies on them. */
3804 if (!unit_type_supported(UNIT_DEVICE
))
3807 r
= unit_name_from_path(what
, ".device", &e
);
3811 r
= manager_load_unit(u
->manager
, e
, NULL
, NULL
, &device
);
3815 if (dep
== UNIT_REQUIRES
&& device_shall_be_bound_by(device
, u
))
3816 dep
= UNIT_BINDS_TO
;
3818 r
= unit_add_two_dependencies(u
, UNIT_AFTER
,
3819 MANAGER_IS_SYSTEM(u
->manager
) ? dep
: UNIT_WANTS
,
3820 device
, true, mask
);
3825 r
= unit_add_dependency(device
, UNIT_WANTS
, u
, false, mask
);
3833 int unit_coldplug(Unit
*u
) {
3839 /* Make sure we don't enter a loop, when coldplugging recursively. */
3843 u
->coldplugged
= true;
3845 STRV_FOREACH(i
, u
->deserialized_refs
) {
3846 q
= bus_unit_track_add_name(u
, *i
);
3847 if (q
< 0 && r
>= 0)
3850 u
->deserialized_refs
= strv_free(u
->deserialized_refs
);
3852 if (UNIT_VTABLE(u
)->coldplug
) {
3853 q
= UNIT_VTABLE(u
)->coldplug(u
);
3854 if (q
< 0 && r
>= 0)
3859 q
= job_coldplug(u
->job
);
3860 if (q
< 0 && r
>= 0)
3867 void unit_catchup(Unit
*u
) {
3870 if (UNIT_VTABLE(u
)->catchup
)
3871 UNIT_VTABLE(u
)->catchup(u
);
3874 static bool fragment_mtime_newer(const char *path
, usec_t mtime
, bool path_masked
) {
3880 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3881 * are never out-of-date. */
3882 if (PATH_STARTSWITH_SET(path
, "/proc", "/sys"))
3885 if (stat(path
, &st
) < 0)
3886 /* What, cannot access this anymore? */
3890 /* For masked files check if they are still so */
3891 return !null_or_empty(&st
);
3893 /* For non-empty files check the mtime */
3894 return timespec_load(&st
.st_mtim
) > mtime
;
3899 bool unit_need_daemon_reload(Unit
*u
) {
3900 _cleanup_strv_free_
char **t
= NULL
;
3905 /* For unit files, we allow masking… */
3906 if (fragment_mtime_newer(u
->fragment_path
, u
->fragment_mtime
,
3907 u
->load_state
== UNIT_MASKED
))
3910 /* Source paths should not be masked… */
3911 if (fragment_mtime_newer(u
->source_path
, u
->source_mtime
, false))
3914 if (u
->load_state
== UNIT_LOADED
)
3915 (void) unit_find_dropin_paths(u
, &t
);
3916 if (!strv_equal(u
->dropin_paths
, t
))
3919 /* … any drop-ins that are masked are simply omitted from the list. */
3920 STRV_FOREACH(path
, u
->dropin_paths
)
3921 if (fragment_mtime_newer(*path
, u
->dropin_mtime
, false))
3927 void unit_reset_failed(Unit
*u
) {
3930 if (UNIT_VTABLE(u
)->reset_failed
)
3931 UNIT_VTABLE(u
)->reset_failed(u
);
3933 RATELIMIT_RESET(u
->start_limit
);
3934 u
->start_limit_hit
= false;
3937 Unit
*unit_following(Unit
*u
) {
3940 if (UNIT_VTABLE(u
)->following
)
3941 return UNIT_VTABLE(u
)->following(u
);
3946 bool unit_stop_pending(Unit
*u
) {
3949 /* This call does check the current state of the unit. It's
3950 * hence useful to be called from state change calls of the
3951 * unit itself, where the state isn't updated yet. This is
3952 * different from unit_inactive_or_pending() which checks both
3953 * the current state and for a queued job. */
3955 return u
->job
&& u
->job
->type
== JOB_STOP
;
3958 bool unit_inactive_or_pending(Unit
*u
) {
3961 /* Returns true if the unit is inactive or going down */
3963 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u
)))
3966 if (unit_stop_pending(u
))
3972 bool unit_active_or_pending(Unit
*u
) {
3975 /* Returns true if the unit is active or going up */
3977 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u
)))
3981 IN_SET(u
->job
->type
, JOB_START
, JOB_RELOAD_OR_START
, JOB_RESTART
))
3987 bool unit_will_restart(Unit
*u
) {
3990 if (!UNIT_VTABLE(u
)->will_restart
)
3993 return UNIT_VTABLE(u
)->will_restart(u
);
3996 int unit_kill(Unit
*u
, KillWho w
, int signo
, sd_bus_error
*error
) {
3998 assert(w
>= 0 && w
< _KILL_WHO_MAX
);
3999 assert(SIGNAL_VALID(signo
));
4001 if (!UNIT_VTABLE(u
)->kill
)
4004 return UNIT_VTABLE(u
)->kill(u
, w
, signo
, error
);
4007 static Set
*unit_pid_set(pid_t main_pid
, pid_t control_pid
) {
4008 _cleanup_set_free_ Set
*pid_set
= NULL
;
4011 pid_set
= set_new(NULL
);
4015 /* Exclude the main/control pids from being killed via the cgroup */
4017 r
= set_put(pid_set
, PID_TO_PTR(main_pid
));
4022 if (control_pid
> 0) {
4023 r
= set_put(pid_set
, PID_TO_PTR(control_pid
));
4028 return TAKE_PTR(pid_set
);
4031 int unit_kill_common(
4037 sd_bus_error
*error
) {
4040 bool killed
= false;
4042 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
)) {
4044 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no main processes", unit_type_to_string(u
->type
));
4045 else if (main_pid
== 0)
4046 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No main process to kill");
4049 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
)) {
4050 if (control_pid
< 0)
4051 return sd_bus_error_setf(error
, BUS_ERROR_NO_SUCH_PROCESS
, "%s units have no control processes", unit_type_to_string(u
->type
));
4052 else if (control_pid
== 0)
4053 return sd_bus_error_set_const(error
, BUS_ERROR_NO_SUCH_PROCESS
, "No control process to kill");
4056 if (IN_SET(who
, KILL_CONTROL
, KILL_CONTROL_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
4057 if (control_pid
> 0) {
4058 if (kill(control_pid
, signo
) < 0)
4064 if (IN_SET(who
, KILL_MAIN
