]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/core/unit.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
basic/log: add the log_struct terminator to macro
[thirdparty/systemd.git] / src / core / unit.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2010 Lennart Poettering
6 ***/
7
8 #include <errno.h>
9 #include <stdlib.h>
10 #include <string.h>
11 #include <sys/prctl.h>
12 #include <sys/stat.h>
13 #include <unistd.h>
14
15 #include "sd-id128.h"
16 #include "sd-messages.h"
17
18 #include "alloc-util.h"
19 #include "all-units.h"
20 #include "bus-common-errors.h"
21 #include "bus-util.h"
22 #include "cgroup-util.h"
23 #include "dbus-unit.h"
24 #include "dbus.h"
25 #include "dropin.h"
26 #include "escape.h"
27 #include "execute.h"
28 #include "fd-util.h"
29 #include "fileio-label.h"
30 #include "format-util.h"
31 #include "fs-util.h"
32 #include "id128-util.h"
33 #include "io-util.h"
34 #include "load-dropin.h"
35 #include "load-fragment.h"
36 #include "log.h"
37 #include "macro.h"
38 #include "missing.h"
39 #include "mkdir.h"
40 #include "parse-util.h"
41 #include "path-util.h"
42 #include "process-util.h"
43 #include "set.h"
44 #include "signal-util.h"
45 #include "sparse-endian.h"
46 #include "special.h"
47 #include "specifier.h"
48 #include "stat-util.h"
49 #include "stdio-util.h"
50 #include "string-table.h"
51 #include "string-util.h"
52 #include "strv.h"
53 #include "umask-util.h"
54 #include "unit-name.h"
55 #include "unit.h"
56 #include "user-util.h"
57 #include "virt.h"
58
59 const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
60 [UNIT_SERVICE] = &service_vtable,
61 [UNIT_SOCKET] = &socket_vtable,
62 [UNIT_TARGET] = &target_vtable,
63 [UNIT_DEVICE] = &device_vtable,
64 [UNIT_MOUNT] = &mount_vtable,
65 [UNIT_AUTOMOUNT] = &automount_vtable,
66 [UNIT_SWAP] = &swap_vtable,
67 [UNIT_TIMER] = &timer_vtable,
68 [UNIT_PATH] = &path_vtable,
69 [UNIT_SLICE] = &slice_vtable,
70 [UNIT_SCOPE] = &scope_vtable,
71 };
72
73 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
74
75 Unit *unit_new(Manager *m, size_t size) {
76 Unit *u;
77
78 assert(m);
79 assert(size >= sizeof(Unit));
80
81 u = malloc0(size);
82 if (!u)
83 return NULL;
84
85 u->names = set_new(&string_hash_ops);
86 if (!u->names)
87 return mfree(u);
88
89 u->manager = m;
90 u->type = _UNIT_TYPE_INVALID;
91 u->default_dependencies = true;
92 u->unit_file_state = _UNIT_FILE_STATE_INVALID;
93 u->unit_file_preset = -1;
94 u->on_failure_job_mode = JOB_REPLACE;
95 u->cgroup_inotify_wd = -1;
96 u->job_timeout = USEC_INFINITY;
97 u->job_running_timeout = USEC_INFINITY;
98 u->ref_uid = UID_INVALID;
99 u->ref_gid = GID_INVALID;
100 u->cpu_usage_last = NSEC_INFINITY;
101 u->cgroup_bpf_state = UNIT_CGROUP_BPF_INVALIDATED;
102
103 u->ip_accounting_ingress_map_fd = -1;
104 u->ip_accounting_egress_map_fd = -1;
105 u->ipv4_allow_map_fd = -1;
106 u->ipv6_allow_map_fd = -1;
107 u->ipv4_deny_map_fd = -1;
108 u->ipv6_deny_map_fd = -1;
109
110 u->last_section_private = -1;
111
112 RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
113 RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
114
115 return u;
116 }
117
118 int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
119 _cleanup_(unit_freep) Unit *u = NULL;
120 int r;
121
122 u = unit_new(m, size);
123 if (!u)
124 return -ENOMEM;
125
126 r = unit_add_name(u, name);
127 if (r < 0)
128 return r;
129
130 *ret = TAKE_PTR(u);
131
132 return r;
133 }
134
135 bool unit_has_name(Unit *u, const char *name) {
136 assert(u);
137 assert(name);
138
139 return set_contains(u->names, (char*) name);
140 }
141
142 static void unit_init(Unit *u) {
143 CGroupContext *cc;
144 ExecContext *ec;
145 KillContext *kc;
146
147 assert(u);
148 assert(u->manager);
149 assert(u->type >= 0);
150
151 cc = unit_get_cgroup_context(u);
152 if (cc) {
153 cgroup_context_init(cc);
154
155 /* Copy in the manager defaults into the cgroup
156 * context, _before_ the rest of the settings have
157 * been initialized */
158
159 cc->cpu_accounting = u->manager->default_cpu_accounting;
160 cc->io_accounting = u->manager->default_io_accounting;
161 cc->ip_accounting = u->manager->default_ip_accounting;
162 cc->blockio_accounting = u->manager->default_blockio_accounting;
163 cc->memory_accounting = u->manager->default_memory_accounting;
164 cc->tasks_accounting = u->manager->default_tasks_accounting;
165 cc->ip_accounting = u->manager->default_ip_accounting;
166
167 if (u->type != UNIT_SLICE)
168 cc->tasks_max = u->manager->default_tasks_max;
169 }
170
171 ec = unit_get_exec_context(u);
172 if (ec) {
173 exec_context_init(ec);
174
175 ec->keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
176 EXEC_KEYRING_SHARED : EXEC_KEYRING_INHERIT;
177 }
178
179 kc = unit_get_kill_context(u);
180 if (kc)
181 kill_context_init(kc);
182
183 if (UNIT_VTABLE(u)->init)
184 UNIT_VTABLE(u)->init(u);
185 }
186
187 int unit_add_name(Unit *u, const char *text) {
188 _cleanup_free_ char *s = NULL, *i = NULL;
189 UnitType t;
190 int r;
191
192 assert(u);
193 assert(text);
194
195 if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
196
197 if (!u->instance)
198 return -EINVAL;
199
200 r = unit_name_replace_instance(text, u->instance, &s);
201 if (r < 0)
202 return r;
203 } else {
204 s = strdup(text);
205 if (!s)
206 return -ENOMEM;
207 }
208
209 if (set_contains(u->names, s))
210 return 0;
211 if (hashmap_contains(u->manager->units, s))
212 return -EEXIST;
213
214 if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
215 return -EINVAL;
216
217 t = unit_name_to_type(s);
218 if (t < 0)
219 return -EINVAL;
220
221 if (u->type != _UNIT_TYPE_INVALID && t != u->type)
222 return -EINVAL;
223
224 r = unit_name_to_instance(s, &i);
225 if (r < 0)
226 return r;
227
228 if (i && !unit_type_may_template(t))
229 return -EINVAL;
230
231 /* Ensure that this unit is either instanced or not instanced,
232 * but not both. Note that we do allow names with different
233 * instance names however! */
234 if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
235 return -EINVAL;
236
237 if (!unit_type_may_alias(t) && !set_isempty(u->names))
238 return -EEXIST;
239
240 if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
241 return -E2BIG;
242
243 r = set_put(u->names, s);
244 if (r < 0)
245 return r;
246 assert(r > 0);
247
248 r = hashmap_put(u->manager->units, s, u);
249 if (r < 0) {
250 (void) set_remove(u->names, s);
251 return r;
252 }
253
254 if (u->type == _UNIT_TYPE_INVALID) {
255 u->type = t;
256 u->id = s;
257 u->instance = TAKE_PTR(i);
258
259 LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
260
261 unit_init(u);
262 }
263
264 s = NULL;
265
266 unit_add_to_dbus_queue(u);
267 return 0;
268 }
269
270 int unit_choose_id(Unit *u, const char *name) {
271 _cleanup_free_ char *t = NULL;
272 char *s, *i;
273 int r;
274
275 assert(u);
276 assert(name);
277
278 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
279
280 if (!u->instance)
281 return -EINVAL;
282
283 r = unit_name_replace_instance(name, u->instance, &t);
284 if (r < 0)
285 return r;
286
287 name = t;
288 }
289
290 /* Selects one of the names of this unit as the id */
291 s = set_get(u->names, (char*) name);
292 if (!s)
293 return -ENOENT;
294
295 /* Determine the new instance from the new id */
296 r = unit_name_to_instance(s, &i);
297 if (r < 0)
298 return r;
299
300 u->id = s;
301
302 free(u->instance);
303 u->instance = i;
304
305 unit_add_to_dbus_queue(u);
306
307 return 0;
308 }
309
310 int unit_set_description(Unit *u, const char *description) {
311 int r;
312
313 assert(u);
314
315 r = free_and_strdup(&u->description, empty_to_null(description));
316 if (r < 0)
317 return r;
318 if (r > 0)
319 unit_add_to_dbus_queue(u);
320
321 return 0;
322 }
323
324 bool unit_may_gc(Unit *u) {
325 UnitActiveState state;
326 int r;
327
328 assert(u);
329
330 /* Checks whether the unit is ready to be unloaded for garbage collection.
331 * Returns true when the unit may be collected, and false if there's some
332 * reason to keep it loaded.
333 *
334 * References from other units are *not* checked here. Instead, this is done
335 * in unit_gc_sweep(), but using markers to properly collect dependency loops.
336 */
337
338 if (u->job)
339 return false;
340
341 if (u->nop_job)
342 return false;
343
344 state = unit_active_state(u);
345
346 /* If the unit is inactive and failed and no job is queued for it, then release its runtime resources */
347 if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
348 UNIT_VTABLE(u)->release_resources)
349 UNIT_VTABLE(u)->release_resources(u);
350
351 if (u->perpetual)
352 return false;
353
354 if (sd_bus_track_count(u->bus_track) > 0)
355 return false;
356
357 /* But we keep the unit object around for longer when it is referenced or configured to not be gc'ed */
358 switch (u->collect_mode) {
359
360 case COLLECT_INACTIVE:
361 if (state != UNIT_INACTIVE)
362 return false;
363
364 break;
365
366 case COLLECT_INACTIVE_OR_FAILED:
367 if (!IN_SET(state, UNIT_INACTIVE, UNIT_FAILED))
368 return false;
369
370 break;
371
372 default:
373 assert_not_reached("Unknown garbage collection mode");
374 }
375
376 if (u->cgroup_path) {
377 /* If the unit has a cgroup, then check whether there's anything in it. If so, we should stay
378 * around. Units with active processes should never be collected. */
379
380 r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
381 if (r < 0)
382 log_unit_debug_errno(u, r, "Failed to determine whether cgroup %s is empty: %m", u->cgroup_path);
383 if (r <= 0)
384 return false;
385 }
386
387 if (UNIT_VTABLE(u)->may_gc && !UNIT_VTABLE(u)->may_gc(u))
388 return false;
389
390 return true;
391 }
392
393 void unit_add_to_load_queue(Unit *u) {
394 assert(u);
395 assert(u->type != _UNIT_TYPE_INVALID);
396
397 if (u->load_state != UNIT_STUB || u->in_load_queue)
398 return;
399
400 LIST_PREPEND(load_queue, u->manager->load_queue, u);
401 u->in_load_queue = true;
402 }
403
404 void unit_add_to_cleanup_queue(Unit *u) {
405 assert(u);
406
407 if (u->in_cleanup_queue)
408 return;
409
410 LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
411 u->in_cleanup_queue = true;
412 }
413
414 void unit_add_to_gc_queue(Unit *u) {
415 assert(u);
416
417 if (u->in_gc_queue || u->in_cleanup_queue)
418 return;
419
420 if (!unit_may_gc(u))
421 return;
422
423 LIST_PREPEND(gc_queue, u->manager->gc_unit_queue, u);
424 u->in_gc_queue = true;
425 }
426
427 void unit_add_to_dbus_queue(Unit *u) {
428 assert(u);
429 assert(u->type != _UNIT_TYPE_INVALID);
430
431 if (u->load_state == UNIT_STUB || u->in_dbus_queue)
432 return;
433
434 /* Shortcut things if nobody cares */
435 if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
436 sd_bus_track_count(u->bus_track) <= 0 &&
437 set_isempty(u->manager->private_buses)) {
438 u->sent_dbus_new_signal = true;
439 return;
440 }
441
442 LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
443 u->in_dbus_queue = true;
444 }
445
446 static void bidi_set_free(Unit *u, Hashmap *h) {
447 Unit *other;
448 Iterator i;
449 void *v;
450
451 assert(u);
452
453 /* Frees the hashmap and makes sure we are dropped from the inverse pointers */
454
455 HASHMAP_FOREACH_KEY(v, other, h, i) {
456 UnitDependency d;
457
458 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
459 hashmap_remove(other->dependencies[d], u);
460
461 unit_add_to_gc_queue(other);
462 }
463
464 hashmap_free(h);
465 }
466
467 static void unit_remove_transient(Unit *u) {
468 char **i;
469
470 assert(u);
471
472 if (!u->transient)
473 return;
474
475 if (u->fragment_path)
476 (void) unlink(u->fragment_path);
477
478 STRV_FOREACH(i, u->dropin_paths) {
479 _cleanup_free_ char *p = NULL, *pp = NULL;
480
481 p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
482 if (!p)
483 continue;
484
485 pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
486 if (!pp)
487 continue;
488
489 /* Only drop transient drop-ins */
490 if (!path_equal(u->manager->lookup_paths.transient, pp))
491 continue;
492
493 (void) unlink(*i);
494 (void) rmdir(p);
495 }
496 }
497
498 static void unit_free_requires_mounts_for(Unit *u) {
499 assert(u);
500
501 for (;;) {
502 _cleanup_free_ char *path;
503
504 path = hashmap_steal_first_key(u->requires_mounts_for);
505 if (!path)
506 break;
507 else {
508 char s[strlen(path) + 1];
509
510 PATH_FOREACH_PREFIX_MORE(s, path) {
511 char *y;
512 Set *x;
513
514 x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
515 if (!x)
516 continue;
517
518 (void) set_remove(x, u);
519
520 if (set_isempty(x)) {
521 (void) hashmap_remove(u->manager->units_requiring_mounts_for, y);
522 free(y);
523 set_free(x);
524 }
525 }
526 }
527 }
528
529 u->requires_mounts_for = hashmap_free(u->requires_mounts_for);
530 }
531
532 static void unit_done(Unit *u) {
533 ExecContext *ec;
534 CGroupContext *cc;
535
536 assert(u);
537
538 if (u->type < 0)
539 return;
540
541 if (UNIT_VTABLE(u)->done)
542 UNIT_VTABLE(u)->done(u);
543
544 ec = unit_get_exec_context(u);
545 if (ec)
546 exec_context_done(ec);
547
548 cc = unit_get_cgroup_context(u);
549 if (cc)
550 cgroup_context_done(cc);
551 }
552
553 void unit_free(Unit *u) {
554 UnitDependency d;
555 Iterator i;
556 char *t;
557
558 if (!u)
559 return;
560
561 u->transient_file = safe_fclose(u->transient_file);
562
563 if (!MANAGER_IS_RELOADING(u->manager))
564 unit_remove_transient(u);
565
566 bus_unit_send_removed_signal(u);
567
568 unit_done(u);
569
570 sd_bus_slot_unref(u->match_bus_slot);
571
572 sd_bus_track_unref(u->bus_track);
573 u->deserialized_refs = strv_free(u->deserialized_refs);
574
575 unit_free_requires_mounts_for(u);
576
577 SET_FOREACH(t, u->names, i)
578 hashmap_remove_value(u->manager->units, t, u);
579
580 if (!sd_id128_is_null(u->invocation_id))
581 hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
582
583 if (u->job) {
584 Job *j = u->job;
585 job_uninstall(j);
586 job_free(j);
587 }
588
589 if (u->nop_job) {
590 Job *j = u->nop_job;
591 job_uninstall(j);
592 job_free(j);
593 }
594
595 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
596 bidi_set_free(u, u->dependencies[d]);
597
598 if (u->on_console)
599 manager_unref_console(u->manager);
600
601 unit_release_cgroup(u);
602
603 if (!MANAGER_IS_RELOADING(u->manager))
604 unit_unlink_state_files(u);
605
606 unit_unref_uid_gid(u, false);
607
608 (void) manager_update_failed_units(u->manager, u, false);
609 set_remove(u->manager->startup_units, u);
610
611 unit_unwatch_all_pids(u);
612
613 unit_ref_unset(&u->slice);
614 while (u->refs_by_target)
615 unit_ref_unset(u->refs_by_target);
616
617 if (u->type != _UNIT_TYPE_INVALID)
618 LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
619
620 if (u->in_load_queue)
621 LIST_REMOVE(load_queue, u->manager->load_queue, u);
622
623 if (u->in_dbus_queue)
624 LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
625
626 if (u->in_gc_queue)
627 LIST_REMOVE(gc_queue, u->manager->gc_unit_queue, u);
628
629 if (u->in_cgroup_realize_queue)
630 LIST_REMOVE(cgroup_realize_queue, u->manager->cgroup_realize_queue, u);
631
632 if (u->in_cgroup_empty_queue)
633 LIST_REMOVE(cgroup_empty_queue, u->manager->cgroup_empty_queue, u);
634
635 if (u->in_cleanup_queue)
636 LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
637
638 if (u->in_target_deps_queue)
639 LIST_REMOVE(target_deps_queue, u->manager->target_deps_queue, u);
640
641 safe_close(u->ip_accounting_ingress_map_fd);
642 safe_close(u->ip_accounting_egress_map_fd);
643
644 safe_close(u->ipv4_allow_map_fd);
645 safe_close(u->ipv6_allow_map_fd);
646 safe_close(u->ipv4_deny_map_fd);
647 safe_close(u->ipv6_deny_map_fd);
648
649 bpf_program_unref(u->ip_bpf_ingress);
650 bpf_program_unref(u->ip_bpf_ingress_installed);
651 bpf_program_unref(u->ip_bpf_egress);
652 bpf_program_unref(u->ip_bpf_egress_installed);
653
654 condition_free_list(u->conditions);
655 condition_free_list(u->asserts);
656
657 free(u->description);
658 strv_free(u->documentation);
659 free(u->fragment_path);
660 free(u->source_path);
661 strv_free(u->dropin_paths);
662 free(u->instance);
663
664 free(u->job_timeout_reboot_arg);
665
666 set_free_free(u->names);
667
668 free(u->reboot_arg);
669
670 free(u);
671 }
672
673 UnitActiveState unit_active_state(Unit *u) {
674 assert(u);
675
676 if (u->load_state == UNIT_MERGED)
677 return unit_active_state(unit_follow_merge(u));
678
679 /* After a reload it might happen that a unit is not correctly
680 * loaded but still has a process around. That's why we won't
681 * shortcut failed loading to UNIT_INACTIVE_FAILED. */
682
683 return UNIT_VTABLE(u)->active_state(u);
684 }
685
686 const char* unit_sub_state_to_string(Unit *u) {
687 assert(u);
688
689 return UNIT_VTABLE(u)->sub_state_to_string(u);
690 }
691
692 static int set_complete_move(Set **s, Set **other) {
693 assert(s);
694 assert(other);
695
696 if (!other)
697 return 0;
698
699 if (*s)
700 return set_move(*s, *other);
701 else
702 *s = TAKE_PTR(*other);
703
704 return 0;
705 }
706
707 static int hashmap_complete_move(Hashmap **s, Hashmap **other) {
708 assert(s);
709 assert(other);
710
711 if (!*other)
712 return 0;
713
714 if (*s)
715 return hashmap_move(*s, *other);
716 else
717 *s = TAKE_PTR(*other);
718
719 return 0;
720 }
721
722 static int merge_names(Unit *u, Unit *other) {
723 char *t;
724 Iterator i;
725 int r;
726
727 assert(u);
728 assert(other);
729
730 r = set_complete_move(&u->names, &other->names);
731 if (r < 0)
732 return r;
733
734 set_free_free(other->names);
735 other->names = NULL;
736 other->id = NULL;
737
738 SET_FOREACH(t, u->names, i)
739 assert_se(hashmap_replace(u->manager->units, t, u) == 0);
740
741 return 0;
742 }
743
744 static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
745 unsigned n_reserve;
746
747 assert(u);
748 assert(other);
749 assert(d < _UNIT_DEPENDENCY_MAX);
750
751 /*
752 * If u does not have this dependency set allocated, there is no need
753 * to reserve anything. In that case other's set will be transferred
754 * as a whole to u by complete_move().
