]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
core: implement per unit journal rate limiting
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2
3 #include <errno.h>
4 #include <stdlib.h>
5 #include <string.h>
6 #include <sys/prctl.h>
7 #include <sys/stat.h>
8 #include <unistd.h>
9
10 #include "sd-id128.h"
11 #include "sd-messages.h"
12
13 #include "alloc-util.h"
14 #include "all-units.h"
15 #include "bus-common-errors.h"
16 #include "bus-util.h"
17 #include "cgroup-util.h"
18 #include "dbus-unit.h"
19 #include "dbus.h"
20 #include "dropin.h"
21 #include "escape.h"
22 #include "execute.h"
23 #include "fd-util.h"
24 #include "fileio-label.h"
25 #include "format-util.h"
26 #include "fs-util.h"
27 #include "id128-util.h"
28 #include "io-util.h"
29 #include "load-dropin.h"
30 #include "load-fragment.h"
31 #include "log.h"
32 #include "macro.h"
33 #include "missing.h"
34 #include "mkdir.h"
35 #include "parse-util.h"
36 #include "path-util.h"
37 #include "process-util.h"
38 #include "set.h"
39 #include "signal-util.h"
40 #include "sparse-endian.h"
41 #include "special.h"
42 #include "specifier.h"
43 #include "stat-util.h"
44 #include "stdio-util.h"
45 #include "string-table.h"
46 #include "string-util.h"
47 #include "strv.h"
48 #include "umask-util.h"
49 #include "unit-name.h"
50 #include "unit.h"
51 #include "user-util.h"
52 #include "virt.h"
53
54 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
55 [UNIT_SERVICE] = &service_vtable,
56 [UNIT_SOCKET] = &socket_vtable,
57 [UNIT_TARGET] = &target_vtable,
58 [UNIT_DEVICE] = &device_vtable,
59 [UNIT_MOUNT] = &mount_vtable,
60 [UNIT_AUTOMOUNT] = &automount_vtable,
61 [UNIT_SWAP] = &swap_vtable,
62 [UNIT_TIMER] = &timer_vtable,
63 [UNIT_PATH] = &path_vtable,
64 [UNIT_SLICE] = &slice_vtable,
65 [UNIT_SCOPE] = &scope_vtable,
66 };
67
68 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
69
70 Unit *unit_new(Manager *m, size_t size) {
71 Unit *u;
72
73 assert(m);
74 assert(size >= sizeof(Unit));
75
76 u = malloc0(size);
77 if (!u)
78 return NULL;
79
80 u->names = set_new(&string_hash_ops);
81 if (!u->names)
82 return mfree(u);
83
84 u->manager = m;
85 u->type = _UNIT_TYPE_INVALID;
86 u->default_dependencies = true;
87 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
88 u->unit_file_preset = -1;
89 u->on_failure_job_mode = JOB_REPLACE;
90 u->cgroup_inotify_wd = -1;
91 u->job_timeout = USEC_INFINITY;
92 u->job_running_timeout = USEC_INFINITY;
93 u->ref_uid = UID_INVALID;
94 u->ref_gid = GID_INVALID;
95 u->cpu_usage_last = NSEC_INFINITY;
96 u->cgroup_invalidated_mask |= CGROUP_MASK_BPF_FIREWALL;
97
98 u->ip_accounting_ingress_map_fd = -1;
99 u->ip_accounting_egress_map_fd = -1;
100 u->ipv4_allow_map_fd = -1;
101 u->ipv6_allow_map_fd = -1;
102 u->ipv4_deny_map_fd = -1;
103 u->ipv6_deny_map_fd = -1;
104
105 u->last_section_private = -1;
106
107 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
108 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
109
110 return u;
111 }
112
113 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
114 _cleanup_(unit_freep) Unit *u = NULL;
115 int r;
116
117 u = unit_new(m, size);
118 if (!u)
119 return -ENOMEM;
120
121 r = unit_add_name(u, name);
122 if (r < 0)
123 return r;
124
125 *ret = TAKE_PTR(u);
126
127 return r;
128 }
129
130 bool unit_has_name(Unit *u, const char *name) {
131 assert(u);
132 assert(name);
133
134 return set_contains(u->names, (char*) name);
135 }
136
137 static void unit_init(Unit *u) {
138 CGroupContext *cc;
139 ExecContext *ec;
140 KillContext *kc;
141
142 assert(u);
143 assert(u->manager);
144 assert(u->type >= 0);
145
146 cc = unit_get_cgroup_context(u);
147 if (cc) {
148 cgroup_context_init(cc);
149
150 /* Copy in the manager defaults into the cgroup
151 * context, _before_ the rest of the settings have
152 * been initialized */
153
154 cc->cpu_accounting = u->manager->default_cpu_accounting;
155 cc->io_accounting = u->manager->default_io_accounting;
156 cc->ip_accounting = u->manager->default_ip_accounting;
157 cc->blockio_accounting = u->manager->default_blockio_accounting;
158 cc->memory_accounting = u->manager->default_memory_accounting;
159 cc->tasks_accounting = u->manager->default_tasks_accounting;
160 cc->ip_accounting = u->manager->default_ip_accounting;
161
162 if (u->type != UNIT_SLICE)
163 cc->tasks_max = u->manager->default_tasks_max;
164 }
165
166 ec = unit_get_exec_context(u);
167 if (ec) {
168 exec_context_init(ec);
169
170 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
171 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
172 }
173
174 kc = unit_get_kill_context(u);
175 if (kc)
176 kill_context_init(kc);
177
178 if (UNIT_VTABLE(u)->init)
179 UNIT_VTABLE(u)->init(u);
180 }
181
182 int unit_add_name(Unit *u, const char *text) {
183 _cleanup_free_ char *s = NULL, *i = NULL;
184 UnitType t;
185 int r;
186
187 assert(u);
188 assert(text);
189
190 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
191
192 if (!u->instance)
193 return -EINVAL;
194
195 r = unit_name_replace_instance(text, u->instance, &s);
196 if (r < 0)
197 return r;
198 } else {
199 s = strdup(text);
200 if (!s)
201 return -ENOMEM;
202 }
203
204 if (set_contains(u->names, s))
205 return 0;
206 if (hashmap_contains(u->manager->units, s))
207 return -EEXIST;
208
209 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
210 return -EINVAL;
211
212 t = unit_name_to_type(s);
213 if (t < 0)
214 return -EINVAL;
215
216 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
217 return -EINVAL;
218
219 r = unit_name_to_instance(s, &i);
220 if (r < 0)
221 return r;
222
223 if (i && !unit_type_may_template(t))
224 return -EINVAL;
225
226 /* Ensure that this unit is either instanced or not instanced,
227 * but not both. Note that we do allow names with different
228 * instance names however! */
229 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
230 return -EINVAL;
231
232 if (!unit_type_may_alias(t) && !set_isempty(u->names))
233 return -EEXIST;
234
235 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
236 return -E2BIG;
237
238 r = set_put(u->names, s);
239 if (r < 0)
240 return r;
241 assert(r > 0);
242
243 r = hashmap_put(u->manager->units, s, u);
244 if (r < 0) {
245 (void) set_remove(u->names, s);
246 return r;
247 }
248
249 if (u->type == _UNIT_TYPE_INVALID) {
250 u->type = t;
251 u->id = s;
252 u->instance = TAKE_PTR(i);
253
254 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
255
256 unit_init(u);
257 }
258
259 s = NULL;
260
261 unit_add_to_dbus_queue(u);
262 return 0;
263 }
264
265 int unit_choose_id(Unit *u, const char *name) {
266 _cleanup_free_ char *t = NULL;
267 char *s, *i;
268 int r;
269
270 assert(u);
271 assert(name);
272
273 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
274
275 if (!u->instance)
276 return -EINVAL;
277
278 r = unit_name_replace_instance(name, u->instance, &t);
279 if (r < 0)
280 return r;
281
282 name = t;
283 }
284
285 /* Selects one of the names of this unit as the id */
286 s = set_get(u->names, (char*) name);
287 if (!s)
288 return -ENOENT;
289
290 /* Determine the new instance from the new id */
291 r = unit_name_to_instance(s, &i);
292 if (r < 0)
293 return r;
294
295 u->id = s;
296
297 free(u->instance);
298 u->instance = i;
299
300 unit_add_to_dbus_queue(u);
301
302 return 0;
303 }
304
305 int unit_set_description(Unit *u, const char *description) {
306 int r;
307
308 assert(u);
309
310 r = free_and_strdup(&u->description, empty_to_null(description));
311 if (r < 0)
312 return r;
313 if (r > 0)
314 unit_add_to_dbus_queue(u);
315
316 return 0;
317 }
318
319 bool unit_may_gc(Unit *u) {
320 UnitActiveState state;
321 int r;
322
323 assert(u);
324
325 /* Checks whether the unit is ready to be unloaded for garbage collection.
326 * Returns true when the unit may be collected, and false if there's some
327 * reason to keep it loaded.
328 *
329 * References from other units are *not* checked here. Instead, this is done
330 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
331 */
332
333 if (u->job)
334 return false;
335
336 if (u->nop_job)
337 return false;
338
339 state = unit_active_state(u);
340
341 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
342 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
343 UNIT_VTABLE(u)->release_resources)
344 UNIT_VTABLE(u)->release_resources(u);
345
346 if (u->perpetual)
347 return false;
348
349 if (sd_bus_track_count(u->bus_track) > 0)
350 return false;
351
352 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
353 switch (u->collect_mode) {
354
355 case COLLECT_INACTIVE:
356 if (state != UNIT_INACTIVE)
357 return false;
358
359 break;
360
361 case COLLECT_INACTIVE_OR_FAILED:
362 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
363 return false;
364
365 break;
366
367 default:
368 assert_not_reached("Unknown garbage collection mode");
369 }
370
371 if (u->cgroup_path) {
372 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
373 * around. Units with active processes should never be collected. */
374
375 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
376 if (r < 0)
377 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
378 if (r <= 0)
379 return false;
380 }
381
382 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
383 return false;
384
385 return true;
386 }
387
388 void unit_add_to_load_queue(Unit *u) {
389 assert(u);
390 assert(u->type != _UNIT_TYPE_INVALID);
391
392 if (u->load_state != UNIT_STUB || u->in_load_queue)
393 return;
394
395 LIST_PREPEND(load_queue, u->manager->load_queue, u);
396 u->in_load_queue = true;
397 }
398
399 void unit_add_to_cleanup_queue(Unit *u) {
400 assert(u);
401
402 if (u->in_cleanup_queue)
403 return;
404
405 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
406 u->in_cleanup_queue = true;
407 }
408
409 void unit_add_to_gc_queue(Unit *u) {
410 assert(u);
411
412 if (u->in_gc_queue || u->in_cleanup_queue)
413 return;
414
415 if (!unit_may_gc(u))
416 return;
417
418 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
419 u->in_gc_queue = true;
420 }
421
422 void unit_add_to_dbus_queue(Unit *u) {
423 assert(u);
424 assert(u->type != _UNIT_TYPE_INVALID);
425
426 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
427 return;
428
429 /* Shortcut things if nobody cares */
430 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
431 sd_bus_track_count(u->bus_track) <= 0 &&
432 set_isempty(u->manager->private_buses)) {
433 u->sent_dbus_new_signal = true;
434 return;
435 }
436
437 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
438 u->in_dbus_queue = true;
439 }
440
441 void unit_submit_to_stop_when_unneeded_queue(Unit *u) {
442 assert(u);
443
444 if (u->in_stop_when_unneeded_queue)
445 return;
446
447 if (!u->stop_when_unneeded)
448 return;
449
450 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
451 return;
452
453 LIST_PREPEND(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
454 u->in_stop_when_unneeded_queue = true;
455 }
456
457 static void bidi_set_free(Unit *u, Hashmap *h) {
458 Unit *other;
459 Iterator i;
460 void *v;
461
462 assert(u);
463
464 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
465
466 HASHMAP_FOREACH_KEY(v, other, h, i) {
467 UnitDependency d;
468
469 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
470 hashmap_remove(other->dependencies[d], u);
471
472 unit_add_to_gc_queue(other);
473 }
474
475 hashmap_free(h);
476 }
477
478 static void unit_remove_transient(Unit *u) {
479 char **i;
480
481 assert(u);
482
483 if (!u->transient)
484 return;
485
486 if (u->fragment_path)
487 (void) unlink(u->fragment_path);
488
489 STRV_FOREACH(i, u->dropin_paths) {
490 _cleanup_free_ char *p = NULL, *pp = NULL;
491
492 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
493 if (!p)
494 continue;
495
496 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
497 if (!pp)
498 continue;
499
500 /* Only drop transient drop-ins */
501 if (!path_equal(u->manager->lookup_paths.transient, pp))
502 continue;
503
504 (void) unlink(*i);
505 (void) rmdir(p);
506 }
507 }
508
509 static void unit_free_requires_mounts_for(Unit *u) {
510 assert(u);
511
512 for (;;) {
513 _cleanup_free_ char *path;
514
515 path = hashmap_steal_first_key(u->requires_mounts_for);
516 if (!path)
517 break;
518 else {
519 char s[strlen(path) + 1];
520
521 PATH_FOREACH_PREFIX_MORE(s, path) {
522 char *y;
523 Set *x;
524
525 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
526 if (!x)
527 continue;
528
529 (void) set_remove(x, u);
530
531 if (set_isempty(x)) {
532 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
533 free(y);
534 set_free(x);
535 }
536 }
537 }
538 }
539
540 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
541 }
542
543 static void unit_done(Unit *u) {
544 ExecContext *ec;
545 CGroupContext *cc;
546
547 assert(u);
548
549 if (u->type < 0)
550 return;
551
552 if (UNIT_VTABLE(u)->done)
553 UNIT_VTABLE(u)->done(u);
554
555 ec = unit_get_exec_context(u);
556 if (ec)
557 exec_context_done(ec);
558
559 cc = unit_get_cgroup_context(u);
560 if (cc)
561 cgroup_context_done(cc);
562 }
563
564 void unit_free(Unit *u) {
565 UnitDependency d;
566 Iterator i;
567 char *t;
568
569 if (!u)
570 return;
571
572 u->transient_file = safe_fclose(u->transient_file);
573
574 if (!MANAGER_IS_RELOADING(u->manager))
575 unit_remove_transient(u);
576
577 bus_unit_send_removed_signal(u);
578
579 unit_done(u);
580
581 unit_dequeue_rewatch_pids(u);
582
583 sd_bus_slot_unref(u->match_bus_slot);
584 sd_bus_track_unref(u->bus_track);
585 u->deserialized_refs = strv_free(u->deserialized_refs);
586
587 unit_free_requires_mounts_for(u);
588
589 SET_FOREACH(t, u->names, i)
590 hashmap_remove_value(u->manager->units, t, u);
591
592 if (!sd_id128_is_null(u->invocation_id))
593 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
594
595 if (u->job) {
596 Job *j = u->job;
597 job_uninstall(j);
598 job_free(j);
599 }
600
601 if (u->nop_job) {
602 Job *j = u->nop_job;
603 job_uninstall(j);
604 job_free(j);
605 }
606
607 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
608 bidi_set_free(u, u->dependencies[d]);
609
610 if (u->on_console)
611 manager_unref_console(u->manager);
612
613 unit_release_cgroup(u);
614
615 if (!MANAGER_IS_RELOADING(u->manager))
616 unit_unlink_state_files(u);
617
618 unit_unref_uid_gid(u, false);
619
620 (void) manager_update_failed_units(u->manager, u, false);
621 set_remove(u->manager->startup_units, u);
622
623 unit_unwatch_all_pids(u);
624
625 unit_ref_unset(&u->slice);
626 while (u->refs_by_target)
627 unit_ref_unset(u->refs_by_target);
628
629 if (u->type != _UNIT_TYPE_INVALID)
630 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
631
632 if (u->in_load_queue)
633 LIST_REMOVE(load_queue, u->manager->load_queue, u);
634
635 if (u->in_dbus_queue)
636 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
637
638 if (u->in_gc_queue)
639 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
640
641 if (u->in_cgroup_realize_queue)
642 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
643
644 if (u->in_cgroup_empty_queue)
645 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
646
647 if (u->in_cleanup_queue)
648 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
649
650 if (u->in_target_deps_queue)
651 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
652
653 if (u->in_stop_when_unneeded_queue)
654 LIST_REMOVE(stop_when_unneeded_queue, u->manager->stop_when_unneeded_queue, u);
655
656 safe_close(u->ip_accounting_ingress_map_fd);
657 safe_close(u->ip_accounting_egress_map_fd);
658
659 safe_close(u->ipv4_allow_map_fd);
660 safe_close(u->ipv6_allow_map_fd);
661 safe_close(u->ipv4_deny_map_fd);
662 safe_close(u->ipv6_deny_map_fd);
663
664 bpf_program_unref(u->ip_bpf_ingress);
665 bpf_program_unref(u->ip_bpf_ingress_installed);
666 bpf_program_unref(u->ip_bpf_egress);
667 bpf_program_unref(u->ip_bpf_egress_installed);
668
669 bpf_program_unref(u->bpf_device_control_installed);
670
671 condition_free_list(u->conditions);
672 condition_free_list(u->asserts);
673
674 free(u->description);
675 strv_free(u->documentation);
676 free(u->fragment_path);
677 free(u->source_path);
678 strv_free(u->dropin_paths);
679 free(u->instance);
680
681 free(u->job_timeout_reboot_arg);
682
683 set_free_free(u->names);
684
685 free(u->reboot_arg);
686
687 free(u);
688 }
689
690 UnitActiveState unit_active_state(Unit *u) {
691 assert(u);
692
693 if (u->load_state == UNIT_MERGED)
694 return unit_active_state(unit_follow_merge(u));
695
696 /* After a reload it might happen that a unit is not correctly
697 * loaded but still has a process around. That's why we won't
698 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
699
700 return UNIT_VTABLE(u)->active_state(u);
701 }
702
703 const char* unit_sub_state_to_string(Unit *u) {
704 assert(u);
705
706 return UNIT_VTABLE(u)->sub_state_to_string(u);
707 }
708
709 static int set_complete_move(Set **s, Set **other) {
710 assert(s);
711 assert(other);
712
713 if (!other)
714 return 0;
715
716 if (*s)
717 return set_move(*s, *other);
718 else
719 *s = TAKE_PTR(*other);
720
721 return 0;
722 }
723
724 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
725 assert(s);
726 assert(other);
727
728 if (!*other)
729 return 0;
730
731 if (*s)
732 return hashmap_move(*s, *other);
733 else
734 *s = TAKE_PTR(*other);
735
736 return 0;
737 }
738
739 static int merge_names(Unit *u, Unit *other) {
740 char *t;
741 Iterator i;
742 int r;
743
744 assert(u);
745 assert(other);
746
747 r = set_complete_move(&u->names, &other->names);
748 if (r < 0)
749 return r;
750
751 set_free_free(other->names);
752 other->names = NULL;
753 other->id = NULL;
754
755 SET_FOREACH(t, u->names, i)
756 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
757
758 return 0;
759 }
760
761 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
762 unsigned n_reserve;
763
764 assert(u);
765 assert(other);
766 assert(d < _UNIT_DEPENDENCY_MAX);
767
768 /*
769 * If u does not have this dependency set allocated, there is no need
770 * to reserve anything. In that case other's set will be transferred
771 * as a whole to u by complete_move().