, KILL_MAIN_FAIL
, KILL_ALL
, KILL_ALL_FAIL
))
4066 if (kill(main_pid
, signo
) < 0)
4072 if (IN_SET(who
, KILL_ALL
, KILL_ALL_FAIL
) && u
->cgroup_path
) {
4073 _cleanup_set_free_ Set
*pid_set
= NULL
;
4076 /* Exclude the main/control pids from being killed via the cgroup */
4077 pid_set
= unit_pid_set(main_pid
, control_pid
);
4081 q
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, signo
, 0, pid_set
, NULL
, NULL
);
4082 if (q
< 0 && !IN_SET(q
, -EAGAIN
, -ESRCH
, -ENOENT
))
4088 if (r
== 0 && !killed
&& IN_SET(who
, KILL_ALL_FAIL
, KILL_CONTROL_FAIL
))
4094 int unit_following_set(Unit
*u
, Set
**s
) {
4098 if (UNIT_VTABLE(u
)->following_set
)
4099 return UNIT_VTABLE(u
)->following_set(u
, s
);
4105 UnitFileState
unit_get_unit_file_state(Unit
*u
) {
4110 if (u
->unit_file_state
< 0 && u
->fragment_path
) {
4111 r
= unit_file_get_state(
4112 u
->manager
->unit_file_scope
,
4115 &u
->unit_file_state
);
4117 u
->unit_file_state
= UNIT_FILE_BAD
;
4120 return u
->unit_file_state
;
4123 int unit_get_unit_file_preset(Unit
*u
) {
4126 if (u
->unit_file_preset
< 0 && u
->fragment_path
)
4127 u
->unit_file_preset
= unit_file_query_preset(
4128 u
->manager
->unit_file_scope
,
4130 basename(u
->fragment_path
));
4132 return u
->unit_file_preset
;
4135 Unit
* unit_ref_set(UnitRef
*ref
, Unit
*source
, Unit
*target
) {
4141 unit_ref_unset(ref
);
4143 ref
->source
= source
;
4144 ref
->target
= target
;
4145 LIST_PREPEND(refs_by_target
, target
->refs_by_target
, ref
);
4149 void unit_ref_unset(UnitRef
*ref
) {
4155 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4156 * be unreferenced now. */
4157 unit_add_to_gc_queue(ref
->target
);
4159 LIST_REMOVE(refs_by_target
, ref
->target
->refs_by_target
, ref
);
4160 ref
->source
= ref
->target
= NULL
;
4163 static int user_from_unit_name(Unit
*u
, char **ret
) {
4165 static const uint8_t hash_key
[] = {
4166 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4167 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4170 _cleanup_free_
char *n
= NULL
;
4173 r
= unit_name_to_prefix(u
->id
, &n
);
4177 if (valid_user_group_name(n
)) {
4182 /* If we can't use the unit name as a user name, then let's hash it and use that */
4183 if (asprintf(ret
, "_du%016" PRIx64
, siphash24(n
, strlen(n
), hash_key
)) < 0)
4189 int unit_patch_contexts(Unit
*u
) {
4197 /* Patch in the manager defaults into the exec and cgroup
4198 * contexts, _after_ the rest of the settings have been
4201 ec
= unit_get_exec_context(u
);
4203 /* This only copies in the ones that need memory */
4204 for (i
= 0; i
< _RLIMIT_MAX
; i
++)
4205 if (u
->manager
->rlimit
[i
] && !ec
->rlimit
[i
]) {
4206 ec
->rlimit
[i
] = newdup(struct rlimit
, u
->manager
->rlimit
[i
], 1);
4211 if (MANAGER_IS_USER(u
->manager
) &&
4212 !ec
->working_directory
) {
4214 r
= get_home_dir(&ec
->working_directory
);
4218 /* Allow user services to run, even if the
4219 * home directory is missing */
4220 ec
->working_directory_missing_ok
= true;
4223 if (ec
->private_devices
)
4224 ec
->capability_bounding_set
&= ~((UINT64_C(1) << CAP_MKNOD
) | (UINT64_C(1) << CAP_SYS_RAWIO
));
4226 if (ec
->protect_kernel_modules
)
4227 ec
->capability_bounding_set
&= ~(UINT64_C(1) << CAP_SYS_MODULE
);
4229 if (ec
->dynamic_user
) {
4231 r
= user_from_unit_name(u
, &ec
->user
);
4237 ec
->group
= strdup(ec
->user
);
4242 /* If the dynamic user option is on, let's make sure that the unit can't leave its
4243 * UID/GID around in the file system or on IPC objects. Hence enforce a strict
4246 ec
->private_tmp
= true;
4247 ec
->remove_ipc
= true;
4248 ec
->protect_system
= PROTECT_SYSTEM_STRICT
;
4249 if (ec
->protect_home
== PROTECT_HOME_NO
)
4250 ec
->protect_home
= PROTECT_HOME_READ_ONLY
;
4252 /* Make sure this service can neither benefit from SUID/SGID binaries nor create
4254 ec
->no_new_privileges
= true;
4255 ec
->restrict_suid_sgid
= true;
4259 cc
= unit_get_cgroup_context(u
);
4262 if (ec
->private_devices
&&
4263 cc
->device_policy
== CGROUP_AUTO
)
4264 cc
->device_policy
= CGROUP_CLOSED
;
4266 if (ec
->root_image
&&
4267 (cc
->device_policy
!= CGROUP_AUTO
|| cc
->device_allow
)) {
4269 /* When RootImage= is specified, the following devices are touched. */
4270 r
= cgroup_add_device_allow(cc
, "/dev/loop-control", "rw");
4274 r
= cgroup_add_device_allow(cc
, "block-loop", "rwm");
4278 r
= cgroup_add_device_allow(cc
, "block-blkext", "rwm");
4287 ExecContext
*unit_get_exec_context(Unit
*u
) {
4294 offset
= UNIT_VTABLE(u
)->exec_context_offset
;
4298 return (ExecContext
*) ((uint8_t*) u
+ offset
);
4301 KillContext
*unit_get_kill_context(Unit
*u
) {
4308 offset
= UNIT_VTABLE(u
)->kill_context_offset
;
4312 return (KillContext
*) ((uint8_t*) u
+ offset
);
4315 CGroupContext
*unit_get_cgroup_context(Unit
*u
) {
4321 offset
= UNIT_VTABLE(u
)->cgroup_context_offset
;
4325 return (CGroupContext
*) ((uint8_t*) u
+ offset
);
4328 ExecRuntime
*unit_get_exec_runtime(Unit
*u
) {
4334 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4338 return *(ExecRuntime
**) ((uint8_t*) u
+ offset
);
4341 static const char* unit_drop_in_dir(Unit
*u
, UnitWriteFlags flags
) {
