summaryrefslogtreecommitdiff
path: root/src/core
diff options
context:
space:
mode:
Diffstat (limited to 'src/core')
-rw-r--r--src/core/.gitignore3
l---------src/core/Makefile1
-rw-r--r--src/core/audit-fd.c73
-rw-r--r--src/core/audit-fd.h23
-rw-r--r--src/core/automount.c1134
-rw-r--r--src/core/automount.h59
-rw-r--r--src/core/bus-policy.c180
-rw-r--r--src/core/bus-policy.h64
-rw-r--r--src/core/busname.c1081
-rw-r--r--src/core/busname.h69
-rw-r--r--src/core/cgroup.c2170
-rw-r--r--src/core/cgroup.h187
-rw-r--r--src/core/dbus-automount.c88
-rw-r--r--src/core/dbus-automount.h25
-rw-r--r--src/core/dbus-busname.c37
-rw-r--r--src/core/dbus-busname.h23
-rw-r--r--src/core/dbus-cgroup.c1158
-rw-r--r--src/core/dbus-cgroup.h28
-rw-r--r--src/core/dbus-device.c28
-rw-r--r--src/core/dbus-device.h24
-rw-r--r--src/core/dbus-execute.c1665
-rw-r--r--src/core/dbus-execute.h45
-rw-r--r--src/core/dbus-job.c193
-rw-r--r--src/core/dbus-job.h31
-rw-r--r--src/core/dbus-kill.c122
-rw-r--r--src/core/dbus-kill.h29
-rw-r--r--src/core/dbus-manager.c2541
-rw-r--r--src/core/dbus-manager.h28
-rw-r--r--src/core/dbus-mount.c218
-rw-r--r--src/core/dbus-mount.h29
-rw-r--r--src/core/dbus-path.c86
-rw-r--r--src/core/dbus-path.h24
-rw-r--r--src/core/dbus-scope.c229
-rw-r--r--src/core/dbus-scope.h31
-rw-r--r--src/core/dbus-service.c326
-rw-r--r--src/core/dbus-service.h29
-rw-r--r--src/core/dbus-slice.c52
-rw-r--r--src/core/dbus-slice.h29
-rw-r--r--src/core/dbus-socket.c187
-rw-r--r--src/core/dbus-socket.h29
-rw-r--r--src/core/dbus-swap.c117
-rw-r--r--src/core/dbus-swap.h30
-rw-r--r--src/core/dbus-target.c26
-rw-r--r--src/core/dbus-target.h24
-rw-r--r--src/core/dbus-timer.c352
-rw-r--r--src/core/dbus-timer.h28
-rw-r--r--src/core/dbus-unit.c1576
-rw-r--r--src/core/dbus-unit.h47
-rw-r--r--src/core/dbus.c1236
-rw-r--r--src/core/dbus.h43
-rw-r--r--src/core/device.c876
-rw-r--r--src/core/device.h47
-rw-r--r--src/core/dynamic-user.c794
-rw-r--r--src/core/dynamic-user.h66
-rw-r--r--src/core/emergency-action.c128
-rw-r--r--src/core/emergency-action.h41
-rw-r--r--src/core/execute.c4000
-rw-r--r--src/core/execute.h316
-rw-r--r--src/core/hostname-setup.c68
-rw-r--r--src/core/hostname-setup.h22
-rw-r--r--src/core/ima-setup.c80
-rw-r--r--src/core/ima-setup.h24
-rw-r--r--src/core/job.c1263
-rw-r--r--src/core/job.h242
-rw-r--r--src/core/kill.c68
-rw-r--r--src/core/kill.h65
-rw-r--r--src/core/killall.c248
-rw-r--r--src/core/killall.h22
-rw-r--r--src/core/kmod-setup.c128
-rw-r--r--src/core/kmod-setup.h22
-rw-r--r--src/core/load-dropin.c90
-rw-r--r--src/core/load-dropin.h34
-rw-r--r--src/core/load-fragment-gperf.gperf.m4412
-rw-r--r--src/core/load-fragment.c4387
-rw-r--r--src/core/load-fragment.h128
-rw-r--r--src/core/locale-setup.c124
-rw-r--r--src/core/locale-setup.h22
-rw-r--r--src/core/loopback-setup.c90
-rw-r--r--src/core/loopback-setup.h22
-rw-r--r--src/core/machine-id-setup.c258
-rw-r--r--src/core/machine-id-setup.h23
-rw-r--r--src/core/macros.systemd.in113
-rw-r--r--src/core/main.c2204
-rw-r--r--src/core/manager.c3575
-rw-r--r--src/core/manager.h405
-rw-r--r--src/core/mount-setup.c421
-rw-r--r--src/core/mount-setup.h30
-rw-r--r--src/core/mount.c1946
-rw-r--r--src/core/mount.h112
-rw-r--r--src/core/namespace.c1043
-rw-r--r--src/core/namespace.h74
-rw-r--r--src/core/org.freedesktop.systemd1.conf256
-rw-r--r--src/core/org.freedesktop.systemd1.policy.in.in70
-rw-r--r--src/core/org.freedesktop.systemd1.service11
-rw-r--r--src/core/path.c788
-rw-r--r--src/core/path.h93
-rw-r--r--src/core/scope.c636
-rw-r--r--src/core/scope.h58
-rw-r--r--src/core/selinux-access.c283
-rw-r--r--src/core/selinux-access.h45
-rw-r--r--src/core/selinux-setup.c121
-rw-r--r--src/core/selinux-setup.h24
-rw-r--r--src/core/service.c3469
-rw-r--r--src/core/service.h224
-rw-r--r--src/core/show-status.c129
-rw-r--r--src/core/show-status.h39
-rw-r--r--src/core/shutdown.c444
-rw-r--r--src/core/slice.c360
-rw-r--r--src/core/slice.h32
-rw-r--r--src/core/smack-setup.c346
-rw-r--r--src/core/smack-setup.h24
-rw-r--r--src/core/socket.c3134
-rw-r--r--src/core/socket.h197
-rw-r--r--src/core/swap.c1546
-rw-r--r--src/core/swap.h111
-rw-r--r--src/core/system.conf62
-rw-r--r--src/core/systemd.pc.in34
-rw-r--r--src/core/target.c228
-rw-r--r--src/core/target.h30
-rw-r--r--src/core/timer.c865
-rw-r--r--src/core/timer.h89
-rw-r--r--src/core/transaction.c1100
-rw-r--r--src/core/transaction.h51
-rw-r--r--src/core/triggers.systemd.in66
-rw-r--r--src/core/umount.c614
-rw-r--r--src/core/umount.h28
-rw-r--r--src/core/unit-printf.c304
-rw-r--r--src/core/unit-printf.h26
-rw-r--r--src/core/unit.c4283
-rw-r--r--src/core/unit.h679
-rw-r--r--src/core/user.conf44
131 files changed, 0 insertions, 60833 deletions
diff --git a/src/core/.gitignore b/src/core/.gitignore
deleted file mode 100644
index 465b4fcc20..0000000000
--- a/src/core/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-/macros.systemd
-/triggers.systemd
-/systemd.pc
diff --git a/src/core/Makefile b/src/core/Makefile
deleted file mode 120000
index d0b0e8e008..0000000000
--- a/src/core/Makefile
+++ /dev/null
@@ -1 +0,0 @@
-../Makefile \ No newline at end of file
diff --git a/src/core/audit-fd.c b/src/core/audit-fd.c
deleted file mode 100644
index 76afe3fe15..0000000000
--- a/src/core/audit-fd.c
+++ /dev/null
@@ -1,73 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-
-#include <errno.h>
-
-#include "audit-fd.h"
-
-#ifdef HAVE_AUDIT
-
-#include <libaudit.h>
-#include <stdbool.h>
-
-#include "fd-util.h"
-#include "log.h"
-#include "util.h"
-
-static bool initialized = false;
-static int audit_fd;
-
-int get_audit_fd(void) {
-
- if (!initialized) {
- audit_fd = audit_open();
-
- if (audit_fd < 0) {
- if (errno != EAFNOSUPPORT && errno != EPROTONOSUPPORT)
- log_error_errno(errno, "Failed to connect to audit log: %m");
-
- audit_fd = errno ? -errno : -EINVAL;
- }
-
- initialized = true;
- }
-
- return audit_fd;
-}
-
-void close_audit_fd(void) {
-
- if (initialized && audit_fd >= 0)
- safe_close(audit_fd);
-
- initialized = true;
- audit_fd = -ECONNRESET;
-}
-
-#else
-
-int get_audit_fd(void) {
- return -EAFNOSUPPORT;
-}
-
-void close_audit_fd(void) {
-}
-
-#endif
diff --git a/src/core/audit-fd.h b/src/core/audit-fd.h
deleted file mode 100644
index 0eccb59210..0000000000
--- a/src/core/audit-fd.h
+++ /dev/null
@@ -1,23 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int get_audit_fd(void);
-void close_audit_fd(void);
diff --git a/src/core/automount.c b/src/core/automount.c
deleted file mode 100644
index 7d7a0a6e46..0000000000
--- a/src/core/automount.c
+++ /dev/null
@@ -1,1134 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <fcntl.h>
-#include <limits.h>
-#include <linux/auto_dev-ioctl.h>
-#include <linux/auto_fs4.h>
-#include <sys/epoll.h>
-#include <sys/mount.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "async.h"
-#include "automount.h"
-#include "bus-error.h"
-#include "bus-util.h"
-#include "dbus-automount.h"
-#include "fd-util.h"
-#include "formats-util.h"
-#include "io-util.h"
-#include "label.h"
-#include "mkdir.h"
-#include "mount-util.h"
-#include "mount.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "special.h"
-#include "stdio-util.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "unit-name.h"
-#include "unit.h"
-
-static const UnitActiveState state_translation_table[_AUTOMOUNT_STATE_MAX] = {
- [AUTOMOUNT_DEAD] = UNIT_INACTIVE,
- [AUTOMOUNT_WAITING] = UNIT_ACTIVE,
- [AUTOMOUNT_RUNNING] = UNIT_ACTIVE,
- [AUTOMOUNT_FAILED] = UNIT_FAILED
-};
-
-struct expire_data {
- int dev_autofs_fd;
- int ioctl_fd;
-};
-
-static inline void expire_data_free(struct expire_data *data) {
- if (!data)
- return;
-
- safe_close(data->dev_autofs_fd);
- safe_close(data->ioctl_fd);
- free(data);
-}
-
-DEFINE_TRIVIAL_CLEANUP_FUNC(struct expire_data*, expire_data_free);
-
-static int open_dev_autofs(Manager *m);
-static int automount_dispatch_io(sd_event_source *s, int fd, uint32_t events, void *userdata);
-static int automount_start_expire(Automount *a);
-static void automount_stop_expire(Automount *a);
-static int automount_send_ready(Automount *a, Set *tokens, int status);
-
-static void automount_init(Unit *u) {
- Automount *a = AUTOMOUNT(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- a->pipe_fd = -1;
- a->directory_mode = 0755;
- UNIT(a)->ignore_on_isolate = true;
-}
-
-static void unmount_autofs(Automount *a) {
- int r;
-
- assert(a);
-
- if (a->pipe_fd < 0)
- return;
-
- a->pipe_event_source = sd_event_source_unref(a->pipe_event_source);
- a->pipe_fd = safe_close(a->pipe_fd);
-
- /* If we reload/reexecute things we keep the mount point
- * around */
- if (a->where &&
- (UNIT(a)->manager->exit_code != MANAGER_RELOAD &&
- UNIT(a)->manager->exit_code != MANAGER_REEXECUTE)) {
- automount_send_ready(a, a->tokens, -EHOSTDOWN);
- automount_send_ready(a, a->expire_tokens, -EHOSTDOWN);
-
- r = repeat_unmount(a->where, MNT_DETACH);
- if (r < 0)
- log_error_errno(r, "Failed to unmount: %m");
- }
-}
-
-static void automount_done(Unit *u) {
- Automount *a = AUTOMOUNT(u);
-
- assert(a);
-
- unmount_autofs(a);
-
- a->where = mfree(a->where);
-
- a->tokens = set_free(a->tokens);
- a->expire_tokens = set_free(a->expire_tokens);
-
- a->expire_event_source = sd_event_source_unref(a->expire_event_source);
-}
-
-static int automount_add_mount_links(Automount *a) {
- _cleanup_free_ char *parent = NULL;
-
- assert(a);
-
- parent = dirname_malloc(a->where);
- if (!parent)
- return -ENOMEM;
-
- return unit_require_mounts_for(UNIT(a), parent);
-}
-
-static int automount_add_default_dependencies(Automount *a) {
- int r;
-
- assert(a);
-
- if (!UNIT(a)->default_dependencies)
- return 0;
-
- if (!MANAGER_IS_SYSTEM(UNIT(a)->manager))
- return 0;
-
- r = unit_add_two_dependencies_by_name(UNIT(a), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int automount_verify(Automount *a) {
- _cleanup_free_ char *e = NULL;
- int r;
-
- assert(a);
-
- if (UNIT(a)->load_state != UNIT_LOADED)
- return 0;
-
- if (path_equal(a->where, "/")) {
- log_unit_error(UNIT(a), "Cannot have an automount unit for the root directory. Refusing.");
- return -EINVAL;
- }
-
- r = unit_name_from_path(a->where, ".automount", &e);
- if (r < 0)
- return log_unit_error(UNIT(a), "Failed to generate unit name from path: %m");
-
- if (!unit_has_name(UNIT(a), e)) {
- log_unit_error(UNIT(a), "Where= setting doesn't match unit name. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int automount_load(Unit *u) {
- Automount *a = AUTOMOUNT(u);
- int r;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- /* Load a .automount file */
- r = unit_load_fragment_and_dropin_optional(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
- Unit *x;
-
- if (!a->where) {
- r = unit_name_to_path(u->id, &a->where);
- if (r < 0)
- return r;
- }
-
- path_kill_slashes(a->where);
-
- r = unit_load_related_unit(u, ".mount", &x);
- if (r < 0)
- return r;
-
- r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, x, true);
- if (r < 0)
- return r;
-
- r = automount_add_mount_links(a);
- if (r < 0)
- return r;
-
- r = automount_add_default_dependencies(a);
- if (r < 0)
- return r;
- }
-
- return automount_verify(a);
-}
-
-static void automount_set_state(Automount *a, AutomountState state) {
- AutomountState old_state;
- assert(a);
-
- old_state = a->state;
- a->state = state;
-
- if (state != AUTOMOUNT_RUNNING)
- automount_stop_expire(a);
-
- if (state != AUTOMOUNT_WAITING &&
- state != AUTOMOUNT_RUNNING)
- unmount_autofs(a);
-
- if (state != old_state)
- log_unit_debug(UNIT(a), "Changed %s -> %s", automount_state_to_string(old_state), automount_state_to_string(state));
-
- unit_notify(UNIT(a), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int automount_coldplug(Unit *u) {
- Automount *a = AUTOMOUNT(u);
- int r;
-
- assert(a);
- assert(a->state == AUTOMOUNT_DEAD);
-
- if (a->deserialized_state != a->state) {
-
- r = open_dev_autofs(u->manager);
- if (r < 0)
- return r;
-
- if (a->deserialized_state == AUTOMOUNT_WAITING ||
- a->deserialized_state == AUTOMOUNT_RUNNING) {
- assert(a->pipe_fd >= 0);
-
- r = sd_event_add_io(u->manager->event, &a->pipe_event_source, a->pipe_fd, EPOLLIN, automount_dispatch_io, u);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(a->pipe_event_source, "automount-io");
- if (a->deserialized_state == AUTOMOUNT_RUNNING) {
- r = automount_start_expire(a);
- if (r < 0)
- log_unit_warning_errno(UNIT(a), r, "Failed to start expiration timer, ignoring: %m");
- }
- }
-
- automount_set_state(a, a->deserialized_state);
- }
-
- return 0;
-}
-
-static void automount_dump(Unit *u, FILE *f, const char *prefix) {
- char time_string[FORMAT_TIMESPAN_MAX];
- Automount *a = AUTOMOUNT(u);
-
- assert(a);
-
- fprintf(f,
- "%sAutomount State: %s\n"
- "%sResult: %s\n"
- "%sWhere: %s\n"
- "%sDirectoryMode: %04o\n"
- "%sTimeoutIdleUSec: %s\n",
- prefix, automount_state_to_string(a->state),
- prefix, automount_result_to_string(a->result),
- prefix, a->where,
- prefix, a->directory_mode,
- prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, a->timeout_idle_usec, USEC_PER_SEC));
-}
-
-static void automount_enter_dead(Automount *a, AutomountResult f) {
- assert(a);
-
- if (a->result == AUTOMOUNT_SUCCESS)
- a->result = f;
-
- automount_set_state(a, a->result != AUTOMOUNT_SUCCESS ? AUTOMOUNT_FAILED : AUTOMOUNT_DEAD);
-}
-
-static int open_dev_autofs(Manager *m) {
- struct autofs_dev_ioctl param;
-
- assert(m);
-
- if (m->dev_autofs_fd >= 0)
- return m->dev_autofs_fd;
-
- label_fix("/dev/autofs", false, false);
-
- m->dev_autofs_fd = open("/dev/autofs", O_CLOEXEC|O_RDONLY);
- if (m->dev_autofs_fd < 0)
- return log_error_errno(errno, "Failed to open /dev/autofs: %m");
-
- init_autofs_dev_ioctl(&param);
- if (ioctl(m->dev_autofs_fd, AUTOFS_DEV_IOCTL_VERSION, &param) < 0) {
- m->dev_autofs_fd = safe_close(m->dev_autofs_fd);
- return -errno;
- }
-
- log_debug("Autofs kernel version %i.%i", param.ver_major, param.ver_minor);
-
- return m->dev_autofs_fd;
-}
-
-static int open_ioctl_fd(int dev_autofs_fd, const char *where, dev_t devid) {
- struct autofs_dev_ioctl *param;
- size_t l;
-
- assert(dev_autofs_fd >= 0);
- assert(where);
-
- l = sizeof(struct autofs_dev_ioctl) + strlen(where) + 1;
- param = alloca(l);
-
- init_autofs_dev_ioctl(param);
- param->size = l;
- param->ioctlfd = -1;
- param->openmount.devid = devid;
- strcpy(param->path, where);
-
- if (ioctl(dev_autofs_fd, AUTOFS_DEV_IOCTL_OPENMOUNT, param) < 0)
- return -errno;
-
- if (param->ioctlfd < 0)
- return -EIO;
-
- (void) fd_cloexec(param->ioctlfd, true);
- return param->ioctlfd;
-}
-
-static int autofs_protocol(int dev_autofs_fd, int ioctl_fd) {
- uint32_t major, minor;
- struct autofs_dev_ioctl param;
-
- assert(dev_autofs_fd >= 0);
- assert(ioctl_fd >= 0);
-
- init_autofs_dev_ioctl(&param);
- param.ioctlfd = ioctl_fd;
-
- if (ioctl(dev_autofs_fd, AUTOFS_DEV_IOCTL_PROTOVER, &param) < 0)
- return -errno;
-
- major = param.protover.version;
-
- init_autofs_dev_ioctl(&param);
- param.ioctlfd = ioctl_fd;
-
- if (ioctl(dev_autofs_fd, AUTOFS_DEV_IOCTL_PROTOSUBVER, &param) < 0)
- return -errno;
-
- minor = param.protosubver.sub_version;
-
- log_debug("Autofs protocol version %i.%i", major, minor);
- return 0;
-}
-
-static int autofs_set_timeout(int dev_autofs_fd, int ioctl_fd, usec_t usec) {
- struct autofs_dev_ioctl param;
-
- assert(dev_autofs_fd >= 0);
- assert(ioctl_fd >= 0);
-
- init_autofs_dev_ioctl(&param);
- param.ioctlfd = ioctl_fd;
-
- /* Convert to seconds, rounding up. */
- param.timeout.timeout = (usec + USEC_PER_SEC - 1) / USEC_PER_SEC;
-
- if (ioctl(dev_autofs_fd, AUTOFS_DEV_IOCTL_TIMEOUT, &param) < 0)
- return -errno;
-
- return 0;
-}
-
-static int autofs_send_ready(int dev_autofs_fd, int ioctl_fd, uint32_t token, int status) {
- struct autofs_dev_ioctl param;
-
- assert(dev_autofs_fd >= 0);
- assert(ioctl_fd >= 0);
-
- init_autofs_dev_ioctl(&param);
- param.ioctlfd = ioctl_fd;
-
- if (status != 0) {
- param.fail.token = token;
- param.fail.status = status;
- } else
- param.ready.token = token;
-
- if (ioctl(dev_autofs_fd, status ? AUTOFS_DEV_IOCTL_FAIL : AUTOFS_DEV_IOCTL_READY, &param) < 0)
- return -errno;
-
- return 0;
-}
-
-static int automount_send_ready(Automount *a, Set *tokens, int status) {
- _cleanup_close_ int ioctl_fd = -1;
- unsigned token;
- int r;
-
- assert(a);
- assert(status <= 0);
-
- if (set_isempty(tokens))
- return 0;
-
- ioctl_fd = open_ioctl_fd(UNIT(a)->manager->dev_autofs_fd, a->where, a->dev_id);
- if (ioctl_fd < 0)
- return ioctl_fd;
-
- if (status != 0)
- log_unit_debug_errno(UNIT(a), status, "Sending failure: %m");
- else
- log_unit_debug(UNIT(a), "Sending success.");
-
- r = 0;
-
- /* Autofs thankfully does not hand out 0 as a token */
- while ((token = PTR_TO_UINT(set_steal_first(tokens)))) {
- int k;
-
- /* Autofs fun fact II:
- *
- * if you pass a positive status code here, the kernel will
- * freeze! Yay! */
-
- k = autofs_send_ready(UNIT(a)->manager->dev_autofs_fd,
- ioctl_fd,
- token,
- status);
- if (k < 0)
- r = k;
- }
-
- return r;
-}
-
-static void automount_trigger_notify(Unit *u, Unit *other) {
- Automount *a = AUTOMOUNT(u);
- int r;
-
- assert(a);
- assert(other);
-
- /* Filter out invocations with bogus state */
- if (other->load_state != UNIT_LOADED || other->type != UNIT_MOUNT)
- return;
-
- /* Don't propagate state changes from the mount if we are already down */
- if (!IN_SET(a->state, AUTOMOUNT_WAITING, AUTOMOUNT_RUNNING))
- return;
-
- /* Propagate start limit hit state */
- if (other->start_limit_hit) {
- automount_enter_dead(a, AUTOMOUNT_FAILURE_MOUNT_START_LIMIT_HIT);
- return;
- }
-
- /* Don't propagate anything if there's still a job queued */
- if (other->job)
- return;
-
- /* The mount is successfully established */
- if (IN_SET(MOUNT(other)->state, MOUNT_MOUNTED, MOUNT_REMOUNTING)) {
- (void) automount_send_ready(a, a->tokens, 0);
-
- r = automount_start_expire(a);
- if (r < 0)
- log_unit_warning_errno(UNIT(a), r, "Failed to start expiration timer, ignoring: %m");
-
- automount_set_state(a, AUTOMOUNT_RUNNING);
- }
-
- if (IN_SET(MOUNT(other)->state,
- MOUNT_MOUNTING, MOUNT_MOUNTING_DONE,
- MOUNT_MOUNTED, MOUNT_REMOUNTING,
- MOUNT_MOUNTING_SIGTERM, MOUNT_MOUNTING_SIGKILL,
- MOUNT_REMOUNTING_SIGTERM, MOUNT_REMOUNTING_SIGKILL,
- MOUNT_UNMOUNTING_SIGTERM, MOUNT_UNMOUNTING_SIGKILL,
- MOUNT_FAILED)) {
-
- (void) automount_send_ready(a, a->expire_tokens, -ENODEV);
- }
-
- if (MOUNT(other)->state == MOUNT_DEAD)
- (void) automount_send_ready(a, a->expire_tokens, 0);
-
- /* The mount is in some unhappy state now, let's unfreeze any waiting clients */
- if (IN_SET(MOUNT(other)->state,
- MOUNT_DEAD, MOUNT_UNMOUNTING,
- MOUNT_MOUNTING_SIGTERM, MOUNT_MOUNTING_SIGKILL,
- MOUNT_REMOUNTING_SIGTERM, MOUNT_REMOUNTING_SIGKILL,
- MOUNT_UNMOUNTING_SIGTERM, MOUNT_UNMOUNTING_SIGKILL,
- MOUNT_FAILED)) {
-
- (void) automount_send_ready(a, a->tokens, -ENODEV);
-
- automount_set_state(a, AUTOMOUNT_WAITING);
- }
-}
-
-static void automount_enter_waiting(Automount *a) {
- _cleanup_close_ int ioctl_fd = -1;
- int p[2] = { -1, -1 };
- char name[sizeof("systemd-")-1 + DECIMAL_STR_MAX(pid_t) + 1];
- char options[sizeof("fd=,pgrp=,minproto=5,maxproto=5,direct")-1
- + DECIMAL_STR_MAX(int) + DECIMAL_STR_MAX(gid_t) + 1];
- bool mounted = false;
- int r, dev_autofs_fd;
- struct stat st;
-
- assert(a);
- assert(a->pipe_fd < 0);
- assert(a->where);
-
- set_clear(a->tokens);
-
- r = unit_fail_if_symlink(UNIT(a), a->where);
- if (r < 0)
- goto fail;
-
- (void) mkdir_p_label(a->where, 0555);
-
- unit_warn_if_dir_nonempty(UNIT(a), a->where);
-
- dev_autofs_fd = open_dev_autofs(UNIT(a)->manager);
- if (dev_autofs_fd < 0) {
- r = dev_autofs_fd;
- goto fail;
- }
-
- if (pipe2(p, O_NONBLOCK|O_CLOEXEC) < 0) {
- r = -errno;
- goto fail;
- }
-
- xsprintf(options, "fd=%i,pgrp="PID_FMT",minproto=5,maxproto=5,direct", p[1], getpgrp());
- xsprintf(name, "systemd-"PID_FMT, getpid());
- if (mount(name, a->where, "autofs", 0, options) < 0) {
- r = -errno;
- goto fail;
- }
-
- mounted = true;
-
- p[1] = safe_close(p[1]);
-
- if (stat(a->where, &st) < 0) {
- r = -errno;
- goto fail;
- }
-
- ioctl_fd = open_ioctl_fd(dev_autofs_fd, a->where, st.st_dev);
- if (ioctl_fd < 0) {
- r = ioctl_fd;
- goto fail;
- }
-
- r = autofs_protocol(dev_autofs_fd, ioctl_fd);
- if (r < 0)
- goto fail;
-
- r = autofs_set_timeout(dev_autofs_fd, ioctl_fd, a->timeout_idle_usec);
- if (r < 0)
- goto fail;
-
- /* Autofs fun fact:
- *
- * Unless we close the ioctl fd here, for some weird reason
- * the direct mount will not receive events from the
- * kernel. */
-
- r = sd_event_add_io(UNIT(a)->manager->event, &a->pipe_event_source, p[0], EPOLLIN, automount_dispatch_io, a);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(a->pipe_event_source, "automount-io");
-
- a->pipe_fd = p[0];
- a->dev_id = st.st_dev;
-
- automount_set_state(a, AUTOMOUNT_WAITING);
-
- return;
-
-fail:
- log_unit_error_errno(UNIT(a), r, "Failed to initialize automounter: %m");
-
- safe_close_pair(p);
-
- if (mounted) {
- r = repeat_unmount(a->where, MNT_DETACH);
- if (r < 0)
- log_error_errno(r, "Failed to unmount, ignoring: %m");
- }
-
- automount_enter_dead(a, AUTOMOUNT_FAILURE_RESOURCES);
-}
-
-static void *expire_thread(void *p) {
- struct autofs_dev_ioctl param;
- _cleanup_(expire_data_freep) struct expire_data *data = (struct expire_data*)p;
- int r;
-
- assert(data->dev_autofs_fd >= 0);
- assert(data->ioctl_fd >= 0);
-
- init_autofs_dev_ioctl(&param);
- param.ioctlfd = data->ioctl_fd;
-
- do {
- r = ioctl(data->dev_autofs_fd, AUTOFS_DEV_IOCTL_EXPIRE, &param);
- } while (r >= 0);
-
- if (errno != EAGAIN)
- log_warning_errno(errno, "Failed to expire automount, ignoring: %m");
-
- return NULL;
-}
-
-static int automount_dispatch_expire(sd_event_source *source, usec_t usec, void *userdata) {
- Automount *a = AUTOMOUNT(userdata);
- _cleanup_(expire_data_freep) struct expire_data *data = NULL;
- int r;
-
- assert(a);
- assert(source == a->expire_event_source);
-
- data = new0(struct expire_data, 1);
- if (!data)
- return log_oom();
-
- data->ioctl_fd = -1;
-
- data->dev_autofs_fd = fcntl(UNIT(a)->manager->dev_autofs_fd, F_DUPFD_CLOEXEC, 3);
- if (data->dev_autofs_fd < 0)
- return log_unit_error_errno(UNIT(a), errno, "Failed to duplicate autofs fd: %m");
-
- data->ioctl_fd = open_ioctl_fd(UNIT(a)->manager->dev_autofs_fd, a->where, a->dev_id);
- if (data->ioctl_fd < 0)
- return log_unit_error_errno(UNIT(a), data->ioctl_fd, "Couldn't open autofs ioctl fd: %m");
-
- r = asynchronous_job(expire_thread, data);
- if (r < 0)
- return log_unit_error_errno(UNIT(a), r, "Failed to start expire job: %m");
-
- data = NULL;
-
- return automount_start_expire(a);
-}
-
-static int automount_start_expire(Automount *a) {
- int r;
- usec_t timeout;
-
- assert(a);
-
- if (a->timeout_idle_usec == 0)
- return 0;
-
- timeout = now(CLOCK_MONOTONIC) + MAX(a->timeout_idle_usec/3, USEC_PER_SEC);
-
- if (a->expire_event_source) {
- r = sd_event_source_set_time(a->expire_event_source, timeout);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(a->expire_event_source, SD_EVENT_ONESHOT);
- }
-
- r = sd_event_add_time(
- UNIT(a)->manager->event,
- &a->expire_event_source,
- CLOCK_MONOTONIC, timeout, 0,
- automount_dispatch_expire, a);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(a->expire_event_source, "automount-expire");
-
- return 0;
-}
-
-static void automount_stop_expire(Automount *a) {
- assert(a);
-
- if (!a->expire_event_source)
- return;
-
- (void) sd_event_source_set_enabled(a->expire_event_source, SD_EVENT_OFF);
-}
-
-static void automount_enter_runnning(Automount *a) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- struct stat st;
- int r;
-
- assert(a);
-
- /* We don't take mount requests anymore if we are supposed to
- * shut down anyway */
- if (unit_stop_pending(UNIT(a))) {
- log_unit_debug(UNIT(a), "Suppressing automount request since unit stop is scheduled.");
- automount_send_ready(a, a->tokens, -EHOSTDOWN);
- automount_send_ready(a, a->expire_tokens, -EHOSTDOWN);
- return;
- }
-
- mkdir_p_label(a->where, a->directory_mode);
-
- /* Before we do anything, let's see if somebody is playing games with us? */
- if (lstat(a->where, &st) < 0) {
- log_unit_warning_errno(UNIT(a), errno, "Failed to stat automount point: %m");
- goto fail;
- }
-
- if (!S_ISDIR(st.st_mode) || st.st_dev != a->dev_id)
- log_unit_info(UNIT(a), "Automount point already active?");
- else {
- Unit *trigger;
-
- trigger = UNIT_TRIGGER(UNIT(a));
- if (!trigger) {
- log_unit_error(UNIT(a), "Unit to trigger vanished.");
- goto fail;
- }
-
- r = manager_add_job(UNIT(a)->manager, JOB_START, trigger, JOB_REPLACE, &error, NULL);
- if (r < 0) {
- log_unit_warning(UNIT(a), "Failed to queue mount startup job: %s", bus_error_message(&error, r));
- goto fail;
- }
- }
-
- automount_set_state(a, AUTOMOUNT_RUNNING);
- return;
-
-fail:
- automount_enter_dead(a, AUTOMOUNT_FAILURE_RESOURCES);
-}
-
-static int automount_start(Unit *u) {
- Automount *a = AUTOMOUNT(u);
- Unit *trigger;
- int r;
-
- assert(a);
- assert(a->state == AUTOMOUNT_DEAD || a->state == AUTOMOUNT_FAILED);
-
- if (path_is_mount_point(a->where, 0) > 0) {
- log_unit_error(u, "Path %s is already a mount point, refusing start.", a->where);
- return -EEXIST;
- }
-
- trigger = UNIT_TRIGGER(u);
- if (!trigger || trigger->load_state != UNIT_LOADED) {
- log_unit_error(u, "Refusing to start, unit to trigger not loaded.");
- return -ENOENT;
- }
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- automount_enter_dead(a, AUTOMOUNT_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- a->result = AUTOMOUNT_SUCCESS;
- automount_enter_waiting(a);
- return 1;
-}
-
-static int automount_stop(Unit *u) {
- Automount *a = AUTOMOUNT(u);
-
- assert(a);
- assert(a->state == AUTOMOUNT_WAITING || a->state == AUTOMOUNT_RUNNING);
-
- automount_enter_dead(a, AUTOMOUNT_SUCCESS);
- return 1;
-}
-
-static int automount_serialize(Unit *u, FILE *f, FDSet *fds) {
- Automount *a = AUTOMOUNT(u);
- Iterator i;
- void *p;
- int r;
-
- assert(a);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", automount_state_to_string(a->state));
- unit_serialize_item(u, f, "result", automount_result_to_string(a->result));
- unit_serialize_item_format(u, f, "dev-id", "%u", (unsigned) a->dev_id);
-
- SET_FOREACH(p, a->tokens, i)
- unit_serialize_item_format(u, f, "token", "%u", PTR_TO_UINT(p));
- SET_FOREACH(p, a->expire_tokens, i)
- unit_serialize_item_format(u, f, "expire-token", "%u", PTR_TO_UINT(p));
-
- r = unit_serialize_item_fd(u, f, fds, "pipe-fd", a->pipe_fd);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int automount_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Automount *a = AUTOMOUNT(u);
- int r;
-
- assert(a);
- assert(fds);
-
- if (streq(key, "state")) {
- AutomountState state;
-
- state = automount_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- a->deserialized_state = state;
- } else if (streq(key, "result")) {
- AutomountResult f;
-
- f = automount_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != AUTOMOUNT_SUCCESS)
- a->result = f;
-
- } else if (streq(key, "dev-id")) {
- unsigned d;
-
- if (safe_atou(value, &d) < 0)
- log_unit_debug(u, "Failed to parse dev-id value: %s", value);
- else
- a->dev_id = (unsigned) d;
- } else if (streq(key, "token")) {
- unsigned token;
-
- if (safe_atou(value, &token) < 0)
- log_unit_debug(u, "Failed to parse token value: %s", value);
- else {
- r = set_ensure_allocated(&a->tokens, NULL);
- if (r < 0) {
- log_oom();
- return 0;
- }
-
- r = set_put(a->tokens, UINT_TO_PTR(token));
- if (r < 0)
- log_unit_error_errno(u, r, "Failed to add token to set: %m");
- }
- } else if (streq(key, "expire-token")) {
- unsigned token;
-
- if (safe_atou(value, &token) < 0)
- log_unit_debug(u, "Failed to parse token value: %s", value);
- else {
- r = set_ensure_allocated(&a->expire_tokens, NULL);
- if (r < 0) {
- log_oom();
- return 0;
- }
-
- r = set_put(a->expire_tokens, UINT_TO_PTR(token));
- if (r < 0)
- log_unit_error_errno(u, r, "Failed to add expire token to set: %m");
- }
- } else if (streq(key, "pipe-fd")) {
- int fd;
-
- if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse pipe-fd value: %s", value);
- else {
- safe_close(a->pipe_fd);
- a->pipe_fd = fdset_remove(fds, fd);
- }
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-static UnitActiveState automount_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[AUTOMOUNT(u)->state];
-}
-
-static const char *automount_sub_state_to_string(Unit *u) {
- assert(u);
-
- return automount_state_to_string(AUTOMOUNT(u)->state);
-}
-
-static bool automount_check_gc(Unit *u) {
- assert(u);
-
- if (!UNIT_TRIGGER(u))
- return false;
-
- return UNIT_VTABLE(UNIT_TRIGGER(u))->check_gc(UNIT_TRIGGER(u));
-}
-
-static int automount_dispatch_io(sd_event_source *s, int fd, uint32_t events, void *userdata) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- union autofs_v5_packet_union packet;
- Automount *a = AUTOMOUNT(userdata);
- struct stat st;
- Unit *trigger;
- int r;
-
- assert(a);
- assert(fd == a->pipe_fd);
-
- if (events != EPOLLIN) {
- log_unit_error(UNIT(a), "Got invalid poll event %"PRIu32" on pipe (fd=%d)", events, fd);
- goto fail;
- }
-
- r = loop_read_exact(a->pipe_fd, &packet, sizeof(packet), true);
- if (r < 0) {
- log_unit_error_errno(UNIT(a), r, "Invalid read from pipe: %m");
- goto fail;
- }
-
- switch (packet.hdr.type) {
-
- case autofs_ptype_missing_direct:
-
- if (packet.v5_packet.pid > 0) {
- _cleanup_free_ char *p = NULL;
-
- get_process_comm(packet.v5_packet.pid, &p);
- log_unit_info(UNIT(a), "Got automount request for %s, triggered by %"PRIu32" (%s)", a->where, packet.v5_packet.pid, strna(p));
- } else
- log_unit_debug(UNIT(a), "Got direct mount request on %s", a->where);
-
- r = set_ensure_allocated(&a->tokens, NULL);
- if (r < 0) {
- log_unit_error(UNIT(a), "Failed to allocate token set.");
- goto fail;
- }
-
- r = set_put(a->tokens, UINT_TO_PTR(packet.v5_packet.wait_queue_token));
- if (r < 0) {
- log_unit_error_errno(UNIT(a), r, "Failed to remember token: %m");
- goto fail;
- }
-
- automount_enter_runnning(a);
- break;
-
- case autofs_ptype_expire_direct:
- log_unit_debug(UNIT(a), "Got direct umount request on %s", a->where);
-
- automount_stop_expire(a);
-
- r = set_ensure_allocated(&a->expire_tokens, NULL);
- if (r < 0) {
- log_unit_error(UNIT(a), "Failed to allocate token set.");
- goto fail;
- }
-
- r = set_put(a->expire_tokens, UINT_TO_PTR(packet.v5_packet.wait_queue_token));
- if (r < 0) {
- log_unit_error_errno(UNIT(a), r, "Failed to remember token: %m");
- goto fail;
- }
-
- /* Before we do anything, let's see if somebody is playing games with us? */
- if (lstat(a->where, &st) < 0) {
- log_unit_warning_errno(UNIT(a), errno, "Failed to stat automount point: %m");
- goto fail;
- }
-
- if (!S_ISDIR(st.st_mode) || st.st_dev == a->dev_id) {
- log_unit_info(UNIT(a), "Automount point already unmounted?");
- automount_send_ready(a, a->expire_tokens, 0);
- break;
- }
-
- trigger = UNIT_TRIGGER(UNIT(a));
- if (!trigger) {
- log_unit_error(UNIT(a), "Unit to trigger vanished.");
- goto fail;
- }
-
- r = manager_add_job(UNIT(a)->manager, JOB_STOP, trigger, JOB_REPLACE, &error, NULL);
- if (r < 0) {
- log_unit_warning(UNIT(a), "Failed to queue umount startup job: %s", bus_error_message(&error, r));
- goto fail;
- }
- break;
-
- default:
- log_unit_error(UNIT(a), "Received unknown automount request %i", packet.hdr.type);
- break;
- }
-
- return 0;
-
-fail:
- automount_enter_dead(a, AUTOMOUNT_FAILURE_RESOURCES);
- return 0;
-}
-
-static void automount_shutdown(Manager *m) {
- assert(m);
-
- m->dev_autofs_fd = safe_close(m->dev_autofs_fd);
-}
-
-static void automount_reset_failed(Unit *u) {
- Automount *a = AUTOMOUNT(u);
-
- assert(a);
-
- if (a->state == AUTOMOUNT_FAILED)
- automount_set_state(a, AUTOMOUNT_DEAD);
-
- a->result = AUTOMOUNT_SUCCESS;
-}
-
-static bool automount_supported(void) {
- static int supported = -1;
-
- if (supported < 0)
- supported = access("/dev/autofs", F_OK) >= 0;
-
- return supported;
-}
-
-static const char* const automount_result_table[_AUTOMOUNT_RESULT_MAX] = {
- [AUTOMOUNT_SUCCESS] = "success",
- [AUTOMOUNT_FAILURE_RESOURCES] = "resources",
- [AUTOMOUNT_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
- [AUTOMOUNT_FAILURE_MOUNT_START_LIMIT_HIT] = "mount-start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(automount_result, AutomountResult);
-
-const UnitVTable automount_vtable = {
- .object_size = sizeof(Automount),
-
- .sections =
- "Unit\0"
- "Automount\0"
- "Install\0",
-
- .init = automount_init,
- .load = automount_load,
- .done = automount_done,
-
- .coldplug = automount_coldplug,
-
- .dump = automount_dump,
-
- .start = automount_start,
- .stop = automount_stop,
-
- .serialize = automount_serialize,
- .deserialize_item = automount_deserialize_item,
-
- .active_state = automount_active_state,
- .sub_state_to_string = automount_sub_state_to_string,
-
- .check_gc = automount_check_gc,
-
- .trigger_notify = automount_trigger_notify,
-
- .reset_failed = automount_reset_failed,
-
- .bus_vtable = bus_automount_vtable,
- .bus_set_property = bus_automount_set_property,
-
- .can_transient = true,
-
- .shutdown = automount_shutdown,
- .supported = automount_supported,
-
- .status_message_formats = {
- .finished_start_job = {
- [JOB_DONE] = "Set up automount %s.",
- [JOB_FAILED] = "Failed to set up automount %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Unset automount %s.",
- [JOB_FAILED] = "Failed to unset automount %s.",
- },
- },
-};
diff --git a/src/core/automount.h b/src/core/automount.h
deleted file mode 100644
index 76a201178e..0000000000
--- a/src/core/automount.h
+++ /dev/null
@@ -1,59 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Automount Automount;
-
-#include "unit.h"
-
-typedef enum AutomountResult {
- AUTOMOUNT_SUCCESS,
- AUTOMOUNT_FAILURE_RESOURCES,
- AUTOMOUNT_FAILURE_START_LIMIT_HIT,
- AUTOMOUNT_FAILURE_MOUNT_START_LIMIT_HIT,
- _AUTOMOUNT_RESULT_MAX,
- _AUTOMOUNT_RESULT_INVALID = -1
-} AutomountResult;
-
-struct Automount {
- Unit meta;
-
- AutomountState state, deserialized_state;
-
- char *where;
- usec_t timeout_idle_usec;
-
- int pipe_fd;
- sd_event_source *pipe_event_source;
- mode_t directory_mode;
- dev_t dev_id;
-
- Set *tokens;
- Set *expire_tokens;
-
- sd_event_source *expire_event_source;
-
- AutomountResult result;
-};
-
-extern const UnitVTable automount_vtable;
-
-const char* automount_result_to_string(AutomountResult i) _const_;
-AutomountResult automount_result_from_string(const char *s) _pure_;
diff --git a/src/core/bus-policy.c b/src/core/bus-policy.c
deleted file mode 100644
index 4907c268e8..0000000000
--- a/src/core/bus-policy.c
+++ /dev/null
@@ -1,180 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2014 Daniel Mack
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdlib.h>
-
-#include "alloc-util.h"
-#include "bus-kernel.h"
-#include "bus-policy.h"
-#include "kdbus.h"
-#include "string-table.h"
-#include "user-util.h"
-#include "util.h"
-
-int bus_kernel_translate_access(BusPolicyAccess access) {
- assert(access >= 0);
- assert(access < _BUS_POLICY_ACCESS_MAX);
-
- switch (access) {
-
- case BUS_POLICY_ACCESS_SEE:
- return KDBUS_POLICY_SEE;
-
- case BUS_POLICY_ACCESS_TALK:
- return KDBUS_POLICY_TALK;
-
- case BUS_POLICY_ACCESS_OWN:
- return KDBUS_POLICY_OWN;
-
- default:
- assert_not_reached("Unknown policy access");
- }
-}
-
-int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item) {
- int r;
-
- assert(policy);
- assert(item);
-
- switch (policy->type) {
-
- case BUSNAME_POLICY_TYPE_USER: {
- const char *user = policy->name;
- uid_t uid;
-
- r = get_user_creds(&user, &uid, NULL, NULL, NULL);
- if (r < 0)
- return r;
-
- item->policy_access.type = KDBUS_POLICY_ACCESS_USER;
- item->policy_access.id = uid;
- break;
- }
-
- case BUSNAME_POLICY_TYPE_GROUP: {
- const char *group = policy->name;
- gid_t gid;
-
- r = get_group_creds(&group, &gid);
- if (r < 0)
- return r;
-
- item->policy_access.type = KDBUS_POLICY_ACCESS_GROUP;
- item->policy_access.id = gid;
- break;
- }
-
- default:
- assert_not_reached("Unknown policy type");
- }
-
- item->policy_access.access = bus_kernel_translate_access(policy->access);
-
- return 0;
-}
-
-int bus_kernel_make_starter(
- int fd,
- const char *name,
- bool activating,
- bool accept_fd,
- BusNamePolicy *policy,
- BusPolicyAccess world_policy) {
-
- struct kdbus_cmd_free cmd_free = { .size = sizeof(cmd_free) };
- struct kdbus_cmd_hello *hello;
- struct kdbus_item *n;
- size_t policy_cnt = 0;
- BusNamePolicy *po;
- size_t size;
- int r;
-
- assert(fd >= 0);
- assert(name);
-
- LIST_FOREACH(policy, po, policy)
- policy_cnt++;
-
- if (world_policy >= 0)
- policy_cnt++;
-
- size = offsetof(struct kdbus_cmd_hello, items) +
- ALIGN8(offsetof(struct kdbus_item, str) + strlen(name) + 1) +
- policy_cnt * ALIGN8(offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access));
-
- hello = alloca0_align(size, 8);
-
- n = hello->items;
- strcpy(n->str, name);
- n->size = offsetof(struct kdbus_item, str) + strlen(n->str) + 1;
- n->type = KDBUS_ITEM_NAME;
- n = KDBUS_ITEM_NEXT(n);
-
- LIST_FOREACH(policy, po, policy) {
- n->type = KDBUS_ITEM_POLICY_ACCESS;
- n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
-
- r = bus_kernel_translate_policy(po, n);
- if (r < 0)
- return r;
-
- n = KDBUS_ITEM_NEXT(n);
- }
-
- if (world_policy >= 0) {
- n->type = KDBUS_ITEM_POLICY_ACCESS;
- n->size = offsetof(struct kdbus_item, policy_access) + sizeof(struct kdbus_policy_access);
- n->policy_access.type = KDBUS_POLICY_ACCESS_WORLD;
- n->policy_access.access = bus_kernel_translate_access(world_policy);
- }
-
- hello->size = size;
- hello->flags =
- (activating ? KDBUS_HELLO_ACTIVATOR : KDBUS_HELLO_POLICY_HOLDER) |
- (accept_fd ? KDBUS_HELLO_ACCEPT_FD : 0);
- hello->pool_size = KDBUS_POOL_SIZE;
- hello->attach_flags_send = _KDBUS_ATTACH_ANY;
- hello->attach_flags_recv = _KDBUS_ATTACH_ANY;
-
- if (ioctl(fd, KDBUS_CMD_HELLO, hello) < 0) {
- if (errno == ENOTTY) /* Major API change */
- return -ESOCKTNOSUPPORT;
- return -errno;
- }
-
- /* not interested in any output values */
- cmd_free.offset = hello->offset;
- (void) ioctl(fd, KDBUS_CMD_FREE, &cmd_free);
-
- /* The higher 32bit of the bus_flags fields are considered
- * 'incompatible flags'. Refuse them all for now. */
- if (hello->bus_flags > 0xFFFFFFFFULL)
- return -ESOCKTNOSUPPORT;
-
- return fd;
-}
-
-static const char* const bus_policy_access_table[_BUS_POLICY_ACCESS_MAX] = {
- [BUS_POLICY_ACCESS_SEE] = "see",
- [BUS_POLICY_ACCESS_TALK] = "talk",
- [BUS_POLICY_ACCESS_OWN] = "own",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(bus_policy_access, BusPolicyAccess);
diff --git a/src/core/bus-policy.h b/src/core/bus-policy.h
deleted file mode 100644
index 5b2c4d5953..0000000000
--- a/src/core/bus-policy.h
+++ /dev/null
@@ -1,64 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2014 Daniel Mack
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "kdbus.h"
-#include "list.h"
-#include "macro.h"
-
-typedef struct BusNamePolicy BusNamePolicy;
-
-typedef enum BusPolicyAccess {
- BUS_POLICY_ACCESS_SEE,
- BUS_POLICY_ACCESS_TALK,
- BUS_POLICY_ACCESS_OWN,
- _BUS_POLICY_ACCESS_MAX,
- _BUS_POLICY_ACCESS_INVALID = -1
-} BusPolicyAccess;
-
-typedef enum BusNamePolicyType {
- BUSNAME_POLICY_TYPE_USER,
- BUSNAME_POLICY_TYPE_GROUP,
- _BUSNAME_POLICY_TYPE_MAX,
- _BUSNAME_POLICY_TYPE_INVALID = -1
-} BusNamePolicyType;
-
-struct BusNamePolicy {
- BusNamePolicyType type;
- BusPolicyAccess access;
-
- char *name;
-
- LIST_FIELDS(BusNamePolicy, policy);
-};
-
-int bus_kernel_translate_access(BusPolicyAccess access);
-int bus_kernel_translate_policy(const BusNamePolicy *policy, struct kdbus_item *item);
-
-const char* bus_policy_access_to_string(BusPolicyAccess i) _const_;
-BusPolicyAccess bus_policy_access_from_string(const char *s) _pure_;
-
-int bus_kernel_make_starter(
- int fd,
- const char *name,
- bool activating,
- bool accept_fd,
- BusNamePolicy *policy,
- BusPolicyAccess world_policy);
diff --git a/src/core/busname.c b/src/core/busname.c
deleted file mode 100644
index b96ec09e67..0000000000
--- a/src/core/busname.c
+++ /dev/null
@@ -1,1081 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <sys/mman.h>
-
-#include "alloc-util.h"
-#include "bus-internal.h"
-#include "bus-kernel.h"
-#include "bus-policy.h"
-#include "bus-util.h"
-#include "busname.h"
-#include "dbus-busname.h"
-#include "fd-util.h"
-#include "formats-util.h"
-#include "kdbus.h"
-#include "parse-util.h"
-#include "process-util.h"
-#include "service.h"
-#include "signal-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-
-static const UnitActiveState state_translation_table[_BUSNAME_STATE_MAX] = {
- [BUSNAME_DEAD] = UNIT_INACTIVE,
- [BUSNAME_MAKING] = UNIT_ACTIVATING,
- [BUSNAME_REGISTERED] = UNIT_ACTIVE,
- [BUSNAME_LISTENING] = UNIT_ACTIVE,
- [BUSNAME_RUNNING] = UNIT_ACTIVE,
- [BUSNAME_SIGTERM] = UNIT_DEACTIVATING,
- [BUSNAME_SIGKILL] = UNIT_DEACTIVATING,
- [BUSNAME_FAILED] = UNIT_FAILED
-};
-
-static int busname_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int busname_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
-
-static void busname_init(Unit *u) {
- BusName *n = BUSNAME(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- n->starter_fd = -1;
- n->accept_fd = true;
- n->activating = true;
-
- n->timeout_usec = u->manager->default_timeout_start_usec;
-}
-
-static void busname_unwatch_control_pid(BusName *n) {
- assert(n);
-
- if (n->control_pid <= 0)
- return;
-
- unit_unwatch_pid(UNIT(n), n->control_pid);
- n->control_pid = 0;
-}
-
-static void busname_free_policy(BusName *n) {
- BusNamePolicy *p;
-
- assert(n);
-
- while ((p = n->policy)) {
- LIST_REMOVE(policy, n->policy, p);
-
- free(p->name);
- free(p);
- }
-}
-
-static void busname_close_fd(BusName *n) {
- assert(n);
-
- n->starter_event_source = sd_event_source_unref(n->starter_event_source);
- n->starter_fd = safe_close(n->starter_fd);
-}
-
-static void busname_done(Unit *u) {
- BusName *n = BUSNAME(u);
-
- assert(n);
-
- n->name = mfree(n->name);
-
- busname_free_policy(n);
- busname_unwatch_control_pid(n);
- busname_close_fd(n);
-
- unit_ref_unset(&n->service);
-
- n->timer_event_source = sd_event_source_unref(n->timer_event_source);
-}
-
-static int busname_arm_timer(BusName *n, usec_t usec) {
- int r;
-
- assert(n);
-
- if (n->timer_event_source) {
- r = sd_event_source_set_time(n->timer_event_source, usec);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(n->timer_event_source, SD_EVENT_ONESHOT);
- }
-
- if (usec == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- UNIT(n)->manager->event,
- &n->timer_event_source,
- CLOCK_MONOTONIC,
- usec, 0,
- busname_dispatch_timer, n);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(n->timer_event_source, "busname-timer");
-
- return 0;
-}
-
-static int busname_add_default_default_dependencies(BusName *n) {
- int r;
-
- assert(n);
-
- r = unit_add_dependency_by_name(UNIT(n), UNIT_BEFORE, SPECIAL_BUSNAMES_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- if (MANAGER_IS_SYSTEM(UNIT(n)->manager)) {
- r = unit_add_two_dependencies_by_name(UNIT(n), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
- if (r < 0)
- return r;
- }
-
- return unit_add_two_dependencies_by_name(UNIT(n), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
-}
-
-static int busname_add_extras(BusName *n) {
- Unit *u = UNIT(n);
- int r;
-
- assert(n);
-
- if (!n->name) {
- r = unit_name_to_prefix(u->id, &n->name);
- if (r < 0)
- return r;
- }
-
- if (!u->description) {
- r = unit_set_description(u, n->name);
- if (r < 0)
- return r;
- }
-
- if (n->activating) {
- if (!UNIT_DEREF(n->service)) {
- Unit *x;
-
- r = unit_load_related_unit(u, ".service", &x);
- if (r < 0)
- return r;
-
- unit_ref_set(&n->service, x);
- }
-
- r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(n->service), true);
- if (r < 0)
- return r;
- }
-
- if (u->default_dependencies) {
- r = busname_add_default_default_dependencies(n);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static int busname_verify(BusName *n) {
- char *e;
-
- assert(n);
-
- if (UNIT(n)->load_state != UNIT_LOADED)
- return 0;
-
- if (!service_name_is_valid(n->name)) {
- log_unit_error(UNIT(n), "Name= setting is not a valid service name Refusing.");
- return -EINVAL;
- }
-
- e = strjoina(n->name, ".busname");
- if (!unit_has_name(UNIT(n), e)) {
- log_unit_error(UNIT(n), "Name= setting doesn't match unit name. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int busname_load(Unit *u) {
- BusName *n = BUSNAME(u);
- int r;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- r = unit_load_fragment_and_dropin(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
- /* This is a new unit? Then let's add in some extras */
- r = busname_add_extras(n);
- if (r < 0)
- return r;
- }
-
- return busname_verify(n);
-}
-
-static void busname_dump(Unit *u, FILE *f, const char *prefix) {
- BusName *n = BUSNAME(u);
-
- assert(n);
- assert(f);
-
- fprintf(f,
- "%sBus Name State: %s\n"
- "%sResult: %s\n"
- "%sName: %s\n"
- "%sActivating: %s\n"
- "%sAccept FD: %s\n",
- prefix, busname_state_to_string(n->state),
- prefix, busname_result_to_string(n->result),
- prefix, n->name,
- prefix, yes_no(n->activating),
- prefix, yes_no(n->accept_fd));
-
- if (n->control_pid > 0)
- fprintf(f,
- "%sControl PID: "PID_FMT"\n",
- prefix, n->control_pid);
-}
-
-static void busname_unwatch_fd(BusName *n) {
- int r;
-
- assert(n);
-
- if (!n->starter_event_source)
- return;
-
- r = sd_event_source_set_enabled(n->starter_event_source, SD_EVENT_OFF);
- if (r < 0)
- log_unit_debug_errno(UNIT(n), r, "Failed to disable event source: %m");
-}
-
-static int busname_watch_fd(BusName *n) {
- int r;
-
- assert(n);
-
- if (n->starter_fd < 0)
- return 0;
-
- if (n->starter_event_source) {
- r = sd_event_source_set_enabled(n->starter_event_source, SD_EVENT_ON);
- if (r < 0)
- goto fail;
- } else {
- r = sd_event_add_io(UNIT(n)->manager->event, &n->starter_event_source, n->starter_fd, EPOLLIN, busname_dispatch_io, n);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(n->starter_event_source, "busname-starter");
- }
-
- return 0;
-
-fail:
- log_unit_warning_errno(UNIT(n), r, "Failed to watch starter fd: %m");
- busname_unwatch_fd(n);
- return r;
-}
-
-static int busname_open_fd(BusName *n) {
- _cleanup_free_ char *path = NULL;
- const char *mode;
-
- assert(n);
-
- if (n->starter_fd >= 0)
- return 0;
-
- mode = MANAGER_IS_SYSTEM(UNIT(n)->manager) ? "system" : "user";
- n->starter_fd = bus_kernel_open_bus_fd(mode, &path);
- if (n->starter_fd < 0)
- return log_unit_warning_errno(UNIT(n), n->starter_fd, "Failed to open %s: %m", path ?: "kdbus");
-
- return 0;
-}
-
-static void busname_set_state(BusName *n, BusNameState state) {
- BusNameState old_state;
- assert(n);
-
- old_state = n->state;
- n->state = state;
-
- if (!IN_SET(state, BUSNAME_MAKING, BUSNAME_SIGTERM, BUSNAME_SIGKILL)) {
- n->timer_event_source = sd_event_source_unref(n->timer_event_source);
- busname_unwatch_control_pid(n);
- }
-
- if (state != BUSNAME_LISTENING)
- busname_unwatch_fd(n);
-
- if (!IN_SET(state, BUSNAME_LISTENING, BUSNAME_MAKING, BUSNAME_REGISTERED, BUSNAME_RUNNING))
- busname_close_fd(n);
-
- if (state != old_state)
- log_unit_debug(UNIT(n), "Changed %s -> %s", busname_state_to_string(old_state), busname_state_to_string(state));
-
- unit_notify(UNIT(n), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int busname_coldplug(Unit *u) {
- BusName *n = BUSNAME(u);
- int r;
-
- assert(n);
- assert(n->state == BUSNAME_DEAD);
-
- if (n->deserialized_state == n->state)
- return 0;
-
- if (n->control_pid > 0 &&
- pid_is_unwaited(n->control_pid) &&
- IN_SET(n->deserialized_state, BUSNAME_MAKING, BUSNAME_SIGTERM, BUSNAME_SIGKILL)) {
-
- r = unit_watch_pid(UNIT(n), n->control_pid);
- if (r < 0)
- return r;
-
- r = busname_arm_timer(n, usec_add(u->state_change_timestamp.monotonic, n->timeout_usec));
- if (r < 0)
- return r;
- }
-
- if (IN_SET(n->deserialized_state, BUSNAME_MAKING, BUSNAME_LISTENING, BUSNAME_REGISTERED, BUSNAME_RUNNING)) {
- r = busname_open_fd(n);
- if (r < 0)
- return r;
- }
-
- if (n->deserialized_state == BUSNAME_LISTENING) {
- r = busname_watch_fd(n);
- if (r < 0)
- return r;
- }
-
- busname_set_state(n, n->deserialized_state);
- return 0;
-}
-
-static int busname_make_starter(BusName *n, pid_t *_pid) {
- pid_t pid;
- int r;
-
- r = busname_arm_timer(n, usec_add(now(CLOCK_MONOTONIC), n->timeout_usec));
- if (r < 0)
- goto fail;
-
- /* We have to resolve the user/group names out-of-process,
- * hence let's fork here. It's messy, but well, what can we
- * do? */
-
- pid = fork();
- if (pid < 0)
- return -errno;
-
- if (pid == 0) {
- int ret;
-
- (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
- (void) ignore_signals(SIGPIPE, -1);
- log_forget_fds();
-
- r = bus_kernel_make_starter(n->starter_fd, n->name, n->activating, n->accept_fd, n->policy, n->policy_world);
- if (r < 0) {
- ret = EXIT_MAKE_STARTER;
- goto fail_child;
- }
-
- _exit(0);
-
- fail_child:
- log_open();
- log_error_errno(r, "Failed to create starter connection at step %s: %m", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD));
-
- _exit(ret);
- }
-
- r = unit_watch_pid(UNIT(n), pid);
- if (r < 0)
- goto fail;
-
- *_pid = pid;
- return 0;
-
-fail:
- n->timer_event_source = sd_event_source_unref(n->timer_event_source);
- return r;
-}
-
-static void busname_enter_dead(BusName *n, BusNameResult f) {
- assert(n);
-
- if (n->result == BUSNAME_SUCCESS)
- n->result = f;
-
- busname_set_state(n, n->result != BUSNAME_SUCCESS ? BUSNAME_FAILED : BUSNAME_DEAD);
-}
-
-static void busname_enter_signal(BusName *n, BusNameState state, BusNameResult f) {
- KillContext kill_context = {};
- int r;
-
- assert(n);
-
- if (n->result == BUSNAME_SUCCESS)
- n->result = f;
-
- kill_context_init(&kill_context);
-
- r = unit_kill_context(UNIT(n),
- &kill_context,
- state != BUSNAME_SIGTERM ? KILL_KILL : KILL_TERMINATE,
- -1,
- n->control_pid,
- false);
- if (r < 0) {
- log_unit_warning_errno(UNIT(n), r, "Failed to kill control process: %m");
- goto fail;
- }
-
- if (r > 0) {
- r = busname_arm_timer(n, usec_add(now(CLOCK_MONOTONIC), n->timeout_usec));
- if (r < 0) {
- log_unit_warning_errno(UNIT(n), r, "Failed to arm timer: %m");
- goto fail;
- }
-
- busname_set_state(n, state);
- } else if (state == BUSNAME_SIGTERM)
- busname_enter_signal(n, BUSNAME_SIGKILL, BUSNAME_SUCCESS);
- else
- busname_enter_dead(n, BUSNAME_SUCCESS);
-
- return;
-
-fail:
- busname_enter_dead(n, BUSNAME_FAILURE_RESOURCES);
-}
-
-static void busname_enter_listening(BusName *n) {
- int r;
-
- assert(n);
-
- if (n->activating) {
- r = busname_watch_fd(n);
- if (r < 0) {
- log_unit_warning_errno(UNIT(n), r, "Failed to watch names: %m");
- goto fail;
- }
-
- busname_set_state(n, BUSNAME_LISTENING);
- } else
- busname_set_state(n, BUSNAME_REGISTERED);
-
- return;
-
-fail:
- busname_enter_signal(n, BUSNAME_SIGTERM, BUSNAME_FAILURE_RESOURCES);
-}
-
-static void busname_enter_making(BusName *n) {
- int r;
-
- assert(n);
-
- r = busname_open_fd(n);
- if (r < 0)
- goto fail;
-
- if (n->policy) {
- /* If there is a policy, we need to resolve user/group
- * names, which we can't do from PID1, hence let's
- * fork. */
- busname_unwatch_control_pid(n);
-
- r = busname_make_starter(n, &n->control_pid);
- if (r < 0) {
- log_unit_warning_errno(UNIT(n), r, "Failed to fork 'making' task: %m");
- goto fail;
- }
-
- busname_set_state(n, BUSNAME_MAKING);
- } else {
- /* If there is no policy, we can do everything
- * directly from PID 1, hence do so. */
-
- r = bus_kernel_make_starter(n->starter_fd, n->name, n->activating, n->accept_fd, NULL, n->policy_world);
- if (r < 0) {
- log_unit_warning_errno(UNIT(n), r, "Failed to make starter: %m");
- goto fail;
- }
-
- busname_enter_listening(n);
- }
-
- return;
-
-fail:
- busname_enter_dead(n, BUSNAME_FAILURE_RESOURCES);
-}
-
-static void busname_enter_running(BusName *n) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- bool pending = false;
- Unit *other;
- Iterator i;
- int r;
-
- assert(n);
-
- if (!n->activating)
- return;
-
- /* We don't take connections anymore if we are supposed to
- * shut down anyway */
-
- if (unit_stop_pending(UNIT(n))) {
- log_unit_debug(UNIT(n), "Suppressing activation request since unit stop is scheduled.");
-
- /* Flush all queued activation reqeuest by closing and reopening the connection */
- bus_kernel_drop_one(n->starter_fd);
-
- busname_enter_listening(n);
- return;
- }
-
- /* If there's already a start pending don't bother to do
- * anything */
- SET_FOREACH(other, UNIT(n)->dependencies[UNIT_TRIGGERS], i)
- if (unit_active_or_pending(other)) {
- pending = true;
- break;
- }
-
- if (!pending) {
- if (!UNIT_ISSET(n->service)) {
- log_unit_error(UNIT(n), "Service to activate vanished, refusing activation.");
- r = -ENOENT;
- goto fail;
- }
-
- r = manager_add_job(UNIT(n)->manager, JOB_START, UNIT_DEREF(n->service), JOB_REPLACE, &error, NULL);
- if (r < 0)
- goto fail;
- }
-
- busname_set_state(n, BUSNAME_RUNNING);
- return;
-
-fail:
- log_unit_warning(UNIT(n), "Failed to queue service startup job: %s", bus_error_message(&error, r));
- busname_enter_dead(n, BUSNAME_FAILURE_RESOURCES);
-}
-
-static int busname_start(Unit *u) {
- BusName *n = BUSNAME(u);
- int r;
-
- assert(n);
-
- /* We cannot fulfill this request right now, try again later
- * please! */
- if (IN_SET(n->state, BUSNAME_SIGTERM, BUSNAME_SIGKILL))
- return -EAGAIN;
-
- /* Already on it! */
- if (n->state == BUSNAME_MAKING)
- return 0;
-
- if (n->activating && UNIT_ISSET(n->service)) {
- Service *service;
-
- service = SERVICE(UNIT_DEREF(n->service));
-
- if (UNIT(service)->load_state != UNIT_LOADED) {
- log_unit_error(u, "Bus service %s not loaded, refusing.", UNIT(service)->id);
- return -ENOENT;
- }
- }
-
- assert(IN_SET(n->state, BUSNAME_DEAD, BUSNAME_FAILED));
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- busname_enter_dead(n, BUSNAME_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- n->result = BUSNAME_SUCCESS;
- busname_enter_making(n);
-
- return 1;
-}
-
-static int busname_stop(Unit *u) {
- BusName *n = BUSNAME(u);
-
- assert(n);
-
- /* Already on it */
- if (IN_SET(n->state, BUSNAME_SIGTERM, BUSNAME_SIGKILL))
- return 0;
-
- /* If there's already something running, we go directly into
- * kill mode. */
-
- if (n->state == BUSNAME_MAKING) {
- busname_enter_signal(n, BUSNAME_SIGTERM, BUSNAME_SUCCESS);
- return -EAGAIN;
- }
-
- assert(IN_SET(n->state, BUSNAME_REGISTERED, BUSNAME_LISTENING, BUSNAME_RUNNING));
-
- busname_enter_dead(n, BUSNAME_SUCCESS);
- return 1;
-}
-
-static int busname_serialize(Unit *u, FILE *f, FDSet *fds) {
- BusName *n = BUSNAME(u);
- int r;
-
- assert(n);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", busname_state_to_string(n->state));
- unit_serialize_item(u, f, "result", busname_result_to_string(n->result));
-
- if (n->control_pid > 0)
- unit_serialize_item_format(u, f, "control-pid", PID_FMT, n->control_pid);
-
- r = unit_serialize_item_fd(u, f, fds, "starter-fd", n->starter_fd);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int busname_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- BusName *n = BUSNAME(u);
-
- assert(n);
- assert(key);
- assert(value);
-
- if (streq(key, "state")) {
- BusNameState state;
-
- state = busname_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- n->deserialized_state = state;
-
- } else if (streq(key, "result")) {
- BusNameResult f;
-
- f = busname_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != BUSNAME_SUCCESS)
- n->result = f;
-
- } else if (streq(key, "control-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse control-pid value: %s", value);
- else
- n->control_pid = pid;
- } else if (streq(key, "starter-fd")) {
- int fd;
-
- if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse starter fd value: %s", value);
- else {
- safe_close(n->starter_fd);
- n->starter_fd = fdset_remove(fds, fd);
- }
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState busname_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[BUSNAME(u)->state];
-}
-
-_pure_ static const char *busname_sub_state_to_string(Unit *u) {
- assert(u);
-
- return busname_state_to_string(BUSNAME(u)->state);
-}
-
-static int busname_peek_message(BusName *n) {
- struct kdbus_cmd_recv cmd_recv = {
- .size = sizeof(cmd_recv),
- .flags = KDBUS_RECV_PEEK,
- };
- struct kdbus_cmd_free cmd_free = {
- .size = sizeof(cmd_free),
- };
- const char *comm = NULL;
- struct kdbus_item *d;
- struct kdbus_msg *k;
- size_t start, ps, sz, delta;
- void *p = NULL;
- pid_t pid = 0;
- int r;
-
- /* Generate a friendly debug log message about which process
- * caused triggering of this bus name. This simply peeks the
- * metadata of the first queued message and logs it. */
-
- assert(n);
-
- /* Let's shortcut things a bit, if debug logging is turned off
- * anyway. */
-
- if (log_get_max_level() < LOG_DEBUG)
- return 0;
-
- r = ioctl(n->starter_fd, KDBUS_CMD_RECV, &cmd_recv);
- if (r < 0) {
- if (errno == EINTR || errno == EAGAIN)
- return 0;
-
- return log_unit_error_errno(UNIT(n), errno, "Failed to query activation message: %m");
- }
-
- /* We map as late as possible, and unmap imemdiately after
- * use. On 32bit address space is scarce and we want to be
- * able to handle a lot of activator connections at the same
- * time, and hence shouldn't keep the mmap()s around for
- * longer than necessary. */
-
- ps = page_size();
- start = (cmd_recv.msg.offset / ps) * ps;
- delta = cmd_recv.msg.offset - start;
- sz = PAGE_ALIGN(delta + cmd_recv.msg.msg_size);
-
- p = mmap(NULL, sz, PROT_READ, MAP_SHARED, n->starter_fd, start);
- if (p == MAP_FAILED) {
- r = log_unit_error_errno(UNIT(n), errno, "Failed to map activation message: %m");
- goto finish;
- }
-
- k = (struct kdbus_msg *) ((uint8_t *) p + delta);
- KDBUS_ITEM_FOREACH(d, k, items) {
- switch (d->type) {
-
- case KDBUS_ITEM_PIDS:
- pid = d->pids.pid;
- break;
-
- case KDBUS_ITEM_PID_COMM:
- comm = d->str;
- break;
- }
- }
-
- if (pid > 0)
- log_unit_debug(UNIT(n), "Activation triggered by process " PID_FMT " (%s)", pid, strna(comm));
-
- r = 0;
-
-finish:
- if (p)
- (void) munmap(p, sz);
-
- cmd_free.offset = cmd_recv.msg.offset;
- if (ioctl(n->starter_fd, KDBUS_CMD_FREE, &cmd_free) < 0)
- log_unit_warning(UNIT(n), "Failed to free peeked message, ignoring: %m");
-
- return r;
-}
-
-static int busname_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- BusName *n = userdata;
-
- assert(n);
- assert(fd >= 0);
-
- if (n->state != BUSNAME_LISTENING)
- return 0;
-
- log_unit_debug(UNIT(n), "Activation request");
-
- if (revents != EPOLLIN) {
- log_unit_error(UNIT(n), "Got unexpected poll event (0x%x) on starter fd.", revents);
- goto fail;
- }
-
- busname_peek_message(n);
- busname_enter_running(n);
- return 0;
-fail:
-
- busname_enter_dead(n, BUSNAME_FAILURE_RESOURCES);
- return 0;
-}
-
-static void busname_sigchld_event(Unit *u, pid_t pid, int code, int status) {
- BusName *n = BUSNAME(u);
- BusNameResult f;
-
- assert(n);
- assert(pid >= 0);
-
- if (pid != n->control_pid)
- return;
-
- n->control_pid = 0;
-
- if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
- f = BUSNAME_SUCCESS;
- else if (code == CLD_EXITED)
- f = BUSNAME_FAILURE_EXIT_CODE;
- else if (code == CLD_KILLED)
- f = BUSNAME_FAILURE_SIGNAL;
- else if (code == CLD_DUMPED)
- f = BUSNAME_FAILURE_CORE_DUMP;
- else
- assert_not_reached("Unknown sigchld code");
-
- log_unit_full(u, f == BUSNAME_SUCCESS ? LOG_DEBUG : LOG_NOTICE, 0,
- "Control process exited, code=%s status=%i", sigchld_code_to_string(code), status);
-
- if (n->result == BUSNAME_SUCCESS)
- n->result = f;
-
- switch (n->state) {
-
- case BUSNAME_MAKING:
- if (f == BUSNAME_SUCCESS)
- busname_enter_listening(n);
- else
- busname_enter_signal(n, BUSNAME_SIGTERM, f);
- break;
-
- case BUSNAME_SIGTERM:
- case BUSNAME_SIGKILL:
- busname_enter_dead(n, f);
- break;
-
- default:
- assert_not_reached("Uh, control process died at wrong time.");
- }
-
- /* Notify clients about changed exit status */
- unit_add_to_dbus_queue(u);
-}
-
-static int busname_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
- BusName *n = BUSNAME(userdata);
-
- assert(n);
- assert(n->timer_event_source == source);
-
- switch (n->state) {
-
- case BUSNAME_MAKING:
- log_unit_warning(UNIT(n), "Making timed out. Terminating.");
- busname_enter_signal(n, BUSNAME_SIGTERM, BUSNAME_FAILURE_TIMEOUT);
- break;
-
- case BUSNAME_SIGTERM:
- log_unit_warning(UNIT(n), "Stopping timed out. Killing.");
- busname_enter_signal(n, BUSNAME_SIGKILL, BUSNAME_FAILURE_TIMEOUT);
- break;
-
- case BUSNAME_SIGKILL:
- log_unit_warning(UNIT(n), "Processes still around after SIGKILL. Ignoring.");
- busname_enter_dead(n, BUSNAME_FAILURE_TIMEOUT);
- break;
-
- default:
- assert_not_reached("Timeout at wrong time.");
- }
-
- return 0;
-}
-
-static void busname_reset_failed(Unit *u) {
- BusName *n = BUSNAME(u);
-
- assert(n);
-
- if (n->state == BUSNAME_FAILED)
- busname_set_state(n, BUSNAME_DEAD);
-
- n->result = BUSNAME_SUCCESS;
-}
-
-static void busname_trigger_notify(Unit *u, Unit *other) {
- BusName *n = BUSNAME(u);
-
- assert(n);
- assert(other);
-
- if (!IN_SET(n->state, BUSNAME_RUNNING, BUSNAME_LISTENING))
- return;
-
- if (other->start_limit_hit) {
- busname_enter_dead(n, BUSNAME_FAILURE_SERVICE_START_LIMIT_HIT);
- return;
- }
-
- if (other->load_state != UNIT_LOADED || other->type != UNIT_SERVICE)
- return;
-
- if (IN_SET(SERVICE(other)->state,
- SERVICE_DEAD, SERVICE_FAILED,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
- SERVICE_AUTO_RESTART))
- busname_enter_listening(n);
-
- if (SERVICE(other)->state == SERVICE_RUNNING)
- busname_set_state(n, BUSNAME_RUNNING);
-}
-
-static int busname_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- return unit_kill_common(u, who, signo, -1, BUSNAME(u)->control_pid, error);
-}
-
-static int busname_get_timeout(Unit *u, usec_t *timeout) {
- BusName *n = BUSNAME(u);
- usec_t t;
- int r;
-
- if (!n->timer_event_source)
- return 0;
-
- r = sd_event_source_get_time(n->timer_event_source, &t);
- if (r < 0)
- return r;
- if (t == USEC_INFINITY)
- return 0;
-
- *timeout = t;
- return 1;
-}
-
-static bool busname_supported(void) {
- return false;
-}
-
-static int busname_control_pid(Unit *u) {
- BusName *n = BUSNAME(u);
-
- assert(n);
-
- return n->control_pid;
-}
-
-static const char* const busname_result_table[_BUSNAME_RESULT_MAX] = {
- [BUSNAME_SUCCESS] = "success",
- [BUSNAME_FAILURE_RESOURCES] = "resources",
- [BUSNAME_FAILURE_TIMEOUT] = "timeout",
- [BUSNAME_FAILURE_EXIT_CODE] = "exit-code",
- [BUSNAME_FAILURE_SIGNAL] = "signal",
- [BUSNAME_FAILURE_CORE_DUMP] = "core-dump",
- [BUSNAME_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
- [BUSNAME_FAILURE_SERVICE_START_LIMIT_HIT] = "service-start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(busname_result, BusNameResult);
-
-const UnitVTable busname_vtable = {
- .object_size = sizeof(BusName),
-
- .sections =
- "Unit\0"
- "BusName\0"
- "Install\0",
- .private_section = "BusName",
-
- .init = busname_init,
- .done = busname_done,
- .load = busname_load,
-
- .coldplug = busname_coldplug,
-
- .dump = busname_dump,
-
- .start = busname_start,
- .stop = busname_stop,
-
- .kill = busname_kill,
-
- .get_timeout = busname_get_timeout,
-
- .serialize = busname_serialize,
- .deserialize_item = busname_deserialize_item,
-
- .active_state = busname_active_state,
- .sub_state_to_string = busname_sub_state_to_string,
-
- .sigchld_event = busname_sigchld_event,
-
- .trigger_notify = busname_trigger_notify,
-
- .reset_failed = busname_reset_failed,
-
- .supported = busname_supported,
-
- .control_pid = busname_control_pid,
-
- .bus_vtable = bus_busname_vtable,
-
- .status_message_formats = {
- .finished_start_job = {
- [JOB_DONE] = "Listening on %s.",
- [JOB_FAILED] = "Failed to listen on %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Closed %s.",
- [JOB_FAILED] = "Failed stopping %s.",
- },
- },
-};
diff --git a/src/core/busname.h b/src/core/busname.h
deleted file mode 100644
index a8562db458..0000000000
--- a/src/core/busname.h
+++ /dev/null
@@ -1,69 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct BusName BusName;
-typedef struct BusNamePolicy BusNamePolicy;
-
-#include "unit.h"
-#include "bus-policy.h"
-
-typedef enum BusNameResult {
- BUSNAME_SUCCESS,
- BUSNAME_FAILURE_RESOURCES,
- BUSNAME_FAILURE_TIMEOUT,
- BUSNAME_FAILURE_EXIT_CODE,
- BUSNAME_FAILURE_SIGNAL,
- BUSNAME_FAILURE_CORE_DUMP,
- BUSNAME_FAILURE_START_LIMIT_HIT,
- BUSNAME_FAILURE_SERVICE_START_LIMIT_HIT,
- _BUSNAME_RESULT_MAX,
- _BUSNAME_RESULT_INVALID = -1
-} BusNameResult;
-
-struct BusName {
- Unit meta;
-
- char *name;
- int starter_fd;
-
- bool activating;
- bool accept_fd;
-
- UnitRef service;
-
- BusNameState state, deserialized_state;
- BusNameResult result;
-
- usec_t timeout_usec;
-
- sd_event_source *starter_event_source;
- sd_event_source *timer_event_source;
-
- pid_t control_pid;
-
- LIST_HEAD(BusNamePolicy, policy);
- BusPolicyAccess policy_world;
-};
-
-extern const UnitVTable busname_vtable;
-
-const char* busname_result_to_string(BusNameResult i) _const_;
-BusNameResult busname_result_from_string(const char *s) _pure_;
diff --git a/src/core/cgroup.c b/src/core/cgroup.c
deleted file mode 100644
index 23a92f9651..0000000000
--- a/src/core/cgroup.c
+++ /dev/null
@@ -1,2170 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <fcntl.h>
-#include <fnmatch.h>
-
-#include "alloc-util.h"
-#include "cgroup-util.h"
-#include "cgroup.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "fs-util.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "stdio-util.h"
-
-#define CGROUP_CPU_QUOTA_PERIOD_USEC ((usec_t) 100 * USEC_PER_MSEC)
-
-static void cgroup_compat_warn(void) {
- static bool cgroup_compat_warned = false;
-
- if (cgroup_compat_warned)
- return;
-
- log_warning("cgroup compatibility translation between legacy and unified hierarchy settings activated. See cgroup-compat debug messages for details.");
- cgroup_compat_warned = true;
-}
-
-#define log_cgroup_compat(unit, fmt, ...) do { \
- cgroup_compat_warn(); \
- log_unit_debug(unit, "cgroup-compat: " fmt, ##__VA_ARGS__); \
- } while (false)
-
-void cgroup_context_init(CGroupContext *c) {
- assert(c);
-
- /* Initialize everything to the kernel defaults, assuming the
- * structure is preinitialized to 0 */
-
- c->cpu_weight = CGROUP_WEIGHT_INVALID;
- c->startup_cpu_weight = CGROUP_WEIGHT_INVALID;
- c->cpu_quota_per_sec_usec = USEC_INFINITY;
-
- c->cpu_shares = CGROUP_CPU_SHARES_INVALID;
- c->startup_cpu_shares = CGROUP_CPU_SHARES_INVALID;
-
- c->memory_high = CGROUP_LIMIT_MAX;
- c->memory_max = CGROUP_LIMIT_MAX;
- c->memory_swap_max = CGROUP_LIMIT_MAX;
-
- c->memory_limit = CGROUP_LIMIT_MAX;
-
- c->io_weight = CGROUP_WEIGHT_INVALID;
- c->startup_io_weight = CGROUP_WEIGHT_INVALID;
-
- c->blockio_weight = CGROUP_BLKIO_WEIGHT_INVALID;
- c->startup_blockio_weight = CGROUP_BLKIO_WEIGHT_INVALID;
-
- c->tasks_max = (uint64_t) -1;
-}
-
-void cgroup_context_free_device_allow(CGroupContext *c, CGroupDeviceAllow *a) {
- assert(c);
- assert(a);
-
- LIST_REMOVE(device_allow, c->device_allow, a);
- free(a->path);
- free(a);
-}
-
-void cgroup_context_free_io_device_weight(CGroupContext *c, CGroupIODeviceWeight *w) {
- assert(c);
- assert(w);
-
- LIST_REMOVE(device_weights, c->io_device_weights, w);
- free(w->path);
- free(w);
-}
-
-void cgroup_context_free_io_device_limit(CGroupContext *c, CGroupIODeviceLimit *l) {
- assert(c);
- assert(l);
-
- LIST_REMOVE(device_limits, c->io_device_limits, l);
- free(l->path);
- free(l);
-}
-
-void cgroup_context_free_blockio_device_weight(CGroupContext *c, CGroupBlockIODeviceWeight *w) {
- assert(c);
- assert(w);
-
- LIST_REMOVE(device_weights, c->blockio_device_weights, w);
- free(w->path);
- free(w);
-}
-
-void cgroup_context_free_blockio_device_bandwidth(CGroupContext *c, CGroupBlockIODeviceBandwidth *b) {
- assert(c);
- assert(b);
-
- LIST_REMOVE(device_bandwidths, c->blockio_device_bandwidths, b);
- free(b->path);
- free(b);
-}
-
-void cgroup_context_done(CGroupContext *c) {
- assert(c);
-
- while (c->io_device_weights)
- cgroup_context_free_io_device_weight(c, c->io_device_weights);
-
- while (c->io_device_limits)
- cgroup_context_free_io_device_limit(c, c->io_device_limits);
-
- while (c->blockio_device_weights)
- cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
-
- while (c->blockio_device_bandwidths)
- cgroup_context_free_blockio_device_bandwidth(c, c->blockio_device_bandwidths);
-
- while (c->device_allow)
- cgroup_context_free_device_allow(c, c->device_allow);
-}
-
-void cgroup_context_dump(CGroupContext *c, FILE* f, const char *prefix) {
- CGroupIODeviceLimit *il;
- CGroupIODeviceWeight *iw;
- CGroupBlockIODeviceBandwidth *b;
- CGroupBlockIODeviceWeight *w;
- CGroupDeviceAllow *a;
- char u[FORMAT_TIMESPAN_MAX];
-
- assert(c);
- assert(f);
-
- prefix = strempty(prefix);
-
- fprintf(f,
- "%sCPUAccounting=%s\n"
- "%sIOAccounting=%s\n"
- "%sBlockIOAccounting=%s\n"
- "%sMemoryAccounting=%s\n"
- "%sTasksAccounting=%s\n"
- "%sCPUWeight=%" PRIu64 "\n"
- "%sStartupCPUWeight=%" PRIu64 "\n"
- "%sCPUShares=%" PRIu64 "\n"
- "%sStartupCPUShares=%" PRIu64 "\n"
- "%sCPUQuotaPerSecSec=%s\n"
- "%sIOWeight=%" PRIu64 "\n"
- "%sStartupIOWeight=%" PRIu64 "\n"
- "%sBlockIOWeight=%" PRIu64 "\n"
- "%sStartupBlockIOWeight=%" PRIu64 "\n"
- "%sMemoryLow=%" PRIu64 "\n"
- "%sMemoryHigh=%" PRIu64 "\n"
- "%sMemoryMax=%" PRIu64 "\n"
- "%sMemorySwapMax=%" PRIu64 "\n"
- "%sMemoryLimit=%" PRIu64 "\n"
- "%sTasksMax=%" PRIu64 "\n"
- "%sDevicePolicy=%s\n"
- "%sDelegate=%s\n",
- prefix, yes_no(c->cpu_accounting),
- prefix, yes_no(c->io_accounting),
- prefix, yes_no(c->blockio_accounting),
- prefix, yes_no(c->memory_accounting),
- prefix, yes_no(c->tasks_accounting),
- prefix, c->cpu_weight,
- prefix, c->startup_cpu_weight,
- prefix, c->cpu_shares,
- prefix, c->startup_cpu_shares,
- prefix, format_timespan(u, sizeof(u), c->cpu_quota_per_sec_usec, 1),
- prefix, c->io_weight,
- prefix, c->startup_io_weight,
- prefix, c->blockio_weight,
- prefix, c->startup_blockio_weight,
- prefix, c->memory_low,
- prefix, c->memory_high,
- prefix, c->memory_max,
- prefix, c->memory_swap_max,
- prefix, c->memory_limit,
- prefix, c->tasks_max,
- prefix, cgroup_device_policy_to_string(c->device_policy),
- prefix, yes_no(c->delegate));
-
- LIST_FOREACH(device_allow, a, c->device_allow)
- fprintf(f,
- "%sDeviceAllow=%s %s%s%s\n",
- prefix,
- a->path,
- a->r ? "r" : "", a->w ? "w" : "", a->m ? "m" : "");
-
- LIST_FOREACH(device_weights, iw, c->io_device_weights)
- fprintf(f,
- "%sIODeviceWeight=%s %" PRIu64,
- prefix,
- iw->path,
- iw->weight);
-
- LIST_FOREACH(device_limits, il, c->io_device_limits) {
- char buf[FORMAT_BYTES_MAX];
- CGroupIOLimitType type;
-
- for (type = 0; type < _CGROUP_IO_LIMIT_TYPE_MAX; type++)
- if (il->limits[type] != cgroup_io_limit_defaults[type])
- fprintf(f,
- "%s%s=%s %s\n",
- prefix,
- cgroup_io_limit_type_to_string(type),
- il->path,
- format_bytes(buf, sizeof(buf), il->limits[type]));
- }
-
- LIST_FOREACH(device_weights, w, c->blockio_device_weights)
- fprintf(f,
- "%sBlockIODeviceWeight=%s %" PRIu64,
- prefix,
- w->path,
- w->weight);
-
- LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
- char buf[FORMAT_BYTES_MAX];
-
- if (b->rbps != CGROUP_LIMIT_MAX)
- fprintf(f,
- "%sBlockIOReadBandwidth=%s %s\n",
- prefix,
- b->path,
- format_bytes(buf, sizeof(buf), b->rbps));
- if (b->wbps != CGROUP_LIMIT_MAX)
- fprintf(f,
- "%sBlockIOWriteBandwidth=%s %s\n",
- prefix,
- b->path,
- format_bytes(buf, sizeof(buf), b->wbps));
- }
-}
-
-static int lookup_block_device(const char *p, dev_t *dev) {
- struct stat st;
- int r;
-
- assert(p);
- assert(dev);
-
- r = stat(p, &st);
- if (r < 0)
- return log_warning_errno(errno, "Couldn't stat device %s: %m", p);
-
- if (S_ISBLK(st.st_mode))
- *dev = st.st_rdev;
- else if (major(st.st_dev) != 0) {
- /* If this is not a device node then find the block
- * device this file is stored on */
- *dev = st.st_dev;
-
- /* If this is a partition, try to get the originating
- * block device */
- block_get_whole_disk(*dev, dev);
- } else {
- log_warning("%s is not a block device and file system block device cannot be determined or is not local.", p);
- return -ENODEV;
- }
-
- return 0;
-}
-
-static int whitelist_device(const char *path, const char *node, const char *acc) {
- char buf[2+DECIMAL_STR_MAX(dev_t)*2+2+4];
- struct stat st;
- int r;
-
- assert(path);
- assert(acc);
-
- if (stat(node, &st) < 0) {
- log_warning("Couldn't stat device %s", node);
- return -errno;
- }
-
- if (!S_ISCHR(st.st_mode) && !S_ISBLK(st.st_mode)) {
- log_warning("%s is not a device.", node);
- return -ENODEV;
- }
-
- sprintf(buf,
- "%c %u:%u %s",
- S_ISCHR(st.st_mode) ? 'c' : 'b',
- major(st.st_rdev), minor(st.st_rdev),
- acc);
-
- r = cg_set_attribute("devices", path, "devices.allow", buf);
- if (r < 0)
- log_full_errno(IN_SET(r, -ENOENT, -EROFS, -EINVAL, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set devices.allow on %s: %m", path);
-
- return r;
-}
-
-static int whitelist_major(const char *path, const char *name, char type, const char *acc) {
- _cleanup_fclose_ FILE *f = NULL;
- char line[LINE_MAX];
- bool good = false;
- int r;
-
- assert(path);
- assert(acc);
- assert(type == 'b' || type == 'c');
-
- f = fopen("/proc/devices", "re");
- if (!f)
- return log_warning_errno(errno, "Cannot open /proc/devices to resolve %s (%c): %m", name, type);
-
- FOREACH_LINE(line, f, goto fail) {
- char buf[2+DECIMAL_STR_MAX(unsigned)+3+4], *p, *w;
- unsigned maj;
-
- truncate_nl(line);
-
- if (type == 'c' && streq(line, "Character devices:")) {
- good = true;
- continue;
- }
-
- if (type == 'b' && streq(line, "Block devices:")) {
- good = true;
- continue;
- }
-
- if (isempty(line)) {
- good = false;
- continue;
- }
-
- if (!good)
- continue;
-
- p = strstrip(line);
-
- w = strpbrk(p, WHITESPACE);
- if (!w)
- continue;
- *w = 0;
-
- r = safe_atou(p, &maj);
- if (r < 0)
- continue;
- if (maj <= 0)
- continue;
-
- w++;
- w += strspn(w, WHITESPACE);
-
- if (fnmatch(name, w, 0) != 0)
- continue;
-
- sprintf(buf,
- "%c %u:* %s",
- type,
- maj,
- acc);
-
- r = cg_set_attribute("devices", path, "devices.allow", buf);
- if (r < 0)
- log_full_errno(IN_SET(r, -ENOENT, -EROFS, -EINVAL, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set devices.allow on %s: %m", path);
- }
-
- return 0;
-
-fail:
- log_warning_errno(errno, "Failed to read /proc/devices: %m");
- return -errno;
-}
-
-static bool cgroup_context_has_cpu_weight(CGroupContext *c) {
- return c->cpu_weight != CGROUP_WEIGHT_INVALID ||
- c->startup_cpu_weight != CGROUP_WEIGHT_INVALID;
-}
-
-static bool cgroup_context_has_cpu_shares(CGroupContext *c) {
- return c->cpu_shares != CGROUP_CPU_SHARES_INVALID ||
- c->startup_cpu_shares != CGROUP_CPU_SHARES_INVALID;
-}
-
-static uint64_t cgroup_context_cpu_weight(CGroupContext *c, ManagerState state) {
- if (IN_SET(state, MANAGER_STARTING, MANAGER_INITIALIZING) &&
- c->startup_cpu_weight != CGROUP_WEIGHT_INVALID)
- return c->startup_cpu_weight;
- else if (c->cpu_weight != CGROUP_WEIGHT_INVALID)
- return c->cpu_weight;
- else
- return CGROUP_WEIGHT_DEFAULT;
-}
-
-static uint64_t cgroup_context_cpu_shares(CGroupContext *c, ManagerState state) {
- if (IN_SET(state, MANAGER_STARTING, MANAGER_INITIALIZING) &&
- c->startup_cpu_shares != CGROUP_CPU_SHARES_INVALID)
- return c->startup_cpu_shares;
- else if (c->cpu_shares != CGROUP_CPU_SHARES_INVALID)
- return c->cpu_shares;
- else
- return CGROUP_CPU_SHARES_DEFAULT;
-}
-
-static void cgroup_apply_unified_cpu_config(Unit *u, uint64_t weight, uint64_t quota) {
- char buf[MAX(DECIMAL_STR_MAX(uint64_t) + 1, (DECIMAL_STR_MAX(usec_t) + 1) * 2)];
- int r;
-
- xsprintf(buf, "%" PRIu64 "\n", weight);
- r = cg_set_attribute("cpu", u->cgroup_path, "cpu.weight", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set cpu.weight: %m");
-
- if (quota != USEC_INFINITY)
- xsprintf(buf, USEC_FMT " " USEC_FMT "\n",
- quota * CGROUP_CPU_QUOTA_PERIOD_USEC / USEC_PER_SEC, CGROUP_CPU_QUOTA_PERIOD_USEC);
- else
- xsprintf(buf, "max " USEC_FMT "\n", CGROUP_CPU_QUOTA_PERIOD_USEC);
-
- r = cg_set_attribute("cpu", u->cgroup_path, "cpu.max", buf);
-
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set cpu.max: %m");
-}
-
-static void cgroup_apply_legacy_cpu_config(Unit *u, uint64_t shares, uint64_t quota) {
- char buf[MAX(DECIMAL_STR_MAX(uint64_t), DECIMAL_STR_MAX(usec_t)) + 1];
- int r;
-
- xsprintf(buf, "%" PRIu64 "\n", shares);
- r = cg_set_attribute("cpu", u->cgroup_path, "cpu.shares", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set cpu.shares: %m");
-
- xsprintf(buf, USEC_FMT "\n", CGROUP_CPU_QUOTA_PERIOD_USEC);
- r = cg_set_attribute("cpu", u->cgroup_path, "cpu.cfs_period_us", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set cpu.cfs_period_us: %m");
-
- if (quota != USEC_INFINITY) {
- xsprintf(buf, USEC_FMT "\n", quota * CGROUP_CPU_QUOTA_PERIOD_USEC / USEC_PER_SEC);
- r = cg_set_attribute("cpu", u->cgroup_path, "cpu.cfs_quota_us", buf);
- } else
- r = cg_set_attribute("cpu", u->cgroup_path, "cpu.cfs_quota_us", "-1");
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set cpu.cfs_quota_us: %m");
-}
-
-static uint64_t cgroup_cpu_shares_to_weight(uint64_t shares) {
- return CLAMP(shares * CGROUP_WEIGHT_DEFAULT / CGROUP_CPU_SHARES_DEFAULT,
- CGROUP_WEIGHT_MIN, CGROUP_WEIGHT_MAX);
-}
-
-static uint64_t cgroup_cpu_weight_to_shares(uint64_t weight) {
- return CLAMP(weight * CGROUP_CPU_SHARES_DEFAULT / CGROUP_WEIGHT_DEFAULT,
- CGROUP_CPU_SHARES_MIN, CGROUP_CPU_SHARES_MAX);
-}
-
-static bool cgroup_context_has_io_config(CGroupContext *c) {
- return c->io_accounting ||
- c->io_weight != CGROUP_WEIGHT_INVALID ||
- c->startup_io_weight != CGROUP_WEIGHT_INVALID ||
- c->io_device_weights ||
- c->io_device_limits;
-}
-
-static bool cgroup_context_has_blockio_config(CGroupContext *c) {
- return c->blockio_accounting ||
- c->blockio_weight != CGROUP_BLKIO_WEIGHT_INVALID ||
- c->startup_blockio_weight != CGROUP_BLKIO_WEIGHT_INVALID ||
- c->blockio_device_weights ||
- c->blockio_device_bandwidths;
-}
-
-static uint64_t cgroup_context_io_weight(CGroupContext *c, ManagerState state) {
- if (IN_SET(state, MANAGER_STARTING, MANAGER_INITIALIZING) &&
- c->startup_io_weight != CGROUP_WEIGHT_INVALID)
- return c->startup_io_weight;
- else if (c->io_weight != CGROUP_WEIGHT_INVALID)
- return c->io_weight;
- else
- return CGROUP_WEIGHT_DEFAULT;
-}
-
-static uint64_t cgroup_context_blkio_weight(CGroupContext *c, ManagerState state) {
- if (IN_SET(state, MANAGER_STARTING, MANAGER_INITIALIZING) &&
- c->startup_blockio_weight != CGROUP_BLKIO_WEIGHT_INVALID)
- return c->startup_blockio_weight;
- else if (c->blockio_weight != CGROUP_BLKIO_WEIGHT_INVALID)
- return c->blockio_weight;
- else
- return CGROUP_BLKIO_WEIGHT_DEFAULT;
-}
-
-static uint64_t cgroup_weight_blkio_to_io(uint64_t blkio_weight) {
- return CLAMP(blkio_weight * CGROUP_WEIGHT_DEFAULT / CGROUP_BLKIO_WEIGHT_DEFAULT,
- CGROUP_WEIGHT_MIN, CGROUP_WEIGHT_MAX);
-}
-
-static uint64_t cgroup_weight_io_to_blkio(uint64_t io_weight) {
- return CLAMP(io_weight * CGROUP_BLKIO_WEIGHT_DEFAULT / CGROUP_WEIGHT_DEFAULT,
- CGROUP_BLKIO_WEIGHT_MIN, CGROUP_BLKIO_WEIGHT_MAX);
-}
-
-static void cgroup_apply_io_device_weight(Unit *u, const char *dev_path, uint64_t io_weight) {
- char buf[DECIMAL_STR_MAX(dev_t)*2+2+DECIMAL_STR_MAX(uint64_t)+1];
- dev_t dev;
- int r;
-
- r = lookup_block_device(dev_path, &dev);
- if (r < 0)
- return;
-
- xsprintf(buf, "%u:%u %" PRIu64 "\n", major(dev), minor(dev), io_weight);
- r = cg_set_attribute("io", u->cgroup_path, "io.weight", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set io.weight: %m");
-}
-
-static void cgroup_apply_blkio_device_weight(Unit *u, const char *dev_path, uint64_t blkio_weight) {
- char buf[DECIMAL_STR_MAX(dev_t)*2+2+DECIMAL_STR_MAX(uint64_t)+1];
- dev_t dev;
- int r;
-
- r = lookup_block_device(dev_path, &dev);
- if (r < 0)
- return;
-
- xsprintf(buf, "%u:%u %" PRIu64 "\n", major(dev), minor(dev), blkio_weight);
- r = cg_set_attribute("blkio", u->cgroup_path, "blkio.weight_device", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set blkio.weight_device: %m");
-}
-
-static unsigned cgroup_apply_io_device_limit(Unit *u, const char *dev_path, uint64_t *limits) {
- char limit_bufs[_CGROUP_IO_LIMIT_TYPE_MAX][DECIMAL_STR_MAX(uint64_t)];
- char buf[DECIMAL_STR_MAX(dev_t)*2+2+(6+DECIMAL_STR_MAX(uint64_t)+1)*4];
- CGroupIOLimitType type;
- dev_t dev;
- unsigned n = 0;
- int r;
-
- r = lookup_block_device(dev_path, &dev);
- if (r < 0)
- return 0;
-
- for (type = 0; type < _CGROUP_IO_LIMIT_TYPE_MAX; type++) {
- if (limits[type] != cgroup_io_limit_defaults[type]) {
- xsprintf(limit_bufs[type], "%" PRIu64, limits[type]);
- n++;
- } else {
- xsprintf(limit_bufs[type], "%s", limits[type] == CGROUP_LIMIT_MAX ? "max" : "0");
- }
- }
-
- xsprintf(buf, "%u:%u rbps=%s wbps=%s riops=%s wiops=%s\n", major(dev), minor(dev),
- limit_bufs[CGROUP_IO_RBPS_MAX], limit_bufs[CGROUP_IO_WBPS_MAX],
- limit_bufs[CGROUP_IO_RIOPS_MAX], limit_bufs[CGROUP_IO_WIOPS_MAX]);
- r = cg_set_attribute("io", u->cgroup_path, "io.max", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set io.max: %m");
- return n;
-}
-
-static unsigned cgroup_apply_blkio_device_limit(Unit *u, const char *dev_path, uint64_t rbps, uint64_t wbps) {
- char buf[DECIMAL_STR_MAX(dev_t)*2+2+DECIMAL_STR_MAX(uint64_t)+1];
- dev_t dev;
- unsigned n = 0;
- int r;
-
- r = lookup_block_device(dev_path, &dev);
- if (r < 0)
- return 0;
-
- if (rbps != CGROUP_LIMIT_MAX)
- n++;
- sprintf(buf, "%u:%u %" PRIu64 "\n", major(dev), minor(dev), rbps);
- r = cg_set_attribute("blkio", u->cgroup_path, "blkio.throttle.read_bps_device", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set blkio.throttle.read_bps_device: %m");
-
- if (wbps != CGROUP_LIMIT_MAX)
- n++;
- sprintf(buf, "%u:%u %" PRIu64 "\n", major(dev), minor(dev), wbps);
- r = cg_set_attribute("blkio", u->cgroup_path, "blkio.throttle.write_bps_device", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set blkio.throttle.write_bps_device: %m");
-
- return n;
-}
-
-static bool cgroup_context_has_unified_memory_config(CGroupContext *c) {
- return c->memory_low > 0 || c->memory_high != CGROUP_LIMIT_MAX || c->memory_max != CGROUP_LIMIT_MAX || c->memory_swap_max != CGROUP_LIMIT_MAX;
-}
-
-static void cgroup_apply_unified_memory_limit(Unit *u, const char *file, uint64_t v) {
- char buf[DECIMAL_STR_MAX(uint64_t) + 1] = "max";
- int r;
-
- if (v != CGROUP_LIMIT_MAX)
- xsprintf(buf, "%" PRIu64 "\n", v);
-
- r = cg_set_attribute("memory", u->cgroup_path, file, buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set %s: %m", file);
-}
-
-static void cgroup_context_apply(Unit *u, CGroupMask mask, ManagerState state) {
- const char *path;
- CGroupContext *c;
- bool is_root;
- int r;
-
- assert(u);
-
- c = unit_get_cgroup_context(u);
- path = u->cgroup_path;
-
- assert(c);
- assert(path);
-
- if (mask == 0)
- return;
-
- /* Some cgroup attributes are not supported on the root cgroup,
- * hence silently ignore */
- is_root = isempty(path) || path_equal(path, "/");
- if (is_root)
- /* Make sure we don't try to display messages with an empty path. */
- path = "/";
-
- /* We generally ignore errors caused by read-only mounted
- * cgroup trees (assuming we are running in a container then),
- * and missing cgroups, i.e. EROFS and ENOENT. */
-
- if ((mask & CGROUP_MASK_CPU) && !is_root) {
- bool has_weight = cgroup_context_has_cpu_weight(c);
- bool has_shares = cgroup_context_has_cpu_shares(c);
-
- if (cg_all_unified() > 0) {
- uint64_t weight;
-
- if (has_weight)
- weight = cgroup_context_cpu_weight(c, state);
- else if (has_shares) {
- uint64_t shares = cgroup_context_cpu_shares(c, state);
-
- weight = cgroup_cpu_shares_to_weight(shares);
-
- log_cgroup_compat(u, "Applying [Startup]CpuShares %" PRIu64 " as [Startup]CpuWeight %" PRIu64 " on %s",
- shares, weight, path);
- } else
- weight = CGROUP_WEIGHT_DEFAULT;
-
- cgroup_apply_unified_cpu_config(u, weight, c->cpu_quota_per_sec_usec);
- } else {
- uint64_t shares;
-
- if (has_weight) {
- uint64_t weight = cgroup_context_cpu_weight(c, state);
-
- shares = cgroup_cpu_weight_to_shares(weight);
-
- log_cgroup_compat(u, "Applying [Startup]CpuWeight %" PRIu64 " as [Startup]CpuShares %" PRIu64 " on %s",
- weight, shares, path);
- } else if (has_shares)
- shares = cgroup_context_cpu_shares(c, state);
- else
- shares = CGROUP_CPU_SHARES_DEFAULT;
-
- cgroup_apply_legacy_cpu_config(u, shares, c->cpu_quota_per_sec_usec);
- }
- }
-
- if (mask & CGROUP_MASK_IO) {
- bool has_io = cgroup_context_has_io_config(c);
- bool has_blockio = cgroup_context_has_blockio_config(c);
-
- if (!is_root) {
- char buf[8+DECIMAL_STR_MAX(uint64_t)+1];
- uint64_t weight;
-
- if (has_io)
- weight = cgroup_context_io_weight(c, state);
- else if (has_blockio) {
- uint64_t blkio_weight = cgroup_context_blkio_weight(c, state);
-
- weight = cgroup_weight_blkio_to_io(blkio_weight);
-
- log_cgroup_compat(u, "Applying [Startup]BlockIOWeight %" PRIu64 " as [Startup]IOWeight %" PRIu64,
- blkio_weight, weight);
- } else
- weight = CGROUP_WEIGHT_DEFAULT;
-
- xsprintf(buf, "default %" PRIu64 "\n", weight);
- r = cg_set_attribute("io", path, "io.weight", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set io.weight: %m");
-
- if (has_io) {
- CGroupIODeviceWeight *w;
-
- /* FIXME: no way to reset this list */
- LIST_FOREACH(device_weights, w, c->io_device_weights)
- cgroup_apply_io_device_weight(u, w->path, w->weight);
- } else if (has_blockio) {
- CGroupBlockIODeviceWeight *w;
-
- /* FIXME: no way to reset this list */
- LIST_FOREACH(device_weights, w, c->blockio_device_weights) {
- weight = cgroup_weight_blkio_to_io(w->weight);
-
- log_cgroup_compat(u, "Applying BlockIODeviceWeight %" PRIu64 " as IODeviceWeight %" PRIu64 " for %s",
- w->weight, weight, w->path);
-
- cgroup_apply_io_device_weight(u, w->path, weight);
- }
- }
- }
-
- /* Apply limits and free ones without config. */
- if (has_io) {
- CGroupIODeviceLimit *l, *next;
-
- LIST_FOREACH_SAFE(device_limits, l, next, c->io_device_limits) {
- if (!cgroup_apply_io_device_limit(u, l->path, l->limits))
- cgroup_context_free_io_device_limit(c, l);
- }
- } else if (has_blockio) {
- CGroupBlockIODeviceBandwidth *b, *next;
-
- LIST_FOREACH_SAFE(device_bandwidths, b, next, c->blockio_device_bandwidths) {
- uint64_t limits[_CGROUP_IO_LIMIT_TYPE_MAX];
- CGroupIOLimitType type;
-
- for (type = 0; type < _CGROUP_IO_LIMIT_TYPE_MAX; type++)
- limits[type] = cgroup_io_limit_defaults[type];
-
- limits[CGROUP_IO_RBPS_MAX] = b->rbps;
- limits[CGROUP_IO_WBPS_MAX] = b->wbps;
-
- log_cgroup_compat(u, "Applying BlockIO{Read|Write}Bandwidth %" PRIu64 " %" PRIu64 " as IO{Read|Write}BandwidthMax for %s",
- b->rbps, b->wbps, b->path);
-
- if (!cgroup_apply_io_device_limit(u, b->path, limits))
- cgroup_context_free_blockio_device_bandwidth(c, b);
- }
- }
- }
-
- if (mask & CGROUP_MASK_BLKIO) {
- bool has_io = cgroup_context_has_io_config(c);
- bool has_blockio = cgroup_context_has_blockio_config(c);
-
- if (!is_root) {
- char buf[DECIMAL_STR_MAX(uint64_t)+1];
- uint64_t weight;
-
- if (has_io) {
- uint64_t io_weight = cgroup_context_io_weight(c, state);
-
- weight = cgroup_weight_io_to_blkio(cgroup_context_io_weight(c, state));
-
- log_cgroup_compat(u, "Applying [Startup]IOWeight %" PRIu64 " as [Startup]BlockIOWeight %" PRIu64,
- io_weight, weight);
- } else if (has_blockio)
- weight = cgroup_context_blkio_weight(c, state);
- else
- weight = CGROUP_BLKIO_WEIGHT_DEFAULT;
-
- xsprintf(buf, "%" PRIu64 "\n", weight);
- r = cg_set_attribute("blkio", path, "blkio.weight", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set blkio.weight: %m");
-
- if (has_io) {
- CGroupIODeviceWeight *w;
-
- /* FIXME: no way to reset this list */
- LIST_FOREACH(device_weights, w, c->io_device_weights) {
- weight = cgroup_weight_io_to_blkio(w->weight);
-
- log_cgroup_compat(u, "Applying IODeviceWeight %" PRIu64 " as BlockIODeviceWeight %" PRIu64 " for %s",
- w->weight, weight, w->path);
-
- cgroup_apply_blkio_device_weight(u, w->path, weight);
- }
- } else if (has_blockio) {
- CGroupBlockIODeviceWeight *w;
-
- /* FIXME: no way to reset this list */
- LIST_FOREACH(device_weights, w, c->blockio_device_weights)
- cgroup_apply_blkio_device_weight(u, w->path, w->weight);
- }
- }
-
- /* Apply limits and free ones without config. */
- if (has_io) {
- CGroupIODeviceLimit *l, *next;
-
- LIST_FOREACH_SAFE(device_limits, l, next, c->io_device_limits) {
- log_cgroup_compat(u, "Applying IO{Read|Write}Bandwidth %" PRIu64 " %" PRIu64 " as BlockIO{Read|Write}BandwidthMax for %s",
- l->limits[CGROUP_IO_RBPS_MAX], l->limits[CGROUP_IO_WBPS_MAX], l->path);
-
- if (!cgroup_apply_blkio_device_limit(u, l->path, l->limits[CGROUP_IO_RBPS_MAX], l->limits[CGROUP_IO_WBPS_MAX]))
- cgroup_context_free_io_device_limit(c, l);
- }
- } else if (has_blockio) {
- CGroupBlockIODeviceBandwidth *b, *next;
-
- LIST_FOREACH_SAFE(device_bandwidths, b, next, c->blockio_device_bandwidths)
- if (!cgroup_apply_blkio_device_limit(u, b->path, b->rbps, b->wbps))
- cgroup_context_free_blockio_device_bandwidth(c, b);
- }
- }
-
- if ((mask & CGROUP_MASK_MEMORY) && !is_root) {
- if (cg_all_unified() > 0) {
- uint64_t max;
- uint64_t swap_max = CGROUP_LIMIT_MAX;
-
- if (cgroup_context_has_unified_memory_config(c)) {
- max = c->memory_max;
- swap_max = c->memory_swap_max;
- } else {
- max = c->memory_limit;
-
- if (max != CGROUP_LIMIT_MAX)
- log_cgroup_compat(u, "Applying MemoryLimit %" PRIu64 " as MemoryMax", max);
- }
-
- cgroup_apply_unified_memory_limit(u, "memory.low", c->memory_low);
- cgroup_apply_unified_memory_limit(u, "memory.high", c->memory_high);
- cgroup_apply_unified_memory_limit(u, "memory.max", max);
- cgroup_apply_unified_memory_limit(u, "memory.swap.max", swap_max);
- } else {
- char buf[DECIMAL_STR_MAX(uint64_t) + 1];
- uint64_t val;
-
- if (cgroup_context_has_unified_memory_config(c)) {
- val = c->memory_max;
- log_cgroup_compat(u, "Applying MemoryMax %" PRIi64 " as MemoryLimit", val);
- } else
- val = c->memory_limit;
-
- if (val == CGROUP_LIMIT_MAX)
- strncpy(buf, "-1\n", sizeof(buf));
- else
- xsprintf(buf, "%" PRIu64 "\n", val);
-
- r = cg_set_attribute("memory", path, "memory.limit_in_bytes", buf);
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set memory.limit_in_bytes: %m");
- }
- }
-
- if ((mask & CGROUP_MASK_DEVICES) && !is_root) {
- CGroupDeviceAllow *a;
-
- /* Changing the devices list of a populated cgroup
- * might result in EINVAL, hence ignore EINVAL
- * here. */
-
- if (c->device_allow || c->device_policy != CGROUP_AUTO)
- r = cg_set_attribute("devices", path, "devices.deny", "a");
- else
- r = cg_set_attribute("devices", path, "devices.allow", "a");
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EINVAL, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to reset devices.list: %m");
-
- if (c->device_policy == CGROUP_CLOSED ||
- (c->device_policy == CGROUP_AUTO && c->device_allow)) {
- static const char auto_devices[] =
- "/dev/null\0" "rwm\0"
- "/dev/zero\0" "rwm\0"
- "/dev/full\0" "rwm\0"
- "/dev/random\0" "rwm\0"
- "/dev/urandom\0" "rwm\0"
- "/dev/tty\0" "rwm\0"
- "/dev/pts/ptmx\0" "rw\0" /* /dev/pts/ptmx may not be duplicated, but accessed */
- /* Allow /run/systemd/inaccessible/{chr,blk} devices for mapping InaccessiblePaths */
- "/run/systemd/inaccessible/chr\0" "rwm\0"
- "/run/systemd/inaccessible/blk\0" "rwm\0";
-
- const char *x, *y;
-
- NULSTR_FOREACH_PAIR(x, y, auto_devices)
- whitelist_device(path, x, y);
-
- whitelist_major(path, "pts", 'c', "rw");
- whitelist_major(path, "kdbus", 'c', "rw");
- whitelist_major(path, "kdbus/*", 'c', "rw");
- }
-
- LIST_FOREACH(device_allow, a, c->device_allow) {
- char acc[4];
- unsigned k = 0;
-
- if (a->r)
- acc[k++] = 'r';
- if (a->w)
- acc[k++] = 'w';
- if (a->m)
- acc[k++] = 'm';
-
- if (k == 0)
- continue;
-
- acc[k++] = 0;
-
- if (startswith(a->path, "/dev/"))
- whitelist_device(path, a->path, acc);
- else if (startswith(a->path, "block-"))
- whitelist_major(path, a->path + 6, 'b', acc);
- else if (startswith(a->path, "char-"))
- whitelist_major(path, a->path + 5, 'c', acc);
- else
- log_unit_debug(u, "Ignoring device %s while writing cgroup attribute.", a->path);
- }
- }
-
- if ((mask & CGROUP_MASK_PIDS) && !is_root) {
-
- if (c->tasks_max != CGROUP_LIMIT_MAX) {
- char buf[DECIMAL_STR_MAX(uint64_t) + 2];
-
- sprintf(buf, "%" PRIu64 "\n", c->tasks_max);
- r = cg_set_attribute("pids", path, "pids.max", buf);
- } else
- r = cg_set_attribute("pids", path, "pids.max", "max");
-
- if (r < 0)
- log_unit_full(u, IN_SET(r, -ENOENT, -EROFS, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to set pids.max: %m");
- }
-}
-
-CGroupMask cgroup_context_get_mask(CGroupContext *c) {
- CGroupMask mask = 0;
-
- /* Figure out which controllers we need */
-
- if (c->cpu_accounting ||
- cgroup_context_has_cpu_weight(c) ||
- cgroup_context_has_cpu_shares(c) ||
- c->cpu_quota_per_sec_usec != USEC_INFINITY)
- mask |= CGROUP_MASK_CPUACCT | CGROUP_MASK_CPU;
-
- if (cgroup_context_has_io_config(c) || cgroup_context_has_blockio_config(c))
- mask |= CGROUP_MASK_IO | CGROUP_MASK_BLKIO;
-
- if (c->memory_accounting ||
- c->memory_limit != CGROUP_LIMIT_MAX ||
- cgroup_context_has_unified_memory_config(c))
- mask |= CGROUP_MASK_MEMORY;
-
- if (c->device_allow ||
- c->device_policy != CGROUP_AUTO)
- mask |= CGROUP_MASK_DEVICES;
-
- if (c->tasks_accounting ||
- c->tasks_max != (uint64_t) -1)
- mask |= CGROUP_MASK_PIDS;
-
- return mask;
-}
-
-CGroupMask unit_get_own_mask(Unit *u) {
- CGroupContext *c;
-
- /* Returns the mask of controllers the unit needs for itself */
-
- c = unit_get_cgroup_context(u);
- if (!c)
- return 0;
-
- /* If delegation is turned on, then turn on all cgroups,
- * unless we are on the legacy hierarchy and the process we
- * fork into it is known to drop privileges, and hence
- * shouldn't get access to the controllers.
- *
- * Note that on the unified hierarchy it is safe to delegate
- * controllers to unprivileged services. */
-
- if (c->delegate) {
- ExecContext *e;
-
- e = unit_get_exec_context(u);
- if (!e ||
- exec_context_maintains_privileges(e) ||
- cg_all_unified() > 0)
- return _CGROUP_MASK_ALL;
- }
-
- return cgroup_context_get_mask(c);
-}
-
-CGroupMask unit_get_members_mask(Unit *u) {
- assert(u);
-
- /* Returns the mask of controllers all of the unit's children
- * require, merged */
-
- if (u->cgroup_members_mask_valid)
- return u->cgroup_members_mask;
-
- u->cgroup_members_mask = 0;
-
- if (u->type == UNIT_SLICE) {
- Unit *member;
- Iterator i;
-
- SET_FOREACH(member, u->dependencies[UNIT_BEFORE], i) {
-
- if (member == u)
- continue;
-
- if (UNIT_DEREF(member->slice) != u)
- continue;
-
- u->cgroup_members_mask |=
- unit_get_own_mask(member) |
- unit_get_members_mask(member);
- }
- }
-
- u->cgroup_members_mask_valid = true;
- return u->cgroup_members_mask;
-}
-
-CGroupMask unit_get_siblings_mask(Unit *u) {
- assert(u);
-
- /* Returns the mask of controllers all of the unit's siblings
- * require, i.e. the members mask of the unit's parent slice
- * if there is one. */
-
- if (UNIT_ISSET(u->slice))
- return unit_get_members_mask(UNIT_DEREF(u->slice));
-
- return unit_get_own_mask(u) | unit_get_members_mask(u);
-}
-
-CGroupMask unit_get_subtree_mask(Unit *u) {
-
- /* Returns the mask of this subtree, meaning of the group
- * itself and its children. */
-
- return unit_get_own_mask(u) | unit_get_members_mask(u);
-}
-
-CGroupMask unit_get_target_mask(Unit *u) {
- CGroupMask mask;
-
- /* This returns the cgroup mask of all controllers to enable
- * for a specific cgroup, i.e. everything it needs itself,
- * plus all that its children need, plus all that its siblings
- * need. This is primarily useful on the legacy cgroup
- * hierarchy, where we need to duplicate each cgroup in each
- * hierarchy that shall be enabled for it. */
-
- mask = unit_get_own_mask(u) | unit_get_members_mask(u) | unit_get_siblings_mask(u);
- mask &= u->manager->cgroup_supported;
-
- return mask;
-}
-
-CGroupMask unit_get_enable_mask(Unit *u) {
- CGroupMask mask;
-
- /* This returns the cgroup mask of all controllers to enable
- * for the children of a specific cgroup. This is primarily
- * useful for the unified cgroup hierarchy, where each cgroup
- * controls which controllers are enabled for its children. */
-
- mask = unit_get_members_mask(u);
- mask &= u->manager->cgroup_supported;
-
- return mask;
-}
-
-/* Recurse from a unit up through its containing slices, propagating
- * mask bits upward. A unit is also member of itself. */
-void unit_update_cgroup_members_masks(Unit *u) {
- CGroupMask m;
- bool more;
-
- assert(u);
-
- /* Calculate subtree mask */
- m = unit_get_subtree_mask(u);
-
- /* See if anything changed from the previous invocation. If
- * not, we're done. */
- if (u->cgroup_subtree_mask_valid && m == u->cgroup_subtree_mask)
- return;
-
- more =
- u->cgroup_subtree_mask_valid &&
- ((m & ~u->cgroup_subtree_mask) != 0) &&
- ((~m & u->cgroup_subtree_mask) == 0);
-
- u->cgroup_subtree_mask = m;
- u->cgroup_subtree_mask_valid = true;
-
- if (UNIT_ISSET(u->slice)) {
- Unit *s = UNIT_DEREF(u->slice);
-
- if (more)
- /* There's more set now than before. We
- * propagate the new mask to the parent's mask
- * (not caring if it actually was valid or
- * not). */
-
- s->cgroup_members_mask |= m;
-
- else
- /* There's less set now than before (or we
- * don't know), we need to recalculate
- * everything, so let's invalidate the
- * parent's members mask */
-
- s->cgroup_members_mask_valid = false;
-
- /* And now make sure that this change also hits our
- * grandparents */
- unit_update_cgroup_members_masks(s);
- }
-}
-
-static const char *migrate_callback(CGroupMask mask, void *userdata) {
- Unit *u = userdata;
-
- assert(mask != 0);
- assert(u);
-
- while (u) {
- if (u->cgroup_path &&
- u->cgroup_realized &&
- (u->cgroup_realized_mask & mask) == mask)
- return u->cgroup_path;
-
- u = UNIT_DEREF(u->slice);
- }
-
- return NULL;
-}
-
-char *unit_default_cgroup_path(Unit *u) {
- _cleanup_free_ char *escaped = NULL, *slice = NULL;
- int r;
-
- assert(u);
-
- if (unit_has_name(u, SPECIAL_ROOT_SLICE))
- return strdup(u->manager->cgroup_root);
-
- if (UNIT_ISSET(u->slice) && !unit_has_name(UNIT_DEREF(u->slice), SPECIAL_ROOT_SLICE)) {
- r = cg_slice_to_path(UNIT_DEREF(u->slice)->id, &slice);
- if (r < 0)
- return NULL;
- }
-
- escaped = cg_escape(u->id);
- if (!escaped)
- return NULL;
-
- if (slice)
- return strjoin(u->manager->cgroup_root, "/", slice, "/", escaped, NULL);
- else
- return strjoin(u->manager->cgroup_root, "/", escaped, NULL);
-}
-
-int unit_set_cgroup_path(Unit *u, const char *path) {
- _cleanup_free_ char *p = NULL;
- int r;
-
- assert(u);
-
- if (path) {
- p = strdup(path);
- if (!p)
- return -ENOMEM;
- } else
- p = NULL;
-
- if (streq_ptr(u->cgroup_path, p))
- return 0;
-
- if (p) {
- r = hashmap_put(u->manager->cgroup_unit, p, u);
- if (r < 0)
- return r;
- }
-
- unit_release_cgroup(u);
-
- u->cgroup_path = p;
- p = NULL;
-
- return 1;
-}
-
-int unit_watch_cgroup(Unit *u) {
- _cleanup_free_ char *events = NULL;
- int r;
-
- assert(u);
-
- if (!u->cgroup_path)
- return 0;
-
- if (u->cgroup_inotify_wd >= 0)
- return 0;
-
- /* Only applies to the unified hierarchy */
- r = cg_unified(SYSTEMD_CGROUP_CONTROLLER);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed detect whether the unified hierarchy is used: %m");
- if (r == 0)
- return 0;
-
- /* Don't watch the root slice, it's pointless. */
- if (unit_has_name(u, SPECIAL_ROOT_SLICE))
- return 0;
-
- r = hashmap_ensure_allocated(&u->manager->cgroup_inotify_wd_unit, &trivial_hash_ops);
- if (r < 0)
- return log_oom();
-
- r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, "cgroup.events", &events);
- if (r < 0)
- return log_oom();
-
- u->cgroup_inotify_wd = inotify_add_watch(u->manager->cgroup_inotify_fd, events, IN_MODIFY);
- if (u->cgroup_inotify_wd < 0) {
-
- if (errno == ENOENT) /* If the directory is already
- * gone we don't need to track
- * it, so this is not an error */
- return 0;
-
- return log_unit_error_errno(u, errno, "Failed to add inotify watch descriptor for control group %s: %m", u->cgroup_path);
- }
-
- r = hashmap_put(u->manager->cgroup_inotify_wd_unit, INT_TO_PTR(u->cgroup_inotify_wd), u);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to add inotify watch descriptor to hash map: %m");
-
- return 0;
-}
-
-static int unit_create_cgroup(
- Unit *u,
- CGroupMask target_mask,
- CGroupMask enable_mask) {
-
- CGroupContext *c;
- int r;
-
- assert(u);
-
- c = unit_get_cgroup_context(u);
- if (!c)
- return 0;
-
- if (!u->cgroup_path) {
- _cleanup_free_ char *path = NULL;
-
- path = unit_default_cgroup_path(u);
- if (!path)
- return log_oom();
-
- r = unit_set_cgroup_path(u, path);
- if (r == -EEXIST)
- return log_unit_error_errno(u, r, "Control group %s exists already.", path);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to set unit's control group path to %s: %m", path);
- }
-
- /* First, create our own group */
- r = cg_create_everywhere(u->manager->cgroup_supported, target_mask, u->cgroup_path);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to create cgroup %s: %m", u->cgroup_path);
-
- /* Start watching it */
- (void) unit_watch_cgroup(u);
-
- /* Enable all controllers we need */
- r = cg_enable_everywhere(u->manager->cgroup_supported, enable_mask, u->cgroup_path);
- if (r < 0)
- log_unit_warning_errno(u, r, "Failed to enable controllers on cgroup %s, ignoring: %m", u->cgroup_path);
-
- /* Keep track that this is now realized */
- u->cgroup_realized = true;
- u->cgroup_realized_mask = target_mask;
- u->cgroup_enabled_mask = enable_mask;
-
- if (u->type != UNIT_SLICE && !c->delegate) {
-
- /* Then, possibly move things over, but not if
- * subgroups may contain processes, which is the case
- * for slice and delegation units. */
- r = cg_migrate_everywhere(u->manager->cgroup_supported, u->cgroup_path, u->cgroup_path, migrate_callback, u);
- if (r < 0)
- log_unit_warning_errno(u, r, "Failed to migrate cgroup from to %s, ignoring: %m", u->cgroup_path);
- }
-
- return 0;
-}
-
-int unit_attach_pids_to_cgroup(Unit *u) {
- int r;
- assert(u);
-
- r = unit_realize_cgroup(u);
- if (r < 0)
- return r;
-
- r = cg_attach_many_everywhere(u->manager->cgroup_supported, u->cgroup_path, u->pids, migrate_callback, u);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static void cgroup_xattr_apply(Unit *u) {
- char ids[SD_ID128_STRING_MAX];
- int r;
-
- assert(u);
-
- if (!MANAGER_IS_SYSTEM(u->manager))
- return;
-
- if (sd_id128_is_null(u->invocation_id))
- return;
-
- r = cg_set_xattr(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
- "trusted.invocation_id",
- sd_id128_to_string(u->invocation_id, ids), 32,
- 0);
- if (r < 0)
- log_unit_warning_errno(u, r, "Failed to set invocation ID on control group %s, ignoring: %m", u->cgroup_path);
-}
-
-static bool unit_has_mask_realized(Unit *u, CGroupMask target_mask, CGroupMask enable_mask) {
- assert(u);
-
- return u->cgroup_realized && u->cgroup_realized_mask == target_mask && u->cgroup_enabled_mask == enable_mask;
-}
-
-/* Check if necessary controllers and attributes for a unit are in place.
- *
- * If so, do nothing.
- * If not, create paths, move processes over, and set attributes.