772 */
773 if (!u->dependencies[d])
774 return 0;
775
776 /* merge_dependencies() will skip a u-on-u dependency */
777 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
778
779 return hashmap_reserve(u->dependencies[d], n_reserve);
780 }
781
782 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
783 Iterator i;
784 Unit *back;
785 void *v;
786 int r;
787
788 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
789
790 assert(u);
791 assert(other);
792 assert(d < _UNIT_DEPENDENCY_MAX);
793
794 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
795 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
796 UnitDependency k;
797
798 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
799 * pointers back, and let's fix them up, to instead point to 'u'. */
800
801 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
802 if (back == u) {
803 /* Do not add dependencies between u and itself. */
804 if (hashmap_remove(back->dependencies[k], other))
805 maybe_warn_about_dependency(u, other_id, k);
806 } else {
807 UnitDependencyInfo di_u, di_other, di_merged;
808
809 /* Let's drop this dependency between "back" and "other", and let's create it between
810 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
811 * and any such dependency which might already exist */
812
813 di_other.data = hashmap_get(back->dependencies[k], other);
814 if (!di_other.data)
815 continue; /* dependency isn't set, let's try the next one */
816
817 di_u.data = hashmap_get(back->dependencies[k], u);
818
819 di_merged = (UnitDependencyInfo) {
820 .origin_mask = di_u.origin_mask | di_other.origin_mask,
821 .destination_mask = di_u.destination_mask | di_other.destination_mask,
822 };
823
824 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
825 if (r < 0)
826 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
827 assert(r >= 0);
828
829 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
830 }
831 }
832
833 }
834
835 /* Also do not move dependencies on u to itself */
836 back = hashmap_remove(other->dependencies[d], u);
837 if (back)
838 maybe_warn_about_dependency(u, other_id, d);
839
840 /* The move cannot fail. The caller must have performed a reservation. */
841 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
842
843 other->dependencies[d] = hashmap_free(other->dependencies[d]);
844 }
845
846 int unit_merge(Unit *u, Unit *other) {
847 UnitDependency d;
848 const char *other_id = NULL;
849 int r;
850
851 assert(u);
852 assert(other);
853 assert(u->manager == other->manager);
854 assert(u->type != _UNIT_TYPE_INVALID);
855
856 other = unit_follow_merge(other);
857
858 if (other == u)
859 return 0;
860
861 if (u->type != other->type)
862 return -EINVAL;
863
864 if (!u->instance != !other->instance)
865 return -EINVAL;
866
867 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
868 return -EEXIST;
869
870 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
871 return -EEXIST;
872
873 if (other->job)
874 return -EEXIST;
875
876 if (other->nop_job)
877 return -EEXIST;
878
879 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
880 return -EEXIST;
881
882 if (other->id)
883 other_id = strdupa(other->id);
884
885 /* Make reservations to ensure merge_dependencies() won't fail */
886 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
887 r = reserve_dependencies(u, other, d);
888 /*
889 * We don't rollback reservations if we fail. We don't have
890 * a way to undo reservations. A reservation is not a leak.
891 */
892 if (r < 0)
893 return r;
894 }
895
896 /* Merge names */
897 r = merge_names(u, other);
898 if (r < 0)
899 return r;
900
901 /* Redirect all references */
902 while (other->refs_by_target)
903 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
904
905 /* Merge dependencies */
906 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
907 merge_dependencies(u, other, other_id, d);
908
909 other->load_state = UNIT_MERGED;
910 other->merged_into = u;
911
912 /* If there is still some data attached to the other node, we
913 * don't need it anymore, and can free it. */
914 if (other->load_state != UNIT_STUB)
915 if (UNIT_VTABLE(other)->done)
916 UNIT_VTABLE(other)->done(other);
917
918 unit_add_to_dbus_queue(u);
919 unit_add_to_cleanup_queue(other);
920
921 return 0;
922 }
923
924 int unit_merge_by_name(Unit *u, const char *name) {
925 _cleanup_free_ char *s = NULL;
926 Unit *other;
927 int r;
928
929 assert(u);
930 assert(name);
931
932 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
933 if (!u->instance)
934 return -EINVAL;
935
936 r = unit_name_replace_instance(name, u->instance, &s);
937 if (r < 0)
938 return r;
939
940 name = s;
941 }
942
943 other = manager_get_unit(u->manager, name);
944 if (other)
945 return unit_merge(u, other);
946
947 return unit_add_name(u, name);
948 }
949
950 Unit* unit_follow_merge(Unit *u) {
951 assert(u);
952
953 while (u->load_state == UNIT_MERGED)
954 assert_se(u = u->merged_into);
955
956 return u;
957 }
958
959 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
960 ExecDirectoryType dt;
961 char **dp;
962 int r;
963
964 assert(u);
965 assert(c);
966
967 if (c->working_directory) {
968 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
969 if (r < 0)
970 return r;
971 }
972
973 if (c->root_directory) {
974 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
975 if (r < 0)
976 return r;
977 }
978
979 if (c->root_image) {
980 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
981 if (r < 0)
982 return r;
983 }
984
985 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
986 if (!u->manager->prefix[dt])
987 continue;
988
989 STRV_FOREACH(dp, c->directories[dt].paths) {
990 _cleanup_free_ char *p;
991
992 p = strjoin(u->manager->prefix[dt], "/", *dp);
993 if (!p)
994 return -ENOMEM;
995
996 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
997 if (r < 0)
998 return r;
999 }
1000 }
1001
1002 if (!MANAGER_IS_SYSTEM(u->manager))
1003 return 0;
1004
1005 if (c->private_tmp) {
1006 const char *p;
1007
1008 FOREACH_STRING(p, "/tmp", "/var/tmp") {
1009 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
1010 if (r < 0)
1011 return r;
1012 }
1013
1014 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, true, UNIT_DEPENDENCY_FILE);
1015 if (r < 0)
1016 return r;
1017 }
1018
1019 if (!IN_SET(c->std_output,
1020 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1021 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1022 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1023 !IN_SET(c->std_error,
1024 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1025 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1026 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1027 return 0;
1028
1029 /* If syslog or kernel logging is requested, make sure our own
1030 * logging daemon is run first. */
1031
1032 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, true, UNIT_DEPENDENCY_FILE);
1033 if (r < 0)
1034 return r;
1035
1036 return 0;
1037 }
1038
1039 const char *unit_description(Unit *u) {
1040 assert(u);
1041
1042 if (u->description)
1043 return u->description;
1044
1045 return strna(u->id);
1046 }
1047
1048 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1049 const struct {
1050 UnitDependencyMask mask;
1051 const char *name;
1052 } table[] = {
1053 { UNIT_DEPENDENCY_FILE, "file" },
1054 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1055 { UNIT_DEPENDENCY_DEFAULT, "default" },
1056 { UNIT_DEPENDENCY_UDEV, "udev" },
1057 { UNIT_DEPENDENCY_PATH, "path" },
1058 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1059 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1060 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1061 };
1062 size_t i;
1063
1064 assert(f);
1065 assert(kind);
1066 assert(space);
1067
1068 for (i = 0; i < ELEMENTSOF(table); i++) {
1069
1070 if (mask == 0)
1071 break;
1072
1073 if (FLAGS_SET(mask, table[i].mask)) {
1074 if (*space)
1075 fputc(' ', f);
1076 else
1077 *space = true;
1078
1079 fputs(kind, f);
1080 fputs("-", f);
1081 fputs(table[i].name, f);
1082
1083 mask &= ~table[i].mask;
1084 }
1085 }
1086
1087 assert(mask == 0);
1088 }
1089
1090 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1091 char *t, **j;
1092 UnitDependency d;
1093 Iterator i;
1094 const char *prefix2;
1095 char
1096 timestamp0[FORMAT_TIMESTAMP_MAX],
1097 timestamp1[FORMAT_TIMESTAMP_MAX],
1098 timestamp2[FORMAT_TIMESTAMP_MAX],
1099 timestamp3[FORMAT_TIMESTAMP_MAX],
1100 timestamp4[FORMAT_TIMESTAMP_MAX],
1101 timespan[FORMAT_TIMESPAN_MAX];
1102 Unit *following;
1103 _cleanup_set_free_ Set *following_set = NULL;
1104 const char *n;
1105 CGroupMask m;
1106 int r;
1107
1108 assert(u);
1109 assert(u->type >= 0);
1110
1111 prefix = strempty(prefix);
1112 prefix2 = strjoina(prefix, "\t");
1113
1114 fprintf(f,
1115 "%s-> Unit %s:\n"
1116 "%s\tDescription: %s\n"
1117 "%s\tInstance: %s\n"
1118 "%s\tUnit Load State: %s\n"
1119 "%s\tUnit Active State: %s\n"
1120 "%s\tState Change Timestamp: %s\n"
1121 "%s\tInactive Exit Timestamp: %s\n"
1122 "%s\tActive Enter Timestamp: %s\n"
1123 "%s\tActive Exit Timestamp: %s\n"
1124 "%s\tInactive Enter Timestamp: %s\n"
1125 "%s\tMay GC: %s\n"
1126 "%s\tNeed Daemon Reload: %s\n"
1127 "%s\tTransient: %s\n"
1128 "%s\tPerpetual: %s\n"
1129 "%s\tGarbage Collection Mode: %s\n"
1130 "%s\tSlice: %s\n"
1131 "%s\tCGroup: %s\n"
1132 "%s\tCGroup realized: %s\n",
1133 prefix, u->id,
1134 prefix, unit_description(u),
1135 prefix, strna(u->instance),
1136 prefix, unit_load_state_to_string(u->load_state),
1137 prefix, unit_active_state_to_string(unit_active_state(u)),
1138 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1139 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1140 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1141 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1142 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1143 prefix, yes_no(unit_may_gc(u)),
1144 prefix, yes_no(unit_need_daemon_reload(u)),
1145 prefix, yes_no(u->transient),
1146 prefix, yes_no(u->perpetual),
1147 prefix, collect_mode_to_string(u->collect_mode),
1148 prefix, strna(unit_slice_name(u)),
1149 prefix, strna(u->cgroup_path),
1150 prefix, yes_no(u->cgroup_realized));
1151
1152 if (u->cgroup_realized_mask != 0) {
1153 _cleanup_free_ char *s = NULL;
1154 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1155 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1156 }
1157 if (u->cgroup_enabled_mask != 0) {
1158 _cleanup_free_ char *s = NULL;
1159 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1160 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1161 }
1162 m = unit_get_own_mask(u);
1163 if (m != 0) {
1164 _cleanup_free_ char *s = NULL;
1165 (void) cg_mask_to_string(m, &s);
1166 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1167 }
1168 m = unit_get_members_mask(u);
1169 if (m != 0) {
1170 _cleanup_free_ char *s = NULL;
1171 (void) cg_mask_to_string(m, &s);
1172 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1173 }
1174
1175 SET_FOREACH(t, u->names, i)
1176 fprintf(f, "%s\tName: %s\n", prefix, t);
1177
1178 if (!sd_id128_is_null(u->invocation_id))
1179 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1180 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1181
1182 STRV_FOREACH(j, u->documentation)
1183 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1184
1185 following = unit_following(u);
1186 if (following)
1187 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1188
1189 r = unit_following_set(u, &following_set);
1190 if (r >= 0) {
1191 Unit *other;
1192
1193 SET_FOREACH(other, following_set, i)
1194 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1195 }
1196
1197 if (u->fragment_path)
1198 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1199
1200 if (u->source_path)
1201 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1202
1203 STRV_FOREACH(j, u->dropin_paths)
1204 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1205
1206 if (u->failure_action != EMERGENCY_ACTION_NONE)
1207 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1208 if (u->success_action != EMERGENCY_ACTION_NONE)
1209 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1210
1211 if (u->job_timeout != USEC_INFINITY)
1212 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1213
1214 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1215 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1216
1217 if (u->job_timeout_reboot_arg)
1218 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1219
1220 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1221 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1222
1223 if (dual_timestamp_is_set(&u->condition_timestamp))
1224 fprintf(f,
1225 "%s\tCondition Timestamp: %s\n"
1226 "%s\tCondition Result: %s\n",
1227 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1228 prefix, yes_no(u->condition_result));
1229
1230 if (dual_timestamp_is_set(&u->assert_timestamp))
1231 fprintf(f,
1232 "%s\tAssert Timestamp: %s\n"
1233 "%s\tAssert Result: %s\n",
1234 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1235 prefix, yes_no(u->assert_result));
1236
1237 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1238 UnitDependencyInfo di;
1239 Unit *other;
1240
1241 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1242 bool space = false;
1243
1244 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1245
1246 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1247 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1248
1249 fputs(")\n", f);
1250 }
1251 }
1252
1253 if (!hashmap_isempty(u->requires_mounts_for)) {
1254 UnitDependencyInfo di;
1255 const char *path;
1256
1257 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1258 bool space = false;
1259
1260 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1261
1262 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1263 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1264
1265 fputs(")\n", f);
1266 }
1267 }
1268
1269 if (u->load_state == UNIT_LOADED) {
1270
1271 fprintf(f,
1272 "%s\tStopWhenUnneeded: %s\n"
1273 "%s\tRefuseManualStart: %s\n"
1274 "%s\tRefuseManualStop: %s\n"
1275 "%s\tDefaultDependencies: %s\n"
1276 "%s\tOnFailureJobMode: %s\n"
1277 "%s\tIgnoreOnIsolate: %s\n",
1278 prefix, yes_no(u->stop_when_unneeded),
1279 prefix, yes_no(u->refuse_manual_start),
1280 prefix, yes_no(u->refuse_manual_stop),
1281 prefix, yes_no(u->default_dependencies),
1282 prefix, job_mode_to_string(u->on_failure_job_mode),
1283 prefix, yes_no(u->ignore_on_isolate));
1284
1285 if (UNIT_VTABLE(u)->dump)
1286 UNIT_VTABLE(u)->dump(u, f, prefix2);
1287
1288 } else if (u->load_state == UNIT_MERGED)
1289 fprintf(f,
1290 "%s\tMerged into: %s\n",
1291 prefix, u->merged_into->id);
1292 else if (u->load_state == UNIT_ERROR)
1293 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1294
1295 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1296 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1297
1298 if (u->job)
1299 job_dump(u->job, f, prefix2);
1300
1301 if (u->nop_job)
1302 job_dump(u->nop_job, f, prefix2);
1303 }
1304
1305 /* Common implementation for multiple backends */
1306 int unit_load_fragment_and_dropin(Unit *u) {
1307 int r;
1308
1309 assert(u);
1310
1311 /* Load a .{service,socket,...} file */
1312 r = unit_load_fragment(u);
1313 if (r < 0)
1314 return r;
1315
1316 if (u->load_state == UNIT_STUB)
1317 return -ENOENT;
1318
1319 /* Load drop-in directory data. If u is an alias, we might be reloading the
1320 * target unit needlessly. But we cannot be sure which drops-ins have already
1321 * been loaded and which not, at least without doing complicated book-keeping,
1322 * so let's always reread all drop-ins. */
1323 return unit_load_dropin(unit_follow_merge(u));
1324 }
1325
1326 /* Common implementation for multiple backends */
1327 int unit_load_fragment_and_dropin_optional(Unit *u) {
1328 int r;
1329
1330 assert(u);
1331
1332 /* Same as unit_load_fragment_and_dropin(), but whether
1333 * something can be loaded or not doesn't matter. */
1334
1335 /* Load a .service/.socket/.slice/… file */
1336 r = unit_load_fragment(u);
1337 if (r < 0)
1338 return r;
1339
