From: Lennart Poettering Date: Thu, 15 May 2025 07:15:46 +0000 (+0200) Subject: core: pass the socket cookie to invoked per-connection service instances as $SO_COOKI... X-Git-Tag: v258-rc1~598^2~2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bfb1f9e2c9763b6989f9785ccd6f505dc1eddf97;p=thirdparty%2Fsystemd.git core: pass the socket cookie to invoked per-connection service instances as $SO_COOKIE env var The socket cookie is just too useful for identifying connections, let's emphasize this a bit and pass it as environment variable. --- diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml index 829149f561c..a63700afb33 100644 --- a/man/systemd.exec.xml +++ b/man/systemd.exec.xml @@ -4412,6 +4412,17 @@ StandardInputData=V2XigLJyZSBubyBzdHJhbmdlcnMgdG8gbG92ZQpZb3Uga25vdyB0aGUgcnVsZX + + $SO_COOKIE + + If this is a unit started via per-connection socket activation (i.e. via a socket + unit with Accept=yes), this environment variable contains the Linux socket + cookie, formatted as decimal integer. The socket cookie can otherwise be acquired via getsockopt7. + + + + $TRIGGER_UNIT $TRIGGER_PATH diff --git a/man/systemd.socket.xml b/man/systemd.socket.xml index acec1f1047f..39bd0dd6262 100644 --- a/man/systemd.socket.xml +++ b/man/systemd.socket.xml @@ -425,13 +425,19 @@ above for a more detailed discussion of the naming rules of triggered services. For IPv4 and IPv6 connections, the $REMOTE_ADDR environment variable will - contain the remote IP address, and $REMOTE_PORT will contain the remote port. This - is the same as the format used by CGI. + contain the remote IP address, and $REMOTE_PORT will contain the remote port + number. These two variables correspond to those defined by the CGI interface for web services (see + RFC 3875). For AF_UNIX socket connections, the $REMOTE_ADDR environment variable will contain either the remote socket's file system path starting with a slash (/) or its address in the abstract namespace starting with an at symbol - (@). If the socket is unnamed, $REMOTE_ADDR will not be set. + (@). If the socket is unnamed, $REMOTE_ADDR will not be + set. + + The $SO_COOKIE environment variable is set to the Linux socket cookie, + formatted as decimal integer. The socket cookie can otherwise be acquired via getsockopt7. It is recommended to set CollectMode=inactive-or-failed for service instances activated via Accept=yes, to ensure that failed connection services are diff --git a/src/core/service.c b/src/core/service.c index 141c85745a1..46e8ff6239e 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -1749,7 +1749,7 @@ static int service_spawn_internal( if (r < 0) return r; - our_env = new0(char*, 15); + our_env = new0(char*, 16); if (!our_env) return -ENOMEM; @@ -1821,6 +1821,14 @@ static int service_spawn_internal( our_env[n_env++] = t; } } + + uint64_t cookie; + if (socket_get_cookie(s->socket_fd, &cookie) >= 0) { + char *t; + if (asprintf(&t, "SO_COOKIE=%" PRIu64, cookie) < 0) + return -ENOMEM; + our_env[n_env++] = t; + } } Service *env_source = NULL;