- *
- * Returns 0 on success and < 0 on failure. */
-static int unit_realize_cgroup_now(Unit *u, ManagerState state) {
- CGroupMask target_mask, enable_mask;
- int r;
-
- assert(u);
-
- if (u->in_cgroup_queue) {
- LIST_REMOVE(cgroup_queue, u->manager->cgroup_queue, u);
- u->in_cgroup_queue = false;
- }
-
- target_mask = unit_get_target_mask(u);
- enable_mask = unit_get_enable_mask(u);
-
- if (unit_has_mask_realized(u, target_mask, enable_mask))
- return 0;
-
- /* First, realize parents */
- if (UNIT_ISSET(u->slice)) {
- r = unit_realize_cgroup_now(UNIT_DEREF(u->slice), state);
- if (r < 0)
- return r;
- }
-
- /* And then do the real work */
- r = unit_create_cgroup(u, target_mask, enable_mask);
- if (r < 0)
- return r;
-
- /* Finally, apply the necessary attributes. */
- cgroup_context_apply(u, target_mask, state);
- cgroup_xattr_apply(u);
-
- return 0;
-}
-
-static void unit_add_to_cgroup_queue(Unit *u) {
-
- if (u->in_cgroup_queue)
- return;
-
- LIST_PREPEND(cgroup_queue, u->manager->cgroup_queue, u);
- u->in_cgroup_queue = true;
-}
-
-unsigned manager_dispatch_cgroup_queue(Manager *m) {
- ManagerState state;
- unsigned n = 0;
- Unit *i;
- int r;
-
- state = manager_state(m);
-
- while ((i = m->cgroup_queue)) {
- assert(i->in_cgroup_queue);
-
- r = unit_realize_cgroup_now(i, state);
- if (r < 0)
- log_warning_errno(r, "Failed to realize cgroups for queued unit %s, ignoring: %m", i->id);
-
- n++;
- }
-
- return n;
-}
-
-static void unit_queue_siblings(Unit *u) {
- Unit *slice;
-
- /* This adds the siblings of the specified unit and the
- * siblings of all parent units to the cgroup queue. (But
- * neither the specified unit itself nor the parents.) */
-
- while ((slice = UNIT_DEREF(u->slice))) {
- Iterator i;
- Unit *m;
-
- SET_FOREACH(m, slice->dependencies[UNIT_BEFORE], i) {
- if (m == u)
- continue;
-
- /* Skip units that have a dependency on the slice
- * but aren't actually in it. */
- if (UNIT_DEREF(m->slice) != slice)
- continue;
-
- /* No point in doing cgroup application for units
- * without active processes. */
- if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(m)))
- continue;
-
- /* If the unit doesn't need any new controllers
- * and has current ones realized, it doesn't need
- * any changes. */
- if (unit_has_mask_realized(m, unit_get_target_mask(m), unit_get_enable_mask(m)))
- continue;
-
- unit_add_to_cgroup_queue(m);
- }
-
- u = slice;
- }
-}
-
-int unit_realize_cgroup(Unit *u) {
- assert(u);
-
- if (!UNIT_HAS_CGROUP_CONTEXT(u))
- return 0;
-
- /* So, here's the deal: when realizing the cgroups for this
- * unit, we need to first create all parents, but there's more
- * actually: for the weight-based controllers we also need to
- * make sure that all our siblings (i.e. units that are in the
- * same slice as we are) have cgroups, too. Otherwise, things
- * would become very uneven as each of their processes would
- * get as much resources as all our group together. This call
- * will synchronously create the parent cgroups, but will
- * defer work on the siblings to the next event loop
- * iteration. */
-
- /* Add all sibling slices to the cgroup queue. */
- unit_queue_siblings(u);
-
- /* And realize this one now (and apply the values) */
- return unit_realize_cgroup_now(u, manager_state(u->manager));
-}
-
-void unit_release_cgroup(Unit *u) {
- assert(u);
-
- /* Forgets all cgroup details for this cgroup */
-
- if (u->cgroup_path) {
- (void) hashmap_remove(u->manager->cgroup_unit, u->cgroup_path);
- u->cgroup_path = mfree(u->cgroup_path);
- }
-
- if (u->cgroup_inotify_wd >= 0) {
- if (inotify_rm_watch(u->manager->cgroup_inotify_fd, u->cgroup_inotify_wd) < 0)
- log_unit_debug_errno(u, errno, "Failed to remove cgroup inotify watch %i for %s, ignoring", u->cgroup_inotify_wd, u->id);
-
- (void) hashmap_remove(u->manager->cgroup_inotify_wd_unit, INT_TO_PTR(u->cgroup_inotify_wd));
- u->cgroup_inotify_wd = -1;
- }
-}
-
-void unit_prune_cgroup(Unit *u) {
- int r;
- bool is_root_slice;
-
- assert(u);
-
- /* Removes the cgroup, if empty and possible, and stops watching it. */
-
- if (!u->cgroup_path)
- return;
-
- (void) unit_get_cpu_usage(u, NULL); /* Cache the last CPU usage value before we destroy the cgroup */
-
- is_root_slice = unit_has_name(u, SPECIAL_ROOT_SLICE);
-
- r = cg_trim_everywhere(u->manager->cgroup_supported, u->cgroup_path, !is_root_slice);
- if (r < 0) {
- log_unit_debug_errno(u, r, "Failed to destroy cgroup %s, ignoring: %m", u->cgroup_path);
- return;
- }
-
- if (is_root_slice)
- return;
-
- unit_release_cgroup(u);
-
- u->cgroup_realized = false;
- u->cgroup_realized_mask = 0;
- u->cgroup_enabled_mask = 0;
-}
-
-int unit_search_main_pid(Unit *u, pid_t *ret) {
- _cleanup_fclose_ FILE *f = NULL;
- pid_t pid = 0, npid, mypid;
- int r;
-
- assert(u);
- assert(ret);
-
- if (!u->cgroup_path)
- return -ENXIO;
-
- r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, &f);
- if (r < 0)
- return r;
-
- mypid = getpid();
- while (cg_read_pid(f, &npid) > 0) {
- pid_t ppid;
-
- if (npid == pid)
- continue;
-
- /* Ignore processes that aren't our kids */
- if (get_process_ppid(npid, &ppid) >= 0 && ppid != mypid)
- continue;
-
- if (pid != 0)
- /* Dang, there's more than one daemonized PID
- in this group, so we don't know what process
- is the main process. */
-
- return -ENODATA;
-
- pid = npid;
- }
-
- *ret = pid;
- return 0;
-}
-
-static int unit_watch_pids_in_path(Unit *u, const char *path) {
- _cleanup_closedir_ DIR *d = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- int ret = 0, r;
-
- assert(u);
- assert(path);
-
- r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, path, &f);
- if (r < 0)
- ret = r;
- else {
- pid_t pid;
-
- while ((r = cg_read_pid(f, &pid)) > 0) {
- r = unit_watch_pid(u, pid);
- if (r < 0 && ret >= 0)
- ret = r;
- }
-
- if (r < 0 && ret >= 0)
- ret = r;
- }
-
- r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, path, &d);
- if (r < 0) {
- if (ret >= 0)
- ret = r;
- } else {
- char *fn;
-
- while ((r = cg_read_subgroup(d, &fn)) > 0) {
- _cleanup_free_ char *p = NULL;
-
- p = strjoin(path, "/", fn, NULL);
- free(fn);
-
- if (!p)
- return -ENOMEM;
-
- r = unit_watch_pids_in_path(u, p);
- if (r < 0 && ret >= 0)
- ret = r;
- }
-
- if (r < 0 && ret >= 0)
- ret = r;
- }
-
- return ret;
-}
-
-int unit_watch_all_pids(Unit *u) {
- assert(u);
-
- /* Adds all PIDs from our cgroup to the set of PIDs we
- * watch. This is a fallback logic for cases where we do not
- * get reliable cgroup empty notifications: we try to use
- * SIGCHLD as replacement. */
-
- if (!u->cgroup_path)
- return -ENOENT;
-
- if (cg_unified(SYSTEMD_CGROUP_CONTROLLER) > 0) /* On unified we can use proper notifications */
- return 0;
-
- return unit_watch_pids_in_path(u, u->cgroup_path);
-}
-
-int unit_notify_cgroup_empty(Unit *u) {
- int r;
-
- assert(u);
-
- if (!u->cgroup_path)
- return 0;
-
- r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path);
- if (r <= 0)
- return r;
-
- unit_add_to_gc_queue(u);
-
- if (UNIT_VTABLE(u)->notify_cgroup_empty)
- UNIT_VTABLE(u)->notify_cgroup_empty(u);
-
- return 0;
-}
-
-static int on_cgroup_inotify_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
-
- assert(s);
- assert(fd >= 0);
- assert(m);
-
- for (;;) {
- union inotify_event_buffer buffer;
- struct inotify_event *e;
- ssize_t l;
-
- l = read(fd, &buffer, sizeof(buffer));
- if (l < 0) {
- if (errno == EINTR || errno == EAGAIN)
- return 0;
-
- return log_error_errno(errno, "Failed to read control group inotify events: %m");
- }
-
- FOREACH_INOTIFY_EVENT(e, buffer, l) {
- Unit *u;
-
- if (e->wd < 0)
- /* Queue overflow has no watch descriptor */
- continue;
-
- if (e->mask & IN_IGNORED)
- /* The watch was just removed */
- continue;
-
- u = hashmap_get(m->cgroup_inotify_wd_unit, INT_TO_PTR(e->wd));
- if (!u) /* Not that inotify might deliver
- * events for a watch even after it
- * was removed, because it was queued
- * before the removal. Let's ignore
- * this here safely. */
- continue;
-
- (void) unit_notify_cgroup_empty(u);
- }
- }
-}
-
-int manager_setup_cgroup(Manager *m) {
- _cleanup_free_ char *path = NULL;
- CGroupController c;
- int r, all_unified, systemd_unified;
- char *e;
-
- assert(m);
-
- /* 1. Determine hierarchy */
- m->cgroup_root = mfree(m->cgroup_root);
- r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, 0, &m->cgroup_root);
- if (r < 0)
- return log_error_errno(r, "Cannot determine cgroup we are running in: %m");
-
- /* Chop off the init scope, if we are already located in it */
- e = endswith(m->cgroup_root, "/" SPECIAL_INIT_SCOPE);
-
- /* LEGACY: Also chop off the system slice if we are in
- * it. This is to support live upgrades from older systemd
- * versions where PID 1 was moved there. Also see
- * cg_get_root_path(). */
- if (!e && MANAGER_IS_SYSTEM(m)) {
- e = endswith(m->cgroup_root, "/" SPECIAL_SYSTEM_SLICE);
- if (!e)
- e = endswith(m->cgroup_root, "/system"); /* even more legacy */
- }
- if (e)
- *e = 0;
-
- /* And make sure to store away the root value without trailing
- * slash, even for the root dir, so that we can easily prepend
- * it everywhere. */
- while ((e = endswith(m->cgroup_root, "/")))
- *e = 0;
-
- /* 2. Show data */
- r = cg_get_path(SYSTEMD_CGROUP_CONTROLLER, m->cgroup_root, NULL, &path);
- if (r < 0)
- return log_error_errno(r, "Cannot find cgroup mount point: %m");
-
- all_unified = cg_all_unified();
- systemd_unified = cg_unified(SYSTEMD_CGROUP_CONTROLLER);
-
- if (all_unified < 0 || systemd_unified < 0)
- return log_error_errno(all_unified < 0 ? all_unified : systemd_unified,
- "Couldn't determine if we are running in the unified hierarchy: %m");
-
- if (all_unified > 0)
- log_debug("Unified cgroup hierarchy is located at %s.", path);
- else if (systemd_unified > 0)
- log_debug("Unified cgroup hierarchy is located at %s. Controllers are on legacy hierarchies.", path);
- else
- log_debug("Using cgroup controller " SYSTEMD_CGROUP_CONTROLLER ". File system hierarchy is at %s.", path);
-
- if (!m->test_run) {
- const char *scope_path;
-
- /* 3. Install agent */
- if (systemd_unified) {
-
- /* In the unified hierarchy we can get
- * cgroup empty notifications via inotify. */
-
- m->cgroup_inotify_event_source = sd_event_source_unref(m->cgroup_inotify_event_source);
- safe_close(m->cgroup_inotify_fd);
-
- m->cgroup_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
- if (m->cgroup_inotify_fd < 0)
- return log_error_errno(errno, "Failed to create control group inotify object: %m");
-
- r = sd_event_add_io(m->event, &m->cgroup_inotify_event_source, m->cgroup_inotify_fd, EPOLLIN, on_cgroup_inotify_event, m);
- if (r < 0)
- return log_error_errno(r, "Failed to watch control group inotify object: %m");
-
- /* Process cgroup empty notifications early, but after service notifications and SIGCHLD. Also
- * see handling of cgroup agent notifications, for the classic cgroup hierarchy support. */
- r = sd_event_source_set_priority(m->cgroup_inotify_event_source, SD_EVENT_PRIORITY_NORMAL-5);
- if (r < 0)
- return log_error_errno(r, "Failed to set priority of inotify event source: %m");
-
- (void) sd_event_source_set_description(m->cgroup_inotify_event_source, "cgroup-inotify");
-
- } else if (MANAGER_IS_SYSTEM(m)) {
-
- /* On the legacy hierarchy we only get
- * notifications via cgroup agents. (Which
- * isn't really reliable, since it does not
- * generate events when control groups with
- * children run empty. */
-
- r = cg_install_release_agent(SYSTEMD_CGROUP_CONTROLLER, SYSTEMD_CGROUP_AGENT_PATH);
- if (r < 0)
- log_warning_errno(r, "Failed to install release agent, ignoring: %m");
- else if (r > 0)
- log_debug("Installed release agent.");
- else if (r == 0)
- log_debug("Release agent already installed.");
- }
-
- /* 4. Make sure we are in the special "init.scope" unit in the root slice. */
- scope_path = strjoina(m->cgroup_root, "/" SPECIAL_INIT_SCOPE);
- r = cg_create_and_attach(SYSTEMD_CGROUP_CONTROLLER, scope_path, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to create %s control group: %m", scope_path);
-
- /* also, move all other userspace processes remaining
- * in the root cgroup into that scope. */
- r = cg_migrate(SYSTEMD_CGROUP_CONTROLLER, m->cgroup_root, SYSTEMD_CGROUP_CONTROLLER, scope_path, 0);
- if (r < 0)
- log_warning_errno(r, "Couldn't move remaining userspace processes, ignoring: %m");
-
- /* 5. And pin it, so that it cannot be unmounted */
- safe_close(m->pin_cgroupfs_fd);
- m->pin_cgroupfs_fd = open(path, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOCTTY|O_NONBLOCK);
- if (m->pin_cgroupfs_fd < 0)
- return log_error_errno(errno, "Failed to open pin file: %m");
-
- /* 6. Always enable hierarchical support if it exists... */
- if (!all_unified)
- (void) cg_set_attribute("memory", "/", "memory.use_hierarchy", "1");
- }
-
- /* 7. Figure out which controllers are supported */
- r = cg_mask_supported(&m->cgroup_supported);
- if (r < 0)
- return log_error_errno(r, "Failed to determine supported controllers: %m");
-
- for (c = 0; c < _CGROUP_CONTROLLER_MAX; c++)
- log_debug("Controller '%s' supported: %s", cgroup_controller_to_string(c), yes_no(m->cgroup_supported & CGROUP_CONTROLLER_TO_MASK(c)));
-
- return 0;
-}
-
-void manager_shutdown_cgroup(Manager *m, bool delete) {
- assert(m);
-
- /* We can't really delete the group, since we are in it. But
- * let's trim it. */
- if (delete && m->cgroup_root)
- (void) cg_trim(SYSTEMD_CGROUP_CONTROLLER, m->cgroup_root, false);
-
- m->cgroup_inotify_wd_unit = hashmap_free(m->cgroup_inotify_wd_unit);
-
- m->cgroup_inotify_event_source = sd_event_source_unref(m->cgroup_inotify_event_source);
- m->cgroup_inotify_fd = safe_close(m->cgroup_inotify_fd);
-
- m->pin_cgroupfs_fd = safe_close(m->pin_cgroupfs_fd);
-
- m->cgroup_root = mfree(m->cgroup_root);
-}
-
-Unit* manager_get_unit_by_cgroup(Manager *m, const char *cgroup) {
- char *p;
- Unit *u;
-
- assert(m);
- assert(cgroup);
-
- u = hashmap_get(m->cgroup_unit, cgroup);
- if (u)
- return u;
-
- p = strdupa(cgroup);
- for (;;) {
- char *e;
-
- e = strrchr(p, '/');
- if (!e || e == p)
- return hashmap_get(m->cgroup_unit, SPECIAL_ROOT_SLICE);
-
- *e = 0;
-
- u = hashmap_get(m->cgroup_unit, p);
- if (u)
- return u;
- }
-}
-
-Unit *manager_get_unit_by_pid_cgroup(Manager *m, pid_t pid) {
- _cleanup_free_ char *cgroup = NULL;
- int r;
-
- assert(m);
-
- if (pid <= 0)
- return NULL;
-
- r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &cgroup);
- if (r < 0)
- return NULL;
-
- return manager_get_unit_by_cgroup(m, cgroup);
-}
-
-Unit *manager_get_unit_by_pid(Manager *m, pid_t pid) {
- Unit *u;
-
- assert(m);
-
- if (pid <= 0)
- return NULL;
-
- if (pid == 1)
- return hashmap_get(m->units, SPECIAL_INIT_SCOPE);
-
- u = hashmap_get(m->watch_pids1, PID_TO_PTR(pid));
- if (u)
- return u;
-
- u = hashmap_get(m->watch_pids2, PID_TO_PTR(pid));
- if (u)
- return u;
-
- return manager_get_unit_by_pid_cgroup(m, pid);
-}
-
-int manager_notify_cgroup_empty(Manager *m, const char *cgroup) {
- Unit *u;
-
- assert(m);
- assert(cgroup);
-
- log_debug("Got cgroup empty notification for: %s", cgroup);
-
- u = manager_get_unit_by_cgroup(m, cgroup);
- if (!u)
- return 0;
-
- return unit_notify_cgroup_empty(u);
-}
-
-int unit_get_memory_current(Unit *u, uint64_t *ret) {
- _cleanup_free_ char *v = NULL;
- int r;
-
- assert(u);
- assert(ret);
-
- if (!u->cgroup_path)
- return -ENODATA;
-
- if ((u->cgroup_realized_mask & CGROUP_MASK_MEMORY) == 0)
- return -ENODATA;
-
- if (cg_all_unified() <= 0)
- r = cg_get_attribute("memory", u->cgroup_path, "memory.usage_in_bytes", &v);
- else
- r = cg_get_attribute("memory", u->cgroup_path, "memory.current", &v);
- if (r == -ENOENT)
- return -ENODATA;
- if (r < 0)
- return r;
-
- return safe_atou64(v, ret);
-}
-
-int unit_get_tasks_current(Unit *u, uint64_t *ret) {
- _cleanup_free_ char *v = NULL;
- int r;
-
- assert(u);
- assert(ret);
-
- if (!u->cgroup_path)
- return -ENODATA;
-
- if ((u->cgroup_realized_mask & CGROUP_MASK_PIDS) == 0)
- return -ENODATA;
-
- r = cg_get_attribute("pids", u->cgroup_path, "pids.current", &v);
- if (r == -ENOENT)
- return -ENODATA;
- if (r < 0)
- return r;
-
- return safe_atou64(v, ret);
-}
-
-static int unit_get_cpu_usage_raw(Unit *u, nsec_t *ret) {
- _cleanup_free_ char *v = NULL;
- uint64_t ns;
- int r;
-
- assert(u);
- assert(ret);
-
- if (!u->cgroup_path)
- return -ENODATA;
-
- if (cg_all_unified() > 0) {
- const char *keys[] = { "usage_usec", NULL };
- _cleanup_free_ char *val = NULL;
- uint64_t us;
-
- if ((u->cgroup_realized_mask & CGROUP_MASK_CPU) == 0)
- return -ENODATA;
-
- r = cg_get_keyed_attribute("cpu", u->cgroup_path, "cpu.stat", keys, &val);
- if (r < 0)
- return r;
-
- r = safe_atou64(val, &us);
- if (r < 0)
- return r;
-
- ns = us * NSEC_PER_USEC;
- } else {
- if ((u->cgroup_realized_mask & CGROUP_MASK_CPUACCT) == 0)
- return -ENODATA;
-
- r = cg_get_attribute("cpuacct", u->cgroup_path, "cpuacct.usage", &v);
- if (r == -ENOENT)
- return -ENODATA;
- if (r < 0)
- return r;
-
- r = safe_atou64(v, &ns);
- if (r < 0)
- return r;
- }
-
- *ret = ns;
- return 0;
-}
-
-int unit_get_cpu_usage(Unit *u, nsec_t *ret) {
- nsec_t ns;
- int r;
-
- assert(u);
-
- /* Retrieve the current CPU usage counter. This will subtract the CPU counter taken when the unit was
- * started. If the cgroup has been removed already, returns the last cached value. To cache the value, simply
- * call this function with a NULL return value. */
-
- r = unit_get_cpu_usage_raw(u, &ns);
- if (r == -ENODATA && u->cpu_usage_last != NSEC_INFINITY) {
- /* If we can't get the CPU usage anymore (because the cgroup was already removed, for example), use our
- * cached value. */
-
- if (ret)
- *ret = u->cpu_usage_last;
- return 0;
- }
- if (r < 0)
- return r;
-
- if (ns > u->cpu_usage_base)
- ns -= u->cpu_usage_base;
- else
- ns = 0;
-
- u->cpu_usage_last = ns;
- if (ret)
- *ret = ns;
-
- return 0;
-}
-
-int unit_reset_cpu_usage(Unit *u) {
- nsec_t ns;
- int r;
-
- assert(u);
-
- u->cpu_usage_last = NSEC_INFINITY;
-
- r = unit_get_cpu_usage_raw(u, &ns);
- if (r < 0) {
- u->cpu_usage_base = 0;
- return r;
- }
-
- u->cpu_usage_base = ns;
- return 0;
-}
-
-bool unit_cgroup_delegate(Unit *u) {
- CGroupContext *c;
-
- assert(u);
-
- c = unit_get_cgroup_context(u);
- if (!c)
- return false;
-
- return c->delegate;
-}
-
-void unit_invalidate_cgroup(Unit *u, CGroupMask m) {
- assert(u);
-
- if (!UNIT_HAS_CGROUP_CONTEXT(u))
- return;
-
- if (m == 0)
- return;
-
- /* always invalidate compat pairs together */
- if (m & (CGROUP_MASK_IO | CGROUP_MASK_BLKIO))
- m |= CGROUP_MASK_IO | CGROUP_MASK_BLKIO;
-
- if ((u->cgroup_realized_mask & m) == 0)
- return;
-
- u->cgroup_realized_mask &= ~m;
- unit_add_to_cgroup_queue(u);
-}
-
-void manager_invalidate_startup_units(Manager *m) {
- Iterator i;
- Unit *u;
-
- assert(m);
-
- SET_FOREACH(u, m->startup_units, i)
- unit_invalidate_cgroup(u, CGROUP_MASK_CPU|CGROUP_MASK_IO|CGROUP_MASK_BLKIO);
-}
-
-static const char* const cgroup_device_policy_table[_CGROUP_DEVICE_POLICY_MAX] = {
- [CGROUP_AUTO] = "auto",
- [CGROUP_CLOSED] = "closed",
- [CGROUP_STRICT] = "strict",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(cgroup_device_policy, CGroupDevicePolicy);
diff --git a/src/core/cgroup.h b/src/core/cgroup.h
deleted file mode 100644
index 4cd168f63e..0000000000
--- a/src/core/cgroup.h
+++ /dev/null
@@ -1,187 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-
-#include "list.h"
-#include "time-util.h"
-#include "cgroup-util.h"
-
-typedef struct CGroupContext CGroupContext;
-typedef struct CGroupDeviceAllow CGroupDeviceAllow;
-typedef struct CGroupIODeviceWeight CGroupIODeviceWeight;
-typedef struct CGroupIODeviceLimit CGroupIODeviceLimit;
-typedef struct CGroupBlockIODeviceWeight CGroupBlockIODeviceWeight;
-typedef struct CGroupBlockIODeviceBandwidth CGroupBlockIODeviceBandwidth;
-
-typedef enum CGroupDevicePolicy {
-
- /* When devices listed, will allow those, plus built-in ones,
- if none are listed will allow everything. */
- CGROUP_AUTO,
-
- /* Everything forbidden, except built-in ones and listed ones. */
- CGROUP_CLOSED,
-
- /* Everythings forbidden, except for the listed devices */
- CGROUP_STRICT,
-
- _CGROUP_DEVICE_POLICY_MAX,
- _CGROUP_DEVICE_POLICY_INVALID = -1
-} CGroupDevicePolicy;
-
-struct CGroupDeviceAllow {
- LIST_FIELDS(CGroupDeviceAllow, device_allow);
- char *path;
- bool r:1;
- bool w:1;
- bool m:1;
-};
-
-struct CGroupIODeviceWeight {
- LIST_FIELDS(CGroupIODeviceWeight, device_weights);
- char *path;
- uint64_t weight;
-};
-
-struct CGroupIODeviceLimit {
- LIST_FIELDS(CGroupIODeviceLimit, device_limits);
- char *path;
- uint64_t limits[_CGROUP_IO_LIMIT_TYPE_MAX];
-};
-
-struct CGroupBlockIODeviceWeight {
- LIST_FIELDS(CGroupBlockIODeviceWeight, device_weights);
- char *path;
- uint64_t weight;
-};
-
-struct CGroupBlockIODeviceBandwidth {
- LIST_FIELDS(CGroupBlockIODeviceBandwidth, device_bandwidths);
- char *path;
- uint64_t rbps;
- uint64_t wbps;
-};
-
-struct CGroupContext {
- bool cpu_accounting;
- bool io_accounting;
- bool blockio_accounting;
- bool memory_accounting;
- bool tasks_accounting;
-
- /* For unified hierarchy */
- uint64_t cpu_weight;
- uint64_t startup_cpu_weight;
- usec_t cpu_quota_per_sec_usec;
-
- uint64_t io_weight;
- uint64_t startup_io_weight;
- LIST_HEAD(CGroupIODeviceWeight, io_device_weights);
- LIST_HEAD(CGroupIODeviceLimit, io_device_limits);
-
- uint64_t memory_low;
- uint64_t memory_high;
- uint64_t memory_max;
- uint64_t memory_swap_max;
-
- /* For legacy hierarchies */
- uint64_t cpu_shares;
- uint64_t startup_cpu_shares;
-
- uint64_t blockio_weight;
- uint64_t startup_blockio_weight;
- LIST_HEAD(CGroupBlockIODeviceWeight, blockio_device_weights);
- LIST_HEAD(CGroupBlockIODeviceBandwidth, blockio_device_bandwidths);
-
- uint64_t memory_limit;
-
- CGroupDevicePolicy device_policy;
- LIST_HEAD(CGroupDeviceAllow, device_allow);
-
- /* Common */
- uint64_t tasks_max;
-
- bool delegate;
-};
-
-#include "unit.h"
-
-void cgroup_context_init(CGroupContext *c);
-void cgroup_context_done(CGroupContext *c);
-void cgroup_context_dump(CGroupContext *c, FILE* f, const char *prefix);
-
-CGroupMask cgroup_context_get_mask(CGroupContext *c);
-
-void cgroup_context_free_device_allow(CGroupContext *c, CGroupDeviceAllow *a);
-void cgroup_context_free_io_device_weight(CGroupContext *c, CGroupIODeviceWeight *w);
-void cgroup_context_free_io_device_limit(CGroupContext *c, CGroupIODeviceLimit *l);
-void cgroup_context_free_blockio_device_weight(CGroupContext *c, CGroupBlockIODeviceWeight *w);
-void cgroup_context_free_blockio_device_bandwidth(CGroupContext *c, CGroupBlockIODeviceBandwidth *b);
-
-CGroupMask unit_get_own_mask(Unit *u);
-CGroupMask unit_get_siblings_mask(Unit *u);
-CGroupMask unit_get_members_mask(Unit *u);
-CGroupMask unit_get_subtree_mask(Unit *u);
-
-CGroupMask unit_get_target_mask(Unit *u);
-CGroupMask unit_get_enable_mask(Unit *u);
-
-void unit_update_cgroup_members_masks(Unit *u);
-
-char *unit_default_cgroup_path(Unit *u);
-int unit_set_cgroup_path(Unit *u, const char *path);
-
-int unit_realize_cgroup(Unit *u);
-void unit_release_cgroup(Unit *u);
-void unit_prune_cgroup(Unit *u);
-int unit_watch_cgroup(Unit *u);
-
-int unit_attach_pids_to_cgroup(Unit *u);
-
-int manager_setup_cgroup(Manager *m);
-void manager_shutdown_cgroup(Manager *m, bool delete);
-
-unsigned manager_dispatch_cgroup_queue(Manager *m);
-
-Unit *manager_get_unit_by_cgroup(Manager *m, const char *cgroup);
-Unit *manager_get_unit_by_pid_cgroup(Manager *m, pid_t pid);
-Unit* manager_get_unit_by_pid(Manager *m, pid_t pid);
-
-int unit_search_main_pid(Unit *u, pid_t *ret);
-int unit_watch_all_pids(Unit *u);
-
-int unit_get_memory_current(Unit *u, uint64_t *ret);
-int unit_get_tasks_current(Unit *u, uint64_t *ret);
-int unit_get_cpu_usage(Unit *u, nsec_t *ret);
-int unit_reset_cpu_usage(Unit *u);
-
-bool unit_cgroup_delegate(Unit *u);
-
-int unit_notify_cgroup_empty(Unit *u);
-int manager_notify_cgroup_empty(Manager *m, const char *group);
-
-void unit_invalidate_cgroup(Unit *u, CGroupMask m);
-
-void manager_invalidate_startup_units(Manager *m);
-
-const char* cgroup_device_policy_to_string(CGroupDevicePolicy i) _const_;
-CGroupDevicePolicy cgroup_device_policy_from_string(const char *s) _pure_;
diff --git a/src/core/dbus-automount.c b/src/core/dbus-automount.c
deleted file mode 100644
index 26212b3a95..0000000000
--- a/src/core/dbus-automount.c
+++ /dev/null
@@ -1,88 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "automount.h"
-#include "bus-util.h"
-#include "dbus-automount.h"
-#include "string-util.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, automount_result, AutomountResult);
-
-const sd_bus_vtable bus_automount_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Where", "s", NULL, offsetof(Automount, where), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DirectoryMode", "u", bus_property_get_mode, offsetof(Automount, directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Automount, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("TimeoutIdleUSec", "t", bus_property_get_usec, offsetof(Automount, timeout_idle_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_VTABLE_END
-};
-
-static int bus_automount_set_transient_property(
- Automount *a,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(a);
- assert(name);
- assert(message);
-
- if (streq(name, "TimeoutIdleUSec")) {
- usec_t timeout_idle_usec;
- r = sd_bus_message_read(message, "t", &timeout_idle_usec);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- char time[FORMAT_TIMESPAN_MAX];
-
- a->timeout_idle_usec = timeout_idle_usec;
- unit_write_drop_in_format(UNIT(a), mode, name, "[Automount]\nTimeoutIdleSec=%s\n",
- format_timespan(time, sizeof(time), timeout_idle_usec, USEC_PER_MSEC));
- }
- } else
- return 0;
-
- return 1;
-}
-
-int bus_automount_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Automount *a = AUTOMOUNT(u);
- int r = 0;
-
- assert(a);
- assert(name);
- assert(message);
-
- if (u->transient && u->load_state == UNIT_STUB)
- /* This is a transient unit, let's load a little more */
-
- r = bus_automount_set_transient_property(a, name, message, mode, error);
-
- return r;
-}
diff --git a/src/core/dbus-automount.h b/src/core/dbus-automount.h
deleted file mode 100644
index f41adda2a6..0000000000
--- a/src/core/dbus-automount.h
+++ /dev/null
@@ -1,25 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-
-extern const sd_bus_vtable bus_automount_vtable[];
-
-int bus_automount_set_property(Unit *u, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
diff --git a/src/core/dbus-busname.c b/src/core/dbus-busname.c
deleted file mode 100644
index cf816ba15b..0000000000
--- a/src/core/dbus-busname.c
+++ /dev/null
@@ -1,37 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "bus-util.h"
-#include "busname.h"
-#include "dbus-busname.h"
-#include "string-util.h"
-#include "unit.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, busname_result, BusNameResult);
-
-const sd_bus_vtable bus_busname_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Name", "s", NULL, offsetof(BusName, name), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimeoutUSec", "t", bus_property_get_usec, offsetof(BusName, timeout_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ControlPID", "u", bus_property_get_pid, offsetof(BusName, control_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(BusName, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Activating", "b", bus_property_get_bool, offsetof(BusName, activating), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("AcceptFileDescriptors", "b", bus_property_get_bool, offsetof(BusName, accept_fd), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_VTABLE_END
-};
diff --git a/src/core/dbus-busname.h b/src/core/dbus-busname.h
deleted file mode 100644
index 8643d1a404..0000000000
--- a/src/core/dbus-busname.h
+++ /dev/null
@@ -1,23 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-
-extern const sd_bus_vtable bus_busname_vtable[];
diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c
deleted file mode 100644
index c4067a95bf..0000000000
--- a/src/core/dbus-cgroup.c
+++ /dev/null
@@ -1,1158 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "bus-util.h"
-#include "cgroup-util.h"
-#include "cgroup.h"
-#include "dbus-cgroup.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "path-util.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_cgroup_device_policy, cgroup_device_policy, CGroupDevicePolicy);
-
-static int property_get_io_device_weight(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- CGroupContext *c = userdata;
- CGroupIODeviceWeight *w;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'a', "(st)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(device_weights, w, c->io_device_weights) {
- r = sd_bus_message_append(reply, "(st)", w->path, w->weight);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_io_device_limits(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- CGroupContext *c = userdata;
- CGroupIODeviceLimit *l;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'a', "(st)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(device_limits, l, c->io_device_limits) {
- CGroupIOLimitType type;
-
- type = cgroup_io_limit_type_from_string(property);
- if (type < 0 || l->limits[type] == cgroup_io_limit_defaults[type])
- continue;
-
- r = sd_bus_message_append(reply, "(st)", l->path, l->limits[type]);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_blockio_device_weight(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- CGroupContext *c = userdata;
- CGroupBlockIODeviceWeight *w;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'a', "(st)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(device_weights, w, c->blockio_device_weights) {
- r = sd_bus_message_append(reply, "(st)", w->path, w->weight);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_blockio_device_bandwidths(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- CGroupContext *c = userdata;
- CGroupBlockIODeviceBandwidth *b;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'a', "(st)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
- uint64_t v;
-
- if (streq(property, "BlockIOReadBandwidth"))
- v = b->rbps;
- else
- v = b->wbps;
-
- if (v == CGROUP_LIMIT_MAX)
- continue;
-
- r = sd_bus_message_append(reply, "(st)", b->path, v);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_device_allow(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- CGroupContext *c = userdata;
- CGroupDeviceAllow *a;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'a', "(ss)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(device_allow, a, c->device_allow) {
- unsigned k = 0;
- char rwm[4];
-
- if (a->r)
- rwm[k++] = 'r';
- if (a->w)
- rwm[k++] = 'w';
- if (a->m)
- rwm[k++] = 'm';
-
- rwm[k] = 0;
-
- r = sd_bus_message_append(reply, "(ss)", a->path, rwm);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-const sd_bus_vtable bus_cgroup_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Delegate", "b", bus_property_get_bool, offsetof(CGroupContext, delegate), 0),
- SD_BUS_PROPERTY("CPUAccounting", "b", bus_property_get_bool, offsetof(CGroupContext, cpu_accounting), 0),
- SD_BUS_PROPERTY("CPUWeight", "t", NULL, offsetof(CGroupContext, cpu_weight), 0),
- SD_BUS_PROPERTY("StartupCPUWeight", "t", NULL, offsetof(CGroupContext, startup_cpu_weight), 0),
- SD_BUS_PROPERTY("CPUShares", "t", NULL, offsetof(CGroupContext, cpu_shares), 0),
- SD_BUS_PROPERTY("StartupCPUShares", "t", NULL, offsetof(CGroupContext, startup_cpu_shares), 0),
- SD_BUS_PROPERTY("CPUQuotaPerSecUSec", "t", bus_property_get_usec, offsetof(CGroupContext, cpu_quota_per_sec_usec), 0),
- SD_BUS_PROPERTY("IOAccounting", "b", bus_property_get_bool, offsetof(CGroupContext, io_accounting), 0),
- SD_BUS_PROPERTY("IOWeight", "t", NULL, offsetof(CGroupContext, io_weight), 0),
- SD_BUS_PROPERTY("StartupIOWeight", "t", NULL, offsetof(CGroupContext, startup_io_weight), 0),
- SD_BUS_PROPERTY("IODeviceWeight", "a(st)", property_get_io_device_weight, 0, 0),
- SD_BUS_PROPERTY("IOReadBandwidthMax", "a(st)", property_get_io_device_limits, 0, 0),
- SD_BUS_PROPERTY("IOWriteBandwidthMax", "a(st)", property_get_io_device_limits, 0, 0),
- SD_BUS_PROPERTY("IOReadIOPSMax", "a(st)", property_get_io_device_limits, 0, 0),
- SD_BUS_PROPERTY("IOWriteIOPSMax", "a(st)", property_get_io_device_limits, 0, 0),
- SD_BUS_PROPERTY("BlockIOAccounting", "b", bus_property_get_bool, offsetof(CGroupContext, blockio_accounting), 0),
- SD_BUS_PROPERTY("BlockIOWeight", "t", NULL, offsetof(CGroupContext, blockio_weight), 0),
- SD_BUS_PROPERTY("StartupBlockIOWeight", "t", NULL, offsetof(CGroupContext, startup_blockio_weight), 0),
- SD_BUS_PROPERTY("BlockIODeviceWeight", "a(st)", property_get_blockio_device_weight, 0, 0),
- SD_BUS_PROPERTY("BlockIOReadBandwidth", "a(st)", property_get_blockio_device_bandwidths, 0, 0),
- SD_BUS_PROPERTY("BlockIOWriteBandwidth", "a(st)", property_get_blockio_device_bandwidths, 0, 0),
- SD_BUS_PROPERTY("MemoryAccounting", "b", bus_property_get_bool, offsetof(CGroupContext, memory_accounting), 0),
- SD_BUS_PROPERTY("MemoryLow", "t", NULL, offsetof(CGroupContext, memory_low), 0),
- SD_BUS_PROPERTY("MemoryHigh", "t", NULL, offsetof(CGroupContext, memory_high), 0),
- SD_BUS_PROPERTY("MemoryMax", "t", NULL, offsetof(CGroupContext, memory_max), 0),
- SD_BUS_PROPERTY("MemorySwapMax", "t", NULL, offsetof(CGroupContext, memory_swap_max), 0),
- SD_BUS_PROPERTY("MemoryLimit", "t", NULL, offsetof(CGroupContext, memory_limit), 0),
- SD_BUS_PROPERTY("DevicePolicy", "s", property_get_cgroup_device_policy, offsetof(CGroupContext, device_policy), 0),
- SD_BUS_PROPERTY("DeviceAllow", "a(ss)", property_get_device_allow, 0, 0),
- SD_BUS_PROPERTY("TasksAccounting", "b", bus_property_get_bool, offsetof(CGroupContext, tasks_accounting), 0),
- SD_BUS_PROPERTY("TasksMax", "t", NULL, offsetof(CGroupContext, tasks_max), 0),
- SD_BUS_VTABLE_END
-};
-
-static int bus_cgroup_set_transient_property(
- Unit *u,
- CGroupContext *c,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(u);
- assert(c);
- assert(name);
- assert(message);
-
- if (streq(name, "Delegate")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->delegate = b;
- unit_write_drop_in_private(u, mode, name, b ? "Delegate=yes" : "Delegate=no");
- }
-
- return 1;
- }
-
- return 0;
-}
-
-int bus_cgroup_set_property(
- Unit *u,
- CGroupContext *c,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- CGroupIOLimitType iol_type;
- int r;
-
- assert(u);
- assert(c);
- assert(name);
- assert(message);
-
- if (streq(name, "CPUAccounting")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->cpu_accounting = b;
- unit_invalidate_cgroup(u, CGROUP_MASK_CPUACCT|CGROUP_MASK_CPU);
- unit_write_drop_in_private(u, mode, name, b ? "CPUAccounting=yes" : "CPUAccounting=no");
- }
-
- return 1;
-
- } else if (streq(name, "CPUWeight")) {
- uint64_t weight;
-
- r = sd_bus_message_read(message, "t", &weight);
- if (r < 0)
- return r;
-
- if (!CGROUP_WEIGHT_IS_OK(weight))
- return sd_bus_error_set_errnof(error, EINVAL, "CPUWeight value out of range");
-
- if (mode != UNIT_CHECK) {
- c->cpu_weight = weight;
- unit_invalidate_cgroup(u, CGROUP_MASK_CPU);
-
- if (weight == CGROUP_WEIGHT_INVALID)
- unit_write_drop_in_private(u, mode, name, "CPUWeight=");
- else
- unit_write_drop_in_private_format(u, mode, name, "CPUWeight=%" PRIu64, weight);
- }
-
- return 1;
-
- } else if (streq(name, "StartupCPUWeight")) {
- uint64_t weight;
-
- r = sd_bus_message_read(message, "t", &weight);
- if (r < 0)
- return r;
-
- if (!CGROUP_WEIGHT_IS_OK(weight))
- return sd_bus_error_set_errnof(error, EINVAL, "StartupCPUWeight value out of range");
-
- if (mode != UNIT_CHECK) {
- c->startup_cpu_weight = weight;
- unit_invalidate_cgroup(u, CGROUP_MASK_CPU);
-
- if (weight == CGROUP_CPU_SHARES_INVALID)
- unit_write_drop_in_private(u, mode, name, "StartupCPUWeight=");
- else
- unit_write_drop_in_private_format(u, mode, name, "StartupCPUWeight=%" PRIu64, weight);
- }
-
- return 1;
-
- } else if (streq(name, "CPUShares")) {
- uint64_t shares;
-
- r = sd_bus_message_read(message, "t", &shares);
- if (r < 0)
- return r;
-
- if (!CGROUP_CPU_SHARES_IS_OK(shares))
- return sd_bus_error_set_errnof(error, EINVAL, "CPUShares value out of range");
-
- if (mode != UNIT_CHECK) {
- c->cpu_shares = shares;
- unit_invalidate_cgroup(u, CGROUP_MASK_CPU);
-
- if (shares == CGROUP_CPU_SHARES_INVALID)
- unit_write_drop_in_private(u, mode, name, "CPUShares=");
- else
- unit_write_drop_in_private_format(u, mode, name, "CPUShares=%" PRIu64, shares);
- }
-
- return 1;
-
- } else if (streq(name, "StartupCPUShares")) {
- uint64_t shares;
-
- r = sd_bus_message_read(message, "t", &shares);
- if (r < 0)
- return r;
-
- if (!CGROUP_CPU_SHARES_IS_OK(shares))
- return sd_bus_error_set_errnof(error, EINVAL, "StartupCPUShares value out of range");
-
- if (mode != UNIT_CHECK) {
- c->startup_cpu_shares = shares;
- unit_invalidate_cgroup(u, CGROUP_MASK_CPU);
-
- if (shares == CGROUP_CPU_SHARES_INVALID)
- unit_write_drop_in_private(u, mode, name, "StartupCPUShares=");
- else
- unit_write_drop_in_private_format(u, mode, name, "StartupCPUShares=%" PRIu64, shares);
- }
-
- return 1;
-
- } else if (streq(name, "CPUQuotaPerSecUSec")) {
- uint64_t u64;
-
- r = sd_bus_message_read(message, "t", &u64);
- if (r < 0)
- return r;
-
- if (u64 <= 0)
- return sd_bus_error_set_errnof(error, EINVAL, "CPUQuotaPerSecUSec value out of range");
-
- if (mode != UNIT_CHECK) {
- c->cpu_quota_per_sec_usec = u64;
- unit_invalidate_cgroup(u, CGROUP_MASK_CPU);
- unit_write_drop_in_private_format(u, mode, "CPUQuota", "CPUQuota=%0.f%%", (double) (c->cpu_quota_per_sec_usec / 10000));
- }
-
- return 1;
-
- } else if (streq(name, "IOAccounting")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->io_accounting = b;
- unit_invalidate_cgroup(u, CGROUP_MASK_IO);
- unit_write_drop_in_private(u, mode, name, b ? "IOAccounting=yes" : "IOAccounting=no");
- }
-
- return 1;
-
- } else if (streq(name, "IOWeight")) {
- uint64_t weight;
-
- r = sd_bus_message_read(message, "t", &weight);
- if (r < 0)
- return r;
-
- if (!CGROUP_WEIGHT_IS_OK(weight))
- return sd_bus_error_set_errnof(error, EINVAL, "IOWeight value out of range");
-
- if (mode != UNIT_CHECK) {
- c->io_weight = weight;
- unit_invalidate_cgroup(u, CGROUP_MASK_IO);
-
- if (weight == CGROUP_WEIGHT_INVALID)
- unit_write_drop_in_private(u, mode, name, "IOWeight=");
- else
- unit_write_drop_in_private_format(u, mode, name, "IOWeight=%" PRIu64, weight);
- }
-
- return 1;
-
- } else if (streq(name, "StartupIOWeight")) {
- uint64_t weight;
-
- r = sd_bus_message_read(message, "t", &weight);
- if (r < 0)
- return r;
-
- if (CGROUP_WEIGHT_IS_OK(weight))
- return sd_bus_error_set_errnof(error, EINVAL, "StartupIOWeight value out of range");
-
- if (mode != UNIT_CHECK) {
- c->startup_io_weight = weight;
- unit_invalidate_cgroup(u, CGROUP_MASK_IO);
-
- if (weight == CGROUP_WEIGHT_INVALID)
- unit_write_drop_in_private(u, mode, name, "StartupIOWeight=");
- else
- unit_write_drop_in_private_format(u, mode, name, "StartupIOWeight=%" PRIu64, weight);
- }
-
- return 1;
-
- } else if ((iol_type = cgroup_io_limit_type_from_string(name)) >= 0) {
- const char *path;
- unsigned n = 0;
- uint64_t u64;
-
- r = sd_bus_message_enter_container(message, 'a', "(st)");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "(st)", &path, &u64)) > 0) {
-
- if (mode != UNIT_CHECK) {
- CGroupIODeviceLimit *a = NULL, *b;
-
- LIST_FOREACH(device_limits, b, c->io_device_limits) {
- if (path_equal(path, b->path)) {
- a = b;
- break;
- }
- }
-
- if (!a) {
- CGroupIOLimitType type;
-
- a = new0(CGroupIODeviceLimit, 1);
- if (!a)
- return -ENOMEM;
-
- a->path = strdup(path);
- if (!a->path) {
- free(a);
- return -ENOMEM;
- }
-
- for (type = 0; type < _CGROUP_IO_LIMIT_TYPE_MAX; type++)
- a->limits[type] = cgroup_io_limit_defaults[type];
-
- LIST_PREPEND(device_limits, c->io_device_limits, a);
- }
-
- a->limits[iol_type] = u64;
- }
-
- n++;
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- CGroupIODeviceLimit *a;
- _cleanup_free_ char *buf = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- size_t size = 0;
-
- if (n == 0) {
- LIST_FOREACH(device_limits, a, c->io_device_limits)
- a->limits[iol_type] = cgroup_io_limit_defaults[iol_type];
- }
-
- unit_invalidate_cgroup(u, CGROUP_MASK_IO);
-
- f = open_memstream(&buf, &size);
- if (!f)
- return -ENOMEM;
-
- fprintf(f, "%s=\n", name);
- LIST_FOREACH(device_limits, a, c->io_device_limits)
- if (a->limits[iol_type] != cgroup_io_limit_defaults[iol_type])
- fprintf(f, "%s=%s %" PRIu64 "\n", name, a->path, a->limits[iol_type]);
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
- unit_write_drop_in_private(u, mode, name, buf);
- }
-
- return 1;
-
- } else if (streq(name, "IODeviceWeight")) {
- const char *path;
- uint64_t weight;
- unsigned n = 0;
-
- r = sd_bus_message_enter_container(message, 'a', "(st)");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "(st)", &path, &weight)) > 0) {
-
- if (!CGROUP_WEIGHT_IS_OK(weight) || weight == CGROUP_WEIGHT_INVALID)
- return sd_bus_error_set_errnof(error, EINVAL, "IODeviceWeight out of range");
-
- if (mode != UNIT_CHECK) {
- CGroupIODeviceWeight *a = NULL, *b;
-
- LIST_FOREACH(device_weights, b, c->io_device_weights) {
- if (path_equal(b->path, path)) {
- a = b;
- break;
- }
- }
-
- if (!a) {
- a = new0(CGroupIODeviceWeight, 1);
- if (!a)
- return -ENOMEM;
-
- a->path = strdup(path);
- if (!a->path) {
- free(a);
- return -ENOMEM;
- }
- LIST_PREPEND(device_weights,c->io_device_weights, a);
- }
-
- a->weight = weight;
- }
-
- n++;
- }
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *buf = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- CGroupIODeviceWeight *a;
- size_t size = 0;
-
- if (n == 0) {
- while (c->io_device_weights)
- cgroup_context_free_io_device_weight(c, c->io_device_weights);
- }
-
- unit_invalidate_cgroup(u, CGROUP_MASK_IO);
-
- f = open_memstream(&buf, &size);
- if (!f)
- return -ENOMEM;
-
- fputs("IODeviceWeight=\n", f);
- LIST_FOREACH(device_weights, a, c->io_device_weights)
- fprintf(f, "IODeviceWeight=%s %" PRIu64 "\n", a->path, a->weight);
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
- unit_write_drop_in_private(u, mode, name, buf);
- }
-
- return 1;
-
- } else if (streq(name, "BlockIOAccounting")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->blockio_accounting = b;
- unit_invalidate_cgroup(u, CGROUP_MASK_BLKIO);
- unit_write_drop_in_private(u, mode, name, b ? "BlockIOAccounting=yes" : "BlockIOAccounting=no");
- }
-
- return 1;
-
- } else if (streq(name, "BlockIOWeight")) {
- uint64_t weight;
-
- r = sd_bus_message_read(message, "t", &weight);
- if (r < 0)
- return r;
-
- if (!CGROUP_BLKIO_WEIGHT_IS_OK(weight))
- return sd_bus_error_set_errnof(error, EINVAL, "BlockIOWeight value out of range");
-
- if (mode != UNIT_CHECK) {
- c->blockio_weight = weight;
- unit_invalidate_cgroup(u, CGROUP_MASK_BLKIO);
-
- if (weight == CGROUP_BLKIO_WEIGHT_INVALID)
- unit_write_drop_in_private(u, mode, name, "BlockIOWeight=");
- else
- unit_write_drop_in_private_format(u, mode, name, "BlockIOWeight=%" PRIu64, weight);
- }
-
- return 1;
-
- } else if (streq(name, "StartupBlockIOWeight")) {
- uint64_t weight;
-
- r = sd_bus_message_read(message, "t", &weight);
- if (r < 0)
- return r;
-
- if (!CGROUP_BLKIO_WEIGHT_IS_OK(weight))
- return sd_bus_error_set_errnof(error, EINVAL, "StartupBlockIOWeight value out of range");
-
- if (mode != UNIT_CHECK) {
- c->startup_blockio_weight = weight;
- unit_invalidate_cgroup(u, CGROUP_MASK_BLKIO);
-
- if (weight == CGROUP_BLKIO_WEIGHT_INVALID)
- unit_write_drop_in_private(u, mode, name, "StartupBlockIOWeight=");
- else
- unit_write_drop_in_private_format(u, mode, name, "StartupBlockIOWeight=%" PRIu64, weight);
- }
-
- return 1;
-
- } else if (STR_IN_SET(name, "BlockIOReadBandwidth", "BlockIOWriteBandwidth")) {
- const char *path;
- bool read = true;
- unsigned n = 0;
- uint64_t u64;
-
- if (streq(name, "BlockIOWriteBandwidth"))
- read = false;
-
- r = sd_bus_message_enter_container(message, 'a', "(st)");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "(st)", &path, &u64)) > 0) {
-
- if (mode != UNIT_CHECK) {
- CGroupBlockIODeviceBandwidth *a = NULL, *b;
-
- LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
- if (path_equal(path, b->path)) {
- a = b;
- break;
- }
- }
-
- if (!a) {
- a = new0(CGroupBlockIODeviceBandwidth, 1);
- if (!a)
- return -ENOMEM;
-
- a->rbps = CGROUP_LIMIT_MAX;
- a->wbps = CGROUP_LIMIT_MAX;
- a->path = strdup(path);
- if (!a->path) {
- free(a);
- return -ENOMEM;
- }
-
- LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, a);
- }
-
- if (read)
- a->rbps = u64;
- else
- a->wbps = u64;
- }
-
- n++;
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- CGroupBlockIODeviceBandwidth *a;
- _cleanup_free_ char *buf = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- size_t size = 0;
-
- if (n == 0) {
- LIST_FOREACH(device_bandwidths, a, c->blockio_device_bandwidths) {
- if (read)
- a->rbps = CGROUP_LIMIT_MAX;
- else
- a->wbps = CGROUP_LIMIT_MAX;
- }
- }
-
- unit_invalidate_cgroup(u, CGROUP_MASK_BLKIO);
-
- f = open_memstream(&buf, &size);
- if (!f)
- return -ENOMEM;
-
- if (read) {
- fputs("BlockIOReadBandwidth=\n", f);
- LIST_FOREACH(device_bandwidths, a, c->blockio_device_bandwidths)
- if (a->rbps != CGROUP_LIMIT_MAX)
- fprintf(f, "BlockIOReadBandwidth=%s %" PRIu64 "\n", a->path, a->rbps);
- } else {
- fputs("BlockIOWriteBandwidth=\n", f);
- LIST_FOREACH(device_bandwidths, a, c->blockio_device_bandwidths)
- if (a->wbps != CGROUP_LIMIT_MAX)
- fprintf(f, "BlockIOWriteBandwidth=%s %" PRIu64 "\n", a->path, a->wbps);
- }
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
- unit_write_drop_in_private(u, mode, name, buf);
- }
-
- return 1;
-
- } else if (streq(name, "BlockIODeviceWeight")) {
- const char *path;
- uint64_t weight;
- unsigned n = 0;
-
- r = sd_bus_message_enter_container(message, 'a', "(st)");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "(st)", &path, &weight)) > 0) {
-
- if (!CGROUP_BLKIO_WEIGHT_IS_OK(weight) || weight == CGROUP_BLKIO_WEIGHT_INVALID)
- return sd_bus_error_set_errnof(error, EINVAL, "BlockIODeviceWeight out of range");
-
- if (mode != UNIT_CHECK) {
- CGroupBlockIODeviceWeight *a = NULL, *b;
-
- LIST_FOREACH(device_weights, b, c->blockio_device_weights) {
- if (path_equal(b->path, path)) {
- a = b;
- break;
- }
- }
-
- if (!a) {
- a = new0(CGroupBlockIODeviceWeight, 1);
- if (!a)
- return -ENOMEM;
-
- a->path = strdup(path);
- if (!a->path) {
- free(a);
- return -ENOMEM;
- }
- LIST_PREPEND(device_weights,c->blockio_device_weights, a);
- }
-
- a->weight = weight;
- }
-
- n++;
- }
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *buf = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- CGroupBlockIODeviceWeight *a;
- size_t size = 0;
-
- if (n == 0) {
- while (c->blockio_device_weights)
- cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
- }
-
- unit_invalidate_cgroup(u, CGROUP_MASK_BLKIO);
-
- f = open_memstream(&buf, &size);
- if (!f)
- return -ENOMEM;
-
- fputs("BlockIODeviceWeight=\n", f);
- LIST_FOREACH(device_weights, a, c->blockio_device_weights)
- fprintf(f, "BlockIODeviceWeight=%s %" PRIu64 "\n", a->path, a->weight);
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
- unit_write_drop_in_private(u, mode, name, buf);
- }
-
- return 1;
-
- } else if (streq(name, "MemoryAccounting")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->memory_accounting = b;
- unit_invalidate_cgroup(u, CGROUP_MASK_MEMORY);
- unit_write_drop_in_private(u, mode, name, b ? "MemoryAccounting=yes" : "MemoryAccounting=no");
- }
-
- return 1;
-
- } else if (STR_IN_SET(name, "MemoryLow", "MemoryHigh", "MemoryMax", "MemorySwapMax")) {
- uint64_t v;
-
- r = sd_bus_message_read(message, "t", &v);
- if (r < 0)
- return r;
- if (v <= 0)
- return sd_bus_error_set_errnof(error, EINVAL, "%s= is too small", name);
-
- if (mode != UNIT_CHECK) {
- if (streq(name, "MemoryLow"))
- c->memory_low = v;
- else if (streq(name, "MemoryHigh"))
- c->memory_high = v;
- else if (streq(name, "MemorySwapMax"))
- c->memory_swap_max = v;
- else
- c->memory_max = v;
-
- unit_invalidate_cgroup(u, CGROUP_MASK_MEMORY);
-
- if (v == CGROUP_LIMIT_MAX)
- unit_write_drop_in_private_format(u, mode, name, "%s=infinity", name);
- else
- unit_write_drop_in_private_format(u, mode, name, "%s=%" PRIu64, name, v);
- }
-
- return 1;
-
- } else if (STR_IN_SET(name, "MemoryLowScale", "MemoryHighScale", "MemoryMaxScale")) {
- uint32_t raw;
- uint64_t v;
-
- r = sd_bus_message_read(message, "u", &raw);
- if (r < 0)
- return r;
-
- v = physical_memory_scale(raw, UINT32_MAX);
- if (v <= 0 || v == UINT64_MAX)
- return sd_bus_error_set_errnof(error, EINVAL, "%s= is out of range", name);
-
- if (mode != UNIT_CHECK) {
- const char *e;
-
- /* Chop off suffix */
- assert_se(e = endswith(name, "Scale"));
- name = strndupa(name, e - name);
-
- if (streq(name, "MemoryLow"))
- c->memory_low = v;
- else if (streq(name, "MemoryHigh"))
- c->memory_high = v;
- else
- c->memory_max = v;
-
- unit_invalidate_cgroup(u, CGROUP_MASK_MEMORY);
- unit_write_drop_in_private_format(u, mode, name, "%s=%" PRIu32 "%%", name,
- (uint32_t) (DIV_ROUND_UP((uint64_t) raw * 100U, (uint64_t) UINT32_MAX)));
- }
-
- return 1;
-
- } else if (streq(name, "MemoryLimit")) {
- uint64_t limit;
-
- r = sd_bus_message_read(message, "t", &limit);
- if (r < 0)
- return r;
- if (limit <= 0)
- return sd_bus_error_set_errnof(error, EINVAL, "%s= is too small", name);
-
- if (mode != UNIT_CHECK) {
- c->memory_limit = limit;
- unit_invalidate_cgroup(u, CGROUP_MASK_MEMORY);
-
- if (limit == (uint64_t) -1)
- unit_write_drop_in_private(u, mode, name, "MemoryLimit=infinity");
- else
- unit_write_drop_in_private_format(u, mode, name, "MemoryLimit=%" PRIu64, limit);
- }
-
- return 1;
-
- } else if (streq(name, "MemoryLimitScale")) {
- uint64_t limit;
- uint32_t raw;
-
- r = sd_bus_message_read(message, "u", &raw);
- if (r < 0)
- return r;
-
- limit = physical_memory_scale(raw, UINT32_MAX);
- if (limit <= 0 || limit == UINT64_MAX)
- return sd_bus_error_set_errnof(error, EINVAL, "%s= is out of range", name);
-
- if (mode != UNIT_CHECK) {
- c->memory_limit = limit;
- unit_invalidate_cgroup(u, CGROUP_MASK_MEMORY);
- unit_write_drop_in_private_format(u, mode, "MemoryLimit", "MemoryLimit=%" PRIu32 "%%",
- (uint32_t) (DIV_ROUND_UP((uint64_t) raw * 100U, (uint64_t) UINT32_MAX)));
- }
-
- return 1;
-
- } else if (streq(name, "DevicePolicy")) {
- const char *policy;
- CGroupDevicePolicy p;
-
- r = sd_bus_message_read(message, "s", &policy);
- if (r < 0)
- return r;
-
- p = cgroup_device_policy_from_string(policy);
- if (p < 0)
- return -EINVAL;
-
- if (mode != UNIT_CHECK) {
- c->device_policy = p;
- unit_invalidate_cgroup(u, CGROUP_MASK_DEVICES);
- unit_write_drop_in_private_format(u, mode, name, "DevicePolicy=%s", policy);
- }
-
- return 1;
-
- } else if (streq(name, "DeviceAllow")) {
- const char *path, *rwm;
- unsigned n = 0;
-
- r = sd_bus_message_enter_container(message, 'a', "(ss)");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "(ss)", &path, &rwm)) > 0) {
-
- if ((!startswith(path, "/dev/") &&
- !startswith(path, "/run/systemd/inaccessible/") &&
- !startswith(path, "block-") &&
- !startswith(path, "char-")) ||
- strpbrk(path, WHITESPACE))
- return sd_bus_error_set_errnof(error, EINVAL, "DeviceAllow= requires device node");
-
- if (isempty(rwm))
- rwm = "rwm";
-
- if (!in_charset(rwm, "rwm"))
- return sd_bus_error_set_errnof(error, EINVAL, "DeviceAllow= requires combination of rwm flags");
-
- if (mode != UNIT_CHECK) {
- CGroupDeviceAllow *a = NULL, *b;
-
- LIST_FOREACH(device_allow, b, c->device_allow) {
- if (path_equal(b->path, path)) {
- a = b;
- break;
- }
- }
-
- if (!a) {
- a = new0(CGroupDeviceAllow, 1);
- if (!a)
- return -ENOMEM;
-
- a->path = strdup(path);
- if (!a->path) {
- free(a);
- return -ENOMEM;
- }
-
- LIST_PREPEND(device_allow, c->device_allow, a);
- }
-
- a->r = !!strchr(rwm, 'r');
- a->w = !!strchr(rwm, 'w');
- a->m = !!strchr(rwm, 'm');
- }
-
- n++;
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *buf = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- CGroupDeviceAllow *a;
- size_t size = 0;
-
- if (n == 0) {
- while (c->device_allow)
- cgroup_context_free_device_allow(c, c->device_allow);
- }
-
- unit_invalidate_cgroup(u, CGROUP_MASK_DEVICES);
-
- f = open_memstream(&buf, &size);
- if (!f)
- return -ENOMEM;
-
- fputs("DeviceAllow=\n", f);
- LIST_FOREACH(device_allow, a, c->device_allow)
- fprintf(f, "DeviceAllow=%s %s%s%s\n", a->path, a->r ? "r" : "", a->w ? "w" : "", a->m ? "m" : "");
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
- unit_write_drop_in_private(u, mode, name, buf);
- }
-
- return 1;
-
- } else if (streq(name, "TasksAccounting")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->tasks_accounting = b;
- unit_invalidate_cgroup(u, CGROUP_MASK_PIDS);
- unit_write_drop_in_private(u, mode, name, b ? "TasksAccounting=yes" : "TasksAccounting=no");
- }
-
- return 1;
-
- } else if (streq(name, "TasksMax")) {
- uint64_t limit;
-
- r = sd_bus_message_read(message, "t", &limit);
- if (r < 0)
- return r;
- if (limit <= 0)
- return sd_bus_error_set_errnof(error, EINVAL, "%s= is too small", name);
-
- if (mode != UNIT_CHECK) {
- c->tasks_max = limit;
- unit_invalidate_cgroup(u, CGROUP_MASK_PIDS);
-
- if (limit == (uint64_t) -1)
- unit_write_drop_in_private(u, mode, name, "TasksMax=infinity");
- else
- unit_write_drop_in_private_format(u, mode, name, "TasksMax=%" PRIu64, limit);
- }
-
- return 1;
- } else if (streq(name, "TasksMaxScale")) {
- uint64_t limit;
- uint32_t raw;
-
- r = sd_bus_message_read(message, "u", &raw);
- if (r < 0)
- return r;
-
- limit = system_tasks_max_scale(raw, UINT32_MAX);
- if (limit <= 0 || limit >= UINT64_MAX)
- return sd_bus_error_set_errnof(error, EINVAL, "%s= is out of range", name);
-
- if (mode != UNIT_CHECK) {
- c->tasks_max = limit;
- unit_invalidate_cgroup(u, CGROUP_MASK_PIDS);
- unit_write_drop_in_private_format(u, mode, name, "TasksMax=%" PRIu32 "%%",
- (uint32_t) (DIV_ROUND_UP((uint64_t) raw * 100U, (uint64_t) UINT32_MAX)));
- }
-
- return 1;
- }
-
- if (u->transient && u->load_state == UNIT_STUB) {
- r = bus_cgroup_set_transient_property(u, c, name, message, mode, error);
- if (r != 0)
- return r;
-
- }
-
- return 0;
-}
diff --git a/src/core/dbus-cgroup.h b/src/core/dbus-cgroup.h
deleted file mode 100644
index b2212fe44e..0000000000
--- a/src/core/dbus-cgroup.h
+++ /dev/null
@@ -1,28 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "cgroup.h"
-
-extern const sd_bus_vtable bus_cgroup_vtable[];
-
-int bus_cgroup_set_property(Unit *u, CGroupContext *c, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
diff --git a/src/core/dbus-device.c b/src/core/dbus-device.c
deleted file mode 100644
index e1a12224d3..0000000000
--- a/src/core/dbus-device.c
+++ /dev/null
@@ -1,28 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "dbus-device.h"
-#include "device.h"
-#include "unit.h"
-
-const sd_bus_vtable bus_device_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("SysFSPath", "s", NULL, offsetof(Device, sysfs), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_VTABLE_END
-};
diff --git a/src/core/dbus-device.h b/src/core/dbus-device.h
deleted file mode 100644
index eb1d8c3278..0000000000
--- a/src/core/dbus-device.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_device_vtable[];
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
deleted file mode 100644
index 1a7f770db1..0000000000
--- a/src/core/dbus-execute.c
+++ /dev/null
@@ -1,1665 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <sys/prctl.h>
-
-#ifdef HAVE_SECCOMP
-#include <seccomp.h>
-#endif
-
-#include "af-list.h"
-#include "alloc-util.h"
-#include "bus-util.h"
-#include "capability-util.h"
-#include "dbus-execute.h"
-#include "env-util.h"
-#include "execute.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "ioprio.h"
-#include "missing.h"
-#include "namespace.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "rlimit-util.h"
-#ifdef HAVE_SECCOMP
-#include "seccomp-util.h"
-#endif
-#include "strv.h"
-#include "syslog-util.h"
-#include "user-util.h"
-#include "utf8.h"
-
-BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_exec_output, exec_output, ExecOutput);
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInput);
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode);
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_protect_home, protect_home, ProtectHome);
-static BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_protect_system, protect_system, ProtectSystem);
-
-static int property_get_environment_files(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- char **j;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'a', "(sb)");
- if (r < 0)
- return r;
-
- STRV_FOREACH(j, c->environment_files) {
- const char *fn = *j;
-
- r = sd_bus_message_append(reply, "(sb)", fn[0] == '-' ? fn + 1 : fn, fn[0] == '-');
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_oom_score_adjust(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
-
- ExecContext *c = userdata;
- int32_t n;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->oom_score_adjust_set)
- n = c->oom_score_adjust;
- else {
- _cleanup_free_ char *t = NULL;
-
- n = 0;
- if (read_one_line_file("/proc/self/oom_score_adj", &t) >= 0)
- safe_atoi32(t, &n);
- }
-
- return sd_bus_message_append(reply, "i", n);
-}
-
-static int property_get_nice(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
-
- ExecContext *c = userdata;
- int32_t n;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->nice_set)
- n = c->nice;
- else {
- errno = 0;
- n = getpriority(PRIO_PROCESS, 0);
- if (errno > 0)
- n = 0;
- }
-
- return sd_bus_message_append(reply, "i", n);
-}
-
-static int property_get_ioprio(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
-
- ExecContext *c = userdata;
- int32_t n;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->ioprio_set)
- n = c->ioprio;
- else {
- n = ioprio_get(IOPRIO_WHO_PROCESS, 0);
- if (n < 0)
- n = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 4);
- }
-
- return sd_bus_message_append(reply, "i", n);
-}
-
-static int property_get_cpu_sched_policy(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- int32_t n;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->cpu_sched_set)
- n = c->cpu_sched_policy;
- else {
- n = sched_getscheduler(0);
- if (n < 0)
- n = SCHED_OTHER;
- }
-
- return sd_bus_message_append(reply, "i", n);
-}
-
-static int property_get_cpu_sched_priority(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- int32_t n;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->cpu_sched_set)
- n = c->cpu_sched_priority;
- else {
- struct sched_param p = {};
-
- if (sched_getparam(0, &p) >= 0)
- n = p.sched_priority;
- else
- n = 0;
- }
-
- return sd_bus_message_append(reply, "i", n);
-}
-
-static int property_get_cpu_affinity(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->cpuset)
- return sd_bus_message_append_array(reply, 'y', c->cpuset, CPU_ALLOC_SIZE(c->cpuset_ncpus));
- else
- return sd_bus_message_append_array(reply, 'y', NULL, 0);
-}
-
-static int property_get_timer_slack_nsec(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- uint64_t u;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->timer_slack_nsec != NSEC_INFINITY)
- u = (uint64_t) c->timer_slack_nsec;
- else
- u = (uint64_t) prctl(PR_GET_TIMERSLACK);
-
- return sd_bus_message_append(reply, "t", u);
-}
-
-static int property_get_capability_bounding_set(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "t", c->capability_bounding_set);
-}
-
-static int property_get_ambient_capabilities(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "t", c->capability_ambient_set);
-}
-
-static int property_get_empty_string(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- return sd_bus_message_append(reply, "s", "");
-}
-
-static int property_get_syscall_filter(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- _cleanup_strv_free_ char **l = NULL;
- int r;
-
-#ifdef HAVE_SECCOMP
- Iterator i;
- void *id;
-#endif
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'r', "bas");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(reply, "b", c->syscall_whitelist);
- if (r < 0)
- return r;
-
-#ifdef HAVE_SECCOMP
- SET_FOREACH(id, c->syscall_filter, i) {
- char *name;
-
- name = seccomp_syscall_resolve_num_arch(SCMP_ARCH_NATIVE, PTR_TO_INT(id) - 1);
- if (!name)
- continue;
-
- r = strv_consume(&l, name);
- if (r < 0)
- return r;
- }
-#endif
-
- strv_sort(l);
-
- r = sd_bus_message_append_strv(reply, l);
- if (r < 0)
- return r;
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_syscall_archs(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- _cleanup_strv_free_ char **l = NULL;
- int r;
-
-#ifdef HAVE_SECCOMP
- Iterator i;
- void *id;
-#endif
-
- assert(bus);
- assert(reply);
- assert(c);
-
-#ifdef HAVE_SECCOMP
- SET_FOREACH(id, c->syscall_archs, i) {
- const char *name;
-
- name = seccomp_arch_to_string(PTR_TO_UINT32(id) - 1);
- if (!name)
- continue;
-
- r = strv_extend(&l, name);
- if (r < 0)
- return -ENOMEM;
- }
-#endif
-
- strv_sort(l);
-
- r = sd_bus_message_append_strv(reply, l);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int property_get_syscall_errno(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "i", (int32_t) c->syscall_errno);
-}
-
-static int property_get_selinux_context(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "(bs)", c->selinux_context_ignore, c->selinux_context);
-}
-
-static int property_get_apparmor_profile(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "(bs)", c->apparmor_profile_ignore, c->apparmor_profile);
-}
-
-static int property_get_smack_process_label(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "(bs)", c->smack_process_label_ignore, c->smack_process_label);
-}
-
-static int property_get_personality(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "s", personality_to_string(c->personality));
-}
-
-static int property_get_address_families(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- _cleanup_strv_free_ char **l = NULL;
- Iterator i;
- void *af;
- int r;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- r = sd_bus_message_open_container(reply, 'r', "bas");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(reply, "b", c->address_families_whitelist);
- if (r < 0)
- return r;
-
- SET_FOREACH(af, c->address_families, i) {
- const char *name;
-
- name = af_to_name(PTR_TO_INT(af));
- if (!name)
- continue;
-
- r = strv_extend(&l, name);
- if (r < 0)
- return -ENOMEM;
- }
-
- strv_sort(l);
-
- r = sd_bus_message_append_strv(reply, l);
- if (r < 0)
- return r;
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_working_directory(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- const char *wd;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- if (c->working_directory_home)
- wd = "~";
- else
- wd = c->working_directory;
-
- if (c->working_directory_missing_ok)
- wd = strjoina("!", wd);
-
- return sd_bus_message_append(reply, "s", wd);
-}
-
-static int property_get_syslog_level(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "i", LOG_PRI(c->syslog_priority));
-}
-
-static int property_get_syslog_facility(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
-
- assert(bus);
- assert(reply);
- assert(c);
-
- return sd_bus_message_append(reply, "i", LOG_FAC(c->syslog_priority));
-}
-
-static int property_get_input_fdname(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- const char *name;
-
- assert(bus);
- assert(c);
- assert(property);
- assert(reply);
-
- name = exec_context_fdname(c, STDIN_FILENO);
-
- return sd_bus_message_append(reply, "s", name);
-}
-
-static int property_get_output_fdname(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- ExecContext *c = userdata;
- const char *name = NULL;
-
- assert(bus);
- assert(c);
- assert(property);
- assert(reply);
-
- if (c->std_output == EXEC_OUTPUT_NAMED_FD && streq(property, "StandardOutputFileDescriptorName"))
- name = exec_context_fdname(c, STDOUT_FILENO);
- else if (c->std_error == EXEC_OUTPUT_NAMED_FD && streq(property, "StandardErrorFileDescriptorName"))
- name = exec_context_fdname(c, STDERR_FILENO);
-
- return sd_bus_message_append(reply, "s", name);
-}
-
-const sd_bus_vtable bus_exec_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Environment", "as", NULL, offsetof(ExecContext, environment), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("EnvironmentFiles", "a(sb)", property_get_environment_files, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PassEnvironment", "as", NULL, offsetof(ExecContext, pass_environment), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("UMask", "u", bus_property_get_mode, offsetof(ExecContext, umask), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitCPU", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_CPU]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitCPUSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_CPU]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitFSIZE", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_FSIZE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitFSIZESoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_FSIZE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitDATA", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_DATA]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitDATASoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_DATA]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitSTACK", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_STACK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitSTACKSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_STACK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitCORE", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_CORE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitCORESoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_CORE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitRSS", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RSS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitRSSSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RSS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitNOFILE", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NOFILE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitNOFILESoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NOFILE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitAS", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_AS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitASSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_AS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitNPROC", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NPROC]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitNPROCSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NPROC]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitMEMLOCK", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_MEMLOCK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitMEMLOCKSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_MEMLOCK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitLOCKS", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_LOCKS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitLOCKSSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_LOCKS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitSIGPENDING", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_SIGPENDING]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitSIGPENDINGSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_SIGPENDING]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitMSGQUEUE", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_MSGQUEUE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitMSGQUEUESoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_MSGQUEUE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitNICE", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NICE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitNICESoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_NICE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitRTPRIO", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RTPRIO]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitRTPRIOSoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RTPRIO]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitRTTIME", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RTTIME]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LimitRTTIMESoft", "t", bus_property_get_rlimit, offsetof(ExecContext, rlimit[RLIMIT_RTTIME]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("WorkingDirectory", "s", property_get_working_directory, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RootDirectory", "s", NULL, offsetof(ExecContext, root_directory), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("OOMScoreAdjust", "i", property_get_oom_score_adjust, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Nice", "i", property_get_nice, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("IOScheduling", "i", property_get_ioprio, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CPUSchedulingPolicy", "i", property_get_cpu_sched_policy, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CPUSchedulingPriority", "i", property_get_cpu_sched_priority, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CPUAffinity", "ay", property_get_cpu_affinity, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimerSlackNSec", "t", property_get_timer_slack_nsec, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CPUSchedulingResetOnFork", "b", bus_property_get_bool, offsetof(ExecContext, cpu_sched_reset_on_fork), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("NonBlocking", "b", bus_property_get_bool, offsetof(ExecContext, non_blocking), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StandardInput", "s", property_get_exec_input, offsetof(ExecContext, std_input), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StandardInputFileDescriptorName", "s", property_get_input_fdname, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StandardOutput", "s", bus_property_get_exec_output, offsetof(ExecContext, std_output), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StandardOutputFileDescriptorName", "s", property_get_output_fdname, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StandardError", "s", bus_property_get_exec_output, offsetof(ExecContext, std_error), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StandardErrorFileDescriptorName", "s", property_get_output_fdname, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TTYPath", "s", NULL, offsetof(ExecContext, tty_path), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TTYReset", "b", bus_property_get_bool, offsetof(ExecContext, tty_reset), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TTYVHangup", "b", bus_property_get_bool, offsetof(ExecContext, tty_vhangup), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TTYVTDisallocate", "b", bus_property_get_bool, offsetof(ExecContext, tty_vt_disallocate), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SyslogPriority", "i", bus_property_get_int, offsetof(ExecContext, syslog_priority), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SyslogIdentifier", "s", NULL, offsetof(ExecContext, syslog_identifier), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SyslogLevelPrefix", "b", bus_property_get_bool, offsetof(ExecContext, syslog_level_prefix), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SyslogLevel", "i", property_get_syslog_level, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SyslogFacility", "i", property_get_syslog_facility, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Capabilities", "s", property_get_empty_string, 0, SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("SecureBits", "i", bus_property_get_int, offsetof(ExecContext, secure_bits), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CapabilityBoundingSet", "t", property_get_capability_bounding_set, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("AmbientCapabilities", "t", property_get_ambient_capabilities, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("User", "s", NULL, offsetof(ExecContext, user), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Group", "s", NULL, offsetof(ExecContext, group), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DynamicUser", "b", bus_property_get_bool, offsetof(ExecContext, dynamic_user), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RemoveIPC", "b", bus_property_get_bool, offsetof(ExecContext, remove_ipc), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SupplementaryGroups", "as", NULL, offsetof(ExecContext, supplementary_groups), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PAMName", "s", NULL, offsetof(ExecContext, pam_name), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ReadWriteDirectories", "as", NULL, offsetof(ExecContext, read_write_paths), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("ReadOnlyDirectories", "as", NULL, offsetof(ExecContext, read_only_paths), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("InaccessibleDirectories", "as", NULL, offsetof(ExecContext, inaccessible_paths), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("ReadWritePaths", "as", NULL, offsetof(ExecContext, read_write_paths), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ReadOnlyPaths", "as", NULL, offsetof(ExecContext, read_only_paths), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("InaccessiblePaths", "as", NULL, offsetof(ExecContext, inaccessible_paths), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MountFlags", "t", bus_property_get_ulong, offsetof(ExecContext, mount_flags), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PrivateTmp", "b", bus_property_get_bool, offsetof(ExecContext, private_tmp), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PrivateDevices", "b", bus_property_get_bool, offsetof(ExecContext, private_devices), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ProtectKernelTunables", "b", bus_property_get_bool, offsetof(ExecContext, protect_kernel_tunables), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ProtectKernelModules", "b", bus_property_get_bool, offsetof(ExecContext, protect_kernel_modules), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ProtectControlGroups", "b", bus_property_get_bool, offsetof(ExecContext, protect_control_groups), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PrivateNetwork", "b", bus_property_get_bool, offsetof(ExecContext, private_network), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PrivateUsers", "b", bus_property_get_bool, offsetof(ExecContext, private_users), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ProtectHome", "s", bus_property_get_protect_home, offsetof(ExecContext, protect_home), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ProtectSystem", "s", bus_property_get_protect_system, offsetof(ExecContext, protect_system), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SameProcessGroup", "b", bus_property_get_bool, offsetof(ExecContext, same_pgrp), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("UtmpIdentifier", "s", NULL, offsetof(ExecContext, utmp_id), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("UtmpMode", "s", property_get_exec_utmp_mode, offsetof(ExecContext, utmp_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SELinuxContext", "(bs)", property_get_selinux_context, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("AppArmorProfile", "(bs)", property_get_apparmor_profile, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SmackProcessLabel", "(bs)", property_get_smack_process_label, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("IgnoreSIGPIPE", "b", bus_property_get_bool, offsetof(ExecContext, ignore_sigpipe), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("NoNewPrivileges", "b", bus_property_get_bool, offsetof(ExecContext, no_new_privileges), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SystemCallFilter", "(bas)", property_get_syscall_filter, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SystemCallArchitectures", "as", property_get_syscall_archs, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SystemCallErrorNumber", "i", property_get_syscall_errno, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Personality", "s", property_get_personality, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RestrictAddressFamilies", "(bas)", property_get_address_families, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RuntimeDirectoryMode", "u", bus_property_get_mode, offsetof(ExecContext, runtime_directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RuntimeDirectory", "as", NULL, offsetof(ExecContext, runtime_directory), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MemoryDenyWriteExecute", "b", bus_property_get_bool, offsetof(ExecContext, memory_deny_write_execute), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RestrictRealtime", "b", bus_property_get_bool, offsetof(ExecContext, restrict_realtime), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_VTABLE_END
-};
-
-static int append_exec_command(sd_bus_message *reply, ExecCommand *c) {
- int r;
-
- assert(reply);
- assert(c);
-
- if (!c->path)
- return 0;
-
- r = sd_bus_message_open_container(reply, 'r', "sasbttttuii");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(reply, "s", c->path);
- if (r < 0)
- return r;
-
- r = sd_bus_message_append_strv(reply, c->argv);
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(reply, "bttttuii",
- c->ignore,
- c->exec_status.start_timestamp.realtime,
- c->exec_status.start_timestamp.monotonic,
- c->exec_status.exit_timestamp.realtime,
- c->exec_status.exit_timestamp.monotonic,
- (uint32_t) c->exec_status.pid,
- (int32_t) c->exec_status.code,
- (int32_t) c->exec_status.status);
- if (r < 0)
- return r;
-
- return sd_bus_message_close_container(reply);
-}
-
-int bus_property_get_exec_command(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *ret_error) {
-
- ExecCommand *c = (ExecCommand*) userdata;
- int r;
-
- assert(bus);
- assert(reply);
-
- r = sd_bus_message_open_container(reply, 'a', "(sasbttttuii)");
- if (r < 0)
- return r;
-
- r = append_exec_command(reply, c);
- if (r < 0)
- return r;
-
- return sd_bus_message_close_container(reply);
-}
-
-int bus_property_get_exec_command_list(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *ret_error) {
-
- ExecCommand *c = *(ExecCommand**) userdata;
- int r;
-
- assert(bus);
- assert(reply);
-
- r = sd_bus_message_open_container(reply, 'a', "(sasbttttuii)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(command, c, c) {
- r = append_exec_command(reply, c);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-int bus_exec_context_set_transient_property(
- Unit *u,
- ExecContext *c,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- const char *soft = NULL;
- int r, ri;
-
- assert(u);
- assert(c);
- assert(name);
- assert(message);
-
- if (streq(name, "User")) {
- const char *uu;
-
- r = sd_bus_message_read(message, "s", &uu);
- if (r < 0)
- return r;
-
- if (!isempty(uu) && !valid_user_group_name_or_id(uu))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid user name: %s", uu);
-
- if (mode != UNIT_CHECK) {
-
- if (isempty(uu))
- c->user = mfree(c->user);
- else if (free_and_strdup(&c->user, uu) < 0)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "User=%s", uu);
- }
-
- return 1;
-
- } else if (streq(name, "Group")) {
- const char *gg;
-
- r = sd_bus_message_read(message, "s", &gg);
- if (r < 0)
- return r;
-
- if (!isempty(gg) && !valid_user_group_name_or_id(gg))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid group name: %s", gg);
-
- if (mode != UNIT_CHECK) {
-
- if (isempty(gg))
- c->group = mfree(c->group);
- else if (free_and_strdup(&c->group, gg) < 0)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "Group=%s", gg);
- }
-
- return 1;
- } else if (streq(name, "SyslogIdentifier")) {
- const char *id;
-
- r = sd_bus_message_read(message, "s", &id);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
-
- if (isempty(id))
- c->syslog_identifier = mfree(c->syslog_identifier);
- else if (free_and_strdup(&c->syslog_identifier, id) < 0)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "SyslogIdentifier=%s", id);
- }
-
- return 1;
- } else if (streq(name, "SyslogLevel")) {
- int level;
-
- r = sd_bus_message_read(message, "i", &level);
- if (r < 0)
- return r;
-
- if (!log_level_is_valid(level))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Log level value out of range");
-
- if (mode != UNIT_CHECK) {
- c->syslog_priority = (c->syslog_priority & LOG_FACMASK) | level;
- unit_write_drop_in_private_format(u, mode, name, "SyslogLevel=%i", level);
- }
-
- return 1;
- } else if (streq(name, "SyslogFacility")) {
- int facility;
-
- r = sd_bus_message_read(message, "i", &facility);
- if (r < 0)
- return r;
-
- if (!log_facility_unshifted_is_valid(facility))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Log facility value out of range");
-
- if (mode != UNIT_CHECK) {
- c->syslog_priority = (facility << 3) | LOG_PRI(c->syslog_priority);
- unit_write_drop_in_private_format(u, mode, name, "SyslogFacility=%i", facility);
- }
-
- return 1;
- } else if (streq(name, "Nice")) {
- int n;
-
- r = sd_bus_message_read(message, "i", &n);
- if (r < 0)
- return r;
-
- if (!nice_is_valid(n))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Nice value out of range");
-
- if (mode != UNIT_CHECK) {
- c->nice = n;
- unit_write_drop_in_private_format(u, mode, name, "Nice=%i", n);
- }
-
- return 1;
-
- } else if (STR_IN_SET(name, "TTYPath", "RootDirectory")) {
- const char *s;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- if (!path_is_absolute(s))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "%s takes an absolute path", name);
-
- if (mode != UNIT_CHECK) {
- if (streq(name, "TTYPath"))
- r = free_and_strdup(&c->tty_path, s);
- else {
- assert(streq(name, "RootDirectory"));
- r = free_and_strdup(&c->root_directory, s);
- }
- if (r < 0)
- return r;
-
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, s);
- }
-
- return 1;
-
- } else if (streq(name, "WorkingDirectory")) {
- const char *s;
- bool missing_ok;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- if (s[0] == '-') {
- missing_ok = true;
- s++;
- } else
- missing_ok = false;
-
- if (!streq(s, "~") && !path_is_absolute(s))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "WorkingDirectory= expects an absolute path or '~'");
-
- if (mode != UNIT_CHECK) {
- if (streq(s, "~")) {
- c->working_directory = mfree(c->working_directory);
- c->working_directory_home = true;
- } else {
- r = free_and_strdup(&c->working_directory, s);
- if (r < 0)
- return r;
-
- c->working_directory_home = false;
- }
-
- c->working_directory_missing_ok = missing_ok;
- unit_write_drop_in_private_format(u, mode, name, "WorkingDirectory=%s%s", missing_ok ? "-" : "", s);
- }
-
- return 1;
-
- } else if (streq(name, "StandardInput")) {
- const char *s;
- ExecInput p;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- p = exec_input_from_string(s);
- if (p < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid standard input name");
-
- if (mode != UNIT_CHECK) {
- c->std_input = p;
-
- unit_write_drop_in_private_format(u, mode, name, "StandardInput=%s", exec_input_to_string(p));
- }
-
- return 1;
-
- } else if (streq(name, "StandardOutput")) {
- const char *s;
- ExecOutput p;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- p = exec_output_from_string(s);
- if (p < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid standard output name");
-
- if (mode != UNIT_CHECK) {
- c->std_output = p;
-
- unit_write_drop_in_private_format(u, mode, name, "StandardOutput=%s", exec_output_to_string(p));
- }
-
- return 1;
-
- } else if (streq(name, "StandardError")) {
- const char *s;
- ExecOutput p;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- p = exec_output_from_string(s);
- if (p < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid standard error name");
-
- if (mode != UNIT_CHECK) {
- c->std_error = p;
-
- unit_write_drop_in_private_format(u, mode, name, "StandardError=%s", exec_output_to_string(p));
- }
-
- return 1;
-
- } else if (STR_IN_SET(name,
- "StandardInputFileDescriptorName", "StandardOutputFileDescriptorName", "StandardErrorFileDescriptorName")) {
- const char *s;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- if (!fdname_is_valid(s))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid file descriptor name");
-
- if (mode != UNIT_CHECK) {
- if (streq(name, "StandardInputFileDescriptorName")) {
- c->std_input = EXEC_INPUT_NAMED_FD;
- r = free_and_strdup(&c->stdio_fdname[STDIN_FILENO], s);
- if (r < 0)
- return r;
- unit_write_drop_in_private_format(u, mode, name, "StandardInput=fd:%s", s);
- } else if (streq(name, "StandardOutputFileDescriptorName")) {
- c->std_output = EXEC_OUTPUT_NAMED_FD;
- r = free_and_strdup(&c->stdio_fdname[STDOUT_FILENO], s);
- if (r < 0)
- return r;
- unit_write_drop_in_private_format(u, mode, name, "StandardOutput=fd:%s", s);
- } else if (streq(name, "StandardErrorFileDescriptorName")) {
- c->std_error = EXEC_OUTPUT_NAMED_FD;
- r = free_and_strdup(&c->stdio_fdname[STDERR_FILENO], s);
- if (r < 0)
- return r;
- unit_write_drop_in_private_format(u, mode, name, "StandardError=fd:%s", s);
- }
- }
-
- return 1;
-
- } else if (STR_IN_SET(name,
- "IgnoreSIGPIPE", "TTYVHangup", "TTYReset",
- "PrivateTmp", "PrivateDevices", "PrivateNetwork", "PrivateUsers",
- "NoNewPrivileges", "SyslogLevelPrefix", "MemoryDenyWriteExecute",
- "RestrictRealtime", "DynamicUser", "RemoveIPC", "ProtectKernelTunables",
- "ProtectKernelModules", "ProtectControlGroups")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- if (streq(name, "IgnoreSIGPIPE"))
- c->ignore_sigpipe = b;
- else if (streq(name, "TTYVHangup"))
- c->tty_vhangup = b;
- else if (streq(name, "TTYReset"))
- c->tty_reset = b;
- else if (streq(name, "PrivateTmp"))
- c->private_tmp = b;
- else if (streq(name, "PrivateDevices"))
- c->private_devices = b;
- else if (streq(name, "PrivateNetwork"))
- c->private_network = b;
- else if (streq(name, "PrivateUsers"))
- c->private_users = b;
- else if (streq(name, "NoNewPrivileges"))
- c->no_new_privileges = b;
- else if (streq(name, "SyslogLevelPrefix"))
- c->syslog_level_prefix = b;
- else if (streq(name, "MemoryDenyWriteExecute"))
- c->memory_deny_write_execute = b;
- else if (streq(name, "RestrictRealtime"))
- c->restrict_realtime = b;
- else if (streq(name, "DynamicUser"))
- c->dynamic_user = b;
- else if (streq(name, "RemoveIPC"))
- c->remove_ipc = b;
- else if (streq(name, "ProtectKernelTunables"))
- c->protect_kernel_tunables = b;
- else if (streq(name, "ProtectKernelModules"))
- c->protect_kernel_modules = b;
- else if (streq(name, "ProtectControlGroups"))
- c->protect_control_groups = b;
-
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, yes_no(b));
- }
-
- return 1;
-
- } else if (streq(name, "UtmpIdentifier")) {
- const char *id;
-
- r = sd_bus_message_read(message, "s", &id);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- if (isempty(id))
- c->utmp_id = mfree(c->utmp_id);
- else if (free_and_strdup(&c->utmp_id, id) < 0)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "UtmpIdentifier=%s", strempty(id));
- }
-
- return 1;
-
- } else if (streq(name, "UtmpMode")) {
- const char *s;
- ExecUtmpMode m;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- m = exec_utmp_mode_from_string(s);
- if (m < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid utmp mode");
-
- if (mode != UNIT_CHECK) {
- c->utmp_mode = m;
-
- unit_write_drop_in_private_format(u, mode, name, "UtmpMode=%s", exec_utmp_mode_to_string(m));
- }
-
- return 1;
-
- } else if (streq(name, "PAMName")) {
- const char *n;
-
- r = sd_bus_message_read(message, "s", &n);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- if (isempty(n))
- c->pam_name = mfree(c->pam_name);
- else if (free_and_strdup(&c->pam_name, n) < 0)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "PAMName=%s", strempty(n));
- }
-
- return 1;
-
- } else if (streq(name, "Environment")) {
-
- _cleanup_strv_free_ char **l = NULL;
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- if (!strv_env_is_valid(l))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment block.");
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *joined = NULL;
- char **e;
-
- if (strv_length(l) == 0) {
- c->environment = strv_free(c->environment);
- unit_write_drop_in_private_format(u, mode, name, "Environment=");
- } else {
- e = strv_env_merge(2, c->environment, l);
- if (!e)
- return -ENOMEM;
-
- strv_free(c->environment);
- c->environment = e;
-
- joined = strv_join_quoted(c->environment);
- if (!joined)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "Environment=%s", joined);
- }
- }
-
- return 1;
-
- } else if (streq(name, "TimerSlackNSec")) {
-
- nsec_t n;
-
- r = sd_bus_message_read(message, "t", &n);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->timer_slack_nsec = n;
- unit_write_drop_in_private_format(u, mode, name, "TimerSlackNSec=" NSEC_FMT, n);
- }
-
- return 1;
-
- } else if (streq(name, "OOMScoreAdjust")) {
- int oa;
-
- r = sd_bus_message_read(message, "i", &oa);
- if (r < 0)
- return r;
-
- if (!oom_score_adjust_is_valid(oa))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "OOM score adjust value out of range");
-
- if (mode != UNIT_CHECK) {
- c->oom_score_adjust = oa;
- c->oom_score_adjust_set = true;
- unit_write_drop_in_private_format(u, mode, name, "OOMScoreAdjust=%i", oa);
- }
-
- return 1;
-
- } else if (streq(name, "EnvironmentFiles")) {
-
- _cleanup_free_ char *joined = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- _cleanup_free_ char **l = NULL;
- size_t size = 0;
- char **i;
-
- r = sd_bus_message_enter_container(message, 'a', "(sb)");
- if (r < 0)
- return r;
-
- f = open_memstream(&joined, &size);
- if (!f)
- return -ENOMEM;
-
- STRV_FOREACH(i, c->environment_files)
- fprintf(f, "EnvironmentFile=%s", *i);
-
- while ((r = sd_bus_message_enter_container(message, 'r', "sb")) > 0) {
- const char *path;
- int b;
-
- r = sd_bus_message_read(message, "sb", &path, &b);
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (!isempty(path) && !path_is_absolute(path))
- return sd_bus_error_set_errnof(error, EINVAL, "Path %s is not absolute.", path);
-
- if (mode != UNIT_CHECK) {
- char *buf = NULL;
-
- buf = strjoin(b ? "-" : "", path, NULL);
- if (!buf)
- return -ENOMEM;
-
- fprintf(f, "EnvironmentFile=%s", buf);
-
- r = strv_consume(&l, buf);
- if (r < 0)
- return r;
- }
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- if (strv_isempty(l)) {
- c->environment_files = strv_free(c->environment_files);
- unit_write_drop_in_private(u, mode, name, "EnvironmentFile=");
- } else {
- r = strv_extend_strv(&c->environment_files, l, true);
- if (r < 0)
- return r;
-
- unit_write_drop_in_private(u, mode, name, joined);
- }
- }
-
- return 1;
-
- } else if (streq(name, "PassEnvironment")) {
-
- _cleanup_strv_free_ char **l = NULL;
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- if (!strv_env_name_is_valid(l))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid PassEnvironment block.");
-
- if (mode != UNIT_CHECK) {
- if (strv_isempty(l)) {
- c->pass_environment = strv_free(c->pass_environment);
- unit_write_drop_in_private_format(u, mode, name, "PassEnvironment=");
- } else {
- _cleanup_free_ char *joined = NULL;
-
- r = strv_extend_strv(&c->pass_environment, l, true);
- if (r < 0)
- return r;
-
- joined = strv_join_quoted(c->pass_environment);
- if (!joined)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "PassEnvironment=%s", joined);
- }
- }
-
- return 1;
-
- } else if (STR_IN_SET(name, "ReadWriteDirectories", "ReadOnlyDirectories", "InaccessibleDirectories",
- "ReadWritePaths", "ReadOnlyPaths", "InaccessiblePaths")) {
- _cleanup_strv_free_ char **l = NULL;
- char ***dirs;
- char **p;
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- STRV_FOREACH(p, l) {
- int offset;
- if (!utf8_is_valid(*p))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid %s", name);
-
- offset = **p == '-';
- if (!path_is_absolute(*p + offset))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid %s", name);
- }
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *joined = NULL;
-
- if (STR_IN_SET(name, "ReadWriteDirectories", "ReadWritePaths"))
- dirs = &c->read_write_paths;
- else if (STR_IN_SET(name, "ReadOnlyDirectories", "ReadOnlyPaths"))
- dirs = &c->read_only_paths;
- else /* "InaccessiblePaths" */
- dirs = &c->inaccessible_paths;
-
- if (strv_length(l) == 0) {
- *dirs = strv_free(*dirs);
- unit_write_drop_in_private_format(u, mode, name, "%s=", name);
- } else {
- r = strv_extend_strv(dirs, l, true);
-
- if (r < 0)
- return -ENOMEM;
-
- joined = strv_join_quoted(*dirs);
- if (!joined)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, joined);
- }
-
- }
-
- return 1;
-
- } else if (streq(name, "ProtectSystem")) {
- const char *s;
- ProtectSystem ps;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- r = parse_boolean(s);
- if (r > 0)
- ps = PROTECT_SYSTEM_YES;
- else if (r == 0)
- ps = PROTECT_SYSTEM_NO;
- else {
- ps = protect_system_from_string(s);
- if (ps < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse protect system value");
- }
-
- if (mode != UNIT_CHECK) {
- c->protect_system = ps;
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, s);
- }
-
- return 1;
-
- } else if (streq(name, "ProtectHome")) {
- const char *s;
- ProtectHome ph;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- r = parse_boolean(s);
- if (r > 0)
- ph = PROTECT_HOME_YES;
- else if (r == 0)
- ph = PROTECT_HOME_NO;
- else {
- ph = protect_home_from_string(s);
- if (ph < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Failed to parse protect home value");
- }
-
- if (mode != UNIT_CHECK) {
- c->protect_home = ph;
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, s);
- }
-
- return 1;
-
- } else if (streq(name, "RuntimeDirectory")) {
- _cleanup_strv_free_ char **l = NULL;
- char **p;
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- STRV_FOREACH(p, l) {
- if (!filename_is_valid(*p))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Runtime directory is not valid %s", *p);
- }
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *joined = NULL;
-
- if (strv_isempty(l)) {
- c->runtime_directory = strv_free(c->runtime_directory);
- unit_write_drop_in_private_format(u, mode, name, "%s=", name);
- } else {
- r = strv_extend_strv(&c->runtime_directory, l, true);
-
- if (r < 0)
- return -ENOMEM;
-
- joined = strv_join_quoted(c->runtime_directory);
- if (!joined)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, joined);
- }
- }
-
- return 1;
-
- } else if (streq(name, "SELinuxContext")) {
- const char *s;
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- if (isempty(s))
- c->selinux_context = mfree(c->selinux_context);
- else if (free_and_strdup(&c->selinux_context, s) < 0)
- return -ENOMEM;
-
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, strempty(s));
- }
-
- return 1;
-
- }
-
- ri = rlimit_from_string(name);
- if (ri < 0) {
- soft = endswith(name, "Soft");
- if (soft) {
- const char *n;
-
- n = strndupa(name, soft - name);
- ri = rlimit_from_string(n);
- if (ri >= 0)
- name = n;
-
- }
- }
-
- if (ri >= 0) {
- uint64_t rl;
- rlim_t x;
-
- r = sd_bus_message_read(message, "t", &rl);
- if (r < 0)
- return r;
-
- if (rl == (uint64_t) -1)
- x = RLIM_INFINITY;
- else {
- x = (rlim_t) rl;
-
- if ((uint64_t) x != rl)
- return -ERANGE;
- }
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *f = NULL;
- struct rlimit nl;
-
- if (c->rlimit[ri]) {
- nl = *c->rlimit[ri];
-
- if (soft)
- nl.rlim_cur = x;
- else
- nl.rlim_max = x;
- } else
- /* When the resource limit is not initialized yet, then assign the value to both fields */
- nl = (struct rlimit) {
- .rlim_cur = x,
- .rlim_max = x,
- };
-
- r = rlimit_format(&nl, &f);
- if (r < 0)
- return r;
-
- if (c->rlimit[ri])
- *c->rlimit[ri] = nl;
- else {
- c->rlimit[ri] = newdup(struct rlimit, &nl, 1);
- if (!c->rlimit[ri])
- return -ENOMEM;
- }
-
- unit_write_drop_in_private_format(u, mode, name, "%s=%s", name, f);
- }
-
- return 1;
- }
-
- return 0;
-}
diff --git a/src/core/dbus-execute.h b/src/core/dbus-execute.h
deleted file mode 100644
index d0aa8e1dd5..0000000000
--- a/src/core/dbus-execute.h
+++ /dev/null
@@ -1,45 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "execute.h"
-
-#define BUS_EXEC_STATUS_VTABLE(prefix, offset, flags) \
- BUS_PROPERTY_DUAL_TIMESTAMP(prefix "StartTimestamp", (offset) + offsetof(ExecStatus, start_timestamp), flags), \
- BUS_PROPERTY_DUAL_TIMESTAMP(prefix "ExitTimestamp", (offset) + offsetof(ExecStatus, exit_timestamp), flags), \
- SD_BUS_PROPERTY(prefix "PID", "u", bus_property_get_pid, (offset) + offsetof(ExecStatus, pid), flags), \
- SD_BUS_PROPERTY(prefix "Code", "i", bus_property_get_int, (offset) + offsetof(ExecStatus, code), flags), \
- SD_BUS_PROPERTY(prefix "Status", "i", bus_property_get_int, (offset) + offsetof(ExecStatus, status), flags)
-
-#define BUS_EXEC_COMMAND_VTABLE(name, offset, flags) \
- SD_BUS_PROPERTY(name, "a(sasbttttuii)", bus_property_get_exec_command, offset, flags)
-
-#define BUS_EXEC_COMMAND_LIST_VTABLE(name, offset, flags) \
- SD_BUS_PROPERTY(name, "a(sasbttttuii)", bus_property_get_exec_command_list, offset, flags)
-
-extern const sd_bus_vtable bus_exec_vtable[];
-
-int bus_property_get_exec_output(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
-int bus_property_get_exec_command(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
-int bus_property_get_exec_command_list(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
-
-int bus_exec_context_set_transient_property(Unit *u, ExecContext *c, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
diff --git a/src/core/dbus-job.c b/src/core/dbus-job.c
deleted file mode 100644
index ccf7453d47..0000000000
--- a/src/core/dbus-job.c
+++ /dev/null
@@ -1,193 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "alloc-util.h"
-#include "dbus-job.h"
-#include "dbus.h"
-#include "job.h"
-#include "log.h"
-#include "selinux-access.h"
-#include "string-util.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, job_type, JobType);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_state, job_state, JobState);
-
-static int property_get_unit(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- _cleanup_free_ char *p = NULL;
- Job *j = userdata;
-
- assert(bus);
- assert(reply);
- assert(j);
-
- p = unit_dbus_path(j->unit);
- if (!p)
- return -ENOMEM;
-
- return sd_bus_message_append(reply, "(so)", j->unit->id, p);
-}
-
-int bus_job_method_cancel(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Job *j = userdata;
- int r;
-
- assert(message);
- assert(j);
-
- r = mac_selinux_unit_access_check(j->unit, message, "stop", error);
- if (r < 0)
- return r;
-
- /* Access is granted to the job owner */
- if (!sd_bus_track_contains(j->clients, sd_bus_message_get_sender(message))) {
-
- /* And for everybody else consult PolicyKit */
- r = bus_verify_manage_units_async(j->unit->manager, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
- }
-
- job_finish_and_invalidate(j, JOB_CANCELED, true, false);
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-const sd_bus_vtable bus_job_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_METHOD("Cancel", NULL, NULL, bus_job_method_cancel, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_PROPERTY("Id", "u", NULL, offsetof(Job, id), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Unit", "(so)", property_get_unit, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("JobType", "s", property_get_type, offsetof(Job, type), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("State", "s", property_get_state, offsetof(Job, state), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_VTABLE_END
-};
-
-static int send_new_signal(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
- _cleanup_free_ char *p = NULL;
- Job *j = userdata;
- int r;
-
- assert(bus);
- assert(j);
-
- p = job_dbus_path(j);
- if (!p)
- return -ENOMEM;
-
- r = sd_bus_message_new_signal(
- bus,
- &m,
- "/org/freedesktop/systemd1",
- "org.freedesktop.systemd1.Manager",
- "JobNew");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(m, "uos", j->id, p, j->unit->id);
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, m, NULL);
-}
-
-static int send_changed_signal(sd_bus *bus, void *userdata) {
- _cleanup_free_ char *p = NULL;
- Job *j = userdata;
-
- assert(bus);
- assert(j);
-
- p = job_dbus_path(j);
- if (!p)
- return -ENOMEM;
-
- return sd_bus_emit_properties_changed(bus, p, "org.freedesktop.systemd1.Job", "State", NULL);
-}
-
-void bus_job_send_change_signal(Job *j) {
- int r;
-
- assert(j);
-
- if (j->in_dbus_queue) {
- LIST_REMOVE(dbus_queue, j->manager->dbus_job_queue, j);
- j->in_dbus_queue = false;
- }
-
- r = bus_foreach_bus(j->manager, j->clients, j->sent_dbus_new_signal ? send_changed_signal : send_new_signal, j);
- if (r < 0)
- log_debug_errno(r, "Failed to send job change signal for %u: %m", j->id);
-
- j->sent_dbus_new_signal = true;
-}
-
-static int send_removed_signal(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
- _cleanup_free_ char *p = NULL;
- Job *j = userdata;
- int r;
-
- assert(bus);
- assert(j);
-
- p = job_dbus_path(j);
- if (!p)
- return -ENOMEM;
-
- r = sd_bus_message_new_signal(
- bus,
- &m,
- "/org/freedesktop/systemd1",
- "org.freedesktop.systemd1.Manager",
- "JobRemoved");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(m, "uoss", j->id, p, j->unit->id, job_result_to_string(j->result));
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, m, NULL);
-}
-
-void bus_job_send_removed_signal(Job *j) {
- int r;
-
- assert(j);
-
- if (!j->sent_dbus_new_signal)
- bus_job_send_change_signal(j);
-
- r = bus_foreach_bus(j->manager, j->clients, send_removed_signal, j);
- if (r < 0)
- log_debug_errno(r, "Failed to send job remove signal for %u: %m", j->id);
-}
diff --git a/src/core/dbus-job.h b/src/core/dbus-job.h
deleted file mode 100644
index 024d06719e..0000000000
--- a/src/core/dbus-job.h
+++ /dev/null
@@ -1,31 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "job.h"
-
-extern const sd_bus_vtable bus_job_vtable[];
-
-int bus_job_method_cancel(sd_bus_message *message, void *job, sd_bus_error *error);
-
-void bus_job_send_change_signal(Job *j);
-void bus_job_send_removed_signal(Job *j);
diff --git a/src/core/dbus-kill.c b/src/core/dbus-kill.c
deleted file mode 100644
index 8c65be65fa..0000000000
--- a/src/core/dbus-kill.c
+++ /dev/null
@@ -1,122 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "bus-util.h"
-#include "dbus-kill.h"
-#include "kill.h"
-#include "signal-util.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_kill_mode, kill_mode, KillMode);
-
-const sd_bus_vtable bus_kill_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("KillMode", "s", property_get_kill_mode, offsetof(KillContext, kill_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("KillSignal", "i", bus_property_get_int, offsetof(KillContext, kill_signal), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SendSIGKILL", "b", bus_property_get_bool, offsetof(KillContext, send_sigkill), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SendSIGHUP", "b", bus_property_get_bool, offsetof(KillContext, send_sighup), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_VTABLE_END
-};
-
-int bus_kill_context_set_transient_property(
- Unit *u,
- KillContext *c,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(u);
- assert(c);
- assert(name);
- assert(message);
-
- if (streq(name, "KillMode")) {
- const char *m;
- KillMode k;
-
- r = sd_bus_message_read(message, "s", &m);
- if (r < 0)
- return r;
-
- k = kill_mode_from_string(m);
- if (k < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Kill mode '%s' not known.", m);
-
- if (mode != UNIT_CHECK) {
- c->kill_mode = k;
-
- unit_write_drop_in_private_format(u, mode, name, "KillMode=%s", kill_mode_to_string(k));
- }
-
- return 1;
-
- } else if (streq(name, "KillSignal")) {
- int sig;
-
- r = sd_bus_message_read(message, "i", &sig);
- if (r < 0)
- return r;
-
- if (!SIGNAL_VALID(sig))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Signal %i out of range", sig);
-
- if (mode != UNIT_CHECK) {
- c->kill_signal = sig;
-
- unit_write_drop_in_private_format(u, mode, name, "KillSignal=%s", signal_to_string(sig));
- }
-
- return 1;
-
- } else if (streq(name, "SendSIGHUP")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->send_sighup = b;
-
- unit_write_drop_in_private_format(u, mode, name, "SendSIGHUP=%s", yes_no(b));
- }
-
- return 1;
-
- } else if (streq(name, "SendSIGKILL")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- c->send_sigkill = b;
-
- unit_write_drop_in_private_format(u, mode, name, "SendSIGKILL=%s", yes_no(b));
- }
-
- return 1;
-
- }
-
- return 0;
-}
diff --git a/src/core/dbus-kill.h b/src/core/dbus-kill.h
deleted file mode 100644
index b9b18811e3..0000000000
--- a/src/core/dbus-kill.h
+++ /dev/null
@@ -1,29 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "kill.h"
-#include "unit.h"
-
-extern const sd_bus_vtable bus_kill_vtable[];
-
-int bus_kill_context_set_transient_property(Unit *u, KillContext *c, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
deleted file mode 100644
index d7d3d3c8ce..0000000000
--- a/src/core/dbus-manager.c
+++ /dev/null
@@ -1,2541 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <sys/prctl.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "architecture.h"
-#include "build.h"
-#include "bus-common-errors.h"
-#include "clock-util.h"
-#include "dbus-execute.h"
-#include "dbus-job.h"
-#include "dbus-manager.h"
-#include "dbus-unit.h"
-#include "dbus.h"
-#include "env-util.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "formats-util.h"
-#include "install.h"
-#include "log.h"
-#include "path-util.h"
-#include "selinux-access.h"
-#include "stat-util.h"
-#include "string-util.h"
-#include "strv.h"
-#include "syslog-util.h"
-#include "user-util.h"
-#include "virt.h"
-#include "watchdog.h"
-
-static UnitFileFlags unit_file_bools_to_flags(bool runtime, bool force) {
- return (runtime ? UNIT_FILE_RUNTIME : 0) |
- (force ? UNIT_FILE_FORCE : 0);
-}
-
-static int property_get_version(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- return sd_bus_message_append(reply, "s", PACKAGE_VERSION);
-}
-
-static int property_get_features(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- return sd_bus_message_append(reply, "s", SYSTEMD_FEATURES);
-}
-
-static int property_get_virtualization(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- int v;
-
- assert(bus);
- assert(reply);
-
- v = detect_virtualization();
-
- /* Make sure to return the empty string when we detect no virtualization, as that is the API.
- *
- * https://github.com/systemd/systemd/issues/1423
- */
-
- return sd_bus_message_append(
- reply, "s",
- v == VIRTUALIZATION_NONE ? "" : virtualization_to_string(v));
-}
-
-static int property_get_architecture(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- return sd_bus_message_append(reply, "s", architecture_to_string(uname_architecture()));
-}
-
-static int property_get_tainted(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- char buf[sizeof("split-usr:cgroups-missing:local-hwclock:")] = "", *e = buf;
- Manager *m = userdata;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- if (m->taint_usr)
- e = stpcpy(e, "split-usr:");
-
- if (access("/proc/cgroups", F_OK) < 0)
- e = stpcpy(e, "cgroups-missing:");
-
- if (clock_is_localtime(NULL) > 0)
- e = stpcpy(e, "local-hwclock:");
-
- /* remove the last ':' */
- if (e != buf)
- e[-1] = 0;
-
- return sd_bus_message_append(reply, "s", buf);
-}
-
-static int property_get_log_target(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- return sd_bus_message_append(reply, "s", log_target_to_string(log_get_target()));
-}
-
-static int property_set_log_target(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *value,
- void *userdata,
- sd_bus_error *error) {
-
- const char *t;
- int r;
-
- assert(bus);
- assert(value);
-
- r = sd_bus_message_read(value, "s", &t);
- if (r < 0)
- return r;
-
- return log_set_target_from_string(t);
-}
-
-static int property_get_log_level(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- _cleanup_free_ char *t = NULL;
- int r;
-
- assert(bus);
- assert(reply);
-
- r = log_level_to_string_alloc(log_get_max_level(), &t);
- if (r < 0)
- return r;
-
- return sd_bus_message_append(reply, "s", t);
-}
-
-static int property_set_log_level(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *value,
- void *userdata,
- sd_bus_error *error) {
-
- const char *t;
- int r;
-
- assert(bus);
- assert(value);
-
- r = sd_bus_message_read(value, "s", &t);
- if (r < 0)
- return r;
-
- r = log_set_max_level_from_string(t);
- if (r == 0)
- log_info("Setting log level to %s.", t);
- return r;
-}
-
-static int property_get_n_names(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Manager *m = userdata;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- return sd_bus_message_append(reply, "u", (uint32_t) hashmap_size(m->units));
-}
-
-static int property_get_n_failed_units(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Manager *m = userdata;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- return sd_bus_message_append(reply, "u", (uint32_t) set_size(m->failed_units));
-}
-
-static int property_get_n_jobs(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Manager *m = userdata;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- return sd_bus_message_append(reply, "u", (uint32_t) hashmap_size(m->jobs));
-}
-
-static int property_get_progress(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Manager *m = userdata;
- double d;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- if (dual_timestamp_is_set(&m->finish_timestamp))
- d = 1.0;
- else
- d = 1.0 - ((double) hashmap_size(m->jobs) / (double) m->n_installed_jobs);
-
- return sd_bus_message_append(reply, "d", d);
-}
-
-static int property_get_system_state(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Manager *m = userdata;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- return sd_bus_message_append(reply, "s", manager_state_to_string(manager_state(m)));
-}
-
-static int property_set_runtime_watchdog(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *value,
- void *userdata,
- sd_bus_error *error) {
-
- usec_t *t = userdata;
- int r;
-
- assert(bus);
- assert(value);
-
- assert_cc(sizeof(usec_t) == sizeof(uint64_t));
-
- r = sd_bus_message_read(value, "t", t);
- if (r < 0)
- return r;
-
- return watchdog_set_timeout(t);
-}
-
-static int property_get_timer_slack_nsec(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- return sd_bus_message_append(reply, "t", (uint64_t) prctl(PR_GET_TIMERSLACK));
-}
-
-static int method_get_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *path = NULL;
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- if (isempty(name)) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- pid_t pid;
-
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r < 0)
- return r;
-
- u = manager_get_unit_by_pid(m, pid);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Client not member of any unit.");
- } else {
- u = manager_get_unit(m, name);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", name);
- }
-
- r = mac_selinux_unit_access_check(u, message, "status", error);
- if (r < 0)
- return r;
-
- path = unit_dbus_path(u);
- if (!path)
- return -ENOMEM;
-
- return sd_bus_reply_method_return(message, "o", path);
-}
-
-static int method_get_unit_by_pid(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *path = NULL;
- Manager *m = userdata;
- pid_t pid;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- assert_cc(sizeof(pid_t) == sizeof(uint32_t));
-
- /* Anyone can call this method */
-
- r = sd_bus_message_read(message, "u", &pid);
- if (r < 0)
- return r;
- if (pid < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid PID " PID_FMT, pid);
-
- if (pid == 0) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
-
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r < 0)
- return r;
- }
-
- u = manager_get_unit_by_pid(m, pid);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_UNIT_FOR_PID, "PID "PID_FMT" does not belong to any loaded unit.", pid);
-
- r = mac_selinux_unit_access_check(u, message, "status", error);
- if (r < 0)
- return r;
-
- path = unit_dbus_path(u);
- if (!path)
- return -ENOMEM;
-
- return sd_bus_reply_method_return(message, "o", path);
-}
-
-static int method_get_unit_by_invocation_id(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *path = NULL;
- Manager *m = userdata;
- sd_id128_t id;
- const void *a;
- Unit *u;
- size_t sz;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = sd_bus_message_read_array(message, 'y', &a, &sz);
- if (r < 0)
- return r;
- if (sz == 0)
- id = SD_ID128_NULL;
- else if (sz == 16)
- memcpy(&id, a, sz);
- else
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid invocation ID");
-
- if (sd_id128_is_null(id)) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- pid_t pid;
-
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r < 0)
- return r;
-
- u = manager_get_unit_by_pid(m, pid);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Client " PID_FMT " not member of any unit.", pid);
- } else {
- u = hashmap_get(m->units_by_invocation_id, &id);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(id));
- }
-
- r = mac_selinux_unit_access_check(u, message, "status", error);
- if (r < 0)
- return r;
-
- /* So here's a special trick: the bus path we return actually references the unit by its invocation ID instead
- * of the unit name. This means it stays valid only as long as the invocation ID stays the same. */
- path = unit_dbus_path_invocation_id(u);
- if (!path)
- return -ENOMEM;
-
- return sd_bus_reply_method_return(message, "o", path);
-}
-
-static int method_load_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *path = NULL;
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- if (isempty(name)) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- pid_t pid;
-
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r < 0)
- return r;
-
- u = manager_get_unit_by_pid(m, pid);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Client not member of any unit.");
- } else {
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
- }
-
- r = mac_selinux_unit_access_check(u, message, "status", error);
- if (r < 0)
- return r;
-
- path = unit_dbus_path(u);
- if (!path)
- return -ENOMEM;
-
- return sd_bus_reply_method_return(message, "o", path);
-}
-
-static int method_start_unit_generic(sd_bus_message *message, Manager *m, JobType job_type, bool reload_if_possible, sd_bus_error *error) {
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
-
- return bus_unit_method_start_generic(message, u, job_type, reload_if_possible, error);
-}
-
-static int method_start_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_START, false, error);
-}
-
-static int method_stop_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_STOP, false, error);
-}
-
-static int method_reload_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_RELOAD, false, error);
-}
-
-static int method_restart_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_RESTART, false, error);
-}
-
-static int method_try_restart_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_TRY_RESTART, false, error);
-}
-
-static int method_reload_or_restart_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_RESTART, true, error);
-}
-
-static int method_reload_or_try_restart_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_start_unit_generic(message, userdata, JOB_TRY_RESTART, true, error);
-}
-
-static int method_start_unit_replace(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *old_name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &old_name);
- if (r < 0)
- return r;
-
- u = manager_get_unit(m, old_name);
- if (!u || !u->job || u->job->type != JOB_START)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_JOB, "No job queued for unit %s", old_name);
-
- return method_start_unit_generic(message, m, JOB_START, false, error);
-}
-
-static int method_kill_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- u = manager_get_unit(m, name);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
-
- return bus_unit_method_kill(message, u, error);
-}
-
-static int method_reset_failed_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- u = manager_get_unit(m, name);
- if (!u)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s is not loaded.", name);
-
- return bus_unit_method_reset_failed(message, u, error);
-}
-
-static int method_set_unit_properties(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
-
- r = bus_unit_check_load_state(u, error);
- if (r < 0)
- return r;
-
- return bus_unit_method_set_properties(message, u, error);
-}
-
-static int method_ref_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
-
- r = bus_unit_check_load_state(u, error);
- if (r < 0)
- return r;
-
- return bus_unit_method_ref(message, u, error);
-}
-
-static int method_unref_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
-
- r = bus_unit_check_load_state(u, error);
- if (r < 0)
- return r;
-
- return bus_unit_method_unref(message, u, error);
-}
-
-static int reply_unit_info(sd_bus_message *reply, Unit *u) {
- _cleanup_free_ char *unit_path = NULL, *job_path = NULL;
- Unit *following;
-
- following = unit_following(u);
-
- unit_path = unit_dbus_path(u);
- if (!unit_path)
- return -ENOMEM;
-
- if (u->job) {
- job_path = job_dbus_path(u->job);
- if (!job_path)
- return -ENOMEM;
- }
-
- return sd_bus_message_append(
- reply, "(ssssssouso)",
- u->id,
- unit_description(u),
- unit_load_state_to_string(u->load_state),
- unit_active_state_to_string(unit_active_state(u)),
- unit_sub_state_to_string(u),
- following ? following->id : "",
- unit_path,
- u->job ? u->job->id : 0,
- u->job ? job_type_to_string(u->job->type) : "",
- job_path ? job_path : "/");
-}
-
-static int method_list_units_by_names(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- Manager *m = userdata;
- int r;
- char **unit;
- _cleanup_strv_free_ char **units = NULL;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read_strv(message, &units);
- if (r < 0)
- return r;
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- return r;
-
- r = sd_bus_message_open_container(reply, 'a', "(ssssssouso)");
- if (r < 0)
- return r;
-
- STRV_FOREACH(unit, units) {
- Unit *u;
-
- if (!unit_name_is_valid(*unit, UNIT_NAME_ANY))
- continue;
-
- r = manager_load_unit(m, *unit, NULL, error, &u);
- if (r < 0)
- return r;
-
- r = reply_unit_info(reply, u);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- return r;
-
- return sd_bus_send(NULL, reply, NULL);
-}
-
-static int method_get_unit_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
-
- r = bus_unit_check_load_state(u, error);
- if (r < 0)
- return r;
-
- return bus_unit_method_get_processes(message, u, error);
-}
-
-static int transient_unit_from_message(
- Manager *m,
- sd_bus_message *message,
- const char *name,
- Unit **unit,
- sd_bus_error *error) {
-
- UnitType t;
- Unit *u;
- int r;
-
- assert(m);
- assert(message);
- assert(name);
-
- t = unit_name_to_type(name);
- if (t < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name or type.");
-
- if (!unit_vtable[t]->can_transient)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit type %s does not support transient units.", unit_type_to_string(t));
-
- r = manager_load_unit(m, name, NULL, error, &u);
- if (r < 0)
- return r;
-
- if (!unit_is_pristine(u))
- return sd_bus_error_setf(error, BUS_ERROR_UNIT_EXISTS, "Unit %s already exists.", name);
-
- /* OK, the unit failed to load and is unreferenced, now let's
- * fill in the transient data instead */
- r = unit_make_transient(u);
- if (r < 0)
- return r;
-
- /* Set our properties */
- r = bus_unit_set_properties(u, message, UNIT_RUNTIME, false, error);
- if (r < 0)
- return r;
-
- /* If the client asked for it, automatically add a reference to this unit. */
- if (u->bus_track_add) {
- r = bus_unit_track_add_sender(u, message);
- if (r < 0)
- return log_error_errno(r, "Failed to watch sender: %m");
- }
-
- /* Now load the missing bits of the unit we just created */
- unit_add_to_load_queue(u);
- manager_dispatch_load_queue(m);
-
- *unit = u;
-
- return 0;
-}
-
-static int transient_aux_units_from_message(
- Manager *m,
- sd_bus_message *message,
- sd_bus_error *error) {
-
- int r;
-
- assert(m);
- assert(message);
-
- r = sd_bus_message_enter_container(message, 'a', "(sa(sv))");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_enter_container(message, 'r', "sa(sv)")) > 0) {
- const char *name = NULL;
- Unit *u;
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = transient_unit_from_message(m, message, name, &u, error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int method_start_transient_unit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- const char *name, *smode;
- Manager *m = userdata;
- JobMode mode;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "start", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "ss", &name, &smode);
- if (r < 0)
- return r;
-
- mode = job_mode_from_string(smode);
- if (mode < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s is invalid.", smode);
-
- r = bus_verify_manage_units_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = transient_unit_from_message(m, message, name, &u, error);
- if (r < 0)
- return r;
-
- r = transient_aux_units_from_message(m, message, error);
- if (r < 0)
- return r;
-
- /* Finally, start it */
- return bus_unit_queue_job(message, u, JOB_START, mode, false, error);
-}
-
-static int method_get_job(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *path = NULL;
- Manager *m = userdata;
- uint32_t id;
- Job *j;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = sd_bus_message_read(message, "u", &id);
- if (r < 0)
- return r;
-
- j = manager_get_job(m, id);
- if (!j)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id);
-
- r = mac_selinux_unit_access_check(j->unit, message, "status", error);
- if (r < 0)
- return r;
-
- path = job_dbus_path(j);
- if (!path)
- return -ENOMEM;
-
- return sd_bus_reply_method_return(message, "o", path);
-}
-
-static int method_cancel_job(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- uint32_t id;
- Job *j;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "u", &id);
- if (r < 0)
- return r;
-
- j = manager_get_job(m, id);
- if (!j)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_JOB, "Job %u does not exist.", (unsigned) id);
-
- return bus_job_method_cancel(message, j, error);
-}
-
-static int method_clear_jobs(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_units_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- manager_clear_jobs(m);
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_units_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- manager_reset_failed(m);
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int list_units_filtered(sd_bus_message *message, void *userdata, sd_bus_error *error, char **states, char **patterns) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- Manager *m = userdata;
- const char *k;
- Iterator i;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- return r;
-
- r = sd_bus_message_open_container(reply, 'a', "(ssssssouso)");
- if (r < 0)
- return r;
-
- HASHMAP_FOREACH_KEY(u, k, m->units, i) {
- if (k != u->id)
- continue;
-
- if (!strv_isempty(states) &&
- !strv_contains(states, unit_load_state_to_string(u->load_state)) &&
- !strv_contains(states, unit_active_state_to_string(unit_active_state(u))) &&
- !strv_contains(states, unit_sub_state_to_string(u)))
- continue;
-
- if (!strv_isempty(patterns) &&
- !strv_fnmatch_or_empty(patterns, u->id, FNM_NOESCAPE))
- continue;
-
- r = reply_unit_info(reply, u);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- return r;
-
- return sd_bus_send(NULL, reply, NULL);
-}
-
-static int method_list_units(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return list_units_filtered(message, userdata, error, NULL, NULL);
-}
-
-static int method_list_units_filtered(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **states = NULL;
- int r;
-
- r = sd_bus_message_read_strv(message, &states);
- if (r < 0)
- return r;
-
- return list_units_filtered(message, userdata, error, states, NULL);
-}
-
-static int method_list_units_by_patterns(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **states = NULL;
- _cleanup_strv_free_ char **patterns = NULL;
- int r;
-
- r = sd_bus_message_read_strv(message, &states);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_strv(message, &patterns);
- if (r < 0)
- return r;
-
- return list_units_filtered(message, userdata, error, states, patterns);
-}
-
-static int method_list_jobs(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- Manager *m = userdata;
- Iterator i;
- Job *j;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- return r;
-
- r = sd_bus_message_open_container(reply, 'a', "(usssoo)");
- if (r < 0)
- return r;
-
- HASHMAP_FOREACH(j, m->jobs, i) {
- _cleanup_free_ char *unit_path = NULL, *job_path = NULL;
-
- job_path = job_dbus_path(j);
- if (!job_path)
- return -ENOMEM;
-
- unit_path = unit_dbus_path(j->unit);
- if (!unit_path)
- return -ENOMEM;
-
- r = sd_bus_message_append(
- reply, "(usssoo)",
- j->id,
- j->unit->id,
- job_type_to_string(j->type),
- job_state_to_string(j->state),
- job_path,
- unit_path);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- return r;
-
- return sd_bus_send(NULL, reply, NULL);
-}
-
-static int method_subscribe(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- if (sd_bus_message_get_bus(message) == m->api_bus) {
-
- /* Note that direct bus connection subscribe by
- * default, we only track peers on the API bus here */
-
- if (!m->subscribed) {
- r = sd_bus_track_new(sd_bus_message_get_bus(message), &m->subscribed, NULL, NULL);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_track_add_sender(m->subscribed, message);
- if (r < 0)
- return r;
- if (r == 0)
- return sd_bus_error_setf(error, BUS_ERROR_ALREADY_SUBSCRIBED, "Client is already subscribed.");
- }
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_unsubscribe(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- if (sd_bus_message_get_bus(message) == m->api_bus) {
- r = sd_bus_track_remove_sender(m->subscribed, message);
- if (r < 0)
- return r;
- if (r == 0)
- return sd_bus_error_setf(error, BUS_ERROR_NOT_SUBSCRIBED, "Client is not subscribed.");
- }
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_dump(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *dump = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- Manager *m = userdata;
- size_t size;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- f = open_memstream(&dump, &size);
- if (!f)
- return -ENOMEM;
-
- manager_dump_units(m, f, NULL);
- manager_dump_jobs(m, f, NULL);
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, "s", dump);
-}
-
-static int method_refuse_snapshot(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Support for snapshots has been removed.");
-}
-
-static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = bus_verify_reload_daemon_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- /* Instead of sending the reply back right away, we just
- * remember that we need to and then send it after the reload
- * is finished. That way the caller knows when the reload
- * finished. */
-
- assert(!m->queued_message);
- r = sd_bus_message_new_method_return(message, &m->queued_message);
- if (r < 0)
- return r;
-
- m->exit_code = MANAGER_RELOAD;
-
- return 1;
-}
-
-static int method_reexecute(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = bus_verify_reload_daemon_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- /* We don't send a reply back here, the client should
- * just wait for us disconnecting. */
-
- m->exit_code = MANAGER_REEXECUTE;
- return 1;
-}
-
-static int method_exit(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "halt", error);
- if (r < 0)
- return r;
-
- /* Exit() (in contrast to SetExitCode()) is actually allowed even if
- * we are running on the host. It will fall back on reboot() in
- * systemd-shutdown if it cannot do the exit() because it isn't a
- * container. */
-
- m->exit_code = MANAGER_EXIT;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_reboot(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reboot", error);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Reboot is only supported for system managers.");
-
- m->exit_code = MANAGER_REBOOT;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_poweroff(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "halt", error);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Powering off is only supported for system managers.");
-
- m->exit_code = MANAGER_POWEROFF;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_halt(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "halt", error);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Halt is only supported for system managers.");
-
- m->exit_code = MANAGER_HALT;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_kexec(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reboot", error);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "KExec is only supported for system managers.");
-
- m->exit_code = MANAGER_KEXEC;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_switch_root(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- char *ri = NULL, *rt = NULL;
- const char *root, *init;
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reboot", error);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Root switching is only supported by system manager.");
-
- r = sd_bus_message_read(message, "ss", &root, &init);
- if (r < 0)
- return r;
-
- if (path_equal(root, "/") || !path_is_absolute(root))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid switch root path %s", root);
-
- /* Safety check */
- if (isempty(init)) {
- if (!path_is_os_tree(root))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Specified switch root path %s does not seem to be an OS tree. os-release file is missing.", root);
- } else {
- _cleanup_free_ char *p = NULL;
-
- if (!path_is_absolute(init))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid init path %s", init);
-
- p = strappend(root, init);
- if (!p)
- return -ENOMEM;
-
- if (access(p, X_OK) < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Specified init binary %s does not exist.", p);
- }
-
- rt = strdup(root);
- if (!rt)
- return -ENOMEM;
-
- if (!isempty(init)) {
- ri = strdup(init);
- if (!ri) {
- free(rt);
- return -ENOMEM;
- }
- }
-
- free(m->switch_root);
- m->switch_root = rt;
-
- free(m->switch_root_init);
- m->switch_root_init = ri;
-
- m->exit_code = MANAGER_SWITCH_ROOT;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_set_environment(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **plus = NULL;
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_strv(message, &plus);
- if (r < 0)
- return r;
- if (!strv_env_is_valid(plus))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment assignments");
-
- r = bus_verify_set_environment_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = manager_environment_add(m, NULL, plus);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_unset_environment(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **minus = NULL;
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_strv(message, &minus);
- if (r < 0)
- return r;
-
- if (!strv_env_name_or_assignment_is_valid(minus))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment variable names or assignments");
-
- r = bus_verify_set_environment_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = manager_environment_add(m, minus, NULL);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_unset_and_set_environment(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **minus = NULL, **plus = NULL;
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "reload", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_strv(message, &minus);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_strv(message, &plus);
- if (r < 0)
- return r;
-
- if (!strv_env_name_or_assignment_is_valid(minus))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment variable names or assignments");
- if (!strv_env_is_valid(plus))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid environment assignments");
-
- r = bus_verify_set_environment_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = manager_environment_add(m, minus, plus);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_set_exit_code(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- uint8_t code;
- int r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "exit", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_basic(message, 'y', &code);
- if (r < 0)
- return r;
-
- if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "ExitCode can only be set for user service managers or in containers.");
-
- m->return_value = code;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static int method_lookup_dynamic_user_by_name(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- uid_t uid;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read_basic(message, 's', &name);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Dynamic users are only supported in the system instance.");
- if (!valid_user_group_name(name))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "User name invalid: %s", name);
-
- r = dynamic_user_lookup_name(m, name, &uid);
- if (r == -ESRCH)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_DYNAMIC_USER, "Dynamic user %s does not exist.", name);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, "u", (uint32_t) uid);
-}
-
-static int method_lookup_dynamic_user_by_uid(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *name = NULL;
- Manager *m = userdata;
- uid_t uid;
- int r;
-
- assert(message);
- assert(m);
-
- assert_cc(sizeof(uid) == sizeof(uint32_t));
- r = sd_bus_message_read_basic(message, 'u', &uid);
- if (r < 0)
- return r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return sd_bus_error_setf(error, SD_BUS_ERROR_NOT_SUPPORTED, "Dynamic users are only supported in the system instance.");
- if (!uid_is_valid(uid))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "User ID invalid: " UID_FMT, uid);
-
- r = dynamic_user_lookup_uid(m, uid, &name);
- if (r == -ESRCH)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_DYNAMIC_USER, "Dynamic user ID " UID_FMT " does not exist.", uid);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, "s", name);
-}
-
-static int list_unit_files_by_patterns(sd_bus_message *message, void *userdata, sd_bus_error *error, char **states, char **patterns) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- Manager *m = userdata;
- UnitFileList *item;
- Hashmap *h;
- Iterator i;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- return r;
-
- h = hashmap_new(&string_hash_ops);
- if (!h)
- return -ENOMEM;
-
- r = unit_file_get_list(m->unit_file_scope, NULL, h, states, patterns);
- if (r < 0)
- goto fail;
-
- r = sd_bus_message_open_container(reply, 'a', "(ss)");
- if (r < 0)
- goto fail;
-
- HASHMAP_FOREACH(item, h, i) {
-
- r = sd_bus_message_append(reply, "(ss)", item->path, unit_file_state_to_string(item->state));
- if (r < 0)
- goto fail;
- }
-
- unit_file_list_free(h);
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- return r;
-
- return sd_bus_send(NULL, reply, NULL);
-
-fail:
- unit_file_list_free(h);
- return r;
-}
-
-static int method_list_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return list_unit_files_by_patterns(message, userdata, error, NULL, NULL);
-}
-
-static int method_list_unit_files_by_patterns(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **states = NULL;
- _cleanup_strv_free_ char **patterns = NULL;
- int r;
-
- r = sd_bus_message_read_strv(message, &states);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read_strv(message, &patterns);
- if (r < 0)
- return r;
-
- return list_unit_files_by_patterns(message, userdata, error, states, patterns);
-}
-
-static int method_get_unit_file_state(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *name;
- UnitFileState state;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- r = unit_file_get_state(m->unit_file_scope, NULL, name, &state);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, "s", unit_file_state_to_string(state));
-}
-
-static int method_get_default_target(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_free_ char *default_target = NULL;
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- /* Anyone can call this method */
-
- r = mac_selinux_access_check(message, "status", error);
- if (r < 0)
- return r;
-
- r = unit_file_get_default(m->unit_file_scope, NULL, &default_target);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, "s", default_target);
-}
-
-static int send_unit_files_changed(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *message = NULL;
- int r;
-
- assert(bus);
-
- r = sd_bus_message_new_signal(bus, &message, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", "UnitFilesChanged");
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, message, NULL);
-}
-
-static int reply_unit_file_changes_and_free(
- Manager *m,
- sd_bus_message *message,
- int carries_install_info,
- UnitFileChange *changes,
- unsigned n_changes) {
-
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- unsigned i;
- int r;
-
- if (unit_file_changes_have_modification(changes, n_changes)) {
- r = bus_foreach_bus(m, NULL, send_unit_files_changed, NULL);
- if (r < 0)
- log_debug_errno(r, "Failed to send UnitFilesChanged signal: %m");
- }
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- goto fail;
-
- if (carries_install_info >= 0) {
- r = sd_bus_message_append(reply, "b", carries_install_info);
- if (r < 0)
- goto fail;
- }
-
- r = sd_bus_message_open_container(reply, 'a', "(sss)");
- if (r < 0)
- goto fail;
-
- for (i = 0; i < n_changes; i++)
- if (changes[i].type >= 0) {
- const char *change = unit_file_change_type_to_string(changes[i].type);
- assert(change != NULL);
-
- r = sd_bus_message_append(
- reply, "(sss)",
- change,
- changes[i].path,
- changes[i].source);
- if (r < 0)
- goto fail;
- }
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- goto fail;
-
- unit_file_changes_free(changes, n_changes);
- return sd_bus_send(NULL, reply, NULL);
-
-fail:
- unit_file_changes_free(changes, n_changes);
- return r;
-}
-
-/* Create an error reply, using the error information from changes[]
- * if possible, and fall back to generating an error from error code c.
- * The error message only describes the first error.
- *
- * Coordinate with unit_file_dump_changes() in install.c.
- */
-static int install_error(
- sd_bus_error *error,
- int c,
- UnitFileChange *changes,
- unsigned n_changes) {
- int r;
- unsigned i;
- assert(c < 0);
-
- for (i = 0; i < n_changes; i++)
- switch(changes[i].type) {
- case 0 ... INT_MAX:
- continue;
- case -EEXIST:
- if (changes[i].source)
- r = sd_bus_error_setf(error, BUS_ERROR_UNIT_EXISTS,
- "File %s already exists and is a symlink to %s.",
- changes[i].path, changes[i].source);
- else
- r = sd_bus_error_setf(error, BUS_ERROR_UNIT_EXISTS,
- "File %s already exists.",
- changes[i].path);
- goto found;
- case -ERFKILL:
- r = sd_bus_error_setf(error, BUS_ERROR_UNIT_MASKED,
- "Unit file %s is masked.", changes[i].path);
- goto found;
- case -EADDRNOTAVAIL:
- r = sd_bus_error_setf(error, BUS_ERROR_UNIT_GENERATED,
- "Unit %s is transient or generated.", changes[i].path);
- goto found;
- case -ELOOP:
- r = sd_bus_error_setf(error, BUS_ERROR_UNIT_LINKED,
- "Refusing to operate on linked unit file %s", changes[i].path);
- goto found;
- default:
- r = sd_bus_error_set_errnof(error, changes[i].type, "File %s: %m", changes[i].path);
- goto found;
- }
-
- r = c;
- found:
- unit_file_changes_free(changes, n_changes);
- return r;
-}
-
-static int method_enable_unit_files_generic(
- sd_bus_message *message,
- Manager *m,
- int (*call)(UnitFileScope scope, UnitFileFlags flags, const char *root_dir, char *files[], UnitFileChange **changes, unsigned *n_changes),
- bool carries_install_info,
- sd_bus_error *error) {
-
- _cleanup_strv_free_ char **l = NULL;
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- UnitFileFlags flags;
- int runtime, force, r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "bb", &runtime, &force);
- if (r < 0)
- return r;
-
- flags = unit_file_bools_to_flags(runtime, force);
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = call(m->unit_file_scope, flags, NULL, l, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, carries_install_info ? r : -1, changes, n_changes);
-}
-
-static int method_enable_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_enable_unit_files_generic(message, userdata, unit_file_enable, true, error);
-}
-
-static int method_reenable_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_enable_unit_files_generic(message, userdata, unit_file_reenable, true, error);
-}
-
-static int method_link_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_enable_unit_files_generic(message, userdata, unit_file_link, false, error);
-}
-
-static int unit_file_preset_without_mode(UnitFileScope scope, UnitFileFlags flags, const char *root_dir, char **files, UnitFileChange **changes, unsigned *n_changes) {
- return unit_file_preset(scope, flags, root_dir, files, UNIT_FILE_PRESET_FULL, changes, n_changes);
-}
-
-static int method_preset_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_enable_unit_files_generic(message, userdata, unit_file_preset_without_mode, true, error);
-}
-
-static int method_mask_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_enable_unit_files_generic(message, userdata, unit_file_mask, false, error);
-}
-
-static int method_preset_unit_files_with_mode(sd_bus_message *message, void *userdata, sd_bus_error *error) {
-
- _cleanup_strv_free_ char **l = NULL;
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- Manager *m = userdata;
- UnitFilePresetMode mm;
- int runtime, force, r;
- UnitFileFlags flags;
- const char *mode;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "sbb", &mode, &runtime, &force);
- if (r < 0)
- return r;
-
- flags = unit_file_bools_to_flags(runtime, force);
-
- if (isempty(mode))
- mm = UNIT_FILE_PRESET_FULL;
- else {
- mm = unit_file_preset_mode_from_string(mode);
- if (mm < 0)
- return -EINVAL;
- }
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = unit_file_preset(m->unit_file_scope, flags, NULL, l, mm, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, r, changes, n_changes);
-}
-
-static int method_disable_unit_files_generic(
- sd_bus_message *message,
- Manager *m,
- int (*call)(UnitFileScope scope, UnitFileFlags flags, const char *root_dir, char *files[], UnitFileChange **changes, unsigned *n_changes),
- sd_bus_error *error) {
-
- _cleanup_strv_free_ char **l = NULL;
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- int r, runtime;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "b", &runtime);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = call(m->unit_file_scope, runtime ? UNIT_FILE_RUNTIME : 0, NULL, l, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, -1, changes, n_changes);
-}
-
-static int method_disable_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_disable_unit_files_generic(message, userdata, unit_file_disable, error);
-}
-
-static int method_unmask_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return method_disable_unit_files_generic(message, userdata, unit_file_unmask, error);
-}
-
-static int method_revert_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **l = NULL;
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- Manager *m = userdata;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = unit_file_revert(m->unit_file_scope, NULL, l, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, -1, changes, n_changes);
-}
-
-static int method_set_default_target(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- Manager *m = userdata;
- const char *name;
- int force, r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "enable", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "sb", &name, &force);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = unit_file_set_default(m->unit_file_scope, force ? UNIT_FILE_FORCE : 0, NULL, name, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, -1, changes, n_changes);
-}
-
-static int method_preset_all_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- Manager *m = userdata;
- UnitFilePresetMode mm;
- const char *mode;
- UnitFileFlags flags;
- int force, runtime, r;
-
- assert(message);
- assert(m);
-
- r = mac_selinux_access_check(message, "enable", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "sbb", &mode, &runtime, &force);
- if (r < 0)
- return r;
-
- flags = unit_file_bools_to_flags(runtime, force);
-
- if (isempty(mode))
- mm = UNIT_FILE_PRESET_FULL;
- else {
- mm = unit_file_preset_mode_from_string(mode);
- if (mm < 0)
- return -EINVAL;
- }
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = unit_file_preset_all(m->unit_file_scope, flags, NULL, mm, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, -1, changes, n_changes);
-}
-
-static int method_add_dependency_unit_files(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_strv_free_ char **l = NULL;
- Manager *m = userdata;
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0;
- int runtime, force, r;
- char *target, *type;
- UnitDependency dep;
- UnitFileFlags flags;
-
- assert(message);
- assert(m);
-
- r = bus_verify_manage_unit_files_async(m, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = sd_bus_message_read_strv(message, &l);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "ssbb", &target, &type, &runtime, &force);
- if (r < 0)
- return r;
-
- flags = unit_file_bools_to_flags(runtime, force);
-
- dep = unit_dependency_from_string(type);
- if (dep < 0)
- return -EINVAL;
-
- r = unit_file_add_dependency(m->unit_file_scope, flags, NULL, l, target, dep, &changes, &n_changes);
- if (r < 0)
- return install_error(error, r, changes, n_changes);
-
- return reply_unit_file_changes_and_free(m, message, -1, changes, n_changes);
-}
-
-static int method_get_unit_file_links(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- UnitFileChange *changes = NULL;
- unsigned n_changes = 0, i;
- UnitFileFlags flags;
- const char *name;
- char **p;
- int runtime, r;
-
- r = sd_bus_message_read(message, "sb", &name, &runtime);
- if (r < 0)
- return r;
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- return r;
-
- r = sd_bus_message_open_container(reply, SD_BUS_TYPE_ARRAY, "s");
- if (r < 0)
- return r;
-
- p = STRV_MAKE(name);
- flags = UNIT_FILE_DRY_RUN |
- (runtime ? UNIT_FILE_RUNTIME : 0);
-
- r = unit_file_disable(UNIT_FILE_SYSTEM, flags, NULL, p, &changes, &n_changes);
- if (r < 0)
- return log_error_errno(r, "Failed to get file links for %s: %m", name);
-
- for (i = 0; i < n_changes; i++)
- if (changes[i].type == UNIT_FILE_UNLINK) {
- r = sd_bus_message_append(reply, "s", changes[i].path);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- return r;
-
- return sd_bus_send(NULL, reply, NULL);
-}
-
-const sd_bus_vtable bus_manager_vtable[] = {
- SD_BUS_VTABLE_START(0),
-
- SD_BUS_PROPERTY("Version", "s", property_get_version, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Features", "s", property_get_features, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Virtualization", "s", property_get_virtualization, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Architecture", "s", property_get_architecture, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Tainted", "s", property_get_tainted, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("FirmwareTimestamp", offsetof(Manager, firmware_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("LoaderTimestamp", offsetof(Manager, loader_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("KernelTimestamp", offsetof(Manager, kernel_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("InitRDTimestamp", offsetof(Manager, initrd_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("UserspaceTimestamp", offsetof(Manager, userspace_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("FinishTimestamp", offsetof(Manager, finish_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("SecurityStartTimestamp", offsetof(Manager, security_start_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("SecurityFinishTimestamp", offsetof(Manager, security_finish_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("GeneratorsStartTimestamp", offsetof(Manager, generators_start_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("GeneratorsFinishTimestamp", offsetof(Manager, generators_finish_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("UnitsLoadStartTimestamp", offsetof(Manager, units_load_start_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("UnitsLoadFinishTimestamp", offsetof(Manager, units_load_finish_timestamp), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_WRITABLE_PROPERTY("LogLevel", "s", property_get_log_level, property_set_log_level, 0, 0),
- SD_BUS_WRITABLE_PROPERTY("LogTarget", "s", property_get_log_target, property_set_log_target, 0, 0),
- SD_BUS_PROPERTY("NNames", "u", property_get_n_names, 0, 0),
- SD_BUS_PROPERTY("NFailedUnits", "u", property_get_n_failed_units, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("NJobs", "u", property_get_n_jobs, 0, 0),
- SD_BUS_PROPERTY("NInstalledJobs", "u", bus_property_get_unsigned, offsetof(Manager, n_installed_jobs), 0),
- SD_BUS_PROPERTY("NFailedJobs", "u", bus_property_get_unsigned, offsetof(Manager, n_failed_jobs), 0),
- SD_BUS_PROPERTY("Progress", "d", property_get_progress, 0, 0),
- SD_BUS_PROPERTY("Environment", "as", NULL, offsetof(Manager, environment), 0),
- SD_BUS_PROPERTY("ConfirmSpawn", "b", bus_property_get_bool, offsetof(Manager, confirm_spawn), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ShowStatus", "b", bus_property_get_bool, offsetof(Manager, show_status), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("UnitPath", "as", NULL, offsetof(Manager, lookup_paths.search_path), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultStandardOutput", "s", bus_property_get_exec_output, offsetof(Manager, default_std_output), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultStandardError", "s", bus_property_get_exec_output, offsetof(Manager, default_std_output), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_WRITABLE_PROPERTY("RuntimeWatchdogUSec", "t", bus_property_get_usec, property_set_runtime_watchdog, offsetof(Manager, runtime_watchdog), 0),
- SD_BUS_WRITABLE_PROPERTY("ShutdownWatchdogUSec", "t", bus_property_get_usec, bus_property_set_usec, offsetof(Manager, shutdown_watchdog), 0),
- SD_BUS_PROPERTY("ControlGroup", "s", NULL, offsetof(Manager, cgroup_root), 0),
- SD_BUS_PROPERTY("SystemState", "s", property_get_system_state, 0, 0),
- SD_BUS_PROPERTY("ExitCode", "y", bus_property_get_unsigned, offsetof(Manager, return_value), 0),
- SD_BUS_PROPERTY("DefaultTimerAccuracyUSec", "t", bus_property_get_usec, offsetof(Manager, default_timer_accuracy_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultTimeoutStartUSec", "t", bus_property_get_usec, offsetof(Manager, default_timeout_start_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultTimeoutStopUSec", "t", bus_property_get_usec, offsetof(Manager, default_timeout_stop_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultRestartUSec", "t", bus_property_get_usec, offsetof(Manager, default_restart_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultStartLimitIntervalSec", "t", bus_property_get_usec, offsetof(Manager, default_start_limit_interval), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultStartLimitInterval", "t", bus_property_get_usec, offsetof(Manager, default_start_limit_interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN), /* obsolete alias name */
- SD_BUS_PROPERTY("DefaultStartLimitBurst", "u", bus_property_get_unsigned, offsetof(Manager, default_start_limit_burst), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultCPUAccounting", "b", bus_property_get_bool, offsetof(Manager, default_cpu_accounting), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultBlockIOAccounting", "b", bus_property_get_bool, offsetof(Manager, default_blockio_accounting), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultMemoryAccounting", "b", bus_property_get_bool, offsetof(Manager, default_memory_accounting), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultTasksAccounting", "b", bus_property_get_bool, offsetof(Manager, default_tasks_accounting), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitCPU", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_CPU]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitCPUSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_CPU]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitFSIZE", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_FSIZE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitFSIZESoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_FSIZE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitDATA", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_DATA]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitDATASoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_DATA]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitSTACK", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_STACK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitSTACKSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_STACK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitCORE", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_CORE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitCORESoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_CORE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitRSS", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_RSS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitRSSSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_RSS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitNOFILE", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_NOFILE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitNOFILESoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_NOFILE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitAS", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_AS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitASSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_AS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitNPROC", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_NPROC]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitNPROCSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_NPROC]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitMEMLOCK", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_MEMLOCK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitMEMLOCKSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_MEMLOCK]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitLOCKS", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_LOCKS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitLOCKSSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_LOCKS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitSIGPENDING", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_SIGPENDING]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitSIGPENDINGSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_SIGPENDING]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitMSGQUEUE", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_MSGQUEUE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitMSGQUEUESoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_MSGQUEUE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitNICE", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_NICE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitNICESoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_NICE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitRTPRIO", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_RTPRIO]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitRTPRIOSoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_RTPRIO]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitRTTIME", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_RTTIME]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultLimitRTTIMESoft", "t", bus_property_get_rlimit, offsetof(Manager, rlimit[RLIMIT_RTTIME]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultTasksMax", "t", NULL, offsetof(Manager, default_tasks_max), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimerSlackNSec", "t", property_get_timer_slack_nsec, 0, SD_BUS_VTABLE_PROPERTY_CONST),
-
- SD_BUS_METHOD("GetUnit", "s", "o", method_get_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetUnitByPID", "u", "o", method_get_unit_by_pid, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetUnitByInvocationID", "ay", "o", method_get_unit_by_invocation_id, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("LoadUnit", "s", "o", method_load_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("StartUnit", "ss", "o", method_start_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("StartUnitReplace", "sss", "o", method_start_unit_replace, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("StopUnit", "ss", "o", method_stop_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ReloadUnit", "ss", "o", method_reload_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("RestartUnit", "ss", "o", method_restart_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("TryRestartUnit", "ss", "o", method_try_restart_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ReloadOrRestartUnit", "ss", "o", method_reload_or_restart_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ReloadOrTryRestartUnit", "ss", "o", method_reload_or_try_restart_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("KillUnit", "ssi", NULL, method_kill_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ResetFailedUnit", "s", NULL, method_reset_failed_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("SetUnitProperties", "sba(sv)", NULL, method_set_unit_properties, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("RefUnit", "s", NULL, method_ref_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("UnrefUnit", "s", NULL, method_unref_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("StartTransientUnit", "ssa(sv)a(sa(sv))", "o", method_start_transient_unit, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetUnitProcesses", "s", "a(sus)", method_get_unit_processes, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetJob", "u", "o", method_get_job, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("CancelJob", "u", NULL, method_cancel_job, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ClearJobs", NULL, NULL, method_clear_jobs, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ResetFailed", NULL, NULL, method_reset_failed, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListUnits", NULL, "a(ssssssouso)", method_list_units, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListUnitsFiltered", "as", "a(ssssssouso)", method_list_units_filtered, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListUnitsByPatterns", "asas", "a(ssssssouso)", method_list_units_by_patterns, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListUnitsByNames", "as", "a(ssssssouso)", method_list_units_by_names, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListJobs", NULL, "a(usssoo)", method_list_jobs, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Subscribe", NULL, NULL, method_subscribe, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Unsubscribe", NULL, NULL, method_unsubscribe, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Dump", NULL, "s", method_dump, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("CreateSnapshot", "sb", "o", method_refuse_snapshot, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("RemoveSnapshot", "s", NULL, method_refuse_snapshot, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Reload", NULL, NULL, method_reload, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Reexecute", NULL, NULL, method_reexecute, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Exit", NULL, NULL, method_exit, 0),
- SD_BUS_METHOD("Reboot", NULL, NULL, method_reboot, SD_BUS_VTABLE_CAPABILITY(CAP_SYS_BOOT)),
- SD_BUS_METHOD("PowerOff", NULL, NULL, method_poweroff, SD_BUS_VTABLE_CAPABILITY(CAP_SYS_BOOT)),
- SD_BUS_METHOD("Halt", NULL, NULL, method_halt, SD_BUS_VTABLE_CAPABILITY(CAP_SYS_BOOT)),
- SD_BUS_METHOD("KExec", NULL, NULL, method_kexec, SD_BUS_VTABLE_CAPABILITY(CAP_SYS_BOOT)),
- SD_BUS_METHOD("SwitchRoot", "ss", NULL, method_switch_root, SD_BUS_VTABLE_CAPABILITY(CAP_SYS_BOOT)),
- SD_BUS_METHOD("SetEnvironment", "as", NULL, method_set_environment, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("UnsetEnvironment", "as", NULL, method_unset_environment, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("UnsetAndSetEnvironment", "asas", NULL, method_unset_and_set_environment, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListUnitFiles", NULL, "a(ss)", method_list_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ListUnitFilesByPatterns", "asas", "a(ss)", method_list_unit_files_by_patterns, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetUnitFileState", "s", "s", method_get_unit_file_state, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("EnableUnitFiles", "asbb", "ba(sss)", method_enable_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("DisableUnitFiles", "asb", "a(sss)", method_disable_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ReenableUnitFiles", "asbb", "ba(sss)", method_reenable_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("LinkUnitFiles", "asbb", "a(sss)", method_link_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("PresetUnitFiles", "asbb", "ba(sss)", method_preset_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("PresetUnitFilesWithMode", "assbb", "ba(sss)", method_preset_unit_files_with_mode, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("MaskUnitFiles", "asbb", "a(sss)", method_mask_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("UnmaskUnitFiles", "asb", "a(sss)", method_unmask_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("RevertUnitFiles", "as", "a(sss)", method_revert_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("SetDefaultTarget", "sb", "a(sss)", method_set_default_target, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetDefaultTarget", NULL, "s", method_get_default_target, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("PresetAllUnitFiles", "sbb", "a(sss)", method_preset_all_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("AddDependencyUnitFiles", "asssbb", "a(sss)", method_add_dependency_unit_files, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("GetUnitFileLinks", "sb", "as", method_get_unit_file_links, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("SetExitCode", "y", NULL, method_set_exit_code, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("LookupDynamicUserByName", "s", "u", method_lookup_dynamic_user_by_name, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("LookupDynamicUserByUID", "u", "s", method_lookup_dynamic_user_by_uid, SD_BUS_VTABLE_UNPRIVILEGED),
-
- SD_BUS_SIGNAL("UnitNew", "so", 0),
- SD_BUS_SIGNAL("UnitRemoved", "so", 0),
- SD_BUS_SIGNAL("JobNew", "uos", 0),
- SD_BUS_SIGNAL("JobRemoved", "uoss", 0),
- SD_BUS_SIGNAL("StartupFinished", "tttttt", 0),
- SD_BUS_SIGNAL("UnitFilesChanged", NULL, 0),
- SD_BUS_SIGNAL("Reloading", "b", 0),
-
- SD_BUS_VTABLE_END
-};
-
-static int send_finished(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *message = NULL;
- usec_t *times = userdata;
- int r;
-
- assert(bus);
- assert(times);
-
- r = sd_bus_message_new_signal(bus, &message, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", "StartupFinished");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(message, "tttttt", times[0], times[1], times[2], times[3], times[4], times[5]);
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, message, NULL);
-}
-
-void bus_manager_send_finished(
- Manager *m,
- usec_t firmware_usec,
- usec_t loader_usec,
- usec_t kernel_usec,
- usec_t initrd_usec,
- usec_t userspace_usec,
- usec_t total_usec) {
-
- int r;
-
- assert(m);
-
- r = bus_foreach_bus(
- m,
- NULL,
- send_finished,
- (usec_t[6]) {
- firmware_usec,
- loader_usec,
- kernel_usec,
- initrd_usec,
- userspace_usec,
- total_usec
- });
- if (r < 0)
- log_debug_errno(r, "Failed to send finished signal: %m");
-}
-
-static int send_reloading(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *message = NULL;
- int r;
-
- assert(bus);
-
- r = sd_bus_message_new_signal(bus, &message, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", "Reloading");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(message, "b", PTR_TO_INT(userdata));
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, message, NULL);
-}
-
-void bus_manager_send_reloading(Manager *m, bool active) {
- int r;
-
- assert(m);
-
- r = bus_foreach_bus(m, NULL, send_reloading, INT_TO_PTR(active));
- if (r < 0)
- log_debug_errno(r, "Failed to send reloading signal: %m");
-}
-
-static int send_changed_signal(sd_bus *bus, void *userdata) {
- assert(bus);
-
- return sd_bus_emit_properties_changed_strv(bus,
- "/org/freedesktop/systemd1",
- "org.freedesktop.systemd1.Manager",
- NULL);
-}
-
-void bus_manager_send_change_signal(Manager *m) {
- int r;
-
- assert(m);
-
- r = bus_foreach_bus(m, NULL, send_changed_signal, NULL);
- if (r < 0)
- log_debug_errno(r, "Failed to send manager change signal: %m");
-}
diff --git a/src/core/dbus-manager.h b/src/core/dbus-manager.h
deleted file mode 100644
index 36a2e9481b..0000000000
--- a/src/core/dbus-manager.h
+++ /dev/null
@@ -1,28 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "manager.h"
-
-extern const sd_bus_vtable bus_manager_vtable[];
-
-void bus_manager_send_finished(Manager *m, usec_t firmware_usec, usec_t loader_usec, usec_t kernel_usec, usec_t initrd_usec, usec_t userspace_usec, usec_t total_usec);
-void bus_manager_send_reloading(Manager *m, bool active);
-void bus_manager_send_change_signal(Manager *m);
diff --git a/src/core/dbus-mount.c b/src/core/dbus-mount.c
deleted file mode 100644
index 76a7a7ce97..0000000000
--- a/src/core/dbus-mount.c
+++ /dev/null
@@ -1,218 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "bus-util.h"
-#include "dbus-cgroup.h"
-#include "dbus-execute.h"
-#include "dbus-kill.h"
-#include "dbus-mount.h"
-#include "mount.h"
-#include "string-util.h"
-#include "unit.h"
-
-static int property_get_what(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Mount *m = userdata;
- const char *d;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- if (m->from_proc_self_mountinfo && m->parameters_proc_self_mountinfo.what)
- d = m->parameters_proc_self_mountinfo.what;
- else if (m->from_fragment && m->parameters_fragment.what)
- d = m->parameters_fragment.what;
- else
- d = "";
-
- return sd_bus_message_append(reply, "s", d);
-}
-
-static int property_get_options(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Mount *m = userdata;
- const char *d;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- if (m->from_proc_self_mountinfo && m->parameters_proc_self_mountinfo.options)
- d = m->parameters_proc_self_mountinfo.options;
- else if (m->from_fragment && m->parameters_fragment.options)
- d = m->parameters_fragment.options;
- else
- d = "";
-
- return sd_bus_message_append(reply, "s", d);
-}
-
-static int property_get_type(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Mount *m = userdata;
- const char *d;
-
- assert(bus);
- assert(reply);
- assert(m);
-
- if (m->from_proc_self_mountinfo && m->parameters_proc_self_mountinfo.fstype)
- d = m->parameters_proc_self_mountinfo.fstype;
- else if (m->from_fragment && m->parameters_fragment.fstype)
- d = m->parameters_fragment.fstype;
- else
- d = "";
-
- return sd_bus_message_append(reply, "s", d);
-}
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, mount_result, MountResult);
-
-const sd_bus_vtable bus_mount_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Where", "s", NULL, offsetof(Mount, where), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("What", "s", property_get_what, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Options","s", property_get_options, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Type", "s", property_get_type, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("TimeoutUSec", "t", bus_property_get_usec, offsetof(Mount, timeout_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ControlPID", "u", bus_property_get_pid, offsetof(Mount, control_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("DirectoryMode", "u", bus_property_get_mode, offsetof(Mount, directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SloppyOptions", "b", bus_property_get_bool, offsetof(Mount, sloppy_options), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LazyUnmount", "b", bus_property_get_bool, offsetof(Mount, lazy_unmount), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ForceUnmount", "b", bus_property_get_bool, offsetof(Mount, force_unmount), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Mount, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("UID", "u", NULL, offsetof(Unit, ref_uid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("GID", "u", NULL, offsetof(Unit, ref_gid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_EXEC_COMMAND_VTABLE("ExecMount", offsetof(Mount, exec_command[MOUNT_EXEC_MOUNT]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_VTABLE("ExecUnmount", offsetof(Mount, exec_command[MOUNT_EXEC_UNMOUNT]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_VTABLE("ExecRemount", offsetof(Mount, exec_command[MOUNT_EXEC_REMOUNT]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- SD_BUS_VTABLE_END
-};
-
-static int bus_mount_set_transient_property(
- Mount *m,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- const char *new_property;
- char **property;
- char *p;
- int r;
-
- assert(m);
- assert(name);
- assert(message);
-
- if (streq(name, "What"))
- property = &m->parameters_fragment.what;
- else if (streq(name, "Options"))
- property = &m->parameters_fragment.options;
- else if (streq(name, "Type"))
- property = &m->parameters_fragment.fstype;
- else
- return 0;
-
- r = sd_bus_message_read(message, "s", &new_property);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- p = strdup(new_property);
- if (!p)
- return -ENOMEM;
-
- unit_write_drop_in_format(UNIT(m), mode, name, "[Mount]\n%s=%s\n",
- name, new_property);
-
- free(*property);
- *property = p;
- }
-
- return 1;
-}
-
-int bus_mount_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Mount *m = MOUNT(u);
- int r;
-
- assert(m);
- assert(name);
- assert(message);
-
- r = bus_cgroup_set_property(u, &m->cgroup_context, name, message, mode, error);
- if (r != 0)
- return r;
-
- if (u->transient && u->load_state == UNIT_STUB) {
- /* This is a transient unit, let's load a little more */
-
- r = bus_mount_set_transient_property(m, name, message, mode, error);
- if (r != 0)
- return r;
-
- r = bus_exec_context_set_transient_property(u, &m->exec_context, name, message, mode, error);
- if (r != 0)
- return r;
-
- r = bus_kill_context_set_transient_property(u, &m->kill_context, name, message, mode, error);
- if (r != 0)
- return r;
- }
-
- return 0;
-}
-
-int bus_mount_commit_properties(Unit *u) {
- assert(u);
-
- unit_update_cgroup_members_masks(u);
- unit_realize_cgroup(u);
-
- return 0;
-}
diff --git a/src/core/dbus-mount.h b/src/core/dbus-mount.h
deleted file mode 100644
index ec16166d36..0000000000
--- a/src/core/dbus-mount.h
+++ /dev/null
@@ -1,29 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_mount_vtable[];
-
-int bus_mount_set_property(Unit *u, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
-int bus_mount_commit_properties(Unit *u);
diff --git a/src/core/dbus-path.c b/src/core/dbus-path.c
deleted file mode 100644
index 1e153e503f..0000000000
--- a/src/core/dbus-path.c
+++ /dev/null
@@ -1,86 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "bus-util.h"
-#include "dbus-path.h"
-#include "path.h"
-#include "string-util.h"
-#include "unit.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, path_result, PathResult);
-
-static int property_get_paths(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Path *p = userdata;
- PathSpec *k;
- int r;
-
- assert(bus);
- assert(reply);
- assert(p);
-
- r = sd_bus_message_open_container(reply, 'a', "(ss)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(spec, k, p->specs) {
- r = sd_bus_message_append(reply, "(ss)", path_type_to_string(k->type), k->path);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_unit(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *p = userdata, *trigger;
-
- assert(bus);
- assert(reply);
- assert(p);
-
- trigger = UNIT_TRIGGER(p);
-
- return sd_bus_message_append(reply, "s", trigger ? trigger->id : "");
-}
-
-const sd_bus_vtable bus_path_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Unit", "s", property_get_unit, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Paths", "a(ss)", property_get_paths, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MakeDirectory", "b", bus_property_get_bool, offsetof(Path, make_directory), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DirectoryMode", "u", bus_property_get_mode, offsetof(Path, directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Path, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_VTABLE_END
-};
diff --git a/src/core/dbus-path.h b/src/core/dbus-path.h
deleted file mode 100644
index d3c19e0c2b..0000000000
--- a/src/core/dbus-path.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-
-
-extern const sd_bus_vtable bus_path_vtable[];
diff --git a/src/core/dbus-scope.c b/src/core/dbus-scope.c
deleted file mode 100644
index 1abaf9f658..0000000000
--- a/src/core/dbus-scope.c
+++ /dev/null
@@ -1,229 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "bus-common-errors.h"
-#include "bus-internal.h"
-#include "bus-util.h"
-#include "dbus-cgroup.h"
-#include "dbus-kill.h"
-#include "dbus-scope.h"
-#include "dbus-unit.h"
-#include "dbus.h"
-#include "scope.h"
-#include "selinux-access.h"
-#include "unit.h"
-
-static int bus_scope_abandon(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Scope *s = userdata;
- int r;
-
- assert(message);
- assert(s);
-
- r = mac_selinux_unit_access_check(UNIT(s), message, "stop", error);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_units_async(UNIT(s)->manager, message, error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = scope_abandon(s);
- if (r == -ESTALE)
- return sd_bus_error_setf(error, BUS_ERROR_SCOPE_NOT_RUNNING, "Scope %s is not running, cannot abandon.", UNIT(s)->id);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, scope_result, ScopeResult);
-
-const sd_bus_vtable bus_scope_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Controller", "s", NULL, offsetof(Scope, controller), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimeoutStopUSec", "t", bus_property_get_usec, offsetof(Scope, timeout_stop_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Scope, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_SIGNAL("RequestStop", NULL, 0),
- SD_BUS_METHOD("Abandon", NULL, NULL, bus_scope_abandon, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_VTABLE_END
-};
-
-static int bus_scope_set_transient_property(
- Scope *s,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(s);
- assert(name);
- assert(message);
-
- if (streq(name, "PIDs")) {
- unsigned n = 0;
- uint32_t pid;
-
- r = sd_bus_message_enter_container(message, 'a', "u");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "u", &pid)) > 0) {
-
- if (pid <= 1)
- return -EINVAL;
-
- if (mode != UNIT_CHECK) {
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0 && r != -EEXIST)
- return r;
- }
-
- n++;
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (n <= 0)
- return -EINVAL;
-
- return 1;
-
- } else if (streq(name, "Controller")) {
- const char *controller;
- char *c;
-
- r = sd_bus_message_read(message, "s", &controller);
- if (r < 0)
- return r;
-
- if (!isempty(controller) && !service_name_is_valid(controller))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Controller '%s' is not a valid bus name.", controller);
-
- if (mode != UNIT_CHECK) {
- if (isempty(controller))
- c = NULL;
- else {
- c = strdup(controller);
- if (!c)
- return -ENOMEM;
- }
-
- free(s->controller);
- s->controller = c;
- }
-
- return 1;
-
- } else if (streq(name, "TimeoutStopUSec")) {
-
- if (mode != UNIT_CHECK) {
- r = sd_bus_message_read(message, "t", &s->timeout_stop_usec);
- if (r < 0)
- return r;
-
- unit_write_drop_in_private_format(UNIT(s), mode, name, "TimeoutStopSec="USEC_FMT"us", s->timeout_stop_usec);
- } else {
- r = sd_bus_message_skip(message, "t");
- if (r < 0)
- return r;
- }
-
- return 1;
- }
-
- return 0;
-}
-
-int bus_scope_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Scope *s = SCOPE(u);
- int r;
-
- assert(s);
- assert(name);
- assert(message);
-
- r = bus_cgroup_set_property(u, &s->cgroup_context, name, message, mode, error);
- if (r != 0)
- return r;
-
- if (u->load_state == UNIT_STUB) {
- /* While we are created we still accept PIDs */
-
- r = bus_scope_set_transient_property(s, name, message, mode, error);
- if (r != 0)
- return r;
-
- r = bus_kill_context_set_transient_property(u, &s->kill_context, name, message, mode, error);
- if (r != 0)
- return r;
- }
-
- return 0;
-}
-
-int bus_scope_commit_properties(Unit *u) {
- assert(u);
-
- unit_update_cgroup_members_masks(u);
- unit_realize_cgroup(u);
-
- return 0;
-}
-
-int bus_scope_send_request_stop(Scope *s) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
- _cleanup_free_ char *p = NULL;
- int r;
-
- assert(s);
-
- if (!s->controller)
- return 0;
-
- p = unit_dbus_path(UNIT(s));
- if (!p)
- return -ENOMEM;
-
- r = sd_bus_message_new_signal(
- UNIT(s)->manager->api_bus,
- &m,
- p,
- "org.freedesktop.systemd1.Scope",
- "RequestStop");
- if (r < 0)
- return r;
-
- return sd_bus_send_to(UNIT(s)->manager->api_bus, m, s->controller, NULL);
-}
diff --git a/src/core/dbus-scope.h b/src/core/dbus-scope.h
deleted file mode 100644
index 270306f508..0000000000
--- a/src/core/dbus-scope.h
+++ /dev/null
@@ -1,31 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_scope_vtable[];
-
-int bus_scope_set_property(Unit *u, const char *name, sd_bus_message *i, UnitSetPropertiesMode mode, sd_bus_error *error);
-int bus_scope_commit_properties(Unit *u);
-
-int bus_scope_send_request_stop(Scope *s);
diff --git a/src/core/dbus-service.c b/src/core/dbus-service.c
deleted file mode 100644
index 61b83d2d62..0000000000
--- a/src/core/dbus-service.c
+++ /dev/null
@@ -1,326 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "async.h"
-#include "bus-util.h"
-#include "dbus-cgroup.h"
-#include "dbus-execute.h"
-#include "dbus-kill.h"
-#include "dbus-service.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "path-util.h"
-#include "service.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_type, service_type, ServiceType);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, service_result, ServiceResult);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_restart, service_restart, ServiceRestart);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_notify_access, notify_access, NotifyAccess);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_emergency_action, emergency_action, EmergencyAction);
-
-const sd_bus_vtable bus_service_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Type", "s", property_get_type, offsetof(Service, type), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Restart", "s", property_get_restart, offsetof(Service, restart), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PIDFile", "s", NULL, offsetof(Service, pid_file), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("NotifyAccess", "s", property_get_notify_access, offsetof(Service, notify_access), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RestartUSec", "t", bus_property_get_usec, offsetof(Service, restart_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimeoutStartUSec", "t", bus_property_get_usec, offsetof(Service, timeout_start_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimeoutStopUSec", "t", bus_property_get_usec, offsetof(Service, timeout_stop_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RuntimeMaxUSec", "t", bus_property_get_usec, offsetof(Service, runtime_max_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("WatchdogUSec", "t", bus_property_get_usec, offsetof(Service, watchdog_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- BUS_PROPERTY_DUAL_TIMESTAMP("WatchdogTimestamp", offsetof(Service, watchdog_timestamp), 0),
- SD_BUS_PROPERTY("FailureAction", "s", property_get_emergency_action, offsetof(Service, emergency_action), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PermissionsStartOnly", "b", bus_property_get_bool, offsetof(Service, permissions_start_only), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RootDirectoryStartOnly", "b", bus_property_get_bool, offsetof(Service, root_directory_start_only), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RemainAfterExit", "b", bus_property_get_bool, offsetof(Service, remain_after_exit), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("GuessMainPID", "b", bus_property_get_bool, offsetof(Service, guess_main_pid), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MainPID", "u", bus_property_get_pid, offsetof(Service, main_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("ControlPID", "u", bus_property_get_pid, offsetof(Service, control_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("BusName", "s", NULL, offsetof(Service, bus_name), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("FileDescriptorStoreMax", "u", bus_property_get_unsigned, offsetof(Service, n_fd_store_max), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("NFileDescriptorStore", "u", bus_property_get_unsigned, offsetof(Service, n_fd_store), 0),
- SD_BUS_PROPERTY("StatusText", "s", NULL, offsetof(Service, status_text), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("StatusErrno", "i", NULL, offsetof(Service, status_errno), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Service, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("USBFunctionDescriptors", "s", NULL, offsetof(Service, usb_function_descriptors), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("USBFunctionStrings", "s", NULL, offsetof(Service, usb_function_strings), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("UID", "u", NULL, offsetof(Unit, ref_uid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("GID", "u", NULL, offsetof(Unit, ref_gid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
-
- BUS_EXEC_STATUS_VTABLE("ExecMain", offsetof(Service, main_exec_status), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStartPre", offsetof(Service, exec_command[SERVICE_EXEC_START_PRE]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStart", offsetof(Service, exec_command[SERVICE_EXEC_START]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStartPost", offsetof(Service, exec_command[SERVICE_EXEC_START_POST]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecReload", offsetof(Service, exec_command[SERVICE_EXEC_RELOAD]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStop", offsetof(Service, exec_command[SERVICE_EXEC_STOP]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStopPost", offsetof(Service, exec_command[SERVICE_EXEC_STOP_POST]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
-
- /* The following four are obsolete, and thus marked hidden here. They moved into the Unit interface */
- SD_BUS_PROPERTY("StartLimitInterval", "t", bus_property_get_usec, offsetof(Unit, start_limit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("StartLimitBurst", "u", bus_property_get_unsigned, offsetof(Unit, start_limit.burst), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("StartLimitAction", "s", property_get_emergency_action, offsetof(Unit, start_limit_action), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("RebootArgument", "s", NULL, offsetof(Unit, reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_VTABLE_END
-};
-
-static int bus_service_set_transient_property(
- Service *s,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(s);
- assert(name);
- assert(message);
-
- if (streq(name, "RemainAfterExit")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- s->remain_after_exit = b;
- unit_write_drop_in_private_format(UNIT(s), mode, name, "RemainAfterExit=%s", yes_no(b));
- }
-
- return 1;
-
- } else if (streq(name, "Type")) {
- const char *t;
- ServiceType k;
-
- r = sd_bus_message_read(message, "s", &t);
- if (r < 0)
- return r;
-
- k = service_type_from_string(t);
- if (k < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid service type %s", t);
-
- if (mode != UNIT_CHECK) {
- s->type = k;
- unit_write_drop_in_private_format(UNIT(s), mode, name, "Type=%s", service_type_to_string(s->type));
- }
-
- return 1;
- } else if (streq(name, "RuntimeMaxUSec")) {
- usec_t u;
-
- r = sd_bus_message_read(message, "t", &u);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- s->runtime_max_usec = u;
- unit_write_drop_in_private_format(UNIT(s), mode, name, "RuntimeMaxSec=" USEC_FMT "us", u);
- }
-
- return 1;
-
- } else if (STR_IN_SET(name,
- "StandardInputFileDescriptor",
- "StandardOutputFileDescriptor",
- "StandardErrorFileDescriptor")) {
- int fd;
-
- r = sd_bus_message_read(message, "h", &fd);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- int copy;
-
- copy = fcntl(fd, F_DUPFD_CLOEXEC, 3);
- if (copy < 0)
- return -errno;
-
- if (streq(name, "StandardInputFileDescriptor")) {
- asynchronous_close(s->stdin_fd);
- s->stdin_fd = copy;
- } else if (streq(name, "StandardOutputFileDescriptor")) {
- asynchronous_close(s->stdout_fd);
- s->stdout_fd = copy;
- } else {
- asynchronous_close(s->stderr_fd);
- s->stderr_fd = copy;
- }
-
- s->exec_context.stdio_as_fds = true;
- }
-
- return 1;
-
- } else if (streq(name, "ExecStart")) {
- unsigned n = 0;
-
- r = sd_bus_message_enter_container(message, 'a', "(sasb)");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_enter_container(message, 'r', "sasb")) > 0) {
- _cleanup_strv_free_ char **argv = NULL;
- const char *path;
- int b;
-
- r = sd_bus_message_read(message, "s", &path);
- if (r < 0)
- return r;
-
- if (!path_is_absolute(path))
- return sd_bus_error_set_errnof(error, EINVAL, "Path %s is not absolute.", path);
-
- r = sd_bus_message_read_strv(message, &argv);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- ExecCommand *c;
-
- c = new0(ExecCommand, 1);
- if (!c)
- return -ENOMEM;
-
- c->path = strdup(path);
- if (!c->path) {
- free(c);
- return -ENOMEM;
- }
-
- c->argv = argv;
- argv = NULL;
-
- c->ignore = b;
-
- path_kill_slashes(c->path);
- exec_command_append_list(&s->exec_command[SERVICE_EXEC_START], c);
- }
-
- n++;
- }
-
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *buf = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- ExecCommand *c;
- size_t size = 0;
-
- if (n == 0)
- s->exec_command[SERVICE_EXEC_START] = exec_command_free_list(s->exec_command[SERVICE_EXEC_START]);
-
- f = open_memstream(&buf, &size);
- if (!f)
- return -ENOMEM;
-
- fputs("ExecStart=\n", f);
-
- LIST_FOREACH(command, c, s->exec_command[SERVICE_EXEC_START]) {
- _cleanup_free_ char *a;
-
- a = strv_join_quoted(c->argv);
- if (!a)
- return -ENOMEM;
-
- fprintf(f, "ExecStart=%s@%s %s\n",
- c->ignore ? "-" : "",
- c->path,
- a);
- }
-
- r = fflush_and_check(f);
- if (r < 0)
- return r;
- unit_write_drop_in_private(UNIT(s), mode, name, buf);
- }
-
- return 1;
- }
-
- return 0;
-}
-
-int bus_service_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Service *s = SERVICE(u);
- int r;
-
- assert(s);
- assert(name);
- assert(message);
-
- r = bus_cgroup_set_property(u, &s->cgroup_context, name, message, mode, error);
- if (r != 0)
- return r;
-
- if (u->transient && u->load_state == UNIT_STUB) {
- /* This is a transient unit, let's load a little more */
-
- r = bus_service_set_transient_property(s, name, message, mode, error);
- if (r != 0)
- return r;
-
- r = bus_exec_context_set_transient_property(u, &s->exec_context, name, message, mode, error);
- if (r != 0)
- return r;
-
- r = bus_kill_context_set_transient_property(u, &s->kill_context, name, message, mode, error);
- if (r != 0)
- return r;
- }
-
- return 0;
-}
-
-int bus_service_commit_properties(Unit *u) {
- assert(u);
-
- unit_update_cgroup_members_masks(u);
- unit_realize_cgroup(u);
-
- return 0;
-}
diff --git a/src/core/dbus-service.h b/src/core/dbus-service.h
deleted file mode 100644
index 769a53769e..0000000000
--- a/src/core/dbus-service.h
+++ /dev/null
@@ -1,29 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_service_vtable[];
-
-int bus_service_set_property(Unit *u, const char *name, sd_bus_message *i, UnitSetPropertiesMode mode, sd_bus_error *error);
-int bus_service_commit_properties(Unit *u);
diff --git a/src/core/dbus-slice.c b/src/core/dbus-slice.c
deleted file mode 100644
index e37f50b283..0000000000
--- a/src/core/dbus-slice.c
+++ /dev/null
@@ -1,52 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "dbus-cgroup.h"
-#include "dbus-slice.h"
-#include "slice.h"
-#include "unit.h"
-
-const sd_bus_vtable bus_slice_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_VTABLE_END
-};
-
-int bus_slice_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Slice *s = SLICE(u);
-
- assert(name);
- assert(u);
-
- return bus_cgroup_set_property(u, &s->cgroup_context, name, message, mode, error);
-}
-
-int bus_slice_commit_properties(Unit *u) {
- assert(u);
-
- unit_update_cgroup_members_masks(u);
- unit_realize_cgroup(u);
-
- return 0;
-}
diff --git a/src/core/dbus-slice.h b/src/core/dbus-slice.h
deleted file mode 100644
index 52ceebb135..0000000000
--- a/src/core/dbus-slice.h
+++ /dev/null
@@ -1,29 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_slice_vtable[];
-
-int bus_slice_set_property(Unit *u, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
-int bus_slice_commit_properties(Unit *u);
diff --git a/src/core/dbus-socket.c b/src/core/dbus-socket.c
deleted file mode 100644
index 21adb64e15..0000000000
--- a/src/core/dbus-socket.c
+++ /dev/null
@@ -1,187 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "bus-util.h"
-#include "dbus-cgroup.h"
-#include "dbus-execute.h"
-#include "dbus-socket.h"
-#include "socket.h"
-#include "string-util.h"
-#include "unit.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, socket_result, SocketResult);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_bind_ipv6_only, socket_address_bind_ipv6_only, SocketAddressBindIPv6Only);
-
-static int property_get_listen(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
-
- Socket *s = SOCKET(userdata);
- SocketPort *p;
- int r;
-
- assert(bus);
- assert(reply);
- assert(s);
-
- r = sd_bus_message_open_container(reply, 'a', "(ss)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(port, p, s->ports) {
- _cleanup_free_ char *address = NULL;
- const char *a;
-
- switch (p->type) {
- case SOCKET_SOCKET: {
- r = socket_address_print(&p->address, &address);
- if (r)
- return r;
-
- a = address;
- break;
- }
-
- case SOCKET_SPECIAL:
- case SOCKET_MQUEUE:
- case SOCKET_FIFO:
- case SOCKET_USB_FUNCTION:
- a = p->path;
- break;
-
- default:
- assert_not_reached("Unknown socket type");
- }
-
- r = sd_bus_message_append(reply, "(ss)", socket_port_type_to_string(p), a);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-
-static int property_get_fdname(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Socket *s = SOCKET(userdata);
-
- assert(bus);
- assert(reply);
- assert(s);
-
- return sd_bus_message_append(reply, "s", socket_fdname(s));
-}
-
-const sd_bus_vtable bus_socket_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("BindIPv6Only", "s", property_get_bind_ipv6_only, offsetof(Socket, bind_ipv6_only), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Backlog", "u", bus_property_get_unsigned, offsetof(Socket, backlog), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimeoutUSec", "t", bus_property_get_usec, offsetof(Socket, timeout_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("BindToDevice", "s", NULL, offsetof(Socket, bind_to_device), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SocketUser", "s", NULL, offsetof(Socket, user), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SocketGroup", "s", NULL, offsetof(Socket, group), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SocketMode", "u", bus_property_get_mode, offsetof(Socket, socket_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DirectoryMode", "u", bus_property_get_mode, offsetof(Socket, directory_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Accept", "b", bus_property_get_bool, offsetof(Socket, accept), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Writable", "b", bus_property_get_bool, offsetof(Socket, writable), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("KeepAlive", "b", bus_property_get_bool, offsetof(Socket, keep_alive), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("KeepAliveTimeUSec", "t", bus_property_get_usec, offsetof(Socket, keep_alive_time), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("KeepAliveIntervalUSec", "t", bus_property_get_usec, offsetof(Socket, keep_alive_interval), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("KeepAliveProbes", "u", bus_property_get_unsigned, offsetof(Socket, keep_alive_cnt), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DeferAcceptUSec" , "t", bus_property_get_usec, offsetof(Socket, defer_accept), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("NoDelay", "b", bus_property_get_bool, offsetof(Socket, no_delay), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Priority", "i", bus_property_get_int, offsetof(Socket, priority), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ReceiveBuffer", "t", bus_property_get_size, offsetof(Socket, receive_buffer), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SendBuffer", "t", bus_property_get_size, offsetof(Socket, send_buffer), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("IPTOS", "i", bus_property_get_int, offsetof(Socket, ip_tos), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("IPTTL", "i", bus_property_get_int, offsetof(Socket, ip_ttl), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PipeSize", "t", bus_property_get_size, offsetof(Socket, pipe_size), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("FreeBind", "b", bus_property_get_bool, offsetof(Socket, free_bind), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Transparent", "b", bus_property_get_bool, offsetof(Socket, transparent), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Broadcast", "b", bus_property_get_bool, offsetof(Socket, broadcast), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PassCredentials", "b", bus_property_get_bool, offsetof(Socket, pass_cred), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PassSecurity", "b", bus_property_get_bool, offsetof(Socket, pass_sec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RemoveOnStop", "b", bus_property_get_bool, offsetof(Socket, remove_on_stop), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Listen", "a(ss)", property_get_listen, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Symlinks", "as", NULL, offsetof(Socket, symlinks), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Mark", "i", bus_property_get_int, offsetof(Socket, mark), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MaxConnections", "u", bus_property_get_unsigned, offsetof(Socket, max_connections), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MaxConnectionsPerSource", "u", bus_property_get_unsigned, offsetof(Socket, max_connections_per_source), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MessageQueueMaxMessages", "x", bus_property_get_long, offsetof(Socket, mq_maxmsg), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("MessageQueueMessageSize", "x", bus_property_get_long, offsetof(Socket, mq_msgsize), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ReusePort", "b", bus_property_get_bool, offsetof(Socket, reuse_port), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SmackLabel", "s", NULL, offsetof(Socket, smack), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SmackLabelIPIn", "s", NULL, offsetof(Socket, smack_ip_in), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SmackLabelIPOut", "s", NULL, offsetof(Socket, smack_ip_out), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ControlPID", "u", bus_property_get_pid, offsetof(Socket, control_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Socket, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("NConnections", "u", bus_property_get_unsigned, offsetof(Socket, n_connections), 0),
- SD_BUS_PROPERTY("NAccepted", "u", bus_property_get_unsigned, offsetof(Socket, n_accepted), 0),
- SD_BUS_PROPERTY("FileDescriptorName", "s", property_get_fdname, 0, 0),
- SD_BUS_PROPERTY("SocketProtocol", "i", bus_property_get_int, offsetof(Socket, socket_protocol), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TriggerLimitIntervalUSec", "t", bus_property_get_usec, offsetof(Socket, trigger_limit.interval), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TriggerLimitBurst", "u", bus_property_get_unsigned, offsetof(Socket, trigger_limit.burst), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("UID", "u", NULL, offsetof(Unit, ref_uid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("GID", "u", NULL, offsetof(Unit, ref_gid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStartPre", offsetof(Socket, exec_command[SOCKET_EXEC_START_PRE]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStartPost", offsetof(Socket, exec_command[SOCKET_EXEC_START_POST]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStopPre", offsetof(Socket, exec_command[SOCKET_EXEC_STOP_PRE]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_LIST_VTABLE("ExecStopPost", offsetof(Socket, exec_command[SOCKET_EXEC_STOP_POST]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- SD_BUS_VTABLE_END
-};
-
-int bus_socket_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Socket *s = SOCKET(u);
-
- assert(s);
- assert(name);
- assert(message);
-
- return bus_cgroup_set_property(u, &s->cgroup_context, name, message, mode, error);
-}
-
-int bus_socket_commit_properties(Unit *u) {
- assert(u);
-
- unit_update_cgroup_members_masks(u);
- unit_realize_cgroup(u);
-
- return 0;
-}
diff --git a/src/core/dbus-socket.h b/src/core/dbus-socket.h
deleted file mode 100644
index 7a792c7a89..0000000000
--- a/src/core/dbus-socket.h
+++ /dev/null
@@ -1,29 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_socket_vtable[];
-
-int bus_socket_set_property(Unit *u, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
-int bus_socket_commit_properties(Unit *u);
diff --git a/src/core/dbus-swap.c b/src/core/dbus-swap.c
deleted file mode 100644
index 85a2c26b98..0000000000
--- a/src/core/dbus-swap.c
+++ /dev/null
@@ -1,117 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright 2010 Maarten Lankhorst
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "bus-util.h"
-#include "dbus-cgroup.h"
-#include "dbus-execute.h"
-#include "dbus-swap.h"
-#include "string-util.h"
-#include "swap.h"
-#include "unit.h"
-
-static int property_get_priority(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Swap *s = SWAP(userdata);
- int p;
-
- assert(bus);
- assert(reply);
- assert(s);
-
- if (s->from_proc_swaps)
- p = s->parameters_proc_swaps.priority;
- else if (s->from_fragment)
- p = s->parameters_fragment.priority;
- else
- p = -1;
-
- return sd_bus_message_append(reply, "i", p);
-}
-
-static int property_get_options(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Swap *s = SWAP(userdata);
- const char *options = NULL;
-
- assert(bus);
- assert(reply);
- assert(s);
-
- if (s->from_fragment)
- options = s->parameters_fragment.options;
-
- return sd_bus_message_append(reply, "s", options);
-}
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, swap_result, SwapResult);
-
-const sd_bus_vtable bus_swap_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("What", "s", NULL, offsetof(Swap, what), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Priority", "i", property_get_priority, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Options", "s", property_get_options, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("TimeoutUSec", "t", bus_property_get_usec, offsetof(Swap, timeout_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ControlPID", "u", bus_property_get_pid, offsetof(Swap, control_pid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Swap, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("UID", "u", NULL, offsetof(Unit, ref_uid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("GID", "u", NULL, offsetof(Unit, ref_gid), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_EXEC_COMMAND_VTABLE("ExecActivate", offsetof(Swap, exec_command[SWAP_EXEC_ACTIVATE]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- BUS_EXEC_COMMAND_VTABLE("ExecDeactivate", offsetof(Swap, exec_command[SWAP_EXEC_DEACTIVATE]), SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- SD_BUS_VTABLE_END
-};
-
-int bus_swap_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Swap *s = SWAP(u);
-
- assert(s);
- assert(name);
- assert(message);
-
- return bus_cgroup_set_property(u, &s->cgroup_context, name, message, mode, error);
-}
-
-int bus_swap_commit_properties(Unit *u) {
- assert(u);
-
- unit_update_cgroup_members_masks(u);
- unit_realize_cgroup(u);
-
- return 0;
-}
diff --git a/src/core/dbus-swap.h b/src/core/dbus-swap.h
deleted file mode 100644
index 5238471f98..0000000000
--- a/src/core/dbus-swap.h
+++ /dev/null
@@ -1,30 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright 2010 Maarten Lankhorst
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_swap_vtable[];
-
-int bus_swap_set_property(Unit *u, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
-int bus_swap_commit_properties(Unit *u);
diff --git a/src/core/dbus-target.c b/src/core/dbus-target.c
deleted file mode 100644
index 6858b1ce72..0000000000
--- a/src/core/dbus-target.c
+++ /dev/null
@@ -1,26 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "dbus-target.h"
-#include "unit.h"
-
-const sd_bus_vtable bus_target_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_VTABLE_END
-};
diff --git a/src/core/dbus-target.h b/src/core/dbus-target.h
deleted file mode 100644
index 9be5ce06b7..0000000000
--- a/src/core/dbus-target.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-extern const sd_bus_vtable bus_target_vtable[];
diff --git a/src/core/dbus-timer.c b/src/core/dbus-timer.c
deleted file mode 100644
index efbb0e8915..0000000000
--- a/src/core/dbus-timer.c
+++ /dev/null
@@ -1,352 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "bus-util.h"
-#include "dbus-timer.h"
-#include "strv.h"
-#include "timer.h"
-#include "unit.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_result, timer_result, TimerResult);
-
-static int property_get_monotonic_timers(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Timer *t = userdata;
- TimerValue *v;
- int r;
-
- assert(bus);
- assert(reply);
- assert(t);
-
- r = sd_bus_message_open_container(reply, 'a', "(stt)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(value, v, t->values) {
- _cleanup_free_ char *buf = NULL;
- const char *s;
- size_t l;
-
- if (v->base == TIMER_CALENDAR)
- continue;
-
- s = timer_base_to_string(v->base);
- assert(endswith(s, "Sec"));
-
- /* s/Sec/USec/ */
- l = strlen(s);
- buf = new(char, l+2);
- if (!buf)
- return -ENOMEM;
-
- memcpy(buf, s, l-3);
- memcpy(buf+l-3, "USec", 5);
-
- r = sd_bus_message_append(reply, "(stt)", buf, v->value, v->next_elapse);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_calendar_timers(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Timer *t = userdata;
- TimerValue *v;
- int r;
-
- assert(bus);
- assert(reply);
- assert(t);
-
- r = sd_bus_message_open_container(reply, 'a', "(sst)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(value, v, t->values) {
- _cleanup_free_ char *buf = NULL;
-
- if (v->base != TIMER_CALENDAR)
- continue;
-
- r = calendar_spec_to_string(v->calendar_spec, &buf);
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(reply, "(sst)", timer_base_to_string(v->base), buf, v->next_elapse);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_unit(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata, *trigger;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- trigger = UNIT_TRIGGER(u);
-
- return sd_bus_message_append(reply, "s", trigger ? trigger->id : "");
-}
-
-static int property_get_next_elapse_monotonic(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Timer *t = userdata;
- usec_t x;
-
- assert(bus);
- assert(reply);
- assert(t);
-
- if (t->next_elapse_monotonic_or_boottime <= 0)
- x = 0;
- else if (t->wake_system) {
- usec_t a, b;
-
- a = now(CLOCK_MONOTONIC);
- b = now(clock_boottime_or_monotonic());
-
- if (t->next_elapse_monotonic_or_boottime + a > b)
- x = t->next_elapse_monotonic_or_boottime + a - b;
- else
- x = 0;
- } else
- x = t->next_elapse_monotonic_or_boottime;
-
- return sd_bus_message_append(reply, "t", x);
-}
-
-const sd_bus_vtable bus_timer_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Unit", "s", property_get_unit, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TimersMonotonic", "a(stt)", property_get_monotonic_timers, 0, SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- SD_BUS_PROPERTY("TimersCalendar", "a(sst)", property_get_calendar_timers, 0, SD_BUS_VTABLE_PROPERTY_EMITS_INVALIDATION),
- SD_BUS_PROPERTY("NextElapseUSecRealtime", "t", bus_property_get_usec, offsetof(Timer, next_elapse_realtime), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("NextElapseUSecMonotonic", "t", property_get_next_elapse_monotonic, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("LastTriggerUSec", offsetof(Timer, last_trigger), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Result", "s", property_get_result, offsetof(Timer, result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("AccuracyUSec", "t", bus_property_get_usec, offsetof(Timer, accuracy_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RandomizedDelayUSec", "t", bus_property_get_usec, offsetof(Timer, random_usec), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Persistent", "b", bus_property_get_bool, offsetof(Timer, persistent), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("WakeSystem", "b", bus_property_get_bool, offsetof(Timer, wake_system), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RemainAfterElapse", "b", bus_property_get_bool, offsetof(Timer, remain_after_elapse), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_VTABLE_END
-};
-
-static int bus_timer_set_transient_property(
- Timer *t,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(t);
- assert(name);
- assert(message);
-
- if (STR_IN_SET(name,
- "OnActiveSec",
- "OnBootSec",
- "OnStartupSec",
- "OnUnitActiveSec",
- "OnUnitInactiveSec")) {
-
- TimerValue *v;
- TimerBase b = _TIMER_BASE_INVALID;
- usec_t u = 0;
-
- b = timer_base_from_string(name);
- if (b < 0)
- return -EINVAL;
-
- r = sd_bus_message_read(message, "t", &u);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- char time[FORMAT_TIMESPAN_MAX];
-
- unit_write_drop_in_private_format(UNIT(t), mode, name, "%s=%s", name, format_timespan(time, sizeof(time), u, USEC_PER_MSEC));
-
- v = new0(TimerValue, 1);
- if (!v)
- return -ENOMEM;
-
- v->base = b;
- v->value = u;
-
- LIST_PREPEND(value, t->values, v);
- }
-
- return 1;
-
- } else if (streq(name, "OnCalendar")) {
-
- TimerValue *v;
- CalendarSpec *c = NULL;
- const char *str;
-
- r = sd_bus_message_read(message, "s", &str);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- r = calendar_spec_from_string(str, &c);
- if (r < 0)
- return r;
-
- unit_write_drop_in_private_format(UNIT(t), mode, name, "%s=%s", name, str);
-
- v = new0(TimerValue, 1);
- if (!v) {
- calendar_spec_free(c);
- return -ENOMEM;
- }
-
- v->base = TIMER_CALENDAR;
- v->calendar_spec = c;
-
- LIST_PREPEND(value, t->values, v);
- }
-
- return 1;
-
- } else if (STR_IN_SET(name, "AccuracyUSec", "AccuracySec")) {
- usec_t u = 0;
-
- if (streq(name, "AccuracySec"))
- log_notice("Client is using obsolete AccuracySec= transient property, please use AccuracyUSec= instead.");
-
- r = sd_bus_message_read(message, "t", &u);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- t->accuracy_usec = u;
- unit_write_drop_in_private_format(UNIT(t), mode, name, "AccuracySec=" USEC_FMT "us", u);
- }
-
- return 1;
-
- } else if (streq(name, "RandomizedDelayUSec")) {
- usec_t u = 0;
-
- r = sd_bus_message_read(message, "t", &u);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- t->random_usec = u;
- unit_write_drop_in_private_format(UNIT(t), mode, name, "RandomizedDelaySec=" USEC_FMT "us", u);
- }
-
- return 1;
-
- } else if (streq(name, "WakeSystem")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- t->wake_system = b;
- unit_write_drop_in_private_format(UNIT(t), mode, name, "%s=%s", name, yes_no(b));
- }
-
- return 1;
-
- } else if (streq(name, "RemainAfterElapse")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- t->remain_after_elapse = b;
- unit_write_drop_in_private_format(UNIT(t), mode, name, "%s=%s", name, yes_no(b));
- }
-
- return 1;
- }
-
- return 0;
-}
-
-int bus_timer_set_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- Timer *t = TIMER(u);
- int r;
-
- assert(t);
- assert(name);
- assert(message);
-
- if (u->transient && u->load_state == UNIT_STUB) {
- r = bus_timer_set_transient_property(t, name, message, mode, error);
- if (r != 0)
- return r;
- }
-
- return 0;
-}
diff --git a/src/core/dbus-timer.h b/src/core/dbus-timer.h
deleted file mode 100644
index 39053dc4a2..0000000000
--- a/src/core/dbus-timer.h
+++ /dev/null
@@ -1,28 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_timer_vtable[];
-
-int bus_timer_set_property(Unit *u, const char *name, sd_bus_message *i, UnitSetPropertiesMode mode, sd_bus_error *error);
diff --git a/src/core/dbus-unit.c b/src/core/dbus-unit.c
deleted file mode 100644
index 69e249c844..0000000000
--- a/src/core/dbus-unit.c
+++ /dev/null
@@ -1,1576 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "alloc-util.h"
-#include "bus-common-errors.h"
-#include "cgroup-util.h"
-#include "dbus-unit.h"
-#include "dbus.h"
-#include "fd-util.h"
-#include "locale-util.h"
-#include "log.h"
-#include "process-util.h"
-#include "selinux-access.h"
-#include "signal-util.h"
-#include "special.h"
-#include "string-util.h"
-#include "strv.h"
-#include "user-util.h"
-
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_load_state, unit_load_state, UnitLoadState);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_job_mode, job_mode, JobMode);
-static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_emergency_action, emergency_action, EmergencyAction);
-
-static int property_get_names(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
- Iterator i;
- const char *t;
- int r;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- r = sd_bus_message_open_container(reply, 'a', "s");
- if (r < 0)
- return r;
-
- SET_FOREACH(t, u->names, i) {
- r = sd_bus_message_append(reply, "s", t);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_following(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata, *f;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- f = unit_following(u);
- return sd_bus_message_append(reply, "s", f ? f->id : "");
-}
-
-static int property_get_dependencies(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Set *s = *(Set**) userdata;
- Iterator j;
- Unit *u;
- int r;
-
- assert(bus);
- assert(reply);
-
- r = sd_bus_message_open_container(reply, 'a', "s");
- if (r < 0)
- return r;
-
- SET_FOREACH(u, s, j) {
- r = sd_bus_message_append(reply, "s", u->id);
- if (r < 0)
- return r;
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_obsolete_dependencies(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- assert(bus);
- assert(reply);
-
- /* For dependency types we don't support anymore always return an empty array */
- return sd_bus_message_append(reply, "as", 0);
-}
-
-static int property_get_description(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "s", unit_description(u));
-}
-
-static int property_get_active_state(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "s", unit_active_state_to_string(unit_active_state(u)));
-}
-
-static int property_get_sub_state(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "s", unit_sub_state_to_string(u));
-}
-
-static int property_get_unit_file_preset(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- r = unit_get_unit_file_preset(u);
-
- return sd_bus_message_append(reply, "s",
- r < 0 ? "":
- r > 0 ? "enabled" : "disabled");
-}
-
-static int property_get_unit_file_state(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "s", unit_file_state_to_string(unit_get_unit_file_state(u)));
-}
-
-static int property_get_can_start(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "b", unit_can_start(u) && !u->refuse_manual_start);
-}
-
-static int property_get_can_stop(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "b", unit_can_stop(u) && !u->refuse_manual_stop);
-}
-
-static int property_get_can_reload(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "b", unit_can_reload(u));
-}
-
-static int property_get_can_isolate(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "b", unit_can_isolate(u) && !u->refuse_manual_start);
-}
-
-static int property_get_job(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- _cleanup_free_ char *p = NULL;
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- if (!u->job)
- return sd_bus_message_append(reply, "(uo)", 0, "/");
-
- p = job_dbus_path(u->job);
- if (!p)
- return -ENOMEM;
-
- return sd_bus_message_append(reply, "(uo)", u->job->id, p);
-}
-
-static int property_get_need_daemon_reload(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "b", unit_need_daemon_reload(u));
-}
-
-static int property_get_conditions(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- const char *(*to_string)(ConditionType type) = NULL;
- Condition **list = userdata, *c;
- int r;
-
- assert(bus);
- assert(reply);
- assert(list);
-
- to_string = streq(property, "Asserts") ? assert_type_to_string : condition_type_to_string;
-
- r = sd_bus_message_open_container(reply, 'a', "(sbbsi)");
- if (r < 0)
- return r;
-
- LIST_FOREACH(conditions, c, *list) {
- int tristate;
-
- tristate =
- c->result == CONDITION_UNTESTED ? 0 :
- c->result == CONDITION_SUCCEEDED ? 1 : -1;
-
- r = sd_bus_message_append(reply, "(sbbsi)",
- to_string(c->type),
- c->trigger, c->negate,
- c->parameter, tristate);
- if (r < 0)
- return r;
-
- }
-
- return sd_bus_message_close_container(reply);
-}
-
-static int property_get_load_error(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- _cleanup_(sd_bus_error_free) sd_bus_error e = SD_BUS_ERROR_NULL;
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- if (u->load_error != 0)
- sd_bus_error_set_errno(&e, u->load_error);
-
- return sd_bus_message_append(reply, "(ss)", e.name, e.message);
-}
-
-static int bus_verify_manage_units_async_full(
- Unit *u,
- const char *verb,
- int capability,
- const char *polkit_message,
- bool interactive,
- sd_bus_message *call,
- sd_bus_error *error) {
-
- const char *details[9] = {
- "unit", u->id,
- "verb", verb,
- };
-
- if (polkit_message) {
- details[4] = "polkit.message";
- details[5] = polkit_message;
- details[6] = "polkit.gettext_domain";
- details[7] = GETTEXT_PACKAGE;
- }
-
- return bus_verify_polkit_async(
- call,
- capability,
- "org.freedesktop.systemd1.manage-units",
- details,
- interactive,
- UID_INVALID,
- &u->manager->polkit_registry,
- error);
-}
-
-int bus_unit_method_start_generic(
- sd_bus_message *message,
- Unit *u,
- JobType job_type,
- bool reload_if_possible,
- sd_bus_error *error) {
-
- const char *smode;
- JobMode mode;
- _cleanup_free_ char *verb = NULL;
- static const char *const polkit_message_for_job[_JOB_TYPE_MAX] = {
- [JOB_START] = N_("Authentication is required to start '$(unit)'."),
- [JOB_STOP] = N_("Authentication is required to stop '$(unit)'."),
- [JOB_RELOAD] = N_("Authentication is required to reload '$(unit)'."),
- [JOB_RESTART] = N_("Authentication is required to restart '$(unit)'."),
- [JOB_TRY_RESTART] = N_("Authentication is required to restart '$(unit)'."),
- };
- int r;
-
- assert(message);
- assert(u);
- assert(job_type >= 0 && job_type < _JOB_TYPE_MAX);
-
- r = mac_selinux_unit_access_check(
- u, message,
- job_type_to_access_method(job_type),
- error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "s", &smode);
- if (r < 0)
- return r;
-
- mode = job_mode_from_string(smode);
- if (mode < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Job mode %s invalid", smode);
-
- if (reload_if_possible)
- verb = strjoin("reload-or-", job_type_to_string(job_type), NULL);
- else
- verb = strdup(job_type_to_string(job_type));
- if (!verb)
- return -ENOMEM;
-
- r = bus_verify_manage_units_async_full(
- u,
- verb,
- CAP_SYS_ADMIN,
- job_type < _JOB_TYPE_MAX ? polkit_message_for_job[job_type] : NULL,
- true,
- message,
- error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- return bus_unit_queue_job(message, u, job_type, mode, reload_if_possible, error);
-}
-
-static int method_start(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_START, false, error);
-}
-
-static int method_stop(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_STOP, false, error);
-}
-
-static int method_reload(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_RELOAD, false, error);
-}
-
-static int method_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_RESTART, false, error);
-}
-
-static int method_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, false, error);
-}
-
-static int method_reload_or_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_RESTART, true, error);
-}
-
-static int method_reload_or_try_restart(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- return bus_unit_method_start_generic(message, userdata, JOB_TRY_RESTART, true, error);
-}
-
-int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Unit *u = userdata;
- const char *swho;
- int32_t signo;
- KillWho who;
- int r;
-
- assert(message);
- assert(u);
-
- r = mac_selinux_unit_access_check(u, message, "stop", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "si", &swho, &signo);
- if (r < 0)
- return r;
-
- if (isempty(swho))
- who = KILL_ALL;
- else {
- who = kill_who_from_string(swho);
- if (who < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid who argument %s", swho);
- }
-
- if (!SIGNAL_VALID(signo))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Signal number out of range.");
-
- r = bus_verify_manage_units_async_full(
- u,
- "kill",
- CAP_KILL,
- N_("Authentication is required to kill '$(unit)'."),
- true,
- message,
- error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = unit_kill(u, who, signo, error);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Unit *u = userdata;
- int r;
-
- assert(message);
- assert(u);
-
- r = mac_selinux_unit_access_check(u, message, "reload", error);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_units_async_full(
- u,
- "reset-failed",
- CAP_SYS_ADMIN,
- N_("Authentication is required to reset the \"failed\" state of '$(unit)'."),
- true,
- message,
- error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- unit_reset_failed(u);
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Unit *u = userdata;
- int runtime, r;
-
- assert(message);
- assert(u);
-
- r = mac_selinux_unit_access_check(u, message, "start", error);
- if (r < 0)
- return r;
-
- r = sd_bus_message_read(message, "b", &runtime);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_units_async_full(
- u,
- "set-property",
- CAP_SYS_ADMIN,
- N_("Authentication is required to set properties on '$(unit)'."),
- true,
- message,
- error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = bus_unit_set_properties(u, message, runtime ? UNIT_RUNTIME : UNIT_PERSISTENT, true, error);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Unit *u = userdata;
- int r;
-
- assert(message);
- assert(u);
-
- r = mac_selinux_unit_access_check(u, message, "start", error);
- if (r < 0)
- return r;
-
- r = bus_verify_manage_units_async_full(
- u,
- "ref",
- CAP_SYS_ADMIN,
- NULL,
- false,
- message,
- error);
- if (r < 0)
- return r;
- if (r == 0)
- return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */
-
- r = bus_unit_track_add_sender(u, message);
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Unit *u = userdata;
- int r;
-
- assert(message);
- assert(u);
-
- r = bus_unit_track_remove_sender(u, message);
- if (r == -EUNATCH)
- return sd_bus_error_setf(error, BUS_ERROR_NOT_REFERENCED, "Unit has not been referenced yet.");
- if (r < 0)
- return r;
-
- return sd_bus_reply_method_return(message, NULL);
-}
-
-const sd_bus_vtable bus_unit_vtable[] = {
- SD_BUS_VTABLE_START(0),
-
- SD_BUS_PROPERTY("Id", "s", NULL, offsetof(Unit, id), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Names", "as", property_get_names, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Following", "s", property_get_following, 0, 0),
- SD_BUS_PROPERTY("Requires", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUIRES]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Requisite", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUISITE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Wants", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_WANTS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("BindsTo", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_BINDS_TO]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PartOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_PART_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RequiredBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUIRED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RequisiteOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_REQUISITE_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("WantedBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_WANTED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("BoundBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_BOUND_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ConsistsOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_CONSISTS_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Conflicts", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_CONFLICTS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ConflictedBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_CONFLICTED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Before", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_BEFORE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("After", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_AFTER]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("OnFailure", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_ON_FAILURE]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Triggers", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_TRIGGERS]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("TriggeredBy", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_TRIGGERED_BY]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("PropagatesReloadTo", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_PROPAGATES_RELOAD_TO]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ReloadPropagatedFrom", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_RELOAD_PROPAGATED_FROM]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("JoinsNamespaceOf", "as", property_get_dependencies, offsetof(Unit, dependencies[UNIT_JOINS_NAMESPACE_OF]), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RequiresMountsFor", "as", NULL, offsetof(Unit, requires_mounts_for), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Documentation", "as", NULL, offsetof(Unit, documentation), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Description", "s", property_get_description, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("LoadState", "s", property_get_load_state, offsetof(Unit, load_state), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ActiveState", "s", property_get_active_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("SubState", "s", property_get_sub_state, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("FragmentPath", "s", NULL, offsetof(Unit, fragment_path), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("SourcePath", "s", NULL, offsetof(Unit, source_path), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DropInPaths", "as", NULL, offsetof(Unit, dropin_paths), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("UnitFileState", "s", property_get_unit_file_state, 0, 0),
- SD_BUS_PROPERTY("UnitFilePreset", "s", property_get_unit_file_preset, 0, 0),
- BUS_PROPERTY_DUAL_TIMESTAMP("StateChangeTimestamp", offsetof(Unit, state_change_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("InactiveExitTimestamp", offsetof(Unit, inactive_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("ActiveEnterTimestamp", offsetof(Unit, active_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("ActiveExitTimestamp", offsetof(Unit, active_exit_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("InactiveEnterTimestamp", offsetof(Unit, inactive_enter_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("CanStart", "b", property_get_can_start, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CanStop", "b", property_get_can_stop, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CanReload", "b", property_get_can_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("CanIsolate", "b", property_get_can_isolate, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Job", "(uo)", property_get_job, 0, SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("StopWhenUnneeded", "b", bus_property_get_bool, offsetof(Unit, stop_when_unneeded), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RefuseManualStart", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_start), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RefuseManualStop", "b", bus_property_get_bool, offsetof(Unit, refuse_manual_stop), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("AllowIsolate", "b", bus_property_get_bool, offsetof(Unit, allow_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("DefaultDependencies", "b", bus_property_get_bool, offsetof(Unit, default_dependencies), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("OnFailureJobMode", "s", property_get_job_mode, offsetof(Unit, on_failure_job_mode), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("IgnoreOnIsolate", "b", bus_property_get_bool, offsetof(Unit, ignore_on_isolate), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("NeedDaemonReload", "b", property_get_need_daemon_reload, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("JobTimeoutUSec", "t", bus_property_get_usec, offsetof(Unit, job_timeout), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("JobTimeoutAction", "s", property_get_emergency_action, offsetof(Unit, job_timeout_action), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("JobTimeoutRebootArgument", "s", NULL, offsetof(Unit, job_timeout_reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("ConditionResult", "b", bus_property_get_bool, offsetof(Unit, condition_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("AssertResult", "b", bus_property_get_bool, offsetof(Unit, assert_result), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("ConditionTimestamp", offsetof(Unit, condition_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- BUS_PROPERTY_DUAL_TIMESTAMP("AssertTimestamp", offsetof(Unit, assert_timestamp), SD_BUS_VTABLE_PROPERTY_EMITS_CHANGE),
- SD_BUS_PROPERTY("Conditions", "a(sbbsi)", property_get_conditions, offsetof(Unit, conditions), 0),
- SD_BUS_PROPERTY("Asserts", "a(sbbsi)", property_get_conditions, offsetof(Unit, asserts), 0),
- SD_BUS_PROPERTY("LoadError", "(ss)", property_get_load_error, 0, SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Transient", "b", bus_property_get_bool, offsetof(Unit, transient), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("Perpetual", "b", bus_property_get_bool, offsetof(Unit, perpetual), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StartLimitIntervalSec", "t", bus_property_get_usec, offsetof(Unit, start_limit.interval), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StartLimitBurst", "u", bus_property_get_unsigned, offsetof(Unit, start_limit.burst), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("StartLimitAction", "s", property_get_emergency_action, offsetof(Unit, start_limit_action), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("RebootArgument", "s", NULL, offsetof(Unit, reboot_arg), SD_BUS_VTABLE_PROPERTY_CONST),
- SD_BUS_PROPERTY("InvocationID", "ay", bus_property_get_id128, offsetof(Unit, invocation_id), 0),
-
- SD_BUS_METHOD("Start", "s", "o", method_start, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Stop", "s", "o", method_stop, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Reload", "s", "o", method_reload, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Restart", "s", "o", method_restart, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("TryRestart", "s", "o", method_try_restart, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ReloadOrRestart", "s", "o", method_reload_or_restart, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ReloadOrTryRestart", "s", "o", method_reload_or_try_restart, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Kill", "si", NULL, bus_unit_method_kill, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("ResetFailed", NULL, NULL, bus_unit_method_reset_failed, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("SetProperties", "ba(sv)", NULL, bus_unit_method_set_properties, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Ref", NULL, NULL, bus_unit_method_ref, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_METHOD("Unref", NULL, NULL, bus_unit_method_unref, SD_BUS_VTABLE_UNPRIVILEGED),
-
- /* Obsolete properties or obsolete alias names */
- SD_BUS_PROPERTY("RequiresOverridable", "as", property_get_obsolete_dependencies, 0, SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("RequisiteOverridable", "as", property_get_obsolete_dependencies, 0, SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("RequiredByOverridable", "as", property_get_obsolete_dependencies, 0, SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("RequisiteOfOverridable", "as", property_get_obsolete_dependencies, 0, SD_BUS_VTABLE_HIDDEN),
- SD_BUS_PROPERTY("StartLimitInterval", "t", bus_property_get_usec, offsetof(Unit, start_limit.interval), SD_BUS_VTABLE_PROPERTY_CONST|SD_BUS_VTABLE_HIDDEN),
- SD_BUS_VTABLE_END
-};
-
-static int property_get_slice(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- return sd_bus_message_append(reply, "s", unit_slice_name(u));
-}
-
-static int property_get_current_memory(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- uint64_t sz = (uint64_t) -1;
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- r = unit_get_memory_current(u, &sz);
- if (r < 0 && r != -ENODATA)
- log_unit_warning_errno(u, r, "Failed to get memory.usage_in_bytes attribute: %m");
-
- return sd_bus_message_append(reply, "t", sz);
-}
-
-static int property_get_current_tasks(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- uint64_t cn = (uint64_t) -1;
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- r = unit_get_tasks_current(u, &cn);
- if (r < 0 && r != -ENODATA)
- log_unit_warning_errno(u, r, "Failed to get pids.current attribute: %m");
-
- return sd_bus_message_append(reply, "t", cn);
-}
-
-static int property_get_cpu_usage(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- nsec_t ns = (nsec_t) -1;
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- r = unit_get_cpu_usage(u, &ns);
- if (r < 0 && r != -ENODATA)
- log_unit_warning_errno(u, r, "Failed to get cpuacct.usage attribute: %m");
-
- return sd_bus_message_append(reply, "t", ns);
-}
-
-static int property_get_cgroup(
- sd_bus *bus,
- const char *path,
- const char *interface,
- const char *property,
- sd_bus_message *reply,
- void *userdata,
- sd_bus_error *error) {
-
- Unit *u = userdata;
- const char *t;
-
- assert(bus);
- assert(reply);
- assert(u);
-
- /* Three cases: a) u->cgroup_path is NULL, in which case the
- * unit has no control group, which we report as the empty
- * string. b) u->cgroup_path is the empty string, which
- * indicates the root cgroup, which we report as "/". c) all
- * other cases we report as-is. */
-
- if (u->cgroup_path)
- t = isempty(u->cgroup_path) ? "/" : u->cgroup_path;
- else
- t = "";
-
- return sd_bus_message_append(reply, "s", t);
-}
-
-static int append_process(sd_bus_message *reply, const char *p, pid_t pid, Set *pids) {
- _cleanup_free_ char *buf = NULL, *cmdline = NULL;
- int r;
-
- assert(reply);
- assert(pid > 0);
-
- r = set_put(pids, PID_TO_PTR(pid));
- if (r == -EEXIST || r == 0)
- return 0;
- if (r < 0)
- return r;
-
- if (!p) {
- r = cg_pid_get_path(SYSTEMD_CGROUP_CONTROLLER, pid, &buf);
- if (r == -ESRCH)
- return 0;
- if (r < 0)
- return r;
-
- p = buf;
- }
-
- (void) get_process_cmdline(pid, 0, true, &cmdline);
-
- return sd_bus_message_append(reply,
- "(sus)",
- p,
- (uint32_t) pid,
- cmdline);
-}
-
-static int append_cgroup(sd_bus_message *reply, const char *p, Set *pids) {
- _cleanup_closedir_ DIR *d = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- int r;
-
- assert(reply);
- assert(p);
-
- r = cg_enumerate_processes(SYSTEMD_CGROUP_CONTROLLER, p, &f);
- if (r == ENOENT)
- return 0;
- if (r < 0)
- return r;
-
- for (;;) {
- pid_t pid;
-
- r = cg_read_pid(f, &pid);
- if (r < 0)
- return r;
- if (r == 0)
- break;
-
- if (is_kernel_thread(pid) > 0)
- continue;
-
- r = append_process(reply, p, pid, pids);
- if (r < 0)
- return r;
- }
-
- r = cg_enumerate_subgroups(SYSTEMD_CGROUP_CONTROLLER, p, &d);
- if (r == -ENOENT)
- return 0;
- if (r < 0)
- return r;
-
- for (;;) {
- _cleanup_free_ char *g = NULL, *j = NULL;
-
- r = cg_read_subgroup(d, &g);
- if (r < 0)
- return r;
- if (r == 0)
- break;
-
- j = strjoin(p, "/", g, NULL);
- if (!j)
- return -ENOMEM;
-
- r = append_cgroup(reply, j, pids);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- _cleanup_(set_freep) Set *pids = NULL;
- Unit *u = userdata;
- pid_t pid;
- int r;
-
- assert(message);
-
- pids = set_new(NULL);
- if (!pids)
- return -ENOMEM;
-
- r = sd_bus_message_new_method_return(message, &reply);
- if (r < 0)
- return r;
-
- r = sd_bus_message_open_container(reply, 'a', "(sus)");
- if (r < 0)
- return r;
-
- if (u->cgroup_path) {
- r = append_cgroup(reply, u->cgroup_path, pids);
- if (r < 0)
- return r;
- }
-
- /* The main and control pids might live outside of the cgroup, hence fetch them separately */
- pid = unit_main_pid(u);
- if (pid > 0) {
- r = append_process(reply, NULL, pid, pids);
- if (r < 0)
- return r;
- }
-
- pid = unit_control_pid(u);
- if (pid > 0) {
- r = append_process(reply, NULL, pid, pids);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_message_close_container(reply);
- if (r < 0)
- return r;
-
- return sd_bus_send(NULL, reply, NULL);
-}
-
-const sd_bus_vtable bus_unit_cgroup_vtable[] = {
- SD_BUS_VTABLE_START(0),
- SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0),
- SD_BUS_PROPERTY("ControlGroup", "s", property_get_cgroup, 0, 0),
- SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0),
- SD_BUS_PROPERTY("CPUUsageNSec", "t", property_get_cpu_usage, 0, 0),
- SD_BUS_PROPERTY("TasksCurrent", "t", property_get_current_tasks, 0, 0),
- SD_BUS_METHOD("GetProcesses", NULL, "a(sus)", bus_unit_method_get_processes, SD_BUS_VTABLE_UNPRIVILEGED),
- SD_BUS_VTABLE_END
-};
-
-static int send_new_signal(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
- _cleanup_free_ char *p = NULL;
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(u);
-
- p = unit_dbus_path(u);
- if (!p)
- return -ENOMEM;
-
- r = sd_bus_message_new_signal(
- bus,
- &m,
- "/org/freedesktop/systemd1",
- "org.freedesktop.systemd1.Manager",
- "UnitNew");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(m, "so", u->id, p);
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, m, NULL);
-}
-
-static int send_changed_signal(sd_bus *bus, void *userdata) {
- _cleanup_free_ char *p = NULL;
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(u);
-
- p = unit_dbus_path(u);
- if (!p)
- return -ENOMEM;
-
- /* Send a properties changed signal. First for the specific
- * type, then for the generic unit. The clients may rely on
- * this order to get atomic behavior if needed. */
-
- r = sd_bus_emit_properties_changed_strv(
- bus, p,
- unit_dbus_interface_from_type(u->type),
- NULL);
- if (r < 0)
- return r;
-
- return sd_bus_emit_properties_changed_strv(
- bus, p,
- "org.freedesktop.systemd1.Unit",
- NULL);
-}
-
-void bus_unit_send_change_signal(Unit *u) {
- int r;
- assert(u);
-
- if (u->in_dbus_queue) {
- LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
- u->in_dbus_queue = false;
- }
-
- if (!u->id)
- return;
-
- r = bus_foreach_bus(u->manager, NULL, u->sent_dbus_new_signal ? send_changed_signal : send_new_signal, u);
- if (r < 0)
- log_unit_debug_errno(u, r, "Failed to send unit change signal for %s: %m", u->id);
-
- u->sent_dbus_new_signal = true;
-}
-
-static int send_removed_signal(sd_bus *bus, void *userdata) {
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
- _cleanup_free_ char *p = NULL;
- Unit *u = userdata;
- int r;
-
- assert(bus);
- assert(u);
-
- p = unit_dbus_path(u);
- if (!p)
- return -ENOMEM;
-
- r = sd_bus_message_new_signal(
- bus,
- &m,
- "/org/freedesktop/systemd1",
- "org.freedesktop.systemd1.Manager",
- "UnitRemoved");
- if (r < 0)
- return r;
-
- r = sd_bus_message_append(m, "so", u->id, p);
- if (r < 0)
- return r;
-
- return sd_bus_send(bus, m, NULL);
-}
-
-void bus_unit_send_removed_signal(Unit *u) {
- int r;
- assert(u);
-
- if (!u->sent_dbus_new_signal || u->in_dbus_queue)
- bus_unit_send_change_signal(u);
-
- if (!u->id)
- return;
-
- r = bus_foreach_bus(u->manager, NULL, send_removed_signal, u);
- if (r < 0)
- log_unit_debug_errno(u, r, "Failed to send unit remove signal for %s: %m", u->id);
-}
-
-int bus_unit_queue_job(
- sd_bus_message *message,
- Unit *u,
- JobType type,
- JobMode mode,
- bool reload_if_possible,
- sd_bus_error *error) {
-
- _cleanup_free_ char *path = NULL;
- Job *j;
- int r;
-
- assert(message);
- assert(u);
- assert(type >= 0 && type < _JOB_TYPE_MAX);
- assert(mode >= 0 && mode < _JOB_MODE_MAX);
-
- r = mac_selinux_unit_access_check(
- u, message,
- job_type_to_access_method(type),
- error);
- if (r < 0)
- return r;
-
- if (reload_if_possible && unit_can_reload(u)) {
- if (type == JOB_RESTART)
- type = JOB_RELOAD_OR_START;
- else if (type == JOB_TRY_RESTART)
- type = JOB_TRY_RELOAD;
- }
-
- if (type == JOB_STOP &&
- (u->load_state == UNIT_NOT_FOUND || u->load_state == UNIT_ERROR) &&
- unit_active_state(u) == UNIT_INACTIVE)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not loaded.", u->id);
-
- if ((type == JOB_START && u->refuse_manual_start) ||
- (type == JOB_STOP && u->refuse_manual_stop) ||
- ((type == JOB_RESTART || type == JOB_TRY_RESTART) && (u->refuse_manual_start || u->refuse_manual_stop)) ||
- (type == JOB_RELOAD_OR_START && job_type_collapse(type, u) == JOB_START && u->refuse_manual_start))
- return sd_bus_error_setf(error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, unit %s may be requested by dependency only.", u->id);
-
- r = manager_add_job(u->manager, type, u, mode, error, &j);
- if (r < 0)
- return r;
-
- if (sd_bus_message_get_bus(message) == u->manager->api_bus) {
- if (!j->clients) {
- r = sd_bus_track_new(sd_bus_message_get_bus(message), &j->clients, NULL, NULL);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_track_add_sender(j->clients, message);
- if (r < 0)
- return r;
- }
-
- path = job_dbus_path(j);
- if (!path)
- return -ENOMEM;
-
- return sd_bus_reply_method_return(message, "o", path);
-}
-
-static int bus_unit_set_transient_property(
- Unit *u,
- const char *name,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- sd_bus_error *error) {
-
- int r;
-
- assert(u);
- assert(name);
- assert(message);
-
- if (streq(name, "Description")) {
- const char *d;
-
- r = sd_bus_message_read(message, "s", &d);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- r = unit_set_description(u, d);
- if (r < 0)
- return r;
-
- unit_write_drop_in_format(u, mode, name, "[Unit]\nDescription=%s", d);
- }
-
- return 1;
-
- } else if (streq(name, "DefaultDependencies")) {
- int b;
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK) {
- u->default_dependencies = b;
- unit_write_drop_in_format(u, mode, name, "[Unit]\nDefaultDependencies=%s", yes_no(b));
- }
-
- return 1;
-
- } else if (streq(name, "Slice")) {
- Unit *slice;
- const char *s;
-
- if (!UNIT_HAS_CGROUP_CONTEXT(u))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "The slice property is only available for units with control groups.");
- if (u->type == UNIT_SLICE)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Slice may not be set for slice units.");
- if (unit_has_name(u, SPECIAL_INIT_SCOPE))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Cannot set slice for init.scope");
-
- r = sd_bus_message_read(message, "s", &s);
- if (r < 0)
- return r;
-
- if (!unit_name_is_valid(s, UNIT_NAME_PLAIN))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name '%s'", s);
-
- /* Note that we do not dispatch the load queue here yet, as we don't want our own transient unit to be
- * loaded while we are still setting it up. Or in other words, we use manager_load_unit_prepare()
- * instead of manager_load_unit() on purpose, here. */
- r = manager_load_unit_prepare(u->manager, s, NULL, error, &slice);
- if (r < 0)
- return r;
-
- if (slice->type != UNIT_SLICE)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Unit name '%s' is not a slice", s);
-
- if (mode != UNIT_CHECK) {
- r = unit_set_slice(u, slice);
- if (r < 0)
- return r;
-
- unit_write_drop_in_private_format(u, mode, name, "Slice=%s", s);
- }
-
- return 1;
-
- } else if (STR_IN_SET(name,
- "Requires", "RequiresOverridable",
- "Requisite", "RequisiteOverridable",
- "Wants",
- "BindsTo",
- "Conflicts",
- "Before", "After",
- "OnFailure",
- "PropagatesReloadTo", "ReloadPropagatedFrom",
- "PartOf")) {
-
- UnitDependency d;
- const char *other;
-
- if (streq(name, "RequiresOverridable"))
- d = UNIT_REQUIRES; /* redirect for obsolete unit dependency type */
- else if (streq(name, "RequisiteOverridable"))
- d = UNIT_REQUISITE; /* same here */
- else {
- d = unit_dependency_from_string(name);
- if (d < 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit dependency: %s", name);
- }
-
- r = sd_bus_message_enter_container(message, 'a', "s");
- if (r < 0)
- return r;
-
- while ((r = sd_bus_message_read(message, "s", &other)) > 0) {
- if (!unit_name_is_valid(other, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
- return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid unit name %s", other);
-
- if (mode != UNIT_CHECK) {
- _cleanup_free_ char *label = NULL;
-
- r = unit_add_dependency_by_name(u, d, other, NULL, true);
- if (r < 0)
- return r;
-
- label = strjoin(name, "-", other, NULL);
- if (!label)
- return -ENOMEM;
-
- unit_write_drop_in_format(u, mode, label, "[Unit]\n%s=%s", name, other);
- }
-
- }
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- return 1;
-
- } else if (streq(name, "AddRef")) {
-
- int b;
-
- /* Why is this called "AddRef" rather than just "Ref", or "Reference"? There's already a "Ref()" method
- * on the Unit interface, and it's probably not a good idea to expose a property and a method on the
- * same interface (well, strictly speaking AddRef isn't exposed as full property, we just read it for
- * transient units, but still). And "References" and "ReferencedBy" is already used as unit reference
- * dependency type, hence let's not confuse things with that.