1340 if (u->load_state == UNIT_STUB)
1341 u->load_state = UNIT_LOADED;
1342
1343 /* Load drop-in directory data */
1344 return unit_load_dropin(unit_follow_merge(u));
1345 }
1346
1347 void unit_add_to_target_deps_queue(Unit *u) {
1348 Manager *m = u->manager;
1349
1350 assert(u);
1351
1352 if (u->in_target_deps_queue)
1353 return;
1354
1355 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1356 u->in_target_deps_queue = true;
1357 }
1358
1359 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1360 assert(u);
1361 assert(target);
1362
1363 if (target->type != UNIT_TARGET)
1364 return 0;
1365
1366 /* Only add the dependency if both units are loaded, so that
1367 * that loop check below is reliable */
1368 if (u->load_state != UNIT_LOADED ||
1369 target->load_state != UNIT_LOADED)
1370 return 0;
1371
1372 /* If either side wants no automatic dependencies, then let's
1373 * skip this */
1374 if (!u->default_dependencies ||
1375 !target->default_dependencies)
1376 return 0;
1377
1378 /* Don't create loops */
1379 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1380 return 0;
1381
1382 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1383 }
1384
1385 static int unit_add_slice_dependencies(Unit *u) {
1386 UnitDependencyMask mask;
1387 assert(u);
1388
1389 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1390 return 0;
1391
1392 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1393 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1394 relationship). */
1395 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1396
1397 if (UNIT_ISSET(u->slice))
1398 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1399
1400 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1401 return 0;
1402
1403 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, true, mask);
1404 }
1405
1406 static int unit_add_mount_dependencies(Unit *u) {
1407 UnitDependencyInfo di;
1408 const char *path;
1409 Iterator i;
1410 int r;
1411
1412 assert(u);
1413
1414 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1415 char prefix[strlen(path) + 1];
1416
1417 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1418 _cleanup_free_ char *p = NULL;
1419 Unit *m;
1420
1421 r = unit_name_from_path(prefix, ".mount", &p);
1422 if (r < 0)
1423 return r;
1424
1425 m = manager_get_unit(u->manager, p);
1426 if (!m) {
1427 /* Make sure to load the mount unit if
1428 * it exists. If so the dependencies
1429 * on this unit will be added later
1430 * during the loading of the mount
1431 * unit. */
1432 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1433 continue;
1434 }
1435 if (m == u)
1436 continue;
1437
1438 if (m->load_state != UNIT_LOADED)
1439 continue;
1440
1441 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1442 if (r < 0)
1443 return r;
1444
1445 if (m->fragment_path) {
1446 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1447 if (r < 0)
1448 return r;
1449 }
1450 }
1451 }
1452
1453 return 0;
1454 }
1455
1456 static int unit_add_startup_units(Unit *u) {
1457 CGroupContext *c;
1458 int r;
1459
1460 c = unit_get_cgroup_context(u);
1461 if (!c)
1462 return 0;
1463
1464 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1465 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1466 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1467 return 0;
1468
1469 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1470 if (r < 0)
1471 return r;
1472
1473 return set_put(u->manager->startup_units, u);
1474 }
1475
1476 int unit_load(Unit *u) {
1477 int r;
1478
1479 assert(u);
1480
1481 if (u->in_load_queue) {
1482 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1483 u->in_load_queue = false;
1484 }
1485
1486 if (u->type == _UNIT_TYPE_INVALID)
1487 return -EINVAL;
1488
1489 if (u->load_state != UNIT_STUB)
1490 return 0;
1491
1492 if (u->transient_file) {
1493 r = fflush_and_check(u->transient_file);
1494 if (r < 0)
1495 goto fail;
1496
1497 u->transient_file = safe_fclose(u->transient_file);
1498 u->fragment_mtime = now(CLOCK_REALTIME);
1499 }
1500
1501 if (UNIT_VTABLE(u)->load) {
1502 r = UNIT_VTABLE(u)->load(u);
1503 if (r < 0)
1504 goto fail;
1505 }
1506
1507 if (u->load_state == UNIT_STUB) {
1508 r = -ENOENT;
1509 goto fail;
1510 }
1511
1512 if (u->load_state == UNIT_LOADED) {
1513 unit_add_to_target_deps_queue(u);
1514
1515 r = unit_add_slice_dependencies(u);
1516 if (r < 0)
1517 goto fail;
1518
1519 r = unit_add_mount_dependencies(u);
1520 if (r < 0)
1521 goto fail;
1522
1523 r = unit_add_startup_units(u);
1524 if (r < 0)
1525 goto fail;
1526
1527 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1528 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1529 r = -ENOEXEC;
1530 goto fail;
1531 }
1532
1533 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1534 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1535
1536 unit_update_cgroup_members_masks(u);
1537 }
1538
1539 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1540
1541 unit_add_to_dbus_queue(unit_follow_merge(u));
1542 unit_add_to_gc_queue(u);
1543
1544 return 0;
1545
1546 fail:
1547 /* We convert ENOEXEC errors to the UNIT_BAD_SETTING load state here. Configuration parsing code should hence
1548 * return ENOEXEC to ensure units are placed in this state after loading */
1549
1550 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND :
1551 r == -ENOEXEC ? UNIT_BAD_SETTING :
1552 UNIT_ERROR;
1553 u->load_error = r;
1554
1555 unit_add_to_dbus_queue(u);
1556 unit_add_to_gc_queue(u);
1557
1558 return log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1559 }
1560
1561 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1562 Condition *c;
1563 int triggered = -1;
1564
1565 assert(u);
1566 assert(to_string);
1567
1568 /* If the condition list is empty, then it is true */
1569 if (!first)
1570 return true;
1571
1572 /* Otherwise, if all of the non-trigger conditions apply and
1573 * if any of the trigger conditions apply (unless there are
1574 * none) we return true */
1575 LIST_FOREACH(conditions, c, first) {
1576 int r;
1577
1578 r = condition_test(c);
1579 if (r < 0)
1580 log_unit_warning(u,
1581 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1582 to_string(c->type),
1583 c->trigger ? "|" : "",
1584 c->negate ? "!" : "",
1585 c->parameter);
1586 else
1587 log_unit_debug(u,
1588 "%s=%s%s%s %s.",
1589 to_string(c->type),
1590 c->trigger ? "|" : "",
1591 c->negate ? "!" : "",
1592 c->parameter,
1593 condition_result_to_string(c->result));
1594
1595 if (!c->trigger && r <= 0)
1596 return false;
1597
1598 if (c->trigger && triggered <= 0)
1599 triggered = r > 0;
1600 }
1601
1602 return triggered != 0;
1603 }
1604
1605 static bool unit_condition_test(Unit *u) {
1606 assert(u);
1607
1608 dual_timestamp_get(&u->condition_timestamp);
1609 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1610
1611 return u->condition_result;
1612 }
1613
1614 static bool unit_assert_test(Unit *u) {
1615 assert(u);
1616
1617 dual_timestamp_get(&u->assert_timestamp);
1618 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1619
1620 return u->assert_result;
1621 }
1622
1623 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1624 DISABLE_WARNING_FORMAT_NONLITERAL;
1625 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1626 REENABLE_WARNING;
1627 }
1628
1629 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1630 const char *format;
1631 const UnitStatusMessageFormats *format_table;
1632
1633 assert(u);
1634 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1635
1636 if (t != JOB_RELOAD) {
1637 format_table = &UNIT_VTABLE(u)->status_message_formats;
1638 if (format_table) {
1639 format = format_table->starting_stopping[t == JOB_STOP];
1640 if (format)
1641 return format;
1642 }
1643 }
1644
1645 /* Return generic strings */
1646 if (t == JOB_START)
1647 return "Starting %s.";
1648 else if (t == JOB_STOP)
1649 return "Stopping %s.";
1650 else
1651 return "Reloading %s.";
1652 }
1653
1654 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1655 const char *format;
1656
1657 assert(u);
1658
1659 /* Reload status messages have traditionally not been printed to console. */
1660 if (!IN_SET(t, JOB_START, JOB_STOP))
1661 return;
1662
1663 format = unit_get_status_message_format(u, t);
1664
1665 DISABLE_WARNING_FORMAT_NONLITERAL;
1666 unit_status_printf(u, "", format);
1667 REENABLE_WARNING;
1668 }
1669
1670 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1671 const char *format, *mid;
1672 char buf[LINE_MAX];
1673
1674 assert(u);
1675
1676 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1677 return;
1678
1679 if (log_on_console())
1680 return;
1681
1682 /* We log status messages for all units and all operations. */
1683
1684 format = unit_get_status_message_format(u, t);
1685
1686 DISABLE_WARNING_FORMAT_NONLITERAL;
1687 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1688 REENABLE_WARNING;
1689
1690 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1691 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1692 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1693
1694 /* Note that we deliberately use LOG_MESSAGE() instead of
1695 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1696 * closely what is written to screen using the status output,
1697 * which is supposed the highest level, friendliest output
1698 * possible, which means we should avoid the low-level unit
1699 * name. */
1700 log_struct(LOG_INFO,
1701 LOG_MESSAGE("%s", buf),
1702 LOG_UNIT_ID(u),
1703 LOG_UNIT_INVOCATION_ID(u),
1704 mid);
1705 }
1706
1707 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1708 assert(u);
1709 assert(t >= 0);
1710 assert(t < _JOB_TYPE_MAX);
1711
1712 unit_status_log_starting_stopping_reloading(u, t);
1713 unit_status_print_starting_stopping(u, t);
1714 }
1715
1716 int unit_start_limit_test(Unit *u) {
1717 assert(u);
1718
1719 if (ratelimit_below(&u->start_limit)) {
1720 u->start_limit_hit = false;
1721 return 0;
1722 }
1723
1724 log_unit_warning(u, "Start request repeated too quickly.");
1725 u->start_limit_hit = true;
1726
1727 return emergency_action(u->manager, u->start_limit_action,
1728 EMERGENCY_ACTION_IS_WATCHDOG|EMERGENCY_ACTION_WARN,
1729 u->reboot_arg, "unit failed");
1730 }
1731
1732 bool unit_shall_confirm_spawn(Unit *u) {
1733 assert(u);
1734
1735 if (manager_is_confirm_spawn_disabled(u->manager))
1736 return false;
1737
1738 /* For some reasons units remaining in the same process group
1739 * as PID 1 fail to acquire the console even if it's not used
1740 * by any process. So skip the confirmation question for them. */
1741 return !unit_get_exec_context(u)->same_pgrp;
1742 }
1743
1744 static bool unit_verify_deps(Unit *u) {
1745 Unit *other;
1746 Iterator j;
1747 void *v;
1748
1749 assert(u);
1750
1751 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1752 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1753 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1754 * conjunction with After= as for them any such check would make things entirely racy. */
1755
1756 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1757
1758 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1759 continue;
1760
1761 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1762 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1763 return false;
1764 }
1765 }
1766
1767 return true;
1768 }
1769
1770 /* Errors:
1771 * -EBADR: This unit type does not support starting.
1772 * -EALREADY: Unit is already started.
1773 * -EAGAIN: An operation is already in progress. Retry later.
1774 * -ECANCELED: Too many requests for now.
1775 * -EPROTO: Assert failed
1776 * -EINVAL: Unit not loaded
1777 * -EOPNOTSUPP: Unit type not supported
1778 * -ENOLINK: The necessary dependencies are not fulfilled.
1779 * -ESTALE: This unit has been started before and can't be started a second time
1780 */
1781 int unit_start(Unit *u) {
1782 UnitActiveState state;
1783 Unit *following;
1784
1785 assert(u);
1786
1787 /* If this is already started, then this will succeed. Note
1788 * that this will even succeed if this unit is not startable
1789 * by the user. This is relied on to detect when we need to
1790 * wait for units and when waiting is finished. */
1791 state = unit_active_state(u);
1792 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1793 return -EALREADY;
1794
1795 /* Units that aren't loaded cannot be started */
1796 if (u->load_state != UNIT_LOADED)
1797 return -EINVAL;
1798
1799 /* Refuse starting scope units more than once */
1800 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1801 return -ESTALE;
1802
1803 /* If the conditions failed, don't do anything at all. If we
1804 * already are activating this call might still be useful to
1805 * speed up activation in case there is some hold-off time,
1806 * but we don't want to recheck the condition in that case. */
1807 if (state != UNIT_ACTIVATING &&
1808 !unit_condition_test(u)) {
1809 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1810 return -EALREADY;
1811 }
1812
1813 /* If the asserts failed, fail the entire job */
1814 if (state != UNIT_ACTIVATING &&
1815 !unit_assert_test(u)) {
1816 log_unit_notice(u, "Starting requested but asserts failed.");
1817 return -EPROTO;
1818 }
1819
1820 /* Units of types that aren't supported cannot be
1821 * started. Note that we do this test only after the condition
1822 * checks, so that we rather return condition check errors
1823 * (which are usually not considered a true failure) than "not
1824 * supported" errors (which are considered a failure).
1825 */
1826 if (!unit_supported(u))
1827 return -EOPNOTSUPP;
1828
1829 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1830 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1831 * effect anymore, due to a reload or due to a failed condition. */
1832 if (!unit_verify_deps(u))
1833 return -ENOLINK;
1834
1835 /* Forward to the main object, if we aren't it. */
1836 following = unit_following(u);
1837 if (following) {
1838 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1839 return unit_start(following);
1840 }
1841
1842 /* If it is stopped, but we cannot start it, then fail */
1843 if (!UNIT_VTABLE(u)->start)
1844 return -EBADR;
1845
1846 /* We don't suppress calls to ->start() here when we are
1847 * already starting, to allow this request to be used as a
1848 * "hurry up" call, for example when the unit is in some "auto
1849 * restart" state where it waits for a holdoff timer to elapse
1850 * before it will start again. */
1851
1852 unit_add_to_dbus_queue(u);
1853
1854 return UNIT_VTABLE(u)->start(u);
1855 }
1856
1857 bool unit_can_start(Unit *u) {
1858 assert(u);
1859
1860 if (u->load_state != UNIT_LOADED)
1861 return false;
1862
1863 if (!unit_supported(u))
1864 return false;
1865
1866 /* Scope units may be started only once */
1867 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1868 return false;
1869
1870 return !!UNIT_VTABLE(u)->start;
1871 }
1872
1873 bool unit_can_isolate(Unit *u) {
1874 assert(u);
1875
1876 return unit_can_start(u) &&
1877 u->allow_isolate;
1878 }
1879
1880 /* Errors:
1881 * -EBADR: This unit type does not support stopping.
1882 * -EALREADY: Unit is already stopped.
1883 * -EAGAIN: An operation is already in progress. Retry later.
1884 */
1885 int unit_stop(Unit *u) {
1886 UnitActiveState state;
1887 Unit *following;
1888
1889 assert(u);
1890
1891 state = unit_active_state(u);
1892 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1893 return -EALREADY;
1894
1895 following = unit_following(u);
1896 if (following) {
1897 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1898 return unit_stop(following);
1899 }
1900
1901 if (!UNIT_VTABLE(u)->stop)
1902 return -EBADR;
1903
1904 unit_add_to_dbus_queue(u);
1905
1906 return UNIT_VTABLE(u)->stop(u);
1907 }
1908
1909 bool unit_can_stop(Unit *u) {
1910 assert(u);
1911
1912 if (!unit_supported(u))
1913 return false;
1914
1915 if (u->perpetual)
1916 return false;
1917
1918 return !!UNIT_VTABLE(u)->stop;
1919 }
1920
1921 /* Errors:
1922 * -EBADR: This unit type does not support reloading.
1923 * -ENOEXEC: Unit is not started.
1924 * -EAGAIN: An operation is already in progress. Retry later.