755 */
756 if (!u->dependencies[d])
757 return 0;
758
759 /* merge_dependencies() will skip a u-on-u dependency */
760 n_reserve = hashmap_size(other->dependencies[d]) - !!hashmap_get(other->dependencies[d], u);
761
762 return hashmap_reserve(u->dependencies[d], n_reserve);
763 }
764
765 static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
766 Iterator i;
767 Unit *back;
768 void *v;
769 int r;
770
771 /* Merges all dependencies of type 'd' of the unit 'other' into the deps of the unit 'u' */
772
773 assert(u);
774 assert(other);
775 assert(d < _UNIT_DEPENDENCY_MAX);
776
777 /* Fix backwards pointers. Let's iterate through all dependendent units of the other unit. */
778 HASHMAP_FOREACH_KEY(v, back, other->dependencies[d], i) {
779 UnitDependency k;
780
781 /* Let's now iterate through the dependencies of that dependencies of the other units, looking for
782 * pointers back, and let's fix them up, to instead point to 'u'. */
783
784 for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
785 if (back == u) {
786 /* Do not add dependencies between u and itself. */
787 if (hashmap_remove(back->dependencies[k], other))
788 maybe_warn_about_dependency(u, other_id, k);
789 } else {
790 UnitDependencyInfo di_u, di_other, di_merged;
791
792 /* Let's drop this dependency between "back" and "other", and let's create it between
793 * "back" and "u" instead. Let's merge the bit masks of the dependency we are moving,
794 * and any such dependency which might already exist */
795
796 di_other.data = hashmap_get(back->dependencies[k], other);
797 if (!di_other.data)
798 continue; /* dependency isn't set, let's try the next one */
799
800 di_u.data = hashmap_get(back->dependencies[k], u);
801
802 di_merged = (UnitDependencyInfo) {
803 .origin_mask = di_u.origin_mask | di_other.origin_mask,
804 .destination_mask = di_u.destination_mask | di_other.destination_mask,
805 };
806
807 r = hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data);
808 if (r < 0)
809 log_warning_errno(r, "Failed to remove/replace: back=%s other=%s u=%s: %m", back->id, other_id, u->id);
810 assert(r >= 0);
811
812 /* assert_se(hashmap_remove_and_replace(back->dependencies[k], other, u, di_merged.data) >= 0); */
813 }
814 }
815
816 }
817
818 /* Also do not move dependencies on u to itself */
819 back = hashmap_remove(other->dependencies[d], u);
820 if (back)
821 maybe_warn_about_dependency(u, other_id, d);
822
823 /* The move cannot fail. The caller must have performed a reservation. */
824 assert_se(hashmap_complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
825
826 other->dependencies[d] = hashmap_free(other->dependencies[d]);
827 }
828
829 int unit_merge(Unit *u, Unit *other) {
830 UnitDependency d;
831 const char *other_id = NULL;
832 int r;
833
834 assert(u);
835 assert(other);
836 assert(u->manager == other->manager);
837 assert(u->type != _UNIT_TYPE_INVALID);
838
839 other = unit_follow_merge(other);
840
841 if (other == u)
842 return 0;
843
844 if (u->type != other->type)
845 return -EINVAL;
846
847 if (!u->instance != !other->instance)
848 return -EINVAL;
849
850 if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
851 return -EEXIST;
852
853 if (!IN_SET(other->load_state, UNIT_STUB, UNIT_NOT_FOUND))
854 return -EEXIST;
855
856 if (other->job)
857 return -EEXIST;
858
859 if (other->nop_job)
860 return -EEXIST;
861
862 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
863 return -EEXIST;
864
865 if (other->id)
866 other_id = strdupa(other->id);
867
868 /* Make reservations to ensure merge_dependencies() won't fail */
869 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
870 r = reserve_dependencies(u, other, d);
871 /*
872 * We don't rollback reservations if we fail. We don't have
873 * a way to undo reservations. A reservation is not a leak.
874 */
875 if (r < 0)
876 return r;
877 }
878
879 /* Merge names */
880 r = merge_names(u, other);
881 if (r < 0)
882 return r;
883
884 /* Redirect all references */
885 while (other->refs_by_target)
886 unit_ref_set(other->refs_by_target, other->refs_by_target->source, u);
887
888 /* Merge dependencies */
889 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
890 merge_dependencies(u, other, other_id, d);
891
892 other->load_state = UNIT_MERGED;
893 other->merged_into = u;
894
895 /* If there is still some data attached to the other node, we
896 * don't need it anymore, and can free it. */
897 if (other->load_state != UNIT_STUB)
898 if (UNIT_VTABLE(other)->done)
899 UNIT_VTABLE(other)->done(other);
900
901 unit_add_to_dbus_queue(u);
902 unit_add_to_cleanup_queue(other);
903
904 return 0;
905 }
906
907 int unit_merge_by_name(Unit *u, const char *name) {
908 _cleanup_free_ char *s = NULL;
909 Unit *other;
910 int r;
911
912 assert(u);
913 assert(name);
914
915 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
916 if (!u->instance)
917 return -EINVAL;
918
919 r = unit_name_replace_instance(name, u->instance, &s);
920 if (r < 0)
921 return r;
922
923 name = s;
924 }
925
926 other = manager_get_unit(u->manager, name);
927 if (other)
928 return unit_merge(u, other);
929
930 return unit_add_name(u, name);
931 }
932
933 Unit* unit_follow_merge(Unit *u) {
934 assert(u);
935
936 while (u->load_state == UNIT_MERGED)
937 assert_se(u = u->merged_into);
938
939 return u;
940 }
941
942 int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
943 ExecDirectoryType dt;
944 char **dp;
945 int r;
946
947 assert(u);
948 assert(c);
949
950 if (c->working_directory) {
951 r = unit_require_mounts_for(u, c->working_directory, UNIT_DEPENDENCY_FILE);
952 if (r < 0)
953 return r;
954 }
955
956 if (c->root_directory) {
957 r = unit_require_mounts_for(u, c->root_directory, UNIT_DEPENDENCY_FILE);
958 if (r < 0)
959 return r;
960 }
961
962 if (c->root_image) {
963 r = unit_require_mounts_for(u, c->root_image, UNIT_DEPENDENCY_FILE);
964 if (r < 0)
965 return r;
966 }
967
968 for (dt = 0; dt < _EXEC_DIRECTORY_TYPE_MAX; dt++) {
969 if (!u->manager->prefix[dt])
970 continue;
971
972 STRV_FOREACH(dp, c->directories[dt].paths) {
973 _cleanup_free_ char *p;
974
975 p = strjoin(u->manager->prefix[dt], "/", *dp);
976 if (!p)
977 return -ENOMEM;
978
979 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
980 if (r < 0)
981 return r;
982 }
983 }
984
985 if (!MANAGER_IS_SYSTEM(u->manager))
986 return 0;
987
988 if (c->private_tmp) {
989 const char *p;
990
991 FOREACH_STRING(p, "/tmp", "/var/tmp") {
992 r = unit_require_mounts_for(u, p, UNIT_DEPENDENCY_FILE);
993 if (r < 0)
994 return r;
995 }
996
997 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_TMPFILES_SETUP_SERVICE, NULL, true, UNIT_DEPENDENCY_FILE);
998 if (r < 0)
999 return r;
1000 }
1001
1002 if (!IN_SET(c->std_output,
1003 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1004 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1005 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
1006 !IN_SET(c->std_error,
1007 EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
1008 EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
1009 EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
1010 return 0;
1011
1012 /* If syslog or kernel logging is requested, make sure our own
1013 * logging daemon is run first. */
1014
1015 r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true, UNIT_DEPENDENCY_FILE);
1016 if (r < 0)
1017 return r;
1018
1019 return 0;
1020 }
1021
1022 const char *unit_description(Unit *u) {
1023 assert(u);
1024
1025 if (u->description)
1026 return u->description;
1027
1028 return strna(u->id);
1029 }
1030
1031 static void print_unit_dependency_mask(FILE *f, const char *kind, UnitDependencyMask mask, bool *space) {
1032 const struct {
1033 UnitDependencyMask mask;
1034 const char *name;
1035 } table[] = {
1036 { UNIT_DEPENDENCY_FILE, "file" },
1037 { UNIT_DEPENDENCY_IMPLICIT, "implicit" },
1038 { UNIT_DEPENDENCY_DEFAULT, "default" },
1039 { UNIT_DEPENDENCY_UDEV, "udev" },
1040 { UNIT_DEPENDENCY_PATH, "path" },
1041 { UNIT_DEPENDENCY_MOUNTINFO_IMPLICIT, "mountinfo-implicit" },
1042 { UNIT_DEPENDENCY_MOUNTINFO_DEFAULT, "mountinfo-default" },
1043 { UNIT_DEPENDENCY_PROC_SWAP, "proc-swap" },
1044 };
1045 size_t i;
1046
1047 assert(f);
1048 assert(kind);
1049 assert(space);
1050
1051 for (i = 0; i < ELEMENTSOF(table); i++) {
1052
1053 if (mask == 0)
1054 break;
1055
1056 if (FLAGS_SET(mask, table[i].mask)) {
1057 if (*space)
1058 fputc(' ', f);
1059 else
1060 *space = true;
1061
1062 fputs(kind, f);
1063 fputs("-", f);
1064 fputs(table[i].name, f);
1065
1066 mask &= ~table[i].mask;
1067 }
1068 }
1069
1070 assert(mask == 0);
1071 }
1072
1073 void unit_dump(Unit *u, FILE *f, const char *prefix) {
1074 char *t, **j;
1075 UnitDependency d;
1076 Iterator i;
1077 const char *prefix2;
1078 char
1079 timestamp0[FORMAT_TIMESTAMP_MAX],
1080 timestamp1[FORMAT_TIMESTAMP_MAX],
1081 timestamp2[FORMAT_TIMESTAMP_MAX],
1082 timestamp3[FORMAT_TIMESTAMP_MAX],
1083 timestamp4[FORMAT_TIMESTAMP_MAX],
1084 timespan[FORMAT_TIMESPAN_MAX];
1085 Unit *following;
1086 _cleanup_set_free_ Set *following_set = NULL;
1087 const char *n;
1088 CGroupMask m;
1089 int r;
1090
1091 assert(u);
1092 assert(u->type >= 0);
1093
1094 prefix = strempty(prefix);
1095 prefix2 = strjoina(prefix, "\t");
1096
1097 fprintf(f,
1098 "%s-> Unit %s:\n"
1099 "%s\tDescription: %s\n"
1100 "%s\tInstance: %s\n"
1101 "%s\tUnit Load State: %s\n"
1102 "%s\tUnit Active State: %s\n"
1103 "%s\tState Change Timestamp: %s\n"
1104 "%s\tInactive Exit Timestamp: %s\n"
1105 "%s\tActive Enter Timestamp: %s\n"
1106 "%s\tActive Exit Timestamp: %s\n"
1107 "%s\tInactive Enter Timestamp: %s\n"
1108 "%s\tMay GC: %s\n"
1109 "%s\tNeed Daemon Reload: %s\n"
1110 "%s\tTransient: %s\n"
1111 "%s\tPerpetual: %s\n"
1112 "%s\tGarbage Collection Mode: %s\n"
1113 "%s\tSlice: %s\n"
1114 "%s\tCGroup: %s\n"
1115 "%s\tCGroup realized: %s\n",
1116 prefix, u->id,
1117 prefix, unit_description(u),
1118 prefix, strna(u->instance),
1119 prefix, unit_load_state_to_string(u->load_state),
1120 prefix, unit_active_state_to_string(unit_active_state(u)),
1121 prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
1122 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
1123 prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
1124 prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
1125 prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
1126 prefix, yes_no(unit_may_gc(u)),
1127 prefix, yes_no(unit_need_daemon_reload(u)),
1128 prefix, yes_no(u->transient),
1129 prefix, yes_no(u->perpetual),
1130 prefix, collect_mode_to_string(u->collect_mode),
1131 prefix, strna(unit_slice_name(u)),
1132 prefix, strna(u->cgroup_path),
1133 prefix, yes_no(u->cgroup_realized));
1134
1135 if (u->cgroup_realized_mask != 0) {
1136 _cleanup_free_ char *s = NULL;
1137 (void) cg_mask_to_string(u->cgroup_realized_mask, &s);
1138 fprintf(f, "%s\tCGroup realized mask: %s\n", prefix, strnull(s));
1139 }
1140 if (u->cgroup_enabled_mask != 0) {
1141 _cleanup_free_ char *s = NULL;
1142 (void) cg_mask_to_string(u->cgroup_enabled_mask, &s);
1143 fprintf(f, "%s\tCGroup enabled mask: %s\n", prefix, strnull(s));
1144 }
1145 m = unit_get_own_mask(u);
1146 if (m != 0) {
1147 _cleanup_free_ char *s = NULL;
1148 (void) cg_mask_to_string(m, &s);
1149 fprintf(f, "%s\tCGroup own mask: %s\n", prefix, strnull(s));
1150 }
1151 m = unit_get_members_mask(u);
1152 if (m != 0) {
1153 _cleanup_free_ char *s = NULL;
1154 (void) cg_mask_to_string(m, &s);
1155 fprintf(f, "%s\tCGroup members mask: %s\n", prefix, strnull(s));
1156 }
1157
1158 SET_FOREACH(t, u->names, i)
1159 fprintf(f, "%s\tName: %s\n", prefix, t);
1160
1161 if (!sd_id128_is_null(u->invocation_id))
1162 fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
1163 prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
1164
1165 STRV_FOREACH(j, u->documentation)
1166 fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
1167
1168 following = unit_following(u);
1169 if (following)
1170 fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
1171
1172 r = unit_following_set(u, &following_set);
1173 if (r >= 0) {
1174 Unit *other;
1175
1176 SET_FOREACH(other, following_set, i)
1177 fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
1178 }
1179
1180 if (u->fragment_path)
1181 fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
1182
1183 if (u->source_path)
1184 fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
1185
1186 STRV_FOREACH(j, u->dropin_paths)
1187 fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
1188
1189 if (u->failure_action != EMERGENCY_ACTION_NONE)
1190 fprintf(f, "%s\tFailure Action: %s\n", prefix, emergency_action_to_string(u->failure_action));
1191 if (u->success_action != EMERGENCY_ACTION_NONE)
1192 fprintf(f, "%s\tSuccess Action: %s\n", prefix, emergency_action_to_string(u->success_action));
1193
1194 if (u->job_timeout != USEC_INFINITY)
1195 fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
1196
1197 if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
1198 fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
1199
1200 if (u->job_timeout_reboot_arg)
1201 fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
1202
1203 condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
1204 condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
1205
1206 if (dual_timestamp_is_set(&u->condition_timestamp))
1207 fprintf(f,
1208 "%s\tCondition Timestamp: %s\n"
1209 "%s\tCondition Result: %s\n",
1210 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
1211 prefix, yes_no(u->condition_result));
1212
1213 if (dual_timestamp_is_set(&u->assert_timestamp))
1214 fprintf(f,
1215 "%s\tAssert Timestamp: %s\n"
1216 "%s\tAssert Result: %s\n",
1217 prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
1218 prefix, yes_no(u->assert_result));
1219
1220 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
1221 UnitDependencyInfo di;
1222 Unit *other;
1223
1224 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
1225 bool space = false;
1226
1227 fprintf(f, "%s\t%s: %s (", prefix, unit_dependency_to_string(d), other->id);
1228
1229 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1230 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1231
1232 fputs(")\n", f);
1233 }
1234 }
1235
1236 if (!hashmap_isempty(u->requires_mounts_for)) {
1237 UnitDependencyInfo di;
1238 const char *path;
1239
1240 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1241 bool space = false;
1242
1243 fprintf(f, "%s\tRequiresMountsFor: %s (", prefix, path);
1244
1245 print_unit_dependency_mask(f, "origin", di.origin_mask, &space);
1246 print_unit_dependency_mask(f, "destination", di.destination_mask, &space);
1247
1248 fputs(")\n", f);
1249 }
1250 }
1251
1252 if (u->load_state == UNIT_LOADED) {
1253
1254 fprintf(f,
1255 "%s\tStopWhenUnneeded: %s\n"
1256 "%s\tRefuseManualStart: %s\n"
1257 "%s\tRefuseManualStop: %s\n"
1258 "%s\tDefaultDependencies: %s\n"
1259 "%s\tOnFailureJobMode: %s\n"
1260 "%s\tIgnoreOnIsolate: %s\n",
1261 prefix, yes_no(u->stop_when_unneeded),
1262 prefix, yes_no(u->refuse_manual_start),
1263 prefix, yes_no(u->refuse_manual_stop),
1264 prefix, yes_no(u->default_dependencies),
1265 prefix, job_mode_to_string(u->on_failure_job_mode),
1266 prefix, yes_no(u->ignore_on_isolate));
1267
1268 if (UNIT_VTABLE(u)->dump)
1269 UNIT_VTABLE(u)->dump(u, f, prefix2);
1270
1271 } else if (u->load_state == UNIT_MERGED)
1272 fprintf(f,
1273 "%s\tMerged into: %s\n",
1274 prefix, u->merged_into->id);
1275 else if (u->load_state == UNIT_ERROR)
1276 fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
1277
1278 for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
1279 fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
1280
1281 if (u->job)
1282 job_dump(u->job, f, prefix2);
1283
1284 if (u->nop_job)
1285 job_dump(u->nop_job, f, prefix2);
1286 }
1287
1288 /* Common implementation for multiple backends */
1289 int unit_load_fragment_and_dropin(Unit *u) {
1290 int r;
1291
1292 assert(u);
1293
1294 /* Load a .{service,socket,...} file */
1295 r = unit_load_fragment(u);
1296 if (r < 0)
1297 return r;
1298
1299 if (u->load_state == UNIT_STUB)
1300 return -ENOENT;
1301
1302 /* Load drop-in directory data. If u is an alias, we might be reloading the
1303 * target unit needlessly. But we cannot be sure which drops-ins have already
1304 * been loaded and which not, at least without doing complicated book-keeping,
1305 * so let's always reread all drop-ins. */
1306 return unit_load_dropin(unit_follow_merge(u));
1307 }
1308
1309 /* Common implementation for multiple backends */
1310 int unit_load_fragment_and_dropin_optional(Unit *u) {
1311 int r;
1312
1313 assert(u);
1314
1315 /* Same as unit_load_fragment_and_dropin(), but whether
1316 * something can be loaded or not doesn't matter. */