4344 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4347 if (u
->transient
) /* Redirect drop-ins for transient units always into the transient directory. */
4348 return u
->manager
->lookup_paths
.transient
;
4350 if (flags
& UNIT_PERSISTENT
)
4351 return u
->manager
->lookup_paths
.persistent_control
;
4353 if (flags
& UNIT_RUNTIME
)
4354 return u
->manager
->lookup_paths
.runtime_control
;
4359 char* unit_escape_setting(const char *s
, UnitWriteFlags flags
, char **buf
) {
4365 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4366 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4367 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4368 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4369 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4372 if (flags
& UNIT_ESCAPE_SPECIFIERS
) {
4373 ret
= specifier_escape(s
);
4380 if (flags
& UNIT_ESCAPE_C
) {
4393 return ret
?: (char*) s
;
4396 return ret
?: strdup(s
);
4399 char* unit_concat_strv(char **l
, UnitWriteFlags flags
) {
4400 _cleanup_free_
char *result
= NULL
;
4401 size_t n
= 0, allocated
= 0;
4404 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4405 * way suitable for ExecStart= stanzas */
4407 STRV_FOREACH(i
, l
) {
4408 _cleanup_free_
char *buf
= NULL
;
4413 p
= unit_escape_setting(*i
, flags
, &buf
);
4417 a
= (n
> 0) + 1 + strlen(p
) + 1; /* separating space + " + entry + " */
4418 if (!GREEDY_REALLOC(result
, allocated
, n
+ a
+ 1))
4432 if (!GREEDY_REALLOC(result
, allocated
, n
+ 1))
4437 return TAKE_PTR(result
);
4440 int unit_write_setting(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *data
) {
4441 _cleanup_free_
char *p
= NULL
, *q
= NULL
, *escaped
= NULL
;
4442 const char *dir
, *wrapped
;
4449 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4452 data
= unit_escape_setting(data
, flags
, &escaped
);
4456 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4457 * previous section header is the same */
4459 if (flags
& UNIT_PRIVATE
) {
4460 if (!UNIT_VTABLE(u
)->private_section
)
4463 if (!u
->transient_file
|| u
->last_section_private
< 0)
4464 data
= strjoina("[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4465 else if (u
->last_section_private
== 0)
4466 data
= strjoina("\n[", UNIT_VTABLE(u
)->private_section
, "]\n", data
);
4468 if (!u
->transient_file
|| u
->last_section_private
< 0)
4469 data
= strjoina("[Unit]\n", data
);
4470 else if (u
->last_section_private
> 0)
4471 data
= strjoina("\n[Unit]\n", data
);
4474 if (u
->transient_file
) {
4475 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4476 * write to the transient unit file. */
4477 fputs(data
, u
->transient_file
);
4479 if (!endswith(data
, "\n"))
4480 fputc('\n', u
->transient_file
);
4482 /* Remember which section we wrote this entry to */
4483 u
->last_section_private
= !!(flags
& UNIT_PRIVATE
);
4487 dir
= unit_drop_in_dir(u
, flags
);
4491 wrapped
= strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4492 "# or an equivalent operation. Do not edit.\n",
4496 r
= drop_in_file(dir
, u
->id
, 50, name
, &p
, &q
);
4500 (void) mkdir_p_label(p
, 0755);
4501 r
= write_string_file_atomic_label(q
, wrapped
);
4505 r
= strv_push(&u
->dropin_paths
, q
);
4510 strv_uniq(u
->dropin_paths
);
4512 u
->dropin_mtime
= now(CLOCK_REALTIME
);
4517 int unit_write_settingf(Unit
*u
, UnitWriteFlags flags
, const char *name
, const char *format
, ...) {
4518 _cleanup_free_
char *p
= NULL
;
4526 if (UNIT_WRITE_FLAGS_NOOP(flags
))
4529 va_start(ap
, format
);
4530 r
= vasprintf(&p
, format
, ap
);
4536 return unit_write_setting(u
, flags
, name
, p
);
4539 int unit_make_transient(Unit
*u
) {
4540 _cleanup_free_
char *path
= NULL
;
4545 if (!UNIT_VTABLE(u
)->can_transient
)
4548 (void) mkdir_p_label(u
->manager
->lookup_paths
.transient
, 0755);
4550 path
= path_join(u
->manager
->lookup_paths
.transient
, u
->id
);
4554 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4555 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4557 RUN_WITH_UMASK(0022) {
4558 f
= fopen(path
, "we");
4563 safe_fclose(u
->transient_file
);
4564 u
->transient_file
= f
;
4566 free_and_replace(u
->fragment_path
, path
);
4568 u
->source_path
= mfree(u
->source_path
);
4569 u
->dropin_paths
= strv_free(u
->dropin_paths
);
4570 u
->fragment_mtime
= u
->source_mtime
= u
->dropin_mtime
= 0;
4572 u
->load_state
= UNIT_STUB
;
4574 u
->transient
= true;
4576 unit_add_to_dbus_queue(u
);
4577 unit_add_to_gc_queue(u
);
4579 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4585 static int log_kill(pid_t pid
, int sig
, void *userdata
) {
4586 _cleanup_free_
char *comm
= NULL
;
4588 (void) get_process_comm(pid
, &comm
);
4590 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4591 only, like for example systemd's own PAM stub process. */
4592 if (comm
&& comm
[0] == '(')
4595 log_unit_notice(userdata
,
4596 "Killing process " PID_FMT
" (%s) with signal SIG%s.",
4599 signal_to_string(sig
));
4604 static int operation_to_signal(KillContext
*c
, KillOperation k
) {
4609 case KILL_TERMINATE
:
4610 case KILL_TERMINATE_AND_LOG
:
4611 return c
->kill_signal
;
4614 return c
->final_kill_signal
;