1925 */
1926 int unit_reload(Unit *u) {
1927 UnitActiveState state;
1928 Unit *following;
1929
1930 assert(u);
1931
1932 if (u->load_state != UNIT_LOADED)
1933 return -EINVAL;
1934
1935 if (!unit_can_reload(u))
1936 return -EBADR;
1937
1938 state = unit_active_state(u);
1939 if (state == UNIT_RELOADING)
1940 return -EALREADY;
1941
1942 if (state != UNIT_ACTIVE) {
1943 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1944 return -ENOEXEC;
1945 }
1946
1947 following = unit_following(u);
1948 if (following) {
1949 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1950 return unit_reload(following);
1951 }
1952
1953 unit_add_to_dbus_queue(u);
1954
1955 if (!UNIT_VTABLE(u)->reload) {
1956 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1957 unit_notify(u, unit_active_state(u), unit_active_state(u), 0);
1958 return 0;
1959 }
1960
1961 return UNIT_VTABLE(u)->reload(u);
1962 }
1963
1964 bool unit_can_reload(Unit *u) {
1965 assert(u);
1966
1967 if (UNIT_VTABLE(u)->can_reload)
1968 return UNIT_VTABLE(u)->can_reload(u);
1969
1970 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1971 return true;
1972
1973 return UNIT_VTABLE(u)->reload;
1974 }
1975
1976 bool unit_is_unneeded(Unit *u) {
1977 static const UnitDependency deps[] = {
1978 UNIT_REQUIRED_BY,
1979 UNIT_REQUISITE_OF,
1980 UNIT_WANTED_BY,
1981 UNIT_BOUND_BY,
1982 };
1983 size_t j;
1984
1985 assert(u);
1986
1987 if (!u->stop_when_unneeded)
1988 return false;
1989
1990 /* Don't clean up while the unit is transitioning or is even inactive. */
1991 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
1992 return false;
1993 if (u->job)
1994 return false;
1995
1996 for (j = 0; j < ELEMENTSOF(deps); j++) {
1997 Unit *other;
1998 Iterator i;
1999 void *v;
2000
2001 /* If a dependent unit has a job queued, is active or transitioning, or is marked for
2002 * restart, then don't clean this one up. */
2003
2004 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i) {
2005 if (other->job)
2006 return false;
2007
2008 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2009 return false;
2010
2011 if (unit_will_restart(other))
2012 return false;
2013 }
2014 }
2015
2016 return true;
2017 }
2018
2019 static void check_unneeded_dependencies(Unit *u) {
2020
2021 static const UnitDependency deps[] = {
2022 UNIT_REQUIRES,
2023 UNIT_REQUISITE,
2024 UNIT_WANTS,
2025 UNIT_BINDS_TO,
2026 };
2027 size_t j;
2028
2029 assert(u);
2030
2031 /* Add all units this unit depends on to the queue that processes StopWhenUnneeded= behaviour. */
2032
2033 for (j = 0; j < ELEMENTSOF(deps); j++) {
2034 Unit *other;
2035 Iterator i;
2036 void *v;
2037
2038 HASHMAP_FOREACH_KEY(v, other, u->dependencies[deps[j]], i)
2039 unit_submit_to_stop_when_unneeded_queue(other);
2040 }
2041 }
2042
2043 static void unit_check_binds_to(Unit *u) {
2044 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2045 bool stop = false;
2046 Unit *other;
2047 Iterator i;
2048 void *v;
2049 int r;
2050
2051 assert(u);
2052
2053 if (u->job)
2054 return;
2055
2056 if (unit_active_state(u) != UNIT_ACTIVE)
2057 return;
2058
2059 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2060 if (other->job)
2061 continue;
2062
2063 if (!other->coldplugged)
2064 /* We might yet create a job for the other unit… */
2065 continue;
2066
2067 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2068 continue;
2069
2070 stop = true;
2071 break;
2072 }
2073
2074 if (!stop)
2075 return;
2076
2077 /* If stopping a unit fails continuously we might enter a stop
2078 * loop here, hence stop acting on the service being
2079 * unnecessary after a while. */
2080 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2081 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2082 return;
2083 }
2084
2085 assert(other);
2086 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2087
2088 /* A unit we need to run is gone. Sniff. Let's stop this. */
2089 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2090 if (r < 0)
2091 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2092 }
2093
2094 static void retroactively_start_dependencies(Unit *u) {
2095 Iterator i;
2096 Unit *other;
2097 void *v;
2098
2099 assert(u);
2100 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2101
2102 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2103 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2104 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2105 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2106
2107 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2108 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2109 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2110 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2111
2112 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2113 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2114 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2115 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2116
2117 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2118 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2119 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2120
2121 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2122 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2123 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2124 }
2125
2126 static void retroactively_stop_dependencies(Unit *u) {
2127 Unit *other;
2128 Iterator i;
2129 void *v;
2130
2131 assert(u);
2132 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2133
2134 /* Pull down units which are bound to us recursively if enabled */
2135 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2136 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2137 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2138 }
2139
2140 void unit_start_on_failure(Unit *u) {
2141 Unit *other;
2142 Iterator i;
2143 void *v;
2144 int r;
2145
2146 assert(u);
2147
2148 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2149 return;
2150
2151 log_unit_info(u, "Triggering OnFailure= dependencies.");
2152
2153 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2154 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2155
2156 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, &error, NULL);
2157 if (r < 0)
2158 log_unit_warning_errno(u, r, "Failed to enqueue OnFailure= job, ignoring: %s", bus_error_message(&error, r));
2159 }
2160 }
2161
2162 void unit_trigger_notify(Unit *u) {
2163 Unit *other;
2164 Iterator i;
2165 void *v;
2166
2167 assert(u);
2168
2169 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2170 if (UNIT_VTABLE(other)->trigger_notify)
2171 UNIT_VTABLE(other)->trigger_notify(other, u);
2172 }
2173
2174 static int unit_log_resources(Unit *u) {
2175
2176 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2177 size_t n_message_parts = 0, n_iovec = 0;
2178 char* message_parts[3 + 1], *t;
2179 nsec_t nsec = NSEC_INFINITY;
2180 CGroupIPAccountingMetric m;
2181 size_t i;
2182 int r;
2183 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2184 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2185 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2186 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2187 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2188 };
2189
2190 assert(u);
2191
2192 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2193 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2194 * information and the complete data in structured fields. */
2195
2196 (void) unit_get_cpu_usage(u, &nsec);
2197 if (nsec != NSEC_INFINITY) {
2198 char buf[FORMAT_TIMESPAN_MAX] = "";
2199
2200 /* Format the CPU time for inclusion in the structured log message */
2201 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2202 r = log_oom();
2203 goto finish;
2204 }
2205 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2206
2207 /* Format the CPU time for inclusion in the human language message string */
2208 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2209 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2210 if (!t) {
2211 r = log_oom();
2212 goto finish;
2213 }
2214
2215 message_parts[n_message_parts++] = t;
2216 }
2217
2218 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2219 char buf[FORMAT_BYTES_MAX] = "";
2220 uint64_t value = UINT64_MAX;
2221
2222 assert(ip_fields[m]);
2223
2224 (void) unit_get_ip_accounting(u, m, &value);
2225 if (value == UINT64_MAX)
2226 continue;
2227
2228 /* Format IP accounting data for inclusion in the structured log message */
2229 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2230 r = log_oom();
2231 goto finish;
2232 }
2233 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2234
2235 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2236 * bytes counters (and not for the packets counters) */
2237 if (m == CGROUP_IP_INGRESS_BYTES)
2238 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2239 format_bytes(buf, sizeof(buf), value),
2240 " IP traffic");
2241 else if (m == CGROUP_IP_EGRESS_BYTES)
2242 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2243 format_bytes(buf, sizeof(buf), value),
2244 " IP traffic");
2245 else
2246 continue;
2247 if (!t) {
2248 r = log_oom();
2249 goto finish;
2250 }
2251
2252 message_parts[n_message_parts++] = t;
2253 }
2254
2255 /* Is there any accounting data available at all? */
2256 if (n_iovec == 0) {
2257 r = 0;
2258 goto finish;
2259 }
2260
2261 if (n_message_parts == 0)
2262 t = strjoina("MESSAGE=", u->id, ": Completed");
2263 else {
2264 _cleanup_free_ char *joined;
2265
2266 message_parts[n_message_parts] = NULL;
2267
2268 joined = strv_join(message_parts, ", ");
2269 if (!joined) {
2270 r = log_oom();
2271 goto finish;
2272 }
2273
2274 t = strjoina("MESSAGE=", u->id, ": ", joined);
2275 }
2276
2277 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2278 * and hence don't increase n_iovec for them */
2279 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2280 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2281
2282 t = strjoina(u->manager->unit_log_field, u->id);
2283 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2284
2285 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2286 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2287
2288 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2289 r = 0;
2290
2291 finish:
2292 for (i = 0; i < n_message_parts; i++)
2293 free(message_parts[i]);
2294
2295 for (i = 0; i < n_iovec; i++)
2296 free(iovec[i].iov_base);
2297
2298 return r;
2299
2300 }
2301
2302 static void unit_update_on_console(Unit *u) {
2303 bool b;
2304
2305 assert(u);
2306
2307 b = unit_needs_console(u);
2308 if (u->on_console == b)
2309 return;
2310
2311 u->on_console = b;
2312 if (b)
2313 manager_ref_console(u->manager);
2314 else
2315 manager_unref_console(u->manager);
2316 }
2317
2318 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, UnitNotifyFlags flags) {
2319 bool unexpected;
2320 Manager *m;
2321
2322 assert(u);
2323 assert(os < _UNIT_ACTIVE_STATE_MAX);
2324 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2325
2326 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2327 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2328 * remounted this function will be called too! */
2329
2330 m = u->manager;
2331
2332 /* Update timestamps for state changes */
2333 if (!MANAGER_IS_RELOADING(m)) {
2334 dual_timestamp_get(&u->state_change_timestamp);
2335
2336 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2337 u->inactive_exit_timestamp = u->state_change_timestamp;
2338 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2339 u->inactive_enter_timestamp = u->state_change_timestamp;
2340
2341 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2342 u->active_enter_timestamp = u->state_change_timestamp;
2343 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2344 u->active_exit_timestamp = u->state_change_timestamp;
2345 }
2346
2347 /* Keep track of failed units */
2348 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2349
2350 /* Make sure the cgroup and state files are always removed when we become inactive */
2351 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2352 unit_prune_cgroup(u);
2353 unit_unlink_state_files(u);
2354 }
2355
2356 unit_update_on_console(u);
2357
2358 if (u->job) {
2359 unexpected = false;
2360
2361 if (u->job->state == JOB_WAITING)
2362
2363 /* So we reached a different state for this
2364 * job. Let's see if we can run it now if it
2365 * failed previously due to EAGAIN. */
2366 job_add_to_run_queue(u->job);
2367
2368 /* Let's check whether this state change constitutes a
2369 * finished job, or maybe contradicts a running job and
2370 * hence needs to invalidate jobs. */
2371
2372 switch (u->job->type) {
2373
2374 case JOB_START:
2375 case JOB_VERIFY_ACTIVE:
2376
2377 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2378 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2379 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2380 unexpected = true;
2381
2382 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2383 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2384 }
2385
2386 break;
2387
2388 case JOB_RELOAD:
2389 case JOB_RELOAD_OR_START:
2390 case JOB_TRY_RELOAD:
2391
2392 if (u->job->state == JOB_RUNNING) {
2393 if (ns == UNIT_ACTIVE)
2394 job_finish_and_invalidate(u->job, (flags & UNIT_NOTIFY_RELOAD_FAILURE) ? JOB_FAILED : JOB_DONE, true, false);
2395 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2396 unexpected = true;
2397
2398 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2399 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2400 }
2401 }
2402
2403 break;
2404
2405 case JOB_STOP:
2406 case JOB_RESTART:
2407 case JOB_TRY_RESTART:
2408
2409 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2410 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2411 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2412 unexpected = true;
2413 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2414 }
2415
2416 break;
2417
2418 default:
2419 assert_not_reached("Job type unknown");
2420 }
2421
2422 } else
2423 unexpected = true;
2424
2425 if (!MANAGER_IS_RELOADING(m)) {
2426
2427 /* If this state change happened without being
2428 * requested by a job, then let's retroactively start
2429 * or stop dependencies. We skip that step when
2430 * deserializing, since we don't want to create any
2431 * additional jobs just because something is already
2432 * activated. */
2433
2434 if (unexpected) {
2435 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2436 retroactively_start_dependencies(u);
2437 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2438 retroactively_stop_dependencies(u);
2439 }
2440
2441 /* stop unneeded units regardless if going down was expected or not */
2442 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2443 check_unneeded_dependencies(u);
2444
2445 if (ns != os && ns == UNIT_FAILED) {
2446 log_unit_debug(u, "Unit entered failed state.");
2447
2448 if (!(flags & UNIT_NOTIFY_WILL_AUTO_RESTART))
2449 unit_start_on_failure(u);
2450 }
2451
2452 if (UNIT_IS_ACTIVE_OR_RELOADING(ns) && !UNIT_IS_ACTIVE_OR_RELOADING(os)) {
2453 /* This unit just finished starting up */
2454
2455 if (u->type == UNIT_SERVICE) {
2456 /* Write audit record if we have just finished starting up */
2457 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2458 u->in_audit = true;
2459 }
2460
2461 manager_send_unit_plymouth(m, u);
2462 }
2463
2464 if (UNIT_IS_INACTIVE_OR_FAILED(ns) && !UNIT_IS_INACTIVE_OR_FAILED(os)) {
2465 /* This unit just stopped/failed. */
2466
2467 if (u->type == UNIT_SERVICE) {
2468
2469 if (u->in_audit) {
2470 /* Write audit record if we have just finished shutting down */
2471 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2472 u->in_audit = false;
2473 } else {
2474 /* Hmm, if there was no start record written write it now, so that we always
2475 * have a nice pair */
2476 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2477
2478 if (ns == UNIT_INACTIVE)
2479 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2480 }
2481 }
2482
2483 /* Write a log message about consumed resources */
2484 unit_log_resources(u);
2485 }
2486 }
2487
2488 manager_recheck_journal(m);
2489 manager_recheck_dbus(m);
2490
2491 unit_trigger_notify(u);
2492
2493 if (!MANAGER_IS_RELOADING(u->manager)) {
2494 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2495 unit_submit_to_stop_when_unneeded_queue(u);
2496
2497 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2498 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2499 * without ever entering started.) */
2500 unit_check_binds_to(u);
2501
2502 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2503 (void) emergency_action(u->manager, u->failure_action, 0,
2504 u->reboot_arg, "unit failed");
2505 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2506 (void) emergency_action(u->manager, u->success_action, 0,
2507 u->reboot_arg, "unit succeeded");
2508 }
2509
2510 unit_add_to_dbus_queue(u);
2511 unit_add_to_gc_queue(u);
2512 }
2513
2514 int unit_watch_pid(Unit *u, pid_t pid) {
2515 int r;
2516
2517 assert(u);
2518 assert(pid_is_valid(pid));
2519
2520 /* Watch a specific PID */
2521
2522 r = set_ensure_allocated(&u->pids, NULL);
2523 if (r < 0)
2524 return r;
2525
2526 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2527 if (r < 0)
2528 return r;
2529
2530 /* First try, let's add the unit keyed by "pid". */
2531 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2532 if (r == -EEXIST) {
2533 Unit **array;
2534 bool found = false;
2535 size_t n = 0;
2536
2537 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2538 * to an array of Units rather than just a Unit), lists us already. */
2539
2540 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2541 if (array)
2542 for (; array[n]; n++)
2543 if (array[n] == u)
2544 found = true;
2545
2546 if (found) /* Found it already? if so, do nothing */
2547 r = 0;
2548 else {
2549 Unit **new_array;
2550
2551 /* Allocate a new array */
2552 new_array = new(Unit*, n + 2);
2553 if (!new_array)
2554 return -ENOMEM;
2555
2556 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2557 new_array[n] = u;
2558 new_array[n+1] = NULL;
2559
2560 /* Add or replace the old array */
2561 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2562 if (r < 0) {
2563 free(new_array);
2564 return r;
2565 }
2566
2567 free(array);
2568 }
2569 } else if (r < 0)
2570 return r;
2571
2572 r = set_put(u->pids, PID_TO_PTR(pid));
2573 if (r < 0)
2574 return r;
2575
2576 return 0;
2577 }
2578
2579 void unit_unwatch_pid(Unit *u, pid_t pid) {
2580 Unit **array;
2581
2582 assert(u);
2583 assert(pid_is_valid(pid));
2584
2585 /* First let's drop the unit in case it's keyed as "pid". */
2586 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2587
2588 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2589 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2590 if (array) {
2591 size_t n, m = 0;
2592
2593 /* Let's iterate through the array, dropping our own entry */
2594 for (n = 0; array[n]; n++)
2595 if (array[n] != u)
2596 array[m++] = array[n];
2597 array[m] = NULL;
2598
2599 if (m == 0) {
2600 /* The array is now empty, remove the entire entry */
2601 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2602 free(array);
2603 }
2604 }
2605
2606 (void) set_remove(u->pids, PID_TO_PTR(pid));