- *
- * Note that we don't acually add the reference to the bus track. We do that only after the setup of
- * the transient unit is complete, so that setting this property multiple times in the same transient
- * unit creation call doesn't count as individual references. */
-
- r = sd_bus_message_read(message, "b", &b);
- if (r < 0)
- return r;
-
- if (mode != UNIT_CHECK)
- u->bus_track_add = b;
-
- return 1;
- }
-
- return 0;
-}
-
-int bus_unit_set_properties(
- Unit *u,
- sd_bus_message *message,
- UnitSetPropertiesMode mode,
- bool commit,
- sd_bus_error *error) {
-
- bool for_real = false;
- unsigned n = 0;
- int r;
-
- assert(u);
- assert(message);
-
- /* We iterate through the array twice. First run we just check
- * if all passed data is valid, second run actually applies
- * it. This is to implement transaction-like behaviour without
- * actually providing full transactions. */
-
- r = sd_bus_message_enter_container(message, 'a', "(sv)");
- if (r < 0)
- return r;
-
- for (;;) {
- const char *name;
-
- r = sd_bus_message_enter_container(message, 'r', "sv");
- if (r < 0)
- return r;
- if (r == 0) {
- if (for_real || mode == UNIT_CHECK)
- break;
-
- /* Reached EOF. Let's try again, and this time for realz... */
- r = sd_bus_message_rewind(message, false);
- if (r < 0)
- return r;
-
- for_real = true;
- continue;
- }
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0)
- return r;
-
- if (!UNIT_VTABLE(u)->bus_set_property)
- return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Objects of this type do not support setting properties.");
-
- r = sd_bus_message_enter_container(message, 'v', NULL);
- if (r < 0)
- return r;
-
- r = UNIT_VTABLE(u)->bus_set_property(u, name, message, for_real ? mode : UNIT_CHECK, error);
- if (r == 0 && u->transient && u->load_state == UNIT_STUB)
- r = bus_unit_set_transient_property(u, name, message, for_real ? mode : UNIT_CHECK, error);
- if (r < 0)
- return r;
- if (r == 0)
- return sd_bus_error_setf(error, SD_BUS_ERROR_PROPERTY_READ_ONLY, "Cannot set property %s, or unknown property.", name);
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- n += for_real;
- }
-
- r = sd_bus_message_exit_container(message);
- if (r < 0)
- return r;
-
- if (commit && n > 0 && UNIT_VTABLE(u)->bus_commit_properties)
- UNIT_VTABLE(u)->bus_commit_properties(u);
-
- return n;
-}
-
-int bus_unit_check_load_state(Unit *u, sd_bus_error *error) {
- assert(u);
-
- if (u->load_state == UNIT_LOADED)
- return 0;
-
- /* Give a better description of the unit error when
- * possible. Note that in the case of UNIT_MASKED, load_error
- * is not set. */
- if (u->load_state == UNIT_MASKED)
- return sd_bus_error_setf(error, BUS_ERROR_UNIT_MASKED, "Unit %s is masked.", u->id);
-
- if (u->load_state == UNIT_NOT_FOUND)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_UNIT, "Unit %s not found.", u->id);
-
- return sd_bus_error_set_errnof(error, u->load_error, "Unit %s is not loaded properly: %m.", u->id);
-}
-
-static int bus_track_handler(sd_bus_track *t, void *userdata) {
- Unit *u = userdata;
-
- assert(t);
- assert(u);
-
- u->bus_track = sd_bus_track_unref(u->bus_track); /* make sure we aren't called again */
-
- unit_add_to_gc_queue(u);
- return 0;
-}
-
-static int allocate_bus_track(Unit *u) {
- int r;
-
- assert(u);
-
- if (u->bus_track)
- return 0;
-
- r = sd_bus_track_new(u->manager->api_bus, &u->bus_track, bus_track_handler, u);
- if (r < 0)
- return r;
-
- r = sd_bus_track_set_recursive(u->bus_track, true);
- if (r < 0) {
- u->bus_track = sd_bus_track_unref(u->bus_track);
- return r;
- }
-
- return 0;
-}
-
-int bus_unit_track_add_name(Unit *u, const char *name) {
- int r;
-
- assert(u);
-
- r = allocate_bus_track(u);
- if (r < 0)
- return r;
-
- return sd_bus_track_add_name(u->bus_track, name);
-}
-
-int bus_unit_track_add_sender(Unit *u, sd_bus_message *m) {
- int r;
-
- assert(u);
-
- r = allocate_bus_track(u);
- if (r < 0)
- return r;
-
- return sd_bus_track_add_sender(u->bus_track, m);
-}
-
-int bus_unit_track_remove_sender(Unit *u, sd_bus_message *m) {
- assert(u);
-
- /* If we haven't allocated the bus track object yet, then there's definitely no reference taken yet, return an
- * error */
- if (!u->bus_track)
- return -EUNATCH;
-
- return sd_bus_track_remove_sender(u->bus_track, m);
-}
diff --git a/src/core/dbus-unit.h b/src/core/dbus-unit.h
deleted file mode 100644
index b280de7a1d..0000000000
--- a/src/core/dbus-unit.h
+++ /dev/null
@@ -1,47 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "unit.h"
-
-extern const sd_bus_vtable bus_unit_vtable[];
-extern const sd_bus_vtable bus_unit_cgroup_vtable[];
-
-void bus_unit_send_change_signal(Unit *u);
-void bus_unit_send_removed_signal(Unit *u);
-
-int bus_unit_method_start_generic(sd_bus_message *message, Unit *u, JobType job_type, bool reload_if_possible, sd_bus_error *error);
-int bus_unit_method_kill(sd_bus_message *message, void *userdata, sd_bus_error *error);
-int bus_unit_method_reset_failed(sd_bus_message *message, void *userdata, sd_bus_error *error);
-
-int bus_unit_set_properties(Unit *u, sd_bus_message *message, UnitSetPropertiesMode mode, bool commit, sd_bus_error *error);
-int bus_unit_method_set_properties(sd_bus_message *message, void *userdata, sd_bus_error *error);
-int bus_unit_method_get_processes(sd_bus_message *message, void *userdata, sd_bus_error *error);
-int bus_unit_method_ref(sd_bus_message *message, void *userdata, sd_bus_error *error);
-int bus_unit_method_unref(sd_bus_message *message, void *userdata, sd_bus_error *error);
-
-int bus_unit_queue_job(sd_bus_message *message, Unit *u, JobType type, JobMode mode, bool reload_if_possible, sd_bus_error *error);
-int bus_unit_check_load_state(Unit *u, sd_bus_error *error);
-
-int bus_unit_track_add_name(Unit *u, const char *name);
-int bus_unit_track_add_sender(Unit *u, sd_bus_message *m);
-int bus_unit_track_remove_sender(Unit *u, sd_bus_message *m);
diff --git a/src/core/dbus.c b/src/core/dbus.c
deleted file mode 100644
index 070974fe66..0000000000
--- a/src/core/dbus.c
+++ /dev/null
@@ -1,1236 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <sys/epoll.h>
-#include <unistd.h>
-
-#include "sd-bus.h"
-
-#include "alloc-util.h"
-#include "bus-common-errors.h"
-#include "bus-error.h"
-#include "bus-internal.h"
-#include "bus-util.h"
-#include "dbus-cgroup.h"
-#include "dbus-execute.h"
-#include "dbus-job.h"
-#include "dbus-kill.h"
-#include "dbus-manager.h"
-#include "dbus-unit.h"
-#include "dbus.h"
-#include "fd-util.h"
-#include "log.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "selinux-access.h"
-#include "special.h"
-#include "string-util.h"
-#include "strv.h"
-#include "strxcpyx.h"
-#include "user-util.h"
-
-#define CONNECTIONS_MAX 4096
-
-static void destroy_bus(Manager *m, sd_bus **bus);
-
-int bus_send_queued_message(Manager *m) {
- int r;
-
- assert(m);
-
- if (!m->queued_message)
- return 0;
-
- /* If we cannot get rid of this message we won't dispatch any
- * D-Bus messages, so that we won't end up wanting to queue
- * another message. */
-
- r = sd_bus_send(NULL, m->queued_message, NULL);
- if (r < 0)
- log_warning_errno(r, "Failed to send queued message: %m");
-
- m->queued_message = sd_bus_message_unref(m->queued_message);
-
- return 0;
-}
-
-int bus_forward_agent_released(Manager *m, const char *path) {
- int r;
-
- assert(m);
- assert(path);
-
- if (!MANAGER_IS_SYSTEM(m))
- return 0;
-
- if (!m->system_bus)
- return 0;
-
- /* If we are running a system instance we forward the agent message on the system bus, so that the user
- * instances get notified about this, too */
-
- r = sd_bus_emit_signal(m->system_bus,
- "/org/freedesktop/systemd1/agent",
- "org.freedesktop.systemd1.Agent",
- "Released",
- "s", path);
- if (r < 0)
- return log_warning_errno(r, "Failed to propagate agent release message: %m");
-
- return 1;
-}
-
-static int signal_agent_released(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- Manager *m = userdata;
- const char *cgroup;
- uid_t sender_uid;
- int r;
-
- assert(message);
- assert(m);
-
- /* only accept org.freedesktop.systemd1.Agent from UID=0 */
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_euid(creds, &sender_uid);
- if (r < 0 || sender_uid != 0)
- return 0;
-
- /* parse 'cgroup-empty' notification */
- r = sd_bus_message_read(message, "s", &cgroup);
- if (r < 0) {
- bus_log_parse_error(r);
- return 0;
- }
-
- manager_notify_cgroup_empty(m, cgroup);
- return 0;
-}
-
-static int signal_disconnected(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- sd_bus *bus;
-
- assert(message);
- assert(m);
- assert_se(bus = sd_bus_message_get_bus(message));
-
- if (bus == m->api_bus)
- destroy_bus(m, &m->api_bus);
- if (bus == m->system_bus)
- destroy_bus(m, &m->system_bus);
- if (set_remove(m->private_buses, bus)) {
- log_debug("Got disconnect on private connection.");
- destroy_bus(m, &bus);
- }
-
- return 0;
-}
-
-static int signal_activation_request(sd_bus_message *message, void *userdata, sd_bus_error *ret_error) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
- Manager *m = userdata;
- const char *name;
- Unit *u;
- int r;
-
- assert(message);
- assert(m);
-
- r = sd_bus_message_read(message, "s", &name);
- if (r < 0) {
- bus_log_parse_error(r);
- return 0;
- }
-
- if (manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SERVICE) ||
- manager_unit_inactive_or_pending(m, SPECIAL_DBUS_SOCKET)) {
- r = sd_bus_error_setf(&error, BUS_ERROR_SHUTTING_DOWN, "Refusing activation, D-Bus is shutting down.");
- goto failed;
- }
-
- r = manager_load_unit(m, name, NULL, &error, &u);
- if (r < 0)
- goto failed;
-
- if (u->refuse_manual_start) {
- r = sd_bus_error_setf(&error, BUS_ERROR_ONLY_BY_DEPENDENCY, "Operation refused, %s may be requested by dependency only.", u->id);
- goto failed;
- }
-
- r = manager_add_job(m, JOB_START, u, JOB_REPLACE, &error, NULL);
- if (r < 0)
- goto failed;
-
- /* Successfully queued, that's it for us */
- return 0;
-
-failed:
- if (!sd_bus_error_is_set(&error))
- sd_bus_error_set_errno(&error, r);
-
- log_debug("D-Bus activation failed for %s: %s", name, bus_error_message(&error, r));
-
- r = sd_bus_message_new_signal(sd_bus_message_get_bus(message), &reply, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Activator", "ActivationFailure");
- if (r < 0) {
- bus_log_create_error(r);
- return 0;
- }
-
- r = sd_bus_message_append(reply, "sss", name, error.name, error.message);
- if (r < 0) {
- bus_log_create_error(r);
- return 0;
- }
-
- r = sd_bus_send_to(NULL, reply, "org.freedesktop.DBus", NULL);
- if (r < 0)
- return log_error_errno(r, "Failed to respond with to bus activation request: %m");
-
- return 0;
-}
-
-#ifdef HAVE_SELINUX
-static int mac_selinux_filter(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- Manager *m = userdata;
- const char *verb, *path;
- Unit *u = NULL;
- Job *j;
- int r;
-
- assert(message);
-
- /* Our own method calls are all protected individually with
- * selinux checks, but the built-in interfaces need to be
- * protected too. */
-
- if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", "Set"))
- verb = "reload";
- else if (sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Introspectable", NULL) ||
- sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Properties", NULL) ||
- sd_bus_message_is_method_call(message, "org.freedesktop.DBus.ObjectManager", NULL) ||
- sd_bus_message_is_method_call(message, "org.freedesktop.DBus.Peer", NULL))
- verb = "status";
- else
- return 0;
-
- path = sd_bus_message_get_path(message);
-
- if (object_path_startswith("/org/freedesktop/systemd1", path)) {
-
- r = mac_selinux_access_check(message, verb, error);
- if (r < 0)
- return r;
-
- return 0;
- }
-
- if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- pid_t pid;
-
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
- if (r < 0)
- return 0;
-
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r < 0)
- return 0;
-
- u = manager_get_unit_by_pid(m, pid);
- } else {
- r = manager_get_job_from_dbus_path(m, path, &j);
- if (r >= 0)
- u = j->unit;
- else
- manager_load_unit_from_dbus_path(m, path, NULL, &u);
- }
-
- if (!u)
- return 0;
-
- r = mac_selinux_unit_access_check(u, message, verb, error);
- if (r < 0)
- return r;
-
- return 0;
-}
-#endif
-
-static int bus_job_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
- Job *j;
- int r;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- r = manager_get_job_from_dbus_path(m, path, &j);
- if (r < 0)
- return 0;
-
- *found = j;
- return 1;
-}
-
-static int find_unit(Manager *m, sd_bus *bus, const char *path, Unit **unit, sd_bus_error *error) {
- Unit *u;
- int r;
-
- assert(m);
- assert(bus);
- assert(path);
-
- if (streq_ptr(path, "/org/freedesktop/systemd1/unit/self")) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- sd_bus_message *message;
- pid_t pid;
-
- message = sd_bus_get_current_message(bus);
- if (!message)
- return 0;
-
- r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_PID, &creds);
- if (r < 0)
- return r;
-
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r < 0)
- return r;
-
- u = manager_get_unit_by_pid(m, pid);
- } else {
- r = manager_load_unit_from_dbus_path(m, path, error, &u);
- if (r < 0)
- return 0;
- }
-
- if (!u)
- return 0;
-
- *unit = u;
- return 1;
-}
-
-static int bus_unit_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- return find_unit(m, bus, path, (Unit**) found, error);
-}
-
-static int bus_unit_interface_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
- Unit *u;
- int r;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- r = find_unit(m, bus, path, &u, error);
- if (r <= 0)
- return r;
-
- if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
- return 0;
-
- *found = u;
- return 1;
-}
-
-static int bus_unit_cgroup_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
- Unit *u;
- int r;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- r = find_unit(m, bus, path, &u, error);
- if (r <= 0)
- return r;
-
- if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
- return 0;
-
- if (!UNIT_HAS_CGROUP_CONTEXT(u))
- return 0;
-
- *found = u;
- return 1;
-}
-
-static int bus_cgroup_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
- CGroupContext *c;
- Unit *u;
- int r;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- r = find_unit(m, bus, path, &u, error);
- if (r <= 0)
- return r;
-
- if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
- return 0;
-
- c = unit_get_cgroup_context(u);
- if (!c)
- return 0;
-
- *found = c;
- return 1;
-}
-
-static int bus_exec_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
- ExecContext *c;
- Unit *u;
- int r;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- r = find_unit(m, bus, path, &u, error);
- if (r <= 0)
- return r;
-
- if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
- return 0;
-
- c = unit_get_exec_context(u);
- if (!c)
- return 0;
-
- *found = c;
- return 1;
-}
-
-static int bus_kill_context_find(sd_bus *bus, const char *path, const char *interface, void *userdata, void **found, sd_bus_error *error) {
- Manager *m = userdata;
- KillContext *c;
- Unit *u;
- int r;
-
- assert(bus);
- assert(path);
- assert(interface);
- assert(found);
- assert(m);
-
- r = find_unit(m, bus, path, &u, error);
- if (r <= 0)
- return r;
-
- if (!streq_ptr(interface, unit_dbus_interface_from_type(u->type)))
- return 0;
-
- c = unit_get_kill_context(u);
- if (!c)
- return 0;
-
- *found = c;
- return 1;
-}
-
-static int bus_job_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
- _cleanup_free_ char **l = NULL;
- Manager *m = userdata;
- unsigned k = 0;
- Iterator i;
- Job *j;
-
- l = new0(char*, hashmap_size(m->jobs)+1);
- if (!l)
- return -ENOMEM;
-
- HASHMAP_FOREACH(j, m->jobs, i) {
- l[k] = job_dbus_path(j);
- if (!l[k])
- return -ENOMEM;
-
- k++;
- }
-
- assert(hashmap_size(m->jobs) == k);
-
- *nodes = l;
- l = NULL;
-
- return k;
-}
-
-static int bus_unit_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
- _cleanup_free_ char **l = NULL;
- Manager *m = userdata;
- unsigned k = 0;
- Iterator i;
- Unit *u;
-
- l = new0(char*, hashmap_size(m->units)+1);
- if (!l)
- return -ENOMEM;
-
- HASHMAP_FOREACH(u, m->units, i) {
- l[k] = unit_dbus_path(u);
- if (!l[k])
- return -ENOMEM;
-
- k++;
- }
-
- *nodes = l;
- l = NULL;
-
- return k;
-}
-
-static int bus_setup_api_vtables(Manager *m, sd_bus *bus) {
- UnitType t;
- int r;
-
- assert(m);
- assert(bus);
-
-#ifdef HAVE_SELINUX
- r = sd_bus_add_filter(bus, NULL, mac_selinux_filter, m);
- if (r < 0)
- return log_error_errno(r, "Failed to add SELinux access filter: %m");
-#endif
-
- r = sd_bus_add_object_vtable(bus, NULL, "/org/freedesktop/systemd1", "org.freedesktop.systemd1.Manager", bus_manager_vtable, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register Manager vtable: %m");
-
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/job", "org.freedesktop.systemd1.Job", bus_job_vtable, bus_job_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register Job vtable: %m");
-
- r = sd_bus_add_node_enumerator(bus, NULL, "/org/freedesktop/systemd1/job", bus_job_enumerate, m);
- if (r < 0)
- return log_error_errno(r, "Failed to add job enumerator: %m");
-
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", "org.freedesktop.systemd1.Unit", bus_unit_vtable, bus_unit_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register Unit vtable: %m");
-
- r = sd_bus_add_node_enumerator(bus, NULL, "/org/freedesktop/systemd1/unit", bus_unit_enumerate, m);
- if (r < 0)
- return log_error_errno(r, "Failed to add job enumerator: %m");
-
- for (t = 0; t < _UNIT_TYPE_MAX; t++) {
- const char *interface;
-
- assert_se(interface = unit_dbus_interface_from_type(t));
-
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, unit_vtable[t]->bus_vtable, bus_unit_interface_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register type specific vtable for %s: %m", interface);
-
- if (unit_vtable[t]->cgroup_context_offset > 0) {
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_unit_cgroup_vtable, bus_unit_cgroup_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register control group unit vtable for %s: %m", interface);
-
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_cgroup_vtable, bus_cgroup_context_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register control group vtable for %s: %m", interface);
- }
-
- if (unit_vtable[t]->exec_context_offset > 0) {
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_exec_vtable, bus_exec_context_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register execute vtable for %s: %m", interface);
- }
-
- if (unit_vtable[t]->kill_context_offset > 0) {
- r = sd_bus_add_fallback_vtable(bus, NULL, "/org/freedesktop/systemd1/unit", interface, bus_kill_vtable, bus_kill_context_find, m);
- if (r < 0)
- return log_error_errno(r, "Failed to register kill vtable for %s: %m", interface);
- }
- }
-
- return 0;
-}
-
-static int bus_setup_disconnected_match(Manager *m, sd_bus *bus) {
- int r;
-
- assert(m);
- assert(bus);
-
- r = sd_bus_add_match(
- bus,
- NULL,
- "sender='org.freedesktop.DBus.Local',"
- "type='signal',"
- "path='/org/freedesktop/DBus/Local',"
- "interface='org.freedesktop.DBus.Local',"
- "member='Disconnected'",
- signal_disconnected, m);
-
- if (r < 0)
- return log_error_errno(r, "Failed to register match for Disconnected message: %m");
-
- return 0;
-}
-
-static int bus_on_connection(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
- _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
- _cleanup_close_ int nfd = -1;
- Manager *m = userdata;
- sd_id128_t id;
- int r;
-
- assert(s);
- assert(m);
-
- nfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
- if (nfd < 0) {
- log_warning_errno(errno, "Failed to accept private connection, ignoring: %m");
- return 0;
- }
-
- if (set_size(m->private_buses) >= CONNECTIONS_MAX) {
- log_warning("Too many concurrent connections, refusing");
- return 0;
- }
-
- r = set_ensure_allocated(&m->private_buses, NULL);
- if (r < 0) {
- log_oom();
- return 0;
- }
-
- r = sd_bus_new(&bus);
- if (r < 0) {
- log_warning_errno(r, "Failed to allocate new private connection bus: %m");
- return 0;
- }
-
- r = sd_bus_set_fd(bus, nfd, nfd);
- if (r < 0) {
- log_warning_errno(r, "Failed to set fd on new connection bus: %m");
- return 0;
- }
-
- nfd = -1;
-
- r = bus_check_peercred(bus);
- if (r < 0) {
- log_warning_errno(r, "Incoming private connection from unprivileged client, refusing: %m");
- return 0;
- }
-
- assert_se(sd_id128_randomize(&id) >= 0);
-
- r = sd_bus_set_server(bus, 1, id);
- if (r < 0) {
- log_warning_errno(r, "Failed to enable server support for new connection bus: %m");
- return 0;
- }
-
- r = sd_bus_negotiate_creds(bus, 1,
- SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
- SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
- SD_BUS_CREDS_SELINUX_CONTEXT);
- if (r < 0) {
- log_warning_errno(r, "Failed to enable credentials for new connection: %m");
- return 0;
- }
-
- r = sd_bus_start(bus);
- if (r < 0) {
- log_warning_errno(r, "Failed to start new connection bus: %m");
- return 0;
- }
-
- r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
- if (r < 0) {
- log_warning_errno(r, "Failed to attach new connection bus to event loop: %m");
- return 0;
- }
-
- r = bus_setup_disconnected_match(m, bus);
- if (r < 0)
- return 0;
-
- r = bus_setup_api_vtables(m, bus);
- if (r < 0) {
- log_warning_errno(r, "Failed to set up API vtables on new connection bus: %m");
- return 0;
- }
-
- r = set_put(m->private_buses, bus);
- if (r < 0) {
- log_warning_errno(r, "Failed to add new connection bus to set: %m");
- return 0;
- }
-
- bus = NULL;
-
- log_debug("Accepted new private connection.");
-
- return 0;
-}
-
-int manager_sync_bus_names(Manager *m, sd_bus *bus) {
- _cleanup_strv_free_ char **names = NULL;
- const char *name;
- Iterator i;
- Unit *u;
- int r;
-
- assert(m);
- assert(bus);
-
- r = sd_bus_list_names(bus, &names, NULL);
- if (r < 0)
- return log_error_errno(r, "Failed to get initial list of names: %m");
-
- /* We have to synchronize the current bus names with the
- * list of active services. To do this, walk the list of
- * all units with bus names. */
- HASHMAP_FOREACH_KEY(u, name, m->watch_bus, i) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- if (!streq_ptr(s->bus_name, name)) {
- log_unit_warning(u, "Bus name has changed from %s → %s, ignoring.", s->bus_name, name);
- continue;
- }
-
- /* Check if a service's bus name is in the list of currently
- * active names */
- if (strv_contains(names, name)) {
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- const char *unique;
-
- /* If it is, determine its current owner */
- r = sd_bus_get_name_creds(bus, name, SD_BUS_CREDS_UNIQUE_NAME, &creds);
- if (r < 0) {
- log_error_errno(r, "Failed to get bus name owner %s: %m", name);
- continue;
- }
-
- r = sd_bus_creds_get_unique_name(creds, &unique);
- if (r < 0) {
- log_error_errno(r, "Failed to get unique name for %s: %m", name);
- continue;
- }
-
- /* Now, let's compare that to the previous bus owner, and
- * if it's still the same, all is fine, so just don't
- * bother the service. Otherwise, the name has apparently
- * changed, so synthesize a name owner changed signal. */
-
- if (!streq_ptr(unique, s->bus_name_owner))
- UNIT_VTABLE(u)->bus_name_owner_change(u, name, s->bus_name_owner, unique);
- } else {
- /* So, the name we're watching is not on the bus.
- * This either means it simply hasn't appeared yet,
- * or it was lost during the daemon reload.
- * Check if the service has a stored name owner,
- * and synthesize a name loss signal in this case. */
-
- if (s->bus_name_owner)
- UNIT_VTABLE(u)->bus_name_owner_change(u, name, s->bus_name_owner, NULL);
- }
- }
-
- return 0;
-}
-
-static int bus_setup_api(Manager *m, sd_bus *bus) {
- Iterator i;
- char *name;
- Unit *u;
- int r;
-
- assert(m);
- assert(bus);
-
- /* Let's make sure we have enough credential bits so that we can make security and selinux decisions */
- r = sd_bus_negotiate_creds(bus, 1,
- SD_BUS_CREDS_PID|SD_BUS_CREDS_UID|
- SD_BUS_CREDS_EUID|SD_BUS_CREDS_EFFECTIVE_CAPS|
- SD_BUS_CREDS_SELINUX_CONTEXT);
- if (r < 0)
- log_warning_errno(r, "Failed to enable credential passing, ignoring: %m");
-
- r = bus_setup_api_vtables(m, bus);
- if (r < 0)
- return r;
-
- HASHMAP_FOREACH_KEY(u, name, m->watch_bus, i) {
- r = unit_install_bus_match(u, bus, name);
- if (r < 0)
- log_error_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
- }
-
- r = sd_bus_add_match(
- bus,
- NULL,
- "type='signal',"
- "sender='org.freedesktop.DBus',"
- "path='/org/freedesktop/DBus',"
- "interface='org.freedesktop.systemd1.Activator',"
- "member='ActivationRequest'",
- signal_activation_request, m);
- if (r < 0)
- log_warning_errno(r, "Failed to subscribe to activation signal: %m");
-
- /* Allow replacing of our name, to ease implementation of
- * reexecution, where we keep the old connection open until
- * after the new connection is set up and the name installed
- * to allow clients to synchronously wait for reexecution to
- * finish */
- r = sd_bus_request_name(bus,"org.freedesktop.systemd1", SD_BUS_NAME_REPLACE_EXISTING|SD_BUS_NAME_ALLOW_REPLACEMENT);
- if (r < 0)
- return log_error_errno(r, "Failed to register name: %m");
-
- r = manager_sync_bus_names(m, bus);
- if (r < 0)
- return r;
-
- log_debug("Successfully connected to API bus.");
- return 0;
-}
-
-static int bus_init_api(Manager *m) {
- _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
- int r;
-
- if (m->api_bus)
- return 0;
-
- /* The API and system bus is the same if we are running in system mode */
- if (MANAGER_IS_SYSTEM(m) && m->system_bus)
- bus = sd_bus_ref(m->system_bus);
- else {
- if (MANAGER_IS_SYSTEM(m))
- r = sd_bus_open_system(&bus);
- else
- r = sd_bus_open_user(&bus);
-
- if (r < 0) {
- log_debug("Failed to connect to API bus, retrying later...");
- return 0;
- }
-
- r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
- if (r < 0) {
- log_error_errno(r, "Failed to attach API bus to event loop: %m");
- return 0;
- }
-
- r = bus_setup_disconnected_match(m, bus);
- if (r < 0)
- return 0;
- }
-
- r = bus_setup_api(m, bus);
- if (r < 0) {
- log_error_errno(r, "Failed to set up API bus: %m");
- return 0;
- }
-
- m->api_bus = bus;
- bus = NULL;
-
- return 0;
-}
-
-static int bus_setup_system(Manager *m, sd_bus *bus) {
- int r;
-
- assert(m);
- assert(bus);
-
- /* if we are a user instance we get the Released message via the system bus */
- if (MANAGER_IS_USER(m)) {
- r = sd_bus_add_match(
- bus,
- NULL,
- "type='signal',"
- "interface='org.freedesktop.systemd1.Agent',"
- "member='Released',"
- "path='/org/freedesktop/systemd1/agent'",
- signal_agent_released, m);
- if (r < 0)
- log_warning_errno(r, "Failed to register Released match on system bus: %m");
- }
-
- log_debug("Successfully connected to system bus.");
- return 0;
-}
-
-static int bus_init_system(Manager *m) {
- _cleanup_(sd_bus_unrefp) sd_bus *bus = NULL;
- int r;
-
- if (m->system_bus)
- return 0;
-
- /* The API and system bus is the same if we are running in system mode */
- if (MANAGER_IS_SYSTEM(m) && m->api_bus) {
- m->system_bus = sd_bus_ref(m->api_bus);
- return 0;
- }
-
- r = sd_bus_open_system(&bus);
- if (r < 0) {
- log_debug("Failed to connect to system bus, retrying later...");
- return 0;
- }
-
- r = bus_setup_disconnected_match(m, bus);
- if (r < 0)
- return 0;
-
- r = sd_bus_attach_event(bus, m->event, SD_EVENT_PRIORITY_NORMAL);
- if (r < 0) {
- log_error_errno(r, "Failed to attach system bus to event loop: %m");
- return 0;
- }
-
- r = bus_setup_system(m, bus);
- if (r < 0) {
- log_error_errno(r, "Failed to set up system bus: %m");
- return 0;
- }
-
- m->system_bus = bus;
- bus = NULL;
-
- return 0;
-}
-
-static int bus_init_private(Manager *m) {
- _cleanup_close_ int fd = -1;
- union sockaddr_union sa = {
- .un.sun_family = AF_UNIX
- };
- sd_event_source *s;
- socklen_t salen;
- int r;
-
- assert(m);
-
- if (m->private_listen_fd >= 0)
- return 0;
-
- if (MANAGER_IS_SYSTEM(m)) {
-
- /* We want the private bus only when running as init */
- if (getpid() != 1)
- return 0;
-
- strcpy(sa.un.sun_path, "/run/systemd/private");
- salen = SOCKADDR_UN_LEN(sa.un);
- } else {
- size_t left = sizeof(sa.un.sun_path);
- char *p = sa.un.sun_path;
- const char *e;
-
- e = secure_getenv("XDG_RUNTIME_DIR");
- if (!e) {
- log_error("Failed to determine XDG_RUNTIME_DIR");
- return -EHOSTDOWN;
- }
-
- left = strpcpy(&p, left, e);
- left = strpcpy(&p, left, "/systemd/private");
-
- salen = sizeof(sa.un) - left;
- }
-
- (void) mkdir_parents_label(sa.un.sun_path, 0755);
- (void) unlink(sa.un.sun_path);
-
- fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (fd < 0)
- return log_error_errno(errno, "Failed to allocate private socket: %m");
-
- r = bind(fd, &sa.sa, salen);
- if (r < 0)
- return log_error_errno(errno, "Failed to bind private socket: %m");
-
- r = listen(fd, SOMAXCONN);
- if (r < 0)
- return log_error_errno(errno, "Failed to make private socket listening: %m");
-
- r = sd_event_add_io(m->event, &s, fd, EPOLLIN, bus_on_connection, m);
- if (r < 0)
- return log_error_errno(r, "Failed to allocate event source: %m");
-
- (void) sd_event_source_set_description(s, "bus-connection");
-
- m->private_listen_fd = fd;
- m->private_listen_event_source = s;
- fd = -1;
-
- log_debug("Successfully created private D-Bus server.");
-
- return 0;
-}
-
-int bus_init(Manager *m, bool try_bus_connect) {
- int r;
-
- if (try_bus_connect) {
- r = bus_init_system(m);
- if (r < 0)
- return r;
-
- r = bus_init_api(m);
- if (r < 0)
- return r;
- }
-
- r = bus_init_private(m);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static void destroy_bus(Manager *m, sd_bus **bus) {
- Iterator i;
- Job *j;
-
- assert(m);
- assert(bus);
-
- if (!*bus)
- return;
-
- /* Get rid of tracked clients on this bus */
- if (m->subscribed && sd_bus_track_get_bus(m->subscribed) == *bus)
- m->subscribed = sd_bus_track_unref(m->subscribed);
-
- HASHMAP_FOREACH(j, m->jobs, i)
- if (j->clients && sd_bus_track_get_bus(j->clients) == *bus)
- j->clients = sd_bus_track_unref(j->clients);
-
- /* Get rid of queued message on this bus */
- if (m->queued_message && sd_bus_message_get_bus(m->queued_message) == *bus)
- m->queued_message = sd_bus_message_unref(m->queued_message);
-
- /* Possibly flush unwritten data, but only if we are
- * unprivileged, since we don't want to sync here */
- if (!MANAGER_IS_SYSTEM(m))
- sd_bus_flush(*bus);
-
- /* And destroy the object */
- sd_bus_close(*bus);
- *bus = sd_bus_unref(*bus);
-}
-
-void bus_done(Manager *m) {
- sd_bus *b;
-
- assert(m);
-
- if (m->api_bus)
- destroy_bus(m, &m->api_bus);
- if (m->system_bus)
- destroy_bus(m, &m->system_bus);
- while ((b = set_steal_first(m->private_buses)))
- destroy_bus(m, &b);
-
- m->private_buses = set_free(m->private_buses);
-
- m->subscribed = sd_bus_track_unref(m->subscribed);
- m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
-
- if (m->private_listen_event_source)
- m->private_listen_event_source = sd_event_source_unref(m->private_listen_event_source);
-
- m->private_listen_fd = safe_close(m->private_listen_fd);
-
- bus_verify_polkit_async_registry_free(m->polkit_registry);
-}
-
-int bus_fdset_add_all(Manager *m, FDSet *fds) {
- Iterator i;
- sd_bus *b;
- int fd;
-
- assert(m);
- assert(fds);
-
- /* When we are about to reexecute we add all D-Bus fds to the
- * set to pass over to the newly executed systemd. They won't
- * be used there however, except thatt they are closed at the
- * very end of deserialization, those making it possible for
- * clients to synchronously wait for systemd to reexec by
- * simply waiting for disconnection */
-
- if (m->api_bus) {
- fd = sd_bus_get_fd(m->api_bus);
- if (fd >= 0) {
- fd = fdset_put_dup(fds, fd);
- if (fd < 0)
- return fd;
- }
- }
-
- SET_FOREACH(b, m->private_buses, i) {
- fd = sd_bus_get_fd(b);
- if (fd >= 0) {
- fd = fdset_put_dup(fds, fd);
- if (fd < 0)
- return fd;
- }
- }
-
- /* We don't offer any APIs on the system bus (well, unless it
- * is the same as the API bus) hence we don't bother with it
- * here */
-
- return 0;
-}
-
-int bus_foreach_bus(
- Manager *m,
- sd_bus_track *subscribed2,
- int (*send_message)(sd_bus *bus, void *userdata),
- void *userdata) {
-
- Iterator i;
- sd_bus *b;
- int r, ret = 0;
-
- /* Send to all direct buses, unconditionally */
- SET_FOREACH(b, m->private_buses, i) {
- r = send_message(b, userdata);
- if (r < 0)
- ret = r;
- }
-
- /* Send to API bus, but only if somebody is subscribed */
- if (sd_bus_track_count(m->subscribed) > 0 ||
- sd_bus_track_count(subscribed2) > 0) {
- r = send_message(m->api_bus, userdata);
- if (r < 0)
- ret = r;
- }
-
- return ret;
-}
-
-void bus_track_serialize(sd_bus_track *t, FILE *f, const char *prefix) {
- const char *n;
-
- assert(f);
- assert(prefix);
-
- for (n = sd_bus_track_first(t); n; n = sd_bus_track_next(t)) {
- int c, j;
-
- c = sd_bus_track_count_name(t, n);
-
- for (j = 0; j < c; j++) {
- fputs(prefix, f);
- fputc('=', f);
- fputs(n, f);
- fputc('\n', f);
- }
- }
-}
-
-int bus_track_coldplug(Manager *m, sd_bus_track **t, bool recursive, char **l) {
- char **i;
- int r = 0;
-
- assert(m);
- assert(t);
-
- if (strv_isempty(l))
- return 0;
-
- if (!m->api_bus)
- return 0;
-
- if (!*t) {
- r = sd_bus_track_new(m->api_bus, t, NULL, NULL);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_track_set_recursive(*t, recursive);
- if (r < 0)
- return r;
-
- r = 0;
- STRV_FOREACH(i, l) {
- int k;
-
- k = sd_bus_track_add_name(*t, *i);
- if (k < 0)
- r = k;
- }
-
- return r;
-}
-
-int bus_verify_manage_units_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-units", NULL, false, UID_INVALID, &m->polkit_registry, error);
-}
-
-int bus_verify_manage_unit_files_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.manage-unit-files", NULL, false, UID_INVALID, &m->polkit_registry, error);
-}
-
-int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.reload-daemon", NULL, false, UID_INVALID, &m->polkit_registry, error);
-}
-
-int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error) {
- return bus_verify_polkit_async(call, CAP_SYS_ADMIN, "org.freedesktop.systemd1.set-environment", NULL, false, UID_INVALID, &m->polkit_registry, error);
-}
diff --git a/src/core/dbus.h b/src/core/dbus.h
deleted file mode 100644
index a092ed9d76..0000000000
--- a/src/core/dbus.h
+++ /dev/null
@@ -1,43 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "manager.h"
-
-int bus_send_queued_message(Manager *m);
-
-int bus_init(Manager *m, bool try_bus_connect);
-void bus_done(Manager *m);
-
-int bus_fdset_add_all(Manager *m, FDSet *fds);
-
-void bus_track_serialize(sd_bus_track *t, FILE *f, const char *prefix);
-int bus_track_coldplug(Manager *m, sd_bus_track **t, bool recursive, char **l);
-
-int manager_sync_bus_names(Manager *m, sd_bus *bus);
-
-int bus_foreach_bus(Manager *m, sd_bus_track *subscribed2, int (*send_message)(sd_bus *bus, void *userdata), void *userdata);
-
-int bus_verify_manage_units_async(Manager *m, sd_bus_message *call, sd_bus_error *error);
-int bus_verify_manage_unit_files_async(Manager *m, sd_bus_message *call, sd_bus_error *error);
-int bus_verify_reload_daemon_async(Manager *m, sd_bus_message *call, sd_bus_error *error);
-int bus_verify_set_environment_async(Manager *m, sd_bus_message *call, sd_bus_error *error);
-
-int bus_forward_agent_released(Manager *m, const char *path);
diff --git a/src/core/device.c b/src/core/device.c
deleted file mode 100644
index 4b9e84aeb6..0000000000
--- a/src/core/device.c
+++ /dev/null
@@ -1,876 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <sys/epoll.h>
-
-#include "libudev.h"
-
-#include "alloc-util.h"
-#include "dbus-device.h"
-#include "device.h"
-#include "log.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "stat-util.h"
-#include "string-util.h"
-#include "swap.h"
-#include "udev-util.h"
-#include "unit-name.h"
-#include "unit.h"
-
-static const UnitActiveState state_translation_table[_DEVICE_STATE_MAX] = {
- [DEVICE_DEAD] = UNIT_INACTIVE,
- [DEVICE_TENTATIVE] = UNIT_ACTIVATING,
- [DEVICE_PLUGGED] = UNIT_ACTIVE,
-};
-
-static int device_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-
-static void device_unset_sysfs(Device *d) {
- Hashmap *devices;
- Device *first;
-
- assert(d);
-
- if (!d->sysfs)
- return;
-
- /* Remove this unit from the chain of devices which share the
- * same sysfs path. */
- devices = UNIT(d)->manager->devices_by_sysfs;
- first = hashmap_get(devices, d->sysfs);
- LIST_REMOVE(same_sysfs, first, d);
-
- if (first)
- hashmap_remove_and_replace(devices, d->sysfs, first->sysfs, first);
- else
- hashmap_remove(devices, d->sysfs);
-
- d->sysfs = mfree(d->sysfs);
-}
-
-static int device_set_sysfs(Device *d, const char *sysfs) {
- Device *first;
- char *copy;
- int r;
-
- assert(d);
-
- if (streq_ptr(d->sysfs, sysfs))
- return 0;
-
- r = hashmap_ensure_allocated(&UNIT(d)->manager->devices_by_sysfs, &string_hash_ops);
- if (r < 0)
- return r;
-
- copy = strdup(sysfs);
- if (!copy)
- return -ENOMEM;
-
- device_unset_sysfs(d);
-
- first = hashmap_get(UNIT(d)->manager->devices_by_sysfs, sysfs);
- LIST_PREPEND(same_sysfs, first, d);
-
- r = hashmap_replace(UNIT(d)->manager->devices_by_sysfs, copy, first);
- if (r < 0) {
- LIST_REMOVE(same_sysfs, first, d);
- free(copy);
- return r;
- }
-
- d->sysfs = copy;
-
- return 0;
-}
-
-static void device_init(Unit *u) {
- Device *d = DEVICE(u);
-
- assert(d);
- assert(UNIT(d)->load_state == UNIT_STUB);
-
- /* In contrast to all other unit types we timeout jobs waiting
- * for devices by default. This is because they otherwise wait
- * indefinitely for plugged in devices, something which cannot
- * happen for the other units since their operations time out
- * anyway. */
- u->job_timeout = u->manager->default_timeout_start_usec;
-
- u->ignore_on_isolate = true;
-}
-
-static void device_done(Unit *u) {
- Device *d = DEVICE(u);
-
- assert(d);
-
- device_unset_sysfs(d);
-}
-
-static void device_set_state(Device *d, DeviceState state) {
- DeviceState old_state;
- assert(d);
-
- old_state = d->state;
- d->state = state;
-
- if (state != old_state)
- log_unit_debug(UNIT(d), "Changed %s -> %s", device_state_to_string(old_state), device_state_to_string(state));
-
- unit_notify(UNIT(d), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int device_coldplug(Unit *u) {
- Device *d = DEVICE(u);
-
- assert(d);
- assert(d->state == DEVICE_DEAD);
-
- if (d->found & DEVICE_FOUND_UDEV)
- /* If udev says the device is around, it's around */
- device_set_state(d, DEVICE_PLUGGED);
- else if (d->found != DEVICE_NOT_FOUND && d->deserialized_state != DEVICE_PLUGGED)
- /* If a device is found in /proc/self/mountinfo or
- * /proc/swaps, and was not yet announced via udev,
- * it's "tentatively" around. */
- device_set_state(d, DEVICE_TENTATIVE);
-
- return 0;
-}
-
-static int device_serialize(Unit *u, FILE *f, FDSet *fds) {
- Device *d = DEVICE(u);
-
- assert(u);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", device_state_to_string(d->state));
-
- return 0;
-}
-
-static int device_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Device *d = DEVICE(u);
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- DeviceState state;
-
- state = device_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- d->deserialized_state = state;
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-static void device_dump(Unit *u, FILE *f, const char *prefix) {
- Device *d = DEVICE(u);
-
- assert(d);
-
- fprintf(f,
- "%sDevice State: %s\n"
- "%sSysfs Path: %s\n",
- prefix, device_state_to_string(d->state),
- prefix, strna(d->sysfs));
-}
-
-_pure_ static UnitActiveState device_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[DEVICE(u)->state];
-}
-
-_pure_ static const char *device_sub_state_to_string(Unit *u) {
- assert(u);
-
- return device_state_to_string(DEVICE(u)->state);
-}
-
-static int device_update_description(Unit *u, struct udev_device *dev, const char *path) {
- const char *model;
- int r;
-
- assert(u);
- assert(dev);
- assert(path);
-
- model = udev_device_get_property_value(dev, "ID_MODEL_FROM_DATABASE");
- if (!model)
- model = udev_device_get_property_value(dev, "ID_MODEL");
-
- if (model) {
- const char *label;
-
- /* Try to concatenate the device model string with a label, if there is one */
- label = udev_device_get_property_value(dev, "ID_FS_LABEL");
- if (!label)
- label = udev_device_get_property_value(dev, "ID_PART_ENTRY_NAME");
- if (!label)
- label = udev_device_get_property_value(dev, "ID_PART_ENTRY_NUMBER");
-
- if (label) {
- _cleanup_free_ char *j;
-
- j = strjoin(model, " ", label, NULL);
- if (j)
- r = unit_set_description(u, j);
- else
- r = -ENOMEM;
- } else
- r = unit_set_description(u, model);
- } else
- r = unit_set_description(u, path);
-
- if (r < 0)
- log_unit_error_errno(u, r, "Failed to set device description: %m");
-
- return r;
-}
-
-static int device_add_udev_wants(Unit *u, struct udev_device *dev) {
- const char *wants;
- const char *word, *state;
- size_t l;
- int r;
- const char *property;
-
- assert(u);
- assert(dev);
-
- property = MANAGER_IS_USER(u->manager) ? "SYSTEMD_USER_WANTS" : "SYSTEMD_WANTS";
- wants = udev_device_get_property_value(dev, property);
- if (!wants)
- return 0;
-
- FOREACH_WORD_QUOTED(word, l, wants, state) {
- _cleanup_free_ char *n = NULL;
- char e[l+1];
-
- memcpy(e, word, l);
- e[l] = 0;
-
- r = unit_name_mangle(e, UNIT_NAME_NOGLOB, &n);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to mangle unit name: %m");
-
- r = unit_add_dependency_by_name(u, UNIT_WANTS, n, NULL, true);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to add wants dependency: %m");
- }
- if (!isempty(state))
- log_unit_warning(u, "Property %s on %s has trailing garbage, ignoring.", property, strna(udev_device_get_syspath(dev)));
-
- return 0;
-}
-
-static int device_setup_unit(Manager *m, struct udev_device *dev, const char *path, bool main) {
- _cleanup_free_ char *e = NULL;
- const char *sysfs = NULL;
- Unit *u = NULL;
- bool delete;
- int r;
-
- assert(m);
- assert(path);
-
- if (dev) {
- sysfs = udev_device_get_syspath(dev);
- if (!sysfs)
- return 0;
- }
-
- r = unit_name_from_path(path, ".device", &e);
- if (r < 0)
- return log_error_errno(r, "Failed to generate unit name from device path: %m");
-
- u = manager_get_unit(m, e);
-
- /* The device unit can still be present even if the device was
- * unplugged: a mount unit can reference it hence preventing
- * the GC to have garbaged it. That's desired since the device
- * unit may have a dependency on the mount unit which was
- * added during the loading of the later. */
- if (dev && u && DEVICE(u)->state == DEVICE_PLUGGED) {
- /* This unit is in plugged state: we're sure it's
- * attached to a device. */
- if (!path_equal(DEVICE(u)->sysfs, sysfs)) {
- log_unit_debug(u, "Dev %s appeared twice with different sysfs paths %s and %s",
- e, DEVICE(u)->sysfs, sysfs);
- return -EEXIST;
- }
- }
-
- if (!u) {
- delete = true;
-
- r = unit_new_for_name(m, sizeof(Device), e, &u);
- if (r < 0)
- goto fail;
-
- unit_add_to_load_queue(u);
- } else
- delete = false;
-
- /* If this was created via some dependency and has not
- * actually been seen yet ->sysfs will not be
- * initialized. Hence initialize it if necessary. */
- if (sysfs) {
- r = device_set_sysfs(DEVICE(u), sysfs);
- if (r < 0)
- goto fail;
-
- (void) device_update_description(u, dev, path);
-
- /* The additional systemd udev properties we only interpret
- * for the main object */
- if (main)
- (void) device_add_udev_wants(u, dev);
- }
-
-
- /* Note that this won't dispatch the load queue, the caller
- * has to do that if needed and appropriate */
-
- unit_add_to_dbus_queue(u);
- return 0;
-
-fail:
- log_unit_warning_errno(u, r, "Failed to set up device unit: %m");
-
- if (delete && u)
- unit_free(u);
-
- return r;
-}
-
-static int device_process_new(Manager *m, struct udev_device *dev) {
- const char *sysfs, *dn, *alias;
- struct udev_list_entry *item = NULL, *first = NULL;
- int r;
-
- assert(m);
-
- sysfs = udev_device_get_syspath(dev);
- if (!sysfs)
- return 0;
-
- /* Add the main unit named after the sysfs path */
- r = device_setup_unit(m, dev, sysfs, true);
- if (r < 0)
- return r;
-
- /* Add an additional unit for the device node */
- dn = udev_device_get_devnode(dev);
- if (dn)
- (void) device_setup_unit(m, dev, dn, false);
-
- /* Add additional units for all symlinks */
- first = udev_device_get_devlinks_list_entry(dev);
- udev_list_entry_foreach(item, first) {
- const char *p;
- struct stat st;
-
- /* Don't bother with the /dev/block links */
- p = udev_list_entry_get_name(item);
-
- if (path_startswith(p, "/dev/block/") ||
- path_startswith(p, "/dev/char/"))
- continue;
-
- /* Verify that the symlink in the FS actually belongs
- * to this device. This is useful to deal with
- * conflicting devices, e.g. when two disks want the
- * same /dev/disk/by-label/xxx link because they have
- * the same label. We want to make sure that the same
- * device that won the symlink wins in systemd, so we
- * check the device node major/minor */
- if (stat(p, &st) >= 0)
- if ((!S_ISBLK(st.st_mode) && !S_ISCHR(st.st_mode)) ||
- st.st_rdev != udev_device_get_devnum(dev))
- continue;
-
- (void) device_setup_unit(m, dev, p, false);
- }
-
- /* Add additional units for all explicitly configured
- * aliases */
- alias = udev_device_get_property_value(dev, "SYSTEMD_ALIAS");
- if (alias) {
- const char *word, *state;
- size_t l;
-
- FOREACH_WORD_QUOTED(word, l, alias, state) {
- char e[l+1];
-
- memcpy(e, word, l);
- e[l] = 0;
-
- if (path_is_absolute(e))
- (void) device_setup_unit(m, dev, e, false);
- else
- log_warning("SYSTEMD_ALIAS for %s is not an absolute path, ignoring: %s", sysfs, e);
- }
- if (!isempty(state))
- log_warning("SYSTEMD_ALIAS for %s has trailing garbage, ignoring.", sysfs);
- }
-
- return 0;
-}
-
-static void device_update_found_one(Device *d, bool add, DeviceFound found, bool now) {
- DeviceFound n, previous;
-
- assert(d);
-
- n = add ? (d->found | found) : (d->found & ~found);
- if (n == d->found)
- return;
-
- previous = d->found;
- d->found = n;
-
- if (!now)
- return;
-
- /* Didn't exist before, but does now? if so, generate a new invocation ID for it */
- if (previous == DEVICE_NOT_FOUND && d->found != DEVICE_NOT_FOUND)
- (void) unit_acquire_invocation_id(UNIT(d));
-
- if (d->found & DEVICE_FOUND_UDEV)
- /* When the device is known to udev we consider it
- * plugged. */
- device_set_state(d, DEVICE_PLUGGED);
- else if (d->found != DEVICE_NOT_FOUND && (previous & DEVICE_FOUND_UDEV) == 0)
- /* If the device has not been seen by udev yet, but is
- * now referenced by the kernel, then we assume the
- * kernel knows it now, and udev might soon too. */
- device_set_state(d, DEVICE_TENTATIVE);
- else
- /* If nobody sees the device, or if the device was
- * previously seen by udev and now is only referenced
- * from the kernel, then we consider the device is
- * gone, the kernel just hasn't noticed it yet. */
- device_set_state(d, DEVICE_DEAD);
-}
-
-static int device_update_found_by_sysfs(Manager *m, const char *sysfs, bool add, DeviceFound found, bool now) {
- Device *d, *l;
-
- assert(m);
- assert(sysfs);
-
- if (found == DEVICE_NOT_FOUND)
- return 0;
-
- l = hashmap_get(m->devices_by_sysfs, sysfs);
- LIST_FOREACH(same_sysfs, d, l)
- device_update_found_one(d, add, found, now);
-
- return 0;
-}
-
-static int device_update_found_by_name(Manager *m, const char *path, bool add, DeviceFound found, bool now) {
- _cleanup_free_ char *e = NULL;
- Unit *u;
- int r;
-
- assert(m);
- assert(path);
-
- if (found == DEVICE_NOT_FOUND)
- return 0;
-
- r = unit_name_from_path(path, ".device", &e);
- if (r < 0)
- return log_error_errno(r, "Failed to generate unit name from device path: %m");
-
- u = manager_get_unit(m, e);
- if (!u)
- return 0;
-
- device_update_found_one(DEVICE(u), add, found, now);
- return 0;
-}
-
-static bool device_is_ready(struct udev_device *dev) {
- const char *ready;
-
- assert(dev);
-
- ready = udev_device_get_property_value(dev, "SYSTEMD_READY");
- if (!ready)
- return true;
-
- return parse_boolean(ready) != 0;
-}
-
-static Unit *device_following(Unit *u) {
- Device *d = DEVICE(u);
- Device *other, *first = NULL;
-
- assert(d);
-
- if (startswith(u->id, "sys-"))
- return NULL;
-
- /* Make everybody follow the unit that's named after the sysfs path */
- for (other = d->same_sysfs_next; other; other = other->same_sysfs_next)
- if (startswith(UNIT(other)->id, "sys-"))
- return UNIT(other);
-
- for (other = d->same_sysfs_prev; other; other = other->same_sysfs_prev) {
- if (startswith(UNIT(other)->id, "sys-"))
- return UNIT(other);
-
- first = other;
- }
-
- return UNIT(first);
-}
-
-static int device_following_set(Unit *u, Set **_set) {
- Device *d = DEVICE(u), *other;
- Set *set;
- int r;
-
- assert(d);
- assert(_set);
-
- if (LIST_JUST_US(same_sysfs, d)) {
- *_set = NULL;
- return 0;
- }
-
- set = set_new(NULL);
- if (!set)
- return -ENOMEM;
-
- LIST_FOREACH_AFTER(same_sysfs, other, d) {
- r = set_put(set, other);
- if (r < 0)
- goto fail;
- }
-
- LIST_FOREACH_BEFORE(same_sysfs, other, d) {
- r = set_put(set, other);
- if (r < 0)
- goto fail;
- }
-
- *_set = set;
- return 1;
-
-fail:
- set_free(set);
- return r;
-}
-
-static void device_shutdown(Manager *m) {
- assert(m);
-
- m->udev_event_source = sd_event_source_unref(m->udev_event_source);
-
- if (m->udev_monitor) {
- udev_monitor_unref(m->udev_monitor);
- m->udev_monitor = NULL;
- }
-
- m->devices_by_sysfs = hashmap_free(m->devices_by_sysfs);
-}
-
-static void device_enumerate(Manager *m) {
- _cleanup_udev_enumerate_unref_ struct udev_enumerate *e = NULL;
- struct udev_list_entry *item = NULL, *first = NULL;
- int r;
-
- assert(m);
-
- if (!m->udev_monitor) {
- m->udev_monitor = udev_monitor_new_from_netlink(m->udev, "udev");
- if (!m->udev_monitor) {
- log_oom();
- goto fail;
- }
-
- /* This will fail if we are unprivileged, but that
- * should not matter much, as user instances won't run
- * during boot. */
- (void) udev_monitor_set_receive_buffer_size(m->udev_monitor, 128*1024*1024);
-
- r = udev_monitor_filter_add_match_tag(m->udev_monitor, "systemd");
- if (r < 0) {
- log_error_errno(r, "Failed to add udev tag match: %m");
- goto fail;
- }
-
- r = udev_monitor_enable_receiving(m->udev_monitor);
- if (r < 0) {
- log_error_errno(r, "Failed to enable udev event reception: %m");
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->udev_event_source, udev_monitor_get_fd(m->udev_monitor), EPOLLIN, device_dispatch_io, m);
- if (r < 0) {
- log_error_errno(r, "Failed to watch udev file descriptor: %m");
- goto fail;
- }
-
- (void) sd_event_source_set_description(m->udev_event_source, "device");
- }
-
- e = udev_enumerate_new(m->udev);
- if (!e) {
- log_oom();
- goto fail;
- }
-
- r = udev_enumerate_add_match_tag(e, "systemd");
- if (r < 0) {
- log_error_errno(r, "Failed to create udev tag enumeration: %m");
- goto fail;
- }
-
- r = udev_enumerate_add_match_is_initialized(e);
- if (r < 0) {
- log_error_errno(r, "Failed to install initialization match into enumeration: %m");
- goto fail;
- }
-
- r = udev_enumerate_scan_devices(e);
- if (r < 0) {
- log_error_errno(r, "Failed to enumerate devices: %m");
- goto fail;
- }
-
- first = udev_enumerate_get_list_entry(e);
- udev_list_entry_foreach(item, first) {
- _cleanup_udev_device_unref_ struct udev_device *dev = NULL;
- const char *sysfs;
-
- sysfs = udev_list_entry_get_name(item);
-
- dev = udev_device_new_from_syspath(m->udev, sysfs);
- if (!dev) {
- log_oom();
- continue;
- }
-
- if (!device_is_ready(dev))
- continue;
-
- (void) device_process_new(m, dev);
-
- device_update_found_by_sysfs(m, sysfs, true, DEVICE_FOUND_UDEV, false);
- }
-
- return;
-
-fail:
- device_shutdown(m);
-}
-
-static int device_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- _cleanup_udev_device_unref_ struct udev_device *dev = NULL;
- Manager *m = userdata;
- const char *action, *sysfs;
- int r;
-
- assert(m);
-
- if (revents != EPOLLIN) {
- static RATELIMIT_DEFINE(limit, 10*USEC_PER_SEC, 5);
-
- if (!ratelimit_test(&limit))
- log_error_errno(errno, "Failed to get udev event: %m");
- if (!(revents & EPOLLIN))
- return 0;
- }
-
- /*
- * libudev might filter-out devices which pass the bloom
- * filter, so getting NULL here is not necessarily an error.
- */
- dev = udev_monitor_receive_device(m->udev_monitor);
- if (!dev)
- return 0;
-
- sysfs = udev_device_get_syspath(dev);
- if (!sysfs) {
- log_error("Failed to get udev sys path.");
- return 0;
- }
-
- action = udev_device_get_action(dev);
- if (!action) {
- log_error("Failed to get udev action string.");
- return 0;
- }
-
- if (streq(action, "remove")) {
- r = swap_process_device_remove(m, dev);
- if (r < 0)
- log_error_errno(r, "Failed to process swap device remove event: %m");
-
- /* If we get notified that a device was removed by
- * udev, then it's completely gone, hence unset all
- * found bits */
- device_update_found_by_sysfs(m, sysfs, false, DEVICE_FOUND_UDEV|DEVICE_FOUND_MOUNT|DEVICE_FOUND_SWAP, true);
-
- } else if (device_is_ready(dev)) {
-
- (void) device_process_new(m, dev);
-
- r = swap_process_device_new(m, dev);
- if (r < 0)
- log_error_errno(r, "Failed to process swap device new event: %m");
-
- manager_dispatch_load_queue(m);
-
- /* The device is found now, set the udev found bit */
- device_update_found_by_sysfs(m, sysfs, true, DEVICE_FOUND_UDEV, true);
-
- } else {
- /* The device is nominally around, but not ready for
- * us. Hence unset the udev bit, but leave the rest
- * around. */
-
- device_update_found_by_sysfs(m, sysfs, false, DEVICE_FOUND_UDEV, true);
- }
-
- return 0;
-}
-
-static bool device_supported(void) {
- static int read_only = -1;
-
- /* If /sys is read-only we don't support device units, and any
- * attempts to start one should fail immediately. */
-
- if (read_only < 0)
- read_only = path_is_read_only_fs("/sys");
-
- return read_only <= 0;
-}
-
-int device_found_node(Manager *m, const char *node, bool add, DeviceFound found, bool now) {
- _cleanup_udev_device_unref_ struct udev_device *dev = NULL;
- struct stat st;
-
- assert(m);
- assert(node);
-
- if (!device_supported())
- return 0;
-
- /* This is called whenever we find a device referenced in
- * /proc/swaps or /proc/self/mounts. Such a device might be
- * mounted/enabled at a time where udev has not finished
- * probing it yet, and we thus haven't learned about it
- * yet. In this case we will set the device unit to
- * "tentative" state. */
-
- if (add) {
- if (!path_startswith(node, "/dev"))
- return 0;
-
- /* We make an extra check here, if the device node
- * actually exists. If it's missing, then this is an
- * indication that device was unplugged but is still
- * referenced in /proc/swaps or
- * /proc/self/mountinfo. Note that this check doesn't
- * really cover all cases where a device might be gone
- * away, since drives that can have a medium inserted
- * will still have a device node even when the medium
- * is not there... */
-
- if (stat(node, &st) >= 0) {
- if (!S_ISBLK(st.st_mode) && !S_ISCHR(st.st_mode))
- return 0;
-
- dev = udev_device_new_from_devnum(m->udev, S_ISBLK(st.st_mode) ? 'b' : 'c', st.st_rdev);
- if (!dev && errno != ENOENT)
- return log_error_errno(errno, "Failed to get udev device from devnum %u:%u: %m", major(st.st_rdev), minor(st.st_rdev));
-
- } else if (errno != ENOENT)
- return log_error_errno(errno, "Failed to stat device node file %s: %m", node);
-
- /* If the device is known in the kernel and newly
- * appeared, then we'll create a device unit for it,
- * under the name referenced in /proc/swaps or
- * /proc/self/mountinfo. */
-
- (void) device_setup_unit(m, dev, node, false);
- }
-
- /* Update the device unit's state, should it exist */
- return device_update_found_by_name(m, node, add, found, now);
-}
-
-const UnitVTable device_vtable = {
- .object_size = sizeof(Device),
- .sections =
- "Unit\0"
- "Device\0"
- "Install\0",
-
- .init = device_init,
- .done = device_done,
- .load = unit_load_fragment_and_dropin_optional,
-
- .coldplug = device_coldplug,
-
- .serialize = device_serialize,
- .deserialize_item = device_deserialize_item,
-
- .dump = device_dump,
-
- .active_state = device_active_state,
- .sub_state_to_string = device_sub_state_to_string,
-
- .bus_vtable = bus_device_vtable,
-
- .following = device_following,
- .following_set = device_following_set,
-
- .enumerate = device_enumerate,
- .shutdown = device_shutdown,
- .supported = device_supported,
-
- .status_message_formats = {
- .starting_stopping = {
- [0] = "Expecting device %s...",
- },
- .finished_start_job = {
- [JOB_DONE] = "Found device %s.",
- [JOB_TIMEOUT] = "Timed out waiting for device %s.",
- },
- },
-};
diff --git a/src/core/device.h b/src/core/device.h
deleted file mode 100644
index 184a1a349b..0000000000
--- a/src/core/device.h
+++ /dev/null
@@ -1,47 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Device Device;
-
-typedef enum DeviceFound {
- DEVICE_NOT_FOUND = 0,
- DEVICE_FOUND_UDEV = 1,
- DEVICE_FOUND_MOUNT = 2,
- DEVICE_FOUND_SWAP = 4,
-} DeviceFound;
-
-struct Device {
- Unit meta;
-
- char *sysfs;
- DeviceFound found;
-
- /* In order to be able to distinguish dependencies on
- different device nodes we might end up creating multiple
- devices for the same sysfs path. We chain them up here. */
- LIST_FIELDS(struct Device, same_sysfs);
-
- DeviceState state, deserialized_state;
-};
-
-extern const UnitVTable device_vtable;
-
-int device_found_node(Manager *m, const char *node, bool add, DeviceFound found, bool now);
diff --git a/src/core/dynamic-user.c b/src/core/dynamic-user.c
deleted file mode 100644
index e1846e1adb..0000000000
--- a/src/core/dynamic-user.c
+++ /dev/null
@@ -1,794 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2016 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <grp.h>
-#include <pwd.h>
-#include <sys/file.h>
-
-#include "dynamic-user.h"
-#include "fd-util.h"
-#include "fs-util.h"
-#include "parse-util.h"
-#include "random-util.h"
-#include "stdio-util.h"
-#include "string-util.h"
-#include "user-util.h"
-#include "fileio.h"
-
-/* Takes a value generated randomly or by hashing and turns it into a UID in the right range */
-#define UID_CLAMP_INTO_RANGE(rnd) (((uid_t) (rnd) % (DYNAMIC_UID_MAX - DYNAMIC_UID_MIN + 1)) + DYNAMIC_UID_MIN)
-
-static DynamicUser* dynamic_user_free(DynamicUser *d) {
- if (!d)
- return NULL;
-
- if (d->manager)
- (void) hashmap_remove(d->manager->dynamic_users, d->name);
-
- safe_close_pair(d->storage_socket);
- return mfree(d);
-}
-
-static int dynamic_user_add(Manager *m, const char *name, int storage_socket[2], DynamicUser **ret) {
- DynamicUser *d = NULL;
- int r;
-
- assert(m);
- assert(name);
- assert(storage_socket);
-
- r = hashmap_ensure_allocated(&m->dynamic_users, &string_hash_ops);
- if (r < 0)
- return r;
-
- d = malloc0(offsetof(DynamicUser, name) + strlen(name) + 1);
- if (!d)
- return -ENOMEM;
-
- strcpy(d->name, name);
-
- d->storage_socket[0] = storage_socket[0];
- d->storage_socket[1] = storage_socket[1];
-
- r = hashmap_put(m->dynamic_users, d->name, d);
- if (r < 0) {
- free(d);
- return r;
- }
-
- d->manager = m;
-
- if (ret)
- *ret = d;
-
- return 0;
-}
-
-int dynamic_user_acquire(Manager *m, const char *name, DynamicUser** ret) {
- _cleanup_close_pair_ int storage_socket[2] = { -1, -1 };
- DynamicUser *d;
- int r;
-
- assert(m);
- assert(name);
-
- /* Return the DynamicUser structure for a specific user name. Note that this won't actually allocate a UID for
- * it, but just prepare the data structure for it. The UID is allocated only on demand, when it's really
- * needed, and in the child process we fork off, since allocation involves NSS checks which are not OK to do
- * from PID 1. To allow the children and PID 1 share information about allocated UIDs we use an anonymous
- * AF_UNIX/SOCK_DGRAM socket (called the "storage socket") that contains at most one datagram with the
- * allocated UID number, plus an fd referencing the lock file for the UID
- * (i.e. /run/systemd/dynamic-uid/$UID). Why involve the socket pair? So that PID 1 and all its children can
- * share the same storage for the UID and lock fd, simply by inheriting the storage socket fds. The socket pair
- * may exist in three different states:
- *
- * a) no datagram stored. This is the initial state. In this case the dynamic user was never realized.
- *
- * b) a datagram containing a UID stored, but no lock fd attached to it. In this case there was already a
- * statically assigned UID by the same name, which we are reusing.
- *
- * c) a datagram containing a UID stored, and a lock fd is attached to it. In this case we allocated a dynamic
- * UID and locked it in the file system, using the lock fd.
- *
- * As PID 1 and various children might access the socket pair simultaneously, and pop the datagram or push it
- * back in any time, we also maintain a lock on the socket pair. Note one peculiarity regarding locking here:
- * the UID lock on disk is protected via a BSD file lock (i.e. an fd-bound lock), so that the lock is kept in
- * place as long as there's a reference to the fd open. The lock on the storage socket pair however is a POSIX
- * file lock (i.e. a process-bound lock), as all users share the same fd of this (after all it is anonymous,
- * nobody else could get any access to it except via our own fd) and we want to synchronize access between all
- * processes that have access to it. */
-
- d = hashmap_get(m->dynamic_users, name);
- if (d) {
- /* We already have a structure for the dynamic user, let's increase the ref count and reuse it */
- d->n_ref++;
- *ret = d;
- return 0;
- }
-
- if (!valid_user_group_name_or_id(name))
- return -EINVAL;
-
- if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, storage_socket) < 0)
- return -errno;
-
- r = dynamic_user_add(m, name, storage_socket, &d);
- if (r < 0)
- return r;
-
- storage_socket[0] = storage_socket[1] = -1;
-
- if (ret) {
- d->n_ref++;
- *ret = d;
- }
-
- return 1;
-}
-
-static int make_uid_symlinks(uid_t uid, const char *name, bool b) {
-
- char path1[strlen("/run/systemd/dynamic-uid/direct:") + DECIMAL_STR_MAX(uid_t) + 1];
- const char *path2;
- int r = 0, k;
-
- /* Add direct additional symlinks for direct lookups of dynamic UIDs and their names by userspace code. The
- * only reason we have this is because dbus-daemon cannot use D-Bus for resolving users and groups (since it
- * would be its own client then). We hence keep these world-readable symlinks in place, so that the
- * unprivileged dbus user can read the mappings when it needs them via these symlinks instead of having to go
- * via the bus. Ideally, we'd use the lock files we keep for this anyway, but we can't since we use BSD locks
- * on them and as those may be taken by any user with read access we can't make them world-readable. */
-
- xsprintf(path1, "/run/systemd/dynamic-uid/direct:" UID_FMT, uid);
- if (unlink(path1) < 0 && errno != ENOENT)
- r = -errno;
-
- if (b && symlink(name, path1) < 0) {
- k = log_warning_errno(errno, "Failed to symlink \"%s\": %m", path1);
- if (r == 0)
- r = k;
- }
-
- path2 = strjoina("/run/systemd/dynamic-uid/direct:", name);
- if (unlink(path2) < 0 && errno != ENOENT) {
- k = -errno;
- if (r == 0)
- r = k;
- }
-
- if (b && symlink(path1 + strlen("/run/systemd/dynamic-uid/direct:"), path2) < 0) {
- k = log_warning_errno(errno, "Failed to symlink \"%s\": %m", path2);
- if (r == 0)
- r = k;
- }
-
- return r;
-}
-
-static int pick_uid(const char *name, uid_t *ret_uid) {
-
- static const uint8_t hash_key[] = {
- 0x37, 0x53, 0x7e, 0x31, 0xcf, 0xce, 0x48, 0xf5,
- 0x8a, 0xbb, 0x39, 0x57, 0x8d, 0xd9, 0xec, 0x59
- };
-
- unsigned n_tries = 100;
- uid_t candidate;
- int r;
-
- /* A static user by this name does not exist yet. Let's find a free ID then, and use that. We start with a UID
- * generated as hash from the user name. */
- candidate = UID_CLAMP_INTO_RANGE(siphash24(name, strlen(name), hash_key));
-
- (void) mkdir("/run/systemd/dynamic-uid", 0755);
-
- for (;;) {
- char lock_path[strlen("/run/systemd/dynamic-uid/") + DECIMAL_STR_MAX(uid_t) + 1];
- _cleanup_close_ int lock_fd = -1;
- ssize_t l;
-
- if (--n_tries <= 0) /* Give up retrying eventually */
- return -EBUSY;
-
- if (!uid_is_dynamic(candidate))
- goto next;
-
- xsprintf(lock_path, "/run/systemd/dynamic-uid/" UID_FMT, candidate);
-
- for (;;) {
- struct stat st;
-
- lock_fd = open(lock_path, O_CREAT|O_RDWR|O_NOFOLLOW|O_CLOEXEC|O_NOCTTY, 0600);
- if (lock_fd < 0)
- return -errno;
-
- r = flock(lock_fd, LOCK_EX|LOCK_NB); /* Try to get a BSD file lock on the UID lock file */
- if (r < 0) {
- if (errno == EBUSY || errno == EAGAIN)
- goto next; /* already in use */
-
- return -errno;
- }
-
- if (fstat(lock_fd, &st) < 0)
- return -errno;
- if (st.st_nlink > 0)
- break;
-
- /* Oh, bummer, we got the lock, but the file was unlinked between the time we opened it and
- * got the lock. Close it, and try again. */
- lock_fd = safe_close(lock_fd);
- }
-
- /* Some superficial check whether this UID/GID might already be taken by some static user */
- if (getpwuid(candidate) || getgrgid((gid_t) candidate)) {
- (void) unlink(lock_path);
- goto next;
- }
-
- /* Let's store the user name in the lock file, so that we can use it for looking up the username for a UID */
- l = pwritev(lock_fd,
- (struct iovec[2]) {
- { .iov_base = (char*) name, .iov_len = strlen(name) },
- { .iov_base = (char[1]) { '\n' }, .iov_len = 1 }
- }, 2, 0);
- if (l < 0) {
- (void) unlink(lock_path);
- return -errno;
- }
-
- (void) ftruncate(lock_fd, l);
- (void) make_uid_symlinks(candidate, name, true); /* also add direct lookup symlinks */
-
- *ret_uid = candidate;
- r = lock_fd;
- lock_fd = -1;
-
- return r;
-
- next:
- /* Pick another random UID, and see if that works for us. */
- random_bytes(&candidate, sizeof(candidate));
- candidate = UID_CLAMP_INTO_RANGE(candidate);
- }
-}
-
-static int dynamic_user_pop(DynamicUser *d, uid_t *ret_uid, int *ret_lock_fd) {
- uid_t uid = UID_INVALID;
- struct iovec iov = {
- .iov_base = &uid,
- .iov_len = sizeof(uid),
- };
- union {
- struct cmsghdr cmsghdr;
- uint8_t buf[CMSG_SPACE(sizeof(int))];
- } control = {};
- struct msghdr mh = {
- .msg_control = &control,
- .msg_controllen = sizeof(control),
- .msg_iov = &iov,
- .msg_iovlen = 1,
- };
- struct cmsghdr *cmsg;
-
- ssize_t k;
- int lock_fd = -1;
-
- assert(d);
- assert(ret_uid);
- assert(ret_lock_fd);
-
- /* Read the UID and lock fd that is stored in the storage AF_UNIX socket. This should be called with the lock
- * on the socket taken. */
-
- k = recvmsg(d->storage_socket[0], &mh, MSG_DONTWAIT|MSG_NOSIGNAL|MSG_CMSG_CLOEXEC);
- if (k < 0)
- return -errno;
-
- cmsg = cmsg_find(&mh, SOL_SOCKET, SCM_RIGHTS, CMSG_LEN(sizeof(int)));
- if (cmsg)
- lock_fd = *(int*) CMSG_DATA(cmsg);
- else
- cmsg_close_all(&mh); /* just in case... */
-
- *ret_uid = uid;
- *ret_lock_fd = lock_fd;
-
- return 0;
-}
-
-static int dynamic_user_push(DynamicUser *d, uid_t uid, int lock_fd) {
- struct iovec iov = {
- .iov_base = &uid,
- .iov_len = sizeof(uid),
- };
- union {
- struct cmsghdr cmsghdr;
- uint8_t buf[CMSG_SPACE(sizeof(int))];
- } control = {};
- struct msghdr mh = {
- .msg_control = &control,
- .msg_controllen = sizeof(control),
- .msg_iov = &iov,
- .msg_iovlen = 1,
- };
- ssize_t k;
-
- assert(d);
-
- /* Store the UID and lock_fd in the storage socket. This should be called with the socket pair lock taken. */
-
- if (lock_fd >= 0) {
- struct cmsghdr *cmsg;
-
- cmsg = CMSG_FIRSTHDR(&mh);
- cmsg->cmsg_level = SOL_SOCKET;
- cmsg->cmsg_type = SCM_RIGHTS;
- cmsg->cmsg_len = CMSG_LEN(sizeof(int));
- memcpy(CMSG_DATA(cmsg), &lock_fd, sizeof(int));
-
- mh.msg_controllen = CMSG_SPACE(sizeof(int));
- } else {
- mh.msg_control = NULL;
- mh.msg_controllen = 0;
- }
-
- k = sendmsg(d->storage_socket[1], &mh, MSG_DONTWAIT|MSG_NOSIGNAL);
- if (k < 0)
- return -errno;
-
- return 0;
-}
-
-static void unlink_uid_lock(int lock_fd, uid_t uid, const char *name) {
- char lock_path[strlen("/run/systemd/dynamic-uid/") + DECIMAL_STR_MAX(uid_t) + 1];
-
- if (lock_fd < 0)
- return;
-
- xsprintf(lock_path, "/run/systemd/dynamic-uid/" UID_FMT, uid);
- (void) unlink(lock_path);
-
- (void) make_uid_symlinks(uid, name, false); /* remove direct lookup symlinks */
-}
-
-int dynamic_user_realize(DynamicUser *d, uid_t *ret) {
-
- _cleanup_close_ int etc_passwd_lock_fd = -1, uid_lock_fd = -1;
- uid_t uid = UID_INVALID;
- int r;
-
- assert(d);
-
- /* Acquire a UID for the user name. This will allocate a UID for the user name if the user doesn't exist
- * yet. If it already exists its existing UID/GID will be reused. */
-
- if (lockf(d->storage_socket[0], F_LOCK, 0) < 0)
- return -errno;
-
- r = dynamic_user_pop(d, &uid, &uid_lock_fd);
- if (r < 0) {
- int new_uid_lock_fd;
- uid_t new_uid;
-
- if (r != -EAGAIN)
- goto finish;
-
- /* OK, nothing stored yet, let's try to find something useful. While we are working on this release the
- * lock however, so that nobody else blocks on our NSS lookups. */
- (void) lockf(d->storage_socket[0], F_ULOCK, 0);
-
- /* Let's see if a proper, static user or group by this name exists. Try to take the lock on
- * /etc/passwd, if that fails with EROFS then /etc is read-only. In that case it's fine if we don't
- * take the lock, given that users can't be added there anyway in this case. */
- etc_passwd_lock_fd = take_etc_passwd_lock(NULL);
- if (etc_passwd_lock_fd < 0 && etc_passwd_lock_fd != -EROFS)
- return etc_passwd_lock_fd;
-
- /* First, let's parse this as numeric UID */
- r = parse_uid(d->name, &uid);
- if (r < 0) {
- struct passwd *p;
- struct group *g;
-
- /* OK, this is not a numeric UID. Let's see if there's a user by this name */
- p = getpwnam(d->name);
- if (p)
- uid = p->pw_uid;
-
- /* Let's see if there's a group by this name */
- g = getgrnam(d->name);
- if (g) {
- /* If the UID/GID of the user/group of the same don't match, refuse operation */
- if (uid != UID_INVALID && uid != (uid_t) g->gr_gid)
- return -EILSEQ;
-
- uid = (uid_t) g->gr_gid;
- }
- }
-
- if (uid == UID_INVALID) {
- /* No static UID assigned yet, excellent. Let's pick a new dynamic one, and lock it. */
-
- uid_lock_fd = pick_uid(d->name, &uid);
- if (uid_lock_fd < 0)
- return uid_lock_fd;
- }
-
- /* So, we found a working UID/lock combination. Let's see if we actually still need it. */
- if (lockf(d->storage_socket[0], F_LOCK, 0) < 0) {
- unlink_uid_lock(uid_lock_fd, uid, d->name);
- return -errno;
- }
-
- r = dynamic_user_pop(d, &new_uid, &new_uid_lock_fd);
- if (r < 0) {
- if (r != -EAGAIN) {
- /* OK, something bad happened, let's get rid of the bits we acquired. */
- unlink_uid_lock(uid_lock_fd, uid, d->name);
- goto finish;
- }
-
- /* Great! Nothing is stored here, still. Store our newly acquired data. */
- } else {
- /* Hmm, so as it appears there's now something stored in the storage socket. Throw away what we
- * acquired, and use what's stored now. */
-
- unlink_uid_lock(uid_lock_fd, uid, d->name);
- safe_close(uid_lock_fd);
-
- uid = new_uid;
- uid_lock_fd = new_uid_lock_fd;
- }
- }
-
- /* If the UID/GID was already allocated dynamically, push the data we popped out back in. If it was already
- * allocated statically, push the UID back too, but do not push the lock fd in. If we allocated the UID
- * dynamically right here, push that in along with the lock fd for it. */
- r = dynamic_user_push(d, uid, uid_lock_fd);
- if (r < 0)
- goto finish;
-
- *ret = uid;
- r = 0;
-
-finish:
- (void) lockf(d->storage_socket[0], F_ULOCK, 0);
- return r;
-}
-
-int dynamic_user_current(DynamicUser *d, uid_t *ret) {
- _cleanup_close_ int lock_fd = -1;
- uid_t uid;
- int r;
-
- assert(d);
- assert(ret);
-
- /* Get the currently assigned UID for the user, if there's any. This simply pops the data from the storage socket, and pushes it back in right-away. */
-
- if (lockf(d->storage_socket[0], F_LOCK, 0) < 0)
- return -errno;
-
- r = dynamic_user_pop(d, &uid, &lock_fd);
- if (r < 0)
- goto finish;
-
- r = dynamic_user_push(d, uid, lock_fd);
- if (r < 0)
- goto finish;
-
- *ret = uid;
- r = 0;
-
-finish:
- (void) lockf(d->storage_socket[0], F_ULOCK, 0);
- return r;
-}
-
-DynamicUser* dynamic_user_ref(DynamicUser *d) {
- if (!d)
- return NULL;
-
- assert(d->n_ref > 0);
- d->n_ref++;
-
- return d;
-}
-
-DynamicUser* dynamic_user_unref(DynamicUser *d) {
- if (!d)
- return NULL;
-
- /* Note that this doesn't actually release any resources itself. If a dynamic user should be fully destroyed
- * and its UID released, use dynamic_user_destroy() instead. NB: the dynamic user table may contain entries
- * with no references, which is commonly the case right before a daemon reload. */
-
- assert(d->n_ref > 0);
- d->n_ref--;
-
- return NULL;
-}
-
-static int dynamic_user_close(DynamicUser *d) {
- _cleanup_close_ int lock_fd = -1;
- uid_t uid;
- int r;
-
- /* Release the user ID, by releasing the lock on it, and emptying the storage socket. After this the user is
- * unrealized again, much like it was after it the DynamicUser object was first allocated. */
-
- if (lockf(d->storage_socket[0], F_LOCK, 0) < 0)
- return -errno;
-
- r = dynamic_user_pop(d, &uid, &lock_fd);
- if (r == -EAGAIN) {
- /* User wasn't realized yet, nothing to do. */
- r = 0;
- goto finish;
- }
- if (r < 0)
- goto finish;
-
- /* This dynamic user was realized and dynamically allocated. In this case, let's remove the lock file. */
- unlink_uid_lock(lock_fd, uid, d->name);
- r = 1;
-
-finish:
- (void) lockf(d->storage_socket[0], F_ULOCK, 0);
- return r;
-}
-
-DynamicUser* dynamic_user_destroy(DynamicUser *d) {
- if (!d)
- return NULL;
-
- /* Drop a reference to a DynamicUser object, and destroy the user completely if this was the last
- * reference. This is called whenever a service is shut down and wants its dynamic UID gone. Note that
- * dynamic_user_unref() is what is called whenever a service is simply freed, for example during a reload
- * cycle, where the dynamic users should not be destroyed, but our datastructures should. */
-
- dynamic_user_unref(d);
-
- if (d->n_ref > 0)
- return NULL;
-
- (void) dynamic_user_close(d);
- return dynamic_user_free(d);
-}
-
-int dynamic_user_serialize(Manager *m, FILE *f, FDSet *fds) {
- DynamicUser *d;
- Iterator i;
-
- assert(m);
- assert(f);
- assert(fds);
-
- /* Dump the dynamic user database into the manager serialization, to deal with daemon reloads. */
-
- HASHMAP_FOREACH(d, m->dynamic_users, i) {
- int copy0, copy1;
-
- copy0 = fdset_put_dup(fds, d->storage_socket[0]);
- if (copy0 < 0)
- return copy0;
-
- copy1 = fdset_put_dup(fds, d->storage_socket[1]);
- if (copy1 < 0)
- return copy1;
-
- fprintf(f, "dynamic-user=%s %i %i\n", d->name, copy0, copy1);
- }
-
- return 0;
-}
-
-void dynamic_user_deserialize_one(Manager *m, const char *value, FDSet *fds) {
- _cleanup_free_ char *name = NULL, *s0 = NULL, *s1 = NULL;
- int r, fd0, fd1;
-
- assert(m);
- assert(value);
- assert(fds);
-
- /* Parse the serialization again, after a daemon reload */
-
- r = extract_many_words(&value, NULL, 0, &name, &s0, &s1, NULL);
- if (r != 3 || !isempty(value)) {
- log_debug("Unable to parse dynamic user line.");
- return;
- }
-
- if (safe_atoi(s0, &fd0) < 0 || !fdset_contains(fds, fd0)) {
- log_debug("Unable to process dynamic user fd specification.");
- return;
- }
-
- if (safe_atoi(s1, &fd1) < 0 || !fdset_contains(fds, fd1)) {
- log_debug("Unable to process dynamic user fd specification.");
- return;
- }
-
- r = dynamic_user_add(m, name, (int[]) { fd0, fd1 }, NULL);
- if (r < 0) {
- log_debug_errno(r, "Failed to add dynamic user: %m");
- return;
- }
-
- (void) fdset_remove(fds, fd0);
- (void) fdset_remove(fds, fd1);
-}
-
-void dynamic_user_vacuum(Manager *m, bool close_user) {
- DynamicUser *d;
- Iterator i;
-
- assert(m);
-
- /* Empty the dynamic user database, optionally cleaning up orphaned dynamic users, i.e. destroy and free users
- * to which no reference exist. This is called after a daemon reload finished, in order to destroy users which
- * might not be referenced anymore. */
-
- HASHMAP_FOREACH(d, m->dynamic_users, i) {
- if (d->n_ref > 0)
- continue;
-
- if (close_user) {
- log_debug("Removing orphaned dynamic user %s", d->name);
- (void) dynamic_user_close(d);
- }
-
- dynamic_user_free(d);
- }
-}
-
-int dynamic_user_lookup_uid(Manager *m, uid_t uid, char **ret) {
- char lock_path[strlen("/run/systemd/dynamic-uid/") + DECIMAL_STR_MAX(uid_t) + 1];
- _cleanup_free_ char *user = NULL;
- uid_t check_uid;
- int r;
-
- assert(m);
- assert(ret);
-
- /* A friendly way to translate a dynamic user's UID into a name. */
- if (!uid_is_dynamic(uid))
- return -ESRCH;
-
- xsprintf(lock_path, "/run/systemd/dynamic-uid/" UID_FMT, uid);
- r = read_one_line_file(lock_path, &user);
- if (r == -ENOENT)
- return -ESRCH;
- if (r < 0)
- return r;
-
- /* The lock file might be stale, hence let's verify the data before we return it */
- r = dynamic_user_lookup_name(m, user, &check_uid);
- if (r < 0)
- return r;
- if (check_uid != uid) /* lock file doesn't match our own idea */
- return -ESRCH;
-
- *ret = user;
- user = NULL;
-
- return 0;
-}
-
-int dynamic_user_lookup_name(Manager *m, const char *name, uid_t *ret) {
- DynamicUser *d;
- int r;
-
- assert(m);
- assert(name);
- assert(ret);
-
- /* A friendly call for translating a dynamic user's name into its UID */
-
- d = hashmap_get(m->dynamic_users, name);
- if (!d)
- return -ESRCH;
-
- r = dynamic_user_current(d, ret);
- if (r == -EAGAIN) /* not realized yet? */
- return -ESRCH;
-
- return r;
-}
-
-int dynamic_creds_acquire(DynamicCreds *creds, Manager *m, const char *user, const char *group) {
- bool acquired = false;
- int r;
-
- assert(creds);
- assert(m);
-
- /* A DynamicUser object encapsulates an allocation of both a UID and a GID for a specific name. However, some
- * services use different user and groups. For cases like that there's DynamicCreds containing a pair of user
- * and group. This call allocates a pair. */
-
- if (!creds->user && user) {
- r = dynamic_user_acquire(m, user, &creds->user);
- if (r < 0)
- return r;
-
- acquired = true;
- }
-
- if (!creds->group) {
-
- if (creds->user && (!group || streq_ptr(user, group)))
- creds->group = dynamic_user_ref(creds->user);
- else {
- r = dynamic_user_acquire(m, group, &creds->group);
- if (r < 0) {
- if (acquired)
- creds->user = dynamic_user_unref(creds->user);
- return r;
- }
- }
- }
-
- return 0;
-}
-
-int dynamic_creds_realize(DynamicCreds *creds, uid_t *uid, gid_t *gid) {
- uid_t u = UID_INVALID;
- gid_t g = GID_INVALID;
- int r;
-
- assert(creds);
- assert(uid);
- assert(gid);
-
- /* Realize both the referenced user and group */
-
- if (creds->user) {
- r = dynamic_user_realize(creds->user, &u);
- if (r < 0)
- return r;
- }
-
- if (creds->group && creds->group != creds->user) {
- r = dynamic_user_realize(creds->group, &g);
- if (r < 0)
- return r;
- } else
- g = u;
-
- *uid = u;
- *gid = g;
-
- return 0;
-}
-
-void dynamic_creds_unref(DynamicCreds *creds) {
- assert(creds);
-
- creds->user = dynamic_user_unref(creds->user);
- creds->group = dynamic_user_unref(creds->group);
-}
-
-void dynamic_creds_destroy(DynamicCreds *creds) {
- assert(creds);
-
- creds->user = dynamic_user_destroy(creds->user);
- creds->group = dynamic_user_destroy(creds->group);
-}
diff --git a/src/core/dynamic-user.h b/src/core/dynamic-user.h
deleted file mode 100644
index 0b8bce1a72..0000000000
--- a/src/core/dynamic-user.h
+++ /dev/null
@@ -1,66 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2016 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct DynamicUser DynamicUser;
-
-typedef struct DynamicCreds {
- /* A combination of a dynamic user and group */
- DynamicUser *user;
- DynamicUser *group;
-} DynamicCreds;
-
-#include "manager.h"
-
-/* Note that this object always allocates a pair of user and group under the same name, even if one of them isn't
- * used. This means, if you want to allocate a group and user pair, and they might have two different names, then you
- * need to allocated two of these objects. DynamicCreds below makes that easy. */
-struct DynamicUser {
- int n_ref;
- Manager *manager;
-
- /* An AF_UNIX socket pair that contains a datagram containing both the numeric ID assigned, as well as a lock
- * file fd locking the user ID we picked. */
- int storage_socket[2];
-
- char name[];
-};
-
-int dynamic_user_acquire(Manager *m, const char *name, DynamicUser **ret);
-
-int dynamic_user_realize(DynamicUser *d, uid_t *ret);
-int dynamic_user_current(DynamicUser *d, uid_t *ret);
-
-DynamicUser* dynamic_user_ref(DynamicUser *d);
-DynamicUser* dynamic_user_unref(DynamicUser *d);
-DynamicUser* dynamic_user_destroy(DynamicUser *d);
-
-int dynamic_user_serialize(Manager *m, FILE *f, FDSet *fds);
-void dynamic_user_deserialize_one(Manager *m, const char *value, FDSet *fds);
-void dynamic_user_vacuum(Manager *m, bool close_user);
-
-int dynamic_user_lookup_uid(Manager *m, uid_t uid, char **ret);
-int dynamic_user_lookup_name(Manager *m, const char *name, uid_t *ret);
-
-int dynamic_creds_acquire(DynamicCreds *creds, Manager *m, const char *user, const char *group);
-int dynamic_creds_realize(DynamicCreds *creds, uid_t *uid, gid_t *gid);
-
-void dynamic_creds_unref(DynamicCreds *creds);
-void dynamic_creds_destroy(DynamicCreds *creds);
diff --git a/src/core/emergency-action.c b/src/core/emergency-action.c
deleted file mode 100644
index 90232bc57a..0000000000
--- a/src/core/emergency-action.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2014 Lennart Poettering
- Copyright 2012 Michael Olbrich
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <sys/reboot.h>
-#include <linux/reboot.h>
-
-#include "bus-error.h"
-#include "bus-util.h"
-#include "emergency-action.h"
-#include "special.h"
-#include "string-table.h"
-#include "terminal-util.h"
-
-static void log_and_status(Manager *m, const char *message, const char *reason) {
- log_warning("%s: %s", message, reason);
- manager_status_printf(m, STATUS_TYPE_EMERGENCY,
- ANSI_HIGHLIGHT_RED " !! " ANSI_NORMAL,
- "%s: %s", message, reason);
-}
-
-int emergency_action(
- Manager *m,
- EmergencyAction action,
- const char *reboot_arg,
- const char *reason) {
-
- assert(m);
- assert(action >= 0);
- assert(action < _EMERGENCY_ACTION_MAX);
-
- if (action == EMERGENCY_ACTION_NONE)
- return -ECANCELED;
-
- if (!MANAGER_IS_SYSTEM(m)) {
- /* Downgrade all options to simply exiting if we run
- * in user mode */
-
- log_warning("Exiting: %s", reason);
- m->exit_code = MANAGER_EXIT;
- return -ECANCELED;
- }
-
- switch (action) {
-
- case EMERGENCY_ACTION_REBOOT:
- log_and_status(m, "Rebooting", reason);
-
- (void) update_reboot_parameter_and_warn(reboot_arg);
- (void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_REBOOT_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL);
-
- break;
-
- case EMERGENCY_ACTION_REBOOT_FORCE:
- log_and_status(m, "Forcibly rebooting", reason);
-
- (void) update_reboot_parameter_and_warn(reboot_arg);
- m->exit_code = MANAGER_REBOOT;
-
- break;
-
- case EMERGENCY_ACTION_REBOOT_IMMEDIATE:
- log_and_status(m, "Rebooting immediately", reason);
-
- sync();
-
- if (!isempty(reboot_arg)) {
- log_info("Rebooting with argument '%s'.", reboot_arg);
- syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, LINUX_REBOOT_CMD_RESTART2, reboot_arg);
- log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m");
- }
-
- log_info("Rebooting.");
- reboot(RB_AUTOBOOT);
- break;
-
- case EMERGENCY_ACTION_POWEROFF:
- log_and_status(m, "Powering off", reason);
- (void) manager_add_job_by_name_and_warn(m, JOB_START, SPECIAL_POWEROFF_TARGET, JOB_REPLACE_IRREVERSIBLY, NULL);
- break;
-
- case EMERGENCY_ACTION_POWEROFF_FORCE:
- log_and_status(m, "Forcibly powering off", reason);
- m->exit_code = MANAGER_POWEROFF;
- break;
-
- case EMERGENCY_ACTION_POWEROFF_IMMEDIATE:
- log_and_status(m, "Powering off immediately", reason);
-
- sync();
-
- log_info("Powering off.");
- reboot(RB_POWER_OFF);
- break;
-
- default:
- assert_not_reached("Unknown emergency action");
- }
-
- return -ECANCELED;
-}
-
-static const char* const emergency_action_table[_EMERGENCY_ACTION_MAX] = {
- [EMERGENCY_ACTION_NONE] = "none",
- [EMERGENCY_ACTION_REBOOT] = "reboot",
- [EMERGENCY_ACTION_REBOOT_FORCE] = "reboot-force",
- [EMERGENCY_ACTION_REBOOT_IMMEDIATE] = "reboot-immediate",
- [EMERGENCY_ACTION_POWEROFF] = "poweroff",
- [EMERGENCY_ACTION_POWEROFF_FORCE] = "poweroff-force",
- [EMERGENCY_ACTION_POWEROFF_IMMEDIATE] = "poweroff-immediate"
-};
-DEFINE_STRING_TABLE_LOOKUP(emergency_action, EmergencyAction);
diff --git a/src/core/emergency-action.h b/src/core/emergency-action.h
deleted file mode 100644
index 8804b59752..0000000000
--- a/src/core/emergency-action.h
+++ /dev/null
@@ -1,41 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2014 Lennart Poettering
- Copyright 2012 Michael Olbrich
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef enum EmergencyAction {
- EMERGENCY_ACTION_NONE,
- EMERGENCY_ACTION_REBOOT,
- EMERGENCY_ACTION_REBOOT_FORCE,
- EMERGENCY_ACTION_REBOOT_IMMEDIATE,
- EMERGENCY_ACTION_POWEROFF,
- EMERGENCY_ACTION_POWEROFF_FORCE,
- EMERGENCY_ACTION_POWEROFF_IMMEDIATE,
- _EMERGENCY_ACTION_MAX,
- _EMERGENCY_ACTION_INVALID = -1
-} EmergencyAction;
-
-#include "macro.h"
-#include "manager.h"
-
-int emergency_action(Manager *m, EmergencyAction action, const char *reboot_arg, const char *reason);
-
-const char* emergency_action_to_string(EmergencyAction i) _const_;
-EmergencyAction emergency_action_from_string(const char *s) _pure_;
diff --git a/src/core/execute.c b/src/core/execute.c
deleted file mode 100644
index 85ee82c3e1..0000000000
--- a/src/core/execute.c
+++ /dev/null
@@ -1,4000 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <fcntl.h>
-#include <glob.h>
-#include <grp.h>
-#include <poll.h>
-#include <signal.h>
-#include <string.h>
-#include <sys/capability.h>
-#include <sys/eventfd.h>
-#include <sys/mman.h>
-#include <sys/personality.h>
-#include <sys/prctl.h>
-#include <sys/shm.h>
-#include <sys/socket.h>
-#include <sys/stat.h>
-#include <sys/types.h>
-#include <sys/un.h>
-#include <unistd.h>
-#include <utmpx.h>
-
-#ifdef HAVE_PAM
-#include <security/pam_appl.h>
-#endif
-
-#ifdef HAVE_SELINUX
-#include <selinux/selinux.h>
-#endif
-
-#ifdef HAVE_SECCOMP
-#include <seccomp.h>
-#endif
-
-#ifdef HAVE_APPARMOR
-#include <sys/apparmor.h>
-#endif
-
-#include "sd-messages.h"
-
-#include "af-list.h"
-#include "alloc-util.h"
-#ifdef HAVE_APPARMOR
-#include "apparmor-util.h"
-#endif
-#include "async.h"
-#include "barrier.h"
-#include "cap-list.h"
-#include "capability-util.h"
-#include "def.h"
-#include "env-util.h"
-#include "errno-list.h"
-#include "execute.h"
-#include "exit-status.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "formats-util.h"
-#include "fs-util.h"
-#include "glob-util.h"
-#include "io-util.h"
-#include "ioprio.h"
-#include "log.h"
-#include "macro.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "namespace.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "rlimit-util.h"
-#include "rm-rf.h"
-#ifdef HAVE_SECCOMP
-#include "seccomp-util.h"
-#endif
-#include "securebits.h"
-#include "selinux-util.h"
-#include "signal-util.h"
-#include "smack-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "syslog-util.h"
-#include "terminal-util.h"
-#include "unit.h"
-#include "user-util.h"
-#include "util.h"
-#include "utmp-wtmp.h"
-
-#define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
-#define IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
-
-/* This assumes there is a 'tty' group */
-#define TTY_MODE 0620
-
-#define SNDBUF_SIZE (8*1024*1024)
-
-static int shift_fds(int fds[], unsigned n_fds) {
- int start, restart_from;
-
- if (n_fds <= 0)
- return 0;
-
- /* Modifies the fds array! (sorts it) */
-
- assert(fds);
-
- start = 0;
- for (;;) {
- int i;
-
- restart_from = -1;
-
- for (i = start; i < (int) n_fds; i++) {
- int nfd;
-
- /* Already at right index? */
- if (fds[i] == i+3)
- continue;
-
- nfd = fcntl(fds[i], F_DUPFD, i + 3);
- if (nfd < 0)
- return -errno;
-
- safe_close(fds[i]);
- fds[i] = nfd;
-
- /* Hmm, the fd we wanted isn't free? Then
- * let's remember that and try again from here */
- if (nfd != i+3 && restart_from < 0)
- restart_from = i;
- }
-
- if (restart_from < 0)
- break;
-
- start = restart_from;
- }
-
- return 0;
-}
-
-static int flags_fds(const int fds[], unsigned n_fds, bool nonblock) {
- unsigned i;
- int r;
-
- if (n_fds <= 0)
- return 0;
-
- assert(fds);
-
- /* Drops/Sets O_NONBLOCK and FD_CLOEXEC from the file flags */
-
- for (i = 0; i < n_fds; i++) {
-
- r = fd_nonblock(fds[i], nonblock);
- if (r < 0)
- return r;
-
- /* We unconditionally drop FD_CLOEXEC from the fds,
- * since after all we want to pass these fds to our
- * children */
-
- r = fd_cloexec(fds[i], false);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static const char *exec_context_tty_path(const ExecContext *context) {
- assert(context);
-
- if (context->stdio_as_fds)
- return NULL;
-
- if (context->tty_path)
- return context->tty_path;
-
- return "/dev/console";
-}
-
-static void exec_context_tty_reset(const ExecContext *context, const ExecParameters *p) {
- const char *path;
-
- assert(context);
-
- path = exec_context_tty_path(context);
-
- if (context->tty_vhangup) {
- if (p && p->stdin_fd >= 0)
- (void) terminal_vhangup_fd(p->stdin_fd);
- else if (path)
- (void) terminal_vhangup(path);
- }
-
- if (context->tty_reset) {
- if (p && p->stdin_fd >= 0)
- (void) reset_terminal_fd(p->stdin_fd, true);
- else if (path)
- (void) reset_terminal(path);
- }
-
- if (context->tty_vt_disallocate && path)
- (void) vt_disallocate(path);
-}
-
-static bool is_terminal_input(ExecInput i) {
- return IN_SET(i,
- EXEC_INPUT_TTY,
- EXEC_INPUT_TTY_FORCE,
- EXEC_INPUT_TTY_FAIL);
-}
-
-static bool is_terminal_output(ExecOutput o) {
- return IN_SET(o,
- EXEC_OUTPUT_TTY,
- EXEC_OUTPUT_SYSLOG_AND_CONSOLE,
- EXEC_OUTPUT_KMSG_AND_CONSOLE,
- EXEC_OUTPUT_JOURNAL_AND_CONSOLE);
-}
-
-static bool exec_context_needs_term(const ExecContext *c) {
- assert(c);
-
- /* Return true if the execution context suggests we should set $TERM to something useful. */
-
- if (is_terminal_input(c->std_input))
- return true;
-
- if (is_terminal_output(c->std_output))
- return true;
-
- if (is_terminal_output(c->std_error))
- return true;
-
- return !!c->tty_path;
-}
-
-static int open_null_as(int flags, int nfd) {
- int fd, r;
-
- assert(nfd >= 0);
-
- fd = open("/dev/null", flags|O_NOCTTY);
- if (fd < 0)
- return -errno;
-
- if (fd != nfd) {
- r = dup2(fd, nfd) < 0 ? -errno : nfd;
- safe_close(fd);
- } else
- r = nfd;
-
- return r;
-}
-
-static int connect_journal_socket(int fd, uid_t uid, gid_t gid) {
- union sockaddr_union sa = {
- .un.sun_family = AF_UNIX,
- .un.sun_path = "/run/systemd/journal/stdout",
- };
- uid_t olduid = UID_INVALID;
- gid_t oldgid = GID_INVALID;
- int r;
-
- if (gid != GID_INVALID) {
- oldgid = getgid();
-
- r = setegid(gid);
- if (r < 0)
- return -errno;
- }
-
- if (uid != UID_INVALID) {
- olduid = getuid();
-
- r = seteuid(uid);
- if (r < 0) {
- r = -errno;
- goto restore_gid;
- }
- }
-
- r = connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
- if (r < 0)
- r = -errno;
-
- /* If we fail to restore the uid or gid, things will likely
- fail later on. This should only happen if an LSM interferes. */
-
- if (uid != UID_INVALID)
- (void) seteuid(olduid);
-
- restore_gid:
- if (gid != GID_INVALID)
- (void) setegid(oldgid);
-
- return r;
-}
-
-static int connect_logger_as(
- Unit *unit,
- const ExecContext *context,
- ExecOutput output,
- const char *ident,
- int nfd,
- uid_t uid,
- gid_t gid) {
-
- int fd, r;
-
- assert(context);
- assert(output < _EXEC_OUTPUT_MAX);
- assert(ident);
- assert(nfd >= 0);
-
- fd = socket(AF_UNIX, SOCK_STREAM, 0);
- if (fd < 0)
- return -errno;
-
- r = connect_journal_socket(fd, uid, gid);
- if (r < 0)
- return r;
-
- if (shutdown(fd, SHUT_RD) < 0) {
- safe_close(fd);
- return -errno;
- }
-
- (void) fd_inc_sndbuf(fd, SNDBUF_SIZE);
-
- dprintf(fd,
- "%s\n"
- "%s\n"
- "%i\n"
- "%i\n"
- "%i\n"
- "%i\n"
- "%i\n",
- context->syslog_identifier ? context->syslog_identifier : ident,
- unit->id,
- context->syslog_priority,
- !!context->syslog_level_prefix,
- output == EXEC_OUTPUT_SYSLOG || output == EXEC_OUTPUT_SYSLOG_AND_CONSOLE,
- output == EXEC_OUTPUT_KMSG || output == EXEC_OUTPUT_KMSG_AND_CONSOLE,
- is_terminal_output(output));
-
- if (fd == nfd)
- return nfd;
-
- r = dup2(fd, nfd) < 0 ? -errno : nfd;
- safe_close(fd);
-
- return r;
-}
-static int open_terminal_as(const char *path, mode_t mode, int nfd) {
- int fd, r;
-
- assert(path);
- assert(nfd >= 0);
-
- fd = open_terminal(path, mode | O_NOCTTY);
- if (fd < 0)
- return fd;
-
- if (fd != nfd) {
- r = dup2(fd, nfd) < 0 ? -errno : nfd;
- safe_close(fd);
- } else
- r = nfd;
-
- return r;
-}
-
-static int fixup_input(ExecInput std_input, int socket_fd, bool apply_tty_stdin) {
-
- if (is_terminal_input(std_input) && !apply_tty_stdin)
- return EXEC_INPUT_NULL;
-
- if (std_input == EXEC_INPUT_SOCKET && socket_fd < 0)
- return EXEC_INPUT_NULL;
-
- return std_input;
-}
-
-static int fixup_output(ExecOutput std_output, int socket_fd) {
-
- if (std_output == EXEC_OUTPUT_SOCKET && socket_fd < 0)
- return EXEC_OUTPUT_INHERIT;
-
- return std_output;
-}
-
-static int setup_input(
- const ExecContext *context,
- const ExecParameters *params,
- int socket_fd,
- int named_iofds[3]) {
-
- ExecInput i;
-
- assert(context);
- assert(params);
-
- if (params->stdin_fd >= 0) {
- if (dup2(params->stdin_fd, STDIN_FILENO) < 0)
- return -errno;
-
- /* Try to make this the controlling tty, if it is a tty, and reset it */
- (void) ioctl(STDIN_FILENO, TIOCSCTTY, context->std_input == EXEC_INPUT_TTY_FORCE);
- (void) reset_terminal_fd(STDIN_FILENO, true);
-
- return STDIN_FILENO;
- }
-
- i = fixup_input(context->std_input, socket_fd, params->flags & EXEC_APPLY_TTY_STDIN);
-
- switch (i) {
-
- case EXEC_INPUT_NULL:
- return open_null_as(O_RDONLY, STDIN_FILENO);
-
- case EXEC_INPUT_TTY:
- case EXEC_INPUT_TTY_FORCE:
- case EXEC_INPUT_TTY_FAIL: {
- int fd, r;
-
- fd = acquire_terminal(exec_context_tty_path(context),
- i == EXEC_INPUT_TTY_FAIL,
- i == EXEC_INPUT_TTY_FORCE,
- false,
- USEC_INFINITY);
- if (fd < 0)
- return fd;
-
- if (fd != STDIN_FILENO) {
- r = dup2(fd, STDIN_FILENO) < 0 ? -errno : STDIN_FILENO;
- safe_close(fd);
- } else
- r = STDIN_FILENO;
-
- return r;
- }
-
- case EXEC_INPUT_SOCKET:
- return dup2(socket_fd, STDIN_FILENO) < 0 ? -errno : STDIN_FILENO;
-
- case EXEC_INPUT_NAMED_FD:
- (void) fd_nonblock(named_iofds[STDIN_FILENO], false);
- return dup2(named_iofds[STDIN_FILENO], STDIN_FILENO) < 0 ? -errno : STDIN_FILENO;
-
- default:
- assert_not_reached("Unknown input type");
- }
-}
-
-static int setup_output(
- Unit *unit,
- const ExecContext *context,
- const ExecParameters *params,
- int fileno,
- int socket_fd,
- int named_iofds[3],
- const char *ident,
- uid_t uid,
- gid_t gid,
- dev_t *journal_stream_dev,
- ino_t *journal_stream_ino) {
-
- ExecOutput o;
- ExecInput i;
- int r;
-
- assert(unit);
- assert(context);
- assert(params);
- assert(ident);
- assert(journal_stream_dev);
- assert(journal_stream_ino);
-
- if (fileno == STDOUT_FILENO && params->stdout_fd >= 0) {
-
- if (dup2(params->stdout_fd, STDOUT_FILENO) < 0)
- return -errno;
-
- return STDOUT_FILENO;
- }
-
- if (fileno == STDERR_FILENO && params->stderr_fd >= 0) {
- if (dup2(params->stderr_fd, STDERR_FILENO) < 0)
- return -errno;
-
- return STDERR_FILENO;
- }
-
- i = fixup_input(context->std_input, socket_fd, params->flags & EXEC_APPLY_TTY_STDIN);
- o = fixup_output(context->std_output, socket_fd);
-
- if (fileno == STDERR_FILENO) {
- ExecOutput e;
- e = fixup_output(context->std_error, socket_fd);
-
- /* This expects the input and output are already set up */
-
- /* Don't change the stderr file descriptor if we inherit all
- * the way and are not on a tty */
- if (e == EXEC_OUTPUT_INHERIT &&
- o == EXEC_OUTPUT_INHERIT &&
- i == EXEC_INPUT_NULL &&
- !is_terminal_input(context->std_input) &&
- getppid () != 1)
- return fileno;
-
- /* Duplicate from stdout if possible */
- if ((e == o && e != EXEC_OUTPUT_NAMED_FD) || e == EXEC_OUTPUT_INHERIT)
- return dup2(STDOUT_FILENO, fileno) < 0 ? -errno : fileno;
-
- o = e;
-
- } else if (o == EXEC_OUTPUT_INHERIT) {
- /* If input got downgraded, inherit the original value */
- if (i == EXEC_INPUT_NULL && is_terminal_input(context->std_input))
- return open_terminal_as(exec_context_tty_path(context), O_WRONLY, fileno);
-
- /* If the input is connected to anything that's not a /dev/null, inherit that... */
- if (i != EXEC_INPUT_NULL)
- return dup2(STDIN_FILENO, fileno) < 0 ? -errno : fileno;
-
- /* If we are not started from PID 1 we just inherit STDOUT from our parent process. */
- if (getppid() != 1)
- return fileno;
-
- /* We need to open /dev/null here anew, to get the right access mode. */
- return open_null_as(O_WRONLY, fileno);
- }
-
- switch (o) {
-
- case EXEC_OUTPUT_NULL:
- return open_null_as(O_WRONLY, fileno);
-
- case EXEC_OUTPUT_TTY:
- if (is_terminal_input(i))
- return dup2(STDIN_FILENO, fileno) < 0 ? -errno : fileno;
-
- /* We don't reset the terminal if this is just about output */
- return open_terminal_as(exec_context_tty_path(context), O_WRONLY, fileno);
-
- case EXEC_OUTPUT_SYSLOG:
- case EXEC_OUTPUT_SYSLOG_AND_CONSOLE:
- case EXEC_OUTPUT_KMSG:
- case EXEC_OUTPUT_KMSG_AND_CONSOLE:
- case EXEC_OUTPUT_JOURNAL:
- case EXEC_OUTPUT_JOURNAL_AND_CONSOLE:
- r = connect_logger_as(unit, context, o, ident, fileno, uid, gid);
- if (r < 0) {
- log_unit_error_errno(unit, r, "Failed to connect %s to the journal socket, ignoring: %m", fileno == STDOUT_FILENO ? "stdout" : "stderr");
- r = open_null_as(O_WRONLY, fileno);
- } else {
- struct stat st;
-
- /* If we connected this fd to the journal via a stream, patch the device/inode into the passed
- * parameters, but only then. This is useful so that we can set $JOURNAL_STREAM that permits
- * services to detect whether they are connected to the journal or not. */
-
- if (fstat(fileno, &st) >= 0) {
- *journal_stream_dev = st.st_dev;
- *journal_stream_ino = st.st_ino;
- }
- }
- return r;
-
- case EXEC_OUTPUT_SOCKET:
- assert(socket_fd >= 0);
- return dup2(socket_fd, fileno) < 0 ? -errno : fileno;
-
- case EXEC_OUTPUT_NAMED_FD:
- (void) fd_nonblock(named_iofds[fileno], false);
- return dup2(named_iofds[fileno], fileno) < 0 ? -errno : fileno;
-
- default:
- assert_not_reached("Unknown error type");
- }
-}
-
-static int chown_terminal(int fd, uid_t uid) {
- struct stat st;
-
- assert(fd >= 0);
-
- /* Before we chown/chmod the TTY, let's ensure this is actually a tty */
- if (isatty(fd) < 1)
- return 0;
-
- /* This might fail. What matters are the results. */
- (void) fchown(fd, uid, -1);
- (void) fchmod(fd, TTY_MODE);
-
- if (fstat(fd, &st) < 0)
- return -errno;
-
- if (st.st_uid != uid || (st.st_mode & 0777) != TTY_MODE)
- return -EPERM;
-
- return 0;
-}
-
-static int setup_confirm_stdio(int *_saved_stdin, int *_saved_stdout) {
- _cleanup_close_ int fd = -1, saved_stdin = -1, saved_stdout = -1;
- int r;
-
- assert(_saved_stdin);
- assert(_saved_stdout);
-
- saved_stdin = fcntl(STDIN_FILENO, F_DUPFD, 3);
- if (saved_stdin < 0)
- return -errno;
-
- saved_stdout = fcntl(STDOUT_FILENO, F_DUPFD, 3);
- if (saved_stdout < 0)
- return -errno;
-
- fd = acquire_terminal(
- "/dev/console",
- false,
- false,
- false,
- DEFAULT_CONFIRM_USEC);
- if (fd < 0)
- return fd;
-
- r = chown_terminal(fd, getuid());
- if (r < 0)
- return r;
-
- r = reset_terminal_fd(fd, true);
- if (r < 0)
- return r;
-
- if (dup2(fd, STDIN_FILENO) < 0)
- return -errno;
-
- if (dup2(fd, STDOUT_FILENO) < 0)
- return -errno;
-
- if (fd >= 2)
- safe_close(fd);
- fd = -1;
-
- *_saved_stdin = saved_stdin;
- *_saved_stdout = saved_stdout;
-
- saved_stdin = saved_stdout = -1;
-
- return 0;
-}
-
-_printf_(1, 2) static int write_confirm_message(const char *format, ...) {
- _cleanup_close_ int fd = -1;
- va_list ap;
-
- assert(format);
-
- fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
- if (fd < 0)
- return fd;
-
- va_start(ap, format);
- vdprintf(fd, format, ap);
- va_end(ap);
-
- return 0;
-}
-
-static int restore_confirm_stdio(int *saved_stdin, int *saved_stdout) {
- int r = 0;
-
- assert(saved_stdin);
- assert(saved_stdout);
-
- release_terminal();
-
- if (*saved_stdin >= 0)
- if (dup2(*saved_stdin, STDIN_FILENO) < 0)
- r = -errno;
-
- if (*saved_stdout >= 0)
- if (dup2(*saved_stdout, STDOUT_FILENO) < 0)
- r = -errno;
-
- *saved_stdin = safe_close(*saved_stdin);
- *saved_stdout = safe_close(*saved_stdout);
-
- return r;
-}
-
-static int ask_for_confirmation(char *response, char **argv) {
- int saved_stdout = -1, saved_stdin = -1, r;
- _cleanup_free_ char *line = NULL;
-
- r = setup_confirm_stdio(&saved_stdin, &saved_stdout);
- if (r < 0)
- return r;
-
- line = exec_command_line(argv);
- if (!line)
- return -ENOMEM;
-
- r = ask_char(response, "yns", "Execute %s? [Yes, No, Skip] ", line);
-
- restore_confirm_stdio(&saved_stdin, &saved_stdout);
-
- return r;
-}
-
-static int get_fixed_user(const ExecContext *c, const char **user,
- uid_t *uid, gid_t *gid,
- const char **home, const char **shell) {
- int r;
- const char *name;
-
- assert(c);
-
- if (!c->user)
- return 0;
-
- /* Note that we don't set $HOME or $SHELL if they are not particularly enlightening anyway
- * (i.e. are "/" or "/bin/nologin"). */
-
- name = c->user;
- r = get_user_creds_clean(&name, uid, gid, home, shell);
- if (r < 0)
- return r;
-
- *user = name;
- return 0;
-}
-
-static int get_fixed_group(const ExecContext *c, const char **group, gid_t *gid) {
- int r;
- const char *name;
-
- assert(c);
-
- if (!c->group)
- return 0;
-
- name = c->group;
- r = get_group_creds(&name, gid);
- if (r < 0)
- return r;
-
- *group = name;
- return 0;
-}
-
-static int get_supplementary_groups(const ExecContext *c, const char *user,
- const char *group, gid_t gid,
- gid_t **supplementary_gids, int *ngids) {
- char **i;
- int r, k = 0;
- int ngroups_max;
- bool keep_groups = false;
- gid_t *groups = NULL;
- _cleanup_free_ gid_t *l_gids = NULL;
-
- assert(c);
-
- /*
- * If user is given, then lookup GID and supplementary groups list.
- * We avoid NSS lookups for gid=0. Also we have to initialize groups
- * here and as early as possible so we keep the list of supplementary
- * groups of the caller.
- */
- if (user && gid_is_valid(gid) && gid != 0) {
- /* First step, initialize groups from /etc/groups */
- if (initgroups(user, gid) < 0)
- return -errno;
-
- keep_groups = true;
- }
-
- if (!c->supplementary_groups)
- return 0;
-
- /*
- * If SupplementaryGroups= was passed then NGROUPS_MAX has to
- * be positive, otherwise fail.
- */
- errno = 0;
- ngroups_max = (int) sysconf(_SC_NGROUPS_MAX);
- if (ngroups_max <= 0) {
- if (errno > 0)
- return -errno;
- else
- return -EOPNOTSUPP; /* For all other values */
- }
-
- l_gids = new(gid_t, ngroups_max);
- if (!l_gids)
- return -ENOMEM;
-
- if (keep_groups) {
- /*
- * Lookup the list of groups that the user belongs to, we
- * avoid NSS lookups here too for gid=0.
- */
- k = ngroups_max;
- if (getgrouplist(user, gid, l_gids, &k) < 0)
- return -EINVAL;
- } else
- k = 0;
-
- STRV_FOREACH(i, c->supplementary_groups) {
- const char *g;
-
- if (k >= ngroups_max)
- return -E2BIG;
-
- g = *i;
- r = get_group_creds(&g, l_gids+k);
- if (r < 0)
- return r;
-
- k++;
- }
-
- /*
- * Sets ngids to zero to drop all supplementary groups, happens
- * when we are under root and SupplementaryGroups= is empty.
- */
- if (k == 0) {
- *ngids = 0;
- return 0;
- }
-
- /* Otherwise get the final list of supplementary groups */
- groups = memdup(l_gids, sizeof(gid_t) * k);
- if (!groups)
- return -ENOMEM;
-
- *supplementary_gids = groups;
- *ngids = k;
-
- groups = NULL;
-
- return 0;
-}
-
-static int enforce_groups(const ExecContext *context, gid_t gid,
- gid_t *supplementary_gids, int ngids) {
- int r;
-
- assert(context);
-
- /* Handle SupplementaryGroups= even if it is empty */
- if (context->supplementary_groups) {
- r = maybe_setgroups(ngids, supplementary_gids);
- if (r < 0)
- return r;
- }
-
- if (gid_is_valid(gid)) {
- /* Then set our gids */
- if (setresgid(gid, gid, gid) < 0)
- return -errno;
- }
-
- return 0;
-}
-
-static int enforce_user(const ExecContext *context, uid_t uid) {
- assert(context);
-
- if (!uid_is_valid(uid))
- return 0;
-
- /* Sets (but doesn't look up) the uid and make sure we keep the
- * capabilities while doing so. */
-
- if (context->capability_ambient_set != 0) {
-
- /* First step: If we need to keep capabilities but
- * drop privileges we need to make sure we keep our
- * caps, while we drop privileges. */
- if (uid != 0) {
- int sb = context->secure_bits | 1<<SECURE_KEEP_CAPS;
-
- if (prctl(PR_GET_SECUREBITS) != sb)
- if (prctl(PR_SET_SECUREBITS, sb) < 0)
- return -errno;
- }
- }
-
- /* Second step: actually set the uids */
- if (setresuid(uid, uid, uid) < 0)
- return -errno;
-
- /* At this point we should have all necessary capabilities but
- are otherwise a normal user. However, the caps might got
- corrupted due to the setresuid() so we need clean them up
- later. This is done outside of this call. */
-
- return 0;
-}
-
-#ifdef HAVE_PAM
-
-static int null_conv(
- int num_msg,
- const struct pam_message **msg,
- struct pam_response **resp,
- void *appdata_ptr) {
-
- /* We don't support conversations */
-
- return PAM_CONV_ERR;
-}
-
-#endif
-
-static int setup_pam(
- const char *name,
- const char *user,
- uid_t uid,
- gid_t gid,
- const char *tty,
- char ***env,
- int fds[], unsigned n_fds) {
-
-#ifdef HAVE_PAM
-
- static const struct pam_conv conv = {
- .conv = null_conv,
- .appdata_ptr = NULL
- };
-
- _cleanup_(barrier_destroy) Barrier barrier = BARRIER_NULL;
- pam_handle_t *handle = NULL;
- sigset_t old_ss;
- int pam_code = PAM_SUCCESS, r;
- char **nv, **e = NULL;
- bool close_session = false;
- pid_t pam_pid = 0, parent_pid;
- int flags = 0;
-
- assert(name);
- assert(user);
- assert(env);
-
- /* We set up PAM in the parent process, then fork. The child
- * will then stay around until killed via PR_GET_PDEATHSIG or
- * systemd via the cgroup logic. It will then remove the PAM
- * session again. The parent process will exec() the actual
- * daemon. We do things this way to ensure that the main PID
- * of the daemon is the one we initially fork()ed. */
-
- r = barrier_create(&barrier);
- if (r < 0)
- goto fail;
-
- if (log_get_max_level() < LOG_DEBUG)
- flags |= PAM_SILENT;
-
- pam_code = pam_start(name, user, &conv, &handle);
- if (pam_code != PAM_SUCCESS) {
- handle = NULL;
- goto fail;
- }
-
- if (tty) {
- pam_code = pam_set_item(handle, PAM_TTY, tty);
- if (pam_code != PAM_SUCCESS)
- goto fail;
- }
-
- STRV_FOREACH(nv, *env) {
- pam_code = pam_putenv(handle, *nv);
- if (pam_code != PAM_SUCCESS)
- goto fail;
- }
-
- pam_code = pam_acct_mgmt(handle, flags);
- if (pam_code != PAM_SUCCESS)
- goto fail;
-
- pam_code = pam_open_session(handle, flags);
- if (pam_code != PAM_SUCCESS)
- goto fail;
-
- close_session = true;
-
- e = pam_getenvlist(handle);
- if (!e) {
- pam_code = PAM_BUF_ERR;
- goto fail;
- }
-
- /* Block SIGTERM, so that we know that it won't get lost in
- * the child */
-
- assert_se(sigprocmask_many(SIG_BLOCK, &old_ss, SIGTERM, -1) >= 0);
-
- parent_pid = getpid();
-
- pam_pid = fork();
- if (pam_pid < 0) {
- r = -errno;
- goto fail;
- }
-
- if (pam_pid == 0) {
- int sig, ret = EXIT_PAM;
-
- /* The child's job is to reset the PAM session on
- * termination */
- barrier_set_role(&barrier, BARRIER_CHILD);
-
- /* This string must fit in 10 chars (i.e. the length
- * of "/sbin/init"), to look pretty in /bin/ps */
- rename_process("(sd-pam)");
-
- /* Make sure we don't keep open the passed fds in this
- child. We assume that otherwise only those fds are
- open here that have been opened by PAM. */
- close_many(fds, n_fds);
-
- /* Drop privileges - we don't need any to pam_close_session
- * and this will make PR_SET_PDEATHSIG work in most cases.
- * If this fails, ignore the error - but expect sd-pam threads
- * to fail to exit normally */
-
- r = maybe_setgroups(0, NULL);
- if (r < 0)
- log_warning_errno(r, "Failed to setgroups() in sd-pam: %m");
- if (setresgid(gid, gid, gid) < 0)
- log_warning_errno(errno, "Failed to setresgid() in sd-pam: %m");
- if (setresuid(uid, uid, uid) < 0)
- log_warning_errno(errno, "Failed to setresuid() in sd-pam: %m");
-
- (void) ignore_signals(SIGPIPE, -1);
-
- /* Wait until our parent died. This will only work if
- * the above setresuid() succeeds, otherwise the kernel
- * will not allow unprivileged parents kill their privileged
- * children this way. We rely on the control groups kill logic
- * to do the rest for us. */
- if (prctl(PR_SET_PDEATHSIG, SIGTERM) < 0)
- goto child_finish;
-
- /* Tell the parent that our setup is done. This is especially
- * important regarding dropping privileges. Otherwise, unit
- * setup might race against our setresuid(2) call. */
- barrier_place(&barrier);
-
- /* Check if our parent process might already have
- * died? */
- if (getppid() == parent_pid) {
- sigset_t ss;
-
- assert_se(sigemptyset(&ss) >= 0);
- assert_se(sigaddset(&ss, SIGTERM) >= 0);
-
- for (;;) {
- if (sigwait(&ss, &sig) < 0) {
- if (errno == EINTR)
- continue;
-
- goto child_finish;
- }
-
- assert(sig == SIGTERM);
- break;
- }
- }
-
- /* If our parent died we'll end the session */
- if (getppid() != parent_pid) {
- pam_code = pam_close_session(handle, flags);
- if (pam_code != PAM_SUCCESS)
- goto child_finish;
- }
-
- ret = 0;
-
- child_finish:
- pam_end(handle, pam_code | flags);
- _exit(ret);
- }
-
- barrier_set_role(&barrier, BARRIER_PARENT);
-
- /* If the child was forked off successfully it will do all the
- * cleanups, so forget about the handle here. */
- handle = NULL;
-
- /* Unblock SIGTERM again in the parent */
- assert_se(sigprocmask(SIG_SETMASK, &old_ss, NULL) >= 0);
-
- /* We close the log explicitly here, since the PAM modules
- * might have opened it, but we don't want this fd around. */
- closelog();
-
- /* Synchronously wait for the child to initialize. We don't care for
- * errors as we cannot recover. However, warn loudly if it happens. */
- if (!barrier_place_and_sync(&barrier))
- log_error("PAM initialization failed");
-
- strv_free(*env);
- *env = e;
-
- return 0;
-
-fail:
- if (pam_code != PAM_SUCCESS) {
- log_error("PAM failed: %s", pam_strerror(handle, pam_code));
- r = -EPERM; /* PAM errors do not map to errno */
- } else
- log_error_errno(r, "PAM failed: %m");
-
- if (handle) {
- if (close_session)
- pam_code = pam_close_session(handle, flags);
-
- pam_end(handle, pam_code | flags);
- }
-
- strv_free(e);
- closelog();
-
- return r;
-#else
- return 0;
-#endif
-}
-
-static void rename_process_from_path(const char *path) {
- char process_name[11];
- const char *p;
- size_t l;
-
- /* This resulting string must fit in 10 chars (i.e. the length
- * of "/sbin/init") to look pretty in /bin/ps */
-
- p = basename(path);
- if (isempty(p)) {
- rename_process("(...)");
- return;
- }
-
- l = strlen(p);
- if (l > 8) {
- /* The end of the process name is usually more
- * interesting, since the first bit might just be
- * "systemd-" */
- p = p + l - 8;
- l = 8;
- }
-
- process_name[0] = '(';
- memcpy(process_name+1, p, l);
- process_name[1+l] = ')';
- process_name[1+l+1] = 0;
-
- rename_process(process_name);
-}
-
-#ifdef HAVE_SECCOMP
-
-static bool skip_seccomp_unavailable(const Unit* u, const char* msg) {
-
- if (is_seccomp_available())
- return false;
-
- log_open();
- log_unit_debug(u, "SECCOMP features not detected in the kernel, skipping %s", msg);
- log_close();
- return true;
-}
-
-static int apply_seccomp(const Unit* u, const ExecContext *c) {
- uint32_t negative_action, action;
- scmp_filter_ctx seccomp;
- Iterator i;
- void *id;
- int r;
-
- assert(c);
-
- if (skip_seccomp_unavailable(u, "syscall filtering"))
- return 0;
-
- negative_action = c->syscall_errno == 0 ? SCMP_ACT_KILL : SCMP_ACT_ERRNO(c->syscall_errno);
-
- seccomp = seccomp_init(c->syscall_whitelist ? negative_action : SCMP_ACT_ALLOW);
- if (!seccomp)
- return -ENOMEM;
-
- if (c->syscall_archs) {
-
- SET_FOREACH(id, c->syscall_archs, i) {
- r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
- if (r == -EEXIST)
- continue;
- if (r < 0)
- goto finish;
- }
-
- } else {
- r = seccomp_add_secondary_archs(seccomp);
- if (r < 0)
- goto finish;
- }
-
- action = c->syscall_whitelist ? SCMP_ACT_ALLOW : negative_action;
- SET_FOREACH(id, c->syscall_filter, i) {
- r = seccomp_rule_add(seccomp, action, PTR_TO_INT(id) - 1, 0);
- if (r < 0)
- goto finish;
- }
-
- r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
- if (r < 0)
- goto finish;
-
- r = seccomp_load(seccomp);
-
-finish:
- seccomp_release(seccomp);
- return r;
-}
-
-static int apply_address_families(const Unit* u, const ExecContext *c) {
- scmp_filter_ctx seccomp;
- Iterator i;
- int r;
-
-#if defined(__i386__)
- return 0;
-#endif
-
- assert(c);
-
- if (skip_seccomp_unavailable(u, "RestrictAddressFamilies="))
- return 0;
-
- r = seccomp_init_conservative(&seccomp, SCMP_ACT_ALLOW);
- if (r < 0)
- return r;
-
- if (c->address_families_whitelist) {
- int af, first = 0, last = 0;
- void *afp;
-
- /* If this is a whitelist, we first block the address
- * families that are out of range and then everything
- * that is not in the set. First, we find the lowest
- * and highest address family in the set. */
-
- SET_FOREACH(afp, c->address_families, i) {
- af = PTR_TO_INT(afp);
-
- if (af <= 0 || af >= af_max())
- continue;
-
- if (first == 0 || af < first)
- first = af;
-
- if (last == 0 || af > last)
- last = af;
- }
-
- assert((first == 0) == (last == 0));
-
- if (first == 0) {
-
- /* No entries in the valid range, block everything */
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPROTONOSUPPORT),
- SCMP_SYS(socket),
- 0);
- if (r < 0)
- goto finish;
-
- } else {
-
- /* Block everything below the first entry */
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPROTONOSUPPORT),
- SCMP_SYS(socket),
- 1,
- SCMP_A0(SCMP_CMP_LT, first));
- if (r < 0)
- goto finish;
-
- /* Block everything above the last entry */
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPROTONOSUPPORT),
- SCMP_SYS(socket),
- 1,
- SCMP_A0(SCMP_CMP_GT, last));
- if (r < 0)
- goto finish;
-
- /* Block everything between the first and last
- * entry */
- for (af = 1; af < af_max(); af++) {
-
- if (set_contains(c->address_families, INT_TO_PTR(af)))
- continue;
-
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPROTONOSUPPORT),
- SCMP_SYS(socket),
- 1,
- SCMP_A0(SCMP_CMP_EQ, af));
- if (r < 0)
- goto finish;
- }
- }
-
- } else {
- void *af;
-
- /* If this is a blacklist, then generate one rule for
- * each address family that are then combined in OR
- * checks. */
-
- SET_FOREACH(af, c->address_families, i) {
-
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPROTONOSUPPORT),
- SCMP_SYS(socket),
- 1,
- SCMP_A0(SCMP_CMP_EQ, PTR_TO_INT(af)));
- if (r < 0)
- goto finish;
- }
- }
-
- r = seccomp_load(seccomp);
-
-finish:
- seccomp_release(seccomp);
- return r;
-}
-
-static int apply_memory_deny_write_execute(const Unit* u, const ExecContext *c) {
- scmp_filter_ctx seccomp;
- int r;
-
- assert(c);
-
- if (skip_seccomp_unavailable(u, "MemoryDenyWriteExecute="))
- return 0;
-
- r = seccomp_init_conservative(&seccomp, SCMP_ACT_ALLOW);
- if (r < 0)
- return r;
-
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPERM),
- SCMP_SYS(mmap),
- 1,
- SCMP_A2(SCMP_CMP_MASKED_EQ, PROT_EXEC|PROT_WRITE, PROT_EXEC|PROT_WRITE));
- if (r < 0)
- goto finish;
-
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPERM),
- SCMP_SYS(mprotect),
- 1,
- SCMP_A2(SCMP_CMP_MASKED_EQ, PROT_EXEC, PROT_EXEC));
- if (r < 0)
- goto finish;
-
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPERM),
- SCMP_SYS(shmat),
- 1,
- SCMP_A2(SCMP_CMP_MASKED_EQ, SHM_EXEC, SHM_EXEC));
- if (r < 0)
- goto finish;
-
- r = seccomp_load(seccomp);
-
-finish:
- seccomp_release(seccomp);
- return r;
-}
-
-static int apply_restrict_realtime(const Unit* u, const ExecContext *c) {
- static const int permitted_policies[] = {
- SCHED_OTHER,
- SCHED_BATCH,
- SCHED_IDLE,
- };
-
- scmp_filter_ctx seccomp;
- unsigned i;
- int r, p, max_policy = 0;
-
- assert(c);
-
- if (skip_seccomp_unavailable(u, "RestrictRealtime="))
- return 0;
-
- r = seccomp_init_conservative(&seccomp, SCMP_ACT_ALLOW);
- if (r < 0)
- return r;
-
- /* Determine the highest policy constant we want to allow */
- for (i = 0; i < ELEMENTSOF(permitted_policies); i++)
- if (permitted_policies[i] > max_policy)
- max_policy = permitted_policies[i];
-
- /* Go through all policies with lower values than that, and block them -- unless they appear in the
- * whitelist. */
- for (p = 0; p < max_policy; p++) {
- bool good = false;
-
- /* Check if this is in the whitelist. */
- for (i = 0; i < ELEMENTSOF(permitted_policies); i++)
- if (permitted_policies[i] == p) {
- good = true;
- break;
- }
-
- if (good)
- continue;
-
- /* Deny this policy */
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPERM),
- SCMP_SYS(sched_setscheduler),
- 1,
- SCMP_A1(SCMP_CMP_EQ, p));
- if (r < 0)
- goto finish;
- }
-
- /* Blacklist all other policies, i.e. the ones with higher values. Note that all comparisons are unsigned here,
- * hence no need no check for < 0 values. */
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPERM),
- SCMP_SYS(sched_setscheduler),
- 1,
- SCMP_A1(SCMP_CMP_GT, max_policy));
- if (r < 0)
- goto finish;
-
- r = seccomp_load(seccomp);
-
-finish:
- seccomp_release(seccomp);
- return r;
-}
-
-static int apply_protect_sysctl(const Unit *u, const ExecContext *c) {
- scmp_filter_ctx seccomp;
- int r;
-
- assert(c);
-
- /* Turn off the legacy sysctl() system call. Many distributions turn this off while building the kernel, but
- * let's protect even those systems where this is left on in the kernel. */
-
- if (skip_seccomp_unavailable(u, "ProtectKernelTunables="))
- return 0;
-
- r = seccomp_init_conservative(&seccomp, SCMP_ACT_ALLOW);
- if (r < 0)
- return r;
-
- r = seccomp_rule_add(
- seccomp,
- SCMP_ACT_ERRNO(EPERM),
- SCMP_SYS(_sysctl),
- 0);
- if (r < 0)
- goto finish;
-
- r = seccomp_load(seccomp);
-
-finish:
- seccomp_release(seccomp);
- return r;
-}
-
-static int apply_protect_kernel_modules(const Unit *u, const ExecContext *c) {
- assert(c);
-
- /* Turn off module syscalls on ProtectKernelModules=yes */
-
- if (skip_seccomp_unavailable(u, "ProtectKernelModules="))
- return 0;
-
- return seccomp_load_filter_set(SCMP_ACT_ALLOW, syscall_filter_sets + SYSCALL_FILTER_SET_MODULE, SCMP_ACT_ERRNO(EPERM));
-}
-
-static int apply_private_devices(const Unit *u, const ExecContext *c) {
- assert(c);
-
- /* If PrivateDevices= is set, also turn off iopl and all @raw-io syscalls. */
-
- if (skip_seccomp_unavailable(u, "PrivateDevices="))
- return 0;
-
- return seccomp_load_filter_set(SCMP_ACT_ALLOW, syscall_filter_sets + SYSCALL_FILTER_SET_RAW_IO, SCMP_ACT_ERRNO(EPERM));
-}
-
-#endif
-
-static void do_idle_pipe_dance(int idle_pipe[4]) {
- assert(idle_pipe);
-
- idle_pipe[1] = safe_close(idle_pipe[1]);
- idle_pipe[2] = safe_close(idle_pipe[2]);
-
- if (idle_pipe[0] >= 0) {
- int r;
-
- r = fd_wait_for_event(idle_pipe[0], POLLHUP, IDLE_TIMEOUT_USEC);
-
- if (idle_pipe[3] >= 0 && r == 0 /* timeout */) {
- ssize_t n;
-
- /* Signal systemd that we are bored and want to continue. */
- n = write(idle_pipe[3], "x", 1);
- if (n > 0)
- /* Wait for systemd to react to the signal above. */
- fd_wait_for_event(idle_pipe[0], POLLHUP, IDLE_TIMEOUT2_USEC);
- }
-
- idle_pipe[0] = safe_close(idle_pipe[0]);
-
- }
-
- idle_pipe[3] = safe_close(idle_pipe[3]);
-}
-
-static int build_environment(
- Unit *u,
- const ExecContext *c,
- const ExecParameters *p,
- unsigned n_fds,
- const char *home,
- const char *username,
- const char *shell,
- dev_t journal_stream_dev,
- ino_t journal_stream_ino,
- char ***ret) {
-
- _cleanup_strv_free_ char **our_env = NULL;
- unsigned n_env = 0;
- char *x;
-
- assert(u);
- assert(c);
- assert(ret);
-
- our_env = new0(char*, 14);
- if (!our_env)
- return -ENOMEM;
-
- if (n_fds > 0) {
- _cleanup_free_ char *joined = NULL;
-
- if (asprintf(&x, "LISTEN_PID="PID_FMT, getpid()) < 0)
- return -ENOMEM;
- our_env[n_env++] = x;
-
- if (asprintf(&x, "LISTEN_FDS=%u", n_fds) < 0)
- return -ENOMEM;
- our_env[n_env++] = x;
-
- joined = strv_join(p->fd_names, ":");
- if (!joined)
- return -ENOMEM;
-
- x = strjoin("LISTEN_FDNAMES=", joined, NULL);
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- if ((p->flags & EXEC_SET_WATCHDOG) && p->watchdog_usec > 0) {
- if (asprintf(&x, "WATCHDOG_PID="PID_FMT, getpid()) < 0)
- return -ENOMEM;
- our_env[n_env++] = x;
-
- if (asprintf(&x, "WATCHDOG_USEC="USEC_FMT, p->watchdog_usec) < 0)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- /* If this is D-Bus, tell the nss-systemd module, since it relies on being able to use D-Bus look up dynamic
- * users via PID 1, possibly dead-locking the dbus daemon. This way it will not use D-Bus to resolve names, but
- * check the database directly. */
- if (unit_has_name(u, SPECIAL_DBUS_SERVICE)) {
- x = strdup("SYSTEMD_NSS_BYPASS_BUS=1");
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- if (home) {
- x = strappend("HOME=", home);
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- if (username) {
- x = strappend("LOGNAME=", username);
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
-
- x = strappend("USER=", username);
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- if (shell) {
- x = strappend("SHELL=", shell);
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- if (!sd_id128_is_null(u->invocation_id)) {
- if (asprintf(&x, "INVOCATION_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id)) < 0)
- return -ENOMEM;
-
- our_env[n_env++] = x;
- }
-
- if (exec_context_needs_term(c)) {
- const char *tty_path, *term = NULL;
-
- tty_path = exec_context_tty_path(c);
-
- /* If we are forked off PID 1 and we are supposed to operate on /dev/console, then let's try to inherit
- * the $TERM set for PID 1. This is useful for containers so that the $TERM the container manager
- * passes to PID 1 ends up all the way in the console login shown. */
-
- if (path_equal(tty_path, "/dev/console") && getppid() == 1)
- term = getenv("TERM");
- if (!term)
- term = default_term_for_tty(tty_path);
-
- x = strappend("TERM=", term);
- if (!x)
- return -ENOMEM;
- our_env[n_env++] = x;
- }
-
- if (journal_stream_dev != 0 && journal_stream_ino != 0) {
- if (asprintf(&x, "JOURNAL_STREAM=" DEV_FMT ":" INO_FMT, journal_stream_dev, journal_stream_ino) < 0)
- return -ENOMEM;
-
- our_env[n_env++] = x;
- }
-
- our_env[n_env++] = NULL;
- assert(n_env <= 12);
-
- *ret = our_env;
- our_env = NULL;
-
- return 0;
-}
-
-static int build_pass_environment(const ExecContext *c, char ***ret) {
- _cleanup_strv_free_ char **pass_env = NULL;
- size_t n_env = 0, n_bufsize = 0;
- char **i;
-
- STRV_FOREACH(i, c->pass_environment) {
- _cleanup_free_ char *x = NULL;
- char *v;
-
- v = getenv(*i);
- if (!v)
- continue;
- x = strjoin(*i, "=", v, NULL);
- if (!x)
- return -ENOMEM;
- if (!GREEDY_REALLOC(pass_env, n_bufsize, n_env + 2))
- return -ENOMEM;
- pass_env[n_env++] = x;
- pass_env[n_env] = NULL;
- x = NULL;
- }
-
- *ret = pass_env;
- pass_env = NULL;
-
- return 0;
-}
-
-static bool exec_needs_mount_namespace(
- const ExecContext *context,
- const ExecParameters *params,
- ExecRuntime *runtime) {
-
- assert(context);
- assert(params);
-
- if (!strv_isempty(context->read_write_paths) ||
- !strv_isempty(context->read_only_paths) ||
- !strv_isempty(context->inaccessible_paths))
- return true;
-
- if (context->mount_flags != 0)
- return true;
-
- if (context->private_tmp && runtime && (runtime->tmp_dir || runtime->var_tmp_dir))
- return true;
-
- if (context->private_devices ||
- context->protect_system != PROTECT_SYSTEM_NO ||
- context->protect_home != PROTECT_HOME_NO ||
- context->protect_kernel_tunables ||
- context->protect_kernel_modules ||
- context->protect_control_groups)
- return true;
-
- return false;
-}
-
-static int setup_private_users(uid_t uid, gid_t gid) {
- _cleanup_free_ char *uid_map = NULL, *gid_map = NULL;
- _cleanup_close_pair_ int errno_pipe[2] = { -1, -1 };
- _cleanup_close_ int unshare_ready_fd = -1;
- _cleanup_(sigkill_waitp) pid_t pid = 0;
- uint64_t c = 1;
- siginfo_t si;
- ssize_t n;
- int r;
-
- /* Set up a user namespace and map root to root, the selected UID/GID to itself, and everything else to
- * nobody. In order to be able to write this mapping we need CAP_SETUID in the original user namespace, which
- * we however lack after opening the user namespace. To work around this we fork() a temporary child process,
- * which waits for the parent to create the new user namespace while staying in the original namespace. The
- * child then writes the UID mapping, under full privileges. The parent waits for the child to finish and
- * continues execution normally. */
-
- if (uid != 0 && uid_is_valid(uid))
- asprintf(&uid_map,
- "0 0 1\n" /* Map root → root */
- UID_FMT " " UID_FMT " 1\n", /* Map $UID → $UID */
- uid, uid);
- else
- uid_map = strdup("0 0 1\n"); /* The case where the above is the same */
- if (!uid_map)
- return -ENOMEM;
-
- if (gid != 0 && gid_is_valid(gid))
- asprintf(&gid_map,
- "0 0 1\n" /* Map root → root */
- GID_FMT " " GID_FMT " 1\n", /* Map $GID → $GID */
- gid, gid);
- else
- gid_map = strdup("0 0 1\n"); /* The case where the above is the same */
- if (!gid_map)
- return -ENOMEM;
-
- /* Create a communication channel so that the parent can tell the child when it finished creating the user
- * namespace. */
- unshare_ready_fd = eventfd(0, EFD_CLOEXEC);
- if (unshare_ready_fd < 0)
- return -errno;
-
- /* Create a communication channel so that the child can tell the parent a proper error code in case it
- * failed. */
- if (pipe2(errno_pipe, O_CLOEXEC) < 0)
- return -errno;
-
- pid = fork();
- if (pid < 0)
- return -errno;
-
- if (pid == 0) {
- _cleanup_close_ int fd = -1;
- const char *a;
- pid_t ppid;
-
- /* Child process, running in the original user namespace. Let's update the parent's UID/GID map from
- * here, after the parent opened its own user namespace. */
-
- ppid = getppid();
- errno_pipe[0] = safe_close(errno_pipe[0]);
-
- /* Wait until the parent unshared the user namespace */
- if (read(unshare_ready_fd, &c, sizeof(c)) < 0) {
- r = -errno;
- goto child_fail;
- }
-
- /* Disable the setgroups() system call in the child user namespace, for good. */
- a = procfs_file_alloca(ppid, "setgroups");
- fd = open(a, O_WRONLY|O_CLOEXEC);
- if (fd < 0) {
- if (errno != ENOENT) {
- r = -errno;
- goto child_fail;
- }
-
- /* If the file is missing the kernel is too old, let's continue anyway. */
- } else {
- if (write(fd, "deny\n", 5) < 0) {
- r = -errno;
- goto child_fail;
- }
-
- fd = safe_close(fd);
- }
-
- /* First write the GID map */
- a = procfs_file_alloca(ppid, "gid_map");
- fd = open(a, O_WRONLY|O_CLOEXEC);
- if (fd < 0) {
- r = -errno;
- goto child_fail;
- }
- if (write(fd, gid_map, strlen(gid_map)) < 0) {
- r = -errno;
- goto child_fail;
- }
- fd = safe_close(fd);
-
- /* The write the UID map */
- a = procfs_file_alloca(ppid, "uid_map");
- fd = open(a, O_WRONLY|O_CLOEXEC);
- if (fd < 0) {
- r = -errno;
- goto child_fail;
- }
- if (write(fd, uid_map, strlen(uid_map)) < 0) {
- r = -errno;
- goto child_fail;
- }
-
- _exit(EXIT_SUCCESS);
-
- child_fail:
- (void) write(errno_pipe[1], &r, sizeof(r));
- _exit(EXIT_FAILURE);
- }
-
- errno_pipe[1] = safe_close(errno_pipe[1]);
-
- if (unshare(CLONE_NEWUSER) < 0)
- return -errno;
-
- /* Let the child know that the namespace is ready now */
- if (write(unshare_ready_fd, &c, sizeof(c)) < 0)
- return -errno;
-
- /* Try to read an error code from the child */
- n = read(errno_pipe[0], &r, sizeof(r));
- if (n < 0)
- return -errno;
- if (n == sizeof(r)) { /* an error code was sent to us */
- if (r < 0)
- return r;
- return -EIO;
- }
- if (n != 0) /* on success we should have read 0 bytes */
- return -EIO;
-
- r = wait_for_terminate(pid, &si);
- if (r < 0)
- return r;
- pid = 0;
-
- /* If something strange happened with the child, let's consider this fatal, too */
- if (si.si_code != CLD_EXITED || si.si_status != 0)
- return -EIO;
-
- return 0;
-}
-
-static int setup_runtime_directory(
- const ExecContext *context,
- const ExecParameters *params,
- uid_t uid,
- gid_t gid) {
-
- char **rt;
- int r;
-
- assert(context);
- assert(params);
-
- STRV_FOREACH(rt, context->runtime_directory) {
- _cleanup_free_ char *p;
-
- p = strjoin(params->runtime_prefix, "/", *rt, NULL);
- if (!p)
- return -ENOMEM;
-
- r = mkdir_p_label(p, context->runtime_directory_mode);
- if (r < 0)
- return r;
-
- r = chmod_and_chown(p, context->runtime_directory_mode, uid, gid);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static int setup_smack(
- const ExecContext *context,
- const ExecCommand *command) {
-
-#ifdef HAVE_SMACK
- int r;
-
- assert(context);
- assert(command);
-
- if (!mac_smack_use())
- return 0;
-
- if (context->smack_process_label) {
- r = mac_smack_apply_pid(0, context->smack_process_label);
- if (r < 0)
- return r;
- }
-#ifdef SMACK_DEFAULT_PROCESS_LABEL
- else {
- _cleanup_free_ char *exec_label = NULL;
-
- r = mac_smack_read(command->path, SMACK_ATTR_EXEC, &exec_label);
- if (r < 0 && r != -ENODATA && r != -EOPNOTSUPP)
- return r;
-
- r = mac_smack_apply_pid(0, exec_label ? : SMACK_DEFAULT_PROCESS_LABEL);
- if (r < 0)
- return r;
- }
-#endif
-#endif
-
- return 0;
-}
-
-static int compile_read_write_paths(
- const ExecContext *context,
- const ExecParameters *params,
- char ***ret) {
-
- _cleanup_strv_free_ char **l = NULL;
- char **rt;
-
- /* Compile the list of writable paths. This is the combination of the explicitly configured paths, plus all
- * runtime directories. */
-
- if (strv_isempty(context->read_write_paths) &&
- strv_isempty(context->runtime_directory)) {
- *ret = NULL; /* NOP if neither is set */
- return 0;
- }
-
- l = strv_copy(context->read_write_paths);
- if (!l)
- return -ENOMEM;
-
- STRV_FOREACH(rt, context->runtime_directory) {
- char *s;
-
- s = strjoin(params->runtime_prefix, "/", *rt, NULL);
- if (!s)
- return -ENOMEM;
-
- if (strv_consume(&l, s) < 0)
- return -ENOMEM;
- }
-
- *ret = l;
- l = NULL;
-
- return 0;
-}
-
-static int apply_mount_namespace(Unit *u, const ExecContext *context,
- const ExecParameters *params,
- ExecRuntime *runtime) {
- int r;
- _cleanup_free_ char **rw = NULL;
- char *tmp = NULL, *var = NULL;
- const char *root_dir = NULL;
- NameSpaceInfo ns_info = {
- .private_dev = context->private_devices,
- .protect_control_groups = context->protect_control_groups,
- .protect_kernel_tunables = context->protect_kernel_tunables,
- .protect_kernel_modules = context->protect_kernel_modules,
- };
-
- assert(context);
-
- /* The runtime struct only contains the parent of the private /tmp,
- * which is non-accessible to world users. Inside of it there's a /tmp
- * that is sticky, and that's the one we want to use here. */
-
- if (context->private_tmp && runtime) {
- if (runtime->tmp_dir)
- tmp = strjoina(runtime->tmp_dir, "/tmp");
- if (runtime->var_tmp_dir)
- var = strjoina(runtime->var_tmp_dir, "/tmp");
- }
-
- r = compile_read_write_paths(context, params, &rw);
- if (r < 0)
- return r;
-
- if (params->flags & EXEC_APPLY_CHROOT)
- root_dir = context->root_directory;
-
- r = setup_namespace(root_dir, &ns_info, rw,
- context->read_only_paths,
- context->inaccessible_paths,
- tmp,
- var,
- context->protect_home,
- context->protect_system,
- context->mount_flags);
-
- /* If we couldn't set up the namespace this is probably due to a
- * missing capability. In this case, silently proceeed. */
- if (IN_SET(r, -EPERM, -EACCES)) {
- log_open();
- log_unit_debug_errno(u, r, "Failed to set up namespace, assuming containerized execution, ignoring: %m");
- log_close();
- r = 0;
- }
-
- return r;
-}
-
-static int apply_working_directory(const ExecContext *context,
- const ExecParameters *params,
- const char *home,
- const bool needs_mount_ns) {
- const char *d;
- const char *wd;
-
- assert(context);
-
- if (context->working_directory_home)
- wd = home;
- else if (context->working_directory)
- wd = context->working_directory;
- else
- wd = "/";
-
- if (params->flags & EXEC_APPLY_CHROOT) {
- if (!needs_mount_ns && context->root_directory)
- if (chroot(context->root_directory) < 0)
- return -errno;
-
- d = wd;
- } else
- d = strjoina(strempty(context->root_directory), "/", strempty(wd));
-
- if (chdir(d) < 0 && !context->working_directory_missing_ok)
- return -errno;
-
- return 0;
-}
-
-static void append_socket_pair(int *array, unsigned *n, int pair[2]) {
- assert(array);
- assert(n);
-
- if (!pair)
- return;
-
- if (pair[0] >= 0)
- array[(*n)++] = pair[0];
- if (pair[1] >= 0)
- array[(*n)++] = pair[1];
-}
-
-static int close_remaining_fds(
- const ExecParameters *params,
- ExecRuntime *runtime,
- DynamicCreds *dcreds,
- int user_lookup_fd,
- int socket_fd,
- int *fds, unsigned n_fds) {
-
- unsigned n_dont_close = 0;
- int dont_close[n_fds + 12];
-
- assert(params);
-
- if (params->stdin_fd >= 0)
- dont_close[n_dont_close++] = params->stdin_fd;
- if (params->stdout_fd >= 0)
- dont_close[n_dont_close++] = params->stdout_fd;
- if (params->stderr_fd >= 0)
- dont_close[n_dont_close++] = params->stderr_fd;
-
- if (socket_fd >= 0)
- dont_close[n_dont_close++] = socket_fd;
- if (n_fds > 0) {
- memcpy(dont_close + n_dont_close, fds, sizeof(int) * n_fds);
- n_dont_close += n_fds;
- }
-
- if (runtime)
- append_socket_pair(dont_close, &n_dont_close, runtime->netns_storage_socket);
-
- if (dcreds) {
- if (dcreds->user)
- append_socket_pair(dont_close, &n_dont_close, dcreds->user->storage_socket);
- if (dcreds->group)
- append_socket_pair(dont_close, &n_dont_close, dcreds->group->storage_socket);
- }
-
- if (user_lookup_fd >= 0)
- dont_close[n_dont_close++] = user_lookup_fd;
-
- return close_all_fds(dont_close, n_dont_close);
-}
-
-static bool context_has_address_families(const ExecContext *c) {
- assert(c);
-
- return c->address_families_whitelist ||
- !set_isempty(c->address_families);
-}
-
-static bool context_has_syscall_filters(const ExecContext *c) {
- assert(c);
-
- return c->syscall_whitelist ||
- !set_isempty(c->syscall_filter) ||
- !set_isempty(c->syscall_archs);
-}
-
-static bool context_has_no_new_privileges(const ExecContext *c) {
- assert(c);
-
- if (c->no_new_privileges)
- return true;
-
- if (have_effective_cap(CAP_SYS_ADMIN)) /* if we are privileged, we don't need NNP */
- return false;
-
- return context_has_address_families(c) || /* we need NNP if we have any form of seccomp and are unprivileged */
- c->memory_deny_write_execute ||
- c->restrict_realtime ||
- c->protect_kernel_tunables ||
- c->protect_kernel_modules ||
- c->private_devices ||
- context_has_syscall_filters(c);
-}
-
-static int send_user_lookup(
- Unit *unit,
- int user_lookup_fd,
- uid_t uid,
- gid_t gid) {
-
- assert(unit);
-
- /* Send the resolved UID/GID to PID 1 after we learnt it. We send a single datagram, containing the UID/GID
- * data as well as the unit name. Note that we suppress sending this if no user/group to resolve was
- * specified. */
-
- if (user_lookup_fd < 0)
- return 0;
-
- if (!uid_is_valid(uid) && !gid_is_valid(gid))
- return 0;
-
- if (writev(user_lookup_fd,
- (struct iovec[]) {
- { .iov_base = &uid, .iov_len = sizeof(uid) },
- { .iov_base = &gid, .iov_len = sizeof(gid) },
- { .iov_base = unit->id, .iov_len = strlen(unit->id) }}, 3) < 0)
- return -errno;
-
- return 0;
-}
-
-static int exec_child(
- Unit *unit,
- ExecCommand *command,
- const ExecContext *context,
- const ExecParameters *params,
- ExecRuntime *runtime,
- DynamicCreds *dcreds,
- char **argv,
- int socket_fd,
- int named_iofds[3],
- int *fds, unsigned n_fds,
- char **files_env,
- int user_lookup_fd,
- int *exit_status) {
-
- _cleanup_strv_free_ char **our_env = NULL, **pass_env = NULL, **accum_env = NULL, **final_argv = NULL;
- _cleanup_free_ char *mac_selinux_context_net = NULL;
- _cleanup_free_ gid_t *supplementary_gids = NULL;
- const char *username = NULL, *groupname = NULL;
- const char *home = NULL, *shell = NULL;
- dev_t journal_stream_dev = 0;
- ino_t journal_stream_ino = 0;
- bool needs_mount_namespace;
- uid_t uid = UID_INVALID;
- gid_t gid = GID_INVALID;
- int i, r, ngids = 0;
-
- assert(unit);
- assert(command);
- assert(context);
- assert(params);
- assert(exit_status);
-
- rename_process_from_path(command->path);
-
- /* We reset exactly these signals, since they are the
- * only ones we set to SIG_IGN in the main daemon. All
- * others we leave untouched because we set them to
- * SIG_DFL or a valid handler initially, both of which
- * will be demoted to SIG_DFL. */
- (void) default_signals(SIGNALS_CRASH_HANDLER,
- SIGNALS_IGNORE, -1);
-
- if (context->ignore_sigpipe)
- (void) ignore_signals(SIGPIPE, -1);
-
- r = reset_signal_mask();
- if (r < 0) {
- *exit_status = EXIT_SIGNAL_MASK;
- return r;
- }
-
- if (params->idle_pipe)
- do_idle_pipe_dance(params->idle_pipe);
-
- /* Close sockets very early to make sure we don't
- * block init reexecution because it cannot bind its
- * sockets */
-
- log_forget_fds();
-
- r = close_remaining_fds(params, runtime, dcreds, user_lookup_fd, socket_fd, fds, n_fds);
- if (r < 0) {
- *exit_status = EXIT_FDS;
- return r;
- }
-
- if (!context->same_pgrp)
- if (setsid() < 0) {
- *exit_status = EXIT_SETSID;
- return -errno;
- }
-
- exec_context_tty_reset(context, params);
-
- if (params->flags & EXEC_CONFIRM_SPAWN) {
- char response;
-
- r = ask_for_confirmation(&response, argv);
- if (r == -ETIMEDOUT)
- write_confirm_message("Confirmation question timed out, assuming positive response.\n");
- else if (r < 0)
- write_confirm_message("Couldn't ask confirmation question, assuming positive response: %s\n", strerror(-r));
- else if (response == 's') {
- write_confirm_message("Skipping execution.\n");
- *exit_status = EXIT_CONFIRM;
- return -ECANCELED;
- } else if (response == 'n') {
- write_confirm_message("Failing execution.\n");
- *exit_status = 0;
- return 0;
- }
- }
-
- if (context->dynamic_user && dcreds) {
-
- /* Make sure we bypass our own NSS module for any NSS checks */
- if (putenv((char*) "SYSTEMD_NSS_DYNAMIC_BYPASS=1") != 0) {
- *exit_status = EXIT_USER;
- return -errno;
- }
-
- r = dynamic_creds_realize(dcreds, &uid, &gid);
- if (r < 0) {
- *exit_status = EXIT_USER;
- return r;
- }
-
- if (!uid_is_valid(uid) || !gid_is_valid(gid)) {
- *exit_status = EXIT_USER;
- return -ESRCH;
- }
-
- if (dcreds->user)
- username = dcreds->user->name;
-
- } else {
- r = get_fixed_user(context, &username, &uid, &gid, &home, &shell);
- if (r < 0) {
- *exit_status = EXIT_USER;
- return r;
- }
-
- r = get_fixed_group(context, &groupname, &gid);
- if (r < 0) {
- *exit_status = EXIT_GROUP;
- return r;
- }
- }
-
- /* Initialize user supplementary groups and get SupplementaryGroups= ones */
- r = get_supplementary_groups(context, username, groupname, gid,
- &supplementary_gids, &ngids);
- if (r < 0) {
- *exit_status = EXIT_GROUP;
- return r;
- }
-
- r = send_user_lookup(unit, user_lookup_fd, uid, gid);
- if (r < 0) {
- *exit_status = EXIT_USER;
- return r;
- }
-
- user_lookup_fd = safe_close(user_lookup_fd);
-
- /* If a socket is connected to STDIN/STDOUT/STDERR, we
- * must sure to drop O_NONBLOCK */
- if (socket_fd >= 0)
- (void) fd_nonblock(socket_fd, false);
-
- r = setup_input(context, params, socket_fd, named_iofds);
- if (r < 0) {
- *exit_status = EXIT_STDIN;
- return r;
- }
-
- r = setup_output(unit, context, params, STDOUT_FILENO, socket_fd, named_iofds, basename(command->path), uid, gid, &journal_stream_dev, &journal_stream_ino);
- if (r < 0) {
- *exit_status = EXIT_STDOUT;
- return r;
- }
-
- r = setup_output(unit, context, params, STDERR_FILENO, socket_fd, named_iofds, basename(command->path), uid, gid, &journal_stream_dev, &journal_stream_ino);
- if (r < 0) {
- *exit_status = EXIT_STDERR;
- return r;
- }
-
- if (params->cgroup_path) {
- r = cg_attach_everywhere(params->cgroup_supported, params->cgroup_path, 0, NULL, NULL);
- if (r < 0) {
- *exit_status = EXIT_CGROUP;
- return r;
- }
- }
-
- if (context->oom_score_adjust_set) {
- char t[DECIMAL_STR_MAX(context->oom_score_adjust)];
-
- /* When we can't make this change due to EPERM, then
- * let's silently skip over it. User namespaces
- * prohibit write access to this file, and we
- * shouldn't trip up over that. */
-
- sprintf(t, "%i", context->oom_score_adjust);
- r = write_string_file("/proc/self/oom_score_adj", t, 0);
- if (r == -EPERM || r == -EACCES) {
- log_open();
- log_unit_debug_errno(unit, r, "Failed to adjust OOM setting, assuming containerized execution, ignoring: %m");
- log_close();
- } else if (r < 0) {
- *exit_status = EXIT_OOM_ADJUST;
- return -errno;
- }
- }
-
- if (context->nice_set)
- if (setpriority(PRIO_PROCESS, 0, context->nice) < 0) {
- *exit_status = EXIT_NICE;
- return -errno;
- }
-
- if (context->cpu_sched_set) {
- struct sched_param param = {
- .sched_priority = context->cpu_sched_priority,
- };
-
- r = sched_setscheduler(0,
- context->cpu_sched_policy |
- (context->cpu_sched_reset_on_fork ?