1317
1318 /* Load a .service/.socket/.slice/… file */
1319 r = unit_load_fragment(u);
1320 if (r < 0)
1321 return r;
1322
1323 if (u->load_state == UNIT_STUB)
1324 u->load_state = UNIT_LOADED;
1325
1326 /* Load drop-in directory data */
1327 return unit_load_dropin(unit_follow_merge(u));
1328 }
1329
1330 void unit_add_to_target_deps_queue(Unit *u) {
1331 Manager *m = u->manager;
1332
1333 assert(u);
1334
1335 if (u->in_target_deps_queue)
1336 return;
1337
1338 LIST_PREPEND(target_deps_queue, m->target_deps_queue, u);
1339 u->in_target_deps_queue = true;
1340 }
1341
1342 int unit_add_default_target_dependency(Unit *u, Unit *target) {
1343 assert(u);
1344 assert(target);
1345
1346 if (target->type != UNIT_TARGET)
1347 return 0;
1348
1349 /* Only add the dependency if both units are loaded, so that
1350 * that loop check below is reliable */
1351 if (u->load_state != UNIT_LOADED ||
1352 target->load_state != UNIT_LOADED)
1353 return 0;
1354
1355 /* If either side wants no automatic dependencies, then let's
1356 * skip this */
1357 if (!u->default_dependencies ||
1358 !target->default_dependencies)
1359 return 0;
1360
1361 /* Don't create loops */
1362 if (hashmap_get(target->dependencies[UNIT_BEFORE], u))
1363 return 0;
1364
1365 return unit_add_dependency(target, UNIT_AFTER, u, true, UNIT_DEPENDENCY_DEFAULT);
1366 }
1367
1368 static int unit_add_slice_dependencies(Unit *u) {
1369 UnitDependencyMask mask;
1370 assert(u);
1371
1372 if (!UNIT_HAS_CGROUP_CONTEXT(u))
1373 return 0;
1374
1375 /* Slice units are implicitly ordered against their parent slices (as this relationship is encoded in the
1376 name), while all other units are ordered based on configuration (as in their case Slice= configures the
1377 relationship). */
1378 mask = u->type == UNIT_SLICE ? UNIT_DEPENDENCY_IMPLICIT : UNIT_DEPENDENCY_FILE;
1379
1380 if (UNIT_ISSET(u->slice))
1381 return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true, mask);
1382
1383 if (unit_has_name(u, SPECIAL_ROOT_SLICE))
1384 return 0;
1385
1386 return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true, mask);
1387 }
1388
1389 static int unit_add_mount_dependencies(Unit *u) {
1390 UnitDependencyInfo di;
1391 const char *path;
1392 Iterator i;
1393 int r;
1394
1395 assert(u);
1396
1397 HASHMAP_FOREACH_KEY(di.data, path, u->requires_mounts_for, i) {
1398 char prefix[strlen(path) + 1];
1399
1400 PATH_FOREACH_PREFIX_MORE(prefix, path) {
1401 _cleanup_free_ char *p = NULL;
1402 Unit *m;
1403
1404 r = unit_name_from_path(prefix, ".mount", &p);
1405 if (r < 0)
1406 return r;
1407
1408 m = manager_get_unit(u->manager, p);
1409 if (!m) {
1410 /* Make sure to load the mount unit if
1411 * it exists. If so the dependencies
1412 * on this unit will be added later
1413 * during the loading of the mount
1414 * unit. */
1415 (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
1416 continue;
1417 }
1418 if (m == u)
1419 continue;
1420
1421 if (m->load_state != UNIT_LOADED)
1422 continue;
1423
1424 r = unit_add_dependency(u, UNIT_AFTER, m, true, di.origin_mask);
1425 if (r < 0)
1426 return r;
1427
1428 if (m->fragment_path) {
1429 r = unit_add_dependency(u, UNIT_REQUIRES, m, true, di.origin_mask);
1430 if (r < 0)
1431 return r;
1432 }
1433 }
1434 }
1435
1436 return 0;
1437 }
1438
1439 static int unit_add_startup_units(Unit *u) {
1440 CGroupContext *c;
1441 int r;
1442
1443 c = unit_get_cgroup_context(u);
1444 if (!c)
1445 return 0;
1446
1447 if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
1448 c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
1449 c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
1450 return 0;
1451
1452 r = set_ensure_allocated(&u->manager->startup_units, NULL);
1453 if (r < 0)
1454 return r;
1455
1456 return set_put(u->manager->startup_units, u);
1457 }
1458
1459 int unit_load(Unit *u) {
1460 int r;
1461
1462 assert(u);
1463
1464 if (u->in_load_queue) {
1465 LIST_REMOVE(load_queue, u->manager->load_queue, u);
1466 u->in_load_queue = false;
1467 }
1468
1469 if (u->type == _UNIT_TYPE_INVALID)
1470 return -EINVAL;
1471
1472 if (u->load_state != UNIT_STUB)
1473 return 0;
1474
1475 if (u->transient_file) {
1476 r = fflush_and_check(u->transient_file);
1477 if (r < 0)
1478 goto fail;
1479
1480 u->transient_file = safe_fclose(u->transient_file);
1481 u->fragment_mtime = now(CLOCK_REALTIME);
1482 }
1483
1484 if (UNIT_VTABLE(u)->load) {
1485 r = UNIT_VTABLE(u)->load(u);
1486 if (r < 0)
1487 goto fail;
1488 }
1489
1490 if (u->load_state == UNIT_STUB) {
1491 r = -ENOENT;
1492 goto fail;
1493 }
1494
1495 if (u->load_state == UNIT_LOADED) {
1496 unit_add_to_target_deps_queue(u);
1497
1498 r = unit_add_slice_dependencies(u);
1499 if (r < 0)
1500 goto fail;
1501
1502 r = unit_add_mount_dependencies(u);
1503 if (r < 0)
1504 goto fail;
1505
1506 r = unit_add_startup_units(u);
1507 if (r < 0)
1508 goto fail;
1509
1510 if (u->on_failure_job_mode == JOB_ISOLATE && hashmap_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
1511 log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
1512 r = -EINVAL;
1513 goto fail;
1514 }
1515
1516 if (u->job_running_timeout != USEC_INFINITY && u->job_running_timeout > u->job_timeout)
1517 log_unit_warning(u, "JobRunningTimeoutSec= is greater than JobTimeoutSec=, it has no effect.");
1518
1519 unit_update_cgroup_members_masks(u);
1520 }
1521
1522 assert((u->load_state != UNIT_MERGED) == !u->merged_into);
1523
1524 unit_add_to_dbus_queue(unit_follow_merge(u));
1525 unit_add_to_gc_queue(u);
1526
1527 return 0;
1528
1529 fail:
1530 u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
1531 u->load_error = r;
1532 unit_add_to_dbus_queue(u);
1533 unit_add_to_gc_queue(u);
1534
1535 log_unit_debug_errno(u, r, "Failed to load configuration: %m");
1536
1537 return r;
1538 }
1539
1540 static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
1541 Condition *c;
1542 int triggered = -1;
1543
1544 assert(u);
1545 assert(to_string);
1546
1547 /* If the condition list is empty, then it is true */
1548 if (!first)
1549 return true;
1550
1551 /* Otherwise, if all of the non-trigger conditions apply and
1552 * if any of the trigger conditions apply (unless there are
1553 * none) we return true */
1554 LIST_FOREACH(conditions, c, first) {
1555 int r;
1556
1557 r = condition_test(c);
1558 if (r < 0)
1559 log_unit_warning(u,
1560 "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
1561 to_string(c->type),
1562 c->trigger ? "|" : "",
1563 c->negate ? "!" : "",
1564 c->parameter);
1565 else
1566 log_unit_debug(u,
1567 "%s=%s%s%s %s.",
1568 to_string(c->type),
1569 c->trigger ? "|" : "",
1570 c->negate ? "!" : "",
1571 c->parameter,
1572 condition_result_to_string(c->result));
1573
1574 if (!c->trigger && r <= 0)
1575 return false;
1576
1577 if (c->trigger && triggered <= 0)
1578 triggered = r > 0;
1579 }
1580
1581 return triggered != 0;
1582 }
1583
1584 static bool unit_condition_test(Unit *u) {
1585 assert(u);
1586
1587 dual_timestamp_get(&u->condition_timestamp);
1588 u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
1589
1590 return u->condition_result;
1591 }
1592
1593 static bool unit_assert_test(Unit *u) {
1594 assert(u);
1595
1596 dual_timestamp_get(&u->assert_timestamp);
1597 u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
1598
1599 return u->assert_result;
1600 }
1601
1602 void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
1603 DISABLE_WARNING_FORMAT_NONLITERAL;
1604 manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
1605 REENABLE_WARNING;
1606 }
1607
1608 _pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
1609 const char *format;
1610 const UnitStatusMessageFormats *format_table;
1611
1612 assert(u);
1613 assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
1614
1615 if (t != JOB_RELOAD) {
1616 format_table = &UNIT_VTABLE(u)->status_message_formats;
1617 if (format_table) {
1618 format = format_table->starting_stopping[t == JOB_STOP];
1619 if (format)
1620 return format;
1621 }
1622 }
1623
1624 /* Return generic strings */
1625 if (t == JOB_START)
1626 return "Starting %s.";
1627 else if (t == JOB_STOP)
1628 return "Stopping %s.";
1629 else
1630 return "Reloading %s.";
1631 }
1632
1633 static void unit_status_print_starting_stopping(Unit *u, JobType t) {
1634 const char *format;
1635
1636 assert(u);
1637
1638 /* Reload status messages have traditionally not been printed to console. */
1639 if (!IN_SET(t, JOB_START, JOB_STOP))
1640 return;
1641
1642 format = unit_get_status_message_format(u, t);
1643
1644 DISABLE_WARNING_FORMAT_NONLITERAL;
1645 unit_status_printf(u, "", format);
1646 REENABLE_WARNING;
1647 }
1648
1649 static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
1650 const char *format, *mid;
1651 char buf[LINE_MAX];
1652
1653 assert(u);
1654
1655 if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
1656 return;
1657
1658 if (log_on_console())
1659 return;
1660
1661 /* We log status messages for all units and all operations. */
1662
1663 format = unit_get_status_message_format(u, t);
1664
1665 DISABLE_WARNING_FORMAT_NONLITERAL;
1666 (void) snprintf(buf, sizeof buf, format, unit_description(u));
1667 REENABLE_WARNING;
1668
1669 mid = t == JOB_START ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STARTING_STR :
1670 t == JOB_STOP ? "MESSAGE_ID=" SD_MESSAGE_UNIT_STOPPING_STR :
1671 "MESSAGE_ID=" SD_MESSAGE_UNIT_RELOADING_STR;
1672
1673 /* Note that we deliberately use LOG_MESSAGE() instead of
1674 * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
1675 * closely what is written to screen using the status output,
1676 * which is supposed the highest level, friendliest output
1677 * possible, which means we should avoid the low-level unit
1678 * name. */
1679 log_struct(LOG_INFO,
1680 LOG_MESSAGE("%s", buf),
1681 LOG_UNIT_ID(u),
1682 LOG_UNIT_INVOCATION_ID(u),
1683 mid);
1684 }
1685
1686 void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
1687 assert(u);
1688 assert(t >= 0);
1689 assert(t < _JOB_TYPE_MAX);
1690
1691 unit_status_log_starting_stopping_reloading(u, t);
1692 unit_status_print_starting_stopping(u, t);
1693 }
1694
1695 int unit_start_limit_test(Unit *u) {
1696 assert(u);
1697
1698 if (ratelimit_below(&u->start_limit)) {
1699 u->start_limit_hit = false;
1700 return 0;
1701 }
1702
1703 log_unit_warning(u, "Start request repeated too quickly.");
1704 u->start_limit_hit = true;
1705
1706 return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
1707 }
1708
1709 bool unit_shall_confirm_spawn(Unit *u) {
1710 assert(u);
1711
1712 if (manager_is_confirm_spawn_disabled(u->manager))
1713 return false;
1714
1715 /* For some reasons units remaining in the same process group
1716 * as PID 1 fail to acquire the console even if it's not used
1717 * by any process. So skip the confirmation question for them. */
1718 return !unit_get_exec_context(u)->same_pgrp;
1719 }
1720
1721 static bool unit_verify_deps(Unit *u) {
1722 Unit *other;
1723 Iterator j;
1724 void *v;
1725
1726 assert(u);
1727
1728 /* Checks whether all BindsTo= dependencies of this unit are fulfilled — if they are also combined with
1729 * After=. We do not check Requires= or Requisite= here as they only should have an effect on the job
1730 * processing, but do not have any effect afterwards. We don't check BindsTo= dependencies that are not used in
1731 * conjunction with After= as for them any such check would make things entirely racy. */
1732
1733 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], j) {
1734
1735 if (!hashmap_contains(u->dependencies[UNIT_AFTER], other))
1736 continue;
1737
1738 if (!UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(other))) {
1739 log_unit_notice(u, "Bound to unit %s, but unit isn't active.", other->id);
1740 return false;
1741 }
1742 }
1743
1744 return true;
1745 }
1746
1747 /* Errors:
1748 * -EBADR: This unit type does not support starting.
1749 * -EALREADY: Unit is already started.
1750 * -EAGAIN: An operation is already in progress. Retry later.
1751 * -ECANCELED: Too many requests for now.
1752 * -EPROTO: Assert failed
1753 * -EINVAL: Unit not loaded
1754 * -EOPNOTSUPP: Unit type not supported
1755 * -ENOLINK: The necessary dependencies are not fulfilled.
1756 * -ESTALE: This unit has been started before and can't be started a second time
1757 */
1758 int unit_start(Unit *u) {
1759 UnitActiveState state;
1760 Unit *following;
1761
1762 assert(u);
1763
1764 /* If this is already started, then this will succeed. Note
1765 * that this will even succeed if this unit is not startable
1766 * by the user. This is relied on to detect when we need to
1767 * wait for units and when waiting is finished. */
1768 state = unit_active_state(u);
1769 if (UNIT_IS_ACTIVE_OR_RELOADING(state))
1770 return -EALREADY;
1771
1772 /* Units that aren't loaded cannot be started */
1773 if (u->load_state != UNIT_LOADED)
1774 return -EINVAL;
1775
1776 /* Refuse starting scope units more than once */
1777 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_enter_timestamp))
1778 return -ESTALE;
1779
1780 /* If the conditions failed, don't do anything at all. If we
1781 * already are activating this call might still be useful to
1782 * speed up activation in case there is some hold-off time,
1783 * but we don't want to recheck the condition in that case. */
1784 if (state != UNIT_ACTIVATING &&
1785 !unit_condition_test(u)) {
1786 log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
1787 return -EALREADY;
1788 }
1789
1790 /* If the asserts failed, fail the entire job */
1791 if (state != UNIT_ACTIVATING &&
1792 !unit_assert_test(u)) {
1793 log_unit_notice(u, "Starting requested but asserts failed.");
1794 return -EPROTO;
1795 }
1796
1797 /* Units of types that aren't supported cannot be
1798 * started. Note that we do this test only after the condition
1799 * checks, so that we rather return condition check errors
1800 * (which are usually not considered a true failure) than "not
1801 * supported" errors (which are considered a failure).
1802 */
1803 if (!unit_supported(u))
1804 return -EOPNOTSUPP;
1805
1806 /* Let's make sure that the deps really are in order before we start this. Normally the job engine should have
1807 * taken care of this already, but let's check this here again. After all, our dependencies might not be in
1808 * effect anymore, due to a reload or due to a failed condition. */
1809 if (!unit_verify_deps(u))
1810 return -ENOLINK;
1811
1812 /* Forward to the main object, if we aren't it. */
1813 following = unit_following(u);
1814 if (following) {
1815 log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
1816 return unit_start(following);
1817 }
1818
1819 /* If it is stopped, but we cannot start it, then fail */
1820 if (!UNIT_VTABLE(u)->start)
1821 return -EBADR;
1822
1823 /* We don't suppress calls to ->start() here when we are
1824 * already starting, to allow this request to be used as a
1825 * "hurry up" call, for example when the unit is in some "auto
1826 * restart" state where it waits for a holdoff timer to elapse
1827 * before it will start again. */
1828
1829 unit_add_to_dbus_queue(u);
1830
1831 return UNIT_VTABLE(u)->start(u);
1832 }
1833
1834 bool unit_can_start(Unit *u) {
1835 assert(u);
1836
1837 if (u->load_state != UNIT_LOADED)
1838 return false;
1839
1840 if (!unit_supported(u))
1841 return false;
1842
1843 /* Scope units may be started only once */
1844 if (UNIT_VTABLE(u)->once_only && dual_timestamp_is_set(&u->inactive_exit_timestamp))
1845 return false;
1846
1847 return !!UNIT_VTABLE(u)->start;
1848 }
1849
1850 bool unit_can_isolate(Unit *u) {
1851 assert(u);
1852
1853 return unit_can_start(u) &&
1854 u->allow_isolate;
1855 }
1856
1857 /* Errors:
1858 * -EBADR: This unit type does not support stopping.
1859 * -EALREADY: Unit is already stopped.
1860 * -EAGAIN: An operation is already in progress. Retry later.
1861 */
1862 int unit_stop(Unit *u) {
1863 UnitActiveState state;
1864 Unit *following;
1865
1866 assert(u);
1867
1868 state = unit_active_state(u);
1869 if (UNIT_IS_INACTIVE_OR_FAILED(state))
1870 return -EALREADY;
1871
1872 following = unit_following(u);
1873 if (following) {
1874 log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
1875 return unit_stop(following);
1876 }
1877
1878 if (!UNIT_VTABLE(u)->stop)
1879 return -EBADR;
1880
1881 unit_add_to_dbus_queue(u);
1882
1883 return UNIT_VTABLE(u)->stop(u);
1884 }
1885
1886 bool unit_can_stop(Unit *u) {
1887 assert(u);
1888
1889 if (!unit_supported(u))
1890 return false;
1891
1892 if (u->perpetual)
1893 return false;
1894
1895 return !!UNIT_VTABLE(u)->stop;
1896 }
1897
1898 /* Errors:
1899 * -EBADR: This unit type does not support reloading.
1900 * -ENOEXEC: Unit is not started.
1901 * -EAGAIN: An operation is already in progress. Retry later.