2607 }
2608
2609 void unit_unwatch_all_pids(Unit *u) {
2610 assert(u);
2611
2612 while (!set_isempty(u->pids))
2613 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2614
2615 u->pids = set_free(u->pids);
2616 }
2617
2618 static void unit_tidy_watch_pids(Unit *u) {
2619 pid_t except1, except2;
2620 Iterator i;
2621 void *e;
2622
2623 assert(u);
2624
2625 /* Cleans dead PIDs from our list */
2626
2627 except1 = unit_main_pid(u);
2628 except2 = unit_control_pid(u);
2629
2630 SET_FOREACH(e, u->pids, i) {
2631 pid_t pid = PTR_TO_PID(e);
2632
2633 if (pid == except1 || pid == except2)
2634 continue;
2635
2636 if (!pid_is_unwaited(pid))
2637 unit_unwatch_pid(u, pid);
2638 }
2639 }
2640
2641 static int on_rewatch_pids_event(sd_event_source *s, void *userdata) {
2642 Unit *u = userdata;
2643
2644 assert(s);
2645 assert(u);
2646
2647 unit_tidy_watch_pids(u);
2648 unit_watch_all_pids(u);
2649
2650 /* If the PID set is empty now, then let's finish this off. */
2651 unit_synthesize_cgroup_empty_event(u);
2652
2653 return 0;
2654 }
2655
2656 int unit_enqueue_rewatch_pids(Unit *u) {
2657 int r;
2658
2659 assert(u);
2660
2661 if (!u->cgroup_path)
2662 return -ENOENT;
2663
2664 r = cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER);
2665 if (r < 0)
2666 return r;
2667 if (r > 0) /* On unified we can use proper notifications */
2668 return 0;
2669
2670 /* Enqueues a low-priority job that will clean up dead PIDs from our list of PIDs to watch and subscribe to new
2671 * PIDs that might have appeared. We do this in a delayed job because the work might be quite slow, as it
2672 * involves issuing kill(pid, 0) on all processes we watch. */
2673
2674 if (!u->rewatch_pids_event_source) {
2675 _cleanup_(sd_event_source_unrefp) sd_event_source *s = NULL;
2676
2677 r = sd_event_add_defer(u->manager->event, &s, on_rewatch_pids_event, u);
2678 if (r < 0)
2679 return log_error_errno(r, "Failed to allocate event source for tidying watched PIDs: %m");
2680
2681 r = sd_event_source_set_priority(s, SD_EVENT_PRIORITY_IDLE);
2682 if (r < 0)
2683 return log_error_errno(r, "Failed to adjust priority of event source for tidying watched PIDs: m");
2684
2685 (void) sd_event_source_set_description(s, "tidy-watch-pids");
2686
2687 u->rewatch_pids_event_source = TAKE_PTR(s);
2688 }
2689
2690 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_ONESHOT);
2691 if (r < 0)
2692 return log_error_errno(r, "Failed to enable event source for tidying watched PIDs: %m");
2693
2694 return 0;
2695 }
2696
2697 void unit_dequeue_rewatch_pids(Unit *u) {
2698 int r;
2699 assert(u);
2700
2701 if (!u->rewatch_pids_event_source)
2702 return;
2703
2704 r = sd_event_source_set_enabled(u->rewatch_pids_event_source, SD_EVENT_OFF);
2705 if (r < 0)
2706 log_warning_errno(r, "Failed to disable event source for tidying watched PIDs, ignoring: %m");
2707
2708 u->rewatch_pids_event_source = sd_event_source_unref(u->rewatch_pids_event_source);
2709 }
2710
2711 bool unit_job_is_applicable(Unit *u, JobType j) {
2712 assert(u);
2713 assert(j >= 0 && j < _JOB_TYPE_MAX);
2714
2715 switch (j) {
2716
2717 case JOB_VERIFY_ACTIVE:
2718 case JOB_START:
2719 case JOB_NOP:
2720 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2721 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2722 * jobs for it. */
2723 return true;
2724
2725 case JOB_STOP:
2726 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2727 * external events), hence it makes no sense to permit enqueing such a request either. */
2728 return !u->perpetual;
2729
2730 case JOB_RESTART:
2731 case JOB_TRY_RESTART:
2732 return unit_can_stop(u) && unit_can_start(u);
2733
2734 case JOB_RELOAD:
2735 case JOB_TRY_RELOAD:
2736 return unit_can_reload(u);
2737
2738 case JOB_RELOAD_OR_START:
2739 return unit_can_reload(u) && unit_can_start(u);
2740
2741 default:
2742 assert_not_reached("Invalid job type");
2743 }
2744 }
2745
2746 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2747 assert(u);
2748
2749 /* Only warn about some unit types */
2750 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2751 return;
2752
2753 if (streq_ptr(u->id, other))
2754 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2755 else
2756 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2757 }
2758
2759 static int unit_add_dependency_hashmap(
2760 Hashmap **h,
2761 Unit *other,
2762 UnitDependencyMask origin_mask,
2763 UnitDependencyMask destination_mask) {
2764
2765 UnitDependencyInfo info;
2766 int r;
2767
2768 assert(h);
2769 assert(other);
2770 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2771 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2772 assert(origin_mask > 0 || destination_mask > 0);
2773
2774 r = hashmap_ensure_allocated(h, NULL);
2775 if (r < 0)
2776 return r;
2777
2778 assert_cc(sizeof(void*) == sizeof(info));
2779
2780 info.data = hashmap_get(*h, other);
2781 if (info.data) {
2782 /* Entry already exists. Add in our mask. */
2783
2784 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2785 FLAGS_SET(destination_mask, info.destination_mask))
2786 return 0; /* NOP */
2787
2788 info.origin_mask |= origin_mask;
2789 info.destination_mask |= destination_mask;
2790
2791 r = hashmap_update(*h, other, info.data);
2792 } else {
2793 info = (UnitDependencyInfo) {
2794 .origin_mask = origin_mask,
2795 .destination_mask = destination_mask,
2796 };
2797
2798 r = hashmap_put(*h, other, info.data);
2799 }
2800 if (r < 0)
2801 return r;
2802
2803 return 1;
2804 }
2805
2806 int unit_add_dependency(
2807 Unit *u,
2808 UnitDependency d,
2809 Unit *other,
2810 bool add_reference,
2811 UnitDependencyMask mask) {
2812
2813 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2814 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2815 [UNIT_WANTS] = UNIT_WANTED_BY,
2816 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2817 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2818 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2819 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2820 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2821 [UNIT_WANTED_BY] = UNIT_WANTS,
2822 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2823 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2824 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2825 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2826 [UNIT_BEFORE] = UNIT_AFTER,
2827 [UNIT_AFTER] = UNIT_BEFORE,
2828 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2829 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2830 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2831 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2832 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2833 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2834 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2835 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2836 };
2837 Unit *original_u = u, *original_other = other;
2838 int r;
2839
2840 assert(u);
2841 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2842 assert(other);
2843
2844 u = unit_follow_merge(u);
2845 other = unit_follow_merge(other);
2846
2847 /* We won't allow dependencies on ourselves. We will not
2848 * consider them an error however. */
2849 if (u == other) {
2850 maybe_warn_about_dependency(original_u, original_other->id, d);
2851 return 0;
2852 }
2853
2854 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2855 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2856 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2857 return 0;
2858 }
2859
2860 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2861 if (r < 0)
2862 return r;
2863
2864 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2865 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2866 if (r < 0)
2867 return r;
2868 }
2869
2870 if (add_reference) {
2871 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2872 if (r < 0)
2873 return r;
2874
2875 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2876 if (r < 0)
2877 return r;
2878 }
2879
2880 unit_add_to_dbus_queue(u);
2881 return 0;
2882 }
2883
2884 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2885 int r;
2886
2887 assert(u);
2888
2889 r = unit_add_dependency(u, d, other, add_reference, mask);
2890 if (r < 0)
2891 return r;
2892
2893 return unit_add_dependency(u, e, other, add_reference, mask);
2894 }
2895
2896 static int resolve_template(Unit *u, const char *name, char **buf, const char **ret) {
2897 int r;
2898
2899 assert(u);
2900 assert(name);
2901 assert(buf);
2902 assert(ret);
2903
2904 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2905 *buf = NULL;
2906 *ret = name;
2907 return 0;
2908 }
2909
2910 if (u->instance)
2911 r = unit_name_replace_instance(name, u->instance, buf);
2912 else {
2913 _cleanup_free_ char *i = NULL;
2914
2915 r = unit_name_to_prefix(u->id, &i);
2916 if (r < 0)
2917 return r;
2918
2919 r = unit_name_replace_instance(name, i, buf);
2920 }
2921 if (r < 0)
2922 return r;
2923
2924 *ret = *buf;
2925 return 0;
2926 }
2927
2928 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, bool add_reference, UnitDependencyMask mask) {
2929 _cleanup_free_ char *buf = NULL;
2930 Unit *other;
2931 int r;
2932
2933 assert(u);
2934 assert(name);
2935
2936 r = resolve_template(u, name, &buf, &name);
2937 if (r < 0)
2938 return r;
2939
2940 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
2941 if (r < 0)
2942 return r;
2943
2944 return unit_add_dependency(u, d, other, add_reference, mask);
2945 }
2946
2947 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, bool add_reference, UnitDependencyMask mask) {
2948 _cleanup_free_ char *buf = NULL;
2949 Unit *other;
2950 int r;
2951
2952 assert(u);
2953 assert(name);
2954
2955 r = resolve_template(u, name, &buf, &name);
2956 if (r < 0)
2957 return r;
2958
2959 r = manager_load_unit(u->manager, name, NULL, NULL, &other);
2960 if (r < 0)
2961 return r;
2962
2963 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2964 }
2965
2966 int set_unit_path(const char *p) {
2967 /* This is mostly for debug purposes */
2968 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2969 return -errno;
2970
2971 return 0;
2972 }
2973
2974 char *unit_dbus_path(Unit *u) {
2975 assert(u);
2976
2977 if (!u->id)
2978 return NULL;
2979
2980 return unit_dbus_path_from_name(u->id);
2981 }
2982
2983 char *unit_dbus_path_invocation_id(Unit *u) {
2984 assert(u);
2985
2986 if (sd_id128_is_null(u->invocation_id))
2987 return NULL;
2988
2989 return unit_dbus_path_from_name(u->invocation_id_string);
2990 }
2991
2992 int unit_set_slice(Unit *u, Unit *slice) {
2993 assert(u);
2994 assert(slice);
2995
2996 /* Sets the unit slice if it has not been set before. Is extra
2997 * careful, to only allow this for units that actually have a
2998 * cgroup context. Also, we don't allow to set this for slices
2999 * (since the parent slice is derived from the name). Make
3000 * sure the unit we set is actually a slice. */
3001
3002 if (!UNIT_HAS_CGROUP_CONTEXT(u))
3003 return -EOPNOTSUPP;
3004
3005 if (u->type == UNIT_SLICE)
3006 return -EINVAL;
3007
3008 if (unit_active_state(u) != UNIT_INACTIVE)
3009 return -EBUSY;
3010
3011 if (slice->type != UNIT_SLICE)
3012 return -EINVAL;
3013
3014 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
3015 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
3016 return -EPERM;
3017
3018 if (UNIT_DEREF(u->slice) == slice)
3019 return 0;
3020
3021 /* Disallow slice changes if @u is already bound to cgroups */
3022 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
3023 return -EBUSY;
3024
3025 unit_ref_set(&u->slice, u, slice);
3026 return 1;
3027 }
3028
3029 int unit_set_default_slice(Unit *u) {
3030 _cleanup_free_ char *b = NULL;
3031 const char *slice_name;
3032 Unit *slice;
3033 int r;
3034
3035 assert(u);
3036
3037 if (UNIT_ISSET(u->slice))
3038 return 0;
3039
3040 if (u->instance) {
3041 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
3042
3043 /* Implicitly place all instantiated units in their
3044 * own per-template slice */
3045
3046 r = unit_name_to_prefix(u->id, &prefix);
3047 if (r < 0)
3048 return r;
3049
3050 /* The prefix is already escaped, but it might include
3051 * "-" which has a special meaning for slice units,
3052 * hence escape it here extra. */
3053 escaped = unit_name_escape(prefix);
3054 if (!escaped)
3055 return -ENOMEM;
3056
3057 if (MANAGER_IS_SYSTEM(u->manager))
3058 b = strjoin("system-", escaped, ".slice");
3059 else
3060 b = strappend(escaped, ".slice");
3061 if (!b)
3062 return -ENOMEM;
3063
3064 slice_name = b;
3065 } else
3066 slice_name =
3067 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
3068 ? SPECIAL_SYSTEM_SLICE
3069 : SPECIAL_ROOT_SLICE;
3070
3071 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
3072 if (r < 0)
3073 return r;
3074
3075 return unit_set_slice(u, slice);
3076 }
3077
3078 const char *unit_slice_name(Unit *u) {
3079 assert(u);
3080
3081 if (!UNIT_ISSET(u->slice))
3082 return NULL;
3083
3084 return UNIT_DEREF(u->slice)->id;
3085 }
3086
3087 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3088 _cleanup_free_ char *t = NULL;
3089 int r;
3090
3091 assert(u);
3092 assert(type);
3093 assert(_found);
3094
3095 r = unit_name_change_suffix(u->id, type, &t);
3096 if (r < 0)
3097 return r;
3098 if (unit_has_name(u, t))
3099 return -EINVAL;
3100
3101 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3102 assert(r < 0 || *_found != u);
3103 return r;
3104 }
3105
3106 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3107 const char *name, *old_owner, *new_owner;
3108 Unit *u = userdata;
3109 int r;
3110
3111 assert(message);
3112 assert(u);
3113
3114 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3115 if (r < 0) {
3116 bus_log_parse_error(r);
3117 return 0;
3118 }
3119
3120 old_owner = empty_to_null(old_owner);
3121 new_owner = empty_to_null(new_owner);
3122
3123 if (UNIT_VTABLE(u)->bus_name_owner_change)
3124 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3125
3126 return 0;
3127 }
3128
3129 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3130 const char *match;
3131
3132 assert(u);
3133 assert(bus);
3134 assert(name);
3135
3136 if (u->match_bus_slot)
3137 return -EBUSY;
3138
3139 match = strjoina("type='signal',"
3140 "sender='org.freedesktop.DBus',"
3141 "path='/org/freedesktop/DBus',"
3142 "interface='org.freedesktop.DBus',"
3143 "member='NameOwnerChanged',"
3144 "arg0='", name, "'");
3145
3146 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3147 }
3148
3149 int unit_watch_bus_name(Unit *u, const char *name) {
3150 int r;
3151
3152 assert(u);
3153 assert(name);
3154
3155 /* Watch a specific name on the bus. We only support one unit
3156 * watching each name for now. */
3157
3158 if (u->manager->api_bus) {
3159 /* If the bus is already available, install the match directly.
3160 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3161 r = unit_install_bus_match(u, u->manager->api_bus, name);
3162 if (r < 0)
3163 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3164 }
3165
3166 r = hashmap_put(u->manager->watch_bus, name, u);
3167 if (r < 0) {
3168 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3169 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3170 }
3171
3172 return 0;
3173 }
3174
3175 void unit_unwatch_bus_name(Unit *u, const char *name) {
3176 assert(u);
3177 assert(name);
3178
3179 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3180 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3181 }
3182
3183 bool unit_can_serialize(Unit *u) {
3184 assert(u);
3185
3186 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3187 }
3188
3189 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3190 _cleanup_free_ char *s = NULL;
3191 int r = 0;
3192
3193 assert(f);
3194 assert(key);
3195
3196 if (mask != 0) {
3197 r = cg_mask_to_string(mask, &s);
3198 if (r >= 0) {
3199 fputs(key, f);
3200 fputc('=', f);
3201 fputs(s, f);
3202 fputc('\n', f);
3203 }
3204 }
3205 return r;
3206 }
3207
3208 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3209 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3210 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3211 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3212 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3213 };
3214
3215 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3216 CGroupIPAccountingMetric m;
3217 int r;
3218
3219 assert(u);
3220 assert(f);
3221 assert(fds);
3222
3223 if (unit_can_serialize(u)) {
3224 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3225 if (r < 0)
3226 return r;
3227 }
3228
3229 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3230
3231 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3232 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3233 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3234 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3235
3236 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3237 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3238
3239 if (dual_timestamp_is_set(&u->condition_timestamp))
3240 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3241
3242 if (dual_timestamp_is_set(&u->assert_timestamp))
3243 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3244
3245 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3246
3247 unit_serialize_item(u, f, "in-audit", yes_no(u->in_audit));
3248
3249 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3250 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3251 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3252 unit_serialize_item(u, f, "exported-log-rate-limit-interval", yes_no(u->exported_log_rate_limit_interval));
3253 unit_serialize_item(u, f, "exported-log-rate-limit-burst", yes_no(u->exported_log_rate_limit_burst));
3254
3255 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3256 if (u->cpu_usage_last != NSEC_INFINITY)
3257 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3258
3259 if (u->cgroup_path)
3260 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3261 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3262 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3263 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3264 (void) unit_serialize_cgroup_mask(f, "cgroup-invalidated-mask", u->cgroup_invalidated_mask);
3265
3266 if (uid_is_valid(u->ref_uid))
3267 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3268 if (gid_is_valid(u->ref_gid))
3269 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3270
3271 if (!sd_id128_is_null(u->invocation_id))
3272 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3273
3274 bus_track_serialize(u->bus_track, f, "ref");
3275
3276 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3277 uint64_t v;
3278
3279 r = unit_get_ip_accounting(u, m, &v);
3280 if (r >= 0)
3281 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3282 }
3283
3284 if (serialize_jobs) {
3285 if (u->job) {
3286 fprintf(f, "job\n");
3287 job_serialize(u->job, f);
3288 }
3289
3290 if (u->nop_job) {
3291 fprintf(f, "job\n");
3292 job_serialize(u->nop_job, f);
3293 }
3294 }
3295
3296 /* End marker */
3297 fputc('\n', f);
3298 return 0;
3299 }
3300
3301 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3302 assert(u);
3303 assert(f);
3304 assert(key);
3305
3306 if (!value)
3307 return 0;
3308
3309 fputs(key, f);