- SCHED_RESET_ON_FORK : 0),
- &param);
- if (r < 0) {
- *exit_status = EXIT_SETSCHEDULER;
- return -errno;
- }
- }
-
- if (context->cpuset)
- if (sched_setaffinity(0, CPU_ALLOC_SIZE(context->cpuset_ncpus), context->cpuset) < 0) {
- *exit_status = EXIT_CPUAFFINITY;
- return -errno;
- }
-
- if (context->ioprio_set)
- if (ioprio_set(IOPRIO_WHO_PROCESS, 0, context->ioprio) < 0) {
- *exit_status = EXIT_IOPRIO;
- return -errno;
- }
-
- if (context->timer_slack_nsec != NSEC_INFINITY)
- if (prctl(PR_SET_TIMERSLACK, context->timer_slack_nsec) < 0) {
- *exit_status = EXIT_TIMERSLACK;
- return -errno;
- }
-
- if (context->personality != PERSONALITY_INVALID)
- if (personality(context->personality) < 0) {
- *exit_status = EXIT_PERSONALITY;
- return -errno;
- }
-
- if (context->utmp_id)
- utmp_put_init_process(context->utmp_id, getpid(), getsid(0), context->tty_path,
- context->utmp_mode == EXEC_UTMP_INIT ? INIT_PROCESS :
- context->utmp_mode == EXEC_UTMP_LOGIN ? LOGIN_PROCESS :
- USER_PROCESS,
- username ? "root" : context->user);
-
- if (context->user) {
- r = chown_terminal(STDIN_FILENO, uid);
- if (r < 0) {
- *exit_status = EXIT_STDIN;
- return r;
- }
- }
-
- /* If delegation is enabled we'll pass ownership of the cgroup
- * (but only in systemd's own controller hierarchy!) to the
- * user of the new process. */
- if (params->cgroup_path && context->user && params->cgroup_delegate) {
- r = cg_set_task_access(SYSTEMD_CGROUP_CONTROLLER, params->cgroup_path, 0644, uid, gid);
- if (r < 0) {
- *exit_status = EXIT_CGROUP;
- return r;
- }
-
-
- r = cg_set_group_access(SYSTEMD_CGROUP_CONTROLLER, params->cgroup_path, 0755, uid, gid);
- if (r < 0) {
- *exit_status = EXIT_CGROUP;
- return r;
- }
- }
-
- if (!strv_isempty(context->runtime_directory) && params->runtime_prefix) {
- r = setup_runtime_directory(context, params, uid, gid);
- if (r < 0) {
- *exit_status = EXIT_RUNTIME_DIRECTORY;
- return r;
- }
- }
-
- r = build_environment(
- unit,
- context,
- params,
- n_fds,
- home,
- username,
- shell,
- journal_stream_dev,
- journal_stream_ino,
- &our_env);
- if (r < 0) {
- *exit_status = EXIT_MEMORY;
- return r;
- }
-
- r = build_pass_environment(context, &pass_env);
- if (r < 0) {
- *exit_status = EXIT_MEMORY;
- return r;
- }
-
- accum_env = strv_env_merge(5,
- params->environment,
- our_env,
- pass_env,
- context->environment,
- files_env,
- NULL);
- if (!accum_env) {
- *exit_status = EXIT_MEMORY;
- return -ENOMEM;
- }
- accum_env = strv_env_clean(accum_env);
-
- (void) umask(context->umask);
-
- if ((params->flags & EXEC_APPLY_PERMISSIONS) && !command->privileged) {
- if (context->pam_name && username) {
- r = setup_pam(context->pam_name, username, uid, gid, context->tty_path, &accum_env, fds, n_fds);
- if (r < 0) {
- *exit_status = EXIT_PAM;
- return r;
- }
- }
- }
-
- if (context->private_network && runtime && runtime->netns_storage_socket[0] >= 0) {
- r = setup_netns(runtime->netns_storage_socket);
- if (r < 0) {
- *exit_status = EXIT_NETWORK;
- return r;
- }
- }
-
- needs_mount_namespace = exec_needs_mount_namespace(context, params, runtime);
- if (needs_mount_namespace) {
- r = apply_mount_namespace(unit, context, params, runtime);
- if (r < 0) {
- *exit_status = EXIT_NAMESPACE;
- return r;
- }
- }
-
- /* Apply just after mount namespace setup */
- r = apply_working_directory(context, params, home, needs_mount_namespace);
- if (r < 0) {
- *exit_status = EXIT_CHROOT;
- return r;
- }
-
- /* Drop groups as early as possbile */
- if ((params->flags & EXEC_APPLY_PERMISSIONS) && !command->privileged) {
- r = enforce_groups(context, gid, supplementary_gids, ngids);
- if (r < 0) {
- *exit_status = EXIT_GROUP;
- return r;
- }
- }
-
-#ifdef HAVE_SELINUX
- if ((params->flags & EXEC_APPLY_PERMISSIONS) &&
- mac_selinux_use() &&
- params->selinux_context_net &&
- socket_fd >= 0 &&
- !command->privileged) {
-
- r = mac_selinux_get_child_mls_label(socket_fd, command->path, context->selinux_context, &mac_selinux_context_net);
- if (r < 0) {
- *exit_status = EXIT_SELINUX_CONTEXT;
- return r;
- }
- }
-#endif
-
- if ((params->flags & EXEC_APPLY_PERMISSIONS) && context->private_users) {
- r = setup_private_users(uid, gid);
- if (r < 0) {
- *exit_status = EXIT_USER;
- return r;
- }
- }
-
- /* We repeat the fd closing here, to make sure that
- * nothing is leaked from the PAM modules. Note that
- * we are more aggressive this time since socket_fd
- * and the netns fds we don't need anymore. The custom
- * endpoint fd was needed to upload the policy and can
- * now be closed as well. */
- r = close_all_fds(fds, n_fds);
- if (r >= 0)
- r = shift_fds(fds, n_fds);
- if (r >= 0)
- r = flags_fds(fds, n_fds, context->non_blocking);
- if (r < 0) {
- *exit_status = EXIT_FDS;
- return r;
- }
-
- if ((params->flags & EXEC_APPLY_PERMISSIONS) && !command->privileged) {
-
- int secure_bits = context->secure_bits;
-
- for (i = 0; i < _RLIMIT_MAX; i++) {
-
- if (!context->rlimit[i])
- continue;
-
- r = setrlimit_closest(i, context->rlimit[i]);
- if (r < 0) {
- *exit_status = EXIT_LIMITS;
- return r;
- }
- }
-
- /* Set the RTPRIO resource limit to 0, but only if nothing else was explicitly requested. */
- if (context->restrict_realtime && !context->rlimit[RLIMIT_RTPRIO]) {
- if (setrlimit(RLIMIT_RTPRIO, &RLIMIT_MAKE_CONST(0)) < 0) {
- *exit_status = EXIT_LIMITS;
- return -errno;
- }
- }
-
- if (!cap_test_all(context->capability_bounding_set)) {
- r = capability_bounding_set_drop(context->capability_bounding_set, false);
- if (r < 0) {
- *exit_status = EXIT_CAPABILITIES;
- return r;
- }
- }
-
- /* This is done before enforce_user, but ambient set
- * does not survive over setresuid() if keep_caps is not set. */
- if (context->capability_ambient_set != 0) {
- r = capability_ambient_set_apply(context->capability_ambient_set, true);
- if (r < 0) {
- *exit_status = EXIT_CAPABILITIES;
- return r;
- }
- }
-
- if (context->user) {
- r = enforce_user(context, uid);
- if (r < 0) {
- *exit_status = EXIT_USER;
- return r;
- }
- if (context->capability_ambient_set != 0) {
-
- /* Fix the ambient capabilities after user change. */
- r = capability_ambient_set_apply(context->capability_ambient_set, false);
- if (r < 0) {
- *exit_status = EXIT_CAPABILITIES;
- return r;
- }
-
- /* If we were asked to change user and ambient capabilities
- * were requested, we had to add keep-caps to the securebits
- * so that we would maintain the inherited capability set
- * through the setresuid(). Make sure that the bit is added
- * also to the context secure_bits so that we don't try to
- * drop the bit away next. */
-
- secure_bits |= 1<<SECURE_KEEP_CAPS;
- }
- }
-
- /* Apply the MAC contexts late, but before seccomp syscall filtering, as those should really be last to
- * influence our own codepaths as little as possible. Moreover, applying MAC contexts usually requires
- * syscalls that are subject to seccomp filtering, hence should probably be applied before the syscalls
- * are restricted. */
-
-#ifdef HAVE_SELINUX
- if (mac_selinux_use()) {
- char *exec_context = mac_selinux_context_net ?: context->selinux_context;
-
- if (exec_context) {
- r = setexeccon(exec_context);
- if (r < 0) {
- *exit_status = EXIT_SELINUX_CONTEXT;
- return r;
- }
- }
- }
-#endif
-
- r = setup_smack(context, command);
- if (r < 0) {
- *exit_status = EXIT_SMACK_PROCESS_LABEL;
- return r;
- }
-
-#ifdef HAVE_APPARMOR
- if (context->apparmor_profile && mac_apparmor_use()) {
- r = aa_change_onexec(context->apparmor_profile);
- if (r < 0 && !context->apparmor_profile_ignore) {
- *exit_status = EXIT_APPARMOR_PROFILE;
- return -errno;
- }
- }
-#endif
-
- /* PR_GET_SECUREBITS is not privileged, while
- * PR_SET_SECUREBITS is. So to suppress
- * potential EPERMs we'll try not to call
- * PR_SET_SECUREBITS unless necessary. */
- if (prctl(PR_GET_SECUREBITS) != secure_bits)
- if (prctl(PR_SET_SECUREBITS, secure_bits) < 0) {
- *exit_status = EXIT_SECUREBITS;
- return -errno;
- }
-
- if (context_has_no_new_privileges(context))
- if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0) < 0) {
- *exit_status = EXIT_NO_NEW_PRIVILEGES;
- return -errno;
- }
-
-#ifdef HAVE_SECCOMP
- if (context_has_address_families(context)) {
- r = apply_address_families(unit, context);
- if (r < 0) {
- *exit_status = EXIT_ADDRESS_FAMILIES;
- return r;
- }
- }
-
- if (context->memory_deny_write_execute) {
- r = apply_memory_deny_write_execute(unit, context);
- if (r < 0) {
- *exit_status = EXIT_SECCOMP;
- return r;
- }
- }
-
- if (context->restrict_realtime) {
- r = apply_restrict_realtime(unit, context);
- if (r < 0) {
- *exit_status = EXIT_SECCOMP;
- return r;
- }
- }
-
- if (context->protect_kernel_tunables) {
- r = apply_protect_sysctl(unit, context);
- if (r < 0) {
- *exit_status = EXIT_SECCOMP;
- return r;
- }
- }
-
- if (context->protect_kernel_modules) {
- r = apply_protect_kernel_modules(unit, context);
- if (r < 0) {
- *exit_status = EXIT_SECCOMP;
- return r;
- }
- }
-
- if (context->private_devices) {
- r = apply_private_devices(unit, context);
- if (r < 0) {
- *exit_status = EXIT_SECCOMP;
- return r;
- }
- }
-
- /* This really should remain the last step before the execve(), to make sure our own code is unaffected
- * by the filter as little as possible. */
- if (context_has_syscall_filters(context)) {
- r = apply_seccomp(unit, context);
- if (r < 0) {
- *exit_status = EXIT_SECCOMP;
- return r;
- }
- }
-#endif
- }
-
- final_argv = replace_env_argv(argv, accum_env);
- if (!final_argv) {
- *exit_status = EXIT_MEMORY;
- return -ENOMEM;
- }
-
- if (_unlikely_(log_get_max_level() >= LOG_DEBUG)) {
- _cleanup_free_ char *line;
-
- line = exec_command_line(final_argv);
- if (line) {
- log_open();
- log_struct(LOG_DEBUG,
- LOG_UNIT_ID(unit),
- "EXECUTABLE=%s", command->path,
- LOG_UNIT_MESSAGE(unit, "Executing: %s", line),
- NULL);
- log_close();
- }
- }
-
- execve(command->path, final_argv, accum_env);
- *exit_status = EXIT_EXEC;
- return -errno;
-}
-
-int exec_spawn(Unit *unit,
- ExecCommand *command,
- const ExecContext *context,
- const ExecParameters *params,
- ExecRuntime *runtime,
- DynamicCreds *dcreds,
- pid_t *ret) {
-
- _cleanup_strv_free_ char **files_env = NULL;
- int *fds = NULL; unsigned n_fds = 0;
- _cleanup_free_ char *line = NULL;
- int socket_fd, r;
- int named_iofds[3] = { -1, -1, -1 };
- char **argv;
- pid_t pid;
-
- assert(unit);
- assert(command);
- assert(context);
- assert(ret);
- assert(params);
- assert(params->fds || params->n_fds <= 0);
-
- if (context->std_input == EXEC_INPUT_SOCKET ||
- context->std_output == EXEC_OUTPUT_SOCKET ||
- context->std_error == EXEC_OUTPUT_SOCKET) {
-
- if (params->n_fds != 1) {
- log_unit_error(unit, "Got more than one socket.");
- return -EINVAL;
- }
-
- socket_fd = params->fds[0];
- } else {
- socket_fd = -1;
- fds = params->fds;
- n_fds = params->n_fds;
- }
-
- r = exec_context_named_iofds(unit, context, params, named_iofds);
- if (r < 0)
- return log_unit_error_errno(unit, r, "Failed to load a named file descriptor: %m");
-
- r = exec_context_load_environment(unit, context, &files_env);
- if (r < 0)
- return log_unit_error_errno(unit, r, "Failed to load environment files: %m");
-
- argv = params->argv ?: command->argv;
- line = exec_command_line(argv);
- if (!line)
- return log_oom();
-
- log_struct(LOG_DEBUG,
- LOG_UNIT_ID(unit),
- LOG_UNIT_MESSAGE(unit, "About to execute: %s", line),
- "EXECUTABLE=%s", command->path,
- NULL);
- pid = fork();
- if (pid < 0)
- return log_unit_error_errno(unit, errno, "Failed to fork: %m");
-
- if (pid == 0) {
- int exit_status;
-
- r = exec_child(unit,
- command,
- context,
- params,
- runtime,
- dcreds,
- argv,
- socket_fd,
- named_iofds,
- fds, n_fds,
- files_env,
- unit->manager->user_lookup_fds[1],
- &exit_status);
- if (r < 0) {
- log_open();
- log_struct_errno(LOG_ERR, r,
- LOG_MESSAGE_ID(SD_MESSAGE_SPAWN_FAILED),
- LOG_UNIT_ID(unit),
- LOG_UNIT_MESSAGE(unit, "Failed at step %s spawning %s: %m",
- exit_status_to_string(exit_status, EXIT_STATUS_SYSTEMD),
- command->path),
- "EXECUTABLE=%s", command->path,
- NULL);
- }
-
- _exit(exit_status);
- }
-
- log_unit_debug(unit, "Forked %s as "PID_FMT, command->path, pid);
-
- /* We add the new process to the cgroup both in the child (so
- * that we can be sure that no user code is ever executed
- * outside of the cgroup) and in the parent (so that we can be
- * sure that when we kill the cgroup the process will be
- * killed too). */
- if (params->cgroup_path)
- (void) cg_attach(SYSTEMD_CGROUP_CONTROLLER, params->cgroup_path, pid);
-
- exec_status_start(&command->exec_status, pid);
-
- *ret = pid;
- return 0;
-}
-
-void exec_context_init(ExecContext *c) {
- assert(c);
-
- c->umask = 0022;
- c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_CLASS_BE, 0);
- c->cpu_sched_policy = SCHED_OTHER;
- c->syslog_priority = LOG_DAEMON|LOG_INFO;
- c->syslog_level_prefix = true;
- c->ignore_sigpipe = true;
- c->timer_slack_nsec = NSEC_INFINITY;
- c->personality = PERSONALITY_INVALID;
- c->runtime_directory_mode = 0755;
- c->capability_bounding_set = CAP_ALL;
-}
-
-void exec_context_done(ExecContext *c) {
- unsigned l;
-
- assert(c);
-
- c->environment = strv_free(c->environment);
- c->environment_files = strv_free(c->environment_files);
- c->pass_environment = strv_free(c->pass_environment);
-
- for (l = 0; l < ELEMENTSOF(c->rlimit); l++)
- c->rlimit[l] = mfree(c->rlimit[l]);
-
- for (l = 0; l < 3; l++)
- c->stdio_fdname[l] = mfree(c->stdio_fdname[l]);
-
- c->working_directory = mfree(c->working_directory);
- c->root_directory = mfree(c->root_directory);
- c->tty_path = mfree(c->tty_path);
- c->syslog_identifier = mfree(c->syslog_identifier);
- c->user = mfree(c->user);
- c->group = mfree(c->group);
-
- c->supplementary_groups = strv_free(c->supplementary_groups);
-
- c->pam_name = mfree(c->pam_name);
-
- c->read_only_paths = strv_free(c->read_only_paths);
- c->read_write_paths = strv_free(c->read_write_paths);
- c->inaccessible_paths = strv_free(c->inaccessible_paths);
-
- if (c->cpuset)
- CPU_FREE(c->cpuset);
-
- c->utmp_id = mfree(c->utmp_id);
- c->selinux_context = mfree(c->selinux_context);
- c->apparmor_profile = mfree(c->apparmor_profile);
-
- c->syscall_filter = set_free(c->syscall_filter);
- c->syscall_archs = set_free(c->syscall_archs);
- c->address_families = set_free(c->address_families);
-
- c->runtime_directory = strv_free(c->runtime_directory);
-}
-
-int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_prefix) {
- char **i;
-
- assert(c);
-
- if (!runtime_prefix)
- return 0;
-
- STRV_FOREACH(i, c->runtime_directory) {
- _cleanup_free_ char *p;
-
- p = strjoin(runtime_prefix, "/", *i, NULL);
- if (!p)
- return -ENOMEM;
-
- /* We execute this synchronously, since we need to be
- * sure this is gone when we start the service
- * next. */
- (void) rm_rf(p, REMOVE_ROOT);
- }
-
- return 0;
-}
-
-void exec_command_done(ExecCommand *c) {
- assert(c);
-
- c->path = mfree(c->path);
-
- c->argv = strv_free(c->argv);
-}
-
-void exec_command_done_array(ExecCommand *c, unsigned n) {
- unsigned i;
-
- for (i = 0; i < n; i++)
- exec_command_done(c+i);
-}
-
-ExecCommand* exec_command_free_list(ExecCommand *c) {
- ExecCommand *i;
-
- while ((i = c)) {
- LIST_REMOVE(command, c, i);
- exec_command_done(i);
- free(i);
- }
-
- return NULL;
-}
-
-void exec_command_free_array(ExecCommand **c, unsigned n) {
- unsigned i;
-
- for (i = 0; i < n; i++)
- c[i] = exec_command_free_list(c[i]);
-}
-
-typedef struct InvalidEnvInfo {
- Unit *unit;
- const char *path;
-} InvalidEnvInfo;
-
-static void invalid_env(const char *p, void *userdata) {
- InvalidEnvInfo *info = userdata;
-
- log_unit_error(info->unit, "Ignoring invalid environment assignment '%s': %s", p, info->path);
-}
-
-const char* exec_context_fdname(const ExecContext *c, int fd_index) {
- assert(c);
-
- switch (fd_index) {
- case STDIN_FILENO:
- if (c->std_input != EXEC_INPUT_NAMED_FD)
- return NULL;
- return c->stdio_fdname[STDIN_FILENO] ?: "stdin";
- case STDOUT_FILENO:
- if (c->std_output != EXEC_OUTPUT_NAMED_FD)
- return NULL;
- return c->stdio_fdname[STDOUT_FILENO] ?: "stdout";
- case STDERR_FILENO:
- if (c->std_error != EXEC_OUTPUT_NAMED_FD)
- return NULL;
- return c->stdio_fdname[STDERR_FILENO] ?: "stderr";
- default:
- return NULL;
- }
-}
-
-int exec_context_named_iofds(Unit *unit, const ExecContext *c, const ExecParameters *p, int named_iofds[3]) {
- unsigned i, targets;
- const char *stdio_fdname[3];
-
- assert(c);
- assert(p);
-
- targets = (c->std_input == EXEC_INPUT_NAMED_FD) +
- (c->std_output == EXEC_OUTPUT_NAMED_FD) +
- (c->std_error == EXEC_OUTPUT_NAMED_FD);
-
- for (i = 0; i < 3; i++)
- stdio_fdname[i] = exec_context_fdname(c, i);
-
- for (i = 0; i < p->n_fds && targets > 0; i++)
- if (named_iofds[STDIN_FILENO] < 0 && c->std_input == EXEC_INPUT_NAMED_FD && stdio_fdname[STDIN_FILENO] && streq(p->fd_names[i], stdio_fdname[STDIN_FILENO])) {
- named_iofds[STDIN_FILENO] = p->fds[i];
- targets--;
- } else if (named_iofds[STDOUT_FILENO] < 0 && c->std_output == EXEC_OUTPUT_NAMED_FD && stdio_fdname[STDOUT_FILENO] && streq(p->fd_names[i], stdio_fdname[STDOUT_FILENO])) {
- named_iofds[STDOUT_FILENO] = p->fds[i];
- targets--;
- } else if (named_iofds[STDERR_FILENO] < 0 && c->std_error == EXEC_OUTPUT_NAMED_FD && stdio_fdname[STDERR_FILENO] && streq(p->fd_names[i], stdio_fdname[STDERR_FILENO])) {
- named_iofds[STDERR_FILENO] = p->fds[i];
- targets--;
- }
-
- return (targets == 0 ? 0 : -ENOENT);
-}
-
-int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l) {
- char **i, **r = NULL;
-
- assert(c);
- assert(l);
-
- STRV_FOREACH(i, c->environment_files) {
- char *fn;
- int k;
- bool ignore = false;
- char **p;
- _cleanup_globfree_ glob_t pglob = {};
- int count, n;
-
- fn = *i;
-
- if (fn[0] == '-') {
- ignore = true;
- fn++;
- }
-
- if (!path_is_absolute(fn)) {
- if (ignore)
- continue;
-
- strv_free(r);
- return -EINVAL;
- }
-
- /* Filename supports globbing, take all matching files */
- errno = 0;
- if (glob(fn, 0, NULL, &pglob) != 0) {
- if (ignore)
- continue;
-
- strv_free(r);
- return errno > 0 ? -errno : -EINVAL;
- }
- count = pglob.gl_pathc;
- if (count == 0) {
- if (ignore)
- continue;
-
- strv_free(r);
- return -EINVAL;
- }
- for (n = 0; n < count; n++) {
- k = load_env_file(NULL, pglob.gl_pathv[n], NULL, &p);
- if (k < 0) {
- if (ignore)
- continue;
-
- strv_free(r);
- return k;
- }
- /* Log invalid environment variables with filename */
- if (p) {
- InvalidEnvInfo info = {
- .unit = unit,
- .path = pglob.gl_pathv[n]
- };
-
- p = strv_env_clean_with_callback(p, invalid_env, &info);
- }
-
- if (r == NULL)
- r = p;
- else {
- char **m;
-
- m = strv_env_merge(2, r, p);
- strv_free(r);
- strv_free(p);
- if (!m)
- return -ENOMEM;
-
- r = m;
- }
- }
- }
-
- *l = r;
-
- return 0;
-}
-
-static bool tty_may_match_dev_console(const char *tty) {
- _cleanup_free_ char *active = NULL;
- char *console;
-
- if (!tty)
- return true;
-
- if (startswith(tty, "/dev/"))
- tty += 5;
-
- /* trivial identity? */
- if (streq(tty, "console"))
- return true;
-
- console = resolve_dev_console(&active);
- /* if we could not resolve, assume it may */
- if (!console)
- return true;
-
- /* "tty0" means the active VC, so it may be the same sometimes */
- return streq(console, tty) || (streq(console, "tty0") && tty_is_vc(tty));
-}
-
-bool exec_context_may_touch_console(ExecContext *ec) {
-
- return (ec->tty_reset ||
- ec->tty_vhangup ||
- ec->tty_vt_disallocate ||
- is_terminal_input(ec->std_input) ||
- is_terminal_output(ec->std_output) ||
- is_terminal_output(ec->std_error)) &&
- tty_may_match_dev_console(exec_context_tty_path(ec));
-}
-
-static void strv_fprintf(FILE *f, char **l) {
- char **g;
-
- assert(f);
-
- STRV_FOREACH(g, l)
- fprintf(f, " %s", *g);
-}
-
-void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
- char **e, **d;
- unsigned i;
-
- assert(c);
- assert(f);
-
- prefix = strempty(prefix);
-
- fprintf(f,
- "%sUMask: %04o\n"
- "%sWorkingDirectory: %s\n"
- "%sRootDirectory: %s\n"
- "%sNonBlocking: %s\n"
- "%sPrivateTmp: %s\n"
- "%sPrivateDevices: %s\n"
- "%sProtectKernelTunables: %s\n"
- "%sProtectKernelModules: %s\n"
- "%sProtectControlGroups: %s\n"
- "%sPrivateNetwork: %s\n"
- "%sPrivateUsers: %s\n"
- "%sProtectHome: %s\n"
- "%sProtectSystem: %s\n"
- "%sIgnoreSIGPIPE: %s\n"
- "%sMemoryDenyWriteExecute: %s\n"
- "%sRestrictRealtime: %s\n",
- prefix, c->umask,
- prefix, c->working_directory ? c->working_directory : "/",
- prefix, c->root_directory ? c->root_directory : "/",
- prefix, yes_no(c->non_blocking),
- prefix, yes_no(c->private_tmp),
- prefix, yes_no(c->private_devices),
- prefix, yes_no(c->protect_kernel_tunables),
- prefix, yes_no(c->protect_kernel_modules),
- prefix, yes_no(c->protect_control_groups),
- prefix, yes_no(c->private_network),
- prefix, yes_no(c->private_users),
- prefix, protect_home_to_string(c->protect_home),
- prefix, protect_system_to_string(c->protect_system),
- prefix, yes_no(c->ignore_sigpipe),
- prefix, yes_no(c->memory_deny_write_execute),
- prefix, yes_no(c->restrict_realtime));
-
- STRV_FOREACH(e, c->environment)
- fprintf(f, "%sEnvironment: %s\n", prefix, *e);
-
- STRV_FOREACH(e, c->environment_files)
- fprintf(f, "%sEnvironmentFile: %s\n", prefix, *e);
-
- STRV_FOREACH(e, c->pass_environment)
- fprintf(f, "%sPassEnvironment: %s\n", prefix, *e);
-
- fprintf(f, "%sRuntimeDirectoryMode: %04o\n", prefix, c->runtime_directory_mode);
-
- STRV_FOREACH(d, c->runtime_directory)
- fprintf(f, "%sRuntimeDirectory: %s\n", prefix, *d);
-
- if (c->nice_set)
- fprintf(f,
- "%sNice: %i\n",
- prefix, c->nice);
-
- if (c->oom_score_adjust_set)
- fprintf(f,
- "%sOOMScoreAdjust: %i\n",
- prefix, c->oom_score_adjust);
-
- for (i = 0; i < RLIM_NLIMITS; i++)
- if (c->rlimit[i]) {
- fprintf(f, "%s%s: " RLIM_FMT "\n",
- prefix, rlimit_to_string(i), c->rlimit[i]->rlim_max);
- fprintf(f, "%s%sSoft: " RLIM_FMT "\n",
- prefix, rlimit_to_string(i), c->rlimit[i]->rlim_cur);
- }
-
- if (c->ioprio_set) {
- _cleanup_free_ char *class_str = NULL;
-
- ioprio_class_to_string_alloc(IOPRIO_PRIO_CLASS(c->ioprio), &class_str);
- fprintf(f,
- "%sIOSchedulingClass: %s\n"
- "%sIOPriority: %i\n",
- prefix, strna(class_str),
- prefix, (int) IOPRIO_PRIO_DATA(c->ioprio));
- }
-
- if (c->cpu_sched_set) {
- _cleanup_free_ char *policy_str = NULL;
-
- sched_policy_to_string_alloc(c->cpu_sched_policy, &policy_str);
- fprintf(f,
- "%sCPUSchedulingPolicy: %s\n"
- "%sCPUSchedulingPriority: %i\n"
- "%sCPUSchedulingResetOnFork: %s\n",
- prefix, strna(policy_str),
- prefix, c->cpu_sched_priority,
- prefix, yes_no(c->cpu_sched_reset_on_fork));
- }
-
- if (c->cpuset) {
- fprintf(f, "%sCPUAffinity:", prefix);
- for (i = 0; i < c->cpuset_ncpus; i++)
- if (CPU_ISSET_S(i, CPU_ALLOC_SIZE(c->cpuset_ncpus), c->cpuset))
- fprintf(f, " %u", i);
- fputs("\n", f);
- }
-
- if (c->timer_slack_nsec != NSEC_INFINITY)
- fprintf(f, "%sTimerSlackNSec: "NSEC_FMT "\n", prefix, c->timer_slack_nsec);
-
- fprintf(f,
- "%sStandardInput: %s\n"
- "%sStandardOutput: %s\n"
- "%sStandardError: %s\n",
- prefix, exec_input_to_string(c->std_input),
- prefix, exec_output_to_string(c->std_output),
- prefix, exec_output_to_string(c->std_error));
-
- if (c->tty_path)
- fprintf(f,
- "%sTTYPath: %s\n"
- "%sTTYReset: %s\n"
- "%sTTYVHangup: %s\n"
- "%sTTYVTDisallocate: %s\n",
- prefix, c->tty_path,
- prefix, yes_no(c->tty_reset),
- prefix, yes_no(c->tty_vhangup),
- prefix, yes_no(c->tty_vt_disallocate));
-
- if (c->std_output == EXEC_OUTPUT_SYSLOG ||
- c->std_output == EXEC_OUTPUT_KMSG ||
- c->std_output == EXEC_OUTPUT_JOURNAL ||
- c->std_output == EXEC_OUTPUT_SYSLOG_AND_CONSOLE ||
- c->std_output == EXEC_OUTPUT_KMSG_AND_CONSOLE ||
- c->std_output == EXEC_OUTPUT_JOURNAL_AND_CONSOLE ||
- c->std_error == EXEC_OUTPUT_SYSLOG ||
- c->std_error == EXEC_OUTPUT_KMSG ||
- c->std_error == EXEC_OUTPUT_JOURNAL ||
- c->std_error == EXEC_OUTPUT_SYSLOG_AND_CONSOLE ||
- c->std_error == EXEC_OUTPUT_KMSG_AND_CONSOLE ||
- c->std_error == EXEC_OUTPUT_JOURNAL_AND_CONSOLE) {
-
- _cleanup_free_ char *fac_str = NULL, *lvl_str = NULL;
-
- log_facility_unshifted_to_string_alloc(c->syslog_priority >> 3, &fac_str);
- log_level_to_string_alloc(LOG_PRI(c->syslog_priority), &lvl_str);
-
- fprintf(f,
- "%sSyslogFacility: %s\n"
- "%sSyslogLevel: %s\n",
- prefix, strna(fac_str),
- prefix, strna(lvl_str));
- }
-
- if (c->secure_bits)
- fprintf(f, "%sSecure Bits:%s%s%s%s%s%s\n",
- prefix,
- (c->secure_bits & 1<<SECURE_KEEP_CAPS) ? " keep-caps" : "",
- (c->secure_bits & 1<<SECURE_KEEP_CAPS_LOCKED) ? " keep-caps-locked" : "",
- (c->secure_bits & 1<<SECURE_NO_SETUID_FIXUP) ? " no-setuid-fixup" : "",
- (c->secure_bits & 1<<SECURE_NO_SETUID_FIXUP_LOCKED) ? " no-setuid-fixup-locked" : "",
- (c->secure_bits & 1<<SECURE_NOROOT) ? " noroot" : "",
- (c->secure_bits & 1<<SECURE_NOROOT_LOCKED) ? "noroot-locked" : "");
-
- if (c->capability_bounding_set != CAP_ALL) {
- unsigned long l;
- fprintf(f, "%sCapabilityBoundingSet:", prefix);
-
- for (l = 0; l <= cap_last_cap(); l++)
- if (c->capability_bounding_set & (UINT64_C(1) << l))
- fprintf(f, " %s", strna(capability_to_name(l)));
-
- fputs("\n", f);
- }
-
- if (c->capability_ambient_set != 0) {
- unsigned long l;
- fprintf(f, "%sAmbientCapabilities:", prefix);
-
- for (l = 0; l <= cap_last_cap(); l++)
- if (c->capability_ambient_set & (UINT64_C(1) << l))
- fprintf(f, " %s", strna(capability_to_name(l)));
-
- fputs("\n", f);
- }
-
- if (c->user)
- fprintf(f, "%sUser: %s\n", prefix, c->user);
- if (c->group)
- fprintf(f, "%sGroup: %s\n", prefix, c->group);
-
- fprintf(f, "%sDynamicUser: %s\n", prefix, yes_no(c->dynamic_user));
-
- if (strv_length(c->supplementary_groups) > 0) {
- fprintf(f, "%sSupplementaryGroups:", prefix);
- strv_fprintf(f, c->supplementary_groups);
- fputs("\n", f);
- }
-
- if (c->pam_name)
- fprintf(f, "%sPAMName: %s\n", prefix, c->pam_name);
-
- if (strv_length(c->read_write_paths) > 0) {
- fprintf(f, "%sReadWritePaths:", prefix);
- strv_fprintf(f, c->read_write_paths);
- fputs("\n", f);
- }
-
- if (strv_length(c->read_only_paths) > 0) {
- fprintf(f, "%sReadOnlyPaths:", prefix);
- strv_fprintf(f, c->read_only_paths);
- fputs("\n", f);
- }
-
- if (strv_length(c->inaccessible_paths) > 0) {
- fprintf(f, "%sInaccessiblePaths:", prefix);
- strv_fprintf(f, c->inaccessible_paths);
- fputs("\n", f);
- }
-
- if (c->utmp_id)
- fprintf(f,
- "%sUtmpIdentifier: %s\n",
- prefix, c->utmp_id);
-
- if (c->selinux_context)
- fprintf(f,
- "%sSELinuxContext: %s%s\n",
- prefix, c->selinux_context_ignore ? "-" : "", c->selinux_context);
-
- if (c->personality != PERSONALITY_INVALID)
- fprintf(f,
- "%sPersonality: %s\n",
- prefix, strna(personality_to_string(c->personality)));
-
- if (c->syscall_filter) {
-#ifdef HAVE_SECCOMP
- Iterator j;
- void *id;
- bool first = true;
-#endif
-
- fprintf(f,
- "%sSystemCallFilter: ",
- prefix);
-
- if (!c->syscall_whitelist)
- fputc('~', f);
-
-#ifdef HAVE_SECCOMP
- SET_FOREACH(id, c->syscall_filter, j) {
- _cleanup_free_ char *name = NULL;
-
- if (first)
- first = false;
- else
- fputc(' ', f);
-
- name = seccomp_syscall_resolve_num_arch(SCMP_ARCH_NATIVE, PTR_TO_INT(id) - 1);
- fputs(strna(name), f);
- }
-#endif
-
- fputc('\n', f);
- }
-
- if (c->syscall_archs) {
-#ifdef HAVE_SECCOMP
- Iterator j;
- void *id;
-#endif
-
- fprintf(f,
- "%sSystemCallArchitectures:",
- prefix);
-
-#ifdef HAVE_SECCOMP
- SET_FOREACH(id, c->syscall_archs, j)
- fprintf(f, " %s", strna(seccomp_arch_to_string(PTR_TO_UINT32(id) - 1)));
-#endif
- fputc('\n', f);
- }
-
- if (c->syscall_errno > 0)
- fprintf(f,
- "%sSystemCallErrorNumber: %s\n",
- prefix, strna(errno_to_name(c->syscall_errno)));
-
- if (c->apparmor_profile)
- fprintf(f,
- "%sAppArmorProfile: %s%s\n",
- prefix, c->apparmor_profile_ignore ? "-" : "", c->apparmor_profile);
-}
-
-bool exec_context_maintains_privileges(ExecContext *c) {
- assert(c);
-
- /* Returns true if the process forked off would run under
- * an unchanged UID or as root. */
-
- if (!c->user)
- return true;
-
- if (streq(c->user, "root") || streq(c->user, "0"))
- return true;
-
- return false;
-}
-
-void exec_status_start(ExecStatus *s, pid_t pid) {
- assert(s);
-
- zero(*s);
- s->pid = pid;
- dual_timestamp_get(&s->start_timestamp);
-}
-
-void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status) {
- assert(s);
-
- if (s->pid && s->pid != pid)
- zero(*s);
-
- s->pid = pid;
- dual_timestamp_get(&s->exit_timestamp);
-
- s->code = code;
- s->status = status;
-
- if (context) {
- if (context->utmp_id)
- utmp_put_dead_process(context->utmp_id, pid, code, status);
-
- exec_context_tty_reset(context, NULL);
- }
-}
-
-void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix) {
- char buf[FORMAT_TIMESTAMP_MAX];
-
- assert(s);
- assert(f);
-
- if (s->pid <= 0)
- return;
-
- prefix = strempty(prefix);
-
- fprintf(f,
- "%sPID: "PID_FMT"\n",
- prefix, s->pid);
-
- if (dual_timestamp_is_set(&s->start_timestamp))
- fprintf(f,
- "%sStart Timestamp: %s\n",
- prefix, format_timestamp(buf, sizeof(buf), s->start_timestamp.realtime));
-
- if (dual_timestamp_is_set(&s->exit_timestamp))
- fprintf(f,
- "%sExit Timestamp: %s\n"
- "%sExit Code: %s\n"
- "%sExit Status: %i\n",
- prefix, format_timestamp(buf, sizeof(buf), s->exit_timestamp.realtime),
- prefix, sigchld_code_to_string(s->code),
- prefix, s->status);
-}
-
-char *exec_command_line(char **argv) {
- size_t k;
- char *n, *p, **a;
- bool first = true;
-
- assert(argv);
-
- k = 1;
- STRV_FOREACH(a, argv)
- k += strlen(*a)+3;
-
- n = new(char, k);
- if (!n)
- return NULL;
-
- p = n;
- STRV_FOREACH(a, argv) {
-
- if (!first)
- *(p++) = ' ';
- else
- first = false;
-
- if (strpbrk(*a, WHITESPACE)) {
- *(p++) = '\'';
- p = stpcpy(p, *a);
- *(p++) = '\'';
- } else
- p = stpcpy(p, *a);
-
- }
-
- *p = 0;
-
- /* FIXME: this doesn't really handle arguments that have
- * spaces and ticks in them */
-
- return n;
-}
-
-void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix) {
- _cleanup_free_ char *cmd = NULL;
- const char *prefix2;
-
- assert(c);
- assert(f);
-
- prefix = strempty(prefix);
- prefix2 = strjoina(prefix, "\t");
-
- cmd = exec_command_line(c->argv);
- fprintf(f,
- "%sCommand Line: %s\n",
- prefix, cmd ? cmd : strerror(ENOMEM));
-
- exec_status_dump(&c->exec_status, f, prefix2);
-}
-
-void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix) {
- assert(f);
-
- prefix = strempty(prefix);
-
- LIST_FOREACH(command, c, c)
- exec_command_dump(c, f, prefix);
-}
-
-void exec_command_append_list(ExecCommand **l, ExecCommand *e) {
- ExecCommand *end;
-
- assert(l);
- assert(e);
-
- if (*l) {
- /* It's kind of important, that we keep the order here */
- LIST_FIND_TAIL(command, *l, end);
- LIST_INSERT_AFTER(command, *l, end, e);
- } else
- *l = e;
-}
-
-int exec_command_set(ExecCommand *c, const char *path, ...) {
- va_list ap;
- char **l, *p;
-
- assert(c);
- assert(path);
-
- va_start(ap, path);
- l = strv_new_ap(path, ap);
- va_end(ap);
-
- if (!l)
- return -ENOMEM;
-
- p = strdup(path);
- if (!p) {
- strv_free(l);
- return -ENOMEM;
- }
-
- free(c->path);
- c->path = p;
-
- strv_free(c->argv);
- c->argv = l;
-
- return 0;
-}
-
-int exec_command_append(ExecCommand *c, const char *path, ...) {
- _cleanup_strv_free_ char **l = NULL;
- va_list ap;
- int r;
-
- assert(c);
- assert(path);
-
- va_start(ap, path);
- l = strv_new_ap(path, ap);
- va_end(ap);
-
- if (!l)
- return -ENOMEM;
-
- r = strv_extend_strv(&c->argv, l, false);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-
-static int exec_runtime_allocate(ExecRuntime **rt) {
-
- if (*rt)
- return 0;
-
- *rt = new0(ExecRuntime, 1);
- if (!*rt)
- return -ENOMEM;
-
- (*rt)->n_ref = 1;
- (*rt)->netns_storage_socket[0] = (*rt)->netns_storage_socket[1] = -1;
-
- return 0;
-}
-
-int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id) {
- int r;
-
- assert(rt);
- assert(c);
- assert(id);
-
- if (*rt)
- return 1;
-
- if (!c->private_network && !c->private_tmp)
- return 0;
-
- r = exec_runtime_allocate(rt);
- if (r < 0)
- return r;
-
- if (c->private_network && (*rt)->netns_storage_socket[0] < 0) {
- if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, (*rt)->netns_storage_socket) < 0)
- return -errno;
- }
-
- if (c->private_tmp && !(*rt)->tmp_dir) {
- r = setup_tmp_dirs(id, &(*rt)->tmp_dir, &(*rt)->var_tmp_dir);
- if (r < 0)
- return r;
- }
-
- return 1;
-}
-
-ExecRuntime *exec_runtime_ref(ExecRuntime *r) {
- assert(r);
- assert(r->n_ref > 0);
-
- r->n_ref++;
- return r;
-}
-
-ExecRuntime *exec_runtime_unref(ExecRuntime *r) {
-
- if (!r)
- return NULL;
-
- assert(r->n_ref > 0);
-
- r->n_ref--;
- if (r->n_ref > 0)
- return NULL;
-
- free(r->tmp_dir);
- free(r->var_tmp_dir);
- safe_close_pair(r->netns_storage_socket);
- return mfree(r);
-}
-
-int exec_runtime_serialize(Unit *u, ExecRuntime *rt, FILE *f, FDSet *fds) {
- assert(u);
- assert(f);
- assert(fds);
-
- if (!rt)
- return 0;
-
- if (rt->tmp_dir)
- unit_serialize_item(u, f, "tmp-dir", rt->tmp_dir);
-
- if (rt->var_tmp_dir)
- unit_serialize_item(u, f, "var-tmp-dir", rt->var_tmp_dir);
-
- if (rt->netns_storage_socket[0] >= 0) {
- int copy;
-
- copy = fdset_put_dup(fds, rt->netns_storage_socket[0]);
- if (copy < 0)
- return copy;
-
- unit_serialize_item_format(u, f, "netns-socket-0", "%i", copy);
- }
-
- if (rt->netns_storage_socket[1] >= 0) {
- int copy;
-
- copy = fdset_put_dup(fds, rt->netns_storage_socket[1]);
- if (copy < 0)
- return copy;
-
- unit_serialize_item_format(u, f, "netns-socket-1", "%i", copy);
- }
-
- return 0;
-}
-
-int exec_runtime_deserialize_item(Unit *u, ExecRuntime **rt, const char *key, const char *value, FDSet *fds) {
- int r;
-
- assert(rt);
- assert(key);
- assert(value);
-
- if (streq(key, "tmp-dir")) {
- char *copy;
-
- r = exec_runtime_allocate(rt);
- if (r < 0)
- return log_oom();
-
- copy = strdup(value);
- if (!copy)
- return log_oom();
-
- free((*rt)->tmp_dir);
- (*rt)->tmp_dir = copy;
-
- } else if (streq(key, "var-tmp-dir")) {
- char *copy;
-
- r = exec_runtime_allocate(rt);
- if (r < 0)
- return log_oom();
-
- copy = strdup(value);
- if (!copy)
- return log_oom();
-
- free((*rt)->var_tmp_dir);
- (*rt)->var_tmp_dir = copy;
-
- } else if (streq(key, "netns-socket-0")) {
- int fd;
-
- r = exec_runtime_allocate(rt);
- if (r < 0)
- return log_oom();
-
- if (safe_atoi(value, &fd) < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse netns socket value: %s", value);
- else {
- safe_close((*rt)->netns_storage_socket[0]);
- (*rt)->netns_storage_socket[0] = fdset_remove(fds, fd);
- }
- } else if (streq(key, "netns-socket-1")) {
- int fd;
-
- r = exec_runtime_allocate(rt);
- if (r < 0)
- return log_oom();
-
- if (safe_atoi(value, &fd) < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse netns socket value: %s", value);
- else {
- safe_close((*rt)->netns_storage_socket[1]);
- (*rt)->netns_storage_socket[1] = fdset_remove(fds, fd);
- }
- } else
- return 0;
-
- return 1;
-}
-
-static void *remove_tmpdir_thread(void *p) {
- _cleanup_free_ char *path = p;
-
- (void) rm_rf(path, REMOVE_ROOT|REMOVE_PHYSICAL);
- return NULL;
-}
-
-void exec_runtime_destroy(ExecRuntime *rt) {
- int r;
-
- if (!rt)
- return;
-
- /* If there are multiple users of this, let's leave the stuff around */
- if (rt->n_ref > 1)
- return;
-
- if (rt->tmp_dir) {
- log_debug("Spawning thread to nuke %s", rt->tmp_dir);
-
- r = asynchronous_job(remove_tmpdir_thread, rt->tmp_dir);
- if (r < 0) {
- log_warning_errno(r, "Failed to nuke %s: %m", rt->tmp_dir);
- free(rt->tmp_dir);
- }
-
- rt->tmp_dir = NULL;
- }
-
- if (rt->var_tmp_dir) {
- log_debug("Spawning thread to nuke %s", rt->var_tmp_dir);
-
- r = asynchronous_job(remove_tmpdir_thread, rt->var_tmp_dir);
- if (r < 0) {
- log_warning_errno(r, "Failed to nuke %s: %m", rt->var_tmp_dir);
- free(rt->var_tmp_dir);
- }
-
- rt->var_tmp_dir = NULL;
- }
-
- safe_close_pair(rt->netns_storage_socket);
-}
-
-static const char* const exec_input_table[_EXEC_INPUT_MAX] = {
- [EXEC_INPUT_NULL] = "null",
- [EXEC_INPUT_TTY] = "tty",
- [EXEC_INPUT_TTY_FORCE] = "tty-force",
- [EXEC_INPUT_TTY_FAIL] = "tty-fail",
- [EXEC_INPUT_SOCKET] = "socket",
- [EXEC_INPUT_NAMED_FD] = "fd",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(exec_input, ExecInput);
-
-static const char* const exec_output_table[_EXEC_OUTPUT_MAX] = {
- [EXEC_OUTPUT_INHERIT] = "inherit",
- [EXEC_OUTPUT_NULL] = "null",
- [EXEC_OUTPUT_TTY] = "tty",
- [EXEC_OUTPUT_SYSLOG] = "syslog",
- [EXEC_OUTPUT_SYSLOG_AND_CONSOLE] = "syslog+console",
- [EXEC_OUTPUT_KMSG] = "kmsg",
- [EXEC_OUTPUT_KMSG_AND_CONSOLE] = "kmsg+console",
- [EXEC_OUTPUT_JOURNAL] = "journal",
- [EXEC_OUTPUT_JOURNAL_AND_CONSOLE] = "journal+console",
- [EXEC_OUTPUT_SOCKET] = "socket",
- [EXEC_OUTPUT_NAMED_FD] = "fd",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(exec_output, ExecOutput);
-
-static const char* const exec_utmp_mode_table[_EXEC_UTMP_MODE_MAX] = {
- [EXEC_UTMP_INIT] = "init",
- [EXEC_UTMP_LOGIN] = "login",
- [EXEC_UTMP_USER] = "user",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(exec_utmp_mode, ExecUtmpMode);
diff --git a/src/core/execute.h b/src/core/execute.h
deleted file mode 100644
index c7d0f7761e..0000000000
--- a/src/core/execute.h
+++ /dev/null
@@ -1,316 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct ExecStatus ExecStatus;
-typedef struct ExecCommand ExecCommand;
-typedef struct ExecContext ExecContext;
-typedef struct ExecRuntime ExecRuntime;
-typedef struct ExecParameters ExecParameters;
-
-#include <sched.h>
-#include <stdbool.h>
-#include <stdio.h>
-#include <sys/capability.h>
-
-#include "cgroup-util.h"
-#include "fdset.h"
-#include "list.h"
-#include "missing.h"
-#include "namespace.h"
-
-typedef enum ExecUtmpMode {
- EXEC_UTMP_INIT,
- EXEC_UTMP_LOGIN,
- EXEC_UTMP_USER,
- _EXEC_UTMP_MODE_MAX,
- _EXEC_UTMP_MODE_INVALID = -1
-} ExecUtmpMode;
-
-typedef enum ExecInput {
- EXEC_INPUT_NULL,
- EXEC_INPUT_TTY,
- EXEC_INPUT_TTY_FORCE,
- EXEC_INPUT_TTY_FAIL,
- EXEC_INPUT_SOCKET,
- EXEC_INPUT_NAMED_FD,
- _EXEC_INPUT_MAX,
- _EXEC_INPUT_INVALID = -1
-} ExecInput;
-
-typedef enum ExecOutput {
- EXEC_OUTPUT_INHERIT,
- EXEC_OUTPUT_NULL,
- EXEC_OUTPUT_TTY,
- EXEC_OUTPUT_SYSLOG,
- EXEC_OUTPUT_SYSLOG_AND_CONSOLE,
- EXEC_OUTPUT_KMSG,
- EXEC_OUTPUT_KMSG_AND_CONSOLE,
- EXEC_OUTPUT_JOURNAL,
- EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
- EXEC_OUTPUT_SOCKET,
- EXEC_OUTPUT_NAMED_FD,
- _EXEC_OUTPUT_MAX,
- _EXEC_OUTPUT_INVALID = -1
-} ExecOutput;
-
-struct ExecStatus {
- dual_timestamp start_timestamp;
- dual_timestamp exit_timestamp;
- pid_t pid;
- int code; /* as in siginfo_t::si_code */
- int status; /* as in sigingo_t::si_status */
-};
-
-struct ExecCommand {
- char *path;
- char **argv;
- ExecStatus exec_status;
- LIST_FIELDS(ExecCommand, command); /* useful for chaining commands */
- bool ignore:1;
- bool privileged:1;
-};
-
-struct ExecRuntime {
- int n_ref;
-
- char *tmp_dir;
- char *var_tmp_dir;
-
- /* An AF_UNIX socket pair, that contains a datagram containing a file descriptor referring to the network
- * namespace. */
- int netns_storage_socket[2];
-};
-
-struct ExecContext {
- char **environment;
- char **environment_files;
- char **pass_environment;
-
- struct rlimit *rlimit[_RLIMIT_MAX];
- char *working_directory, *root_directory;
- bool working_directory_missing_ok;
- bool working_directory_home;
-
- mode_t umask;
- int oom_score_adjust;
- int nice;
- int ioprio;
- int cpu_sched_policy;
- int cpu_sched_priority;
-
- cpu_set_t *cpuset;
- unsigned cpuset_ncpus;
-
- ExecInput std_input;
- ExecOutput std_output;
- ExecOutput std_error;
- char *stdio_fdname[3];
-
- nsec_t timer_slack_nsec;
-
- bool stdio_as_fds;
-
- char *tty_path;
-
- bool tty_reset;
- bool tty_vhangup;
- bool tty_vt_disallocate;
-
- bool ignore_sigpipe;
-
- /* Since resolving these names might involve socket
- * connections and we don't want to deadlock ourselves these
- * names are resolved on execution only and in the child
- * process. */
- char *user;
- char *group;
- char **supplementary_groups;
-
- char *pam_name;
-
- char *utmp_id;
- ExecUtmpMode utmp_mode;
-
- bool selinux_context_ignore;
- char *selinux_context;
-
- bool apparmor_profile_ignore;
- char *apparmor_profile;
-
- bool smack_process_label_ignore;
- char *smack_process_label;
-
- char **read_write_paths, **read_only_paths, **inaccessible_paths;
- unsigned long mount_flags;
-
- uint64_t capability_bounding_set;
- uint64_t capability_ambient_set;
- int secure_bits;
-
- int syslog_priority;
- char *syslog_identifier;
- bool syslog_level_prefix;
-
- bool cpu_sched_reset_on_fork;
- bool non_blocking;
- bool private_tmp;
- bool private_network;
- bool private_devices;
- bool private_users;
- ProtectSystem protect_system;
- ProtectHome protect_home;
- bool protect_kernel_tunables;
- bool protect_kernel_modules;
- bool protect_control_groups;
-
- bool no_new_privileges;
-
- bool dynamic_user;
- bool remove_ipc;
-
- /* This is not exposed to the user but available
- * internally. We need it to make sure that whenever we spawn
- * /usr/bin/mount it is run in the same process group as us so
- * that the autofs logic detects that it belongs to us and we
- * don't enter a trigger loop. */
- bool same_pgrp;
-
- unsigned long personality;
-
- Set *syscall_filter;
- Set *syscall_archs;
- int syscall_errno;
- bool syscall_whitelist:1;
-
- Set *address_families;
- bool address_families_whitelist:1;
-
- char **runtime_directory;
- mode_t runtime_directory_mode;
-
- bool memory_deny_write_execute;
- bool restrict_realtime;
-
- bool oom_score_adjust_set:1;
- bool nice_set:1;
- bool ioprio_set:1;
- bool cpu_sched_set:1;
- bool no_new_privileges_set:1;
-};
-
-typedef enum ExecFlags {
- EXEC_CONFIRM_SPAWN = 1U << 0,
- EXEC_APPLY_PERMISSIONS = 1U << 1,
- EXEC_APPLY_CHROOT = 1U << 2,
- EXEC_APPLY_TTY_STDIN = 1U << 3,
-
- /* The following are not used by execute.c, but by consumers internally */
- EXEC_PASS_FDS = 1U << 4,
- EXEC_IS_CONTROL = 1U << 5,
- EXEC_SETENV_RESULT = 1U << 6,
- EXEC_SET_WATCHDOG = 1U << 7,
-} ExecFlags;
-
-struct ExecParameters {
- char **argv;
- char **environment;
-
- int *fds;
- char **fd_names;
- unsigned n_fds;
-
- ExecFlags flags;
- bool selinux_context_net:1;
-
- bool cgroup_delegate:1;
- CGroupMask cgroup_supported;
- const char *cgroup_path;
-
- const char *runtime_prefix;
-
- usec_t watchdog_usec;
-
- int *idle_pipe;
-
- int stdin_fd;
- int stdout_fd;
- int stderr_fd;
-};
-
-#include "unit.h"
-#include "dynamic-user.h"
-
-int exec_spawn(Unit *unit,
- ExecCommand *command,
- const ExecContext *context,
- const ExecParameters *exec_params,
- ExecRuntime *runtime,
- DynamicCreds *dynamic_creds,
- pid_t *ret);
-
-void exec_command_done(ExecCommand *c);
-void exec_command_done_array(ExecCommand *c, unsigned n);
-
-ExecCommand* exec_command_free_list(ExecCommand *c);
-void exec_command_free_array(ExecCommand **c, unsigned n);
-
-char *exec_command_line(char **argv);
-
-void exec_command_dump(ExecCommand *c, FILE *f, const char *prefix);
-void exec_command_dump_list(ExecCommand *c, FILE *f, const char *prefix);
-void exec_command_append_list(ExecCommand **l, ExecCommand *e);
-int exec_command_set(ExecCommand *c, const char *path, ...);
-int exec_command_append(ExecCommand *c, const char *path, ...);
-
-void exec_context_init(ExecContext *c);
-void exec_context_done(ExecContext *c);
-void exec_context_dump(ExecContext *c, FILE* f, const char *prefix);
-
-int exec_context_destroy_runtime_directory(ExecContext *c, const char *runtime_root);
-
-int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l);
-int exec_context_named_iofds(Unit *unit, const ExecContext *c, const ExecParameters *p, int named_iofds[3]);
-const char* exec_context_fdname(const ExecContext *c, int fd_index);
-
-bool exec_context_may_touch_console(ExecContext *c);
-bool exec_context_maintains_privileges(ExecContext *c);
-
-void exec_status_start(ExecStatus *s, pid_t pid);
-void exec_status_exit(ExecStatus *s, ExecContext *context, pid_t pid, int code, int status);
-void exec_status_dump(ExecStatus *s, FILE *f, const char *prefix);
-
-int exec_runtime_make(ExecRuntime **rt, ExecContext *c, const char *id);
-ExecRuntime *exec_runtime_ref(ExecRuntime *r);
-ExecRuntime *exec_runtime_unref(ExecRuntime *r);
-
-int exec_runtime_serialize(Unit *unit, ExecRuntime *rt, FILE *f, FDSet *fds);
-int exec_runtime_deserialize_item(Unit *unit, ExecRuntime **rt, const char *key, const char *value, FDSet *fds);
-
-void exec_runtime_destroy(ExecRuntime *rt);
-
-const char* exec_output_to_string(ExecOutput i) _const_;
-ExecOutput exec_output_from_string(const char *s) _pure_;
-
-const char* exec_input_to_string(ExecInput i) _const_;
-ExecInput exec_input_from_string(const char *s) _pure_;
-
-const char* exec_utmp_mode_to_string(ExecUtmpMode i) _const_;
-ExecUtmpMode exec_utmp_mode_from_string(const char *s) _pure_;
diff --git a/src/core/hostname-setup.c b/src/core/hostname-setup.c
deleted file mode 100644
index 68be52856b..0000000000
--- a/src/core/hostname-setup.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <stdio.h>
-#include <stdlib.h>
-
-#include "alloc-util.h"
-#include "fileio.h"
-#include "hostname-setup.h"
-#include "hostname-util.h"
-#include "log.h"
-#include "macro.h"
-#include "string-util.h"
-#include "util.h"
-
-int hostname_setup(void) {
- int r;
- _cleanup_free_ char *b = NULL;
- const char *hn;
- bool enoent = false;
-
- r = read_hostname_config("/etc/hostname", &b);
- if (r < 0) {
- if (r == -ENOENT)
- enoent = true;
- else
- log_warning_errno(r, "Failed to read configured hostname: %m");
-
- hn = NULL;
- } else
- hn = b;
-
- if (isempty(hn)) {
- /* Don't override the hostname if it is already set
- * and not explicitly configured */
- if (hostname_is_set())
- return 0;
-
- if (enoent)
- log_info("No hostname configured.");
-
- hn = "localhost";
- }
-
- r = sethostname_idempotent(hn);
- if (r < 0)
- return log_warning_errno(r, "Failed to set hostname to <%s>: %m", hn);
-
- log_info("Set hostname to <%s>.", hn);
- return 0;
-}
diff --git a/src/core/hostname-setup.h b/src/core/hostname-setup.h
deleted file mode 100644
index 73e8c75c71..0000000000
--- a/src/core/hostname-setup.h
+++ /dev/null
@@ -1,22 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int hostname_setup(void);
diff --git a/src/core/ima-setup.c b/src/core/ima-setup.c
deleted file mode 100644
index d1b0ce76ef..0000000000
--- a/src/core/ima-setup.c
+++ /dev/null
@@ -1,80 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright (C) 2012 Roberto Sassu - Politecnico di Torino, Italy
- TORSEC group — http://security.polito.it
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <unistd.h>
-
-#include "fd-util.h"
-#include "fileio.h"
-#include "ima-setup.h"
-#include "log.h"
-#include "util.h"
-
-#define IMA_SECFS_DIR "/sys/kernel/security/ima"
-#define IMA_SECFS_POLICY IMA_SECFS_DIR "/policy"
-#define IMA_POLICY_PATH "/etc/ima/ima-policy"
-
-int ima_setup(void) {
-#ifdef HAVE_IMA
- _cleanup_fclose_ FILE *input = NULL;
- _cleanup_close_ int imafd = -1;
- unsigned lineno = 0;
- char line[page_size()];
-
- if (access(IMA_SECFS_DIR, F_OK) < 0) {
- log_debug("IMA support is disabled in the kernel, ignoring.");
- return 0;
- }
-
- input = fopen(IMA_POLICY_PATH, "re");
- if (!input) {
- log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_WARNING, errno,
- "Failed to open the IMA custom policy file "IMA_POLICY_PATH", ignoring: %m");
- return 0;
- }
-
- if (access(IMA_SECFS_POLICY, F_OK) < 0) {
- log_warning("Another IMA custom policy has already been loaded, ignoring.");
- return 0;
- }
-
- imafd = open(IMA_SECFS_POLICY, O_WRONLY|O_CLOEXEC);
- if (imafd < 0) {
- log_error_errno(errno, "Failed to open the IMA kernel interface "IMA_SECFS_POLICY", ignoring: %m");
- return 0;
- }
-
- FOREACH_LINE(line, input,
- return log_error_errno(errno, "Failed to read the IMA custom policy file "IMA_POLICY_PATH": %m")) {
- size_t len;
-
- len = strlen(line);
- lineno++;
-
- if (len > 0 && write(imafd, line, len) < 0)
- return log_error_errno(errno, "Failed to load the IMA custom policy file "IMA_POLICY_PATH"%u: %m",
- lineno);
- }
-
- log_info("Successfully loaded the IMA custom policy "IMA_POLICY_PATH".");
-#endif /* HAVE_IMA */
- return 0;
-}
diff --git a/src/core/ima-setup.h b/src/core/ima-setup.h
deleted file mode 100644
index 472b58cb00..0000000000
--- a/src/core/ima-setup.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright (C) 2012 Roberto Sassu - Politecnico di Torino, Italy
- TORSEC group — http://security.polito.it
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int ima_setup(void);
diff --git a/src/core/job.c b/src/core/job.c
deleted file mode 100644
index ac6910a906..0000000000
--- a/src/core/job.c
+++ /dev/null
@@ -1,1263 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-
-#include "sd-id128.h"
-#include "sd-messages.h"
-
-#include "alloc-util.h"
-#include "async.h"
-#include "dbus-job.h"
-#include "dbus.h"
-#include "escape.h"
-#include "job.h"
-#include "log.h"
-#include "macro.h"
-#include "parse-util.h"
-#include "set.h"
-#include "special.h"
-#include "stdio-util.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "terminal-util.h"
-#include "unit.h"
-#include "virt.h"
-
-Job* job_new_raw(Unit *unit) {
- Job *j;
-
- /* used for deserialization */
-
- assert(unit);
-
- j = new0(Job, 1);
- if (!j)
- return NULL;
-
- j->manager = unit->manager;
- j->unit = unit;
- j->type = _JOB_TYPE_INVALID;
-
- return j;
-}
-
-Job* job_new(Unit *unit, JobType type) {
- Job *j;
-
- assert(type < _JOB_TYPE_MAX);
-
- j = job_new_raw(unit);
- if (!j)
- return NULL;
-
- j->id = j->manager->current_job_id++;
- j->type = type;
-
- /* We don't link it here, that's what job_dependency() is for */
-
- return j;
-}
-
-void job_free(Job *j) {
- assert(j);
- assert(!j->installed);
- assert(!j->transaction_prev);
- assert(!j->transaction_next);
- assert(!j->subject_list);
- assert(!j->object_list);
-
- if (j->in_run_queue)
- LIST_REMOVE(run_queue, j->manager->run_queue, j);
-
- if (j->in_dbus_queue)
- LIST_REMOVE(dbus_queue, j->manager->dbus_job_queue, j);
-
- sd_event_source_unref(j->timer_event_source);
-
- sd_bus_track_unref(j->clients);
- strv_free(j->deserialized_clients);
-
- free(j);
-}
-
-static void job_set_state(Job *j, JobState state) {
- assert(j);
- assert(state >= 0);
- assert(state < _JOB_STATE_MAX);
-
- if (j->state == state)
- return;
-
- j->state = state;
-
- if (!j->installed)
- return;
-
- if (j->state == JOB_RUNNING)
- j->unit->manager->n_running_jobs++;
- else {
- assert(j->state == JOB_WAITING);
- assert(j->unit->manager->n_running_jobs > 0);
-
- j->unit->manager->n_running_jobs--;
-
- if (j->unit->manager->n_running_jobs <= 0)
- j->unit->manager->jobs_in_progress_event_source = sd_event_source_unref(j->unit->manager->jobs_in_progress_event_source);
- }
-}
-
-void job_uninstall(Job *j) {
- Job **pj;
-
- assert(j->installed);
-
- job_set_state(j, JOB_WAITING);
-
- pj = (j->type == JOB_NOP) ? &j->unit->nop_job : &j->unit->job;
- assert(*pj == j);
-
- /* Detach from next 'bigger' objects */
-
- /* daemon-reload should be transparent to job observers */
- if (!MANAGER_IS_RELOADING(j->manager))
- bus_job_send_removed_signal(j);
-
- *pj = NULL;
-
- unit_add_to_gc_queue(j->unit);
-
- hashmap_remove(j->manager->jobs, UINT32_TO_PTR(j->id));
- j->installed = false;
-}
-
-static bool job_type_allows_late_merge(JobType t) {
- /* Tells whether it is OK to merge a job of type 't' with an already
- * running job.
- * Reloads cannot be merged this way. Think of the sequence:
- * 1. Reload of a daemon is in progress; the daemon has already loaded
- * its config file, but hasn't completed the reload operation yet.
- * 2. Edit foo's config file.
- * 3. Trigger another reload to have the daemon use the new config.
- * Should the second reload job be merged into the first one, the daemon
- * would not know about the new config.
- * JOB_RESTART jobs on the other hand can be merged, because they get
- * patched into JOB_START after stopping the unit. So if we see a
- * JOB_RESTART running, it means the unit hasn't stopped yet and at
- * this time the merge is still allowed. */
- return t != JOB_RELOAD;
-}
-
-static void job_merge_into_installed(Job *j, Job *other) {
- assert(j->installed);
- assert(j->unit == other->unit);
-
- if (j->type != JOB_NOP)
- job_type_merge_and_collapse(&j->type, other->type, j->unit);
- else
- assert(other->type == JOB_NOP);
-
- j->irreversible = j->irreversible || other->irreversible;
- j->ignore_order = j->ignore_order || other->ignore_order;
-}
-
-Job* job_install(Job *j) {
- Job **pj;
- Job *uj;
-
- assert(!j->installed);
- assert(j->type < _JOB_TYPE_MAX_IN_TRANSACTION);
- assert(j->state == JOB_WAITING);
-
- pj = (j->type == JOB_NOP) ? &j->unit->nop_job : &j->unit->job;
- uj = *pj;
-
- if (uj) {
- if (job_type_is_conflicting(uj->type, j->type))
- job_finish_and_invalidate(uj, JOB_CANCELED, false, false);
- else {
- /* not conflicting, i.e. mergeable */
-
- if (uj->state == JOB_WAITING ||
- (job_type_allows_late_merge(j->type) && job_type_is_superset(uj->type, j->type))) {
- job_merge_into_installed(uj, j);
- log_unit_debug(uj->unit,
- "Merged into installed job %s/%s as %u",
- uj->unit->id, job_type_to_string(uj->type), (unsigned) uj->id);
- return uj;
- } else {
- /* already running and not safe to merge into */
- /* Patch uj to become a merged job and re-run it. */
- /* XXX It should be safer to queue j to run after uj finishes, but it is
- * not currently possible to have more than one installed job per unit. */
- job_merge_into_installed(uj, j);
- log_unit_debug(uj->unit,
- "Merged into running job, re-running: %s/%s as %u",
- uj->unit->id, job_type_to_string(uj->type), (unsigned) uj->id);
-
- job_set_state(uj, JOB_WAITING);
- return uj;
- }
- }
- }
-
- /* Install the job */
- *pj = j;
- j->installed = true;
-
- j->manager->n_installed_jobs++;
- log_unit_debug(j->unit,
- "Installed new job %s/%s as %u",
- j->unit->id, job_type_to_string(j->type), (unsigned) j->id);
- return j;
-}
-
-int job_install_deserialized(Job *j) {
- Job **pj;
-
- assert(!j->installed);
-
- if (j->type < 0 || j->type >= _JOB_TYPE_MAX_IN_TRANSACTION) {
- log_debug("Invalid job type %s in deserialization.", strna(job_type_to_string(j->type)));
- return -EINVAL;
- }
-
- pj = (j->type == JOB_NOP) ? &j->unit->nop_job : &j->unit->job;
- if (*pj) {
- log_unit_debug(j->unit, "Unit already has a job installed. Not installing deserialized job.");
- return -EEXIST;
- }
-
- *pj = j;
- j->installed = true;
-
- if (j->state == JOB_RUNNING)
- j->unit->manager->n_running_jobs++;
-
- log_unit_debug(j->unit,
- "Reinstalled deserialized job %s/%s as %u",
- j->unit->id, job_type_to_string(j->type), (unsigned) j->id);
- return 0;
-}
-
-JobDependency* job_dependency_new(Job *subject, Job *object, bool matters, bool conflicts) {
- JobDependency *l;
-
- assert(object);
-
- /* Adds a new job link, which encodes that the 'subject' job
- * needs the 'object' job in some way. If 'subject' is NULL
- * this means the 'anchor' job (i.e. the one the user
- * explicitly asked for) is the requester. */
-
- if (!(l = new0(JobDependency, 1)))
- return NULL;
-
- l->subject = subject;
- l->object = object;
- l->matters = matters;
- l->conflicts = conflicts;
-
- if (subject)
- LIST_PREPEND(subject, subject->subject_list, l);
-
- LIST_PREPEND(object, object->object_list, l);
-
- return l;
-}
-
-void job_dependency_free(JobDependency *l) {
- assert(l);
-
- if (l->subject)
- LIST_REMOVE(subject, l->subject->subject_list, l);
-
- LIST_REMOVE(object, l->object->object_list, l);
-
- free(l);
-}
-
-void job_dump(Job *j, FILE*f, const char *prefix) {
- assert(j);
- assert(f);
-
- if (!prefix)
- prefix = "";
-
- fprintf(f,
- "%s-> Job %u:\n"
- "%s\tAction: %s -> %s\n"
- "%s\tState: %s\n"
- "%s\tIrreversible: %s\n",
- prefix, j->id,
- prefix, j->unit->id, job_type_to_string(j->type),
- prefix, job_state_to_string(j->state),
- prefix, yes_no(j->irreversible));
-}
-
-/*
- * Merging is commutative, so imagine the matrix as symmetric. We store only
- * its lower triangle to avoid duplication. We don't store the main diagonal,
- * because A merged with A is simply A.
- *
- * If the resulting type is collapsed immediately afterwards (to get rid of
- * the JOB_RELOAD_OR_START, which lies outside the lookup function's domain),
- * the following properties hold:
- *
- * Merging is associative! A merged with B, and then merged with C is the same
- * as A merged with the result of B merged with C.
- *
- * Mergeability is transitive! If A can be merged with B and B with C then
- * A also with C.
- *
- * Also, if A merged with B cannot be merged with C, then either A or B cannot
- * be merged with C either.
- */
-static const JobType job_merging_table[] = {
-/* What \ With * JOB_START JOB_VERIFY_ACTIVE JOB_STOP JOB_RELOAD */
-/*********************************************************************************/
-/*JOB_START */
-/*JOB_VERIFY_ACTIVE */ JOB_START,
-/*JOB_STOP */ -1, -1,
-/*JOB_RELOAD */ JOB_RELOAD_OR_START, JOB_RELOAD, -1,
-/*JOB_RESTART */ JOB_RESTART, JOB_RESTART, -1, JOB_RESTART,
-};
-
-JobType job_type_lookup_merge(JobType a, JobType b) {
- assert_cc(ELEMENTSOF(job_merging_table) == _JOB_TYPE_MAX_MERGING * (_JOB_TYPE_MAX_MERGING - 1) / 2);
- assert(a >= 0 && a < _JOB_TYPE_MAX_MERGING);
- assert(b >= 0 && b < _JOB_TYPE_MAX_MERGING);
-
- if (a == b)
- return a;
-
- if (a < b) {
- JobType tmp = a;
- a = b;
- b = tmp;
- }
-
- return job_merging_table[(a - 1) * a / 2 + b];
-}
-
-bool job_type_is_redundant(JobType a, UnitActiveState b) {
- switch (a) {
-
- case JOB_START:
- return
- b == UNIT_ACTIVE ||
- b == UNIT_RELOADING;
-
- case JOB_STOP:
- return
- b == UNIT_INACTIVE ||
- b == UNIT_FAILED;
-
- case JOB_VERIFY_ACTIVE:
- return
- b == UNIT_ACTIVE ||
- b == UNIT_RELOADING;
-
- case JOB_RELOAD:
- return
- b == UNIT_RELOADING;
-
- case JOB_RESTART:
- return
- b == UNIT_ACTIVATING;
-
- case JOB_NOP:
- return true;
-
- default:
- assert_not_reached("Invalid job type");
- }
-}
-
-JobType job_type_collapse(JobType t, Unit *u) {
- UnitActiveState s;
-
- switch (t) {
-
- case JOB_TRY_RESTART:
- s = unit_active_state(u);
- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(s))
- return JOB_NOP;
-
- return JOB_RESTART;
-
- case JOB_TRY_RELOAD:
- s = unit_active_state(u);
- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(s))
- return JOB_NOP;
-
- return JOB_RELOAD;
-
- case JOB_RELOAD_OR_START:
- s = unit_active_state(u);
- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(s))
- return JOB_START;
-
- return JOB_RELOAD;
-
- default:
- return t;
- }
-}
-
-int job_type_merge_and_collapse(JobType *a, JobType b, Unit *u) {
- JobType t;
-
- t = job_type_lookup_merge(*a, b);
- if (t < 0)
- return -EEXIST;
-
- *a = job_type_collapse(t, u);
- return 0;
-}
-
-static bool job_is_runnable(Job *j) {
- Iterator i;
- Unit *other;
-
- assert(j);
- assert(j->installed);
-
- /* Checks whether there is any job running for the units this
- * job needs to be running after (in the case of a 'positive'
- * job type) or before (in the case of a 'negative' job
- * type. */
-
- /* Note that unit types have a say in what is runnable,
- * too. For example, if they return -EAGAIN from
- * unit_start() they can indicate they are not
- * runnable yet. */
-
- /* First check if there is an override */
- if (j->ignore_order)
- return true;
-
- if (j->type == JOB_NOP)
- return true;
-
- if (j->type == JOB_START ||
- j->type == JOB_VERIFY_ACTIVE ||
- j->type == JOB_RELOAD) {
-
- /* Immediate result is that the job is or might be
- * started. In this case let's wait for the
- * dependencies, regardless whether they are
- * starting or stopping something. */
-
- SET_FOREACH(other, j->unit->dependencies[UNIT_AFTER], i)
- if (other->job)
- return false;
- }
-
- /* Also, if something else is being stopped and we should
- * change state after it, then let's wait. */
-
- SET_FOREACH(other, j->unit->dependencies[UNIT_BEFORE], i)
- if (other->job &&
- (other->job->type == JOB_STOP ||
- other->job->type == JOB_RESTART))
- return false;
-
- /* This means that for a service a and a service b where b
- * shall be started after a:
- *
- * start a + start b → 1st step start a, 2nd step start b
- * start a + stop b → 1st step stop b, 2nd step start a
- * stop a + start b → 1st step stop a, 2nd step start b
- * stop a + stop b → 1st step stop b, 2nd step stop a
- *
- * This has the side effect that restarts are properly
- * synchronized too. */
-
- return true;
-}
-
-static void job_change_type(Job *j, JobType newtype) {
- assert(j);
-
- log_unit_debug(j->unit,
- "Converting job %s/%s -> %s/%s",
- j->unit->id, job_type_to_string(j->type),
- j->unit->id, job_type_to_string(newtype));
-
- j->type = newtype;
-}
-
-static int job_perform_on_unit(Job **j) {
- uint32_t id;
- Manager *m;
- JobType t;
- Unit *u;
- int r;
-
- /* While we execute this operation the job might go away (for
- * example: because it finishes immediately or is replaced by
- * a new, conflicting job.) To make sure we don't access a
- * freed job later on we store the id here, so that we can
- * verify the job is still valid. */
-
- assert(j);
- assert(*j);
-
- m = (*j)->manager;
- u = (*j)->unit;
- t = (*j)->type;
- id = (*j)->id;
-
- switch (t) {
- case JOB_START:
- r = unit_start(u);
- break;
-
- case JOB_RESTART:
- t = JOB_STOP;
- /* fall through */
- case JOB_STOP:
- r = unit_stop(u);
- break;
-
- case JOB_RELOAD:
- r = unit_reload(u);
- break;
-
- default:
- assert_not_reached("Invalid job type");
- }
-
- /* Log if the job still exists and the start/stop/reload function
- * actually did something. */
- *j = manager_get_job(m, id);
- if (*j && r > 0)
- unit_status_emit_starting_stopping_reloading(u, t);
-
- return r;
-}
-
-int job_run_and_invalidate(Job *j) {
- int r;
-
- assert(j);
- assert(j->installed);
- assert(j->type < _JOB_TYPE_MAX_IN_TRANSACTION);
- assert(j->in_run_queue);
-
- LIST_REMOVE(run_queue, j->manager->run_queue, j);
- j->in_run_queue = false;
-
- if (j->state != JOB_WAITING)
- return 0;
-
- if (!job_is_runnable(j))
- return -EAGAIN;
-
- job_set_state(j, JOB_RUNNING);
- job_add_to_dbus_queue(j);
-
-
- switch (j->type) {
-
- case JOB_VERIFY_ACTIVE: {
- UnitActiveState t = unit_active_state(j->unit);
- if (UNIT_IS_ACTIVE_OR_RELOADING(t))
- r = -EALREADY;
- else if (t == UNIT_ACTIVATING)
- r = -EAGAIN;
- else
- r = -EBADR;
- break;
- }
-
- case JOB_START:
- case JOB_STOP:
- case JOB_RESTART:
- r = job_perform_on_unit(&j);
-
- /* If the unit type does not support starting/stopping,
- * then simply wait. */
- if (r == -EBADR)
- r = 0;
- break;
-
- case JOB_RELOAD:
- r = job_perform_on_unit(&j);
- break;
-
- case JOB_NOP:
- r = -EALREADY;
- break;
-
- default:
- assert_not_reached("Unknown job type");
- }
-
- if (j) {
- if (r == -EALREADY)
- r = job_finish_and_invalidate(j, JOB_DONE, true, true);
- else if (r == -EBADR)
- r = job_finish_and_invalidate(j, JOB_SKIPPED, true, false);
- else if (r == -ENOEXEC)
- r = job_finish_and_invalidate(j, JOB_INVALID, true, false);
- else if (r == -EPROTO)
- r = job_finish_and_invalidate(j, JOB_ASSERT, true, false);
- else if (r == -EOPNOTSUPP)
- r = job_finish_and_invalidate(j, JOB_UNSUPPORTED, true, false);
- else if (r == -EAGAIN)
- job_set_state(j, JOB_WAITING);
- else if (r < 0)
- r = job_finish_and_invalidate(j, JOB_FAILED, true, false);
- }
-
- return r;
-}
-
-_pure_ static const char *job_get_status_message_format(Unit *u, JobType t, JobResult result) {
-
- static const char *const generic_finished_start_job[_JOB_RESULT_MAX] = {
- [JOB_DONE] = "Started %s.",
- [JOB_TIMEOUT] = "Timed out starting %s.",
- [JOB_FAILED] = "Failed to start %s.",
- [JOB_DEPENDENCY] = "Dependency failed for %s.",
- [JOB_ASSERT] = "Assertion failed for %s.",
- [JOB_UNSUPPORTED] = "Starting of %s not supported.",
- };
- static const char *const generic_finished_stop_job[_JOB_RESULT_MAX] = {
- [JOB_DONE] = "Stopped %s.",
- [JOB_FAILED] = "Stopped (with error) %s.",
- [JOB_TIMEOUT] = "Timed out stopping %s.",
- };
- static const char *const generic_finished_reload_job[_JOB_RESULT_MAX] = {
- [JOB_DONE] = "Reloaded %s.",
- [JOB_FAILED] = "Reload failed for %s.",
- [JOB_TIMEOUT] = "Timed out reloading %s.",
- };
- /* When verify-active detects the unit is inactive, report it.
- * Most likely a DEPEND warning from a requisiting unit will
- * occur next and it's nice to see what was requisited. */
- static const char *const generic_finished_verify_active_job[_JOB_RESULT_MAX] = {
- [JOB_SKIPPED] = "%s is not active.",
- };
-
- const UnitStatusMessageFormats *format_table;
- const char *format;
-
- assert(u);
- assert(t >= 0);
- assert(t < _JOB_TYPE_MAX);
-
- if (IN_SET(t, JOB_START, JOB_STOP, JOB_RESTART)) {
- format_table = &UNIT_VTABLE(u)->status_message_formats;
- if (format_table) {
- format = t == JOB_START ? format_table->finished_start_job[result] :
- format_table->finished_stop_job[result];
- if (format)
- return format;
- }
- }
-
- /* Return generic strings */
- if (t == JOB_START)
- return generic_finished_start_job[result];
- else if (t == JOB_STOP || t == JOB_RESTART)
- return generic_finished_stop_job[result];
- else if (t == JOB_RELOAD)
- return generic_finished_reload_job[result];
- else if (t == JOB_VERIFY_ACTIVE)
- return generic_finished_verify_active_job[result];
-
- return NULL;
-}
-
-static void job_print_status_message(Unit *u, JobType t, JobResult result) {
- static const struct {
- const char *color, *word;
- } const statuses[_JOB_RESULT_MAX] = {
- [JOB_DONE] = { ANSI_GREEN, " OK " },
- [JOB_TIMEOUT] = { ANSI_HIGHLIGHT_RED, " TIME " },
- [JOB_FAILED] = { ANSI_HIGHLIGHT_RED, "FAILED" },
- [JOB_DEPENDENCY] = { ANSI_HIGHLIGHT_YELLOW, "DEPEND" },
- [JOB_SKIPPED] = { ANSI_HIGHLIGHT, " INFO " },
- [JOB_ASSERT] = { ANSI_HIGHLIGHT_YELLOW, "ASSERT" },
- [JOB_UNSUPPORTED] = { ANSI_HIGHLIGHT_YELLOW, "UNSUPP" },
- };
-
- const char *format;
- const char *status;
-
- assert(u);
- assert(t >= 0);
- assert(t < _JOB_TYPE_MAX);
-
- /* Reload status messages have traditionally not been printed to console. */
- if (t == JOB_RELOAD)
- return;
-
- format = job_get_status_message_format(u, t, result);
- if (!format)
- return;
-
- if (log_get_show_color())
- status = strjoina(statuses[result].color, statuses[result].word, ANSI_NORMAL);
- else
- status = statuses[result].word;
-
- if (result != JOB_DONE)
- manager_flip_auto_status(u->manager, true);
-
- DISABLE_WARNING_FORMAT_NONLITERAL;
- unit_status_printf(u, status, format);
- REENABLE_WARNING;
-
- if (t == JOB_START && result == JOB_FAILED) {
- _cleanup_free_ char *quoted;
-
- quoted = shell_maybe_quote(u->id);
- manager_status_printf(u->manager, STATUS_TYPE_NORMAL, NULL, "See 'systemctl status %s' for details.", strna(quoted));
- }
-}
-
-static void job_log_status_message(Unit *u, JobType t, JobResult result) {
- const char *format;
- char buf[LINE_MAX];
- sd_id128_t mid;
- static const int job_result_log_level[_JOB_RESULT_MAX] = {
- [JOB_DONE] = LOG_INFO,
- [JOB_CANCELED] = LOG_INFO,
- [JOB_TIMEOUT] = LOG_ERR,
- [JOB_FAILED] = LOG_ERR,
- [JOB_DEPENDENCY] = LOG_WARNING,
- [JOB_SKIPPED] = LOG_NOTICE,
- [JOB_INVALID] = LOG_INFO,
- [JOB_ASSERT] = LOG_WARNING,
- [JOB_UNSUPPORTED] = LOG_WARNING,
- };
-
- assert(u);
- assert(t >= 0);
- assert(t < _JOB_TYPE_MAX);
-
- /* Skip this if it goes to the console. since we already print
- * to the console anyway... */
-
- if (log_on_console())
- return;
-
- format = job_get_status_message_format(u, t, result);
- if (!format)
- return;
-
- /* The description might be longer than the buffer, but that's OK, we'll just truncate it here */
- DISABLE_WARNING_FORMAT_NONLITERAL;
- snprintf(buf, sizeof(buf), format, unit_description(u));
- REENABLE_WARNING;
-
- switch (t) {
-
- case JOB_START:
- mid = result == JOB_DONE ? SD_MESSAGE_UNIT_STARTED : SD_MESSAGE_UNIT_FAILED;
- break;
-
- case JOB_RELOAD:
- mid = SD_MESSAGE_UNIT_RELOADED;
- break;
-
- case JOB_STOP:
- case JOB_RESTART:
- mid = SD_MESSAGE_UNIT_STOPPED;
- break;
-
- default:
- log_struct(job_result_log_level[result],
- LOG_UNIT_ID(u),
- LOG_MESSAGE("%s", buf),
- "RESULT=%s", job_result_to_string(result),
- NULL);
- return;
- }
-
- log_struct(job_result_log_level[result],
- LOG_MESSAGE_ID(mid),
- LOG_UNIT_ID(u),
- LOG_MESSAGE("%s", buf),
- "RESULT=%s", job_result_to_string(result),
- NULL);
-}
-
-static void job_emit_status_message(Unit *u, JobType t, JobResult result) {
-
- /* No message if the job did not actually do anything due to failed condition. */
- if (t == JOB_START && result == JOB_DONE && !u->condition_result)
- return;
-
- job_log_status_message(u, t, result);
- job_print_status_message(u, t, result);
-}
-
-static void job_fail_dependencies(Unit *u, UnitDependency d) {
- Unit *other;
- Iterator i;
-
- assert(u);
-
- SET_FOREACH(other, u->dependencies[d], i) {
- Job *j = other->job;
-
- if (!j)
- continue;
- if (!IN_SET(j->type, JOB_START, JOB_VERIFY_ACTIVE))
- continue;
-
- job_finish_and_invalidate(j, JOB_DEPENDENCY, true, false);
- }
-}
-
-int job_finish_and_invalidate(Job *j, JobResult result, bool recursive, bool already) {
- Unit *u;
- Unit *other;
- JobType t;
- Iterator i;
-
- assert(j);
- assert(j->installed);
- assert(j->type < _JOB_TYPE_MAX_IN_TRANSACTION);
-
- u = j->unit;
- t = j->type;
-
- j->result = result;
-
- log_unit_debug(u, "Job %s/%s finished, result=%s", u->id, job_type_to_string(t), job_result_to_string(result));
-
- /* If this job did nothing to respective unit we don't log the status message */
- if (!already)
- job_emit_status_message(u, t, result);
-
- job_add_to_dbus_queue(j);
-
- /* Patch restart jobs so that they become normal start jobs */
- if (result == JOB_DONE && t == JOB_RESTART) {
-
- job_change_type(j, JOB_START);
- job_set_state(j, JOB_WAITING);
-
- job_add_to_run_queue(j);
-
- goto finish;
- }
-
- if (result == JOB_FAILED || result == JOB_INVALID)
- j->manager->n_failed_jobs++;
-
- job_uninstall(j);
- job_free(j);
-
- /* Fail depending jobs on failure */
- if (result != JOB_DONE && recursive) {
- if (IN_SET(t, JOB_START, JOB_VERIFY_ACTIVE)) {
- job_fail_dependencies(u, UNIT_REQUIRED_BY);
- job_fail_dependencies(u, UNIT_REQUISITE_OF);
- job_fail_dependencies(u, UNIT_BOUND_BY);
- } else if (t == JOB_STOP)
- job_fail_dependencies(u, UNIT_CONFLICTED_BY);
- }
-
- /* Trigger OnFailure dependencies that are not generated by
- * the unit itself. We don't treat JOB_CANCELED as failure in
- * this context. And JOB_FAILURE is already handled by the
- * unit itself. */
- if (result == JOB_TIMEOUT || result == JOB_DEPENDENCY) {
- log_struct(LOG_NOTICE,
- "JOB_TYPE=%s", job_type_to_string(t),
- "JOB_RESULT=%s", job_result_to_string(result),
- LOG_UNIT_ID(u),
- LOG_UNIT_MESSAGE(u, "Job %s/%s failed with result '%s'.",
- u->id,
- job_type_to_string(t),
- job_result_to_string(result)),
- NULL);
-
- unit_start_on_failure(u);
- }
-
- unit_trigger_notify(u);
-
-finish:
- /* Try to start the next jobs that can be started */
- SET_FOREACH(other, u->dependencies[UNIT_AFTER], i)
- if (other->job)
- job_add_to_run_queue(other->job);
- SET_FOREACH(other, u->dependencies[UNIT_BEFORE], i)
- if (other->job)
- job_add_to_run_queue(other->job);
-
- manager_check_finished(u->manager);
-
- return 0;
-}
-
-static int job_dispatch_timer(sd_event_source *s, uint64_t monotonic, void *userdata) {
- Job *j = userdata;
- Unit *u;
-
- assert(j);
- assert(s == j->timer_event_source);
-
- log_unit_warning(j->unit, "Job %s/%s timed out.", j->unit->id, job_type_to_string(j->type));
-
- u = j->unit;
- job_finish_and_invalidate(j, JOB_TIMEOUT, true, false);
-
- emergency_action(u->manager, u->job_timeout_action, u->job_timeout_reboot_arg, "job timed out");
-
- return 0;
-}
-
-int job_start_timer(Job *j) {
- int r;
-
- if (j->timer_event_source)
- return 0;
-
- j->begin_usec = now(CLOCK_MONOTONIC);
-
- if (j->unit->job_timeout == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- j->manager->event,
- &j->timer_event_source,
- CLOCK_MONOTONIC,
- usec_add(j->begin_usec, j->unit->job_timeout), 0,
- job_dispatch_timer, j);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(j->timer_event_source, "job-start");
-
- return 0;
-}
-
-void job_add_to_run_queue(Job *j) {
- assert(j);
- assert(j->installed);
-
- if (j->in_run_queue)
- return;
-
- if (!j->manager->run_queue)
- sd_event_source_set_enabled(j->manager->run_queue_event_source, SD_EVENT_ONESHOT);
-
- LIST_PREPEND(run_queue, j->manager->run_queue, j);
- j->in_run_queue = true;
-}
-
-void job_add_to_dbus_queue(Job *j) {
- assert(j);
- assert(j->installed);
-
- if (j->in_dbus_queue)
- return;
-
- /* We don't check if anybody is subscribed here, since this
- * job might just have been created and not yet assigned to a
- * connection/client. */
-
- LIST_PREPEND(dbus_queue, j->manager->dbus_job_queue, j);
- j->in_dbus_queue = true;
-}
-
-char *job_dbus_path(Job *j) {
- char *p;
-
- assert(j);
-
- if (asprintf(&p, "/org/freedesktop/systemd1/job/%"PRIu32, j->id) < 0)
- return NULL;
-
- return p;
-}
-
-int job_serialize(Job *j, FILE *f) {
- assert(j);
- assert(f);
-
- fprintf(f, "job-id=%u\n", j->id);
- fprintf(f, "job-type=%s\n", job_type_to_string(j->type));
- fprintf(f, "job-state=%s\n", job_state_to_string(j->state));
- fprintf(f, "job-irreversible=%s\n", yes_no(j->irreversible));
- fprintf(f, "job-sent-dbus-new-signal=%s\n", yes_no(j->sent_dbus_new_signal));
- fprintf(f, "job-ignore-order=%s\n", yes_no(j->ignore_order));
-
- if (j->begin_usec > 0)
- fprintf(f, "job-begin="USEC_FMT"\n", j->begin_usec);
-
- bus_track_serialize(j->clients, f, "subscribed");
-
- /* End marker */
- fputc('\n', f);
- return 0;
-}
-
-int job_deserialize(Job *j, FILE *f) {
- assert(j);
- assert(f);
-
- for (;;) {
- char line[LINE_MAX], *l, *v;
- size_t k;
-
- if (!fgets(line, sizeof(line), f)) {
- if (feof(f))
- return 0;
- return -errno;
- }
-
- char_array_0(line);
- l = strstrip(line);
-
- /* End marker */
- if (l[0] == 0)
- return 0;
-
- k = strcspn(l, "=");
-
- if (l[k] == '=') {
- l[k] = 0;
- v = l+k+1;
- } else
- v = l+k;
-
- if (streq(l, "job-id")) {
-
- if (safe_atou32(v, &j->id) < 0)
- log_debug("Failed to parse job id value %s", v);
-
- } else if (streq(l, "job-type")) {
- JobType t;
-
- t = job_type_from_string(v);
- if (t < 0)
- log_debug("Failed to parse job type %s", v);
- else if (t >= _JOB_TYPE_MAX_IN_TRANSACTION)
- log_debug("Cannot deserialize job of type %s", v);
- else
- j->type = t;
-
- } else if (streq(l, "job-state")) {
- JobState s;
-
- s = job_state_from_string(v);
- if (s < 0)
- log_debug("Failed to parse job state %s", v);
- else
- job_set_state(j, s);
-
- } else if (streq(l, "job-irreversible")) {
- int b;
-
- b = parse_boolean(v);
- if (b < 0)
- log_debug("Failed to parse job irreversible flag %s", v);
- else
- j->irreversible = j->irreversible || b;
-
- } else if (streq(l, "job-sent-dbus-new-signal")) {
- int b;
-
- b = parse_boolean(v);
- if (b < 0)
- log_debug("Failed to parse job sent_dbus_new_signal flag %s", v);
- else
- j->sent_dbus_new_signal = j->sent_dbus_new_signal || b;
-
- } else if (streq(l, "job-ignore-order")) {
- int b;
-
- b = parse_boolean(v);
- if (b < 0)
- log_debug("Failed to parse job ignore_order flag %s", v);
- else
- j->ignore_order = j->ignore_order || b;
-
- } else if (streq(l, "job-begin")) {
- unsigned long long ull;
-
- if (sscanf(v, "%llu", &ull) != 1)
- log_debug("Failed to parse job-begin value %s", v);
- else
- j->begin_usec = ull;
-
- } else if (streq(l, "subscribed")) {
-
- if (strv_extend(&j->deserialized_clients, v) < 0)
- log_oom();
- }
- }
-}
-
-int job_coldplug(Job *j) {
- int r;
-
- assert(j);
-
- /* After deserialization is complete and the bus connection
- * set up again, let's start watching our subscribers again */
- (void) bus_track_coldplug(j->manager, &j->clients, false, j->deserialized_clients);
- j->deserialized_clients = strv_free(j->deserialized_clients);
-
- if (j->state == JOB_WAITING)
- job_add_to_run_queue(j);
-
- if (j->begin_usec == 0 || j->unit->job_timeout == USEC_INFINITY)
- return 0;
-
- j->timer_event_source = sd_event_source_unref(j->timer_event_source);
-
- r = sd_event_add_time(
- j->manager->event,
- &j->timer_event_source,
- CLOCK_MONOTONIC,
- usec_add(j->begin_usec, j->unit->job_timeout), 0,
- job_dispatch_timer, j);
- if (r < 0)
- log_debug_errno(r, "Failed to restart timeout for job: %m");
-
- (void) sd_event_source_set_description(j->timer_event_source, "job-timeout");
-
- return r;
-}
-
-void job_shutdown_magic(Job *j) {
- assert(j);
-
- /* The shutdown target gets some special treatment here: we
- * tell the kernel to begin with flushing its disk caches, to
- * optimize shutdown time a bit. Ideally we wouldn't hardcode
- * this magic into PID 1. However all other processes aren't
- * options either since they'd exit much sooner than PID 1 and
- * asynchronous sync() would cause their exit to be
- * delayed. */
-
- if (j->type != JOB_START)
- return;
-
- if (!MANAGER_IS_SYSTEM(j->unit->manager))
- return;
-
- if (!unit_has_name(j->unit, SPECIAL_SHUTDOWN_TARGET))
- return;
-
- /* In case messages on console has been disabled on boot */
- j->unit->manager->no_console_output = false;
-
- if (detect_container() > 0)
- return;
-
- asynchronous_sync();
-}
-
-int job_get_timeout(Job *j, usec_t *timeout) {
- usec_t x = USEC_INFINITY, y = USEC_INFINITY;
- Unit *u = j->unit;
- int r;
-
- assert(u);
-
- if (j->timer_event_source) {
- r = sd_event_source_get_time(j->timer_event_source, &x);
- if (r < 0)
- return r;
- }
-
- if (UNIT_VTABLE(u)->get_timeout) {
- r = UNIT_VTABLE(u)->get_timeout(u, &y);
- if (r < 0)
- return r;
- }
-
- if (x == USEC_INFINITY && y == USEC_INFINITY)
- return 0;
-
- *timeout = MIN(x, y);
- return 1;
-}
-
-static const char* const job_state_table[_JOB_STATE_MAX] = {
- [JOB_WAITING] = "waiting",
- [JOB_RUNNING] = "running"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(job_state, JobState);
-
-static const char* const job_type_table[_JOB_TYPE_MAX] = {
- [JOB_START] = "start",
- [JOB_VERIFY_ACTIVE] = "verify-active",
- [JOB_STOP] = "stop",
- [JOB_RELOAD] = "reload",
- [JOB_RELOAD_OR_START] = "reload-or-start",
- [JOB_RESTART] = "restart",
- [JOB_TRY_RESTART] = "try-restart",
- [JOB_TRY_RELOAD] = "try-reload",
- [JOB_NOP] = "nop",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(job_type, JobType);
-
-static const char* const job_mode_table[_JOB_MODE_MAX] = {
- [JOB_FAIL] = "fail",
- [JOB_REPLACE] = "replace",
- [JOB_REPLACE_IRREVERSIBLY] = "replace-irreversibly",
- [JOB_ISOLATE] = "isolate",
- [JOB_FLUSH] = "flush",
- [JOB_IGNORE_DEPENDENCIES] = "ignore-dependencies",
- [JOB_IGNORE_REQUIREMENTS] = "ignore-requirements",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(job_mode, JobMode);
-
-static const char* const job_result_table[_JOB_RESULT_MAX] = {
- [JOB_DONE] = "done",
- [JOB_CANCELED] = "canceled",
- [JOB_TIMEOUT] = "timeout",
- [JOB_FAILED] = "failed",
- [JOB_DEPENDENCY] = "dependency",
- [JOB_SKIPPED] = "skipped",
- [JOB_INVALID] = "invalid",
- [JOB_ASSERT] = "assert",
- [JOB_UNSUPPORTED] = "unsupported",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(job_result, JobResult);
-
-const char* job_type_to_access_method(JobType t) {
- assert(t >= 0);
- assert(t < _JOB_TYPE_MAX);
-
- if (IN_SET(t, JOB_START, JOB_RESTART, JOB_TRY_RESTART))
- return "start";
- else if (t == JOB_STOP)
- return "stop";
- else
- return "reload";
-}
diff --git a/src/core/job.h b/src/core/job.h
deleted file mode 100644
index 85368f0d30..0000000000
--- a/src/core/job.h
+++ /dev/null
@@ -1,242 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-
-#include "sd-event.h"
-
-#include "list.h"
-#include "unit-name.h"
-
-typedef struct Job Job;
-typedef struct JobDependency JobDependency;
-typedef enum JobType JobType;
-typedef enum JobState JobState;
-typedef enum JobMode JobMode;
-typedef enum JobResult JobResult;
-
-/* Be careful when changing the job types! Adjust job_merging_table[] accordingly! */
-enum JobType {
- JOB_START, /* if a unit does not support being started, we'll just wait until it becomes active */
- JOB_VERIFY_ACTIVE,
-
- JOB_STOP,
-
- JOB_RELOAD, /* if running, reload */
-
- /* Note that restarts are first treated like JOB_STOP, but
- * then instead of finishing are patched to become
- * JOB_START. */
- JOB_RESTART, /* If running, stop. Then start unconditionally. */
-
- _JOB_TYPE_MAX_MERGING,
-
- /* JOB_NOP can enter into a transaction, but as it won't pull in
- * any dependencies and it uses the special 'nop_job' slot in Unit,
- * it won't have to merge with anything (except possibly into another
- * JOB_NOP, previously installed). JOB_NOP is special-cased in
- * job_type_is_*() functions so that the transaction can be
- * activated. */
- JOB_NOP = _JOB_TYPE_MAX_MERGING, /* do nothing */
-
- _JOB_TYPE_MAX_IN_TRANSACTION,
-
- /* JOB_TRY_RESTART can never appear in a transaction, because
- * it always collapses into JOB_RESTART or JOB_NOP before entering.
- * Thus we never need to merge it with anything. */
- JOB_TRY_RESTART = _JOB_TYPE_MAX_IN_TRANSACTION, /* if running, stop and then start */
-
- /* Similar to JOB_TRY_RESTART but collapses to JOB_RELOAD or JOB_NOP */
- JOB_TRY_RELOAD,
-
- /* JOB_RELOAD_OR_START won't enter into a transaction and cannot result
- * from transaction merging (there's no way for JOB_RELOAD and
- * JOB_START to meet in one transaction). It can result from a merge
- * during job installation, but then it will immediately collapse into
- * one of the two simpler types. */
- JOB_RELOAD_OR_START, /* if running, reload, otherwise start */
-
- _JOB_TYPE_MAX,
- _JOB_TYPE_INVALID = -1
-};
-
-enum JobState {
- JOB_WAITING,
- JOB_RUNNING,
- _JOB_STATE_MAX,
- _JOB_STATE_INVALID = -1
-};
-
-enum JobMode {
- JOB_FAIL, /* Fail if a conflicting job is already queued */
- JOB_REPLACE, /* Replace an existing conflicting job */
- JOB_REPLACE_IRREVERSIBLY,/* Like JOB_REPLACE + produce irreversible jobs */
- JOB_ISOLATE, /* Start a unit, and stop all others */
- JOB_FLUSH, /* Flush out all other queued jobs when queing this one */
- JOB_IGNORE_DEPENDENCIES, /* Ignore both requirement and ordering dependencies */
- JOB_IGNORE_REQUIREMENTS, /* Ignore requirement dependencies */
- _JOB_MODE_MAX,
- _JOB_MODE_INVALID = -1
-};
-
-enum JobResult {
- JOB_DONE, /* Job completed successfully */
- JOB_CANCELED, /* Job canceled by a conflicting job installation or by explicit cancel request */
- JOB_TIMEOUT, /* Job timeout elapsed */
- JOB_FAILED, /* Job failed */
- JOB_DEPENDENCY, /* A required dependency job did not result in JOB_DONE */
- JOB_SKIPPED, /* Negative result of JOB_VERIFY_ACTIVE */
- JOB_INVALID, /* JOB_RELOAD of inactive unit */
- JOB_ASSERT, /* Couldn't start a unit, because an assert didn't hold */
- JOB_UNSUPPORTED, /* Couldn't start a unit, because the unit type is not supported on the system */
- _JOB_RESULT_MAX,
- _JOB_RESULT_INVALID = -1
-};
-
-#include "unit.h"
-
-struct JobDependency {
- /* Encodes that the 'subject' job needs the 'object' job in
- * some way. This structure is used only while building a transaction. */
- Job *subject;
- Job *object;
-
- LIST_FIELDS(JobDependency, subject);
- LIST_FIELDS(JobDependency, object);
-
- bool matters;
- bool conflicts;
-};
-
-struct Job {
- Manager *manager;
- Unit *unit;
-
- LIST_FIELDS(Job, transaction);
- LIST_FIELDS(Job, run_queue);
- LIST_FIELDS(Job, dbus_queue);
-
- LIST_HEAD(JobDependency, subject_list);
- LIST_HEAD(JobDependency, object_list);
-
- /* Used for graph algs as a "I have been here" marker */
- Job* marker;
- unsigned generation;
-
- uint32_t id;
-
- JobType type;
- JobState state;
-
- sd_event_source *timer_event_source;
- usec_t begin_usec;
-
- /*
- * This tracks where to send signals, and also which clients
- * are allowed to call DBus methods on the job (other than
- * root).
- *
- * There can be more than one client, because of job merging.
- */
- sd_bus_track *clients;
- char **deserialized_clients;
-
- JobResult result;
-
- bool installed:1;
- bool in_run_queue:1;
- bool matters_to_anchor:1;
- bool in_dbus_queue:1;
- bool sent_dbus_new_signal:1;
- bool ignore_order:1;
- bool irreversible:1;
-};
-
-Job* job_new(Unit *unit, JobType type);
-Job* job_new_raw(Unit *unit);
-void job_free(Job *job);
-Job* job_install(Job *j);
-int job_install_deserialized(Job *j);
-void job_uninstall(Job *j);
-void job_dump(Job *j, FILE*f, const char *prefix);
-int job_serialize(Job *j, FILE *f);
-int job_deserialize(Job *j, FILE *f);
-int job_coldplug(Job *j);
-
-JobDependency* job_dependency_new(Job *subject, Job *object, bool matters, bool conflicts);
-void job_dependency_free(JobDependency *l);
-
-int job_merge(Job *j, Job *other);
-
-JobType job_type_lookup_merge(JobType a, JobType b) _pure_;
-
-_pure_ static inline bool job_type_is_mergeable(JobType a, JobType b) {
- return job_type_lookup_merge(a, b) >= 0;
-}
-
-_pure_ static inline bool job_type_is_conflicting(JobType a, JobType b) {
- return a != JOB_NOP && b != JOB_NOP && !job_type_is_mergeable(a, b);
-}
-
-_pure_ static inline bool job_type_is_superset(JobType a, JobType b) {
- /* Checks whether operation a is a "superset" of b in its actions */
- if (b == JOB_NOP)
- return true;
- if (a == JOB_NOP)
- return false;
- return a == job_type_lookup_merge(a, b);
-}
-
-bool job_type_is_redundant(JobType a, UnitActiveState b) _pure_;
-
-/* Collapses a state-dependent job type into a simpler type by observing
- * the state of the unit which it is going to be applied to. */
-JobType job_type_collapse(JobType t, Unit *u);
-
-int job_type_merge_and_collapse(JobType *a, JobType b, Unit *u);
-
-void job_add_to_run_queue(Job *j);
-void job_add_to_dbus_queue(Job *j);
-
-int job_start_timer(Job *j);
-
-int job_run_and_invalidate(Job *j);
-int job_finish_and_invalidate(Job *j, JobResult result, bool recursive, bool already);
-
-char *job_dbus_path(Job *j);
-
-void job_shutdown_magic(Job *j);
-
-int job_get_timeout(Job *j, usec_t *timeout) _pure_;
-
-const char* job_type_to_string(JobType t) _const_;
-JobType job_type_from_string(const char *s) _pure_;
-
-const char* job_state_to_string(JobState t) _const_;
-JobState job_state_from_string(const char *s) _pure_;
-
-const char* job_mode_to_string(JobMode t) _const_;
-JobMode job_mode_from_string(const char *s) _pure_;
-
-const char* job_result_to_string(JobResult t) _const_;
-JobResult job_result_from_string(const char *s) _pure_;
-
-const char* job_type_to_access_method(JobType t);
diff --git a/src/core/kill.c b/src/core/kill.c
deleted file mode 100644
index 6854587d54..0000000000
--- a/src/core/kill.c
+++ /dev/null
@@ -1,68 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "kill.h"
-#include "signal-util.h"
-#include "string-table.h"
-#include "util.h"
-
-void kill_context_init(KillContext *c) {
- assert(c);
-
- c->kill_signal = SIGTERM;
- c->send_sigkill = true;
- c->send_sighup = false;
-}
-
-void kill_context_dump(KillContext *c, FILE *f, const char *prefix) {
- assert(c);
-
- if (!prefix)
- prefix = "";
-
- fprintf(f,
- "%sKillMode: %s\n"
- "%sKillSignal: SIG%s\n"
- "%sSendSIGKILL: %s\n"
- "%sSendSIGHUP: %s\n",
- prefix, kill_mode_to_string(c->kill_mode),
- prefix, signal_to_string(c->kill_signal),
- prefix, yes_no(c->send_sigkill),
- prefix, yes_no(c->send_sighup));
-}
-
-static const char* const kill_mode_table[_KILL_MODE_MAX] = {
- [KILL_CONTROL_GROUP] = "control-group",
- [KILL_PROCESS] = "process",
- [KILL_MIXED] = "mixed",
- [KILL_NONE] = "none"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(kill_mode, KillMode);
-
-static const char* const kill_who_table[_KILL_WHO_MAX] = {
- [KILL_MAIN] = "main",
- [KILL_CONTROL] = "control",
- [KILL_ALL] = "all",
- [KILL_MAIN_FAIL] = "main-fail",
- [KILL_CONTROL_FAIL] = "control-fail",
- [KILL_ALL_FAIL] = "all-fail"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(kill_who, KillWho);
diff --git a/src/core/kill.h b/src/core/kill.h
deleted file mode 100644
index b3d2056cb0..0000000000
--- a/src/core/kill.h
+++ /dev/null
@@ -1,65 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct KillContext KillContext;
-
-#include <stdbool.h>
-#include <stdio.h>
-
-#include "macro.h"
-
-typedef enum KillMode {
- /* The kill mode is a property of a unit. */
- KILL_CONTROL_GROUP = 0,
- KILL_PROCESS,
- KILL_MIXED,
- KILL_NONE,
- _KILL_MODE_MAX,
- _KILL_MODE_INVALID = -1
-} KillMode;
-
-struct KillContext {
- KillMode kill_mode;
- int kill_signal;
- bool send_sigkill;
- bool send_sighup;
-};
-
-typedef enum KillWho {
- /* Kill who is a property of an operation */
- KILL_MAIN,
- KILL_CONTROL,
- KILL_ALL,
- KILL_MAIN_FAIL,
- KILL_CONTROL_FAIL,
- KILL_ALL_FAIL,
- _KILL_WHO_MAX,
- _KILL_WHO_INVALID = -1
-} KillWho;
-
-void kill_context_init(KillContext *c);
-void kill_context_dump(KillContext *c, FILE *f, const char *prefix);
-
-const char *kill_mode_to_string(KillMode k) _const_;
-KillMode kill_mode_from_string(const char *s) _pure_;
-
-const char *kill_who_to_string(KillWho k) _const_;
-KillWho kill_who_from_string(const char *s) _pure_;
diff --git a/src/core/killall.c b/src/core/killall.c
deleted file mode 100644
index a8b814e868..0000000000
--- a/src/core/killall.c
+++ /dev/null
@@ -1,248 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 ProFUSION embedded systems
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <signal.h>
-#include <sys/wait.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "def.h"
-#include "fd-util.h"
-#include "formats-util.h"
-#include "killall.h"
-#include "parse-util.h"
-#include "process-util.h"
-#include "set.h"
-#include "string-util.h"
-#include "terminal-util.h"
-#include "util.h"
-
-static bool ignore_proc(pid_t pid, bool warn_rootfs) {
- _cleanup_fclose_ FILE *f = NULL;
- char c;
- const char *p;
- size_t count;
- uid_t uid;
- int r;
-
- /* We are PID 1, let's not commit suicide */
- if (pid == 1)
- return true;
-
- r = get_process_uid(pid, &uid);
- if (r < 0)
- return true; /* not really, but better safe than sorry */
-
- /* Non-root processes otherwise are always subject to be killed */
- if (uid != 0)
- return false;
-
- p = procfs_file_alloca(pid, "cmdline");
- f = fopen(p, "re");
- if (!f)
- return true; /* not really, but has the desired effect */
-
- count = fread(&c, 1, 1, f);
-
- /* Kernel threads have an empty cmdline */
- if (count <= 0)
- return true;
-
- /* Processes with argv[0][0] = '@' we ignore from the killing
- * spree.
- *
- * http://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons */
- if (c == '@' && warn_rootfs) {
- _cleanup_free_ char *comm = NULL;
-
- r = pid_from_same_root_fs(pid);
- if (r < 0)
- return true;
-
- get_process_comm(pid, &comm);
-
- if (r)
- log_notice("Process " PID_FMT " (%s) has been marked to be excluded from killing. It is "
- "running from the root file system, and thus likely to block re-mounting of the "
- "root file system to read-only. Please consider moving it into an initrd file "
- "system instead.", pid, strna(comm));
- return true;
- } else if (c == '@')
- return true;
-
- return false;
-}
-
-static void wait_for_children(Set *pids, sigset_t *mask) {
- usec_t until;
-
- assert(mask);
-
- if (set_isempty(pids))
- return;
-
- until = now(CLOCK_MONOTONIC) + DEFAULT_TIMEOUT_USEC;
- for (;;) {
- struct timespec ts;
- int k;
- usec_t n;
- void *p;
- Iterator i;
-
- /* First, let the kernel inform us about killed
- * children. Most processes will probably be our
- * children, but some are not (might be our
- * grandchildren instead...). */
- for (;;) {
- pid_t pid;
-
- pid = waitpid(-1, NULL, WNOHANG);
- if (pid == 0)
- break;
- if (pid < 0) {
- if (errno == ECHILD)
- break;
-
- log_error_errno(errno, "waitpid() failed: %m");
- return;
- }
-
- (void) set_remove(pids, PID_TO_PTR(pid));
- }
-
- /* Now explicitly check who might be remaining, who
- * might not be our child. */
- SET_FOREACH(p, pids, i) {
-
- /* We misuse getpgid as a check whether a
- * process still exists. */
- if (getpgid(PTR_TO_PID(p)) >= 0)
- continue;
-
- if (errno != ESRCH)
- continue;
-
- set_remove(pids, p);
- }
-
- if (set_isempty(pids))
- return;
-
- n = now(CLOCK_MONOTONIC);
- if (n >= until)
- return;
-
- timespec_store(&ts, until - n);
- k = sigtimedwait(mask, NULL, &ts);
- if (k != SIGCHLD) {
-
- if (k < 0 && errno != EAGAIN) {
- log_error_errno(errno, "sigtimedwait() failed: %m");
- return;
- }
-
- if (k >= 0)
- log_warning("sigtimedwait() returned unexpected signal.");
- }
- }
-}
-
-static int killall(int sig, Set *pids, bool send_sighup) {
- _cleanup_closedir_ DIR *dir = NULL;
- struct dirent *d;
-
- dir = opendir("/proc");
- if (!dir)
- return -errno;
-
- while ((d = readdir(dir))) {
- pid_t pid;
- int r;
-
- if (d->d_type != DT_DIR &&
- d->d_type != DT_UNKNOWN)
- continue;
-
- if (parse_pid(d->d_name, &pid) < 0)
- continue;
-
- if (ignore_proc(pid, sig == SIGKILL && !in_initrd()))
- continue;
-
- if (sig == SIGKILL) {
- _cleanup_free_ char *s = NULL;
-
- get_process_comm(pid, &s);
- log_notice("Sending SIGKILL to PID "PID_FMT" (%s).", pid, strna(s));
- }
-
- if (kill(pid, sig) >= 0) {
- if (pids) {
- r = set_put(pids, PID_TO_PTR(pid));
- if (r < 0)
- log_oom();
- }
- } else if (errno != ENOENT)
- log_warning_errno(errno, "Could not kill %d: %m", pid);
-
- if (send_sighup) {
- /* Optionally, also send a SIGHUP signal, but
- only if the process has a controlling
- tty. This is useful to allow handling of
- shells which ignore SIGTERM but react to
- SIGHUP. We do not send this to processes that
- have no controlling TTY since we don't want to
- trigger reloads of daemon processes. Also we
- make sure to only send this after SIGTERM so
- that SIGTERM is always first in the queue. */
-
-
- if (get_ctty_devnr(pid, NULL) >= 0)
- kill(pid, SIGHUP);
- }
- }
-
- return set_size(pids);
-}
-
-void broadcast_signal(int sig, bool wait_for_exit, bool send_sighup) {
- sigset_t mask, oldmask;
- _cleanup_set_free_ Set *pids = NULL;
-
- if (wait_for_exit)
- pids = set_new(NULL);
-
- assert_se(sigemptyset(&mask) == 0);
- assert_se(sigaddset(&mask, SIGCHLD) == 0);
- assert_se(sigprocmask(SIG_BLOCK, &mask, &oldmask) == 0);
-
- if (kill(-1, SIGSTOP) < 0 && errno != ESRCH)
- log_warning_errno(errno, "kill(-1, SIGSTOP) failed: %m");
-
- killall(sig, pids, send_sighup);
-
- if (kill(-1, SIGCONT) < 0 && errno != ESRCH)
- log_warning_errno(errno, "kill(-1, SIGCONT) failed: %m");
-
- if (wait_for_exit)
- wait_for_children(pids, &mask);
-
- assert_se(sigprocmask(SIG_SETMASK, &oldmask, NULL) == 0);
-}
diff --git a/src/core/killall.h b/src/core/killall.h
deleted file mode 100644
index acc2439f00..0000000000
--- a/src/core/killall.h
+++ /dev/null
@@ -1,22 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2012 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-void broadcast_signal(int sig, bool wait_for_exit, bool send_sighup);
diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c
deleted file mode 100644
index fd1021f706..0000000000
--- a/src/core/kmod-setup.c
+++ /dev/null
@@ -1,128 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <string.h>
-#include <unistd.h>
-
-#ifdef HAVE_KMOD
-#include <libkmod.h>
-#endif
-
-#include "bus-util.h"
-#include "capability-util.h"
-#include "kmod-setup.h"
-#include "macro.h"
-
-#ifdef HAVE_KMOD
-static void systemd_kmod_log(
- void *data,
- int priority,
- const char *file, int line,
- const char *fn,
- const char *format,
- va_list args) {
-
- /* library logging is enabled at debug only */
- DISABLE_WARNING_FORMAT_NONLITERAL;
- log_internalv(LOG_DEBUG, 0, file, line, fn, format, args);
- REENABLE_WARNING;
-}
-#endif
-
-int kmod_setup(void) {
-#ifdef HAVE_KMOD
-
- static const struct {
- const char *module;
- const char *path;
- bool warn_if_unavailable:1;
- bool warn_if_module:1;
- bool (*condition_fn)(void);
- } kmod_table[] = {
- /* auto-loading on use doesn't work before udev is up */
- { "autofs4", "/sys/class/misc/autofs", true, false, NULL },
-
- /* early configure of ::1 on the loopback device */
- { "ipv6", "/sys/module/ipv6", false, true, NULL },
-
- /* this should never be a module */
- { "unix", "/proc/net/unix", true, true, NULL },
-
-#ifdef HAVE_LIBIPTC
- /* netfilter is needed by networkd, nspawn among others, and cannot be autoloaded */
- { "ip_tables", "/proc/net/ip_tables_names", false, false, NULL },
-#endif
- };
- struct kmod_ctx *ctx = NULL;
- unsigned int i;
- int r;
-
- if (have_effective_cap(CAP_SYS_MODULE) == 0)
- return 0;
-
- for (i = 0; i < ELEMENTSOF(kmod_table); i++) {
- struct kmod_module *mod;
-
- if (kmod_table[i].path && access(kmod_table[i].path, F_OK) >= 0)
- continue;
-
- if (kmod_table[i].condition_fn && !kmod_table[i].condition_fn())
- continue;
-
- if (kmod_table[i].warn_if_module)
- log_debug("Your kernel apparently lacks built-in %s support. Might be "
- "a good idea to compile it in. We'll now try to work around "
- "this by loading the module...", kmod_table[i].module);
-
- if (!ctx) {
- ctx = kmod_new(NULL, NULL);
- if (!ctx)
- return log_oom();
-
- kmod_set_log_fn(ctx, systemd_kmod_log, NULL);
- kmod_load_resources(ctx);
- }
-
- r = kmod_module_new_from_name(ctx, kmod_table[i].module, &mod);
- if (r < 0) {
- log_error("Failed to lookup module '%s'", kmod_table[i].module);
- continue;
- }
-
- r = kmod_module_probe_insert_module(mod, KMOD_PROBE_APPLY_BLACKLIST, NULL, NULL, NULL, NULL);
- if (r == 0)
- log_debug("Inserted module '%s'", kmod_module_get_name(mod));
- else if (r == KMOD_PROBE_APPLY_BLACKLIST)
- log_info("Module '%s' is blacklisted", kmod_module_get_name(mod));
- else {
- bool print_warning = kmod_table[i].warn_if_unavailable || (r < 0 && r != -ENOENT);
-
- log_full_errno(print_warning ? LOG_WARNING : LOG_DEBUG, r,
- "Failed to insert module '%s': %m", kmod_module_get_name(mod));
- }
-
- kmod_module_unref(mod);
- }
-
- if (ctx)
- kmod_unref(ctx);
-
-#endif
- return 0;
-}
diff --git a/src/core/kmod-setup.h b/src/core/kmod-setup.h
deleted file mode 100644
index 685f4df301..0000000000
--- a/src/core/kmod-setup.h
+++ /dev/null
@@ -1,22 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int kmod_setup(void);
diff --git a/src/core/load-dropin.c b/src/core/load-dropin.c
deleted file mode 100644
index f83fa09301..0000000000
--- a/src/core/load-dropin.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-
-#include "conf-parser.h"
-#include "load-dropin.h"
-#include "load-fragment.h"
-#include "log.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit.h"
-
-static int add_dependency_consumer(
- UnitDependency dependency,
- const char *entry,
- const char* filepath,
- void *arg) {
- Unit *u = arg;
- int r;
-
- assert(u);
-
- r = unit_add_dependency_by_name(u, dependency, entry, filepath, true);
- if (r < 0)
- log_error_errno(r, "Cannot add dependency %s to %s, ignoring: %m", entry, u->id);
-
- return 0;
-}
-
-int unit_load_dropin(Unit *u) {
- _cleanup_strv_free_ char **l = NULL;
- Iterator i;
- char *t, **f;
- int r;
-
- assert(u);
-
- /* Load dependencies from supplementary drop-in directories */
-
- SET_FOREACH(t, u->names, i) {
- char **p;
-
- STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
- unit_file_process_dir(u->manager->unit_path_cache, *p, t, ".wants", UNIT_WANTS,
- add_dependency_consumer, u, NULL);
- unit_file_process_dir(u->manager->unit_path_cache, *p, t, ".requires", UNIT_REQUIRES,
- add_dependency_consumer, u, NULL);
- }
- }
-
- r = unit_find_dropin_paths(u, &l);
- if (r <= 0)
- return 0;
-
- if (!u->dropin_paths) {
- u->dropin_paths = l;
- l = NULL;
- } else {
- r = strv_extend_strv(&u->dropin_paths, l, true);
- if (r < 0)
- return log_oom();
- }
-
- STRV_FOREACH(f, u->dropin_paths) {
- config_parse(u->id, *f, NULL,
- UNIT_VTABLE(u)->sections,
- config_item_perf_lookup, load_fragment_gperf_lookup,
- false, false, false, u);
- }
-
- u->dropin_mtime = now(CLOCK_REALTIME);
-
- return 0;
-}
diff --git a/src/core/load-dropin.h b/src/core/load-dropin.h
deleted file mode 100644
index 942d26724e..0000000000
--- a/src/core/load-dropin.h
+++ /dev/null
@@ -1,34 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "dropin.h"
-#include "unit.h"
-
-/* Read service data supplementary drop-in directories */
-
-static inline int unit_find_dropin_paths(Unit *u, char ***paths) {
- return unit_file_find_dropin_paths(u->manager->lookup_paths.search_path,
- u->manager->unit_path_cache,
- u->names,
- paths);
-}
-
-int unit_load_dropin(Unit *u);
diff --git a/src/core/load-fragment-gperf.gperf.m4 b/src/core/load-fragment-gperf.gperf.m4
deleted file mode 100644
index af2f9d960b..0000000000
--- a/src/core/load-fragment-gperf.gperf.m4
+++ /dev/null
@@ -1,412 +0,0 @@
-%{
-#include <stddef.h>
-#include "conf-parser.h"
-#include "load-fragment.h"
-#include "missing.h"
-%}
-struct ConfigPerfItem;
-%null_strings
-%language=ANSI-C
-%define slot-name section_and_lvalue
-%define hash-function-name load_fragment_gperf_hash
-%define lookup-function-name load_fragment_gperf_lookup
-%readonly-tables
-%omit-struct-type
-%struct-type
-%includes
-%%
-m4_dnl Define the context options only once
-m4_define(`EXEC_CONTEXT_CONFIG_ITEMS',
-`$1.WorkingDirectory, config_parse_working_directory, 0, offsetof($1, exec_context)
-$1.RootDirectory, config_parse_unit_path_printf, 0, offsetof($1, exec_context.root_directory)
-$1.User, config_parse_user_group, 0, offsetof($1, exec_context.user)
-$1.Group, config_parse_user_group, 0, offsetof($1, exec_context.group)
-$1.SupplementaryGroups, config_parse_user_group_strv, 0, offsetof($1, exec_context.supplementary_groups)
-$1.Nice, config_parse_exec_nice, 0, offsetof($1, exec_context)
-$1.OOMScoreAdjust, config_parse_exec_oom_score_adjust, 0, offsetof($1, exec_context)
-$1.IOSchedulingClass, config_parse_exec_io_class, 0, offsetof($1, exec_context)
-$1.IOSchedulingPriority, config_parse_exec_io_priority, 0, offsetof($1, exec_context)
-$1.CPUSchedulingPolicy, config_parse_exec_cpu_sched_policy, 0, offsetof($1, exec_context)
-$1.CPUSchedulingPriority, config_parse_exec_cpu_sched_prio, 0, offsetof($1, exec_context)
-$1.CPUSchedulingResetOnFork, config_parse_bool, 0, offsetof($1, exec_context.cpu_sched_reset_on_fork)
-$1.CPUAffinity, config_parse_exec_cpu_affinity, 0, offsetof($1, exec_context)
-$1.UMask, config_parse_mode, 0, offsetof($1, exec_context.umask)
-$1.Environment, config_parse_environ, 0, offsetof($1, exec_context.environment)
-$1.EnvironmentFile, config_parse_unit_env_file, 0, offsetof($1, exec_context.environment_files)
-$1.PassEnvironment, config_parse_pass_environ, 0, offsetof($1, exec_context.pass_environment)
-$1.DynamicUser, config_parse_bool, 0, offsetof($1, exec_context.dynamic_user)
-$1.StandardInput, config_parse_exec_input, 0, offsetof($1, exec_context)
-$1.StandardOutput, config_parse_exec_output, 0, offsetof($1, exec_context)
-$1.StandardError, config_parse_exec_output, 0, offsetof($1, exec_context)
-$1.TTYPath, config_parse_unit_path_printf, 0, offsetof($1, exec_context.tty_path)
-$1.TTYReset, config_parse_bool, 0, offsetof($1, exec_context.tty_reset)
-$1.TTYVHangup, config_parse_bool, 0, offsetof($1, exec_context.tty_vhangup)
-$1.TTYVTDisallocate, config_parse_bool, 0, offsetof($1, exec_context.tty_vt_disallocate)
-$1.SyslogIdentifier, config_parse_unit_string_printf, 0, offsetof($1, exec_context.syslog_identifier)
-$1.SyslogFacility, config_parse_log_facility, 0, offsetof($1, exec_context.syslog_priority)
-$1.SyslogLevel, config_parse_log_level, 0, offsetof($1, exec_context.syslog_priority)
-$1.SyslogLevelPrefix, config_parse_bool, 0, offsetof($1, exec_context.syslog_level_prefix)
-$1.Capabilities, config_parse_warn_compat, DISABLED_LEGACY, offsetof($1, exec_context)
-$1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context)
-$1.CapabilityBoundingSet, config_parse_capability_set, 0, offsetof($1, exec_context.capability_bounding_set)
-$1.AmbientCapabilities, config_parse_capability_set, 0, offsetof($1, exec_context.capability_ambient_set)
-$1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec)
-$1.NoNewPrivileges, config_parse_no_new_privileges, 0, offsetof($1, exec_context)
-m4_ifdef(`HAVE_SECCOMP',
-`$1.SystemCallFilter, config_parse_syscall_filter, 0, offsetof($1, exec_context)
-$1.SystemCallArchitectures, config_parse_syscall_archs, 0, offsetof($1, exec_context.syscall_archs)
-$1.SystemCallErrorNumber, config_parse_syscall_errno, 0, offsetof($1, exec_context)
-$1.MemoryDenyWriteExecute, config_parse_bool, 0, offsetof($1, exec_context.memory_deny_write_execute)
-$1.RestrictRealtime, config_parse_bool, 0, offsetof($1, exec_context.restrict_realtime)
-$1.RestrictAddressFamilies, config_parse_address_families, 0, offsetof($1, exec_context)',
-`$1.SystemCallFilter, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.SystemCallArchitectures, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.SystemCallErrorNumber, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.MemoryDenyWriteExecute, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.RestrictRealtime, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-$1.RestrictAddressFamilies, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-$1.LimitCPU, config_parse_limit, RLIMIT_CPU, offsetof($1, exec_context.rlimit)
-$1.LimitFSIZE, config_parse_limit, RLIMIT_FSIZE, offsetof($1, exec_context.rlimit)
-$1.LimitDATA, config_parse_limit, RLIMIT_DATA, offsetof($1, exec_context.rlimit)
-$1.LimitSTACK, config_parse_limit, RLIMIT_STACK, offsetof($1, exec_context.rlimit)
-$1.LimitCORE, config_parse_limit, RLIMIT_CORE, offsetof($1, exec_context.rlimit)
-$1.LimitRSS, config_parse_limit, RLIMIT_RSS, offsetof($1, exec_context.rlimit)
-$1.LimitNOFILE, config_parse_limit, RLIMIT_NOFILE, offsetof($1, exec_context.rlimit)
-$1.LimitAS, config_parse_limit, RLIMIT_AS, offsetof($1, exec_context.rlimit)
-$1.LimitNPROC, config_parse_limit, RLIMIT_NPROC, offsetof($1, exec_context.rlimit)
-$1.LimitMEMLOCK, config_parse_limit, RLIMIT_MEMLOCK, offsetof($1, exec_context.rlimit)
-$1.LimitLOCKS, config_parse_limit, RLIMIT_LOCKS, offsetof($1, exec_context.rlimit)
-$1.LimitSIGPENDING, config_parse_limit, RLIMIT_SIGPENDING, offsetof($1, exec_context.rlimit)
-$1.LimitMSGQUEUE, config_parse_limit, RLIMIT_MSGQUEUE, offsetof($1, exec_context.rlimit)
-$1.LimitNICE, config_parse_limit, RLIMIT_NICE, offsetof($1, exec_context.rlimit)
-$1.LimitRTPRIO, config_parse_limit, RLIMIT_RTPRIO, offsetof($1, exec_context.rlimit)
-$1.LimitRTTIME, config_parse_limit, RLIMIT_RTTIME, offsetof($1, exec_context.rlimit)
-$1.ReadWriteDirectories, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_write_paths)
-$1.ReadOnlyDirectories, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_only_paths)
-$1.InaccessibleDirectories, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.inaccessible_paths)
-$1.ReadWritePaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_write_paths)
-$1.ReadOnlyPaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.read_only_paths)
-$1.InaccessiblePaths, config_parse_namespace_path_strv, 0, offsetof($1, exec_context.inaccessible_paths)
-$1.PrivateTmp, config_parse_bool, 0, offsetof($1, exec_context.private_tmp)
-$1.PrivateDevices, config_parse_bool, 0, offsetof($1, exec_context.private_devices)
-$1.ProtectKernelTunables, config_parse_bool, 0, offsetof($1, exec_context.protect_kernel_tunables)
-$1.ProtectKernelModules, config_parse_bool, 0, offsetof($1, exec_context.protect_kernel_modules)
-$1.ProtectControlGroups, config_parse_bool, 0, offsetof($1, exec_context.protect_control_groups)
-$1.PrivateNetwork, config_parse_bool, 0, offsetof($1, exec_context.private_network)
-$1.PrivateUsers, config_parse_bool, 0, offsetof($1, exec_context.private_users)
-$1.ProtectSystem, config_parse_protect_system, 0, offsetof($1, exec_context)
-$1.ProtectHome, config_parse_protect_home, 0, offsetof($1, exec_context)
-$1.MountFlags, config_parse_exec_mount_flags, 0, offsetof($1, exec_context)
-$1.Personality, config_parse_personality, 0, offsetof($1, exec_context.personality)
-$1.RuntimeDirectoryMode, config_parse_mode, 0, offsetof($1, exec_context.runtime_directory_mode)
-$1.RuntimeDirectory, config_parse_runtime_directory, 0, offsetof($1, exec_context.runtime_directory)
-m4_ifdef(`HAVE_PAM',
-`$1.PAMName, config_parse_unit_string_printf, 0, offsetof($1, exec_context.pam_name)',
-`$1.PAMName, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-$1.IgnoreSIGPIPE, config_parse_bool, 0, offsetof($1, exec_context.ignore_sigpipe)
-$1.UtmpIdentifier, config_parse_unit_string_printf, 0, offsetof($1, exec_context.utmp_id)
-$1.UtmpMode, config_parse_exec_utmp_mode, 0, offsetof($1, exec_context.utmp_mode)
-m4_ifdef(`HAVE_SELINUX',
-`$1.SELinuxContext, config_parse_exec_selinux_context, 0, offsetof($1, exec_context)',
-`$1.SELinuxContext, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-m4_ifdef(`HAVE_APPARMOR',
-`$1.AppArmorProfile, config_parse_exec_apparmor_profile, 0, offsetof($1, exec_context)',
-`$1.AppArmorProfile, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-m4_ifdef(`HAVE_SMACK',
-`$1.SmackProcessLabel, config_parse_exec_smack_process_label, 0, offsetof($1, exec_context)',
-`$1.SmackProcessLabel, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')'
-)m4_dnl
-m4_define(`KILL_CONTEXT_CONFIG_ITEMS',
-`$1.SendSIGKILL, config_parse_bool, 0, offsetof($1, kill_context.send_sigkill)
-$1.SendSIGHUP, config_parse_bool, 0, offsetof($1, kill_context.send_sighup)
-$1.KillMode, config_parse_kill_mode, 0, offsetof($1, kill_context.kill_mode)
-$1.KillSignal, config_parse_signal, 0, offsetof($1, kill_context.kill_signal)'
-)m4_dnl
-m4_define(`CGROUP_CONTEXT_CONFIG_ITEMS',
-`$1.Slice, config_parse_unit_slice, 0, 0
-$1.CPUAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.cpu_accounting)
-$1.CPUWeight, config_parse_cpu_weight, 0, offsetof($1, cgroup_context.cpu_weight)
-$1.StartupCPUWeight, config_parse_cpu_weight, 0, offsetof($1, cgroup_context.startup_cpu_weight)
-$1.CPUShares, config_parse_cpu_shares, 0, offsetof($1, cgroup_context.cpu_shares)
-$1.StartupCPUShares, config_parse_cpu_shares, 0, offsetof($1, cgroup_context.startup_cpu_shares)
-$1.CPUQuota, config_parse_cpu_quota, 0, offsetof($1, cgroup_context)
-$1.MemoryAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.memory_accounting)
-$1.MemoryLow, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryHigh, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryMax, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemorySwapMax, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.MemoryLimit, config_parse_memory_limit, 0, offsetof($1, cgroup_context)
-$1.DeviceAllow, config_parse_device_allow, 0, offsetof($1, cgroup_context)
-$1.DevicePolicy, config_parse_device_policy, 0, offsetof($1, cgroup_context.device_policy)
-$1.IOAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.io_accounting)
-$1.IOWeight, config_parse_io_weight, 0, offsetof($1, cgroup_context.io_weight)
-$1.StartupIOWeight, config_parse_io_weight, 0, offsetof($1, cgroup_context.startup_io_weight)
-$1.IODeviceWeight, config_parse_io_device_weight, 0, offsetof($1, cgroup_context)
-$1.IOReadBandwidthMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IOWriteBandwidthMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IOReadIOPSMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.IOWriteIOPSMax, config_parse_io_limit, 0, offsetof($1, cgroup_context)
-$1.BlockIOAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.blockio_accounting)
-$1.BlockIOWeight, config_parse_blockio_weight, 0, offsetof($1, cgroup_context.blockio_weight)
-$1.StartupBlockIOWeight, config_parse_blockio_weight, 0, offsetof($1, cgroup_context.startup_blockio_weight)
-$1.BlockIODeviceWeight, config_parse_blockio_device_weight, 0, offsetof($1, cgroup_context)
-$1.BlockIOReadBandwidth, config_parse_blockio_bandwidth, 0, offsetof($1, cgroup_context)
-$1.BlockIOWriteBandwidth, config_parse_blockio_bandwidth, 0, offsetof($1, cgroup_context)
-$1.TasksAccounting, config_parse_bool, 0, offsetof($1, cgroup_context.tasks_accounting)
-$1.TasksMax, config_parse_tasks_max, 0, offsetof($1, cgroup_context.tasks_max)
-$1.Delegate, config_parse_bool, 0, offsetof($1, cgroup_context.delegate)
-$1.NetClass, config_parse_warn_compat, DISABLED_LEGACY, 0'
-)m4_dnl
-Unit.Description, config_parse_unit_string_printf, 0, offsetof(Unit, description)
-Unit.Documentation, config_parse_documentation, 0, offsetof(Unit, documentation)
-Unit.SourcePath, config_parse_path, 0, offsetof(Unit, source_path)
-Unit.Requires, config_parse_unit_deps, UNIT_REQUIRES, 0
-Unit.Requisite, config_parse_unit_deps, UNIT_REQUISITE, 0
-Unit.Wants, config_parse_unit_deps, UNIT_WANTS, 0
-Unit.BindsTo, config_parse_unit_deps, UNIT_BINDS_TO, 0
-Unit.BindTo, config_parse_unit_deps, UNIT_BINDS_TO, 0
-Unit.Conflicts, config_parse_unit_deps, UNIT_CONFLICTS, 0
-Unit.Before, config_parse_unit_deps, UNIT_BEFORE, 0
-Unit.After, config_parse_unit_deps, UNIT_AFTER, 0
-Unit.OnFailure, config_parse_unit_deps, UNIT_ON_FAILURE, 0
-Unit.PropagatesReloadTo, config_parse_unit_deps, UNIT_PROPAGATES_RELOAD_TO, 0
-Unit.PropagateReloadTo, config_parse_unit_deps, UNIT_PROPAGATES_RELOAD_TO, 0
-Unit.ReloadPropagatedFrom, config_parse_unit_deps, UNIT_RELOAD_PROPAGATED_FROM, 0
-Unit.PropagateReloadFrom, config_parse_unit_deps, UNIT_RELOAD_PROPAGATED_FROM, 0
-Unit.PartOf, config_parse_unit_deps, UNIT_PART_OF, 0
-Unit.JoinsNamespaceOf, config_parse_unit_deps, UNIT_JOINS_NAMESPACE_OF, 0
-Unit.RequiresOverridable, config_parse_obsolete_unit_deps, UNIT_REQUIRES, 0
-Unit.RequisiteOverridable, config_parse_obsolete_unit_deps, UNIT_REQUISITE, 0
-Unit.RequiresMountsFor, config_parse_unit_requires_mounts_for, 0, 0
-Unit.StopWhenUnneeded, config_parse_bool, 0, offsetof(Unit, stop_when_unneeded)
-Unit.RefuseManualStart, config_parse_bool, 0, offsetof(Unit, refuse_manual_start)
-Unit.RefuseManualStop, config_parse_bool, 0, offsetof(Unit, refuse_manual_stop)
-Unit.AllowIsolate, config_parse_bool, 0, offsetof(Unit, allow_isolate)
-Unit.DefaultDependencies, config_parse_bool, 0, offsetof(Unit, default_dependencies)
-Unit.OnFailureJobMode, config_parse_job_mode, 0, offsetof(Unit, on_failure_job_mode)
-Unit.OnFailureIsolate, config_parse_job_mode_isolate, 0, offsetof(Unit, on_failure_job_mode)
-Unit.IgnoreOnIsolate, config_parse_bool, 0, offsetof(Unit, ignore_on_isolate)
-Unit.IgnoreOnSnapshot, config_parse_warn_compat, DISABLED_LEGACY, 0
-Unit.JobTimeoutSec, config_parse_sec_fix_0, 0, offsetof(Unit, job_timeout)
-Unit.JobTimeoutAction, config_parse_emergency_action, 0, offsetof(Unit, job_timeout_action)
-Unit.JobTimeoutRebootArgument, config_parse_string, 0, offsetof(Unit, job_timeout_reboot_arg)
-Unit.StartLimitIntervalSec, config_parse_sec, 0, offsetof(Unit, start_limit.interval)
-m4_dnl The following is a legacy alias name for compatibility
-Unit.StartLimitInterval, config_parse_sec, 0, offsetof(Unit, start_limit.interval)
-Unit.StartLimitBurst, config_parse_unsigned, 0, offsetof(Unit, start_limit.burst)
-Unit.StartLimitAction, config_parse_emergency_action, 0, offsetof(Unit, start_limit_action)
-Unit.RebootArgument, config_parse_string, 0, offsetof(Unit, reboot_arg)
-Unit.ConditionPathExists, config_parse_unit_condition_path, CONDITION_PATH_EXISTS, offsetof(Unit, conditions)
-Unit.ConditionPathExistsGlob, config_parse_unit_condition_path, CONDITION_PATH_EXISTS_GLOB, offsetof(Unit, conditions)
-Unit.ConditionPathIsDirectory, config_parse_unit_condition_path, CONDITION_PATH_IS_DIRECTORY, offsetof(Unit, conditions)
-Unit.ConditionPathIsSymbolicLink,config_parse_unit_condition_path, CONDITION_PATH_IS_SYMBOLIC_LINK,offsetof(Unit, conditions)
-Unit.ConditionPathIsMountPoint, config_parse_unit_condition_path, CONDITION_PATH_IS_MOUNT_POINT, offsetof(Unit, conditions)
-Unit.ConditionPathIsReadWrite, config_parse_unit_condition_path, CONDITION_PATH_IS_READ_WRITE, offsetof(Unit, conditions)
-Unit.ConditionDirectoryNotEmpty, config_parse_unit_condition_path, CONDITION_DIRECTORY_NOT_EMPTY, offsetof(Unit, conditions)
-Unit.ConditionFileNotEmpty, config_parse_unit_condition_path, CONDITION_FILE_NOT_EMPTY, offsetof(Unit, conditions)
-Unit.ConditionFileIsExecutable, config_parse_unit_condition_path, CONDITION_FILE_IS_EXECUTABLE, offsetof(Unit, conditions)
-Unit.ConditionNeedsUpdate, config_parse_unit_condition_path, CONDITION_NEEDS_UPDATE, offsetof(Unit, conditions)
-Unit.ConditionFirstBoot, config_parse_unit_condition_string, CONDITION_FIRST_BOOT, offsetof(Unit, conditions)
-Unit.ConditionKernelCommandLine, config_parse_unit_condition_string, CONDITION_KERNEL_COMMAND_LINE, offsetof(Unit, conditions)
-Unit.ConditionArchitecture, config_parse_unit_condition_string, CONDITION_ARCHITECTURE, offsetof(Unit, conditions)
-Unit.ConditionVirtualization, config_parse_unit_condition_string, CONDITION_VIRTUALIZATION, offsetof(Unit, conditions)
-Unit.ConditionSecurity, config_parse_unit_condition_string, CONDITION_SECURITY, offsetof(Unit, conditions)
-Unit.ConditionCapability, config_parse_unit_condition_string, CONDITION_CAPABILITY, offsetof(Unit, conditions)
-Unit.ConditionHost, config_parse_unit_condition_string, CONDITION_HOST, offsetof(Unit, conditions)
-Unit.ConditionACPower, config_parse_unit_condition_string, CONDITION_AC_POWER, offsetof(Unit, conditions)
-Unit.ConditionNull, config_parse_unit_condition_null, 0, offsetof(Unit, conditions)
-Unit.AssertPathExists, config_parse_unit_condition_path, CONDITION_PATH_EXISTS, offsetof(Unit, asserts)
-Unit.AssertPathExistsGlob, config_parse_unit_condition_path, CONDITION_PATH_EXISTS_GLOB, offsetof(Unit, asserts)
-Unit.AssertPathIsDirectory, config_parse_unit_condition_path, CONDITION_PATH_IS_DIRECTORY, offsetof(Unit, asserts)
-Unit.AssertPathIsSymbolicLink, config_parse_unit_condition_path, CONDITION_PATH_IS_SYMBOLIC_LINK,offsetof(Unit, asserts)
-Unit.AssertPathIsMountPoint, config_parse_unit_condition_path, CONDITION_PATH_IS_MOUNT_POINT, offsetof(Unit, asserts)
-Unit.AssertPathIsReadWrite, config_parse_unit_condition_path, CONDITION_PATH_IS_READ_WRITE, offsetof(Unit, asserts)
-Unit.AssertDirectoryNotEmpty, config_parse_unit_condition_path, CONDITION_DIRECTORY_NOT_EMPTY, offsetof(Unit, asserts)
-Unit.AssertFileNotEmpty, config_parse_unit_condition_path, CONDITION_FILE_NOT_EMPTY, offsetof(Unit, asserts)
-Unit.AssertFileIsExecutable, config_parse_unit_condition_path, CONDITION_FILE_IS_EXECUTABLE, offsetof(Unit, asserts)
-Unit.AssertNeedsUpdate, config_parse_unit_condition_path, CONDITION_NEEDS_UPDATE, offsetof(Unit, asserts)
-Unit.AssertFirstBoot, config_parse_unit_condition_string, CONDITION_FIRST_BOOT, offsetof(Unit, asserts)
-Unit.AssertKernelCommandLine, config_parse_unit_condition_string, CONDITION_KERNEL_COMMAND_LINE, offsetof(Unit, asserts)
-Unit.AssertArchitecture, config_parse_unit_condition_string, CONDITION_ARCHITECTURE, offsetof(Unit, asserts)
-Unit.AssertVirtualization, config_parse_unit_condition_string, CONDITION_VIRTUALIZATION, offsetof(Unit, asserts)
-Unit.AssertSecurity, config_parse_unit_condition_string, CONDITION_SECURITY, offsetof(Unit, asserts)
-Unit.AssertCapability, config_parse_unit_condition_string, CONDITION_CAPABILITY, offsetof(Unit, asserts)
-Unit.AssertHost, config_parse_unit_condition_string, CONDITION_HOST, offsetof(Unit, asserts)
-Unit.AssertACPower, config_parse_unit_condition_string, CONDITION_AC_POWER, offsetof(Unit, asserts)
-Unit.AssertNull, config_parse_unit_condition_null, 0, offsetof(Unit, asserts)
-m4_dnl
-Service.PIDFile, config_parse_unit_path_printf, 0, offsetof(Service, pid_file)
-Service.ExecStartPre, config_parse_exec, SERVICE_EXEC_START_PRE, offsetof(Service, exec_command)
-Service.ExecStart, config_parse_exec, SERVICE_EXEC_START, offsetof(Service, exec_command)
-Service.ExecStartPost, config_parse_exec, SERVICE_EXEC_START_POST, offsetof(Service, exec_command)
-Service.ExecReload, config_parse_exec, SERVICE_EXEC_RELOAD, offsetof(Service, exec_command)
-Service.ExecStop, config_parse_exec, SERVICE_EXEC_STOP, offsetof(Service, exec_command)
-Service.ExecStopPost, config_parse_exec, SERVICE_EXEC_STOP_POST, offsetof(Service, exec_command)
-Service.RestartSec, config_parse_sec, 0, offsetof(Service, restart_usec)
-Service.TimeoutSec, config_parse_service_timeout, 0, 0
-Service.TimeoutStartSec, config_parse_service_timeout, 0, 0
-Service.TimeoutStopSec, config_parse_service_timeout, 0, 0
-Service.RuntimeMaxSec, config_parse_sec, 0, offsetof(Service, runtime_max_usec)
-Service.WatchdogSec, config_parse_sec, 0, offsetof(Service, watchdog_usec)
-m4_dnl The following three only exist for compatibility, they moved into Unit, see above
-Service.StartLimitInterval, config_parse_sec, 0, offsetof(Unit, start_limit.interval)
-Service.StartLimitBurst, config_parse_unsigned, 0, offsetof(Unit, start_limit.burst)
-Service.StartLimitAction, config_parse_emergency_action, 0, offsetof(Unit, start_limit_action)
-Service.RebootArgument, config_parse_string, 0, offsetof(Unit, reboot_arg)
-Service.FailureAction, config_parse_emergency_action, 0, offsetof(Service, emergency_action)
-Service.Type, config_parse_service_type, 0, offsetof(Service, type)
-Service.Restart, config_parse_service_restart, 0, offsetof(Service, restart)
-Service.PermissionsStartOnly, config_parse_bool, 0, offsetof(Service, permissions_start_only)
-Service.RootDirectoryStartOnly, config_parse_bool, 0, offsetof(Service, root_directory_start_only)
-Service.RemainAfterExit, config_parse_bool, 0, offsetof(Service, remain_after_exit)
-Service.GuessMainPID, config_parse_bool, 0, offsetof(Service, guess_main_pid)
-Service.RestartPreventExitStatus, config_parse_set_status, 0, offsetof(Service, restart_prevent_status)
-Service.RestartForceExitStatus, config_parse_set_status, 0, offsetof(Service, restart_force_status)
-Service.SuccessExitStatus, config_parse_set_status, 0, offsetof(Service, success_status)
-Service.SysVStartPriority, config_parse_warn_compat, DISABLED_LEGACY, 0
-Service.NonBlocking, config_parse_bool, 0, offsetof(Service, exec_context.non_blocking)
-Service.BusName, config_parse_bus_name, 0, offsetof(Service, bus_name)
-Service.FileDescriptorStoreMax, config_parse_unsigned, 0, offsetof(Service, n_fd_store_max)
-Service.NotifyAccess, config_parse_notify_access, 0, offsetof(Service, notify_access)
-Service.Sockets, config_parse_service_sockets, 0, 0
-Service.BusPolicy, config_parse_warn_compat, DISABLED_LEGACY, 0
-Service.USBFunctionDescriptors, config_parse_path, 0, offsetof(Service, usb_function_descriptors)
-Service.USBFunctionStrings, config_parse_path, 0, offsetof(Service, usb_function_strings)
-EXEC_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Service)m4_dnl
-m4_dnl
-Socket.ListenStream, config_parse_socket_listen, SOCKET_SOCKET, 0
-Socket.ListenDatagram, config_parse_socket_listen, SOCKET_SOCKET, 0
-Socket.ListenSequentialPacket, config_parse_socket_listen, SOCKET_SOCKET, 0
-Socket.ListenFIFO, config_parse_socket_listen, SOCKET_FIFO, 0
-Socket.ListenNetlink, config_parse_socket_listen, SOCKET_SOCKET, 0
-Socket.ListenSpecial, config_parse_socket_listen, SOCKET_SPECIAL, 0
-Socket.ListenMessageQueue, config_parse_socket_listen, SOCKET_MQUEUE, 0
-Socket.ListenUSBFunction, config_parse_socket_listen, SOCKET_USB_FUNCTION, 0
-Socket.SocketProtocol, config_parse_socket_protocol, 0, 0
-Socket.BindIPv6Only, config_parse_socket_bind, 0, 0,
-Socket.Backlog, config_parse_unsigned, 0, offsetof(Socket, backlog)
-Socket.BindToDevice, config_parse_socket_bindtodevice, 0, 0
-Socket.ExecStartPre, config_parse_exec, SOCKET_EXEC_START_PRE, offsetof(Socket, exec_command)
-Socket.ExecStartPost, config_parse_exec, SOCKET_EXEC_START_POST, offsetof(Socket, exec_command)
-Socket.ExecStopPre, config_parse_exec, SOCKET_EXEC_STOP_PRE, offsetof(Socket, exec_command)
-Socket.ExecStopPost, config_parse_exec, SOCKET_EXEC_STOP_POST, offsetof(Socket, exec_command)
-Socket.TimeoutSec, config_parse_sec, 0, offsetof(Socket, timeout_usec)
-Socket.SocketUser, config_parse_user_group, 0, offsetof(Socket, user)
-Socket.SocketGroup, config_parse_user_group, 0, offsetof(Socket, group)
-Socket.SocketMode, config_parse_mode, 0, offsetof(Socket, socket_mode)
-Socket.DirectoryMode, config_parse_mode, 0, offsetof(Socket, directory_mode)
-Socket.Accept, config_parse_bool, 0, offsetof(Socket, accept)
-Socket.Writable, config_parse_bool, 0, offsetof(Socket, writable)
-Socket.MaxConnections, config_parse_unsigned, 0, offsetof(Socket, max_connections)
-Socket.MaxConnectionsPerSource, config_parse_unsigned, 0, offsetof(Socket, max_connections_per_source)
-Socket.KeepAlive, config_parse_bool, 0, offsetof(Socket, keep_alive)
-Socket.KeepAliveTimeSec, config_parse_sec, 0, offsetof(Socket, keep_alive_time)
-Socket.KeepAliveIntervalSec, config_parse_sec, 0, offsetof(Socket, keep_alive_interval)
-Socket.KeepAliveProbes, config_parse_unsigned, 0, offsetof(Socket, keep_alive_cnt)
-Socket.DeferAcceptSec, config_parse_sec, 0, offsetof(Socket, defer_accept)
-Socket.NoDelay, config_parse_bool, 0, offsetof(Socket, no_delay)
-Socket.Priority, config_parse_int, 0, offsetof(Socket, priority)
-Socket.ReceiveBuffer, config_parse_iec_size, 0, offsetof(Socket, receive_buffer)
-Socket.SendBuffer, config_parse_iec_size, 0, offsetof(Socket, send_buffer)
-Socket.IPTOS, config_parse_ip_tos, 0, offsetof(Socket, ip_tos)
-Socket.IPTTL, config_parse_int, 0, offsetof(Socket, ip_ttl)
-Socket.Mark, config_parse_int, 0, offsetof(Socket, mark)
-Socket.PipeSize, config_parse_iec_size, 0, offsetof(Socket, pipe_size)
-Socket.FreeBind, config_parse_bool, 0, offsetof(Socket, free_bind)
-Socket.Transparent, config_parse_bool, 0, offsetof(Socket, transparent)
-Socket.Broadcast, config_parse_bool, 0, offsetof(Socket, broadcast)
-Socket.PassCredentials, config_parse_bool, 0, offsetof(Socket, pass_cred)
-Socket.PassSecurity, config_parse_bool, 0, offsetof(Socket, pass_sec)
-Socket.TCPCongestion, config_parse_string, 0, offsetof(Socket, tcp_congestion)
-Socket.ReusePort, config_parse_bool, 0, offsetof(Socket, reuse_port)
-Socket.MessageQueueMaxMessages, config_parse_long, 0, offsetof(Socket, mq_maxmsg)
-Socket.MessageQueueMessageSize, config_parse_long, 0, offsetof(Socket, mq_msgsize)
-Socket.RemoveOnStop, config_parse_bool, 0, offsetof(Socket, remove_on_stop)
-Socket.Symlinks, config_parse_unit_path_strv_printf, 0, offsetof(Socket, symlinks)
-Socket.FileDescriptorName, config_parse_fdname, 0, 0
-Socket.Service, config_parse_socket_service, 0, 0
-Socket.TriggerLimitIntervalSec, config_parse_sec, 0, offsetof(Socket, trigger_limit.interval)
-Socket.TriggerLimitBurst, config_parse_unsigned, 0, offsetof(Socket, trigger_limit.burst)
-m4_ifdef(`HAVE_SMACK',
-`Socket.SmackLabel, config_parse_string, 0, offsetof(Socket, smack)
-Socket.SmackLabelIPIn, config_parse_string, 0, offsetof(Socket, smack_ip_in)
-Socket.SmackLabelIPOut, config_parse_string, 0, offsetof(Socket, smack_ip_out)',
-`Socket.SmackLabel, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-Socket.SmackLabelIPIn, config_parse_warn_compat, DISABLED_CONFIGURATION, 0
-Socket.SmackLabelIPOut, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-m4_ifdef(`HAVE_SELINUX',
-`Socket.SELinuxContextFromNet, config_parse_bool, 0, offsetof(Socket, selinux_context_from_net)',
-`Socket.SELinuxContextFromNet, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
-EXEC_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Socket)m4_dnl
-m4_dnl
-BusName.Name, config_parse_string, 0, offsetof(BusName, name)
-BusName.Activating, config_parse_bool, 0, offsetof(BusName, activating)
-BusName.Service, config_parse_busname_service, 0, 0
-BusName.AllowUser, config_parse_bus_policy, 0, 0
-BusName.AllowGroup, config_parse_bus_policy, 0, 0
-BusName.AllowWorld, config_parse_bus_policy_world, 0, offsetof(BusName, policy_world)
-BusName.SELinuxContext, config_parse_exec_selinux_context, 0, 0
-BusName.AcceptFileDescriptors, config_parse_bool, 0, offsetof(BusName, accept_fd)
-m4_dnl
-Mount.What, config_parse_string, 0, offsetof(Mount, parameters_fragment.what)
-Mount.Where, config_parse_path, 0, offsetof(Mount, where)
-Mount.Options, config_parse_string, 0, offsetof(Mount, parameters_fragment.options)
-Mount.Type, config_parse_string, 0, offsetof(Mount, parameters_fragment.fstype)
-Mount.TimeoutSec, config_parse_sec, 0, offsetof(Mount, timeout_usec)
-Mount.DirectoryMode, config_parse_mode, 0, offsetof(Mount, directory_mode)
-Mount.SloppyOptions, config_parse_bool, 0, offsetof(Mount, sloppy_options)
-Mount.LazyUnmount, config_parse_bool, 0, offsetof(Mount, lazy_unmount)
-Mount.ForceUnmount, config_parse_bool, 0, offsetof(Mount, force_unmount)
-EXEC_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Mount)m4_dnl
-m4_dnl
-Automount.Where, config_parse_path, 0, offsetof(Automount, where)
-Automount.DirectoryMode, config_parse_mode, 0, offsetof(Automount, directory_mode)
-Automount.TimeoutIdleSec, config_parse_sec, 0, offsetof(Automount, timeout_idle_usec)
-m4_dnl
-Swap.What, config_parse_path, 0, offsetof(Swap, parameters_fragment.what)
-Swap.Priority, config_parse_int, 0, offsetof(Swap, parameters_fragment.priority)
-Swap.Options, config_parse_string, 0, offsetof(Swap, parameters_fragment.options)
-Swap.TimeoutSec, config_parse_sec, 0, offsetof(Swap, timeout_usec)
-EXEC_CONTEXT_CONFIG_ITEMS(Swap)m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Swap)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Swap)m4_dnl
-m4_dnl
-Timer.OnCalendar, config_parse_timer, 0, 0
-Timer.OnActiveSec, config_parse_timer, 0, 0
-Timer.OnBootSec, config_parse_timer, 0, 0
-Timer.OnStartupSec, config_parse_timer, 0, 0
-Timer.OnUnitActiveSec, config_parse_timer, 0, 0
-Timer.OnUnitInactiveSec, config_parse_timer, 0, 0
-Timer.Persistent, config_parse_bool, 0, offsetof(Timer, persistent)
-Timer.WakeSystem, config_parse_bool, 0, offsetof(Timer, wake_system)
-Timer.RemainAfterElapse, config_parse_bool, 0, offsetof(Timer, remain_after_elapse)
-Timer.AccuracySec, config_parse_sec, 0, offsetof(Timer, accuracy_usec)
-Timer.RandomizedDelaySec, config_parse_sec, 0, offsetof(Timer, random_usec)
-Timer.Unit, config_parse_trigger_unit, 0, 0
-m4_dnl
-Path.PathExists, config_parse_path_spec, 0, 0
-Path.PathExistsGlob, config_parse_path_spec, 0, 0
-Path.PathChanged, config_parse_path_spec, 0, 0
-Path.PathModified, config_parse_path_spec, 0, 0
-Path.DirectoryNotEmpty, config_parse_path_spec, 0, 0
-Path.Unit, config_parse_trigger_unit, 0, 0
-Path.MakeDirectory, config_parse_bool, 0, offsetof(Path, make_directory)
-Path.DirectoryMode, config_parse_mode, 0, offsetof(Path, directory_mode)
-m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Slice)m4_dnl
-m4_dnl
-CGROUP_CONTEXT_CONFIG_ITEMS(Scope)m4_dnl
-KILL_CONTEXT_CONFIG_ITEMS(Scope)m4_dnl
-Scope.TimeoutStopSec, config_parse_sec, 0, offsetof(Scope, timeout_stop_usec)
-m4_dnl The [Install] section is ignored here.
-Install.Alias, NULL, 0, 0
-Install.WantedBy, NULL, 0, 0
-Install.RequiredBy, NULL, 0, 0
-Install.Also, NULL, 0, 0
-Install.DefaultInstance, NULL, 0, 0
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
deleted file mode 100644
index cbc826809e..0000000000
--- a/src/core/load-fragment.c
+++ /dev/null
@@ -1,4387 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright 2012 Holger Hans Peter Freyther
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <fcntl.h>
-#include <linux/fs.h>
-#include <linux/oom.h>
-#ifdef HAVE_SECCOMP
-#include <seccomp.h>
-#endif
-#include <sched.h>
-#include <string.h>
-#include <sys/resource.h>
-#include <sys/stat.h>
-
-#include "af-list.h"
-#include "alloc-util.h"
-#include "bus-error.h"
-#include "bus-internal.h"
-#include "bus-util.h"
-#include "cap-list.h"
-#include "capability-util.h"
-#include "cgroup.h"
-#include "conf-parser.h"
-#include "cpu-set-util.h"
-#include "env-util.h"
-#include "errno-list.h"
-#include "escape.h"
-#include "fd-util.h"
-#include "fs-util.h"
-#include "ioprio.h"
-#include "load-fragment.h"
-#include "log.h"
-#include "missing.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "rlimit-util.h"
-#ifdef HAVE_SECCOMP
-#include "seccomp-util.h"
-#endif
-#include "securebits.h"
-#include "signal-util.h"
-#include "stat-util.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit-printf.h"
-#include "unit.h"
-#include "user-util.h"
-#include "utf8.h"
-#include "web-util.h"
-
-int config_parse_warn_compat(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
- Disabled reason = ltype;
-
- switch(reason) {
- case DISABLED_CONFIGURATION:
- log_syntax(unit, LOG_DEBUG, filename, line, 0,
- "Support for option %s= has been disabled at compile time and it is ignored", lvalue);
- break;
- case DISABLED_LEGACY:
- log_syntax(unit, LOG_INFO, filename, line, 0,
- "Support for option %s= has been removed and it is ignored", lvalue);
- break;
- case DISABLED_EXPERIMENTAL:
- log_syntax(unit, LOG_INFO, filename, line, 0,
- "Support for option %s= has not yet been enabled and it is ignored", lvalue);
- break;
- };
-
- return 0;
-}
-
-int config_parse_unit_deps(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- UnitDependency d = ltype;
- Unit *u = userdata;
- const char *p;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- p = rvalue;
- for (;;) {
- _cleanup_free_ char *word = NULL, *k = NULL;
- int r;
-
- r = extract_first_word(&p, &word, NULL, EXTRACT_RETAIN_ESCAPE);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
- break;
- }
-
- r = unit_name_printf(u, word, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- continue;
- }
-
- r = unit_add_dependency_by_name(u, d, k, NULL, true);
- if (r < 0)
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
- }
-
- return 0;
-}
-
-int config_parse_obsolete_unit_deps(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- log_syntax(unit, LOG_WARNING, filename, line, 0,
- "Unit dependency type %s= is obsolete, replacing by %s=, please update your unit file", lvalue, unit_dependency_to_string(ltype));
-
- return config_parse_unit_deps(unit, filename, line, section, section_line, lvalue, ltype, rvalue, data, userdata);
-}
-
-int config_parse_unit_string_printf(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *k = NULL;
- Unit *u = userdata;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
-}
-
-int config_parse_unit_strv_printf(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Unit *u = userdata;
- _cleanup_free_ char *k = NULL;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- return config_parse_strv(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
-}
-
-int config_parse_unit_path_printf(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *k = NULL;
- Unit *u = userdata;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- return config_parse_path(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
-}
-
-int config_parse_unit_path_strv_printf(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- char ***x = data;
- const char *word, *state;
- Unit *u = userdata;
- size_t l;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *k = NULL;
- char t[l+1];
-
- memcpy(t, word, l);
- t[l] = 0;
-
- r = unit_full_printf(u, t, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", t);
- return 0;
- }
-
- if (!utf8_is_valid(k)) {
- log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
- return 0;
- }
-
- if (!path_is_absolute(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Symlink path %s is not absolute, ignoring: %m", k);
- return 0;
- }
-
- path_kill_slashes(k);
-
- r = strv_push(x, k);
- if (r < 0)
- return log_oom();
-
- k = NULL;
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, ignoring.");
-
- return 0;
-}
-
-int config_parse_socket_listen(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ SocketPort *p = NULL;
- SocketPort *tail;
- Socket *s;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- s = SOCKET(data);
-
- if (isempty(rvalue)) {
- /* An empty assignment removes all ports */
- socket_free_ports(s);
- return 0;
- }
-
- p = new0(SocketPort, 1);
- if (!p)
- return log_oom();
-
- if (ltype != SOCKET_SOCKET) {
-
- p->type = ltype;
- r = unit_full_printf(UNIT(s), rvalue, &p->path);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- path_kill_slashes(p->path);
-
- } else if (streq(lvalue, "ListenNetlink")) {
- _cleanup_free_ char *k = NULL;
-
- p->type = SOCKET_SOCKET;
- r = unit_full_printf(UNIT(s), rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- r = socket_address_parse_netlink(&p->address, k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value, ignoring: %s", rvalue);
- return 0;
- }
-
- } else {
- _cleanup_free_ char *k = NULL;
-
- p->type = SOCKET_SOCKET;
- r = unit_full_printf(UNIT(s), rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,"Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- r = socket_address_parse_and_warn(&p->address, k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse address value, ignoring: %s", rvalue);
- return 0;
- }
-
- if (streq(lvalue, "ListenStream"))
- p->address.type = SOCK_STREAM;
- else if (streq(lvalue, "ListenDatagram"))
- p->address.type = SOCK_DGRAM;
- else {
- assert(streq(lvalue, "ListenSequentialPacket"));
- p->address.type = SOCK_SEQPACKET;
- }
-
- if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Address family not supported, ignoring: %s", rvalue);
- return 0;
- }
- }
-
- p->fd = -1;
- p->auxiliary_fds = NULL;
- p->n_auxiliary_fds = 0;
- p->socket = s;
-
- if (s->ports) {
- LIST_FIND_TAIL(port, s->ports, tail);
- LIST_INSERT_AFTER(port, s->ports, tail, p);
- } else
- LIST_PREPEND(port, s->ports, p);
- p = NULL;
-
- return 0;
-}
-
-int config_parse_socket_protocol(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
- Socket *s;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- s = SOCKET(data);
-
- if (streq(rvalue, "udplite"))
- s->socket_protocol = IPPROTO_UDPLITE;
- else if (streq(rvalue, "sctp"))
- s->socket_protocol = IPPROTO_SCTP;
- else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Socket protocol not supported, ignoring: %s", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-int config_parse_socket_bind(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Socket *s;
- SocketAddressBindIPv6Only b;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- s = SOCKET(data);
-
- b = socket_address_bind_ipv6_only_from_string(rvalue);
- if (b < 0) {
- int r;
-
- r = parse_boolean(rvalue);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse bind IPv6 only value, ignoring: %s", rvalue);
- return 0;
- }
-
- s->bind_ipv6_only = r ? SOCKET_ADDRESS_IPV6_ONLY : SOCKET_ADDRESS_BOTH;
- } else
- s->bind_ipv6_only = b;
-
- return 0;
-}
-
-int config_parse_exec_nice(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int priority, r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = parse_nice(rvalue, &priority);
- if (r < 0) {
- if (r == -ERANGE)
- log_syntax(unit, LOG_ERR, filename, line, r, "Nice priority out of range, ignoring: %s", rvalue);
- else
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse nice priority, ignoring: %s", rvalue);
-
- return 0;
- }
-
- c->nice = priority;
- c->nice_set = true;
-
- return 0;
-}
-
-int config_parse_exec_oom_score_adjust(const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int oa, r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = safe_atoi(rvalue, &oa);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse the OOM score adjust value, ignoring: %s", rvalue);
- return 0;
- }
-
- if (oa < OOM_SCORE_ADJ_MIN || oa > OOM_SCORE_ADJ_MAX) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "OOM score adjust value out of range, ignoring: %s", rvalue);
- return 0;
- }
-
- c->oom_score_adjust = oa;
- c->oom_score_adjust_set = true;
-
- return 0;
-}
-
-int config_parse_exec(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecCommand **e = data;
- const char *p;
- bool semicolon;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(e);
-
- e += ltype;
- rvalue += strspn(rvalue, WHITESPACE);
-
- if (isempty(rvalue)) {
- /* An empty assignment resets the list */
- *e = exec_command_free_list(*e);
- return 0;
- }
-
- p = rvalue;
- do {
- _cleanup_free_ char *path = NULL, *firstword = NULL;
- bool separate_argv0 = false, ignore = false, privileged = false;
- _cleanup_free_ ExecCommand *nce = NULL;
- _cleanup_strv_free_ char **n = NULL;
- size_t nlen = 0, nbufsize = 0;
- char *f;
- int i;
-
- semicolon = false;
-
- r = extract_first_word_and_warn(&p, &firstword, WHITESPACE, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
- if (r <= 0)
- return 0;
-
- f = firstword;
- for (i = 0; i < 3; i++) {
- /* We accept an absolute path as first argument.