1902 */
1903 int unit_reload(Unit *u) {
1904 UnitActiveState state;
1905 Unit *following;
1906
1907 assert(u);
1908
1909 if (u->load_state != UNIT_LOADED)
1910 return -EINVAL;
1911
1912 if (!unit_can_reload(u))
1913 return -EBADR;
1914
1915 state = unit_active_state(u);
1916 if (state == UNIT_RELOADING)
1917 return -EALREADY;
1918
1919 if (state != UNIT_ACTIVE) {
1920 log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
1921 return -ENOEXEC;
1922 }
1923
1924 following = unit_following(u);
1925 if (following) {
1926 log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
1927 return unit_reload(following);
1928 }
1929
1930 unit_add_to_dbus_queue(u);
1931
1932 if (!UNIT_VTABLE(u)->reload) {
1933 /* Unit doesn't have a reload function, but we need to propagate the reload anyway */
1934 unit_notify(u, unit_active_state(u), unit_active_state(u), true);
1935 return 0;
1936 }
1937
1938 return UNIT_VTABLE(u)->reload(u);
1939 }
1940
1941 bool unit_can_reload(Unit *u) {
1942 assert(u);
1943
1944 if (UNIT_VTABLE(u)->can_reload)
1945 return UNIT_VTABLE(u)->can_reload(u);
1946
1947 if (!hashmap_isempty(u->dependencies[UNIT_PROPAGATES_RELOAD_TO]))
1948 return true;
1949
1950 return UNIT_VTABLE(u)->reload;
1951 }
1952
1953 static void unit_check_unneeded(Unit *u) {
1954
1955 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1956
1957 static const UnitDependency needed_dependencies[] = {
1958 UNIT_REQUIRED_BY,
1959 UNIT_REQUISITE_OF,
1960 UNIT_WANTED_BY,
1961 UNIT_BOUND_BY,
1962 };
1963
1964 unsigned j;
1965 int r;
1966
1967 assert(u);
1968
1969 /* If this service shall be shut down when unneeded then do
1970 * so. */
1971
1972 if (!u->stop_when_unneeded)
1973 return;
1974
1975 if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
1976 return;
1977
1978 for (j = 0; j < ELEMENTSOF(needed_dependencies); j++) {
1979 Unit *other;
1980 Iterator i;
1981 void *v;
1982
1983 HASHMAP_FOREACH_KEY(v, other, u->dependencies[needed_dependencies[j]], i)
1984 if (unit_active_or_pending(other) || unit_will_restart(other))
1985 return;
1986 }
1987
1988 /* If stopping a unit fails continuously we might enter a stop
1989 * loop here, hence stop acting on the service being
1990 * unnecessary after a while. */
1991 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
1992 log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
1993 return;
1994 }
1995
1996 log_unit_info(u, "Unit not needed anymore. Stopping.");
1997
1998 /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
1999 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2000 if (r < 0)
2001 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2002 }
2003
2004 static void unit_check_binds_to(Unit *u) {
2005 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2006 bool stop = false;
2007 Unit *other;
2008 Iterator i;
2009 void *v;
2010 int r;
2011
2012 assert(u);
2013
2014 if (u->job)
2015 return;
2016
2017 if (unit_active_state(u) != UNIT_ACTIVE)
2018 return;
2019
2020 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i) {
2021 if (other->job)
2022 continue;
2023
2024 if (!other->coldplugged)
2025 /* We might yet create a job for the other unit… */
2026 continue;
2027
2028 if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
2029 continue;
2030
2031 stop = true;
2032 break;
2033 }
2034
2035 if (!stop)
2036 return;
2037
2038 /* If stopping a unit fails continuously we might enter a stop
2039 * loop here, hence stop acting on the service being
2040 * unnecessary after a while. */
2041 if (!ratelimit_below(&u->auto_stop_ratelimit)) {
2042 log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
2043 return;
2044 }
2045
2046 assert(other);
2047 log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
2048
2049 /* A unit we need to run is gone. Sniff. Let's stop this. */
2050 r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
2051 if (r < 0)
2052 log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
2053 }
2054
2055 static void retroactively_start_dependencies(Unit *u) {
2056 Iterator i;
2057 Unit *other;
2058 void *v;
2059
2060 assert(u);
2061 assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
2062
2063 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2064 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2065 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2066 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2067
2068 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2069 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2070 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2071 manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
2072
2073 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2074 if (!hashmap_get(u->dependencies[UNIT_AFTER], other) &&
2075 !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
2076 manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
2077
2078 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTS], i)
2079 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2080 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2081
2082 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_CONFLICTED_BY], i)
2083 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2084 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2085 }
2086
2087 static void retroactively_stop_dependencies(Unit *u) {
2088 Unit *other;
2089 Iterator i;
2090 void *v;
2091
2092 assert(u);
2093 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2094
2095 /* Pull down units which are bound to us recursively if enabled */
2096 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BOUND_BY], i)
2097 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2098 manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
2099 }
2100
2101 static void check_unneeded_dependencies(Unit *u) {
2102 Unit *other;
2103 Iterator i;
2104 void *v;
2105
2106 assert(u);
2107 assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
2108
2109 /* Garbage collect services that might not be needed anymore, if enabled */
2110 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUIRES], i)
2111 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2112 unit_check_unneeded(other);
2113 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_WANTS], i)
2114 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2115 unit_check_unneeded(other);
2116 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_REQUISITE], i)
2117 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2118 unit_check_unneeded(other);
2119 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_BINDS_TO], i)
2120 if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
2121 unit_check_unneeded(other);
2122 }
2123
2124 void unit_start_on_failure(Unit *u) {
2125 Unit *other;
2126 Iterator i;
2127 void *v;
2128
2129 assert(u);
2130
2131 if (hashmap_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
2132 return;
2133
2134 log_unit_info(u, "Triggering OnFailure= dependencies.");
2135
2136 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_ON_FAILURE], i) {
2137 int r;
2138
2139 r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, NULL);
2140 if (r < 0)
2141 log_unit_error_errno(u, r, "Failed to enqueue OnFailure= job: %m");
2142 }
2143 }
2144
2145 void unit_trigger_notify(Unit *u) {
2146 Unit *other;
2147 Iterator i;
2148 void *v;
2149
2150 assert(u);
2151
2152 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_TRIGGERED_BY], i)
2153 if (UNIT_VTABLE(other)->trigger_notify)
2154 UNIT_VTABLE(other)->trigger_notify(other, u);
2155 }
2156
2157 static int unit_log_resources(Unit *u) {
2158
2159 struct iovec iovec[1 + _CGROUP_IP_ACCOUNTING_METRIC_MAX + 4];
2160 size_t n_message_parts = 0, n_iovec = 0;
2161 char* message_parts[3 + 1], *t;
2162 nsec_t nsec = NSEC_INFINITY;
2163 CGroupIPAccountingMetric m;
2164 size_t i;
2165 int r;
2166 const char* const ip_fields[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
2167 [CGROUP_IP_INGRESS_BYTES] = "IP_METRIC_INGRESS_BYTES",
2168 [CGROUP_IP_INGRESS_PACKETS] = "IP_METRIC_INGRESS_PACKETS",
2169 [CGROUP_IP_EGRESS_BYTES] = "IP_METRIC_EGRESS_BYTES",
2170 [CGROUP_IP_EGRESS_PACKETS] = "IP_METRIC_EGRESS_PACKETS",
2171 };
2172
2173 assert(u);
2174
2175 /* Invoked whenever a unit enters failed or dead state. Logs information about consumed resources if resource
2176 * accounting was enabled for a unit. It does this in two ways: a friendly human readable string with reduced
2177 * information and the complete data in structured fields. */
2178
2179 (void) unit_get_cpu_usage(u, &nsec);
2180 if (nsec != NSEC_INFINITY) {
2181 char buf[FORMAT_TIMESPAN_MAX] = "";
2182
2183 /* Format the CPU time for inclusion in the structured log message */
2184 if (asprintf(&t, "CPU_USAGE_NSEC=%" PRIu64, nsec) < 0) {
2185 r = log_oom();
2186 goto finish;
2187 }
2188 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2189
2190 /* Format the CPU time for inclusion in the human language message string */
2191 format_timespan(buf, sizeof(buf), nsec / NSEC_PER_USEC, USEC_PER_MSEC);
2192 t = strjoin(n_message_parts > 0 ? "consumed " : "Consumed ", buf, " CPU time");
2193 if (!t) {
2194 r = log_oom();
2195 goto finish;
2196 }
2197
2198 message_parts[n_message_parts++] = t;
2199 }
2200
2201 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
2202 char buf[FORMAT_BYTES_MAX] = "";
2203 uint64_t value = UINT64_MAX;
2204
2205 assert(ip_fields[m]);
2206
2207 (void) unit_get_ip_accounting(u, m, &value);
2208 if (value == UINT64_MAX)
2209 continue;
2210
2211 /* Format IP accounting data for inclusion in the structured log message */
2212 if (asprintf(&t, "%s=%" PRIu64, ip_fields[m], value) < 0) {
2213 r = log_oom();
2214 goto finish;
2215 }
2216 iovec[n_iovec++] = IOVEC_MAKE_STRING(t);
2217
2218 /* Format the IP accounting data for inclusion in the human language message string, but only for the
2219 * bytes counters (and not for the packets counters) */
2220 if (m == CGROUP_IP_INGRESS_BYTES)
2221 t = strjoin(n_message_parts > 0 ? "received " : "Received ",
2222 format_bytes(buf, sizeof(buf), value),
2223 " IP traffic");
2224 else if (m == CGROUP_IP_EGRESS_BYTES)
2225 t = strjoin(n_message_parts > 0 ? "sent " : "Sent ",
2226 format_bytes(buf, sizeof(buf), value),
2227 " IP traffic");
2228 else
2229 continue;
2230 if (!t) {
2231 r = log_oom();
2232 goto finish;
2233 }
2234
2235 message_parts[n_message_parts++] = t;
2236 }
2237
2238 /* Is there any accounting data available at all? */
2239 if (n_iovec == 0) {
2240 r = 0;
2241 goto finish;
2242 }
2243
2244 if (n_message_parts == 0)
2245 t = strjoina("MESSAGE=", u->id, ": Completed");
2246 else {
2247 _cleanup_free_ char *joined;
2248
2249 message_parts[n_message_parts] = NULL;
2250
2251 joined = strv_join(message_parts, ", ");
2252 if (!joined) {
2253 r = log_oom();
2254 goto finish;
2255 }
2256
2257 t = strjoina("MESSAGE=", u->id, ": ", joined);
2258 }
2259
2260 /* The following four fields we allocate on the stack or are static strings, we hence don't want to free them,
2261 * and hence don't increase n_iovec for them */
2262 iovec[n_iovec] = IOVEC_MAKE_STRING(t);
2263 iovec[n_iovec + 1] = IOVEC_MAKE_STRING("MESSAGE_ID=" SD_MESSAGE_UNIT_RESOURCES_STR);
2264
2265 t = strjoina(u->manager->unit_log_field, u->id);
2266 iovec[n_iovec + 2] = IOVEC_MAKE_STRING(t);
2267
2268 t = strjoina(u->manager->invocation_log_field, u->invocation_id_string);
2269 iovec[n_iovec + 3] = IOVEC_MAKE_STRING(t);
2270
2271 log_struct_iovec(LOG_INFO, iovec, n_iovec + 4);
2272 r = 0;
2273
2274 finish:
2275 for (i = 0; i < n_message_parts; i++)
2276 free(message_parts[i]);
2277
2278 for (i = 0; i < n_iovec; i++)
2279 free(iovec[i].iov_base);
2280
2281 return r;
2282
2283 }
2284
2285 static void unit_update_on_console(Unit *u) {
2286 bool b;
2287
2288 assert(u);
2289
2290 b = unit_needs_console(u);
2291 if (u->on_console == b)
2292 return;
2293
2294 u->on_console = b;
2295 if (b)
2296 manager_ref_console(u->manager);
2297 else
2298 manager_unref_console(u->manager);
2299
2300 }
2301
2302 void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
2303 bool unexpected;
2304 Manager *m;
2305
2306 assert(u);
2307 assert(os < _UNIT_ACTIVE_STATE_MAX);
2308 assert(ns < _UNIT_ACTIVE_STATE_MAX);
2309
2310 /* Note that this is called for all low-level state changes, even if they might map to the same high-level
2311 * UnitActiveState! That means that ns == os is an expected behavior here. For example: if a mount point is
2312 * remounted this function will be called too! */
2313
2314 m = u->manager;
2315
2316 /* Update timestamps for state changes */
2317 if (!MANAGER_IS_RELOADING(m)) {
2318 dual_timestamp_get(&u->state_change_timestamp);
2319
2320 if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
2321 u->inactive_exit_timestamp = u->state_change_timestamp;
2322 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
2323 u->inactive_enter_timestamp = u->state_change_timestamp;
2324
2325 if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
2326 u->active_enter_timestamp = u->state_change_timestamp;
2327 else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
2328 u->active_exit_timestamp = u->state_change_timestamp;
2329 }
2330
2331 /* Keep track of failed units */
2332 (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
2333
2334 /* Make sure the cgroup and state files are always removed when we become inactive */
2335 if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
2336 unit_prune_cgroup(u);
2337 unit_unlink_state_files(u);
2338 }
2339
2340 unit_update_on_console(u);
2341
2342 if (u->job) {
2343 unexpected = false;
2344
2345 if (u->job->state == JOB_WAITING)
2346
2347 /* So we reached a different state for this
2348 * job. Let's see if we can run it now if it
2349 * failed previously due to EAGAIN. */
2350 job_add_to_run_queue(u->job);
2351
2352 /* Let's check whether this state change constitutes a
2353 * finished job, or maybe contradicts a running job and
2354 * hence needs to invalidate jobs. */
2355
2356 switch (u->job->type) {
2357
2358 case JOB_START:
2359 case JOB_VERIFY_ACTIVE:
2360
2361 if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
2362 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2363 else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
2364 unexpected = true;
2365
2366 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2367 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2368 }
2369
2370 break;
2371
2372 case JOB_RELOAD:
2373 case JOB_RELOAD_OR_START:
2374 case JOB_TRY_RELOAD:
2375
2376 if (u->job->state == JOB_RUNNING) {
2377 if (ns == UNIT_ACTIVE)
2378 job_finish_and_invalidate(u->job, reload_success ? JOB_DONE : JOB_FAILED, true, false);
2379 else if (!IN_SET(ns, UNIT_ACTIVATING, UNIT_RELOADING)) {
2380 unexpected = true;
2381
2382 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2383 job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
2384 }
2385 }
2386
2387 break;
2388
2389 case JOB_STOP:
2390 case JOB_RESTART:
2391 case JOB_TRY_RESTART:
2392
2393 if (UNIT_IS_INACTIVE_OR_FAILED(ns))
2394 job_finish_and_invalidate(u->job, JOB_DONE, true, false);
2395 else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
2396 unexpected = true;
2397 job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
2398 }
2399
2400 break;
2401
2402 default:
2403 assert_not_reached("Job type unknown");
2404 }
2405
2406 } else
2407 unexpected = true;
2408
2409 if (!MANAGER_IS_RELOADING(m)) {
2410
2411 /* If this state change happened without being
2412 * requested by a job, then let's retroactively start
2413 * or stop dependencies. We skip that step when
2414 * deserializing, since we don't want to create any
2415 * additional jobs just because something is already
2416 * activated. */
2417
2418 if (unexpected) {
2419 if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
2420 retroactively_start_dependencies(u);
2421 else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2422 retroactively_stop_dependencies(u);
2423 }
2424
2425 /* stop unneeded units regardless if going down was expected or not */
2426 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
2427 check_unneeded_dependencies(u);
2428
2429 if (ns != os && ns == UNIT_FAILED) {
2430 log_unit_debug(u, "Unit entered failed state.");
2431 unit_start_on_failure(u);
2432 }
2433 }
2434
2435 if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
2436
2437 if (u->type == UNIT_SERVICE &&
2438 !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
2439 !MANAGER_IS_RELOADING(m)) {
2440 /* Write audit record if we have just finished starting up */
2441 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
2442 u->in_audit = true;
2443 }
2444
2445 if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
2446 manager_send_unit_plymouth(m, u);
2447
2448 } else {
2449
2450 if (UNIT_IS_INACTIVE_OR_FAILED(ns) &&
2451 !UNIT_IS_INACTIVE_OR_FAILED(os)
2452 && !MANAGER_IS_RELOADING(m)) {
2453
2454 /* This unit just stopped/failed. */
2455 if (u->type == UNIT_SERVICE) {
2456
2457 /* Hmm, if there was no start record written
2458 * write it now, so that we always have a nice
2459 * pair */
2460 if (!u->in_audit) {
2461 manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
2462
2463 if (ns == UNIT_INACTIVE)
2464 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
2465 } else
2466 /* Write audit record if we have just finished shutting down */
2467 manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
2468
2469 u->in_audit = false;
2470 }
2471
2472 /* Write a log message about consumed resources */
2473 unit_log_resources(u);
2474 }
2475 }
2476
2477 manager_recheck_journal(m);
2478 manager_recheck_dbus(m);
2479
2480 unit_trigger_notify(u);
2481
2482 if (!MANAGER_IS_RELOADING(u->manager)) {
2483 /* Maybe we finished startup and are now ready for being stopped because unneeded? */
2484 unit_check_unneeded(u);
2485
2486 /* Maybe we finished startup, but something we needed has vanished? Let's die then. (This happens when
2487 * something BindsTo= to a Type=oneshot unit, as these units go directly from starting to inactive,
2488 * without ever entering started.) */
2489 unit_check_binds_to(u);
2490
2491 if (os != UNIT_FAILED && ns == UNIT_FAILED)
2492 (void) emergency_action(u->manager, u->failure_action, u->reboot_arg, "unit failed");
2493 else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && ns == UNIT_INACTIVE)
2494 (void) emergency_action(u->manager, u->success_action, u->reboot_arg, "unit succeeded");
2495 }
2496
2497 unit_add_to_dbus_queue(u);
2498 unit_add_to_gc_queue(u);
2499 }
2500
2501 int unit_watch_pid(Unit *u, pid_t pid) {
2502 int r;
2503
2504 assert(u);
2505 assert(pid_is_valid(pid));
2506
2507 /* Watch a specific PID */
2508
2509 r = set_ensure_allocated(&u->pids, NULL);
2510 if (r < 0)
2511 return r;
2512
2513 r = hashmap_ensure_allocated(&u->manager->watch_pids, NULL);
2514 if (r < 0)
2515 return r;
2516
2517 /* First try, let's add the unit keyed by "pid". */
2518 r = hashmap_put(u->manager->watch_pids, PID_TO_PTR(pid), u);
2519 if (r == -EEXIST) {
2520 Unit **array;
2521 bool found = false;
2522 size_t n = 0;
2523
2524 /* OK, the "pid" key is already assigned to a different unit. Let's see if the "-pid" key (which points
2525 * to an array of Units rather than just a Unit), lists us already. */
2526
2527 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2528 if (array)
2529 for (; array[n]; n++)