4617 return c
->watchdog_signal
;
4620 assert_not_reached("KillOperation unknown");
4624 int unit_kill_context(
4630 bool main_pid_alien
) {
4632 bool wait_for_exit
= false, send_sighup
;
4633 cg_kill_log_func_t log_func
= NULL
;
4639 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4640 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4642 if (c
->kill_mode
== KILL_NONE
)
4645 sig
= operation_to_signal(c
, k
);
4649 IN_SET(k
, KILL_TERMINATE
, KILL_TERMINATE_AND_LOG
) &&
4652 if (k
!= KILL_TERMINATE
|| IN_SET(sig
, SIGKILL
, SIGABRT
))
4653 log_func
= log_kill
;
4657 log_func(main_pid
, sig
, u
);
4659 r
= kill_and_sigcont(main_pid
, sig
);
4660 if (r
< 0 && r
!= -ESRCH
) {
4661 _cleanup_free_
char *comm
= NULL
;
4662 (void) get_process_comm(main_pid
, &comm
);
4664 log_unit_warning_errno(u
, r
, "Failed to kill main process " PID_FMT
" (%s), ignoring: %m", main_pid
, strna(comm
));
4666 if (!main_pid_alien
)
4667 wait_for_exit
= true;
4669 if (r
!= -ESRCH
&& send_sighup
)
4670 (void) kill(main_pid
, SIGHUP
);
4674 if (control_pid
> 0) {
4676 log_func(control_pid
, sig
, u
);
4678 r
= kill_and_sigcont(control_pid
, sig
);
4679 if (r
< 0 && r
!= -ESRCH
) {
4680 _cleanup_free_
char *comm
= NULL
;
4681 (void) get_process_comm(control_pid
, &comm
);
4683 log_unit_warning_errno(u
, r
, "Failed to kill control process " PID_FMT
" (%s), ignoring: %m", control_pid
, strna(comm
));
4685 wait_for_exit
= true;
4687 if (r
!= -ESRCH
&& send_sighup
)
4688 (void) kill(control_pid
, SIGHUP
);
4692 if (u
->cgroup_path
&&
4693 (c
->kill_mode
== KILL_CONTROL_GROUP
|| (c
->kill_mode
== KILL_MIXED
&& k
== KILL_KILL
))) {
4694 _cleanup_set_free_ Set
*pid_set
= NULL
;
4696 /* Exclude the main/control pids from being killed via the cgroup */
4697 pid_set
= unit_pid_set(main_pid
, control_pid
);
4701 r
= cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4703 CGROUP_SIGCONT
|CGROUP_IGNORE_SELF
,
4707 if (!IN_SET(r
, -EAGAIN
, -ESRCH
, -ENOENT
))
4708 log_unit_warning_errno(u
, r
, "Failed to kill control group %s, ignoring: %m", u
->cgroup_path
);
4712 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4713 * we are running in a container or if this is a delegation unit, simply because cgroup
4714 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4715 * of containers it can be confused easily by left-over directories in the cgroup — which
4716 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4717 * there we get proper events. Hence rely on them. */
4719 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER
) > 0 ||
4720 (detect_container() == 0 && !unit_cgroup_delegate(u
)))
4721 wait_for_exit
= true;
4726 pid_set
= unit_pid_set(main_pid
, control_pid
);
4730 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
,
4739 return wait_for_exit
;
4742 int unit_require_mounts_for(Unit
*u
, const char *path
, UnitDependencyMask mask
) {
4743 _cleanup_free_
char *p
= NULL
;
4744 UnitDependencyInfo di
;
4750 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4751 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4752 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4753 * determine which units to make themselves a dependency of. */
4755 if (!path_is_absolute(path
))
4758 r
= hashmap_ensure_allocated(&u
->requires_mounts_for
, &path_hash_ops
);
4766 path
= path_simplify(p
, true);
4768 if (!path_is_normalized(path
))
4771 if (hashmap_contains(u
->requires_mounts_for
, path
))
4774 di
= (UnitDependencyInfo
) {
4778 r
= hashmap_put(u
->requires_mounts_for
, path
, di
.data
);
4783 char prefix
[strlen(path
) + 1];
4784 PATH_FOREACH_PREFIX_MORE(prefix
, path
) {
4787 x
= hashmap_get(u
->manager
->units_requiring_mounts_for
, prefix
);
4789 _cleanup_free_
char *q
= NULL
;
4791 r
= hashmap_ensure_allocated(&u
->manager
->units_requiring_mounts_for
, &path_hash_ops
);
4803 r
= hashmap_put(u
->manager
->units_requiring_mounts_for
, q
, x
);
4819 int unit_setup_exec_runtime(Unit
*u
) {
4827 offset
= UNIT_VTABLE(u
)->exec_runtime_offset
;
4830 /* Check if there already is an ExecRuntime for this unit? */
4831 rt
= (ExecRuntime
**) ((uint8_t*) u
+ offset
);
4835 /* Try to get it from somebody else */
4836 HASHMAP_FOREACH_KEY(v
, other
, u
->dependencies
[UNIT_JOINS_NAMESPACE_OF
], i
) {
4837 r
= exec_runtime_acquire(u
->manager
, NULL
, other
->id
, false, rt
);
4842 return exec_runtime_acquire(u
->manager
, unit_get_exec_context(u
), u
->id
, true, rt
);
4845 int unit_setup_dynamic_creds(Unit
*u
) {
4847 DynamicCreds
*dcreds
;
4852 offset
= UNIT_VTABLE(u
)->dynamic_creds_offset
;
4854 dcreds
= (DynamicCreds
*) ((uint8_t*) u
+ offset
);
4856 ec
= unit_get_exec_context(u
);
4859 if (!ec
->dynamic_user
)
4862 return dynamic_creds_acquire(dcreds
, u
->manager
, ec
->user
, ec
->group
);
4865 bool unit_type_supported(UnitType t
) {
4866 if (_unlikely_(t
< 0))
4868 if (_unlikely_(t
>= _UNIT_TYPE_MAX
))
4871 if (!unit_vtable
[t
]->supported
)
4874 return unit_vtable
[t
]->supported();
4877 void unit_warn_if_dir_nonempty(Unit
*u
, const char* where
) {
4883 r
= dir_is_empty(where
);
4884 if (r
> 0 || r
== -ENOTDIR
)
4887 log_unit_warning_errno(u
, r