- * If it's prefixed with - and the path doesn't exist,
- * we ignore it instead of erroring out;
- * if it's prefixed with @, we allow overriding of argv[0];
- * and if it's prefixed with !, it will be run with full privileges */
- if (*f == '-' && !ignore)
- ignore = true;
- else if (*f == '@' && !separate_argv0)
- separate_argv0 = true;
- else if (*f == '+' && !privileged)
- privileged = true;
- else
- break;
- f++;
- }
-
- if (isempty(f)) {
- /* First word is either "-" or "@" with no command. */
- log_syntax(unit, LOG_ERR, filename, line, 0, "Empty path in command line, ignoring: \"%s\"", rvalue);
- return 0;
- }
- if (!string_is_safe(f)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Executable path contains special characters, ignoring: %s", rvalue);
- return 0;
- }
- if (!path_is_absolute(f)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Executable path is not absolute, ignoring: %s", rvalue);
- return 0;
- }
- if (endswith(f, "/")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Executable path specifies a directory, ignoring: %s", rvalue);
- return 0;
- }
-
- if (f == firstword) {
- path = firstword;
- firstword = NULL;
- } else {
- path = strdup(f);
- if (!path)
- return log_oom();
- }
-
- if (!separate_argv0) {
- if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
- return log_oom();
- f = strdup(path);
- if (!f)
- return log_oom();
- n[nlen++] = f;
- n[nlen] = NULL;
- }
-
- path_kill_slashes(path);
-
- while (!isempty(p)) {
- _cleanup_free_ char *word = NULL;
-
- /* Check explicitly for an unquoted semicolon as
- * command separator token. */
- if (p[0] == ';' && (!p[1] || strchr(WHITESPACE, p[1]))) {
- p++;
- p += strspn(p, WHITESPACE);
- semicolon = true;
- break;
- }
-
- /* Check for \; explicitly, to not confuse it with \\;
- * or "\;" or "\\;" etc. extract_first_word would
- * return the same for all of those. */
- if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
- p += 2;
- p += strspn(p, WHITESPACE);
- if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
- return log_oom();
- f = strdup(";");
- if (!f)
- return log_oom();
- n[nlen++] = f;
- n[nlen] = NULL;
- continue;
- }
-
- r = extract_first_word_and_warn(&p, &word, WHITESPACE, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
- if (r == 0)
- break;
- else if (r < 0)
- return 0;
-
- if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
- return log_oom();
- n[nlen++] = word;
- n[nlen] = NULL;
- word = NULL;
- }
-
- if (!n || !n[0]) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Empty executable name or zeroeth argument, ignoring: %s", rvalue);
- return 0;
- }
-
- nce = new0(ExecCommand, 1);
- if (!nce)
- return log_oom();
-
- nce->argv = n;
- nce->path = path;
- nce->ignore = ignore;
- nce->privileged = privileged;
-
- exec_command_append_list(e, nce);
-
- /* Do not _cleanup_free_ these. */
- n = NULL;
- path = NULL;
- nce = NULL;
-
- rvalue = p;
- } while (semicolon);
-
- return 0;
-}
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_service_type, service_type, ServiceType, "Failed to parse service type");
-DEFINE_CONFIG_PARSE_ENUM(config_parse_service_restart, service_restart, ServiceRestart, "Failed to parse service restart specifier");
-
-int config_parse_socket_bindtodevice(
- const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Socket *s = data;
- char *n;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (rvalue[0] && !streq(rvalue, "*")) {
- if (!ifname_valid(rvalue)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Interface name is invalid, ignoring: %s", rvalue);
- return 0;
- }
-
- n = strdup(rvalue);
- if (!n)
- return log_oom();
- } else
- n = NULL;
-
- free(s->bind_to_device);
- s->bind_to_device = n;
-
- return 0;
-}
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_input, exec_input, ExecInput, "Failed to parse input literal specifier");
-DEFINE_CONFIG_PARSE_ENUM(config_parse_output, exec_output, ExecOutput, "Failed to parse output literal specifier");
-
-int config_parse_exec_input(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
- ExecContext *c = data;
- const char *name;
- int r;
-
- assert(data);
- assert(filename);
- assert(line);
- assert(rvalue);
-
- name = startswith(rvalue, "fd:");
- if (name) {
- /* Strip prefix and validate fd name */
- if (!fdname_is_valid(name)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", name);
- return 0;
- }
- c->std_input = EXEC_INPUT_NAMED_FD;
- r = free_and_strdup(&c->stdio_fdname[STDIN_FILENO], name);
- if (r < 0)
- log_oom();
- return r;
- } else {
- ExecInput ei = exec_input_from_string(rvalue);
- if (ei == _EXEC_INPUT_INVALID)
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse input specifier, ignoring: %s", rvalue);
- else
- c->std_input = ei;
- return 0;
- }
-}
-
-int config_parse_exec_output(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
- ExecContext *c = data;
- ExecOutput eo;
- const char *name;
- int r;
-
- assert(data);
- assert(filename);
- assert(line);
- assert(lvalue);
- assert(rvalue);
-
- name = startswith(rvalue, "fd:");
- if (name) {
- /* Strip prefix and validate fd name */
- if (!fdname_is_valid(name)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", name);
- return 0;
- }
- eo = EXEC_OUTPUT_NAMED_FD;
- } else {
- eo = exec_output_from_string(rvalue);
- if (eo == _EXEC_OUTPUT_INVALID) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output specifier, ignoring: %s", rvalue);
- return 0;
- }
- }
-
- if (streq(lvalue, "StandardOutput")) {
- c->std_output = eo;
- r = free_and_strdup(&c->stdio_fdname[STDOUT_FILENO], name);
- if (r < 0)
- log_oom();
- return r;
- } else if (streq(lvalue, "StandardError")) {
- c->std_error = eo;
- r = free_and_strdup(&c->stdio_fdname[STDERR_FILENO], name);
- if (r < 0)
- log_oom();
- return r;
- } else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse output property, ignoring: %s", lvalue);
- return 0;
- }
-}
-
-int config_parse_exec_io_class(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int x;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- x = ioprio_class_from_string(rvalue);
- if (x < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IO scheduling class, ignoring: %s", rvalue);
- return 0;
- }
-
- c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
- c->ioprio_set = true;
-
- return 0;
-}
-
-int config_parse_exec_io_priority(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int i, r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = safe_atoi(rvalue, &i);
- if (r < 0 || i < 0 || i >= IOPRIO_BE_NR) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse IO priority, ignoring: %s", rvalue);
- return 0;
- }
-
- c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
- c->ioprio_set = true;
-
- return 0;
-}
-
-int config_parse_exec_cpu_sched_policy(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
-
- ExecContext *c = data;
- int x;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- x = sched_policy_from_string(rvalue);
- if (x < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
- return 0;
- }
-
- c->cpu_sched_policy = x;
- /* Moving to or from real-time policy? We need to adjust the priority */
- c->cpu_sched_priority = CLAMP(c->cpu_sched_priority, sched_get_priority_min(x), sched_get_priority_max(x));
- c->cpu_sched_set = true;
-
- return 0;
-}
-
-int config_parse_exec_cpu_sched_prio(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int i, min, max, r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = safe_atoi(rvalue, &i);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CPU scheduling policy, ignoring: %s", rvalue);
- return 0;
- }
-
- /* On Linux RR/FIFO range from 1 to 99 and OTHER/BATCH may only be 0 */
- min = sched_get_priority_min(c->cpu_sched_policy);
- max = sched_get_priority_max(c->cpu_sched_policy);
-
- if (i < min || i > max) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "CPU scheduling priority is out of range, ignoring: %s", rvalue);
- return 0;
- }
-
- c->cpu_sched_priority = i;
- c->cpu_sched_set = true;
-
- return 0;
-}
-
-int config_parse_exec_cpu_affinity(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- _cleanup_cpu_free_ cpu_set_t *cpuset = NULL;
- int ncpus;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- ncpus = parse_cpu_set_and_warn(rvalue, &cpuset, unit, filename, line, lvalue);
- if (ncpus < 0)
- return ncpus;
-
- if (c->cpuset)
- CPU_FREE(c->cpuset);
-
- if (ncpus == 0)
- /* An empty assignment resets the CPU list */
- c->cpuset = NULL;
- else {
- c->cpuset = cpuset;
- cpuset = NULL;
- }
- c->cpuset_ncpus = ncpus;
-
- return 0;
-}
-
-int config_parse_exec_secure_bits(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- size_t l;
- const char *word, *state;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* An empty assignment resets the field */
- c->secure_bits = 0;
- return 0;
- }
-
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- if (first_word(word, "keep-caps"))
- c->secure_bits |= 1<<SECURE_KEEP_CAPS;
- else if (first_word(word, "keep-caps-locked"))
- c->secure_bits |= 1<<SECURE_KEEP_CAPS_LOCKED;
- else if (first_word(word, "no-setuid-fixup"))
- c->secure_bits |= 1<<SECURE_NO_SETUID_FIXUP;
- else if (first_word(word, "no-setuid-fixup-locked"))
- c->secure_bits |= 1<<SECURE_NO_SETUID_FIXUP_LOCKED;
- else if (first_word(word, "noroot"))
- c->secure_bits |= 1<<SECURE_NOROOT;
- else if (first_word(word, "noroot-locked"))
- c->secure_bits |= 1<<SECURE_NOROOT_LOCKED;
- else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse secure bits, ignoring: %s", rvalue);
- return 0;
- }
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid syntax, garbage at the end, ignoring.");
-
- return 0;
-}
-
-int config_parse_capability_set(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- uint64_t *capability_set = data;
- uint64_t sum = 0, initial = 0;
- bool invert = false;
- const char *p;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (rvalue[0] == '~') {
- invert = true;
- rvalue++;
- }
-
- if (strcmp(lvalue, "CapabilityBoundingSet") == 0)
- initial = CAP_ALL; /* initialized to all bits on */
- /* else "AmbientCapabilities" initialized to all bits off */
-
- p = rvalue;
- for (;;) {
- _cleanup_free_ char *word = NULL;
- int cap, r;
-
- r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse word, ignoring: %s", rvalue);
- break;
- }
-
- cap = capability_from_name(word);
- if (cap < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse capability in bounding/ambient set, ignoring: %s", word);
- continue;
- }
-
- sum |= ((uint64_t) UINT64_C(1)) << (uint64_t) cap;
- }
-
- sum = invert ? ~sum : sum;
-
- if (sum == 0 || *capability_set == initial)
- /* "" or uninitialized data -> replace */
- *capability_set = sum;
- else
- /* previous data -> merge */
- *capability_set |= sum;
-
- return 0;
-}
-
-int config_parse_limit(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- struct rlimit **rl = data, d = {};
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = rlimit_parse(ltype, rvalue, &d);
- if (r == -EILSEQ) {
- log_syntax(unit, LOG_WARNING, filename, line, r, "Soft resource limit chosen higher than hard limit, ignoring: %s", rvalue);
- return 0;
- }
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse resource value, ignoring: %s", rvalue);
- return 0;
- }
-
- if (rl[ltype])
- *rl[ltype] = d;
- else {
- rl[ltype] = newdup(struct rlimit, &d, 1);
- if (!rl[ltype])
- return log_oom();
- }
-
- return 0;
-}
-
-#ifdef HAVE_SYSV_COMPAT
-int config_parse_sysv_priority(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- int *priority = data;
- int i, r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = safe_atoi(rvalue, &i);
- if (r < 0 || i < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse SysV start priority, ignoring: %s", rvalue);
- return 0;
- }
-
- *priority = (int) i;
- return 0;
-}
-#endif
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
-DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
-
-int config_parse_exec_mount_flags(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
-
- unsigned long flags = 0;
- ExecContext *c = data;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (streq(rvalue, "shared"))
- flags = MS_SHARED;
- else if (streq(rvalue, "slave"))
- flags = MS_SLAVE;
- else if (streq(rvalue, "private"))
- flags = MS_PRIVATE;
- else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse mount flag %s, ignoring.", rvalue);
- return 0;
- }
-
- c->mount_flags = flags;
-
- return 0;
-}
-
-int config_parse_exec_selinux_context(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- Unit *u = userdata;
- bool ignore;
- char *k;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- c->selinux_context = mfree(c->selinux_context);
- c->selinux_context_ignore = false;
- return 0;
- }
-
- if (rvalue[0] == '-') {
- ignore = true;
- rvalue++;
- } else
- ignore = false;
-
- r = unit_name_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- return 0;
- }
-
- free(c->selinux_context);
- c->selinux_context = k;
- c->selinux_context_ignore = ignore;
-
- return 0;
-}
-
-int config_parse_exec_apparmor_profile(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- Unit *u = userdata;
- bool ignore;
- char *k;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- c->apparmor_profile = mfree(c->apparmor_profile);
- c->apparmor_profile_ignore = false;
- return 0;
- }
-
- if (rvalue[0] == '-') {
- ignore = true;
- rvalue++;
- } else
- ignore = false;
-
- r = unit_name_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- return 0;
- }
-
- free(c->apparmor_profile);
- c->apparmor_profile = k;
- c->apparmor_profile_ignore = ignore;
-
- return 0;
-}
-
-int config_parse_exec_smack_process_label(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- Unit *u = userdata;
- bool ignore;
- char *k;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- c->smack_process_label = mfree(c->smack_process_label);
- c->smack_process_label_ignore = false;
- return 0;
- }
-
- if (rvalue[0] == '-') {
- ignore = true;
- rvalue++;
- } else
- ignore = false;
-
- r = unit_name_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- return 0;
- }
-
- free(c->smack_process_label);
- c->smack_process_label = k;
- c->smack_process_label_ignore = ignore;
-
- return 0;
-}
-
-int config_parse_timer(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Timer *t = data;
- usec_t usec = 0;
- TimerValue *v;
- TimerBase b;
- CalendarSpec *c = NULL;
- Unit *u = userdata;
- _cleanup_free_ char *k = NULL;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets list */
- timer_free_values(t);
- return 0;
- }
-
- b = timer_base_from_string(lvalue);
- if (b < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer base, ignoring: %s", lvalue);
- return 0;
- }
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
- return 0;
- }
-
- if (b == TIMER_CALENDAR) {
- if (calendar_spec_from_string(k, &c) < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse calendar specification, ignoring: %s", k);
- return 0;
- }
- } else {
- if (parse_sec(k, &usec) < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse timer value, ignoring: %s", k);
- return 0;
- }
- }
-
- v = new0(TimerValue, 1);
- if (!v) {
- calendar_spec_free(c);
- return log_oom();
- }
-
- v->base = b;
- v->value = usec;
- v->calendar_spec = c;
-
- LIST_PREPEND(value, t->values, v);
-
- return 0;
-}
-
-int config_parse_trigger_unit(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *p = NULL;
- Unit *u = data;
- UnitType type;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (!set_isempty(u->dependencies[UNIT_TRIGGERS])) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Multiple units to trigger specified, ignoring: %s", rvalue);
- return 0;
- }
-
- r = unit_name_printf(u, rvalue, &p);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- return 0;
- }
-
- type = unit_name_to_type(p);
- if (type < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Unit type not valid, ignoring: %s", rvalue);
- return 0;
- }
-
- if (type == u->type) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trigger cannot be of same type, ignoring: %s", rvalue);
- return 0;
- }
-
- r = unit_add_two_dependencies_by_name(u, UNIT_BEFORE, UNIT_TRIGGERS, p, NULL, true);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add trigger on %s, ignoring: %m", p);
- return 0;
- }
-
- return 0;
-}
-
-int config_parse_path_spec(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Path *p = data;
- PathSpec *s;
- PathType b;
- _cleanup_free_ char *k = NULL;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment clears list */
- path_free_specs(p);
- return 0;
- }
-
- b = path_type_from_string(lvalue);
- if (b < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse path type, ignoring: %s", lvalue);
- return 0;
- }
-
- r = unit_full_printf(UNIT(p), rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s. Ignoring.", rvalue);
- return 0;
- }
-
- if (!path_is_absolute(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Path is not absolute, ignoring: %s", k);
- return 0;
- }
-
- s = new0(PathSpec, 1);
- if (!s)
- return log_oom();
-
- s->unit = UNIT(p);
- s->path = path_kill_slashes(k);
- k = NULL;
- s->type = b;
- s->inotify_fd = -1;
-
- LIST_PREPEND(spec, p->specs, s);
-
- return 0;
-}
-
-int config_parse_socket_service(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_free_ char *p = NULL;
- Socket *s = data;
- Unit *x;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = unit_name_printf(UNIT(s), rvalue, &p);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
-
- if (!endswith(p, ".service")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service, ignoring: %s", rvalue);
- return 0;
- }
-
- r = manager_load_unit(UNIT(s)->manager, p, NULL, &error, &x);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s, ignoring: %s", rvalue, bus_error_message(&error, r));
- return 0;
- }
-
- unit_ref_set(&s->service, x);
-
- return 0;
-}
-
-int config_parse_fdname(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *p = NULL;
- Socket *s = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- s->fdname = mfree(s->fdname);
- return 0;
- }
-
- r = unit_name_printf(UNIT(s), rvalue, &p);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
-
- if (!fdname_is_valid(p)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid file descriptor name, ignoring: %s", p);
- return 0;
- }
-
- return free_and_replace(s->fdname, p);
-}
-
-int config_parse_service_sockets(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Service *s = data;
- const char *p;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- p = rvalue;
- for (;;) {
- _cleanup_free_ char *word = NULL, *k = NULL;
-
- r = extract_first_word(&p, &word, NULL, 0);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage in sockets, ignoring: %s", rvalue);
- break;
- }
-
- r = unit_name_printf(UNIT(s), word, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- continue;
- }
-
- if (!endswith(k, ".socket")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type socket, ignoring: %s", k);
- continue;
- }
-
- r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_WANTS, UNIT_AFTER, k, NULL, true);
- if (r < 0)
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
-
- r = unit_add_dependency_by_name(UNIT(s), UNIT_TRIGGERED_BY, k, NULL, true);
- if (r < 0)
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add dependency on %s, ignoring: %m", k);
- }
-
- return 0;
-}
-
-int config_parse_bus_name(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *k = NULL;
- Unit *u = userdata;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s, ignoring: %m", rvalue);
- return 0;
- }
-
- if (!service_name_is_valid(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid bus name %s, ignoring.", k);
- return 0;
- }
-
- return config_parse_string(unit, filename, line, section, section_line, lvalue, ltype, k, data, userdata);
-}
-
-int config_parse_service_timeout(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Service *s = userdata;
- usec_t usec;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(s);
-
- /* This is called for three cases: TimeoutSec=, TimeoutStopSec= and TimeoutStartSec=. */
-
- r = parse_sec(rvalue, &usec);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
- return 0;
- }
-
- /* Traditionally, these options accepted 0 to disable the timeouts. However, a timeout of 0 suggests it happens
- * immediately, hence fix this to become USEC_INFINITY instead. This is in-line with how we internally handle
- * all other timeouts. */
- if (usec <= 0)
- usec = USEC_INFINITY;
-
- if (!streq(lvalue, "TimeoutStopSec")) {
- s->start_timeout_defined = true;
- s->timeout_start_usec = usec;
- }
-
- if (!streq(lvalue, "TimeoutStartSec"))
- s->timeout_stop_usec = usec;
-
- return 0;
-}
-
-int config_parse_sec_fix_0(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- usec_t *usec = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(usec);
-
- /* This is pretty much like config_parse_sec(), except that this treats a time of 0 as infinity, for
- * compatibility with older versions of systemd where 0 instead of infinity was used as indicator to turn off a
- * timeout. */
-
- r = parse_sec(rvalue, usec);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse %s= parameter, ignoring: %s", lvalue, rvalue);
- return 0;
- }
-
- if (*usec <= 0)
- *usec = USEC_INFINITY;
-
- return 0;
-}
-
-int config_parse_user_group(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- char **user = data, *n;
- Unit *u = userdata;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- if (isempty(rvalue))
- n = NULL;
- else {
- _cleanup_free_ char *k = NULL;
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", rvalue);
- return 0;
- }
-
- if (!valid_user_group_name_or_id(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID, ignoring: %s", k);
- return 0;
- }
-
- n = k;
- k = NULL;
- }
-
- free(*user);
- *user = n;
-
- return 0;
-}
-
-int config_parse_user_group_strv(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- char ***users = data;
- Unit *u = userdata;
- const char *p;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- if (isempty(rvalue)) {
- char **empty;
-
- empty = new0(char*, 1);
- if (!empty)
- return log_oom();
-
- strv_free(*users);
- *users = empty;
-
- return 0;
- }
-
- p = rvalue;
- for (;;) {
- _cleanup_free_ char *word = NULL, *k = NULL;
-
- r = extract_first_word(&p, &word, WHITESPACE, 0);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
- break;
- }
-
- r = unit_full_printf(u, word, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in %s, ignoring: %m", word);
- continue;
- }
-
- if (!valid_user_group_name_or_id(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid user/group name or numeric ID, ignoring: %s", k);
- continue;
- }
-
- r = strv_push(users, k);
- if (r < 0)
- return log_oom();
-
- k = NULL;
- }
-
- return 0;
-}
-
-int config_parse_busname_service(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- BusName *n = data;
- int r;
- Unit *x;
- _cleanup_free_ char *p = NULL;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- r = unit_name_printf(UNIT(n), rvalue, &p);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
-
- if (!endswith(p, ".service")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Unit must be of type service, ignoring: %s", rvalue);
- return 0;
- }
-
- r = manager_load_unit(UNIT(n)->manager, p, NULL, &error, &x);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load unit %s, ignoring: %s", rvalue, bus_error_message(&error, r));
- return 0;
- }
-
- unit_ref_set(&n->service, x);
-
- return 0;
-}
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_bus_policy_world, bus_policy_access, BusPolicyAccess, "Failed to parse bus name policy access");
-
-int config_parse_bus_policy(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ BusNamePolicy *p = NULL;
- _cleanup_free_ char *id_str = NULL;
- BusName *busname = data;
- char *access_str;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- p = new0(BusNamePolicy, 1);
- if (!p)
- return log_oom();
-
- if (streq(lvalue, "AllowUser"))
- p->type = BUSNAME_POLICY_TYPE_USER;
- else if (streq(lvalue, "AllowGroup"))
- p->type = BUSNAME_POLICY_TYPE_GROUP;
- else
- assert_not_reached("Unknown lvalue");
-
- id_str = strdup(rvalue);
- if (!id_str)
- return log_oom();
-
- access_str = strpbrk(id_str, WHITESPACE);
- if (!access_str) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid busname policy value '%s'", rvalue);
- return 0;
- }
-
- *access_str = '\0';
- access_str++;
- access_str += strspn(access_str, WHITESPACE);
-
- p->access = bus_policy_access_from_string(access_str);
- if (p->access < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid busname policy access type '%s'", access_str);
- return 0;
- }
-
- p->name = id_str;
- id_str = NULL;
-
- LIST_PREPEND(policy, busname->policy, p);
- p = NULL;
-
- return 0;
-}
-
-int config_parse_working_directory(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- Unit *u = userdata;
- bool missing_ok;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(c);
- assert(u);
-
- if (rvalue[0] == '-') {
- missing_ok = true;
- rvalue++;
- } else
- missing_ok = false;
-
- if (streq(rvalue, "~")) {
- c->working_directory_home = true;
- c->working_directory = mfree(c->working_directory);
- } else {
- _cleanup_free_ char *k = NULL;
-
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers in working directory path '%s', ignoring: %m", rvalue);
- return 0;
- }
-
- path_kill_slashes(k);
-
- if (!utf8_is_valid(k)) {
- log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
- return 0;
- }
-
- if (!path_is_absolute(k)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Working directory path '%s' is not absolute, ignoring.", rvalue);
- return 0;
- }
-
- free_and_replace(c->working_directory, k);
-
- c->working_directory_home = false;
- }
-
- c->working_directory_missing_ok = missing_ok;
- return 0;
-}
-
-int config_parse_unit_env_file(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- char ***env = data;
- Unit *u = userdata;
- _cleanup_free_ char *n = NULL;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment frees the list */
- *env = strv_free(*env);
- return 0;
- }
-
- r = unit_full_printf(u, rvalue, &n);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
-
- if (!path_is_absolute(n[0] == '-' ? n + 1 : n)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Path '%s' is not absolute, ignoring.", n);
- return 0;
- }
-
- r = strv_extend(env, n);
- if (r < 0)
- return log_oom();
-
- return 0;
-}
-
-int config_parse_environ(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Unit *u = userdata;
- char*** env = data;
- const char *word, *state;
- size_t l;
- _cleanup_free_ char *k = NULL;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *env = strv_free(*env);
- return 0;
- }
-
- if (u) {
- r = unit_full_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
- }
-
- if (!k) {
- k = strdup(rvalue);
- if (!k)
- return log_oom();
- }
-
- FOREACH_WORD_QUOTED(word, l, k, state) {
- _cleanup_free_ char *n = NULL;
- char **x;
-
- r = cunescape_length(word, l, 0, &n);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Couldn't unescape assignment, ignoring: %s", rvalue);
- continue;
- }
-
- if (!env_assignment_is_valid(n)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid environment assignment, ignoring: %s", rvalue);
- continue;
- }
-
- x = strv_env_set(*env, n);
- if (!x)
- return log_oom();
-
- strv_free(*env);
- *env = x;
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-
-int config_parse_pass_environ(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- const char *whole_rvalue = rvalue;
- char*** passenv = data;
- _cleanup_strv_free_ char **n = NULL;
- size_t nlen = 0, nbufsize = 0;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *passenv = strv_free(*passenv);
- return 0;
- }
-
- for (;;) {
- _cleanup_free_ char *word = NULL;
-
- r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r,
- "Trailing garbage in %s, ignoring: %s", lvalue, whole_rvalue);
- break;
- }
-
- if (!env_name_is_valid(word)) {
- log_syntax(unit, LOG_ERR, filename, line, EINVAL,
- "Invalid environment name for %s, ignoring: %s", lvalue, word);
- continue;
- }
-
- if (!GREEDY_REALLOC(n, nbufsize, nlen + 2))
- return log_oom();
- n[nlen++] = word;
- n[nlen] = NULL;
- word = NULL;
- }
-
- if (n) {
- r = strv_extend_strv(passenv, n, true);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-int config_parse_ip_tos(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- int *ip_tos = data, x;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- x = ip_tos_from_string(rvalue);
- if (x < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse IP TOS value, ignoring: %s", rvalue);
- return 0;
- }
-
- *ip_tos = x;
- return 0;
-}
-
-int config_parse_unit_condition_path(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *p = NULL;
- Condition **list = data, *c;
- ConditionType t = ltype;
- bool trigger, negate;
- Unit *u = userdata;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *list = condition_free_list(*list);
- return 0;
- }
-
- trigger = rvalue[0] == '|';
- if (trigger)
- rvalue++;
-
- negate = rvalue[0] == '!';
- if (negate)
- rvalue++;
-
- r = unit_full_printf(u, rvalue, &p);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
-
- if (!path_is_absolute(p)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Path in condition not absolute, ignoring: %s", p);
- return 0;
- }
-
- c = condition_new(t, p, trigger, negate);
- if (!c)
- return log_oom();
-
- LIST_PREPEND(conditions, *list, c);
- return 0;
-}
-
-int config_parse_unit_condition_string(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *s = NULL;
- Condition **list = data, *c;
- ConditionType t = ltype;
- bool trigger, negate;
- Unit *u = userdata;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *list = condition_free_list(*list);
- return 0;
- }
-
- trigger = rvalue[0] == '|';
- if (trigger)
- rvalue++;
-
- negate = rvalue[0] == '!';
- if (negate)
- rvalue++;
-
- r = unit_full_printf(u, rvalue, &s);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %s", rvalue);
- return 0;
- }
-
- c = condition_new(t, s, trigger, negate);
- if (!c)
- return log_oom();
-
- LIST_PREPEND(conditions, *list, c);
- return 0;
-}
-
-int config_parse_unit_condition_null(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Condition **list = data, *c;
- bool trigger, negate;
- int b;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *list = condition_free_list(*list);
- return 0;
- }
-
- trigger = rvalue[0] == '|';
- if (trigger)
- rvalue++;
-
- negate = rvalue[0] == '!';
- if (negate)
- rvalue++;
-
- b = parse_boolean(rvalue);
- if (b < 0) {
- log_syntax(unit, LOG_ERR, filename, line, b, "Failed to parse boolean value in condition, ignoring: %s", rvalue);
- return 0;
- }
-
- if (!b)
- negate = !negate;
-
- c = condition_new(CONDITION_NULL, NULL, trigger, negate);
- if (!c)
- return log_oom();
-
- LIST_PREPEND(conditions, *list, c);
- return 0;
-}
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_notify_access, notify_access, NotifyAccess, "Failed to parse notify access specifier");
-DEFINE_CONFIG_PARSE_ENUM(config_parse_emergency_action, emergency_action, EmergencyAction, "Failed to parse failure action specifier");
-
-int config_parse_unit_requires_mounts_for(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Unit *u = userdata;
- const char *word, *state;
- size_t l;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- int r;
- _cleanup_free_ char *n;
-
- n = strndup(word, l);
- if (!n)
- return log_oom();
-
- if (!utf8_is_valid(n)) {
- log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, rvalue);
- continue;
- }
-
- r = unit_require_mounts_for(u, n);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to add required mount for, ignoring: %s", rvalue);
- continue;
- }
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-
-int config_parse_documentation(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Unit *u = userdata;
- int r;
- char **a, **b;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- u->documentation = strv_free(u->documentation);
- return 0;
- }
-
- r = config_parse_unit_strv_printf(unit, filename, line, section, section_line, lvalue, ltype,
- rvalue, data, userdata);
- if (r < 0)
- return r;
-
- for (a = b = u->documentation; a && *a; a++) {
-
- if (documentation_url_is_valid(*a))
- *(b++) = *a;
- else {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid URL, ignoring: %s", *a);
- free(*a);
- }
- }
- if (b)
- *b = NULL;
-
- return r;
-}
-
-#ifdef HAVE_SECCOMP
-
-static int syscall_filter_parse_one(
- const char *unit,
- const char *filename,
- unsigned line,
- ExecContext *c,
- bool invert,
- const char *t,
- bool warn) {
- int r;
-
- if (t[0] == '@') {
- const SyscallFilterSet *set;
- const char *i;
-
- set = syscall_filter_set_find(t);
- if (!set) {
- if (warn)
- log_syntax(unit, LOG_WARNING, filename, line, 0, "Don't know system call group, ignoring: %s", t);
- return 0;
- }
-
- NULSTR_FOREACH(i, set->value) {
- r = syscall_filter_parse_one(unit, filename, line, c, invert, i, false);
- if (r < 0)
- return r;
- }
- } else {
- int id;
-
- id = seccomp_syscall_resolve_name(t);
- if (id == __NR_SCMP_ERROR) {
- if (warn)
- log_syntax(unit, LOG_WARNING, filename, line, 0, "Failed to parse system call, ignoring: %s", t);
- return 0;
- }
-
- /* If we previously wanted to forbid a syscall and now
- * we want to allow it, then remove it from the list
- */
- if (!invert == c->syscall_whitelist) {
- r = set_put(c->syscall_filter, INT_TO_PTR(id + 1));
- if (r == 0)
- return 0;
- if (r < 0)
- return log_oom();
- } else
- (void) set_remove(c->syscall_filter, INT_TO_PTR(id + 1));
- }
-
- return 0;
-}
-
-int config_parse_syscall_filter(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- Unit *u = userdata;
- bool invert = false;
- const char *p;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- c->syscall_filter = set_free(c->syscall_filter);
- c->syscall_whitelist = false;
- return 0;
- }
-
- if (rvalue[0] == '~') {
- invert = true;
- rvalue++;
- }
-
- if (!c->syscall_filter) {
- c->syscall_filter = set_new(NULL);
- if (!c->syscall_filter)
- return log_oom();
-
- if (invert)
- /* Allow everything but the ones listed */
- c->syscall_whitelist = false;
- else {
- /* Allow nothing but the ones listed */
- c->syscall_whitelist = true;
-
- /* Accept default syscalls if we are on a whitelist */
- r = syscall_filter_parse_one(unit, filename, line, c, false, "@default", false);
- if (r < 0)
- return r;
- }
- }
-
- p = rvalue;
- for (;;) {
- _cleanup_free_ char *word = NULL;
-
- r = extract_first_word(&p, &word, NULL, 0);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_WARNING, filename, line, r, "Invalid syntax, ignoring: %s", rvalue);
- break;
- }
-
- r = syscall_filter_parse_one(unit, filename, line, c, invert, word, true);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-int config_parse_syscall_archs(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- Set **archs = data;
- const char *word, *state;
- size_t l;
- int r;
-
- if (isempty(rvalue)) {
- *archs = set_free(*archs);
- return 0;
- }
-
- r = set_ensure_allocated(archs, NULL);
- if (r < 0)
- return log_oom();
-
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL;
- uint32_t a;
-
- t = strndup(word, l);
- if (!t)
- return log_oom();
-
- r = seccomp_arch_from_string(t, &a);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse system call architecture, ignoring: %s", t);
- continue;
- }
-
- r = set_put(*archs, UINT32_TO_PTR(a + 1));
- if (r == 0)
- continue;
- if (r < 0)
- return log_oom();
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-
-int config_parse_syscall_errno(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int e;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets to KILL */
- c->syscall_errno = 0;
- return 0;
- }
-
- e = errno_from_name(rvalue);
- if (e < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse error number, ignoring: %s", rvalue);
- return 0;
- }
-
- c->syscall_errno = e;
- return 0;
-}
-
-int config_parse_address_families(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- bool invert = false;
- const char *word, *state;
- size_t l;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- c->address_families = set_free(c->address_families);
- c->address_families_whitelist = false;
- return 0;
- }
-
- if (rvalue[0] == '~') {
- invert = true;
- rvalue++;
- }
-
- if (!c->address_families) {
- c->address_families = set_new(NULL);
- if (!c->address_families)
- return log_oom();
-
- c->address_families_whitelist = !invert;
- }
-
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL;
- int af;
-
- t = strndup(word, l);
- if (!t)
- return log_oom();
-
- af = af_from_name(t);
- if (af <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse address family, ignoring: %s", t);
- continue;
- }
-
- /* If we previously wanted to forbid an address family and now
- * we want to allow it, then remove it from the list
- */
- if (!invert == c->address_families_whitelist) {
- r = set_put(c->address_families, INT_TO_PTR(af));
- if (r == 0)
- continue;
- if (r < 0)
- return log_oom();
- } else
- set_remove(c->address_families, INT_TO_PTR(af));
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-#endif
-
-int config_parse_unit_slice(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *k = NULL;
- Unit *u = userdata, *slice = NULL;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(u);
-
- r = unit_name_printf(u, rvalue, &k);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve unit specifiers on %s. Ignoring.", rvalue);
- return 0;
- }
-
- r = manager_load_unit(u->manager, k, NULL, NULL, &slice);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to load slice unit %s. Ignoring.", k);
- return 0;
- }
-
- r = unit_set_slice(u, slice);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to assign slice %s to unit %s. Ignoring.", slice->id, u->id);
- return 0;
- }
-
- return 0;
-}
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_device_policy, cgroup_device_policy, CGroupDevicePolicy, "Failed to parse device policy");
-
-int config_parse_cpu_weight(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- uint64_t *weight = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- r = cg_weight_parse(rvalue, weight);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "CPU weight '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-int config_parse_cpu_shares(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- uint64_t *shares = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- r = cg_cpu_shares_parse(rvalue, shares);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "CPU shares '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-int config_parse_cpu_quota(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- CGroupContext *c = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- if (isempty(rvalue)) {
- c->cpu_quota_per_sec_usec = USEC_INFINITY;
- return 0;
- }
-
- r = parse_percent_unbounded(rvalue);
- if (r <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "CPU quota '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
-
- c->cpu_quota_per_sec_usec = ((usec_t) r * USEC_PER_SEC) / 100U;
- return 0;
-}
-
-int config_parse_memory_limit(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- CGroupContext *c = data;
- uint64_t bytes = CGROUP_LIMIT_MAX;
- int r;
-
- if (!isempty(rvalue) && !streq(rvalue, "infinity")) {
-
- r = parse_percent(rvalue);
- if (r < 0) {
- r = parse_size(rvalue, 1024, &bytes);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Memory limit '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
- } else
- bytes = physical_memory_scale(r, 100U);
-
- if (bytes <= 0 || bytes >= UINT64_MAX) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Memory limit '%s' out of range. Ignoring.", rvalue);
- return 0;
- }
- }
-
- if (streq(lvalue, "MemoryLow"))
- c->memory_low = bytes;
- else if (streq(lvalue, "MemoryHigh"))
- c->memory_high = bytes;
- else if (streq(lvalue, "MemoryMax"))
- c->memory_max = bytes;
- else if (streq(lvalue, "MemorySwapMax"))
- c->memory_swap_max = bytes;
- else if (streq(lvalue, "MemoryLimit"))
- c->memory_limit = bytes;
- else
- return -EINVAL;
-
- return 0;
-}
-
-int config_parse_tasks_max(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- uint64_t *tasks_max = data, v;
- Unit *u = userdata;
- int r;
-
- if (isempty(rvalue)) {
- *tasks_max = u->manager->default_tasks_max;
- return 0;
- }
-
- if (streq(rvalue, "infinity")) {
- *tasks_max = CGROUP_LIMIT_MAX;
- return 0;
- }
-
- r = parse_percent(rvalue);
- if (r < 0) {
- r = safe_atou64(rvalue, &v);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Maximum tasks value '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
- } else
- v = system_tasks_max_scale(r, 100U);
-
- if (v <= 0 || v >= UINT64_MAX) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Maximum tasks value '%s' out of range. Ignoring.", rvalue);
- return 0;
- }
-
- *tasks_max = v;
- return 0;
-}
-
-int config_parse_device_allow(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *path = NULL, *t = NULL;
- CGroupContext *c = data;
- CGroupDeviceAllow *a;
- const char *m = NULL;
- size_t n;
- int r;
-
- if (isempty(rvalue)) {
- while (c->device_allow)
- cgroup_context_free_device_allow(c, c->device_allow);
-
- return 0;
- }
-
- r = unit_full_printf(userdata, rvalue, &t);
- if(r < 0) {
- log_syntax(unit, LOG_WARNING, filename, line, r,
- "Failed to resolve specifiers in %s, ignoring: %m",
- rvalue);
- }
-
- n = strcspn(t, WHITESPACE);
-
- path = strndup(t, n);
- if (!path)
- return log_oom();
-
- if (!is_deviceallow_pattern(path)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
- return 0;
- }
-
- m = t + n + strspn(t + n, WHITESPACE);
- if (isempty(m))
- m = "rwm";
-
- if (!in_charset(m, "rwm")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device rights '%s'. Ignoring.", m);
- return 0;
- }
-
- a = new0(CGroupDeviceAllow, 1);
- if (!a)
- return log_oom();
-
- a->path = path;
- path = NULL;
- a->r = !!strchr(m, 'r');
- a->w = !!strchr(m, 'w');
- a->m = !!strchr(m, 'm');
-
- LIST_PREPEND(device_allow, c->device_allow, a);
- return 0;
-}
-
-int config_parse_io_weight(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- uint64_t *weight = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- r = cg_weight_parse(rvalue, weight);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-int config_parse_io_device_weight(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *path = NULL;
- CGroupIODeviceWeight *w;
- CGroupContext *c = data;
- const char *weight;
- uint64_t u;
- size_t n;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- if (isempty(rvalue)) {
- while (c->io_device_weights)
- cgroup_context_free_io_device_weight(c, c->io_device_weights);
-
- return 0;
- }
-
- n = strcspn(rvalue, WHITESPACE);
- weight = rvalue + n;
- weight += strspn(weight, WHITESPACE);
-
- if (isempty(weight)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Expected block device and device weight. Ignoring.");
- return 0;
- }
-
- path = strndup(rvalue, n);
- if (!path)
- return log_oom();
-
- if (!path_startswith(path, "/dev")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
- return 0;
- }
-
- r = cg_weight_parse(weight, &u);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "IO weight '%s' invalid. Ignoring.", weight);
- return 0;
- }
-
- assert(u != CGROUP_WEIGHT_INVALID);
-
- w = new0(CGroupIODeviceWeight, 1);
- if (!w)
- return log_oom();
-
- w->path = path;
- path = NULL;
-
- w->weight = u;
-
- LIST_PREPEND(device_weights, c->io_device_weights, w);
- return 0;
-}
-
-int config_parse_io_limit(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *path = NULL;
- CGroupIODeviceLimit *l = NULL, *t;
- CGroupContext *c = data;
- CGroupIOLimitType type;
- const char *limit;
- uint64_t num;
- size_t n;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- type = cgroup_io_limit_type_from_string(lvalue);
- assert(type >= 0);
-
- if (isempty(rvalue)) {
- LIST_FOREACH(device_limits, l, c->io_device_limits)
- l->limits[type] = cgroup_io_limit_defaults[type];
- return 0;
- }
-
- n = strcspn(rvalue, WHITESPACE);
- limit = rvalue + n;
- limit += strspn(limit, WHITESPACE);
-
- if (!*limit) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Expected space separated pair of device node and bandwidth. Ignoring.");
- return 0;
- }
-
- path = strndup(rvalue, n);
- if (!path)
- return log_oom();
-
- if (!path_startswith(path, "/dev")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
- return 0;
- }
-
- if (streq("infinity", limit)) {
- num = CGROUP_LIMIT_MAX;
- } else {
- r = parse_size(limit, 1000, &num);
- if (r < 0 || num <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "IO Limit '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
- }
-
- LIST_FOREACH(device_limits, t, c->io_device_limits) {
- if (path_equal(path, t->path)) {
- l = t;
- break;
- }
- }
-
- if (!l) {
- CGroupIOLimitType ttype;
-
- l = new0(CGroupIODeviceLimit, 1);
- if (!l)
- return log_oom();
-
- l->path = path;
- path = NULL;
- for (ttype = 0; ttype < _CGROUP_IO_LIMIT_TYPE_MAX; ttype++)
- l->limits[ttype] = cgroup_io_limit_defaults[ttype];
-
- LIST_PREPEND(device_limits, c->io_device_limits, l);
- }
-
- l->limits[type] = num;
-
- return 0;
-}
-
-int config_parse_blockio_weight(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- uint64_t *weight = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- r = cg_blkio_weight_parse(rvalue, weight);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Block IO weight '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-int config_parse_blockio_device_weight(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *path = NULL;
- CGroupBlockIODeviceWeight *w;
- CGroupContext *c = data;
- const char *weight;
- uint64_t u;
- size_t n;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- if (isempty(rvalue)) {
- while (c->blockio_device_weights)
- cgroup_context_free_blockio_device_weight(c, c->blockio_device_weights);
-
- return 0;
- }
-
- n = strcspn(rvalue, WHITESPACE);
- weight = rvalue + n;
- weight += strspn(weight, WHITESPACE);
-
- if (isempty(weight)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Expected block device and device weight. Ignoring.");
- return 0;
- }
-
- path = strndup(rvalue, n);
- if (!path)
- return log_oom();
-
- if (!path_startswith(path, "/dev")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
- return 0;
- }
-
- r = cg_blkio_weight_parse(weight, &u);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Block IO weight '%s' invalid. Ignoring.", weight);
- return 0;
- }
-
- assert(u != CGROUP_BLKIO_WEIGHT_INVALID);
-
- w = new0(CGroupBlockIODeviceWeight, 1);
- if (!w)
- return log_oom();
-
- w->path = path;
- path = NULL;
-
- w->weight = u;
-
- LIST_PREPEND(device_weights, c->blockio_device_weights, w);
- return 0;
-}
-
-int config_parse_blockio_bandwidth(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_free_ char *path = NULL;
- CGroupBlockIODeviceBandwidth *b = NULL, *t;
- CGroupContext *c = data;
- const char *bandwidth;
- uint64_t bytes;
- bool read;
- size_t n;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- read = streq("BlockIOReadBandwidth", lvalue);
-
- if (isempty(rvalue)) {
- LIST_FOREACH(device_bandwidths, b, c->blockio_device_bandwidths) {
- b->rbps = CGROUP_LIMIT_MAX;
- b->wbps = CGROUP_LIMIT_MAX;
- }
- return 0;
- }
-
- n = strcspn(rvalue, WHITESPACE);
- bandwidth = rvalue + n;
- bandwidth += strspn(bandwidth, WHITESPACE);
-
- if (!*bandwidth) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Expected space separated pair of device node and bandwidth. Ignoring.");
- return 0;
- }
-
- path = strndup(rvalue, n);
- if (!path)
- return log_oom();
-
- if (!path_startswith(path, "/dev")) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Invalid device node path '%s'. Ignoring.", path);
- return 0;
- }
-
- r = parse_size(bandwidth, 1000, &bytes);
- if (r < 0 || bytes <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Block IO Bandwidth '%s' invalid. Ignoring.", rvalue);
- return 0;
- }
-
- LIST_FOREACH(device_bandwidths, t, c->blockio_device_bandwidths) {
- if (path_equal(path, t->path)) {
- b = t;
- break;
- }
- }
-
- if (!t) {
- b = new0(CGroupBlockIODeviceBandwidth, 1);
- if (!b)
- return log_oom();
-
- b->path = path;
- path = NULL;
- b->rbps = CGROUP_LIMIT_MAX;
- b->wbps = CGROUP_LIMIT_MAX;
-
- LIST_PREPEND(device_bandwidths, c->blockio_device_bandwidths, b);
- }
-
- if (read)
- b->rbps = bytes;
- else
- b->wbps = bytes;
-
- return 0;
-}
-
-DEFINE_CONFIG_PARSE_ENUM(config_parse_job_mode, job_mode, JobMode, "Failed to parse job mode");
-
-int config_parse_job_mode_isolate(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- JobMode *m = data;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- r = parse_boolean(rvalue);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse boolean, ignoring: %s", rvalue);
- return 0;
- }
-
- *m = r ? JOB_ISOLATE : JOB_REPLACE;
- return 0;
-}
-
-int config_parse_runtime_directory(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- char***rt = data;
- Unit *u = userdata;
- const char *word, *state;
- size_t l;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *rt = strv_free(*rt);
- return 0;
- }
-
- FOREACH_WORD_QUOTED(word, l, rvalue, state) {
- _cleanup_free_ char *t = NULL, *n = NULL;
-
- t = strndup(word, l);
- if (!t)
- return log_oom();
-
- r = unit_name_printf(u, t, &n);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to resolve specifiers, ignoring: %m");
- continue;
- }
-
- if (!filename_is_valid(n)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Runtime directory is not valid, ignoring assignment: %s", rvalue);
- continue;
- }
-
- r = strv_push(rt, n);
- if (r < 0)
- return log_oom();
-
- n = NULL;
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-
-int config_parse_set_status(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- size_t l;
- const char *word, *state;
- int r;
- ExitStatusSet *status_set = data;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- /* Empty assignment resets the list */
- if (isempty(rvalue)) {
- exit_status_set_free(status_set);
- return 0;
- }
-
- FOREACH_WORD(word, l, rvalue, state) {
- _cleanup_free_ char *temp;
- int val;
- Set **set;
-
- temp = strndup(word, l);
- if (!temp)
- return log_oom();
-
- r = safe_atoi(temp, &val);
- if (r < 0) {
- val = signal_from_string_try_harder(temp);
-
- if (val <= 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse value, ignoring: %s", word);
- continue;
- }
- set = &status_set->signal;
- } else {
- if (val < 0 || val > 255) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Value %d is outside range 0-255, ignoring", val);
- continue;
- }
- set = &status_set->status;
- }
-
- r = set_ensure_allocated(set, NULL);
- if (r < 0)
- return log_oom();
-
- r = set_put(*set, INT_TO_PTR(val));
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Unable to store: %s", word);
- return r;
- }
- }
- if (!isempty(state))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-
-int config_parse_namespace_path_strv(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- char*** sv = data;
- const char *prev;
- const char *cur;
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- if (isempty(rvalue)) {
- /* Empty assignment resets the list */
- *sv = strv_free(*sv);
- return 0;
- }
-
- prev = cur = rvalue;
- for (;;) {
- _cleanup_free_ char *word = NULL;
- int offset;
-
- r = extract_first_word(&cur, &word, NULL, EXTRACT_QUOTES);
- if (r == 0)
- break;
- if (r == -ENOMEM)
- return log_oom();
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Trailing garbage, ignoring: %s", prev);
- return 0;
- }
-
- if (!utf8_is_valid(word)) {
- log_syntax_invalid_utf8(unit, LOG_ERR, filename, line, word);
- prev = cur;
- continue;
- }
-
- offset = word[0] == '-';
- if (!path_is_absolute(word + offset)) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Not an absolute path, ignoring: %s", word);
- prev = cur;
- continue;
- }
-
- path_kill_slashes(word + offset);
-
- r = strv_push(sv, word);
- if (r < 0)
- return log_oom();
-
- prev = cur;
- word = NULL;
- }
-
- return 0;
-}
-
-int config_parse_no_new_privileges(
- const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int k;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- k = parse_boolean(rvalue);
- if (k < 0) {
- log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse boolean value, ignoring: %s", rvalue);
- return 0;
- }
-
- c->no_new_privileges = k;
- c->no_new_privileges_set = true;
-
- return 0;
-}
-
-int config_parse_protect_home(
- const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int k;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- /* Our enum shall be a superset of booleans, hence first try
- * to parse as boolean, and then as enum */
-
- k = parse_boolean(rvalue);
- if (k > 0)
- c->protect_home = PROTECT_HOME_YES;
- else if (k == 0)
- c->protect_home = PROTECT_HOME_NO;
- else {
- ProtectHome h;
-
- h = protect_home_from_string(rvalue);
- if (h < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect home value, ignoring: %s", rvalue);
- return 0;
- }
-
- c->protect_home = h;
- }
-
- return 0;
-}
-
-int config_parse_protect_system(
- const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- ExecContext *c = data;
- int k;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- /* Our enum shall be a superset of booleans, hence first try
- * to parse as boolean, and then as enum */
-
- k = parse_boolean(rvalue);
- if (k > 0)
- c->protect_system = PROTECT_SYSTEM_YES;
- else if (k == 0)
- c->protect_system = PROTECT_SYSTEM_NO;
- else {
- ProtectSystem s;
-
- s = protect_system_from_string(rvalue);
- if (s < 0) {
- log_syntax(unit, LOG_ERR, filename, line, 0, "Failed to parse protect system value, ignoring: %s", rvalue);
- return 0;
- }
-
- c->protect_system = s;
- }
-
- return 0;
-}
-
-#define FOLLOW_MAX 8
-
-static int open_follow(char **filename, FILE **_f, Set *names, char **_final) {
- char *id = NULL;
- unsigned c = 0;
- int fd, r;
- FILE *f;
-
- assert(filename);
- assert(*filename);
- assert(_f);
- assert(names);
-
- /* This will update the filename pointer if the loaded file is
- * reached by a symlink. The old string will be freed. */
-
- for (;;) {
- char *target, *name;
-
- if (c++ >= FOLLOW_MAX)
- return -ELOOP;
-
- path_kill_slashes(*filename);
-
- /* Add the file name we are currently looking at to
- * the names of this unit, but only if it is a valid
- * unit name. */
- name = basename(*filename);
- if (unit_name_is_valid(name, UNIT_NAME_ANY)) {
-
- id = set_get(names, name);
- if (!id) {
- id = strdup(name);
- if (!id)
- return -ENOMEM;
-
- r = set_consume(names, id);
- if (r < 0)
- return r;
- }
- }
-
- /* Try to open the file name, but don't if its a symlink */
- fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
- if (fd >= 0)
- break;
-
- if (errno != ELOOP)
- return -errno;
-
- /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
- r = readlink_and_make_absolute(*filename, &target);
- if (r < 0)
- return r;
-
- free(*filename);
- *filename = target;
- }
-
- f = fdopen(fd, "re");
- if (!f) {
- safe_close(fd);
- return -errno;
- }
-
- *_f = f;
- *_final = id;
-
- return 0;
-}
-
-static int merge_by_names(Unit **u, Set *names, const char *id) {
- char *k;
- int r;
-
- assert(u);
- assert(*u);
- assert(names);
-
- /* Let's try to add in all symlink names we found */
- while ((k = set_steal_first(names))) {
-
- /* First try to merge in the other name into our
- * unit */
- r = unit_merge_by_name(*u, k);
- if (r < 0) {
- Unit *other;
-
- /* Hmm, we couldn't merge the other unit into
- * ours? Then let's try it the other way
- * round */
-
- /* If the symlink name we are looking at is unit template, then
- we must search for instance of this template */
- if (unit_name_is_valid(k, UNIT_NAME_TEMPLATE) && (*u)->instance) {
- _cleanup_free_ char *instance = NULL;
-
- r = unit_name_replace_instance(k, (*u)->instance, &instance);
- if (r < 0)
- return r;
-
- other = manager_get_unit((*u)->manager, instance);
- } else
- other = manager_get_unit((*u)->manager, k);
-
- free(k);
-
- if (other) {
- r = unit_merge(other, *u);
- if (r >= 0) {
- *u = other;
- return merge_by_names(u, names, NULL);
- }
- }
-
- return r;
- }
-
- if (id == k)
- unit_choose_id(*u, id);
-
- free(k);
- }
-
- return 0;
-}
-
-static int load_from_path(Unit *u, const char *path) {
- _cleanup_set_free_free_ Set *symlink_names = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- _cleanup_free_ char *filename = NULL;
- char *id = NULL;
- Unit *merged;
- struct stat st;
- int r;
-
- assert(u);
- assert(path);
-
- symlink_names = set_new(&string_hash_ops);
- if (!symlink_names)
- return -ENOMEM;
-
- if (path_is_absolute(path)) {
-
- filename = strdup(path);
- if (!filename)
- return -ENOMEM;
-
- r = open_follow(&filename, &f, symlink_names, &id);
- if (r < 0) {
- filename = mfree(filename);
- if (r != -ENOENT)
- return r;
- }
-
- } else {
- char **p;
-
- STRV_FOREACH(p, u->manager->lookup_paths.search_path) {
-
- /* Instead of opening the path right away, we manually
- * follow all symlinks and add their name to our unit
- * name set while doing so */
- filename = path_make_absolute(path, *p);
- if (!filename)
- return -ENOMEM;
-
- if (u->manager->unit_path_cache &&
- !set_get(u->manager->unit_path_cache, filename))
- r = -ENOENT;
- else
- r = open_follow(&filename, &f, symlink_names, &id);
- if (r >= 0)
- break;
- filename = mfree(filename);
-
- /* ENOENT means that the file is missing or is a dangling symlink.
- * ENOTDIR means that one of paths we expect to be is a directory
- * is not a directory, we should just ignore that.
- * EACCES means that the directory or file permissions are wrong.
- */
- if (r == -EACCES)
- log_debug_errno(r, "Cannot access \"%s\": %m", filename);
- else if (!IN_SET(r, -ENOENT, -ENOTDIR))
- return r;
-
- /* Empty the symlink names for the next run */
- set_clear_free(symlink_names);
- }
- }
-
- if (!filename)
- /* Hmm, no suitable file found? */
- return 0;
-
- if (!unit_type_may_alias(u->type) && set_size(symlink_names) > 1) {
- log_unit_warning(u, "Unit type of %s does not support alias names, refusing loading via symlink.", u->id);
- return -ELOOP;
- }
-
- merged = u;
- r = merge_by_names(&merged, symlink_names, id);
- if (r < 0)
- return r;
-
- if (merged != u) {
- u->load_state = UNIT_MERGED;
- return 0;
- }
-
- if (fstat(fileno(f), &st) < 0)
- return -errno;
-
- if (null_or_empty(&st)) {
- u->load_state = UNIT_MASKED;
- u->fragment_mtime = 0;
- } else {
- u->load_state = UNIT_LOADED;
- u->fragment_mtime = timespec_load(&st.st_mtim);
-
- /* Now, parse the file contents */
- r = config_parse(u->id, filename, f,
- UNIT_VTABLE(u)->sections,
- config_item_perf_lookup, load_fragment_gperf_lookup,
- false, true, false, u);
- if (r < 0)
- return r;
- }
-
- free(u->fragment_path);
- u->fragment_path = filename;
- filename = NULL;
-
- if (u->source_path) {
- if (stat(u->source_path, &st) >= 0)
- u->source_mtime = timespec_load(&st.st_mtim);
- else
- u->source_mtime = 0;
- }
-
- return 0;
-}
-
-int unit_load_fragment(Unit *u) {
- int r;
- Iterator i;
- const char *t;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
- assert(u->id);
-
- if (u->transient) {
- u->load_state = UNIT_LOADED;
- return 0;
- }
-
- /* First, try to find the unit under its id. We always look
- * for unit files in the default directories, to make it easy
- * to override things by placing things in /etc/systemd/system */
- r = load_from_path(u, u->id);
- if (r < 0)
- return r;
-
- /* Try to find an alias we can load this with */
- if (u->load_state == UNIT_STUB) {
- SET_FOREACH(t, u->names, i) {
-
- if (t == u->id)
- continue;
-
- r = load_from_path(u, t);
- if (r < 0)
- return r;
-
- if (u->load_state != UNIT_STUB)
- break;
- }
- }
-
- /* And now, try looking for it under the suggested (originally linked) path */
- if (u->load_state == UNIT_STUB && u->fragment_path) {
-
- r = load_from_path(u, u->fragment_path);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_STUB)
- /* Hmm, this didn't work? Then let's get rid
- * of the fragment path stored for us, so that
- * we don't point to an invalid location. */
- u->fragment_path = mfree(u->fragment_path);
- }
-
- /* Look for a template */
- if (u->load_state == UNIT_STUB && u->instance) {
- _cleanup_free_ char *k = NULL;
-
- r = unit_name_template(u->id, &k);
- if (r < 0)
- return r;
-
- r = load_from_path(u, k);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_STUB) {
- SET_FOREACH(t, u->names, i) {
- _cleanup_free_ char *z = NULL;
-
- if (t == u->id)
- continue;
-
- r = unit_name_template(t, &z);
- if (r < 0)
- return r;
-
- r = load_from_path(u, z);
- if (r < 0)
- return r;
-
- if (u->load_state != UNIT_STUB)
- break;
- }
- }
- }
-
- return 0;
-}
-
-void unit_dump_config_items(FILE *f) {
- static const struct {
- const ConfigParserCallback callback;
- const char *rvalue;
- } table[] = {
-#if !defined(HAVE_SYSV_COMPAT) || !defined(HAVE_SECCOMP) || !defined(HAVE_PAM) || !defined(HAVE_SELINUX) || !defined(HAVE_SMACK) || !defined(HAVE_APPARMOR)
- { config_parse_warn_compat, "NOTSUPPORTED" },
-#endif
- { config_parse_int, "INTEGER" },
- { config_parse_unsigned, "UNSIGNED" },
- { config_parse_iec_size, "SIZE" },
- { config_parse_iec_uint64, "SIZE" },
- { config_parse_si_size, "SIZE" },
- { config_parse_bool, "BOOLEAN" },
- { config_parse_string, "STRING" },
- { config_parse_path, "PATH" },
- { config_parse_unit_path_printf, "PATH" },
- { config_parse_strv, "STRING [...]" },
- { config_parse_exec_nice, "NICE" },
- { config_parse_exec_oom_score_adjust, "OOMSCOREADJUST" },
- { config_parse_exec_io_class, "IOCLASS" },
- { config_parse_exec_io_priority, "IOPRIORITY" },
- { config_parse_exec_cpu_sched_policy, "CPUSCHEDPOLICY" },
- { config_parse_exec_cpu_sched_prio, "CPUSCHEDPRIO" },
- { config_parse_exec_cpu_affinity, "CPUAFFINITY" },
- { config_parse_mode, "MODE" },
- { config_parse_unit_env_file, "FILE" },
- { config_parse_exec_output, "OUTPUT" },
- { config_parse_exec_input, "INPUT" },
- { config_parse_log_facility, "FACILITY" },
- { config_parse_log_level, "LEVEL" },
- { config_parse_exec_secure_bits, "SECUREBITS" },
- { config_parse_capability_set, "BOUNDINGSET" },
- { config_parse_limit, "LIMIT" },
- { config_parse_unit_deps, "UNIT [...]" },
- { config_parse_exec, "PATH [ARGUMENT [...]]" },
- { config_parse_service_type, "SERVICETYPE" },
- { config_parse_service_restart, "SERVICERESTART" },
-#ifdef HAVE_SYSV_COMPAT
- { config_parse_sysv_priority, "SYSVPRIORITY" },
-#endif
- { config_parse_kill_mode, "KILLMODE" },
- { config_parse_signal, "SIGNAL" },
- { config_parse_socket_listen, "SOCKET [...]" },
- { config_parse_socket_bind, "SOCKETBIND" },
- { config_parse_socket_bindtodevice, "NETWORKINTERFACE" },
- { config_parse_sec, "SECONDS" },
- { config_parse_nsec, "NANOSECONDS" },
- { config_parse_namespace_path_strv, "PATH [...]" },
- { config_parse_unit_requires_mounts_for, "PATH [...]" },
- { config_parse_exec_mount_flags, "MOUNTFLAG [...]" },
- { config_parse_unit_string_printf, "STRING" },
- { config_parse_trigger_unit, "UNIT" },
- { config_parse_timer, "TIMER" },
- { config_parse_path_spec, "PATH" },
- { config_parse_notify_access, "ACCESS" },
- { config_parse_ip_tos, "TOS" },
- { config_parse_unit_condition_path, "CONDITION" },
- { config_parse_unit_condition_string, "CONDITION" },
- { config_parse_unit_condition_null, "CONDITION" },
- { config_parse_unit_slice, "SLICE" },
- { config_parse_documentation, "URL" },
- { config_parse_service_timeout, "SECONDS" },
- { config_parse_emergency_action, "ACTION" },
- { config_parse_set_status, "STATUS" },
- { config_parse_service_sockets, "SOCKETS" },
- { config_parse_environ, "ENVIRON" },
-#ifdef HAVE_SECCOMP
- { config_parse_syscall_filter, "SYSCALLS" },
- { config_parse_syscall_archs, "ARCHS" },
- { config_parse_syscall_errno, "ERRNO" },
- { config_parse_address_families, "FAMILIES" },
-#endif
- { config_parse_cpu_shares, "SHARES" },
- { config_parse_cpu_weight, "WEIGHT" },
- { config_parse_memory_limit, "LIMIT" },
- { config_parse_device_allow, "DEVICE" },
- { config_parse_device_policy, "POLICY" },
- { config_parse_io_limit, "LIMIT" },
- { config_parse_io_weight, "WEIGHT" },
- { config_parse_io_device_weight, "DEVICEWEIGHT" },
- { config_parse_blockio_bandwidth, "BANDWIDTH" },
- { config_parse_blockio_weight, "WEIGHT" },
- { config_parse_blockio_device_weight, "DEVICEWEIGHT" },
- { config_parse_long, "LONG" },
- { config_parse_socket_service, "SERVICE" },
-#ifdef HAVE_SELINUX
- { config_parse_exec_selinux_context, "LABEL" },
-#endif
- { config_parse_job_mode, "MODE" },
- { config_parse_job_mode_isolate, "BOOLEAN" },
- { config_parse_personality, "PERSONALITY" },
- };
-
- const char *prev = NULL;
- const char *i;
-
- assert(f);
-
- NULSTR_FOREACH(i, load_fragment_gperf_nulstr) {
- const char *rvalue = "OTHER", *lvalue;
- unsigned j;
- size_t prefix_len;
- const char *dot;
- const ConfigPerfItem *p;
-
- assert_se(p = load_fragment_gperf_lookup(i, strlen(i)));
-
- dot = strchr(i, '.');
- lvalue = dot ? dot + 1 : i;
- prefix_len = dot-i;
-
- if (dot)
- if (!prev || !strneq(prev, i, prefix_len+1)) {
- if (prev)
- fputc('\n', f);
-
- fprintf(f, "[%.*s]\n", (int) prefix_len, i);
- }
-
- for (j = 0; j < ELEMENTSOF(table); j++)
- if (p->parse == table[j].callback) {
- rvalue = table[j].rvalue;
- break;
- }
-
- fprintf(f, "%s=%s\n", lvalue, rvalue);
- prev = i;
- }
-}
diff --git a/src/core/load-fragment.h b/src/core/load-fragment.h
deleted file mode 100644
index c05f205c37..0000000000
--- a/src/core/load-fragment.h
+++ /dev/null
@@ -1,128 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "unit.h"
-
-/* Read service data from .desktop file style configuration fragments */
-
-int unit_load_fragment(Unit *u);
-
-void unit_dump_config_items(FILE *f);
-
-int config_parse_warn_compat(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_deps(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_obsolete_unit_deps(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_string_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_strv_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_path_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_path_strv_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_documentation(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_socket_listen(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_socket_protocol(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_socket_bind(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_nice(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_oom_score_adjust(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_service_timeout(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_service_type(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_service_restart(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_socket_bindtodevice(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_output(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_output(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_input(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_input(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_io_class(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_io_priority(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_cpu_sched_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_cpu_sched_prio(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_cpu_affinity(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_secure_bits(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_capability_set(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_sysv_priority(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_kill_signal(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_mount_flags(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_timer(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_trigger_unit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_path_spec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_socket_service(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_service_sockets(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_busname_service(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_bus_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_bus_policy_world(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_env_file(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_ip_tos(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_condition_path(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_condition_string(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_condition_null(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_kill_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_notify_access(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_emergency_action(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_requires_mounts_for(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_syscall_filter(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_syscall_archs(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_syscall_errno(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_environ(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_pass_environ(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_unit_slice(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_cpu_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_cpu_shares(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_memory_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_tasks_max(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_device_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_device_allow(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_io_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_io_device_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_io_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_blockio_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_blockio_device_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_blockio_bandwidth(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_netclass(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_job_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_job_mode_isolate(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_selinux_context(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_apparmor_profile(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_smack_process_label(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_address_families(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_runtime_directory(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_set_status(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_namespace_path_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_no_new_privileges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_cpu_quota(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_protect_home(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_protect_system(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_bus_name(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_exec_utmp_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_working_directory(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_fdname(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_sec_fix_0(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_user_group(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-int config_parse_user_group_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
-
-/* gperf prototypes */
-const struct ConfigPerfItem* load_fragment_gperf_lookup(const char *key, unsigned length);
-extern const char load_fragment_gperf_nulstr[];
-
-typedef enum Disabled {
- DISABLED_CONFIGURATION,
- DISABLED_LEGACY,
- DISABLED_EXPERIMENTAL,
-} Disabled;
diff --git a/src/core/locale-setup.c b/src/core/locale-setup.c
deleted file mode 100644
index ccf61d29fb..0000000000
--- a/src/core/locale-setup.c
+++ /dev/null
@@ -1,124 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <stdlib.h>
-
-#include "env-util.h"
-#include "fileio.h"
-#include "locale-setup.h"
-#include "locale-util.h"
-#include "string-util.h"
-#include "strv.h"
-#include "util.h"
-#include "virt.h"
-
-int locale_setup(char ***environment) {
- char **add;
- char *variables[_VARIABLE_LC_MAX] = {};
- int r = 0, i;
-
- if (detect_container() <= 0) {
- r = parse_env_file("/proc/cmdline", WHITESPACE,
- "locale.LANG", &variables[VARIABLE_LANG],
- "locale.LANGUAGE", &variables[VARIABLE_LANGUAGE],
- "locale.LC_CTYPE", &variables[VARIABLE_LC_CTYPE],
- "locale.LC_NUMERIC", &variables[VARIABLE_LC_NUMERIC],
- "locale.LC_TIME", &variables[VARIABLE_LC_TIME],
- "locale.LC_COLLATE", &variables[VARIABLE_LC_COLLATE],
- "locale.LC_MONETARY", &variables[VARIABLE_LC_MONETARY],
- "locale.LC_MESSAGES", &variables[VARIABLE_LC_MESSAGES],
- "locale.LC_PAPER", &variables[VARIABLE_LC_PAPER],
- "locale.LC_NAME", &variables[VARIABLE_LC_NAME],
- "locale.LC_ADDRESS", &variables[VARIABLE_LC_ADDRESS],
- "locale.LC_TELEPHONE", &variables[VARIABLE_LC_TELEPHONE],
- "locale.LC_MEASUREMENT", &variables[VARIABLE_LC_MEASUREMENT],
- "locale.LC_IDENTIFICATION", &variables[VARIABLE_LC_IDENTIFICATION],
- NULL);
-
- if (r < 0 && r != -ENOENT)
- log_warning_errno(r, "Failed to read /proc/cmdline: %m");
- }
-
- /* Hmm, nothing set on the kernel cmd line? Then let's
- * try /etc/locale.conf */
- if (r <= 0) {
- r = parse_env_file("/etc/locale.conf", NEWLINE,
- "LANG", &variables[VARIABLE_LANG],
- "LANGUAGE", &variables[VARIABLE_LANGUAGE],
- "LC_CTYPE", &variables[VARIABLE_LC_CTYPE],
- "LC_NUMERIC", &variables[VARIABLE_LC_NUMERIC],
- "LC_TIME", &variables[VARIABLE_LC_TIME],
- "LC_COLLATE", &variables[VARIABLE_LC_COLLATE],
- "LC_MONETARY", &variables[VARIABLE_LC_MONETARY],
- "LC_MESSAGES", &variables[VARIABLE_LC_MESSAGES],
- "LC_PAPER", &variables[VARIABLE_LC_PAPER],
- "LC_NAME", &variables[VARIABLE_LC_NAME],
- "LC_ADDRESS", &variables[VARIABLE_LC_ADDRESS],
- "LC_TELEPHONE", &variables[VARIABLE_LC_TELEPHONE],
- "LC_MEASUREMENT", &variables[VARIABLE_LC_MEASUREMENT],
- "LC_IDENTIFICATION", &variables[VARIABLE_LC_IDENTIFICATION],
- NULL);
-
- if (r < 0 && r != -ENOENT)
- log_warning_errno(r, "Failed to read /etc/locale.conf: %m");
- }
-
- add = NULL;
- for (i = 0; i < _VARIABLE_LC_MAX; i++) {
- char *s;
-
- if (!variables[i])
- continue;
-
- s = strjoin(locale_variable_to_string(i), "=", variables[i], NULL);
- if (!s) {
- r = -ENOMEM;
- goto finish;
- }
-
- if (strv_consume(&add, s) < 0) {
- r = -ENOMEM;
- goto finish;
- }
- }
-
- if (!strv_isempty(add)) {
- char **e;
-
- e = strv_env_merge(2, *environment, add);
- if (!e) {
- r = -ENOMEM;
- goto finish;
- }
-
- strv_free(*environment);
- *environment = e;
- }
-
- r = 0;
-
-finish:
- strv_free(add);
-
- for (i = 0; i < _VARIABLE_LC_MAX; i++)
- free(variables[i]);
-
- return r;
-}
diff --git a/src/core/locale-setup.h b/src/core/locale-setup.h
deleted file mode 100644
index 3b97497afe..0000000000
--- a/src/core/locale-setup.h
+++ /dev/null
@@ -1,22 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int locale_setup(char ***environment);
diff --git a/src/core/loopback-setup.c b/src/core/loopback-setup.c
deleted file mode 100644
index 04062a7910..0000000000
--- a/src/core/loopback-setup.c
+++ /dev/null
@@ -1,90 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <net/if.h>
-#include <stdlib.h>
-
-#include "sd-netlink.h"
-
-#include "loopback-setup.h"
-#include "missing.h"
-#include "netlink-util.h"
-
-static int start_loopback(sd_netlink *rtnl) {
- _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL;
- int r;
-
- r = sd_rtnl_message_new_link(rtnl, &req, RTM_SETLINK, LOOPBACK_IFINDEX);
- if (r < 0)
- return r;
-
- r = sd_rtnl_message_link_set_flags(req, IFF_UP, IFF_UP);
- if (r < 0)
- return r;
-
- r = sd_netlink_call(rtnl, req, 0, NULL);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static bool check_loopback(sd_netlink *rtnl) {
- _cleanup_(sd_netlink_message_unrefp) sd_netlink_message *req = NULL, *reply = NULL;
- unsigned flags;
- int r;
-
- r = sd_rtnl_message_new_link(rtnl, &req, RTM_GETLINK, LOOPBACK_IFINDEX);
- if (r < 0)
- return false;
-
- r = sd_netlink_call(rtnl, req, 0, &reply);
- if (r < 0)
- return false;
-
- r = sd_rtnl_message_link_get_flags(reply, &flags);
- if (r < 0)
- return false;
-
- return flags & IFF_UP;
-}
-
-int loopback_setup(void) {
- _cleanup_(sd_netlink_unrefp) sd_netlink *rtnl = NULL;
- int r;
-
- r = sd_netlink_open(&rtnl);
- if (r < 0)
- return r;
-
- r = start_loopback(rtnl);
- if (r < 0) {
-
- /* If we lack the permissions to configure the
- * loopback device, but we find it to be already
- * configured, let's exit cleanly, in order to
- * supported unprivileged containers. */
- if (r == -EPERM && check_loopback(rtnl))
- return 0;
-
- return log_warning_errno(r, "Failed to configure loopback device: %m");
- }
-
- return 0;
-}
diff --git a/src/core/loopback-setup.h b/src/core/loopback-setup.h
deleted file mode 100644
index e7547b8a26..0000000000
--- a/src/core/loopback-setup.h
+++ /dev/null
@@ -1,22 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int loopback_setup(void);
diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c
deleted file mode 100644
index 76dfcfa6d7..0000000000
--- a/src/core/machine-id-setup.c
+++ /dev/null
@@ -1,258 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <fcntl.h>
-#include <sched.h>
-#include <sys/mount.h>
-#include <unistd.h>
-
-#include "sd-id128.h"
-
-#include "alloc-util.h"
-#include "fd-util.h"
-#include "fs-util.h"
-#include "id128-util.h"
-#include "log.h"
-#include "machine-id-setup.h"
-#include "macro.h"
-#include "mkdir.h"
-#include "mount-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "stat-util.h"
-#include "string-util.h"
-#include "umask-util.h"
-#include "util.h"
-#include "virt.h"
-
-static int generate_machine_id(const char *root, sd_id128_t *ret) {
- const char *dbus_machine_id;
- _cleanup_close_ int fd = -1;
- int r;
-
- assert(ret);
-
- /* First, try reading the D-Bus machine id, unless it is a symlink */
- dbus_machine_id = prefix_roota(root, "/var/lib/dbus/machine-id");
- fd = open(dbus_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW);
- if (fd >= 0) {
- if (id128_read_fd(fd, ID128_PLAIN, ret) >= 0) {
- log_info("Initializing machine ID from D-Bus machine ID.");
- return 0;
- }
-
- fd = safe_close(fd);
- }
-
- if (isempty(root)) {
- /* If that didn't work, see if we are running in a container,
- * and a machine ID was passed in via $container_uuid the way
- * libvirt/LXC does it */
-
- if (detect_container() > 0) {
- _cleanup_free_ char *e = NULL;
-
- if (getenv_for_pid(1, "container_uuid", &e) > 0 &&
- sd_id128_from_string(e, ret) >= 0) {
- log_info("Initializing machine ID from container UUID.");
- return 0;
- }
-
- } else if (detect_vm() == VIRTUALIZATION_KVM) {
-
- /* If we are not running in a container, see if we are
- * running in qemu/kvm and a machine ID was passed in
- * via -uuid on the qemu/kvm command line */
-
- if (id128_read("/sys/class/dmi/id/product_uuid", ID128_UUID, ret) >= 0) {
- log_info("Initializing machine ID from KVM UUID.");
- return 0;
- }
- }
- }
-
- /* If that didn't work, generate a random machine id */
- r = sd_id128_randomize(ret);
- if (r < 0)
- return log_error_errno(r, "Failed to generate randomized : %m");
-
- log_info("Initializing machine ID from random generator.");
- return 0;
-}
-
-int machine_id_setup(const char *root, sd_id128_t machine_id, sd_id128_t *ret) {
- const char *etc_machine_id, *run_machine_id;
- _cleanup_close_ int fd = -1;
- bool writable;
- int r;
-
- etc_machine_id = prefix_roota(root, "/etc/machine-id");
-
- RUN_WITH_UMASK(0000) {
- /* We create this 0444, to indicate that this isn't really
- * something you should ever modify. Of course, since the file
- * will be owned by root it doesn't matter much, but maybe
- * people look. */
-
- (void) mkdir_parents(etc_machine_id, 0755);
- fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444);
- if (fd < 0) {
- int old_errno = errno;
-
- fd = open(etc_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY);
- if (fd < 0) {
- if (old_errno == EROFS && errno == ENOENT)
- log_error_errno(errno,
- "System cannot boot: Missing /etc/machine-id and /etc is mounted read-only.\n"
- "Booting up is supported only when:\n"
- "1) /etc/machine-id exists and is populated.\n"
- "2) /etc/machine-id exists and is empty.\n"
- "3) /etc/machine-id is missing and /etc is writable.\n");
- else
- log_error_errno(errno, "Cannot open %s: %m", etc_machine_id);
-
- return -errno;
- }
-
- writable = false;
- } else
- writable = true;
- }
-
- /* A we got a valid machine ID argument, that's what counts */
- if (sd_id128_is_null(machine_id)) {
-
- /* Try to read any existing machine ID */
- if (id128_read_fd(fd, ID128_PLAIN, ret) >= 0)
- return 0;
-
- /* Hmm, so, the id currently stored is not useful, then let's generate one */
- r = generate_machine_id(root, &machine_id);
- if (r < 0)
- return r;
-
- if (lseek(fd, 0, SEEK_SET) == (off_t) -1)
- return log_error_errno(errno, "Failed to seek: %m");
- }
-
- if (writable)
- if (id128_write_fd(fd, ID128_PLAIN, machine_id, true) >= 0)
- goto finish;
-
- fd = safe_close(fd);
-
- /* Hmm, we couldn't write it? So let's write it to /run/machine-id as a replacement */
-
- run_machine_id = prefix_roota(root, "/run/machine-id");
-
- RUN_WITH_UMASK(0022)
- r = id128_write(run_machine_id, ID128_PLAIN, machine_id, false);
- if (r < 0) {
- (void) unlink(run_machine_id);
- return log_error_errno(r, "Cannot write %s: %m", run_machine_id);
- }
-
- /* And now, let's mount it over */
- if (mount(run_machine_id, etc_machine_id, NULL, MS_BIND, NULL) < 0) {
- (void) unlink_noerrno(run_machine_id);
- return log_error_errno(errno, "Failed to mount %s: %m", etc_machine_id);
- }
-
- log_info("Installed transient %s file.", etc_machine_id);
-
- /* Mark the mount read-only */
- if (mount(NULL, etc_machine_id, NULL, MS_BIND|MS_RDONLY|MS_REMOUNT, NULL) < 0)
- log_warning_errno(errno, "Failed to make transient %s read-only, ignoring: %m", etc_machine_id);
-
-finish:
- if (ret)
- *ret = machine_id;
-
- return 0;
-}
-
-int machine_id_commit(const char *root) {
- _cleanup_close_ int fd = -1, initial_mntns_fd = -1;
- const char *etc_machine_id;
- sd_id128_t id;
- int r;
-
- /* Replaces a tmpfs bind mount of /etc/machine-id by a proper file, atomically. For this, the umount is removed
- * in a mount namespace, a new file is created at the right place. Afterwards the mount is also removed in the
- * original mount namespace, thus revealing the file that was just created. */
-
- etc_machine_id = prefix_roota(root, "/etc/machine-id");
-
- r = path_is_mount_point(etc_machine_id, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to determine whether %s is a mount point: %m", etc_machine_id);
- if (r == 0) {
- log_debug("%s is not a mount point. Nothing to do.", etc_machine_id);
- return 0;
- }
-
- /* Read existing machine-id */
- fd = open(etc_machine_id, O_RDONLY|O_CLOEXEC|O_NOCTTY);
- if (fd < 0)
- return log_error_errno(errno, "Cannot open %s: %m", etc_machine_id);
-
- r = fd_is_temporary_fs(fd);
- if (r < 0)
- return log_error_errno(r, "Failed to determine whether %s is on a temporary file system: %m", etc_machine_id);
- if (r == 0) {
- log_error("%s is not on a temporary file system.", etc_machine_id);
- return -EROFS;
- }
-
- r = id128_read_fd(fd, ID128_PLAIN, &id);
- if (r < 0)
- return log_error_errno(r, "We didn't find a valid machine ID in %s.", etc_machine_id);
-
- fd = safe_close(fd);
-
- /* Store current mount namespace */
- r = namespace_open(0, NULL, &initial_mntns_fd, NULL, NULL, NULL);
- if (r < 0)
- return log_error_errno(r, "Can't fetch current mount namespace: %m");
-
- /* Switch to a new mount namespace, isolate ourself and unmount etc_machine_id in our new namespace */
- if (unshare(CLONE_NEWNS) < 0)
- return log_error_errno(errno, "Failed to enter new namespace: %m");
-
- if (mount(NULL, "/", NULL, MS_SLAVE | MS_REC, NULL) < 0)
- return log_error_errno(errno, "Couldn't make-rslave / mountpoint in our private namespace: %m");
-
- if (umount(etc_machine_id) < 0)
- return log_error_errno(errno, "Failed to unmount transient %s file in our private namespace: %m", etc_machine_id);
-
- /* Update a persistent version of etc_machine_id */
- r = id128_write(etc_machine_id, ID128_PLAIN, id, true);
- if (r < 0)
- return log_error_errno(r, "Cannot write %s. This is mandatory to get a persistent machine ID: %m", etc_machine_id);
-
- /* Return to initial namespace and proceed a lazy tmpfs unmount */
- r = namespace_enter(-1, initial_mntns_fd, -1, -1, -1);
- if (r < 0)
- return log_warning_errno(r, "Failed to switch back to initial mount namespace: %m.\nWe'll keep transient %s file until next reboot.", etc_machine_id);
-
- if (umount2(etc_machine_id, MNT_DETACH) < 0)
- return log_warning_errno(errno, "Failed to unmount transient %s file: %m.\nWe keep that mount until next reboot.", etc_machine_id);
-
- return 0;
-}
diff --git a/src/core/machine-id-setup.h b/src/core/machine-id-setup.h
deleted file mode 100644
index 29f4620646..0000000000
--- a/src/core/machine-id-setup.h
+++ /dev/null
@@ -1,23 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int machine_id_commit(const char *root);
-int machine_id_setup(const char *root, sd_id128_t requested, sd_id128_t *ret);
diff --git a/src/core/macros.systemd.in b/src/core/macros.systemd.in
deleted file mode 100644
index 6e8a3b3e3d..0000000000
--- a/src/core/macros.systemd.in
+++ /dev/null
@@ -1,113 +0,0 @@
-# -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */
-#
-# This file is part of systemd.
-#
-# Copyright 2012 Lennart Poettering
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-#
-# systemd is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with systemd; If not, see <http://www.gnu.org/licenses/>.
-
-# RPM macros for packages installing systemd unit files
-
-%_unitdir @systemunitdir@
-%_userunitdir @userunitdir@
-%_presetdir @systempresetdir@
-%_udevhwdbdir @udevhwdbdir@
-%_udevrulesdir @udevrulesdir@
-%_journalcatalogdir @catalogdir@
-%_tmpfilesdir @tmpfilesdir@
-%_sysusersdir @sysusersdir@
-%_sysctldir @sysctldir@
-%_binfmtdir @binfmtdir@
-%_systemdgeneratordir @systemgeneratordir@
-%_systemdusergeneratordir @usergeneratordir@
-
-%systemd_requires \
-Requires(post): systemd \
-Requires(preun): systemd \
-Requires(postun): systemd \
-%{nil}
-
-%systemd_ordering \
-OrderWithRequires(post): systemd \
-OrderWithRequires(preun): systemd \
-OrderWithRequires(postun): systemd \
-%{nil}
-
-%systemd_post() \
-if [ $1 -eq 1 ] ; then \
- # Initial installation \
- systemctl --no-reload preset %{?*} >/dev/null 2>&1 || : \
-fi \
-%{nil}
-
-%systemd_user_post() %{expand:%systemd_post \\--user \\--global %%{?*}}
-
-%systemd_preun() \
-if [ $1 -eq 0 ] ; then \
- # Package removal, not upgrade \
- systemctl --no-reload disable --now %{?*} > /dev/null 2>&1 || : \
-fi \
-%{nil}
-
-%systemd_user_preun() \
-if [ $1 -eq 0 ] ; then \
- # Package removal, not upgrade \
- systemctl --no-reload --user --global disable %{?*} > /dev/null 2>&1 || : \
-fi \
-%{nil}
-
-%systemd_postun() %{nil}
-
-%systemd_user_postun() %{nil}
-
-%systemd_postun_with_restart() \
-if [ $1 -ge 1 ] ; then \
- # Package upgrade, not uninstall \
- systemctl try-restart %{?*} >/dev/null 2>&1 || : \
-fi \
-%{nil}
-
-%systemd_user_postun_with_restart() %{nil}
-
-%udev_hwdb_update() \
-udevadm hwdb --update >/dev/null 2>&1 || : \
-%{nil}
-
-%udev_rules_update() \
-udevadm control --reload >/dev/null 2>&1 || : \
-%{nil}
-
-%journal_catalog_update() \
-journalctl --update-catalog >/dev/null 2>&1 || : \
-%{nil}
-
-%tmpfiles_create() \
-systemd-tmpfiles --create %{?*} >/dev/null 2>&1 || : \
-%{nil}
-
-%sysusers_create() \
-systemd-sysusers %{?*} >/dev/null 2>&1 || : \
-%{nil}
-
-%sysusers_create_inline() \
-echo %{?*} | systemd-sysusers - >/dev/null 2>&1 || : \
-%{nil}
-
-%sysctl_apply() \
-@rootlibexecdir@/systemd-sysctl %{?*} >/dev/null 2>&1 || : \
-%{nil}
-
-%binfmt_apply() \
-@rootlibexecdir@/systemd-binfmt %{?*} >/dev/null 2>&1 || : \
-%{nil}
diff --git a/src/core/main.c b/src/core/main.c
deleted file mode 100644
index f07ed71b31..0000000000
--- a/src/core/main.c
+++ /dev/null
@@ -1,2204 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <fcntl.h>
-#include <getopt.h>
-#include <signal.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/mount.h>
-#include <sys/prctl.h>
-#include <sys/reboot.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#ifdef HAVE_SECCOMP
-#include <seccomp.h>
-#endif
-#ifdef HAVE_VALGRIND_VALGRIND_H
-#include <valgrind/valgrind.h>
-#endif
-
-#include "sd-bus.h"
-#include "sd-daemon.h"
-
-#include "alloc-util.h"
-#include "architecture.h"
-#include "build.h"
-#include "bus-error.h"
-#include "bus-util.h"
-#include "capability-util.h"
-#include "clock-util.h"
-#include "conf-parser.h"
-#include "cpu-set-util.h"
-#include "dbus-manager.h"
-#include "def.h"
-#include "env-util.h"
-#include "fd-util.h"
-#include "fdset.h"
-#include "fileio.h"
-#include "formats-util.h"
-#include "fs-util.h"
-#include "hostname-setup.h"
-#include "ima-setup.h"
-#include "killall.h"
-#include "kmod-setup.h"
-#include "load-fragment.h"
-#include "log.h"
-#include "loopback-setup.h"
-#include "machine-id-setup.h"
-#include "manager.h"
-#include "missing.h"
-#include "mount-setup.h"
-#include "pager.h"
-#include "parse-util.h"
-#include "proc-cmdline.h"
-#include "process-util.h"
-#include "raw-clone.h"
-#include "rlimit-util.h"
-#ifdef HAVE_SECCOMP
-#include "seccomp-util.h"
-#endif
-#include "selinux-setup.h"
-#include "selinux-util.h"
-#include "signal-util.h"
-#include "smack-setup.h"
-#include "special.h"
-#include "stat-util.h"
-#include "stdio-util.h"
-#include "strv.h"
-#include "switch-root.h"
-#include "terminal-util.h"
-#include "umask-util.h"
-#include "user-util.h"
-#include "virt.h"
-#include "watchdog.h"
-#include "emergency-action.h"
-
-static enum {
- ACTION_RUN,
- ACTION_HELP,
- ACTION_VERSION,
- ACTION_TEST,
- ACTION_DUMP_CONFIGURATION_ITEMS
-} arg_action = ACTION_RUN;
-static char *arg_default_unit = NULL;
-static bool arg_system = false;
-static bool arg_dump_core = true;
-static int arg_crash_chvt = -1;
-static bool arg_crash_shell = false;
-static bool arg_crash_reboot = false;
-static bool arg_confirm_spawn = false;
-static ShowStatus arg_show_status = _SHOW_STATUS_UNSET;
-static bool arg_switched_root = false;
-static bool arg_no_pager = false;
-static char ***arg_join_controllers = NULL;
-static ExecOutput arg_default_std_output = EXEC_OUTPUT_JOURNAL;
-static ExecOutput arg_default_std_error = EXEC_OUTPUT_INHERIT;
-static usec_t arg_default_restart_usec = DEFAULT_RESTART_USEC;
-static usec_t arg_default_timeout_start_usec = DEFAULT_TIMEOUT_USEC;
-static usec_t arg_default_timeout_stop_usec = DEFAULT_TIMEOUT_USEC;
-static usec_t arg_default_start_limit_interval = DEFAULT_START_LIMIT_INTERVAL;
-static unsigned arg_default_start_limit_burst = DEFAULT_START_LIMIT_BURST;
-static usec_t arg_runtime_watchdog = 0;
-static usec_t arg_shutdown_watchdog = 10 * USEC_PER_MINUTE;
-static char **arg_default_environment = NULL;
-static struct rlimit *arg_default_rlimit[_RLIMIT_MAX] = {};
-static uint64_t arg_capability_bounding_set = CAP_ALL;
-static nsec_t arg_timer_slack_nsec = NSEC_INFINITY;
-static usec_t arg_default_timer_accuracy_usec = 1 * USEC_PER_MINUTE;
-static Set* arg_syscall_archs = NULL;
-static FILE* arg_serialization = NULL;
-static bool arg_default_cpu_accounting = false;
-static bool arg_default_io_accounting = false;
-static bool arg_default_blockio_accounting = false;
-static bool arg_default_memory_accounting = false;
-static bool arg_default_tasks_accounting = true;
-static uint64_t arg_default_tasks_max = UINT64_MAX;
-static sd_id128_t arg_machine_id = {};
-static EmergencyAction arg_cad_burst_action = EMERGENCY_ACTION_REBOOT_FORCE;
-
-noreturn static void freeze_or_reboot(void) {
-
- if (arg_crash_reboot) {
- log_notice("Rebooting in 10s...");
- (void) sleep(10);
-
- log_notice("Rebooting now...");
- (void) reboot(RB_AUTOBOOT);
- log_emergency_errno(errno, "Failed to reboot: %m");
- }
-
- log_emergency("Freezing execution.");
- freeze();
-}
-
-noreturn static void crash(int sig) {
- struct sigaction sa;
- pid_t pid;
-
- if (getpid() != 1)
- /* Pass this on immediately, if this is not PID 1 */
- (void) raise(sig);
- else if (!arg_dump_core)
- log_emergency("Caught <%s>, not dumping core.", signal_to_string(sig));
- else {
- sa = (struct sigaction) {
- .sa_handler = nop_signal_handler,
- .sa_flags = SA_NOCLDSTOP|SA_RESTART,
- };
-
- /* We want to wait for the core process, hence let's enable SIGCHLD */
- (void) sigaction(SIGCHLD, &sa, NULL);
-
- pid = raw_clone(SIGCHLD);
- if (pid < 0)
- log_emergency_errno(errno, "Caught <%s>, cannot fork for core dump: %m", signal_to_string(sig));
- else if (pid == 0) {
- /* Enable default signal handler for core dump */
-
- sa = (struct sigaction) {
- .sa_handler = SIG_DFL,
- };
- (void) sigaction(sig, &sa, NULL);
-
- /* Don't limit the coredump size */
- (void) setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY));
-
- /* Just to be sure... */
- (void) chdir("/");
-
- /* Raise the signal again */
- pid = raw_getpid();
- (void) kill(pid, sig); /* raise() would kill the parent */
-
- assert_not_reached("We shouldn't be here...");
- _exit(EXIT_FAILURE);
- } else {
- siginfo_t status;
- int r;
-
- /* Order things nicely. */
- r = wait_for_terminate(pid, &status);
- if (r < 0)
- log_emergency_errno(r, "Caught <%s>, waitpid() failed: %m", signal_to_string(sig));
- else if (status.si_code != CLD_DUMPED)
- log_emergency("Caught <%s>, core dump failed (child "PID_FMT", code=%s, status=%i/%s).",
- signal_to_string(sig),
- pid, sigchld_code_to_string(status.si_code),
- status.si_status,
- strna(status.si_code == CLD_EXITED
- ? exit_status_to_string(status.si_status, EXIT_STATUS_MINIMAL)
- : signal_to_string(status.si_status)));
- else
- log_emergency("Caught <%s>, dumped core as pid "PID_FMT".", signal_to_string(sig), pid);
- }
- }
-
- if (arg_crash_chvt >= 0)
- (void) chvt(arg_crash_chvt);
-
- sa = (struct sigaction) {
- .sa_handler = SIG_IGN,
- .sa_flags = SA_NOCLDSTOP|SA_NOCLDWAIT|SA_RESTART,
- };
-
- /* Let the kernel reap children for us */
- (void) sigaction(SIGCHLD, &sa, NULL);
-
- if (arg_crash_shell) {
- log_notice("Executing crash shell in 10s...");
- (void) sleep(10);
-
- pid = raw_clone(SIGCHLD);
- if (pid < 0)
- log_emergency_errno(errno, "Failed to fork off crash shell: %m");
- else if (pid == 0) {
- (void) setsid();
- (void) make_console_stdio();
- (void) execle("/bin/sh", "/bin/sh", NULL, environ);
-
- log_emergency_errno(errno, "execle() failed: %m");
- _exit(EXIT_FAILURE);
- } else {
- log_info("Spawned crash shell as PID "PID_FMT".", pid);
- (void) wait_for_terminate(pid, NULL);
- }
- }
-
- freeze_or_reboot();
-}
-
-static void install_crash_handler(void) {
- static const struct sigaction sa = {
- .sa_handler = crash,
- .sa_flags = SA_NODEFER, /* So that we can raise the signal again from the signal handler */
- };
- int r;
-
- /* We ignore the return value here, since, we don't mind if we
- * cannot set up a crash handler */
- r = sigaction_many(&sa, SIGNALS_CRASH_HANDLER, -1);
- if (r < 0)
- log_debug_errno(r, "I had trouble setting up the crash handler, ignoring: %m");
-}
-
-static int console_setup(void) {
- _cleanup_close_ int tty_fd = -1;
- int r;
-
- tty_fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
- if (tty_fd < 0)
- return log_error_errno(tty_fd, "Failed to open /dev/console: %m");
-
- /* We don't want to force text mode. plymouth may be showing
- * pictures already from initrd. */
- r = reset_terminal_fd(tty_fd, false);
- if (r < 0)
- return log_error_errno(r, "Failed to reset /dev/console: %m");
-
- return 0;
-}
-
-static int parse_crash_chvt(const char *value) {
- int b;
-
- if (safe_atoi(value, &arg_crash_chvt) >= 0)
- return 0;
-
- b = parse_boolean(value);
- if (b < 0)
- return b;
-
- if (b > 0)
- arg_crash_chvt = 0; /* switch to where kmsg goes */
- else
- arg_crash_chvt = -1; /* turn off switching */
-
- return 0;
-}
-
-static int set_machine_id(const char *m) {
- sd_id128_t t;
- assert(m);
-
- if (sd_id128_from_string(m, &t) < 0)
- return -EINVAL;
-
- if (sd_id128_is_null(t))
- return -EINVAL;
-
- arg_machine_id = t;
- return 0;
-}
-
-static int parse_proc_cmdline_item(const char *key, const char *value, void *data) {
-
- int r;
-
- assert(key);
-
- if (streq(key, "systemd.unit") && value) {
-
- if (!in_initrd())
- return free_and_strdup(&arg_default_unit, value);
-
- } else if (streq(key, "rd.systemd.unit") && value) {
-
- if (in_initrd())
- return free_and_strdup(&arg_default_unit, value);
-
- } else if (streq(key, "systemd.dump_core") && value) {
-
- r = parse_boolean(value);
- if (r < 0)
- log_warning("Failed to parse dump core switch %s. Ignoring.", value);
- else
- arg_dump_core = r;
-
- } else if (streq(key, "systemd.crash_chvt") && value) {
-
- if (parse_crash_chvt(value) < 0)
- log_warning("Failed to parse crash chvt switch %s. Ignoring.", value);
-
- } else if (streq(key, "systemd.crash_shell") && value) {
-
- r = parse_boolean(value);
- if (r < 0)
- log_warning("Failed to parse crash shell switch %s. Ignoring.", value);
- else
- arg_crash_shell = r;
-
- } else if (streq(key, "systemd.crash_reboot") && value) {
-
- r = parse_boolean(value);
- if (r < 0)
- log_warning("Failed to parse crash reboot switch %s. Ignoring.", value);
- else
- arg_crash_reboot = r;
-
- } else if (streq(key, "systemd.confirm_spawn") && value) {
-
- r = parse_boolean(value);
- if (r < 0)
- log_warning("Failed to parse confirm spawn switch %s. Ignoring.", value);
- else
- arg_confirm_spawn = r;
-
- } else if (streq(key, "systemd.show_status") && value) {
-
- r = parse_show_status(value, &arg_show_status);
- if (r < 0)
- log_warning("Failed to parse show status switch %s. Ignoring.", value);
-
- } else if (streq(key, "systemd.default_standard_output") && value) {
-
- r = exec_output_from_string(value);
- if (r < 0)
- log_warning("Failed to parse default standard output switch %s. Ignoring.", value);
- else
- arg_default_std_output = r;
-
- } else if (streq(key, "systemd.default_standard_error") && value) {
-
- r = exec_output_from_string(value);
- if (r < 0)
- log_warning("Failed to parse default standard error switch %s. Ignoring.", value);
- else
- arg_default_std_error = r;
-
- } else if (streq(key, "systemd.setenv") && value) {
-
- if (env_assignment_is_valid(value)) {
- char **env;
-
- env = strv_env_set(arg_default_environment, value);
- if (env)
- arg_default_environment = env;
- else
- log_warning_errno(ENOMEM, "Setting environment variable '%s' failed, ignoring: %m", value);
- } else
- log_warning("Environment variable name '%s' is not valid. Ignoring.", value);
-
- } else if (streq(key, "systemd.machine_id") && value) {
-
- r = set_machine_id(value);
- if (r < 0)
- log_warning("MachineID '%s' is not valid. Ignoring.", value);
-
- } else if (streq(key, "quiet") && !value) {
-
- if (arg_show_status == _SHOW_STATUS_UNSET)
- arg_show_status = SHOW_STATUS_AUTO;
-
- } else if (streq(key, "debug") && !value) {
-
- /* Note that log_parse_environment() handles 'debug'
- * too, and sets the log level to LOG_DEBUG. */
-
- if (detect_container() > 0)
- log_set_target(LOG_TARGET_CONSOLE);
-
- } else if (!value) {
- const char *target;
-
- /* SysV compatibility */
- target = runlevel_to_target(key);
- if (target)
- return free_and_strdup(&arg_default_unit, target);
-
- } else if (streq(key, "systemd.default_timeout_start_sec") && value) {
-
- r = parse_sec(value, &arg_default_timeout_start_usec);
- if (r < 0)
- log_warning_errno(r, "Failed to parse default start timeout: %s, ignoring.", value);
-
- if (arg_default_timeout_start_usec <= 0)
- arg_default_timeout_start_usec = USEC_INFINITY;
- }
-
- return 0;
-}
-
-#define DEFINE_SETTER(name, func, descr) \
- static int name(const char *unit, \
- const char *filename, \
- unsigned line, \
- const char *section, \
- unsigned section_line, \
- const char *lvalue, \
- int ltype, \
- const char *rvalue, \
- void *data, \
- void *userdata) { \
- \
- int r; \
- \
- assert(filename); \
- assert(lvalue); \
- assert(rvalue); \
- \
- r = func(rvalue); \
- if (r < 0) \
- log_syntax(unit, LOG_ERR, filename, line, r, \
- "Invalid " descr "'%s': %m", \
- rvalue); \
- \
- return 0; \
- }
-
-DEFINE_SETTER(config_parse_level2, log_set_max_level_from_string, "log level")
-DEFINE_SETTER(config_parse_target, log_set_target_from_string, "target")
-DEFINE_SETTER(config_parse_color, log_show_color_from_string, "color" )
-DEFINE_SETTER(config_parse_location, log_show_location_from_string, "location")
-
-static int config_parse_cpu_affinity2(
- const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- _cleanup_cpu_free_ cpu_set_t *c = NULL;
- int ncpus;
-
- ncpus = parse_cpu_set_and_warn(rvalue, &c, unit, filename, line, lvalue);
- if (ncpus < 0)
- return ncpus;
-
- if (sched_setaffinity(0, CPU_ALLOC_SIZE(ncpus), c) < 0)
- log_warning("Failed to set CPU affinity: %m");
-
- return 0;
-}
-
-static int config_parse_show_status(
- const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- int k;
- ShowStatus *b = data;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
- assert(data);
-
- k = parse_show_status(rvalue, b);
- if (k < 0) {
- log_syntax(unit, LOG_ERR, filename, line, k, "Failed to parse show status setting, ignoring: %s", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-static int config_parse_crash_chvt(
- const char* unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- int r;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- r = parse_crash_chvt(rvalue);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Failed to parse CrashChangeVT= setting, ignoring: %s", rvalue);
- return 0;
- }
-
- return 0;
-}
-
-static int config_parse_join_controllers(const char *unit,
- const char *filename,
- unsigned line,
- const char *section,
- unsigned section_line,
- const char *lvalue,
- int ltype,
- const char *rvalue,
- void *data,
- void *userdata) {
-
- const char *whole_rvalue = rvalue;
- unsigned n = 0;
-
- assert(filename);
- assert(lvalue);
- assert(rvalue);
-
- arg_join_controllers = strv_free_free(arg_join_controllers);
-
- for (;;) {
- _cleanup_free_ char *word = NULL;
- char **l;
- int r;
-
- r = extract_first_word(&rvalue, &word, WHITESPACE, EXTRACT_QUOTES);
- if (r < 0) {
- log_syntax(unit, LOG_ERR, filename, line, r, "Invalid value for %s: %s", lvalue, whole_rvalue);
- return r;
- }
- if (r == 0)
- break;
-
- l = strv_split(word, ",");
- if (!l)
- return log_oom();
- strv_uniq(l);
-
- if (strv_length(l) <= 1) {
- strv_free(l);
- continue;
- }
-
- if (!arg_join_controllers) {
- arg_join_controllers = new(char**, 2);
- if (!arg_join_controllers) {
- strv_free(l);
- return log_oom();
- }
-
- arg_join_controllers[0] = l;
- arg_join_controllers[1] = NULL;
-
- n = 1;
- } else {
- char ***a;
- char ***t;
-
- t = new0(char**, n+2);
- if (!t) {
- strv_free(l);
- return log_oom();
- }
-
- n = 0;
-
- for (a = arg_join_controllers; *a; a++) {
-
- if (strv_overlap(*a, l)) {
- if (strv_extend_strv(&l, *a, false) < 0) {
- strv_free(l);
- strv_free_free(t);
- return log_oom();
- }
-
- } else {
- char **c;
-
- c = strv_copy(*a);
- if (!c) {
- strv_free(l);
- strv_free_free(t);
- return log_oom();
- }
-
- t[n++] = c;
- }
- }
-
- t[n++] = strv_uniq(l);
-
- strv_free_free(arg_join_controllers);
- arg_join_controllers = t;
- }
- }
- if (!isempty(rvalue))
- log_syntax(unit, LOG_ERR, filename, line, 0, "Trailing garbage, ignoring.");
-
- return 0;
-}
-
-static int parse_config_file(void) {
-
- const ConfigTableItem items[] = {
- { "Manager", "LogLevel", config_parse_level2, 0, NULL },
- { "Manager", "LogTarget", config_parse_target, 0, NULL },
- { "Manager", "LogColor", config_parse_color, 0, NULL },
- { "Manager", "LogLocation", config_parse_location, 0, NULL },
- { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core },
- { "Manager", "CrashChVT", /* legacy */ config_parse_crash_chvt, 0, NULL },
- { "Manager", "CrashChangeVT", config_parse_crash_chvt, 0, NULL },
- { "Manager", "CrashShell", config_parse_bool, 0, &arg_crash_shell },
- { "Manager", "CrashReboot", config_parse_bool, 0, &arg_crash_reboot },
- { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status },
- { "Manager", "CPUAffinity", config_parse_cpu_affinity2, 0, NULL },
- { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers },
- { "Manager", "RuntimeWatchdogSec", config_parse_sec, 0, &arg_runtime_watchdog },
- { "Manager", "ShutdownWatchdogSec", config_parse_sec, 0, &arg_shutdown_watchdog },
- { "Manager", "CapabilityBoundingSet", config_parse_capability_set, 0, &arg_capability_bounding_set },
-#ifdef HAVE_SECCOMP
- { "Manager", "SystemCallArchitectures", config_parse_syscall_archs, 0, &arg_syscall_archs },
-#endif
- { "Manager", "TimerSlackNSec", config_parse_nsec, 0, &arg_timer_slack_nsec },
- { "Manager", "DefaultTimerAccuracySec", config_parse_sec, 0, &arg_default_timer_accuracy_usec },
- { "Manager", "DefaultStandardOutput", config_parse_output, 0, &arg_default_std_output },
- { "Manager", "DefaultStandardError", config_parse_output, 0, &arg_default_std_error },
- { "Manager", "DefaultTimeoutStartSec", config_parse_sec, 0, &arg_default_timeout_start_usec },
- { "Manager", "DefaultTimeoutStopSec", config_parse_sec, 0, &arg_default_timeout_stop_usec },
- { "Manager", "DefaultRestartSec", config_parse_sec, 0, &arg_default_restart_usec },
- { "Manager", "DefaultStartLimitInterval", config_parse_sec, 0, &arg_default_start_limit_interval }, /* obsolete alias */
- { "Manager", "DefaultStartLimitIntervalSec",config_parse_sec, 0, &arg_default_start_limit_interval },
- { "Manager", "DefaultStartLimitBurst", config_parse_unsigned, 0, &arg_default_start_limit_burst },
- { "Manager", "DefaultEnvironment", config_parse_environ, 0, &arg_default_environment },
- { "Manager", "DefaultLimitCPU", config_parse_limit, RLIMIT_CPU, arg_default_rlimit },
- { "Manager", "DefaultLimitFSIZE", config_parse_limit, RLIMIT_FSIZE, arg_default_rlimit },
- { "Manager", "DefaultLimitDATA", config_parse_limit, RLIMIT_DATA, arg_default_rlimit },
- { "Manager", "DefaultLimitSTACK", config_parse_limit, RLIMIT_STACK, arg_default_rlimit },
- { "Manager", "DefaultLimitCORE", config_parse_limit, RLIMIT_CORE, arg_default_rlimit },
- { "Manager", "DefaultLimitRSS", config_parse_limit, RLIMIT_RSS, arg_default_rlimit },
- { "Manager", "DefaultLimitNOFILE", config_parse_limit, RLIMIT_NOFILE, arg_default_rlimit },
- { "Manager", "DefaultLimitAS", config_parse_limit, RLIMIT_AS, arg_default_rlimit },
- { "Manager", "DefaultLimitNPROC", config_parse_limit, RLIMIT_NPROC, arg_default_rlimit },
- { "Manager", "DefaultLimitMEMLOCK", config_parse_limit, RLIMIT_MEMLOCK, arg_default_rlimit },
- { "Manager", "DefaultLimitLOCKS", config_parse_limit, RLIMIT_LOCKS, arg_default_rlimit },
- { "Manager", "DefaultLimitSIGPENDING", config_parse_limit, RLIMIT_SIGPENDING, arg_default_rlimit },
- { "Manager", "DefaultLimitMSGQUEUE", config_parse_limit, RLIMIT_MSGQUEUE, arg_default_rlimit },
- { "Manager", "DefaultLimitNICE", config_parse_limit, RLIMIT_NICE, arg_default_rlimit },
- { "Manager", "DefaultLimitRTPRIO", config_parse_limit, RLIMIT_RTPRIO, arg_default_rlimit },
- { "Manager", "DefaultLimitRTTIME", config_parse_limit, RLIMIT_RTTIME, arg_default_rlimit },
- { "Manager", "DefaultCPUAccounting", config_parse_bool, 0, &arg_default_cpu_accounting },
- { "Manager", "DefaultIOAccounting", config_parse_bool, 0, &arg_default_io_accounting },
- { "Manager", "DefaultBlockIOAccounting", config_parse_bool, 0, &arg_default_blockio_accounting },
- { "Manager", "DefaultMemoryAccounting", config_parse_bool, 0, &arg_default_memory_accounting },
- { "Manager", "DefaultTasksAccounting", config_parse_bool, 0, &arg_default_tasks_accounting },
- { "Manager", "DefaultTasksMax", config_parse_tasks_max, 0, &arg_default_tasks_max },
- { "Manager", "CtrlAltDelBurstAction", config_parse_emergency_action, 0, &arg_cad_burst_action },
- {}
- };
-
- const char *fn, *conf_dirs_nulstr;
-
- fn = arg_system ?
- PKGSYSCONFDIR "/system.conf" :
- PKGSYSCONFDIR "/user.conf";
-
- conf_dirs_nulstr = arg_system ?
- CONF_PATHS_NULSTR("systemd/system.conf.d") :
- CONF_PATHS_NULSTR("systemd/user.conf.d");
-
- config_parse_many_nulstr(fn, conf_dirs_nulstr, "Manager\0", config_item_table_lookup, items, false, NULL);
-
- /* Traditionally "0" was used to turn off the default unit timeouts. Fix this up so that we used USEC_INFINITY
- * like everywhere else. */
- if (arg_default_timeout_start_usec <= 0)
- arg_default_timeout_start_usec = USEC_INFINITY;
- if (arg_default_timeout_stop_usec <= 0)
- arg_default_timeout_stop_usec = USEC_INFINITY;
-
- return 0;
-}
-
-static void manager_set_defaults(Manager *m) {
-
- assert(m);
-
- m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec;
- m->default_std_output = arg_default_std_output;
- m->default_std_error = arg_default_std_error;
- m->default_timeout_start_usec = arg_default_timeout_start_usec;
- m->default_timeout_stop_usec = arg_default_timeout_stop_usec;
- m->default_restart_usec = arg_default_restart_usec;
- m->default_start_limit_interval = arg_default_start_limit_interval;
- m->default_start_limit_burst = arg_default_start_limit_burst;
- m->default_cpu_accounting = arg_default_cpu_accounting;
- m->default_io_accounting = arg_default_io_accounting;
- m->default_blockio_accounting = arg_default_blockio_accounting;
- m->default_memory_accounting = arg_default_memory_accounting;
- m->default_tasks_accounting = arg_default_tasks_accounting;
- m->default_tasks_max = arg_default_tasks_max;
-
- manager_set_default_rlimits(m, arg_default_rlimit);
- manager_environment_add(m, NULL, arg_default_environment);
-}
-
-static int parse_argv(int argc, char *argv[]) {
-
- enum {
- ARG_LOG_LEVEL = 0x100,
- ARG_LOG_TARGET,
- ARG_LOG_COLOR,
- ARG_LOG_LOCATION,
- ARG_UNIT,
- ARG_SYSTEM,
- ARG_USER,
- ARG_TEST,
- ARG_NO_PAGER,
- ARG_VERSION,
- ARG_DUMP_CONFIGURATION_ITEMS,
- ARG_DUMP_CORE,
- ARG_CRASH_CHVT,
- ARG_CRASH_SHELL,
- ARG_CRASH_REBOOT,
- ARG_CONFIRM_SPAWN,
- ARG_SHOW_STATUS,
- ARG_DESERIALIZE,
- ARG_SWITCHED_ROOT,
- ARG_DEFAULT_STD_OUTPUT,
- ARG_DEFAULT_STD_ERROR,
- ARG_MACHINE_ID
- };
-
- static const struct option options[] = {
- { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
- { "log-target", required_argument, NULL, ARG_LOG_TARGET },
- { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
- { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
- { "unit", required_argument, NULL, ARG_UNIT },
- { "system", no_argument, NULL, ARG_SYSTEM },
- { "user", no_argument, NULL, ARG_USER },
- { "test", no_argument, NULL, ARG_TEST },
- { "no-pager", no_argument, NULL, ARG_NO_PAGER },
- { "help", no_argument, NULL, 'h' },
- { "version", no_argument, NULL, ARG_VERSION },
- { "dump-configuration-items", no_argument, NULL, ARG_DUMP_CONFIGURATION_ITEMS },
- { "dump-core", optional_argument, NULL, ARG_DUMP_CORE },
- { "crash-chvt", required_argument, NULL, ARG_CRASH_CHVT },
- { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL },
- { "crash-reboot", optional_argument, NULL, ARG_CRASH_REBOOT },
- { "confirm-spawn", optional_argument, NULL, ARG_CONFIRM_SPAWN },
- { "show-status", optional_argument, NULL, ARG_SHOW_STATUS },
- { "deserialize", required_argument, NULL, ARG_DESERIALIZE },
- { "switched-root", no_argument, NULL, ARG_SWITCHED_ROOT },
- { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, },
- { "default-standard-error", required_argument, NULL, ARG_DEFAULT_STD_ERROR, },
- { "machine-id", required_argument, NULL, ARG_MACHINE_ID },
- {}
- };
-
- int c, r;
-
- assert(argc >= 1);
- assert(argv);
-
- if (getpid() == 1)
- opterr = 0;
-
- while ((c = getopt_long(argc, argv, "hDbsz:", options, NULL)) >= 0)
-
- switch (c) {
-
- case ARG_LOG_LEVEL:
- r = log_set_max_level_from_string(optarg);
- if (r < 0) {
- log_error("Failed to parse log level %s.", optarg);
- return r;
- }
-
- break;
-
- case ARG_LOG_TARGET:
- r = log_set_target_from_string(optarg);
- if (r < 0) {
- log_error("Failed to parse log target %s.", optarg);
- return r;
- }
-
- break;
-
- case ARG_LOG_COLOR:
-
- if (optarg) {
- r = log_show_color_from_string(optarg);
- if (r < 0) {
- log_error("Failed to parse log color setting %s.", optarg);
- return r;
- }
- } else
- log_show_color(true);
-
- break;
-
- case ARG_LOG_LOCATION:
- if (optarg) {
- r = log_show_location_from_string(optarg);
- if (r < 0) {
- log_error("Failed to parse log location setting %s.", optarg);
- return r;
- }
- } else
- log_show_location(true);
-
- break;
-
- case ARG_DEFAULT_STD_OUTPUT:
- r = exec_output_from_string(optarg);
- if (r < 0) {
- log_error("Failed to parse default standard output setting %s.", optarg);
- return r;
- } else
- arg_default_std_output = r;
- break;
-
- case ARG_DEFAULT_STD_ERROR:
- r = exec_output_from_string(optarg);
- if (r < 0) {
- log_error("Failed to parse default standard error output setting %s.", optarg);
- return r;
- } else
- arg_default_std_error = r;
- break;
-
- case ARG_UNIT:
-
- r = free_and_strdup(&arg_default_unit, optarg);
- if (r < 0)
- return log_error_errno(r, "Failed to set default unit %s: %m", optarg);
-
- break;
-
- case ARG_SYSTEM:
- arg_system = true;
- break;
-
- case ARG_USER:
- arg_system = false;
- break;
-
- case ARG_TEST:
- arg_action = ACTION_TEST;
- break;
-
- case ARG_NO_PAGER:
- arg_no_pager = true;
- break;
-
- case ARG_VERSION:
- arg_action = ACTION_VERSION;
- break;
-
- case ARG_DUMP_CONFIGURATION_ITEMS:
- arg_action = ACTION_DUMP_CONFIGURATION_ITEMS;
- break;
-
- case ARG_DUMP_CORE:
- if (!optarg)
- arg_dump_core = true;
- else {
- r = parse_boolean(optarg);
- if (r < 0)
- return log_error_errno(r, "Failed to parse dump core boolean: %s", optarg);
- arg_dump_core = r;
- }
- break;
-
- case ARG_CRASH_CHVT:
- r = parse_crash_chvt(optarg);
- if (r < 0)
- return log_error_errno(r, "Failed to parse crash virtual terminal index: %s", optarg);
- break;
-
- case ARG_CRASH_SHELL:
- if (!optarg)
- arg_crash_shell = true;
- else {
- r = parse_boolean(optarg);
- if (r < 0)
- return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
- arg_crash_shell = r;
- }
- break;
-
- case ARG_CRASH_REBOOT:
- if (!optarg)
- arg_crash_reboot = true;
- else {
- r = parse_boolean(optarg);
- if (r < 0)
- return log_error_errno(r, "Failed to parse crash shell boolean: %s", optarg);
- arg_crash_reboot = r;
- }
- break;
-
- case ARG_CONFIRM_SPAWN:
- r = optarg ? parse_boolean(optarg) : 1;
- if (r < 0) {
- log_error("Failed to parse confirm spawn boolean %s.", optarg);
- return r;
- }
- arg_confirm_spawn = r;
- break;
-
- case ARG_SHOW_STATUS:
- if (optarg) {
- r = parse_show_status(optarg, &arg_show_status);
- if (r < 0) {
- log_error("Failed to parse show status boolean %s.", optarg);
- return r;
- }
- } else
- arg_show_status = SHOW_STATUS_YES;
- break;
-
- case ARG_DESERIALIZE: {
- int fd;
- FILE *f;
-
- r = safe_atoi(optarg, &fd);
- if (r < 0 || fd < 0) {
- log_error("Failed to parse deserialize option %s.", optarg);
- return -EINVAL;
- }
-
- (void) fd_cloexec(fd, true);
-
- f = fdopen(fd, "r");
- if (!f)
- return log_error_errno(errno, "Failed to open serialization fd: %m");
-
- safe_fclose(arg_serialization);
- arg_serialization = f;
-
- break;
- }
-
- case ARG_SWITCHED_ROOT:
- arg_switched_root = true;
- break;
-
- case ARG_MACHINE_ID:
- r = set_machine_id(optarg);
- if (r < 0)
- return log_error_errno(r, "MachineID '%s' is not valid.", optarg);
- break;
-
- case 'h':
- arg_action = ACTION_HELP;
- break;
-
- case 'D':
- log_set_max_level(LOG_DEBUG);
- break;
-
- case 'b':
- case 's':
- case 'z':
- /* Just to eat away the sysvinit kernel
- * cmdline args without getopt() error
- * messages that we'll parse in
- * parse_proc_cmdline_word() or ignore. */
-
- case '?':
- if (getpid() != 1)
- return -EINVAL;
- else
- return 0;
-
- default:
- assert_not_reached("Unhandled option code.");
- }
-
- if (optind < argc && getpid() != 1) {
- /* Hmm, when we aren't run as init system
- * let's complain about excess arguments */
-
- log_error("Excess arguments.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int help(void) {
-
- printf("%s [OPTIONS...]\n\n"
- "Starts up and maintains the system or user services.\n\n"
- " -h --help Show this help\n"
- " --test Determine startup sequence, dump it and exit\n"
- " --no-pager Do not pipe output into a pager\n"
- " --dump-configuration-items Dump understood unit configuration items\n"
- " --unit=UNIT Set default unit\n"
- " --system Run a system instance, even if PID != 1\n"
- " --user Run a user instance\n"
- " --dump-core[=BOOL] Dump core on crash\n"
- " --crash-vt=NR Change to specified VT on crash\n"
- " --crash-reboot[=BOOL] Reboot on crash\n"
- " --crash-shell[=BOOL] Run shell on crash\n"
- " --confirm-spawn[=BOOL] Ask for confirmation when spawning processes\n"
- " --show-status[=BOOL] Show status updates on the console during bootup\n"
- " --log-target=TARGET Set log target (console, journal, kmsg, journal-or-kmsg, null)\n"
- " --log-level=LEVEL Set log level (debug, info, notice, warning, err, crit, alert, emerg)\n"
- " --log-color[=BOOL] Highlight important log messages\n"
- " --log-location[=BOOL] Include code location in log messages\n"
- " --default-standard-output= Set default standard output for services\n"
- " --default-standard-error= Set default standard error output for services\n",
- program_invocation_short_name);
-
- return 0;
-}
-
-static int prepare_reexecute(Manager *m, FILE **_f, FDSet **_fds, bool switching_root) {
- _cleanup_fdset_free_ FDSet *fds = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- int r;
-
- assert(m);
- assert(_f);
- assert(_fds);
-
- r = manager_open_serialization(m, &f);
- if (r < 0)
- return log_error_errno(r, "Failed to create serialization file: %m");
-
- /* Make sure nothing is really destructed when we shut down */
- m->n_reloading++;
- bus_manager_send_reloading(m, true);
-
- fds = fdset_new();
- if (!fds)
- return log_oom();
-
- r = manager_serialize(m, f, fds, switching_root);
- if (r < 0)
- return log_error_errno(r, "Failed to serialize state: %m");
-
- if (fseeko(f, 0, SEEK_SET) == (off_t) -1)
- return log_error_errno(errno, "Failed to rewind serialization fd: %m");
-
- r = fd_cloexec(fileno(f), false);
- if (r < 0)
- return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization: %m");
-
- r = fdset_cloexec(fds, false);
- if (r < 0)
- return log_error_errno(r, "Failed to disable O_CLOEXEC for serialization fds: %m");
-
- *_f = f;
- *_fds = fds;
-
- f = NULL;
- fds = NULL;
-
- return 0;
-}
-
-static int bump_rlimit_nofile(struct rlimit *saved_rlimit) {
- struct rlimit nl;
- int r;
-
- assert(saved_rlimit);
-
- /* Save the original RLIMIT_NOFILE so that we can reset it
- * later when transitioning from the initrd to the main
- * systemd or suchlike. */
- if (getrlimit(RLIMIT_NOFILE, saved_rlimit) < 0)
- return log_warning_errno(errno, "Reading RLIMIT_NOFILE failed, ignoring: %m");
-
- /* Make sure forked processes get the default kernel setting */
- if (!arg_default_rlimit[RLIMIT_NOFILE]) {
- struct rlimit *rl;
-
- rl = newdup(struct rlimit, saved_rlimit, 1);
- if (!rl)
- return log_oom();
-
- arg_default_rlimit[RLIMIT_NOFILE] = rl;
- }
-
- /* Bump up the resource limit for ourselves substantially */
- nl.rlim_cur = nl.rlim_max = 64*1024;
- r = setrlimit_closest(RLIMIT_NOFILE, &nl);
- if (r < 0)
- return log_warning_errno(r, "Setting RLIMIT_NOFILE failed, ignoring: %m");
-
- return 0;
-}
-
-static void test_usr(void) {
-
- /* Check that /usr is not a separate fs */
-
- if (dir_is_empty("/usr") <= 0)
- return;
-
- log_warning("/usr appears to be on its own filesystem and is not already mounted. This is not a supported setup. "
- "Some things will probably break (sometimes even silently) in mysterious ways. "
- "Consult http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken for more information.");
-}
-
-static int initialize_join_controllers(void) {
- /* By default, mount "cpu" + "cpuacct" together, and "net_cls"
- * + "net_prio". We'd like to add "cpuset" to the mix, but
- * "cpuset" doesn't really work for groups with no initialized
- * attributes. */
-
- arg_join_controllers = new(char**, 3);
- if (!arg_join_controllers)
- return -ENOMEM;
-
- arg_join_controllers[0] = strv_new("cpu", "cpuacct", NULL);
- if (!arg_join_controllers[0])
- goto oom;
-
- arg_join_controllers[1] = strv_new("net_cls", "net_prio", NULL);
- if (!arg_join_controllers[1])
- goto oom;
-
- arg_join_controllers[2] = NULL;
- return 0;
-
-oom:
- arg_join_controllers = strv_free_free(arg_join_controllers);
- return -ENOMEM;
-}
-
-static int enforce_syscall_archs(Set *archs) {
-#ifdef HAVE_SECCOMP
- scmp_filter_ctx *seccomp;
- Iterator i;
- void *id;
- int r;
-
- if (!is_seccomp_available())
- return 0;
-
- seccomp = seccomp_init(SCMP_ACT_ALLOW);
- if (!seccomp)
- return log_oom();
-
- SET_FOREACH(id, arg_syscall_archs, i) {
- r = seccomp_arch_add(seccomp, PTR_TO_UINT32(id) - 1);
- if (r == -EEXIST)
- continue;
- if (r < 0) {
- log_error_errno(r, "Failed to add architecture to seccomp: %m");
- goto finish;
- }
- }
-
- r = seccomp_attr_set(seccomp, SCMP_FLTATR_CTL_NNP, 0);
- if (r < 0) {
- log_error_errno(r, "Failed to unset NO_NEW_PRIVS: %m");
- goto finish;
- }
-
- r = seccomp_load(seccomp);
- if (r < 0)
- log_error_errno(r, "Failed to add install architecture seccomp: %m");
-
-finish:
- seccomp_release(seccomp);
- return r;
-#else
- return 0;
-#endif
-}
-
-static int status_welcome(void) {
- _cleanup_free_ char *pretty_name = NULL, *ansi_color = NULL;
- int r;
-
- r = parse_env_file("/etc/os-release", NEWLINE,
- "PRETTY_NAME", &pretty_name,
- "ANSI_COLOR", &ansi_color,
- NULL);
- if (r == -ENOENT)
- r = parse_env_file("/usr/lib/os-release", NEWLINE,
- "PRETTY_NAME", &pretty_name,
- "ANSI_COLOR", &ansi_color,
- NULL);
-
- if (r < 0 && r != -ENOENT)
- log_warning_errno(r, "Failed to read os-release file: %m");
-
- if (log_get_show_color())
- return status_printf(NULL, false, false,
- "\nWelcome to \x1B[%sm%s\x1B[0m!\n",
- isempty(ansi_color) ? "1" : ansi_color,
- isempty(pretty_name) ? "GNU/Linux" : pretty_name);
- else
- return status_printf(NULL, false, false,
- "\nWelcome to %s!\n",
- isempty(pretty_name) ? "GNU/Linux" : pretty_name);
-}
-
-static int write_container_id(void) {
- const char *c;
- int r;
-
- c = getenv("container");
- if (isempty(c))
- return 0;
-
- RUN_WITH_UMASK(0022)
- r = write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE);
- if (r < 0)
- return log_warning_errno(r, "Failed to write /run/systemd/container, ignoring: %m");
-
- return 1;
-}
-
-static int bump_unix_max_dgram_qlen(void) {
- _cleanup_free_ char *qlen = NULL;
- unsigned long v;
- int r;
-
- /* Let's bump the net.unix.max_dgram_qlen sysctl. The kernel
- * default of 16 is simply too low. We set the value really
- * really early during boot, so that it is actually applied to
- * all our sockets, including the $NOTIFY_SOCKET one. */
-
- r = read_one_line_file("/proc/sys/net/unix/max_dgram_qlen", &qlen);
- if (r < 0)
- return log_warning_errno(r, "Failed to read AF_UNIX datagram queue length, ignoring: %m");
-
- r = safe_atolu(qlen, &v);
- if (r < 0)
- return log_warning_errno(r, "Failed to parse AF_UNIX datagram queue length, ignoring: %m");
-
- if (v >= DEFAULT_UNIX_MAX_DGRAM_QLEN)
- return 0;
-
- qlen = mfree(qlen);
- if (asprintf(&qlen, "%lu\n", DEFAULT_UNIX_MAX_DGRAM_QLEN) < 0)
- return log_oom();
-
- r = write_string_file("/proc/sys/net/unix/max_dgram_qlen", qlen, 0);
- if (r < 0)
- return log_full_errno(IN_SET(r, -EROFS, -EPERM, -EACCES) ? LOG_DEBUG : LOG_WARNING, r,
- "Failed to bump AF_UNIX datagram queue length, ignoring: %m");
-
- return 1;
-}
-
-static int fixup_environment(void) {
- _cleanup_free_ char *term = NULL;
- int r;
-
- /* We expect the environment to be set correctly
- * if run inside a container. */
- if (detect_container() > 0)
- return 0;
-
- /* When started as PID1, the kernel uses /dev/console
- * for our stdios and uses TERM=linux whatever the
- * backend device used by the console. We try to make
- * a better guess here since some consoles might not
- * have support for color mode for example.
- *
- * However if TERM was configured through the kernel
- * command line then leave it alone. */
-
- r = get_proc_cmdline_key("TERM=", &term);
- if (r < 0)
- return r;
-
- if (r == 0) {
- term = strdup(default_term_for_tty("/dev/console"));
- if (!term)
- return -ENOMEM;
- }
-
- if (setenv("TERM", term, 1) < 0)
- return -errno;
-
- return 0;
-}
-
-int main(int argc, char *argv[]) {
- Manager *m = NULL;
- int r, retval = EXIT_FAILURE;
- usec_t before_startup, after_startup;
- char timespan[FORMAT_TIMESPAN_MAX];
- FDSet *fds = NULL;
- bool reexecute = false;
- const char *shutdown_verb = NULL;
- dual_timestamp initrd_timestamp = DUAL_TIMESTAMP_NULL;
- dual_timestamp userspace_timestamp = DUAL_TIMESTAMP_NULL;
- dual_timestamp kernel_timestamp = DUAL_TIMESTAMP_NULL;
- dual_timestamp security_start_timestamp = DUAL_TIMESTAMP_NULL;
- dual_timestamp security_finish_timestamp = DUAL_TIMESTAMP_NULL;
- static char systemd[] = "systemd";
- bool skip_setup = false;
- unsigned j;
- bool loaded_policy = false;
- bool arm_reboot_watchdog = false;
- bool queue_default_job = false;
- bool empty_etc = false;
- char *switch_root_dir = NULL, *switch_root_init = NULL;
- struct rlimit saved_rlimit_nofile = RLIMIT_MAKE_CONST(0);
- const char *error_message = NULL;
-
-#ifdef HAVE_SYSV_COMPAT
- if (getpid() != 1 && strstr(program_invocation_short_name, "init")) {
- /* This is compatibility support for SysV, where
- * calling init as a user is identical to telinit. */
-
- execv(SYSTEMCTL_BINARY_PATH, argv);
- log_error_errno(errno, "Failed to exec " SYSTEMCTL_BINARY_PATH ": %m");
- return 1;
- }
-#endif
-
- dual_timestamp_from_monotonic(&kernel_timestamp, 0);
- dual_timestamp_get(&userspace_timestamp);
-
- /* Determine if this is a reexecution or normal bootup. We do
- * the full command line parsing much later, so let's just
- * have a quick peek here. */
- if (strv_find(argv+1, "--deserialize"))
- skip_setup = true;
-
- /* If we have switched root, do all the special setup
- * things */
- if (strv_find(argv+1, "--switched-root"))
- skip_setup = false;
-
- /* If we get started via the /sbin/init symlink then we are
- called 'init'. After a subsequent reexecution we are then
- called 'systemd'. That is confusing, hence let's call us
- systemd right-away. */
- program_invocation_short_name = systemd;
- prctl(PR_SET_NAME, systemd);
-
- saved_argv = argv;
- saved_argc = argc;
-
- log_set_upgrade_syslog_to_journal(true);
-
- /* Disable the umask logic */
- if (getpid() == 1)
- umask(0);
-
- if (getpid() == 1 && detect_container() <= 0) {
-
- /* Running outside of a container as PID 1 */
- arg_system = true;
- log_set_target(LOG_TARGET_KMSG);
- log_open();
-
- if (in_initrd())
- initrd_timestamp = userspace_timestamp;
-
- if (!skip_setup) {
- r = mount_setup_early();
- if (r < 0) {
- error_message = "Failed to early mount API filesystems";
- goto finish;
- }
- dual_timestamp_get(&security_start_timestamp);
- if (mac_selinux_setup(&loaded_policy) < 0) {
- error_message = "Failed to load SELinux policy";
- goto finish;
- } else if (mac_smack_setup(&loaded_policy) < 0) {
- error_message = "Failed to load SMACK policy";
- goto finish;
- } else if (ima_setup() < 0) {
- error_message = "Failed to load IMA policy";
- goto finish;
- }
- dual_timestamp_get(&security_finish_timestamp);
- }
-
- if (mac_selinux_init() < 0) {
- error_message = "Failed to initialize SELinux policy";
- goto finish;
- }
-
- if (!skip_setup) {
- if (clock_is_localtime(NULL) > 0) {
- int min;
-
- /*
- * The very first call of settimeofday() also does a time warp in the kernel.
- *
- * In the rtc-in-local time mode, we set the kernel's timezone, and rely on
- * external tools to take care of maintaining the RTC and do all adjustments.
- * This matches the behavior of Windows, which leaves the RTC alone if the
- * registry tells that the RTC runs in UTC.
- */
- r = clock_set_timezone(&min);
- if (r < 0)
- log_error_errno(r, "Failed to apply local time delta, ignoring: %m");
- else
- log_info("RTC configured in localtime, applying delta of %i minutes to system time.", min);
- } else if (!in_initrd()) {
- /*
- * Do a dummy very first call to seal the kernel's time warp magic.
- *
- * Do not call this from inside the initrd. The initrd might not
- * carry /etc/adjtime with LOCAL, but the real system could be set up
- * that way. In such case, we need to delay the time-warp or the sealing
- * until we reach the real system.
- *
- * Do no set the kernel's timezone. The concept of local time cannot
- * be supported reliably, the time will jump or be incorrect at every daylight
- * saving time change. All kernel local time concepts will be treated
- * as UTC that way.
- */
- (void) clock_reset_timewarp();
- }
-
- r = clock_apply_epoch();
- if (r < 0)
- log_error_errno(r, "Current system time is before build time, but cannot correct: %m");
- else if (r > 0)
- log_info("System time before build time, advancing clock.");
- }
-
- /* Set the default for later on, but don't actually
- * open the logs like this for now. Note that if we
- * are transitioning from the initrd there might still
- * be journal fd open, and we shouldn't attempt
- * opening that before we parsed /proc/cmdline which
- * might redirect output elsewhere. */
- log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
-
- } else if (getpid() == 1) {
- /* Running inside a container, as PID 1 */
- arg_system = true;
- log_set_target(LOG_TARGET_CONSOLE);
- log_close_console(); /* force reopen of /dev/console */
- log_open();
-
- /* For the later on, see above... */
- log_set_target(LOG_TARGET_JOURNAL);
-
- /* clear the kernel timestamp,
- * because we are in a container */
- kernel_timestamp = DUAL_TIMESTAMP_NULL;
- } else {
- /* Running as user instance */
- arg_system = false;
- log_set_target(LOG_TARGET_AUTO);
- log_open();
-
- /* clear the kernel timestamp,
- * because we are not PID 1 */
- kernel_timestamp = DUAL_TIMESTAMP_NULL;
- }
-
- if (getpid() == 1) {
- /* Don't limit the core dump size, so that coredump handlers such as systemd-coredump (which honour the limit)
- * will process core dumps for system services by default. */
- if (setrlimit(RLIMIT_CORE, &RLIMIT_MAKE_CONST(RLIM_INFINITY)) < 0)
- log_warning_errno(errno, "Failed to set RLIMIT_CORE: %m");
-
- /* But at the same time, turn off the core_pattern logic by default, so that no coredumps are stored
- * until the systemd-coredump tool is enabled via sysctl. */
- if (!skip_setup)
- (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0);
- }
-
- if (arg_system) {
- if (fixup_environment() < 0) {
- error_message = "Failed to fix up PID1 environment";
- goto finish;
- }
-
- /* Try to figure out if we can use colors with the console. No
- * need to do that for user instances since they never log
- * into the console. */
- log_show_color(colors_enabled());
- r = make_null_stdio();
- if (r < 0)
- log_warning_errno(r, "Failed to redirect standard streams to /dev/null: %m");
- }
-
- r = initialize_join_controllers();
- if (r < 0) {
- error_message = "Failed to initialize cgroup controllers";
- goto finish;
- }
-
- /* Mount /proc, /sys and friends, so that /proc/cmdline and
- * /proc/$PID/fd is available. */
- if (getpid() == 1) {
-
- /* Load the kernel modules early, so that we kdbus.ko is loaded before kdbusfs shall be mounted */
- if (!skip_setup)
- kmod_setup();
-
- r = mount_setup(loaded_policy);
- if (r < 0) {
- error_message = "Failed to mount API filesystems";
- goto finish;
- }
- }
-
- /* Reset all signal handlers. */
- (void) reset_all_signal_handlers();
- (void) ignore_signals(SIGNALS_IGNORE, -1);
-
- arg_default_tasks_max = system_tasks_max_scale(DEFAULT_TASKS_MAX_PERCENTAGE, 100U);
-
- if (parse_config_file() < 0) {
- error_message = "Failed to parse config file";
- goto finish;
- }
-
- if (arg_system) {
- r = parse_proc_cmdline(parse_proc_cmdline_item, NULL, false);
- if (r < 0)
- log_warning_errno(r, "Failed to parse kernel command line, ignoring: %m");
- }
-
- /* Note that this also parses bits from the kernel command
- * line, including "debug". */
- log_parse_environment();
-
- if (parse_argv(argc, argv) < 0) {
- error_message = "Failed to parse commandline arguments";
- goto finish;
- }
-
- /* Initialize default unit */
- if (!arg_default_unit) {
- arg_default_unit = strdup(SPECIAL_DEFAULT_TARGET);
- if (!arg_default_unit) {
- r = log_oom();
- error_message = "Failed to set default unit";
- goto finish;
- }
- }
-
- if (arg_action == ACTION_TEST &&
- geteuid() == 0) {
- log_error("Don't run test mode as root.");
- goto finish;
- }
-
- if (!arg_system &&
- arg_action == ACTION_RUN &&
- sd_booted() <= 0) {
- log_error("Trying to run as user instance, but the system has not been booted with systemd.");
- goto finish;
- }
-
- if (arg_system &&
- arg_action == ACTION_RUN &&
- running_in_chroot() > 0) {
- log_error("Cannot be run in a chroot() environment.");
- goto finish;
- }
-
- if (arg_action == ACTION_TEST || arg_action == ACTION_HELP) {
- pager_open(arg_no_pager, false);
- skip_setup = true;
- }
-
- if (arg_action == ACTION_HELP) {
- retval = help();
- goto finish;
- } else if (arg_action == ACTION_VERSION) {
- retval = version();
- goto finish;
- } else if (arg_action == ACTION_DUMP_CONFIGURATION_ITEMS) {
- pager_open(arg_no_pager, false);
- unit_dump_config_items(stdout);
- retval = EXIT_SUCCESS;
- goto finish;
- }
-
- if (!arg_system &&
- !getenv("XDG_RUNTIME_DIR")) {
- log_error("Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.");
- goto finish;
- }
-
- assert_se(arg_action == ACTION_RUN || arg_action == ACTION_TEST);
-
- /* Close logging fds, in order not to confuse fdset below */
- log_close();
-
- /* Remember open file descriptors for later deserialization */
- r = fdset_new_fill(&fds);
- if (r < 0) {
- log_emergency_errno(r, "Failed to allocate fd set: %m");
- error_message = "Failed to allocate fd set";
- goto finish;
- } else
- fdset_cloexec(fds, true);
-
- if (arg_serialization)
- assert_se(fdset_remove(fds, fileno(arg_serialization)) >= 0);
-
- if (arg_system)
- /* Become a session leader if we aren't one yet. */
- setsid();
-
- /* Move out of the way, so that we won't block unmounts */
- assert_se(chdir("/") == 0);
-
- /* Reset the console, but only if this is really init and we
- * are freshly booted */
- if (arg_system && arg_action == ACTION_RUN) {
-
- /* If we are init, we connect stdin/stdout/stderr to
- * /dev/null and make sure we don't have a controlling
- * tty. */
- release_terminal();
-
- if (getpid() == 1 && !skip_setup)
- console_setup();
- }
-
- /* Open the logging devices, if possible and necessary */
- log_open();
-
- if (arg_show_status == _SHOW_STATUS_UNSET)
- arg_show_status = SHOW_STATUS_YES;
-
- /* Make sure we leave a core dump without panicing the
- * kernel. */
- if (getpid() == 1) {
- install_crash_handler();
-
- r = mount_cgroup_controllers(arg_join_controllers);
- if (r < 0)
- goto finish;
- }
-
- if (arg_system) {
- int v;
-
- log_info(PACKAGE_STRING " running in %ssystem mode. (" SYSTEMD_FEATURES ")",
- arg_action == ACTION_TEST ? "test " : "" );
-
- v = detect_virtualization();
- if (v > 0)
- log_info("Detected virtualization %s.", virtualization_to_string(v));
-
- write_container_id();
-
- log_info("Detected architecture %s.", architecture_to_string(uname_architecture()));
-
- if (in_initrd())
- log_info("Running in initial RAM disk.");
-
- /* Let's check whether /etc is already populated. We
- * don't actually really check for that, but use
- * /etc/machine-id as flag file. This allows container
- * managers and installers to provision a couple of
- * files already. If the container manager wants to
- * provision the machine ID itself it should pass
- * $container_uuid to PID 1. */
-
- empty_etc = access("/etc/machine-id", F_OK) < 0;
- if (empty_etc)
- log_info("Running with unpopulated /etc.");
- } else {
- _cleanup_free_ char *t;
-
- t = uid_to_name(getuid());
- log_debug(PACKAGE_STRING " running in %suser mode for user "UID_FMT"/%s. (" SYSTEMD_FEATURES ")",
- arg_action == ACTION_TEST ? " test" : "", getuid(), t);
- }
-
- if (arg_system && !skip_setup) {
- if (arg_show_status > 0)
- status_welcome();
-
- hostname_setup();
- machine_id_setup(NULL, arg_machine_id, NULL);
- loopback_setup();
- bump_unix_max_dgram_qlen();
-
- test_usr();
- }
-
- if (arg_system && arg_runtime_watchdog > 0 && arg_runtime_watchdog != USEC_INFINITY)
- watchdog_set_timeout(&arg_runtime_watchdog);
-
- if (arg_timer_slack_nsec != NSEC_INFINITY)
- if (prctl(PR_SET_TIMERSLACK, arg_timer_slack_nsec) < 0)
- log_error_errno(errno, "Failed to adjust timer slack: %m");
-
- if (!cap_test_all(arg_capability_bounding_set)) {
- r = capability_bounding_set_drop_usermode(arg_capability_bounding_set);
- if (r < 0) {
- log_emergency_errno(r, "Failed to drop capability bounding set of usermode helpers: %m");
- error_message = "Failed to drop capability bounding set of usermode helpers";
- goto finish;
- }
- r = capability_bounding_set_drop(arg_capability_bounding_set, true);
- if (r < 0) {
- log_emergency_errno(r, "Failed to drop capability bounding set: %m");
- error_message = "Failed to drop capability bounding set";
- goto finish;
- }
- }
-
- if (arg_syscall_archs) {
- r = enforce_syscall_archs(arg_syscall_archs);
- if (r < 0) {
- error_message = "Failed to set syscall architectures";
- goto finish;
- }
- }
-
- if (!arg_system)
- /* Become reaper of our children */
- if (prctl(PR_SET_CHILD_SUBREAPER, 1) < 0)
- log_warning_errno(errno, "Failed to make us a subreaper: %m");
-
- if (arg_system) {
- (void) bump_rlimit_nofile(&saved_rlimit_nofile);
-
- if (empty_etc) {
- r = unit_file_preset_all(UNIT_FILE_SYSTEM, 0, NULL, UNIT_FILE_PRESET_ENABLE_ONLY, NULL, 0);
- if (r < 0)
- log_full_errno(r == -EEXIST ? LOG_NOTICE : LOG_WARNING, r, "Failed to populate /etc with preset unit settings, ignoring: %m");
- else
- log_info("Populated /etc with preset unit settings.");
- }
- }
-
- r = manager_new(arg_system ? UNIT_FILE_SYSTEM : UNIT_FILE_USER, arg_action == ACTION_TEST, &m);
- if (r < 0) {
- log_emergency_errno(r, "Failed to allocate manager object: %m");
- error_message = "Failed to allocate manager object";
- goto finish;
- }
-
- m->confirm_spawn = arg_confirm_spawn;
- m->runtime_watchdog = arg_runtime_watchdog;
- m->shutdown_watchdog = arg_shutdown_watchdog;
- m->userspace_timestamp = userspace_timestamp;
- m->kernel_timestamp = kernel_timestamp;
- m->initrd_timestamp = initrd_timestamp;
- m->security_start_timestamp = security_start_timestamp;
- m->security_finish_timestamp = security_finish_timestamp;
- m->cad_burst_action = arg_cad_burst_action;
-
- manager_set_defaults(m);
- manager_set_show_status(m, arg_show_status);
- manager_set_first_boot(m, empty_etc);
-
- /* Remember whether we should queue the default job */
- queue_default_job = !arg_serialization || arg_switched_root;
-
- before_startup = now(CLOCK_MONOTONIC);
-
- r = manager_startup(m, arg_serialization, fds);
- if (r < 0)
- log_error_errno(r, "Failed to fully start up daemon: %m");
-
- /* This will close all file descriptors that were opened, but
- * not claimed by any unit. */
- fds = fdset_free(fds);
-
- arg_serialization = safe_fclose(arg_serialization);
-
- if (queue_default_job) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- Unit *target = NULL;
- Job *default_unit_job;
-
- log_debug("Activating default unit: %s", arg_default_unit);
-
- r = manager_load_unit(m, arg_default_unit, NULL, &error, &target);
- if (r < 0)
- log_error("Failed to load default target: %s", bus_error_message(&error, r));
- else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND)
- log_error_errno(target->load_error, "Failed to load default target: %m");
- else if (target->load_state == UNIT_MASKED)
- log_error("Default target masked.");
-
- if (!target || target->load_state != UNIT_LOADED) {
- log_info("Trying to load rescue target...");
-
- r = manager_load_unit(m, SPECIAL_RESCUE_TARGET, NULL, &error, &target);
- if (r < 0) {
- log_emergency("Failed to load rescue target: %s", bus_error_message(&error, r));
- error_message = "Failed to load rescue target";
- goto finish;
- } else if (target->load_state == UNIT_ERROR || target->load_state == UNIT_NOT_FOUND) {
- log_emergency_errno(target->load_error, "Failed to load rescue target: %m");
- error_message = "Failed to load rescue target";
- goto finish;
- } else if (target->load_state == UNIT_MASKED) {
- log_emergency("Rescue target masked.");
- error_message = "Rescue target masked";
- goto finish;
- }
- }
-
- assert(target->load_state == UNIT_LOADED);
-
- if (arg_action == ACTION_TEST) {
- printf("-> By units:\n");
- manager_dump_units(m, stdout, "\t");
- }
-
- r = manager_add_job(m, JOB_START, target, JOB_ISOLATE, &error, &default_unit_job);
- if (r == -EPERM) {
- log_debug("Default target could not be isolated, starting instead: %s", bus_error_message(&error, r));
-
- sd_bus_error_free(&error);
-
- r = manager_add_job(m, JOB_START, target, JOB_REPLACE, &error, &default_unit_job);
- if (r < 0) {
- log_emergency("Failed to start default target: %s", bus_error_message(&error, r));
- error_message = "Failed to start default target";
- goto finish;
- }
- } else if (r < 0) {
- log_emergency("Failed to isolate default target: %s", bus_error_message(&error, r));
- error_message = "Failed to isolate default target";
- goto finish;
- }
-
- m->default_unit_job_id = default_unit_job->id;
-
- after_startup = now(CLOCK_MONOTONIC);
- log_full(arg_action == ACTION_TEST ? LOG_INFO : LOG_DEBUG,
- "Loaded units and determined initial transaction in %s.",
- format_timespan(timespan, sizeof(timespan), after_startup - before_startup, 100 * USEC_PER_MSEC));
-
- if (arg_action == ACTION_TEST) {
- printf("-> By jobs:\n");
- manager_dump_jobs(m, stdout, "\t");
- retval = EXIT_SUCCESS;
- goto finish;
- }
- }
-
- for (;;) {
- r = manager_loop(m);
- if (r < 0) {
- log_emergency_errno(r, "Failed to run main loop: %m");
- error_message = "Failed to run main loop";
- goto finish;
- }
-
- switch (m->exit_code) {
-
- case MANAGER_RELOAD:
- log_info("Reloading.");
-
- r = parse_config_file();
- if (r < 0)
- log_error("Failed to parse config file.");
-
- manager_set_defaults(m);
-
- r = manager_reload(m);
- if (r < 0)
- log_error_errno(r, "Failed to reload: %m");
- break;
-
- case MANAGER_REEXECUTE:
-
- if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
- error_message = "Failed to prepare for reexecution";
- goto finish;
- }
-
- reexecute = true;
- log_notice("Reexecuting.");
- goto finish;
-
- case MANAGER_SWITCH_ROOT:
- /* Steal the switch root parameters */
- switch_root_dir = m->switch_root;
- switch_root_init = m->switch_root_init;
- m->switch_root = m->switch_root_init = NULL;
-
- if (!switch_root_init)
- if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
- error_message = "Failed to prepare for reexecution";
- goto finish;
- }
-
- reexecute = true;
- log_notice("Switching root.");
- goto finish;
-
- case MANAGER_EXIT:
- retval = m->return_value;
-
- if (MANAGER_IS_USER(m)) {
- log_debug("Exit.");
- goto finish;
- }
-
- /* fallthrough */
- case MANAGER_REBOOT:
- case MANAGER_POWEROFF:
- case MANAGER_HALT:
- case MANAGER_KEXEC: {
- static const char * const table[_MANAGER_EXIT_CODE_MAX] = {
- [MANAGER_EXIT] = "exit",
- [MANAGER_REBOOT] = "reboot",
- [MANAGER_POWEROFF] = "poweroff",
- [MANAGER_HALT] = "halt",
- [MANAGER_KEXEC] = "kexec"
- };
-
- assert_se(shutdown_verb = table[m->exit_code]);
- arm_reboot_watchdog = m->exit_code == MANAGER_REBOOT;
-
- log_notice("Shutting down.");
- goto finish;
- }
-
- default:
- assert_not_reached("Unknown exit code.");
- }
- }
-
-finish:
- pager_close();
-
- if (m)
- arg_shutdown_watchdog = m->shutdown_watchdog;
-
- m = manager_free(m);
-
- for (j = 0; j < ELEMENTSOF(arg_default_rlimit); j++)
- arg_default_rlimit[j] = mfree(arg_default_rlimit[j]);
-
- arg_default_unit = mfree(arg_default_unit);
- arg_join_controllers = strv_free_free(arg_join_controllers);
- arg_default_environment = strv_free(arg_default_environment);
- arg_syscall_archs = set_free(arg_syscall_archs);
-
- mac_selinux_finish();
-
- if (reexecute) {
- const char **args;
- unsigned i, args_size;
-
- /* Close and disarm the watchdog, so that the new
- * instance can reinitialize it, but doesn't get
- * rebooted while we do that */
- watchdog_close(true);
-
- /* Reset the RLIMIT_NOFILE to the kernel default, so
- * that the new systemd can pass the kernel default to
- * its child processes */
- if (saved_rlimit_nofile.rlim_cur > 0)
- (void) setrlimit(RLIMIT_NOFILE, &saved_rlimit_nofile);
-
- if (switch_root_dir) {
- /* Kill all remaining processes from the
- * initrd, but don't wait for them, so that we
- * can handle the SIGCHLD for them after
- * deserializing. */
- broadcast_signal(SIGTERM, false, true);
-
- /* And switch root with MS_MOVE, because we remove the old directory afterwards and detach it. */
- r = switch_root(switch_root_dir, "/mnt", true, MS_MOVE);
- if (r < 0)
- log_error_errno(r, "Failed to switch root, trying to continue: %m");
- }
-
- args_size = MAX(6, argc+1);
- args = newa(const char*, args_size);
-
- if (!switch_root_init) {
- char sfd[DECIMAL_STR_MAX(int) + 1];
-
- /* First try to spawn ourselves with the right
- * path, and with full serialization. We do
- * this only if the user didn't specify an
- * explicit init to spawn. */
-
- assert(arg_serialization);
- assert(fds);
-
- xsprintf(sfd, "%i", fileno(arg_serialization));
-
- i = 0;
- args[i++] = SYSTEMD_BINARY_PATH;
- if (switch_root_dir)
- args[i++] = "--switched-root";
- args[i++] = arg_system ? "--system" : "--user";
- args[i++] = "--deserialize";
- args[i++] = sfd;
- args[i++] = NULL;
-
- assert(i <= args_size);
-
- /*
- * We want valgrind to print its memory usage summary before reexecution.
- * Valgrind won't do this is on its own on exec(), but it will do it on exit().
- * Hence, to ensure we get a summary here, fork() off a child, let it exit() cleanly,
- * so that it prints the summary, and wait() for it in the parent, before proceeding into the exec().
- */
- valgrind_summary_hack();
-
- (void) execv(args[0], (char* const*) args);
- }
-
- /* Try the fallback, if there is any, without any
- * serialization. We pass the original argv[] and
- * envp[]. (Well, modulo the ordering changes due to
- * getopt() in argv[], and some cleanups in envp[],
- * but let's hope that doesn't matter.) */
-
- arg_serialization = safe_fclose(arg_serialization);
- fds = fdset_free(fds);
-
- /* Reopen the console */
- (void) make_console_stdio();
-
- for (j = 1, i = 1; j < (unsigned) argc; j++)
- args[i++] = argv[j];
- args[i++] = NULL;
- assert(i <= args_size);
-
- /* Reenable any blocked signals, especially important
- * if we switch from initial ramdisk to init=... */
- (void) reset_all_signal_handlers();
- (void) reset_signal_mask();
-
- if (switch_root_init) {
- args[0] = switch_root_init;
- (void) execv(args[0], (char* const*) args);
- log_warning_errno(errno, "Failed to execute configured init, trying fallback: %m");
- }
-
- args[0] = "/sbin/init";
- (void) execv(args[0], (char* const*) args);
-
- if (errno == ENOENT) {
- log_warning("No /sbin/init, trying fallback");
-
- args[0] = "/bin/sh";
- args[1] = NULL;
- (void) execv(args[0], (char* const*) args);
- log_error_errno(errno, "Failed to execute /bin/sh, giving up: %m");
- } else
- log_warning_errno(errno, "Failed to execute /sbin/init, giving up: %m");
- }
-
- arg_serialization = safe_fclose(arg_serialization);
- fds = fdset_free(fds);
-
-#ifdef HAVE_VALGRIND_VALGRIND_H
- /* If we are PID 1 and running under valgrind, then let's exit
- * here explicitly. valgrind will only generate nice output on
- * exit(), not on exec(), hence let's do the former not the
- * latter here. */
- if (getpid() == 1 && RUNNING_ON_VALGRIND)
- return 0;
-#endif
-
- if (shutdown_verb) {
- char log_level[DECIMAL_STR_MAX(int) + 1];
- char exit_code[DECIMAL_STR_MAX(uint8_t) + 1];
- const char* command_line[11] = {
- SYSTEMD_SHUTDOWN_BINARY_PATH,
- shutdown_verb,
- "--log-level", log_level,
- "--log-target",
- };
- unsigned pos = 5;
- _cleanup_strv_free_ char **env_block = NULL;
-
- assert(command_line[pos] == NULL);
- env_block = strv_copy(environ);
-
- xsprintf(log_level, "%d", log_get_max_level());
-
- switch (log_get_target()) {
-
- case LOG_TARGET_KMSG:
- case LOG_TARGET_JOURNAL_OR_KMSG:
- case LOG_TARGET_SYSLOG_OR_KMSG:
- command_line[pos++] = "kmsg";
- break;
-
- case LOG_TARGET_NULL:
- command_line[pos++] = "null";
- break;
-
- case LOG_TARGET_CONSOLE:
- default:
- command_line[pos++] = "console";
- break;
- };
-
- if (log_get_show_color())
- command_line[pos++] = "--log-color";
-
- if (log_get_show_location())
- command_line[pos++] = "--log-location";
-
- if (streq(shutdown_verb, "exit")) {
- command_line[pos++] = "--exit-code";
- command_line[pos++] = exit_code;
- xsprintf(exit_code, "%d", retval);
- }
-
- assert(pos < ELEMENTSOF(command_line));
-
- if (arm_reboot_watchdog && arg_shutdown_watchdog > 0 && arg_shutdown_watchdog != USEC_INFINITY) {
- char *e;
-
- /* If we reboot let's set the shutdown
- * watchdog and tell the shutdown binary to
- * repeatedly ping it */
- r = watchdog_set_timeout(&arg_shutdown_watchdog);
- watchdog_close(r < 0);
-
- /* Tell the binary how often to ping, ignore failure */
- if (asprintf(&e, "WATCHDOG_USEC="USEC_FMT, arg_shutdown_watchdog) > 0)
- (void) strv_push(&env_block, e);
- } else
- watchdog_close(true);
-
- /* Avoid the creation of new processes forked by the
- * kernel; at this point, we will not listen to the
- * signals anyway */
- if (detect_container() <= 0)
- (void) cg_uninstall_release_agent(SYSTEMD_CGROUP_CONTROLLER);
-
- execve(SYSTEMD_SHUTDOWN_BINARY_PATH, (char **) command_line, env_block);
- log_error_errno(errno, "Failed to execute shutdown binary, %s: %m",
- getpid() == 1 ? "freezing" : "quitting");
- }
-
- if (getpid() == 1) {
- if (error_message)
- manager_status_printf(NULL, STATUS_TYPE_EMERGENCY,
- ANSI_HIGHLIGHT_RED "!!!!!!" ANSI_NORMAL,
- "%s, freezing.", error_message);
- freeze_or_reboot();
- }
-
- return retval;
-}
diff --git a/src/core/manager.c b/src/core/manager.c
deleted file mode 100644
index ffccfdcd5e..0000000000
--- a/src/core/manager.c
+++ /dev/null
@@ -1,3575 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <dirent.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <linux/kd.h>
-#include <signal.h>
-#include <string.h>
-#include <sys/epoll.h>
-#include <sys/inotify.h>
-#include <sys/ioctl.h>
-#include <sys/reboot.h>
-#include <sys/timerfd.h>
-#include <sys/wait.h>
-#include <unistd.h>
-
-#ifdef HAVE_AUDIT
-#include <libaudit.h>
-#endif
-
-#include "sd-daemon.h"
-#include "sd-messages.h"
-
-#include "alloc-util.h"
-#include "audit-fd.h"
-#include "boot-timestamps.h"
-#include "bus-common-errors.h"
-#include "bus-error.h"
-#include "bus-kernel.h"
-#include "bus-util.h"
-#include "clean-ipc.h"
-#include "dbus-job.h"
-#include "dbus-manager.h"
-#include "dbus-unit.h"
-#include "dbus.h"
-#include "dirent-util.h"
-#include "env-util.h"
-#include "escape.h"
-#include "exit-status.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "fs-util.h"
-#include "hashmap.h"
-#include "io-util.h"
-#include "locale-setup.h"
-#include "log.h"
-#include "macro.h"
-#include "manager.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "parse-util.h"
-#include "path-lookup.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "ratelimit.h"
-#include "rm-rf.h"
-#include "signal-util.h"
-#include "special.h"
-#include "stat-util.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "terminal-util.h"
-#include "time-util.h"
-#include "transaction.h"
-#include "umask-util.h"
-#include "unit-name.h"
-#include "user-util.h"
-#include "util.h"
-#include "virt.h"
-#include "watchdog.h"
-
-#define NOTIFY_RCVBUF_SIZE (8*1024*1024)
-#define CGROUPS_AGENT_RCVBUF_SIZE (8*1024*1024)
-
-/* Initial delay and the interval for printing status messages about running jobs */
-#define JOBS_IN_PROGRESS_WAIT_USEC (5*USEC_PER_SEC)
-#define JOBS_IN_PROGRESS_PERIOD_USEC (USEC_PER_SEC / 3)
-#define JOBS_IN_PROGRESS_PERIOD_DIVISOR 3
-
-static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata);
-static int manager_dispatch_run_queue(sd_event_source *source, void *userdata);
-static int manager_run_generators(Manager *m);
-
-static void manager_watch_jobs_in_progress(Manager *m) {
- usec_t next;
- int r;
-
- assert(m);
-
- if (m->jobs_in_progress_event_source)
- return;
-
- next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC;
- r = sd_event_add_time(
- m->event,
- &m->jobs_in_progress_event_source,
- CLOCK_MONOTONIC,
- next, 0,
- manager_dispatch_jobs_in_progress, m);
- if (r < 0)
- return;
-
- (void) sd_event_source_set_description(m->jobs_in_progress_event_source, "manager-jobs-in-progress");
-}
-
-#define CYLON_BUFFER_EXTRA (2*(sizeof(ANSI_RED)-1) + sizeof(ANSI_HIGHLIGHT_RED)-1 + 2*(sizeof(ANSI_NORMAL)-1))
-
-static void draw_cylon(char buffer[], size_t buflen, unsigned width, unsigned pos) {
- char *p = buffer;
-
- assert(buflen >= CYLON_BUFFER_EXTRA + width + 1);
- assert(pos <= width+1); /* 0 or width+1 mean that the center light is behind the corner */
-
- if (pos > 1) {
- if (pos > 2)
- p = mempset(p, ' ', pos-2);
- if (log_get_show_color())
- p = stpcpy(p, ANSI_RED);
- *p++ = '*';
- }
-
- if (pos > 0 && pos <= width) {
- if (log_get_show_color())
- p = stpcpy(p, ANSI_HIGHLIGHT_RED);
- *p++ = '*';
- }
-
- if (log_get_show_color())
- p = stpcpy(p, ANSI_NORMAL);
-
- if (pos < width) {
- if (log_get_show_color())
- p = stpcpy(p, ANSI_RED);
- *p++ = '*';
- if (pos < width-1)
- p = mempset(p, ' ', width-1-pos);
- if (log_get_show_color())
- strcpy(p, ANSI_NORMAL);
- }
-}
-
-void manager_flip_auto_status(Manager *m, bool enable) {
- assert(m);
-
- if (enable) {
- if (m->show_status == SHOW_STATUS_AUTO)
- manager_set_show_status(m, SHOW_STATUS_TEMPORARY);
- } else {
- if (m->show_status == SHOW_STATUS_TEMPORARY)
- manager_set_show_status(m, SHOW_STATUS_AUTO);
- }
-}
-
-static void manager_print_jobs_in_progress(Manager *m) {
- _cleanup_free_ char *job_of_n = NULL;
- Iterator i;
- Job *j;
- unsigned counter = 0, print_nr;
- char cylon[6 + CYLON_BUFFER_EXTRA + 1];
- unsigned cylon_pos;
- char time[FORMAT_TIMESPAN_MAX], limit[FORMAT_TIMESPAN_MAX] = "no limit";
- uint64_t x;
-
- assert(m);
- assert(m->n_running_jobs > 0);
-
- manager_flip_auto_status(m, true);
-
- print_nr = (m->jobs_in_progress_iteration / JOBS_IN_PROGRESS_PERIOD_DIVISOR) % m->n_running_jobs;
-
- HASHMAP_FOREACH(j, m->jobs, i)
- if (j->state == JOB_RUNNING && counter++ == print_nr)
- break;
-
- /* m->n_running_jobs must be consistent with the contents of m->jobs,
- * so the above loop must have succeeded in finding j. */
- assert(counter == print_nr + 1);
- assert(j);
-
- cylon_pos = m->jobs_in_progress_iteration % 14;
- if (cylon_pos >= 8)
- cylon_pos = 14 - cylon_pos;
- draw_cylon(cylon, sizeof(cylon), 6, cylon_pos);
-
- m->jobs_in_progress_iteration++;
-
- if (m->n_running_jobs > 1) {
- if (asprintf(&job_of_n, "(%u of %u) ", counter, m->n_running_jobs) < 0)
- job_of_n = NULL;
- }
-
- format_timespan(time, sizeof(time), now(CLOCK_MONOTONIC) - j->begin_usec, 1*USEC_PER_SEC);
- if (job_get_timeout(j, &x) > 0)
- format_timespan(limit, sizeof(limit), x - j->begin_usec, 1*USEC_PER_SEC);
-
- manager_status_printf(m, STATUS_TYPE_EPHEMERAL, cylon,
- "%sA %s job is running for %s (%s / %s)",
- strempty(job_of_n),
- job_type_to_string(j->type),
- unit_description(j->unit),
- time, limit);
-}
-
-static int have_ask_password(void) {
- _cleanup_closedir_ DIR *dir;
-
- dir = opendir("/run/systemd/ask-password");
- if (!dir) {
- if (errno == ENOENT)
- return false;
- else
- return -errno;
- }
-
- for (;;) {
- struct dirent *de;
-
- errno = 0;
- de = readdir(dir);
- if (!de && errno > 0)
- return -errno;
- if (!de)
- return false;
-
- if (startswith(de->d_name, "ask."))
- return true;
- }
-}
-
-static int manager_dispatch_ask_password_fd(sd_event_source *source,
- int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
-
- assert(m);
-
- flush_fd(fd);
-
- m->have_ask_password = have_ask_password();
- if (m->have_ask_password < 0)
- /* Log error but continue. Negative have_ask_password
- * is treated as unknown status. */
- log_error_errno(m->have_ask_password, "Failed to list /run/systemd/ask-password: %m");
-
- return 0;
-}
-
-static void manager_close_ask_password(Manager *m) {
- assert(m);
-
- m->ask_password_event_source = sd_event_source_unref(m->ask_password_event_source);
- m->ask_password_inotify_fd = safe_close(m->ask_password_inotify_fd);
- m->have_ask_password = -EINVAL;
-}
-
-static int manager_check_ask_password(Manager *m) {
- int r;
-
- assert(m);
-
- if (!m->ask_password_event_source) {
- assert(m->ask_password_inotify_fd < 0);
-
- mkdir_p_label("/run/systemd/ask-password", 0755);
-
- m->ask_password_inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
- if (m->ask_password_inotify_fd < 0)
- return log_error_errno(errno, "inotify_init1() failed: %m");
-
- if (inotify_add_watch(m->ask_password_inotify_fd, "/run/systemd/ask-password", IN_CREATE|IN_DELETE|IN_MOVE) < 0) {
- log_error_errno(errno, "Failed to add watch on /run/systemd/ask-password: %m");
- manager_close_ask_password(m);
- return -errno;
- }
-
- r = sd_event_add_io(m->event, &m->ask_password_event_source,
- m->ask_password_inotify_fd, EPOLLIN,
- manager_dispatch_ask_password_fd, m);
- if (r < 0) {
- log_error_errno(errno, "Failed to add event source for /run/systemd/ask-password: %m");
- manager_close_ask_password(m);
- return -errno;
- }
-
- (void) sd_event_source_set_description(m->ask_password_event_source, "manager-ask-password");
-
- /* Queries might have been added meanwhile... */
- manager_dispatch_ask_password_fd(m->ask_password_event_source,
- m->ask_password_inotify_fd, EPOLLIN, m);
- }
-
- return m->have_ask_password;
-}
-
-static int manager_watch_idle_pipe(Manager *m) {
- int r;
-
- assert(m);
-
- if (m->idle_pipe_event_source)
- return 0;
-
- if (m->idle_pipe[2] < 0)
- return 0;
-
- r = sd_event_add_io(m->event, &m->idle_pipe_event_source, m->idle_pipe[2], EPOLLIN, manager_dispatch_idle_pipe_fd, m);
- if (r < 0)
- return log_error_errno(r, "Failed to watch idle pipe: %m");
-
- (void) sd_event_source_set_description(m->idle_pipe_event_source, "manager-idle-pipe");
-
- return 0;
-}
-
-static void manager_close_idle_pipe(Manager *m) {
- assert(m);
-
- m->idle_pipe_event_source = sd_event_source_unref(m->idle_pipe_event_source);
-
- safe_close_pair(m->idle_pipe);
- safe_close_pair(m->idle_pipe + 2);
-}
-
-static int manager_setup_time_change(Manager *m) {
- int r;
-
- /* We only care for the cancellation event, hence we set the
- * timeout to the latest possible value. */
- struct itimerspec its = {
- .it_value.tv_sec = TIME_T_MAX,
- };
-
- assert(m);
- assert_cc(sizeof(time_t) == sizeof(TIME_T_MAX));
-
- if (m->test_run)
- return 0;
-
- /* Uses TFD_TIMER_CANCEL_ON_SET to get notifications whenever
- * CLOCK_REALTIME makes a jump relative to CLOCK_MONOTONIC */
-
- m->time_change_fd = timerfd_create(CLOCK_REALTIME, TFD_NONBLOCK|TFD_CLOEXEC);
- if (m->time_change_fd < 0)
- return log_error_errno(errno, "Failed to create timerfd: %m");
-
- if (timerfd_settime(m->time_change_fd, TFD_TIMER_ABSTIME|TFD_TIMER_CANCEL_ON_SET, &its, NULL) < 0) {
- log_debug_errno(errno, "Failed to set up TFD_TIMER_CANCEL_ON_SET, ignoring: %m");
- m->time_change_fd = safe_close(m->time_change_fd);
- return 0;
- }
-
- r = sd_event_add_io(m->event, &m->time_change_event_source, m->time_change_fd, EPOLLIN, manager_dispatch_time_change_fd, m);
- if (r < 0)
- return log_error_errno(r, "Failed to create time change event source: %m");
-
- (void) sd_event_source_set_description(m->time_change_event_source, "manager-time-change");
-
- log_debug("Set up TFD_TIMER_CANCEL_ON_SET timerfd.");
-
- return 0;
-}
-
-static int enable_special_signals(Manager *m) {
- _cleanup_close_ int fd = -1;
-
- assert(m);
-
- if (m->test_run)
- return 0;
-
- /* Enable that we get SIGINT on control-alt-del. In containers
- * this will fail with EPERM (older) or EINVAL (newer), so
- * ignore that. */
- if (reboot(RB_DISABLE_CAD) < 0 && errno != EPERM && errno != EINVAL)
- log_warning_errno(errno, "Failed to enable ctrl-alt-del handling: %m");
-
- fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
- if (fd < 0) {
- /* Support systems without virtual console */
- if (fd != -ENOENT)
- log_warning_errno(errno, "Failed to open /dev/tty0: %m");
- } else {
- /* Enable that we get SIGWINCH on kbrequest */
- if (ioctl(fd, KDSIGACCEPT, SIGWINCH) < 0)
- log_warning_errno(errno, "Failed to enable kbrequest handling: %m");
- }
-
- return 0;
-}
-
-static int manager_setup_signals(Manager *m) {
- struct sigaction sa = {
- .sa_handler = SIG_DFL,
- .sa_flags = SA_NOCLDSTOP|SA_RESTART,
- };
- sigset_t mask;
- int r;
-
- assert(m);
-
- assert_se(sigaction(SIGCHLD, &sa, NULL) == 0);
-
- /* We make liberal use of realtime signals here. On
- * Linux/glibc we have 30 of them (with the exception of Linux
- * on hppa, see below), between SIGRTMIN+0 ... SIGRTMIN+30
- * (aka SIGRTMAX). */
-
- assert_se(sigemptyset(&mask) == 0);
- sigset_add_many(&mask,
- SIGCHLD, /* Child died */
- SIGTERM, /* Reexecute daemon */
- SIGHUP, /* Reload configuration */
- SIGUSR1, /* systemd/upstart: reconnect to D-Bus */
- SIGUSR2, /* systemd: dump status */
- SIGINT, /* Kernel sends us this on control-alt-del */
- SIGWINCH, /* Kernel sends us this on kbrequest (alt-arrowup) */
- SIGPWR, /* Some kernel drivers and upsd send us this on power failure */
-
- SIGRTMIN+0, /* systemd: start default.target */
- SIGRTMIN+1, /* systemd: isolate rescue.target */
- SIGRTMIN+2, /* systemd: isolate emergency.target */
- SIGRTMIN+3, /* systemd: start halt.target */
- SIGRTMIN+4, /* systemd: start poweroff.target */
- SIGRTMIN+5, /* systemd: start reboot.target */
- SIGRTMIN+6, /* systemd: start kexec.target */
-
- /* ... space for more special targets ... */
-
- SIGRTMIN+13, /* systemd: Immediate halt */
- SIGRTMIN+14, /* systemd: Immediate poweroff */
- SIGRTMIN+15, /* systemd: Immediate reboot */
- SIGRTMIN+16, /* systemd: Immediate kexec */
-
- /* ... space for more immediate system state changes ... */
-
- SIGRTMIN+20, /* systemd: enable status messages */
- SIGRTMIN+21, /* systemd: disable status messages */
- SIGRTMIN+22, /* systemd: set log level to LOG_DEBUG */
- SIGRTMIN+23, /* systemd: set log level to LOG_INFO */
- SIGRTMIN+24, /* systemd: Immediate exit (--user only) */
-
- /* .. one free signal here ... */
-
-#if !defined(__hppa64__) && !defined(__hppa__)
- /* Apparently Linux on hppa has fewer RT
- * signals (SIGRTMAX is SIGRTMIN+25 there),
- * hence let's not try to make use of them
- * here. Since these commands are accessible
- * by different means and only really a safety
- * net, the missing functionality on hppa
- * shouldn't matter. */
-
- SIGRTMIN+26, /* systemd: set log target to journal-or-kmsg */
- SIGRTMIN+27, /* systemd: set log target to console */
- SIGRTMIN+28, /* systemd: set log target to kmsg */
- SIGRTMIN+29, /* systemd: set log target to syslog-or-kmsg (obsolete) */
-
- /* ... one free signal here SIGRTMIN+30 ... */
-#endif
- -1);
- assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
-
- m->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
- if (m->signal_fd < 0)
- return -errno;
-
- r = sd_event_add_io(m->event, &m->signal_event_source, m->signal_fd, EPOLLIN, manager_dispatch_signal_fd, m);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(m->signal_event_source, "manager-signal");
-
- /* Process signals a bit earlier than the rest of things, but later than notify_fd processing, so that the
- * notify processing can still figure out to which process/service a message belongs, before we reap the
- * process. Also, process this before handling cgroup notifications, so that we always collect child exit
- * status information before detecting that there's no process in a cgroup. */
- r = sd_event_source_set_priority(m->signal_event_source, SD_EVENT_PRIORITY_NORMAL-6);
- if (r < 0)
- return r;
-
- if (MANAGER_IS_SYSTEM(m))
- return enable_special_signals(m);
-
- return 0;
-}
-
-static void manager_clean_environment(Manager *m) {
- assert(m);
-
- /* Let's remove some environment variables that we
- * need ourselves to communicate with our clients */
- strv_env_unset_many(
- m->environment,
- "NOTIFY_SOCKET",
- "MAINPID",
- "MANAGERPID",
- "LISTEN_PID",
- "LISTEN_FDS",
- "LISTEN_FDNAMES",
- "WATCHDOG_PID",
- "WATCHDOG_USEC",
- "INVOCATION_ID",
- NULL);
-}
-
-static int manager_default_environment(Manager *m) {
- assert(m);
-
- if (MANAGER_IS_SYSTEM(m)) {
- /* The system manager always starts with a clean
- * environment for its children. It does not import
- * the kernel or the parents exported variables.
- *
- * The initial passed environ is untouched to keep
- * /proc/self/environ valid; it is used for tagging
- * the init process inside containers. */
- m->environment = strv_new("PATH=" DEFAULT_PATH,
- NULL);
-
- /* Import locale variables LC_*= from configuration */
- locale_setup(&m->environment);
- } else {
- /* The user manager passes its own environment
- * along to its children. */
- m->environment = strv_copy(environ);
- }
-
- if (!m->environment)
- return -ENOMEM;
-
- manager_clean_environment(m);
- strv_sort(m->environment);
-
- return 0;
-}
-
-int manager_new(UnitFileScope scope, bool test_run, Manager **_m) {
- Manager *m;
- int r;
-
- assert(_m);
- assert(IN_SET(scope, UNIT_FILE_SYSTEM, UNIT_FILE_USER));
-
- m = new0(Manager, 1);
- if (!m)
- return -ENOMEM;
-
- m->unit_file_scope = scope;
- m->exit_code = _MANAGER_EXIT_CODE_INVALID;
- m->default_timer_accuracy_usec = USEC_PER_MINUTE;
- m->default_tasks_accounting = true;
- m->default_tasks_max = UINT64_MAX;
-
-#ifdef ENABLE_EFI
- if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0)
- boot_timestamps(&m->userspace_timestamp, &m->firmware_timestamp, &m->loader_timestamp);
-#endif
-
- /* Prepare log fields we can use for structured logging */
- if (MANAGER_IS_SYSTEM(m)) {
- m->unit_log_field = "UNIT=";
- m->unit_log_format_string = "UNIT=%s";
-
- m->invocation_log_field = "INVOCATION_ID=";
- m->invocation_log_format_string = "INVOCATION_ID=" SD_ID128_FORMAT_STR;
- } else {
- m->unit_log_field = "USER_UNIT=";
- m->unit_log_format_string = "USER_UNIT=%s";
-
- m->invocation_log_field = "USER_INVOCATION_ID=";
- m->invocation_log_format_string = "USER_INVOCATION_ID=" SD_ID128_FORMAT_STR;
- }
-
- m->idle_pipe[0] = m->idle_pipe[1] = m->idle_pipe[2] = m->idle_pipe[3] = -1;
-
- m->pin_cgroupfs_fd = m->notify_fd = m->cgroups_agent_fd = m->signal_fd = m->time_change_fd =
- m->dev_autofs_fd = m->private_listen_fd = m->cgroup_inotify_fd =
- m->ask_password_inotify_fd = -1;
-
- m->user_lookup_fds[0] = m->user_lookup_fds[1] = -1;
-
- m->current_job_id = 1; /* start as id #1, so that we can leave #0 around as "null-like" value */
-
- m->have_ask_password = -EINVAL; /* we don't know */
- m->first_boot = -1;
-
- m->test_run = test_run;
-
- /* Reboot immediately if the user hits C-A-D more often than 7x per 2s */
- RATELIMIT_INIT(m->ctrl_alt_del_ratelimit, 2 * USEC_PER_SEC, 7);
-
- r = manager_default_environment(m);
- if (r < 0)
- goto fail;
-
- r = hashmap_ensure_allocated(&m->units, &string_hash_ops);
- if (r < 0)
- goto fail;
-
- r = hashmap_ensure_allocated(&m->jobs, NULL);
- if (r < 0)
- goto fail;
-
- r = hashmap_ensure_allocated(&m->cgroup_unit, &string_hash_ops);
- if (r < 0)
- goto fail;
-
- r = hashmap_ensure_allocated(&m->watch_bus, &string_hash_ops);
- if (r < 0)
- goto fail;
-
- r = sd_event_default(&m->event);
- if (r < 0)
- goto fail;
-
- r = sd_event_add_defer(m->event, &m->run_queue_event_source, manager_dispatch_run_queue, m);
- if (r < 0)
- goto fail;
-
- r = sd_event_source_set_priority(m->run_queue_event_source, SD_EVENT_PRIORITY_IDLE);
- if (r < 0)
- goto fail;
-
- r = sd_event_source_set_enabled(m->run_queue_event_source, SD_EVENT_OFF);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(m->run_queue_event_source, "manager-run-queue");
-
- r = manager_setup_signals(m);
- if (r < 0)
- goto fail;
-
- r = manager_setup_cgroup(m);
- if (r < 0)
- goto fail;
-
- r = manager_setup_time_change(m);
- if (r < 0)
- goto fail;
-
- m->udev = udev_new();
- if (!m->udev) {
- r = -ENOMEM;
- goto fail;
- }
-
- /* Note that we do not set up the notify fd here. We do that after deserialization,
- * since they might have gotten serialized across the reexec. */
-
- m->taint_usr = dir_is_empty("/usr") > 0;
-
- *_m = m;
- return 0;
-
-fail:
- manager_free(m);
- return r;
-}
-
-static int manager_setup_notify(Manager *m) {
- int r;
-
- if (m->test_run)
- return 0;
-
- if (m->notify_fd < 0) {
- _cleanup_close_ int fd = -1;
- union sockaddr_union sa = {
- .sa.sa_family = AF_UNIX,
- };
- static const int one = 1;
- const char *e;
-
- /* First free all secondary fields */
- m->notify_socket = mfree(m->notify_socket);
- m->notify_event_source = sd_event_source_unref(m->notify_event_source);
-
- fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (fd < 0)
- return log_error_errno(errno, "Failed to allocate notification socket: %m");
-
- fd_inc_rcvbuf(fd, NOTIFY_RCVBUF_SIZE);
-
- e = manager_get_runtime_prefix(m);
- if (!e) {
- log_error("Failed to determine runtime prefix.");
- return -EINVAL;
- }
-
- m->notify_socket = strappend(e, "/systemd/notify");
- if (!m->notify_socket)
- return log_oom();
-
- (void) mkdir_parents_label(m->notify_socket, 0755);
- (void) unlink(m->notify_socket);
-
- strncpy(sa.un.sun_path, m->notify_socket, sizeof(sa.un.sun_path)-1);
- r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
- if (r < 0)
- return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
-
- r = setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
- if (r < 0)
- return log_error_errno(errno, "SO_PASSCRED failed: %m");
-
- m->notify_fd = fd;
- fd = -1;
-
- log_debug("Using notification socket %s", m->notify_socket);
- }
-
- if (!m->notify_event_source) {
- r = sd_event_add_io(m->event, &m->notify_event_source, m->notify_fd, EPOLLIN, manager_dispatch_notify_fd, m);
- if (r < 0)
- return log_error_errno(r, "Failed to allocate notify event source: %m");
-
- /* Process notification messages a bit earlier than SIGCHLD, so that we can still identify to which
- * service an exit message belongs. */
- r = sd_event_source_set_priority(m->notify_event_source, SD_EVENT_PRIORITY_NORMAL-7);
- if (r < 0)
- return log_error_errno(r, "Failed to set priority of notify event source: %m");
-
- (void) sd_event_source_set_description(m->notify_event_source, "manager-notify");
- }
-
- return 0;
-}
-
-static int manager_setup_cgroups_agent(Manager *m) {
-
- static const union sockaddr_union sa = {
- .un.sun_family = AF_UNIX,
- .un.sun_path = "/run/systemd/cgroups-agent",
- };
- int r;
-
- /* This creates a listening socket we receive cgroups agent messages on. We do not use D-Bus for delivering
- * these messages from the cgroups agent binary to PID 1, as the cgroups agent binary is very short-living, and
- * each instance of it needs a new D-Bus connection. Since D-Bus connections are SOCK_STREAM/AF_UNIX, on
- * overloaded systems the backlog of the D-Bus socket becomes relevant, as not more than the configured number
- * of D-Bus connections may be queued until the kernel will start dropping further incoming connections,
- * possibly resulting in lost cgroups agent messages. To avoid this, we'll use a private SOCK_DGRAM/AF_UNIX
- * socket, where no backlog is relevant as communication may take place without an actual connect() cycle, and
- * we thus won't lose messages.
- *
- * Note that PID 1 will forward the agent message to system bus, so that the user systemd instance may listen
- * to it. The system instance hence listens on this special socket, but the user instances listen on the system
- * bus for these messages. */
-
- if (m->test_run)
- return 0;
-
- if (!MANAGER_IS_SYSTEM(m))
- return 0;
-
- if (cg_unified(SYSTEMD_CGROUP_CONTROLLER) > 0) /* We don't need this anymore on the unified hierarchy */
- return 0;
-
- if (m->cgroups_agent_fd < 0) {
- _cleanup_close_ int fd = -1;
-
- /* First free all secondary fields */
- m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
-
- fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (fd < 0)
- return log_error_errno(errno, "Failed to allocate cgroups agent socket: %m");
-
- fd_inc_rcvbuf(fd, CGROUPS_AGENT_RCVBUF_SIZE);
-
- (void) unlink(sa.un.sun_path);
-
- /* Only allow root to connect to this socket */
- RUN_WITH_UMASK(0077)
- r = bind(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
- if (r < 0)
- return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
-
- m->cgroups_agent_fd = fd;
- fd = -1;
- }
-
- if (!m->cgroups_agent_event_source) {
- r = sd_event_add_io(m->event, &m->cgroups_agent_event_source, m->cgroups_agent_fd, EPOLLIN, manager_dispatch_cgroups_agent_fd, m);
- if (r < 0)
- return log_error_errno(r, "Failed to allocate cgroups agent event source: %m");
-
- /* Process cgroups notifications early, but after having processed service notification messages or
- * SIGCHLD signals, so that a cgroup running empty is always just the last safety net of notification,
- * and we collected the metadata the notification and SIGCHLD stuff offers first. Also see handling of
- * cgroup inotify for the unified cgroup stuff. */
- r = sd_event_source_set_priority(m->cgroups_agent_event_source, SD_EVENT_PRIORITY_NORMAL-5);
- if (r < 0)
- return log_error_errno(r, "Failed to set priority of cgroups agent event source: %m");
-
- (void) sd_event_source_set_description(m->cgroups_agent_event_source, "manager-cgroups-agent");
- }
-
- return 0;
-}
-
-static int manager_setup_user_lookup_fd(Manager *m) {
- int r;
-
- assert(m);
-
- /* Set up the socket pair used for passing UID/GID resolution results from forked off processes to PID
- * 1. Background: we can't do name lookups (NSS) from PID 1, since it might involve IPC and thus activation,
- * and we might hence deadlock on ourselves. Hence we do all user/group lookups asynchronously from the forked
- * off processes right before executing the binaries to start. In order to be able to clean up any IPC objects
- * created by a unit (see RemoveIPC=) we need to know in PID 1 the used UID/GID of the executed processes,
- * hence we establish this communication channel so that forked off processes can pass their UID/GID
- * information back to PID 1. The forked off processes send their resolved UID/GID to PID 1 in a simple
- * datagram, along with their unit name, so that we can share one communication socket pair among all units for
- * this purpose.
- *
- * You might wonder why we need a communication channel for this that is independent of the usual notification
- * socket scheme (i.e. $NOTIFY_SOCKET). The primary difference is about trust: data sent via the $NOTIFY_SOCKET
- * channel is only accepted if it originates from the right unit and if reception was enabled for it. The user
- * lookup socket OTOH is only accessible by PID 1 and its children until they exec(), and always available.