2530 if (array[n] == u)
2531 found = true;
2532
2533 if (found) /* Found it already? if so, do nothing */
2534 r = 0;
2535 else {
2536 Unit **new_array;
2537
2538 /* Allocate a new array */
2539 new_array = new(Unit*, n + 2);
2540 if (!new_array)
2541 return -ENOMEM;
2542
2543 memcpy_safe(new_array, array, sizeof(Unit*) * n);
2544 new_array[n] = u;
2545 new_array[n+1] = NULL;
2546
2547 /* Add or replace the old array */
2548 r = hashmap_replace(u->manager->watch_pids, PID_TO_PTR(-pid), new_array);
2549 if (r < 0) {
2550 free(new_array);
2551 return r;
2552 }
2553
2554 free(array);
2555 }
2556 } else if (r < 0)
2557 return r;
2558
2559 r = set_put(u->pids, PID_TO_PTR(pid));
2560 if (r < 0)
2561 return r;
2562
2563 return 0;
2564 }
2565
2566 void unit_unwatch_pid(Unit *u, pid_t pid) {
2567 Unit **array;
2568
2569 assert(u);
2570 assert(pid_is_valid(pid));
2571
2572 /* First let's drop the unit in case it's keyed as "pid". */
2573 (void) hashmap_remove_value(u->manager->watch_pids, PID_TO_PTR(pid), u);
2574
2575 /* Then, let's also drop the unit, in case it's in the array keyed by -pid */
2576 array = hashmap_get(u->manager->watch_pids, PID_TO_PTR(-pid));
2577 if (array) {
2578 size_t n, m = 0;
2579
2580 /* Let's iterate through the array, dropping our own entry */
2581 for (n = 0; array[n]; n++)
2582 if (array[n] != u)
2583 array[m++] = array[n];
2584 array[m] = NULL;
2585
2586 if (m == 0) {
2587 /* The array is now empty, remove the entire entry */
2588 assert(hashmap_remove(u->manager->watch_pids, PID_TO_PTR(-pid)) == array);
2589 free(array);
2590 }
2591 }
2592
2593 (void) set_remove(u->pids, PID_TO_PTR(pid));
2594 }
2595
2596 void unit_unwatch_all_pids(Unit *u) {
2597 assert(u);
2598
2599 while (!set_isempty(u->pids))
2600 unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
2601
2602 u->pids = set_free(u->pids);
2603 }
2604
2605 void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
2606 Iterator i;
2607 void *e;
2608
2609 assert(u);
2610
2611 /* Cleans dead PIDs from our list */
2612
2613 SET_FOREACH(e, u->pids, i) {
2614 pid_t pid = PTR_TO_PID(e);
2615
2616 if (pid == except1 || pid == except2)
2617 continue;
2618
2619 if (!pid_is_unwaited(pid))
2620 unit_unwatch_pid(u, pid);
2621 }
2622 }
2623
2624 bool unit_job_is_applicable(Unit *u, JobType j) {
2625 assert(u);
2626 assert(j >= 0 && j < _JOB_TYPE_MAX);
2627
2628 switch (j) {
2629
2630 case JOB_VERIFY_ACTIVE:
2631 case JOB_START:
2632 case JOB_NOP:
2633 /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
2634 * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
2635 * jobs for it. */
2636 return true;
2637
2638 case JOB_STOP:
2639 /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
2640 * external events), hence it makes no sense to permit enqueing such a request either. */
2641 return !u->perpetual;
2642
2643 case JOB_RESTART:
2644 case JOB_TRY_RESTART:
2645 return unit_can_stop(u) && unit_can_start(u);
2646
2647 case JOB_RELOAD:
2648 case JOB_TRY_RELOAD:
2649 return unit_can_reload(u);
2650
2651 case JOB_RELOAD_OR_START:
2652 return unit_can_reload(u) && unit_can_start(u);
2653
2654 default:
2655 assert_not_reached("Invalid job type");
2656 }
2657 }
2658
2659 static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
2660 assert(u);
2661
2662 /* Only warn about some unit types */
2663 if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
2664 return;
2665
2666 if (streq_ptr(u->id, other))
2667 log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
2668 else
2669 log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
2670 }
2671
2672 static int unit_add_dependency_hashmap(
2673 Hashmap **h,
2674 Unit *other,
2675 UnitDependencyMask origin_mask,
2676 UnitDependencyMask destination_mask) {
2677
2678 UnitDependencyInfo info;
2679 int r;
2680
2681 assert(h);
2682 assert(other);
2683 assert(origin_mask < _UNIT_DEPENDENCY_MASK_FULL);
2684 assert(destination_mask < _UNIT_DEPENDENCY_MASK_FULL);
2685 assert(origin_mask > 0 || destination_mask > 0);
2686
2687 r = hashmap_ensure_allocated(h, NULL);
2688 if (r < 0)
2689 return r;
2690
2691 assert_cc(sizeof(void*) == sizeof(info));
2692
2693 info.data = hashmap_get(*h, other);
2694 if (info.data) {
2695 /* Entry already exists. Add in our mask. */
2696
2697 if (FLAGS_SET(origin_mask, info.origin_mask) &&
2698 FLAGS_SET(destination_mask, info.destination_mask))
2699 return 0; /* NOP */
2700
2701 info.origin_mask |= origin_mask;
2702 info.destination_mask |= destination_mask;
2703
2704 r = hashmap_update(*h, other, info.data);
2705 } else {
2706 info = (UnitDependencyInfo) {
2707 .origin_mask = origin_mask,
2708 .destination_mask = destination_mask,
2709 };
2710
2711 r = hashmap_put(*h, other, info.data);
2712 }
2713 if (r < 0)
2714 return r;
2715
2716 return 1;
2717 }
2718
2719 int unit_add_dependency(
2720 Unit *u,
2721 UnitDependency d,
2722 Unit *other,
2723 bool add_reference,
2724 UnitDependencyMask mask) {
2725
2726 static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
2727 [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
2728 [UNIT_WANTS] = UNIT_WANTED_BY,
2729 [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
2730 [UNIT_BINDS_TO] = UNIT_BOUND_BY,
2731 [UNIT_PART_OF] = UNIT_CONSISTS_OF,
2732 [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
2733 [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
2734 [UNIT_WANTED_BY] = UNIT_WANTS,
2735 [UNIT_BOUND_BY] = UNIT_BINDS_TO,
2736 [UNIT_CONSISTS_OF] = UNIT_PART_OF,
2737 [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
2738 [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
2739 [UNIT_BEFORE] = UNIT_AFTER,
2740 [UNIT_AFTER] = UNIT_BEFORE,
2741 [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
2742 [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
2743 [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
2744 [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
2745 [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
2746 [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
2747 [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
2748 [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
2749 };
2750 Unit *original_u = u, *original_other = other;
2751 int r;
2752
2753 assert(u);
2754 assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
2755 assert(other);
2756
2757 u = unit_follow_merge(u);
2758 other = unit_follow_merge(other);
2759
2760 /* We won't allow dependencies on ourselves. We will not
2761 * consider them an error however. */
2762 if (u == other) {
2763 maybe_warn_about_dependency(original_u, original_other->id, d);
2764 return 0;
2765 }
2766
2767 if ((d == UNIT_BEFORE && other->type == UNIT_DEVICE) ||
2768 (d == UNIT_AFTER && u->type == UNIT_DEVICE)) {
2769 log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
2770 return 0;
2771 }
2772
2773 r = unit_add_dependency_hashmap(u->dependencies + d, other, mask, 0);
2774 if (r < 0)
2775 return r;
2776
2777 if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
2778 r = unit_add_dependency_hashmap(other->dependencies + inverse_table[d], u, 0, mask);
2779 if (r < 0)
2780 return r;
2781 }
2782
2783 if (add_reference) {
2784 r = unit_add_dependency_hashmap(u->dependencies + UNIT_REFERENCES, other, mask, 0);
2785 if (r < 0)
2786 return r;
2787
2788 r = unit_add_dependency_hashmap(other->dependencies + UNIT_REFERENCED_BY, u, 0, mask);
2789 if (r < 0)
2790 return r;
2791 }
2792
2793 unit_add_to_dbus_queue(u);
2794 return 0;
2795 }
2796
2797 int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference, UnitDependencyMask mask) {
2798 int r;
2799
2800 assert(u);
2801
2802 r = unit_add_dependency(u, d, other, add_reference, mask);
2803 if (r < 0)
2804 return r;
2805
2806 return unit_add_dependency(u, e, other, add_reference, mask);
2807 }
2808
2809 static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
2810 int r;
2811
2812 assert(u);
2813 assert(name || path);
2814 assert(buf);
2815 assert(ret);
2816
2817 if (!name)
2818 name = basename(path);
2819
2820 if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
2821 *buf = NULL;
2822 *ret = name;
2823 return 0;
2824 }
2825
2826 if (u->instance)
2827 r = unit_name_replace_instance(name, u->instance, buf);
2828 else {
2829 _cleanup_free_ char *i = NULL;
2830
2831 r = unit_name_to_prefix(u->id, &i);
2832 if (r < 0)
2833 return r;
2834
2835 r = unit_name_replace_instance(name, i, buf);
2836 }
2837 if (r < 0)
2838 return r;
2839
2840 *ret = *buf;
2841 return 0;
2842 }
2843
2844 int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2845 _cleanup_free_ char *buf = NULL;
2846 Unit *other;
2847 int r;
2848
2849 assert(u);
2850 assert(name || path);
2851
2852 r = resolve_template(u, name, path, &buf, &name);
2853 if (r < 0)
2854 return r;
2855
2856 r = manager_load_unit(u->manager, name, path, NULL, &other);
2857 if (r < 0)
2858 return r;
2859
2860 return unit_add_dependency(u, d, other, add_reference, mask);
2861 }
2862
2863 int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference, UnitDependencyMask mask) {
2864 _cleanup_free_ char *buf = NULL;
2865 Unit *other;
2866 int r;
2867
2868 assert(u);
2869 assert(name || path);
2870
2871 r = resolve_template(u, name, path, &buf, &name);
2872 if (r < 0)
2873 return r;
2874
2875 r = manager_load_unit(u->manager, name, path, NULL, &other);
2876 if (r < 0)
2877 return r;
2878
2879 return unit_add_two_dependencies(u, d, e, other, add_reference, mask);
2880 }
2881
2882 int set_unit_path(const char *p) {
2883 /* This is mostly for debug purposes */
2884 if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
2885 return -errno;
2886
2887 return 0;
2888 }
2889
2890 char *unit_dbus_path(Unit *u) {
2891 assert(u);
2892
2893 if (!u->id)
2894 return NULL;
2895
2896 return unit_dbus_path_from_name(u->id);
2897 }
2898
2899 char *unit_dbus_path_invocation_id(Unit *u) {
2900 assert(u);
2901
2902 if (sd_id128_is_null(u->invocation_id))
2903 return NULL;
2904
2905 return unit_dbus_path_from_name(u->invocation_id_string);
2906 }
2907
2908 int unit_set_slice(Unit *u, Unit *slice) {
2909 assert(u);
2910 assert(slice);
2911
2912 /* Sets the unit slice if it has not been set before. Is extra
2913 * careful, to only allow this for units that actually have a
2914 * cgroup context. Also, we don't allow to set this for slices
2915 * (since the parent slice is derived from the name). Make
2916 * sure the unit we set is actually a slice. */
2917
2918 if (!UNIT_HAS_CGROUP_CONTEXT(u))
2919 return -EOPNOTSUPP;
2920
2921 if (u->type == UNIT_SLICE)
2922 return -EINVAL;
2923
2924 if (unit_active_state(u) != UNIT_INACTIVE)
2925 return -EBUSY;
2926
2927 if (slice->type != UNIT_SLICE)
2928 return -EINVAL;
2929
2930 if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
2931 !unit_has_name(slice, SPECIAL_ROOT_SLICE))
2932 return -EPERM;
2933
2934 if (UNIT_DEREF(u->slice) == slice)
2935 return 0;
2936
2937 /* Disallow slice changes if @u is already bound to cgroups */
2938 if (UNIT_ISSET(u->slice) && u->cgroup_realized)
2939 return -EBUSY;
2940
2941 unit_ref_set(&u->slice, u, slice);
2942 return 1;
2943 }
2944
2945 int unit_set_default_slice(Unit *u) {
2946 _cleanup_free_ char *b = NULL;
2947 const char *slice_name;
2948 Unit *slice;
2949 int r;
2950
2951 assert(u);
2952
2953 if (UNIT_ISSET(u->slice))
2954 return 0;
2955
2956 if (u->instance) {
2957 _cleanup_free_ char *prefix = NULL, *escaped = NULL;
2958
2959 /* Implicitly place all instantiated units in their
2960 * own per-template slice */
2961
2962 r = unit_name_to_prefix(u->id, &prefix);
2963 if (r < 0)
2964 return r;
2965
2966 /* The prefix is already escaped, but it might include
2967 * "-" which has a special meaning for slice units,
2968 * hence escape it here extra. */
2969 escaped = unit_name_escape(prefix);
2970 if (!escaped)
2971 return -ENOMEM;
2972
2973 if (MANAGER_IS_SYSTEM(u->manager))
2974 b = strjoin("system-", escaped, ".slice");
2975 else
2976 b = strappend(escaped, ".slice");
2977 if (!b)
2978 return -ENOMEM;
2979
2980 slice_name = b;
2981 } else
2982 slice_name =
2983 MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
2984 ? SPECIAL_SYSTEM_SLICE
2985 : SPECIAL_ROOT_SLICE;
2986
2987 r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
2988 if (r < 0)
2989 return r;
2990
2991 return unit_set_slice(u, slice);
2992 }
2993
2994 const char *unit_slice_name(Unit *u) {
2995 assert(u);
2996
2997 if (!UNIT_ISSET(u->slice))
2998 return NULL;
2999
3000 return UNIT_DEREF(u->slice)->id;
3001 }
3002
3003 int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
3004 _cleanup_free_ char *t = NULL;
3005 int r;
3006
3007 assert(u);
3008 assert(type);
3009 assert(_found);
3010
3011 r = unit_name_change_suffix(u->id, type, &t);
3012 if (r < 0)
3013 return r;
3014 if (unit_has_name(u, t))
3015 return -EINVAL;
3016
3017 r = manager_load_unit(u->manager, t, NULL, NULL, _found);
3018 assert(r < 0 || *_found != u);
3019 return r;
3020 }
3021
3022 static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
3023 const char *name, *old_owner, *new_owner;
3024 Unit *u = userdata;
3025 int r;
3026
3027 assert(message);
3028 assert(u);
3029
3030 r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
3031 if (r < 0) {
3032 bus_log_parse_error(r);
3033 return 0;
3034 }
3035
3036 old_owner = empty_to_null(old_owner);
3037 new_owner = empty_to_null(new_owner);
3038
3039 if (UNIT_VTABLE(u)->bus_name_owner_change)
3040 UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
3041
3042 return 0;
3043 }
3044
3045 int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
3046 const char *match;
3047
3048 assert(u);
3049 assert(bus);
3050 assert(name);
3051
3052 if (u->match_bus_slot)
3053 return -EBUSY;
3054
3055 match = strjoina("type='signal',"
3056 "sender='org.freedesktop.DBus',"
3057 "path='/org/freedesktop/DBus',"
3058 "interface='org.freedesktop.DBus',"
3059 "member='NameOwnerChanged',"
3060 "arg0='", name, "'");
3061
3062 return sd_bus_add_match_async(bus, &u->match_bus_slot, match, signal_name_owner_changed, NULL, u);
3063 }
3064
3065 int unit_watch_bus_name(Unit *u, const char *name) {
3066 int r;
3067
3068 assert(u);
3069 assert(name);
3070
3071 /* Watch a specific name on the bus. We only support one unit
3072 * watching each name for now. */
3073
3074 if (u->manager->api_bus) {
3075 /* If the bus is already available, install the match directly.
3076 * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
3077 r = unit_install_bus_match(u, u->manager->api_bus, name);
3078 if (r < 0)
3079 return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
3080 }
3081
3082 r = hashmap_put(u->manager->watch_bus, name, u);
3083 if (r < 0) {
3084 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3085 return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
3086 }
3087
3088 return 0;
3089 }
3090
3091 void unit_unwatch_bus_name(Unit *u, const char *name) {
3092 assert(u);
3093 assert(name);
3094
3095 (void) hashmap_remove_value(u->manager->watch_bus, name, u);
3096 u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
3097 }
3098
3099 bool unit_can_serialize(Unit *u) {
3100 assert(u);
3101
3102 return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
3103 }
3104
3105 static int unit_serialize_cgroup_mask(FILE *f, const char *key, CGroupMask mask) {
3106 _cleanup_free_ char *s = NULL;
3107 int r = 0;
3108
3109 assert(f);
3110 assert(key);
3111
3112 if (mask != 0) {
3113 r = cg_mask_to_string(mask, &s);
3114 if (r >= 0) {
3115 fputs(key, f);
3116 fputc('=', f);
3117 fputs(s, f);
3118 fputc('\n', f);
3119 }
3120 }
3121 return r;
3122 }
3123
3124 static const char *ip_accounting_metric_field[_CGROUP_IP_ACCOUNTING_METRIC_MAX] = {
3125 [CGROUP_IP_INGRESS_BYTES] = "ip-accounting-ingress-bytes",
3126 [CGROUP_IP_INGRESS_PACKETS] = "ip-accounting-ingress-packets",
3127 [CGROUP_IP_EGRESS_BYTES] = "ip-accounting-egress-bytes",
3128 [CGROUP_IP_EGRESS_PACKETS] = "ip-accounting-egress-packets",
3129 };
3130
3131 int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
3132 CGroupIPAccountingMetric m;
3133 int r;
3134
3135 assert(u);
3136 assert(f);
3137 assert(fds);
3138
3139 if (unit_can_serialize(u)) {
3140 r = UNIT_VTABLE(u)->serialize(u, f, fds);
3141 if (r < 0)
3142 return r;
3143 }
3144
3145 dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
3146
3147 dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
3148 dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
3149 dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
3150 dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
3151
3152 dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
3153 dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
3154
3155 if (dual_timestamp_is_set(&u->condition_timestamp))
3156 unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
3157
3158 if (dual_timestamp_is_set(&u->assert_timestamp))
3159 unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
3160
3161 unit_serialize_item(u, f, "transient", yes_no(u->transient));
3162
3163 unit_serialize_item(u, f, "exported-invocation-id", yes_no(u->exported_invocation_id));
3164 unit_serialize_item(u, f, "exported-log-level-max", yes_no(u->exported_log_level_max));
3165 unit_serialize_item(u, f, "exported-log-extra-fields", yes_no(u->exported_log_extra_fields));
3166
3167 unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
3168 if (u->cpu_usage_last != NSEC_INFINITY)
3169 unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
3170
3171 if (u->cgroup_path)
3172 unit_serialize_item(u, f, "cgroup", u->cgroup_path);
3173 unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
3174 (void) unit_serialize_cgroup_mask(f, "cgroup-realized-mask", u->cgroup_realized_mask);
3175 (void) unit_serialize_cgroup_mask(f, "cgroup-enabled-mask", u->cgroup_enabled_mask);
3176 unit_serialize_item_format(u, f, "cgroup-bpf-realized", "%i", u->cgroup_bpf_state);
3177
3178 if (uid_is_valid(u->ref_uid))
3179 unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
3180 if (gid_is_valid(u->ref_gid))
3181 unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
3182
3183 if (!sd_id128_is_null(u->invocation_id))
3184 unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
3185
3186 bus_track_serialize(u->bus_track, f, "ref");
3187
3188 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++) {
3189 uint64_t v;
3190
3191 r = unit_get_ip_accounting(u, m, &v);
3192 if (r >= 0)
3193 unit_serialize_item_format(u, f, ip_accounting_metric_field[m], "%" PRIu64, v);
3194 }
3195
3196 if (serialize_jobs) {
3197 if (u->job) {
3198 fprintf(f, "job\n");
3199 job_serialize(u->job, f);
3200 }
3201
3202 if (u->nop_job) {
3203 fprintf(f, "job\n");
3204 job_serialize(u->nop_job, f);
3205 }
3206 }
3207
3208 /* End marker */
3209 fputc('\n', f);
3210 return 0;
3211 }
3212
3213 int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
3214 assert(u);
3215 assert(f);
3216 assert(key);
3217
3218 if (!value)
3219 return 0;
3220
3221 fputs(key, f);
3222 fputc('=', f);
3223 fputs(value, f);
3224 fputc('\n', f);
3225
3226 return 1;
3227 }
3228
3229 int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
3230 _cleanup_free_ char *c = NULL;
3231
3232 assert(u);
3233 assert(f);
3234 assert(key);
3235
3236 if (!value)
3237 return 0;
3238
3239 c = cescape(value);
3240 if (!c)
3241 return -ENOMEM;
3242
3243 fputs(key, f);
3244 fputc('=', f);
3245 fputs(c, f);
3246 fputc('\n', f);
3247