3310 fputc('=', f);
3311 fputs(value, f);
3312 fputc('\n', f);
3313
3314 return 1;
3315 }
3316
3317 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3318 _cleanup_free_ char *c = NULL;
3319
3320 assert(u);
3321 assert(f);
3322 assert(key);
3323
3324 if (!value)
3325 return 0;
3326
3327 c = cescape(value);
3328 if (!c)
3329 return -ENOMEM;
3330
3331 fputs(key, f);
3332 fputc('=', f);
3333 fputs(c, f);
3334 fputc('\n', f);
3335
3336 return 1;
3337 }
3338
3339 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3340 int copy;
3341
3342 assert(u);
3343 assert(f);
3344 assert(key);
3345
3346 if (fd < 0)
3347 return 0;
3348
3349 copy = fdset_put_dup(fds, fd);
3350 if (copy < 0)
3351 return copy;
3352
3353 fprintf(f, "%s=%i\n", key, copy);
3354 return 1;
3355 }
3356
3357 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3358 va_list ap;
3359
3360 assert(u);
3361 assert(f);
3362 assert(key);
3363 assert(format);
3364
3365 fputs(key, f);
3366 fputc('=', f);
3367
3368 va_start(ap, format);
3369 vfprintf(f, format, ap);
3370 va_end(ap);
3371
3372 fputc('\n', f);
3373 }
3374
3375 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3376 int r;
3377
3378 assert(u);
3379 assert(f);
3380 assert(fds);
3381
3382 for (;;) {
3383 char line[LINE_MAX], *l, *v;
3384 CGroupIPAccountingMetric m;
3385 size_t k;
3386
3387 if (!fgets(line, sizeof(line), f)) {
3388 if (feof(f))
3389 return 0;
3390 return -errno;
3391 }
3392
3393 char_array_0(line);
3394 l = strstrip(line);
3395
3396 /* End marker */
3397 if (isempty(l))
3398 break;
3399
3400 k = strcspn(l, "=");
3401
3402 if (l[k] == '=') {
3403 l[k] = 0;
3404 v = l+k+1;
3405 } else
3406 v = l+k;
3407
3408 if (streq(l, "job")) {
3409 if (v[0] == '\0') {
3410 /* new-style serialized job */
3411 Job *j;
3412
3413 j = job_new_raw(u);
3414 if (!j)
3415 return log_oom();
3416
3417 r = job_deserialize(j, f);
3418 if (r < 0) {
3419 job_free(j);
3420 return r;
3421 }
3422
3423 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3424 if (r < 0) {
3425 job_free(j);
3426 return r;
3427 }
3428
3429 r = job_install_deserialized(j);
3430 if (r < 0) {
3431 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3432 job_free(j);
3433 return r;
3434 }
3435 } else /* legacy for pre-44 */
3436 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3437 continue;
3438 } else if (streq(l, "state-change-timestamp")) {
3439 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3440 continue;
3441 } else if (streq(l, "inactive-exit-timestamp")) {
3442 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3443 continue;
3444 } else if (streq(l, "active-enter-timestamp")) {
3445 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3446 continue;
3447 } else if (streq(l, "active-exit-timestamp")) {
3448 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3449 continue;
3450 } else if (streq(l, "inactive-enter-timestamp")) {
3451 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3452 continue;
3453 } else if (streq(l, "condition-timestamp")) {
3454 dual_timestamp_deserialize(v, &u->condition_timestamp);
3455 continue;
3456 } else if (streq(l, "assert-timestamp")) {
3457 dual_timestamp_deserialize(v, &u->assert_timestamp);
3458 continue;
3459 } else if (streq(l, "condition-result")) {
3460
3461 r = parse_boolean(v);
3462 if (r < 0)
3463 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3464 else
3465 u->condition_result = r;
3466
3467 continue;
3468
3469 } else if (streq(l, "assert-result")) {
3470
3471 r = parse_boolean(v);
3472 if (r < 0)
3473 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3474 else
3475 u->assert_result = r;
3476
3477 continue;
3478
3479 } else if (streq(l, "transient")) {
3480
3481 r = parse_boolean(v);
3482 if (r < 0)
3483 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3484 else
3485 u->transient = r;
3486
3487 continue;
3488
3489 } else if (streq(l, "in-audit")) {
3490
3491 r = parse_boolean(v);
3492 if (r < 0)
3493 log_unit_debug(u, "Failed to parse in-audit bool %s, ignoring.", v);
3494 else
3495 u->in_audit = r;
3496
3497 continue;
3498
3499 } else if (streq(l, "exported-invocation-id")) {
3500
3501 r = parse_boolean(v);
3502 if (r < 0)
3503 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3504 else
3505 u->exported_invocation_id = r;
3506
3507 continue;
3508
3509 } else if (streq(l, "exported-log-level-max")) {
3510
3511 r = parse_boolean(v);
3512 if (r < 0)
3513 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3514 else
3515 u->exported_log_level_max = r;
3516
3517 continue;
3518
3519 } else if (streq(l, "exported-log-extra-fields")) {
3520
3521 r = parse_boolean(v);
3522 if (r < 0)
3523 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3524 else
3525 u->exported_log_extra_fields = r;
3526
3527 continue;
3528
3529 } else if (streq(l, "exported-log-rate-limit-interval")) {
3530
3531 r = parse_boolean(v);
3532 if (r < 0)
3533 log_unit_debug(u, "Failed to parse exported log rate limit interval %s, ignoring.", v);
3534 else
3535 u->exported_log_rate_limit_interval = r;
3536
3537 continue;
3538
3539 } else if (streq(l, "exported-log-rate-limit-burst")) {
3540
3541 r = parse_boolean(v);
3542 if (r < 0)
3543 log_unit_debug(u, "Failed to parse exported log rate limit burst %s, ignoring.", v);
3544 else
3545 u->exported_log_rate_limit_burst = r;
3546
3547 continue;
3548
3549 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3550
3551 r = safe_atou64(v, &u->cpu_usage_base);
3552 if (r < 0)
3553 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3554
3555 continue;
3556
3557 } else if (streq(l, "cpu-usage-last")) {
3558
3559 r = safe_atou64(v, &u->cpu_usage_last);
3560 if (r < 0)
3561 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3562
3563 continue;
3564
3565 } else if (streq(l, "cgroup")) {
3566
3567 r = unit_set_cgroup_path(u, v);
3568 if (r < 0)
3569 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3570
3571 (void) unit_watch_cgroup(u);
3572
3573 continue;
3574 } else if (streq(l, "cgroup-realized")) {
3575 int b;
3576
3577 b = parse_boolean(v);
3578 if (b < 0)
3579 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3580 else
3581 u->cgroup_realized = b;
3582
3583 continue;
3584
3585 } else if (streq(l, "cgroup-realized-mask")) {
3586
3587 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3588 if (r < 0)
3589 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3590 continue;
3591
3592 } else if (streq(l, "cgroup-enabled-mask")) {
3593
3594 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3595 if (r < 0)
3596 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3597 continue;
3598
3599 } else if (streq(l, "cgroup-invalidated-mask")) {
3600
3601 r = cg_mask_from_string(v, &u->cgroup_invalidated_mask);
3602 if (r < 0)
3603 log_unit_debug(u, "Failed to parse cgroup-invalidated-mask %s, ignoring.", v);
3604 continue;
3605
3606 } else if (streq(l, "ref-uid")) {
3607 uid_t uid;
3608
3609 r = parse_uid(v, &uid);
3610 if (r < 0)
3611 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3612 else
3613 unit_ref_uid_gid(u, uid, GID_INVALID);
3614
3615 continue;
3616
3617 } else if (streq(l, "ref-gid")) {
3618 gid_t gid;
3619
3620 r = parse_gid(v, &gid);
3621 if (r < 0)
3622 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3623 else
3624 unit_ref_uid_gid(u, UID_INVALID, gid);
3625
3626 continue;
3627
3628 } else if (streq(l, "ref")) {
3629
3630 r = strv_extend(&u->deserialized_refs, v);
3631 if (r < 0)
3632 log_oom();
3633
3634 continue;
3635 } else if (streq(l, "invocation-id")) {
3636 sd_id128_t id;
3637
3638 r = sd_id128_from_string(v, &id);
3639 if (r < 0)
3640 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3641 else {
3642 r = unit_set_invocation_id(u, id);
3643 if (r < 0)
3644 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3645 }
3646
3647 continue;
3648 }
3649
3650 /* Check if this is an IP accounting metric serialization field */
3651 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3652 if (streq(l, ip_accounting_metric_field[m]))
3653 break;
3654 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3655 uint64_t c;
3656
3657 r = safe_atou64(v, &c);
3658 if (r < 0)
3659 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3660 else
3661 u->ip_accounting_extra[m] = c;
3662 continue;
3663 }
3664
3665 if (unit_can_serialize(u)) {
3666 r = exec_runtime_deserialize_compat(u, l, v, fds);
3667 if (r < 0) {
3668 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3669 continue;
3670 }
3671
3672 /* Returns positive if key was handled by the call */
3673 if (r > 0)
3674 continue;
3675
3676 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3677 if (r < 0)
3678 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3679 }
3680 }
3681
3682 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3683 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3684 * before 228 where the base for timeouts was not persistent across reboots. */
3685
3686 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3687 dual_timestamp_get(&u->state_change_timestamp);
3688
3689 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3690 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3691 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3692 unit_invalidate_cgroup_bpf(u);
3693
3694 return 0;
3695 }
3696
3697 void unit_deserialize_skip(FILE *f) {
3698 assert(f);
3699
3700 /* Skip serialized data for this unit. We don't know what it is. */
3701
3702 for (;;) {
3703 char line[LINE_MAX], *l;
3704
3705 if (!fgets(line, sizeof line, f))
3706 return;
3707
3708 char_array_0(line);
3709 l = strstrip(line);
3710
3711 /* End marker */
3712 if (isempty(l))
3713 return;
3714 }
3715 }
3716
3717 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3718 Unit *device;
3719 _cleanup_free_ char *e = NULL;
3720 int r;
3721
3722 assert(u);
3723
3724 /* Adds in links to the device node that this unit is based on */
3725 if (isempty(what))
3726 return 0;
3727
3728 if (!is_device_path(what))
3729 return 0;
3730
3731 /* When device units aren't supported (such as in a
3732 * container), don't create dependencies on them. */
3733 if (!unit_type_supported(UNIT_DEVICE))
3734 return 0;
3735
3736 r = unit_name_from_path(what, ".device", &e);
3737 if (r < 0)
3738 return r;
3739
3740 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3741 if (r < 0)
3742 return r;
3743
3744 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3745 dep = UNIT_BINDS_TO;
3746
3747 r = unit_add_two_dependencies(u, UNIT_AFTER,
3748 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3749 device, true, mask);
3750 if (r < 0)
3751 return r;
3752
3753 if (wants) {
3754 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3755 if (r < 0)
3756 return r;
3757 }
3758
3759 return 0;
3760 }
3761
3762 int unit_coldplug(Unit *u) {
3763 int r = 0, q;
3764 char **i;
3765
3766 assert(u);
3767
3768 /* Make sure we don't enter a loop, when coldplugging recursively. */
3769 if (u->coldplugged)
3770 return 0;
3771
3772 u->coldplugged = true;
3773
3774 STRV_FOREACH(i, u->deserialized_refs) {
3775 q = bus_unit_track_add_name(u, *i);
3776 if (q < 0 && r >= 0)
3777 r = q;
3778 }
3779 u->deserialized_refs = strv_free(u->deserialized_refs);
3780
3781 if (UNIT_VTABLE(u)->coldplug) {
3782 q = UNIT_VTABLE(u)->coldplug(u);
3783 if (q < 0 && r >= 0)
3784 r = q;
3785 }
3786
3787 if (u->job) {
3788 q = job_coldplug(u->job);
3789 if (q < 0 && r >= 0)
3790 r = q;
3791 }
3792
3793 return r;
3794 }
3795
3796 void unit_catchup(Unit *u) {
3797 assert(u);
3798
3799 if (UNIT_VTABLE(u)->catchup)
3800 UNIT_VTABLE(u)->catchup(u);
3801 }
3802
3803 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3804 struct stat st;
3805
3806 if (!path)
3807 return false;
3808
3809 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3810 * are never out-of-date. */
3811 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3812 return false;
3813
3814 if (stat(path, &st) < 0)
3815 /* What, cannot access this anymore? */
3816 return true;
3817
3818 if (path_masked)
3819 /* For masked files check if they are still so */
3820 return !null_or_empty(&st);
3821 else
3822 /* For non-empty files check the mtime */
3823 return timespec_load(&st.st_mtim) > mtime;
3824
3825 return false;
3826 }
3827
3828 bool unit_need_daemon_reload(Unit *u) {
3829 _cleanup_strv_free_ char **t = NULL;
3830 char **path;
3831
3832 assert(u);
3833
3834 /* For unit files, we allow masking… */
3835 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3836 u->load_state == UNIT_MASKED))
3837 return true;
3838
3839 /* Source paths should not be masked… */
3840 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3841 return true;
3842
3843 if (u->load_state == UNIT_LOADED)
3844 (void) unit_find_dropin_paths(u, &t);
3845 if (!strv_equal(u->dropin_paths, t))
3846 return true;
3847
3848 /* … any drop-ins that are masked are simply omitted from the list. */
3849 STRV_FOREACH(path, u->dropin_paths)
3850 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3851 return true;
3852
3853 return false;
3854 }
3855
3856 void unit_reset_failed(Unit *u) {
3857 assert(u);
3858
3859 if (UNIT_VTABLE(u)->reset_failed)
3860 UNIT_VTABLE(u)->reset_failed(u);
3861
3862 RATELIMIT_RESET(u->start_limit);
3863 u->start_limit_hit = false;
3864 }
3865
3866 Unit *unit_following(Unit *u) {
3867 assert(u);
3868
3869 if (UNIT_VTABLE(u)->following)
3870 return UNIT_VTABLE(u)->following(u);
3871
3872 return NULL;
3873 }
3874
3875 bool unit_stop_pending(Unit *u) {
3876 assert(u);
3877
3878 /* This call does check the current state of the unit. It's
3879 * hence useful to be called from state change calls of the
3880 * unit itself, where the state isn't updated yet. This is
3881 * different from unit_inactive_or_pending() which checks both
3882 * the current state and for a queued job. */
3883
3884 return u->job && u->job->type == JOB_STOP;
3885 }
3886
3887 bool unit_inactive_or_pending(Unit *u) {
3888 assert(u);
3889
3890 /* Returns true if the unit is inactive or going down */
3891
3892 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3893 return true;
3894
3895 if (unit_stop_pending(u))
3896 return true;
3897
3898 return false;
3899 }
3900
3901 bool unit_active_or_pending(Unit *u) {
3902 assert(u);
3903
3904 /* Returns true if the unit is active or going up */
3905
3906 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3907 return true;
3908
3909 if (u->job &&
3910 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3911 return true;
3912
3913 return false;
3914 }
3915
3916 bool unit_will_restart(Unit *u) {
3917 assert(u);
3918
3919 if (!UNIT_VTABLE(u)->will_restart)
3920 return false;
3921
3922 return UNIT_VTABLE(u)->will_restart(u);
3923 }
3924
3925 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3926 assert(u);
3927 assert(w >= 0 && w < _KILL_WHO_MAX);
3928 assert(SIGNAL_VALID(signo));
3929
3930 if (!UNIT_VTABLE(u)->kill)
3931 return -EOPNOTSUPP;
3932
3933 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3934 }
3935
3936 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3937 _cleanup_set_free_ Set *pid_set = NULL;
3938 int r;
3939
3940 pid_set = set_new(NULL);
3941 if (!pid_set)
3942 return NULL;
3943
3944 /* Exclude the main/control pids from being killed via the cgroup */
3945 if (main_pid > 0) {
3946 r = set_put(pid_set, PID_TO_PTR(main_pid));
3947 if (r < 0)
3948 return NULL;
3949 }
3950
3951 if (control_pid > 0) {
3952 r = set_put(pid_set, PID_TO_PTR(control_pid));
3953 if (r < 0)
3954 return NULL;
3955 }
3956
3957 return TAKE_PTR(pid_set);
3958 }
3959
3960 int unit_kill_common(
3961 Unit *u,
3962 KillWho who,
3963 int signo,
3964 pid_t main_pid,
3965 pid_t control_pid,
3966 sd_bus_error *error) {
3967
3968 int r = 0;
3969 bool killed = false;
3970
3971 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3972 if (main_pid < 0)
3973 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3974 else if (main_pid == 0)
3975 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3976 }
3977
3978 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3979 if (control_pid < 0)
3980 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3981 else if (control_pid == 0)
3982 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3983 }
3984
3985 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3986 if (control_pid > 0) {
3987 if (kill(control_pid, signo) < 0)
3988 r = -errno;
3989 else
3990 killed = true;
3991 }
3992
3993 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3994 if (main_pid > 0) {
3995 if (kill(main_pid, signo) < 0)
3996 r = -errno;
3997 else
3998 killed = true;
3999 }
4000
4001 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
4002 _cleanup_set_free_ Set *pid_set = NULL;
4003 int q;
4004
4005 /* Exclude the main/control pids from being killed via the cgroup */
4006 pid_set = unit_pid_set(main_pid, control_pid);
4007 if (!pid_set)
4008 return -ENOMEM;
4009
4010 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
4011 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
4012 r = q;
4013 else
4014 killed = true;
4015 }
4016
4017 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
4018 return -ESRCH;
4019
4020 return r;
4021 }
4022
4023 int unit_following_set(Unit *u, Set **s) {
4024 assert(u);
4025 assert(s);
4026
4027 if (UNIT_VTABLE(u)->following_set)
4028 return UNIT_VTABLE(u)->following_set(u, s);
4029
4030 *s = NULL;
4031 return 0;
4032 }
4033
4034 UnitFileState unit_get_unit_file_state(Unit *u) {
4035 int r;
4036
4037 assert(u);
4038
4039 if (u->unit_file_state < 0 && u->fragment_path) {
4040 r = unit_file_get_state(
4041 u->manager->unit_file_scope,
4042 NULL,
4043 u->id,
4044 &u->unit_file_state);
4045 if (r < 0)
4046 u->unit_file_state = UNIT_FILE_BAD;
4047 }
4048
4049 return u->unit_file_state;
4050 }
4051
4052 int unit_get_unit_file_preset(Unit *u) {
4053 assert(u);
4054
4055 if (u->unit_file_preset < 0 && u->fragment_path)
4056 u->unit_file_preset = unit_file_query_preset(
4057 u->manager->unit_file_scope,
4058 NULL,
4059 basename(u->fragment_path));
4060
4061 return u->unit_file_preset;
4062 }
4063
4064 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
4065 assert(ref);
4066 assert(source);
4067 assert(target);
4068
4069 if (ref->target)
4070 unit_ref_unset(ref);
4071
4072 ref->source = source;
4073 ref->target = target;
4074 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
4075 return target;
4076 }
4077
4078 void unit_ref_unset(UnitRef *ref) {
4079 assert(ref);
4080
4081 if (!ref->target)
4082 return;
4083
4084 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
4085 * be unreferenced now. */
4086 unit_add_to_gc_queue(ref->target);
4087
4088 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
4089 ref->source = ref->target = NULL;
4090 }
4091
4092 static int user_from_unit_name(Unit *u, char **ret) {
4093
4094 static const uint8_t hash_key[] = {
4095 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
4096 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
4097 };
4098
4099 _cleanup_free_ char *n = NULL;
4100 int r;
4101
4102 r = unit_name_to_prefix(u->id, &n);
4103 if (r < 0)
4104 return r;
4105
4106 if (valid_user_group_name(n)) {
4107 *ret = TAKE_PTR(n);
4108 return 0;
4109 }
4110
4111 /* If we can't use the unit name as a user name, then let's hash it and use that */
4112 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
4113 return -ENOMEM;
4114