- *
- * Note that this function is called under two circumstances: when we first initialize (in which case we
- * allocate both the socket pair and the event source to listen on it), and when we deserialize after a reload
- * (in which case the socket pair already exists but we still need to allocate the event source for it). */
-
- if (m->user_lookup_fds[0] < 0) {
-
- /* Free all secondary fields */
- safe_close_pair(m->user_lookup_fds);
- m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
-
- if (socketpair(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0, m->user_lookup_fds) < 0)
- return log_error_errno(errno, "Failed to allocate user lookup socket: %m");
-
- (void) fd_inc_rcvbuf(m->user_lookup_fds[0], NOTIFY_RCVBUF_SIZE);
- }
-
- if (!m->user_lookup_event_source) {
- r = sd_event_add_io(m->event, &m->user_lookup_event_source, m->user_lookup_fds[0], EPOLLIN, manager_dispatch_user_lookup_fd, m);
- if (r < 0)
- return log_error_errno(errno, "Failed to allocate user lookup event source: %m");
-
- /* Process even earlier than the notify event source, so that we always know first about valid UID/GID
- * resolutions */
- r = sd_event_source_set_priority(m->user_lookup_event_source, SD_EVENT_PRIORITY_NORMAL-8);
- if (r < 0)
- return log_error_errno(errno, "Failed to set priority ot user lookup event source: %m");
-
- (void) sd_event_source_set_description(m->user_lookup_event_source, "user-lookup");
- }
-
- return 0;
-}
-
-static int manager_connect_bus(Manager *m, bool reexecuting) {
- bool try_bus_connect;
-
- assert(m);
-
- if (m->test_run)
- return 0;
-
- try_bus_connect =
- reexecuting ||
- (MANAGER_IS_USER(m) && getenv("DBUS_SESSION_BUS_ADDRESS"));
-
- /* Try to connect to the buses, if possible. */
- return bus_init(m, try_bus_connect);
-}
-
-static unsigned manager_dispatch_cleanup_queue(Manager *m) {
- Unit *u;
- unsigned n = 0;
-
- assert(m);
-
- while ((u = m->cleanup_queue)) {
- assert(u->in_cleanup_queue);
-
- unit_free(u);
- n++;
- }
-
- return n;
-}
-
-enum {
- GC_OFFSET_IN_PATH, /* This one is on the path we were traveling */
- GC_OFFSET_UNSURE, /* No clue */
- GC_OFFSET_GOOD, /* We still need this unit */
- GC_OFFSET_BAD, /* We don't need this unit anymore */
- _GC_OFFSET_MAX
-};
-
-static void unit_gc_mark_good(Unit *u, unsigned gc_marker) {
- Iterator i;
- Unit *other;
-
- u->gc_marker = gc_marker + GC_OFFSET_GOOD;
-
- /* Recursively mark referenced units as GOOD as well */
- SET_FOREACH(other, u->dependencies[UNIT_REFERENCES], i)
- if (other->gc_marker == gc_marker + GC_OFFSET_UNSURE)
- unit_gc_mark_good(other, gc_marker);
-}
-
-static void unit_gc_sweep(Unit *u, unsigned gc_marker) {
- Iterator i;
- Unit *other;
- bool is_bad;
-
- assert(u);
-
- if (u->gc_marker == gc_marker + GC_OFFSET_GOOD ||
- u->gc_marker == gc_marker + GC_OFFSET_BAD ||
- u->gc_marker == gc_marker + GC_OFFSET_UNSURE ||
- u->gc_marker == gc_marker + GC_OFFSET_IN_PATH)
- return;
-
- if (u->in_cleanup_queue)
- goto bad;
-
- if (unit_check_gc(u))
- goto good;
-
- u->gc_marker = gc_marker + GC_OFFSET_IN_PATH;
-
- is_bad = true;
-
- SET_FOREACH(other, u->dependencies[UNIT_REFERENCED_BY], i) {
- unit_gc_sweep(other, gc_marker);
-
- if (other->gc_marker == gc_marker + GC_OFFSET_GOOD)
- goto good;
-
- if (other->gc_marker != gc_marker + GC_OFFSET_BAD)
- is_bad = false;
- }
-
- if (is_bad)
- goto bad;
-
- /* We were unable to find anything out about this entry, so
- * let's investigate it later */
- u->gc_marker = gc_marker + GC_OFFSET_UNSURE;
- unit_add_to_gc_queue(u);
- return;
-
-bad:
- /* We definitely know that this one is not useful anymore, so
- * let's mark it for deletion */
- u->gc_marker = gc_marker + GC_OFFSET_BAD;
- unit_add_to_cleanup_queue(u);
- return;
-
-good:
- unit_gc_mark_good(u, gc_marker);
-}
-
-static unsigned manager_dispatch_gc_queue(Manager *m) {
- Unit *u;
- unsigned n = 0;
- unsigned gc_marker;
-
- assert(m);
-
- /* log_debug("Running GC..."); */
-
- m->gc_marker += _GC_OFFSET_MAX;
- if (m->gc_marker + _GC_OFFSET_MAX <= _GC_OFFSET_MAX)
- m->gc_marker = 1;
-
- gc_marker = m->gc_marker;
-
- while ((u = m->gc_queue)) {
- assert(u->in_gc_queue);
-
- unit_gc_sweep(u, gc_marker);
-
- LIST_REMOVE(gc_queue, m->gc_queue, u);
- u->in_gc_queue = false;
-
- n++;
-
- if (u->gc_marker == gc_marker + GC_OFFSET_BAD ||
- u->gc_marker == gc_marker + GC_OFFSET_UNSURE) {
- if (u->id)
- log_unit_debug(u, "Collecting.");
- u->gc_marker = gc_marker + GC_OFFSET_BAD;
- unit_add_to_cleanup_queue(u);
- }
- }
-
- m->n_in_gc_queue = 0;
-
- return n;
-}
-
-static void manager_clear_jobs_and_units(Manager *m) {
- Unit *u;
-
- assert(m);
-
- while ((u = hashmap_first(m->units)))
- unit_free(u);
-
- manager_dispatch_cleanup_queue(m);
-
- assert(!m->load_queue);
- assert(!m->run_queue);
- assert(!m->dbus_unit_queue);
- assert(!m->dbus_job_queue);
- assert(!m->cleanup_queue);
- assert(!m->gc_queue);
-
- assert(hashmap_isempty(m->jobs));
- assert(hashmap_isempty(m->units));
-
- m->n_on_console = 0;
- m->n_running_jobs = 0;
-}
-
-Manager* manager_free(Manager *m) {
- UnitType c;
- int i;
-
- if (!m)
- return NULL;
-
- manager_clear_jobs_and_units(m);
-
- for (c = 0; c < _UNIT_TYPE_MAX; c++)
- if (unit_vtable[c]->shutdown)
- unit_vtable[c]->shutdown(m);
-
- /* If we reexecute ourselves, we keep the root cgroup
- * around */
- manager_shutdown_cgroup(m, m->exit_code != MANAGER_REEXECUTE);
-
- lookup_paths_flush_generator(&m->lookup_paths);
-
- bus_done(m);
-
- dynamic_user_vacuum(m, false);
- hashmap_free(m->dynamic_users);
-
- hashmap_free(m->units);
- hashmap_free(m->units_by_invocation_id);
- hashmap_free(m->jobs);
- hashmap_free(m->watch_pids1);
- hashmap_free(m->watch_pids2);
- hashmap_free(m->watch_bus);
-
- set_free(m->startup_units);
- set_free(m->failed_units);
-
- sd_event_source_unref(m->signal_event_source);
- sd_event_source_unref(m->notify_event_source);
- sd_event_source_unref(m->cgroups_agent_event_source);
- sd_event_source_unref(m->time_change_event_source);
- sd_event_source_unref(m->jobs_in_progress_event_source);
- sd_event_source_unref(m->run_queue_event_source);
- sd_event_source_unref(m->user_lookup_event_source);
-
- safe_close(m->signal_fd);
- safe_close(m->notify_fd);
- safe_close(m->cgroups_agent_fd);
- safe_close(m->time_change_fd);
- safe_close_pair(m->user_lookup_fds);
-
- manager_close_ask_password(m);
-
- manager_close_idle_pipe(m);
-
- udev_unref(m->udev);
- sd_event_unref(m->event);
-
- free(m->notify_socket);
-
- lookup_paths_free(&m->lookup_paths);
- strv_free(m->environment);
-
- hashmap_free(m->cgroup_unit);
- set_free_free(m->unit_path_cache);
-
- free(m->switch_root);
- free(m->switch_root_init);
-
- for (i = 0; i < _RLIMIT_MAX; i++)
- m->rlimit[i] = mfree(m->rlimit[i]);
-
- assert(hashmap_isempty(m->units_requiring_mounts_for));
- hashmap_free(m->units_requiring_mounts_for);
-
- hashmap_free(m->uid_refs);
- hashmap_free(m->gid_refs);
-
- return mfree(m);
-}
-
-void manager_enumerate(Manager *m) {
- UnitType c;
-
- assert(m);
-
- /* Let's ask every type to load all units from disk/kernel
- * that it might know */
- for (c = 0; c < _UNIT_TYPE_MAX; c++) {
- if (!unit_type_supported(c)) {
- log_debug("Unit type .%s is not supported on this system.", unit_type_to_string(c));
- continue;
- }
-
- if (!unit_vtable[c]->enumerate)
- continue;
-
- unit_vtable[c]->enumerate(m);
- }
-
- manager_dispatch_load_queue(m);
-}
-
-static void manager_coldplug(Manager *m) {
- Iterator i;
- Unit *u;
- char *k;
- int r;
-
- assert(m);
-
- /* Then, let's set up their initial state. */
- HASHMAP_FOREACH_KEY(u, k, m->units, i) {
-
- /* ignore aliases */
- if (u->id != k)
- continue;
-
- r = unit_coldplug(u);
- if (r < 0)
- log_warning_errno(r, "We couldn't coldplug %s, proceeding anyway: %m", u->id);
- }
-}
-
-static void manager_build_unit_path_cache(Manager *m) {
- char **i;
- int r;
-
- assert(m);
-
- set_free_free(m->unit_path_cache);
-
- m->unit_path_cache = set_new(&string_hash_ops);
- if (!m->unit_path_cache) {
- r = -ENOMEM;
- goto fail;
- }
-
- /* This simply builds a list of files we know exist, so that
- * we don't always have to go to disk */
-
- STRV_FOREACH(i, m->lookup_paths.search_path) {
- _cleanup_closedir_ DIR *d = NULL;
- struct dirent *de;
-
- d = opendir(*i);
- if (!d) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open directory %s, ignoring: %m", *i);
- continue;
- }
-
- FOREACH_DIRENT(de, d, r = -errno; goto fail) {
- char *p;
-
- p = strjoin(streq(*i, "/") ? "" : *i, "/", de->d_name, NULL);
- if (!p) {
- r = -ENOMEM;
- goto fail;
- }
-
- r = set_consume(m->unit_path_cache, p);
- if (r < 0)
- goto fail;
- }
- }
-
- return;
-
-fail:
- log_warning_errno(r, "Failed to build unit path cache, proceeding without: %m");
- m->unit_path_cache = set_free_free(m->unit_path_cache);
-}
-
-static void manager_distribute_fds(Manager *m, FDSet *fds) {
- Iterator i;
- Unit *u;
-
- assert(m);
-
- HASHMAP_FOREACH(u, m->units, i) {
-
- if (fdset_size(fds) <= 0)
- break;
-
- if (!UNIT_VTABLE(u)->distribute_fds)
- continue;
-
- UNIT_VTABLE(u)->distribute_fds(u, fds);
- }
-}
-
-int manager_startup(Manager *m, FILE *serialization, FDSet *fds) {
- int r, q;
-
- assert(m);
-
- r = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
- if (r < 0)
- return r;
-
- /* Make sure the transient directory always exists, so that it remains in the search path */
- if (!m->test_run) {
- r = mkdir_p_label(m->lookup_paths.transient, 0755);
- if (r < 0)
- return r;
- }
-
- dual_timestamp_get(&m->generators_start_timestamp);
- r = manager_run_generators(m);
- dual_timestamp_get(&m->generators_finish_timestamp);
- if (r < 0)
- return r;
-
- lookup_paths_reduce(&m->lookup_paths);
- manager_build_unit_path_cache(m);
-
- /* If we will deserialize make sure that during enumeration
- * this is already known, so we increase the counter here
- * already */
- if (serialization)
- m->n_reloading++;
-
- /* First, enumerate what we can from all config files */
- dual_timestamp_get(&m->units_load_start_timestamp);
- manager_enumerate(m);
- dual_timestamp_get(&m->units_load_finish_timestamp);
-
- /* Second, deserialize if there is something to deserialize */
- if (serialization)
- r = manager_deserialize(m, serialization, fds);
-
- /* Any fds left? Find some unit which wants them. This is
- * useful to allow container managers to pass some file
- * descriptors to us pre-initialized. This enables
- * socket-based activation of entire containers. */
- manager_distribute_fds(m, fds);
-
- /* We might have deserialized the notify fd, but if we didn't
- * then let's create the bus now */
- q = manager_setup_notify(m);
- if (q < 0 && r == 0)
- r = q;
-
- q = manager_setup_cgroups_agent(m);
- if (q < 0 && r == 0)
- r = q;
-
- q = manager_setup_user_lookup_fd(m);
- if (q < 0 && r == 0)
- r = q;
-
- /* Let's connect to the bus now. */
- (void) manager_connect_bus(m, !!serialization);
-
- (void) bus_track_coldplug(m, &m->subscribed, false, m->deserialized_subscribed);
- m->deserialized_subscribed = strv_free(m->deserialized_subscribed);
-
- /* Third, fire things up! */
- manager_coldplug(m);
-
- /* Release any dynamic users no longer referenced */
- dynamic_user_vacuum(m, true);
-
- /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
- manager_vacuum_uid_refs(m);
- manager_vacuum_gid_refs(m);
-
- if (serialization) {
- assert(m->n_reloading > 0);
- m->n_reloading--;
-
- /* Let's wait for the UnitNew/JobNew messages being
- * sent, before we notify that the reload is
- * finished */
- m->send_reloading_done = true;
- }
-
- return r;
-}
-
-int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret) {
- int r;
- Transaction *tr;
-
- assert(m);
- assert(type < _JOB_TYPE_MAX);
- assert(unit);
- assert(mode < _JOB_MODE_MAX);
-
- if (mode == JOB_ISOLATE && type != JOB_START)
- return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Isolate is only valid for start.");
-
- if (mode == JOB_ISOLATE && !unit->allow_isolate)
- return sd_bus_error_setf(e, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
-
- log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
-
- type = job_type_collapse(type, unit);
-
- tr = transaction_new(mode == JOB_REPLACE_IRREVERSIBLY);
- if (!tr)
- return -ENOMEM;
-
- r = transaction_add_job_and_dependencies(tr, type, unit, NULL, true, false,
- mode == JOB_IGNORE_DEPENDENCIES || mode == JOB_IGNORE_REQUIREMENTS,
- mode == JOB_IGNORE_DEPENDENCIES, e);
- if (r < 0)
- goto tr_abort;
-
- if (mode == JOB_ISOLATE) {
- r = transaction_add_isolate_jobs(tr, m);
- if (r < 0)
- goto tr_abort;
- }
-
- r = transaction_activate(tr, m, mode, e);
- if (r < 0)
- goto tr_abort;
-
- log_unit_debug(unit,
- "Enqueued job %s/%s as %u", unit->id,
- job_type_to_string(type), (unsigned) tr->anchor_job->id);
-
- if (_ret)
- *_ret = tr->anchor_job;
-
- transaction_free(tr);
- return 0;
-
-tr_abort:
- transaction_abort(tr);
- transaction_free(tr);
- return r;
-}
-
-int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **ret) {
- Unit *unit;
- int r;
-
- assert(m);
- assert(type < _JOB_TYPE_MAX);
- assert(name);
- assert(mode < _JOB_MODE_MAX);
-
- r = manager_load_unit(m, name, NULL, NULL, &unit);
- if (r < 0)
- return r;
-
- return manager_add_job(m, type, unit, mode, e, ret);
-}
-
-int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- int r;
-
- assert(m);
- assert(type < _JOB_TYPE_MAX);
- assert(name);
- assert(mode < _JOB_MODE_MAX);
-
- r = manager_add_job_by_name(m, type, name, mode, &error, ret);
- if (r < 0)
- return log_warning_errno(r, "Failed to enqueue %s job for %s: %s", job_mode_to_string(mode), name, bus_error_message(&error, r));
-
- return r;
-}
-
-Job *manager_get_job(Manager *m, uint32_t id) {
- assert(m);
-
- return hashmap_get(m->jobs, UINT32_TO_PTR(id));
-}
-
-Unit *manager_get_unit(Manager *m, const char *name) {
- assert(m);
- assert(name);
-
- return hashmap_get(m->units, name);
-}
-
-unsigned manager_dispatch_load_queue(Manager *m) {
- Unit *u;
- unsigned n = 0;
-
- assert(m);
-
- /* Make sure we are not run recursively */
- if (m->dispatching_load_queue)
- return 0;
-
- m->dispatching_load_queue = true;
-
- /* Dispatches the load queue. Takes a unit from the queue and
- * tries to load its data until the queue is empty */
-
- while ((u = m->load_queue)) {
- assert(u->in_load_queue);
-
- unit_load(u);
- n++;
- }
-
- m->dispatching_load_queue = false;
- return n;
-}
-
-int manager_load_unit_prepare(
- Manager *m,
- const char *name,
- const char *path,
- sd_bus_error *e,
- Unit **_ret) {
-
- Unit *ret;
- UnitType t;
- int r;
-
- assert(m);
- assert(name || path);
-
- /* This will prepare the unit for loading, but not actually
- * load anything from disk. */
-
- if (path && !is_path(path))
- return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Path %s is not absolute.", path);
-
- if (!name)
- name = basename(path);
-
- t = unit_name_to_type(name);
-
- if (t == _UNIT_TYPE_INVALID || !unit_name_is_valid(name, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE)) {
- if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE))
- return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is missing the instance name.", name);
-
- return sd_bus_error_setf(e, SD_BUS_ERROR_INVALID_ARGS, "Unit name %s is not valid.", name);
- }
-
- ret = manager_get_unit(m, name);
- if (ret) {
- *_ret = ret;
- return 1;
- }
-
- ret = unit_new(m, unit_vtable[t]->object_size);
- if (!ret)
- return -ENOMEM;
-
- if (path) {
- ret->fragment_path = strdup(path);
- if (!ret->fragment_path) {
- unit_free(ret);
- return -ENOMEM;
- }
- }
-
- r = unit_add_name(ret, name);
- if (r < 0) {
- unit_free(ret);
- return r;
- }
-
- unit_add_to_load_queue(ret);
- unit_add_to_dbus_queue(ret);
- unit_add_to_gc_queue(ret);
-
- if (_ret)
- *_ret = ret;
-
- return 0;
-}
-
-int manager_load_unit(
- Manager *m,
- const char *name,
- const char *path,
- sd_bus_error *e,
- Unit **_ret) {
-
- int r;
-
- assert(m);
-
- /* This will load the service information files, but not actually
- * start any services or anything. */
-
- r = manager_load_unit_prepare(m, name, path, e, _ret);
- if (r != 0)
- return r;
-
- manager_dispatch_load_queue(m);
-
- if (_ret)
- *_ret = unit_follow_merge(*_ret);
-
- return 0;
-}
-
-void manager_dump_jobs(Manager *s, FILE *f, const char *prefix) {
- Iterator i;
- Job *j;
-
- assert(s);
- assert(f);
-
- HASHMAP_FOREACH(j, s->jobs, i)
- job_dump(j, f, prefix);
-}
-
-void manager_dump_units(Manager *s, FILE *f, const char *prefix) {
- Iterator i;
- Unit *u;
- const char *t;
-
- assert(s);
- assert(f);
-
- HASHMAP_FOREACH_KEY(u, t, s->units, i)
- if (u->id == t)
- unit_dump(u, f, prefix);
-}
-
-void manager_clear_jobs(Manager *m) {
- Job *j;
-
- assert(m);
-
- while ((j = hashmap_first(m->jobs)))
- /* No need to recurse. We're cancelling all jobs. */
- job_finish_and_invalidate(j, JOB_CANCELED, false, false);
-}
-
-static int manager_dispatch_run_queue(sd_event_source *source, void *userdata) {
- Manager *m = userdata;
- Job *j;
-
- assert(source);
- assert(m);
-
- while ((j = m->run_queue)) {
- assert(j->installed);
- assert(j->in_run_queue);
-
- job_run_and_invalidate(j);
- }
-
- if (m->n_running_jobs > 0)
- manager_watch_jobs_in_progress(m);
-
- if (m->n_on_console > 0)
- manager_watch_idle_pipe(m);
-
- return 1;
-}
-
-static unsigned manager_dispatch_dbus_queue(Manager *m) {
- Job *j;
- Unit *u;
- unsigned n = 0;
-
- assert(m);
-
- if (m->dispatching_dbus_queue)
- return 0;
-
- m->dispatching_dbus_queue = true;
-
- while ((u = m->dbus_unit_queue)) {
- assert(u->in_dbus_queue);
-
- bus_unit_send_change_signal(u);
- n++;
- }
-
- while ((j = m->dbus_job_queue)) {
- assert(j->in_dbus_queue);
-
- bus_job_send_change_signal(j);
- n++;
- }
-
- m->dispatching_dbus_queue = false;
-
- if (m->send_reloading_done) {
- m->send_reloading_done = false;
-
- bus_manager_send_reloading(m, false);
- }
-
- if (m->queued_message)
- bus_send_queued_message(m);
-
- return n;
-}
-
-static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
- char buf[PATH_MAX+1];
- ssize_t n;
-
- n = recv(fd, buf, sizeof(buf), 0);
- if (n < 0)
- return log_error_errno(errno, "Failed to read cgroups agent message: %m");
- if (n == 0) {
- log_error("Got zero-length cgroups agent message, ignoring.");
- return 0;
- }
- if ((size_t) n >= sizeof(buf)) {
- log_error("Got overly long cgroups agent message, ignoring.");
- return 0;
- }
-
- if (memchr(buf, 0, n)) {
- log_error("Got cgroups agent message with embedded NUL byte, ignoring.");
- return 0;
- }
- buf[n] = 0;
-
- manager_notify_cgroup_empty(m, buf);
- bus_forward_agent_released(m, buf);
-
- return 0;
-}
-
-static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) {
- _cleanup_strv_free_ char **tags = NULL;
-
- assert(m);
- assert(u);
- assert(buf);
-
- tags = strv_split(buf, "\n\r");
- if (!tags) {
- log_oom();
- return;
- }
-
- if (UNIT_VTABLE(u)->notify_message)
- UNIT_VTABLE(u)->notify_message(u, pid, tags, fds);
- else if (_unlikely_(log_get_max_level() >= LOG_DEBUG)) {
- _cleanup_free_ char *x = NULL, *y = NULL;
-
- x = cescape(buf);
- if (x)
- y = ellipsize(x, 20, 90);
- log_unit_debug(u, "Got notification message \"%s\", ignoring.", strnull(y));
- }
-}
-
-static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
-
- _cleanup_fdset_free_ FDSet *fds = NULL;
- Manager *m = userdata;
- char buf[NOTIFY_BUFFER_MAX+1];
- struct iovec iovec = {
- .iov_base = buf,
- .iov_len = sizeof(buf)-1,
- };
- union {
- struct cmsghdr cmsghdr;
- uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
- CMSG_SPACE(sizeof(int) * NOTIFY_FD_MAX)];
- } control = {};
- struct msghdr msghdr = {
- .msg_iov = &iovec,
- .msg_iovlen = 1,
- .msg_control = &control,
- .msg_controllen = sizeof(control),
- };
-
- struct cmsghdr *cmsg;
- struct ucred *ucred = NULL;
- Unit *u1, *u2, *u3;
- int r, *fd_array = NULL;
- unsigned n_fds = 0;
- ssize_t n;
-
- assert(m);
- assert(m->notify_fd == fd);
-
- if (revents != EPOLLIN) {
- log_warning("Got unexpected poll event for notify fd.");
- return 0;
- }
-
- n = recvmsg(m->notify_fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC|MSG_TRUNC);
- if (n < 0) {
- if (IN_SET(errno, EAGAIN, EINTR))
- return 0; /* Spurious wakeup, try again */
-
- /* If this is any other, real error, then let's stop processing this socket. This of course means we
- * won't take notification messages anymore, but that's still better than busy looping around this:
- * being woken up over and over again but being unable to actually read the message off the socket. */
- return log_error_errno(errno, "Failed to receive notification message: %m");
- }
-
- CMSG_FOREACH(cmsg, &msghdr) {
- if (cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_RIGHTS) {
-
- fd_array = (int*) CMSG_DATA(cmsg);
- n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
-
- } else if (cmsg->cmsg_level == SOL_SOCKET &&
- cmsg->cmsg_type == SCM_CREDENTIALS &&
- cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) {
-
- ucred = (struct ucred*) CMSG_DATA(cmsg);
- }
- }
-
- if (n_fds > 0) {
- assert(fd_array);
-
- r = fdset_new_array(&fds, fd_array, n_fds);
- if (r < 0) {
- close_many(fd_array, n_fds);
- log_oom();
- return 0;
- }
- }
-
- if (!ucred || ucred->pid <= 0) {
- log_warning("Received notify message without valid credentials. Ignoring.");
- return 0;
- }
-
- if ((size_t) n >= sizeof(buf) || (msghdr.msg_flags & MSG_TRUNC)) {
- log_warning("Received notify message exceeded maximum size. Ignoring.");
- return 0;
- }
-
- /* As extra safety check, let's make sure the string we get doesn't contain embedded NUL bytes. We permit one
- * trailing NUL byte in the message, but don't expect it. */
- if (n > 1 && memchr(buf, 0, n-1)) {
- log_warning("Received notify message with embedded NUL bytes. Ignoring.");
- return 0;
- }
-
- /* Make sure it's NUL-terminated. */
- buf[n] = 0;
-
- /* Notify every unit that might be interested, but try
- * to avoid notifying the same one multiple times. */
- u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
- if (u1)
- manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
-
- u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
- if (u2 && u2 != u1)
- manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
-
- u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
- if (u3 && u3 != u2 && u3 != u1)
- manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
-
- if (!u1 && !u2 && !u3)
- log_warning("Cannot find unit for notify message of PID "PID_FMT".", ucred->pid);
-
- if (fdset_size(fds) > 0)
- log_warning("Got extra auxiliary fds with notification message, closing them.");
-
- return 0;
-}
-
-static void invoke_sigchld_event(Manager *m, Unit *u, const siginfo_t *si) {
- uint64_t iteration;
-
- assert(m);
- assert(u);
- assert(si);
-
- sd_event_get_iteration(m->event, &iteration);
-
- log_unit_debug(u, "Child "PID_FMT" belongs to %s", si->si_pid, u->id);
-
- unit_unwatch_pid(u, si->si_pid);
-
- if (UNIT_VTABLE(u)->sigchld_event) {
- if (set_size(u->pids) <= 1 ||
- iteration != u->sigchldgen ||
- unit_main_pid(u) == si->si_pid ||
- unit_control_pid(u) == si->si_pid) {
- UNIT_VTABLE(u)->sigchld_event(u, si->si_pid, si->si_code, si->si_status);
- u->sigchldgen = iteration;
- } else
- log_debug("%s already issued a sigchld this iteration %" PRIu64 ", skipping. Pids still being watched %d", u->id, iteration, set_size(u->pids));
- }
-}
-
-static int manager_dispatch_sigchld(Manager *m) {
- assert(m);
-
- for (;;) {
- siginfo_t si = {};
-
- /* First we call waitd() for a PID and do not reap the
- * zombie. That way we can still access /proc/$PID for
- * it while it is a zombie. */
- if (waitid(P_ALL, 0, &si, WEXITED|WNOHANG|WNOWAIT) < 0) {
-
- if (errno == ECHILD)
- break;
-
- if (errno == EINTR)
- continue;
-
- return -errno;
- }
-
- if (si.si_pid <= 0)
- break;
-
- if (si.si_code == CLD_EXITED || si.si_code == CLD_KILLED || si.si_code == CLD_DUMPED) {
- _cleanup_free_ char *name = NULL;
- Unit *u1, *u2, *u3;
-
- get_process_comm(si.si_pid, &name);
-
- log_debug("Child "PID_FMT" (%s) died (code=%s, status=%i/%s)",
- si.si_pid, strna(name),
- sigchld_code_to_string(si.si_code),
- si.si_status,
- strna(si.si_code == CLD_EXITED
- ? exit_status_to_string(si.si_status, EXIT_STATUS_FULL)
- : signal_to_string(si.si_status)));
-
- /* And now figure out the unit this belongs
- * to, it might be multiple... */
- u1 = manager_get_unit_by_pid_cgroup(m, si.si_pid);
- if (u1)
- invoke_sigchld_event(m, u1, &si);
- u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(si.si_pid));
- if (u2 && u2 != u1)
- invoke_sigchld_event(m, u2, &si);
- u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(si.si_pid));
- if (u3 && u3 != u2 && u3 != u1)
- invoke_sigchld_event(m, u3, &si);
- }
-
- /* And now, we actually reap the zombie. */
- if (waitid(P_PID, si.si_pid, &si, WEXITED) < 0) {
- if (errno == EINTR)
- continue;
-
- return -errno;
- }
- }
-
- return 0;
-}
-
-static int manager_start_target(Manager *m, const char *name, JobMode mode) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- int r;
-
- log_debug("Activating special unit %s", name);
-
- r = manager_add_job_by_name(m, JOB_START, name, mode, &error, NULL);
- if (r < 0)
- log_error("Failed to enqueue %s job: %s", name, bus_error_message(&error, r));
-
- return r;
-}
-
-static void manager_handle_ctrl_alt_del(Manager *m) {
- /* If the user presses C-A-D more than
- * 7 times within 2s, we reboot/shutdown immediately,
- * unless it was disabled in system.conf */
-
- if (ratelimit_test(&m->ctrl_alt_del_ratelimit) || m->cad_burst_action == EMERGENCY_ACTION_NONE)
- manager_start_target(m, SPECIAL_CTRL_ALT_DEL_TARGET, JOB_REPLACE_IRREVERSIBLY);
- else
- emergency_action(m, m->cad_burst_action, NULL,
- "Ctrl-Alt-Del was pressed more than 7 times within 2s");
-}
-
-static int manager_dispatch_signal_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
- ssize_t n;
- struct signalfd_siginfo sfsi;
- bool sigchld = false;
- int r;
-
- assert(m);
- assert(m->signal_fd == fd);
-
- if (revents != EPOLLIN) {
- log_warning("Got unexpected events from signal file descriptor.");
- return 0;
- }
-
- for (;;) {
- n = read(m->signal_fd, &sfsi, sizeof(sfsi));
- if (n != sizeof(sfsi)) {
- if (n >= 0) {
- log_warning("Truncated read from signal fd (%zu bytes)!", n);
- return 0;
- }
-
- if (IN_SET(errno, EINTR, EAGAIN))
- break;
-
- /* We return an error here, which will kill this handler,
- * to avoid a busy loop on read error. */
- return log_error_errno(errno, "Reading from signal fd failed: %m");
- }
-
- log_received_signal(sfsi.ssi_signo == SIGCHLD ||
- (sfsi.ssi_signo == SIGTERM && MANAGER_IS_USER(m))
- ? LOG_DEBUG : LOG_INFO,
- &sfsi);
-
- switch (sfsi.ssi_signo) {
-
- case SIGCHLD:
- sigchld = true;
- break;
-
- case SIGTERM:
- if (MANAGER_IS_SYSTEM(m)) {
- /* This is for compatibility with the
- * original sysvinit */
- m->exit_code = MANAGER_REEXECUTE;
- break;
- }
-
- /* Fall through */
-
- case SIGINT:
- if (MANAGER_IS_SYSTEM(m)) {
- manager_handle_ctrl_alt_del(m);
- break;
- }
-
- /* Run the exit target if there is one, if not, just exit. */
- if (manager_start_target(m, SPECIAL_EXIT_TARGET, JOB_REPLACE) < 0) {
- m->exit_code = MANAGER_EXIT;
- return 0;
- }
-
- break;
-
- case SIGWINCH:
- if (MANAGER_IS_SYSTEM(m))
- manager_start_target(m, SPECIAL_KBREQUEST_TARGET, JOB_REPLACE);
-
- /* This is a nop on non-init */
- break;
-
- case SIGPWR:
- if (MANAGER_IS_SYSTEM(m))
- manager_start_target(m, SPECIAL_SIGPWR_TARGET, JOB_REPLACE);
-
- /* This is a nop on non-init */
- break;
-
- case SIGUSR1: {
- Unit *u;
-
- u = manager_get_unit(m, SPECIAL_DBUS_SERVICE);
-
- if (!u || UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u))) {
- log_info("Trying to reconnect to bus...");
- bus_init(m, true);
- }
-
- if (!u || !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u))) {
- log_info("Loading D-Bus service...");
- manager_start_target(m, SPECIAL_DBUS_SERVICE, JOB_REPLACE);
- }
-
- break;
- }
-
- case SIGUSR2: {
- _cleanup_free_ char *dump = NULL;
- _cleanup_fclose_ FILE *f = NULL;
- size_t size;
-
- f = open_memstream(&dump, &size);
- if (!f) {
- log_warning_errno(errno, "Failed to allocate memory stream: %m");
- break;
- }
-
- manager_dump_units(m, f, "\t");
- manager_dump_jobs(m, f, "\t");
-
- r = fflush_and_check(f);
- if (r < 0) {
- log_warning_errno(r, "Failed to write status stream: %m");
- break;
- }
-
- log_dump(LOG_INFO, dump);
- break;
- }
-
- case SIGHUP:
- m->exit_code = MANAGER_RELOAD;
- break;
-
- default: {
-
- /* Starting SIGRTMIN+0 */
- static const char * const target_table[] = {
- [0] = SPECIAL_DEFAULT_TARGET,
- [1] = SPECIAL_RESCUE_TARGET,
- [2] = SPECIAL_EMERGENCY_TARGET,
- [3] = SPECIAL_HALT_TARGET,
- [4] = SPECIAL_POWEROFF_TARGET,
- [5] = SPECIAL_REBOOT_TARGET,
- [6] = SPECIAL_KEXEC_TARGET
- };
-
- /* Starting SIGRTMIN+13, so that target halt and system halt are 10 apart */
- static const ManagerExitCode code_table[] = {
- [0] = MANAGER_HALT,
- [1] = MANAGER_POWEROFF,
- [2] = MANAGER_REBOOT,
- [3] = MANAGER_KEXEC
- };
-
- if ((int) sfsi.ssi_signo >= SIGRTMIN+0 &&
- (int) sfsi.ssi_signo < SIGRTMIN+(int) ELEMENTSOF(target_table)) {
- int idx = (int) sfsi.ssi_signo - SIGRTMIN;
- manager_start_target(m, target_table[idx],
- (idx == 1 || idx == 2) ? JOB_ISOLATE : JOB_REPLACE);
- break;
- }
-
- if ((int) sfsi.ssi_signo >= SIGRTMIN+13 &&
- (int) sfsi.ssi_signo < SIGRTMIN+13+(int) ELEMENTSOF(code_table)) {
- m->exit_code = code_table[sfsi.ssi_signo - SIGRTMIN - 13];
- break;
- }
-
- switch (sfsi.ssi_signo - SIGRTMIN) {
-
- case 20:
- manager_set_show_status(m, SHOW_STATUS_YES);
- break;
-
- case 21:
- manager_set_show_status(m, SHOW_STATUS_NO);
- break;
-
- case 22:
- log_set_max_level(LOG_DEBUG);
- log_info("Setting log level to debug.");
- break;
-
- case 23:
- log_set_max_level(LOG_INFO);
- log_info("Setting log level to info.");
- break;
-
- case 24:
- if (MANAGER_IS_USER(m)) {
- m->exit_code = MANAGER_EXIT;
- return 0;
- }
-
- /* This is a nop on init */
- break;
-
- case 26:
- case 29: /* compatibility: used to be mapped to LOG_TARGET_SYSLOG_OR_KMSG */
- log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
- log_notice("Setting log target to journal-or-kmsg.");
- break;
-
- case 27:
- log_set_target(LOG_TARGET_CONSOLE);
- log_notice("Setting log target to console.");
- break;
-
- case 28:
- log_set_target(LOG_TARGET_KMSG);
- log_notice("Setting log target to kmsg.");
- break;
-
- default:
- log_warning("Got unhandled signal <%s>.", signal_to_string(sfsi.ssi_signo));
- }
- }
- }
- }
-
- if (sigchld)
- manager_dispatch_sigchld(m);
-
- return 0;
-}
-
-static int manager_dispatch_time_change_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
- Iterator i;
- Unit *u;
-
- assert(m);
- assert(m->time_change_fd == fd);
-
- log_struct(LOG_INFO,
- LOG_MESSAGE_ID(SD_MESSAGE_TIME_CHANGE),
- LOG_MESSAGE("Time has been changed"),
- NULL);
-
- /* Restart the watch */
- m->time_change_event_source = sd_event_source_unref(m->time_change_event_source);
- m->time_change_fd = safe_close(m->time_change_fd);
-
- manager_setup_time_change(m);
-
- HASHMAP_FOREACH(u, m->units, i)
- if (UNIT_VTABLE(u)->time_change)
- UNIT_VTABLE(u)->time_change(u);
-
- return 0;
-}
-
-static int manager_dispatch_idle_pipe_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
-
- assert(m);
- assert(m->idle_pipe[2] == fd);
-
- m->no_console_output = m->n_on_console > 0;
-
- manager_close_idle_pipe(m);
-
- return 0;
-}
-
-static int manager_dispatch_jobs_in_progress(sd_event_source *source, usec_t usec, void *userdata) {
- Manager *m = userdata;
- int r;
- uint64_t next;
-
- assert(m);
- assert(source);
-
- manager_print_jobs_in_progress(m);
-
- next = now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_PERIOD_USEC;
- r = sd_event_source_set_time(source, next);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(source, SD_EVENT_ONESHOT);
-}
-
-int manager_loop(Manager *m) {
- int r;
-
- RATELIMIT_DEFINE(rl, 1*USEC_PER_SEC, 50000);
-
- assert(m);
- m->exit_code = MANAGER_OK;
-
- /* Release the path cache */
- m->unit_path_cache = set_free_free(m->unit_path_cache);
-
- manager_check_finished(m);
-
- /* There might still be some zombies hanging around from
- * before we were exec()'ed. Let's reap them. */
- r = manager_dispatch_sigchld(m);
- if (r < 0)
- return r;
-
- while (m->exit_code == MANAGER_OK) {
- usec_t wait_usec;
-
- if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m))
- watchdog_ping();
-
- if (!ratelimit_test(&rl)) {
- /* Yay, something is going seriously wrong, pause a little */
- log_warning("Looping too fast. Throttling execution a little.");
- sleep(1);
- }
-
- if (manager_dispatch_load_queue(m) > 0)
- continue;
-
- if (manager_dispatch_gc_queue(m) > 0)
- continue;
-
- if (manager_dispatch_cleanup_queue(m) > 0)
- continue;
-
- if (manager_dispatch_cgroup_queue(m) > 0)
- continue;
-
- if (manager_dispatch_dbus_queue(m) > 0)
- continue;
-
- /* Sleep for half the watchdog time */
- if (m->runtime_watchdog > 0 && m->runtime_watchdog != USEC_INFINITY && MANAGER_IS_SYSTEM(m)) {
- wait_usec = m->runtime_watchdog / 2;
- if (wait_usec <= 0)
- wait_usec = 1;
- } else
- wait_usec = USEC_INFINITY;
-
- r = sd_event_run(m->event, wait_usec);
- if (r < 0)
- return log_error_errno(r, "Failed to run event loop: %m");
- }
-
- return m->exit_code;
-}
-
-int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u) {
- _cleanup_free_ char *n = NULL;
- sd_id128_t invocation_id;
- Unit *u;
- int r;
-
- assert(m);
- assert(s);
- assert(_u);
-
- r = unit_name_from_dbus_path(s, &n);
- if (r < 0)
- return r;
-
- /* Permit addressing units by invocation ID: if the passed bus path is suffixed by a 128bit ID then we use it
- * as invocation ID. */
- r = sd_id128_from_string(n, &invocation_id);
- if (r >= 0) {
- u = hashmap_get(m->units_by_invocation_id, &invocation_id);
- if (u) {
- *_u = u;
- return 0;
- }
-
- return sd_bus_error_setf(e, BUS_ERROR_NO_UNIT_FOR_INVOCATION_ID, "No unit with the specified invocation ID " SD_ID128_FORMAT_STR " known.", SD_ID128_FORMAT_VAL(invocation_id));
- }
-
- /* If this didn't work, we use the suffix as unit name. */
- r = manager_load_unit(m, n, NULL, e, &u);
- if (r < 0)
- return r;
-
- *_u = u;
- return 0;
-}
-
-int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j) {
- const char *p;
- unsigned id;
- Job *j;
- int r;
-
- assert(m);
- assert(s);
- assert(_j);
-
- p = startswith(s, "/org/freedesktop/systemd1/job/");
- if (!p)
- return -EINVAL;
-
- r = safe_atou(p, &id);
- if (r < 0)
- return r;
-
- j = manager_get_job(m, id);
- if (!j)
- return -ENOENT;
-
- *_j = j;
-
- return 0;
-}
-
-void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success) {
-
-#ifdef HAVE_AUDIT
- _cleanup_free_ char *p = NULL;
- const char *msg;
- int audit_fd, r;
-
- if (!MANAGER_IS_SYSTEM(m))
- return;
-
- audit_fd = get_audit_fd();
- if (audit_fd < 0)
- return;
-
- /* Don't generate audit events if the service was already
- * started and we're just deserializing */
- if (MANAGER_IS_RELOADING(m))
- return;
-
- if (u->type != UNIT_SERVICE)
- return;
-
- r = unit_name_to_prefix_and_instance(u->id, &p);
- if (r < 0) {
- log_error_errno(r, "Failed to extract prefix and instance of unit name: %m");
- return;
- }
-
- msg = strjoina("unit=", p);
- if (audit_log_user_comm_message(audit_fd, type, msg, "systemd", NULL, NULL, NULL, success) < 0) {
- if (errno == EPERM)
- /* We aren't allowed to send audit messages?
- * Then let's not retry again. */
- close_audit_fd();
- else
- log_warning_errno(errno, "Failed to send audit message: %m");
- }
-#endif
-
-}
-
-void manager_send_unit_plymouth(Manager *m, Unit *u) {
- static const union sockaddr_union sa = PLYMOUTH_SOCKET;
- _cleanup_free_ char *message = NULL;
- _cleanup_close_ int fd = -1;
- int n = 0;
-
- /* Don't generate plymouth events if the service was already
- * started and we're just deserializing */
- if (MANAGER_IS_RELOADING(m))
- return;
-
- if (!MANAGER_IS_SYSTEM(m))
- return;
-
- if (detect_container() > 0)
- return;
-
- if (u->type != UNIT_SERVICE &&
- u->type != UNIT_MOUNT &&
- u->type != UNIT_SWAP)
- return;
-
- /* We set SOCK_NONBLOCK here so that we rather drop the
- * message then wait for plymouth */
- fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
- if (fd < 0) {
- log_error_errno(errno, "socket() failed: %m");
- return;
- }
-
- if (connect(fd, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0) {
-
- if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
- log_error_errno(errno, "connect() failed: %m");
- return;
- }
-
- if (asprintf(&message, "U\002%c%s%n", (int) (strlen(u->id) + 1), u->id, &n) < 0) {
- log_oom();
- return;
- }
-
- errno = 0;
- if (write(fd, message, n + 1) != n + 1)
- if (!IN_SET(errno, EPIPE, EAGAIN, ENOENT, ECONNREFUSED, ECONNRESET, ECONNABORTED))
- log_error_errno(errno, "Failed to write Plymouth message: %m");
-}
-
-int manager_open_serialization(Manager *m, FILE **_f) {
- const char *path;
- int fd = -1;
- FILE *f;
-
- assert(_f);
-
- path = MANAGER_IS_SYSTEM(m) ? "/run/systemd" : "/tmp";
- fd = open_tmpfile_unlinkable(path, O_RDWR|O_CLOEXEC);
- if (fd < 0)
- return -errno;
-
- log_debug("Serializing state to %s", path);
-
- f = fdopen(fd, "w+");
- if (!f) {
- safe_close(fd);
- return -errno;
- }
-
- *_f = f;
-
- return 0;
-}
-
-int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root) {
- Iterator i;
- Unit *u;
- const char *t;
- char **e;
- int r;
-
- assert(m);
- assert(f);
- assert(fds);
-
- m->n_reloading++;
-
- fprintf(f, "current-job-id=%"PRIu32"\n", m->current_job_id);
- fprintf(f, "taint-usr=%s\n", yes_no(m->taint_usr));
- fprintf(f, "n-installed-jobs=%u\n", m->n_installed_jobs);
- fprintf(f, "n-failed-jobs=%u\n", m->n_failed_jobs);
-
- dual_timestamp_serialize(f, "firmware-timestamp", &m->firmware_timestamp);
- dual_timestamp_serialize(f, "loader-timestamp", &m->loader_timestamp);
- dual_timestamp_serialize(f, "kernel-timestamp", &m->kernel_timestamp);
- dual_timestamp_serialize(f, "initrd-timestamp", &m->initrd_timestamp);
-
- if (!in_initrd()) {
- dual_timestamp_serialize(f, "userspace-timestamp", &m->userspace_timestamp);
- dual_timestamp_serialize(f, "finish-timestamp", &m->finish_timestamp);
- dual_timestamp_serialize(f, "security-start-timestamp", &m->security_start_timestamp);
- dual_timestamp_serialize(f, "security-finish-timestamp", &m->security_finish_timestamp);
- dual_timestamp_serialize(f, "generators-start-timestamp", &m->generators_start_timestamp);
- dual_timestamp_serialize(f, "generators-finish-timestamp", &m->generators_finish_timestamp);
- dual_timestamp_serialize(f, "units-load-start-timestamp", &m->units_load_start_timestamp);
- dual_timestamp_serialize(f, "units-load-finish-timestamp", &m->units_load_finish_timestamp);
- }
-
- if (!switching_root) {
- STRV_FOREACH(e, m->environment) {
- _cleanup_free_ char *ce;
-
- ce = cescape(*e);
- if (!ce)
- return -ENOMEM;
-
- fprintf(f, "env=%s\n", *e);
- }
- }
-
- if (m->notify_fd >= 0) {
- int copy;
-
- copy = fdset_put_dup(fds, m->notify_fd);
- if (copy < 0)
- return copy;
-
- fprintf(f, "notify-fd=%i\n", copy);
- fprintf(f, "notify-socket=%s\n", m->notify_socket);
- }
-
- if (m->cgroups_agent_fd >= 0) {
- int copy;
-
- copy = fdset_put_dup(fds, m->cgroups_agent_fd);
- if (copy < 0)
- return copy;
-
- fprintf(f, "cgroups-agent-fd=%i\n", copy);
- }
-
- if (m->user_lookup_fds[0] >= 0) {
- int copy0, copy1;
-
- copy0 = fdset_put_dup(fds, m->user_lookup_fds[0]);
- if (copy0 < 0)
- return copy0;
-
- copy1 = fdset_put_dup(fds, m->user_lookup_fds[1]);
- if (copy1 < 0)
- return copy1;
-
- fprintf(f, "user-lookup=%i %i\n", copy0, copy1);
- }
-
- bus_track_serialize(m->subscribed, f, "subscribed");
-
- r = dynamic_user_serialize(m, f, fds);
- if (r < 0)
- return r;
-
- manager_serialize_uid_refs(m, f);
- manager_serialize_gid_refs(m, f);
-
- fputc('\n', f);
-
- HASHMAP_FOREACH_KEY(u, t, m->units, i) {
- if (u->id != t)
- continue;
-
- /* Start marker */
- fputs(u->id, f);
- fputc('\n', f);
-
- r = unit_serialize(u, f, fds, !switching_root);
- if (r < 0) {
- m->n_reloading--;
- return r;
- }
- }
-
- assert(m->n_reloading > 0);
- m->n_reloading--;
-
- if (ferror(f))
- return -EIO;
-
- r = bus_fdset_add_all(m, fds);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
- int r = 0;
-
- assert(m);
- assert(f);
-
- log_debug("Deserializing state...");
-
- m->n_reloading++;
-
- for (;;) {
- char line[LINE_MAX], *l;
-
- if (!fgets(line, sizeof(line), f)) {
- if (feof(f))
- r = 0;
- else
- r = -errno;
-
- goto finish;
- }
-
- char_array_0(line);
- l = strstrip(line);
-
- if (l[0] == 0)
- break;
-
- if (startswith(l, "current-job-id=")) {
- uint32_t id;
-
- if (safe_atou32(l+15, &id) < 0)
- log_debug("Failed to parse current job id value %s", l+15);
- else
- m->current_job_id = MAX(m->current_job_id, id);
-
- } else if (startswith(l, "n-installed-jobs=")) {
- uint32_t n;
-
- if (safe_atou32(l+17, &n) < 0)
- log_debug("Failed to parse installed jobs counter %s", l+17);
- else
- m->n_installed_jobs += n;
-
- } else if (startswith(l, "n-failed-jobs=")) {
- uint32_t n;
-
- if (safe_atou32(l+14, &n) < 0)
- log_debug("Failed to parse failed jobs counter %s", l+14);
- else
- m->n_failed_jobs += n;
-
- } else if (startswith(l, "taint-usr=")) {
- int b;
-
- b = parse_boolean(l+10);
- if (b < 0)
- log_debug("Failed to parse taint /usr flag %s", l+10);
- else
- m->taint_usr = m->taint_usr || b;
-
- } else if (startswith(l, "firmware-timestamp="))
- dual_timestamp_deserialize(l+19, &m->firmware_timestamp);
- else if (startswith(l, "loader-timestamp="))
- dual_timestamp_deserialize(l+17, &m->loader_timestamp);
- else if (startswith(l, "kernel-timestamp="))
- dual_timestamp_deserialize(l+17, &m->kernel_timestamp);
- else if (startswith(l, "initrd-timestamp="))
- dual_timestamp_deserialize(l+17, &m->initrd_timestamp);
- else if (startswith(l, "userspace-timestamp="))
- dual_timestamp_deserialize(l+20, &m->userspace_timestamp);
- else if (startswith(l, "finish-timestamp="))
- dual_timestamp_deserialize(l+17, &m->finish_timestamp);
- else if (startswith(l, "security-start-timestamp="))
- dual_timestamp_deserialize(l+25, &m->security_start_timestamp);
- else if (startswith(l, "security-finish-timestamp="))
- dual_timestamp_deserialize(l+26, &m->security_finish_timestamp);
- else if (startswith(l, "generators-start-timestamp="))
- dual_timestamp_deserialize(l+27, &m->generators_start_timestamp);
- else if (startswith(l, "generators-finish-timestamp="))
- dual_timestamp_deserialize(l+28, &m->generators_finish_timestamp);
- else if (startswith(l, "units-load-start-timestamp="))
- dual_timestamp_deserialize(l+27, &m->units_load_start_timestamp);
- else if (startswith(l, "units-load-finish-timestamp="))
- dual_timestamp_deserialize(l+28, &m->units_load_finish_timestamp);
- else if (startswith(l, "env=")) {
- _cleanup_free_ char *uce = NULL;
- char **e;
-
- r = cunescape(l + 4, UNESCAPE_RELAX, &uce);
- if (r < 0)
- goto finish;
-
- e = strv_env_set(m->environment, uce);
- if (!e) {
- r = -ENOMEM;
- goto finish;
- }
-
- strv_free(m->environment);
- m->environment = e;
-
- } else if (startswith(l, "notify-fd=")) {
- int fd;
-
- if (safe_atoi(l + 10, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_debug("Failed to parse notify fd: %s", l + 10);
- else {
- m->notify_event_source = sd_event_source_unref(m->notify_event_source);
- safe_close(m->notify_fd);
- m->notify_fd = fdset_remove(fds, fd);
- }
-
- } else if (startswith(l, "notify-socket=")) {
- char *n;
-
- n = strdup(l+14);
- if (!n) {
- r = -ENOMEM;
- goto finish;
- }
-
- free(m->notify_socket);
- m->notify_socket = n;
-
- } else if (startswith(l, "cgroups-agent-fd=")) {
- int fd;
-
- if (safe_atoi(l + 17, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_debug("Failed to parse cgroups agent fd: %s", l + 10);
- else {
- m->cgroups_agent_event_source = sd_event_source_unref(m->cgroups_agent_event_source);
- safe_close(m->cgroups_agent_fd);
- m->cgroups_agent_fd = fdset_remove(fds, fd);
- }
-
- } else if (startswith(l, "user-lookup=")) {
- int fd0, fd1;
-
- if (sscanf(l + 12, "%i %i", &fd0, &fd1) != 2 || fd0 < 0 || fd1 < 0 || fd0 == fd1 || !fdset_contains(fds, fd0) || !fdset_contains(fds, fd1))
- log_debug("Failed to parse user lookup fd: %s", l + 12);
- else {
- m->user_lookup_event_source = sd_event_source_unref(m->user_lookup_event_source);
- safe_close_pair(m->user_lookup_fds);
- m->user_lookup_fds[0] = fdset_remove(fds, fd0);
- m->user_lookup_fds[1] = fdset_remove(fds, fd1);
- }
-
- } else if (startswith(l, "dynamic-user="))
- dynamic_user_deserialize_one(m, l + 13, fds);
- else if (startswith(l, "destroy-ipc-uid="))
- manager_deserialize_uid_refs_one(m, l + 16);
- else if (startswith(l, "destroy-ipc-gid="))
- manager_deserialize_gid_refs_one(m, l + 16);
- else if (startswith(l, "subscribed=")) {
-
- if (strv_extend(&m->deserialized_subscribed, l+11) < 0)
- log_oom();
-
- } else if (!startswith(l, "kdbus-fd=")) /* ignore this one */
- log_debug("Unknown serialization item '%s'", l);
- }
-
- for (;;) {
- Unit *u;
- char name[UNIT_NAME_MAX+2];
-
- /* Start marker */
- if (!fgets(name, sizeof(name), f)) {
- if (feof(f))
- r = 0;
- else
- r = -errno;
-
- goto finish;
- }
-
- char_array_0(name);
-
- r = manager_load_unit(m, strstrip(name), NULL, NULL, &u);
- if (r < 0)
- goto finish;
-
- r = unit_deserialize(u, f, fds);
- if (r < 0)
- goto finish;
- }
-
-finish:
- if (ferror(f))
- r = -EIO;
-
- assert(m->n_reloading > 0);
- m->n_reloading--;
-
- return r;
-}
-
-int manager_reload(Manager *m) {
- int r, q;
- _cleanup_fclose_ FILE *f = NULL;
- _cleanup_fdset_free_ FDSet *fds = NULL;
-
- assert(m);
-
- r = manager_open_serialization(m, &f);
- if (r < 0)
- return r;
-
- m->n_reloading++;
- bus_manager_send_reloading(m, true);
-
- fds = fdset_new();
- if (!fds) {
- m->n_reloading--;
- return -ENOMEM;
- }
-
- r = manager_serialize(m, f, fds, false);
- if (r < 0) {
- m->n_reloading--;
- return r;
- }
-
- if (fseeko(f, 0, SEEK_SET) < 0) {
- m->n_reloading--;
- return -errno;
- }
-
- /* From here on there is no way back. */
- manager_clear_jobs_and_units(m);
- lookup_paths_flush_generator(&m->lookup_paths);
- lookup_paths_free(&m->lookup_paths);
- dynamic_user_vacuum(m, false);
- m->uid_refs = hashmap_free(m->uid_refs);
- m->gid_refs = hashmap_free(m->gid_refs);
-
- q = lookup_paths_init(&m->lookup_paths, m->unit_file_scope, 0, NULL);
- if (q < 0 && r >= 0)
- r = q;
-
- /* Find new unit paths */
- q = manager_run_generators(m);
- if (q < 0 && r >= 0)
- r = q;
-
- lookup_paths_reduce(&m->lookup_paths);
- manager_build_unit_path_cache(m);
-
- /* First, enumerate what we can from all config files */
- manager_enumerate(m);
-
- /* Second, deserialize our stored data */
- q = manager_deserialize(m, f, fds);
- if (q < 0 && r >= 0)
- r = q;
-
- fclose(f);
- f = NULL;
-
- /* Re-register notify_fd as event source */
- q = manager_setup_notify(m);
- if (q < 0 && r >= 0)
- r = q;
-
- q = manager_setup_cgroups_agent(m);
- if (q < 0 && r >= 0)
- r = q;
-
- q = manager_setup_user_lookup_fd(m);
- if (q < 0 && r >= 0)
- r = q;
-
- /* Third, fire things up! */
- manager_coldplug(m);
-
- /* Release any dynamic users no longer referenced */
- dynamic_user_vacuum(m, true);
-
- /* Release any references to UIDs/GIDs no longer referenced, and destroy any IPC owned by them */
- manager_vacuum_uid_refs(m);
- manager_vacuum_gid_refs(m);
-
- /* Sync current state of bus names with our set of listening units */
- if (m->api_bus)
- manager_sync_bus_names(m, m->api_bus);
-
- assert(m->n_reloading > 0);
- m->n_reloading--;
-
- m->send_reloading_done = true;
-
- return r;
-}
-
-void manager_reset_failed(Manager *m) {
- Unit *u;
- Iterator i;
-
- assert(m);
-
- HASHMAP_FOREACH(u, m->units, i)
- unit_reset_failed(u);
-}
-
-bool manager_unit_inactive_or_pending(Manager *m, const char *name) {
- Unit *u;
-
- assert(m);
- assert(name);
-
- /* Returns true if the unit is inactive or going down */
- u = manager_get_unit(m, name);
- if (!u)
- return true;
-
- return unit_inactive_or_pending(u);
-}
-
-static void manager_notify_finished(Manager *m) {
- char userspace[FORMAT_TIMESPAN_MAX], initrd[FORMAT_TIMESPAN_MAX], kernel[FORMAT_TIMESPAN_MAX], sum[FORMAT_TIMESPAN_MAX];
- usec_t firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec;
-
- if (m->test_run)
- return;
-
- if (MANAGER_IS_SYSTEM(m) && detect_container() <= 0) {
-
- /* Note that m->kernel_usec.monotonic is always at 0,
- * and m->firmware_usec.monotonic and
- * m->loader_usec.monotonic should be considered
- * negative values. */
-
- firmware_usec = m->firmware_timestamp.monotonic - m->loader_timestamp.monotonic;
- loader_usec = m->loader_timestamp.monotonic - m->kernel_timestamp.monotonic;
- userspace_usec = m->finish_timestamp.monotonic - m->userspace_timestamp.monotonic;
- total_usec = m->firmware_timestamp.monotonic + m->finish_timestamp.monotonic;
-
- if (dual_timestamp_is_set(&m->initrd_timestamp)) {
-
- kernel_usec = m->initrd_timestamp.monotonic - m->kernel_timestamp.monotonic;
- initrd_usec = m->userspace_timestamp.monotonic - m->initrd_timestamp.monotonic;
-
- log_struct(LOG_INFO,
- LOG_MESSAGE_ID(SD_MESSAGE_STARTUP_FINISHED),
- "KERNEL_USEC="USEC_FMT, kernel_usec,
- "INITRD_USEC="USEC_FMT, initrd_usec,
- "USERSPACE_USEC="USEC_FMT, userspace_usec,
- LOG_MESSAGE("Startup finished in %s (kernel) + %s (initrd) + %s (userspace) = %s.",
- format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
- format_timespan(initrd, sizeof(initrd), initrd_usec, USEC_PER_MSEC),
- format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
- format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
- NULL);
- } else {
- kernel_usec = m->userspace_timestamp.monotonic - m->kernel_timestamp.monotonic;
- initrd_usec = 0;
-
- log_struct(LOG_INFO,
- LOG_MESSAGE_ID(SD_MESSAGE_STARTUP_FINISHED),
- "KERNEL_USEC="USEC_FMT, kernel_usec,
- "USERSPACE_USEC="USEC_FMT, userspace_usec,
- LOG_MESSAGE("Startup finished in %s (kernel) + %s (userspace) = %s.",
- format_timespan(kernel, sizeof(kernel), kernel_usec, USEC_PER_MSEC),
- format_timespan(userspace, sizeof(userspace), userspace_usec, USEC_PER_MSEC),
- format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
- NULL);
- }
- } else {
- firmware_usec = loader_usec = initrd_usec = kernel_usec = 0;
- total_usec = userspace_usec = m->finish_timestamp.monotonic - m->userspace_timestamp.monotonic;
-
- log_struct(LOG_INFO,
- LOG_MESSAGE_ID(SD_MESSAGE_STARTUP_FINISHED),
- "USERSPACE_USEC="USEC_FMT, userspace_usec,
- LOG_MESSAGE("Startup finished in %s.",
- format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)),
- NULL);
- }
-
- bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec);
-
- sd_notifyf(false,
- "READY=1\n"
- "STATUS=Startup finished in %s.",
- format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC));
-}
-
-void manager_check_finished(Manager *m) {
- assert(m);
-
- if (MANAGER_IS_RELOADING(m))
- return;
-
- /* Verify that we are actually running currently. Initially
- * the exit code is set to invalid, and during operation it is
- * then set to MANAGER_OK */
- if (m->exit_code != MANAGER_OK)
- return;
-
- if (hashmap_size(m->jobs) > 0) {
- if (m->jobs_in_progress_event_source)
- /* Ignore any failure, this is only for feedback */
- (void) sd_event_source_set_time(m->jobs_in_progress_event_source, now(CLOCK_MONOTONIC) + JOBS_IN_PROGRESS_WAIT_USEC);
-
- return;
- }
-
- manager_flip_auto_status(m, false);
-
- /* Notify Type=idle units that we are done now */
- manager_close_idle_pipe(m);
-
- /* Turn off confirm spawn now */
- m->confirm_spawn = false;
-
- /* No need to update ask password status when we're going non-interactive */
- manager_close_ask_password(m);
-
- /* This is no longer the first boot */
- manager_set_first_boot(m, false);
-
- if (dual_timestamp_is_set(&m->finish_timestamp))
- return;
-
- dual_timestamp_get(&m->finish_timestamp);
-
- manager_notify_finished(m);
-
- manager_invalidate_startup_units(m);
-}
-
-static int manager_run_generators(Manager *m) {
- _cleanup_strv_free_ char **paths = NULL;
- const char *argv[5];
- char **path;
- int r;
-
- assert(m);
-
- if (m->test_run)
- return 0;
-
- paths = generator_binary_paths(m->unit_file_scope);
- if (!paths)
- return log_oom();
-
- /* Optimize by skipping the whole process by not creating output directories
- * if no generators are found. */
- STRV_FOREACH(path, paths) {
- if (access(*path, F_OK) >= 0)
- goto found;
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open generator directory %s: %m", *path);
- }
-
- return 0;
-
- found:
- r = lookup_paths_mkdir_generator(&m->lookup_paths);
- if (r < 0)
- goto finish;
-
- argv[0] = NULL; /* Leave this empty, execute_directory() will fill something in */
- argv[1] = m->lookup_paths.generator;
- argv[2] = m->lookup_paths.generator_early;
- argv[3] = m->lookup_paths.generator_late;
- argv[4] = NULL;
-
- RUN_WITH_UMASK(0022)
- execute_directories((const char* const*) paths, DEFAULT_TIMEOUT_USEC, (char**) argv);
-
-finish:
- lookup_paths_trim_generator(&m->lookup_paths);
- return r;
-}
-
-int manager_environment_add(Manager *m, char **minus, char **plus) {
- char **a = NULL, **b = NULL, **l;
- assert(m);
-
- l = m->environment;
-
- if (!strv_isempty(minus)) {
- a = strv_env_delete(l, 1, minus);
- if (!a)
- return -ENOMEM;
-
- l = a;
- }
-
- if (!strv_isempty(plus)) {
- b = strv_env_merge(2, l, plus);
- if (!b) {
- strv_free(a);
- return -ENOMEM;
- }
-
- l = b;
- }
-
- if (m->environment != l)
- strv_free(m->environment);
- if (a != l)
- strv_free(a);
- if (b != l)
- strv_free(b);
-
- m->environment = l;
- manager_clean_environment(m);
- strv_sort(m->environment);
-
- return 0;
-}
-
-int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit) {
- int i;
-
- assert(m);
-
- for (i = 0; i < _RLIMIT_MAX; i++) {
- m->rlimit[i] = mfree(m->rlimit[i]);
-
- if (!default_rlimit[i])
- continue;
-
- m->rlimit[i] = newdup(struct rlimit, default_rlimit[i], 1);
- if (!m->rlimit[i])
- return log_oom();
- }
-
- return 0;
-}
-
-void manager_recheck_journal(Manager *m) {
- Unit *u;
-
- assert(m);
-
- if (!MANAGER_IS_SYSTEM(m))
- return;
-
- u = manager_get_unit(m, SPECIAL_JOURNALD_SOCKET);
- if (u && SOCKET(u)->state != SOCKET_RUNNING) {
- log_close_journal();
- return;
- }
-
- u = manager_get_unit(m, SPECIAL_JOURNALD_SERVICE);
- if (u && SERVICE(u)->state != SERVICE_RUNNING) {
- log_close_journal();
- return;
- }
-
- /* Hmm, OK, so the socket is fully up and the service is up
- * too, then let's make use of the thing. */
- log_open();
-}
-
-void manager_set_show_status(Manager *m, ShowStatus mode) {
- assert(m);
- assert(IN_SET(mode, SHOW_STATUS_AUTO, SHOW_STATUS_NO, SHOW_STATUS_YES, SHOW_STATUS_TEMPORARY));
-
- if (!MANAGER_IS_SYSTEM(m))
- return;
-
- if (m->show_status != mode)
- log_debug("%s showing of status.",
- mode == SHOW_STATUS_NO ? "Disabling" : "Enabling");
- m->show_status = mode;
-
- if (mode > 0)
- (void) touch("/run/systemd/show-status");
- else
- (void) unlink("/run/systemd/show-status");
-}
-
-static bool manager_get_show_status(Manager *m, StatusType type) {
- assert(m);
-
- if (!MANAGER_IS_SYSTEM(m))
- return false;
-
- if (m->no_console_output)
- return false;
-
- if (!IN_SET(manager_state(m), MANAGER_INITIALIZING, MANAGER_STARTING, MANAGER_STOPPING))
- return false;
-
- /* If we cannot find out the status properly, just proceed. */
- if (type != STATUS_TYPE_EMERGENCY && manager_check_ask_password(m) > 0)
- return false;
-
- if (m->show_status > 0)
- return true;
-
- return false;
-}
-
-void manager_set_first_boot(Manager *m, bool b) {
- assert(m);
-
- if (!MANAGER_IS_SYSTEM(m))
- return;
-
- if (m->first_boot != (int) b) {
- if (b)
- (void) touch("/run/systemd/first-boot");
- else
- (void) unlink("/run/systemd/first-boot");
- }
-
- m->first_boot = b;
-}
-
-void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) {
- va_list ap;
-
- /* If m is NULL, assume we're after shutdown and let the messages through. */
-
- if (m && !manager_get_show_status(m, type))
- return;
-
- /* XXX We should totally drop the check for ephemeral here
- * and thus effectively make 'Type=idle' pointless. */
- if (type == STATUS_TYPE_EPHEMERAL && m && m->n_on_console > 0)
- return;
-
- va_start(ap, format);
- status_vprintf(status, true, type == STATUS_TYPE_EPHEMERAL, format, ap);
- va_end(ap);
-}
-
-Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path) {
- char p[strlen(path)+1];
-
- assert(m);
- assert(path);
-
- strcpy(p, path);
- path_kill_slashes(p);
-
- return hashmap_get(m->units_requiring_mounts_for, streq(p, "/") ? "" : p);
-}
-
-const char *manager_get_runtime_prefix(Manager *m) {
- assert(m);
-
- return MANAGER_IS_SYSTEM(m) ?
- "/run" :
- getenv("XDG_RUNTIME_DIR");
-}
-
-int manager_update_failed_units(Manager *m, Unit *u, bool failed) {
- unsigned size;
- int r;
-
- assert(m);
- assert(u->manager == m);
-
- size = set_size(m->failed_units);
-
- if (failed) {
- r = set_ensure_allocated(&m->failed_units, NULL);
- if (r < 0)
- return log_oom();
-
- if (set_put(m->failed_units, u) < 0)
- return log_oom();
- } else
- (void) set_remove(m->failed_units, u);
-
- if (set_size(m->failed_units) != size)
- bus_manager_send_change_signal(m);
-
- return 0;
-}
-
-ManagerState manager_state(Manager *m) {
- Unit *u;
-
- assert(m);
-
- /* Did we ever finish booting? If not then we are still starting up */
- if (!dual_timestamp_is_set(&m->finish_timestamp)) {
-
- u = manager_get_unit(m, SPECIAL_BASIC_TARGET);
- if (!u || !UNIT_IS_ACTIVE_OR_RELOADING(unit_active_state(u)))
- return MANAGER_INITIALIZING;
-
- return MANAGER_STARTING;
- }
-
- /* Is the special shutdown target queued? If so, we are in shutdown state */
- u = manager_get_unit(m, SPECIAL_SHUTDOWN_TARGET);
- if (u && u->job && IN_SET(u->job->type, JOB_START, JOB_RESTART, JOB_RELOAD_OR_START))
- return MANAGER_STOPPING;
-
- /* Are the rescue or emergency targets active or queued? If so we are in maintenance state */
- u = manager_get_unit(m, SPECIAL_RESCUE_TARGET);
- if (u && (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)) ||
- (u->job && IN_SET(u->job->type, JOB_START, JOB_RESTART, JOB_RELOAD_OR_START))))
- return MANAGER_MAINTENANCE;
-
- u = manager_get_unit(m, SPECIAL_EMERGENCY_TARGET);
- if (u && (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)) ||
- (u->job && IN_SET(u->job->type, JOB_START, JOB_RESTART, JOB_RELOAD_OR_START))))
- return MANAGER_MAINTENANCE;
-
- /* Are there any failed units? If so, we are in degraded mode */
- if (set_size(m->failed_units) > 0)
- return MANAGER_DEGRADED;
-
- return MANAGER_RUNNING;
-}
-
-#define DESTROY_IPC_FLAG (UINT32_C(1) << 31)
-
-static void manager_unref_uid_internal(
- Manager *m,
- Hashmap **uid_refs,
- uid_t uid,
- bool destroy_now,
- int (*_clean_ipc)(uid_t uid)) {
-
- uint32_t c, n;
-
- assert(m);
- assert(uid_refs);
- assert(uid_is_valid(uid));
- assert(_clean_ipc);
-
- /* A generic implementation, covering both manager_unref_uid() and manager_unref_gid(), under the assumption
- * that uid_t and gid_t are actually defined the same way, with the same validity rules.
- *
- * We store a hashmap where the UID/GID is they key and the value is a 32bit reference counter, whose highest
- * bit is used as flag for marking UIDs/GIDs whose IPC objects to remove when the last reference to the UID/GID
- * is dropped. The flag is set to on, once at least one reference from a unit where RemoveIPC= is set is added
- * on a UID/GID. It is reset when the UID's/GID's reference counter drops to 0 again. */
-
- assert_cc(sizeof(uid_t) == sizeof(gid_t));
- assert_cc(UID_INVALID == (uid_t) GID_INVALID);
-
- if (uid == 0) /* We don't keep track of root, and will never destroy it */
- return;
-
- c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
-
- n = c & ~DESTROY_IPC_FLAG;
- assert(n > 0);
- n--;
-
- if (destroy_now && n == 0) {
- hashmap_remove(*uid_refs, UID_TO_PTR(uid));
-
- if (c & DESTROY_IPC_FLAG) {
- log_debug("%s " UID_FMT " is no longer referenced, cleaning up its IPC.",
- _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
- uid);
- (void) _clean_ipc(uid);
- }
- } else {
- c = n | (c & DESTROY_IPC_FLAG);
- assert_se(hashmap_update(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c)) >= 0);
- }
-}
-
-void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now) {
- manager_unref_uid_internal(m, &m->uid_refs, uid, destroy_now, clean_ipc_by_uid);
-}
-
-void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now) {
- manager_unref_uid_internal(m, &m->gid_refs, (uid_t) gid, destroy_now, clean_ipc_by_gid);
-}
-
-static int manager_ref_uid_internal(
- Manager *m,
- Hashmap **uid_refs,
- uid_t uid,
- bool clean_ipc) {
-
- uint32_t c, n;
- int r;
-
- assert(m);
- assert(uid_refs);
- assert(uid_is_valid(uid));
-
- /* A generic implementation, covering both manager_ref_uid() and manager_ref_gid(), under the assumption
- * that uid_t and gid_t are actually defined the same way, with the same validity rules. */
-
- assert_cc(sizeof(uid_t) == sizeof(gid_t));
- assert_cc(UID_INVALID == (uid_t) GID_INVALID);
-
- if (uid == 0) /* We don't keep track of root, and will never destroy it */
- return 0;
-
- r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
- if (r < 0)
- return r;
-
- c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
-
- n = c & ~DESTROY_IPC_FLAG;
- n++;
-
- if (n & DESTROY_IPC_FLAG) /* check for overflow */
- return -EOVERFLOW;
-
- c = n | (c & DESTROY_IPC_FLAG) | (clean_ipc ? DESTROY_IPC_FLAG : 0);
-
- return hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
-}
-
-int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc) {
- return manager_ref_uid_internal(m, &m->uid_refs, uid, clean_ipc);
-}
-
-int manager_ref_gid(Manager *m, gid_t gid, bool clean_ipc) {
- return manager_ref_uid_internal(m, &m->gid_refs, (uid_t) gid, clean_ipc);
-}
-
-static void manager_vacuum_uid_refs_internal(
- Manager *m,
- Hashmap **uid_refs,
- int (*_clean_ipc)(uid_t uid)) {
-
- Iterator i;
- void *p, *k;
-
- assert(m);
- assert(uid_refs);
- assert(_clean_ipc);
-
- HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
- uint32_t c, n;
- uid_t uid;
-
- uid = PTR_TO_UID(k);
- c = PTR_TO_UINT32(p);
-
- n = c & ~DESTROY_IPC_FLAG;
- if (n > 0)
- continue;
-
- if (c & DESTROY_IPC_FLAG) {
- log_debug("Found unreferenced %s " UID_FMT " after reload/reexec. Cleaning up.",
- _clean_ipc == clean_ipc_by_uid ? "UID" : "GID",
- uid);
- (void) _clean_ipc(uid);
- }
-
- assert_se(hashmap_remove(*uid_refs, k) == p);
- }
-}
-
-void manager_vacuum_uid_refs(Manager *m) {
- manager_vacuum_uid_refs_internal(m, &m->uid_refs, clean_ipc_by_uid);
-}
-
-void manager_vacuum_gid_refs(Manager *m) {
- manager_vacuum_uid_refs_internal(m, &m->gid_refs, clean_ipc_by_gid);
-}
-
-static void manager_serialize_uid_refs_internal(
- Manager *m,
- FILE *f,
- Hashmap **uid_refs,
- const char *field_name) {
-
- Iterator i;
- void *p, *k;
-
- assert(m);
- assert(f);
- assert(uid_refs);
- assert(field_name);
-
- /* Serialize the UID reference table. Or actually, just the IPC destruction flag of it, as the actual counter
- * of it is better rebuild after a reload/reexec. */
-
- HASHMAP_FOREACH_KEY(p, k, *uid_refs, i) {
- uint32_t c;
- uid_t uid;
-
- uid = PTR_TO_UID(k);
- c = PTR_TO_UINT32(p);
-
- if (!(c & DESTROY_IPC_FLAG))
- continue;
-
- fprintf(f, "%s=" UID_FMT "\n", field_name, uid);
- }
-}
-
-void manager_serialize_uid_refs(Manager *m, FILE *f) {
- manager_serialize_uid_refs_internal(m, f, &m->uid_refs, "destroy-ipc-uid");
-}
-
-void manager_serialize_gid_refs(Manager *m, FILE *f) {
- manager_serialize_uid_refs_internal(m, f, &m->gid_refs, "destroy-ipc-gid");
-}
-
-static void manager_deserialize_uid_refs_one_internal(
- Manager *m,
- Hashmap** uid_refs,
- const char *value) {
-
- uid_t uid;
- uint32_t c;
- int r;
-
- assert(m);
- assert(uid_refs);
- assert(value);
-
- r = parse_uid(value, &uid);
- if (r < 0 || uid == 0) {
- log_debug("Unable to parse UID reference serialization");
- return;
- }
-
- r = hashmap_ensure_allocated(uid_refs, &trivial_hash_ops);
- if (r < 0) {
- log_oom();
- return;
- }
-
- c = PTR_TO_UINT32(hashmap_get(*uid_refs, UID_TO_PTR(uid)));
- if (c & DESTROY_IPC_FLAG)
- return;
-
- c |= DESTROY_IPC_FLAG;
-
- r = hashmap_replace(*uid_refs, UID_TO_PTR(uid), UINT32_TO_PTR(c));
- if (r < 0) {
- log_debug("Failed to add UID reference entry");
- return;
- }
-}
-
-void manager_deserialize_uid_refs_one(Manager *m, const char *value) {
- manager_deserialize_uid_refs_one_internal(m, &m->uid_refs, value);
-}
-
-void manager_deserialize_gid_refs_one(Manager *m, const char *value) {
- manager_deserialize_uid_refs_one_internal(m, &m->gid_refs, value);
-}
-
-int manager_dispatch_user_lookup_fd(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- struct buffer {
- uid_t uid;
- gid_t gid;
- char unit_name[UNIT_NAME_MAX+1];
- } _packed_ buffer;
-
- Manager *m = userdata;
- ssize_t l;
- size_t n;
- Unit *u;
-
- assert_se(source);
- assert_se(m);
-
- /* Invoked whenever a child process succeeded resolving its user/group to use and sent us the resulting UID/GID
- * in a datagram. We parse the datagram here and pass it off to the unit, so that it can add a reference to the
- * UID/GID so that it can destroy the UID/GID's IPC objects when the reference counter drops to 0. */
-
- l = recv(fd, &buffer, sizeof(buffer), MSG_DONTWAIT);
- if (l < 0) {
- if (errno == EINTR || errno == EAGAIN)
- return 0;
-
- return log_error_errno(errno, "Failed to read from user lookup fd: %m");
- }
-
- if ((size_t) l <= offsetof(struct buffer, unit_name)) {
- log_warning("Received too short user lookup message, ignoring.");
- return 0;
- }
-
- if ((size_t) l > offsetof(struct buffer, unit_name) + UNIT_NAME_MAX) {
- log_warning("Received too long user lookup message, ignoring.");
- return 0;
- }
-
- if (!uid_is_valid(buffer.uid) && !gid_is_valid(buffer.gid)) {
- log_warning("Got user lookup message with invalid UID/GID pair, ignoring.");
- return 0;
- }
-
- n = (size_t) l - offsetof(struct buffer, unit_name);
- if (memchr(buffer.unit_name, 0, n)) {
- log_warning("Received lookup message with embedded NUL character, ignoring.");
- return 0;
- }
-
- buffer.unit_name[n] = 0;
- u = manager_get_unit(m, buffer.unit_name);
- if (!u) {
- log_debug("Got user lookup message but unit doesn't exist, ignoring.");
- return 0;
- }
-
- log_unit_debug(u, "User lookup succeeded: uid=" UID_FMT " gid=" GID_FMT, buffer.uid, buffer.gid);
-
- unit_notify_user_lookup(u, buffer.uid, buffer.gid);
- return 0;
-}
-
-static const char *const manager_state_table[_MANAGER_STATE_MAX] = {
- [MANAGER_INITIALIZING] = "initializing",
- [MANAGER_STARTING] = "starting",
- [MANAGER_RUNNING] = "running",
- [MANAGER_DEGRADED] = "degraded",
- [MANAGER_MAINTENANCE] = "maintenance",
- [MANAGER_STOPPING] = "stopping",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(manager_state, ManagerState);
diff --git a/src/core/manager.h b/src/core/manager.h
deleted file mode 100644
index 35172fdba9..0000000000
--- a/src/core/manager.h
+++ /dev/null
@@ -1,405 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <libmount.h>
-#include <stdbool.h>
-#include <stdio.h>
-
-#include "sd-bus.h"
-#include "sd-event.h"
-
-#include "cgroup-util.h"
-#include "fdset.h"
-#include "hashmap.h"
-#include "list.h"
-#include "ratelimit.h"
-
-/* Enforce upper limit how many names we allow */
-#define MANAGER_MAX_NAMES 131072 /* 128K */
-
-typedef struct Manager Manager;
-
-typedef enum ManagerState {
- MANAGER_INITIALIZING,
- MANAGER_STARTING,
- MANAGER_RUNNING,
- MANAGER_DEGRADED,
- MANAGER_MAINTENANCE,
- MANAGER_STOPPING,
- _MANAGER_STATE_MAX,
- _MANAGER_STATE_INVALID = -1
-} ManagerState;
-
-typedef enum ManagerExitCode {
- MANAGER_OK,
- MANAGER_EXIT,
- MANAGER_RELOAD,
- MANAGER_REEXECUTE,
- MANAGER_REBOOT,
- MANAGER_POWEROFF,
- MANAGER_HALT,
- MANAGER_KEXEC,
- MANAGER_SWITCH_ROOT,
- _MANAGER_EXIT_CODE_MAX,
- _MANAGER_EXIT_CODE_INVALID = -1
-} ManagerExitCode;
-
-typedef enum StatusType {
- STATUS_TYPE_EPHEMERAL,
- STATUS_TYPE_NORMAL,
- STATUS_TYPE_EMERGENCY,
-} StatusType;
-
-#include "execute.h"
-#include "job.h"
-#include "path-lookup.h"
-#include "show-status.h"
-#include "unit-name.h"
-
-struct Manager {
- /* Note that the set of units we know of is allowed to be
- * inconsistent. However the subset of it that is loaded may
- * not, and the list of jobs may neither. */
-
- /* Active jobs and units */
- Hashmap *units; /* name string => Unit object n:1 */
- Hashmap *units_by_invocation_id;
- Hashmap *jobs; /* job id => Job object 1:1 */
-
- /* To make it easy to iterate through the units of a specific
- * type we maintain a per type linked list */
- LIST_HEAD(Unit, units_by_type[_UNIT_TYPE_MAX]);
-
- /* Units that need to be loaded */
- LIST_HEAD(Unit, load_queue); /* this is actually more a stack than a queue, but uh. */
-
- /* Jobs that need to be run */
- LIST_HEAD(Job, run_queue); /* more a stack than a queue, too */
-
- /* Units and jobs that have not yet been announced via
- * D-Bus. When something about a job changes it is added here
- * if it is not in there yet. This allows easy coalescing of
- * D-Bus change signals. */
- LIST_HEAD(Unit, dbus_unit_queue);
- LIST_HEAD(Job, dbus_job_queue);
-
- /* Units to remove */
- LIST_HEAD(Unit, cleanup_queue);
-
- /* Units to check when doing GC */
- LIST_HEAD(Unit, gc_queue);
-
- /* Units that should be realized */
- LIST_HEAD(Unit, cgroup_queue);
-
- sd_event *event;
-
- /* We use two hash tables here, since the same PID might be
- * watched by two different units: once the unit that forked
- * it off, and possibly a different unit to which it was
- * joined as cgroup member. Since we know that it is either
- * one or two units for each PID we just use to hashmaps
- * here. */
- Hashmap *watch_pids1; /* pid => Unit object n:1 */
- Hashmap *watch_pids2; /* pid => Unit object n:1 */
-
- /* A set contains all units which cgroup should be refreshed after startup */
- Set *startup_units;
-
- /* A set which contains all currently failed units */
- Set *failed_units;
-
- sd_event_source *run_queue_event_source;
-
- char *notify_socket;
- int notify_fd;
- sd_event_source *notify_event_source;
-
- int cgroups_agent_fd;
- sd_event_source *cgroups_agent_event_source;
-
- int signal_fd;
- sd_event_source *signal_event_source;
-
- int time_change_fd;
- sd_event_source *time_change_event_source;
-
- sd_event_source *jobs_in_progress_event_source;
-
- int user_lookup_fds[2];
- sd_event_source *user_lookup_event_source;
-
- UnitFileScope unit_file_scope;
- LookupPaths lookup_paths;
- Set *unit_path_cache;
-
- char **environment;
-
- usec_t runtime_watchdog;
- usec_t shutdown_watchdog;
-
- dual_timestamp firmware_timestamp;
- dual_timestamp loader_timestamp;
- dual_timestamp kernel_timestamp;
- dual_timestamp initrd_timestamp;
- dual_timestamp userspace_timestamp;
- dual_timestamp finish_timestamp;
-
- dual_timestamp security_start_timestamp;
- dual_timestamp security_finish_timestamp;
- dual_timestamp generators_start_timestamp;
- dual_timestamp generators_finish_timestamp;
- dual_timestamp units_load_start_timestamp;
- dual_timestamp units_load_finish_timestamp;
-
- struct udev* udev;
-
- /* Data specific to the device subsystem */
- struct udev_monitor* udev_monitor;
- sd_event_source *udev_event_source;
- Hashmap *devices_by_sysfs;
-
- /* Data specific to the mount subsystem */
- struct libmnt_monitor *mount_monitor;
- sd_event_source *mount_event_source;
-
- /* Data specific to the swap filesystem */
- FILE *proc_swaps;
- sd_event_source *swap_event_source;
- Hashmap *swaps_by_devnode;
-
- /* Data specific to the D-Bus subsystem */
- sd_bus *api_bus, *system_bus;
- Set *private_buses;
- int private_listen_fd;
- sd_event_source *private_listen_event_source;
-
- /* Contains all the clients that are subscribed to signals via
- the API bus. Note that private bus connections are always
- considered subscribes, since they last for very short only,
- and it is much simpler that way. */
- sd_bus_track *subscribed;
- char **deserialized_subscribed;
-
- /* This is used during reloading: before the reload we queue
- * the reply message here, and afterwards we send it */
- sd_bus_message *queued_message;
-
- Hashmap *watch_bus; /* D-Bus names => Unit object n:1 */
-
- bool send_reloading_done;
-
- uint32_t current_job_id;
- uint32_t default_unit_job_id;
-
- /* Data specific to the Automount subsystem */
- int dev_autofs_fd;
-
- /* Data specific to the cgroup subsystem */
- Hashmap *cgroup_unit;
- CGroupMask cgroup_supported;
- char *cgroup_root;
-
- /* Notifications from cgroups, when the unified hierarchy is
- * used is done via inotify. */
- int cgroup_inotify_fd;
- sd_event_source *cgroup_inotify_event_source;
- Hashmap *cgroup_inotify_wd_unit;
-
- /* Make sure the user cannot accidentally unmount our cgroup
- * file system */
- int pin_cgroupfs_fd;
-
- int gc_marker;
- unsigned n_in_gc_queue;
-
- /* Flags */
- ManagerExitCode exit_code:5;
-
- bool dispatching_load_queue:1;
- bool dispatching_dbus_queue:1;
-
- bool taint_usr:1;
- bool test_run:1;
-
- /* If non-zero, exit with the following value when the systemd
- * process terminate. Useful for containers: systemd-nspawn could get
- * the return value. */
- uint8_t return_value;
-
- ShowStatus show_status;
- bool confirm_spawn;
- bool no_console_output;
-
- ExecOutput default_std_output, default_std_error;
-
- usec_t default_restart_usec, default_timeout_start_usec, default_timeout_stop_usec;
-
- usec_t default_start_limit_interval;
- unsigned default_start_limit_burst;
-
- bool default_cpu_accounting;
- bool default_memory_accounting;
- bool default_io_accounting;
- bool default_blockio_accounting;
- bool default_tasks_accounting;
-
- uint64_t default_tasks_max;
- usec_t default_timer_accuracy_usec;
-
- struct rlimit *rlimit[_RLIMIT_MAX];
-
- /* non-zero if we are reloading or reexecuting, */
- int n_reloading;
-
- unsigned n_installed_jobs;
- unsigned n_failed_jobs;
-
- /* Jobs in progress watching */
- unsigned n_running_jobs;
- unsigned n_on_console;
- unsigned jobs_in_progress_iteration;
-
- /* Do we have any outstanding password prompts? */
- int have_ask_password;
- int ask_password_inotify_fd;
- sd_event_source *ask_password_event_source;
-
- /* Type=idle pipes */
- int idle_pipe[4];
- sd_event_source *idle_pipe_event_source;
-
- char *switch_root;
- char *switch_root_init;
-
- /* This maps all possible path prefixes to the units needing
- * them. It's a hashmap with a path string as key and a Set as
- * value where Unit objects are contained. */
- Hashmap *units_requiring_mounts_for;
-
- /* Used for processing polkit authorization responses */
- Hashmap *polkit_registry;
-
- /* Dynamic users/groups, indexed by their name */
- Hashmap *dynamic_users;
-
- /* Keep track of all UIDs and GIDs any of our services currently use. This is useful for the RemoveIPC= logic. */
- Hashmap *uid_refs;
- Hashmap *gid_refs;
-
- /* When the user hits C-A-D more than 7 times per 2s, do something immediately... */
- RateLimit ctrl_alt_del_ratelimit;
- EmergencyAction cad_burst_action;
-
- const char *unit_log_field;
- const char *unit_log_format_string;
-
- const char *invocation_log_field;
- const char *invocation_log_format_string;
-
- int first_boot; /* tri-state */
-};
-
-#define MANAGER_IS_SYSTEM(m) ((m)->unit_file_scope == UNIT_FILE_SYSTEM)
-#define MANAGER_IS_USER(m) ((m)->unit_file_scope != UNIT_FILE_SYSTEM)
-
-#define MANAGER_IS_RELOADING(m) ((m)->n_reloading > 0)
-
-int manager_new(UnitFileScope scope, bool test_run, Manager **m);
-Manager* manager_free(Manager *m);
-
-void manager_enumerate(Manager *m);
-int manager_startup(Manager *m, FILE *serialization, FDSet *fds);
-
-Job *manager_get_job(Manager *m, uint32_t id);
-Unit *manager_get_unit(Manager *m, const char *name);
-
-int manager_get_job_from_dbus_path(Manager *m, const char *s, Job **_j);
-
-int manager_load_unit_prepare(Manager *m, const char *name, const char *path, sd_bus_error *e, Unit **_ret);
-int manager_load_unit(Manager *m, const char *name, const char *path, sd_bus_error *e, Unit **_ret);
-int manager_load_unit_from_dbus_path(Manager *m, const char *s, sd_bus_error *e, Unit **_u);
-
-int manager_add_job(Manager *m, JobType type, Unit *unit, JobMode mode, sd_bus_error *e, Job **_ret);
-int manager_add_job_by_name(Manager *m, JobType type, const char *name, JobMode mode, sd_bus_error *e, Job **_ret);
-int manager_add_job_by_name_and_warn(Manager *m, JobType type, const char *name, JobMode mode, Job **ret);
-
-void manager_dump_units(Manager *s, FILE *f, const char *prefix);
-void manager_dump_jobs(Manager *s, FILE *f, const char *prefix);
-
-void manager_clear_jobs(Manager *m);
-
-unsigned manager_dispatch_load_queue(Manager *m);
-
-int manager_environment_add(Manager *m, char **minus, char **plus);
-int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit);
-
-int manager_loop(Manager *m);
-
-int manager_open_serialization(Manager *m, FILE **_f);
-
-int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root);
-int manager_deserialize(Manager *m, FILE *f, FDSet *fds);
-
-int manager_reload(Manager *m);
-
-void manager_reset_failed(Manager *m);
-
-void manager_send_unit_audit(Manager *m, Unit *u, int type, bool success);
-void manager_send_unit_plymouth(Manager *m, Unit *u);
-
-bool manager_unit_inactive_or_pending(Manager *m, const char *name);
-
-void manager_check_finished(Manager *m);
-
-void manager_recheck_journal(Manager *m);
-
-void manager_set_show_status(Manager *m, ShowStatus mode);
-void manager_set_first_boot(Manager *m, bool b);
-
-void manager_status_printf(Manager *m, StatusType type, const char *status, const char *format, ...) _printf_(4,5);
-void manager_flip_auto_status(Manager *m, bool enable);
-
-Set *manager_get_units_requiring_mounts_for(Manager *m, const char *path);
-
-const char *manager_get_runtime_prefix(Manager *m);
-
-ManagerState manager_state(Manager *m);
-
-int manager_update_failed_units(Manager *m, Unit *u, bool failed);
-
-void manager_unref_uid(Manager *m, uid_t uid, bool destroy_now);
-int manager_ref_uid(Manager *m, uid_t uid, bool clean_ipc);
-
-void manager_unref_gid(Manager *m, gid_t gid, bool destroy_now);
-int manager_ref_gid(Manager *m, gid_t gid, bool destroy_now);
-
-void manager_vacuum_uid_refs(Manager *m);
-void manager_vacuum_gid_refs(Manager *m);
-
-void manager_serialize_uid_refs(Manager *m, FILE *f);
-void manager_deserialize_uid_refs_one(Manager *m, const char *value);
-
-void manager_serialize_gid_refs(Manager *m, FILE *f);
-void manager_deserialize_gid_refs_one(Manager *m, const char *value);
-
-const char *manager_state_to_string(ManagerState m) _const_;
-ManagerState manager_state_from_string(const char *s) _pure_;
diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c
deleted file mode 100644
index ca63a93e8b..0000000000
--- a/src/core/mount-setup.c
+++ /dev/null
@@ -1,421 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <ftw.h>
-#include <stdlib.h>
-#include <sys/mount.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "bus-util.h"
-#include "cgroup-util.h"
-#include "dev-setup.h"
-#include "efivars.h"
-#include "fs-util.h"
-#include "label.h"
-#include "log.h"
-#include "macro.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "mount-setup.h"
-#include "mount-util.h"
-#include "path-util.h"
-#include "set.h"
-#include "smack-util.h"
-#include "strv.h"
-#include "user-util.h"
-#include "util.h"
-#include "virt.h"
-
-typedef enum MountMode {
- MNT_NONE = 0,
- MNT_FATAL = 1 << 0,
- MNT_IN_CONTAINER = 1 << 1,
-} MountMode;
-
-typedef struct MountPoint {
- const char *what;
- const char *where;
- const char *type;
- const char *options;
- unsigned long flags;
- bool (*condition_fn)(void);
- MountMode mode;
-} MountPoint;
-
-/* The first three entries we might need before SELinux is up. The
- * fourth (securityfs) is needed by IMA to load a custom policy. The
- * other ones we can delay until SELinux and IMA are loaded. When
- * SMACK is enabled we need smackfs, too, so it's a fifth one. */
-#ifdef HAVE_SMACK
-#define N_EARLY_MOUNT 5
-#else
-#define N_EARLY_MOUNT 4
-#endif
-
-static const MountPoint mount_table[] = {
- { "sysfs", "/sys", "sysfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
- { "proc", "/proc", "proc", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
- { "devtmpfs", "/dev", "devtmpfs", "mode=755", MS_NOSUID|MS_STRICTATIME,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
- { "securityfs", "/sys/kernel/security", "securityfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_NONE },
-#ifdef HAVE_SMACK
- { "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV,
- mac_smack_use, MNT_FATAL },
- { "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
- mac_smack_use, MNT_FATAL },
-#endif
- { "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
- { "devpts", "/dev/pts", "devpts", "mode=620,gid=" STRINGIFY(TTY_GID), MS_NOSUID|MS_NOEXEC,
- NULL, MNT_IN_CONTAINER },
-#ifdef HAVE_SMACK
- { "tmpfs", "/run", "tmpfs", "mode=755,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
- mac_smack_use, MNT_FATAL },
-#endif
- { "tmpfs", "/run", "tmpfs", "mode=755", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
- NULL, MNT_FATAL|MNT_IN_CONTAINER },
- { "cgroup", "/sys/fs/cgroup", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- cg_is_unified_wanted, MNT_FATAL|MNT_IN_CONTAINER },
- { "tmpfs", "/sys/fs/cgroup", "tmpfs", "mode=755", MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME,
- cg_is_legacy_wanted, MNT_FATAL|MNT_IN_CONTAINER },
- { "cgroup", "/sys/fs/cgroup/systemd", "cgroup2", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- cg_is_unified_systemd_controller_wanted, MNT_IN_CONTAINER },
- { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd,xattr", MS_NOSUID|MS_NOEXEC|MS_NODEV,
- cg_is_legacy_systemd_controller_wanted, MNT_IN_CONTAINER },
- { "cgroup", "/sys/fs/cgroup/systemd", "cgroup", "none,name=systemd", MS_NOSUID|MS_NOEXEC|MS_NODEV,
- cg_is_legacy_systemd_controller_wanted, MNT_FATAL|MNT_IN_CONTAINER },
- { "pstore", "/sys/fs/pstore", "pstore", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- NULL, MNT_NONE },
-#ifdef ENABLE_EFI
- { "efivarfs", "/sys/firmware/efi/efivars", "efivarfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV,
- is_efi_boot, MNT_NONE },
-#endif
-};
-
-/* These are API file systems that might be mounted by other software,
- * we just list them here so that we know that we should ignore them */
-
-static const char ignore_paths[] =
- /* SELinux file systems */
- "/sys/fs/selinux\0"
- /* Container bind mounts */
- "/proc/sys\0"
- "/dev/console\0"
- "/proc/kmsg\0";
-
-bool mount_point_is_api(const char *path) {
- unsigned i;
-
- /* Checks if this mount point is considered "API", and hence
- * should be ignored */
-
- for (i = 0; i < ELEMENTSOF(mount_table); i ++)
- if (path_equal(path, mount_table[i].where))
- return true;
-
- return path_startswith(path, "/sys/fs/cgroup/");
-}
-
-bool mount_point_ignore(const char *path) {
- const char *i;
-
- NULSTR_FOREACH(i, ignore_paths)
- if (path_equal(path, i))
- return true;
-
- return false;
-}
-
-static int mount_one(const MountPoint *p, bool relabel) {
- int r;
-
- assert(p);
-
- if (p->condition_fn && !p->condition_fn())
- return 0;
-
- /* Relabel first, just in case */
- if (relabel)
- (void) label_fix(p->where, true, true);
-
- r = path_is_mount_point(p->where, AT_SYMLINK_FOLLOW);
- if (r < 0 && r != -ENOENT) {
- log_full_errno((p->mode & MNT_FATAL) ? LOG_ERR : LOG_DEBUG, r, "Failed to determine whether %s is a mount point: %m", p->where);
- return (p->mode & MNT_FATAL) ? r : 0;
- }
- if (r > 0)
- return 0;
-
- /* Skip securityfs in a container */
- if (!(p->mode & MNT_IN_CONTAINER) && detect_container() > 0)
- return 0;
-
- /* The access mode here doesn't really matter too much, since
- * the mounted file system will take precedence anyway. */
- if (relabel)
- (void) mkdir_p_label(p->where, 0755);
- else
- (void) mkdir_p(p->where, 0755);
-
- log_debug("Mounting %s to %s of type %s with options %s.",
- p->what,
- p->where,
- p->type,
- strna(p->options));
-
- if (mount(p->what,
- p->where,
- p->type,
- p->flags,
- p->options) < 0) {
- log_full_errno((p->mode & MNT_FATAL) ? LOG_ERR : LOG_DEBUG, errno, "Failed to mount %s at %s: %m", p->type, p->where);
- return (p->mode & MNT_FATAL) ? -errno : 0;
- }
-
- /* Relabel again, since we now mounted something fresh here */
- if (relabel)
- (void) label_fix(p->where, false, false);
-
- return 1;
-}
-
-static int mount_points_setup(unsigned n, bool loaded_policy) {
- unsigned i;
- int r = 0;
-
- for (i = 0; i < n; i ++) {
- int j;
-
- j = mount_one(mount_table + i, loaded_policy);
- if (j != 0 && r >= 0)
- r = j;
- }
-
- return r;
-}
-
-int mount_setup_early(void) {
- assert_cc(N_EARLY_MOUNT <= ELEMENTSOF(mount_table));
-
- /* Do a minimal mount of /proc and friends to enable the most
- * basic stuff, such as SELinux */
- return mount_points_setup(N_EARLY_MOUNT, false);
-}
-
-int mount_cgroup_controllers(char ***join_controllers) {
- _cleanup_set_free_free_ Set *controllers = NULL;
- int r;
-
- if (!cg_is_legacy_wanted())
- return 0;
-
- /* Mount all available cgroup controllers that are built into the kernel. */
-
- controllers = set_new(&string_hash_ops);
- if (!controllers)
- return log_oom();
-
- r = cg_kernel_controllers(controllers);
- if (r < 0)
- return log_error_errno(r, "Failed to enumerate cgroup controllers: %m");
-
- for (;;) {
- _cleanup_free_ char *options = NULL, *controller = NULL, *where = NULL;
- MountPoint p = {
- .what = "cgroup",
- .type = "cgroup",
- .flags = MS_NOSUID|MS_NOEXEC|MS_NODEV,
- .mode = MNT_IN_CONTAINER,
- };
- char ***k = NULL;
-
- controller = set_steal_first(controllers);
- if (!controller)
- break;
-
- if (join_controllers)
- for (k = join_controllers; *k; k++)
- if (strv_find(*k, controller))
- break;
-
- if (k && *k) {
- char **i, **j;
-
- for (i = *k, j = *k; *i; i++) {
-
- if (!streq(*i, controller)) {
- _cleanup_free_ char *t;
-
- t = set_remove(controllers, *i);
- if (!t) {
- free(*i);
- continue;
- }
- }
-
- *(j++) = *i;
- }
-
- *j = NULL;
-
- options = strv_join(*k, ",");
- if (!options)
- return log_oom();
- } else {
- options = controller;
- controller = NULL;
- }
-
- where = strappend("/sys/fs/cgroup/", options);
- if (!where)
- return log_oom();
-
- p.where = where;
- p.options = options;
-
- r = mount_one(&p, true);
- if (r < 0)
- return r;
-
- if (r > 0 && k && *k) {
- char **i;
-
- for (i = *k; *i; i++) {
- _cleanup_free_ char *t = NULL;
-
- t = strappend("/sys/fs/cgroup/", *i);
- if (!t)
- return log_oom();
-
- r = symlink(options, t);
- if (r >= 0) {
-#ifdef SMACK_RUN_LABEL
- _cleanup_free_ char *src;
- src = strappend("/sys/fs/cgroup/", options);
- if (!src)
- return log_oom();
- r = mac_smack_copy(t, src);
- if (r < 0 && r != -EOPNOTSUPP)
- return log_error_errno(r, "Failed to copy smack label from %s to %s: %m", src, t);
-#endif
- } else if (errno != EEXIST)
- return log_error_errno(errno, "Failed to create symlink %s: %m", t);
- }
- }
- }
-
- /* Now that we mounted everything, let's make the tmpfs the
- * cgroup file systems are mounted into read-only. */
- (void) mount("tmpfs", "/sys/fs/cgroup", "tmpfs", MS_REMOUNT|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME|MS_RDONLY, "mode=755");
-
- return 0;
-}
-
-#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
-static int nftw_cb(
- const char *fpath,
- const struct stat *sb,
- int tflag,
- struct FTW *ftwbuf) {
-
- /* No need to label /dev twice in a row... */
- if (_unlikely_(ftwbuf->level == 0))
- return FTW_CONTINUE;
-
- label_fix(fpath, false, false);
-
- /* /run/initramfs is static data and big, no need to
- * dynamically relabel its contents at boot... */
- if (_unlikely_(ftwbuf->level == 1 &&
- tflag == FTW_D &&
- streq(fpath, "/run/initramfs")))
- return FTW_SKIP_SUBTREE;
-
- return FTW_CONTINUE;
-};
-#endif
-
-int mount_setup(bool loaded_policy) {
- int r = 0;
-
- r = mount_points_setup(ELEMENTSOF(mount_table), loaded_policy);
-
- if (r < 0)
- return r;
-
-#if defined(HAVE_SELINUX) || defined(HAVE_SMACK)
- /* Nodes in devtmpfs and /run need to be manually updated for
- * the appropriate labels, after mounting. The other virtual
- * API file systems like /sys and /proc do not need that, they
- * use the same label for all their files. */
- if (loaded_policy) {
- usec_t before_relabel, after_relabel;
- char timespan[FORMAT_TIMESPAN_MAX];
-
- before_relabel = now(CLOCK_MONOTONIC);
-
- nftw("/dev", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
- nftw("/dev/shm", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
- nftw("/run", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
-
- after_relabel = now(CLOCK_MONOTONIC);
-
- log_info("Relabelled /dev and /run in %s.",
- format_timespan(timespan, sizeof(timespan), after_relabel - before_relabel, 0));
- }
-#endif
-
- /* Create a few default symlinks, which are normally created
- * by udevd, but some scripts might need them before we start
- * udevd. */
- dev_setup(NULL, UID_INVALID, GID_INVALID);
-
- /* Mark the root directory as shared in regards to mount
- * propagation. The kernel defaults to "private", but we think
- * it makes more sense to have a default of "shared" so that
- * nspawn and the container tools work out of the box. If
- * specific setups need other settings they can reset the
- * propagation mode to private if needed. */
- if (detect_container() <= 0)
- if (mount(NULL, "/", NULL, MS_REC|MS_SHARED, NULL) < 0)
- log_warning_errno(errno, "Failed to set up the root directory for shared mount propagation: %m");
-
- /* Create a few directories we always want around, Note that
- * sd_booted() checks for /run/systemd/system, so this mkdir
- * really needs to stay for good, otherwise software that
- * copied sd-daemon.c into their sources will misdetect
- * systemd. */
- (void) mkdir_label("/run/systemd", 0755);
- (void) mkdir_label("/run/systemd/system", 0755);
- (void) mkdir_label("/run/systemd/inaccessible", 0000);
- /* Set up inaccessible items */
- (void) mknod("/run/systemd/inaccessible/reg", S_IFREG | 0000, 0);
- (void) mkdir_label("/run/systemd/inaccessible/dir", 0000);
- (void) mknod("/run/systemd/inaccessible/chr", S_IFCHR | 0000, makedev(0, 0));
- (void) mknod("/run/systemd/inaccessible/blk", S_IFBLK | 0000, makedev(0, 0));
- (void) mkfifo("/run/systemd/inaccessible/fifo", 0000);
- (void) mknod("/run/systemd/inaccessible/sock", S_IFSOCK | 0000, 0);
-
- return 0;
-}
diff --git a/src/core/mount-setup.h b/src/core/mount-setup.h
deleted file mode 100644
index 647bd770ae..0000000000
--- a/src/core/mount-setup.h
+++ /dev/null
@@ -1,30 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-
-int mount_setup_early(void);
-int mount_setup(bool loaded_policy);
-
-int mount_cgroup_controllers(char ***join_controllers);
-
-bool mount_point_is_api(const char *path);
-bool mount_point_ignore(const char *path);
diff --git a/src/core/mount.c b/src/core/mount.c
deleted file mode 100644
index d749e49df5..0000000000
--- a/src/core/mount.c
+++ /dev/null
@@ -1,1946 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <signal.h>
-#include <stdio.h>
-#include <sys/epoll.h>
-
-#include "sd-messages.h"
-
-#include "alloc-util.h"
-#include "dbus-mount.h"
-#include "escape.h"
-#include "exit-status.h"
-#include "formats-util.h"
-#include "fstab-util.h"
-#include "log.h"
-#include "manager.h"
-#include "mkdir.h"
-#include "mount-setup.h"
-#include "mount-util.h"
-#include "mount.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit.h"
-
-#define RETRY_UMOUNT_MAX 32
-
-DEFINE_TRIVIAL_CLEANUP_FUNC(struct libmnt_table*, mnt_free_table);
-DEFINE_TRIVIAL_CLEANUP_FUNC(struct libmnt_iter*, mnt_free_iter);
-
-static const UnitActiveState state_translation_table[_MOUNT_STATE_MAX] = {
- [MOUNT_DEAD] = UNIT_INACTIVE,
- [MOUNT_MOUNTING] = UNIT_ACTIVATING,
- [MOUNT_MOUNTING_DONE] = UNIT_ACTIVE,
- [MOUNT_MOUNTED] = UNIT_ACTIVE,
- [MOUNT_REMOUNTING] = UNIT_RELOADING,
- [MOUNT_UNMOUNTING] = UNIT_DEACTIVATING,
- [MOUNT_MOUNTING_SIGTERM] = UNIT_DEACTIVATING,
- [MOUNT_MOUNTING_SIGKILL] = UNIT_DEACTIVATING,
- [MOUNT_REMOUNTING_SIGTERM] = UNIT_RELOADING,
- [MOUNT_REMOUNTING_SIGKILL] = UNIT_RELOADING,
- [MOUNT_UNMOUNTING_SIGTERM] = UNIT_DEACTIVATING,
- [MOUNT_UNMOUNTING_SIGKILL] = UNIT_DEACTIVATING,
- [MOUNT_FAILED] = UNIT_FAILED
-};
-
-static int mount_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
-static int mount_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-
-static bool mount_needs_network(const char *options, const char *fstype) {
- if (fstab_test_option(options, "_netdev\0"))
- return true;
-
- if (fstype && fstype_is_network(fstype))
- return true;
-
- return false;
-}
-
-static bool mount_is_network(const MountParameters *p) {
- assert(p);
-
- return mount_needs_network(p->options, p->fstype);
-}
-
-static bool mount_is_loop(const MountParameters *p) {
- assert(p);
-
- if (fstab_test_option(p->options, "loop\0"))
- return true;
-
- return false;
-}
-
-static bool mount_is_bind(const MountParameters *p) {
- assert(p);
-
- if (fstab_test_option(p->options, "bind\0" "rbind\0"))
- return true;
-
- if (p->fstype && STR_IN_SET(p->fstype, "bind", "rbind"))
- return true;
-
- return false;
-}
-
-static bool mount_is_auto(const MountParameters *p) {
- assert(p);
-
- return !fstab_test_option(p->options, "noauto\0");
-}
-
-static bool mount_is_automount(const MountParameters *p) {
- assert(p);
-
- return fstab_test_option(p->options,
- "comment=systemd.automount\0"
- "x-systemd.automount\0");
-}
-
-static bool mount_state_active(MountState state) {
- return IN_SET(state,
- MOUNT_MOUNTING,
- MOUNT_MOUNTING_DONE,
- MOUNT_REMOUNTING,
- MOUNT_UNMOUNTING,
- MOUNT_MOUNTING_SIGTERM,
- MOUNT_MOUNTING_SIGKILL,
- MOUNT_UNMOUNTING_SIGTERM,
- MOUNT_UNMOUNTING_SIGKILL,
- MOUNT_REMOUNTING_SIGTERM,
- MOUNT_REMOUNTING_SIGKILL);
-}
-
-static bool needs_quota(const MountParameters *p) {
- assert(p);
-
- /* Quotas are not enabled on network filesystems,
- * but we want them, for example, on storage connected via iscsi */
- if (p->fstype && fstype_is_network(p->fstype))
- return false;
-
- if (mount_is_bind(p))
- return false;
-
- return fstab_test_option(p->options,
- "usrquota\0" "grpquota\0" "quota\0" "usrjquota\0" "grpjquota\0");
-}
-
-static void mount_init(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- m->timeout_usec = u->manager->default_timeout_start_usec;
- m->directory_mode = 0755;
-
- /* We need to make sure that /usr/bin/mount is always called
- * in the same process group as us, so that the autofs kernel
- * side doesn't send us another mount request while we are
- * already trying to comply its last one. */
- m->exec_context.same_pgrp = true;
-
- m->control_command_id = _MOUNT_EXEC_COMMAND_INVALID;
-
- u->ignore_on_isolate = true;
-}
-
-static int mount_arm_timer(Mount *m, usec_t usec) {
- int r;
-
- assert(m);
-
- if (m->timer_event_source) {
- r = sd_event_source_set_time(m->timer_event_source, usec);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(m->timer_event_source, SD_EVENT_ONESHOT);
- }
-
- if (usec == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- UNIT(m)->manager->event,
- &m->timer_event_source,
- CLOCK_MONOTONIC,
- usec, 0,
- mount_dispatch_timer, m);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(m->timer_event_source, "mount-timer");
-
- return 0;
-}
-
-static void mount_unwatch_control_pid(Mount *m) {
- assert(m);
-
- if (m->control_pid <= 0)
- return;
-
- unit_unwatch_pid(UNIT(m), m->control_pid);
- m->control_pid = 0;
-}
-
-static void mount_parameters_done(MountParameters *p) {
- assert(p);
-
- free(p->what);
- free(p->options);
- free(p->fstype);
-
- p->what = p->options = p->fstype = NULL;
-}
-
-static void mount_done(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(m);
-
- m->where = mfree(m->where);
-
- mount_parameters_done(&m->parameters_proc_self_mountinfo);
- mount_parameters_done(&m->parameters_fragment);
-
- m->exec_runtime = exec_runtime_unref(m->exec_runtime);
- exec_command_done_array(m->exec_command, _MOUNT_EXEC_COMMAND_MAX);
- m->control_command = NULL;
-
- dynamic_creds_unref(&m->dynamic_creds);
-
- mount_unwatch_control_pid(m);
-
- m->timer_event_source = sd_event_source_unref(m->timer_event_source);
-}
-
-_pure_ static MountParameters* get_mount_parameters_fragment(Mount *m) {
- assert(m);
-
- if (m->from_fragment)
- return &m->parameters_fragment;
-
- return NULL;
-}
-
-_pure_ static MountParameters* get_mount_parameters(Mount *m) {
- assert(m);
-
- if (m->from_proc_self_mountinfo)
- return &m->parameters_proc_self_mountinfo;
-
- return get_mount_parameters_fragment(m);
-}
-
-static int mount_add_mount_links(Mount *m) {
- _cleanup_free_ char *parent = NULL;
- MountParameters *pm;
- Unit *other;
- Iterator i;
- Set *s;
- int r;
-
- assert(m);
-
- if (!path_equal(m->where, "/")) {
- /* Adds in links to other mount points that might lie further
- * up in the hierarchy */
-
- parent = dirname_malloc(m->where);
- if (!parent)
- return -ENOMEM;
-
- r = unit_require_mounts_for(UNIT(m), parent);
- if (r < 0)
- return r;
- }
-
- /* Adds in links to other mount points that might be needed
- * for the source path (if this is a bind mount or a loop mount) to be
- * available. */
- pm = get_mount_parameters_fragment(m);
- if (pm && pm->what &&
- path_is_absolute(pm->what) &&
- (mount_is_bind(pm) || mount_is_loop(pm) || !mount_is_network(pm))) {
-
- r = unit_require_mounts_for(UNIT(m), pm->what);
- if (r < 0)
- return r;
- }
-
- /* Adds in links to other units that use this path or paths
- * further down in the hierarchy */
- s = manager_get_units_requiring_mounts_for(UNIT(m)->manager, m->where);
- SET_FOREACH(other, s, i) {
-
- if (other->load_state != UNIT_LOADED)
- continue;
-
- if (other == UNIT(m))
- continue;
-
- r = unit_add_dependency(other, UNIT_AFTER, UNIT(m), true);
- if (r < 0)
- return r;
-
- if (UNIT(m)->fragment_path) {
- /* If we have fragment configuration, then make this dependency required */
- r = unit_add_dependency(other, UNIT_REQUIRES, UNIT(m), true);
- if (r < 0)
- return r;
- }
- }
-
- return 0;
-}
-
-static int mount_add_device_links(Mount *m) {
- MountParameters *p;
- bool device_wants_mount = false;
- int r;
-
- assert(m);
-
- p = get_mount_parameters(m);
- if (!p)
- return 0;
-
- if (!p->what)
- return 0;
-
- if (mount_is_bind(p))
- return 0;
-
- if (!is_device_path(p->what))
- return 0;
-
- /* /dev/root is a really weird thing, it's not a real device,
- * but just a path the kernel exports for the root file system
- * specified on the kernel command line. Ignore it here. */
- if (path_equal(p->what, "/dev/root"))
- return 0;
-
- if (path_equal(m->where, "/"))
- return 0;
-
- if (mount_is_auto(p) && !mount_is_automount(p) && MANAGER_IS_SYSTEM(UNIT(m)->manager))
- device_wants_mount = true;
-
- r = unit_add_node_link(UNIT(m), p->what, device_wants_mount, m->from_fragment ? UNIT_BINDS_TO : UNIT_REQUIRES);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int mount_add_quota_links(Mount *m) {
- int r;
- MountParameters *p;
-
- assert(m);
-
- if (!MANAGER_IS_SYSTEM(UNIT(m)->manager))
- return 0;
-
- p = get_mount_parameters_fragment(m);
- if (!p)
- return 0;
-
- if (!needs_quota(p))
- return 0;
-
- r = unit_add_two_dependencies_by_name(UNIT(m), UNIT_BEFORE, UNIT_WANTS, SPECIAL_QUOTACHECK_SERVICE, NULL, true);
- if (r < 0)
- return r;
-
- r = unit_add_two_dependencies_by_name(UNIT(m), UNIT_BEFORE, UNIT_WANTS, SPECIAL_QUOTAON_SERVICE, NULL, true);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static bool should_umount(Mount *m) {
- MountParameters *p;
-
- if (PATH_IN_SET(m->where, "/", "/usr") ||
- path_startswith(m->where, "/run/initramfs"))
- return false;
-
- p = get_mount_parameters(m);
- if (p && fstab_test_option(p->options, "x-initrd.mount\0") &&
- !in_initrd())
- return false;
-
- return true;
-}
-
-static int mount_add_default_dependencies(Mount *m) {
- MountParameters *p;
- const char *after;
- int r;
-
- assert(m);
-
- if (!UNIT(m)->default_dependencies)
- return 0;
-
- if (!MANAGER_IS_SYSTEM(UNIT(m)->manager))
- return 0;
-
- /* We do not add any default dependencies to /, /usr or
- * /run/initramfs/, since they are guaranteed to stay
- * mounted the whole time, since our system is on it.
- * Also, don't bother with anything mounted below virtual
- * file systems, it's also going to be virtual, and hence
- * not worth the effort. */
- if (PATH_IN_SET(m->where, "/", "/usr") ||
- path_startswith(m->where, "/run/initramfs") ||
- path_startswith(m->where, "/proc") ||
- path_startswith(m->where, "/sys") ||
- path_startswith(m->where, "/dev"))
- return 0;
-
- p = get_mount_parameters(m);
- if (!p)
- return 0;
-
- if (mount_is_network(p)) {
- /* We order ourselves after network.target. This is
- * primarily useful at shutdown: services that take
- * down the network should order themselves before
- * network.target, so that they are shut down only
- * after this mount unit is stopped. */
-
- r = unit_add_dependency_by_name(UNIT(m), UNIT_AFTER, SPECIAL_NETWORK_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- /* We pull in network-online.target, and order
- * ourselves after it. This is useful at start-up to
- * actively pull in tools that want to be started
- * before we start mounting network file systems, and
- * whose purpose it is to delay this until the network
- * is "up". */
-
- r = unit_add_two_dependencies_by_name(UNIT(m), UNIT_WANTS, UNIT_AFTER, SPECIAL_NETWORK_ONLINE_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- after = SPECIAL_REMOTE_FS_PRE_TARGET;
- } else
- after = SPECIAL_LOCAL_FS_PRE_TARGET;
-
- r = unit_add_dependency_by_name(UNIT(m), UNIT_AFTER, after, NULL, true);
- if (r < 0)
- return r;
-
- if (should_umount(m)) {
- r = unit_add_two_dependencies_by_name(UNIT(m), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, NULL, true);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static int mount_verify(Mount *m) {
- _cleanup_free_ char *e = NULL;
- MountParameters *p;
- int r;
-
- assert(m);
-
- if (UNIT(m)->load_state != UNIT_LOADED)
- return 0;
-
- if (!m->from_fragment && !m->from_proc_self_mountinfo)
- return -ENOENT;
-
- r = unit_name_from_path(m->where, ".mount", &e);
- if (r < 0)
- return log_unit_error_errno(UNIT(m), r, "Failed to generate unit name from mount path: %m");
-
- if (!unit_has_name(UNIT(m), e)) {
- log_unit_error(UNIT(m), "Where= setting doesn't match unit name. Refusing.");
- return -EINVAL;
- }
-
- if (mount_point_is_api(m->where) || mount_point_ignore(m->where)) {
- log_unit_error(UNIT(m), "Cannot create mount unit for API file system %s. Refusing.", m->where);
- return -EINVAL;
- }
-
- p = get_mount_parameters_fragment(m);
- if (p && !p->what) {
- log_unit_error(UNIT(m), "What= setting is missing. Refusing.");
- return -EBADMSG;
- }
-
- if (m->exec_context.pam_name && m->kill_context.kill_mode != KILL_CONTROL_GROUP) {
- log_unit_error(UNIT(m), "Unit has PAM enabled. Kill mode must be set to control-group'. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int mount_add_extras(Mount *m) {
- Unit *u = UNIT(m);
- int r;
-
- assert(m);
-
- if (u->fragment_path)
- m->from_fragment = true;
-
- if (!m->where) {
- r = unit_name_to_path(u->id, &m->where);
- if (r < 0)
- return r;
- }
-
- path_kill_slashes(m->where);
-
- if (!u->description) {
- r = unit_set_description(u, m->where);
- if (r < 0)
- return r;
- }
-
- r = mount_add_device_links(m);
- if (r < 0)
- return r;
-
- r = mount_add_mount_links(m);
- if (r < 0)
- return r;
-
- r = mount_add_quota_links(m);
- if (r < 0)
- return r;
-
- r = unit_patch_contexts(u);
- if (r < 0)
- return r;
-
- r = unit_add_exec_dependencies(u, &m->exec_context);
- if (r < 0)
- return r;
-
- r = unit_set_default_slice(u);
- if (r < 0)
- return r;
-
- r = mount_add_default_dependencies(m);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int mount_load_root_mount(Unit *u) {
- assert(u);
-
- if (!unit_has_name(u, SPECIAL_ROOT_MOUNT))
- return 0;
-
- u->perpetual = true;
- u->default_dependencies = false;
-
- /* The stdio/kmsg bridge socket is on /, in order to avoid a dep loop, don't use kmsg logging for -.mount */
- MOUNT(u)->exec_context.std_output = EXEC_OUTPUT_NULL;
- MOUNT(u)->exec_context.std_input = EXEC_INPUT_NULL;
-
- if (!u->description)
- u->description = strdup("Root Mount");
-
- return 1;
-}
-
-static int mount_load(Unit *u) {
- Mount *m = MOUNT(u);
- int r;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- r = mount_load_root_mount(u);
- if (r < 0)
- return r;
-
- if (m->from_proc_self_mountinfo || u->perpetual)
- r = unit_load_fragment_and_dropin_optional(u);
- else
- r = unit_load_fragment_and_dropin(u);
- if (r < 0)
- return r;
-
- /* This is a new unit? Then let's add in some extras */
- if (u->load_state == UNIT_LOADED) {
- r = mount_add_extras(m);
- if (r < 0)
- return r;
- }
-
- return mount_verify(m);
-}
-
-static void mount_set_state(Mount *m, MountState state) {
- MountState old_state;
- assert(m);
-
- old_state = m->state;
- m->state = state;
-
- if (!mount_state_active(state)) {
- m->timer_event_source = sd_event_source_unref(m->timer_event_source);
- mount_unwatch_control_pid(m);
- m->control_command = NULL;
- m->control_command_id = _MOUNT_EXEC_COMMAND_INVALID;
- }
-
- if (state != old_state)
- log_unit_debug(UNIT(m), "Changed %s -> %s", mount_state_to_string(old_state), mount_state_to_string(state));
-
- unit_notify(UNIT(m), state_translation_table[old_state], state_translation_table[state], m->reload_result == MOUNT_SUCCESS);
- m->reload_result = MOUNT_SUCCESS;
-}
-
-static int mount_coldplug(Unit *u) {
- Mount *m = MOUNT(u);
- MountState new_state = MOUNT_DEAD;
- int r;
-
- assert(m);
- assert(m->state == MOUNT_DEAD);
-
- if (m->deserialized_state != m->state)
- new_state = m->deserialized_state;
- else if (m->from_proc_self_mountinfo)
- new_state = MOUNT_MOUNTED;
-
- if (new_state == m->state)
- return 0;
-
- if (m->control_pid > 0 &&
- pid_is_unwaited(m->control_pid) &&
- mount_state_active(new_state)) {
-
- r = unit_watch_pid(UNIT(m), m->control_pid);
- if (r < 0)
- return r;
-
- r = mount_arm_timer(m, usec_add(u->state_change_timestamp.monotonic, m->timeout_usec));
- if (r < 0)
- return r;
- }
-
- if (!IN_SET(new_state, MOUNT_DEAD, MOUNT_FAILED))
- (void) unit_setup_dynamic_creds(u);
-
- mount_set_state(m, new_state);
- return 0;
-}
-
-static void mount_dump(Unit *u, FILE *f, const char *prefix) {
- Mount *m = MOUNT(u);
- MountParameters *p;
-
- assert(m);
- assert(f);
-
- p = get_mount_parameters(m);
-
- fprintf(f,
- "%sMount State: %s\n"
- "%sResult: %s\n"
- "%sWhere: %s\n"
- "%sWhat: %s\n"
- "%sFile System Type: %s\n"
- "%sOptions: %s\n"
- "%sFrom /proc/self/mountinfo: %s\n"
- "%sFrom fragment: %s\n"
- "%sDirectoryMode: %04o\n"
- "%sSloppyOptions: %s\n"
- "%sLazyUnmount: %s\n"
- "%sForceUnmount: %s\n",
- prefix, mount_state_to_string(m->state),
- prefix, mount_result_to_string(m->result),
- prefix, m->where,
- prefix, p ? strna(p->what) : "n/a",
- prefix, p ? strna(p->fstype) : "n/a",
- prefix, p ? strna(p->options) : "n/a",
- prefix, yes_no(m->from_proc_self_mountinfo),
- prefix, yes_no(m->from_fragment),
- prefix, m->directory_mode,
- prefix, yes_no(m->sloppy_options),
- prefix, yes_no(m->lazy_unmount),
- prefix, yes_no(m->force_unmount));
-
- if (m->control_pid > 0)
- fprintf(f,
- "%sControl PID: "PID_FMT"\n",
- prefix, m->control_pid);
-
- exec_context_dump(&m->exec_context, f, prefix);
- kill_context_dump(&m->kill_context, f, prefix);
-}
-
-static int mount_spawn(Mount *m, ExecCommand *c, pid_t *_pid) {
- pid_t pid;
- int r;
- ExecParameters exec_params = {
- .flags = EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN,
- .stdin_fd = -1,
- .stdout_fd = -1,
- .stderr_fd = -1,
- };
-
- assert(m);
- assert(c);
- assert(_pid);
-
- (void) unit_realize_cgroup(UNIT(m));
- if (m->reset_cpu_usage) {
- (void) unit_reset_cpu_usage(UNIT(m));
- m->reset_cpu_usage = false;
- }
-
- r = unit_setup_exec_runtime(UNIT(m));
- if (r < 0)
- return r;
-
- r = unit_setup_dynamic_creds(UNIT(m));
- if (r < 0)
- return r;
-
- r = mount_arm_timer(m, usec_add(now(CLOCK_MONOTONIC), m->timeout_usec));
- if (r < 0)
- return r;
-
- exec_params.environment = UNIT(m)->manager->environment;
- exec_params.flags |= UNIT(m)->manager->confirm_spawn ? EXEC_CONFIRM_SPAWN : 0;
- exec_params.cgroup_supported = UNIT(m)->manager->cgroup_supported;
- exec_params.cgroup_path = UNIT(m)->cgroup_path;
- exec_params.cgroup_delegate = m->cgroup_context.delegate;
- exec_params.runtime_prefix = manager_get_runtime_prefix(UNIT(m)->manager);
-
- r = exec_spawn(UNIT(m),
- c,
- &m->exec_context,
- &exec_params,
- m->exec_runtime,
- &m->dynamic_creds,
- &pid);
- if (r < 0)
- return r;
-
- r = unit_watch_pid(UNIT(m), pid);
- if (r < 0)
- /* FIXME: we need to do something here */
- return r;
-
- *_pid = pid;
-
- return 0;
-}
-
-static void mount_enter_dead(Mount *m, MountResult f) {
- assert(m);
-
- if (m->result == MOUNT_SUCCESS)
- m->result = f;
-
- mount_set_state(m, m->result != MOUNT_SUCCESS ? MOUNT_FAILED : MOUNT_DEAD);
-
- exec_runtime_destroy(m->exec_runtime);
- m->exec_runtime = exec_runtime_unref(m->exec_runtime);
-
- exec_context_destroy_runtime_directory(&m->exec_context, manager_get_runtime_prefix(UNIT(m)->manager));
-
- unit_unref_uid_gid(UNIT(m), true);
-
- dynamic_creds_destroy(&m->dynamic_creds);
-}
-
-static void mount_enter_mounted(Mount *m, MountResult f) {
- assert(m);
-
- if (m->result == MOUNT_SUCCESS)
- m->result = f;
-
- mount_set_state(m, MOUNT_MOUNTED);
-}
-
-static void mount_enter_signal(Mount *m, MountState state, MountResult f) {
- int r;
-
- assert(m);
-
- if (m->result == MOUNT_SUCCESS)
- m->result = f;
-
- r = unit_kill_context(
- UNIT(m),
- &m->kill_context,
- (state != MOUNT_MOUNTING_SIGTERM && state != MOUNT_UNMOUNTING_SIGTERM && state != MOUNT_REMOUNTING_SIGTERM) ?
- KILL_KILL : KILL_TERMINATE,
- -1,
- m->control_pid,
- false);
- if (r < 0)
- goto fail;
-
- if (r > 0) {
- r = mount_arm_timer(m, usec_add(now(CLOCK_MONOTONIC), m->timeout_usec));
- if (r < 0)
- goto fail;
-
- mount_set_state(m, state);
- } else if (state == MOUNT_REMOUNTING_SIGTERM)
- mount_enter_signal(m, MOUNT_REMOUNTING_SIGKILL, MOUNT_SUCCESS);
- else if (state == MOUNT_REMOUNTING_SIGKILL)
- mount_enter_mounted(m, MOUNT_SUCCESS);
- else if (state == MOUNT_MOUNTING_SIGTERM)
- mount_enter_signal(m, MOUNT_MOUNTING_SIGKILL, MOUNT_SUCCESS);
- else if (state == MOUNT_UNMOUNTING_SIGTERM)
- mount_enter_signal(m, MOUNT_UNMOUNTING_SIGKILL, MOUNT_SUCCESS);
- else
- mount_enter_dead(m, MOUNT_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(m), r, "Failed to kill processes: %m");
-
- if (IN_SET(state, MOUNT_REMOUNTING_SIGTERM, MOUNT_REMOUNTING_SIGKILL))
- mount_enter_mounted(m, MOUNT_FAILURE_RESOURCES);
- else
- mount_enter_dead(m, MOUNT_FAILURE_RESOURCES);
-}
-
-static void mount_enter_unmounting(Mount *m) {
- int r;
-
- assert(m);
-
- /* Start counting our attempts */
- if (!IN_SET(m->state,
- MOUNT_UNMOUNTING,
- MOUNT_UNMOUNTING_SIGTERM,
- MOUNT_UNMOUNTING_SIGKILL))
- m->n_retry_umount = 0;
-
- m->control_command_id = MOUNT_EXEC_UNMOUNT;
- m->control_command = m->exec_command + MOUNT_EXEC_UNMOUNT;
-
- r = exec_command_set(m->control_command, UMOUNT_PATH, m->where, NULL);
- if (r >= 0 && m->lazy_unmount)
- r = exec_command_append(m->control_command, "-l", NULL);
- if (r >= 0 && m->force_unmount)
- r = exec_command_append(m->control_command, "-f", NULL);
- if (r < 0)
- goto fail;
-
- mount_unwatch_control_pid(m);
-
- r = mount_spawn(m, m->control_command, &m->control_pid);
- if (r < 0)
- goto fail;
-
- mount_set_state(m, MOUNT_UNMOUNTING);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(m), r, "Failed to run 'umount' task: %m");
- mount_enter_mounted(m, MOUNT_FAILURE_RESOURCES);
-}
-
-static void mount_enter_mounting(Mount *m) {
- int r;
- MountParameters *p;
-
- assert(m);
-
- m->control_command_id = MOUNT_EXEC_MOUNT;
- m->control_command = m->exec_command + MOUNT_EXEC_MOUNT;
-
- r = unit_fail_if_symlink(UNIT(m), m->where);
- if (r < 0)
- goto fail;
-
- (void) mkdir_p_label(m->where, m->directory_mode);
-
- unit_warn_if_dir_nonempty(UNIT(m), m->where);
-
- /* Create the source directory for bind-mounts if needed */
- p = get_mount_parameters_fragment(m);
- if (p && mount_is_bind(p))
- (void) mkdir_p_label(p->what, m->directory_mode);
-
- if (p) {
- _cleanup_free_ char *opts = NULL;
-
- r = fstab_filter_options(p->options, "nofail\0" "noauto\0" "auto\0", NULL, NULL, &opts);
- if (r < 0)
- goto fail;
-
- r = exec_command_set(m->control_command, MOUNT_PATH, p->what, m->where, NULL);
- if (r >= 0 && m->sloppy_options)
- r = exec_command_append(m->control_command, "-s", NULL);
- if (r >= 0 && p->fstype)
- r = exec_command_append(m->control_command, "-t", p->fstype, NULL);
- if (r >= 0 && !isempty(opts))
- r = exec_command_append(m->control_command, "-o", opts, NULL);
- } else
- r = -ENOENT;
-
- if (r < 0)
- goto fail;
-
- mount_unwatch_control_pid(m);
-
- r = mount_spawn(m, m->control_command, &m->control_pid);
- if (r < 0)
- goto fail;
-
- mount_set_state(m, MOUNT_MOUNTING);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(m), r, "Failed to run 'mount' task: %m");
- mount_enter_dead(m, MOUNT_FAILURE_RESOURCES);
-}
-
-static void mount_enter_remounting(Mount *m) {
- int r;
- MountParameters *p;
-
- assert(m);
-
- m->control_command_id = MOUNT_EXEC_REMOUNT;
- m->control_command = m->exec_command + MOUNT_EXEC_REMOUNT;
-
- p = get_mount_parameters_fragment(m);
- if (p) {
- const char *o;
-
- if (p->options)
- o = strjoina("remount,", p->options);
- else
- o = "remount";
-
- r = exec_command_set(m->control_command, MOUNT_PATH,
- p->what, m->where,
- "-o", o, NULL);
- if (r >= 0 && m->sloppy_options)
- r = exec_command_append(m->control_command, "-s", NULL);
- if (r >= 0 && p->fstype)
- r = exec_command_append(m->control_command, "-t", p->fstype, NULL);
- } else
- r = -ENOENT;
-
- if (r < 0)
- goto fail;
-
- mount_unwatch_control_pid(m);
-
- r = mount_spawn(m, m->control_command, &m->control_pid);
- if (r < 0)
- goto fail;
-
- mount_set_state(m, MOUNT_REMOUNTING);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(m), r, "Failed to run 'remount' task: %m");
- m->reload_result = MOUNT_FAILURE_RESOURCES;
- mount_enter_mounted(m, MOUNT_SUCCESS);
-}
-
-static int mount_start(Unit *u) {
- Mount *m = MOUNT(u);
- int r;
-
- assert(m);
-
- /* We cannot fulfill this request right now, try again later
- * please! */
- if (IN_SET(m->state,
- MOUNT_UNMOUNTING,
- MOUNT_UNMOUNTING_SIGTERM,
- MOUNT_UNMOUNTING_SIGKILL,
- MOUNT_MOUNTING_SIGTERM,
- MOUNT_MOUNTING_SIGKILL))
- return -EAGAIN;
-
- /* Already on it! */
- if (m->state == MOUNT_MOUNTING)
- return 0;
-
- assert(IN_SET(m->state, MOUNT_DEAD, MOUNT_FAILED));
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- mount_enter_dead(m, MOUNT_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- m->result = MOUNT_SUCCESS;
- m->reload_result = MOUNT_SUCCESS;
- m->reset_cpu_usage = true;
-
- mount_enter_mounting(m);
- return 1;
-}
-
-static int mount_stop(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(m);
-
- /* Already on it */
- if (IN_SET(m->state,
- MOUNT_UNMOUNTING,
- MOUNT_UNMOUNTING_SIGKILL,
- MOUNT_UNMOUNTING_SIGTERM,
- MOUNT_MOUNTING_SIGTERM,
- MOUNT_MOUNTING_SIGKILL))
- return 0;
-
- assert(IN_SET(m->state,
- MOUNT_MOUNTING,
- MOUNT_MOUNTING_DONE,
- MOUNT_MOUNTED,
- MOUNT_REMOUNTING,
- MOUNT_REMOUNTING_SIGTERM,
- MOUNT_REMOUNTING_SIGKILL));
-
- mount_enter_unmounting(m);
- return 1;
-}
-
-static int mount_reload(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(m);
-
- if (m->state == MOUNT_MOUNTING_DONE)
- return -EAGAIN;
-
- assert(m->state == MOUNT_MOUNTED);
-
- mount_enter_remounting(m);
- return 1;
-}
-
-static int mount_serialize(Unit *u, FILE *f, FDSet *fds) {
- Mount *m = MOUNT(u);
-
- assert(m);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", mount_state_to_string(m->state));
- unit_serialize_item(u, f, "result", mount_result_to_string(m->result));
- unit_serialize_item(u, f, "reload-result", mount_result_to_string(m->reload_result));
-
- if (m->control_pid > 0)
- unit_serialize_item_format(u, f, "control-pid", PID_FMT, m->control_pid);
-
- if (m->control_command_id >= 0)
- unit_serialize_item(u, f, "control-command", mount_exec_command_to_string(m->control_command_id));
-
- return 0;
-}
-
-static int mount_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Mount *m = MOUNT(u);
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- MountState state;
-
- if ((state = mount_state_from_string(value)) < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- m->deserialized_state = state;
- } else if (streq(key, "result")) {
- MountResult f;
-
- f = mount_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != MOUNT_SUCCESS)
- m->result = f;
-
- } else if (streq(key, "reload-result")) {
- MountResult f;
-
- f = mount_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse reload result value: %s", value);
- else if (f != MOUNT_SUCCESS)
- m->reload_result = f;
-
- } else if (streq(key, "control-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse control-pid value: %s", value);
- else
- m->control_pid = pid;
- } else if (streq(key, "control-command")) {
- MountExecCommand id;
-
- id = mount_exec_command_from_string(value);
- if (id < 0)
- log_unit_debug(u, "Failed to parse exec-command value: %s", value);
- else {
- m->control_command_id = id;
- m->control_command = m->exec_command + id;
- }
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState mount_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[MOUNT(u)->state];
-}
-
-_pure_ static const char *mount_sub_state_to_string(Unit *u) {
- assert(u);
-
- return mount_state_to_string(MOUNT(u)->state);
-}
-
-_pure_ static bool mount_check_gc(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(m);
-
- return m->from_proc_self_mountinfo;
-}
-
-static void mount_sigchld_event(Unit *u, pid_t pid, int code, int status) {
- Mount *m = MOUNT(u);
- MountResult f;
-
- assert(m);
- assert(pid >= 0);
-
- if (pid != m->control_pid)
- return;
-
- m->control_pid = 0;
-
- if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
- f = MOUNT_SUCCESS;
- else if (code == CLD_EXITED)
- f = MOUNT_FAILURE_EXIT_CODE;
- else if (code == CLD_KILLED)
- f = MOUNT_FAILURE_SIGNAL;
- else if (code == CLD_DUMPED)
- f = MOUNT_FAILURE_CORE_DUMP;
- else
- assert_not_reached("Unknown code");
-
- if (m->result == MOUNT_SUCCESS)
- m->result = f;
-
- if (m->control_command) {
- exec_status_exit(&m->control_command->exec_status, &m->exec_context, pid, code, status);
-
- m->control_command = NULL;
- m->control_command_id = _MOUNT_EXEC_COMMAND_INVALID;
- }
-
- log_unit_full(u, f == MOUNT_SUCCESS ? LOG_DEBUG : LOG_NOTICE, 0,
- "Mount process exited, code=%s status=%i", sigchld_code_to_string(code), status);
-
- /* Note that mount(8) returning and the kernel sending us a
- * mount table change event might happen out-of-order. If an
- * operation succeed we assume the kernel will follow soon too
- * and already change into the resulting state. If it fails
- * we check if the kernel still knows about the mount. and
- * change state accordingly. */
-
- switch (m->state) {
-
- case MOUNT_MOUNTING:
- case MOUNT_MOUNTING_DONE:
- case MOUNT_MOUNTING_SIGKILL:
- case MOUNT_MOUNTING_SIGTERM:
-
- if (f == MOUNT_SUCCESS || m->from_proc_self_mountinfo)
- /* If /bin/mount returned success, or if we see the mount point in /proc/self/mountinfo we are
- * happy. If we see the first condition first, we should see the the second condition
- * immediately after – or /bin/mount lies to us and is broken. */
- mount_enter_mounted(m, f);
- else
- mount_enter_dead(m, f);
- break;
-
- case MOUNT_REMOUNTING:
- case MOUNT_REMOUNTING_SIGKILL:
- case MOUNT_REMOUNTING_SIGTERM:
-
- m->reload_result = f;
- if (m->from_proc_self_mountinfo)
- mount_enter_mounted(m, MOUNT_SUCCESS);
- else
- mount_enter_dead(m, MOUNT_SUCCESS);
-
- break;
-
- case MOUNT_UNMOUNTING:
- case MOUNT_UNMOUNTING_SIGKILL:
- case MOUNT_UNMOUNTING_SIGTERM:
-
- if (f == MOUNT_SUCCESS) {
-
- if (m->from_proc_self_mountinfo) {
-
- /* Still a mount point? If so, let's
- * try again. Most likely there were
- * multiple mount points stacked on
- * top of each other. Note that due to
- * the io event priority logic we can
- * be sure the new mountinfo is loaded
- * before we process the SIGCHLD for
- * the mount command. */
-
- if (m->n_retry_umount < RETRY_UMOUNT_MAX) {
- log_unit_debug(u, "Mount still present, trying again.");
- m->n_retry_umount++;
- mount_enter_unmounting(m);
- } else {
- log_unit_debug(u, "Mount still present after %u attempts to unmount, giving up.", m->n_retry_umount);
- mount_enter_mounted(m, f);
- }
- } else
- mount_enter_dead(m, f);
-
- } else if (m->from_proc_self_mountinfo)
- mount_enter_mounted(m, f);
- else
- mount_enter_dead(m, f);
- break;
-
- default:
- assert_not_reached("Uh, control process died at wrong time.");
- }
-
- /* Notify clients about changed exit status */
- unit_add_to_dbus_queue(u);
-}
-
-static int mount_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
- Mount *m = MOUNT(userdata);
-
- assert(m);
- assert(m->timer_event_source == source);
-
- switch (m->state) {
-
- case MOUNT_MOUNTING:
- case MOUNT_MOUNTING_DONE:
- log_unit_warning(UNIT(m), "Mounting timed out. Stopping.");
- mount_enter_signal(m, MOUNT_MOUNTING_SIGTERM, MOUNT_FAILURE_TIMEOUT);
- break;
-
- case MOUNT_REMOUNTING:
- log_unit_warning(UNIT(m), "Remounting timed out. Stopping.");
- m->reload_result = MOUNT_FAILURE_TIMEOUT;
- mount_enter_mounted(m, MOUNT_SUCCESS);
- break;
-
- case MOUNT_UNMOUNTING:
- log_unit_warning(UNIT(m), "Unmounting timed out. Stopping.");
- mount_enter_signal(m, MOUNT_UNMOUNTING_SIGTERM, MOUNT_FAILURE_TIMEOUT);
- break;
-
- case MOUNT_MOUNTING_SIGTERM:
- if (m->kill_context.send_sigkill) {
- log_unit_warning(UNIT(m), "Mounting timed out. Killing.");
- mount_enter_signal(m, MOUNT_MOUNTING_SIGKILL, MOUNT_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(m), "Mounting timed out. Skipping SIGKILL. Ignoring.");
-
- if (m->from_proc_self_mountinfo)
- mount_enter_mounted(m, MOUNT_FAILURE_TIMEOUT);
- else
- mount_enter_dead(m, MOUNT_FAILURE_TIMEOUT);
- }
- break;
-
- case MOUNT_REMOUNTING_SIGTERM:
- if (m->kill_context.send_sigkill) {
- log_unit_warning(UNIT(m), "Remounting timed out. Killing.");
- mount_enter_signal(m, MOUNT_REMOUNTING_SIGKILL, MOUNT_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(m), "Remounting timed out. Skipping SIGKILL. Ignoring.");
-
- if (m->from_proc_self_mountinfo)
- mount_enter_mounted(m, MOUNT_FAILURE_TIMEOUT);
- else
- mount_enter_dead(m, MOUNT_FAILURE_TIMEOUT);
- }
- break;
-
- case MOUNT_UNMOUNTING_SIGTERM:
- if (m->kill_context.send_sigkill) {
- log_unit_warning(UNIT(m), "Unmounting timed out. Killing.");
- mount_enter_signal(m, MOUNT_UNMOUNTING_SIGKILL, MOUNT_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(m), "Unmounting timed out. Skipping SIGKILL. Ignoring.");
-
- if (m->from_proc_self_mountinfo)
- mount_enter_mounted(m, MOUNT_FAILURE_TIMEOUT);
- else
- mount_enter_dead(m, MOUNT_FAILURE_TIMEOUT);
- }
- break;
-
- case MOUNT_MOUNTING_SIGKILL:
- case MOUNT_REMOUNTING_SIGKILL:
- case MOUNT_UNMOUNTING_SIGKILL:
- log_unit_warning(UNIT(m),"Mount process still around after SIGKILL. Ignoring.");
-
- if (m->from_proc_self_mountinfo)
- mount_enter_mounted(m, MOUNT_FAILURE_TIMEOUT);
- else
- mount_enter_dead(m, MOUNT_FAILURE_TIMEOUT);
- break;
-
- default:
- assert_not_reached("Timeout at wrong time.");
- }
-
- return 0;
-}
-
-static int mount_setup_unit(
- Manager *m,
- const char *what,
- const char *where,
- const char *options,
- const char *fstype,
- bool set_flags) {
-
- _cleanup_free_ char *e = NULL, *w = NULL, *o = NULL, *f = NULL;
- bool load_extras = false;
- MountParameters *p;
- bool delete, changed = false;
- Unit *u;
- int r;
-
- assert(m);
- assert(what);
- assert(where);
- assert(options);
- assert(fstype);
-
- /* Ignore API mount points. They should never be referenced in
- * dependencies ever. */
- if (mount_point_is_api(where) || mount_point_ignore(where))
- return 0;
-
- if (streq(fstype, "autofs"))
- return 0;
-
- /* probably some kind of swap, ignore */
- if (!is_path(where))
- return 0;
-
- r = unit_name_from_path(where, ".mount", &e);
- if (r < 0)
- return r;
-
- u = manager_get_unit(m, e);
- if (!u) {
- delete = true;
-
- r = unit_new_for_name(m, sizeof(Mount), e, &u);
- if (r < 0)
- goto fail;
-
- MOUNT(u)->where = strdup(where);
- if (!MOUNT(u)->where) {
- r = -ENOMEM;
- goto fail;
- }
-
- u->source_path = strdup("/proc/self/mountinfo");
- if (!u->source_path) {
- r = -ENOMEM;
- goto fail;
- }
-
- if (MANAGER_IS_SYSTEM(m)) {
- const char* target;
-
- target = mount_needs_network(options, fstype) ? SPECIAL_REMOTE_FS_TARGET : SPECIAL_LOCAL_FS_TARGET;
- r = unit_add_dependency_by_name(u, UNIT_BEFORE, target, NULL, true);
- if (r < 0)
- goto fail;
-
- if (should_umount(MOUNT(u))) {
- r = unit_add_dependency_by_name(u, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, NULL, true);
- if (r < 0)
- goto fail;
- }
- }
-
- unit_add_to_load_queue(u);
- changed = true;
- } else {
- delete = false;
-
- if (!MOUNT(u)->where) {
- MOUNT(u)->where = strdup(where);
- if (!MOUNT(u)->where) {
- r = -ENOMEM;
- goto fail;
- }
- }
-
- if (MANAGER_IS_SYSTEM(m) &&
- mount_needs_network(options, fstype)) {
- /* _netdev option may have shown up late, or on a
- * remount. Add remote-fs dependencies, even though
- * local-fs ones may already be there. */
- unit_add_dependency_by_name(u, UNIT_BEFORE, SPECIAL_REMOTE_FS_TARGET, NULL, true);
- load_extras = true;
- }
-
- if (u->load_state == UNIT_NOT_FOUND) {
- u->load_state = UNIT_LOADED;
- u->load_error = 0;
-
- /* Load in the extras later on, after we
- * finished initialization of the unit */
- load_extras = true;
- changed = true;
- }
- }
-
- w = strdup(what);
- o = strdup(options);
- f = strdup(fstype);
- if (!w || !o || !f) {
- r = -ENOMEM;
- goto fail;
- }
-
- p = &MOUNT(u)->parameters_proc_self_mountinfo;
-
- changed = changed ||
- !streq_ptr(p->options, options) ||
- !streq_ptr(p->what, what) ||
- !streq_ptr(p->fstype, fstype);
-
- if (set_flags) {
- MOUNT(u)->is_mounted = true;
- MOUNT(u)->just_mounted = !MOUNT(u)->from_proc_self_mountinfo;
- MOUNT(u)->just_changed = changed;
- }
-
- MOUNT(u)->from_proc_self_mountinfo = true;
-
- free_and_replace(p->what, w);
- free_and_replace(p->options, o);
- free_and_replace(p->fstype, f);
-
- if (load_extras) {
- r = mount_add_extras(MOUNT(u));
- if (r < 0)
- goto fail;
- }
-
- if (changed)
- unit_add_to_dbus_queue(u);
-
- return 0;
-
-fail:
- log_warning_errno(r, "Failed to set up mount unit: %m");
-
- if (delete && u)
- unit_free(u);
-
- return r;
-}
-
-static int mount_load_proc_self_mountinfo(Manager *m, bool set_flags) {
- _cleanup_(mnt_free_tablep) struct libmnt_table *t = NULL;
- _cleanup_(mnt_free_iterp) struct libmnt_iter *i = NULL;
- int r = 0;
-
- assert(m);
-
- t = mnt_new_table();
- if (!t)
- return log_oom();
-
- i = mnt_new_iter(MNT_ITER_FORWARD);
- if (!i)
- return log_oom();
-
- r = mnt_table_parse_mtab(t, NULL);
- if (r < 0)
- return log_error_errno(r, "Failed to parse /proc/self/mountinfo: %m");
-
- r = 0;
- for (;;) {
- const char *device, *path, *options, *fstype;
- _cleanup_free_ char *d = NULL, *p = NULL;
- struct libmnt_fs *fs;
- int k;
-
- k = mnt_table_next_fs(t, i, &fs);
- if (k == 1)
- break;
- if (k < 0)
- return log_error_errno(k, "Failed to get next entry from /proc/self/mountinfo: %m");
-
- device = mnt_fs_get_source(fs);
- path = mnt_fs_get_target(fs);
- options = mnt_fs_get_options(fs);
- fstype = mnt_fs_get_fstype(fs);
-
- if (!device || !path)
- continue;
-
- if (cunescape(device, UNESCAPE_RELAX, &d) < 0)
- return log_oom();
-
- if (cunescape(path, UNESCAPE_RELAX, &p) < 0)
- return log_oom();
-
- (void) device_found_node(m, d, true, DEVICE_FOUND_MOUNT, set_flags);
-
- k = mount_setup_unit(m, d, p, options, fstype, set_flags);
- if (r == 0 && k < 0)
- r = k;
- }
-
- return r;
-}
-
-static void mount_shutdown(Manager *m) {
-
- assert(m);
-
- m->mount_event_source = sd_event_source_unref(m->mount_event_source);
-
- mnt_unref_monitor(m->mount_monitor);
- m->mount_monitor = NULL;
-}
-
-static int mount_get_timeout(Unit *u, usec_t *timeout) {
- Mount *m = MOUNT(u);
- usec_t t;
- int r;
-
- if (!m->timer_event_source)
- return 0;
-
- r = sd_event_source_get_time(m->timer_event_source, &t);
- if (r < 0)
- return r;
- if (t == USEC_INFINITY)
- return 0;
-
- *timeout = t;
- return 1;
-}
-
-static int synthesize_root_mount(Manager *m) {
- Unit *u;
- int r;
-
- assert(m);
-
- /* Whatever happens, we know for sure that the root directory is around, and cannot go away. Let's
- * unconditionally synthesize it here and mark it as perpetual. */
-
- u = manager_get_unit(m, SPECIAL_ROOT_MOUNT);
- if (!u) {
- r = unit_new_for_name(m, sizeof(Mount), SPECIAL_ROOT_MOUNT, &u);
- if (r < 0)
- return log_error_errno(r, "Failed to allocate the special " SPECIAL_ROOT_MOUNT " unit: %m");
- }
-
- u->perpetual = true;
- MOUNT(u)->deserialized_state = MOUNT_MOUNTED;
-
- unit_add_to_load_queue(u);
- unit_add_to_dbus_queue(u);
-
- return 0;
-}
-
-static bool mount_is_mounted(Mount *m) {
- assert(m);
-
- return UNIT(m)->perpetual || m->is_mounted;
-}
-
-static void mount_enumerate(Manager *m) {
- int r;
-
- assert(m);
-
- r = synthesize_root_mount(m);
- if (r < 0)
- goto fail;
-
- mnt_init_debug(0);
-
- if (!m->mount_monitor) {
- int fd;
-
- m->mount_monitor = mnt_new_monitor();
- if (!m->mount_monitor) {
- log_oom();
- goto fail;
- }
-
- r = mnt_monitor_enable_kernel(m->mount_monitor, 1);
- if (r < 0) {
- log_error_errno(r, "Failed to enable watching of kernel mount events: %m");
- goto fail;
- }
-
- r = mnt_monitor_enable_userspace(m->mount_monitor, 1, NULL);
- if (r < 0) {
- log_error_errno(r, "Failed to enable watching of userspace mount events: %m");
- goto fail;
- }
-
- /* mnt_unref_monitor() will close the fd */
- fd = r = mnt_monitor_get_fd(m->mount_monitor);
- if (r < 0) {
- log_error_errno(r, "Failed to acquire watch file descriptor: %m");
- goto fail;
- }
-
- r = sd_event_add_io(m->event, &m->mount_event_source, fd, EPOLLIN, mount_dispatch_io, m);
- if (r < 0) {
- log_error_errno(r, "Failed to watch mount file descriptor: %m");
- goto fail;
- }
-
- r = sd_event_source_set_priority(m->mount_event_source, -10);
- if (r < 0) {
- log_error_errno(r, "Failed to adjust mount watch priority: %m");
- goto fail;
- }
-
- (void) sd_event_source_set_description(m->mount_event_source, "mount-monitor-dispatch");
- }
-
- r = mount_load_proc_self_mountinfo(m, false);
- if (r < 0)
- goto fail;
-
- return;
-
-fail:
- mount_shutdown(m);
-}
-
-static int mount_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- _cleanup_set_free_ Set *around = NULL, *gone = NULL;
- Manager *m = userdata;
- const char *what;
- Iterator i;
- Unit *u;
- int r;
-
- assert(m);
- assert(revents & EPOLLIN);
-
- if (fd == mnt_monitor_get_fd(m->mount_monitor)) {
- bool rescan = false;
-
- /* Drain all events and verify that the event is valid.
- *
- * Note that libmount also monitors /run/mount mkdir if the
- * directory does not exist yet. The mkdir may generate event
- * which is irrelevant for us.
- *
- * error: r < 0; valid: r == 0, false positive: rc == 1 */
- do {
- r = mnt_monitor_next_change(m->mount_monitor, NULL, NULL);
- if (r == 0)
- rescan = true;
- else if (r < 0)
- return log_error_errno(r, "Failed to drain libmount events");
- } while (r == 0);
-
- log_debug("libmount event [rescan: %s]", yes_no(rescan));
- if (!rescan)
- return 0;
- }
-
- r = mount_load_proc_self_mountinfo(m, true);
- if (r < 0) {
- /* Reset flags, just in case, for later calls */
- LIST_FOREACH(units_by_type, u, m->units_by_type[UNIT_MOUNT]) {
- Mount *mount = MOUNT(u);
-
- mount->is_mounted = mount->just_mounted = mount->just_changed = false;
- }
-
- return 0;
- }
-
- manager_dispatch_load_queue(m);
-
- LIST_FOREACH(units_by_type, u, m->units_by_type[UNIT_MOUNT]) {
- Mount *mount = MOUNT(u);
-
- if (!mount_is_mounted(mount)) {
-
- /* A mount point is not around right now. It
- * might be gone, or might never have
- * existed. */
-
- if (mount->from_proc_self_mountinfo &&
- mount->parameters_proc_self_mountinfo.what) {
-
- /* Remember that this device might just have disappeared */
- if (set_ensure_allocated(&gone, &string_hash_ops) < 0 ||
- set_put(gone, mount->parameters_proc_self_mountinfo.what) < 0)
- log_oom(); /* we don't care too much about OOM here... */
- }
-
- mount->from_proc_self_mountinfo = false;
-
- switch (mount->state) {
-
- case MOUNT_MOUNTED:
- /* This has just been unmounted by
- * somebody else, follow the state
- * change. */
- mount->result = MOUNT_SUCCESS; /* make sure we forget any earlier umount failures */
- mount_enter_dead(mount, MOUNT_SUCCESS);
- break;
-
- default:
- break;
- }
-
- } else if (mount->just_mounted || mount->just_changed) {
-
- /* A mount point was added or changed */
-
- switch (mount->state) {
-
- case MOUNT_DEAD:
- case MOUNT_FAILED:
-
- /* This has just been mounted by somebody else, follow the state change, but let's
- * generate a new invocation ID for this implicitly and automatically. */
- (void) unit_acquire_invocation_id(UNIT(mount));
- mount_enter_mounted(mount, MOUNT_SUCCESS);
- break;
-
- case MOUNT_MOUNTING:
- mount_set_state(mount, MOUNT_MOUNTING_DONE);
- break;
-
- default:
- /* Nothing really changed, but let's
- * issue an notification call
- * nonetheless, in case somebody is
- * waiting for this. (e.g. file system
- * ro/rw remounts.) */
- mount_set_state(mount, mount->state);
- break;
- }
- }
-
- if (mount_is_mounted(mount) &&
- mount->from_proc_self_mountinfo &&
- mount->parameters_proc_self_mountinfo.what) {
-
- if (set_ensure_allocated(&around, &string_hash_ops) < 0 ||
- set_put(around, mount->parameters_proc_self_mountinfo.what) < 0)
- log_oom();
- }
-
- /* Reset the flags for later calls */
- mount->is_mounted = mount->just_mounted = mount->just_changed = false;
- }
-
- SET_FOREACH(what, gone, i) {
- if (set_contains(around, what))
- continue;
-
- /* Let the device units know that the device is no longer mounted */
- (void) device_found_node(m, what, false, DEVICE_FOUND_MOUNT, true);
- }
-
- return 0;
-}
-
-static void mount_reset_failed(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(m);
-
- if (m->state == MOUNT_FAILED)
- mount_set_state(m, MOUNT_DEAD);
-
- m->result = MOUNT_SUCCESS;
- m->reload_result = MOUNT_SUCCESS;
-}
-
-static int mount_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- return unit_kill_common(u, who, signo, -1, MOUNT(u)->control_pid, error);
-}
-
-static int mount_control_pid(Unit *u) {
- Mount *m = MOUNT(u);
-
- assert(m);
-
- return m->control_pid;
-}
-
-static const char* const mount_exec_command_table[_MOUNT_EXEC_COMMAND_MAX] = {
- [MOUNT_EXEC_MOUNT] = "ExecMount",
- [MOUNT_EXEC_UNMOUNT] = "ExecUnmount",
- [MOUNT_EXEC_REMOUNT] = "ExecRemount",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(mount_exec_command, MountExecCommand);
-
-static const char* const mount_result_table[_MOUNT_RESULT_MAX] = {
- [MOUNT_SUCCESS] = "success",
- [MOUNT_FAILURE_RESOURCES] = "resources",
- [MOUNT_FAILURE_TIMEOUT] = "timeout",
- [MOUNT_FAILURE_EXIT_CODE] = "exit-code",
- [MOUNT_FAILURE_SIGNAL] = "signal",
- [MOUNT_FAILURE_CORE_DUMP] = "core-dump",
- [MOUNT_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(mount_result, MountResult);
-
-const UnitVTable mount_vtable = {
- .object_size = sizeof(Mount),
- .exec_context_offset = offsetof(Mount, exec_context),
- .cgroup_context_offset = offsetof(Mount, cgroup_context),
- .kill_context_offset = offsetof(Mount, kill_context),
- .exec_runtime_offset = offsetof(Mount, exec_runtime),
- .dynamic_creds_offset = offsetof(Mount, dynamic_creds),
-
- .sections =
- "Unit\0"
- "Mount\0"
- "Install\0",
- .private_section = "Mount",
-
- .init = mount_init,
- .load = mount_load,
- .done = mount_done,
-
- .coldplug = mount_coldplug,
-
- .dump = mount_dump,
-
- .start = mount_start,
- .stop = mount_stop,
- .reload = mount_reload,
-
- .kill = mount_kill,
-
- .serialize = mount_serialize,
- .deserialize_item = mount_deserialize_item,
-
- .active_state = mount_active_state,
- .sub_state_to_string = mount_sub_state_to_string,
-
- .check_gc = mount_check_gc,
-
- .sigchld_event = mount_sigchld_event,
-
- .reset_failed = mount_reset_failed,
-
- .control_pid = mount_control_pid,
-
- .bus_vtable = bus_mount_vtable,
- .bus_set_property = bus_mount_set_property,
- .bus_commit_properties = bus_mount_commit_properties,
-
- .get_timeout = mount_get_timeout,
-
- .can_transient = true,
-
- .enumerate = mount_enumerate,
- .shutdown = mount_shutdown,
-
- .status_message_formats = {
- .starting_stopping = {
- [0] = "Mounting %s...",
- [1] = "Unmounting %s...",
- },
- .finished_start_job = {
- [JOB_DONE] = "Mounted %s.",
- [JOB_FAILED] = "Failed to mount %s.",
- [JOB_TIMEOUT] = "Timed out mounting %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Unmounted %s.",
- [JOB_FAILED] = "Failed unmounting %s.",
- [JOB_TIMEOUT] = "Timed out unmounting %s.",
- },
- },
-};
diff --git a/src/core/mount.h b/src/core/mount.h
deleted file mode 100644
index 9f7326ba6a..0000000000
--- a/src/core/mount.h
+++ /dev/null
@@ -1,112 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Mount Mount;
-
-#include "kill.h"
-#include "dynamic-user.h"
-
-typedef enum MountExecCommand {
- MOUNT_EXEC_MOUNT,
- MOUNT_EXEC_UNMOUNT,
- MOUNT_EXEC_REMOUNT,
- _MOUNT_EXEC_COMMAND_MAX,
- _MOUNT_EXEC_COMMAND_INVALID = -1
-} MountExecCommand;
-
-typedef enum MountResult {
- MOUNT_SUCCESS,
- MOUNT_FAILURE_RESOURCES,
- MOUNT_FAILURE_TIMEOUT,
- MOUNT_FAILURE_EXIT_CODE,
- MOUNT_FAILURE_SIGNAL,
- MOUNT_FAILURE_CORE_DUMP,
- MOUNT_FAILURE_START_LIMIT_HIT,
- _MOUNT_RESULT_MAX,
- _MOUNT_RESULT_INVALID = -1
-} MountResult;
-
-typedef struct MountParameters {
- char *what;
- char *options;
- char *fstype;
-} MountParameters;
-
-struct Mount {
- Unit meta;
-
- char *where;
-
- MountParameters parameters_proc_self_mountinfo;
- MountParameters parameters_fragment;
-
- bool from_proc_self_mountinfo:1;
- bool from_fragment:1;
-
- /* Used while looking for mount points that vanished or got
- * added from/to /proc/self/mountinfo */
- bool is_mounted:1;
- bool just_mounted:1;
- bool just_changed:1;
-
- bool reset_cpu_usage:1;
-
- bool sloppy_options;
-
- bool lazy_unmount;
- bool force_unmount;
-
- MountResult result;
- MountResult reload_result;
-
- mode_t directory_mode;
-
- usec_t timeout_usec;
-
- ExecCommand exec_command[_MOUNT_EXEC_COMMAND_MAX];
-
- ExecContext exec_context;
- KillContext kill_context;
- CGroupContext cgroup_context;
-
- ExecRuntime *exec_runtime;
- DynamicCreds dynamic_creds;
-
- MountState state, deserialized_state;
-
- ExecCommand* control_command;
- MountExecCommand control_command_id;
- pid_t control_pid;
-
- sd_event_source *timer_event_source;
-
- unsigned n_retry_umount;
-};
-
-extern const UnitVTable mount_vtable;
-
-void mount_fd_event(Manager *m, int events);
-
-const char* mount_exec_command_to_string(MountExecCommand i) _const_;
-MountExecCommand mount_exec_command_from_string(const char *s) _pure_;
-
-const char* mount_result_to_string(MountResult i) _const_;
-MountResult mount_result_from_string(const char *s) _pure_;
diff --git a/src/core/namespace.c b/src/core/namespace.c
deleted file mode 100644
index 1195e9a854..0000000000
--- a/src/core/namespace.c
+++ /dev/null
@@ -1,1043 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <sched.h>
-#include <stdio.h>
-#include <string.h>
-#include <sys/mount.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <linux/fs.h>
-
-#include "alloc-util.h"
-#include "dev-setup.h"
-#include "fd-util.h"
-#include "fs-util.h"
-#include "loopback-setup.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "mount-util.h"
-#include "namespace.h"
-#include "path-util.h"
-#include "selinux-util.h"
-#include "socket-util.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "umask-util.h"
-#include "user-util.h"
-#include "util.h"
-
-#define DEV_MOUNT_OPTIONS (MS_NOSUID|MS_STRICTATIME|MS_NOEXEC)
-
-typedef enum MountMode {
- /* This is ordered by priority! */
- INACCESSIBLE,
- READONLY,
- PRIVATE_TMP,
- PRIVATE_VAR_TMP,
- PRIVATE_DEV,
- READWRITE,
-} MountMode;
-
-typedef struct BindMount {
- const char *path; /* stack memory, doesn't need to be freed explicitly */
- char *chased; /* malloc()ed memory, needs to be freed */
- MountMode mode;
- bool ignore; /* Ignore if path does not exist */
-} BindMount;
-
-typedef struct TargetMount {
- const char *path;
- MountMode mode;
- bool ignore; /* Ignore if path does not exist */
-} TargetMount;
-
-/*
- * The following Protect tables are to protect paths and mark some of them
- * READONLY, in case a path is covered by an option from another table, then
- * it is marked READWRITE in the current one, and the more restrictive mode is
- * applied from that other table. This way all options can be combined in a
- * safe and comprehensible way for users.
- */
-
-/* ProtectKernelTunables= option and the related filesystem APIs */
-static const TargetMount protect_kernel_tunables_table[] = {
- { "/proc/sys", READONLY, false },
- { "/proc/sysrq-trigger", READONLY, true },
- { "/proc/latency_stats", READONLY, true },
- { "/proc/mtrr", READONLY, true },
- { "/proc/apm", READONLY, true },
- { "/proc/acpi", READONLY, true },
- { "/proc/timer_stats", READONLY, true },
- { "/proc/asound", READONLY, true },
- { "/proc/bus", READONLY, true },
- { "/proc/fs", READONLY, true },
- { "/proc/irq", READONLY, true },
- { "/sys", READONLY, false },
- { "/sys/kernel/debug", READONLY, true },
- { "/sys/kernel/tracing", READONLY, true },
- { "/sys/fs/cgroup", READWRITE, false }, /* READONLY is set by ProtectControlGroups= option */
-};
-
-/* ProtectKernelModules= option */
-static const TargetMount protect_kernel_modules_table[] = {
-#ifdef HAVE_SPLIT_USR
- { "/lib/modules", INACCESSIBLE, true },
-#endif
- { "/usr/lib/modules", INACCESSIBLE, true },
-};
-
-/*
- * ProtectHome=read-only table, protect $HOME and $XDG_RUNTIME_DIR and rest of
- * system should be protected by ProtectSystem=
- */
-static const TargetMount protect_home_read_only_table[] = {
- { "/home", READONLY, true },
- { "/run/user", READONLY, true },
- { "/root", READONLY, true },
-};
-
-/* ProtectHome=yes table */
-static const TargetMount protect_home_yes_table[] = {
- { "/home", INACCESSIBLE, true },
- { "/run/user", INACCESSIBLE, true },
- { "/root", INACCESSIBLE, true },
-};
-
-/* ProtectSystem=yes table */
-static const TargetMount protect_system_yes_table[] = {
- { "/usr", READONLY, false },
- { "/boot", READONLY, true },
- { "/efi", READONLY, true },
-};
-
-/* ProtectSystem=full includes ProtectSystem=yes */
-static const TargetMount protect_system_full_table[] = {
- { "/usr", READONLY, false },
- { "/boot", READONLY, true },
- { "/efi", READONLY, true },
- { "/etc", READONLY, false },
-};
-
-/*
- * ProtectSystem=strict table. In this strict mode, we mount everything
- * read-only, except for /proc, /dev, /sys which are the kernel API VFS,
- * which are left writable, but PrivateDevices= + ProtectKernelTunables=
- * protect those, and these options should be fully orthogonal.
- * (And of course /home and friends are also left writable, as ProtectHome=
- * shall manage those, orthogonally).
- */
-static const TargetMount protect_system_strict_table[] = {
- { "/", READONLY, false },
- { "/proc", READWRITE, false }, /* ProtectKernelTunables= */
- { "/sys", READWRITE, false }, /* ProtectKernelTunables= */
- { "/dev", READWRITE, false }, /* PrivateDevices= */
- { "/home", READWRITE, true }, /* ProtectHome= */
- { "/run/user", READWRITE, true }, /* ProtectHome= */
- { "/root", READWRITE, true }, /* ProtectHome= */
-};
-
-static void set_bind_mount(BindMount **p, const char *path, MountMode mode, bool ignore) {
- (*p)->path = path;
- (*p)->mode = mode;
- (*p)->ignore = ignore;
-}
-
-static int append_mounts(BindMount **p, char **strv, MountMode mode) {
- char **i;
-
- assert(p);
-
- STRV_FOREACH(i, strv) {
- bool ignore = false;
-
- if (IN_SET(mode, INACCESSIBLE, READONLY, READWRITE) && startswith(*i, "-")) {
- (*i)++;
- ignore = true;
- }
-
- if (!path_is_absolute(*i))
- return -EINVAL;
-
- set_bind_mount(p, *i, mode, ignore);
- (*p)++;
- }
-
- return 0;
-}
-
-static int append_target_mounts(BindMount **p, const char *root_directory, const TargetMount *mounts, const size_t size) {
- unsigned i;
-
- assert(p);
- assert(mounts);
-
- for (i = 0; i < size; i++) {
- /*
- * Here we assume that the ignore field is set during
- * declaration we do not support "-" at the beginning.
- */
- const TargetMount *m = &mounts[i];
- const char *path = prefix_roota(root_directory, m->path);
-
- if (!path_is_absolute(path))
- return -EINVAL;
-
- set_bind_mount(p, path, m->mode, m->ignore);
- (*p)++;
- }
-
- return 0;
-}
-
-static int append_protect_kernel_tunables(BindMount **p, const char *root_directory) {
- assert(p);
-
- return append_target_mounts(p, root_directory, protect_kernel_tunables_table,
- ELEMENTSOF(protect_kernel_tunables_table));
-}
-
-static int append_protect_kernel_modules(BindMount **p, const char *root_directory) {
- assert(p);
-
- return append_target_mounts(p, root_directory, protect_kernel_modules_table,
- ELEMENTSOF(protect_kernel_modules_table));
-}
-
-static int append_protect_home(BindMount **p, const char *root_directory, ProtectHome protect_home) {
- int r = 0;
-
- assert(p);
-
- if (protect_home == PROTECT_HOME_NO)
- return 0;
-
- switch (protect_home) {
- case PROTECT_HOME_READ_ONLY:
- r = append_target_mounts(p, root_directory, protect_home_read_only_table,
- ELEMENTSOF(protect_home_read_only_table));
- break;
- case PROTECT_HOME_YES:
- r = append_target_mounts(p, root_directory, protect_home_yes_table,
- ELEMENTSOF(protect_home_yes_table));
- break;
- default:
- r = -EINVAL;
- break;
- }
-
- return r;
-}
-
-static int append_protect_system(BindMount **p, const char *root_directory, ProtectSystem protect_system) {
- int r = 0;
-
- assert(p);
-
- if (protect_system == PROTECT_SYSTEM_NO)
- return 0;
-
- switch (protect_system) {
- case PROTECT_SYSTEM_STRICT:
- r = append_target_mounts(p, root_directory, protect_system_strict_table,
- ELEMENTSOF(protect_system_strict_table));
- break;
- case PROTECT_SYSTEM_YES:
- r = append_target_mounts(p, root_directory, protect_system_yes_table,
- ELEMENTSOF(protect_system_yes_table));
- break;
- case PROTECT_SYSTEM_FULL:
- r = append_target_mounts(p, root_directory, protect_system_full_table,
- ELEMENTSOF(protect_system_full_table));
- break;
- default:
- r = -EINVAL;
- break;
- }
-
- return r;
-}
-
-static int mount_path_compare(const void *a, const void *b) {
- const BindMount *p = a, *q = b;
- int d;
-
- /* If the paths are not equal, then order prefixes first */
- d = path_compare(p->path, q->path);
- if (d != 0)
- return d;
-
- /* If the paths are equal, check the mode */
- if (p->mode < q->mode)
- return -1;
-
- if (p->mode > q->mode)
- return 1;
-
- return 0;
-}
-
-static void drop_duplicates(BindMount *m, unsigned *n) {
- BindMount *f, *t, *previous;
-
- assert(m);
- assert(n);
-
- /* Drops duplicate entries. Expects that the array is properly ordered already. */
-
- for (f = m, t = m, previous = NULL; f < m+*n; f++) {
-
- /* The first one wins (which is the one with the more restrictive mode), see mount_path_compare()
- * above. */
- if (previous && path_equal(f->path, previous->path)) {
- log_debug("%s is duplicate.", f->path);
- continue;
- }
-
- *t = *f;
- previous = t;
- t++;
- }
-
- *n = t - m;
-}
-
-static void drop_inaccessible(BindMount *m, unsigned *n) {
- BindMount *f, *t;
- const char *clear = NULL;
-
- assert(m);
- assert(n);
-
- /* Drops all entries obstructed by another entry further up the tree. Expects that the array is properly
- * ordered already. */
-
- for (f = m, t = m; f < m+*n; f++) {
-
- /* If we found a path set for INACCESSIBLE earlier, and this entry has it as prefix we should drop
- * it, as inaccessible paths really should drop the entire subtree. */
- if (clear && path_startswith(f->path, clear)) {
- log_debug("%s is masked by %s.", f->path, clear);
- continue;
- }
-
- clear = f->mode == INACCESSIBLE ? f->path : NULL;
-
- *t = *f;
- t++;
- }
-
- *n = t - m;
-}
-
-static void drop_nop(BindMount *m, unsigned *n) {
- BindMount *f, *t;
-
- assert(m);
- assert(n);
-
- /* Drops all entries which have an immediate parent that has the same type, as they are redundant. Assumes the
- * list is ordered by prefixes. */
-
- for (f = m, t = m; f < m+*n; f++) {
-
- /* Only suppress such subtrees for READONLY and READWRITE entries */
- if (IN_SET(f->mode, READONLY, READWRITE)) {
- BindMount *p;
- bool found = false;
-
- /* Now let's find the first parent of the entry we are looking at. */
- for (p = t-1; p >= m; p--) {
- if (path_startswith(f->path, p->path)) {
- found = true;
- break;
- }
- }
-
- /* We found it, let's see if it's the same mode, if so, we can drop this entry */
- if (found && p->mode == f->mode) {
- log_debug("%s is redundant by %s", f->path, p->path);
- continue;
- }
- }
-
- *t = *f;
- t++;
- }
-
- *n = t - m;
-}
-
-static void drop_outside_root(const char *root_directory, BindMount *m, unsigned *n) {
- BindMount *f, *t;
-
- assert(m);
- assert(n);
-
- if (!root_directory)
- return;
-
- /* Drops all mounts that are outside of the root directory. */
-
- for (f = m, t = m; f < m+*n; f++) {
-
- if (!path_startswith(f->path, root_directory)) {
- log_debug("%s is outside of root directory.", f->path);
- continue;
- }
-
- *t = *f;
- t++;
- }
-
- *n = t - m;
-}
-
-static int mount_dev(BindMount *m) {
- static const char devnodes[] =
- "/dev/null\0"
- "/dev/zero\0"
- "/dev/full\0"
- "/dev/random\0"
- "/dev/urandom\0"
- "/dev/tty\0";
-
- char temporary_mount[] = "/tmp/namespace-dev-XXXXXX";
- const char *d, *dev = NULL, *devpts = NULL, *devshm = NULL, *devhugepages = NULL, *devmqueue = NULL, *devlog = NULL, *devptmx = NULL;
- _cleanup_umask_ mode_t u;
- int r;
-
- assert(m);
-
- u = umask(0000);
-
- if (!mkdtemp(temporary_mount))
- return -errno;
-
- dev = strjoina(temporary_mount, "/dev");
- (void) mkdir(dev, 0755);
- if (mount("tmpfs", dev, "tmpfs", DEV_MOUNT_OPTIONS, "mode=755") < 0) {
- r = -errno;
- goto fail;
- }
-
- devpts = strjoina(temporary_mount, "/dev/pts");
- (void) mkdir(devpts, 0755);
- if (mount("/dev/pts", devpts, NULL, MS_BIND, NULL) < 0) {
- r = -errno;
- goto fail;
- }
-
- devptmx = strjoina(temporary_mount, "/dev/ptmx");
- if (symlink("pts/ptmx", devptmx) < 0) {
- r = -errno;
- goto fail;
- }
-
- devshm = strjoina(temporary_mount, "/dev/shm");
- (void) mkdir(devshm, 01777);
- r = mount("/dev/shm", devshm, NULL, MS_BIND, NULL);
- if (r < 0) {
- r = -errno;
- goto fail;
- }
-
- devmqueue = strjoina(temporary_mount, "/dev/mqueue");
- (void) mkdir(devmqueue, 0755);
- (void) mount("/dev/mqueue", devmqueue, NULL, MS_BIND, NULL);
-
- devhugepages = strjoina(temporary_mount, "/dev/hugepages");
- (void) mkdir(devhugepages, 0755);
- (void) mount("/dev/hugepages", devhugepages, NULL, MS_BIND, NULL);
-
- devlog = strjoina(temporary_mount, "/dev/log");
- (void) symlink("/run/systemd/journal/dev-log", devlog);
-
- NULSTR_FOREACH(d, devnodes) {
- _cleanup_free_ char *dn = NULL;
- struct stat st;
-
- r = stat(d, &st);
- if (r < 0) {
-
- if (errno == ENOENT)
- continue;
-
- r = -errno;
- goto fail;
- }
-
- if (!S_ISBLK(st.st_mode) &&
- !S_ISCHR(st.st_mode)) {
- r = -EINVAL;
- goto fail;
- }
-
- if (st.st_rdev == 0)
- continue;
-
- dn = strappend(temporary_mount, d);
- if (!dn) {
- r = -ENOMEM;
- goto fail;
- }
-
- mac_selinux_create_file_prepare(d, st.st_mode);
- r = mknod(dn, st.st_mode, st.st_rdev);
- mac_selinux_create_file_clear();
-
- if (r < 0) {
- r = -errno;
- goto fail;
- }
- }
-
- dev_setup(temporary_mount, UID_INVALID, GID_INVALID);
-
- /* Create the /dev directory if missing. It is more likely to be
- * missing when the service is started with RootDirectory. This is
- * consistent with mount units creating the mount points when missing.