3248 return 1;
3249 }
3250
3251 int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
3252 int copy;
3253
3254 assert(u);
3255 assert(f);
3256 assert(key);
3257
3258 if (fd < 0)
3259 return 0;
3260
3261 copy = fdset_put_dup(fds, fd);
3262 if (copy < 0)
3263 return copy;
3264
3265 fprintf(f, "%s=%i\n", key, copy);
3266 return 1;
3267 }
3268
3269 void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
3270 va_list ap;
3271
3272 assert(u);
3273 assert(f);
3274 assert(key);
3275 assert(format);
3276
3277 fputs(key, f);
3278 fputc('=', f);
3279
3280 va_start(ap, format);
3281 vfprintf(f, format, ap);
3282 va_end(ap);
3283
3284 fputc('\n', f);
3285 }
3286
3287 int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
3288 int r;
3289
3290 assert(u);
3291 assert(f);
3292 assert(fds);
3293
3294 for (;;) {
3295 char line[LINE_MAX], *l, *v;
3296 CGroupIPAccountingMetric m;
3297 size_t k;
3298
3299 if (!fgets(line, sizeof(line), f)) {
3300 if (feof(f))
3301 return 0;
3302 return -errno;
3303 }
3304
3305 char_array_0(line);
3306 l = strstrip(line);
3307
3308 /* End marker */
3309 if (isempty(l))
3310 break;
3311
3312 k = strcspn(l, "=");
3313
3314 if (l[k] == '=') {
3315 l[k] = 0;
3316 v = l+k+1;
3317 } else
3318 v = l+k;
3319
3320 if (streq(l, "job")) {
3321 if (v[0] == '\0') {
3322 /* new-style serialized job */
3323 Job *j;
3324
3325 j = job_new_raw(u);
3326 if (!j)
3327 return log_oom();
3328
3329 r = job_deserialize(j, f);
3330 if (r < 0) {
3331 job_free(j);
3332 return r;
3333 }
3334
3335 r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
3336 if (r < 0) {
3337 job_free(j);
3338 return r;
3339 }
3340
3341 r = job_install_deserialized(j);
3342 if (r < 0) {
3343 hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
3344 job_free(j);
3345 return r;
3346 }
3347 } else /* legacy for pre-44 */
3348 log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
3349 continue;
3350 } else if (streq(l, "state-change-timestamp")) {
3351 dual_timestamp_deserialize(v, &u->state_change_timestamp);
3352 continue;
3353 } else if (streq(l, "inactive-exit-timestamp")) {
3354 dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
3355 continue;
3356 } else if (streq(l, "active-enter-timestamp")) {
3357 dual_timestamp_deserialize(v, &u->active_enter_timestamp);
3358 continue;
3359 } else if (streq(l, "active-exit-timestamp")) {
3360 dual_timestamp_deserialize(v, &u->active_exit_timestamp);
3361 continue;
3362 } else if (streq(l, "inactive-enter-timestamp")) {
3363 dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
3364 continue;
3365 } else if (streq(l, "condition-timestamp")) {
3366 dual_timestamp_deserialize(v, &u->condition_timestamp);
3367 continue;
3368 } else if (streq(l, "assert-timestamp")) {
3369 dual_timestamp_deserialize(v, &u->assert_timestamp);
3370 continue;
3371 } else if (streq(l, "condition-result")) {
3372
3373 r = parse_boolean(v);
3374 if (r < 0)
3375 log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
3376 else
3377 u->condition_result = r;
3378
3379 continue;
3380
3381 } else if (streq(l, "assert-result")) {
3382
3383 r = parse_boolean(v);
3384 if (r < 0)
3385 log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
3386 else
3387 u->assert_result = r;
3388
3389 continue;
3390
3391 } else if (streq(l, "transient")) {
3392
3393 r = parse_boolean(v);
3394 if (r < 0)
3395 log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
3396 else
3397 u->transient = r;
3398
3399 continue;
3400
3401 } else if (streq(l, "exported-invocation-id")) {
3402
3403 r = parse_boolean(v);
3404 if (r < 0)
3405 log_unit_debug(u, "Failed to parse exported invocation ID bool %s, ignoring.", v);
3406 else
3407 u->exported_invocation_id = r;
3408
3409 continue;
3410
3411 } else if (streq(l, "exported-log-level-max")) {
3412
3413 r = parse_boolean(v);
3414 if (r < 0)
3415 log_unit_debug(u, "Failed to parse exported log level max bool %s, ignoring.", v);
3416 else
3417 u->exported_log_level_max = r;
3418
3419 continue;
3420
3421 } else if (streq(l, "exported-log-extra-fields")) {
3422
3423 r = parse_boolean(v);
3424 if (r < 0)
3425 log_unit_debug(u, "Failed to parse exported log extra fields bool %s, ignoring.", v);
3426 else
3427 u->exported_log_extra_fields = r;
3428
3429 continue;
3430
3431 } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
3432
3433 r = safe_atou64(v, &u->cpu_usage_base);
3434 if (r < 0)
3435 log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
3436
3437 continue;
3438
3439 } else if (streq(l, "cpu-usage-last")) {
3440
3441 r = safe_atou64(v, &u->cpu_usage_last);
3442 if (r < 0)
3443 log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
3444
3445 continue;
3446
3447 } else if (streq(l, "cgroup")) {
3448
3449 r = unit_set_cgroup_path(u, v);
3450 if (r < 0)
3451 log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
3452
3453 (void) unit_watch_cgroup(u);
3454
3455 continue;
3456 } else if (streq(l, "cgroup-realized")) {
3457 int b;
3458
3459 b = parse_boolean(v);
3460 if (b < 0)
3461 log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
3462 else
3463 u->cgroup_realized = b;
3464
3465 continue;
3466
3467 } else if (streq(l, "cgroup-realized-mask")) {
3468
3469 r = cg_mask_from_string(v, &u->cgroup_realized_mask);
3470 if (r < 0)
3471 log_unit_debug(u, "Failed to parse cgroup-realized-mask %s, ignoring.", v);
3472 continue;
3473
3474 } else if (streq(l, "cgroup-enabled-mask")) {
3475
3476 r = cg_mask_from_string(v, &u->cgroup_enabled_mask);
3477 if (r < 0)
3478 log_unit_debug(u, "Failed to parse cgroup-enabled-mask %s, ignoring.", v);
3479 continue;
3480
3481 } else if (streq(l, "cgroup-bpf-realized")) {
3482 int i;
3483
3484 r = safe_atoi(v, &i);
3485 if (r < 0)
3486 log_unit_debug(u, "Failed to parse cgroup BPF state %s, ignoring.", v);
3487 else
3488 u->cgroup_bpf_state =
3489 i < 0 ? UNIT_CGROUP_BPF_INVALIDATED :
3490 i > 0 ? UNIT_CGROUP_BPF_ON :
3491 UNIT_CGROUP_BPF_OFF;
3492
3493 continue;
3494
3495 } else if (streq(l, "ref-uid")) {
3496 uid_t uid;
3497
3498 r = parse_uid(v, &uid);
3499 if (r < 0)
3500 log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
3501 else
3502 unit_ref_uid_gid(u, uid, GID_INVALID);
3503
3504 continue;
3505
3506 } else if (streq(l, "ref-gid")) {
3507 gid_t gid;
3508
3509 r = parse_gid(v, &gid);
3510 if (r < 0)
3511 log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
3512 else
3513 unit_ref_uid_gid(u, UID_INVALID, gid);
3514
3515 } else if (streq(l, "ref")) {
3516
3517 r = strv_extend(&u->deserialized_refs, v);
3518 if (r < 0)
3519 log_oom();
3520
3521 continue;
3522 } else if (streq(l, "invocation-id")) {
3523 sd_id128_t id;
3524
3525 r = sd_id128_from_string(v, &id);
3526 if (r < 0)
3527 log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
3528 else {
3529 r = unit_set_invocation_id(u, id);
3530 if (r < 0)
3531 log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
3532 }
3533
3534 continue;
3535 }
3536
3537 /* Check if this is an IP accounting metric serialization field */
3538 for (m = 0; m < _CGROUP_IP_ACCOUNTING_METRIC_MAX; m++)
3539 if (streq(l, ip_accounting_metric_field[m]))
3540 break;
3541 if (m < _CGROUP_IP_ACCOUNTING_METRIC_MAX) {
3542 uint64_t c;
3543
3544 r = safe_atou64(v, &c);
3545 if (r < 0)
3546 log_unit_debug(u, "Failed to parse IP accounting value %s, ignoring.", v);
3547 else
3548 u->ip_accounting_extra[m] = c;
3549 continue;
3550 }
3551
3552 if (unit_can_serialize(u)) {
3553 r = exec_runtime_deserialize_compat(u, l, v, fds);
3554 if (r < 0) {
3555 log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
3556 continue;
3557 }
3558
3559 /* Returns positive if key was handled by the call */
3560 if (r > 0)
3561 continue;
3562
3563 r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
3564 if (r < 0)
3565 log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
3566 }
3567 }
3568
3569 /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
3570 * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
3571 * before 228 where the base for timeouts was not persistent across reboots. */
3572
3573 if (!dual_timestamp_is_set(&u->state_change_timestamp))
3574 dual_timestamp_get(&u->state_change_timestamp);
3575
3576 /* Let's make sure that everything that is deserialized also gets any potential new cgroup settings applied
3577 * after we are done. For that we invalidate anything already realized, so that we can realize it again. */
3578 unit_invalidate_cgroup(u, _CGROUP_MASK_ALL);
3579 unit_invalidate_cgroup_bpf(u);
3580
3581 return 0;
3582 }
3583
3584 void unit_deserialize_skip(FILE *f) {
3585 assert(f);
3586
3587 /* Skip serialized data for this unit. We don't know what it is. */
3588
3589 for (;;) {
3590 char line[LINE_MAX], *l;
3591
3592 if (!fgets(line, sizeof line, f))
3593 return;
3594
3595 char_array_0(line);
3596 l = strstrip(line);
3597
3598 /* End marker */
3599 if (isempty(l))
3600 return;
3601 }
3602 }
3603
3604 int unit_add_node_dependency(Unit *u, const char *what, bool wants, UnitDependency dep, UnitDependencyMask mask) {
3605 Unit *device;
3606 _cleanup_free_ char *e = NULL;
3607 int r;
3608
3609 assert(u);
3610
3611 /* Adds in links to the device node that this unit is based on */
3612 if (isempty(what))
3613 return 0;
3614
3615 if (!is_device_path(what))
3616 return 0;
3617
3618 /* When device units aren't supported (such as in a
3619 * container), don't create dependencies on them. */
3620 if (!unit_type_supported(UNIT_DEVICE))
3621 return 0;
3622
3623 r = unit_name_from_path(what, ".device", &e);
3624 if (r < 0)
3625 return r;
3626
3627 r = manager_load_unit(u->manager, e, NULL, NULL, &device);
3628 if (r < 0)
3629 return r;
3630
3631 if (dep == UNIT_REQUIRES && device_shall_be_bound_by(device, u))
3632 dep = UNIT_BINDS_TO;
3633
3634 r = unit_add_two_dependencies(u, UNIT_AFTER,
3635 MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
3636 device, true, mask);
3637 if (r < 0)
3638 return r;
3639
3640 if (wants) {
3641 r = unit_add_dependency(device, UNIT_WANTS, u, false, mask);
3642 if (r < 0)
3643 return r;
3644 }
3645
3646 return 0;
3647 }
3648
3649 int unit_coldplug(Unit *u) {
3650 int r = 0, q;
3651 char **i;
3652
3653 assert(u);
3654
3655 /* Make sure we don't enter a loop, when coldplugging
3656 * recursively. */
3657 if (u->coldplugged)
3658 return 0;
3659
3660 u->coldplugged = true;
3661
3662 STRV_FOREACH(i, u->deserialized_refs) {
3663 q = bus_unit_track_add_name(u, *i);
3664 if (q < 0 && r >= 0)
3665 r = q;
3666 }
3667 u->deserialized_refs = strv_free(u->deserialized_refs);
3668
3669 if (UNIT_VTABLE(u)->coldplug) {
3670 q = UNIT_VTABLE(u)->coldplug(u);
3671 if (q < 0 && r >= 0)
3672 r = q;
3673 }
3674
3675 if (u->job) {
3676 q = job_coldplug(u->job);
3677 if (q < 0 && r >= 0)
3678 r = q;
3679 }
3680
3681 return r;
3682 }
3683
3684 static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
3685 struct stat st;
3686
3687 if (!path)
3688 return false;
3689
3690 /* If the source is some virtual kernel file system, then we assume we watch it anyway, and hence pretend we
3691 * are never out-of-date. */
3692 if (PATH_STARTSWITH_SET(path, "/proc", "/sys"))
3693 return false;
3694
3695 if (stat(path, &st) < 0)
3696 /* What, cannot access this anymore? */
3697 return true;
3698
3699 if (path_masked)
3700 /* For masked files check if they are still so */
3701 return !null_or_empty(&st);
3702 else
3703 /* For non-empty files check the mtime */
3704 return timespec_load(&st.st_mtim) > mtime;
3705
3706 return false;
3707 }
3708
3709 bool unit_need_daemon_reload(Unit *u) {
3710 _cleanup_strv_free_ char **t = NULL;
3711 char **path;
3712
3713 assert(u);
3714
3715 /* For unit files, we allow masking… */
3716 if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
3717 u->load_state == UNIT_MASKED))
3718 return true;
3719
3720 /* Source paths should not be masked… */
3721 if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
3722 return true;
3723
3724 if (u->load_state == UNIT_LOADED)
3725 (void) unit_find_dropin_paths(u, &t);
3726 if (!strv_equal(u->dropin_paths, t))
3727 return true;
3728
3729 /* … any drop-ins that are masked are simply omitted from the list. */
3730 STRV_FOREACH(path, u->dropin_paths)
3731 if (fragment_mtime_newer(*path, u->dropin_mtime, false))
3732 return true;
3733
3734 return false;
3735 }
3736
3737 void unit_reset_failed(Unit *u) {
3738 assert(u);
3739
3740 if (UNIT_VTABLE(u)->reset_failed)
3741 UNIT_VTABLE(u)->reset_failed(u);
3742
3743 RATELIMIT_RESET(u->start_limit);
3744 u->start_limit_hit = false;
3745 }
3746
3747 Unit *unit_following(Unit *u) {
3748 assert(u);
3749
3750 if (UNIT_VTABLE(u)->following)
3751 return UNIT_VTABLE(u)->following(u);
3752
3753 return NULL;
3754 }
3755
3756 bool unit_stop_pending(Unit *u) {
3757 assert(u);
3758
3759 /* This call does check the current state of the unit. It's
3760 * hence useful to be called from state change calls of the
3761 * unit itself, where the state isn't updated yet. This is
3762 * different from unit_inactive_or_pending() which checks both
3763 * the current state and for a queued job. */
3764
3765 return u->job && u->job->type == JOB_STOP;
3766 }
3767
3768 bool unit_inactive_or_pending(Unit *u) {
3769 assert(u);
3770
3771 /* Returns true if the unit is inactive or going down */
3772
3773 if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
3774 return true;
3775
3776 if (unit_stop_pending(u))
3777 return true;
3778
3779 return false;
3780 }
3781
3782 bool unit_active_or_pending(Unit *u) {
3783 assert(u);
3784
3785 /* Returns true if the unit is active or going up */
3786
3787 if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
3788 return true;
3789
3790 if (u->job &&
3791 IN_SET(u->job->type, JOB_START, JOB_RELOAD_OR_START, JOB_RESTART))
3792 return true;
3793
3794 return false;
3795 }
3796
3797 bool unit_will_restart(Unit *u) {
3798 assert(u);
3799
3800 if (!UNIT_VTABLE(u)->will_restart)
3801 return false;
3802
3803 return UNIT_VTABLE(u)->will_restart(u);
3804 }
3805
3806 int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
3807 assert(u);
3808 assert(w >= 0 && w < _KILL_WHO_MAX);
3809 assert(SIGNAL_VALID(signo));
3810
3811 if (!UNIT_VTABLE(u)->kill)
3812 return -EOPNOTSUPP;
3813
3814 return UNIT_VTABLE(u)->kill(u, w, signo, error);
3815 }
3816
3817 static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
3818 _cleanup_set_free_ Set *pid_set = NULL;
3819 int r;
3820
3821 pid_set = set_new(NULL);
3822 if (!pid_set)
3823 return NULL;
3824
3825 /* Exclude the main/control pids from being killed via the cgroup */
3826 if (main_pid > 0) {
3827 r = set_put(pid_set, PID_TO_PTR(main_pid));
3828 if (r < 0)
3829 return NULL;
3830 }
3831
3832 if (control_pid > 0) {
3833 r = set_put(pid_set, PID_TO_PTR(control_pid));
3834 if (r < 0)
3835 return NULL;
3836 }
3837
3838 return TAKE_PTR(pid_set);
3839 }
3840
3841 int unit_kill_common(
3842 Unit *u,
3843 KillWho who,
3844 int signo,
3845 pid_t main_pid,
3846 pid_t control_pid,
3847 sd_bus_error *error) {
3848
3849 int r = 0;
3850 bool killed = false;
3851
3852 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
3853 if (main_pid < 0)
3854 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
3855 else if (main_pid == 0)
3856 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
3857 }
3858
3859 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
3860 if (control_pid < 0)
3861 return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
3862 else if (control_pid == 0)
3863 return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
3864 }
3865
3866 if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
3867 if (control_pid > 0) {
3868 if (kill(control_pid, signo) < 0)
3869 r = -errno;
3870 else
3871 killed = true;
3872 }
3873
3874 if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
3875 if (main_pid > 0) {
3876 if (kill(main_pid, signo) < 0)
3877 r = -errno;
3878 else
3879 killed = true;
3880 }
3881
3882 if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
3883 _cleanup_set_free_ Set *pid_set = NULL;
3884 int q;
3885
3886 /* Exclude the main/control pids from being killed via the cgroup */
3887 pid_set = unit_pid_set(main_pid, control_pid);
3888 if (!pid_set)
3889 return -ENOMEM;
3890
3891 q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
3892 if (q < 0 && !IN_SET(q, -EAGAIN, -ESRCH, -ENOENT))
3893 r = q;
3894 else
3895 killed = true;
3896 }
3897
3898 if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
3899 return -ESRCH;
3900
3901 return r;
3902 }
3903
3904 int unit_following_set(Unit *u, Set **s) {
3905 assert(u);
3906 assert(s);
3907
3908 if (UNIT_VTABLE(u)->following_set)
3909 return UNIT_VTABLE(u)->following_set(u, s);
3910
3911 *s = NULL;
3912 return 0;
3913 }
3914
3915 UnitFileState unit_get_unit_file_state(Unit *u) {
3916 int r;
3917
3918 assert(u);
3919
3920 if (u->unit_file_state < 0 && u->fragment_path) {
3921 r = unit_file_get_state(
3922 u->manager->unit_file_scope,
3923 NULL,
3924 u->id,
3925 &u->unit_file_state);
3926 if (r < 0)
3927 u->unit_file_state = UNIT_FILE_BAD;
3928 }
3929
3930 return u->unit_file_state;
3931 }
3932
3933 int unit_get_unit_file_preset(Unit *u) {
3934 assert(u);
3935
3936 if (u->unit_file_preset < 0 && u->fragment_path)
3937 u->unit_file_preset = unit_file_query_preset(
3938 u->manager->unit_file_scope,
3939 NULL,
3940 basename(u->fragment_path));
3941
3942 return u->unit_file_preset;
3943 }
3944
3945 Unit* unit_ref_set(UnitRef *ref, Unit *source, Unit *target) {
3946 assert(ref);
3947 assert(source);
3948 assert(target);
3949
3950 if (ref->target)
3951 unit_ref_unset(ref);
3952
3953 ref->source = source;
3954 ref->target = target;
3955 LIST_PREPEND(refs_by_target, target->refs_by_target, ref);
3956 return target;
3957 }
3958
3959 void unit_ref_unset(UnitRef *ref) {
3960 assert(ref);
3961
3962 if (!ref->target)
3963 return;
3964
3965 /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
3966 * be unreferenced now. */
3967 unit_add_to_gc_queue(ref->target);
3968
3969 LIST_REMOVE(refs_by_target, ref->target->refs_by_target, ref);
3970 ref->source = ref->target = NULL;
3971 }
3972
3973 static int user_from_unit_name(Unit *u, char **ret) {
3974
3975 static const uint8_t hash_key[] = {
3976 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
3977 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
3978 };
3979
3980 _cleanup_free_ char *n = NULL;
3981 int r;
3982
3983 r = unit_name_to_prefix(u->id, &n);
3984 if (r < 0)
3985 return r;
3986
3987 if (valid_user_group_name(n)) {
3988 *ret = TAKE_PTR(n);
3989 return 0;
3990 }
3991
3992 /* If we can't use the unit name as a user name, then let's hash it and use that */
3993 if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
3994 return -ENOMEM;
3995
3996 return 0;
3997 }
3998
3999 int unit_patch_contexts(Unit *u) {
4000 CGroupContext *cc;
4001 ExecContext *ec;
4002 unsigned i;
4003 int r;
4004
4005 assert(u);
4006
4007 /* Patch in the manager defaults into the exec and cgroup
4008 * contexts, _after_ the rest of the settings have been
4009 * initialized */
4010
4011 ec = unit_get_exec_context(u);
4012 if (ec) {
4013 /* This only copies in the ones that need memory */
4014 for (i = 0; i < _RLIMIT_MAX; i++)
4015 if (u->manager->rlimit[i] && !ec->rlimit[i]) {
4016 ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
4017 if (!ec->rlimit[i])
4018 return -ENOMEM;
4019 }
4020
4021 if (MANAGER_IS_USER(u->manager) &&
4022 !ec->working_directory) {