, "Failed to check directory %s: %m", where
);
4891 log_struct(LOG_NOTICE
,
4892 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4894 LOG_UNIT_INVOCATION_ID(u
),
4895 LOG_UNIT_MESSAGE(u
, "Directory %s to mount over is not empty, mounting anyway.", where
),
4899 int unit_fail_if_noncanonical(Unit
*u
, const char* where
) {
4900 _cleanup_free_
char *canonical_where
= NULL
;
4906 r
= chase_symlinks(where
, NULL
, CHASE_NONEXISTENT
, &canonical_where
);
4908 log_unit_debug_errno(u
, r
, "Failed to check %s for symlinks, ignoring: %m", where
);
4912 /* We will happily ignore a trailing slash (or any redundant slashes) */
4913 if (path_equal(where
, canonical_where
))
4916 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4918 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR
,
4920 LOG_UNIT_INVOCATION_ID(u
),
4921 LOG_UNIT_MESSAGE(u
, "Mount path %s is not canonical (contains a symlink).", where
),
4927 bool unit_is_pristine(Unit
*u
) {
4930 /* Check if the unit already exists or is already around,
4931 * in a number of different ways. Note that to cater for unit
4932 * types such as slice, we are generally fine with units that
4933 * are marked UNIT_LOADED even though nothing was actually
4934 * loaded, as those unit types don't require a file on disk. */
4936 return !(!IN_SET(u
->load_state
, UNIT_NOT_FOUND
, UNIT_LOADED
) ||
4939 !strv_isempty(u
->dropin_paths
) ||
4944 pid_t
unit_control_pid(Unit
*u
) {
4947 if (UNIT_VTABLE(u
)->control_pid
)
4948 return UNIT_VTABLE(u
)->control_pid(u
);
4953 pid_t
unit_main_pid(Unit
*u
) {
4956 if (UNIT_VTABLE(u
)->main_pid
)
4957 return UNIT_VTABLE(u
)->main_pid(u
);
4962 static void unit_unref_uid_internal(
4966 void (*_manager_unref_uid
)(Manager
*m
, uid_t uid
, bool destroy_now
)) {
4970 assert(_manager_unref_uid
);
4972 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4973 * gid_t are actually the same time, with the same validity rules.
4975 * Drops a reference to UID/GID from a unit. */
4977 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
4978 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
4980 if (!uid_is_valid(*ref_uid
))
4983 _manager_unref_uid(u
->manager
, *ref_uid
, destroy_now
);
4984 *ref_uid
= UID_INVALID
;
4987 void unit_unref_uid(Unit
*u
, bool destroy_now
) {
4988 unit_unref_uid_internal(u
, &u
->ref_uid
, destroy_now
, manager_unref_uid
);
4991 void unit_unref_gid(Unit
*u
, bool destroy_now
) {
4992 unit_unref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, destroy_now
, manager_unref_gid
);
4995 static int unit_ref_uid_internal(
5000 int (*_manager_ref_uid
)(Manager
*m
, uid_t uid
, bool clean_ipc
)) {
5006 assert(uid_is_valid(uid
));
5007 assert(_manager_ref_uid
);
5009 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
5010 * are actually the same type, and have the same validity rules.
5012 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
5013 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
5016 assert_cc(sizeof(uid_t
) == sizeof(gid_t
));
5017 assert_cc(UID_INVALID
== (uid_t
) GID_INVALID
);
5019 if (*ref_uid
== uid
)
5022 if (uid_is_valid(*ref_uid
)) /* Already set? */
5025 r
= _manager_ref_uid(u
->manager
, uid
, clean_ipc
);
5033 int unit_ref_uid(Unit
*u
, uid_t uid
, bool clean_ipc
) {
5034 return unit_ref_uid_internal(u
, &u
->ref_uid
, uid
, clean_ipc
, manager_ref_uid
);
5037 int unit_ref_gid(Unit
*u
, gid_t gid
, bool clean_ipc
) {
5038 return unit_ref_uid_internal(u
, (uid_t
*) &u
->ref_gid
, (uid_t
) gid
, clean_ipc
, manager_ref_gid
);
5041 static int unit_ref_uid_gid_internal(Unit
*u
, uid_t uid
, gid_t gid
, bool clean_ipc
) {
5046 /* Reference both a UID and a GID in one go. Either references both, or neither. */
5048 if (uid_is_valid(uid
)) {
5049 r
= unit_ref_uid(u
, uid
, clean_ipc
);
5054 if (gid_is_valid(gid
)) {
5055 q
= unit_ref_gid(u
, gid
, clean_ipc
);
5058 unit_unref_uid(u
, false);
5064 return r
> 0 || q
> 0;
5067 int unit_ref_uid_gid(Unit
*u
, uid_t uid
, gid_t gid
) {
5073 c
= unit_get_exec_context(u
);
5075 r
= unit_ref_uid_gid_internal(u
, uid
, gid
, c
? c
->remove_ipc
: false);
5077 return log_unit_warning_errno(u
, r
, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5082 void unit_unref_uid_gid(Unit
*u
, bool destroy_now
) {
5085 unit_unref_uid(u
, destroy_now
);
5086 unit_unref_gid(u
, destroy_now
);
5089 void unit_notify_user_lookup(Unit
*u
, uid_t uid
, gid_t gid
) {
5094 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5095 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5096 * objects when no service references the UID/GID anymore. */
5098 r
= unit_ref_uid_gid(u
, uid
, gid
);
5100 unit_add_to_dbus_queue(u
);
5103 int unit_set_invocation_id(Unit
*u
, sd_id128_t id
) {
5108 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
5110 if (sd_id128_equal(u
->invocation_id
, id
))
5113 if (!sd_id128_is_null(u
->invocation_id
))
5114 (void) hashmap_remove_value(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
5116 if (sd_id128_is_null(id
)) {
5121 r
= hashmap_ensure_allocated(&u
->manager
->units_by_invocation_id
, &id128_hash_ops
);
5125 u
->invocation_id
= id
;
5126 sd_id128_to_string(id