- */
- (void) mkdir_p_label(m->path, 0755);
-
- /* Unmount everything in old /dev */
- umount_recursive(m->path, 0);
- if (mount(dev, m->path, NULL, MS_MOVE, NULL) < 0) {
- r = -errno;
- goto fail;
- }
-
- rmdir(dev);
- rmdir(temporary_mount);
-
- return 0;
-
-fail:
- if (devpts)
- umount(devpts);
-
- if (devshm)
- umount(devshm);
-
- if (devhugepages)
- umount(devhugepages);
-
- if (devmqueue)
- umount(devmqueue);
-
- umount(dev);
- rmdir(dev);
- rmdir(temporary_mount);
-
- return r;
-}
-
-static int apply_mount(
- BindMount *m,
- const char *tmp_dir,
- const char *var_tmp_dir) {
-
- const char *what;
- int r;
-
- assert(m);
-
- log_debug("Applying namespace mount on %s", m->path);
-
- switch (m->mode) {
-
- case INACCESSIBLE: {
- struct stat target;
-
- /* First, get rid of everything that is below if there
- * is anything... Then, overmount it with an
- * inaccessible path. */
- (void) umount_recursive(m->path, 0);
-
- if (lstat(m->path, &target) < 0)
- return log_debug_errno(errno, "Failed to lstat() %s to determine what to mount over it: %m", m->path);
-
- what = mode_to_inaccessible_node(target.st_mode);
- if (!what) {
- log_debug("File type not supported for inaccessible mounts. Note that symlinks are not allowed");
- return -ELOOP;
- }
- break;
- }
-
- case READONLY:
- case READWRITE:
-
- r = path_is_mount_point(m->path, 0);
- if (r < 0)
- return log_debug_errno(r, "Failed to determine whether %s is already a mount point: %m", m->path);
- if (r > 0) /* Nothing to do here, it is already a mount. We just later toggle the MS_RDONLY bit for the mount point if needed. */
- return 0;
-
- /* This isn't a mount point yet, let's make it one. */
- what = m->path;
- break;
-
- case PRIVATE_TMP:
- what = tmp_dir;
- break;
-
- case PRIVATE_VAR_TMP:
- what = var_tmp_dir;
- break;
-
- case PRIVATE_DEV:
- return mount_dev(m);
-
- default:
- assert_not_reached("Unknown mode");
- }
-
- assert(what);
-
- if (mount(what, m->path, NULL, MS_BIND|MS_REC, NULL) < 0)
- return log_debug_errno(errno, "Failed to mount %s to %s: %m", what, m->path);
-
- log_debug("Successfully mounted %s to %s", what, m->path);
- return 0;
-}
-
-static int make_read_only(BindMount *m, char **blacklist) {
- int r = 0;
-
- assert(m);
-
- if (IN_SET(m->mode, INACCESSIBLE, READONLY))
- r = bind_remount_recursive(m->path, true, blacklist);
- else if (m->mode == PRIVATE_DEV) { /* Can be readonly but the submounts can't*/
- if (mount(NULL, m->path, NULL, MS_REMOUNT|DEV_MOUNT_OPTIONS|MS_RDONLY, NULL) < 0)
- r = -errno;
- } else
- return 0;
-
- /* Not that we only turn on the MS_RDONLY flag here, we never turn it off. Something that was marked read-only
- * already stays this way. This improves compatibility with container managers, where we won't attempt to undo
- * read-only mounts already applied. */
-
- return r;
-}
-
-static int chase_all_symlinks(const char *root_directory, BindMount *m, unsigned *n) {
- BindMount *f, *t;
- int r;
-
- assert(m);
- assert(n);
-
- /* Since mount() will always follow symlinks and we need to take the different root directory into account we
- * chase the symlinks on our own first. This call wil do so for all entries and remove all entries where we
- * can't resolve the path, and which have been marked for such removal. */
-
- for (f = m, t = m; f < m+*n; f++) {
-
- r = chase_symlinks(f->path, root_directory, &f->chased);
- if (r == -ENOENT && f->ignore) /* Doesn't exist? Then remove it! */
- continue;
- if (r < 0)
- return log_debug_errno(r, "Failed to chase symlinks for %s: %m", f->path);
-
- if (path_equal(f->path, f->chased))
- f->chased = mfree(f->chased);
- else {
- log_debug("Chased %s → %s", f->path, f->chased);
- f->path = f->chased;
- }
-
- *t = *f;
- t++;
- }
-
- *n = t - m;
- return 0;
-}
-
-static unsigned namespace_calculate_mounts(
- const NameSpaceInfo *ns_info,
- char** read_write_paths,
- char** read_only_paths,
- char** inaccessible_paths,
- const char* tmp_dir,
- const char* var_tmp_dir,
- ProtectHome protect_home,
- ProtectSystem protect_system) {
-
- unsigned protect_home_cnt;
- unsigned protect_system_cnt =
- (protect_system == PROTECT_SYSTEM_STRICT ?
- ELEMENTSOF(protect_system_strict_table) :
- ((protect_system == PROTECT_SYSTEM_FULL) ?
- ELEMENTSOF(protect_system_full_table) :
- ((protect_system == PROTECT_SYSTEM_YES) ?
- ELEMENTSOF(protect_system_yes_table) : 0)));
-
- protect_home_cnt =
- (protect_home == PROTECT_HOME_YES ?
- ELEMENTSOF(protect_home_yes_table) :
- ((protect_home == PROTECT_HOME_READ_ONLY) ?
- ELEMENTSOF(protect_home_read_only_table) : 0));
-
- return !!tmp_dir + !!var_tmp_dir +
- strv_length(read_write_paths) +
- strv_length(read_only_paths) +
- strv_length(inaccessible_paths) +
- ns_info->private_dev +
- (ns_info->protect_kernel_tunables ? ELEMENTSOF(protect_kernel_tunables_table) : 0) +
- (ns_info->protect_control_groups ? 1 : 0) +
- (ns_info->protect_kernel_modules ? ELEMENTSOF(protect_kernel_modules_table) : 0) +
- protect_home_cnt + protect_system_cnt;
-}
-
-int setup_namespace(
- const char* root_directory,
- const NameSpaceInfo *ns_info,
- char** read_write_paths,
- char** read_only_paths,
- char** inaccessible_paths,
- const char* tmp_dir,
- const char* var_tmp_dir,
- ProtectHome protect_home,
- ProtectSystem protect_system,
- unsigned long mount_flags) {
-
- BindMount *m, *mounts = NULL;
- bool make_slave = false;
- unsigned n;
- int r = 0;
-
- if (mount_flags == 0)
- mount_flags = MS_SHARED;
-
- n = namespace_calculate_mounts(ns_info,
- read_write_paths,
- read_only_paths,
- inaccessible_paths,
- tmp_dir, var_tmp_dir,
- protect_home, protect_system);
-
- /* Set mount slave mode */
- if (root_directory || n > 0)
- make_slave = true;
-
- if (n > 0) {
- m = mounts = (BindMount *) alloca0(n * sizeof(BindMount));
- r = append_mounts(&m, read_write_paths, READWRITE);
- if (r < 0)
- return r;
-
- r = append_mounts(&m, read_only_paths, READONLY);
- if (r < 0)
- return r;
-
- r = append_mounts(&m, inaccessible_paths, INACCESSIBLE);
- if (r < 0)
- return r;
-
- if (tmp_dir) {
- m->path = prefix_roota(root_directory, "/tmp");
- m->mode = PRIVATE_TMP;
- m++;
- }
-
- if (var_tmp_dir) {
- m->path = prefix_roota(root_directory, "/var/tmp");
- m->mode = PRIVATE_VAR_TMP;
- m++;
- }
-
- if (ns_info->private_dev) {
- m->path = prefix_roota(root_directory, "/dev");
- m->mode = PRIVATE_DEV;
- m++;
- }
-
- if (ns_info->protect_kernel_tunables) {
- r = append_protect_kernel_tunables(&m, root_directory);
- if (r < 0)
- return r;
- }
-
- if (ns_info->protect_kernel_modules) {
- r = append_protect_kernel_modules(&m, root_directory);
- if (r < 0)
- return r;
- }
-
- if (ns_info->protect_control_groups) {
- m->path = prefix_roota(root_directory, "/sys/fs/cgroup");
- m->mode = READONLY;
- m++;
- }
-
- r = append_protect_home(&m, root_directory, protect_home);
- if (r < 0)
- return r;
-
- r = append_protect_system(&m, root_directory, protect_system);
- if (r < 0)
- return r;
-
- assert(mounts + n == m);
-
- /* Resolve symlinks manually first, as mount() will always follow them relative to the host's
- * root. Moreover we want to suppress duplicates based on the resolved paths. This of course is a bit
- * racy. */
- r = chase_all_symlinks(root_directory, mounts, &n);
- if (r < 0)
- goto finish;
-
- qsort(mounts, n, sizeof(BindMount), mount_path_compare);
-
- drop_duplicates(mounts, &n);
- drop_outside_root(root_directory, mounts, &n);
- drop_inaccessible(mounts, &n);
- drop_nop(mounts, &n);
- }
-
- if (unshare(CLONE_NEWNS) < 0) {
- r = -errno;
- goto finish;
- }
-
- if (make_slave) {
- /* Remount / as SLAVE so that nothing now mounted in the namespace
- shows up in the parent */
- if (mount(NULL, "/", NULL, MS_SLAVE|MS_REC, NULL) < 0) {
- r = -errno;
- goto finish;
- }
- }
-
- if (root_directory) {
- /* Turn directory into bind mount, if it isn't one yet */
- r = path_is_mount_point(root_directory, AT_SYMLINK_FOLLOW);
- if (r < 0)
- goto finish;
- if (r == 0) {
- if (mount(root_directory, root_directory, NULL, MS_BIND|MS_REC, NULL) < 0) {
- r = -errno;
- goto finish;
- }
- }
- }
-
- if (n > 0) {
- char **blacklist;
- unsigned j;
-
- /* First round, add in all special mounts we need */
- for (m = mounts; m < mounts + n; ++m) {
- r = apply_mount(m, tmp_dir, var_tmp_dir);
- if (r < 0)
- goto finish;
- }
-
- /* Create a blacklist we can pass to bind_mount_recursive() */
- blacklist = newa(char*, n+1);
- for (j = 0; j < n; j++)
- blacklist[j] = (char*) mounts[j].path;
- blacklist[j] = NULL;
-
- /* Second round, flip the ro bits if necessary. */
- for (m = mounts; m < mounts + n; ++m) {
- r = make_read_only(m, blacklist);
- if (r < 0)
- goto finish;
- }
- }
-
- if (root_directory) {
- /* MS_MOVE does not work on MS_SHARED so the remount MS_SHARED will be done later */
- r = mount_move_root(root_directory);
- if (r < 0)
- goto finish;
- }
-
- /* Remount / as the desired mode. Not that this will not
- * reestablish propagation from our side to the host, since
- * what's disconnected is disconnected. */
- if (mount(NULL, "/", NULL, mount_flags | MS_REC, NULL) < 0) {
- r = -errno;
- goto finish;
- }
-
- r = 0;
-
-finish:
- for (m = mounts; m < mounts + n; m++)
- free(m->chased);
-
- return r;
-}
-
-static int setup_one_tmp_dir(const char *id, const char *prefix, char **path) {
- _cleanup_free_ char *x = NULL;
- char bid[SD_ID128_STRING_MAX];
- sd_id128_t boot_id;
- int r;
-
- assert(id);
- assert(prefix);
- assert(path);
-
- /* We include the boot id in the directory so that after a
- * reboot we can easily identify obsolete directories. */
-
- r = sd_id128_get_boot(&boot_id);
- if (r < 0)
- return r;
-
- x = strjoin(prefix, "/systemd-private-", sd_id128_to_string(boot_id, bid), "-", id, "-XXXXXX", NULL);
- if (!x)
- return -ENOMEM;
-
- RUN_WITH_UMASK(0077)
- if (!mkdtemp(x))
- return -errno;
-
- RUN_WITH_UMASK(0000) {
- char *y;
-
- y = strjoina(x, "/tmp");
-
- if (mkdir(y, 0777 | S_ISVTX) < 0)
- return -errno;
- }
-
- *path = x;
- x = NULL;
-
- return 0;
-}
-
-int setup_tmp_dirs(const char *id, char **tmp_dir, char **var_tmp_dir) {
- char *a, *b;
- int r;
-
- assert(id);
- assert(tmp_dir);
- assert(var_tmp_dir);
-
- r = setup_one_tmp_dir(id, "/tmp", &a);
- if (r < 0)
- return r;
-
- r = setup_one_tmp_dir(id, "/var/tmp", &b);
- if (r < 0) {
- char *t;
-
- t = strjoina(a, "/tmp");
- rmdir(t);
- rmdir(a);
-
- free(a);
- return r;
- }
-
- *tmp_dir = a;
- *var_tmp_dir = b;
-
- return 0;
-}
-
-int setup_netns(int netns_storage_socket[2]) {
- _cleanup_close_ int netns = -1;
- int r, q;
-
- assert(netns_storage_socket);
- assert(netns_storage_socket[0] >= 0);
- assert(netns_storage_socket[1] >= 0);
-
- /* We use the passed socketpair as a storage buffer for our
- * namespace reference fd. Whatever process runs this first
- * shall create a new namespace, all others should just join
- * it. To serialize that we use a file lock on the socket
- * pair.
- *
- * It's a bit crazy, but hey, works great! */
-
- if (lockf(netns_storage_socket[0], F_LOCK, 0) < 0)
- return -errno;
-
- netns = receive_one_fd(netns_storage_socket[0], MSG_DONTWAIT);
- if (netns == -EAGAIN) {
- /* Nothing stored yet, so let's create a new namespace */
-
- if (unshare(CLONE_NEWNET) < 0) {
- r = -errno;
- goto fail;
- }
-
- loopback_setup();
-
- netns = open("/proc/self/ns/net", O_RDONLY|O_CLOEXEC|O_NOCTTY);
- if (netns < 0) {
- r = -errno;
- goto fail;
- }
-
- r = 1;
-
- } else if (netns < 0) {
- r = netns;
- goto fail;
-
- } else {
- /* Yay, found something, so let's join the namespace */
- if (setns(netns, CLONE_NEWNET) < 0) {
- r = -errno;
- goto fail;
- }
-
- r = 0;
- }
-
- q = send_one_fd(netns_storage_socket[1], netns, MSG_DONTWAIT);
- if (q < 0) {
- r = q;
- goto fail;
- }
-
-fail:
- (void) lockf(netns_storage_socket[0], F_ULOCK, 0);
- return r;
-}
-
-static const char *const protect_home_table[_PROTECT_HOME_MAX] = {
- [PROTECT_HOME_NO] = "no",
- [PROTECT_HOME_YES] = "yes",
- [PROTECT_HOME_READ_ONLY] = "read-only",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(protect_home, ProtectHome);
-
-static const char *const protect_system_table[_PROTECT_SYSTEM_MAX] = {
- [PROTECT_SYSTEM_NO] = "no",
- [PROTECT_SYSTEM_YES] = "yes",
- [PROTECT_SYSTEM_FULL] = "full",
- [PROTECT_SYSTEM_STRICT] = "strict",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(protect_system, ProtectSystem);
diff --git a/src/core/namespace.h b/src/core/namespace.h
deleted file mode 100644
index 6310638e9a..0000000000
--- a/src/core/namespace.h
+++ /dev/null
@@ -1,74 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright 2016 Djalal Harouni
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct NameSpaceInfo NameSpaceInfo;
-
-#include <stdbool.h>
-
-#include "macro.h"
-
-typedef enum ProtectHome {
- PROTECT_HOME_NO,
- PROTECT_HOME_YES,
- PROTECT_HOME_READ_ONLY,
- _PROTECT_HOME_MAX,
- _PROTECT_HOME_INVALID = -1
-} ProtectHome;
-
-typedef enum ProtectSystem {
- PROTECT_SYSTEM_NO,
- PROTECT_SYSTEM_YES,
- PROTECT_SYSTEM_FULL,
- PROTECT_SYSTEM_STRICT,
- _PROTECT_SYSTEM_MAX,
- _PROTECT_SYSTEM_INVALID = -1
-} ProtectSystem;
-
-struct NameSpaceInfo {
- bool private_dev:1;
- bool protect_control_groups:1;
- bool protect_kernel_tunables:1;
- bool protect_kernel_modules:1;
-};
-
-int setup_namespace(const char *chroot,
- const NameSpaceInfo *ns_info,
- char **read_write_paths,
- char **read_only_paths,
- char **inaccessible_paths,
- const char *tmp_dir,
- const char *var_tmp_dir,
- ProtectHome protect_home,
- ProtectSystem protect_system,
- unsigned long mount_flags);
-
-int setup_tmp_dirs(const char *id,
- char **tmp_dir,
- char **var_tmp_dir);
-
-int setup_netns(int netns_storage_socket[2]);
-
-const char* protect_home_to_string(ProtectHome p) _const_;
-ProtectHome protect_home_from_string(const char *s) _pure_;
-
-const char* protect_system_to_string(ProtectSystem p) _const_;
-ProtectSystem protect_system_from_string(const char *s) _pure_;
diff --git a/src/core/org.freedesktop.systemd1.conf b/src/core/org.freedesktop.systemd1.conf
deleted file mode 100644
index a61677e645..0000000000
--- a/src/core/org.freedesktop.systemd1.conf
+++ /dev/null
@@ -1,256 +0,0 @@
-<?xml version="1.0"?> <!--*-nxml-*-->
-<!DOCTYPE busconfig PUBLIC "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd">
-
-<!--
- This file is part of systemd.
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
--->
-
-<busconfig>
-
- <policy user="root">
- <allow own="org.freedesktop.systemd1"/>
-
- <!-- Root clients can do everything -->
- <allow send_destination="org.freedesktop.systemd1"/>
- <allow receive_sender="org.freedesktop.systemd1"/>
-
- <!-- systemd may receive activator requests -->
- <allow receive_interface="org.freedesktop.systemd1.Activator"
- receive_member="ActivationRequest"/>
- </policy>
-
- <policy context="default">
- <deny send_destination="org.freedesktop.systemd1"/>
-
- <!-- Completely open to anyone -->
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.DBus.Introspectable"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.DBus.Peer"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.DBus.Properties"
- send_member="Get"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.DBus.Properties"
- send_member="GetAll"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetUnitByPID"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetUnitByInvocationID"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="LoadUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetJob"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListUnits"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListUnitsFiltered"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListUnitsByPatterns"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListUnitFilesByPatterns"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetUnitFileState"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetUnitProcesses"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetUnitFileLinks"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListJobs"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="Subscribe"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="Unsubscribe"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="Dump"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="GetDefaultTarget"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="LookupDynamicUserByName"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="LookupDynamicUserByUID"/>
-
- <!-- Managed via polkit or other criteria -->
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="StartUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="StartUnitReplace"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="StopUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ReloadUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="RestartUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="TryRestartUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ReloadOrRestartUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ReloadOrTryRestartUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="KillUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ResetFailedUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="SetUnitProperties"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ListUnitsByNames"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="StartTransientUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="CancelJob"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="Reload"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="Reexecute"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="RefUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="UnrefUnit"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="EnableUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="DisableUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="ReenableUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="LinkUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="RevertUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="PresetUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="PresetUnitFilesWithMode"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="MaskUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="UnmaskUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="SetDefaultTarget"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="PresetAllUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Manager"
- send_member="AddDependencyUnitFiles"/>
-
- <allow send_destination="org.freedesktop.systemd1"
- send_interface="org.freedesktop.systemd1.Job"
- send_member="Cancel"/>
-
- <allow receive_sender="org.freedesktop.systemd1"/>
- </policy>
-
-</busconfig>
diff --git a/src/core/org.freedesktop.systemd1.policy.in.in b/src/core/org.freedesktop.systemd1.policy.in.in
deleted file mode 100644
index cc39a9e1c3..0000000000
--- a/src/core/org.freedesktop.systemd1.policy.in.in
+++ /dev/null
@@ -1,70 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?> <!--*-nxml-*-->
-<!DOCTYPE policyconfig PUBLIC "-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
- "http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
-
-<!--
- This file is part of systemd.
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
--->
-
-<policyconfig>
-
- <vendor>The systemd Project</vendor>
- <vendor_url>http://www.freedesktop.org/wiki/Software/systemd</vendor_url>
-
- <action id="org.freedesktop.systemd1.reply-password">
- <_description>Send passphrase back to system</_description>
- <_message>Authentication is required to send the entered passphrase back to the system.</_message>
- <defaults>
- <allow_any>no</allow_any>
- <allow_inactive>no</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
- </defaults>
- <annotate key="org.freedesktop.policykit.exec.path">@rootlibexecdir@/systemd-reply-password</annotate>
- </action>
-
- <action id="org.freedesktop.systemd1.manage-units">
- <_description>Manage system services or other units</_description>
- <_message>Authentication is required to manage system services or other units.</_message>
- <defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
- </defaults>
- </action>
-
- <action id="org.freedesktop.systemd1.manage-unit-files">
- <_description>Manage system service or unit files</_description>
- <_message>Authentication is required to manage system service or unit files.</_message>
- <defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
- </defaults>
- </action>
-
- <action id="org.freedesktop.systemd1.set-environment">
- <_description>Set or unset system and service manager environment variables</_description>
- <_message>Authentication is required to set or unset system and service manager environment variables.</_message>
- <defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
- </defaults>
- </action>
-
- <action id="org.freedesktop.systemd1.reload-daemon">
- <_description>Reload the systemd state</_description>
- <_message>Authentication is required to reload the systemd state.</_message>
- <defaults>
- <allow_any>auth_admin</allow_any>
- <allow_inactive>auth_admin</allow_inactive>
- <allow_active>auth_admin_keep</allow_active>
- </defaults>
- </action>
-
-</policyconfig>
diff --git a/src/core/org.freedesktop.systemd1.service b/src/core/org.freedesktop.systemd1.service
deleted file mode 100644
index d4df3e93a2..0000000000
--- a/src/core/org.freedesktop.systemd1.service
+++ /dev/null
@@ -1,11 +0,0 @@
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-
-[D-BUS Service]
-Name=org.freedesktop.systemd1
-Exec=/bin/false
-User=root
diff --git a/src/core/path.c b/src/core/path.c
deleted file mode 100644
index 83f794be89..0000000000
--- a/src/core/path.c
+++ /dev/null
@@ -1,788 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <sys/epoll.h>
-#include <sys/inotify.h>
-#include <unistd.h>
-
-#include "bus-error.h"
-#include "bus-util.h"
-#include "dbus-path.h"
-#include "fd-util.h"
-#include "fs-util.h"
-#include "glob-util.h"
-#include "macro.h"
-#include "mkdir.h"
-#include "path.h"
-#include "special.h"
-#include "stat-util.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "unit-name.h"
-#include "unit.h"
-
-static const UnitActiveState state_translation_table[_PATH_STATE_MAX] = {
- [PATH_DEAD] = UNIT_INACTIVE,
- [PATH_WAITING] = UNIT_ACTIVE,
- [PATH_RUNNING] = UNIT_ACTIVE,
- [PATH_FAILED] = UNIT_FAILED
-};
-
-static int path_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-
-int path_spec_watch(PathSpec *s, sd_event_io_handler_t handler) {
-
- static const int flags_table[_PATH_TYPE_MAX] = {
- [PATH_EXISTS] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB,
- [PATH_EXISTS_GLOB] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB,
- [PATH_CHANGED] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CLOSE_WRITE|IN_CREATE|IN_DELETE|IN_MOVED_FROM|IN_MOVED_TO,
- [PATH_MODIFIED] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CLOSE_WRITE|IN_CREATE|IN_DELETE|IN_MOVED_FROM|IN_MOVED_TO|IN_MODIFY,
- [PATH_DIRECTORY_NOT_EMPTY] = IN_DELETE_SELF|IN_MOVE_SELF|IN_ATTRIB|IN_CREATE|IN_MOVED_TO
- };
-
- bool exists = false;
- char *slash, *oldslash = NULL;
- int r;
-
- assert(s);
- assert(s->unit);
- assert(handler);
-
- path_spec_unwatch(s);
-
- s->inotify_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
- if (s->inotify_fd < 0) {
- r = -errno;
- goto fail;
- }
-
- r = sd_event_add_io(s->unit->manager->event, &s->event_source, s->inotify_fd, EPOLLIN, handler, s);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(s->event_source, "path");
-
- /* This assumes the path was passed through path_kill_slashes()! */
-
- for (slash = strchr(s->path, '/'); ; slash = strchr(slash+1, '/')) {
- char *cut = NULL;
- int flags;
- char tmp;
-
- if (slash) {
- cut = slash + (slash == s->path);
- tmp = *cut;
- *cut = '\0';
-
- flags = IN_MOVE_SELF | IN_DELETE_SELF | IN_ATTRIB | IN_CREATE | IN_MOVED_TO;
- } else
- flags = flags_table[s->type];
-
- r = inotify_add_watch(s->inotify_fd, s->path, flags);
- if (r < 0) {
- if (errno == EACCES || errno == ENOENT) {
- if (cut)
- *cut = tmp;
- break;
- }
-
- r = log_warning_errno(errno, "Failed to add watch on %s: %s", s->path, errno == ENOSPC ? "too many watches" : strerror(-r));
- if (cut)
- *cut = tmp;
- goto fail;
- } else {
- exists = true;
-
- /* Path exists, we don't need to watch parent too closely. */
- if (oldslash) {
- char *cut2 = oldslash + (oldslash == s->path);
- char tmp2 = *cut2;
- *cut2 = '\0';
-
- (void) inotify_add_watch(s->inotify_fd, s->path, IN_MOVE_SELF);
- /* Error is ignored, the worst can happen is we get spurious events. */
-
- *cut2 = tmp2;
- }
- }
-
- if (cut)
- *cut = tmp;
-
- if (slash)
- oldslash = slash;
- else {
- /* whole path has been iterated over */
- s->primary_wd = r;
- break;
- }
- }
-
- if (!exists) {
- r = log_error_errno(errno, "Failed to add watch on any of the components of %s: %m", s->path);
- /* either EACCESS or ENOENT */
- goto fail;
- }
-
- return 0;
-
-fail:
- path_spec_unwatch(s);
- return r;
-}
-
-void path_spec_unwatch(PathSpec *s) {
- assert(s);
-
- s->event_source = sd_event_source_unref(s->event_source);
- s->inotify_fd = safe_close(s->inotify_fd);
-}
-
-int path_spec_fd_event(PathSpec *s, uint32_t revents) {
- union inotify_event_buffer buffer;
- struct inotify_event *e;
- ssize_t l;
- int r = 0;
-
- if (revents != EPOLLIN) {
- log_error("Got invalid poll event on inotify.");
- return -EINVAL;
- }
-
- l = read(s->inotify_fd, &buffer, sizeof(buffer));
- if (l < 0) {
- if (errno == EAGAIN || errno == EINTR)
- return 0;
-
- return log_error_errno(errno, "Failed to read inotify event: %m");
- }
-
- FOREACH_INOTIFY_EVENT(e, buffer, l) {
- if ((s->type == PATH_CHANGED || s->type == PATH_MODIFIED) &&
- s->primary_wd == e->wd)
- r = 1;
- }
-
- return r;
-}
-
-static bool path_spec_check_good(PathSpec *s, bool initial) {
- bool good = false;
-
- switch (s->type) {
-
- case PATH_EXISTS:
- good = access(s->path, F_OK) >= 0;
- break;
-
- case PATH_EXISTS_GLOB:
- good = glob_exists(s->path) > 0;
- break;
-
- case PATH_DIRECTORY_NOT_EMPTY: {
- int k;
-
- k = dir_is_empty(s->path);
- good = !(k == -ENOENT || k > 0);
- break;
- }
-
- case PATH_CHANGED:
- case PATH_MODIFIED: {
- bool b;
-
- b = access(s->path, F_OK) >= 0;
- good = !initial && b != s->previous_exists;
- s->previous_exists = b;
- break;
- }
-
- default:
- ;
- }
-
- return good;
-}
-
-static void path_spec_mkdir(PathSpec *s, mode_t mode) {
- int r;
-
- if (s->type == PATH_EXISTS || s->type == PATH_EXISTS_GLOB)
- return;
-
- r = mkdir_p_label(s->path, mode);
- if (r < 0)
- log_warning_errno(r, "mkdir(%s) failed: %m", s->path);
-}
-
-static void path_spec_dump(PathSpec *s, FILE *f, const char *prefix) {
- fprintf(f,
- "%s%s: %s\n",
- prefix,
- path_type_to_string(s->type),
- s->path);
-}
-
-void path_spec_done(PathSpec *s) {
- assert(s);
- assert(s->inotify_fd == -1);
-
- free(s->path);
-}
-
-static void path_init(Unit *u) {
- Path *p = PATH(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- p->directory_mode = 0755;
-}
-
-void path_free_specs(Path *p) {
- PathSpec *s;
-
- assert(p);
-
- while ((s = p->specs)) {
- path_spec_unwatch(s);
- LIST_REMOVE(spec, p->specs, s);
- path_spec_done(s);
- free(s);
- }
-}
-
-static void path_done(Unit *u) {
- Path *p = PATH(u);
-
- assert(p);
-
- path_free_specs(p);
-}
-
-static int path_add_mount_links(Path *p) {
- PathSpec *s;
- int r;
-
- assert(p);
-
- LIST_FOREACH(spec, s, p->specs) {
- r = unit_require_mounts_for(UNIT(p), s->path);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static int path_verify(Path *p) {
- assert(p);
-
- if (UNIT(p)->load_state != UNIT_LOADED)
- return 0;
-
- if (!p->specs) {
- log_unit_error(UNIT(p), "Path unit lacks path setting. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int path_add_default_dependencies(Path *p) {
- int r;
-
- assert(p);
-
- if (!UNIT(p)->default_dependencies)
- return 0;
-
- r = unit_add_dependency_by_name(UNIT(p), UNIT_BEFORE, SPECIAL_PATHS_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- if (MANAGER_IS_SYSTEM(UNIT(p)->manager)) {
- r = unit_add_two_dependencies_by_name(UNIT(p), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
- if (r < 0)
- return r;
- }
-
- return unit_add_two_dependencies_by_name(UNIT(p), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
-}
-
-static int path_load(Unit *u) {
- Path *p = PATH(u);
- int r;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- r = unit_load_fragment_and_dropin(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
-
- if (set_isempty(u->dependencies[UNIT_TRIGGERS])) {
- Unit *x;
-
- r = unit_load_related_unit(u, ".service", &x);
- if (r < 0)
- return r;
-
- r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, x, true);
- if (r < 0)
- return r;
- }
-
- r = path_add_mount_links(p);
- if (r < 0)
- return r;
-
- r = path_add_default_dependencies(p);
- if (r < 0)
- return r;
- }
-
- return path_verify(p);
-}
-
-static void path_dump(Unit *u, FILE *f, const char *prefix) {
- Path *p = PATH(u);
- Unit *trigger;
- PathSpec *s;
-
- assert(p);
- assert(f);
-
- trigger = UNIT_TRIGGER(u);
-
- fprintf(f,
- "%sPath State: %s\n"
- "%sResult: %s\n"
- "%sUnit: %s\n"
- "%sMakeDirectory: %s\n"
- "%sDirectoryMode: %04o\n",
- prefix, path_state_to_string(p->state),
- prefix, path_result_to_string(p->result),
- prefix, trigger ? trigger->id : "n/a",
- prefix, yes_no(p->make_directory),
- prefix, p->directory_mode);
-
- LIST_FOREACH(spec, s, p->specs)
- path_spec_dump(s, f, prefix);
-}
-
-static void path_unwatch(Path *p) {
- PathSpec *s;
-
- assert(p);
-
- LIST_FOREACH(spec, s, p->specs)
- path_spec_unwatch(s);
-}
-
-static int path_watch(Path *p) {
- int r;
- PathSpec *s;
-
- assert(p);
-
- LIST_FOREACH(spec, s, p->specs) {
- r = path_spec_watch(s, path_dispatch_io);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static void path_set_state(Path *p, PathState state) {
- PathState old_state;
- assert(p);
-
- old_state = p->state;
- p->state = state;
-
- if (state != PATH_WAITING &&
- (state != PATH_RUNNING || p->inotify_triggered))
- path_unwatch(p);
-
- if (state != old_state)
- log_unit_debug(UNIT(p), "Changed %s -> %s", path_state_to_string(old_state), path_state_to_string(state));
-
- unit_notify(UNIT(p), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static void path_enter_waiting(Path *p, bool initial, bool recheck);
-
-static int path_coldplug(Unit *u) {
- Path *p = PATH(u);
-
- assert(p);
- assert(p->state == PATH_DEAD);
-
- if (p->deserialized_state != p->state) {
-
- if (p->deserialized_state == PATH_WAITING ||
- p->deserialized_state == PATH_RUNNING)
- path_enter_waiting(p, true, true);
- else
- path_set_state(p, p->deserialized_state);
- }
-
- return 0;
-}
-
-static void path_enter_dead(Path *p, PathResult f) {
- assert(p);
-
- if (p->result == PATH_SUCCESS)
- p->result = f;
-
- path_set_state(p, p->result != PATH_SUCCESS ? PATH_FAILED : PATH_DEAD);
-}
-
-static void path_enter_running(Path *p) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- Unit *trigger;
- int r;
-
- assert(p);
-
- /* Don't start job if we are supposed to go down */
- if (unit_stop_pending(UNIT(p)))
- return;
-
- trigger = UNIT_TRIGGER(UNIT(p));
- if (!trigger) {
- log_unit_error(UNIT(p), "Unit to trigger vanished.");
- path_enter_dead(p, PATH_FAILURE_RESOURCES);
- return;
- }
-
- r = manager_add_job(UNIT(p)->manager, JOB_START, trigger, JOB_REPLACE, &error, NULL);
- if (r < 0)
- goto fail;
-
- p->inotify_triggered = false;
-
- r = path_watch(p);
- if (r < 0)
- goto fail;
-
- path_set_state(p, PATH_RUNNING);
- return;
-
-fail:
- log_unit_warning(UNIT(p), "Failed to queue unit startup job: %s", bus_error_message(&error, r));
- path_enter_dead(p, PATH_FAILURE_RESOURCES);
-}
-
-static bool path_check_good(Path *p, bool initial) {
- PathSpec *s;
- bool good = false;
-
- assert(p);
-
- LIST_FOREACH(spec, s, p->specs) {
- good = path_spec_check_good(s, initial);
-
- if (good)
- break;
- }
-
- return good;
-}
-
-static void path_enter_waiting(Path *p, bool initial, bool recheck) {
- int r;
-
- if (recheck)
- if (path_check_good(p, initial)) {
- log_unit_debug(UNIT(p), "Got triggered.");
- path_enter_running(p);
- return;
- }
-
- r = path_watch(p);
- if (r < 0)
- goto fail;
-
- /* Hmm, so now we have created inotify watches, but the file
- * might have appeared/been removed by now, so we must
- * recheck */
-
- if (recheck)
- if (path_check_good(p, false)) {
- log_unit_debug(UNIT(p), "Got triggered.");
- path_enter_running(p);
- return;
- }
-
- path_set_state(p, PATH_WAITING);
- return;
-
-fail:
- log_unit_warning_errno(UNIT(p), r, "Failed to enter waiting state: %m");
- path_enter_dead(p, PATH_FAILURE_RESOURCES);
-}
-
-static void path_mkdir(Path *p) {
- PathSpec *s;
-
- assert(p);
-
- if (!p->make_directory)
- return;
-
- LIST_FOREACH(spec, s, p->specs)
- path_spec_mkdir(s, p->directory_mode);
-}
-
-static int path_start(Unit *u) {
- Path *p = PATH(u);
- Unit *trigger;
- int r;
-
- assert(p);
- assert(p->state == PATH_DEAD || p->state == PATH_FAILED);
-
- trigger = UNIT_TRIGGER(u);
- if (!trigger || trigger->load_state != UNIT_LOADED) {
- log_unit_error(u, "Refusing to start, unit to trigger not loaded.");
- return -ENOENT;
- }
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- path_enter_dead(p, PATH_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- path_mkdir(p);
-
- p->result = PATH_SUCCESS;
- path_enter_waiting(p, true, true);
-
- return 1;
-}
-
-static int path_stop(Unit *u) {
- Path *p = PATH(u);
-
- assert(p);
- assert(p->state == PATH_WAITING || p->state == PATH_RUNNING);
-
- path_enter_dead(p, PATH_SUCCESS);
- return 1;
-}
-
-static int path_serialize(Unit *u, FILE *f, FDSet *fds) {
- Path *p = PATH(u);
-
- assert(u);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", path_state_to_string(p->state));
- unit_serialize_item(u, f, "result", path_result_to_string(p->result));
-
- return 0;
-}
-
-static int path_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Path *p = PATH(u);
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- PathState state;
-
- state = path_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- p->deserialized_state = state;
-
- } else if (streq(key, "result")) {
- PathResult f;
-
- f = path_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != PATH_SUCCESS)
- p->result = f;
-
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState path_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[PATH(u)->state];
-}
-
-_pure_ static const char *path_sub_state_to_string(Unit *u) {
- assert(u);
-
- return path_state_to_string(PATH(u)->state);
-}
-
-static int path_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- PathSpec *s = userdata;
- Path *p;
- int changed;
-
- assert(s);
- assert(s->unit);
- assert(fd >= 0);
-
- p = PATH(s->unit);
-
- if (p->state != PATH_WAITING &&
- p->state != PATH_RUNNING)
- return 0;
-
- /* log_debug("inotify wakeup on %s.", u->id); */
-
- LIST_FOREACH(spec, s, p->specs)
- if (path_spec_owns_inotify_fd(s, fd))
- break;
-
- if (!s) {
- log_error("Got event on unknown fd.");
- goto fail;
- }
-
- changed = path_spec_fd_event(s, revents);
- if (changed < 0)
- goto fail;
-
- /* If we are already running, then remember that one event was
- * dispatched so that we restart the service only if something
- * actually changed on disk */
- p->inotify_triggered = true;
-
- if (changed)
- path_enter_running(p);
- else
- path_enter_waiting(p, false, true);
-
- return 0;
-
-fail:
- path_enter_dead(p, PATH_FAILURE_RESOURCES);
- return 0;
-}
-
-static void path_trigger_notify(Unit *u, Unit *other) {
- Path *p = PATH(u);
-
- assert(u);
- assert(other);
-
- /* Invoked whenever the unit we trigger changes state or gains
- * or loses a job */
-
- if (other->load_state != UNIT_LOADED)
- return;
-
- if (p->state == PATH_RUNNING &&
- UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
- log_unit_debug(UNIT(p), "Got notified about unit deactivation.");
-
- /* Hmm, so inotify was triggered since the
- * last activation, so I guess we need to
- * recheck what is going on. */
- path_enter_waiting(p, false, p->inotify_triggered);
- }
-}
-
-static void path_reset_failed(Unit *u) {
- Path *p = PATH(u);
-
- assert(p);
-
- if (p->state == PATH_FAILED)
- path_set_state(p, PATH_DEAD);
-
- p->result = PATH_SUCCESS;
-}
-
-static const char* const path_type_table[_PATH_TYPE_MAX] = {
- [PATH_EXISTS] = "PathExists",
- [PATH_EXISTS_GLOB] = "PathExistsGlob",
- [PATH_DIRECTORY_NOT_EMPTY] = "DirectoryNotEmpty",
- [PATH_CHANGED] = "PathChanged",
- [PATH_MODIFIED] = "PathModified",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(path_type, PathType);
-
-static const char* const path_result_table[_PATH_RESULT_MAX] = {
- [PATH_SUCCESS] = "success",
- [PATH_FAILURE_RESOURCES] = "resources",
- [PATH_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(path_result, PathResult);
-
-const UnitVTable path_vtable = {
- .object_size = sizeof(Path),
-
- .sections =
- "Unit\0"
- "Path\0"
- "Install\0",
-
- .init = path_init,
- .done = path_done,
- .load = path_load,
-
- .coldplug = path_coldplug,
-
- .dump = path_dump,
-
- .start = path_start,
- .stop = path_stop,
-
- .serialize = path_serialize,
- .deserialize_item = path_deserialize_item,
-
- .active_state = path_active_state,
- .sub_state_to_string = path_sub_state_to_string,
-
- .trigger_notify = path_trigger_notify,
-
- .reset_failed = path_reset_failed,
-
- .bus_vtable = bus_path_vtable
-};
diff --git a/src/core/path.h b/src/core/path.h
deleted file mode 100644
index 4230c8fb99..0000000000
--- a/src/core/path.h
+++ /dev/null
@@ -1,93 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Path Path;
-typedef struct PathSpec PathSpec;
-
-#include "unit.h"
-
-typedef enum PathType {
- PATH_EXISTS,
- PATH_EXISTS_GLOB,
- PATH_DIRECTORY_NOT_EMPTY,
- PATH_CHANGED,
- PATH_MODIFIED,
- _PATH_TYPE_MAX,
- _PATH_TYPE_INVALID = -1
-} PathType;
-
-typedef struct PathSpec {
- Unit *unit;
-
- char *path;
-
- sd_event_source *event_source;
-
- LIST_FIELDS(struct PathSpec, spec);
-
- PathType type;
- int inotify_fd;
- int primary_wd;
-
- bool previous_exists;
-} PathSpec;
-
-int path_spec_watch(PathSpec *s, sd_event_io_handler_t handler);
-void path_spec_unwatch(PathSpec *s);
-int path_spec_fd_event(PathSpec *s, uint32_t events);
-void path_spec_done(PathSpec *s);
-
-static inline bool path_spec_owns_inotify_fd(PathSpec *s, int fd) {
- return s->inotify_fd == fd;
-}
-
-typedef enum PathResult {
- PATH_SUCCESS,
- PATH_FAILURE_RESOURCES,
- PATH_FAILURE_START_LIMIT_HIT,
- _PATH_RESULT_MAX,
- _PATH_RESULT_INVALID = -1
-} PathResult;
-
-struct Path {
- Unit meta;
-
- LIST_HEAD(PathSpec, specs);
-
- PathState state, deserialized_state;
-
- bool inotify_triggered;
-
- bool make_directory;
- mode_t directory_mode;
-
- PathResult result;
-};
-
-void path_free_specs(Path *p);
-
-extern const UnitVTable path_vtable;
-
-const char* path_type_to_string(PathType i) _const_;
-PathType path_type_from_string(const char *s) _pure_;
-
-const char* path_result_to_string(PathResult i) _const_;
-PathResult path_result_from_string(const char *s) _pure_;
diff --git a/src/core/scope.c b/src/core/scope.c
deleted file mode 100644
index d6e1f8e392..0000000000
--- a/src/core/scope.c
+++ /dev/null
@@ -1,636 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "dbus-scope.h"
-#include "load-dropin.h"
-#include "log.h"
-#include "scope.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit.h"
-
-static const UnitActiveState state_translation_table[_SCOPE_STATE_MAX] = {
- [SCOPE_DEAD] = UNIT_INACTIVE,
- [SCOPE_RUNNING] = UNIT_ACTIVE,
- [SCOPE_ABANDONED] = UNIT_ACTIVE,
- [SCOPE_STOP_SIGTERM] = UNIT_DEACTIVATING,
- [SCOPE_STOP_SIGKILL] = UNIT_DEACTIVATING,
- [SCOPE_FAILED] = UNIT_FAILED
-};
-
-static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
-
-static void scope_init(Unit *u) {
- Scope *s = SCOPE(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
- u->ignore_on_isolate = true;
-}
-
-static void scope_done(Unit *u) {
- Scope *s = SCOPE(u);
-
- assert(u);
-
- free(s->controller);
-
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
-}
-
-static int scope_arm_timer(Scope *s, usec_t usec) {
- int r;
-
- assert(s);
-
- if (s->timer_event_source) {
- r = sd_event_source_set_time(s->timer_event_source, usec);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
- }
-
- if (usec == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- UNIT(s)->manager->event,
- &s->timer_event_source,
- CLOCK_MONOTONIC,
- usec, 0,
- scope_dispatch_timer, s);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(s->timer_event_source, "scope-timer");
-
- return 0;
-}
-
-static void scope_set_state(Scope *s, ScopeState state) {
- ScopeState old_state;
- assert(s);
-
- old_state = s->state;
- s->state = state;
-
- if (!IN_SET(state, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
-
- if (IN_SET(state, SCOPE_DEAD, SCOPE_FAILED))
- unit_unwatch_all_pids(UNIT(s));
-
- if (state != old_state)
- log_debug("%s changed %s -> %s", UNIT(s)->id, scope_state_to_string(old_state), scope_state_to_string(state));
-
- unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int scope_add_default_dependencies(Scope *s) {
- int r;
-
- assert(s);
-
- if (!UNIT(s)->default_dependencies)
- return 0;
-
- /* Make sure scopes are unloaded on shutdown */
- r = unit_add_two_dependencies_by_name(
- UNIT(s),
- UNIT_BEFORE, UNIT_CONFLICTS,
- SPECIAL_SHUTDOWN_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int scope_verify(Scope *s) {
- assert(s);
-
- if (UNIT(s)->load_state != UNIT_LOADED)
- return 0;
-
- if (set_isempty(UNIT(s)->pids) &&
- !MANAGER_IS_RELOADING(UNIT(s)->manager) &&
- !unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE)) {
- log_unit_error(UNIT(s), "Scope has no PIDs. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int scope_load_init_scope(Unit *u) {
- assert(u);
-
- if (!unit_has_name(u, SPECIAL_INIT_SCOPE))
- return 0;
-
- u->transient = true;
- u->perpetual = true;
-
- /* init.scope is a bit special, as it has to stick around forever. Because of its special semantics we
- * synthesize it here, instead of relying on the unit file on disk. */
-
- u->default_dependencies = false;
- u->ignore_on_isolate = true;
-
- SCOPE(u)->kill_context.kill_signal = SIGRTMIN+14;
-
- /* Prettify things, if we can. */
- if (!u->description)
- u->description = strdup("System and Service Manager");
- if (!u->documentation)
- (void) strv_extend(&u->documentation, "man:systemd(1)");
-
- return 1;
-}
-
-static int scope_load(Unit *u) {
- Scope *s = SCOPE(u);
- int r;
-
- assert(s);
- assert(u->load_state == UNIT_STUB);
-
- if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
- /* Refuse to load non-transient scope units, but allow them while reloading. */
- return -ENOENT;
-
- r = scope_load_init_scope(u);
- if (r < 0)
- return r;
- r = unit_load_fragment_and_dropin_optional(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
- r = unit_patch_contexts(u);
- if (r < 0)
- return r;
-
- r = unit_set_default_slice(u);
- if (r < 0)
- return r;
-
- r = scope_add_default_dependencies(s);
- if (r < 0)
- return r;
- }
-
- return scope_verify(s);
-}
-
-static int scope_coldplug(Unit *u) {
- Scope *s = SCOPE(u);
- int r;
-
- assert(s);
- assert(s->state == SCOPE_DEAD);
-
- if (s->deserialized_state == s->state)
- return 0;
-
- if (IN_SET(s->deserialized_state, SCOPE_STOP_SIGKILL, SCOPE_STOP_SIGTERM)) {
- r = scope_arm_timer(s, usec_add(u->state_change_timestamp.monotonic, s->timeout_stop_usec));
- if (r < 0)
- return r;
- }
-
- if (!IN_SET(s->deserialized_state, SCOPE_DEAD, SCOPE_FAILED))
- unit_watch_all_pids(UNIT(s));
-
- scope_set_state(s, s->deserialized_state);
- return 0;
-}
-
-static void scope_dump(Unit *u, FILE *f, const char *prefix) {
- Scope *s = SCOPE(u);
-
- assert(s);
- assert(f);
-
- fprintf(f,
- "%sScope State: %s\n"
- "%sResult: %s\n",
- prefix, scope_state_to_string(s->state),
- prefix, scope_result_to_string(s->result));
-
- cgroup_context_dump(&s->cgroup_context, f, prefix);
- kill_context_dump(&s->kill_context, f, prefix);
-}
-
-static void scope_enter_dead(Scope *s, ScopeResult f) {
- assert(s);
-
- if (s->result == SCOPE_SUCCESS)
- s->result = f;
-
- scope_set_state(s, s->result != SCOPE_SUCCESS ? SCOPE_FAILED : SCOPE_DEAD);
-}
-
-static void scope_enter_signal(Scope *s, ScopeState state, ScopeResult f) {
- bool skip_signal = false;
- int r;
-
- assert(s);
-
- if (s->result == SCOPE_SUCCESS)
- s->result = f;
-
- unit_watch_all_pids(UNIT(s));
-
- /* If we have a controller set let's ask the controller nicely
- * to terminate the scope, instead of us going directly into
- * SIGTERM berserk mode */
- if (state == SCOPE_STOP_SIGTERM)
- skip_signal = bus_scope_send_request_stop(s) > 0;
-
- if (!skip_signal) {
- r = unit_kill_context(
- UNIT(s),
- &s->kill_context,
- state != SCOPE_STOP_SIGTERM ? KILL_KILL :
- s->was_abandoned ? KILL_TERMINATE_AND_LOG :
- KILL_TERMINATE,
- -1, -1, false);
- if (r < 0)
- goto fail;
- } else
- r = 1;
-
- if (r > 0) {
- r = scope_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
- if (r < 0)
- goto fail;
-
- scope_set_state(s, state);
- } else if (state == SCOPE_STOP_SIGTERM)
- scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_SUCCESS);
- else
- scope_enter_dead(s, SCOPE_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
-
- scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
-}
-
-static int scope_start(Unit *u) {
- Scope *s = SCOPE(u);
- int r;
-
- assert(s);
-
- if (unit_has_name(u, SPECIAL_INIT_SCOPE))
- return -EPERM;
-
- if (s->state == SCOPE_FAILED)
- return -EPERM;
-
- /* We can't fulfill this right now, please try again later */
- if (s->state == SCOPE_STOP_SIGTERM ||
- s->state == SCOPE_STOP_SIGKILL)
- return -EAGAIN;
-
- assert(s->state == SCOPE_DEAD);
-
- if (!u->transient && !MANAGER_IS_RELOADING(u->manager))
- return -ENOENT;
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- (void) unit_realize_cgroup(u);
- (void) unit_reset_cpu_usage(u);
-
- r = unit_attach_pids_to_cgroup(u);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to add PIDs to scope's control group: %m");
- scope_enter_dead(s, SCOPE_FAILURE_RESOURCES);
- return r;
- }
-
- s->result = SCOPE_SUCCESS;
-
- scope_set_state(s, SCOPE_RUNNING);
- return 1;
-}
-
-static int scope_stop(Unit *u) {
- Scope *s = SCOPE(u);
-
- assert(s);
-
- if (s->state == SCOPE_STOP_SIGTERM ||
- s->state == SCOPE_STOP_SIGKILL)
- return 0;
-
- assert(s->state == SCOPE_RUNNING ||
- s->state == SCOPE_ABANDONED);
-
- scope_enter_signal(s, SCOPE_STOP_SIGTERM, SCOPE_SUCCESS);
- return 1;
-}
-
-static void scope_reset_failed(Unit *u) {
- Scope *s = SCOPE(u);
-
- assert(s);
-
- if (s->state == SCOPE_FAILED)
- scope_set_state(s, SCOPE_DEAD);
-
- s->result = SCOPE_SUCCESS;
-}
-
-static int scope_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- return unit_kill_common(u, who, signo, -1, -1, error);
-}
-
-static int scope_get_timeout(Unit *u, usec_t *timeout) {
- Scope *s = SCOPE(u);
- usec_t t;
- int r;
-
- if (!s->timer_event_source)
- return 0;
-
- r = sd_event_source_get_time(s->timer_event_source, &t);
- if (r < 0)
- return r;
- if (t == USEC_INFINITY)
- return 0;
-
- *timeout = t;
- return 1;
-}
-
-static int scope_serialize(Unit *u, FILE *f, FDSet *fds) {
- Scope *s = SCOPE(u);
-
- assert(s);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", scope_state_to_string(s->state));
- unit_serialize_item(u, f, "was-abandoned", yes_no(s->was_abandoned));
- return 0;
-}
-
-static int scope_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Scope *s = SCOPE(u);
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- ScopeState state;
-
- state = scope_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- s->deserialized_state = state;
-
- } else if (streq(key, "was-abandoned")) {
- int k;
-
- k = parse_boolean(value);
- if (k < 0)
- log_unit_debug(u, "Failed to parse boolean value: %s", value);
- else
- s->was_abandoned = k;
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-static bool scope_check_gc(Unit *u) {
- assert(u);
-
- /* Never clean up scopes that still have a process around,
- * even if the scope is formally dead. */
-
- if (!u->cgroup_path)
- return false;
-
- return cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path) <= 0;
-}
-
-static void scope_notify_cgroup_empty_event(Unit *u) {
- Scope *s = SCOPE(u);
- assert(u);
-
- log_unit_debug(u, "cgroup is empty");
-
- if (IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED, SCOPE_STOP_SIGTERM, SCOPE_STOP_SIGKILL))
- scope_enter_dead(s, SCOPE_SUCCESS);
-}
-
-static void scope_sigchld_event(Unit *u, pid_t pid, int code, int status) {
-
- /* If we get a SIGCHLD event for one of the processes we were
- interested in, then we look for others to watch, under the
- assumption that we'll sooner or later get a SIGCHLD for
- them, as the original process we watched was probably the
- parent of them, and they are hence now our children. */
-
- unit_tidy_watch_pids(u, 0, 0);
- unit_watch_all_pids(u);
-
- /* If the PID set is empty now, then let's finish this off
- (On unified we use proper notifications) */
- if (cg_unified(SYSTEMD_CGROUP_CONTROLLER) <= 0 && set_isempty(u->pids))
- scope_notify_cgroup_empty_event(u);
-}
-
-static int scope_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
- Scope *s = SCOPE(userdata);
-
- assert(s);
- assert(s->timer_event_source == source);
-
- switch (s->state) {
-
- case SCOPE_STOP_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
- scope_enter_signal(s, SCOPE_STOP_SIGKILL, SCOPE_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL.");
- scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
- }
-
- break;
-
- case SCOPE_STOP_SIGKILL:
- log_unit_warning(UNIT(s), "Still around after SIGKILL. Ignoring.");
- scope_enter_dead(s, SCOPE_FAILURE_TIMEOUT);
- break;
-
- default:
- assert_not_reached("Timeout at wrong time.");
- }
-
- return 0;
-}
-
-int scope_abandon(Scope *s) {
- assert(s);
-
- if (unit_has_name(UNIT(s), SPECIAL_INIT_SCOPE))
- return -EPERM;
-
- if (!IN_SET(s->state, SCOPE_RUNNING, SCOPE_ABANDONED))
- return -ESTALE;
-
- s->was_abandoned = true;
- s->controller = mfree(s->controller);
-
- /* The client is no longer watching the remaining processes,
- * so let's step in here, under the assumption that the
- * remaining processes will be sooner or later reassigned to
- * us as parent. */
-
- unit_tidy_watch_pids(UNIT(s), 0, 0);
- unit_watch_all_pids(UNIT(s));
-
- /* If the PID set is empty now, then let's finish this off */
- if (set_isempty(UNIT(s)->pids))
- scope_notify_cgroup_empty_event(UNIT(s));
- else
- scope_set_state(s, SCOPE_ABANDONED);
-
- return 0;
-}
-
-_pure_ static UnitActiveState scope_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[SCOPE(u)->state];
-}
-
-_pure_ static const char *scope_sub_state_to_string(Unit *u) {
- assert(u);
-
- return scope_state_to_string(SCOPE(u)->state);
-}
-
-static void scope_enumerate(Manager *m) {
- Unit *u;
- int r;
-
- assert(m);
-
- /* Let's unconditionally add the "init.scope" special unit
- * that encapsulates PID 1. Note that PID 1 already is in the
- * cgroup for this, we hence just need to allocate the object
- * for it and that's it. */
-
- u = manager_get_unit(m, SPECIAL_INIT_SCOPE);
- if (!u) {
- r = unit_new_for_name(m, sizeof(Scope), SPECIAL_INIT_SCOPE, &u);
- if (r < 0) {
- log_error_errno(r, "Failed to allocate the special " SPECIAL_INIT_SCOPE " unit: %m");
- return;
- }
- }
-
- u->transient = true;
- u->perpetual = true;
- SCOPE(u)->deserialized_state = SCOPE_RUNNING;
-
- unit_add_to_load_queue(u);
- unit_add_to_dbus_queue(u);
-}
-
-static const char* const scope_result_table[_SCOPE_RESULT_MAX] = {
- [SCOPE_SUCCESS] = "success",
- [SCOPE_FAILURE_RESOURCES] = "resources",
- [SCOPE_FAILURE_TIMEOUT] = "timeout",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(scope_result, ScopeResult);
-
-const UnitVTable scope_vtable = {
- .object_size = sizeof(Scope),
- .cgroup_context_offset = offsetof(Scope, cgroup_context),
- .kill_context_offset = offsetof(Scope, kill_context),
-
- .sections =
- "Unit\0"
- "Scope\0"
- "Install\0",
- .private_section = "Scope",
-
- .can_transient = true,
-
- .init = scope_init,
- .load = scope_load,
- .done = scope_done,
-
- .coldplug = scope_coldplug,
-
- .dump = scope_dump,
-
- .start = scope_start,
- .stop = scope_stop,
-
- .kill = scope_kill,
-
- .get_timeout = scope_get_timeout,
-
- .serialize = scope_serialize,
- .deserialize_item = scope_deserialize_item,
-
- .active_state = scope_active_state,
- .sub_state_to_string = scope_sub_state_to_string,
-
- .check_gc = scope_check_gc,
-
- .sigchld_event = scope_sigchld_event,
-
- .reset_failed = scope_reset_failed,
-
- .notify_cgroup_empty = scope_notify_cgroup_empty_event,
-
- .bus_vtable = bus_scope_vtable,
- .bus_set_property = bus_scope_set_property,
- .bus_commit_properties = bus_scope_commit_properties,
-
- .enumerate = scope_enumerate,
-};
diff --git a/src/core/scope.h b/src/core/scope.h
deleted file mode 100644
index eaf8e8b447..0000000000
--- a/src/core/scope.h
+++ /dev/null
@@ -1,58 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Scope Scope;
-
-#include "cgroup.h"
-#include "kill.h"
-#include "unit.h"
-
-typedef enum ScopeResult {
- SCOPE_SUCCESS,
- SCOPE_FAILURE_RESOURCES,
- SCOPE_FAILURE_TIMEOUT,
- _SCOPE_RESULT_MAX,
- _SCOPE_RESULT_INVALID = -1
-} ScopeResult;
-
-struct Scope {
- Unit meta;
-
- CGroupContext cgroup_context;
- KillContext kill_context;
-
- ScopeState state, deserialized_state;
- ScopeResult result;
-
- usec_t timeout_stop_usec;
-
- char *controller;
- bool was_abandoned;
-
- sd_event_source *timer_event_source;
-};
-
-extern const UnitVTable scope_vtable;
-
-int scope_abandon(Scope *s);
-
-const char* scope_result_to_string(ScopeResult i) _const_;
-ScopeResult scope_result_from_string(const char *s) _pure_;
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
deleted file mode 100644
index 2b96a9551b..0000000000
--- a/src/core/selinux-access.c
+++ /dev/null
@@ -1,283 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2012 Dan Walsh
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "selinux-access.h"
-
-#ifdef HAVE_SELINUX
-
-#include <errno.h>
-#include <selinux/avc.h>
-#include <selinux/selinux.h>
-#include <stdio.h>
-#ifdef HAVE_AUDIT
-#include <libaudit.h>
-#endif
-
-#include "sd-bus.h"
-
-#include "alloc-util.h"
-#include "audit-fd.h"
-#include "bus-util.h"
-#include "log.h"
-#include "path-util.h"
-#include "selinux-util.h"
-#include "stdio-util.h"
-#include "strv.h"
-#include "util.h"
-
-static bool initialized = false;
-
-struct audit_info {
- sd_bus_creds *creds;
- const char *path;
- const char *cmdline;
-};
-
-/*
- Any time an access gets denied this callback will be called
- with the audit data. We then need to just copy the audit data into the msgbuf.
-*/
-static int audit_callback(
- void *auditdata,
- security_class_t cls,
- char *msgbuf,
- size_t msgbufsize) {
-
- const struct audit_info *audit = auditdata;
- uid_t uid = 0, login_uid = 0;
- gid_t gid = 0;
- char login_uid_buf[DECIMAL_STR_MAX(uid_t) + 1] = "n/a";
- char uid_buf[DECIMAL_STR_MAX(uid_t) + 1] = "n/a";
- char gid_buf[DECIMAL_STR_MAX(gid_t) + 1] = "n/a";
-
- if (sd_bus_creds_get_audit_login_uid(audit->creds, &login_uid) >= 0)
- xsprintf(login_uid_buf, UID_FMT, login_uid);
- if (sd_bus_creds_get_euid(audit->creds, &uid) >= 0)
- xsprintf(uid_buf, UID_FMT, uid);
- if (sd_bus_creds_get_egid(audit->creds, &gid) >= 0)
- xsprintf(gid_buf, GID_FMT, gid);
-
- snprintf(msgbuf, msgbufsize,
- "auid=%s uid=%s gid=%s%s%s%s%s%s%s",
- login_uid_buf, uid_buf, gid_buf,
- audit->path ? " path=\"" : "", strempty(audit->path), audit->path ? "\"" : "",
- audit->cmdline ? " cmdline=\"" : "", strempty(audit->cmdline), audit->cmdline ? "\"" : "");
-
- return 0;
-}
-
-static int callback_type_to_priority(int type) {
- switch(type) {
-
- case SELINUX_ERROR:
- return LOG_ERR;
-
- case SELINUX_WARNING:
- return LOG_WARNING;
-
- case SELINUX_INFO:
- return LOG_INFO;
-
- case SELINUX_AVC:
- default:
- return LOG_NOTICE;
- }
-}
-
-/*
- libselinux uses this callback when access gets denied or other
- events happen. If audit is turned on, messages will be reported
- using audit netlink, otherwise they will be logged using the usual
- channels.
-
- Code copied from dbus and modified.
-*/
-_printf_(2, 3) static int log_callback(int type, const char *fmt, ...) {
- va_list ap;
- const char *fmt2;
-
-#ifdef HAVE_AUDIT
- int fd;
-
- fd = get_audit_fd();
-
- if (fd >= 0) {
- _cleanup_free_ char *buf = NULL;
- int r;
-
- va_start(ap, fmt);
- r = vasprintf(&buf, fmt, ap);
- va_end(ap);
-
- if (r >= 0) {
- audit_log_user_avc_message(fd, AUDIT_USER_AVC, buf, NULL, NULL, NULL, 0);
- return 0;
- }
- }
-#endif
-
- fmt2 = strjoina("selinux: ", fmt);
-
- va_start(ap, fmt);
- log_internalv(LOG_AUTH | callback_type_to_priority(type), 0, __FILE__, __LINE__, __FUNCTION__, fmt2, ap);
- va_end(ap);
-
- return 0;
-}
-
-static int access_init(sd_bus_error *error) {
-
- if (!mac_selinux_use())
- return 0;
-
- if (initialized)
- return 1;
-
- if (avc_open(NULL, 0) != 0) {
- int enforce, saved_errno = errno;
-
- enforce = security_getenforce();
- log_full_errno(enforce != 0 ? LOG_ERR : LOG_WARNING, saved_errno, "Failed to open the SELinux AVC: %m");
-
- /* If enforcement isn't on, then let's suppress this
- * error, and just don't do any AVC checks. The
- * warning we printed is hence all the admin will
- * see. */
- if (enforce == 0)
- return 0;
-
- /* Return an access denied error, if we couldn't load
- * the AVC but enforcing mode was on, or we couldn't
- * determine whether it is one. */
- return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to open the SELinux AVC: %s", strerror(saved_errno));
- }
-
- selinux_set_callback(SELINUX_CB_AUDIT, (union selinux_callback) audit_callback);
- selinux_set_callback(SELINUX_CB_LOG, (union selinux_callback) log_callback);
-
- initialized = true;
- return 1;
-}
-
-/*
- This function communicates with the kernel to check whether or not it should
- allow the access.
- If the machine is in permissive mode it will return ok. Audit messages will
- still be generated if the access would be denied in enforcing mode.
-*/
-int mac_selinux_generic_access_check(
- sd_bus_message *message,
- const char *path,
- const char *permission,
- sd_bus_error *error) {
-
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- const char *tclass = NULL, *scon = NULL;
- struct audit_info audit_info = {};
- _cleanup_free_ char *cl = NULL;
- char *fcon = NULL;
- char **cmdline = NULL;
- int r = 0;
-
- assert(message);
- assert(permission);
- assert(error);
-
- r = access_init(error);
- if (r <= 0)
- return r;
-
- r = sd_bus_query_sender_creds(
- message,
- SD_BUS_CREDS_PID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_EGID|
- SD_BUS_CREDS_CMDLINE|SD_BUS_CREDS_AUDIT_LOGIN_UID|
- SD_BUS_CREDS_SELINUX_CONTEXT|
- SD_BUS_CREDS_AUGMENT /* get more bits from /proc */,
- &creds);
- if (r < 0)
- goto finish;
-
- /* The SELinux context is something we really should have
- * gotten directly from the message or sender, and not be an
- * augmented field. If it was augmented we cannot use it for
- * authorization, since this is racy and vulnerable. Let's add
- * an extra check, just in case, even though this really
- * shouldn't be possible. */
- assert_return((sd_bus_creds_get_augmented_mask(creds) & SD_BUS_CREDS_SELINUX_CONTEXT) == 0, -EPERM);
-
- r = sd_bus_creds_get_selinux_context(creds, &scon);
- if (r < 0)
- goto finish;
-
- if (path) {
- /* Get the file context of the unit file */
-
- r = getfilecon_raw(path, &fcon);
- if (r < 0) {
- r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get file context on %s.", path);
- goto finish;
- }
-
- tclass = "service";
- } else {
- r = getcon_raw(&fcon);
- if (r < 0) {
- r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Failed to get current context.");
- goto finish;
- }
-
- tclass = "system";
- }
-
- sd_bus_creds_get_cmdline(creds, &cmdline);
- cl = strv_join(cmdline, " ");
-
- audit_info.creds = creds;
- audit_info.path = path;
- audit_info.cmdline = cl;
-
- r = selinux_check_access(scon, fcon, tclass, permission, &audit_info);
- if (r < 0)
- r = sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "SELinux policy denies access.");
-
- log_debug("SELinux access check scon=%s tcon=%s tclass=%s perm=%s path=%s cmdline=%s: %i", scon, fcon, tclass, permission, path, cl, r);
-
-finish:
- freecon(fcon);
-
- if (r < 0 && security_getenforce() != 1) {
- sd_bus_error_free(error);
- r = 0;
- }
-
- return r;
-}
-
-#else
-
-int mac_selinux_generic_access_check(
- sd_bus_message *message,
- const char *path,
- const char *permission,
- sd_bus_error *error) {
-
- return 0;
-}
-
-#endif
diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h
deleted file mode 100644
index f46370d020..0000000000
--- a/src/core/selinux-access.h
+++ /dev/null
@@ -1,45 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2012 Dan Walsh
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "sd-bus.h"
-
-#include "bus-util.h"
-#include "manager.h"
-
-int mac_selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
-
-#ifdef HAVE_SELINUX
-
-#define mac_selinux_access_check(message, permission, error) \
- mac_selinux_generic_access_check((message), NULL, (permission), (error))
-
-#define mac_selinux_unit_access_check(unit, message, permission, error) \
- ({ \
- const Unit *_unit = (unit); \
- mac_selinux_generic_access_check((message), _unit->source_path ?: _unit->fragment_path, (permission), (error)); \
- })
-
-#else
-
-#define mac_selinux_access_check(message, permission, error) 0
-#define mac_selinux_unit_access_check(unit, message, permission, error) 0
-
-#endif
diff --git a/src/core/selinux-setup.c b/src/core/selinux-setup.c
deleted file mode 100644
index 527aa8add0..0000000000
--- a/src/core/selinux-setup.c
+++ /dev/null
@@ -1,121 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <stdio.h>
-#include <unistd.h>
-
-#ifdef HAVE_SELINUX
-#include <selinux/selinux.h>
-#endif
-
-#include "log.h"
-#include "macro.h"
-#include "selinux-setup.h"
-#include "selinux-util.h"
-#include "string-util.h"
-#include "util.h"
-
-#ifdef HAVE_SELINUX
-_printf_(2,3)
-static int null_log(int type, const char *fmt, ...) {
- return 0;
-}
-#endif
-
-int mac_selinux_setup(bool *loaded_policy) {
-
-#ifdef HAVE_SELINUX
- int enforce = 0;
- usec_t before_load, after_load;
- char *con;
- int r;
- union selinux_callback cb;
- bool initialized = false;
-
- assert(loaded_policy);
-
- /* Turn off all of SELinux' own logging, we want to do that */
- cb.func_log = null_log;
- selinux_set_callback(SELINUX_CB_LOG, cb);
-
- /* Don't load policy in the initrd if we don't appear to have
- * it. For the real root, we check below if we've already
- * loaded policy, and return gracefully.
- */
- if (in_initrd() && access(selinux_path(), F_OK) < 0)
- return 0;
-
- /* Already initialized by somebody else? */
- r = getcon_raw(&con);
- if (r == 0) {
- initialized = !streq(con, "kernel");
- freecon(con);
- }
-
- /* Make sure we have no fds open while loading the policy and
- * transitioning */
- log_close();
-
- /* Now load the policy */
- before_load = now(CLOCK_MONOTONIC);
- r = selinux_init_load_policy(&enforce);
- if (r == 0) {
- _cleanup_(mac_selinux_freep) char *label = NULL;
- char timespan[FORMAT_TIMESPAN_MAX];
-
- mac_selinux_retest();
-
- /* Transition to the new context */
- r = mac_selinux_get_create_label_from_exe(SYSTEMD_BINARY_PATH, &label);
- if (r < 0 || !label) {
- log_open();
- log_error("Failed to compute init label, ignoring.");
- } else {
- r = setcon_raw(label);
-
- log_open();
- if (r < 0)
- log_error("Failed to transition into init label '%s', ignoring.", label);
- }
-
- after_load = now(CLOCK_MONOTONIC);
-
- log_info("Successfully loaded SELinux policy in %s.",
- format_timespan(timespan, sizeof(timespan), after_load - before_load, 0));
-
- *loaded_policy = true;
-
- } else {
- log_open();
-
- if (enforce > 0) {
- if (!initialized) {
- log_emergency("Failed to load SELinux policy.");
- return -EIO;
- }
-
- log_warning("Failed to load new SELinux policy. Continuing with old policy.");
- } else
- log_debug("Unable to load SELinux policy. Ignoring.");
- }
-#endif
-
- return 0;
-}
diff --git a/src/core/selinux-setup.h b/src/core/selinux-setup.h
deleted file mode 100644
index 7b613249b0..0000000000
--- a/src/core/selinux-setup.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-
-int mac_selinux_setup(bool *loaded_policy);
diff --git a/src/core/service.c b/src/core/service.c
deleted file mode 100644
index a7274a758f..0000000000
--- a/src/core/service.c
+++ /dev/null
@@ -1,3469 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <signal.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "async.h"
-#include "bus-error.h"
-#include "bus-kernel.h"
-#include "bus-util.h"
-#include "dbus-service.h"
-#include "def.h"
-#include "env-util.h"
-#include "escape.h"
-#include "exit-status.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "formats-util.h"
-#include "fs-util.h"
-#include "load-dropin.h"
-#include "load-fragment.h"
-#include "log.h"
-#include "manager.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "service.h"
-#include "signal-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit-printf.h"
-#include "unit.h"
-#include "utf8.h"
-#include "util.h"
-
-static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
- [SERVICE_DEAD] = UNIT_INACTIVE,
- [SERVICE_START_PRE] = UNIT_ACTIVATING,
- [SERVICE_START] = UNIT_ACTIVATING,
- [SERVICE_START_POST] = UNIT_ACTIVATING,
- [SERVICE_RUNNING] = UNIT_ACTIVE,
- [SERVICE_EXITED] = UNIT_ACTIVE,
- [SERVICE_RELOAD] = UNIT_RELOADING,
- [SERVICE_STOP] = UNIT_DEACTIVATING,
- [SERVICE_STOP_SIGABRT] = UNIT_DEACTIVATING,
- [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
- [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
- [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
- [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
- [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
- [SERVICE_FAILED] = UNIT_FAILED,
- [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING
-};
-
-/* For Type=idle we never want to delay any other jobs, hence we
- * consider idle jobs active as soon as we start working on them */
-static const UnitActiveState state_translation_table_idle[_SERVICE_STATE_MAX] = {
- [SERVICE_DEAD] = UNIT_INACTIVE,
- [SERVICE_START_PRE] = UNIT_ACTIVE,
- [SERVICE_START] = UNIT_ACTIVE,
- [SERVICE_START_POST] = UNIT_ACTIVE,
- [SERVICE_RUNNING] = UNIT_ACTIVE,
- [SERVICE_EXITED] = UNIT_ACTIVE,
- [SERVICE_RELOAD] = UNIT_RELOADING,
- [SERVICE_STOP] = UNIT_DEACTIVATING,
- [SERVICE_STOP_SIGABRT] = UNIT_DEACTIVATING,
- [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
- [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
- [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
- [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
- [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
- [SERVICE_FAILED] = UNIT_FAILED,
- [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING
-};
-
-static int service_dispatch_io(sd_event_source *source, int fd, uint32_t events, void *userdata);
-static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
-static int service_dispatch_watchdog(sd_event_source *source, usec_t usec, void *userdata);
-
-static void service_enter_signal(Service *s, ServiceState state, ServiceResult f);
-static void service_enter_reload_by_notify(Service *s);
-
-static void service_init(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- s->timeout_start_usec = u->manager->default_timeout_start_usec;
- s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
- s->restart_usec = u->manager->default_restart_usec;
- s->runtime_max_usec = USEC_INFINITY;
- s->type = _SERVICE_TYPE_INVALID;
- s->socket_fd = -1;
- s->stdin_fd = s->stdout_fd = s->stderr_fd = -1;
- s->guess_main_pid = true;
-
- s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
-}
-
-static void service_unwatch_control_pid(Service *s) {
- assert(s);
-
- if (s->control_pid <= 0)
- return;
-
- unit_unwatch_pid(UNIT(s), s->control_pid);
- s->control_pid = 0;
-}
-
-static void service_unwatch_main_pid(Service *s) {
- assert(s);
-
- if (s->main_pid <= 0)
- return;
-
- unit_unwatch_pid(UNIT(s), s->main_pid);
- s->main_pid = 0;
-}
-
-static void service_unwatch_pid_file(Service *s) {
- if (!s->pid_file_pathspec)
- return;
-
- log_unit_debug(UNIT(s), "Stopping watch for PID file %s", s->pid_file_pathspec->path);
- path_spec_unwatch(s->pid_file_pathspec);
- path_spec_done(s->pid_file_pathspec);
- s->pid_file_pathspec = mfree(s->pid_file_pathspec);
-}
-
-static int service_set_main_pid(Service *s, pid_t pid) {
- pid_t ppid;
-
- assert(s);
-
- if (pid <= 1)
- return -EINVAL;
-
- if (pid == getpid())
- return -EINVAL;
-
- if (s->main_pid == pid && s->main_pid_known)
- return 0;
-
- if (s->main_pid != pid) {
- service_unwatch_main_pid(s);
- exec_status_start(&s->main_exec_status, pid);
- }
-
- s->main_pid = pid;
- s->main_pid_known = true;
-
- if (get_process_ppid(pid, &ppid) >= 0 && ppid != getpid()) {
- log_unit_warning(UNIT(s), "Supervising process "PID_FMT" which is not our child. We'll most likely not notice when it exits.", pid);
- s->main_pid_alien = true;
- } else
- s->main_pid_alien = false;
-
- return 0;
-}
-
-void service_close_socket_fd(Service *s) {
- assert(s);
-
- /* Undo the effect of service_set_socket_fd(). */
-
- s->socket_fd = asynchronous_close(s->socket_fd);
-
- if (UNIT_ISSET(s->accept_socket)) {
- socket_connection_unref(SOCKET(UNIT_DEREF(s->accept_socket)));
- unit_ref_unset(&s->accept_socket);
- }
-}
-
-static void service_stop_watchdog(Service *s) {
- assert(s);
-
- s->watchdog_event_source = sd_event_source_unref(s->watchdog_event_source);
- s->watchdog_timestamp = DUAL_TIMESTAMP_NULL;
-}
-
-static usec_t service_get_watchdog_usec(Service *s) {
- assert(s);
-
- if (s->watchdog_override_enable)
- return s->watchdog_override_usec;
- else
- return s->watchdog_usec;
-}
-
-static void service_start_watchdog(Service *s) {
- int r;
- usec_t watchdog_usec;
-
- assert(s);
-
- watchdog_usec = service_get_watchdog_usec(s);
- if (watchdog_usec == 0 || watchdog_usec == USEC_INFINITY)
- return;
-
- if (s->watchdog_event_source) {
- r = sd_event_source_set_time(s->watchdog_event_source, usec_add(s->watchdog_timestamp.monotonic, watchdog_usec));
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to reset watchdog timer: %m");
- return;
- }
-
- r = sd_event_source_set_enabled(s->watchdog_event_source, SD_EVENT_ONESHOT);
- } else {
- r = sd_event_add_time(
- UNIT(s)->manager->event,
- &s->watchdog_event_source,
- CLOCK_MONOTONIC,
- usec_add(s->watchdog_timestamp.monotonic, watchdog_usec), 0,
- service_dispatch_watchdog, s);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to add watchdog timer: %m");
- return;
- }
-
- (void) sd_event_source_set_description(s->watchdog_event_source, "service-watchdog");
-
- /* Let's process everything else which might be a sign
- * of living before we consider a service died. */
- r = sd_event_source_set_priority(s->watchdog_event_source, SD_EVENT_PRIORITY_IDLE);
- }
-
- if (r < 0)
- log_unit_warning_errno(UNIT(s), r, "Failed to install watchdog timer: %m");
-}
-
-static void service_reset_watchdog(Service *s) {
- assert(s);
-
- dual_timestamp_get(&s->watchdog_timestamp);
- service_start_watchdog(s);
-}
-
-static void service_reset_watchdog_timeout(Service *s, usec_t watchdog_override_usec) {
- assert(s);
-
- s->watchdog_override_enable = true;
- s->watchdog_override_usec = watchdog_override_usec;
- service_reset_watchdog(s);
-
- log_unit_debug(UNIT(s), "watchdog_usec="USEC_FMT, s->watchdog_usec);
- log_unit_debug(UNIT(s), "watchdog_override_usec="USEC_FMT, s->watchdog_override_usec);
-}
-
-static void service_fd_store_unlink(ServiceFDStore *fs) {
-
- if (!fs)
- return;
-
- if (fs->service) {
- assert(fs->service->n_fd_store > 0);
- LIST_REMOVE(fd_store, fs->service->fd_store, fs);
- fs->service->n_fd_store--;
- }
-
- if (fs->event_source) {
- sd_event_source_set_enabled(fs->event_source, SD_EVENT_OFF);
- sd_event_source_unref(fs->event_source);
- }
-
- free(fs->fdname);
- safe_close(fs->fd);
- free(fs);
-}
-
-static void service_release_fd_store(Service *s) {
- assert(s);
-
- log_unit_debug(UNIT(s), "Releasing all stored fds");
- while (s->fd_store)
- service_fd_store_unlink(s->fd_store);
-
- assert(s->n_fd_store == 0);
-}
-
-static void service_release_resources(Unit *u, bool inactive) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- if (!s->fd_store && s->stdin_fd < 0 && s->stdout_fd < 0 && s->stderr_fd < 0)
- return;
-
- log_unit_debug(u, "Releasing resources.");
-
- s->stdin_fd = safe_close(s->stdin_fd);
- s->stdout_fd = safe_close(s->stdout_fd);
- s->stderr_fd = safe_close(s->stderr_fd);
-
- if (inactive)
- service_release_fd_store(s);
-}
-
-static void service_done(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- s->pid_file = mfree(s->pid_file);
- s->status_text = mfree(s->status_text);
-
- s->exec_runtime = exec_runtime_unref(s->exec_runtime);
- exec_command_free_array(s->exec_command, _SERVICE_EXEC_COMMAND_MAX);
- s->control_command = NULL;
- s->main_command = NULL;
-
- dynamic_creds_unref(&s->dynamic_creds);
-
- exit_status_set_free(&s->restart_prevent_status);
- exit_status_set_free(&s->restart_force_status);
- exit_status_set_free(&s->success_status);
-
- /* This will leak a process, but at least no memory or any of
- * our resources */
- service_unwatch_main_pid(s);
- service_unwatch_control_pid(s);
- service_unwatch_pid_file(s);
-
- if (s->bus_name) {
- unit_unwatch_bus_name(u, s->bus_name);
- s->bus_name = mfree(s->bus_name);
- }
-
- s->bus_name_owner = mfree(s->bus_name_owner);
-
- service_close_socket_fd(s);
- s->peer = socket_peer_unref(s->peer);
-
- unit_ref_unset(&s->accept_socket);
-
- service_stop_watchdog(s);
-
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
-
- service_release_resources(u, true);
-}
-
-static int on_fd_store_io(sd_event_source *e, int fd, uint32_t revents, void *userdata) {
- ServiceFDStore *fs = userdata;
-
- assert(e);
- assert(fs);
-
- /* If we get either EPOLLHUP or EPOLLERR, it's time to remove this entry from the fd store */
- log_unit_debug(UNIT(fs->service),
- "Received %s on stored fd %d (%s), closing.",
- revents & EPOLLERR ? "EPOLLERR" : "EPOLLHUP",
- fs->fd, strna(fs->fdname));
- service_fd_store_unlink(fs);
- return 0;
-}
-
-static int service_add_fd_store(Service *s, int fd, const char *name) {
- ServiceFDStore *fs;
- int r;
-
- /* fd is always consumed if we return >= 0 */
-
- assert(s);
- assert(fd >= 0);
-
- if (s->n_fd_store >= s->n_fd_store_max)
- return -EXFULL; /* Our store is full.
- * Use this errno rather than E[NM]FILE to distinguish from
- * the case where systemd itself hits the file limit. */
-
- LIST_FOREACH(fd_store, fs, s->fd_store) {
- r = same_fd(fs->fd, fd);
- if (r < 0)
- return r;
- if (r > 0) {
- safe_close(fd);
- return 0; /* fd already included */
- }
- }
-
- fs = new0(ServiceFDStore, 1);
- if (!fs)
- return -ENOMEM;
-
- fs->fd = fd;
- fs->service = s;
- fs->fdname = strdup(name ?: "stored");
- if (!fs->fdname) {
- free(fs);
- return -ENOMEM;
- }
-
- r = sd_event_add_io(UNIT(s)->manager->event, &fs->event_source, fd, 0, on_fd_store_io, fs);
- if (r < 0) {
- free(fs->fdname);
- free(fs);
- return r;
- }
-
- (void) sd_event_source_set_description(fs->event_source, "service-fd-store");
-
- LIST_PREPEND(fd_store, s->fd_store, fs);
- s->n_fd_store++;
-
- return 1; /* fd newly stored */
-}
-
-static int service_add_fd_store_set(Service *s, FDSet *fds, const char *name) {
- int r;
-
- assert(s);
-
- while (fdset_size(fds) > 0) {
- _cleanup_close_ int fd = -1;
-
- fd = fdset_steal_first(fds);
- if (fd < 0)
- break;
-
- r = service_add_fd_store(s, fd, name);
- if (r == -EXFULL)
- return log_unit_warning_errno(UNIT(s), r,
- "Cannot store more fds than FileDescriptorStoreMax=%u, closing remaining.",
- s->n_fd_store_max);
- if (r < 0)
- return log_unit_error_errno(UNIT(s), r, "Failed to add fd to store: %m");
- if (r > 0)
- log_unit_debug(UNIT(s), "Added fd %u (%s) to fd store.", fd, strna(name));
- fd = -1;
- }
-
- return 0;
-}
-
-static int service_arm_timer(Service *s, usec_t usec) {
- int r;
-
- assert(s);
-
- if (s->timer_event_source) {
- r = sd_event_source_set_time(s->timer_event_source, usec);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
- }
-
- if (usec == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- UNIT(s)->manager->event,
- &s->timer_event_source,
- CLOCK_MONOTONIC,
- usec, 0,
- service_dispatch_timer, s);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(s->timer_event_source, "service-timer");
-
- return 0;
-}
-
-static int service_verify(Service *s) {
- assert(s);
-
- if (UNIT(s)->load_state != UNIT_LOADED)
- return 0;
-
- if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP]) {
- log_unit_error(UNIT(s), "Service lacks both ExecStart= and ExecStop= setting. Refusing.");
- return -EINVAL;
- }
-
- if (s->type != SERVICE_ONESHOT && !s->exec_command[SERVICE_EXEC_START]) {
- log_unit_error(UNIT(s), "Service has no ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.");
- return -EINVAL;
- }
-
- if (!s->remain_after_exit && !s->exec_command[SERVICE_EXEC_START]) {
- log_unit_error(UNIT(s), "Service has no ExecStart= setting, which is only allowed for RemainAfterExit=yes services. Refusing.");
- return -EINVAL;
- }
-
- if (s->type != SERVICE_ONESHOT && s->exec_command[SERVICE_EXEC_START]->command_next) {
- log_unit_error(UNIT(s), "Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.");
- return -EINVAL;
- }
-
- if (s->type == SERVICE_ONESHOT && s->restart != SERVICE_RESTART_NO) {
- log_unit_error(UNIT(s), "Service has Restart= setting other than no, which isn't allowed for Type=oneshot services. Refusing.");
- return -EINVAL;
- }
-
- if (s->type == SERVICE_ONESHOT && !exit_status_set_is_empty(&s->restart_force_status)) {
- log_unit_error(UNIT(s), "Service has RestartForceStatus= set, which isn't allowed for Type=oneshot services. Refusing.");
- return -EINVAL;
- }
-
- if (s->type == SERVICE_DBUS && !s->bus_name) {
- log_unit_error(UNIT(s), "Service is of type D-Bus but no D-Bus service name has been specified. Refusing.");
- return -EINVAL;
- }
-
- if (s->bus_name && s->type != SERVICE_DBUS)
- log_unit_warning(UNIT(s), "Service has a D-Bus service name specified, but is not of type dbus. Ignoring.");
-
- if (s->exec_context.pam_name && !(s->kill_context.kill_mode == KILL_CONTROL_GROUP || s->kill_context.kill_mode == KILL_MIXED)) {
- log_unit_error(UNIT(s), "Service has PAM enabled. Kill mode must be set to 'control-group' or 'mixed'. Refusing.");
- return -EINVAL;
- }
-
- if (s->usb_function_descriptors && !s->usb_function_strings)
- log_unit_warning(UNIT(s), "Service has USBFunctionDescriptors= setting, but no USBFunctionStrings=. Ignoring.");
-
- if (!s->usb_function_descriptors && s->usb_function_strings)
- log_unit_warning(UNIT(s), "Service has USBFunctionStrings= setting, but no USBFunctionDescriptors=. Ignoring.");
-
- if (s->runtime_max_usec != USEC_INFINITY && s->type == SERVICE_ONESHOT)
- log_unit_warning(UNIT(s), "MaxRuntimeSec= has no effect in combination with Type=oneshot. Ignoring.");
-
- return 0;
-}
-
-static int service_add_default_dependencies(Service *s) {
- int r;
-
- assert(s);
-
- if (!UNIT(s)->default_dependencies)
- return 0;
-
- /* Add a number of automatic dependencies useful for the
- * majority of services. */
-
- if (MANAGER_IS_SYSTEM(UNIT(s)->manager)) {
- /* First, pull in the really early boot stuff, and
- * require it, so that we fail if we can't acquire
- * it. */
-
- r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
- if (r < 0)
- return r;
- } else {
-
- /* In the --user instance there's no sysinit.target,
- * in that case require basic.target instead. */
-
- r = unit_add_dependency_by_name(UNIT(s), UNIT_REQUIRES, SPECIAL_BASIC_TARGET, NULL, true);
- if (r < 0)
- return r;
- }
-
- /* Second, if the rest of the base system is in the same
- * transaction, order us after it, but do not pull it in or
- * even require it. */
- r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_BASIC_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- /* Third, add us in for normal shutdown. */
- return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
-}
-
-static void service_fix_output(Service *s) {
- assert(s);
-
- /* If nothing has been explicitly configured, patch default
- * output in. If input is socket/tty we avoid this however,
- * since in that case we want output to default to the same
- * place as we read input from. */
-
- if (s->exec_context.std_error == EXEC_OUTPUT_INHERIT &&
- s->exec_context.std_output == EXEC_OUTPUT_INHERIT &&
- s->exec_context.std_input == EXEC_INPUT_NULL)
- s->exec_context.std_error = UNIT(s)->manager->default_std_error;
-
- if (s->exec_context.std_output == EXEC_OUTPUT_INHERIT &&
- s->exec_context.std_input == EXEC_INPUT_NULL)
- s->exec_context.std_output = UNIT(s)->manager->default_std_output;
-}
-
-static int service_setup_bus_name(Service *s) {
- int r;
-
- assert(s);
-
- if (!s->bus_name)
- return 0;
-
- r = unit_add_dependency_by_name(UNIT(s), UNIT_REQUIRES, SPECIAL_DBUS_SOCKET, NULL, true);
- if (r < 0)
- return log_unit_error_errno(UNIT(s), r, "Failed to add dependency on " SPECIAL_DBUS_SOCKET ": %m");
-
- /* Regardless if kdbus is used or not, we always want to be ordered against dbus.socket if both are in the transaction. */
- r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_DBUS_SOCKET, NULL, true);
- if (r < 0)
- return log_unit_error_errno(UNIT(s), r, "Failed to add dependency on " SPECIAL_DBUS_SOCKET ": %m");
-
- r = unit_watch_bus_name(UNIT(s), s->bus_name);
- if (r == -EEXIST)
- return log_unit_error_errno(UNIT(s), r, "Two services allocated for the same bus name %s, refusing operation.", s->bus_name);
- if (r < 0)
- return log_unit_error_errno(UNIT(s), r, "Cannot watch bus name %s: %m", s->bus_name);
-
- return 0;
-}
-
-static int service_add_extras(Service *s) {
- int r;
-
- assert(s);
-
- if (s->type == _SERVICE_TYPE_INVALID) {
- /* Figure out a type automatically */
- if (s->bus_name)
- s->type = SERVICE_DBUS;
- else if (s->exec_command[SERVICE_EXEC_START])
- s->type = SERVICE_SIMPLE;
- else
- s->type = SERVICE_ONESHOT;
- }
-
- /* Oneshot services have disabled start timeout by default */
- if (s->type == SERVICE_ONESHOT && !s->start_timeout_defined)
- s->timeout_start_usec = USEC_INFINITY;
-
- service_fix_output(s);
-
- r = unit_patch_contexts(UNIT(s));
- if (r < 0)
- return r;
-
- r = unit_add_exec_dependencies(UNIT(s), &s->exec_context);
- if (r < 0)
- return r;
-
- r = unit_set_default_slice(UNIT(s));
- if (r < 0)
- return r;
-
- if (s->type == SERVICE_NOTIFY && s->notify_access == NOTIFY_NONE)
- s->notify_access = NOTIFY_MAIN;
-
- if (s->watchdog_usec > 0 && s->notify_access == NOTIFY_NONE)
- s->notify_access = NOTIFY_MAIN;
-
- r = service_add_default_dependencies(s);
- if (r < 0)
- return r;
-
- r = service_setup_bus_name(s);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int service_load(Unit *u) {
- Service *s = SERVICE(u);
- int r;
-
- assert(s);
-
- /* Load a .service file */
- r = unit_load_fragment(u);
- if (r < 0)
- return r;
-
- /* Still nothing found? Then let's give up */
- if (u->load_state == UNIT_STUB)
- return -ENOENT;
-
- /* This is a new unit? Then let's add in some extras */
- if (u->load_state == UNIT_LOADED) {
-
- /* We were able to load something, then let's add in
- * the dropin directories. */
- r = unit_load_dropin(u);
- if (r < 0)
- return r;
-
- /* This is a new unit? Then let's add in some
- * extras */
- r = service_add_extras(s);
- if (r < 0)
- return r;
- }
-
- return service_verify(s);
-}
-
-static void service_dump(Unit *u, FILE *f, const char *prefix) {
- ServiceExecCommand c;
- Service *s = SERVICE(u);
- const char *prefix2;
-
- assert(s);
-
- prefix = strempty(prefix);
- prefix2 = strjoina(prefix, "\t");
-
- fprintf(f,
- "%sService State: %s\n"
- "%sResult: %s\n"
- "%sReload Result: %s\n"
- "%sPermissionsStartOnly: %s\n"
- "%sRootDirectoryStartOnly: %s\n"
- "%sRemainAfterExit: %s\n"
- "%sGuessMainPID: %s\n"
- "%sType: %s\n"
- "%sRestart: %s\n"
- "%sNotifyAccess: %s\n"
- "%sNotifyState: %s\n",
- prefix, service_state_to_string(s->state),
- prefix, service_result_to_string(s->result),
- prefix, service_result_to_string(s->reload_result),
- prefix, yes_no(s->permissions_start_only),
- prefix, yes_no(s->root_directory_start_only),
- prefix, yes_no(s->remain_after_exit),
- prefix, yes_no(s->guess_main_pid),
- prefix, service_type_to_string(s->type),
- prefix, service_restart_to_string(s->restart),
- prefix, notify_access_to_string(s->notify_access),
- prefix, notify_state_to_string(s->notify_state));
-
- if (s->control_pid > 0)
- fprintf(f,
- "%sControl PID: "PID_FMT"\n",
- prefix, s->control_pid);
-
- if (s->main_pid > 0)
- fprintf(f,
- "%sMain PID: "PID_FMT"\n"
- "%sMain PID Known: %s\n"
- "%sMain PID Alien: %s\n",
- prefix, s->main_pid,
- prefix, yes_no(s->main_pid_known),
- prefix, yes_no(s->main_pid_alien));
-
- if (s->pid_file)
- fprintf(f,
- "%sPIDFile: %s\n",
- prefix, s->pid_file);
-
- if (s->bus_name)
- fprintf(f,
- "%sBusName: %s\n"
- "%sBus Name Good: %s\n",
- prefix, s->bus_name,
- prefix, yes_no(s->bus_name_good));
-
- if (UNIT_ISSET(s->accept_socket))
- fprintf(f,
- "%sAccept Socket: %s\n",
- prefix, UNIT_DEREF(s->accept_socket)->id);
-
- kill_context_dump(&s->kill_context, f, prefix);
- exec_context_dump(&s->exec_context, f, prefix);
-
- for (c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) {
-
- if (!s->exec_command[c])
- continue;
-
- fprintf(f, "%s-> %s:\n",
- prefix, service_exec_command_to_string(c));
-
- exec_command_dump_list(s->exec_command[c], f, prefix2);
- }
-
- if (s->status_text)
- fprintf(f, "%sStatus Text: %s\n",
- prefix, s->status_text);
-
- if (s->n_fd_store_max > 0)
- fprintf(f,
- "%sFile Descriptor Store Max: %u\n"
- "%sFile Descriptor Store Current: %u\n",
- prefix, s->n_fd_store_max,
- prefix, s->n_fd_store);
-}
-
-static int service_load_pid_file(Service *s, bool may_warn) {
- _cleanup_free_ char *k = NULL;
- int r;
- pid_t pid;
-
- assert(s);
-
- if (!s->pid_file)
- return -ENOENT;
-
- r = read_one_line_file(s->pid_file, &k);
- if (r < 0) {
- if (may_warn)
- log_unit_info_errno(UNIT(s), r, "PID file %s not readable (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state));
- return r;
- }
-
- r = parse_pid(k, &pid);
- if (r < 0) {
- if (may_warn)
- log_unit_info_errno(UNIT(s), r, "Failed to read PID from file %s: %m", s->pid_file);
- return r;
- }
-
- if (!pid_is_alive(pid)) {
- if (may_warn)
- log_unit_info(UNIT(s), "PID "PID_FMT" read from file %s does not exist or is a zombie.", pid, s->pid_file);
- return -ESRCH;
- }
-
- if (s->main_pid_known) {
- if (pid == s->main_pid)
- return 0;
-
- log_unit_debug(UNIT(s), "Main PID changing: "PID_FMT" -> "PID_FMT, s->main_pid, pid);
-
- service_unwatch_main_pid(s);
- s->main_pid_known = false;
- } else
- log_unit_debug(UNIT(s), "Main PID loaded: "PID_FMT, pid);
-
- r = service_set_main_pid(s, pid);
- if (r < 0)
- return r;
-
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0) {
- /* FIXME: we need to do something here */
- log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" for service: %m", pid);
- return r;
- }
-
- return 0;
-}
-
-static void service_search_main_pid(Service *s) {
- pid_t pid = 0;
- int r;
-
- assert(s);
-
- /* If we know it anyway, don't ever fallback to unreliable
- * heuristics */
- if (s->main_pid_known)
- return;
-
- if (!s->guess_main_pid)
- return;
-
- assert(s->main_pid <= 0);
-
- if (unit_search_main_pid(UNIT(s), &pid) < 0)
- return;
-
- log_unit_debug(UNIT(s), "Main PID guessed: "PID_FMT, pid);
- if (service_set_main_pid(s, pid) < 0)
- return;
-
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0)
- /* FIXME: we need to do something here */
- log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" from: %m", pid);
-}
-
-static void service_set_state(Service *s, ServiceState state) {
- ServiceState old_state;
- const UnitActiveState *table;
-
- assert(s);
-
- table = s->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
-
- old_state = s->state;
- s->state = state;
-
- service_unwatch_pid_file(s);
-
- if (!IN_SET(state,
- SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
- SERVICE_RUNNING,
- SERVICE_RELOAD,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
- SERVICE_AUTO_RESTART))
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
-
- if (!IN_SET(state,
- SERVICE_START, SERVICE_START_POST,
- SERVICE_RUNNING, SERVICE_RELOAD,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
- service_unwatch_main_pid(s);
- s->main_command = NULL;
- }
-
- if (!IN_SET(state,
- SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
- SERVICE_RELOAD,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
- service_unwatch_control_pid(s);
- s->control_command = NULL;
- s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
- }
-
- if (IN_SET(state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART))
- unit_unwatch_all_pids(UNIT(s));
-
- if (!IN_SET(state,
- SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
- SERVICE_RUNNING, SERVICE_RELOAD,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL) &&
- !(state == SERVICE_DEAD && UNIT(s)->job))
- service_close_socket_fd(s);
-
- if (!IN_SET(state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
- service_stop_watchdog(s);
-
- /* For the inactive states unit_notify() will trim the cgroup,
- * but for exit we have to do that ourselves... */
- if (state == SERVICE_EXITED && !MANAGER_IS_RELOADING(UNIT(s)->manager))
- unit_prune_cgroup(UNIT(s));
-
- /* For remain_after_exit services, let's see if we can "release" the
- * hold on the console, since unit_notify() only does that in case of
- * change of state */
- if (state == SERVICE_EXITED &&
- s->remain_after_exit &&
- UNIT(s)->manager->n_on_console > 0) {
-
- ExecContext *ec;
-
- ec = unit_get_exec_context(UNIT(s));
- if (ec && exec_context_may_touch_console(ec)) {
- Manager *m = UNIT(s)->manager;
-
- m->n_on_console--;
- if (m->n_on_console == 0)
- /* unset no_console_output flag, since the console is free */
- m->no_console_output = false;
- }
- }
-
- if (old_state != state)
- log_unit_debug(UNIT(s), "Changed %s -> %s", service_state_to_string(old_state), service_state_to_string(state));
-
- unit_notify(UNIT(s), table[old_state], table[state], s->reload_result == SERVICE_SUCCESS);
-}
-
-static usec_t service_coldplug_timeout(Service *s) {
- assert(s);
-
- switch (s->deserialized_state) {
-
- case SERVICE_START_PRE:
- case SERVICE_START:
- case SERVICE_START_POST:
- case SERVICE_RELOAD:
- return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_start_usec);
-
- case SERVICE_RUNNING:
- return usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec);
-
- case SERVICE_STOP:
- case SERVICE_STOP_SIGABRT:
- case SERVICE_STOP_SIGTERM:
- case SERVICE_STOP_SIGKILL:
- case SERVICE_STOP_POST:
- case SERVICE_FINAL_SIGTERM:
- case SERVICE_FINAL_SIGKILL:
- return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
-
- case SERVICE_AUTO_RESTART:
- return usec_add(UNIT(s)->inactive_enter_timestamp.monotonic, s->restart_usec);
-
- default:
- return USEC_INFINITY;
- }
-}
-
-static int service_coldplug(Unit *u) {
- Service *s = SERVICE(u);
- int r;
-
- assert(s);
- assert(s->state == SERVICE_DEAD);
-
- if (s->deserialized_state == s->state)
- return 0;
-
- r = service_arm_timer(s, service_coldplug_timeout(s));
- if (r < 0)
- return r;
-
- if (s->main_pid > 0 &&
- pid_is_unwaited(s->main_pid) &&
- ((s->deserialized_state == SERVICE_START && IN_SET(s->type, SERVICE_FORKING, SERVICE_DBUS, SERVICE_ONESHOT, SERVICE_NOTIFY)) ||
- IN_SET(s->deserialized_state,
- SERVICE_START, SERVICE_START_POST,
- SERVICE_RUNNING, SERVICE_RELOAD,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))) {
- r = unit_watch_pid(UNIT(s), s->main_pid);
- if (r < 0)
- return r;
- }
-
- if (s->control_pid > 0 &&
- pid_is_unwaited(s->control_pid) &&
- IN_SET(s->deserialized_state,
- SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
- SERVICE_RELOAD,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
- r = unit_watch_pid(UNIT(s), s->control_pid);
- if (r < 0)
- return r;
- }
-
- if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART))
- unit_watch_all_pids(UNIT(s));
-
- if (IN_SET(s->deserialized_state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
- service_start_watchdog(s);
-
- if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART))
- (void) unit_setup_dynamic_creds(u);
-
- if (UNIT_ISSET(s->accept_socket)) {
- Socket* socket = SOCKET(UNIT_DEREF(s->accept_socket));
-
- if (socket->max_connections_per_source > 0) {
- SocketPeer *peer;
-
- /* Make a best-effort attempt at bumping the connection count */
- if (socket_acquire_peer(socket, s->socket_fd, &peer) > 0) {
- socket_peer_unref(s->peer);
- s->peer = peer;
- }
- }
- }
-
- service_set_state(s, s->deserialized_state);
- return 0;
-}
-
-static int service_collect_fds(Service *s, int **fds, char ***fd_names) {
- _cleanup_strv_free_ char **rfd_names = NULL;
- _cleanup_free_ int *rfds = NULL;
- int rn_fds = 0, r;
-
- assert(s);
- assert(fds);
- assert(fd_names);
-
- if (s->socket_fd >= 0) {
-
- /* Pass the per-connection socket */
-
- rfds = new(int, 1);
- if (!rfds)
- return -ENOMEM;
- rfds[0] = s->socket_fd;
-
- rfd_names = strv_new("connection", NULL);
- if (!rfd_names)
- return -ENOMEM;
-
- rn_fds = 1;
- } else {
- Iterator i;
- Unit *u;
-
- /* Pass all our configured sockets for singleton services */
-
- SET_FOREACH(u, UNIT(s)->dependencies[UNIT_TRIGGERED_BY], i) {
- _cleanup_free_ int *cfds = NULL;
- Socket *sock;
- int cn_fds;
-
- if (u->type != UNIT_SOCKET)
- continue;
-
- sock = SOCKET(u);
-
- cn_fds = socket_collect_fds(sock, &cfds);
- if (cn_fds < 0)
- return cn_fds;
-
- if (cn_fds <= 0)
- continue;
-
- if (!rfds) {
- rfds = cfds;
- rn_fds = cn_fds;
-
- cfds = NULL;
- } else {
- int *t;
-
- t = realloc(rfds, (rn_fds + cn_fds) * sizeof(int));
- if (!t)
- return -ENOMEM;
-
- memcpy(t + rn_fds, cfds, cn_fds * sizeof(int));
-
- rfds = t;
- rn_fds += cn_fds;
- }
-
- r = strv_extend_n(&rfd_names, socket_fdname(sock), cn_fds);
- if (r < 0)
- return r;
- }
- }
-
- if (s->n_fd_store > 0) {
- ServiceFDStore *fs;
- char **nl;
- int *t;
-
- t = realloc(rfds, (rn_fds + s->n_fd_store) * sizeof(int));
- if (!t)
- return -ENOMEM;
-
- rfds = t;
-
- nl = realloc(rfd_names, (rn_fds + s->n_fd_store + 1) * sizeof(char*));
- if (!nl)
- return -ENOMEM;
-
- rfd_names = nl;
-
- LIST_FOREACH(fd_store, fs, s->fd_store) {
- rfds[rn_fds] = fs->fd;
- rfd_names[rn_fds] = strdup(strempty(fs->fdname));
- if (!rfd_names[rn_fds])
- return -ENOMEM;
-
- rn_fds++;
- }
-
- rfd_names[rn_fds] = NULL;
- }
-
- *fds = rfds;
- *fd_names = rfd_names;
-
- rfds = NULL;
- rfd_names = NULL;
-
- return rn_fds;
-}
-
-static int service_spawn(
- Service *s,
- ExecCommand *c,
- usec_t timeout,
- ExecFlags flags,
- pid_t *_pid) {
-
- _cleanup_strv_free_ char **argv = NULL, **final_env = NULL, **our_env = NULL, **fd_names = NULL;
- _cleanup_free_ int *fds = NULL;
- unsigned n_fds = 0, n_env = 0;
- const char *path;
- pid_t pid;
-
- ExecParameters exec_params = {
- .flags = flags,
- .stdin_fd = -1,
- .stdout_fd = -1,
- .stderr_fd = -1,
- };
-
- int r;
-
- assert(s);
- assert(c);
- assert(_pid);
-
- if (flags & EXEC_IS_CONTROL) {
- /* If this is a control process, mask the permissions/chroot application if this is requested. */
- if (s->permissions_start_only)
- exec_params.flags &= ~EXEC_APPLY_PERMISSIONS;
- if (s->root_directory_start_only)
- exec_params.flags &= ~EXEC_APPLY_CHROOT;
- }
-
- (void) unit_realize_cgroup(UNIT(s));
- if (s->reset_cpu_usage) {
- (void) unit_reset_cpu_usage(UNIT(s));
- s->reset_cpu_usage = false;
- }
-
- r = unit_setup_exec_runtime(UNIT(s));
- if (r < 0)
- return r;
-
- r = unit_setup_dynamic_creds(UNIT(s));
- if (r < 0)
- return r;
-
- if ((flags & EXEC_PASS_FDS) ||
- s->exec_context.std_input == EXEC_INPUT_SOCKET ||
- s->exec_context.std_output == EXEC_OUTPUT_SOCKET ||
- s->exec_context.std_error == EXEC_OUTPUT_SOCKET) {
-
- r = service_collect_fds(s, &fds, &fd_names);
- if (r < 0)
- return r;
-
- n_fds = r;
- log_unit_debug(UNIT(s), "Passing %i fds to service", n_fds);
- }
-
- r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), timeout));
- if (r < 0)
- return r;
-
- r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
- if (r < 0)
- return r;
-
- our_env = new0(char*, 9);
- if (!our_env)
- return -ENOMEM;
-
- if ((flags & EXEC_IS_CONTROL) ? s->notify_access == NOTIFY_ALL : s->notify_access != NOTIFY_NONE)
- if (asprintf(our_env + n_env++, "NOTIFY_SOCKET=%s", UNIT(s)->manager->notify_socket) < 0)
- return -ENOMEM;
-
- if (s->main_pid > 0)
- if (asprintf(our_env + n_env++, "MAINPID="PID_FMT, s->main_pid) < 0)
- return -ENOMEM;
-
- if (MANAGER_IS_USER(UNIT(s)->manager))
- if (asprintf(our_env + n_env++, "MANAGERPID="PID_FMT, getpid()) < 0)
- return -ENOMEM;
-
- if (s->socket_fd >= 0) {
- union sockaddr_union sa;
- socklen_t salen = sizeof(sa);
-
- r = getpeername(s->socket_fd, &sa.sa, &salen);
- if (r < 0) {
- r = -errno;
-
- /* ENOTCONN is legitimate if the endpoint disappeared on shutdown.
- * This connection is over, but the socket unit lives on. */
- if (r != -ENOTCONN || !IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST))
- return r;
- }
-
- if (r == 0 && IN_SET(sa.sa.sa_family, AF_INET, AF_INET6)) {
- _cleanup_free_ char *addr = NULL;
- char *t;
- int port;
-
- r = sockaddr_pretty(&sa.sa, salen, true, false, &addr);
- if (r < 0)
- return r;
-
- t = strappend("REMOTE_ADDR=", addr);
- if (!t)
- return -ENOMEM;
- our_env[n_env++] = t;
-
- port = sockaddr_port(&sa.sa);
- if (port < 0)
- return port;
-
- if (asprintf(&t, "REMOTE_PORT=%u", port) < 0)
- return -ENOMEM;
- our_env[n_env++] = t;
- }
- }
-
- if (flags & EXEC_SETENV_RESULT) {
- if (asprintf(our_env + n_env++, "SERVICE_RESULT=%s", service_result_to_string(s->result)) < 0)
- return -ENOMEM;
-
- if (s->main_exec_status.pid > 0 &&
- dual_timestamp_is_set(&s->main_exec_status.exit_timestamp)) {
- if (asprintf(our_env + n_env++, "EXIT_CODE=%s", sigchld_code_to_string(s->main_exec_status.code)) < 0)
- return -ENOMEM;
-
- if (s->main_exec_status.code == CLD_EXITED)
- r = asprintf(our_env + n_env++, "EXIT_STATUS=%i", s->main_exec_status.status);
- else
- r = asprintf(our_env + n_env++, "EXIT_STATUS=%s", signal_to_string(s->main_exec_status.status));
- if (r < 0)
- return -ENOMEM;
- }
- }
-
- final_env = strv_env_merge(2, UNIT(s)->manager->environment, our_env, NULL);
- if (!final_env)
- return -ENOMEM;
-
- if ((flags & EXEC_IS_CONTROL) && UNIT(s)->cgroup_path) {
- path = strjoina(UNIT(s)->cgroup_path, "/control");
- (void) cg_create(SYSTEMD_CGROUP_CONTROLLER, path);
- } else
- path = UNIT(s)->cgroup_path;
-
- exec_params.argv = argv;
- exec_params.environment = final_env;
- exec_params.fds = fds;
- exec_params.fd_names = fd_names;
- exec_params.n_fds = n_fds;
- exec_params.flags |= UNIT(s)->manager->confirm_spawn ? EXEC_CONFIRM_SPAWN : 0;
- exec_params.cgroup_supported = UNIT(s)->manager->cgroup_supported;
- exec_params.cgroup_path = path;
- exec_params.cgroup_delegate = s->cgroup_context.delegate;
- exec_params.runtime_prefix = manager_get_runtime_prefix(UNIT(s)->manager);
- exec_params.watchdog_usec = s->watchdog_usec;
- exec_params.selinux_context_net = s->socket_fd_selinux_context_net;
- if (s->type == SERVICE_IDLE)
- exec_params.idle_pipe = UNIT(s)->manager->idle_pipe;
- exec_params.stdin_fd = s->stdin_fd;
- exec_params.stdout_fd = s->stdout_fd;
- exec_params.stderr_fd = s->stderr_fd;
-
- r = exec_spawn(UNIT(s),
- c,
- &s->exec_context,
- &exec_params,
- s->exec_runtime,
- &s->dynamic_creds,
- &pid);
- if (r < 0)
- return r;
-
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0)
- /* FIXME: we need to do something here */
- return r;
-
- *_pid = pid;
-
- return 0;
-}
-
-static int main_pid_good(Service *s) {
- assert(s);
-
- /* Returns 0 if the pid is dead, 1 if it is good, -1 if we
- * don't know */
-
- /* If we know the pid file, then let's just check if it is
- * still valid */
- if (s->main_pid_known) {
-
- /* If it's an alien child let's check if it is still
- * alive ... */
- if (s->main_pid_alien && s->main_pid > 0)
- return pid_is_alive(s->main_pid);
-
- /* .. otherwise assume we'll get a SIGCHLD for it,
- * which we really should wait for to collect exit
- * status and code */
- return s->main_pid > 0;
- }
-
- /* We don't know the pid */
- return -EAGAIN;
-}
-
-_pure_ static int control_pid_good(Service *s) {
- assert(s);
-
- return s->control_pid > 0;
-}
-
-static int cgroup_good(Service *s) {
- int r;
-
- assert(s);
-
- if (!UNIT(s)->cgroup_path)
- return 0;
-
- r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, UNIT(s)->cgroup_path);
- if (r < 0)
- return r;
-
- return !r;
-}
-
-static bool service_shall_restart(Service *s) {
- assert(s);
-
- /* Don't restart after manual stops */
- if (s->forbid_restart)
- return false;
-
- /* Never restart if this is configured as special exception */
- if (exit_status_set_test(&s->restart_prevent_status, s->main_exec_status.code, s->main_exec_status.status))
- return false;
-
- /* Restart if the exit code/status are configured as restart triggers */
- if (exit_status_set_test(&s->restart_force_status, s->main_exec_status.code, s->main_exec_status.status))
- return true;
-
- switch (s->restart) {
-
- case SERVICE_RESTART_NO:
- return false;
-
- case SERVICE_RESTART_ALWAYS:
- return true;
-
- case SERVICE_RESTART_ON_SUCCESS:
- return s->result == SERVICE_SUCCESS;
-
- case SERVICE_RESTART_ON_FAILURE:
- return s->result != SERVICE_SUCCESS;
-
- case SERVICE_RESTART_ON_ABNORMAL:
- return !IN_SET(s->result, SERVICE_SUCCESS, SERVICE_FAILURE_EXIT_CODE);
-
- case SERVICE_RESTART_ON_WATCHDOG:
- return s->result == SERVICE_FAILURE_WATCHDOG;
-
- case SERVICE_RESTART_ON_ABORT:
- return IN_SET(s->result, SERVICE_FAILURE_SIGNAL, SERVICE_FAILURE_CORE_DUMP);
-
- default:
- assert_not_reached("unknown restart setting");
- }
-}
-
-static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart) {
- int r;
- assert(s);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- service_set_state(s, s->result != SERVICE_SUCCESS ? SERVICE_FAILED : SERVICE_DEAD);
-
- if (s->result != SERVICE_SUCCESS) {
- log_unit_warning(UNIT(s), "Failed with result '%s'.", service_result_to_string(s->result));
- emergency_action(UNIT(s)->manager, s->emergency_action, UNIT(s)->reboot_arg, "service failed");
- }
-
- if (allow_restart && service_shall_restart(s)) {
-
- r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
- if (r < 0)
- goto fail;
-
- service_set_state(s, SERVICE_AUTO_RESTART);
- }
-
- /* The next restart might not be a manual stop, hence reset the flag indicating manual stops */
- s->forbid_restart = false;
-
- /* We want fresh tmpdirs in case service is started again immediately */
- exec_runtime_destroy(s->exec_runtime);
- s->exec_runtime = exec_runtime_unref(s->exec_runtime);
-
- /* Also, remove the runtime directory */
- exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
-
- /* Get rid of the IPC bits of the user */
- unit_unref_uid_gid(UNIT(s), true);
-
- /* Release the user, and destroy it if we are the only remaining owner */
- dynamic_creds_destroy(&s->dynamic_creds);
-
- /* Try to delete the pid file. At this point it will be
- * out-of-date, and some software might be confused by it, so
- * let's remove it. */
- if (s->pid_file)
- (void) unlink(s->pid_file);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run install restart timer: %m");
- service_enter_dead(s, SERVICE_FAILURE_RESOURCES, false);
-}
-
-static void service_enter_stop_post(Service *s, ServiceResult f) {
- int r;
- assert(s);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- service_unwatch_control_pid(s);
- unit_watch_all_pids(UNIT(s));
-
- s->control_command = s->exec_command[SERVICE_EXEC_STOP_POST];
- if (s->control_command) {
- s->control_command_id = SERVICE_EXEC_STOP_POST;
-
- r = service_spawn(s,
- s->control_command,
- s->timeout_stop_usec,
- EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_IS_CONTROL|EXEC_SETENV_RESULT,
- &s->control_pid);
- if (r < 0)
- goto fail;
-
- service_set_state(s, SERVICE_STOP_POST);
- } else
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop-post' task: %m");
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
-}
-
-static int state_to_kill_operation(ServiceState state) {
- switch (state) {
-
- case SERVICE_STOP_SIGABRT:
- return KILL_ABORT;
-
- case SERVICE_STOP_SIGTERM:
- case SERVICE_FINAL_SIGTERM:
- return KILL_TERMINATE;
-
- case SERVICE_STOP_SIGKILL:
- case SERVICE_FINAL_SIGKILL:
- return KILL_KILL;
-
- default:
- return _KILL_OPERATION_INVALID;
- }
-}
-
-static void service_enter_signal(Service *s, ServiceState state, ServiceResult f) {
- int r;
-
- assert(s);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- unit_watch_all_pids(UNIT(s));
-
- r = unit_kill_context(
- UNIT(s),
- &s->kill_context,
- state_to_kill_operation(state),
- s->main_pid,
- s->control_pid,
- s->main_pid_alien);
-
- if (r < 0)
- goto fail;
-
- if (r > 0) {
- r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
- if (r < 0)
- goto fail;
-
- service_set_state(s, state);
- } else if (IN_SET(state, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM) && s->kill_context.send_sigkill)
- service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_SUCCESS);
- else if (IN_SET(state, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL))
- service_enter_stop_post(s, SERVICE_SUCCESS);
- else if (state == SERVICE_FINAL_SIGTERM && s->kill_context.send_sigkill)
- service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_SUCCESS);
- else
- service_enter_dead(s, SERVICE_SUCCESS, true);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
-
- if (IN_SET(state, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL))
- service_enter_stop_post(s, SERVICE_FAILURE_RESOURCES);
- else
- service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
-}
-
-static void service_enter_stop_by_notify(Service *s) {
- assert(s);
-
- unit_watch_all_pids(UNIT(s));
-
- service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
-
- /* The service told us it's stopping, so it's as if we SIGTERM'd it. */
- service_set_state(s, SERVICE_STOP_SIGTERM);
-}
-
-static void service_enter_stop(Service *s, ServiceResult f) {
- int r;
-
- assert(s);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- service_unwatch_control_pid(s);
- unit_watch_all_pids(UNIT(s));
-
- s->control_command = s->exec_command[SERVICE_EXEC_STOP];
- if (s->control_command) {
- s->control_command_id = SERVICE_EXEC_STOP;
-
- r = service_spawn(s,
- s->control_command,
- s->timeout_stop_usec,
- EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_SETENV_RESULT,
- &s->control_pid);
- if (r < 0)
- goto fail;
-
- service_set_state(s, SERVICE_STOP);
- } else
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop' task: %m");
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
-}
-
-static bool service_good(Service *s) {
- int main_pid_ok;
- assert(s);
-
- if (s->type == SERVICE_DBUS && !s->bus_name_good)
- return false;
-
- main_pid_ok = main_pid_good(s);
- if (main_pid_ok > 0) /* It's alive */
- return true;
- if (main_pid_ok == 0) /* It's dead */
- return false;
-
- /* OK, we don't know anything about the main PID, maybe
- * because there is none. Let's check the control group
- * instead. */
-
- return cgroup_good(s) != 0;
-}
-
-static void service_enter_running(Service *s, ServiceResult f) {
- assert(s);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- service_unwatch_control_pid(s);
-
- if (service_good(s)) {
-
- /* If there are any queued up sd_notify()
- * notifications, process them now */
- if (s->notify_state == NOTIFY_RELOADING)
- service_enter_reload_by_notify(s);
- else if (s->notify_state == NOTIFY_STOPPING)
- service_enter_stop_by_notify(s);
- else {
- service_set_state(s, SERVICE_RUNNING);
- service_arm_timer(s, usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec));
- }
-
- } else if (s->remain_after_exit)
- service_set_state(s, SERVICE_EXITED);
- else
- service_enter_stop(s, SERVICE_SUCCESS);
-}
-
-static void service_enter_start_post(Service *s) {
- int r;
- assert(s);
-
- service_unwatch_control_pid(s);
- service_reset_watchdog(s);
-
- s->control_command = s->exec_command[SERVICE_EXEC_START_POST];
- if (s->control_command) {
- s->control_command_id = SERVICE_EXEC_START_POST;
-
- r = service_spawn(s,
- s->control_command,
- s->timeout_start_usec,
- EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL,
- &s->control_pid);
- if (r < 0)
- goto fail;
-
- service_set_state(s, SERVICE_START_POST);
- } else
- service_enter_running(s, SERVICE_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-post' task: %m");
- service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
-}
-
-static void service_kill_control_processes(Service *s) {
- char *p;
-
- if (!UNIT(s)->cgroup_path)
- return;
-
- p = strjoina(UNIT(s)->cgroup_path, "/control");
- cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, p, SIGKILL, CGROUP_SIGCONT|CGROUP_IGNORE_SELF|CGROUP_REMOVE, NULL, NULL, NULL);
-}
-
-static void service_enter_start(Service *s) {
- ExecCommand *c;
- usec_t timeout;
- pid_t pid;
- int r;
-
- assert(s);
-
- service_unwatch_control_pid(s);
- service_unwatch_main_pid(s);
-
- /* We want to ensure that nobody leaks processes from
- * START_PRE here, so let's go on a killing spree, People
- * should not spawn long running processes from START_PRE. */
- service_kill_control_processes(s);
-
- if (s->type == SERVICE_FORKING) {
- s->control_command_id = SERVICE_EXEC_START;
- c = s->control_command = s->exec_command[SERVICE_EXEC_START];
-
- s->main_command = NULL;
- } else {
- s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
- s->control_command = NULL;
-
- c = s->main_command = s->exec_command[SERVICE_EXEC_START];
- }
-
- if (!c) {
- if (s->type != SERVICE_ONESHOT) {
- /* There's no command line configured for the main command? Hmm, that is strange. This can only
- * happen if the configuration changes at runtime. In this case, let's enter a failure
- * state. */
- log_unit_error(UNIT(s), "There's no 'start' task anymore we could start: %m");
- r = -ENXIO;
- goto fail;
- }
-
- service_enter_start_post(s);
- return;
- }
-
- if (IN_SET(s->type, SERVICE_SIMPLE, SERVICE_IDLE))
- /* For simple + idle this is the main process. We don't apply any timeout here, but
- * service_enter_running() will later apply the .runtime_max_usec timeout. */
- timeout = USEC_INFINITY;
- else
- timeout = s->timeout_start_usec;
-
- r = service_spawn(s,
- c,
- timeout,
- EXEC_PASS_FDS|EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG,
- &pid);
- if (r < 0)
- goto fail;
-
- if (IN_SET(s->type, SERVICE_SIMPLE, SERVICE_IDLE)) {
- /* For simple services we immediately start
- * the START_POST binaries. */
-
- service_set_main_pid(s, pid);
- service_enter_start_post(s);
-
- } else if (s->type == SERVICE_FORKING) {
-
- /* For forking services we wait until the start
- * process exited. */
-
- s->control_pid = pid;
- service_set_state(s, SERVICE_START);
-
- } else if (IN_SET(s->type, SERVICE_ONESHOT, SERVICE_DBUS, SERVICE_NOTIFY)) {
-
- /* For oneshot services we wait until the start
- * process exited, too, but it is our main process. */
-
- /* For D-Bus services we know the main pid right away,
- * but wait for the bus name to appear on the
- * bus. Notify services are similar. */
-
- service_set_main_pid(s, pid);
- service_set_state(s, SERVICE_START);
- } else
- assert_not_reached("Unknown service type");
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'start' task: %m");
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
-}
-
-static void service_enter_start_pre(Service *s) {
- int r;
-
- assert(s);
-
- service_unwatch_control_pid(s);
-
- s->control_command = s->exec_command[SERVICE_EXEC_START_PRE];
- if (s->control_command) {
- /* Before we start anything, let's clear up what might
- * be left from previous runs. */
- service_kill_control_processes(s);
-
- s->control_command_id = SERVICE_EXEC_START_PRE;
-
- r = service_spawn(s,
- s->control_command,
- s->timeout_start_usec,
- EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_APPLY_TTY_STDIN,
- &s->control_pid);
- if (r < 0)
- goto fail;
-
- service_set_state(s, SERVICE_START_PRE);
- } else
- service_enter_start(s);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-pre' task: %m");
- service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
-}
-
-static void service_enter_restart(Service *s) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- int r;
-
- assert(s);
-
- if (UNIT(s)->job && UNIT(s)->job->type == JOB_STOP) {
- /* Don't restart things if we are going down anyway */
- log_unit_info(UNIT(s), "Stop job pending for unit, delaying automatic restart.");
-
- r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
- if (r < 0)
- goto fail;
-
- return;
- }
-
- /* Any units that are bound to this service must also be
- * restarted. We use JOB_RESTART (instead of the more obvious
- * JOB_START) here so that those dependency jobs will be added
- * as well. */
- r = manager_add_job(UNIT(s)->manager, JOB_RESTART, UNIT(s), JOB_FAIL, &error, NULL);
- if (r < 0)
- goto fail;
-
- /* Note that we stay in the SERVICE_AUTO_RESTART state here,
- * it will be canceled as part of the service_stop() call that
- * is executed as part of JOB_RESTART. */
-
- log_unit_debug(UNIT(s), "Scheduled restart job.");
- return;
-
-fail:
- log_unit_warning(UNIT(s), "Failed to schedule restart job: %s", bus_error_message(&error, -r));
- service_enter_dead(s, SERVICE_FAILURE_RESOURCES, false);
-}
-
-static void service_enter_reload_by_notify(Service *s) {
- assert(s);
-
- service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_start_usec));
- service_set_state(s, SERVICE_RELOAD);
-}
-
-static void service_enter_reload(Service *s) {
- int r;
-
- assert(s);
-
- service_unwatch_control_pid(s);
- s->reload_result = SERVICE_SUCCESS;
-
- s->control_command = s->exec_command[SERVICE_EXEC_RELOAD];
- if (s->control_command) {
- s->control_command_id = SERVICE_EXEC_RELOAD;
-
- r = service_spawn(s,
- s->control_command,
- s->timeout_start_usec,
- EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL,
- &s->control_pid);
- if (r < 0)
- goto fail;
-
- service_set_state(s, SERVICE_RELOAD);
- } else
- service_enter_running(s, SERVICE_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'reload' task: %m");
- s->reload_result = SERVICE_FAILURE_RESOURCES;
- service_enter_running(s, SERVICE_SUCCESS);
-}
-
-static void service_run_next_control(Service *s) {
- usec_t timeout;
- int r;
-
- assert(s);
- assert(s->control_command);
- assert(s->control_command->command_next);
-
- assert(s->control_command_id != SERVICE_EXEC_START);
-
- s->control_command = s->control_command->command_next;
- service_unwatch_control_pid(s);
-
- if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
- timeout = s->timeout_start_usec;
- else
- timeout = s->timeout_stop_usec;
-
- r = service_spawn(s,
- s->control_command,
- timeout,
- EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|
- (IN_SET(s->control_command_id, SERVICE_EXEC_START_PRE, SERVICE_EXEC_STOP_POST) ? EXEC_APPLY_TTY_STDIN : 0)|
- (IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_SETENV_RESULT : 0),
- &s->control_pid);
- if (r < 0)
- goto fail;
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run next control task: %m");
-
- if (s->state == SERVICE_START_PRE)
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
- else if (s->state == SERVICE_STOP)
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
- else if (s->state == SERVICE_STOP_POST)
- service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
- else if (s->state == SERVICE_RELOAD) {
- s->reload_result = SERVICE_FAILURE_RESOURCES;
- service_enter_running(s, SERVICE_SUCCESS);
- } else
- service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
-}
-
-static void service_run_next_main(Service *s) {
- pid_t pid;
- int r;
-
- assert(s);
- assert(s->main_command);
- assert(s->main_command->command_next);
- assert(s->type == SERVICE_ONESHOT);
-
- s->main_command = s->main_command->command_next;
- service_unwatch_main_pid(s);
-
- r = service_spawn(s,
- s->main_command,
- s->timeout_start_usec,
- EXEC_PASS_FDS|EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG,
- &pid);
- if (r < 0)
- goto fail;
-
- service_set_main_pid(s, pid);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run next main task: %m");
- service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
-}
-
-static int service_start(Unit *u) {
- Service *s = SERVICE(u);
- int r;
-
- assert(s);
-
- /* We cannot fulfill this request right now, try again later
- * please! */
- if (IN_SET(s->state,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))
- return -EAGAIN;
-
- /* Already on it! */
- if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST))
- return 0;
-
- /* A service that will be restarted must be stopped first to
- * trigger BindsTo and/or OnFailure dependencies. If a user
- * does not want to wait for the holdoff time to elapse, the
- * service should be manually restarted, not started. We
- * simply return EAGAIN here, so that any start jobs stay
- * queued, and assume that the auto restart timer will
- * eventually trigger the restart. */
- if (s->state == SERVICE_AUTO_RESTART)
- return -EAGAIN;
-
- assert(IN_SET(s->state, SERVICE_DEAD, SERVICE_FAILED));
-
- /* Make sure we don't enter a busy loop of some kind. */
- r = unit_start_limit_test(u);
- if (r < 0) {
- service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- s->result = SERVICE_SUCCESS;
- s->reload_result = SERVICE_SUCCESS;
- s->main_pid_known = false;
- s->main_pid_alien = false;
- s->forbid_restart = false;
- s->reset_cpu_usage = true;
-
- s->status_text = mfree(s->status_text);
- s->status_errno = 0;
-
- s->notify_state = NOTIFY_UNKNOWN;
-
- s->watchdog_override_enable = false;
- s->watchdog_override_usec = 0;
-
- service_enter_start_pre(s);
- return 1;
-}
-
-static int service_stop(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- /* Don't create restart jobs from manual stops. */
- s->forbid_restart = true;
-
- /* Already on it */
- if (IN_SET(s->state,
- SERVICE_STOP, SERVICE_STOP_SIGABRT, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))
- return 0;
-
- /* A restart will be scheduled or is in progress. */
- if (s->state == SERVICE_AUTO_RESTART) {
- service_set_state(s, SERVICE_DEAD);
- return 0;
- }
-
- /* If there's already something running we go directly into
- * kill mode. */
- if (IN_SET(s->state, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RELOAD)) {
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_SUCCESS);
- return 0;
- }
-
- assert(IN_SET(s->state, SERVICE_RUNNING, SERVICE_EXITED));
-
- service_enter_stop(s, SERVICE_SUCCESS);
- return 1;
-}
-
-static int service_reload(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- assert(s->state == SERVICE_RUNNING || s->state == SERVICE_EXITED);
-
- service_enter_reload(s);
- return 1;
-}
-
-_pure_ static bool service_can_reload(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- return !!s->exec_command[SERVICE_EXEC_RELOAD];
-}
-
-static int service_serialize(Unit *u, FILE *f, FDSet *fds) {
- Service *s = SERVICE(u);
- ServiceFDStore *fs;
- int r;
-
- assert(u);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", service_state_to_string(s->state));
- unit_serialize_item(u, f, "result", service_result_to_string(s->result));
- unit_serialize_item(u, f, "reload-result", service_result_to_string(s->reload_result));
-
- if (s->control_pid > 0)
- unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
-
- if (s->main_pid_known && s->main_pid > 0)
- unit_serialize_item_format(u, f, "main-pid", PID_FMT, s->main_pid);
-
- unit_serialize_item(u, f, "main-pid-known", yes_no(s->main_pid_known));
- unit_serialize_item(u, f, "bus-name-good", yes_no(s->bus_name_good));
- unit_serialize_item(u, f, "bus-name-owner", s->bus_name_owner);
-
- r = unit_serialize_item_escaped(u, f, "status-text", s->status_text);
- if (r < 0)
- return r;
-
- /* FIXME: There's a minor uncleanliness here: if there are
- * multiple commands attached here, we will start from the
- * first one again */
- if (s->control_command_id >= 0)
- unit_serialize_item(u, f, "control-command", service_exec_command_to_string(s->control_command_id));
-
- r = unit_serialize_item_fd(u, f, fds, "stdin-fd", s->stdin_fd);
- if (r < 0)
- return r;
- r = unit_serialize_item_fd(u, f, fds, "stdout-fd", s->stdout_fd);
- if (r < 0)
- return r;
- r = unit_serialize_item_fd(u, f, fds, "stderr-fd", s->stderr_fd);
- if (r < 0)
- return r;
-
- if (UNIT_ISSET(s->accept_socket)) {
- r = unit_serialize_item(u, f, "accept-socket", UNIT_DEREF(s->accept_socket)->id);
- if (r < 0)
- return r;
- }
-
- r = unit_serialize_item_fd(u, f, fds, "socket-fd", s->socket_fd);
- if (r < 0)
- return r;
-
- LIST_FOREACH(fd_store, fs, s->fd_store) {
- _cleanup_free_ char *c = NULL;
- int copy;
-
- copy = fdset_put_dup(fds, fs->fd);
- if (copy < 0)
- return copy;
-
- c = cescape(fs->fdname);
-
- unit_serialize_item_format(u, f, "fd-store-fd", "%i %s", copy, strempty(c));
- }
-
- if (s->main_exec_status.pid > 0) {
- unit_serialize_item_format(u, f, "main-exec-status-pid", PID_FMT, s->main_exec_status.pid);
- dual_timestamp_serialize(f, "main-exec-status-start", &s->main_exec_status.start_timestamp);
- dual_timestamp_serialize(f, "main-exec-status-exit", &s->main_exec_status.exit_timestamp);
-
- if (dual_timestamp_is_set(&s->main_exec_status.exit_timestamp)) {
- unit_serialize_item_format(u, f, "main-exec-status-code", "%i", s->main_exec_status.code);
- unit_serialize_item_format(u, f, "main-exec-status-status", "%i", s->main_exec_status.status);
- }
- }
-
- dual_timestamp_serialize(f, "watchdog-timestamp", &s->watchdog_timestamp);
-
- unit_serialize_item(u, f, "forbid-restart", yes_no(s->forbid_restart));
-
- if (s->watchdog_override_enable)
- unit_serialize_item_format(u, f, "watchdog-override-usec", USEC_FMT, s->watchdog_override_usec);
-
- return 0;
-}
-
-static int service_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Service *s = SERVICE(u);
- int r;
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- ServiceState state;
-
- state = service_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- s->deserialized_state = state;
- } else if (streq(key, "result")) {
- ServiceResult f;
-
- f = service_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != SERVICE_SUCCESS)
- s->result = f;
-
- } else if (streq(key, "reload-result")) {
- ServiceResult f;
-
- f = service_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse reload result value: %s", value);
- else if (f != SERVICE_SUCCESS)
- s->reload_result = f;
-
- } else if (streq(key, "control-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse control-pid value: %s", value);
- else
- s->control_pid = pid;
- } else if (streq(key, "main-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse main-pid value: %s", value);
- else {
- service_set_main_pid(s, pid);
- unit_watch_pid(UNIT(s), pid);
- }
- } else if (streq(key, "main-pid-known")) {
- int b;
-
- b = parse_boolean(value);
- if (b < 0)
- log_unit_debug(u, "Failed to parse main-pid-known value: %s", value);
- else
- s->main_pid_known = b;
- } else if (streq(key, "bus-name-good")) {
- int b;
-
- b = parse_boolean(value);
- if (b < 0)
- log_unit_debug(u, "Failed to parse bus-name-good value: %s", value);
- else
- s->bus_name_good = b;
- } else if (streq(key, "bus-name-owner")) {
- r = free_and_strdup(&s->bus_name_owner, value);
- if (r < 0)
- log_unit_error_errno(u, r, "Unable to deserialize current bus owner %s: %m", value);
- } else if (streq(key, "status-text")) {
- char *t;
-
- r = cunescape(value, 0, &t);
- if (r < 0)
- log_unit_debug_errno(u, r, "Failed to unescape status text: %s", value);
- else {
- free(s->status_text);
- s->status_text = t;
- }
-
- } else if (streq(key, "control-command")) {
- ServiceExecCommand id;
-
- id = service_exec_command_from_string(value);
- if (id < 0)
- log_unit_debug(u, "Failed to parse exec-command value: %s", value);
- else {
- s->control_command_id = id;
- s->control_command = s->exec_command[id];
- }
- } else if (streq(key, "accept-socket")) {
- Unit *socket;
-
- r = manager_load_unit(u->manager, value, NULL, NULL, &socket);
- if (r < 0)
- log_unit_debug_errno(u, r, "Failed to load accept-socket unit: %s", value);
- else {
- unit_ref_set(&s->accept_socket, socket);
- SOCKET(socket)->n_connections++;
- }
-
- } else if (streq(key, "socket-fd")) {
- int fd;
-
- if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse socket-fd value: %s", value);
- else {
- asynchronous_close(s->socket_fd);
- s->socket_fd = fdset_remove(fds, fd);
- }
- } else if (streq(key, "fd-store-fd")) {
- const char *fdv;
- size_t pf;
- int fd;
-
- pf = strcspn(value, WHITESPACE);
- fdv = strndupa(value, pf);
-
- if (safe_atoi(fdv, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse fd-store-fd value: %s", value);
- else {
- _cleanup_free_ char *t = NULL;
- const char *fdn;
-
- fdn = value + pf;
- fdn += strspn(fdn, WHITESPACE);
- (void) cunescape(fdn, 0, &t);
-
- r = service_add_fd_store(s, fd, t);
- if (r < 0)
- log_unit_error_errno(u, r, "Failed to add fd to store: %m");
- else
- fdset_remove(fds, fd);
- }
-
- } else if (streq(key, "main-exec-status-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse main-exec-status-pid value: %s", value);
- else
- s->main_exec_status.pid = pid;
- } else if (streq(key, "main-exec-status-code")) {
- int i;
-
- if (safe_atoi(value, &i) < 0)
- log_unit_debug(u, "Failed to parse main-exec-status-code value: %s", value);
- else
- s->main_exec_status.code = i;
- } else if (streq(key, "main-exec-status-status")) {
- int i;
-
- if (safe_atoi(value, &i) < 0)
- log_unit_debug(u, "Failed to parse main-exec-status-status value: %s", value);
- else
- s->main_exec_status.status = i;
- } else if (streq(key, "main-exec-status-start"))
- dual_timestamp_deserialize(value, &s->main_exec_status.start_timestamp);
- else if (streq(key, "main-exec-status-exit"))
- dual_timestamp_deserialize(value, &s->main_exec_status.exit_timestamp);
- else if (streq(key, "watchdog-timestamp"))
- dual_timestamp_deserialize(value, &s->watchdog_timestamp);
- else if (streq(key, "forbid-restart")) {
- int b;
-
- b = parse_boolean(value);
- if (b < 0)
- log_unit_debug(u, "Failed to parse forbid-restart value: %s", value);
- else
- s->forbid_restart = b;
- } else if (streq(key, "stdin-fd")) {
- int fd;
-
- if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse stdin-fd value: %s", value);
- else {
- asynchronous_close(s->stdin_fd);
- s->stdin_fd = fdset_remove(fds, fd);
- s->exec_context.stdio_as_fds = true;
- }
- } else if (streq(key, "stdout-fd")) {
- int fd;
-
- if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse stdout-fd value: %s", value);
- else {
- asynchronous_close(s->stdout_fd);
- s->stdout_fd = fdset_remove(fds, fd);
- s->exec_context.stdio_as_fds = true;
- }
- } else if (streq(key, "stderr-fd")) {
- int fd;
-
- if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse stderr-fd value: %s", value);
- else {
- asynchronous_close(s->stderr_fd);
- s->stderr_fd = fdset_remove(fds, fd);
- s->exec_context.stdio_as_fds = true;
- }
- } else if (streq(key, "watchdog-override-usec")) {
- usec_t watchdog_override_usec;
- if (timestamp_deserialize(value, &watchdog_override_usec) < 0)
- log_unit_debug(u, "Failed to parse watchdog_override_usec value: %s", value);
- else {
- s->watchdog_override_enable = true;
- s->watchdog_override_usec = watchdog_override_usec;
- }
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState service_active_state(Unit *u) {
- const UnitActiveState *table;
-
- assert(u);
-
- table = SERVICE(u)->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
-
- return table[SERVICE(u)->state];
-}
-
-static const char *service_sub_state_to_string(Unit *u) {
- assert(u);
-
- return service_state_to_string(SERVICE(u)->state);
-}
-
-static bool service_check_gc(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- /* Never clean up services that still have a process around,
- * even if the service is formally dead. */
- if (cgroup_good(s) > 0 ||
- main_pid_good(s) > 0 ||
- control_pid_good(s) > 0)
- return true;
-
- return false;
-}
-
-static int service_retry_pid_file(Service *s) {
- int r;
-
- assert(s->pid_file);
- assert(s->state == SERVICE_START || s->state == SERVICE_START_POST);
-
- r = service_load_pid_file(s, false);
- if (r < 0)
- return r;
-
- service_unwatch_pid_file(s);
-
- service_enter_running(s, SERVICE_SUCCESS);
- return 0;
-}
-
-static int service_watch_pid_file(Service *s) {
- int r;
-
- log_unit_debug(UNIT(s), "Setting watch for PID file %s", s->pid_file_pathspec->path);
-
- r = path_spec_watch(s->pid_file_pathspec, service_dispatch_io);
- if (r < 0)
- goto fail;
-
- /* the pidfile might have appeared just before we set the watch */
- log_unit_debug(UNIT(s), "Trying to read PID file %s in case it changed", s->pid_file_pathspec->path);
- service_retry_pid_file(s);
-
- return 0;
-fail:
- log_unit_error_errno(UNIT(s), r, "Failed to set a watch for PID file %s: %m", s->pid_file_pathspec->path);
- service_unwatch_pid_file(s);
- return r;
-}
-
-static int service_demand_pid_file(Service *s) {
- PathSpec *ps;
-
- assert(s->pid_file);
- assert(!s->pid_file_pathspec);
-
- ps = new0(PathSpec, 1);
- if (!ps)
- return -ENOMEM;
-
- ps->unit = UNIT(s);
- ps->path = strdup(s->pid_file);
- if (!ps->path) {
- free(ps);
- return -ENOMEM;
- }
-
- path_kill_slashes(ps->path);
-
- /* PATH_CHANGED would not be enough. There are daemons (sendmail) that
- * keep their PID file open all the time. */
- ps->type = PATH_MODIFIED;
- ps->inotify_fd = -1;
-
- s->pid_file_pathspec = ps;
-
- return service_watch_pid_file(s);
-}
-
-static int service_dispatch_io(sd_event_source *source, int fd, uint32_t events, void *userdata) {
- PathSpec *p = userdata;
- Service *s;
-
- assert(p);
-
- s = SERVICE(p->unit);
-
- assert(s);
- assert(fd >= 0);
- assert(s->state == SERVICE_START || s->state == SERVICE_START_POST);
- assert(s->pid_file_pathspec);
- assert(path_spec_owns_inotify_fd(s->pid_file_pathspec, fd));
-
- log_unit_debug(UNIT(s), "inotify event");
-
- if (path_spec_fd_event(p, events) < 0)
- goto fail;
-
- if (service_retry_pid_file(s) == 0)
- return 0;
-
- if (service_watch_pid_file(s) < 0)
- goto fail;
-
- return 0;
-
-fail:
- service_unwatch_pid_file(s);
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
- return 0;
-}
-
-static void service_notify_cgroup_empty_event(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(u);
-
- log_unit_debug(u, "cgroup is empty");
-
- switch (s->state) {
-
- /* Waiting for SIGCHLD is usually more interesting,
- * because it includes return codes/signals. Which is
- * why we ignore the cgroup events for most cases,
- * except when we don't know pid which to expect the
- * SIGCHLD for. */
-
- case SERVICE_START:
- case SERVICE_START_POST:
- /* If we were hoping for the daemon to write its PID file,
- * we can give up now. */
- if (s->pid_file_pathspec) {
- log_unit_warning(u, "Daemon never wrote its PID file. Failing.");
-
- service_unwatch_pid_file(s);
- if (s->state == SERVICE_START)
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
- else
- service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
- }
- break;
-
- case SERVICE_RUNNING:
- /* service_enter_running() will figure out what to do */
- service_enter_running(s, SERVICE_SUCCESS);
- break;
-
- case SERVICE_STOP_SIGABRT:
- case SERVICE_STOP_SIGTERM:
- case SERVICE_STOP_SIGKILL:
-
- if (main_pid_good(s) <= 0 && !control_pid_good(s))
- service_enter_stop_post(s, SERVICE_SUCCESS);
-
- break;
-
- case SERVICE_STOP_POST:
- case SERVICE_FINAL_SIGTERM:
- case SERVICE_FINAL_SIGKILL:
- if (main_pid_good(s) <= 0 && !control_pid_good(s))
- service_enter_dead(s, SERVICE_SUCCESS, true);
-
- break;
-
- default:
- ;
- }
-}
-
-static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
- Service *s = SERVICE(u);
- ServiceResult f;
-
- assert(s);
- assert(pid >= 0);
-
- if (is_clean_exit(code, status, s->type == SERVICE_ONESHOT ? EXIT_CLEAN_COMMAND : EXIT_CLEAN_DAEMON, &s->success_status))
- f = SERVICE_SUCCESS;
- else if (code == CLD_EXITED)
- f = SERVICE_FAILURE_EXIT_CODE;
- else if (code == CLD_KILLED)
- f = SERVICE_FAILURE_SIGNAL;
- else if (code == CLD_DUMPED)
- f = SERVICE_FAILURE_CORE_DUMP;
- else
- assert_not_reached("Unknown code");
-
- if (s->main_pid == pid) {
- /* Forking services may occasionally move to a new PID.
- * As long as they update the PID file before exiting the old
- * PID, they're fine. */
- if (service_load_pid_file(s, false) == 0)
- return;
-
- s->main_pid = 0;
- exec_status_exit(&s->main_exec_status, &s->exec_context, pid, code, status);
-
- if (s->main_command) {
- /* If this is not a forking service than the
- * main process got started and hence we copy
- * the exit status so that it is recorded both
- * as main and as control process exit
- * status */
-
- s->main_command->exec_status = s->main_exec_status;
-
- if (s->main_command->ignore)
- f = SERVICE_SUCCESS;
- } else if (s->exec_command[SERVICE_EXEC_START]) {
-
- /* If this is a forked process, then we should
- * ignore the return value if this was
- * configured for the starter process */
-
- if (s->exec_command[SERVICE_EXEC_START]->ignore)
- f = SERVICE_SUCCESS;
- }
-
- /* When this is a successful exit, let's log about the exit code on DEBUG level. If this is a failure
- * and the process exited on its own via exit(), then let's make this a NOTICE, under the assumption
- * that the service already logged the reason at a higher log level on its own. However, if the service
- * died due to a signal, then it most likely didn't say anything about any reason, hence let's raise
- * our log level to WARNING then. */
-
- log_struct(f == SERVICE_SUCCESS ? LOG_DEBUG :
- (code == CLD_EXITED ? LOG_NOTICE : LOG_WARNING),
- LOG_UNIT_ID(u),
- LOG_UNIT_MESSAGE(u, "Main process exited, code=%s, status=%i/%s",
- sigchld_code_to_string(code), status,
- strna(code == CLD_EXITED
- ? exit_status_to_string(status, EXIT_STATUS_FULL)
- : signal_to_string(status))),
- "EXIT_CODE=%s", sigchld_code_to_string(code),
- "EXIT_STATUS=%i", status,
- NULL);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- if (s->main_command &&
- s->main_command->command_next &&
- f == SERVICE_SUCCESS) {
-
- /* There is another command to *
- * execute, so let's do that. */
-
- log_unit_debug(u, "Running next main command for state %s.", service_state_to_string(s->state));
- service_run_next_main(s);
-
- } else {
-
- /* The service exited, so the service is officially
- * gone. */
- s->main_command = NULL;
-
- switch (s->state) {
-
- case SERVICE_START_POST:
- case SERVICE_RELOAD:
- case SERVICE_STOP:
- /* Need to wait until the operation is
- * done */
- break;
-
- case SERVICE_START:
- if (s->type == SERVICE_ONESHOT) {
- /* This was our main goal, so let's go on */
- if (f == SERVICE_SUCCESS)
- service_enter_start_post(s);
- else
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f);
- break;
- }
-
- /* Fall through */
-
- case SERVICE_RUNNING:
- service_enter_running(s, f);
- break;
-
- case SERVICE_STOP_SIGABRT:
- case SERVICE_STOP_SIGTERM:
- case SERVICE_STOP_SIGKILL:
-
- if (!control_pid_good(s))
- service_enter_stop_post(s, f);
-
- /* If there is still a control process, wait for that first */
- break;
-
- case SERVICE_STOP_POST:
- case SERVICE_FINAL_SIGTERM:
- case SERVICE_FINAL_SIGKILL:
-
- if (!control_pid_good(s))
- service_enter_dead(s, f, true);
- break;
-
- default:
- assert_not_reached("Uh, main process died at wrong time.");
- }
- }
-
- } else if (s->control_pid == pid) {
- s->control_pid = 0;
-
- if (s->control_command) {
- exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
-
- if (s->control_command->ignore)
- f = SERVICE_SUCCESS;
- }
-
- log_unit_full(u, f == SERVICE_SUCCESS ? LOG_DEBUG : LOG_NOTICE, 0,
- "Control process exited, code=%s status=%i",
- sigchld_code_to_string(code), status);
-
- if (s->result == SERVICE_SUCCESS)
- s->result = f;
-
- /* Immediately get rid of the cgroup, so that the
- * kernel doesn't delay the cgroup empty messages for
- * the service cgroup any longer than necessary */
- service_kill_control_processes(s);
-
- if (s->control_command &&
- s->control_command->command_next &&
- f == SERVICE_SUCCESS) {
-
- /* There is another command to *
- * execute, so let's do that. */
-
- log_unit_debug(u, "Running next control command for state %s.", service_state_to_string(s->state));
- service_run_next_control(s);
-
- } else {
- /* No further commands for this step, so let's
- * figure out what to do next */
-
- s->control_command = NULL;
- s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
-
- log_unit_debug(u, "Got final SIGCHLD for state %s.", service_state_to_string(s->state));
-
- switch (s->state) {
-
- case SERVICE_START_PRE:
- if (f == SERVICE_SUCCESS)
- service_enter_start(s);
- else
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f);
- break;
-
- case SERVICE_START:
- if (s->type != SERVICE_FORKING)
- /* Maybe spurious event due to a reload that changed the type? */
- break;
-
- if (f != SERVICE_SUCCESS) {
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, f);
- break;
- }
-
- if (s->pid_file) {
- bool has_start_post;
- int r;
-
- /* Let's try to load the pid file here if we can.
- * The PID file might actually be created by a START_POST
- * script. In that case don't worry if the loading fails. */
-
- has_start_post = !!s->exec_command[SERVICE_EXEC_START_POST];
- r = service_load_pid_file(s, !has_start_post);
- if (!has_start_post && r < 0) {
- r = service_demand_pid_file(s);
- if (r < 0 || !cgroup_good(s))
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
- break;
- }
- } else
- service_search_main_pid(s);
-
- service_enter_start_post(s);
- break;
-
- case SERVICE_START_POST:
- if (f != SERVICE_SUCCESS) {
- service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
- break;
- }
-
- if (s->pid_file) {
- int r;
-
- r = service_load_pid_file(s, true);
- if (r < 0) {
- r = service_demand_pid_file(s);
- if (r < 0 || !cgroup_good(s))
- service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
- break;
- }
- } else
- service_search_main_pid(s);
-
- service_enter_running(s, SERVICE_SUCCESS);
- break;
-
- case SERVICE_RELOAD:
- if (f == SERVICE_SUCCESS)
- if (service_load_pid_file(s, true) < 0)
- service_search_main_pid(s);
-
- s->reload_result = f;
- service_enter_running(s, SERVICE_SUCCESS);
- break;
-
- case SERVICE_STOP:
- service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
- break;
-
- case SERVICE_STOP_SIGABRT:
- case SERVICE_STOP_SIGTERM:
- case SERVICE_STOP_SIGKILL:
- if (main_pid_good(s) <= 0)
- service_enter_stop_post(s, f);
-
- /* If there is still a service
- * process around, wait until
- * that one quit, too */
- break;
-
- case SERVICE_STOP_POST:
- case SERVICE_FINAL_SIGTERM:
- case SERVICE_FINAL_SIGKILL:
- if (main_pid_good(s) <= 0)
- service_enter_dead(s, f, true);
- break;
-
- default:
- assert_not_reached("Uh, control process died at wrong time.");
- }
- }
- }
-
- /* Notify clients about changed exit status */
- unit_add_to_dbus_queue(u);
-
- /* We got one SIGCHLD for the service, let's watch all
- * processes that are now running of the service, and watch
- * that. Among the PIDs we then watch will be children
- * reassigned to us, which hopefully allows us to identify
- * when all children are gone */
- unit_tidy_watch_pids(u, s->main_pid, s->control_pid);
- unit_watch_all_pids(u);
-
- /* If the PID set is empty now, then let's finish this off
- (On unified we use proper notifications) */
- if (cg_unified(SYSTEMD_CGROUP_CONTROLLER) <= 0 && set_isempty(u->pids))
- service_notify_cgroup_empty_event(u);
-}
-
-static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
- Service *s = SERVICE(userdata);
-
- assert(s);
- assert(source == s->timer_event_source);
-
- switch (s->state) {
-
- case SERVICE_START_PRE:
- case SERVICE_START:
- log_unit_warning(UNIT(s), "%s operation timed out. Terminating.", s->state == SERVICE_START ? "Start" : "Start-pre");
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_START_POST:
- log_unit_warning(UNIT(s), "Start-post operation timed out. Stopping.");
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_RUNNING:
- log_unit_warning(UNIT(s), "Service reached runtime time limit. Stopping.");
- service_enter_stop(s, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_RELOAD:
- log_unit_warning(UNIT(s), "Reload operation timed out. Killing reload process.");
- service_kill_control_processes(s);
- s->reload_result = SERVICE_FAILURE_TIMEOUT;
- service_enter_running(s, SERVICE_SUCCESS);
- break;
-
- case SERVICE_STOP:
- log_unit_warning(UNIT(s), "Stopping timed out. Terminating.");
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_STOP_SIGABRT:
- log_unit_warning(UNIT(s), "State 'stop-sigabrt' timed out. Terminating.");
- service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_STOP_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "State 'stop-sigterm' timed out. Killing.");
- service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "State 'stop-sigterm' timed out. Skipping SIGKILL.");
- service_enter_stop_post(s, SERVICE_FAILURE_TIMEOUT);
- }
-
- break;
-
- case SERVICE_STOP_SIGKILL:
- /* Uh, we sent a SIGKILL and it is still not gone?
- * Must be something we cannot kill, so let's just be
- * weirded out and continue */
-
- log_unit_warning(UNIT(s), "Processes still around after SIGKILL. Ignoring.");
- service_enter_stop_post(s, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_STOP_POST:
- log_unit_warning(UNIT(s), "State 'stop-post' timed out. Terminating.");
- service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_TIMEOUT);
- break;
-
- case SERVICE_FINAL_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "State 'stop-final-sigterm' timed out. Killing.");
- service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "State 'stop-final-sigterm' timed out. Skipping SIGKILL. Entering failed mode.");
- service_enter_dead(s, SERVICE_FAILURE_TIMEOUT, false);
- }
-
- break;
-
- case SERVICE_FINAL_SIGKILL:
- log_unit_warning(UNIT(s), "Processes still around after final SIGKILL. Entering failed mode.");
- service_enter_dead(s, SERVICE_FAILURE_TIMEOUT, true);
- break;
-
- case SERVICE_AUTO_RESTART:
- log_unit_info(UNIT(s),
- s->restart_usec > 0 ?
- "Service hold-off time over, scheduling restart." :
- "Service has no hold-off time, scheduling restart.");
- service_enter_restart(s);
- break;
-
- default:
- assert_not_reached("Timeout at wrong time.");
- }
-
- return 0;
-}
-
-static int service_dispatch_watchdog(sd_event_source *source, usec_t usec, void *userdata) {
- Service *s = SERVICE(userdata);
- char t[FORMAT_TIMESPAN_MAX];
- usec_t watchdog_usec;
-
- assert(s);
- assert(source == s->watchdog_event_source);
-
- watchdog_usec = service_get_watchdog_usec(s);
-
- log_unit_error(UNIT(s), "Watchdog timeout (limit %s)!",
- format_timespan(t, sizeof(t), watchdog_usec, 1));
-
- service_enter_signal(s, SERVICE_STOP_SIGABRT, SERVICE_FAILURE_WATCHDOG);
-
- return 0;
-}
-
-static void service_notify_message(Unit *u, pid_t pid, char **tags, FDSet *fds) {
- Service *s = SERVICE(u);
- _cleanup_free_ char *cc = NULL;
- bool notify_dbus = false;
- const char *e;
-
- assert(u);
-
- cc = strv_join(tags, ", ");
-
- if (s->notify_access == NOTIFY_NONE) {
- log_unit_warning(u, "Got notification message from PID "PID_FMT", but reception is disabled.", pid);
- return;
- } else if (s->notify_access == NOTIFY_MAIN && pid != s->main_pid) {
- if (s->main_pid != 0)
- log_unit_warning(u, "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT, pid, s->main_pid);
- else
- log_unit_debug(u, "Got notification message from PID "PID_FMT", but reception only permitted for main PID which is currently not known", pid);
- return;
- } else
- log_unit_debug(u, "Got notification message from PID "PID_FMT" (%s)", pid, isempty(cc) ? "n/a" : cc);
-
- /* Interpret MAINPID= */
- e = strv_find_startswith(tags, "MAINPID=");
- if (e && IN_SET(s->state, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD)) {
- if (parse_pid(e, &pid) < 0)
- log_unit_warning(u, "Failed to parse MAINPID= field in notification message: %s", e);
- else {
- service_set_main_pid(s, pid);
- unit_watch_pid(UNIT(s), pid);
- notify_dbus = true;
- }
- }
-
- /* Interpret RELOADING= */
- if (strv_find(tags, "RELOADING=1")) {
-
- s->notify_state = NOTIFY_RELOADING;
-
- if (s->state == SERVICE_RUNNING)
- service_enter_reload_by_notify(s);
-
- notify_dbus = true;
- }
-
- /* Interpret READY= */
- if (strv_find(tags, "READY=1")) {
-
- s->notify_state = NOTIFY_READY;
-
- /* Type=notify services inform us about completed
- * initialization with READY=1 */
- if (s->type == SERVICE_NOTIFY && s->state == SERVICE_START)
- service_enter_start_post(s);
-
- /* Sending READY=1 while we are reloading informs us
- * that the reloading is complete */
- if (s->state == SERVICE_RELOAD && s->control_pid == 0)
- service_enter_running(s, SERVICE_SUCCESS);
-
- notify_dbus = true;
- }
-
- /* Interpret STOPPING= */
- if (strv_find(tags, "STOPPING=1")) {
-
- s->notify_state = NOTIFY_STOPPING;
-
- if (s->state == SERVICE_RUNNING)
- service_enter_stop_by_notify(s);
-
- notify_dbus = true;
- }
-
- /* Interpret STATUS= */
- e = strv_find_startswith(tags, "STATUS=");
- if (e) {
- _cleanup_free_ char *t = NULL;
-
- if (!isempty(e)) {
- if (!utf8_is_valid(e))
- log_unit_warning(u, "Status message in notification message is not UTF-8 clean.");
- else {
- t = strdup(e);
- if (!t)
- log_oom();
- }
- }
-
- if (!streq_ptr(s->status_text, t)) {
-
- free_and_replace(s->status_text, t);
-
- notify_dbus = true;
- }
- }
-
- /* Interpret ERRNO= */
- e = strv_find_startswith(tags, "ERRNO=");
- if (e) {
- int status_errno;
-
- if (safe_atoi(e, &status_errno) < 0 || status_errno < 0)
- log_unit_warning(u, "Failed to parse ERRNO= field in notification message: %s", e);
- else {
- if (s->status_errno != status_errno) {
- s->status_errno = status_errno;
- notify_dbus = true;
- }
- }
- }
-
- /* Interpret WATCHDOG= */
- if (strv_find(tags, "WATCHDOG=1"))
- service_reset_watchdog(s);
-
- if (strv_find(tags, "FDSTORE=1")) {
- const char *name;
-
- name = strv_find_startswith(tags, "FDNAME=");
- if (name && !fdname_is_valid(name)) {
- log_unit_warning(u, "Passed FDNAME= name is invalid, ignoring.");
- name = NULL;
- }
-
- service_add_fd_store_set(s, fds, name);
- }
-
- e = strv_find_startswith(tags, "WATCHDOG_USEC=");
- if (e) {
- usec_t watchdog_override_usec;
- if (safe_atou64(e, &watchdog_override_usec) < 0)
- log_unit_warning(u, "Failed to parse WATCHDOG_USEC=%s", e);
- else
- service_reset_watchdog_timeout(s, watchdog_override_usec);
- }
-
- /* Notify clients about changed status or main pid */
- if (notify_dbus)
- unit_add_to_dbus_queue(u);
-}
-
-static int service_get_timeout(Unit *u, usec_t *timeout) {
- Service *s = SERVICE(u);
- uint64_t t;
- int r;
-
- if (!s->timer_event_source)
- return 0;
-
- r = sd_event_source_get_time(s->timer_event_source, &t);
- if (r < 0)
- return r;
- if (t == USEC_INFINITY)
- return 0;
-
- *timeout = t;
- return 1;
-}
-
-static void service_bus_name_owner_change(
- Unit *u,
- const char *name,
- const char *old_owner,
- const char *new_owner) {
-
- Service *s = SERVICE(u);
- int r;
-
- assert(s);
- assert(name);
-
- assert(streq(s->bus_name, name));
- assert(old_owner || new_owner);
-
- if (old_owner && new_owner)
- log_unit_debug(u, "D-Bus name %s changed owner from %s to %s", name, old_owner, new_owner);
- else if (old_owner)
- log_unit_debug(u, "D-Bus name %s no longer registered by %s", name, old_owner);
- else
- log_unit_debug(u, "D-Bus name %s now registered by %s", name, new_owner);
-
- s->bus_name_good = !!new_owner;
-
- /* Track the current owner, so we can reconstruct changes after a daemon reload */
- r = free_and_strdup(&s->bus_name_owner, new_owner);
- if (r < 0) {
- log_unit_error_errno(u, r, "Unable to set new bus name owner %s: %m", new_owner);
- return;
- }
-
- if (s->type == SERVICE_DBUS) {
-
- /* service_enter_running() will figure out what to
- * do */
- if (s->state == SERVICE_RUNNING)
- service_enter_running(s, SERVICE_SUCCESS);
- else if (s->state == SERVICE_START && new_owner)
- service_enter_start_post(s);
-
- } else if (new_owner &&
- s->main_pid <= 0 &&
- (s->state == SERVICE_START ||
- s->state == SERVICE_START_POST ||
- s->state == SERVICE_RUNNING ||
- s->state == SERVICE_RELOAD)) {
-
- _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
- pid_t pid;
-
- /* Try to acquire PID from bus service */
-
- r = sd_bus_get_name_creds(u->manager->api_bus, name, SD_BUS_CREDS_PID, &creds);
- if (r >= 0)
- r = sd_bus_creds_get_pid(creds, &pid);
- if (r >= 0) {
- log_unit_debug(u, "D-Bus name %s is now owned by process %u", name, (unsigned) pid);
-
- service_set_main_pid(s, pid);
- unit_watch_pid(UNIT(s), pid);
- }
- }
-}
-
-int service_set_socket_fd(Service *s, int fd, Socket *sock, bool selinux_context_net) {
- _cleanup_free_ char *peer = NULL;
- int r;
-
- assert(s);
- assert(fd >= 0);
-
- /* This is called by the socket code when instantiating a new service for a stream socket and the socket needs
- * to be configured. We take ownership of the passed fd on success. */
-
- if (UNIT(s)->load_state != UNIT_LOADED)
- return -EINVAL;
-
- if (s->socket_fd >= 0)
- return -EBUSY;
-
- if (s->state != SERVICE_DEAD)
- return -EAGAIN;
-
- if (getpeername_pretty(fd, true, &peer) >= 0) {
-
- if (UNIT(s)->description) {
- _cleanup_free_ char *a;
-
- a = strjoin(UNIT(s)->description, " (", peer, ")", NULL);
- if (!a)
- return -ENOMEM;
-
- r = unit_set_description(UNIT(s), a);
- } else
- r = unit_set_description(UNIT(s), peer);
-
- if (r < 0)
- return r;
- }
-
- r = unit_add_two_dependencies(UNIT(sock), UNIT_BEFORE, UNIT_TRIGGERS, UNIT(s), false);
- if (r < 0)
- return r;
-
- s->socket_fd = fd;
- s->socket_fd_selinux_context_net = selinux_context_net;
-
- unit_ref_set(&s->accept_socket, UNIT(sock));
- return 0;
-}
-
-static void service_reset_failed(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- if (s->state == SERVICE_FAILED)
- service_set_state(s, SERVICE_DEAD);
-
- s->result = SERVICE_SUCCESS;
- s->reload_result = SERVICE_SUCCESS;
-}
-
-static int service_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- Service *s = SERVICE(u);
-
- return unit_kill_common(u, who, signo, s->main_pid, s->control_pid, error);
-}
-
-static int service_main_pid(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- return s->main_pid;
-}
-
-static int service_control_pid(Unit *u) {
- Service *s = SERVICE(u);
-
- assert(s);
-
- return s->control_pid;
-}
-
-static const char* const service_restart_table[_SERVICE_RESTART_MAX] = {
- [SERVICE_RESTART_NO] = "no",
- [SERVICE_RESTART_ON_SUCCESS] = "on-success",
- [SERVICE_RESTART_ON_FAILURE] = "on-failure",
- [SERVICE_RESTART_ON_ABNORMAL] = "on-abnormal",
- [SERVICE_RESTART_ON_WATCHDOG] = "on-watchdog",
- [SERVICE_RESTART_ON_ABORT] = "on-abort",
- [SERVICE_RESTART_ALWAYS] = "always",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(service_restart, ServiceRestart);
-
-static const char* const service_type_table[_SERVICE_TYPE_MAX] = {
- [SERVICE_SIMPLE] = "simple",
- [SERVICE_FORKING] = "forking",
- [SERVICE_ONESHOT] = "oneshot",
- [SERVICE_DBUS] = "dbus",
- [SERVICE_NOTIFY] = "notify",
- [SERVICE_IDLE] = "idle"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(service_type, ServiceType);
-
-static const char* const service_exec_command_table[_SERVICE_EXEC_COMMAND_MAX] = {
- [SERVICE_EXEC_START_PRE] = "ExecStartPre",
- [SERVICE_EXEC_START] = "ExecStart",
- [SERVICE_EXEC_START_POST] = "ExecStartPost",
- [SERVICE_EXEC_RELOAD] = "ExecReload",
- [SERVICE_EXEC_STOP] = "ExecStop",
- [SERVICE_EXEC_STOP_POST] = "ExecStopPost",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(service_exec_command, ServiceExecCommand);
-
-static const char* const notify_access_table[_NOTIFY_ACCESS_MAX] = {
- [NOTIFY_NONE] = "none",
- [NOTIFY_MAIN] = "main",
- [NOTIFY_ALL] = "all"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(notify_access, NotifyAccess);
-
-static const char* const notify_state_table[_NOTIFY_STATE_MAX] = {
- [NOTIFY_UNKNOWN] = "unknown",
- [NOTIFY_READY] = "ready",
- [NOTIFY_RELOADING] = "reloading",
- [NOTIFY_STOPPING] = "stopping",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(notify_state, NotifyState);
-
-static const char* const service_result_table[_SERVICE_RESULT_MAX] = {
- [SERVICE_SUCCESS] = "success",
- [SERVICE_FAILURE_RESOURCES] = "resources",
- [SERVICE_FAILURE_TIMEOUT] = "timeout",
- [SERVICE_FAILURE_EXIT_CODE] = "exit-code",
- [SERVICE_FAILURE_SIGNAL] = "signal",
- [SERVICE_FAILURE_CORE_DUMP] = "core-dump",
- [SERVICE_FAILURE_WATCHDOG] = "watchdog",
- [SERVICE_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(service_result, ServiceResult);
-
-const UnitVTable service_vtable = {
- .object_size = sizeof(Service),
- .exec_context_offset = offsetof(Service, exec_context),
- .cgroup_context_offset = offsetof(Service, cgroup_context),
- .kill_context_offset = offsetof(Service, kill_context),
- .exec_runtime_offset = offsetof(Service, exec_runtime),
- .dynamic_creds_offset = offsetof(Service, dynamic_creds),
-
- .sections =
- "Unit\0"
- "Service\0"
- "Install\0",
- .private_section = "Service",
-
- .init = service_init,
- .done = service_done,
- .load = service_load,
- .release_resources = service_release_resources,
-
- .coldplug = service_coldplug,
-
- .dump = service_dump,
-
- .start = service_start,
- .stop = service_stop,
- .reload = service_reload,
-
- .can_reload = service_can_reload,
-
- .kill = service_kill,
-
- .serialize = service_serialize,
- .deserialize_item = service_deserialize_item,
-
- .active_state = service_active_state,
- .sub_state_to_string = service_sub_state_to_string,
-
- .check_gc = service_check_gc,
-
- .sigchld_event = service_sigchld_event,
-
- .reset_failed = service_reset_failed,
-
- .notify_cgroup_empty = service_notify_cgroup_empty_event,
- .notify_message = service_notify_message,
-
- .main_pid = service_main_pid,
- .control_pid = service_control_pid,
-
- .bus_name_owner_change = service_bus_name_owner_change,
-
- .bus_vtable = bus_service_vtable,
- .bus_set_property = bus_service_set_property,
- .bus_commit_properties = bus_service_commit_properties,
-
- .get_timeout = service_get_timeout,
- .can_transient = true,
-
- .status_message_formats = {
- .starting_stopping = {
- [0] = "Starting %s...",
- [1] = "Stopping %s...",
- },
- .finished_start_job = {
- [JOB_DONE] = "Started %s.",
- [JOB_FAILED] = "Failed to start %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Stopped %s.",
- [JOB_FAILED] = "Stopped (with error) %s.",
- },
- },
-};
diff --git a/src/core/service.h b/src/core/service.h
deleted file mode 100644
index 2869144fcb..0000000000
--- a/src/core/service.h
+++ /dev/null
@@ -1,224 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Service Service;
-typedef struct ServiceFDStore ServiceFDStore;
-
-#include "exit-status.h"
-#include "kill.h"
-#include "path.h"
-#include "ratelimit.h"
-
-typedef enum ServiceRestart {
- SERVICE_RESTART_NO,
- SERVICE_RESTART_ON_SUCCESS,
- SERVICE_RESTART_ON_FAILURE,
- SERVICE_RESTART_ON_ABNORMAL,
- SERVICE_RESTART_ON_WATCHDOG,
- SERVICE_RESTART_ON_ABORT,
- SERVICE_RESTART_ALWAYS,
- _SERVICE_RESTART_MAX,
- _SERVICE_RESTART_INVALID = -1
-} ServiceRestart;
-
-typedef enum ServiceType {
- SERVICE_SIMPLE, /* we fork and go on right-away (i.e. modern socket activated daemons) */
- SERVICE_FORKING, /* forks by itself (i.e. traditional daemons) */
- SERVICE_ONESHOT, /* we fork and wait until the program finishes (i.e. programs like fsck which run and need to finish before we continue) */
- SERVICE_DBUS, /* we fork and wait until a specific D-Bus name appears on the bus */
- SERVICE_NOTIFY, /* we fork and wait until a daemon sends us a ready message with sd_notify() */
- SERVICE_IDLE, /* much like simple, but delay exec() until all jobs are dispatched. */
- _SERVICE_TYPE_MAX,
- _SERVICE_TYPE_INVALID = -1
-} ServiceType;
-
-typedef enum ServiceExecCommand {
- SERVICE_EXEC_START_PRE,
- SERVICE_EXEC_START,
- SERVICE_EXEC_START_POST,
- SERVICE_EXEC_RELOAD,
- SERVICE_EXEC_STOP,
- SERVICE_EXEC_STOP_POST,
- _SERVICE_EXEC_COMMAND_MAX,
- _SERVICE_EXEC_COMMAND_INVALID = -1
-} ServiceExecCommand;
-
-typedef enum NotifyAccess {
- NOTIFY_NONE,
- NOTIFY_ALL,
- NOTIFY_MAIN,
- _NOTIFY_ACCESS_MAX,
- _NOTIFY_ACCESS_INVALID = -1
-} NotifyAccess;
-
-typedef enum NotifyState {
- NOTIFY_UNKNOWN,
- NOTIFY_READY,
- NOTIFY_RELOADING,
- NOTIFY_STOPPING,
- _NOTIFY_STATE_MAX,
- _NOTIFY_STATE_INVALID = -1
-} NotifyState;
-
-typedef enum ServiceResult {
- SERVICE_SUCCESS,
- SERVICE_FAILURE_RESOURCES, /* a bit of a misnomer, just our catch-all error for errnos we didn't expect */
- SERVICE_FAILURE_TIMEOUT,
- SERVICE_FAILURE_EXIT_CODE,
- SERVICE_FAILURE_SIGNAL,
- SERVICE_FAILURE_CORE_DUMP,
- SERVICE_FAILURE_WATCHDOG,
- SERVICE_FAILURE_START_LIMIT_HIT,
- _SERVICE_RESULT_MAX,
- _SERVICE_RESULT_INVALID = -1
-} ServiceResult;
-
-struct ServiceFDStore {
- Service *service;
-
- int fd;
- char *fdname;
- sd_event_source *event_source;
-
- LIST_FIELDS(ServiceFDStore, fd_store);
-};
-
-struct Service {
- Unit meta;
-
- ServiceType type;
- ServiceRestart restart;
- ExitStatusSet restart_prevent_status;
- ExitStatusSet restart_force_status;
- ExitStatusSet success_status;
-
- /* If set we'll read the main daemon PID from this file */
- char *pid_file;
-
- usec_t restart_usec;
- usec_t timeout_start_usec;
- usec_t timeout_stop_usec;
- usec_t runtime_max_usec;
-
- dual_timestamp watchdog_timestamp;
- usec_t watchdog_usec;
- usec_t watchdog_override_usec;
- bool watchdog_override_enable;
- sd_event_source *watchdog_event_source;
-
- ExecCommand* exec_command[_SERVICE_EXEC_COMMAND_MAX];
-
- ExecContext exec_context;
- KillContext kill_context;
- CGroupContext cgroup_context;
-
- ServiceState state, deserialized_state;
-
- /* The exit status of the real main process */
- ExecStatus main_exec_status;
-
- /* The currently executed control process */
- ExecCommand *control_command;
-
- /* The currently executed main process, which may be NULL if
- * the main process got started via forking mode and not by
- * us */
- ExecCommand *main_command;
-
- /* The ID of the control command currently being executed */
- ServiceExecCommand control_command_id;
-
- /* Runtime data of the execution context */
- ExecRuntime *exec_runtime;
- DynamicCreds dynamic_creds;
-
- pid_t main_pid, control_pid;
- int socket_fd;
- SocketPeer *peer;
- bool socket_fd_selinux_context_net;
-
- bool permissions_start_only;
- bool root_directory_start_only;
- bool remain_after_exit;
- bool guess_main_pid;
-
- /* If we shut down, remember why */
- ServiceResult result;
- ServiceResult reload_result;
-
- bool main_pid_known:1;
- bool main_pid_alien:1;
- bool bus_name_good:1;
- bool forbid_restart:1;
- bool start_timeout_defined:1;
-
- bool reset_cpu_usage:1;
-
- char *bus_name;
- char *bus_name_owner; /* unique name of the current owner */
-
- char *status_text;
- int status_errno;
-
- EmergencyAction emergency_action;
-
- UnitRef accept_socket;
-
- sd_event_source *timer_event_source;
- PathSpec *pid_file_pathspec;
-
- NotifyAccess notify_access;
- NotifyState notify_state;
-
- ServiceFDStore *fd_store;
- unsigned n_fd_store;
- unsigned n_fd_store_max;
-
- char *usb_function_descriptors;
- char *usb_function_strings;
-
- int stdin_fd;
- int stdout_fd;
- int stderr_fd;
-};
-
-extern const UnitVTable service_vtable;
-
-int service_set_socket_fd(Service *s, int fd, struct Socket *socket, bool selinux_context_net);
-void service_close_socket_fd(Service *s);
-
-const char* service_restart_to_string(ServiceRestart i) _const_;
-ServiceRestart service_restart_from_string(const char *s) _pure_;
-
-const char* service_type_to_string(ServiceType i) _const_;
-ServiceType service_type_from_string(const char *s) _pure_;
-
-const char* service_exec_command_to_string(ServiceExecCommand i) _const_;
-ServiceExecCommand service_exec_command_from_string(const char *s) _pure_;
-
-const char* notify_access_to_string(NotifyAccess i) _const_;
-NotifyAccess notify_access_from_string(const char *s) _pure_;
-
-const char* notify_state_to_string(NotifyState i) _const_;
-NotifyState notify_state_from_string(const char *s) _pure_;
-
-const char* service_result_to_string(ServiceResult i) _const_;
-ServiceResult service_result_from_string(const char *s) _pure_;
diff --git a/src/core/show-status.c b/src/core/show-status.c
deleted file mode 100644
index 65f9cb888a..0000000000
--- a/src/core/show-status.c
+++ /dev/null
@@ -1,129 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2014 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "fd-util.h"
-#include "io-util.h"
-#include "parse-util.h"
-#include "show-status.h"
-#include "string-util.h"
-#include "terminal-util.h"
-#include "util.h"
-
-int parse_show_status(const char *v, ShowStatus *ret) {
- int r;
-
- assert(v);
- assert(ret);
-
- if (streq(v, "auto")) {
- *ret = SHOW_STATUS_AUTO;
- return 0;
- }
-
- r = parse_boolean(v);
- if (r < 0)
- return r;
-
- *ret = r ? SHOW_STATUS_YES : SHOW_STATUS_NO;
- return 0;
-}
-
-int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) {
- static const char status_indent[] = " "; /* "[" STATUS "] " */
- _cleanup_free_ char *s = NULL;
- _cleanup_close_ int fd = -1;
- struct iovec iovec[6] = {};
- int n = 0;
- static bool prev_ephemeral;
-
- assert(format);
-
- /* This is independent of logging, as status messages are
- * optional and go exclusively to the console. */
-
- if (vasprintf(&s, format, ap) < 0)
- return log_oom();
-
- /* Before you ask: yes, on purpose we open/close the console for each status line we write individually. This
- * is a good strategy to avoid PID 1 getting killed by the kernel's SAK concept (it doesn't fix this entirely,
- * but minimizes the time window the kernel might end up killing PID 1 due to SAK). It also makes things easier
- * for us so that we don't have to recover from hangups and suchlike triggered on the console. */
-
- fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
- if (fd < 0)
- return fd;
-
- if (ellipse) {
- char *e;
- size_t emax, sl;
- int c;
-
- c = fd_columns(fd);
- if (c <= 0)
- c = 80;
-
- sl = status ? sizeof(status_indent)-1 : 0;
-
- emax = c - sl - 1;
- if (emax < 3)
- emax = 3;
-
- e = ellipsize(s, emax, 50);
- if (e) {
- free(s);
- s = e;
- }
- }
-
- if (prev_ephemeral)
- IOVEC_SET_STRING(iovec[n++], "\r" ANSI_ERASE_TO_END_OF_LINE);
- prev_ephemeral = ephemeral;
-
- if (status) {
- if (!isempty(status)) {
- IOVEC_SET_STRING(iovec[n++], "[");
- IOVEC_SET_STRING(iovec[n++], status);
- IOVEC_SET_STRING(iovec[n++], "] ");
- } else
- IOVEC_SET_STRING(iovec[n++], status_indent);
- }
-
- IOVEC_SET_STRING(iovec[n++], s);
- if (!ephemeral)
- IOVEC_SET_STRING(iovec[n++], "\n");
-
- if (writev(fd, iovec, n) < 0)
- return -errno;
-
- return 0;
-}
-
-int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) {
- va_list ap;
- int r;
-
- assert(format);
-
- va_start(ap, format);
- r = status_vprintf(status, ellipse, ephemeral, format, ap);
- va_end(ap);
-
- return r;
-}
diff --git a/src/core/show-status.h b/src/core/show-status.h
deleted file mode 100644
index 9a29e72645..0000000000
--- a/src/core/show-status.h
+++ /dev/null
@@ -1,39 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2014 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-
-#include "macro.h"
-
-/* Manager status */
-
-typedef enum ShowStatus {
- _SHOW_STATUS_UNSET = -2,
- SHOW_STATUS_AUTO = -1,
- SHOW_STATUS_NO = 0,
- SHOW_STATUS_YES = 1,
- SHOW_STATUS_TEMPORARY = 2,
-} ShowStatus;
-
-int parse_show_status(const char *v, ShowStatus *ret);
-
-int status_vprintf(const char *status, bool ellipse, bool ephemeral, const char *format, va_list ap) _printf_(4,0);
-int status_printf(const char *status, bool ellipse, bool ephemeral, const char *format, ...) _printf_(4,5);
diff --git a/src/core/shutdown.c b/src/core/shutdown.c
deleted file mode 100644
index a795d875bb..0000000000
--- a/src/core/shutdown.c
+++ /dev/null
@@ -1,444 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 ProFUSION embedded systems
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <getopt.h>
-#include <linux/reboot.h>
-#include <signal.h>
-#include <stdbool.h>
-#include <stdlib.h>
-#include <sys/mman.h>
-#include <sys/mount.h>
-#include <sys/reboot.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "cgroup-util.h"
-#include "def.h"
-#include "fileio.h"
-#include "killall.h"
-#include "log.h"
-#include "missing.h"
-#include "parse-util.h"
-#include "process-util.h"
-#include "string-util.h"
-#include "switch-root.h"
-#include "terminal-util.h"
-#include "umount.h"
-#include "util.h"
-#include "virt.h"
-#include "watchdog.h"
-
-#define FINALIZE_ATTEMPTS 50
-
-static char* arg_verb;
-static uint8_t arg_exit_code;
-
-static int parse_argv(int argc, char *argv[]) {
- enum {
- ARG_LOG_LEVEL = 0x100,
- ARG_LOG_TARGET,
- ARG_LOG_COLOR,
- ARG_LOG_LOCATION,
- ARG_EXIT_CODE,
- };
-
- static const struct option options[] = {
- { "log-level", required_argument, NULL, ARG_LOG_LEVEL },
- { "log-target", required_argument, NULL, ARG_LOG_TARGET },
- { "log-color", optional_argument, NULL, ARG_LOG_COLOR },
- { "log-location", optional_argument, NULL, ARG_LOG_LOCATION },
- { "exit-code", required_argument, NULL, ARG_EXIT_CODE },
- {}
- };
-
- int c, r;
-
- assert(argc >= 1);
- assert(argv);
-
- /* "-" prevents getopt from permuting argv[] and moving the verb away
- * from argv[1]. Our interface to initrd promises it'll be there. */
- while ((c = getopt_long(argc, argv, "-", options, NULL)) >= 0)
- switch (c) {
-
- case ARG_LOG_LEVEL:
- r = log_set_max_level_from_string(optarg);
- if (r < 0)
- log_error("Failed to parse log level %s, ignoring.", optarg);
-
- break;
-
- case ARG_LOG_TARGET:
- r = log_set_target_from_string(optarg);
- if (r < 0)
- log_error("Failed to parse log target %s, ignoring", optarg);
-
- break;
-
- case ARG_LOG_COLOR:
-
- if (optarg) {
- r = log_show_color_from_string(optarg);
- if (r < 0)
- log_error("Failed to parse log color setting %s, ignoring", optarg);
- } else
- log_show_color(true);
-
- break;
-
- case ARG_LOG_LOCATION:
- if (optarg) {
- r = log_show_location_from_string(optarg);
- if (r < 0)
- log_error("Failed to parse log location setting %s, ignoring", optarg);
- } else
- log_show_location(true);
-
- break;
-
- case ARG_EXIT_CODE:
- r = safe_atou8(optarg, &arg_exit_code);
- if (r < 0)
- log_error("Failed to parse exit code %s, ignoring", optarg);
-
- break;
-
- case '\001':
- if (!arg_verb)
- arg_verb = optarg;
- else
- log_error("Excess arguments, ignoring");
- break;
-
- case '?':
- return -EINVAL;
-
- default:
- assert_not_reached("Unhandled option code.");
- }
-
- if (!arg_verb) {
- log_error("Verb argument missing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int switch_root_initramfs(void) {
- if (mount("/run/initramfs", "/run/initramfs", NULL, MS_BIND, NULL) < 0)
- return log_error_errno(errno, "Failed to mount bind /run/initramfs on /run/initramfs: %m");
-
- if (mount(NULL, "/run/initramfs", NULL, MS_PRIVATE, NULL) < 0)
- return log_error_errno(errno, "Failed to make /run/initramfs private mount: %m");
-
- /* switch_root with MS_BIND, because there might still be processes lurking around, which have open file descriptors.