4023
4024 r = get_home_dir(&ec->working_directory);
4025 if (r < 0)
4026 return r;
4027
4028 /* Allow user services to run, even if the
4029 * home directory is missing */
4030 ec->working_directory_missing_ok = true;
4031 }
4032
4033 if (ec->private_devices)
4034 ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
4035
4036 if (ec->protect_kernel_modules)
4037 ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
4038
4039 if (ec->dynamic_user) {
4040 if (!ec->user) {
4041 r = user_from_unit_name(u, &ec->user);
4042 if (r < 0)
4043 return r;
4044 }
4045
4046 if (!ec->group) {
4047 ec->group = strdup(ec->user);
4048 if (!ec->group)
4049 return -ENOMEM;
4050 }
4051
4052 /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
4053 * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
4054
4055 ec->private_tmp = true;
4056 ec->remove_ipc = true;
4057 ec->protect_system = PROTECT_SYSTEM_STRICT;
4058 if (ec->protect_home == PROTECT_HOME_NO)
4059 ec->protect_home = PROTECT_HOME_READ_ONLY;
4060 }
4061 }
4062
4063 cc = unit_get_cgroup_context(u);
4064 if (cc) {
4065
4066 if (ec &&
4067 ec->private_devices &&
4068 cc->device_policy == CGROUP_AUTO)
4069 cc->device_policy = CGROUP_CLOSED;
4070 }
4071
4072 return 0;
4073 }
4074
4075 ExecContext *unit_get_exec_context(Unit *u) {
4076 size_t offset;
4077 assert(u);
4078
4079 if (u->type < 0)
4080 return NULL;
4081
4082 offset = UNIT_VTABLE(u)->exec_context_offset;
4083 if (offset <= 0)
4084 return NULL;
4085
4086 return (ExecContext*) ((uint8_t*) u + offset);
4087 }
4088
4089 KillContext *unit_get_kill_context(Unit *u) {
4090 size_t offset;
4091 assert(u);
4092
4093 if (u->type < 0)
4094 return NULL;
4095
4096 offset = UNIT_VTABLE(u)->kill_context_offset;
4097 if (offset <= 0)
4098 return NULL;
4099
4100 return (KillContext*) ((uint8_t*) u + offset);
4101 }
4102
4103 CGroupContext *unit_get_cgroup_context(Unit *u) {
4104 size_t offset;
4105
4106 if (u->type < 0)
4107 return NULL;
4108
4109 offset = UNIT_VTABLE(u)->cgroup_context_offset;
4110 if (offset <= 0)
4111 return NULL;
4112
4113 return (CGroupContext*) ((uint8_t*) u + offset);
4114 }
4115
4116 ExecRuntime *unit_get_exec_runtime(Unit *u) {
4117 size_t offset;
4118
4119 if (u->type < 0)
4120 return NULL;
4121
4122 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4123 if (offset <= 0)
4124 return NULL;
4125
4126 return *(ExecRuntime**) ((uint8_t*) u + offset);
4127 }
4128
4129 static const char* unit_drop_in_dir(Unit *u, UnitWriteFlags flags) {
4130 assert(u);
4131
4132 if (UNIT_WRITE_FLAGS_NOOP(flags))
4133 return NULL;
4134
4135 if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
4136 return u->manager->lookup_paths.transient;
4137
4138 if (flags & UNIT_PERSISTENT)
4139 return u->manager->lookup_paths.persistent_control;
4140
4141 if (flags & UNIT_RUNTIME)
4142 return u->manager->lookup_paths.runtime_control;
4143
4144 return NULL;
4145 }
4146
4147 char* unit_escape_setting(const char *s, UnitWriteFlags flags, char **buf) {
4148 char *ret = NULL;
4149
4150 if (!s)
4151 return NULL;
4152
4153 /* Escapes the input string as requested. Returns the escaped string. If 'buf' is specified then the allocated
4154 * return buffer pointer is also written to *buf, except if no escaping was necessary, in which case *buf is
4155 * set to NULL, and the input pointer is returned as-is. This means the return value always contains a properly
4156 * escaped version, but *buf when passed only contains a pointer if an allocation was necessary. If *buf is
4157 * not specified, then the return value always needs to be freed. Callers can use this to optimize memory
4158 * allocations. */
4159
4160 if (flags & UNIT_ESCAPE_SPECIFIERS) {
4161 ret = specifier_escape(s);
4162 if (!ret)
4163 return NULL;
4164
4165 s = ret;
4166 }
4167
4168 if (flags & UNIT_ESCAPE_C) {
4169 char *a;
4170
4171 a = cescape(s);
4172 free(ret);
4173 if (!a)
4174 return NULL;
4175
4176 ret = a;
4177 }
4178
4179 if (buf) {
4180 *buf = ret;
4181 return ret ?: (char*) s;
4182 }
4183
4184 return ret ?: strdup(s);
4185 }
4186
4187 char* unit_concat_strv(char **l, UnitWriteFlags flags) {
4188 _cleanup_free_ char *result = NULL;
4189 size_t n = 0, allocated = 0;
4190 char **i;
4191
4192 /* Takes a list of strings, escapes them, and concatenates them. This may be used to format command lines in a
4193 * way suitable for ExecStart= stanzas */
4194
4195 STRV_FOREACH(i, l) {
4196 _cleanup_free_ char *buf = NULL;
4197 const char *p;
4198 size_t a;
4199 char *q;
4200
4201 p = unit_escape_setting(*i, flags, &buf);
4202 if (!p)
4203 return NULL;
4204
4205 a = (n > 0) + 1 + strlen(p) + 1; /* separating space + " + entry + " */
4206 if (!GREEDY_REALLOC(result, allocated, n + a + 1))
4207 return NULL;
4208
4209 q = result + n;
4210 if (n > 0)
4211 *(q++) = ' ';
4212
4213 *(q++) = '"';
4214 q = stpcpy(q, p);
4215 *(q++) = '"';
4216
4217 n += a;
4218 }
4219
4220 if (!GREEDY_REALLOC(result, allocated, n + 1))
4221 return NULL;
4222
4223 result[n] = 0;
4224
4225 return TAKE_PTR(result);
4226 }
4227
4228 int unit_write_setting(Unit *u, UnitWriteFlags flags, const char *name, const char *data) {
4229 _cleanup_free_ char *p = NULL, *q = NULL, *escaped = NULL;
4230 const char *dir, *wrapped;
4231 int r;
4232
4233 assert(u);
4234 assert(name);
4235 assert(data);
4236
4237 if (UNIT_WRITE_FLAGS_NOOP(flags))
4238 return 0;
4239
4240 data = unit_escape_setting(data, flags, &escaped);
4241 if (!data)
4242 return -ENOMEM;
4243
4244 /* Prefix the section header. If we are writing this out as transient file, then let's suppress this if the
4245 * previous section header is the same */
4246
4247 if (flags & UNIT_PRIVATE) {
4248 if (!UNIT_VTABLE(u)->private_section)
4249 return -EINVAL;
4250
4251 if (!u->transient_file || u->last_section_private < 0)
4252 data = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
4253 else if (u->last_section_private == 0)
4254 data = strjoina("\n[", UNIT_VTABLE(u)->private_section, "]\n", data);
4255 } else {
4256 if (!u->transient_file || u->last_section_private < 0)
4257 data = strjoina("[Unit]\n", data);
4258 else if (u->last_section_private > 0)
4259 data = strjoina("\n[Unit]\n", data);
4260 }
4261
4262 if (u->transient_file) {
4263 /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
4264 * write to the transient unit file. */
4265 fputs(data, u->transient_file);
4266
4267 if (!endswith(data, "\n"))
4268 fputc('\n', u->transient_file);
4269
4270 /* Remember which section we wrote this entry to */
4271 u->last_section_private = !!(flags & UNIT_PRIVATE);
4272 return 0;
4273 }
4274
4275 dir = unit_drop_in_dir(u, flags);
4276 if (!dir)
4277 return -EINVAL;
4278
4279 wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
4280 "# or an equivalent operation. Do not edit.\n",
4281 data,
4282 "\n");
4283
4284 r = drop_in_file(dir, u->id, 50, name, &p, &q);
4285 if (r < 0)
4286 return r;
4287
4288 (void) mkdir_p_label(p, 0755);
4289 r = write_string_file_atomic_label(q, wrapped);
4290 if (r < 0)
4291 return r;
4292
4293 r = strv_push(&u->dropin_paths, q);
4294 if (r < 0)
4295 return r;
4296 q = NULL;
4297
4298 strv_uniq(u->dropin_paths);
4299
4300 u->dropin_mtime = now(CLOCK_REALTIME);
4301
4302 return 0;
4303 }
4304
4305 int unit_write_settingf(Unit *u, UnitWriteFlags flags, const char *name, const char *format, ...) {
4306 _cleanup_free_ char *p = NULL;
4307 va_list ap;
4308 int r;
4309
4310 assert(u);
4311 assert(name);
4312 assert(format);
4313
4314 if (UNIT_WRITE_FLAGS_NOOP(flags))
4315 return 0;
4316
4317 va_start(ap, format);
4318 r = vasprintf(&p, format, ap);
4319 va_end(ap);
4320
4321 if (r < 0)
4322 return -ENOMEM;
4323
4324 return unit_write_setting(u, flags, name, p);
4325 }
4326
4327 int unit_make_transient(Unit *u) {
4328 _cleanup_free_ char *path = NULL;
4329 FILE *f;
4330
4331 assert(u);
4332
4333 if (!UNIT_VTABLE(u)->can_transient)
4334 return -EOPNOTSUPP;
4335
4336 (void) mkdir_p_label(u->manager->lookup_paths.transient, 0755);
4337
4338 path = strjoin(u->manager->lookup_paths.transient, "/", u->id);
4339 if (!path)
4340 return -ENOMEM;
4341
4342 /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
4343 * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
4344
4345 RUN_WITH_UMASK(0022) {
4346 f = fopen(path, "we");
4347 if (!f)
4348 return -errno;
4349 }
4350
4351 safe_fclose(u->transient_file);
4352 u->transient_file = f;
4353
4354 free_and_replace(u->fragment_path, path);
4355
4356 u->source_path = mfree(u->source_path);
4357 u->dropin_paths = strv_free(u->dropin_paths);
4358 u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
4359
4360 u->load_state = UNIT_STUB;
4361 u->load_error = 0;
4362 u->transient = true;
4363
4364 unit_add_to_dbus_queue(u);
4365 unit_add_to_gc_queue(u);
4366
4367 fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
4368 u->transient_file);
4369
4370 return 0;
4371 }
4372
4373 static void log_kill(pid_t pid, int sig, void *userdata) {
4374 _cleanup_free_ char *comm = NULL;
4375
4376 (void) get_process_comm(pid, &comm);
4377
4378 /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
4379 only, like for example systemd's own PAM stub process. */
4380 if (comm && comm[0] == '(')
4381 return;
4382
4383 log_unit_notice(userdata,
4384 "Killing process " PID_FMT " (%s) with signal SIG%s.",
4385 pid,
4386 strna(comm),
4387 signal_to_string(sig));
4388 }
4389
4390 static int operation_to_signal(KillContext *c, KillOperation k) {
4391 assert(c);
4392
4393 switch (k) {
4394
4395 case KILL_TERMINATE:
4396 case KILL_TERMINATE_AND_LOG:
4397 return c->kill_signal;
4398
4399 case KILL_KILL:
4400 return SIGKILL;
4401
4402 case KILL_ABORT:
4403 return SIGABRT;
4404
4405 default:
4406 assert_not_reached("KillOperation unknown");
4407 }
4408 }
4409
4410 int unit_kill_context(
4411 Unit *u,
4412 KillContext *c,
4413 KillOperation k,
4414 pid_t main_pid,
4415 pid_t control_pid,
4416 bool main_pid_alien) {
4417
4418 bool wait_for_exit = false, send_sighup;
4419 cg_kill_log_func_t log_func = NULL;
4420 int sig, r;
4421
4422 assert(u);
4423 assert(c);
4424
4425 /* Kill the processes belonging to this unit, in preparation for shutting the unit down.
4426 * Returns > 0 if we killed something worth waiting for, 0 otherwise. */
4427
4428 if (c->kill_mode == KILL_NONE)
4429 return 0;
4430
4431 sig = operation_to_signal(c, k);
4432
4433 send_sighup =
4434 c->send_sighup &&
4435 IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
4436 sig != SIGHUP;
4437
4438 if (k != KILL_TERMINATE || IN_SET(sig, SIGKILL, SIGABRT))
4439 log_func = log_kill;
4440
4441 if (main_pid > 0) {
4442 if (log_func)
4443 log_func(main_pid, sig, u);
4444
4445 r = kill_and_sigcont(main_pid, sig);
4446 if (r < 0 && r != -ESRCH) {
4447 _cleanup_free_ char *comm = NULL;
4448 (void) get_process_comm(main_pid, &comm);
4449
4450 log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
4451 } else {
4452 if (!main_pid_alien)
4453 wait_for_exit = true;
4454
4455 if (r != -ESRCH && send_sighup)
4456 (void) kill(main_pid, SIGHUP);
4457 }
4458 }
4459
4460 if (control_pid > 0) {
4461 if (log_func)
4462 log_func(control_pid, sig, u);
4463
4464 r = kill_and_sigcont(control_pid, sig);
4465 if (r < 0 && r != -ESRCH) {
4466 _cleanup_free_ char *comm = NULL;
4467 (void) get_process_comm(control_pid, &comm);
4468
4469 log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
4470 } else {
4471 wait_for_exit = true;
4472
4473 if (r != -ESRCH && send_sighup)
4474 (void) kill(control_pid, SIGHUP);
4475 }
4476 }
4477
4478 if (u->cgroup_path &&
4479 (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
4480 _cleanup_set_free_ Set *pid_set = NULL;
4481
4482 /* Exclude the main/control pids from being killed via the cgroup */
4483 pid_set = unit_pid_set(main_pid, control_pid);
4484 if (!pid_set)
4485 return -ENOMEM;
4486
4487 r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4488 sig,
4489 CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
4490 pid_set,
4491 log_func, u);
4492 if (r < 0) {
4493 if (!IN_SET(r, -EAGAIN, -ESRCH, -ENOENT))
4494 log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
4495
4496 } else if (r > 0) {
4497
4498 /* FIXME: For now, on the legacy hierarchy, we will not wait for the cgroup members to die if
4499 * we are running in a container or if this is a delegation unit, simply because cgroup
4500 * notification is unreliable in these cases. It doesn't work at all in containers, and outside
4501 * of containers it can be confused easily by left-over directories in the cgroup — which
4502 * however should not exist in non-delegated units. On the unified hierarchy that's different,
4503 * there we get proper events. Hence rely on them. */
4504
4505 if (cg_unified_controller(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
4506 (detect_container() == 0 && !unit_cgroup_delegate(u)))
4507 wait_for_exit = true;
4508
4509 if (send_sighup) {
4510 set_free(pid_set);
4511
4512 pid_set = unit_pid_set(main_pid, control_pid);
4513 if (!pid_set)
4514 return -ENOMEM;
4515
4516 cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
4517 SIGHUP,
4518 CGROUP_IGNORE_SELF,
4519 pid_set,
4520 NULL, NULL);
4521 }
4522 }
4523 }
4524
4525 return wait_for_exit;
4526 }
4527
4528 int unit_require_mounts_for(Unit *u, const char *path, UnitDependencyMask mask) {
4529 _cleanup_free_ char *p = NULL;
4530 char *prefix;
4531 UnitDependencyInfo di;
4532 int r;
4533
4534 assert(u);
4535 assert(path);
4536
4537 /* Registers a unit for requiring a certain path and all its prefixes. We keep a hashtable of these paths in
4538 * the unit (from the path to the UnitDependencyInfo structure indicating how to the dependency came to
4539 * be). However, we build a prefix table for all possible prefixes so that new appearing mount units can easily
4540 * determine which units to make themselves a dependency of. */
4541
4542 if (!path_is_absolute(path))
4543 return -EINVAL;
4544
4545 r = hashmap_ensure_allocated(&u->requires_mounts_for, &path_hash_ops);
4546 if (r < 0)
4547 return r;
4548
4549 p = strdup(path);
4550 if (!p)
4551 return -ENOMEM;
4552
4553 path = path_simplify(p, false);
4554
4555 if (!path_is_normalized(path))
4556 return -EPERM;
4557
4558 if (hashmap_contains(u->requires_mounts_for, path))
4559 return 0;
4560
4561 di = (UnitDependencyInfo) {
4562 .origin_mask = mask
4563 };
4564
4565 r = hashmap_put(u->requires_mounts_for, path, di.data);
4566 if (r < 0)
4567 return r;
4568 p = NULL;
4569
4570 prefix = alloca(strlen(path) + 1);
4571 PATH_FOREACH_PREFIX_MORE(prefix, path) {
4572 Set *x;
4573
4574 x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
4575 if (!x) {
4576 _cleanup_free_ char *q = NULL;
4577
4578 r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &path_hash_ops);
4579 if (r < 0)
4580 return r;
4581
4582 q = strdup(prefix);
4583 if (!q)
4584 return -ENOMEM;
4585
4586 x = set_new(NULL);
4587 if (!x)
4588 return -ENOMEM;
4589
4590 r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
4591 if (r < 0) {
4592 set_free(x);
4593 return r;
4594 }
4595 q = NULL;
4596 }
4597
4598 r = set_put(x, u);
4599 if (r < 0)
4600 return r;
4601 }
4602
4603 return 0;
4604 }
4605
4606 int unit_setup_exec_runtime(Unit *u) {
4607 ExecRuntime **rt;
4608 size_t offset;
4609 Unit *other;
4610 Iterator i;
4611 void *v;
4612 int r;
4613
4614 offset = UNIT_VTABLE(u)->exec_runtime_offset;
4615 assert(offset > 0);
4616
4617 /* Check if there already is an ExecRuntime for this unit? */
4618 rt = (ExecRuntime**) ((uint8_t*) u + offset);
4619 if (*rt)
4620 return 0;
4621
4622 /* Try to get it from somebody else */
4623 HASHMAP_FOREACH_KEY(v, other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
4624 r = exec_runtime_acquire(u->manager, NULL, other->id, false, rt);
4625 if (r == 1)
4626 return 1;
4627 }
4628
4629 return exec_runtime_acquire(u->manager, unit_get_exec_context(u), u->id, true, rt);
4630 }
4631
4632 int unit_setup_dynamic_creds(Unit *u) {
4633 ExecContext *ec;
4634 DynamicCreds *dcreds;
4635 size_t offset;
4636
4637 assert(u);
4638
4639 offset = UNIT_VTABLE(u)->dynamic_creds_offset;
4640 assert(offset > 0);
4641 dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
4642
4643 ec = unit_get_exec_context(u);
4644 assert(ec);
4645
4646 if (!ec->dynamic_user)
4647 return 0;
4648
4649 return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
4650 }
4651
4652 bool unit_type_supported(UnitType t) {
4653 if (_unlikely_(t < 0))
4654 return false;
4655 if (_unlikely_(t >= _UNIT_TYPE_MAX))
4656 return false;
4657
4658 if (!unit_vtable[t]->supported)
4659 return true;
4660
4661 return unit_vtable[t]->supported();
4662 }
4663
4664 void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
4665 int r;
4666
4667 assert(u);
4668 assert(where);
4669
4670 r = dir_is_empty(where);
4671 if (r > 0 || r == -ENOTDIR)
4672 return;
4673 if (r < 0) {
4674 log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
4675 return;
4676 }
4677
4678 log_struct(LOG_NOTICE,
4679 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4680 LOG_UNIT_ID(u),
4681 LOG_UNIT_INVOCATION_ID(u),
4682 LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
4683 "WHERE=%s", where);
4684 }
4685
4686 int unit_fail_if_noncanonical(Unit *u, const char* where) {
4687 _cleanup_free_ char *canonical_where;
4688 int r;
4689
4690 assert(u);
4691 assert(where);
4692
4693 r = chase_symlinks(where, NULL, CHASE_NONEXISTENT, &canonical_where);
4694 if (r < 0) {
4695 log_unit_debug_errno(u, r, "Failed to check %s for symlinks, ignoring: %m", where);
4696 return 0;
4697 }
4698
4699 /* We will happily ignore a trailing slash (or any redundant slashes) */
4700 if (path_equal(where, canonical_where))
4701 return 0;
4702
4703 /* No need to mention "." or "..", they would already have been rejected by unit_name_from_path() */
4704 log_struct(LOG_ERR,
4705 "MESSAGE_ID=" SD_MESSAGE_OVERMOUNTING_STR,
4706 LOG_UNIT_ID(u),
4707 LOG_UNIT_INVOCATION_ID(u),
4708 LOG_UNIT_MESSAGE(u, "Mount path %s is not canonical (contains a symlink).", where),
4709 "WHERE=%s", where);
4710
4711 return -ELOOP;
4712 }
4713
4714 bool unit_is_pristine(Unit *u) {
4715 assert(u);
4716
4717 /* Check if the unit already exists or is already around,
4718 * in a number of different ways. Note that to cater for unit
4719 * types such as slice, we are generally fine with units that
4720 * are marked UNIT_LOADED even though nothing was actually
4721 * loaded, as those unit types don't require a file on disk. */
4722
4723 return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
4724 u->fragment_path ||
4725 u->source_path ||
4726 !strv_isempty(u->dropin_paths) ||
4727 u->job ||
4728 u->merged_into);
4729 }
4730
4731 pid_t unit_control_pid(Unit *u) {
4732 assert(u);
4733
4734 if (UNIT_VTABLE(u)->control_pid)
4735 return UNIT_VTABLE(u)->control_pid(u);
4736
4737 return 0;
4738 }
4739
4740 pid_t unit_main_pid(Unit *u) {
4741 assert(u);
4742
4743 if (UNIT_VTABLE(u)->main_pid)
4744 return UNIT_VTABLE(u)->main_pid(u);
4745
4746 return 0;
4747 }
4748
4749 static void unit_unref_uid_internal(
4750 Unit *u,
4751 uid_t *ref_uid,
4752 bool destroy_now,
4753 void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
4754
4755 assert(u);
4756 assert(ref_uid);
4757 assert(_manager_unref_uid);
4758
4759 /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
4760 * gid_t are actually the same time, with the same validity rules.