, u
->invocation_id_string
);
5128 r
= hashmap_put(u
->manager
->units_by_invocation_id
, &u
->invocation_id
, u
);
5135 u
->invocation_id
= SD_ID128_NULL
;
5136 u
->invocation_id_string
[0] = 0;
5140 int unit_acquire_invocation_id(Unit
*u
) {
5146 r
= sd_id128_randomize(&id
);
5148 return log_unit_error_errno(u
, r
, "Failed to generate invocation ID for unit: %m");
5150 r
= unit_set_invocation_id(u
, id
);
5152 return log_unit_error_errno(u
, r
, "Failed to set invocation ID for unit: %m");
5154 unit_add_to_dbus_queue(u
);
5158 int unit_set_exec_params(Unit
*u
, ExecParameters
*p
) {
5164 /* Copy parameters from manager */
5165 r
= manager_get_effective_environment(u
->manager
, &p
->environment
);
5169 p
->confirm_spawn
= manager_get_confirm_spawn(u
->manager
);
5170 p
->cgroup_supported
= u
->manager
->cgroup_supported
;
5171 p
->prefix
= u
->manager
->prefix
;
5172 SET_FLAG(p
->flags
, EXEC_PASS_LOG_UNIT
|EXEC_CHOWN_DIRECTORIES
, MANAGER_IS_SYSTEM(u
->manager
));
5174 /* Copy parameters from unit */
5175 p
->cgroup_path
= u
->cgroup_path
;
5176 SET_FLAG(p
->flags
, EXEC_CGROUP_DELEGATE
, unit_cgroup_delegate(u
));
5181 int unit_fork_helper_process(Unit
*u
, const char *name
, pid_t
*ret
) {
5187 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5188 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5190 (void) unit_realize_cgroup(u
);
5192 r
= safe_fork(name
, FORK_REOPEN_LOG
, ret
);
5196 (void) default_signals(SIGNALS_CRASH_HANDLER
, SIGNALS_IGNORE
, -1);
5197 (void) ignore_signals(SIGPIPE
, -1);
5199 (void) prctl(PR_SET_PDEATHSIG
, SIGTERM
);
5201 if (u
->cgroup_path
) {
5202 r
= cg_attach_everywhere(u
->manager
->cgroup_supported
, u
->cgroup_path
, 0, NULL
, NULL
);
5204 log_unit_error_errno(u
, r
, "Failed to join unit cgroup %s: %m", u
->cgroup_path
);
5212 static void unit_update_dependency_mask(Unit
*u
, UnitDependency d
, Unit
*other
, UnitDependencyInfo di
) {
5215 assert(d
< _UNIT_DEPENDENCY_MAX
);
5218 if (di
.origin_mask
== 0 && di
.destination_mask
== 0) {
5219 /* No bit set anymore, let's drop the whole entry */
5220 assert_se(hashmap_remove(u
->dependencies
[d
], other
));
5221 log_unit_debug(u
, "%s lost dependency %s=%s", u
->id
, unit_dependency_to_string(d
), other
->id
);
5223 /* Mask was reduced, let's update the entry */
5224 assert_se(hashmap_update(u
->dependencies
[d
], other
, di
.data
) == 0);
5227 void unit_remove_dependencies(Unit
*u
, UnitDependencyMask mask
) {
5232 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5237 for (d
= 0; d
< _UNIT_DEPENDENCY_MAX
; d
++) {
5241 UnitDependencyInfo di
;
5247 HASHMAP_FOREACH_KEY(di
.data
, other
, u
->dependencies
[d
], i
) {
5250 if ((di
.origin_mask
& ~mask
) == di
.origin_mask
)
5252 di
.origin_mask
&= ~mask
;
5253 unit_update_dependency_mask(u
, d
, other
, di
);
5255 /* We updated the dependency from our unit to the other unit now. But most dependencies
5256 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5257 * all dependency types on the other unit and delete all those which point to us and
5258 * have the right mask set. */
5260 for (q
= 0; q
< _UNIT_DEPENDENCY_MAX
; q
++) {
5261 UnitDependencyInfo dj
;
5263 dj
.data
= hashmap_get(other
->dependencies
[q
], u
);
5264 if ((dj
.destination_mask
& ~mask
) == dj
.destination_mask
)
5266 dj
.destination_mask
&= ~mask
;
5268 unit_update_dependency_mask(other
, q
, u
, dj
);
5271 unit_add_to_gc_queue(other
);
5281 static int unit_export_invocation_id(Unit
*u
) {
5287 if (u
->exported_invocation_id
)
5290 if (sd_id128_is_null(u
->invocation_id
))
5293 p
= strjoina("/run/systemd/units/invocation:", u
->id
);
5294 r
= symlink_atomic(u
->invocation_id_string
, p
);
5296 return log_unit_debug_errno(u
, r
, "Failed to create invocation ID symlink %s: %m", p
);
5298 u
->exported_invocation_id
= true;
5302 static int unit_export_log_level_max(Unit
*u
, const ExecContext
*c
) {
5310 if (u
->exported_log_level_max
)
5313 if (c
->log_level_max
< 0)
5316 assert(c
->log_level_max
<= 7);
5318 buf
[0] = '0' + c
->log_level_max
;
5321 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5322 r
= symlink_atomic(buf
, p
);
5324 return log_unit_debug_errno(u
, r
, "Failed to create maximum log level symlink %s: %m", p
);
5326 u
->exported_log_level_max
= true;
5330 static int unit_export_log_extra_fields(Unit
*u
, const ExecContext
*c
) {
5331 _cleanup_close_
int fd
= -1;
5332 struct iovec
*iovec
;
5340 if (u
->exported_log_extra_fields
)
5343 if (c
->n_log_extra_fields
<= 0)
5346 sizes
= newa(le64_t
, c
->n_log_extra_fields
);
5347 iovec
= newa(struct iovec
, c
->n_log_extra_fields
* 2);
5349 for (i
= 0; i
< c
->n_log_extra_fields
; i
++) {
5350 sizes
[i
] = htole64(c
->log_extra_fields
[i
].iov_len
);
5352 iovec
[i
*2] = IOVEC_MAKE(sizes
+ i
, sizeof(le64_t
));
5353 iovec
[i
*2+1] = c
->log_extra_fields
[i
];
5356 p
= strjoina("/run/systemd/units/log-extra-fields:", u
->id
);
5357 pattern
= strjoina(p
, ".XXXXXX");
5359 fd
= mkostemp_safe(pattern
);
5361 return log_unit_debug_errno(u
, fd
, "Failed to create extra fields file %s: %m", p
);
5363 n
= writev(fd
, iovec
, c
->n_log_extra_fields
*2);