4115 return 0;
4116 }
4117
4118 int unit_patch_contexts(Unit *u) {
4119 CGroupContext *cc;
4120 ExecContext *ec;
4121 unsigned i;
4122 int r;
4123
4124 assert(u);
4125
4126 /* Patch in the manager defaults into the exec and cgroup
4127 * contexts, _after_ the rest of the settings have been
4128 * initialized */
4129
4130 ec = unit_get_exec_context(u);
4131 if (ec) {
4132 /* This only copies in the ones that need memory */
4133 for (i = 0; i < _RLIMIT_MAX; i++)
4134 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4135 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4136 if (!ec->rlimit[i])
4137 return -ENOMEM;
4138 }
4139
4140 if (MANAGER_IS_USER(u->manager) &&
4141 !ec->working_directory) {
4142
4143 r = get_home_dir(&ec->working_directory);
4144 if (r < 0)
4145 return r;
4146
4147 /* Allow user services to run, even if the
4148 * home directory is missing */
4149 ec->working_directory_missing_ok = true;
4150 }
4151
4152 if (ec->private_devices)
4153 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4154
4155 if (ec->protect_kernel_modules)
4156 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4157
4158 if (ec->dynamic_user) {
4159 if (!ec->user) {
4160 r = user_from_unit_name(u, &ec->user);
4161 if (r < 0)
4162 return r;
4163 }
4164
4165 if (!ec->group) {
4166 ec->group = strdup(ec->user);
4167 if (!ec->group)
4168 return -ENOMEM;
4169 }
4170
4171 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4172 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4173
4174 ec->private_tmp = true;
4175 ec->remove_ipc = true;
4176 ec->protect_system = PROTECT_SYSTEM_STRICT;
4177 if (ec->protect_home == PROTECT_HOME_NO)
4178 ec->protect_home = PROTECT_HOME_READ_ONLY;
4179 }
4180 }
4181
4182 cc = unit_get_cgroup_context(u);
4183 if (cc && ec) {
4184
4185 if (ec->private_devices &&
4186 cc->device_policy == CGROUP_AUTO)
4187 cc->device_policy = CGROUP_CLOSED;
4188
4189 if (ec->root_image &&
4190 (cc->device_policy != CGROUP_AUTO || cc->device_allow)) {
4191
4192 /* When RootImage= is specified, the following devices are touched. */
4193 r = cgroup_add_device_allow(cc, "/dev/loop-control", "rw");
4194 if (r < 0)
4195 return r;
4196
4197 r = cgroup_add_device_allow(cc, "block-loop", "rwm");
4198 if (r < 0)
4199 return r;
4200
4201 r = cgroup_add_device_allow(cc, "block-blkext", "rwm");
4202 if (r < 0)
4203 return r;
4204 }
4205 }
4206
4207 return 0;
4208 }
4209
4210 ExecContext *unit_get_exec_context(Unit *u) {
4211 size_t offset;
4212 assert(u);
4213
4214 if (u->type < 0)
4215 return NULL;
4216
4217 offset = UNIT_VTABLE(u)->exec_context_offset;
4218 if (offset <= 0)
4219 return NULL;
4220
4221 return (ExecContext*) ((uint8_t*) u + offset);
4222 }
4223
4224 KillContext *unit_get_kill_context(Unit *u) {
4225 size_t offset;
4226 assert(u);
4227
4228 if (u->type < 0)
4229 return NULL;
4230
4231 offset = UNIT_VTABLE(u)->kill_context_offset;
4232 if (offset <= 0)
4233 return NULL;
4234
4235 return (KillContext*) ((uint8_t*) u + offset);
4236 }
4237
4238 CGroupContext *unit_get_cgroup_context(Unit *u) {
4239 size_t offset;
4240
4241 if (u->type < 0)
4242 return NULL;
4243
4244 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4245 if (offset <= 0)
4246 return NULL;
4247
4248 return (CGroupContext*) ((uint8_t*) u + offset);
4249 }
4250
4251 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4252 size_t offset;
4253
4254 if (u->type < 0)
4255 return NULL;
4256
4257 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4258 if (offset <= 0)
4259 return NULL;
4260
4261 return *(ExecRuntime**) ((uint8_t*) u + offset);
4262 }
4263
4264 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4265 assert(u);
4266
4267 if (UNIT_WRITE_FLAGS_NOOP(flags))
4268 return NULL;
4269
4270 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4271 return u->manager->lookup_paths.transient;
4272
4273 if (flags & UNIT_PERSISTENT)
4274 return u->manager->lookup_paths.persistent_control;
4275
4276 if (flags & UNIT_RUNTIME)
4277 return u->manager->lookup_paths.runtime_control;
4278
4279 return NULL;
4280 }
4281
4282 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4283 char *ret = NULL;
4284
4285 if (!s)
4286 return NULL;
4287
4288 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4289 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4290 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4291 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4292 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4293 * allocations. */
4294
4295 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4296 ret = specifier_escape(s);
4297 if (!ret)
4298 return NULL;
4299
4300 s = ret;
4301 }
4302
4303 if (flags & UNIT_ESCAPE_C) {
4304 char *a;
4305
4306 a = cescape(s);
4307 free(ret);
4308 if (!a)
4309 return NULL;
4310
4311 ret = a;
4312 }
4313
4314 if (buf) {
4315 *buf = ret;
4316 return ret ?: (char*) s;
4317 }
4318
4319 return ret ?: strdup(s);
4320 }
4321
4322 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4323 _cleanup_free_ char *result = NULL;
4324 size_t n = 0, allocated = 0;
4325 char **i;
4326
4327 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4328 * way suitable for ExecStart= stanzas */
4329
4330 STRV_FOREACH(i, l) {
4331 _cleanup_free_ char *buf = NULL;
4332 const char *p;
4333 size_t a;
4334 char *q;
4335
4336 p = unit_escape_setting(*i, flags, &buf);
4337 if (!p)
4338 return NULL;
4339
4340 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4341 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4342 return NULL;
4343
4344 q = result + n;
4345 if (n > 0)
4346 *(q++) = ' ';
4347
4348 *(q++) = '"';
4349 q = stpcpy(q, p);
4350 *(q++) = '"';
4351
4352 n += a;
4353 }
4354
4355 if (!GREEDY_REALLOC(result, allocated, n + 1))
4356 return NULL;
4357
4358 result[n] = 0;
4359
4360 return TAKE_PTR(result);
4361 }
4362
4363 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4364 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4365 const char *dir, *wrapped;
4366 int r;
4367
4368 assert(u);
4369 assert(name);
4370 assert(data);
4371
4372 if (UNIT_WRITE_FLAGS_NOOP(flags))
4373 return 0;
4374
4375 data = unit_escape_setting(data, flags, &escaped);
4376 if (!data)
4377 return -ENOMEM;
4378
4379 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4380 * previous section header is the same */
4381
4382 if (flags & UNIT_PRIVATE) {
4383 if (!UNIT_VTABLE(u)->private_section)
4384 return -EINVAL;
4385
4386 if (!u->transient_file || u->last_section_private < 0)
4387 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4388 else if (u->last_section_private == 0)
4389 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4390 } else {
4391 if (!u->transient_file || u->last_section_private < 0)
4392 data = strjoina("[Unit]\n", data);
4393 else if (u->last_section_private > 0)
4394 data = strjoina("\n[Unit]\n", data);
4395 }
4396
4397 if (u->transient_file) {
4398 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4399 * write to the transient unit file. */
4400 fputs(data, u->transient_file);
4401
4402 if (!endswith(data, "\n"))
4403 fputc('\n', u->transient_file);
4404
4405 /* Remember which section we wrote this entry to */
4406 u->last_section_private = !!(flags & UNIT_PRIVATE);
4407 return 0;
4408 }
4409
4410 dir = unit_drop_in_dir(u, flags);
4411 if (!dir)
4412 return -EINVAL;
4413
4414 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4415 "# or an equivalent operation. Do not edit.\n",
4416 data,
4417 "\n");
4418
4419 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4420 if (r < 0)
4421 return r;
4422
4423 (void) mkdir_p_label(p, 0755);
4424 r = write_string_file_atomic_label(q, wrapped);
4425 if (r < 0)
4426 return r;
4427
4428 r = strv_push(&u->dropin_paths, q);
4429 if (r < 0)
4430 return r;
4431 q = NULL;
4432
4433 strv_uniq(u->dropin_paths);
4434
4435 u->dropin_mtime = now(CLOCK_REALTIME);
4436
4437 return 0;
4438 }
4439
4440 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4441 _cleanup_free_ char *p = NULL;
4442 va_list ap;
4443 int r;
4444
4445 assert(u);
4446 assert(name);
4447 assert(format);
4448
4449 if (UNIT_WRITE_FLAGS_NOOP(flags))
4450 return 0;
4451
4452 va_start(ap, format);
4453 r = vasprintf(&p, format, ap);
4454 va_end(ap);
4455
4456 if (r < 0)
4457 return -ENOMEM;
4458
4459 return unit_write_setting(u, flags, name, p);
4460 }
4461
4462 int unit_make_transient(Unit *u) {
4463 _cleanup_free_ char *path = NULL;
4464 FILE *f;
4465
4466 assert(u);
4467
4468 if (!UNIT_VTABLE(u)->can_transient)
4469 return -EOPNOTSUPP;
4470
4471 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4472
4473 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4474 if (!path)
4475 return -ENOMEM;
4476
4477 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4478 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4479
4480 RUN_WITH_UMASK(0022) {
4481 f = fopen(path, "we");
4482 if (!f)
4483 return -errno;
4484 }
4485
4486 safe_fclose(u->transient_file);
4487 u->transient_file = f;
4488
4489 free_and_replace(u->fragment_path, path);
4490
4491 u->source_path = mfree(u->source_path);
4492 u->dropin_paths = strv_free(u->dropin_paths);
4493 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4494
4495 u->load_state = UNIT_STUB;
4496 u->load_error = 0;
4497 u->transient = true;
4498
4499 unit_add_to_dbus_queue(u);
4500 unit_add_to_gc_queue(u);
4501
4502 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4503 u->transient_file);
4504
4505 return 0;
4506 }
4507
4508 static void log_kill(pid_t pid, int sig, void *userdata) {
4509 _cleanup_free_ char *comm = NULL;
4510
4511 (void) get_process_comm(pid, &comm);
4512
4513 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4514 only, like for example systemd's own PAM stub process. */
4515 if (comm && comm[0] == '(')
4516 return;
4517
4518 log_unit_notice(userdata,
4519 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4520 pid,
4521 strna(comm),
4522 signal_to_string(sig));
4523 }
4524
4525 static int operation_to_signal(KillContext *c, KillOperation k) {
4526 assert(c);
4527
4528 switch (k) {
4529
4530 case KILL_TERMINATE:
4531 case KILL_TERMINATE_AND_LOG:
4532 return c->kill_signal;
4533
4534 case KILL_KILL:
4535 return c->final_kill_signal;
4536
4537 case KILL_WATCHDOG:
4538 return c->watchdog_signal;
4539
4540 default:
4541 assert_not_reached("KillOperation unknown");
4542 }
4543 }
4544
4545 int unit_kill_context(
4546 Unit *u,
4547 KillContext *c,
4548 KillOperation k,
4549 pid_t main_pid,
4550 pid_t control_pid,
4551 bool main_pid_alien) {
4552
4553 bool wait_for_exit = false, send_sighup;
4554 cg_kill_log_func_t log_func = NULL;
4555 int sig, r;
4556
4557 assert(u);
4558 assert(c);
4559
4560 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4561 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4562
4563 if (c->kill_mode == KILL_NONE)
4564 return 0;
4565
4566 sig = operation_to_signal(c, k);
4567
4568 send_sighup =
4569 c->send_sighup &&
4570 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4571 sig != SIGHUP;
4572
4573 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4574 log_func = log_kill;
4575
4576 if (main_pid > 0) {
4577 if (log_func)
4578 log_func(main_pid, sig, u);
4579
4580 r = kill_and_sigcont(main_pid, sig);
4581 if (r < 0 && r != -ESRCH) {
4582 _cleanup_free_ char *comm = NULL;
4583 (void) get_process_comm(main_pid, &comm);
4584
4585 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4586 } else {
4587 if (!main_pid_alien)
4588 wait_for_exit = true;
4589
4590 if (r != -ESRCH && send_sighup)
4591 (void) kill(main_pid, SIGHUP);
4592 }
4593 }
4594
4595 if (control_pid > 0) {
4596 if (log_func)
4597 log_func(control_pid, sig, u);
4598
4599 r = kill_and_sigcont(control_pid, sig);
4600 if (r < 0 && r != -ESRCH) {
4601 _cleanup_free_ char *comm = NULL;
4602 (void) get_process_comm(control_pid, &comm);
4603
4604 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4605 } else {
4606 wait_for_exit = true;
4607
4608 if (r != -ESRCH && send_sighup)
4609 (void) kill(control_pid, SIGHUP);
4610 }
4611 }
4612
4613 if (u->cgroup_path &&
4614 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4615 _cleanup_set_free_ Set *pid_set = NULL;
4616
4617 /* Exclude the main/control pids from being killed via the cgroup */
4618 pid_set = unit_pid_set(main_pid, control_pid);
4619 if (!pid_set)
4620 return -ENOMEM;
4621
4622 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4623 sig,
4624 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4625 pid_set,
4626 log_func, u);
4627 if (r < 0) {
4628 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4629 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4630
4631 } else if (r > 0) {
4632
4633 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4634 * we are running in a container or if this is a delegation unit, simply because cgroup
4635 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4636 * of containers it can be confused easily by left-over directories in the cgroup — which
4637 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4638 * there we get proper events. Hence rely on them. */
4639
4640 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4641 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4642 wait_for_exit = true;
4643
4644 if (send_sighup) {
4645 set_free(pid_set);
4646
4647 pid_set = unit_pid_set(main_pid, control_pid);
4648 if (!pid_set)
4649 return -ENOMEM;
4650
4651 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4652 SIGHUP,
4653 CGROUP_IGNORE_SELF,
4654 pid_set,
4655 NULL, NULL);
4656 }
4657 }
4658 }
4659
4660 return wait_for_exit;
4661 }
4662
4663 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4664 _cleanup_free_ char *p = NULL;
4665 char *prefix;
4666 UnitDependencyInfo di;
4667 int r;
4668
4669 assert(u);
4670 assert(path);
4671
4672 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4673 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4674 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4675 * determine which units to make themselves a dependency of. */
4676
4677 if (!path_is_absolute(path))
4678 return -EINVAL;
4679
4680 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4681 if (r < 0)
4682 return r;
4683
4684 p = strdup(path);
4685 if (!p)
4686 return -ENOMEM;
4687
4688 path = path_simplify(p, false);
4689
4690 if (!path_is_normalized(path))
4691 return -EPERM;
4692
4693 if (hashmap_contains(u->requires_mounts_for, path))
4694 return 0;
4695
4696 di = (UnitDependencyInfo) {
4697 .origin_mask = mask
4698 };
4699
4700 r = hashmap_put(u->requires_mounts_for, path, di.data);
4701 if (r < 0)
4702 return r;
4703 p = NULL;
4704
4705 prefix = alloca(strlen(path) + 1);
4706 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4707 Set *x;
4708
4709 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4710 if (!x) {
4711 _cleanup_free_ char *q = NULL;
4712
4713 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4714 if (r < 0)
4715 return r;
4716
4717 q = strdup(prefix);
4718 if (!q)
4719 return -ENOMEM;
4720
4721 x = set_new(NULL);
4722 if (!x)
4723 return -ENOMEM;
4724
4725 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4726 if (r < 0) {
4727 set_free(x);
4728 return r;
4729 }
4730 q = NULL;
4731 }
4732
4733 r = set_put(x, u);
4734 if (r < 0)
4735 return r;
4736 }
4737
4738 return 0;
4739 }
4740
4741 int unit_setup_exec_runtime(Unit *u) {
4742 ExecRuntime **rt;
4743 size_t offset;
4744 Unit *other;
4745 Iterator i;
4746 void *v;
4747 int r;
4748
4749 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4750 assert(offset > 0);
4751
4752 /* Check if there already is an ExecRuntime for this unit? */
4753 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4754 if (*rt)
4755 return 0;
4756
4757 /* Try to get it from somebody else */
4758 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4759 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4760 if (r == 1)
4761 return 1;
4762 }
4763
4764 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4765 }
4766
4767 int unit_setup_dynamic_creds(Unit *u) {
4768 ExecContext *ec;
4769 DynamicCreds *dcreds;
4770 size_t offset;
4771
4772 assert(u);
4773
4774 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4775 assert(offset > 0);
4776 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4777
4778 ec = unit_get_exec_context(u);
4779 assert(ec);
4780
4781 if (!ec->dynamic_user)
4782 return 0;
4783
4784 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4785 }
4786
4787 bool unit_type_supported(UnitType t) {
4788 if (_unlikely_(t < 0))
4789 return false;
4790 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4791 return false;
4792
4793 if (!unit_vtable[t]->supported)
4794 return true;
4795
4796 return unit_vtable[t]->supported();
4797 }
4798
4799 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4800 int r;
4801
4802 assert(u);
4803 assert(where);
4804
4805 r = dir_is_empty(where);
4806 if (r > 0 || r == -ENOTDIR)
4807 return;
4808 if (r < 0) {
4809 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4810 return;
4811 }
4812
4813 log_struct(LOG_NOTICE,
4814 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4815 LOG_UNIT_ID(u),
4816 LOG_UNIT_INVOCATION_ID(u),
4817 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4818 "WHERE=%s", where);
4819 }
4820
4821 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4822 _cleanup_free_ char *canonical_where;
4823 int r;
4824
4825 assert(u);
4826 assert(where);
4827
4828 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4829 if (r < 0) {
4830 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4831 return 0;
4832 }
4833
4834 /* We will happily ignore a trailing slash (or any redundant slashes) */
4835 if (path_equal(where, canonical_where))
4836 return 0;
4837
4838 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4839 log_struct(LOG_ERR,
4840 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4841 LOG_UNIT_ID(u),
4842 LOG_UNIT_INVOCATION_ID(u),
4843 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4844 "WHERE=%s", where);
4845
4846 return -ELOOP;
4847 }
4848
4849 bool unit_is_pristine(Unit *u) {
4850 assert(u);
4851
4852 /* Check if the unit already exists or is already around,
4853 * in a number of different ways. Note that to cater for unit
4854 * types such as slice, we are generally fine with units that
4855 * are marked UNIT_LOADED even though nothing was actually
4856 * loaded, as those unit types don't require a file on disk. */
4857
4858 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4859 u->fragment_path ||
4860 u->source_path ||
4861 !strv_isempty(u->dropin_paths) ||
4862 u->job ||
4863 u->merged_into);
4864 }
4865
4866 pid_t unit_control_pid(Unit *u) {
4867 assert(u);
4868
4869 if (UNIT_VTABLE(u)->control_pid)
4870 return UNIT_VTABLE(u)->control_pid(u);
4871
4872 return 0;
4873 }
4874
4875 pid_t unit_main_pid(Unit *u) {
4876 assert(u);
4877
4878 if (UNIT_VTABLE(u)->main_pid)
4879 return UNIT_VTABLE(u)->main_pid(u);
4880
4881 return 0;
4882 }
4883
4884 static void unit_unref_uid_internal(
4885 Unit *u,
4886 uid_t *ref_uid,
4887 bool destroy_now,
4888 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4889
4890 assert(u);
4891 assert(ref_uid);
4892 assert(_manager_unref_uid);
4893
4894 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4895 * gid_t are actually the same time, with the same validity rules.