4761 *
4762 * Drops a reference to UID/GID from a unit. */
4763
4764 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4765 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4766
4767 if (!uid_is_valid(*ref_uid))
4768 return;
4769
4770 _manager_unref_uid(u->manager, *ref_uid, destroy_now);
4771 *ref_uid = UID_INVALID;
4772 }
4773
4774 void unit_unref_uid(Unit *u, bool destroy_now) {
4775 unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
4776 }
4777
4778 void unit_unref_gid(Unit *u, bool destroy_now) {
4779 unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
4780 }
4781
4782 static int unit_ref_uid_internal(
4783 Unit *u,
4784 uid_t *ref_uid,
4785 uid_t uid,
4786 bool clean_ipc,
4787 int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
4788
4789 int r;
4790
4791 assert(u);
4792 assert(ref_uid);
4793 assert(uid_is_valid(uid));
4794 assert(_manager_ref_uid);
4795
4796 /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
4797 * are actually the same type, and have the same validity rules.
4798 *
4799 * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
4800 * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
4801 * drops to zero. */
4802
4803 assert_cc(sizeof(uid_t) == sizeof(gid_t));
4804 assert_cc(UID_INVALID == (uid_t) GID_INVALID);
4805
4806 if (*ref_uid == uid)
4807 return 0;
4808
4809 if (uid_is_valid(*ref_uid)) /* Already set? */
4810 return -EBUSY;
4811
4812 r = _manager_ref_uid(u->manager, uid, clean_ipc);
4813 if (r < 0)
4814 return r;
4815
4816 *ref_uid = uid;
4817 return 1;
4818 }
4819
4820 int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
4821 return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
4822 }
4823
4824 int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
4825 return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
4826 }
4827
4828 static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
4829 int r = 0, q = 0;
4830
4831 assert(u);
4832
4833 /* Reference both a UID and a GID in one go. Either references both, or neither. */
4834
4835 if (uid_is_valid(uid)) {
4836 r = unit_ref_uid(u, uid, clean_ipc);
4837 if (r < 0)
4838 return r;
4839 }
4840
4841 if (gid_is_valid(gid)) {
4842 q = unit_ref_gid(u, gid, clean_ipc);
4843 if (q < 0) {
4844 if (r > 0)
4845 unit_unref_uid(u, false);
4846
4847 return q;
4848 }
4849 }
4850
4851 return r > 0 || q > 0;
4852 }
4853
4854 int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
4855 ExecContext *c;
4856 int r;
4857
4858 assert(u);
4859
4860 c = unit_get_exec_context(u);
4861
4862 r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
4863 if (r < 0)
4864 return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
4865
4866 return r;
4867 }
4868
4869 void unit_unref_uid_gid(Unit *u, bool destroy_now) {
4870 assert(u);
4871
4872 unit_unref_uid(u, destroy_now);
4873 unit_unref_gid(u, destroy_now);
4874 }
4875
4876 void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
4877 int r;
4878
4879 assert(u);
4880
4881 /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
4882 * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
4883 * objects when no service references the UID/GID anymore. */
4884
4885 r = unit_ref_uid_gid(u, uid, gid);
4886 if (r > 0)
4887 bus_unit_send_change_signal(u);
4888 }
4889
4890 int unit_set_invocation_id(Unit *u, sd_id128_t id) {
4891 int r;
4892
4893 assert(u);
4894
4895 /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
4896
4897 if (sd_id128_equal(u->invocation_id, id))
4898 return 0;
4899
4900 if (!sd_id128_is_null(u->invocation_id))
4901 (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
4902
4903 if (sd_id128_is_null(id)) {
4904 r = 0;
4905 goto reset;
4906 }
4907
4908 r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
4909 if (r < 0)
4910 goto reset;
4911
4912 u->invocation_id = id;
4913 sd_id128_to_string(id, u->invocation_id_string);
4914
4915 r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
4916 if (r < 0)
4917 goto reset;
4918
4919 return 0;
4920
4921 reset:
4922 u->invocation_id = SD_ID128_NULL;
4923 u->invocation_id_string[0] = 0;
4924 return r;
4925 }
4926
4927 int unit_acquire_invocation_id(Unit *u) {
4928 sd_id128_t id;
4929 int r;
4930
4931 assert(u);
4932
4933 r = sd_id128_randomize(&id);
4934 if (r < 0)
4935 return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
4936
4937 r = unit_set_invocation_id(u, id);
4938 if (r < 0)
4939 return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
4940
4941 return 0;
4942 }
4943
4944 void unit_set_exec_params(Unit *u, ExecParameters *p) {
4945 assert(u);
4946 assert(p);
4947
4948 /* Copy parameters from manager */
4949 p->environment = u->manager->environment;
4950 p->confirm_spawn = manager_get_confirm_spawn(u->manager);
4951 p->cgroup_supported = u->manager->cgroup_supported;
4952 p->prefix = u->manager->prefix;
4953 SET_FLAG(p->flags, EXEC_PASS_LOG_UNIT|EXEC_CHOWN_DIRECTORIES, MANAGER_IS_SYSTEM(u->manager));
4954
4955 /* Copy paramaters from unit */
4956 p->cgroup_path = u->cgroup_path;
4957 SET_FLAG(p->flags, EXEC_CGROUP_DELEGATE, unit_cgroup_delegate(u));
4958 }
4959
4960 int unit_fork_helper_process(Unit *u, const char *name, pid_t *ret) {
4961 int r;
4962
4963 assert(u);
4964 assert(ret);
4965
4966 /* Forks off a helper process and makes sure it is a member of the unit's cgroup. Returns == 0 in the child,
4967 * and > 0 in the parent. The pid parameter is always filled in with the child's PID. */
4968
4969 (void) unit_realize_cgroup(u);
4970
4971 r = safe_fork(name, FORK_REOPEN_LOG, ret);
4972 if (r != 0)
4973 return r;
4974
4975 (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
4976 (void) ignore_signals(SIGPIPE, -1);
4977
4978 (void) prctl(PR_SET_PDEATHSIG, SIGTERM);
4979
4980 if (u->cgroup_path) {
4981 r = cg_attach_everywhere(u->manager->cgroup_supported, u->cgroup_path, 0, NULL, NULL);
4982 if (r < 0) {
4983 log_unit_error_errno(u, r, "Failed to join unit cgroup %s: %m", u->cgroup_path);
4984 _exit(EXIT_CGROUP);
4985 }
4986 }
4987
4988 return 0;
4989 }
4990
4991 static void unit_update_dependency_mask(Unit *u, UnitDependency d, Unit *other, UnitDependencyInfo di) {
4992 assert(u);
4993 assert(d >= 0);
4994 assert(d < _UNIT_DEPENDENCY_MAX);
4995 assert(other);
4996
4997 if (di.origin_mask == 0 && di.destination_mask == 0) {
4998 /* No bit set anymore, let's drop the whole entry */
4999 assert_se(hashmap_remove(u->dependencies[d], other));
5000 log_unit_debug(u, "%s lost dependency %s=%s", u->id, unit_dependency_to_string(d), other->id);
5001 } else
5002 /* Mask was reduced, let's update the entry */
5003 assert_se(hashmap_update(u->dependencies[d], other, di.data) == 0);
5004 }
5005
5006 void unit_remove_dependencies(Unit *u, UnitDependencyMask mask) {
5007 UnitDependency d;
5008
5009 assert(u);
5010
5011 /* Removes all dependencies u has on other units marked for ownership by 'mask'. */
5012
5013 if (mask == 0)
5014 return;
5015
5016 for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
5017 bool done;
5018
5019 do {
5020 UnitDependencyInfo di;
5021 Unit *other;
5022 Iterator i;
5023
5024 done = true;
5025
5026 HASHMAP_FOREACH_KEY(di.data, other, u->dependencies[d], i) {
5027 UnitDependency q;
5028
5029 if ((di.origin_mask & ~mask) == di.origin_mask)
5030 continue;
5031 di.origin_mask &= ~mask;
5032 unit_update_dependency_mask(u, d, other, di);
5033
5034 /* We updated the dependency from our unit to the other unit now. But most dependencies
5035 * imply a reverse dependency. Hence, let's delete that one too. For that we go through
5036 * all dependency types on the other unit and delete all those which point to us and
5037 * have the right mask set. */
5038
5039 for (q = 0; q < _UNIT_DEPENDENCY_MAX; q++) {
5040 UnitDependencyInfo dj;
5041
5042 dj.data = hashmap_get(other->dependencies[q], u);
5043 if ((dj.destination_mask & ~mask) == dj.destination_mask)
5044 continue;
5045 dj.destination_mask &= ~mask;
5046
5047 unit_update_dependency_mask(other, q, u, dj);
5048 }
5049
5050 unit_add_to_gc_queue(other);
5051
5052 done = false;
5053 break;
5054 }
5055
5056 } while (!done);
5057 }
5058 }
5059
5060 static int unit_export_invocation_id(Unit *u) {
5061 const char *p;
5062 int r;
5063
5064 assert(u);
5065
5066 if (u->exported_invocation_id)
5067 return 0;
5068
5069 if (sd_id128_is_null(u->invocation_id))
5070 return 0;
5071
5072 p = strjoina("/run/systemd/units/invocation:", u->id);
5073 r = symlink_atomic(u->invocation_id_string, p);
5074 if (r < 0)
5075 return log_unit_debug_errno(u, r, "Failed to create invocation ID symlink %s: %m", p);
5076
5077 u->exported_invocation_id = true;
5078 return 0;
5079 }
5080
5081 static int unit_export_log_level_max(Unit *u, const ExecContext *c) {
5082 const char *p;
5083 char buf[2];
5084 int r;
5085
5086 assert(u);
5087 assert(c);
5088
5089 if (u->exported_log_level_max)
5090 return 0;
5091
5092 if (c->log_level_max < 0)
5093 return 0;
5094
5095 assert(c->log_level_max <= 7);
5096
5097 buf[0] = '0' + c->log_level_max;
5098 buf[1] = 0;
5099
5100 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5101 r = symlink_atomic(buf, p);
5102 if (r < 0)
5103 return log_unit_debug_errno(u, r, "Failed to create maximum log level symlink %s: %m", p);
5104
5105 u->exported_log_level_max = true;
5106 return 0;
5107 }
5108
5109 static int unit_export_log_extra_fields(Unit *u, const ExecContext *c) {
5110 _cleanup_close_ int fd = -1;
5111 struct iovec *iovec;
5112 const char *p;
5113 char *pattern;
5114 le64_t *sizes;
5115 ssize_t n;
5116 size_t i;
5117 int r;
5118
5119 if (u->exported_log_extra_fields)
5120 return 0;
5121
5122 if (c->n_log_extra_fields <= 0)
5123 return 0;
5124
5125 sizes = newa(le64_t, c->n_log_extra_fields);
5126 iovec = newa(struct iovec, c->n_log_extra_fields * 2);
5127
5128 for (i = 0; i < c->n_log_extra_fields; i++) {
5129 sizes[i] = htole64(c->log_extra_fields[i].iov_len);
5130
5131 iovec[i*2] = IOVEC_MAKE(sizes + i, sizeof(le64_t));
5132 iovec[i*2+1] = c->log_extra_fields[i];
5133 }
5134
5135 p = strjoina("/run/systemd/units/log-extra-fields:", u->id);
5136 pattern = strjoina(p, ".XXXXXX");
5137
5138 fd = mkostemp_safe(pattern);
5139 if (fd < 0)
5140 return log_unit_debug_errno(u, fd, "Failed to create extra fields file %s: %m", p);
5141
5142 n = writev(fd, iovec, c->n_log_extra_fields*2);
5143 if (n < 0) {
5144 r = log_unit_debug_errno(u, errno, "Failed to write extra fields: %m");
5145 goto fail;
5146 }
5147
5148 (void) fchmod(fd, 0644);
5149
5150 if (rename(pattern, p) < 0) {
5151 r = log_unit_debug_errno(u, errno, "Failed to rename extra fields file: %m");
5152 goto fail;
5153 }
5154
5155 u->exported_log_extra_fields = true;
5156 return 0;
5157
5158 fail:
5159 (void) unlink(pattern);
5160 return r;
5161 }
5162
5163 void unit_export_state_files(Unit *u) {
5164 const ExecContext *c;
5165
5166 assert(u);
5167
5168 if (!u->id)
5169 return;
5170
5171 if (!MANAGER_IS_SYSTEM(u->manager))
5172 return;
5173
5174 if (u->manager->test_run_flags != 0)
5175 return;
5176
5177 /* Exports a couple of unit properties to /run/systemd/units/, so that journald can quickly query this data
5178 * from there. Ideally, journald would use IPC to query this, like everybody else, but that's hard, as long as
5179 * the IPC system itself and PID 1 also log to the journal.
5180 *
5181 * Note that these files really shouldn't be considered API for anyone else, as use a runtime file system as
5182 * IPC replacement is not compatible with today's world of file system namespaces. However, this doesn't really
5183 * apply to communication between the journal and systemd, as we assume that these two daemons live in the same
5184 * namespace at least.
5185 *
5186 * Note that some of the "files" exported here are actually symlinks and not regular files. Symlinks work
5187 * better for storing small bits of data, in particular as we can write them with two system calls, and read
5188 * them with one. */
5189
5190 (void) unit_export_invocation_id(u);
5191
5192 c = unit_get_exec_context(u);
5193 if (c) {
5194 (void) unit_export_log_level_max(u, c);
5195 (void) unit_export_log_extra_fields(u, c);
5196 }
5197 }
5198
5199 void unit_unlink_state_files(Unit *u) {
5200 const char *p;
5201
5202 assert(u);
5203
5204 if (!u->id)
5205 return;
5206
5207 if (!MANAGER_IS_SYSTEM(u->manager))
5208 return;
5209
5210 /* Undoes the effect of unit_export_state() */
5211
5212 if (u->exported_invocation_id) {
5213 p = strjoina("/run/systemd/units/invocation:", u->id);
5214 (void) unlink(p);
5215
5216 u->exported_invocation_id = false;
5217 }
5218
5219 if (u->exported_log_level_max) {
5220 p = strjoina("/run/systemd/units/log-level-max:", u->id);
5221 (void) unlink(p);
5222
5223 u->exported_log_level_max = false;
5224 }
5225
5226 if (u->exported_log_extra_fields) {
5227 p = strjoina("/run/systemd/units/extra-fields:", u->id);
5228 (void) unlink(p);
5229
5230 u->exported_log_extra_fields = false;
5231 }
5232 }
5233
5234 int unit_prepare_exec(Unit *u) {
5235 int r;
5236
5237 assert(u);
5238
5239 /* Prepares everything so that we can fork of a process for this unit */
5240
5241 (void) unit_realize_cgroup(u);
5242
5243 if (u->reset_accounting) {
5244 (void) unit_reset_cpu_accounting(u);
5245 (void) unit_reset_ip_accounting(u);
5246 u->reset_accounting = false;
5247 }
5248
5249 unit_export_state_files(u);
5250
5251 r = unit_setup_exec_runtime(u);
5252 if (r < 0)
5253 return r;
5254
5255 r = unit_setup_dynamic_creds(u);
5256 if (r < 0)
5257 return r;
5258
5259 return 0;
5260 }
5261
5262 static void log_leftover(pid_t pid, int sig, void *userdata) {
5263 _cleanup_free_ char *comm = NULL;
5264
5265 (void) get_process_comm(pid, &comm);
5266
5267 if (comm && comm[0] == '(') /* Most likely our own helper process (PAM?), ignore */
5268 return;
5269
5270 log_unit_warning(userdata,
5271 "Found left-over process " PID_FMT " (%s) in control group while starting unit. Ignoring.\n"
5272 "This usually indicates unclean termination of a previous run, or service implementation deficiencies.",
5273 pid, strna(comm));
5274 }
5275
5276 void unit_warn_leftover_processes(Unit *u) {
5277 assert(u);
5278
5279 (void) unit_pick_cgroup_path(u);
5280
5281 if (!u->cgroup_path)
5282 return;
5283
5284 (void) cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, 0, 0, NULL, log_leftover, u);
5285 }
5286
5287 bool unit_needs_console(Unit *u) {
5288 ExecContext *ec;
5289 UnitActiveState state;
5290
5291 assert(u);
5292
5293 state = unit_active_state(u);
5294
5295 if (UNIT_IS_INACTIVE_OR_FAILED(state))
5296 return false;
5297
5298 if (UNIT_VTABLE(u)->needs_console)
5299 return UNIT_VTABLE(u)->needs_console(u);
5300
5301 /* If this unit type doesn't implement this call, let's use a generic fallback implementation: */
5302 ec = unit_get_exec_context(u);
5303 if (!ec)
5304 return false;
5305
5306 return exec_context_may_touch_console(ec);
5307 }
5308
5309 const char *unit_label_path(Unit *u) {
5310 const char *p;
5311
5312 /* Returns the file system path to use for MAC access decisions, i.e. the file to read the SELinux label off
5313 * when validating access checks. */
5314
5315 p = u->source_path ?: u->fragment_path;
5316 if (!p)
5317 return NULL;
5318
5319 /* If a unit is masked, then don't read the SELinux label of /dev/null, as that really makes no sense */
5320 if (path_equal(p, "/dev/null"))
5321 return NULL;
5322
5323 return p;
5324 }
5325
5326 int unit_pid_attachable(Unit *u, pid_t pid, sd_bus_error *error) {
5327 int r;
5328
5329 assert(u);
5330
5331 /* Checks whether the specified PID is generally good for attaching, i.e. a valid PID, not our manager itself,
5332 * and not a kernel thread either */
5333
5334 /* First, a simple range check */
5335 if (!pid_is_valid(pid))
5336 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process identifier " PID_FMT " is not valid.", pid);
5337
5338 /* Some extra safety check */
5339 if (pid == 1 || pid == getpid_cached())
5340 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a manager processs, refusing.", pid);
5341
5342 /* Don't even begin to bother with kernel threads */
5343 r = is_kernel_thread(pid);
5344 if (r == -ESRCH)
5345 return sd_bus_error_setf(error, SD_BUS_ERROR_UNIX_PROCESS_ID_UNKNOWN, "Process with ID " PID_FMT " does not exist.", pid);
5346 if (r < 0)
5347 return sd_bus_error_set_errnof(error, r, "Failed to determine whether process " PID_FMT " is a kernel thread: %m", pid);
5348 if (r > 0)
5349 return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Process " PID_FMT " is a kernel thread, refusing.", pid);
5350
5351 return 0;
5352 }
5353
5354 static const char* const collect_mode_table[_COLLECT_MODE_MAX] = {
5355 [COLLECT_INACTIVE] = "inactive",
5356 [COLLECT_INACTIVE_OR_FAILED] = "inactive-or-failed",
5357 };
5358
5359 DEFINE_STRING_TABLE_LOOKUP(collect_mode, CollectMode);
Unnamed repository; edit this file 'description' to name the repository.