5365 r
= log_unit_debug_errno(u
, errno
, "Failed to write extra fields: %m");
5369 (void) fchmod(fd
, 0644);
5371 if (rename(pattern
, p
) < 0) {
5372 r
= log_unit_debug_errno(u
, errno
, "Failed to rename extra fields file: %m");
5376 u
->exported_log_extra_fields
= true;
5380 (void) unlink(pattern
);
5384 static int unit_export_log_rate_limit_interval(Unit
*u
, const ExecContext
*c
) {
5385 _cleanup_free_
char *buf
= NULL
;
5392 if (u
->exported_log_rate_limit_interval
)
5395 if (c
->log_rate_limit_interval_usec
== 0)
5398 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5400 if (asprintf(&buf
, "%" PRIu64
, c
->log_rate_limit_interval_usec
) < 0)
5403 r
= symlink_atomic(buf
, p
);
5405 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit interval symlink %s: %m", p
);
5407 u
->exported_log_rate_limit_interval
= true;
5411 static int unit_export_log_rate_limit_burst(Unit
*u
, const ExecContext
*c
) {
5412 _cleanup_free_
char *buf
= NULL
;
5419 if (u
->exported_log_rate_limit_burst
)
5422 if (c
->log_rate_limit_burst
== 0)
5425 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5427 if (asprintf(&buf
, "%u", c
->log_rate_limit_burst
) < 0)
5430 r
= symlink_atomic(buf
, p
);
5432 return log_unit_debug_errno(u
, r
, "Failed to create log rate limit burst symlink %s: %m", p
);
5434 u
->exported_log_rate_limit_burst
= true;
5438 void unit_export_state_files(Unit
*u
) {
5439 const ExecContext
*c
;
5446 if (!MANAGER_IS_SYSTEM(u
->manager
))
5449 if (MANAGER_IS_TEST_RUN(u
->manager
))
5452 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5453 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5454 * the IPC system itself and PID 1 also log to the journal.
5456 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5457 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5458 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5459 * namespace at least.
5461 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5462 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5465 (void) unit_export_invocation_id(u
);
5467 c
= unit_get_exec_context(u
);
5469 (void) unit_export_log_level_max(u
, c
);
5470 (void) unit_export_log_extra_fields(u
, c
);
5471 (void) unit_export_log_rate_limit_interval(u
, c
);
5472 (void) unit_export_log_rate_limit_burst(u
, c
);
5476 void unit_unlink_state_files(Unit
*u
) {
5484 if (!MANAGER_IS_SYSTEM(u
->manager
))
5487 /* Undoes the effect of unit_export_state() */
5489 if (u
->exported_invocation_id
) {
5490 p
= strjoina("/run/systemd/units/invocation:", u
->id
);
5493 u
->exported_invocation_id
= false;
5496 if (u
->exported_log_level_max
) {
5497 p
= strjoina("/run/systemd/units/log-level-max:", u
->id
);
5500 u
->exported_log_level_max
= false;
5503 if (u
->exported_log_extra_fields
) {
5504 p
= strjoina("/run/systemd/units/extra-fields:", u
->id
);
5507 u
->exported_log_extra_fields
= false;
5510 if (u
->exported_log_rate_limit_interval
) {
5511 p
= strjoina("/run/systemd/units/log-rate-limit-interval:", u
->id
);
5514 u
->exported_log_rate_limit_interval
= false;
5517 if (u
->exported_log_rate_limit_burst
) {
5518 p
= strjoina("/run/systemd/units/log-rate-limit-burst:", u
->id
);
5521 u
->exported_log_rate_limit_burst
= false;
5525 int unit_prepare_exec(Unit
*u
) {
5530 /* Load any custom firewall BPF programs here once to test if they are existing and actually loadable.
5531 * Fail here early since later errors in the call chain unit_realize_cgroup to cgroup_context_apply are ignored. */
5532 r
= bpf_firewall_load_custom(u
);
5536 /* Prepares everything so that we can fork of a process for this unit */
5538 (void) unit_realize_cgroup(u
);
5540 if (u
->reset_accounting
) {
5541 (void) unit_reset_accounting(u
);
5542 u
->reset_accounting
= false;
5545 unit_export_state_files(u
);
5547 r
= unit_setup_exec_runtime(u
);
5551 r
= unit_setup_dynamic_creds(u
);
5558 static int log_leftover(pid_t pid
, int sig
, void *userdata
) {
5559 _cleanup_free_
char *comm
= NULL
;
5561 (void) get_process_comm(pid
, &comm
);
5563 if (comm
&& comm
[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5566 log_unit_warning(userdata
,
5567 "Found left-over process " PID_FMT
" (%s) in control group while starting unit. Ignoring.\n"
5568 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5574 int unit_warn_leftover_processes(Unit
*u
) {
5577 (void) unit_pick_cgroup_path(u
);
5579 if (!u
->cgroup_path
)
5582 return cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER
, u
->cgroup_path
, 0, 0, NULL
, log_leftover
, u
);
5585 bool unit_needs_console(Unit
*u
) {
5587 UnitActiveState state
;
5591 state
= unit_active_state(u
);
5593 if (UNIT_IS_INACTIVE_OR_FAILED(state
))
5596 if (UNIT_VTABLE(u
)->needs_console
)
5597 return UNIT_VTABLE(u
)->needs_console(u
);
5599 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5600 ec
= unit_get_exec_context(u
);
5604 return exec_context_may_touch_console(ec
);
5607 const char *unit_label_path(Unit
*u
) {
5610 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5611 * when validating access checks. */
5613 p
= u
->source_path
?: u
->fragment_path
;