4896 *
4897 * Drops a reference to UID/GID from a unit. */
4898
4899 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4900 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4901
4902 if (!uid_is_valid(*ref_uid))
4903 return;
4904
4905 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4906 *ref_uid = UID_INVALID;
4907 }
4908
4909 void unit_unref_uid(Unit *u, bool destroy_now) {
4910 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4911 }
4912
4913 void unit_unref_gid(Unit *u, bool destroy_now) {
4914 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4915 }
4916
4917 static int unit_ref_uid_internal(
4918 Unit *u,
4919 uid_t *ref_uid,
4920 uid_t uid,
4921 bool clean_ipc,
4922 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4923
4924 int r;
4925
4926 assert(u);
4927 assert(ref_uid);
4928 assert(uid_is_valid(uid));
4929 assert(_manager_ref_uid);
4930
4931 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4932 * are actually the same type, and have the same validity rules.
4933 *
4934 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4935 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4936 * drops to zero. */
4937
4938 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4939 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4940
4941 if (*ref_uid == uid)
4942 return 0;
4943
4944 if (uid_is_valid(*ref_uid)) /* Already set? */
4945 return -EBUSY;
4946
4947 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4948 if (r < 0)
4949 return r;
4950
4951 *ref_uid = uid;
4952 return 1;
4953 }
4954
4955 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4956 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4957 }
4958
4959 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4960 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4961 }
4962
4963 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4964 int r = 0, q = 0;
4965
4966 assert(u);
4967
4968 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4969
4970 if (uid_is_valid(uid)) {
4971 r = unit_ref_uid(u, uid, clean_ipc);
4972 if (r < 0)
4973 return r;
4974 }
4975
4976 if (gid_is_valid(gid)) {
4977 q = unit_ref_gid(u, gid, clean_ipc);
4978 if (q < 0) {
4979 if (r > 0)
4980 unit_unref_uid(u, false);
4981
4982 return q;
4983 }
4984 }
4985
4986 return r > 0 || q > 0;
4987 }
4988
4989 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4990 ExecContext *c;
4991 int r;
4992
4993 assert(u);
4994
4995 c = unit_get_exec_context(u);
4996
4997 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4998 if (r < 0)
4999 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
5000
5001 return r;
5002 }
5003
5004 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
5005 assert(u);
5006
5007 unit_unref_uid(u, destroy_now);
5008 unit_unref_gid(u, destroy_now);
5009 }
5010
5011 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
5012 int r;
5013
5014 assert(u);
5015
5016 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
5017 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
5018 * objects when no service references the UID/GID anymore. */
5019
5020 r = unit_ref_uid_gid(u, uid, gid);
5021 if (r > 0)
5022 bus_unit_send_change_signal(u);
5023 }
5024
5025 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
5026 int r;
5027
5028 assert(u);
5029
5030 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
5031
5032 if (sd_id128_equal(u->invocation_id, id))
5033 return 0;
5034
5035 if (!sd_id128_is_null(u->invocation_id))
5036 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
5037
5038 if (sd_id128_is_null(id)) {
5039 r = 0;
5040 goto reset;
5041 }
5042
5043 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
5044 if (r < 0)
5045 goto reset;
5046
5047 u->invocation_id = id;
5048 sd_id128_to_string(id, u->invocation_id_string);
5049
5050 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
5051 if (r < 0)
5052 goto reset;
5053
5054 return 0;
5055
5056 reset:
5057 u->invocation_id = SD_ID128_NULL;
5058 u->invocation_id_string[0] = 0;
5059 return r;
5060 }
5061
5062 int unit_acquire_invocation_id(Unit *u) {
5063 sd_id128_t id;
5064 int r;
5065
5066 assert(u);
5067
5068 r = sd_id128_randomize(&id);
5069 if (r < 0)
5070 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
5071
5072 r = unit_set_invocation_id(u, id);
5073 if (r < 0)
5074 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
5075
5076 return 0;
5077 }
5078
5079 void unit_set_exec_params(Unit *u, ExecParameters *p) {
5080 assert(u);
5081 assert(p);
5082
5083 /* Copy parameters from manager */
5084 p->environment = u->manager->environment;
5085 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
5086 p->cgroup_supported = u->manager->cgroup_supported;
5087 p->prefix = u->manager->prefix;
5088 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
5089
5090 /* Copy paramaters from unit */
5091 p->cgroup_path = u->cgroup_path;
5092 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
5093 }
5094
5095 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
5096 int r;
5097
5098 assert(u);
5099 assert(ret);
5100
5101 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
5102 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
5103
5104 (void) unit_realize_cgroup(u);
5105
5106 r = safe_fork(name, FORK_REOPEN_LOG, ret);
5107 if (r != 0)
5108 return r;
5109
5110 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
5111 (void) ignore_signals(SIGPIPE, -1);
5112
5113 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
5114
5115 if (u->cgroup_path) {
5116 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
5117 if (r < 0) {
5118 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
5119 _exit(EXIT_CGROUP);
5120 }
5121 }
5122
5123 return 0;
5124 }
5125
5126 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
5127 assert(u);
5128 assert(d >= 0);
5129 assert(d < _UNIT_DEPENDENCY_MAX);
5130 assert(other);
5131
5132 if (di.origin_mask == 0 && di.destination_mask == 0) {
5133 /* No bit set anymore, let's drop the whole entry */
5134 assert_se(hashmap_remove(u->dependencies[d], other));
5135 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5136 } else
5137 /* Mask was reduced, let's update the entry */
5138 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5139 }
5140
5141 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5142 UnitDependency d;
5143
5144 assert(u);
5145
5146 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5147
5148 if (mask == 0)
5149 return;
5150
5151 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5152 bool done;
5153
5154 do {
5155 UnitDependencyInfo di;
5156 Unit *other;
5157 Iterator i;
5158
5159 done = true;
5160
5161 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5162 UnitDependency q;
5163
5164 if ((di.origin_mask & ~mask) == di.origin_mask)
5165 continue;
5166 di.origin_mask &= ~mask;
5167 unit_update_dependency_mask(u, d, other, di);
5168
5169 /* We updated the dependency from our unit to the other unit now. But most dependencies
5170 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5171 * all dependency types on the other unit and delete all those which point to us and
5172 * have the right mask set. */
5173
5174 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5175 UnitDependencyInfo dj;
5176
5177 dj.data = hashmap_get(other->dependencies[q], u);
5178 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5179 continue;
5180 dj.destination_mask &= ~mask;
5181
5182 unit_update_dependency_mask(other, q, u, dj);
5183 }
5184
5185 unit_add_to_gc_queue(other);
5186
5187 done = false;
5188 break;
5189 }
5190
5191 } while (!done);
5192 }
5193 }
5194
5195 static int unit_export_invocation_id(Unit *u) {
5196 const char *p;
5197 int r;
5198
5199 assert(u);
5200
5201 if (u->exported_invocation_id)
5202 return 0;
5203
5204 if (sd_id128_is_null(u->invocation_id))
5205 return 0;
5206
5207 p = strjoina("/run/systemd/units/invocation:", u->id);
5208 r = symlink_atomic(u->invocation_id_string, p);
5209 if (r < 0)
5210 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5211
5212 u->exported_invocation_id = true;
5213 return 0;
5214 }
5215
5216 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5217 const char *p;
5218 char buf[2];
5219 int r;
5220
5221 assert(u);
5222 assert(c);
5223
5224 if (u->exported_log_level_max)
5225 return 0;
5226
5227 if (c->log_level_max < 0)
5228 return 0;
5229
5230 assert(c->log_level_max <= 7);
5231
5232 buf[0] = '0' + c->log_level_max;
5233 buf[1] = 0;
5234
5235 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5236 r = symlink_atomic(buf, p);
5237 if (r < 0)
5238 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5239
5240 u->exported_log_level_max = true;
5241 return 0;
5242 }
5243
5244 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5245 _cleanup_close_ int fd = -1;
5246 struct iovec *iovec;
5247 const char *p;
5248 char *pattern;
5249 le64_t *sizes;
5250 ssize_t n;
5251 size_t i;
5252 int r;
5253
5254 if (u->exported_log_extra_fields)
5255 return 0;
5256
5257 if (c->n_log_extra_fields <= 0)
5258 return 0;
5259
5260 sizes = newa(le64_t, c->n_log_extra_fields);
5261 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5262
5263 for (i = 0; i < c->n_log_extra_fields; i++) {
5264 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5265
5266 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5267 iovec[i*2+1] = c->log_extra_fields[i];
5268 }
5269
5270 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5271 pattern = strjoina(p, ".XXXXXX");
5272
5273 fd = mkostemp_safe(pattern);
5274 if (fd < 0)
5275 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5276
5277 n = writev(fd, iovec, c->n_log_extra_fields*2);
5278 if (n < 0) {
5279 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5280 goto fail;
5281 }
5282
5283 (void) fchmod(fd, 0644);
5284
5285 if (rename(pattern, p) < 0) {
5286 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5287 goto fail;
5288 }
5289
5290 u->exported_log_extra_fields = true;
5291 return 0;
5292
5293 fail:
5294 (void) unlink(pattern);
5295 return r;
5296 }
5297
5298 static int unit_export_log_rate_limit_interval(Unit *u, const ExecContext *c) {
5299 _cleanup_free_ char *buf = NULL;
5300 const char *p;
5301 int r;
5302
5303 assert(u);
5304 assert(c);
5305
5306 if (u->exported_log_rate_limit_interval)
5307 return 0;
5308
5309 if (c->log_rate_limit_interval_usec == 0)
5310 return 0;
5311
5312 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5313
5314 if (asprintf(&buf, "%" PRIu64, c->log_rate_limit_interval_usec) < 0)
5315 return log_oom();
5316
5317 r = symlink_atomic(buf, p);
5318 if (r < 0)
5319 return log_unit_debug_errno(u, r, "Failed to create log rate limit interval symlink %s: %m", p);
5320
5321 u->exported_log_rate_limit_interval = true;
5322 return 0;
5323 }
5324
5325 static int unit_export_log_rate_limit_burst(Unit *u, const ExecContext *c) {
5326 _cleanup_free_ char *buf = NULL;
5327 const char *p;
5328 int r;
5329
5330 assert(u);
5331 assert(c);
5332
5333 if (u->exported_log_rate_limit_burst)
5334 return 0;
5335
5336 if (c->log_rate_limit_burst == 0)
5337 return 0;
5338
5339 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5340
5341 if (asprintf(&buf, "%u", c->log_rate_limit_burst) < 0)
5342 return log_oom();
5343
5344 r = symlink_atomic(buf, p);
5345 if (r < 0)
5346 return log_unit_debug_errno(u, r, "Failed to create log rate limit burst symlink %s: %m", p);
5347
5348 u->exported_log_rate_limit_burst = true;
5349 return 0;
5350 }
5351
5352 void unit_export_state_files(Unit *u) {
5353 const ExecContext *c;
5354
5355 assert(u);
5356
5357 if (!u->id)
5358 return;
5359
5360 if (!MANAGER_IS_SYSTEM(u->manager))
5361 return;
5362
5363 if (MANAGER_IS_TEST_RUN(u->manager))
5364 return;
5365
5366 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5367 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5368 * the IPC system itself and PID 1 also log to the journal.
5369 *
5370 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5371 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5372 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5373 * namespace at least.
5374 *
5375 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5376 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5377 * them with one. */
5378
5379 (void) unit_export_invocation_id(u);
5380
5381 c = unit_get_exec_context(u);
5382 if (c) {
5383 (void) unit_export_log_level_max(u, c);
5384 (void) unit_export_log_extra_fields(u, c);
5385 (void) unit_export_log_rate_limit_interval(u, c);
5386 (void) unit_export_log_rate_limit_burst(u, c);
5387 }
5388 }
5389
5390 void unit_unlink_state_files(Unit *u) {
5391 const char *p;
5392
5393 assert(u);
5394
5395 if (!u->id)
5396 return;
5397
5398 if (!MANAGER_IS_SYSTEM(u->manager))
5399 return;
5400
5401 /* Undoes the effect of unit_export_state() */
5402
5403 if (u->exported_invocation_id) {
5404 p = strjoina("/run/systemd/units/invocation:", u->id);
5405 (void) unlink(p);
5406
5407 u->exported_invocation_id = false;
5408 }
5409
5410 if (u->exported_log_level_max) {
5411 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5412 (void) unlink(p);
5413
5414 u->exported_log_level_max = false;
5415 }
5416
5417 if (u->exported_log_extra_fields) {
5418 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5419 (void) unlink(p);
5420
5421 u->exported_log_extra_fields = false;
5422 }
5423
5424 if (u->exported_log_rate_limit_interval) {
5425 p = strjoina("/run/systemd/units/log-rate-limit-interval:", u->id);
5426 (void) unlink(p);
5427
5428 u->exported_log_rate_limit_interval = false;
5429 }
5430
5431 if (u->exported_log_rate_limit_burst) {
5432 p = strjoina("/run/systemd/units/log-rate-limit-burst:", u->id);
5433 (void) unlink(p);
5434
5435 u->exported_log_rate_limit_burst = false;
5436 }
5437 }
5438
5439 int unit_prepare_exec(Unit *u) {
5440 int r;
5441
5442 assert(u);
5443
5444 /* Prepares everything so that we can fork of a process for this unit */
5445
5446 (void) unit_realize_cgroup(u);
5447
5448 if (u->reset_accounting) {
5449 (void) unit_reset_cpu_accounting(u);
5450 (void) unit_reset_ip_accounting(u);
5451 u->reset_accounting = false;
5452 }
5453
5454 unit_export_state_files(u);
5455
5456 r = unit_setup_exec_runtime(u);
5457 if (r < 0)
5458 return r;
5459
5460 r = unit_setup_dynamic_creds(u);
5461 if (r < 0)
5462 return r;
5463
5464 return 0;
5465 }
5466
5467 static void log_leftover(pid_t pid, int sig, void *userdata) {
5468 _cleanup_free_ char *comm = NULL;
5469
5470 (void) get_process_comm(pid, &comm);
5471
5472 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5473 return;
5474
5475 log_unit_warning(userdata,
5476 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5477 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5478 pid, strna(comm));
5479 }
5480
5481 void unit_warn_leftover_processes(Unit *u) {
5482 assert(u);
5483
5484 (void) unit_pick_cgroup_path(u);
5485
5486 if (!u->cgroup_path)
5487 return;
5488
5489 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5490 }
5491
5492 bool unit_needs_console(Unit *u) {
5493 ExecContext *ec;
5494 UnitActiveState state;
5495
5496 assert(u);
5497
5498 state = unit_active_state(u);
5499
5500 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5501 return false;
5502
5503 if (UNIT_VTABLE(u)->needs_console)
5504 return UNIT_VTABLE(u)->needs_console(u);
5505
5506 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5507 ec = unit_get_exec_context(u);
5508 if (!ec)
5509 return false;
5510
5511 return exec_context_may_touch_console(ec);
5512 }
5513
5514 const char *unit_label_path(Unit *u) {
5515 const char *p;
5516
5517 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5518 * when validating access checks. */
5519
5520 p = u->source_path ?: u->fragment_path;
5521 if (!p)
5522 return NULL;
5523
5524 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5525 if (path_equal(p, "/dev/null"))
5526 return NULL;
5527
5528 return p;
5529 }
5530
5531 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5532 int r;
5533
5534 assert(u);
5535
5536 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5537 * and not a kernel thread either */
5538
5539 /* First, a simple range check */
5540 if (!pid_is_valid(pid))
5541 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5542
5543 /* Some extra safety check */
5544 if (pid == 1 || pid == getpid_cached())
5545 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager process, refusing.", pid);
5546
5547 /* Don't even begin to bother with kernel threads */
5548 r = is_kernel_thread(pid);
5549 if (r == -ESRCH)
5550 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5551 if (r < 0)
5552 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5553 if (r > 0)
5554 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5555
5556 return 0;
5557 }
5558
5559 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5560 [COLLECT_INACTIVE] = "inactive",
5561 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5562 };
5563
5564 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.