5617 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5618 if (path_equal(p
, "/dev/null"))
5624 int unit_pid_attachable(Unit
*u
, pid_t pid
, sd_bus_error
*error
) {
5629 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5630 * and not a kernel thread either */
5632 /* First, a simple range check */
5633 if (!pid_is_valid(pid
))
5634 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process identifier " PID_FMT
" is not valid.", pid
);
5636 /* Some extra safety check */
5637 if (pid
== 1 || pid
== getpid_cached())
5638 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a manager process, refusing.", pid
);
5640 /* Don't even begin to bother with kernel threads */
5641 r
= is_kernel_thread(pid
);
5643 return sd_bus_error_setf(error
, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN
, "Process with ID " PID_FMT
" does not exist.", pid
);
5645 return sd_bus_error_set_errnof(error
, r
, "Failed to determine whether process " PID_FMT
" is a kernel thread: %m", pid
);
5647 return sd_bus_error_setf(error
, SD_BUS_ERROR_INVALID_ARGS
, "Process " PID_FMT
" is a kernel thread, refusing.", pid
);
5652 void unit_log_success(Unit
*u
) {
5655 log_struct(LOG_INFO
,
5656 "MESSAGE_ID=" SD_MESSAGE_UNIT_SUCCESS_STR
,
5658 LOG_UNIT_INVOCATION_ID(u
),
5659 LOG_UNIT_MESSAGE(u
, "Succeeded."));
5662 void unit_log_failure(Unit
*u
, const char *result
) {
5666 log_struct(LOG_WARNING
,
5667 "MESSAGE_ID=" SD_MESSAGE_UNIT_FAILURE_RESULT_STR
,
5669 LOG_UNIT_INVOCATION_ID(u
),
5670 LOG_UNIT_MESSAGE(u
, "Failed with result '%s'.", result
),
5671 "UNIT_RESULT=%s", result
);
5674 void unit_log_skip(Unit
*u
, const char *result
) {
5678 log_struct(LOG_INFO
,
5679 "MESSAGE_ID=" SD_MESSAGE_UNIT_SKIPPED_STR
,
5681 LOG_UNIT_INVOCATION_ID(u
),
5682 LOG_UNIT_MESSAGE(u
, "Skipped due to '%s'.", result
),
5683 "UNIT_RESULT=%s", result
);
5686 void unit_log_process_exit(
5690 const char *command
,
5697 if (code
!= CLD_EXITED
)
5698 level
= LOG_WARNING
;
5701 "MESSAGE_ID=" SD_MESSAGE_UNIT_PROCESS_EXIT_STR
,
5702 LOG_UNIT_MESSAGE(u
, "%s exited, code=%s, status=%i/%s",
5704 sigchld_code_to_string(code
), status
,
5705 strna(code
== CLD_EXITED
5706 ? exit_status_to_string(status
, EXIT_STATUS_FULL
)
5707 : signal_to_string(status
))),
5708 "EXIT_CODE=%s", sigchld_code_to_string(code
),
5709 "EXIT_STATUS=%i", status
,
5710 "COMMAND=%s", strna(command
),
5712 LOG_UNIT_INVOCATION_ID(u
));
5715 int unit_exit_status(Unit
*u
) {
5718 /* Returns the exit status to propagate for the most recent cycle of this unit. Returns a value in the range
5719 * 0…255 if there's something to propagate. EOPNOTSUPP if the concept does not apply to this unit type, ENODATA
5720 * if no data is currently known (for example because the unit hasn't deactivated yet) and EBADE if the main
5721 * service process has exited abnormally (signal/coredump). */
5723 if (!UNIT_VTABLE(u
)->exit_status
)
5726 return UNIT_VTABLE(u
)->exit_status(u
);
5729 int unit_failure_action_exit_status(Unit
*u
) {
5734 /* Returns the exit status to propagate on failure, or an error if there's nothing to propagate */
5736 if (u
->failure_action_exit_status
>= 0)
5737 return u
->failure_action_exit_status
;
5739 r
= unit_exit_status(u
);
5740 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5746 int unit_success_action_exit_status(Unit
*u
) {
5751 /* Returns the exit status to propagate on success, or an error if there's nothing to propagate */
5753 if (u
->success_action_exit_status
>= 0)
5754 return u
->success_action_exit_status
;
5756 r
= unit_exit_status(u
);
5757 if (r
== -EBADE
) /* Exited, but not cleanly (i.e. by signal or such) */
5763 int unit_test_trigger_loaded(Unit
*u
) {
5766 /* Tests whether the unit to trigger is loaded */
5768 trigger
= UNIT_TRIGGER(u
);
5770 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
), "Refusing to start, unit to trigger not loaded.");
5771 if (trigger
->load_state
!= UNIT_LOADED
)
5772 return log_unit_error_errno(u
, SYNTHETIC_ERRNO(ENOENT
), "Refusing to start, unit %s to trigger not loaded.", u
->id
);
5777 int unit_clean(Unit
*u
, ExecCleanMask mask
) {
5778 UnitActiveState state
;
5782 /* Special return values:
5784 * -EOPNOTSUPP → cleaning not supported for this unit type
5785 * -EUNATCH → cleaning not defined for this resource type
5786 * -EBUSY → unit currently can't be cleaned since it's running or not properly loaded, or has
5787 * a job queued or similar
5790 if (!UNIT_VTABLE(u
)->clean
)
5796 if (u
->load_state
!= UNIT_LOADED
)
5802 state
= unit_active_state(u
);
5803 if (!IN_SET(state
, UNIT_INACTIVE
))
5806 return UNIT_VTABLE(u
)->clean(u
, mask
);
5809 int unit_can_clean(Unit
*u
, ExecCleanMask
*ret
) {
5812 if (!UNIT_VTABLE(u
)->clean
||
5813 u
->load_state
!= UNIT_LOADED
) {
5818 /* When the clean() method is set, can_clean() really should be set too */
5819 assert(UNIT_VTABLE(u
)->can_clean
);
5821 return UNIT_VTABLE(u
)->can_clean(u
, ret
);
5824 static const char* const collect_mode_table
[_COLLECT_MODE_MAX
] = {
5825 [COLLECT_INACTIVE
] = "inactive",
5826 [COLLECT_INACTIVE_OR_FAILED
] = "inactive-or-failed",
5829 DEFINE_STRING_TABLE_LOOKUP(collect_mode
, CollectMode
);