- * /run/initramfs/shutdown will take care of these.
- * Also do not detach the old root, because /run/initramfs/shutdown needs to access it.
- */
- return switch_root("/run/initramfs", "/oldroot", false, MS_BIND);
-}
-
-int main(int argc, char *argv[]) {
- bool need_umount, need_swapoff, need_loop_detach, need_dm_detach;
- bool in_container, use_watchdog = false;
- _cleanup_free_ char *cgroup = NULL;
- char *arguments[3];
- unsigned retries;
- int cmd, r;
- static const char* const dirs[] = {SYSTEM_SHUTDOWN_PATH, NULL};
-
- log_parse_environment();
- r = parse_argv(argc, argv);
- if (r < 0)
- goto error;
-
- /* journald will die if not gone yet. The log target defaults
- * to console, but may have been changed by command line options. */
-
- log_close_console(); /* force reopen of /dev/console */
- log_open();
-
- umask(0022);
-
- if (getpid() != 1) {
- log_error("Not executed by init (PID 1).");
- r = -EPERM;
- goto error;
- }
-
- if (streq(arg_verb, "reboot"))
- cmd = RB_AUTOBOOT;
- else if (streq(arg_verb, "poweroff"))
- cmd = RB_POWER_OFF;
- else if (streq(arg_verb, "halt"))
- cmd = RB_HALT_SYSTEM;
- else if (streq(arg_verb, "kexec"))
- cmd = LINUX_REBOOT_CMD_KEXEC;
- else if (streq(arg_verb, "exit"))
- cmd = 0; /* ignored, just checking that arg_verb is valid */
- else {
- r = -EINVAL;
- log_error("Unknown action '%s'.", arg_verb);
- goto error;
- }
-
- (void) cg_get_root_path(&cgroup);
- in_container = detect_container() > 0;
-
- use_watchdog = !!getenv("WATCHDOG_USEC");
-
- /* Lock us into memory */
- mlockall(MCL_CURRENT|MCL_FUTURE);
-
- /* Synchronize everything that is not written to disk yet at this point already. This is a good idea so that
- * slow IO is processed here already and the final process killing spree is not impacted by processes
- * desperately trying to sync IO to disk within their timeout. */
- if (!in_container)
- sync();
-
- log_info("Sending SIGTERM to remaining processes...");
- broadcast_signal(SIGTERM, true, true);
-
- log_info("Sending SIGKILL to remaining processes...");
- broadcast_signal(SIGKILL, true, false);
-
- need_umount = !in_container;
- need_swapoff = !in_container;
- need_loop_detach = !in_container;
- need_dm_detach = !in_container;
-
- /* Unmount all mountpoints, swaps, and loopback devices */
- for (retries = 0; retries < FINALIZE_ATTEMPTS; retries++) {
- bool changed = false;
-
- if (use_watchdog)
- watchdog_ping();
-
- /* Let's trim the cgroup tree on each iteration so
- that we leave an empty cgroup tree around, so that
- container managers get a nice notify event when we
- are down */
- if (cgroup)
- cg_trim(SYSTEMD_CGROUP_CONTROLLER, cgroup, false);
-
- if (need_umount) {
- log_info("Unmounting file systems.");
- r = umount_all(&changed);
- if (r == 0) {
- need_umount = false;
- log_info("All filesystems unmounted.");
- } else if (r > 0)
- log_info("Not all file systems unmounted, %d left.", r);
- else
- log_error_errno(r, "Failed to unmount file systems: %m");
- }
-
- if (need_swapoff) {
- log_info("Deactivating swaps.");
- r = swapoff_all(&changed);
- if (r == 0) {
- need_swapoff = false;
- log_info("All swaps deactivated.");
- } else if (r > 0)
- log_info("Not all swaps deactivated, %d left.", r);
- else
- log_error_errno(r, "Failed to deactivate swaps: %m");
- }
-
- if (need_loop_detach) {
- log_info("Detaching loop devices.");
- r = loopback_detach_all(&changed);
- if (r == 0) {
- need_loop_detach = false;
- log_info("All loop devices detached.");
- } else if (r > 0)
- log_info("Not all loop devices detached, %d left.", r);
- else
- log_error_errno(r, "Failed to detach loop devices: %m");
- }
-
- if (need_dm_detach) {
- log_info("Detaching DM devices.");
- r = dm_detach_all(&changed);
- if (r == 0) {
- need_dm_detach = false;
- log_info("All DM devices detached.");
- } else if (r > 0)
- log_info("Not all DM devices detached, %d left.", r);
- else
- log_error_errno(r, "Failed to detach DM devices: %m");
- }
-
- if (!need_umount && !need_swapoff && !need_loop_detach && !need_dm_detach) {
- if (retries > 0)
- log_info("All filesystems, swaps, loop devices, DM devices detached.");
- /* Yay, done */
- goto initrd_jump;
- }
-
- /* If in this iteration we didn't manage to
- * unmount/deactivate anything, we simply give up */
- if (!changed) {
- log_info("Cannot finalize remaining%s%s%s%s continuing.",
- need_umount ? " file systems," : "",
- need_swapoff ? " swap devices," : "",
- need_loop_detach ? " loop devices," : "",
- need_dm_detach ? " DM devices," : "");
- goto initrd_jump;
- }
-
- log_debug("After %u retries, couldn't finalize remaining %s%s%s%s trying again.",
- retries + 1,
- need_umount ? " file systems," : "",
- need_swapoff ? " swap devices," : "",
- need_loop_detach ? " loop devices," : "",
- need_dm_detach ? " DM devices," : "");
- }
-
- log_error("Too many iterations, giving up.");
-
- initrd_jump:
-
- arguments[0] = NULL;
- arguments[1] = arg_verb;
- arguments[2] = NULL;
- execute_directories(dirs, DEFAULT_TIMEOUT_USEC, arguments);
-
- if (!in_container && !in_initrd() &&
- access("/run/initramfs/shutdown", X_OK) == 0) {
- r = switch_root_initramfs();
- if (r >= 0) {
- argv[0] = (char*) "/shutdown";
-
- setsid();
- make_console_stdio();
-
- log_info("Successfully changed into root pivot.\n"
- "Returning to initrd...");
-
- execv("/shutdown", argv);
- log_error_errno(errno, "Failed to execute shutdown binary: %m");
- } else
- log_error_errno(r, "Failed to switch root to \"/run/initramfs\": %m");
-
- }
-
- if (need_umount || need_swapoff || need_loop_detach || need_dm_detach)
- log_error("Failed to finalize %s%s%s%s ignoring",
- need_umount ? " file systems," : "",
- need_swapoff ? " swap devices," : "",
- need_loop_detach ? " loop devices," : "",
- need_dm_detach ? " DM devices," : "");
-
- /* The kernel will automatically flush ATA disks and suchlike on reboot(), but the file systems need to be
- * sync'ed explicitly in advance. So let's do this here, but not needlessly slow down containers. Note that we
- * sync'ed things already once above, but we did some more work since then which might have caused IO, hence
- * let's doit once more. */
- if (!in_container)
- sync();
-
- if (streq(arg_verb, "exit")) {
- if (in_container)
- exit(arg_exit_code);
- else {
- /* We cannot exit() on the host, fallback on another
- * method. */
- cmd = RB_POWER_OFF;
- }
- }
-
- switch (cmd) {
-
- case LINUX_REBOOT_CMD_KEXEC:
-
- if (!in_container) {
- /* We cheat and exec kexec to avoid doing all its work */
- pid_t pid;
-
- log_info("Rebooting with kexec.");
-
- pid = fork();
- if (pid < 0)
- log_error_errno(errno, "Failed to fork: %m");
- else if (pid == 0) {
-
- const char * const args[] = {
- KEXEC, "-e", NULL
- };
-
- /* Child */
-
- execv(args[0], (char * const *) args);
- _exit(EXIT_FAILURE);
- } else
- wait_for_terminate_and_warn("kexec", pid, true);
- }
-
- cmd = RB_AUTOBOOT;
- /* Fall through */
-
- case RB_AUTOBOOT:
-
- if (!in_container) {
- _cleanup_free_ char *param = NULL;
-
- r = read_one_line_file("/run/systemd/reboot-param", &param);
- if (r < 0)
- log_warning_errno(r, "Failed to read reboot parameter file: %m");
-
- if (!isempty(param)) {
- log_info("Rebooting with argument '%s'.", param);
- syscall(SYS_reboot, LINUX_REBOOT_MAGIC1, LINUX_REBOOT_MAGIC2, LINUX_REBOOT_CMD_RESTART2, param);
- log_warning_errno(errno, "Failed to reboot with parameter, retrying without: %m");
- }
- }
-
- log_info("Rebooting.");
- break;
-
- case RB_POWER_OFF:
- log_info("Powering off.");
- break;
-
- case RB_HALT_SYSTEM:
- log_info("Halting system.");
- break;
-
- default:
- assert_not_reached("Unknown magic");
- }
-
- reboot(cmd);
- if (errno == EPERM && in_container) {
- /* If we are in a container, and we lacked
- * CAP_SYS_BOOT just exit, this will kill our
- * container for good. */
- log_info("Exiting container.");
- exit(0);
- }
-
- r = log_error_errno(errno, "Failed to invoke reboot(): %m");
-
- error:
- log_emergency_errno(r, "Critical error while doing system shutdown: %m");
- freeze();
-}
diff --git a/src/core/slice.c b/src/core/slice.c
deleted file mode 100644
index ed5d3fd701..0000000000
--- a/src/core/slice.c
+++ /dev/null
@@ -1,360 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-
-#include "alloc-util.h"
-#include "dbus-slice.h"
-#include "log.h"
-#include "slice.h"
-#include "special.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit.h"
-
-static const UnitActiveState state_translation_table[_SLICE_STATE_MAX] = {
- [SLICE_DEAD] = UNIT_INACTIVE,
- [SLICE_ACTIVE] = UNIT_ACTIVE
-};
-
-static void slice_init(Unit *u) {
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- u->ignore_on_isolate = true;
-}
-
-static void slice_set_state(Slice *t, SliceState state) {
- SliceState old_state;
- assert(t);
-
- old_state = t->state;
- t->state = state;
-
- if (state != old_state)
- log_debug("%s changed %s -> %s",
- UNIT(t)->id,
- slice_state_to_string(old_state),
- slice_state_to_string(state));
-
- unit_notify(UNIT(t), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int slice_add_parent_slice(Slice *s) {
- char *a, *dash;
- Unit *parent;
- int r;
-
- assert(s);
-
- if (UNIT_ISSET(UNIT(s)->slice))
- return 0;
-
- if (unit_has_name(UNIT(s), SPECIAL_ROOT_SLICE))
- return 0;
-
- a = strdupa(UNIT(s)->id);
- dash = strrchr(a, '-');
- if (dash)
- strcpy(dash, ".slice");
- else
- a = (char*) SPECIAL_ROOT_SLICE;
-
- r = manager_load_unit(UNIT(s)->manager, a, NULL, NULL, &parent);
- if (r < 0)
- return r;
-
- unit_ref_set(&UNIT(s)->slice, parent);
- return 0;
-}
-
-static int slice_add_default_dependencies(Slice *s) {
- int r;
-
- assert(s);
-
- if (!UNIT(s)->default_dependencies)
- return 0;
-
- /* Make sure slices are unloaded on shutdown */
- r = unit_add_two_dependencies_by_name(
- UNIT(s),
- UNIT_BEFORE, UNIT_CONFLICTS,
- SPECIAL_SHUTDOWN_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int slice_verify(Slice *s) {
- _cleanup_free_ char *parent = NULL;
- int r;
-
- assert(s);
-
- if (UNIT(s)->load_state != UNIT_LOADED)
- return 0;
-
- if (!slice_name_is_valid(UNIT(s)->id)) {
- log_unit_error(UNIT(s), "Slice name %s is not valid. Refusing.", UNIT(s)->id);
- return -EINVAL;
- }
-
- r = slice_build_parent_slice(UNIT(s)->id, &parent);
- if (r < 0)
- return log_unit_error_errno(UNIT(s), r, "Failed to determine parent slice: %m");
-
- if (parent ? !unit_has_name(UNIT_DEREF(UNIT(s)->slice), parent) : UNIT_ISSET(UNIT(s)->slice)) {
- log_unit_error(UNIT(s), "Located outside of parent slice. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int slice_load_root_slice(Unit *u) {
- assert(u);
-
- if (!unit_has_name(u, SPECIAL_ROOT_SLICE))
- return 0;
-
- u->perpetual = true;
-
- /* The root slice is a bit special. For example it is always running and cannot be terminated. Because of its
- * special semantics we synthesize it here, instead of relying on the unit file on disk. */
-
- u->default_dependencies = false;
- u->ignore_on_isolate = true;
-
- if (!u->description)
- u->description = strdup("Root Slice");
- if (!u->documentation)
- u->documentation = strv_new("man:systemd.special(7)", NULL);
-
- return 1;
-}
-
-static int slice_load(Unit *u) {
- Slice *s = SLICE(u);
- int r;
-
- assert(s);
- assert(u->load_state == UNIT_STUB);
-
- r = slice_load_root_slice(u);
- if (r < 0)
- return r;
- r = unit_load_fragment_and_dropin_optional(u);
- if (r < 0)
- return r;
-
- /* This is a new unit? Then let's add in some extras */
- if (u->load_state == UNIT_LOADED) {
-
- r = unit_patch_contexts(u);
- if (r < 0)
- return r;
-
- r = slice_add_parent_slice(s);
- if (r < 0)
- return r;
-
- r = slice_add_default_dependencies(s);
- if (r < 0)
- return r;
- }
-
- return slice_verify(s);
-}
-
-static int slice_coldplug(Unit *u) {
- Slice *t = SLICE(u);
-
- assert(t);
- assert(t->state == SLICE_DEAD);
-
- if (t->deserialized_state != t->state)
- slice_set_state(t, t->deserialized_state);
-
- return 0;
-}
-
-static void slice_dump(Unit *u, FILE *f, const char *prefix) {
- Slice *t = SLICE(u);
-
- assert(t);
- assert(f);
-
- fprintf(f,
- "%sSlice State: %s\n",
- prefix, slice_state_to_string(t->state));
-
- cgroup_context_dump(&t->cgroup_context, f, prefix);
-}
-
-static int slice_start(Unit *u) {
- Slice *t = SLICE(u);
- int r;
-
- assert(t);
- assert(t->state == SLICE_DEAD);
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- (void) unit_realize_cgroup(u);
- (void) unit_reset_cpu_usage(u);
-
- slice_set_state(t, SLICE_ACTIVE);
- return 1;
-}
-
-static int slice_stop(Unit *u) {
- Slice *t = SLICE(u);
-
- assert(t);
- assert(t->state == SLICE_ACTIVE);
-
- /* We do not need to destroy the cgroup explicitly,
- * unit_notify() will do that for us anyway. */
-
- slice_set_state(t, SLICE_DEAD);
- return 1;
-}
-
-static int slice_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- return unit_kill_common(u, who, signo, -1, -1, error);
-}
-
-static int slice_serialize(Unit *u, FILE *f, FDSet *fds) {
- Slice *s = SLICE(u);
-
- assert(s);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", slice_state_to_string(s->state));
- return 0;
-}
-
-static int slice_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Slice *s = SLICE(u);
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- SliceState state;
-
- state = slice_state_from_string(value);
- if (state < 0)
- log_debug("Failed to parse state value %s", value);
- else
- s->deserialized_state = state;
-
- } else
- log_debug("Unknown serialization key '%s'", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState slice_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[SLICE(u)->state];
-}
-
-_pure_ static const char *slice_sub_state_to_string(Unit *u) {
- assert(u);
-
- return slice_state_to_string(SLICE(u)->state);
-}
-
-static void slice_enumerate(Manager *m) {
- Unit *u;
- int r;
-
- assert(m);
-
- u = manager_get_unit(m, SPECIAL_ROOT_SLICE);
- if (!u) {
- r = unit_new_for_name(m, sizeof(Slice), SPECIAL_ROOT_SLICE, &u);
- if (r < 0) {
- log_error_errno(r, "Failed to allocate the special " SPECIAL_ROOT_SLICE " unit: %m");
- return;
- }
- }
-
- u->perpetual = true;
- SLICE(u)->deserialized_state = SLICE_ACTIVE;
-
- unit_add_to_load_queue(u);
- unit_add_to_dbus_queue(u);
-}
-
-const UnitVTable slice_vtable = {
- .object_size = sizeof(Slice),
- .cgroup_context_offset = offsetof(Slice, cgroup_context),
-
- .sections =
- "Unit\0"
- "Slice\0"
- "Install\0",
- .private_section = "Slice",
-
- .can_transient = true,
-
- .init = slice_init,
- .load = slice_load,
-
- .coldplug = slice_coldplug,
-
- .dump = slice_dump,
-
- .start = slice_start,
- .stop = slice_stop,
-
- .kill = slice_kill,
-
- .serialize = slice_serialize,
- .deserialize_item = slice_deserialize_item,
-
- .active_state = slice_active_state,
- .sub_state_to_string = slice_sub_state_to_string,
-
- .bus_vtable = bus_slice_vtable,
- .bus_set_property = bus_slice_set_property,
- .bus_commit_properties = bus_slice_commit_properties,
-
- .enumerate = slice_enumerate,
-
- .status_message_formats = {
- .finished_start_job = {
- [JOB_DONE] = "Created slice %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Removed slice %s.",
- },
- },
-};
diff --git a/src/core/slice.h b/src/core/slice.h
deleted file mode 100644
index c9f3f61067..0000000000
--- a/src/core/slice.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Slice Slice;
-
-struct Slice {
- Unit meta;
-
- SliceState state, deserialized_state;
-
- CGroupContext cgroup_context;
-};
-
-extern const UnitVTable slice_vtable;
diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
deleted file mode 100644
index 5a6d11cfa1..0000000000
--- a/src/core/smack-setup.c
+++ /dev/null
@@ -1,346 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright (C) 2013 Intel Corporation
- Authors:
- Nathaniel Chen <nathaniel.chen@intel.com>
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published
- by the Free Software Foundation; either version 2.1 of the License,
- or (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <dirent.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include "alloc-util.h"
-#include "dirent-util.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "log.h"
-#include "macro.h"
-#include "smack-setup.h"
-#include "string-util.h"
-#include "util.h"
-
-#ifdef HAVE_SMACK
-
-static int write_access2_rules(const char* srcdir) {
- _cleanup_close_ int load2_fd = -1, change_fd = -1;
- _cleanup_closedir_ DIR *dir = NULL;
- struct dirent *entry;
- char buf[NAME_MAX];
- int dfd = -1;
- int r = 0;
-
- load2_fd = open("/sys/fs/smackfs/load2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (load2_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open '/sys/fs/smackfs/load2': %m");
- return -errno; /* negative error */
- }
-
- change_fd = open("/sys/fs/smackfs/change-rule", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (change_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open '/sys/fs/smackfs/change-rule': %m");
- return -errno; /* negative error */
- }
-
- /* write rules to load2 or change-rule from every file in the directory */
- dir = opendir(srcdir);
- if (!dir) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to opendir '%s': %m", srcdir);
- return errno; /* positive on purpose */
- }
-
- dfd = dirfd(dir);
- assert(dfd >= 0);
-
- FOREACH_DIRENT(entry, dir, return 0) {
- int fd;
- _cleanup_fclose_ FILE *policy = NULL;
-
- if (!dirent_is_file(entry))
- continue;
-
- fd = openat(dfd, entry->d_name, O_RDONLY|O_CLOEXEC);
- if (fd < 0) {
- if (r == 0)
- r = -errno;
- log_warning_errno(errno, "Failed to open '%s': %m", entry->d_name);
- continue;
- }
-
- policy = fdopen(fd, "re");
- if (!policy) {
- if (r == 0)
- r = -errno;
- safe_close(fd);
- log_error_errno(errno, "Failed to open '%s': %m", entry->d_name);
- continue;
- }
-
- /* load2 write rules in the kernel require a line buffered stream */
- FOREACH_LINE(buf, policy,
- log_error_errno(errno, "Failed to read line from '%s': %m",
- entry->d_name)) {
-
- _cleanup_free_ char *sbj = NULL, *obj = NULL, *acc1 = NULL, *acc2 = NULL;
-
- if (isempty(truncate_nl(buf)))
- continue;
-
- /* if 3 args -> load rule : subject object access1 */
- /* if 4 args -> change rule : subject object access1 access2 */
- if (sscanf(buf, "%ms %ms %ms %ms", &sbj, &obj, &acc1, &acc2) < 3) {
- log_error_errno(errno, "Failed to parse rule '%s' in '%s', ignoring.", buf, entry->d_name);
- continue;
- }
-
- if (write(isempty(acc2) ? load2_fd : change_fd, buf, strlen(buf)) < 0) {
- if (r == 0)
- r = -errno;
- log_error_errno(errno, "Failed to write '%s' to '%s' in '%s'",
- buf, isempty(acc2) ? "/sys/fs/smackfs/load2" : "/sys/fs/smackfs/change-rule", entry->d_name);
- }
- }
- }
-
- return r;
-}
-
-static int write_cipso2_rules(const char* srcdir) {
- _cleanup_close_ int cipso2_fd = -1;
- _cleanup_closedir_ DIR *dir = NULL;
- struct dirent *entry;
- char buf[NAME_MAX];
- int dfd = -1;
- int r = 0;
-
- cipso2_fd = open("/sys/fs/smackfs/cipso2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (cipso2_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open '/sys/fs/smackfs/cipso2': %m");
- return -errno; /* negative error */
- }
-
- /* write rules to cipso2 from every file in the directory */
- dir = opendir(srcdir);
- if (!dir) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to opendir '%s': %m", srcdir);
- return errno; /* positive on purpose */
- }
-
- dfd = dirfd(dir);
- assert(dfd >= 0);
-
- FOREACH_DIRENT(entry, dir, return 0) {
- int fd;
- _cleanup_fclose_ FILE *policy = NULL;
-
- if (!dirent_is_file(entry))
- continue;
-
- fd = openat(dfd, entry->d_name, O_RDONLY|O_CLOEXEC);
- if (fd < 0) {
- if (r == 0)
- r = -errno;
- log_error_errno(errno, "Failed to open '%s': %m", entry->d_name);
- continue;
- }
-
- policy = fdopen(fd, "re");
- if (!policy) {
- if (r == 0)
- r = -errno;
- safe_close(fd);
- log_error_errno(errno, "Failed to open '%s': %m", entry->d_name);
- continue;
- }
-
- /* cipso2 write rules in the kernel require a line buffered stream */
- FOREACH_LINE(buf, policy,
- log_error_errno(errno, "Failed to read line from '%s': %m",
- entry->d_name)) {
-
- if (isempty(truncate_nl(buf)))
- continue;
-
- if (write(cipso2_fd, buf, strlen(buf)) < 0) {
- if (r == 0)
- r = -errno;
- log_error_errno(errno, "Failed to write '%s' to '/sys/fs/smackfs/cipso2' in '%s'",
- buf, entry->d_name);
- break;
- }
- }
- }
-
- return r;
-}
-
-static int write_netlabel_rules(const char* srcdir) {
- _cleanup_fclose_ FILE *dst = NULL;
- _cleanup_closedir_ DIR *dir = NULL;
- struct dirent *entry;
- char buf[NAME_MAX];
- int dfd = -1;
- int r = 0;
-
- dst = fopen("/sys/fs/smackfs/netlabel", "we");
- if (!dst) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open /sys/fs/smackfs/netlabel: %m");
- return -errno; /* negative error */
- }
-
- /* write rules to dst from every file in the directory */
- dir = opendir(srcdir);
- if (!dir) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to opendir %s: %m", srcdir);
- return errno; /* positive on purpose */
- }
-
- dfd = dirfd(dir);
- assert(dfd >= 0);
-
- FOREACH_DIRENT(entry, dir, return 0) {
- int fd;
- _cleanup_fclose_ FILE *policy = NULL;
-
- fd = openat(dfd, entry->d_name, O_RDONLY|O_CLOEXEC);
- if (fd < 0) {
- if (r == 0)
- r = -errno;
- log_warning_errno(errno, "Failed to open %s: %m", entry->d_name);
- continue;
- }
-
- policy = fdopen(fd, "re");
- if (!policy) {
- if (r == 0)
- r = -errno;
- safe_close(fd);
- log_error_errno(errno, "Failed to open %s: %m", entry->d_name);
- continue;
- }
-
- /* load2 write rules in the kernel require a line buffered stream */
- FOREACH_LINE(buf, policy,
- log_error_errno(errno, "Failed to read line from %s: %m",
- entry->d_name)) {
- if (!fputs(buf, dst)) {
- if (r == 0)
- r = -EINVAL;
- log_error_errno(errno, "Failed to write line to /sys/fs/smackfs/netlabel");
- break;
- }
- if (fflush(dst)) {
- if (r == 0)
- r = -errno;
- log_error_errno(errno, "Failed to flush writes to /sys/fs/smackfs/netlabel: %m");
- break;
- }
- }
- }
-
- return r;
-}
-
-#endif
-
-int mac_smack_setup(bool *loaded_policy) {
-
-#ifdef HAVE_SMACK
-
- int r;
-
- assert(loaded_policy);
-
- r = write_access2_rules("/etc/smack/accesses.d/");
- switch(r) {
- case -ENOENT:
- log_debug("Smack is not enabled in the kernel.");
- return 0;
- case ENOENT:
- log_debug("Smack access rules directory '/etc/smack/accesses.d/' not found");
- return 0;
- case 0:
- log_info("Successfully loaded Smack policies.");
- break;
- default:
- log_warning_errno(r, "Failed to load Smack access rules, ignoring: %m");
- return 0;
- }
-
-#ifdef SMACK_RUN_LABEL
- r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK label \"" SMACK_RUN_LABEL "\" on self: %m");
- r = write_string_file("/sys/fs/smackfs/ambient", SMACK_RUN_LABEL, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK ambient label \"" SMACK_RUN_LABEL "\": %m");
- r = write_string_file("/sys/fs/smackfs/netlabel",
- "0.0.0.0/0 " SMACK_RUN_LABEL, 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK netlabel rule \"0.0.0.0/0 " SMACK_RUN_LABEL "\": %m");
- r = write_string_file("/sys/fs/smackfs/netlabel", "127.0.0.1 -CIPSO", 0);
- if (r < 0)
- log_warning_errno(r, "Failed to set SMACK netlabel rule \"127.0.0.1 -CIPSO\": %m");
-#endif
-
- r = write_cipso2_rules("/etc/smack/cipso.d/");
- switch(r) {
- case -ENOENT:
- log_debug("Smack/CIPSO is not enabled in the kernel.");
- return 0;
- case ENOENT:
- log_debug("Smack/CIPSO access rules directory '/etc/smack/cipso.d/' not found");
- break;
- case 0:
- log_info("Successfully loaded Smack/CIPSO policies.");
- break;
- default:
- log_warning_errno(r, "Failed to load Smack/CIPSO access rules, ignoring: %m");
- break;
- }
-
- r = write_netlabel_rules("/etc/smack/netlabel.d/");
- switch(r) {
- case -ENOENT:
- log_debug("Smack/CIPSO is not enabled in the kernel.");
- return 0;
- case ENOENT:
- log_debug("Smack network host rules directory '/etc/smack/netlabel.d/' not found");
- break;
- case 0:
- log_info("Successfully loaded Smack network host rules.");
- break;
- default:
- log_warning_errno(r, "Failed to load Smack network host rules: %m, ignoring.");
- break;
- }
-
- *loaded_policy = true;
-
-#endif
-
- return 0;
-}
diff --git a/src/core/smack-setup.h b/src/core/smack-setup.h
deleted file mode 100644
index 78164c85e6..0000000000
--- a/src/core/smack-setup.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright (C) 2013 Intel Corporation
- Authors:
- Nathaniel Chen <nathaniel.chen@intel.com>
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published
- by the Free Software Foundation; either version 2.1 of the License,
- or (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int mac_smack_setup(bool *loaded_policy);
diff --git a/src/core/socket.c b/src/core/socket.c
deleted file mode 100644
index 0b1c4acfec..0000000000
--- a/src/core/socket.c
+++ /dev/null
@@ -1,3134 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <arpa/inet.h>
-#include <errno.h>
-#include <fcntl.h>
-#include <mqueue.h>
-#include <netinet/tcp.h>
-#include <signal.h>
-#include <sys/epoll.h>
-#include <sys/stat.h>
-#include <unistd.h>
-#include <linux/sctp.h>
-
-#include "alloc-util.h"
-#include "bus-error.h"
-#include "bus-util.h"
-#include "copy.h"
-#include "dbus-socket.h"
-#include "def.h"
-#include "exit-status.h"
-#include "fd-util.h"
-#include "formats-util.h"
-#include "io-util.h"
-#include "label.h"
-#include "log.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "selinux-util.h"
-#include "signal-util.h"
-#include "smack-util.h"
-#include "socket.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit-printf.h"
-#include "unit.h"
-#include "user-util.h"
-#include "in-addr-util.h"
-
-struct SocketPeer {
- unsigned n_ref;
-
- Socket *socket;
- union sockaddr_union peer;
-};
-
-static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
- [SOCKET_DEAD] = UNIT_INACTIVE,
- [SOCKET_START_PRE] = UNIT_ACTIVATING,
- [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
- [SOCKET_START_POST] = UNIT_ACTIVATING,
- [SOCKET_LISTENING] = UNIT_ACTIVE,
- [SOCKET_RUNNING] = UNIT_ACTIVE,
- [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
- [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
- [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
- [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
- [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
- [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
- [SOCKET_FAILED] = UNIT_FAILED
-};
-
-static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
-
-static void socket_init(Unit *u) {
- Socket *s = SOCKET(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- s->backlog = SOMAXCONN;
- s->timeout_usec = u->manager->default_timeout_start_usec;
- s->directory_mode = 0755;
- s->socket_mode = 0666;
-
- s->max_connections = 64;
-
- s->priority = -1;
- s->ip_tos = -1;
- s->ip_ttl = -1;
- s->mark = -1;
-
- s->exec_context.std_output = u->manager->default_std_output;
- s->exec_context.std_error = u->manager->default_std_error;
-
- s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
-
- s->trigger_limit.interval = USEC_INFINITY;
- s->trigger_limit.burst = (unsigned) -1;
-}
-
-static void socket_unwatch_control_pid(Socket *s) {
- assert(s);
-
- if (s->control_pid <= 0)
- return;
-
- unit_unwatch_pid(UNIT(s), s->control_pid);
- s->control_pid = 0;
-}
-
-static void socket_cleanup_fd_list(SocketPort *p) {
- assert(p);
-
- close_many(p->auxiliary_fds, p->n_auxiliary_fds);
- p->auxiliary_fds = mfree(p->auxiliary_fds);
- p->n_auxiliary_fds = 0;
-}
-
-void socket_free_ports(Socket *s) {
- SocketPort *p;
-
- assert(s);
-
- while ((p = s->ports)) {
- LIST_REMOVE(port, s->ports, p);
-
- sd_event_source_unref(p->event_source);
-
- socket_cleanup_fd_list(p);
- safe_close(p->fd);
- free(p->path);
- free(p);
- }
-}
-
-static void socket_done(Unit *u) {
- Socket *s = SOCKET(u);
- SocketPeer *p;
-
- assert(s);
-
- socket_free_ports(s);
-
- while ((p = set_steal_first(s->peers_by_address)))
- p->socket = NULL;
-
- s->peers_by_address = set_free(s->peers_by_address);
-
- s->exec_runtime = exec_runtime_unref(s->exec_runtime);
- exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
- s->control_command = NULL;
-
- dynamic_creds_unref(&s->dynamic_creds);
-
- socket_unwatch_control_pid(s);
-
- unit_ref_unset(&s->service);
-
- s->tcp_congestion = mfree(s->tcp_congestion);
- s->bind_to_device = mfree(s->bind_to_device);
-
- s->smack = mfree(s->smack);
- s->smack_ip_in = mfree(s->smack_ip_in);
- s->smack_ip_out = mfree(s->smack_ip_out);
-
- strv_free(s->symlinks);
-
- s->user = mfree(s->user);
- s->group = mfree(s->group);
-
- s->fdname = mfree(s->fdname);
-
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
-}
-
-static int socket_arm_timer(Socket *s, usec_t usec) {
- int r;
-
- assert(s);
-
- if (s->timer_event_source) {
- r = sd_event_source_set_time(s->timer_event_source, usec);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
- }
-
- if (usec == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- UNIT(s)->manager->event,
- &s->timer_event_source,
- CLOCK_MONOTONIC,
- usec, 0,
- socket_dispatch_timer, s);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(s->timer_event_source, "socket-timer");
-
- return 0;
-}
-
-int socket_instantiate_service(Socket *s) {
- _cleanup_free_ char *prefix = NULL, *name = NULL;
- int r;
- Unit *u;
-
- assert(s);
-
- /* This fills in s->service if it isn't filled in yet. For
- * Accept=yes sockets we create the next connection service
- * here. For Accept=no this is mostly a NOP since the service
- * is figured out at load time anyway. */
-
- if (UNIT_DEREF(s->service))
- return 0;
-
- if (!s->accept)
- return 0;
-
- r = unit_name_to_prefix(UNIT(s)->id, &prefix);
- if (r < 0)
- return r;
-
- if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
- return -ENOMEM;
-
- r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
- if (r < 0)
- return r;
-
- unit_ref_set(&s->service, u);
-
- return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
-}
-
-static bool have_non_accept_socket(Socket *s) {
- SocketPort *p;
-
- assert(s);
-
- if (!s->accept)
- return true;
-
- LIST_FOREACH(port, p, s->ports) {
-
- if (p->type != SOCKET_SOCKET)
- return true;
-
- if (!socket_address_can_accept(&p->address))
- return true;
- }
-
- return false;
-}
-
-static int socket_add_mount_links(Socket *s) {
- SocketPort *p;
- int r;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
- const char *path = NULL;
-
- if (p->type == SOCKET_SOCKET)
- path = socket_address_get_path(&p->address);
- else if (IN_SET(p->type, SOCKET_FIFO, SOCKET_SPECIAL, SOCKET_USB_FUNCTION))
- path = p->path;
-
- if (!path)
- continue;
-
- r = unit_require_mounts_for(UNIT(s), path);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static int socket_add_device_link(Socket *s) {
- char *t;
-
- assert(s);
-
- if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
- return 0;
-
- t = strjoina("/sys/subsystem/net/devices/", s->bind_to_device);
- return unit_add_node_link(UNIT(s), t, false, UNIT_BINDS_TO);
-}
-
-static int socket_add_default_dependencies(Socket *s) {
- int r;
- assert(s);
-
- if (!UNIT(s)->default_dependencies)
- return 0;
-
- r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- if (MANAGER_IS_SYSTEM(UNIT(s)->manager)) {
- r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
- if (r < 0)
- return r;
- }
-
- return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
-}
-
-_pure_ static bool socket_has_exec(Socket *s) {
- unsigned i;
- assert(s);
-
- for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
- if (s->exec_command[i])
- return true;
-
- return false;
-}
-
-static int socket_add_extras(Socket *s) {
- Unit *u = UNIT(s);
- int r;
-
- assert(s);
-
- /* Pick defaults for the trigger limit, if nothing was explicitly configured. We pick a relatively high limit
- * in Accept=yes mode, and a lower limit for Accept=no. Reason: in Accept=yes mode we are invoking accept()
- * ourselves before the trigger limit can hit, thus incoming connections are taken off the socket queue quickly
- * and reliably. This is different for Accept=no, where the spawned service has to take the incoming traffic
- * off the queues, which it might not necessarily do. Moreover, while Accept=no services are supposed to
- * process whatever is queued in one go, and thus should normally never have to be started frequently. This is
- * different for Accept=yes where each connection is processed by a new service instance, and thus frequent
- * service starts are typical. */
-
- if (s->trigger_limit.interval == USEC_INFINITY)
- s->trigger_limit.interval = 2 * USEC_PER_SEC;
-
- if (s->trigger_limit.burst == (unsigned) -1) {
- if (s->accept)
- s->trigger_limit.burst = 200;
- else
- s->trigger_limit.burst = 20;
- }
-
- if (have_non_accept_socket(s)) {
-
- if (!UNIT_DEREF(s->service)) {
- Unit *x;
-
- r = unit_load_related_unit(u, ".service", &x);
- if (r < 0)
- return r;
-
- unit_ref_set(&s->service, x);
- }
-
- r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
- if (r < 0)
- return r;
- }
-
- r = socket_add_mount_links(s);
- if (r < 0)
- return r;
-
- r = socket_add_device_link(s);
- if (r < 0)
- return r;
-
- r = unit_patch_contexts(u);
- if (r < 0)
- return r;
-
- if (socket_has_exec(s)) {
- r = unit_add_exec_dependencies(u, &s->exec_context);
- if (r < 0)
- return r;
-
- r = unit_set_default_slice(u);
- if (r < 0)
- return r;
- }
-
- r = socket_add_default_dependencies(s);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static const char *socket_find_symlink_target(Socket *s) {
- const char *found = NULL;
- SocketPort *p;
-
- LIST_FOREACH(port, p, s->ports) {
- const char *f = NULL;
-
- switch (p->type) {
-
- case SOCKET_FIFO:
- f = p->path;
- break;
-
- case SOCKET_SOCKET:
- if (p->address.sockaddr.un.sun_path[0] != 0)
- f = p->address.sockaddr.un.sun_path;
- break;
-
- default:
- break;
- }
-
- if (f) {
- if (found)
- return NULL;
-
- found = f;
- }
- }
-
- return found;
-}
-
-static int socket_verify(Socket *s) {
- assert(s);
-
- if (UNIT(s)->load_state != UNIT_LOADED)
- return 0;
-
- if (!s->ports) {
- log_unit_error(UNIT(s), "Unit lacks Listen setting. Refusing.");
- return -EINVAL;
- }
-
- if (s->accept && have_non_accept_socket(s)) {
- log_unit_error(UNIT(s), "Unit configured for accepting sockets, but sockets are non-accepting. Refusing.");
- return -EINVAL;
- }
-
- if (s->accept && s->max_connections <= 0) {
- log_unit_error(UNIT(s), "MaxConnection= setting too small. Refusing.");
- return -EINVAL;
- }
-
- if (s->accept && UNIT_DEREF(s->service)) {
- log_unit_error(UNIT(s), "Explicit service configuration for accepting socket units not supported. Refusing.");
- return -EINVAL;
- }
-
- if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
- log_unit_error(UNIT(s), "Unit has PAM enabled. Kill mode must be set to 'control-group'. Refusing.");
- return -EINVAL;
- }
-
- if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
- log_unit_error(UNIT(s), "Unit has symlinks set but none or more than one node in the file system. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static void peer_address_hash_func(const void *p, struct siphash *state) {
- const SocketPeer *s = p;
-
- assert(s);
- assert(IN_SET(s->peer.sa.sa_family, AF_INET, AF_INET6));
-
- if (s->peer.sa.sa_family == AF_INET)
- siphash24_compress(&s->peer.in.sin_addr, sizeof(s->peer.in.sin_addr), state);
- else
- siphash24_compress(&s->peer.in6.sin6_addr, sizeof(s->peer.in6.sin6_addr), state);
-}
-
-static int peer_address_compare_func(const void *a, const void *b) {
- const SocketPeer *x = a, *y = b;
-
- if (x->peer.sa.sa_family < y->peer.sa.sa_family)
- return -1;
- if (x->peer.sa.sa_family > y->peer.sa.sa_family)
- return 1;
-
- switch(x->peer.sa.sa_family) {
- case AF_INET:
- return memcmp(&x->peer.in.sin_addr, &y->peer.in.sin_addr, sizeof(x->peer.in.sin_addr));
- case AF_INET6:
- return memcmp(&x->peer.in6.sin6_addr, &y->peer.in6.sin6_addr, sizeof(x->peer.in6.sin6_addr));
- }
- assert_not_reached("Black sheep in the family!");
-}
-
-const struct hash_ops peer_address_hash_ops = {
- .hash = peer_address_hash_func,
- .compare = peer_address_compare_func
-};
-
-static int socket_load(Unit *u) {
- Socket *s = SOCKET(u);
- int r;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- r = set_ensure_allocated(&s->peers_by_address, &peer_address_hash_ops);
- if (r < 0)
- return r;
-
- r = unit_load_fragment_and_dropin(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
- /* This is a new unit? Then let's add in some extras */
- r = socket_add_extras(s);
- if (r < 0)
- return r;
- }
-
- return socket_verify(s);
-}
-
-static SocketPeer *socket_peer_new(void) {
- SocketPeer *p;
-
- p = new0(SocketPeer, 1);
- if (!p)
- return NULL;
-
- p->n_ref = 1;
-
- return p;
-}
-
-SocketPeer *socket_peer_ref(SocketPeer *p) {
- if (!p)
- return NULL;
-
- assert(p->n_ref > 0);
- p->n_ref++;
-
- return p;
-}
-
-SocketPeer *socket_peer_unref(SocketPeer *p) {
- if (!p)
- return NULL;
-
- assert(p->n_ref > 0);
-
- p->n_ref--;
-
- if (p->n_ref > 0)
- return NULL;
-
- if (p->socket)
- set_remove(p->socket->peers_by_address, p);
-
- return mfree(p);
-}
-
-int socket_acquire_peer(Socket *s, int fd, SocketPeer **p) {
- _cleanup_(socket_peer_unrefp) SocketPeer *remote = NULL;
- SocketPeer sa = {}, *i;
- socklen_t salen = sizeof(sa.peer);
- int r;
-
- assert(fd >= 0);
- assert(s);
-
- r = getpeername(fd, &sa.peer.sa, &salen);
- if (r < 0)
- return log_error_errno(errno, "getpeername failed: %m");
-
- if (!IN_SET(sa.peer.sa.sa_family, AF_INET, AF_INET6)) {
- *p = NULL;
- return 0;
- }
-
- i = set_get(s->peers_by_address, &sa);
- if (i) {
- *p = socket_peer_ref(i);
- return 1;
- }
-
- remote = socket_peer_new();
- if (!remote)
- return log_oom();
-
- remote->peer = sa.peer;
-
- r = set_put(s->peers_by_address, remote);
- if (r < 0)
- return r;
-
- remote->socket = s;
-
- *p = remote;
- remote = NULL;
-
- return 1;
-}
-
-_const_ static const char* listen_lookup(int family, int type) {
-
- if (family == AF_NETLINK)
- return "ListenNetlink";
-
- if (type == SOCK_STREAM)
- return "ListenStream";
- else if (type == SOCK_DGRAM)
- return "ListenDatagram";
- else if (type == SOCK_SEQPACKET)
- return "ListenSequentialPacket";
-
- assert_not_reached("Unknown socket type");
- return NULL;
-}
-
-static void socket_dump(Unit *u, FILE *f, const char *prefix) {
- char time_string[FORMAT_TIMESPAN_MAX];
- SocketExecCommand c;
- Socket *s = SOCKET(u);
- SocketPort *p;
- const char *prefix2;
-
- assert(s);
- assert(f);
-
- prefix = strempty(prefix);
- prefix2 = strjoina(prefix, "\t");
-
- fprintf(f,
- "%sSocket State: %s\n"
- "%sResult: %s\n"
- "%sBindIPv6Only: %s\n"
- "%sBacklog: %u\n"
- "%sSocketMode: %04o\n"
- "%sDirectoryMode: %04o\n"
- "%sKeepAlive: %s\n"
- "%sNoDelay: %s\n"
- "%sFreeBind: %s\n"
- "%sTransparent: %s\n"
- "%sBroadcast: %s\n"
- "%sPassCredentials: %s\n"
- "%sPassSecurity: %s\n"
- "%sTCPCongestion: %s\n"
- "%sRemoveOnStop: %s\n"
- "%sWritable: %s\n"
- "%sFDName: %s\n"
- "%sSELinuxContextFromNet: %s\n",
- prefix, socket_state_to_string(s->state),
- prefix, socket_result_to_string(s->result),
- prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
- prefix, s->backlog,
- prefix, s->socket_mode,
- prefix, s->directory_mode,
- prefix, yes_no(s->keep_alive),
- prefix, yes_no(s->no_delay),
- prefix, yes_no(s->free_bind),
- prefix, yes_no(s->transparent),
- prefix, yes_no(s->broadcast),
- prefix, yes_no(s->pass_cred),
- prefix, yes_no(s->pass_sec),
- prefix, strna(s->tcp_congestion),
- prefix, yes_no(s->remove_on_stop),
- prefix, yes_no(s->writable),
- prefix, socket_fdname(s),
- prefix, yes_no(s->selinux_context_from_net));
-
- if (s->control_pid > 0)
- fprintf(f,
- "%sControl PID: "PID_FMT"\n",
- prefix, s->control_pid);
-
- if (s->bind_to_device)
- fprintf(f,
- "%sBindToDevice: %s\n",
- prefix, s->bind_to_device);
-
- if (s->accept)
- fprintf(f,
- "%sAccepted: %u\n"
- "%sNConnections: %u\n"
- "%sMaxConnections: %u\n",
- prefix, s->n_accepted,
- prefix, s->n_connections,
- prefix, s->max_connections);
-
- if (s->priority >= 0)
- fprintf(f,
- "%sPriority: %i\n",
- prefix, s->priority);
-
- if (s->receive_buffer > 0)
- fprintf(f,
- "%sReceiveBuffer: %zu\n",
- prefix, s->receive_buffer);
-
- if (s->send_buffer > 0)
- fprintf(f,
- "%sSendBuffer: %zu\n",
- prefix, s->send_buffer);
-
- if (s->ip_tos >= 0)
- fprintf(f,
- "%sIPTOS: %i\n",
- prefix, s->ip_tos);
-
- if (s->ip_ttl >= 0)
- fprintf(f,
- "%sIPTTL: %i\n",
- prefix, s->ip_ttl);
-
- if (s->pipe_size > 0)
- fprintf(f,
- "%sPipeSize: %zu\n",
- prefix, s->pipe_size);
-
- if (s->mark >= 0)
- fprintf(f,
- "%sMark: %i\n",
- prefix, s->mark);
-
- if (s->mq_maxmsg > 0)
- fprintf(f,
- "%sMessageQueueMaxMessages: %li\n",
- prefix, s->mq_maxmsg);
-
- if (s->mq_msgsize > 0)
- fprintf(f,
- "%sMessageQueueMessageSize: %li\n",
- prefix, s->mq_msgsize);
-
- if (s->reuse_port)
- fprintf(f,
- "%sReusePort: %s\n",
- prefix, yes_no(s->reuse_port));
-
- if (s->smack)
- fprintf(f,
- "%sSmackLabel: %s\n",
- prefix, s->smack);
-
- if (s->smack_ip_in)
- fprintf(f,
- "%sSmackLabelIPIn: %s\n",
- prefix, s->smack_ip_in);
-
- if (s->smack_ip_out)
- fprintf(f,
- "%sSmackLabelIPOut: %s\n",
- prefix, s->smack_ip_out);
-
- if (!isempty(s->user) || !isempty(s->group))
- fprintf(f,
- "%sSocketUser: %s\n"
- "%sSocketGroup: %s\n",
- prefix, strna(s->user),
- prefix, strna(s->group));
-
- if (s->keep_alive_time > 0)
- fprintf(f,
- "%sKeepAliveTimeSec: %s\n",
- prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->keep_alive_time, USEC_PER_SEC));
-
- if (s->keep_alive_interval)
- fprintf(f,
- "%sKeepAliveIntervalSec: %s\n",
- prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->keep_alive_interval, USEC_PER_SEC));
-
- if (s->keep_alive_cnt)
- fprintf(f,
- "%sKeepAliveProbes: %u\n",
- prefix, s->keep_alive_cnt);
-
- if (s->defer_accept)
- fprintf(f,
- "%sDeferAcceptSec: %s\n",
- prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->defer_accept, USEC_PER_SEC));
-
- LIST_FOREACH(port, p, s->ports) {
-
- if (p->type == SOCKET_SOCKET) {
- const char *t;
- int r;
- char *k = NULL;
-
- r = socket_address_print(&p->address, &k);
- if (r < 0)
- t = strerror(-r);
- else
- t = k;
-
- fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
- free(k);
- } else if (p->type == SOCKET_SPECIAL)
- fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
- else if (p->type == SOCKET_USB_FUNCTION)
- fprintf(f, "%sListenUSBFunction: %s\n", prefix, p->path);
- else if (p->type == SOCKET_MQUEUE)
- fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
- else
- fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
- }
-
- fprintf(f,
- "%sTriggerLimitIntervalSec: %s\n"
- "%sTriggerLimitBurst: %u\n",
- prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX, s->trigger_limit.interval, USEC_PER_SEC),
- prefix, s->trigger_limit.burst);
-
- exec_context_dump(&s->exec_context, f, prefix);
- kill_context_dump(&s->kill_context, f, prefix);
-
- for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
- if (!s->exec_command[c])
- continue;
-
- fprintf(f, "%s-> %s:\n",
- prefix, socket_exec_command_to_string(c));
-
- exec_command_dump_list(s->exec_command[c], f, prefix2);
- }
-}
-
-static int instance_from_socket(int fd, unsigned nr, char **instance) {
- socklen_t l;
- char *r;
- union sockaddr_union local, remote;
-
- assert(fd >= 0);
- assert(instance);
-
- l = sizeof(local);
- if (getsockname(fd, &local.sa, &l) < 0)
- return -errno;
-
- l = sizeof(remote);
- if (getpeername(fd, &remote.sa, &l) < 0)
- return -errno;
-
- switch (local.sa.sa_family) {
-
- case AF_INET: {
- uint32_t
- a = be32toh(local.in.sin_addr.s_addr),
- b = be32toh(remote.in.sin_addr.s_addr);
-
- if (asprintf(&r,
- "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
- nr,
- a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
- be16toh(local.in.sin_port),
- b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
- be16toh(remote.in.sin_port)) < 0)
- return -ENOMEM;
-
- break;
- }
-
- case AF_INET6: {
- static const unsigned char ipv4_prefix[] = {
- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
- };
-
- if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
- memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
- const uint8_t
- *a = local.in6.sin6_addr.s6_addr+12,
- *b = remote.in6.sin6_addr.s6_addr+12;
-
- if (asprintf(&r,
- "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
- nr,
- a[0], a[1], a[2], a[3],
- be16toh(local.in6.sin6_port),
- b[0], b[1], b[2], b[3],
- be16toh(remote.in6.sin6_port)) < 0)
- return -ENOMEM;
- } else {
- char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
-
- if (asprintf(&r,
- "%u-%s:%u-%s:%u",
- nr,
- inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
- be16toh(local.in6.sin6_port),
- inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
- be16toh(remote.in6.sin6_port)) < 0)
- return -ENOMEM;
- }
-
- break;
- }
-
- case AF_UNIX: {
- struct ucred ucred;
- int k;
-
- k = getpeercred(fd, &ucred);
- if (k >= 0) {
- if (asprintf(&r,
- "%u-"PID_FMT"-"UID_FMT,
- nr, ucred.pid, ucred.uid) < 0)
- return -ENOMEM;
- } else if (k == -ENODATA) {
- /* This handles the case where somebody is
- * connecting from another pid/uid namespace
- * (e.g. from outside of our container). */
- if (asprintf(&r,
- "%u-unknown",
- nr) < 0)
- return -ENOMEM;
- } else
- return k;
-
- break;
- }
-
- default:
- assert_not_reached("Unhandled socket type.");
- }
-
- *instance = r;
- return 0;
-}
-
-static void socket_close_fds(Socket *s) {
- SocketPort *p;
- char **i;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
- bool was_open;
-
- was_open = p->fd >= 0;
-
- p->event_source = sd_event_source_unref(p->event_source);
- p->fd = safe_close(p->fd);
- socket_cleanup_fd_list(p);
-
- /* One little note: we should normally not delete any sockets in the file system here! After all some
- * other process we spawned might still have a reference of this fd and wants to continue to use
- * it. Therefore we normally delete sockets in the file system before we create a new one, not after we
- * stopped using one! That all said, if the user explicitly requested this, we'll delete them here
- * anyway, but only then. */
-
- if (!was_open || !s->remove_on_stop)
- continue;
-
- switch (p->type) {
-
- case SOCKET_FIFO:
- (void) unlink(p->path);
- break;
-
- case SOCKET_MQUEUE:
- (void) mq_unlink(p->path);
- break;
-
- case SOCKET_SOCKET:
- (void) socket_address_unlink(&p->address);
- break;
-
- default:
- break;
- }
- }
-
- if (s->remove_on_stop)
- STRV_FOREACH(i, s->symlinks)
- (void) unlink(*i);
-}
-
-static void socket_apply_socket_options(Socket *s, int fd) {
- int r;
-
- assert(s);
- assert(fd >= 0);
-
- if (s->keep_alive) {
- int b = s->keep_alive;
- if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_KEEPALIVE failed: %m");
- }
-
- if (s->keep_alive_time) {
- int value = s->keep_alive_time / USEC_PER_SEC;
- if (setsockopt(fd, SOL_TCP, TCP_KEEPIDLE, &value, sizeof(value)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "TCP_KEEPIDLE failed: %m");
- }
-
- if (s->keep_alive_interval) {
- int value = s->keep_alive_interval / USEC_PER_SEC;
- if (setsockopt(fd, SOL_TCP, TCP_KEEPINTVL, &value, sizeof(value)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "TCP_KEEPINTVL failed: %m");
- }
-
- if (s->keep_alive_cnt) {
- int value = s->keep_alive_cnt;
- if (setsockopt(fd, SOL_TCP, TCP_KEEPCNT, &value, sizeof(value)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "TCP_KEEPCNT failed: %m");
- }
-
- if (s->defer_accept) {
- int value = s->defer_accept / USEC_PER_SEC;
- if (setsockopt(fd, SOL_TCP, TCP_DEFER_ACCEPT, &value, sizeof(value)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "TCP_DEFER_ACCEPT failed: %m");
- }
-
- if (s->no_delay) {
- int b = s->no_delay;
-
- if (s->socket_protocol == IPPROTO_SCTP) {
- if (setsockopt(fd, SOL_SCTP, SCTP_NODELAY, &b, sizeof(b)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SCTP_NODELAY failed: %m");
- } else {
- if (setsockopt(fd, SOL_TCP, TCP_NODELAY, &b, sizeof(b)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "TCP_NODELAY failed: %m");
- }
- }
-
- if (s->broadcast) {
- int one = 1;
- if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_BROADCAST failed: %m");
- }
-
- if (s->pass_cred) {
- int one = 1;
- if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_PASSCRED failed: %m");
- }
-
- if (s->pass_sec) {
- int one = 1;
- if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_PASSSEC failed: %m");
- }
-
- if (s->priority >= 0)
- if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_PRIORITY failed: %m");
-
- if (s->receive_buffer > 0) {
- int value = (int) s->receive_buffer;
-
- /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
-
- if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
- if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_RCVBUF failed: %m");
- }
-
- if (s->send_buffer > 0) {
- int value = (int) s->send_buffer;
- if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
- if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_SNDBUF failed: %m");
- }
-
- if (s->mark >= 0)
- if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "SO_MARK failed: %m");
-
- if (s->ip_tos >= 0)
- if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
- log_unit_warning_errno(UNIT(s), errno, "IP_TOS failed: %m");
-
- if (s->ip_ttl >= 0) {
- int x;
-
- r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
-
- if (socket_ipv6_is_supported())
- x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
- else {
- x = -1;
- errno = EAFNOSUPPORT;
- }
-
- if (r < 0 && x < 0)
- log_unit_warning_errno(UNIT(s), errno, "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
- }
-
- if (s->tcp_congestion)
- if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
- log_unit_warning_errno(UNIT(s), errno, "TCP_CONGESTION failed: %m");
-
- if (s->smack_ip_in) {
- r = mac_smack_apply_fd(fd, SMACK_ATTR_IPIN, s->smack_ip_in);
- if (r < 0)
- log_unit_error_errno(UNIT(s), r, "mac_smack_apply_ip_in_fd: %m");
- }
-
- if (s->smack_ip_out) {
- r = mac_smack_apply_fd(fd, SMACK_ATTR_IPOUT, s->smack_ip_out);
- if (r < 0)
- log_unit_error_errno(UNIT(s), r, "mac_smack_apply_ip_out_fd: %m");
- }
-}
-
-static void socket_apply_fifo_options(Socket *s, int fd) {
- int r;
-
- assert(s);
- assert(fd >= 0);
-
- if (s->pipe_size > 0)
- if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
- log_unit_warning_errno(UNIT(s), errno, "Setting pipe size failed, ignoring: %m");
-
- if (s->smack) {
- r = mac_smack_apply_fd(fd, SMACK_ATTR_ACCESS, s->smack);
- if (r < 0)
- log_unit_error_errno(UNIT(s), r, "SMACK relabelling failed, ignoring: %m");
- }
-}
-
-static int fifo_address_create(
- const char *path,
- mode_t directory_mode,
- mode_t socket_mode) {
-
- _cleanup_close_ int fd = -1;
- mode_t old_mask;
- struct stat st;
- int r;
-
- assert(path);
-
- mkdir_parents_label(path, directory_mode);
-
- r = mac_selinux_create_file_prepare(path, S_IFIFO);
- if (r < 0)
- return r;
-
- /* Enforce the right access mode for the fifo */
- old_mask = umask(~ socket_mode);
-
- /* Include the original umask in our mask */
- (void) umask(~socket_mode | old_mask);
-
- r = mkfifo(path, socket_mode);
- (void) umask(old_mask);
-
- if (r < 0 && errno != EEXIST) {
- r = -errno;
- goto fail;
- }
-
- fd = open(path, O_RDWR | O_CLOEXEC | O_NOCTTY | O_NONBLOCK | O_NOFOLLOW);
- if (fd < 0) {
- r = -errno;
- goto fail;
- }
-
- mac_selinux_create_file_clear();
-
- if (fstat(fd, &st) < 0) {
- r = -errno;
- goto fail;
- }
-
- if (!S_ISFIFO(st.st_mode) ||
- (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
- st.st_uid != getuid() ||
- st.st_gid != getgid()) {
- r = -EEXIST;
- goto fail;
- }
-
- r = fd;
- fd = -1;
-
- return r;
-
-fail:
- mac_selinux_create_file_clear();
- return r;
-}
-
-static int special_address_create(const char *path, bool writable) {
- _cleanup_close_ int fd = -1;
- struct stat st;
- int r;
-
- assert(path);
-
- fd = open(path, (writable ? O_RDWR : O_RDONLY)|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
- if (fd < 0)
- return -errno;
-
- if (fstat(fd, &st) < 0)
- return -errno;
-
- /* Check whether this is a /proc, /sys or /dev file or char device */
- if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode))
- return -EEXIST;
-
- r = fd;
- fd = -1;
-
- return r;
-}
-
-static int usbffs_address_create(const char *path) {
- _cleanup_close_ int fd = -1;
- struct stat st;
- int r;
-
- assert(path);
-
- fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
- if (fd < 0)
- return -errno;
-
- if (fstat(fd, &st) < 0)
- return -errno;
-
- /* Check whether this is a regular file (ffs endpoint)*/
- if (!S_ISREG(st.st_mode))
- return -EEXIST;
-
- r = fd;
- fd = -1;
-
- return r;
-}
-
-static int mq_address_create(
- const char *path,
- mode_t mq_mode,
- long maxmsg,
- long msgsize) {
-
- _cleanup_close_ int fd = -1;
- struct stat st;
- mode_t old_mask;
- struct mq_attr _attr, *attr = NULL;
- int r;
-
- assert(path);
-
- if (maxmsg > 0 && msgsize > 0) {
- _attr = (struct mq_attr) {
- .mq_flags = O_NONBLOCK,
- .mq_maxmsg = maxmsg,
- .mq_msgsize = msgsize,
- };
- attr = &_attr;
- }
-
- /* Enforce the right access mode for the mq */
- old_mask = umask(~ mq_mode);
-
- /* Include the original umask in our mask */
- (void) umask(~mq_mode | old_mask);
- fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
- (void) umask(old_mask);
-
- if (fd < 0)
- return -errno;
-
- if (fstat(fd, &st) < 0)
- return -errno;
-
- if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
- st.st_uid != getuid() ||
- st.st_gid != getgid())
- return -EEXIST;
-
- r = fd;
- fd = -1;
-
- return r;
-}
-
-static int socket_symlink(Socket *s) {
- const char *p;
- char **i;
-
- assert(s);
-
- p = socket_find_symlink_target(s);
- if (!p)
- return 0;
-
- STRV_FOREACH(i, s->symlinks)
- symlink_label(p, *i);
-
- return 0;
-}
-
-static int usbffs_write_descs(int fd, Service *s) {
- int r;
-
- if (!s->usb_function_descriptors || !s->usb_function_strings)
- return -EINVAL;
-
- r = copy_file_fd(s->usb_function_descriptors, fd, false);
- if (r < 0)
- return r;
-
- return copy_file_fd(s->usb_function_strings, fd, false);
-}
-
-static int usbffs_select_ep(const struct dirent *d) {
- return d->d_name[0] != '.' && !streq(d->d_name, "ep0");
-}
-
-static int usbffs_dispatch_eps(SocketPort *p) {
- _cleanup_free_ struct dirent **ent = NULL;
- int r, i, n, k;
-
- r = scandir(p->path, &ent, usbffs_select_ep, alphasort);
- if (r < 0)
- return -errno;
-
- n = r;
- p->auxiliary_fds = new(int, n);
- if (!p->auxiliary_fds)
- return -ENOMEM;
-
- p->n_auxiliary_fds = n;
-
- k = 0;
- for (i = 0; i < n; ++i) {
- _cleanup_free_ char *ep = NULL;
-
- ep = path_make_absolute(ent[i]->d_name, p->path);
- if (!ep)
- return -ENOMEM;
-
- path_kill_slashes(ep);
-
- r = usbffs_address_create(ep);
- if (r < 0)
- goto fail;
-
- p->auxiliary_fds[k] = r;
-
- ++k;
- free(ent[i]);
- }
-
- return r;
-
-fail:
- close_many(p->auxiliary_fds, k);
- p->auxiliary_fds = mfree(p->auxiliary_fds);
- p->n_auxiliary_fds = 0;
-
- return r;
-}
-
-static int socket_determine_selinux_label(Socket *s, char **ret) {
- ExecCommand *c;
- int r;
-
- assert(s);
- assert(ret);
-
- if (s->selinux_context_from_net) {
- /* If this is requested, get label from the network label */
-
- r = mac_selinux_get_our_label(ret);
- if (r == -EOPNOTSUPP)
- goto no_label;
-
- } else {
- /* Otherwise, get it from the executable we are about to start */
- r = socket_instantiate_service(s);
- if (r < 0)
- return r;
-
- if (!UNIT_ISSET(s->service))
- goto no_label;
-
- c = SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START];
- if (!c)
- goto no_label;
-
- r = mac_selinux_get_create_label_from_exe(c->path, ret);
- if (r == -EPERM || r == -EOPNOTSUPP)
- goto no_label;
- }
-
- return r;
-
-no_label:
- *ret = NULL;
- return 0;
-}
-
-static int socket_open_fds(Socket *s) {
- _cleanup_(mac_selinux_freep) char *label = NULL;
- bool know_label = false;
- SocketPort *p;
- int r;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
-
- if (p->fd >= 0)
- continue;
-
- switch (p->type) {
-
- case SOCKET_SOCKET:
-
- if (!know_label) {
- /* Figure out label, if we don't it know yet. We do it once, for the first socket where
- * we need this and remember it for the rest. */
-
- r = socket_determine_selinux_label(s, &label);
- if (r < 0)
- goto rollback;
-
- know_label = true;
- }
-
- /* Apply the socket protocol */
- switch (p->address.type) {
-
- case SOCK_STREAM:
- case SOCK_SEQPACKET:
- if (s->socket_protocol == IPPROTO_SCTP)
- p->address.protocol = s->socket_protocol;
- break;
-
- case SOCK_DGRAM:
- if (s->socket_protocol == IPPROTO_UDPLITE)
- p->address.protocol = s->socket_protocol;
- break;
- }
-
- r = socket_address_listen(
- &p->address,
- SOCK_CLOEXEC|SOCK_NONBLOCK,
- s->backlog,
- s->bind_ipv6_only,
- s->bind_to_device,
- s->reuse_port,
- s->free_bind,
- s->transparent,
- s->directory_mode,
- s->socket_mode,
- label);
- if (r < 0)
- goto rollback;
-
- p->fd = r;
- socket_apply_socket_options(s, p->fd);
- socket_symlink(s);
- break;
-
- case SOCKET_SPECIAL:
-
- p->fd = special_address_create(p->path, s->writable);
- if (p->fd < 0) {
- r = p->fd;
- goto rollback;
- }
- break;
-
- case SOCKET_FIFO:
-
- p->fd = fifo_address_create(
- p->path,
- s->directory_mode,
- s->socket_mode);
- if (p->fd < 0) {
- r = p->fd;
- goto rollback;
- }
-
- socket_apply_fifo_options(s, p->fd);
- socket_symlink(s);
- break;
-
- case SOCKET_MQUEUE:
-
- p->fd = mq_address_create(
- p->path,
- s->socket_mode,
- s->mq_maxmsg,
- s->mq_msgsize);
- if (p->fd < 0) {
- r = p->fd;
- goto rollback;
- }
- break;
-
- case SOCKET_USB_FUNCTION: {
- _cleanup_free_ char *ep = NULL;
-
- ep = path_make_absolute("ep0", p->path);
-
- p->fd = usbffs_address_create(ep);
- if (p->fd < 0) {
- r = p->fd;
- goto rollback;
- }
-
- r = usbffs_write_descs(p->fd, SERVICE(UNIT_DEREF(s->service)));
- if (r < 0)
- goto rollback;
-
- r = usbffs_dispatch_eps(p);
- if (r < 0)
- goto rollback;
-
- break;
- }
- default:
- assert_not_reached("Unknown port type");
- }
- }
-
- return 0;
-
-rollback:
- socket_close_fds(s);
- return r;
-}
-
-static void socket_unwatch_fds(Socket *s) {
- SocketPort *p;
- int r;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
- if (p->fd < 0)
- continue;
-
- if (!p->event_source)
- continue;
-
- r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
- if (r < 0)
- log_unit_debug_errno(UNIT(s), r, "Failed to disable event source: %m");
- }
-}
-
-static int socket_watch_fds(Socket *s) {
- SocketPort *p;
- int r;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
- if (p->fd < 0)
- continue;
-
- if (p->event_source) {
- r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
- if (r < 0)
- goto fail;
- } else {
- r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(p->event_source, "socket-port-io");
- }
- }
-
- return 0;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to watch listening fds: %m");
- socket_unwatch_fds(s);
- return r;
-}
-
-enum {
- SOCKET_OPEN_NONE,
- SOCKET_OPEN_SOME,
- SOCKET_OPEN_ALL,
-};
-
-static int socket_check_open(Socket *s) {
- bool have_open = false, have_closed = false;
- SocketPort *p;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
- if (p->fd < 0)
- have_closed = true;
- else
- have_open = true;
-
- if (have_open && have_closed)
- return SOCKET_OPEN_SOME;
- }
-
- if (have_open)
- return SOCKET_OPEN_ALL;
-
- return SOCKET_OPEN_NONE;
-}
-
-static void socket_set_state(Socket *s, SocketState state) {
- SocketState old_state;
- assert(s);
-
- old_state = s->state;
- s->state = state;
-
- if (!IN_SET(state,
- SOCKET_START_PRE,
- SOCKET_START_CHOWN,
- SOCKET_START_POST,
- SOCKET_STOP_PRE,
- SOCKET_STOP_PRE_SIGTERM,
- SOCKET_STOP_PRE_SIGKILL,
- SOCKET_STOP_POST,
- SOCKET_FINAL_SIGTERM,
- SOCKET_FINAL_SIGKILL)) {
-
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
- socket_unwatch_control_pid(s);
- s->control_command = NULL;
- s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
- }
-
- if (state != SOCKET_LISTENING)
- socket_unwatch_fds(s);
-
- if (!IN_SET(state,
- SOCKET_START_CHOWN,
- SOCKET_START_POST,
- SOCKET_LISTENING,
- SOCKET_RUNNING,
- SOCKET_STOP_PRE,
- SOCKET_STOP_PRE_SIGTERM,
- SOCKET_STOP_PRE_SIGKILL))
- socket_close_fds(s);
-
- if (state != old_state)
- log_unit_debug(UNIT(s), "Changed %s -> %s", socket_state_to_string(old_state), socket_state_to_string(state));
-
- unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int socket_coldplug(Unit *u) {
- Socket *s = SOCKET(u);
- int r;
-
- assert(s);
- assert(s->state == SOCKET_DEAD);
-
- if (s->deserialized_state == s->state)
- return 0;
-
- if (s->control_pid > 0 &&
- pid_is_unwaited(s->control_pid) &&
- IN_SET(s->deserialized_state,
- SOCKET_START_PRE,
- SOCKET_START_CHOWN,
- SOCKET_START_POST,
- SOCKET_STOP_PRE,
- SOCKET_STOP_PRE_SIGTERM,
- SOCKET_STOP_PRE_SIGKILL,
- SOCKET_STOP_POST,
- SOCKET_FINAL_SIGTERM,
- SOCKET_FINAL_SIGKILL)) {
-
- r = unit_watch_pid(UNIT(s), s->control_pid);
- if (r < 0)
- return r;
-
- r = socket_arm_timer(s, usec_add(u->state_change_timestamp.monotonic, s->timeout_usec));
- if (r < 0)
- return r;
- }
-
- if (IN_SET(s->deserialized_state,
- SOCKET_START_CHOWN,
- SOCKET_START_POST,
- SOCKET_LISTENING,
- SOCKET_RUNNING)) {
-
- /* Originally, we used to simply reopen all sockets here that we didn't have file descriptors
- * for. However, this is problematic, as we won't traverse throught the SOCKET_START_CHOWN state for
- * them, and thus the UID/GID wouldn't be right. Hence, instead simply check if we have all fds open,
- * and if there's a mismatch, warn loudly. */
-
- r = socket_check_open(s);
- if (r == SOCKET_OPEN_NONE)
- log_unit_warning(UNIT(s),
- "Socket unit configuration has changed while unit has been running, "
- "no open socket file descriptor left. "
- "The socket unit is not functional until restarted.");
- else if (r == SOCKET_OPEN_SOME)
- log_unit_warning(UNIT(s),
- "Socket unit configuration has changed while unit has been running, "
- "and some socket file descriptors have not been opened yet. "
- "The socket unit is not fully functional until restarted.");
- }
-
- if (s->deserialized_state == SOCKET_LISTENING) {
- r = socket_watch_fds(s);
- if (r < 0)
- return r;
- }
-
- if (!IN_SET(s->deserialized_state, SOCKET_DEAD, SOCKET_FAILED))
- (void) unit_setup_dynamic_creds(u);
-
- socket_set_state(s, s->deserialized_state);
- return 0;
-}
-
-static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
- _cleanup_free_ char **argv = NULL;
- pid_t pid;
- int r;
- ExecParameters exec_params = {
- .flags = EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN,
- .stdin_fd = -1,
- .stdout_fd = -1,
- .stderr_fd = -1,
- };
-
- assert(s);
- assert(c);
- assert(_pid);
-
- (void) unit_realize_cgroup(UNIT(s));
- if (s->reset_cpu_usage) {
- (void) unit_reset_cpu_usage(UNIT(s));
- s->reset_cpu_usage = false;
- }
-
- r = unit_setup_exec_runtime(UNIT(s));
- if (r < 0)
- return r;
-
- r = unit_setup_dynamic_creds(UNIT(s));
- if (r < 0)
- return r;
-
- r = socket_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_usec));
- if (r < 0)
- return r;
-
- r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
- if (r < 0)
- return r;
-
- exec_params.argv = argv;
- exec_params.environment = UNIT(s)->manager->environment;
- exec_params.flags |= UNIT(s)->manager->confirm_spawn ? EXEC_CONFIRM_SPAWN : 0;
- exec_params.cgroup_supported = UNIT(s)->manager->cgroup_supported;
- exec_params.cgroup_path = UNIT(s)->cgroup_path;
- exec_params.cgroup_delegate = s->cgroup_context.delegate;
- exec_params.runtime_prefix = manager_get_runtime_prefix(UNIT(s)->manager);
-
- r = exec_spawn(UNIT(s),
- c,
- &s->exec_context,
- &exec_params,
- s->exec_runtime,
- &s->dynamic_creds,
- &pid);
- if (r < 0)
- return r;
-
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0)
- /* FIXME: we need to do something here */
- return r;
-
- *_pid = pid;
- return 0;
-}
-
-static int socket_chown(Socket *s, pid_t *_pid) {
- pid_t pid;
- int r;
-
- r = socket_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_usec));
- if (r < 0)
- goto fail;
-
- /* We have to resolve the user names out-of-process, hence
- * let's fork here. It's messy, but well, what can we do? */
-
- pid = fork();
- if (pid < 0)
- return -errno;
-
- if (pid == 0) {
- SocketPort *p;
- uid_t uid = UID_INVALID;
- gid_t gid = GID_INVALID;
- int ret;
-
- (void) default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
- (void) ignore_signals(SIGPIPE, -1);
- log_forget_fds();
-
- if (!isempty(s->user)) {
- const char *user = s->user;
-
- r = get_user_creds(&user, &uid, &gid, NULL, NULL);
- if (r < 0) {
- ret = EXIT_USER;
- goto fail_child;
- }
- }
-
- if (!isempty(s->group)) {
- const char *group = s->group;
-
- r = get_group_creds(&group, &gid);
- if (r < 0) {
- ret = EXIT_GROUP;
- goto fail_child;
- }
- }
-
- LIST_FOREACH(port, p, s->ports) {
- const char *path = NULL;
-
- if (p->type == SOCKET_SOCKET)
- path = socket_address_get_path(&p->address);
- else if (p->type == SOCKET_FIFO)
- path = p->path;
-
- if (!path)
- continue;
-
- if (chown(path, uid, gid) < 0) {
- r = -errno;
- ret = EXIT_CHOWN;
- goto fail_child;
- }
- }
-
- _exit(0);
-
- fail_child:
- log_open();
- log_error_errno(r, "Failed to chown socket at step %s: %m", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD));
-
- _exit(ret);
- }
-
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0)
- goto fail;
-
- *_pid = pid;
- return 0;
-
-fail:
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
- return r;
-}
-
-static void socket_enter_dead(Socket *s, SocketResult f) {
- assert(s);
-
- if (s->result == SOCKET_SUCCESS)
- s->result = f;
-
- socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
-
- exec_runtime_destroy(s->exec_runtime);
- s->exec_runtime = exec_runtime_unref(s->exec_runtime);
-
- exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
-
- unit_unref_uid_gid(UNIT(s), true);
-
- dynamic_creds_destroy(&s->dynamic_creds);
-}
-
-static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
-
-static void socket_enter_stop_post(Socket *s, SocketResult f) {
- int r;
- assert(s);
-
- if (s->result == SOCKET_SUCCESS)
- s->result = f;
-
- socket_unwatch_control_pid(s);
- s->control_command_id = SOCKET_EXEC_STOP_POST;
- s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
-
- if (s->control_command) {
- r = socket_spawn(s, s->control_command, &s->control_pid);
- if (r < 0)
- goto fail;
-
- socket_set_state(s, SOCKET_STOP_POST);
- } else
- socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop-post' task: %m");
- socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
-}
-
-static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
- int r;
-
- assert(s);
-
- if (s->result == SOCKET_SUCCESS)
- s->result = f;
-
- r = unit_kill_context(
- UNIT(s),
- &s->kill_context,
- (state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM) ?
- KILL_KILL : KILL_TERMINATE,
- -1,
- s->control_pid,
- false);
- if (r < 0)
- goto fail;
-
- if (r > 0) {
- r = socket_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_usec));
- if (r < 0)
- goto fail;
-
- socket_set_state(s, state);
- } else if (state == SOCKET_STOP_PRE_SIGTERM)
- socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
- else if (state == SOCKET_STOP_PRE_SIGKILL)
- socket_enter_stop_post(s, SOCKET_SUCCESS);
- else if (state == SOCKET_FINAL_SIGTERM)
- socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
- else
- socket_enter_dead(s, SOCKET_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
-
- if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
- socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
- else
- socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
-}
-
-static void socket_enter_stop_pre(Socket *s, SocketResult f) {
- int r;
- assert(s);
-
- if (s->result == SOCKET_SUCCESS)
- s->result = f;
-
- socket_unwatch_control_pid(s);
- s->control_command_id = SOCKET_EXEC_STOP_PRE;
- s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
-
- if (s->control_command) {
- r = socket_spawn(s, s->control_command, &s->control_pid);
- if (r < 0)
- goto fail;
-
- socket_set_state(s, SOCKET_STOP_PRE);
- } else
- socket_enter_stop_post(s, SOCKET_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop-pre' task: %m");
- socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
-}
-
-static void socket_enter_listening(Socket *s) {
- int r;
- assert(s);
-
- r = socket_watch_fds(s);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to watch sockets: %m");
- goto fail;
- }
-
- socket_set_state(s, SOCKET_LISTENING);
- return;
-
-fail:
- socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
-}
-
-static void socket_enter_start_post(Socket *s) {
- int r;
- assert(s);
-
- socket_unwatch_control_pid(s);
- s->control_command_id = SOCKET_EXEC_START_POST;
- s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
-
- if (s->control_command) {
- r = socket_spawn(s, s->control_command, &s->control_pid);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-post' task: %m");
- goto fail;
- }
-
- socket_set_state(s, SOCKET_START_POST);
- } else
- socket_enter_listening(s);
-
- return;
-
-fail:
- socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
-}
-
-static void socket_enter_start_chown(Socket *s) {
- int r;
-
- assert(s);
-
- r = socket_open_fds(s);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to listen on sockets: %m");
- goto fail;
- }
-
- if (!isempty(s->user) || !isempty(s->group)) {
-
- socket_unwatch_control_pid(s);
- s->control_command_id = SOCKET_EXEC_START_CHOWN;
- s->control_command = NULL;
-
- r = socket_chown(s, &s->control_pid);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to fork 'start-chown' task: %m");
- goto fail;
- }
-
- socket_set_state(s, SOCKET_START_CHOWN);
- } else
- socket_enter_start_post(s);
-
- return;
-
-fail:
- socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
-}
-
-static void socket_enter_start_pre(Socket *s) {
- int r;
- assert(s);
-
- socket_unwatch_control_pid(s);
- s->control_command_id = SOCKET_EXEC_START_PRE;
- s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
-
- if (s->control_command) {
- r = socket_spawn(s, s->control_command, &s->control_pid);
- if (r < 0) {
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-pre' task: %m");
- goto fail;
- }
-
- socket_set_state(s, SOCKET_START_PRE);
- } else
- socket_enter_start_chown(s);
-
- return;
-
-fail:
- socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
-}
-
-static void flush_ports(Socket *s) {
- SocketPort *p;
-
- /* Flush all incoming traffic, regardless if actual bytes or new connections, so that this socket isn't busy
- * anymore */
-
- LIST_FOREACH(port, p, s->ports) {
- if (p->fd < 0)
- continue;
-
- (void) flush_accept(p->fd);
- (void) flush_fd(p->fd);
- }
-}
-
-static void socket_enter_running(Socket *s, int cfd) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- int r;
-
- /* Note that this call takes possession of the connection fd passed. It either has to assign it somewhere or
- * close it. */
-
- assert(s);
-
- /* We don't take connections anymore if we are supposed to shut down anyway */
- if (unit_stop_pending(UNIT(s))) {
-
- log_unit_debug(UNIT(s), "Suppressing connection request since unit stop is scheduled.");
-
- if (cfd >= 0)
- cfd = safe_close(cfd);
- else
- flush_ports(s);
-
- return;
- }
-
- if (!ratelimit_test(&s->trigger_limit)) {
- safe_close(cfd);
- log_unit_warning(UNIT(s), "Trigger limit hit, refusing further activation.");
- socket_enter_stop_pre(s, SOCKET_FAILURE_TRIGGER_LIMIT_HIT);
- return;
- }
-
- if (cfd < 0) {
- Iterator i;
- Unit *other;
- bool pending = false;
-
- /* If there's already a start pending don't bother to
- * do anything */
- SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
- if (unit_active_or_pending(other)) {
- pending = true;
- break;
- }
-
- if (!pending) {
- if (!UNIT_ISSET(s->service)) {
- log_unit_error(UNIT(s), "Service to activate vanished, refusing activation.");
- r = -ENOENT;
- goto fail;
- }
-
- r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, &error, NULL);
- if (r < 0)
- goto fail;
- }
-
- socket_set_state(s, SOCKET_RUNNING);
- } else {
- _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
- _cleanup_(socket_peer_unrefp) SocketPeer *p = NULL;
- Service *service;
-
- if (s->n_connections >= s->max_connections) {
- log_unit_warning(UNIT(s), "Too many incoming connections (%u), dropping connection.",
- s->n_connections);
- safe_close(cfd);
- return;
- }
-
- if (s->max_connections_per_source > 0) {
- r = socket_acquire_peer(s, cfd, &p);
- if (r < 0) {
- safe_close(cfd);
- return;
- } else if (r > 0 && p->n_ref > s->max_connections_per_source) {
- _cleanup_free_ char *t = NULL;
-
- sockaddr_pretty(&p->peer.sa, FAMILY_ADDRESS_SIZE(p->peer.sa.sa_family), true, false, &t);
-
- log_unit_warning(UNIT(s),
- "Too many incoming connections (%u) from source %s, dropping connection.",
- p->n_ref, strnull(t));
- safe_close(cfd);
- return;
- }
- }
-
- r = socket_instantiate_service(s);
- if (r < 0)
- goto fail;
-
- r = instance_from_socket(cfd, s->n_accepted, &instance);
- if (r < 0) {
- if (r != -ENOTCONN)
- goto fail;
-
- /* ENOTCONN is legitimate if TCP RST was received.
- * This connection is over, but the socket unit lives on. */
- log_unit_debug(UNIT(s), "Got ENOTCONN on incoming socket, assuming aborted connection attempt, ignoring.");
- safe_close(cfd);
- return;
- }
-
- r = unit_name_to_prefix(UNIT(s)->id, &prefix);
- if (r < 0)
- goto fail;
-
- r = unit_name_build(prefix, instance, ".service", &name);
- if (r < 0)
- goto fail;
-
- r = unit_add_name(UNIT_DEREF(s->service), name);
- if (r < 0)
- goto fail;
-
- service = SERVICE(UNIT_DEREF(s->service));
- unit_ref_unset(&s->service);
-
- s->n_accepted++;
- unit_choose_id(UNIT(service), name);
-
- r = service_set_socket_fd(service, cfd, s, s->selinux_context_from_net);
- if (r < 0)
- goto fail;
-
- cfd = -1; /* We passed ownership of the fd to the service now. Forget it here. */
- s->n_connections++;
-
- service->peer = p; /* Pass ownership of the peer reference */
- p = NULL;
-
- r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, &error, NULL);
- if (r < 0) {
- /* We failed to activate the new service, but it still exists. Let's make sure the service
- * closes and forgets the connection fd again, immediately. */
- service_close_socket_fd(service);
- goto fail;
- }
-
- /* Notify clients about changed counters */
- unit_add_to_dbus_queue(UNIT(s));
- }
-
- return;
-
-fail:
- log_unit_warning(UNIT(s), "Failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
- cfd >= 0 ? "template" : "non-template",
- bus_error_message(&error, r));
-
- socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
- safe_close(cfd);
-}
-
-static void socket_run_next(Socket *s) {
- int r;
-
- assert(s);
- assert(s->control_command);
- assert(s->control_command->command_next);
-
- socket_unwatch_control_pid(s);
-
- s->control_command = s->control_command->command_next;
-
- r = socket_spawn(s, s->control_command, &s->control_pid);
- if (r < 0)
- goto fail;
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run next task: %m");
-
- if (s->state == SOCKET_START_POST)
- socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
- else if (s->state == SOCKET_STOP_POST)
- socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
- else
- socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
-}
-
-static int socket_start(Unit *u) {
- Socket *s = SOCKET(u);
- int r;
-
- assert(s);
-
- /* We cannot fulfill this request right now, try again later
- * please! */
- if (IN_SET(s->state,
- SOCKET_STOP_PRE,
- SOCKET_STOP_PRE_SIGKILL,
- SOCKET_STOP_PRE_SIGTERM,
- SOCKET_STOP_POST,
- SOCKET_FINAL_SIGTERM,
- SOCKET_FINAL_SIGKILL))
- return -EAGAIN;
-
- /* Already on it! */
- if (IN_SET(s->state,
- SOCKET_START_PRE,
- SOCKET_START_CHOWN,
- SOCKET_START_POST))
- return 0;
-
- /* Cannot run this without the service being around */
- if (UNIT_ISSET(s->service)) {
- Service *service;
-
- service = SERVICE(UNIT_DEREF(s->service));
-
- if (UNIT(service)->load_state != UNIT_LOADED) {
- log_unit_error(u, "Socket service %s not loaded, refusing.", UNIT(service)->id);
- return -ENOENT;
- }
-
- /* If the service is already active we cannot start the
- * socket */
- if (service->state != SERVICE_DEAD &&
- service->state != SERVICE_FAILED &&
- service->state != SERVICE_AUTO_RESTART) {
- log_unit_error(u, "Socket service %s already active, refusing.", UNIT(service)->id);
- return -EBUSY;
- }
- }
-
- assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- socket_enter_dead(s, SOCKET_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- s->result = SOCKET_SUCCESS;
- s->reset_cpu_usage = true;
-
- socket_enter_start_pre(s);
- return 1;
-}
-
-static int socket_stop(Unit *u) {
- Socket *s = SOCKET(u);
-
- assert(s);
-
- /* Already on it */
- if (IN_SET(s->state,
- SOCKET_STOP_PRE,
- SOCKET_STOP_PRE_SIGTERM,
- SOCKET_STOP_PRE_SIGKILL,
- SOCKET_STOP_POST,
- SOCKET_FINAL_SIGTERM,
- SOCKET_FINAL_SIGKILL))
- return 0;
-
- /* If there's already something running we go directly into
- * kill mode. */
- if (IN_SET(s->state,
- SOCKET_START_PRE,
- SOCKET_START_CHOWN,
- SOCKET_START_POST)) {
- socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
- return -EAGAIN;
- }
-
- assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
-
- socket_enter_stop_pre(s, SOCKET_SUCCESS);
- return 1;
-}
-
-static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
- Socket *s = SOCKET(u);
- SocketPort *p;
- int r;
-
- assert(u);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
- unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
- unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
-
- if (s->control_pid > 0)
- unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
-
- if (s->control_command_id >= 0)
- unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
-
- LIST_FOREACH(port, p, s->ports) {
- int copy;
-
- if (p->fd < 0)
- continue;
-
- copy = fdset_put_dup(fds, p->fd);
- if (copy < 0)
- return copy;
-
- if (p->type == SOCKET_SOCKET) {
- _cleanup_free_ char *t = NULL;
-
- r = socket_address_print(&p->address, &t);
- if (r < 0)
- return r;
-
- if (socket_address_family(&p->address) == AF_NETLINK)
- unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
- else
- unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
-
- } else if (p->type == SOCKET_SPECIAL)
- unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
- else if (p->type == SOCKET_MQUEUE)
- unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
- else if (p->type == SOCKET_USB_FUNCTION)
- unit_serialize_item_format(u, f, "ffs", "%i %s", copy, p->path);
- else {
- assert(p->type == SOCKET_FIFO);
- unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
- }
- }
-
- return 0;
-}
-
-static void socket_port_take_fd(SocketPort *p, FDSet *fds, int fd) {
- safe_close(p->fd);
- p->fd = fdset_remove(fds, fd);
-}
-
-static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Socket *s = SOCKET(u);
-
- assert(u);
- assert(key);
- assert(value);
-
- if (streq(key, "state")) {
- SocketState state;
-
- state = socket_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- s->deserialized_state = state;
- } else if (streq(key, "result")) {
- SocketResult f;
-
- f = socket_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != SOCKET_SUCCESS)
- s->result = f;
-
- } else if (streq(key, "n-accepted")) {
- unsigned k;
-
- if (safe_atou(value, &k) < 0)
- log_unit_debug(u, "Failed to parse n-accepted value: %s", value);
- else
- s->n_accepted += k;
- } else if (streq(key, "control-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse control-pid value: %s", value);
- else
- s->control_pid = pid;
- } else if (streq(key, "control-command")) {
- SocketExecCommand id;
-
- id = socket_exec_command_from_string(value);
- if (id < 0)
- log_unit_debug(u, "Failed to parse exec-command value: %s", value);
- else {
- s->control_command_id = id;
- s->control_command = s->exec_command[id];
- }
- } else if (streq(key, "fifo")) {
- int fd, skip = 0;
- SocketPort *p;
-
- if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse fifo value: %s", value);
- else
- LIST_FOREACH(port, p, s->ports)
- if (p->type == SOCKET_FIFO &&
- path_equal_or_files_same(p->path, value+skip)) {
- socket_port_take_fd(p, fds, fd);
- break;
- }
-
- } else if (streq(key, "special")) {
- int fd, skip = 0;
- SocketPort *p;
-
- if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse special value: %s", value);
- else
- LIST_FOREACH(port, p, s->ports)
- if (p->type == SOCKET_SPECIAL &&
- path_equal_or_files_same(p->path, value+skip)) {
- socket_port_take_fd(p, fds, fd);
- break;
- }
-
- } else if (streq(key, "mqueue")) {
- int fd, skip = 0;
- SocketPort *p;
-
- if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse mqueue value: %s", value);
- else
- LIST_FOREACH(port, p, s->ports)
- if (p->type == SOCKET_MQUEUE &&
- streq(p->path, value+skip)) {
- socket_port_take_fd(p, fds, fd);
- break;
- }
-
- } else if (streq(key, "socket")) {
- int fd, type, skip = 0;
- SocketPort *p;
-
- if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse socket value: %s", value);
- else
- LIST_FOREACH(port, p, s->ports)
- if (socket_address_is(&p->address, value+skip, type)) {
- socket_port_take_fd(p, fds, fd);
- break;
- }
-
- } else if (streq(key, "netlink")) {
- int fd, skip = 0;
- SocketPort *p;
-
- if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse socket value: %s", value);
- else
- LIST_FOREACH(port, p, s->ports)
- if (socket_address_is_netlink(&p->address, value+skip)) {
- socket_port_take_fd(p, fds, fd);
- break;
- }
-
- } else if (streq(key, "ffs")) {
- int fd, skip = 0;
- SocketPort *p;
-
- if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
- log_unit_debug(u, "Failed to parse ffs value: %s", value);
- else
- LIST_FOREACH(port, p, s->ports)
- if (p->type == SOCKET_USB_FUNCTION &&
- path_equal_or_files_same(p->path, value+skip)) {
- socket_port_take_fd(p, fds, fd);
- break;
- }
-
- } else
- log_unit_debug(UNIT(s), "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-static void socket_distribute_fds(Unit *u, FDSet *fds) {
- Socket *s = SOCKET(u);
- SocketPort *p;
-
- assert(u);
-
- LIST_FOREACH(port, p, s->ports) {
- Iterator i;
- int fd;
-
- if (p->type != SOCKET_SOCKET)
- continue;
-
- if (p->fd >= 0)
- continue;
-
- FDSET_FOREACH(fd, fds, i) {
- if (socket_address_matches_fd(&p->address, fd)) {
- p->fd = fdset_remove(fds, fd);
- s->deserialized_state = SOCKET_LISTENING;
- break;
- }
- }
- }
-}
-
-_pure_ static UnitActiveState socket_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[SOCKET(u)->state];
-}
-
-_pure_ static const char *socket_sub_state_to_string(Unit *u) {
- assert(u);
-
- return socket_state_to_string(SOCKET(u)->state);
-}
-
-const char* socket_port_type_to_string(SocketPort *p) {
-
- assert(p);
-
- switch (p->type) {
-
- case SOCKET_SOCKET:
-
- switch (p->address.type) {
-
- case SOCK_STREAM:
- return "Stream";
-
- case SOCK_DGRAM:
- return "Datagram";
-
- case SOCK_SEQPACKET:
- return "SequentialPacket";
-
- case SOCK_RAW:
- if (socket_address_family(&p->address) == AF_NETLINK)
- return "Netlink";
-
- default:
- return NULL;
- }
-
- case SOCKET_SPECIAL:
- return "Special";
-
- case SOCKET_MQUEUE:
- return "MessageQueue";
-
- case SOCKET_FIFO:
- return "FIFO";
-
- case SOCKET_USB_FUNCTION:
- return "USBFunction";
-
- default:
- return NULL;
- }
-}
-
-_pure_ static bool socket_check_gc(Unit *u) {
- Socket *s = SOCKET(u);
-
- assert(u);
-
- return s->n_connections > 0;
-}
-
-static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- SocketPort *p = userdata;
- int cfd = -1;
-
- assert(p);
- assert(fd >= 0);
-
- if (p->socket->state != SOCKET_LISTENING)
- return 0;
-
- log_unit_debug(UNIT(p->socket), "Incoming traffic");
-
- if (revents != EPOLLIN) {
-
- if (revents & EPOLLHUP)
- log_unit_error(UNIT(p->socket), "Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.");
- else
- log_unit_error(UNIT(p->socket), "Got unexpected poll event (0x%x) on socket.", revents);
- goto fail;
- }
-
- if (p->socket->accept &&
- p->type == SOCKET_SOCKET &&
- socket_address_can_accept(&p->address)) {
-
- for (;;) {
-
- cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
- if (cfd < 0) {
-
- if (errno == EINTR)
- continue;
-
- log_unit_error_errno(UNIT(p->socket), errno, "Failed to accept socket: %m");
- goto fail;
- }
-
- break;
- }
-
- socket_apply_socket_options(p->socket, cfd);
- }
-
- socket_enter_running(p->socket, cfd);
- return 0;
-
-fail:
- socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
- return 0;
-}
-
-static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
- Socket *s = SOCKET(u);
- SocketResult f;
-
- assert(s);
- assert(pid >= 0);
-
- if (pid != s->control_pid)
- return;
-
- s->control_pid = 0;
-
- if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
- f = SOCKET_SUCCESS;
- else if (code == CLD_EXITED)
- f = SOCKET_FAILURE_EXIT_CODE;
- else if (code == CLD_KILLED)
- f = SOCKET_FAILURE_SIGNAL;
- else if (code == CLD_DUMPED)
- f = SOCKET_FAILURE_CORE_DUMP;
- else
- assert_not_reached("Unknown sigchld code");
-
- if (s->control_command) {
- exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
-
- if (s->control_command->ignore)
- f = SOCKET_SUCCESS;
- }
-
- log_unit_full(u, f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE, 0,
- "Control process exited, code=%s status=%i",
- sigchld_code_to_string(code), status);
-
- if (s->result == SOCKET_SUCCESS)
- s->result = f;
-
- if (s->control_command &&
- s->control_command->command_next &&
- f == SOCKET_SUCCESS) {
-
- log_unit_debug(u, "Running next command for state %s", socket_state_to_string(s->state));
- socket_run_next(s);
- } else {
- s->control_command = NULL;
- s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
-
- /* No further commands for this step, so let's figure
- * out what to do next */
-
- log_unit_debug(u, "Got final SIGCHLD for state %s", socket_state_to_string(s->state));
-
- switch (s->state) {
-
- case SOCKET_START_PRE:
- if (f == SOCKET_SUCCESS)
- socket_enter_start_chown(s);
- else
- socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
- break;
-
- case SOCKET_START_CHOWN:
- if (f == SOCKET_SUCCESS)
- socket_enter_start_post(s);
- else
- socket_enter_stop_pre(s, f);
- break;
-
- case SOCKET_START_POST:
- if (f == SOCKET_SUCCESS)
- socket_enter_listening(s);
- else
- socket_enter_stop_pre(s, f);
- break;
-
- case SOCKET_STOP_PRE:
- case SOCKET_STOP_PRE_SIGTERM:
- case SOCKET_STOP_PRE_SIGKILL:
- socket_enter_stop_post(s, f);
- break;
-
- case SOCKET_STOP_POST:
- case SOCKET_FINAL_SIGTERM:
- case SOCKET_FINAL_SIGKILL:
- socket_enter_dead(s, f);
- break;
-
- default:
- assert_not_reached("Uh, control process died at wrong time.");
- }
- }
-
- /* Notify clients about changed exit status */
- unit_add_to_dbus_queue(u);
-}
-
-static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
- Socket *s = SOCKET(userdata);
-
- assert(s);
- assert(s->timer_event_source == source);
-
- switch (s->state) {
-
- case SOCKET_START_PRE:
- log_unit_warning(UNIT(s), "Starting timed out. Terminating.");
- socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
- break;
-
- case SOCKET_START_CHOWN:
- case SOCKET_START_POST:
- log_unit_warning(UNIT(s), "Starting timed out. Stopping.");
- socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
- break;
-
- case SOCKET_STOP_PRE:
- log_unit_warning(UNIT(s), "Stopping timed out. Terminating.");
- socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
- break;
-
- case SOCKET_STOP_PRE_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "Stopping timed out. Killing.");
- socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "Stopping timed out. Skipping SIGKILL. Ignoring.");
- socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
- }
- break;
-
- case SOCKET_STOP_PRE_SIGKILL:
- log_unit_warning(UNIT(s), "Processes still around after SIGKILL. Ignoring.");
- socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
- break;
-
- case SOCKET_STOP_POST:
- log_unit_warning(UNIT(s), "Stopping timed out (2). Terminating.");
- socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
- break;
-
- case SOCKET_FINAL_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "Stopping timed out (2). Killing.");
- socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "Stopping timed out (2). Skipping SIGKILL. Ignoring.");
- socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
- }
- break;
-
- case SOCKET_FINAL_SIGKILL:
- log_unit_warning(UNIT(s), "Still around after SIGKILL (2). Entering failed mode.");
- socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
- break;
-
- default:
- assert_not_reached("Timeout at wrong time.");
- }
-
- return 0;
-}
-
-int socket_collect_fds(Socket *s, int **fds) {
- int *rfds, k = 0, n = 0;
- SocketPort *p;
-
- assert(s);
- assert(fds);
-
- /* Called from the service code for requesting our fds */
-
- LIST_FOREACH(port, p, s->ports) {
- if (p->fd >= 0)
- n++;
- n += p->n_auxiliary_fds;
- }
-
- if (n <= 0) {
- *fds = NULL;
- return 0;
- }
-
- rfds = new(int, n);
- if (!rfds)
- return -ENOMEM;
-
- LIST_FOREACH(port, p, s->ports) {
- int i;
-
- if (p->fd >= 0)
- rfds[k++] = p->fd;
- for (i = 0; i < p->n_auxiliary_fds; ++i)
- rfds[k++] = p->auxiliary_fds[i];
- }
-
- assert(k == n);
-
- *fds = rfds;
- return n;
-}
-
-static void socket_reset_failed(Unit *u) {
- Socket *s = SOCKET(u);
-
- assert(s);
-
- if (s->state == SOCKET_FAILED)
- socket_set_state(s, SOCKET_DEAD);
-
- s->result = SOCKET_SUCCESS;
-}
-
-void socket_connection_unref(Socket *s) {
- assert(s);
-
- /* The service is dead. Yay!
- *
- * This is strictly for one-instance-per-connection
- * services. */
-
- assert(s->n_connections > 0);
- s->n_connections--;
-
- log_unit_debug(UNIT(s), "One connection closed, %u left.", s->n_connections);
-}
-
-static void socket_trigger_notify(Unit *u, Unit *other) {
- Socket *s = SOCKET(u);
-
- assert(u);
- assert(other);
-
- /* Filter out invocations with bogus state */
- if (other->load_state != UNIT_LOADED || other->type != UNIT_SERVICE)
- return;
-
- /* Don't propagate state changes from the service if we are already down */
- if (!IN_SET(s->state, SOCKET_RUNNING, SOCKET_LISTENING))
- return;
-
- /* We don't care for the service state if we are in Accept=yes mode */
- if (s->accept)
- return;
-
- /* Propagate start limit hit state */
- if (other->start_limit_hit) {
- socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_START_LIMIT_HIT);
- return;
- }
-
- /* Don't propagate anything if there's still a job queued */
- if (other->job)
- return;
-
- if (IN_SET(SERVICE(other)->state,
- SERVICE_DEAD, SERVICE_FAILED,
- SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
- SERVICE_AUTO_RESTART))
- socket_enter_listening(s);
-
- if (SERVICE(other)->state == SERVICE_RUNNING)
- socket_set_state(s, SOCKET_RUNNING);
-}
-
-static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
-}
-
-static int socket_get_timeout(Unit *u, usec_t *timeout) {
- Socket *s = SOCKET(u);
- usec_t t;
- int r;
-
- if (!s->timer_event_source)
- return 0;
-
- r = sd_event_source_get_time(s->timer_event_source, &t);
- if (r < 0)
- return r;
- if (t == USEC_INFINITY)
- return 0;
-
- *timeout = t;
- return 1;
-}
-
-char *socket_fdname(Socket *s) {
- assert(s);
-
- /* Returns the name to use for $LISTEN_NAMES. If the user
- * didn't specify anything specifically, use the socket unit's
- * name as fallback. */
-
- if (s->fdname)
- return s->fdname;
-
- return UNIT(s)->id;
-}
-
-static int socket_control_pid(Unit *u) {
- Socket *s = SOCKET(u);
-
- assert(s);
-
- return s->control_pid;
-}
-
-static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
- [SOCKET_EXEC_START_PRE] = "StartPre",
- [SOCKET_EXEC_START_CHOWN] = "StartChown",
- [SOCKET_EXEC_START_POST] = "StartPost",
- [SOCKET_EXEC_STOP_PRE] = "StopPre",
- [SOCKET_EXEC_STOP_POST] = "StopPost"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
-
-static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
- [SOCKET_SUCCESS] = "success",
- [SOCKET_FAILURE_RESOURCES] = "resources",
- [SOCKET_FAILURE_TIMEOUT] = "timeout",
- [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
- [SOCKET_FAILURE_SIGNAL] = "signal",
- [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
- [SOCKET_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
- [SOCKET_FAILURE_TRIGGER_LIMIT_HIT] = "trigger-limit-hit",
- [SOCKET_FAILURE_SERVICE_START_LIMIT_HIT] = "service-start-limit-hit"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
-
-const UnitVTable socket_vtable = {
- .object_size = sizeof(Socket),
- .exec_context_offset = offsetof(Socket, exec_context),
- .cgroup_context_offset = offsetof(Socket, cgroup_context),
- .kill_context_offset = offsetof(Socket, kill_context),
- .exec_runtime_offset = offsetof(Socket, exec_runtime),
- .dynamic_creds_offset = offsetof(Socket, dynamic_creds),
-
- .sections =
- "Unit\0"
- "Socket\0"
- "Install\0",
- .private_section = "Socket",
-
- .init = socket_init,
- .done = socket_done,
- .load = socket_load,
-
- .coldplug = socket_coldplug,
-
- .dump = socket_dump,
-
- .start = socket_start,
- .stop = socket_stop,
-
- .kill = socket_kill,
-
- .get_timeout = socket_get_timeout,
-
- .serialize = socket_serialize,
- .deserialize_item = socket_deserialize_item,
- .distribute_fds = socket_distribute_fds,
-
- .active_state = socket_active_state,
- .sub_state_to_string = socket_sub_state_to_string,
-
- .check_gc = socket_check_gc,
-
- .sigchld_event = socket_sigchld_event,
-
- .trigger_notify = socket_trigger_notify,
-
- .reset_failed = socket_reset_failed,
-
- .control_pid = socket_control_pid,
-
- .bus_vtable = bus_socket_vtable,
- .bus_set_property = bus_socket_set_property,
- .bus_commit_properties = bus_socket_commit_properties,
-
- .status_message_formats = {
- /*.starting_stopping = {
- [0] = "Starting socket %s...",
- [1] = "Stopping socket %s...",
- },*/
- .finished_start_job = {
- [JOB_DONE] = "Listening on %s.",
- [JOB_FAILED] = "Failed to listen on %s.",
- [JOB_TIMEOUT] = "Timed out starting %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Closed %s.",
- [JOB_FAILED] = "Failed stopping %s.",
- [JOB_TIMEOUT] = "Timed out stopping %s.",
- },
- },
-};
diff --git a/src/core/socket.h b/src/core/socket.h
deleted file mode 100644
index 89f4664510..0000000000
--- a/src/core/socket.h
+++ /dev/null
@@ -1,197 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Socket Socket;
-typedef struct SocketPeer SocketPeer;
-
-#include "mount.h"
-#include "service.h"
-#include "socket-util.h"
-
-typedef enum SocketExecCommand {
- SOCKET_EXEC_START_PRE,
- SOCKET_EXEC_START_CHOWN,
- SOCKET_EXEC_START_POST,
- SOCKET_EXEC_STOP_PRE,
- SOCKET_EXEC_STOP_POST,
- _SOCKET_EXEC_COMMAND_MAX,
- _SOCKET_EXEC_COMMAND_INVALID = -1
-} SocketExecCommand;
-
-typedef enum SocketType {
- SOCKET_SOCKET,
- SOCKET_FIFO,
- SOCKET_SPECIAL,
- SOCKET_MQUEUE,
- SOCKET_USB_FUNCTION,
- _SOCKET_FIFO_MAX,
- _SOCKET_FIFO_INVALID = -1
-} SocketType;
-
-typedef enum SocketResult {
- SOCKET_SUCCESS,
- SOCKET_FAILURE_RESOURCES,
- SOCKET_FAILURE_TIMEOUT,
- SOCKET_FAILURE_EXIT_CODE,
- SOCKET_FAILURE_SIGNAL,
- SOCKET_FAILURE_CORE_DUMP,
- SOCKET_FAILURE_START_LIMIT_HIT,
- SOCKET_FAILURE_TRIGGER_LIMIT_HIT,
- SOCKET_FAILURE_SERVICE_START_LIMIT_HIT,
- _SOCKET_RESULT_MAX,
- _SOCKET_RESULT_INVALID = -1
-} SocketResult;
-
-typedef struct SocketPort {
- Socket *socket;
-
- SocketType type;
- int fd;
- int *auxiliary_fds;
- int n_auxiliary_fds;
-
- SocketAddress address;
- char *path;
- sd_event_source *event_source;
-
- LIST_FIELDS(struct SocketPort, port);
-} SocketPort;
-
-struct Socket {
- Unit meta;
-
- LIST_HEAD(SocketPort, ports);
-
- Set *peers_by_address;
-
- unsigned n_accepted;
- unsigned n_connections;
- unsigned max_connections;
- unsigned max_connections_per_source;
-
- unsigned backlog;
- unsigned keep_alive_cnt;
- usec_t timeout_usec;
- usec_t keep_alive_time;
- usec_t keep_alive_interval;
- usec_t defer_accept;
-
- ExecCommand* exec_command[_SOCKET_EXEC_COMMAND_MAX];
- ExecContext exec_context;
- KillContext kill_context;
- CGroupContext cgroup_context;
-
- ExecRuntime *exec_runtime;
- DynamicCreds dynamic_creds;
-
- /* For Accept=no sockets refers to the one service we'll
- activate. For Accept=yes sockets is either NULL, or filled
- when the next service we spawn. */
- UnitRef service;
-
- SocketState state, deserialized_state;
-
- sd_event_source *timer_event_source;
-
- ExecCommand* control_command;
- SocketExecCommand control_command_id;
- pid_t control_pid;
-
- mode_t directory_mode;
- mode_t socket_mode;
-
- SocketResult result;
-
- char **symlinks;
-
- bool accept;
- bool remove_on_stop;
- bool writable;
-
- int socket_protocol;
-
- /* Socket options */
- bool keep_alive;
- bool no_delay;
- bool free_bind;
- bool transparent;
- bool broadcast;
- bool pass_cred;
- bool pass_sec;
-
- /* Only for INET6 sockets: issue IPV6_V6ONLY sockopt */
- SocketAddressBindIPv6Only bind_ipv6_only;
-
- int priority;
- int mark;
- size_t receive_buffer;
- size_t send_buffer;
- int ip_tos;
- int ip_ttl;
- size_t pipe_size;
- char *bind_to_device;
- char *tcp_congestion;
- bool reuse_port;
- long mq_maxmsg;
- long mq_msgsize;
-
- char *smack;
- char *smack_ip_in;
- char *smack_ip_out;
-
- bool selinux_context_from_net;
-
- char *user, *group;
-
- bool reset_cpu_usage:1;
-
- char *fdname;
-
- RateLimit trigger_limit;
-};
-
-SocketPeer *socket_peer_ref(SocketPeer *p);
-SocketPeer *socket_peer_unref(SocketPeer *p);
-int socket_acquire_peer(Socket *s, int fd, SocketPeer **p);
-
-DEFINE_TRIVIAL_CLEANUP_FUNC(SocketPeer*, socket_peer_unref);
-
-/* Called from the service code when collecting fds */
-int socket_collect_fds(Socket *s, int **fds);
-
-/* Called from the service code when a per-connection service ended */
-void socket_connection_unref(Socket *s);
-
-void socket_free_ports(Socket *s);
-
-int socket_instantiate_service(Socket *s);
-
-char *socket_fdname(Socket *s);
-
-extern const UnitVTable socket_vtable;
-
-const char* socket_exec_command_to_string(SocketExecCommand i) _const_;
-SocketExecCommand socket_exec_command_from_string(const char *s) _pure_;
-
-const char* socket_result_to_string(SocketResult i) _const_;
-SocketResult socket_result_from_string(const char *s) _pure_;
-
-const char* socket_port_type_to_string(SocketPort *p) _pure_;
diff --git a/src/core/swap.c b/src/core/swap.c
deleted file mode 100644
index 2228a254bb..0000000000
--- a/src/core/swap.c
+++ /dev/null
@@ -1,1546 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <sys/epoll.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "libudev.h"
-
-#include "alloc-util.h"
-#include "dbus-swap.h"
-#include "escape.h"
-#include "exit-status.h"
-#include "fd-util.h"
-#include "formats-util.h"
-#include "fstab-util.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "swap.h"
-#include "udev-util.h"
-#include "unit-name.h"
-#include "unit.h"
-#include "virt.h"
-
-static const UnitActiveState state_translation_table[_SWAP_STATE_MAX] = {
- [SWAP_DEAD] = UNIT_INACTIVE,
- [SWAP_ACTIVATING] = UNIT_ACTIVATING,
- [SWAP_ACTIVATING_DONE] = UNIT_ACTIVE,
- [SWAP_ACTIVE] = UNIT_ACTIVE,
- [SWAP_DEACTIVATING] = UNIT_DEACTIVATING,
- [SWAP_ACTIVATING_SIGTERM] = UNIT_DEACTIVATING,
- [SWAP_ACTIVATING_SIGKILL] = UNIT_DEACTIVATING,
- [SWAP_DEACTIVATING_SIGTERM] = UNIT_DEACTIVATING,
- [SWAP_DEACTIVATING_SIGKILL] = UNIT_DEACTIVATING,
- [SWAP_FAILED] = UNIT_FAILED
-};
-
-static int swap_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
-static int swap_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
-
-static void swap_unset_proc_swaps(Swap *s) {
- assert(s);
-
- if (!s->from_proc_swaps)
- return;
-
- s->parameters_proc_swaps.what = mfree(s->parameters_proc_swaps.what);
-
- s->from_proc_swaps = false;
-}
-
-static int swap_set_devnode(Swap *s, const char *devnode) {
- Hashmap *swaps;
- Swap *first;
- int r;
-
- assert(s);
-
- r = hashmap_ensure_allocated(&UNIT(s)->manager->swaps_by_devnode, &string_hash_ops);
- if (r < 0)
- return r;
-
- swaps = UNIT(s)->manager->swaps_by_devnode;
-
- if (s->devnode) {
- first = hashmap_get(swaps, s->devnode);
-
- LIST_REMOVE(same_devnode, first, s);
- if (first)
- hashmap_replace(swaps, first->devnode, first);
- else
- hashmap_remove(swaps, s->devnode);
-
- s->devnode = mfree(s->devnode);
- }
-
- if (devnode) {
- s->devnode = strdup(devnode);
- if (!s->devnode)
- return -ENOMEM;
-
- first = hashmap_get(swaps, s->devnode);
- LIST_PREPEND(same_devnode, first, s);
-
- return hashmap_replace(swaps, first->devnode, first);
- }
-
- return 0;
-}
-
-static void swap_init(Unit *u) {
- Swap *s = SWAP(u);
-
- assert(s);
- assert(UNIT(s)->load_state == UNIT_STUB);
-
- s->timeout_usec = u->manager->default_timeout_start_usec;
-
- s->exec_context.std_output = u->manager->default_std_output;
- s->exec_context.std_error = u->manager->default_std_error;
-
- s->parameters_proc_swaps.priority = s->parameters_fragment.priority = -1;
-
- s->control_command_id = _SWAP_EXEC_COMMAND_INVALID;
-
- u->ignore_on_isolate = true;
-}
-
-static void swap_unwatch_control_pid(Swap *s) {
- assert(s);
-
- if (s->control_pid <= 0)
- return;
-
- unit_unwatch_pid(UNIT(s), s->control_pid);
- s->control_pid = 0;
-}
-
-static void swap_done(Unit *u) {
- Swap *s = SWAP(u);
-
- assert(s);
-
- swap_unset_proc_swaps(s);
- swap_set_devnode(s, NULL);
-
- s->what = mfree(s->what);
- s->parameters_fragment.what = mfree(s->parameters_fragment.what);
- s->parameters_fragment.options = mfree(s->parameters_fragment.options);
-
- s->exec_runtime = exec_runtime_unref(s->exec_runtime);
- exec_command_done_array(s->exec_command, _SWAP_EXEC_COMMAND_MAX);
- s->control_command = NULL;
-
- dynamic_creds_unref(&s->dynamic_creds);
-
- swap_unwatch_control_pid(s);
-
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
-}
-
-static int swap_arm_timer(Swap *s, usec_t usec) {
- int r;
-
- assert(s);
-
- if (s->timer_event_source) {
- r = sd_event_source_set_time(s->timer_event_source, usec);
- if (r < 0)
- return r;
-
- return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
- }
-
- if (usec == USEC_INFINITY)
- return 0;
-
- r = sd_event_add_time(
- UNIT(s)->manager->event,
- &s->timer_event_source,
- CLOCK_MONOTONIC,
- usec, 0,
- swap_dispatch_timer, s);
- if (r < 0)
- return r;
-
- (void) sd_event_source_set_description(s->timer_event_source, "swap-timer");
-
- return 0;
-}
-
-static int swap_add_device_links(Swap *s) {
- assert(s);
-
- if (!s->what)
- return 0;
-
- if (!s->from_fragment)
- return 0;
-
- if (is_device_path(s->what))
- return unit_add_node_link(UNIT(s), s->what, MANAGER_IS_SYSTEM(UNIT(s)->manager), UNIT_BINDS_TO);
- else
- /* File based swap devices need to be ordered after
- * systemd-remount-fs.service, since they might need a
- * writable file system. */
- return unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_REMOUNT_FS_SERVICE, NULL, true);
-}
-
-static int swap_add_default_dependencies(Swap *s) {
- int r;
-
- assert(s);
-
- if (!UNIT(s)->default_dependencies)
- return 0;
-
- if (!MANAGER_IS_SYSTEM(UNIT(s)->manager))
- return 0;
-
- if (detect_container() > 0)
- return 0;
-
- /* swap units generated for the swap dev links are missing the
- * ordering dep against the swap target. */
- r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SWAP_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_UMOUNT_TARGET, NULL, true);
-}
-
-static int swap_verify(Swap *s) {
- _cleanup_free_ char *e = NULL;
- int r;
-
- if (UNIT(s)->load_state != UNIT_LOADED)
- return 0;
-
- r = unit_name_from_path(s->what, ".swap", &e);
- if (r < 0)
- return log_unit_error_errno(UNIT(s), r, "Failed to generate unit name from path: %m");
-
- if (!unit_has_name(UNIT(s), e)) {
- log_unit_error(UNIT(s), "Value of What= and unit name do not match, not loading.");
- return -EINVAL;
- }
-
- if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
- log_unit_error(UNIT(s), "Unit has PAM enabled. Kill mode must be set to 'control-group'. Refusing to load.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int swap_load_devnode(Swap *s) {
- _cleanup_udev_device_unref_ struct udev_device *d = NULL;
- struct stat st;
- const char *p;
-
- assert(s);
-
- if (stat(s->what, &st) < 0 || !S_ISBLK(st.st_mode))
- return 0;
-
- d = udev_device_new_from_devnum(UNIT(s)->manager->udev, 'b', st.st_rdev);
- if (!d)
- return 0;
-
- p = udev_device_get_devnode(d);
- if (!p)
- return 0;
-
- return swap_set_devnode(s, p);
-}
-
-static int swap_load(Unit *u) {
- int r;
- Swap *s = SWAP(u);
-
- assert(s);
- assert(u->load_state == UNIT_STUB);
-
- /* Load a .swap file */
- r = unit_load_fragment_and_dropin_optional(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
-
- if (UNIT(s)->fragment_path)
- s->from_fragment = true;
-
- if (!s->what) {
- if (s->parameters_fragment.what)
- s->what = strdup(s->parameters_fragment.what);
- else if (s->parameters_proc_swaps.what)
- s->what = strdup(s->parameters_proc_swaps.what);
- else {
- r = unit_name_to_path(u->id, &s->what);
- if (r < 0)
- return r;
- }
-
- if (!s->what)
- return -ENOMEM;
- }
-
- path_kill_slashes(s->what);
-
- if (!UNIT(s)->description) {
- r = unit_set_description(u, s->what);
- if (r < 0)
- return r;
- }
-
- r = unit_require_mounts_for(UNIT(s), s->what);
- if (r < 0)
- return r;
-
- r = swap_add_device_links(s);
- if (r < 0)
- return r;
-
- r = swap_load_devnode(s);
- if (r < 0)
- return r;
-
- r = unit_patch_contexts(u);
- if (r < 0)
- return r;
-
- r = unit_add_exec_dependencies(u, &s->exec_context);
- if (r < 0)
- return r;
-
- r = unit_set_default_slice(u);
- if (r < 0)
- return r;
-
- r = swap_add_default_dependencies(s);
- if (r < 0)
- return r;
- }
-
- return swap_verify(s);
-}
-
-static int swap_setup_unit(
- Manager *m,
- const char *what,
- const char *what_proc_swaps,
- int priority,
- bool set_flags) {
-
- _cleanup_free_ char *e = NULL;
- bool delete = false;
- Unit *u = NULL;
- int r;
- SwapParameters *p;
-
- assert(m);
- assert(what);
- assert(what_proc_swaps);
-
- r = unit_name_from_path(what, ".swap", &e);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to generate unit name from path: %m");
-
- u = manager_get_unit(m, e);
-
- if (u &&
- SWAP(u)->from_proc_swaps &&
- !path_equal(SWAP(u)->parameters_proc_swaps.what, what_proc_swaps)) {
- log_error("Swap %s appeared twice with different device paths %s and %s", e, SWAP(u)->parameters_proc_swaps.what, what_proc_swaps);
- return -EEXIST;
- }
-
- if (!u) {
- delete = true;
-
- r = unit_new_for_name(m, sizeof(Swap), e, &u);
- if (r < 0)
- goto fail;
-
- SWAP(u)->what = strdup(what);
- if (!SWAP(u)->what) {
- r = -ENOMEM;
- goto fail;
- }
-
- unit_add_to_load_queue(u);
- } else
- delete = false;
-
- p = &SWAP(u)->parameters_proc_swaps;
-
- if (!p->what) {
- p->what = strdup(what_proc_swaps);
- if (!p->what) {
- r = -ENOMEM;
- goto fail;
- }
- }
-
- if (set_flags) {
- SWAP(u)->is_active = true;
- SWAP(u)->just_activated = !SWAP(u)->from_proc_swaps;
- }
-
- SWAP(u)->from_proc_swaps = true;
-
- p->priority = priority;
-
- unit_add_to_dbus_queue(u);
- return 0;
-
-fail:
- log_unit_warning_errno(u, r, "Failed to load swap unit: %m");
-
- if (delete && u)
- unit_free(u);
-
- return r;
-}
-
-static int swap_process_new(Manager *m, const char *device, int prio, bool set_flags) {
- _cleanup_udev_device_unref_ struct udev_device *d = NULL;
- struct udev_list_entry *item = NULL, *first = NULL;
- const char *dn;
- struct stat st;
- int r;
-
- assert(m);
-
- r = swap_setup_unit(m, device, device, prio, set_flags);
- if (r < 0)
- return r;
-
- /* If this is a block device, then let's add duplicates for
- * all other names of this block device */
- if (stat(device, &st) < 0 || !S_ISBLK(st.st_mode))
- return 0;
-
- d = udev_device_new_from_devnum(m->udev, 'b', st.st_rdev);
- if (!d)
- return 0;
-
- /* Add the main device node */
- dn = udev_device_get_devnode(d);
- if (dn && !streq(dn, device))
- swap_setup_unit(m, dn, device, prio, set_flags);
-
- /* Add additional units for all symlinks */
- first = udev_device_get_devlinks_list_entry(d);
- udev_list_entry_foreach(item, first) {
- const char *p;
-
- /* Don't bother with the /dev/block links */
- p = udev_list_entry_get_name(item);
-
- if (streq(p, device))
- continue;
-
- if (path_startswith(p, "/dev/block/"))
- continue;
-
- if (stat(p, &st) >= 0)
- if (!S_ISBLK(st.st_mode) ||
- st.st_rdev != udev_device_get_devnum(d))
- continue;
-
- swap_setup_unit(m, p, device, prio, set_flags);
- }
-
- return r;
-}
-
-static void swap_set_state(Swap *s, SwapState state) {
- SwapState old_state;
- Swap *other;
-
- assert(s);
-
- old_state = s->state;
- s->state = state;
-
- if (state != SWAP_ACTIVATING &&
- state != SWAP_ACTIVATING_SIGTERM &&
- state != SWAP_ACTIVATING_SIGKILL &&
- state != SWAP_ACTIVATING_DONE &&
- state != SWAP_DEACTIVATING &&
- state != SWAP_DEACTIVATING_SIGTERM &&
- state != SWAP_DEACTIVATING_SIGKILL) {
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
- swap_unwatch_control_pid(s);
- s->control_command = NULL;
- s->control_command_id = _SWAP_EXEC_COMMAND_INVALID;
- }
-
- if (state != old_state)
- log_unit_debug(UNIT(s), "Changed %s -> %s", swap_state_to_string(old_state), swap_state_to_string(state));
-
- unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
-
- /* If there other units for the same device node have a job
- queued it might be worth checking again if it is runnable
- now. This is necessary, since swap_start() refuses
- operation with EAGAIN if there's already another job for
- the same device node queued. */
- LIST_FOREACH_OTHERS(same_devnode, other, s)
- if (UNIT(other)->job)
- job_add_to_run_queue(UNIT(other)->job);
-}
-
-static int swap_coldplug(Unit *u) {
- Swap *s = SWAP(u);
- SwapState new_state = SWAP_DEAD;
- int r;
-
- assert(s);
- assert(s->state == SWAP_DEAD);
-
- if (s->deserialized_state != s->state)
- new_state = s->deserialized_state;
- else if (s->from_proc_swaps)
- new_state = SWAP_ACTIVE;
-
- if (new_state == s->state)
- return 0;
-
- if (s->control_pid > 0 &&
- pid_is_unwaited(s->control_pid) &&
- IN_SET(new_state,
- SWAP_ACTIVATING,
- SWAP_ACTIVATING_SIGTERM,
- SWAP_ACTIVATING_SIGKILL,
- SWAP_ACTIVATING_DONE,
- SWAP_DEACTIVATING,
- SWAP_DEACTIVATING_SIGTERM,
- SWAP_DEACTIVATING_SIGKILL)) {
-
- r = unit_watch_pid(UNIT(s), s->control_pid);
- if (r < 0)
- return r;
-
- r = swap_arm_timer(s, usec_add(u->state_change_timestamp.monotonic, s->timeout_usec));
- if (r < 0)
- return r;
- }
-
- if (!IN_SET(new_state, SWAP_DEAD, SWAP_FAILED))
- (void) unit_setup_dynamic_creds(u);
-
- swap_set_state(s, new_state);
- return 0;
-}
-
-static void swap_dump(Unit *u, FILE *f, const char *prefix) {
- Swap *s = SWAP(u);
- SwapParameters *p;
-
- assert(s);
- assert(f);
-
- if (s->from_proc_swaps)
- p = &s->parameters_proc_swaps;
- else if (s->from_fragment)
- p = &s->parameters_fragment;
- else
- p = NULL;
-
- fprintf(f,
- "%sSwap State: %s\n"
- "%sResult: %s\n"
- "%sWhat: %s\n"
- "%sFrom /proc/swaps: %s\n"
- "%sFrom fragment: %s\n",
- prefix, swap_state_to_string(s->state),
- prefix, swap_result_to_string(s->result),
- prefix, s->what,
- prefix, yes_no(s->from_proc_swaps),
- prefix, yes_no(s->from_fragment));
-
- if (s->devnode)
- fprintf(f, "%sDevice Node: %s\n", prefix, s->devnode);
-
- if (p)
- fprintf(f,
- "%sPriority: %i\n"
- "%sOptions: %s\n",
- prefix, p->priority,
- prefix, strempty(p->options));
-
- if (s->control_pid > 0)
- fprintf(f,
- "%sControl PID: "PID_FMT"\n",
- prefix, s->control_pid);
-
- exec_context_dump(&s->exec_context, f, prefix);
- kill_context_dump(&s->kill_context, f, prefix);
-}
-
-static int swap_spawn(Swap *s, ExecCommand *c, pid_t *_pid) {
- pid_t pid;
- int r;
- ExecParameters exec_params = {
- .flags = EXEC_APPLY_PERMISSIONS|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN,
- .stdin_fd = -1,
- .stdout_fd = -1,
- .stderr_fd = -1,
- };
-
- assert(s);
- assert(c);
- assert(_pid);
-
- (void) unit_realize_cgroup(UNIT(s));
- if (s->reset_cpu_usage) {
- (void) unit_reset_cpu_usage(UNIT(s));
- s->reset_cpu_usage = false;
- }
-
- r = unit_setup_exec_runtime(UNIT(s));
- if (r < 0)
- goto fail;
-
- r = unit_setup_dynamic_creds(UNIT(s));
- if (r < 0)
- return r;
-
- r = swap_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_usec));
- if (r < 0)
- goto fail;
-
- exec_params.environment = UNIT(s)->manager->environment;
- exec_params.flags |= UNIT(s)->manager->confirm_spawn ? EXEC_CONFIRM_SPAWN : 0;
- exec_params.cgroup_supported = UNIT(s)->manager->cgroup_supported;
- exec_params.cgroup_path = UNIT(s)->cgroup_path;
- exec_params.cgroup_delegate = s->cgroup_context.delegate;
- exec_params.runtime_prefix = manager_get_runtime_prefix(UNIT(s)->manager);
-
- r = exec_spawn(UNIT(s),
- c,
- &s->exec_context,
- &exec_params,
- s->exec_runtime,
- &s->dynamic_creds,
- &pid);
- if (r < 0)
- goto fail;
-
- r = unit_watch_pid(UNIT(s), pid);
- if (r < 0)
- /* FIXME: we need to do something here */
- goto fail;
-
- *_pid = pid;
-
- return 0;
-
-fail:
- s->timer_event_source = sd_event_source_unref(s->timer_event_source);
- return r;
-}
-
-static void swap_enter_dead(Swap *s, SwapResult f) {
- assert(s);
-
- if (s->result == SWAP_SUCCESS)
- s->result = f;
-
- swap_set_state(s, s->result != SWAP_SUCCESS ? SWAP_FAILED : SWAP_DEAD);
-
- exec_runtime_destroy(s->exec_runtime);
- s->exec_runtime = exec_runtime_unref(s->exec_runtime);
-
- exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
-
- unit_unref_uid_gid(UNIT(s), true);
-
- dynamic_creds_destroy(&s->dynamic_creds);
-}
-
-static void swap_enter_active(Swap *s, SwapResult f) {
- assert(s);
-
- if (s->result == SWAP_SUCCESS)
- s->result = f;
-
- swap_set_state(s, SWAP_ACTIVE);
-}
-
-static void swap_enter_signal(Swap *s, SwapState state, SwapResult f) {
- int r;
-
- assert(s);
-
- if (s->result == SWAP_SUCCESS)
- s->result = f;
-
- r = unit_kill_context(
- UNIT(s),
- &s->kill_context,
- (state != SWAP_ACTIVATING_SIGTERM && state != SWAP_DEACTIVATING_SIGTERM) ?
- KILL_KILL : KILL_TERMINATE,
- -1,
- s->control_pid,
- false);
- if (r < 0)
- goto fail;
-
- if (r > 0) {
- r = swap_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_usec));
- if (r < 0)
- goto fail;
-
- swap_set_state(s, state);
- } else if (state == SWAP_ACTIVATING_SIGTERM)
- swap_enter_signal(s, SWAP_ACTIVATING_SIGKILL, SWAP_SUCCESS);
- else if (state == SWAP_DEACTIVATING_SIGTERM)
- swap_enter_signal(s, SWAP_DEACTIVATING_SIGKILL, SWAP_SUCCESS);
- else
- swap_enter_dead(s, SWAP_SUCCESS);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
- swap_enter_dead(s, SWAP_FAILURE_RESOURCES);
-}
-
-static void swap_enter_activating(Swap *s) {
- _cleanup_free_ char *opts = NULL;
- int r;
-
- assert(s);
-
- s->control_command_id = SWAP_EXEC_ACTIVATE;
- s->control_command = s->exec_command + SWAP_EXEC_ACTIVATE;
-
- if (s->from_fragment) {
- int priority = -1;
-
- r = fstab_find_pri(s->parameters_fragment.options, &priority);
- if (r < 0)
- log_warning_errno(r, "Failed to parse swap priority \"%s\", ignoring: %m", s->parameters_fragment.options);
- else if (r == 1 && s->parameters_fragment.priority >= 0)
- log_warning("Duplicate swap priority configuration by Priority and Options fields.");
-
- if (r <= 0 && s->parameters_fragment.priority >= 0) {
- if (s->parameters_fragment.options)
- r = asprintf(&opts, "%s,pri=%i", s->parameters_fragment.options, s->parameters_fragment.priority);
- else
- r = asprintf(&opts, "pri=%i", s->parameters_fragment.priority);
- if (r < 0)
- goto fail;
- }
- }
-
- r = exec_command_set(s->control_command, "/sbin/swapon", NULL);
- if (r < 0)
- goto fail;
-
- if (s->parameters_fragment.options || opts) {
- r = exec_command_append(s->control_command, "-o",
- opts ? : s->parameters_fragment.options, NULL);
- if (r < 0)
- goto fail;
- }
-
- r = exec_command_append(s->control_command, s->what, NULL);
- if (r < 0)
- goto fail;
-
- swap_unwatch_control_pid(s);
-
- r = swap_spawn(s, s->control_command, &s->control_pid);
- if (r < 0)
- goto fail;
-
- swap_set_state(s, SWAP_ACTIVATING);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'swapon' task: %m");
- swap_enter_dead(s, SWAP_FAILURE_RESOURCES);
-}
-
-static void swap_enter_deactivating(Swap *s) {
- int r;
-
- assert(s);
-
- s->control_command_id = SWAP_EXEC_DEACTIVATE;
- s->control_command = s->exec_command + SWAP_EXEC_DEACTIVATE;
-
- r = exec_command_set(s->control_command,
- "/sbin/swapoff",
- s->what,
- NULL);
- if (r < 0)
- goto fail;
-
- swap_unwatch_control_pid(s);
-
- r = swap_spawn(s, s->control_command, &s->control_pid);
- if (r < 0)
- goto fail;
-
- swap_set_state(s, SWAP_DEACTIVATING);
-
- return;
-
-fail:
- log_unit_warning_errno(UNIT(s), r, "Failed to run 'swapoff' task: %m");
- swap_enter_active(s, SWAP_FAILURE_RESOURCES);
-}
-
-static int swap_start(Unit *u) {
- Swap *s = SWAP(u), *other;
- int r;
-
- assert(s);
-
- /* We cannot fulfill this request right now, try again later
- * please! */
-
- if (s->state == SWAP_DEACTIVATING ||
- s->state == SWAP_DEACTIVATING_SIGTERM ||
- s->state == SWAP_DEACTIVATING_SIGKILL ||
- s->state == SWAP_ACTIVATING_SIGTERM ||
- s->state == SWAP_ACTIVATING_SIGKILL)
- return -EAGAIN;
-
- if (s->state == SWAP_ACTIVATING)
- return 0;
-
- assert(s->state == SWAP_DEAD || s->state == SWAP_FAILED);
-
- if (detect_container() > 0)
- return -EPERM;
-
- /* If there's a job for another swap unit for the same node
- * running, then let's not dispatch this one for now, and wait
- * until that other job has finished. */
- LIST_FOREACH_OTHERS(same_devnode, other, s)
- if (UNIT(other)->job && UNIT(other)->job->state == JOB_RUNNING)
- return -EAGAIN;
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- swap_enter_dead(s, SWAP_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- s->result = SWAP_SUCCESS;
- s->reset_cpu_usage = true;
-
- swap_enter_activating(s);
- return 1;
-}
-
-static int swap_stop(Unit *u) {
- Swap *s = SWAP(u);
-
- assert(s);
-
- if (s->state == SWAP_DEACTIVATING ||
- s->state == SWAP_DEACTIVATING_SIGTERM ||
- s->state == SWAP_DEACTIVATING_SIGKILL ||
- s->state == SWAP_ACTIVATING_SIGTERM ||
- s->state == SWAP_ACTIVATING_SIGKILL)
- return 0;
-
- assert(s->state == SWAP_ACTIVATING ||
- s->state == SWAP_ACTIVATING_DONE ||
- s->state == SWAP_ACTIVE);
-
- if (detect_container() > 0)
- return -EPERM;
-
- swap_enter_deactivating(s);
- return 1;
-}
-
-static int swap_serialize(Unit *u, FILE *f, FDSet *fds) {
- Swap *s = SWAP(u);
-
- assert(s);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", swap_state_to_string(s->state));
- unit_serialize_item(u, f, "result", swap_result_to_string(s->result));
-
- if (s->control_pid > 0)
- unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
-
- if (s->control_command_id >= 0)
- unit_serialize_item(u, f, "control-command", swap_exec_command_to_string(s->control_command_id));
-
- return 0;
-}
-
-static int swap_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Swap *s = SWAP(u);
-
- assert(s);
- assert(fds);
-
- if (streq(key, "state")) {
- SwapState state;
-
- state = swap_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- s->deserialized_state = state;
- } else if (streq(key, "result")) {
- SwapResult f;
-
- f = swap_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != SWAP_SUCCESS)
- s->result = f;
- } else if (streq(key, "control-pid")) {
- pid_t pid;
-
- if (parse_pid(value, &pid) < 0)
- log_unit_debug(u, "Failed to parse control-pid value: %s", value);
- else
- s->control_pid = pid;
-
- } else if (streq(key, "control-command")) {
- SwapExecCommand id;
-
- id = swap_exec_command_from_string(value);
- if (id < 0)
- log_unit_debug(u, "Failed to parse exec-command value: %s", value);
- else {
- s->control_command_id = id;
- s->control_command = s->exec_command + id;
- }
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState swap_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[SWAP(u)->state];
-}
-
-_pure_ static const char *swap_sub_state_to_string(Unit *u) {
- assert(u);
-
- return swap_state_to_string(SWAP(u)->state);
-}
-
-_pure_ static bool swap_check_gc(Unit *u) {
- Swap *s = SWAP(u);
-
- assert(s);
-
- return s->from_proc_swaps;
-}
-
-static void swap_sigchld_event(Unit *u, pid_t pid, int code, int status) {
- Swap *s = SWAP(u);
- SwapResult f;
-
- assert(s);
- assert(pid >= 0);
-
- if (pid != s->control_pid)
- return;
-
- s->control_pid = 0;
-
- if (is_clean_exit(code, status, EXIT_CLEAN_COMMAND, NULL))
- f = SWAP_SUCCESS;
- else if (code == CLD_EXITED)
- f = SWAP_FAILURE_EXIT_CODE;
- else if (code == CLD_KILLED)
- f = SWAP_FAILURE_SIGNAL;
- else if (code == CLD_DUMPED)
- f = SWAP_FAILURE_CORE_DUMP;
- else
- assert_not_reached("Unknown code");
-
- if (s->result == SWAP_SUCCESS)
- s->result = f;
-
- if (s->control_command) {
- exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
-
- s->control_command = NULL;
- s->control_command_id = _SWAP_EXEC_COMMAND_INVALID;
- }
-
- log_unit_full(u, f == SWAP_SUCCESS ? LOG_DEBUG : LOG_NOTICE, 0,
- "Swap process exited, code=%s status=%i", sigchld_code_to_string(code), status);
-
- switch (s->state) {
-
- case SWAP_ACTIVATING:
- case SWAP_ACTIVATING_DONE:
- case SWAP_ACTIVATING_SIGTERM:
- case SWAP_ACTIVATING_SIGKILL:
-
- if (f == SWAP_SUCCESS)
- swap_enter_active(s, f);
- else
- swap_enter_dead(s, f);
- break;
-
- case SWAP_DEACTIVATING:
- case SWAP_DEACTIVATING_SIGKILL:
- case SWAP_DEACTIVATING_SIGTERM:
-
- swap_enter_dead(s, f);
- break;
-
- default:
- assert_not_reached("Uh, control process died at wrong time.");
- }
-
- /* Notify clients about changed exit status */
- unit_add_to_dbus_queue(u);
-}
-
-static int swap_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
- Swap *s = SWAP(userdata);
-
- assert(s);
- assert(s->timer_event_source == source);
-
- switch (s->state) {
-
- case SWAP_ACTIVATING:
- case SWAP_ACTIVATING_DONE:
- log_unit_warning(UNIT(s), "Activation timed out. Stopping.");
- swap_enter_signal(s, SWAP_ACTIVATING_SIGTERM, SWAP_FAILURE_TIMEOUT);
- break;
-
- case SWAP_DEACTIVATING:
- log_unit_warning(UNIT(s), "Deactivation timed out. Stopping.");
- swap_enter_signal(s, SWAP_DEACTIVATING_SIGTERM, SWAP_FAILURE_TIMEOUT);
- break;
-
- case SWAP_ACTIVATING_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "Activation timed out. Killing.");
- swap_enter_signal(s, SWAP_ACTIVATING_SIGKILL, SWAP_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "Activation timed out. Skipping SIGKILL. Ignoring.");
- swap_enter_dead(s, SWAP_FAILURE_TIMEOUT);
- }
- break;
-
- case SWAP_DEACTIVATING_SIGTERM:
- if (s->kill_context.send_sigkill) {
- log_unit_warning(UNIT(s), "Deactivation timed out. Killing.");
- swap_enter_signal(s, SWAP_DEACTIVATING_SIGKILL, SWAP_FAILURE_TIMEOUT);
- } else {
- log_unit_warning(UNIT(s), "Deactivation timed out. Skipping SIGKILL. Ignoring.");
- swap_enter_dead(s, SWAP_FAILURE_TIMEOUT);
- }
- break;
-
- case SWAP_ACTIVATING_SIGKILL:
- case SWAP_DEACTIVATING_SIGKILL:
- log_unit_warning(UNIT(s), "Swap process still around after SIGKILL. Ignoring.");
- swap_enter_dead(s, SWAP_FAILURE_TIMEOUT);
- break;
-
- default:
- assert_not_reached("Timeout at wrong time.");
- }
-
- return 0;
-}
-
-static int swap_load_proc_swaps(Manager *m, bool set_flags) {
- unsigned i;
- int r = 0;
-
- assert(m);
-
- rewind(m->proc_swaps);
-
- (void) fscanf(m->proc_swaps, "%*s %*s %*s %*s %*s\n");
-
- for (i = 1;; i++) {
- _cleanup_free_ char *dev = NULL, *d = NULL;
- int prio = 0, k;
-
- k = fscanf(m->proc_swaps,
- "%ms " /* device/file */
- "%*s " /* type of swap */
- "%*s " /* swap size */
- "%*s " /* used */
- "%i\n", /* priority */
- &dev, &prio);
- if (k != 2) {
- if (k == EOF)
- break;
-
- log_warning("Failed to parse /proc/swaps:%u.", i);
- continue;
- }
-
- if (cunescape(dev, UNESCAPE_RELAX, &d) < 0)
- return log_oom();
-
- device_found_node(m, d, true, DEVICE_FOUND_SWAP, set_flags);
-
- k = swap_process_new(m, d, prio, set_flags);
- if (k < 0)
- r = k;
- }
-
- return r;
-}
-
-static int swap_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
- Manager *m = userdata;
- Unit *u;
- int r;
-
- assert(m);
- assert(revents & EPOLLPRI);
-
- r = swap_load_proc_swaps(m, true);
- if (r < 0) {
- log_error_errno(r, "Failed to reread /proc/swaps: %m");
-
- /* Reset flags, just in case, for late calls */
- LIST_FOREACH(units_by_type, u, m->units_by_type[UNIT_SWAP]) {
- Swap *swap = SWAP(u);
-
- swap->is_active = swap->just_activated = false;
- }
-
- return 0;
- }
-
- manager_dispatch_load_queue(m);
-
- LIST_FOREACH(units_by_type, u, m->units_by_type[UNIT_SWAP]) {
- Swap *swap = SWAP(u);
-
- if (!swap->is_active) {
- /* This has just been deactivated */
-
- swap_unset_proc_swaps(swap);
-
- switch (swap->state) {
-
- case SWAP_ACTIVE:
- swap_enter_dead(swap, SWAP_SUCCESS);
- break;
-
- default:
- /* Fire again */
- swap_set_state(swap, swap->state);
- break;
- }
-
- if (swap->what)
- device_found_node(m, swap->what, false, DEVICE_FOUND_SWAP, true);
-
- } else if (swap->just_activated) {
-
- /* New swap entry */
-
- switch (swap->state) {
-
- case SWAP_DEAD:
- case SWAP_FAILED:
- (void) unit_acquire_invocation_id(UNIT(swap));
- swap_enter_active(swap, SWAP_SUCCESS);
- break;
-
- case SWAP_ACTIVATING:
- swap_set_state(swap, SWAP_ACTIVATING_DONE);
- break;
-
- default:
- /* Nothing really changed, but let's
- * issue an notification call
- * nonetheless, in case somebody is
- * waiting for this. */
- swap_set_state(swap, swap->state);
- break;
- }
- }
-
- /* Reset the flags for later calls */
- swap->is_active = swap->just_activated = false;
- }
-
- return 1;
-}
-
-static Unit *swap_following(Unit *u) {
- Swap *s = SWAP(u);
- Swap *other, *first = NULL;
-
- assert(s);
-
- /* If the user configured the swap through /etc/fstab or
- * a device unit, follow that. */
-
- if (s->from_fragment)
- return NULL;
-
- LIST_FOREACH_OTHERS(same_devnode, other, s)
- if (other->from_fragment)
- return UNIT(other);
-
- /* Otherwise, make everybody follow the unit that's named after
- * the swap device in the kernel */
-
- if (streq_ptr(s->what, s->devnode))
- return NULL;
-
- LIST_FOREACH_AFTER(same_devnode, other, s)
- if (streq_ptr(other->what, other->devnode))
- return UNIT(other);
-
- LIST_FOREACH_BEFORE(same_devnode, other, s) {
- if (streq_ptr(other->what, other->devnode))
- return UNIT(other);
-
- first = other;
- }
-
- /* Fall back to the first on the list */
- return UNIT(first);
-}
-
-static int swap_following_set(Unit *u, Set **_set) {
- Swap *s = SWAP(u), *other;
- Set *set;
- int r;
-
- assert(s);
- assert(_set);
-
- if (LIST_JUST_US(same_devnode, s)) {
- *_set = NULL;
- return 0;
- }
-
- set = set_new(NULL);
- if (!set)
- return -ENOMEM;
-
- LIST_FOREACH_OTHERS(same_devnode, other, s) {
- r = set_put(set, other);
- if (r < 0)
- goto fail;
- }
-
- *_set = set;
- return 1;
-
-fail:
- set_free(set);
- return r;
-}
-
-static void swap_shutdown(Manager *m) {
- assert(m);
-
- m->swap_event_source = sd_event_source_unref(m->swap_event_source);
-
- m->proc_swaps = safe_fclose(m->proc_swaps);
-
- m->swaps_by_devnode = hashmap_free(m->swaps_by_devnode);
-}
-
-static void swap_enumerate(Manager *m) {
- int r;
-
- assert(m);
-
- if (!m->proc_swaps) {
- m->proc_swaps = fopen("/proc/swaps", "re");
- if (!m->proc_swaps) {
- if (errno == ENOENT)
- log_debug("Not swap enabled, skipping enumeration");
- else
- log_error_errno(errno, "Failed to open /proc/swaps: %m");
-
- return;
- }
-
- r = sd_event_add_io(m->event, &m->swap_event_source, fileno(m->proc_swaps), EPOLLPRI, swap_dispatch_io, m);
- if (r < 0) {
- log_error_errno(r, "Failed to watch /proc/swaps: %m");
- goto fail;
- }
-
- /* Dispatch this before we dispatch SIGCHLD, so that
- * we always get the events from /proc/swaps before
- * the SIGCHLD of /sbin/swapon. */
- r = sd_event_source_set_priority(m->swap_event_source, -10);
- if (r < 0) {
- log_error_errno(r, "Failed to change /proc/swaps priority: %m");
- goto fail;
- }
-
- (void) sd_event_source_set_description(m->swap_event_source, "swap-proc");
- }
-
- r = swap_load_proc_swaps(m, false);
- if (r < 0)
- goto fail;
-
- return;
-
-fail:
- swap_shutdown(m);
-}
-
-int swap_process_device_new(Manager *m, struct udev_device *dev) {
- struct udev_list_entry *item = NULL, *first = NULL;
- _cleanup_free_ char *e = NULL;
- const char *dn;
- Swap *s;
- int r = 0;
-
- assert(m);
- assert(dev);
-
- dn = udev_device_get_devnode(dev);
- if (!dn)
- return 0;
-
- r = unit_name_from_path(dn, ".swap", &e);
- if (r < 0)
- return r;
-
- s = hashmap_get(m->units, e);
- if (s)
- r = swap_set_devnode(s, dn);
-
- first = udev_device_get_devlinks_list_entry(dev);
- udev_list_entry_foreach(item, first) {
- _cleanup_free_ char *n = NULL;
- int q;
-
- q = unit_name_from_path(udev_list_entry_get_name(item), ".swap", &n);
- if (q < 0)
- return q;
-
- s = hashmap_get(m->units, n);
- if (s) {
- q = swap_set_devnode(s, dn);
- if (q < 0)
- r = q;
- }
- }
-
- return r;
-}
-
-int swap_process_device_remove(Manager *m, struct udev_device *dev) {
- const char *dn;
- int r = 0;
- Swap *s;
-
- dn = udev_device_get_devnode(dev);
- if (!dn)
- return 0;
-
- while ((s = hashmap_get(m->swaps_by_devnode, dn))) {
- int q;
-
- q = swap_set_devnode(s, NULL);
- if (q < 0)
- r = q;
- }
-
- return r;
-}
-
-static void swap_reset_failed(Unit *u) {
- Swap *s = SWAP(u);
-
- assert(s);
-
- if (s->state == SWAP_FAILED)
- swap_set_state(s, SWAP_DEAD);
-
- s->result = SWAP_SUCCESS;
-}
-
-static int swap_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
- return unit_kill_common(u, who, signo, -1, SWAP(u)->control_pid, error);
-}
-
-static int swap_get_timeout(Unit *u, usec_t *timeout) {
- Swap *s = SWAP(u);
- usec_t t;
- int r;
-
- if (!s->timer_event_source)
- return 0;
-
- r = sd_event_source_get_time(s->timer_event_source, &t);
- if (r < 0)
- return r;
- if (t == USEC_INFINITY)
- return 0;
-
- *timeout = t;
- return 1;
-}
-
-static bool swap_supported(void) {
- static int supported = -1;
-
- /* If swap support is not available in the kernel, or we are
- * running in a container we don't support swap units, and any
- * attempts to starting one should fail immediately. */
-
- if (supported < 0)
- supported =
- access("/proc/swaps", F_OK) >= 0 &&
- detect_container() <= 0;
-
- return supported;
-}
-
-static int swap_control_pid(Unit *u) {
- Swap *s = SWAP(u);
-
- assert(s);
-
- return s->control_pid;
-}
-
-static const char* const swap_exec_command_table[_SWAP_EXEC_COMMAND_MAX] = {
- [SWAP_EXEC_ACTIVATE] = "ExecActivate",
- [SWAP_EXEC_DEACTIVATE] = "ExecDeactivate",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(swap_exec_command, SwapExecCommand);
-
-static const char* const swap_result_table[_SWAP_RESULT_MAX] = {
- [SWAP_SUCCESS] = "success",
- [SWAP_FAILURE_RESOURCES] = "resources",
- [SWAP_FAILURE_TIMEOUT] = "timeout",
- [SWAP_FAILURE_EXIT_CODE] = "exit-code",
- [SWAP_FAILURE_SIGNAL] = "signal",
- [SWAP_FAILURE_CORE_DUMP] = "core-dump",
- [SWAP_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(swap_result, SwapResult);
-
-const UnitVTable swap_vtable = {
- .object_size = sizeof(Swap),
- .exec_context_offset = offsetof(Swap, exec_context),
- .cgroup_context_offset = offsetof(Swap, cgroup_context),
- .kill_context_offset = offsetof(Swap, kill_context),
- .exec_runtime_offset = offsetof(Swap, exec_runtime),
- .dynamic_creds_offset = offsetof(Swap, dynamic_creds),
-
- .sections =
- "Unit\0"
- "Swap\0"
- "Install\0",
- .private_section = "Swap",
-
- .init = swap_init,
- .load = swap_load,
- .done = swap_done,
-
- .coldplug = swap_coldplug,
-
- .dump = swap_dump,
-
- .start = swap_start,
- .stop = swap_stop,
-
- .kill = swap_kill,
-
- .get_timeout = swap_get_timeout,
-
- .serialize = swap_serialize,
- .deserialize_item = swap_deserialize_item,
-
- .active_state = swap_active_state,
- .sub_state_to_string = swap_sub_state_to_string,
-
- .check_gc = swap_check_gc,
-
- .sigchld_event = swap_sigchld_event,
-
- .reset_failed = swap_reset_failed,
-
- .control_pid = swap_control_pid,
-
- .bus_vtable = bus_swap_vtable,
- .bus_set_property = bus_swap_set_property,
- .bus_commit_properties = bus_swap_commit_properties,
-
- .following = swap_following,
- .following_set = swap_following_set,
-
- .enumerate = swap_enumerate,
- .shutdown = swap_shutdown,
- .supported = swap_supported,
-
- .status_message_formats = {
- .starting_stopping = {
- [0] = "Activating swap %s...",
- [1] = "Deactivating swap %s...",
- },
- .finished_start_job = {
- [JOB_DONE] = "Activated swap %s.",
- [JOB_FAILED] = "Failed to activate swap %s.",
- [JOB_TIMEOUT] = "Timed out activating swap %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Deactivated swap %s.",
- [JOB_FAILED] = "Failed deactivating swap %s.",
- [JOB_TIMEOUT] = "Timed out deactivating swap %s.",
- },
- },
-};
diff --git a/src/core/swap.h b/src/core/swap.h
deleted file mode 100644
index b0ef50f1e8..0000000000
--- a/src/core/swap.h
+++ /dev/null
@@ -1,111 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
- Copyright 2010 Maarten Lankhorst
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "libudev.h"
-
-typedef struct Swap Swap;
-
-typedef enum SwapExecCommand {
- SWAP_EXEC_ACTIVATE,
- SWAP_EXEC_DEACTIVATE,
- _SWAP_EXEC_COMMAND_MAX,
- _SWAP_EXEC_COMMAND_INVALID = -1
-} SwapExecCommand;
-
-typedef enum SwapResult {
- SWAP_SUCCESS,
- SWAP_FAILURE_RESOURCES,
- SWAP_FAILURE_TIMEOUT,
- SWAP_FAILURE_EXIT_CODE,
- SWAP_FAILURE_SIGNAL,
- SWAP_FAILURE_CORE_DUMP,
- SWAP_FAILURE_START_LIMIT_HIT,
- _SWAP_RESULT_MAX,
- _SWAP_RESULT_INVALID = -1
-} SwapResult;
-
-typedef struct SwapParameters {
- char *what;
- char *options;
- int priority;
-} SwapParameters;
-
-struct Swap {
- Unit meta;
-
- char *what;
-
- /* If the device has already shown up, this is the device
- * node, which might be different from what, due to
- * symlinks */
- char *devnode;
-
- SwapParameters parameters_proc_swaps;
- SwapParameters parameters_fragment;
-
- bool from_proc_swaps:1;
- bool from_fragment:1;
-
- /* Used while looking for swaps that vanished or got added
- * from/to /proc/swaps */
- bool is_active:1;
- bool just_activated:1;
-
- bool reset_cpu_usage:1;
-
- SwapResult result;
-
- usec_t timeout_usec;
-
- ExecCommand exec_command[_SWAP_EXEC_COMMAND_MAX];
- ExecContext exec_context;
- KillContext kill_context;
- CGroupContext cgroup_context;
-
- ExecRuntime *exec_runtime;
- DynamicCreds dynamic_creds;
-
- SwapState state, deserialized_state;
-
- ExecCommand* control_command;
- SwapExecCommand control_command_id;
- pid_t control_pid;
-
- sd_event_source *timer_event_source;
-
- /* In order to be able to distinguish dependencies on
- different device nodes we might end up creating multiple
- devices for the same swap. We chain them up here. */
-
- LIST_FIELDS(struct Swap, same_devnode);
-};
-
-extern const UnitVTable swap_vtable;
-
-int swap_process_device_new(Manager *m, struct udev_device *dev);
-int swap_process_device_remove(Manager *m, struct udev_device *dev);
-
-const char* swap_exec_command_to_string(SwapExecCommand i) _const_;
-SwapExecCommand swap_exec_command_from_string(const char *s) _pure_;
-
-const char* swap_result_to_string(SwapResult i) _const_;
-SwapResult swap_result_from_string(const char *s) _pure_;
diff --git a/src/core/system.conf b/src/core/system.conf
deleted file mode 100644
index 746572b7ff..0000000000
--- a/src/core/system.conf
+++ /dev/null
@@ -1,62 +0,0 @@
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-#
-# Entries in this file show the compile time defaults.
-# You can change settings by editing this file.
-# Defaults can be restored by simply deleting this file.
-#
-# See systemd-system.conf(5) for details.
-
-[Manager]
-#LogLevel=info
-#LogTarget=journal-or-kmsg
-#LogColor=yes
-#LogLocation=no
-#DumpCore=yes
-#ShowStatus=yes
-#CrashChangeVT=no
-#CrashShell=no
-#CrashReboot=no
-#CtrlAltDelBurstAction=reboot-force
-#CPUAffinity=1 2
-#JoinControllers=cpu,cpuacct net_cls,net_prio
-#RuntimeWatchdogSec=0
-#ShutdownWatchdogSec=10min
-#CapabilityBoundingSet=
-#SystemCallArchitectures=
-#TimerSlackNSec=
-#DefaultTimerAccuracySec=1min
-#DefaultStandardOutput=journal
-#DefaultStandardError=inherit
-#DefaultTimeoutStartSec=90s
-#DefaultTimeoutStopSec=90s
-#DefaultRestartSec=100ms
-#DefaultStartLimitIntervalSec=10s
-#DefaultStartLimitBurst=5
-#DefaultEnvironment=
-#DefaultCPUAccounting=no
-#DefaultIOAccounting=no
-#DefaultBlockIOAccounting=no
-#DefaultMemoryAccounting=no
-#DefaultTasksAccounting=yes
-#DefaultTasksMax=15%
-#DefaultLimitCPU=
-#DefaultLimitFSIZE=
-#DefaultLimitDATA=
-#DefaultLimitSTACK=
-#DefaultLimitCORE=
-#DefaultLimitRSS=
-#DefaultLimitNOFILE=
-#DefaultLimitAS=
-#DefaultLimitNPROC=
-#DefaultLimitMEMLOCK=
-#DefaultLimitLOCKS=
-#DefaultLimitSIGPENDING=
-#DefaultLimitMSGQUEUE=
-#DefaultLimitNICE=
-#DefaultLimitRTPRIO=
-#DefaultLimitRTTIME=
diff --git a/src/core/systemd.pc.in b/src/core/systemd.pc.in
deleted file mode 100644
index ac52b30dd3..0000000000
--- a/src/core/systemd.pc.in
+++ /dev/null
@@ -1,34 +0,0 @@
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-
-prefix=@prefix@
-systemdutildir=@rootlibexecdir@
-systemdsystemunitdir=@systemunitdir@
-systemdsystempresetdir=@systempresetdir@
-systemduserunitdir=@userunitdir@
-systemduserpresetdir=@userpresetdir@
-systemdsystemconfdir=@pkgsysconfdir@/system
-systemduserconfdir=@pkgsysconfdir@/user
-systemdsystemunitpath=${systemdsystemconfdir}:/etc/systemd/system:/run/systemd/system:/usr/local/lib/systemd/system:${systemdsystemunitdir}:/usr/lib/systemd/system:/lib/systemd/system
-systemduserunitpath=${systemduserconfdir}:/etc/systemd/user:/run/systemd/user:/usr/local/lib/systemd/user:/usr/local/share/systemd/user:${systemduserunitdir}:/usr/lib/systemd/user:/usr/share/systemd/user
-systemdsystemgeneratordir=@systemgeneratordir@
-systemdusergeneratordir=@usergeneratordir@
-systemdsleepdir=@systemsleepdir@
-systemdshutdowndir=@systemshutdowndir@
-tmpfilesdir=@tmpfilesdir@
-sysusersdir=@sysusersdir@
-sysctldir=@sysctldir@
-binfmtdir=@binfmtdir@
-modulesloaddir=@modulesloaddir@
-catalogdir=@catalogdir@
-systemuidmax=@systemuidmax@
-systemgidmax=@systemgidmax@
-
-Name: systemd
-Description: systemd System and Service Manager
-URL: @PACKAGE_URL@
-Version: @PACKAGE_VERSION@
diff --git a/src/core/target.c b/src/core/target.c
deleted file mode 100644
index 765c1f3fa4..0000000000
--- a/src/core/target.c
+++ /dev/null
@@ -1,228 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "dbus-target.h"
-#include "log.h"
-#include "special.h"
-#include "string-util.h"
-#include "unit-name.h"
-#include "unit.h"
-#include "target.h"
-
-static const UnitActiveState state_translation_table[_TARGET_STATE_MAX] = {
- [TARGET_DEAD] = UNIT_INACTIVE,
- [TARGET_ACTIVE] = UNIT_ACTIVE
-};
-
-static void target_set_state(Target *t, TargetState state) {
- TargetState old_state;
- assert(t);
-
- old_state = t->state;
- t->state = state;
-
- if (state != old_state)
- log_debug("%s changed %s -> %s",
- UNIT(t)->id,
- target_state_to_string(old_state),
- target_state_to_string(state));
-
- unit_notify(UNIT(t), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static int target_add_default_dependencies(Target *t) {
-
- static const UnitDependency deps[] = {
- UNIT_REQUIRES,
- UNIT_REQUISITE,
- UNIT_WANTS,
- UNIT_BINDS_TO,
- UNIT_PART_OF
- };
-
- Iterator i;
- Unit *other;
- int r;
- unsigned k;
-
- assert(t);
-
- /* Imply ordering for requirement dependencies on target
- * units. Note that when the user created a contradicting
- * ordering manually we won't add anything in here to make
- * sure we don't create a loop. */
-
- for (k = 0; k < ELEMENTSOF(deps); k++)
- SET_FOREACH(other, UNIT(t)->dependencies[deps[k]], i) {
- r = unit_add_default_target_dependency(other, UNIT(t));
- if (r < 0)
- return r;
- }
-
- /* Make sure targets are unloaded on shutdown */
- return unit_add_dependency_by_name(UNIT(t), UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
-}
-
-static int target_load(Unit *u) {
- Target *t = TARGET(u);
- int r;
-
- assert(t);
-
- r = unit_load_fragment_and_dropin(u);
- if (r < 0)
- return r;
-
- /* This is a new unit? Then let's add in some extras */
- if (u->load_state == UNIT_LOADED && u->default_dependencies) {
- r = target_add_default_dependencies(t);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static int target_coldplug(Unit *u) {
- Target *t = TARGET(u);
-
- assert(t);
- assert(t->state == TARGET_DEAD);
-
- if (t->deserialized_state != t->state)
- target_set_state(t, t->deserialized_state);
-
- return 0;
-}
-
-static void target_dump(Unit *u, FILE *f, const char *prefix) {
- Target *t = TARGET(u);
-
- assert(t);
- assert(f);
-
- fprintf(f,
- "%sTarget State: %s\n",
- prefix, target_state_to_string(t->state));
-}
-
-static int target_start(Unit *u) {
- Target *t = TARGET(u);
- int r;
-
- assert(t);
- assert(t->state == TARGET_DEAD);
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- target_set_state(t, TARGET_ACTIVE);
- return 1;
-}
-
-static int target_stop(Unit *u) {
- Target *t = TARGET(u);
-
- assert(t);
- assert(t->state == TARGET_ACTIVE);
-
- target_set_state(t, TARGET_DEAD);
- return 1;
-}
-
-static int target_serialize(Unit *u, FILE *f, FDSet *fds) {
- Target *s = TARGET(u);
-
- assert(s);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", target_state_to_string(s->state));
- return 0;
-}
-
-static int target_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Target *s = TARGET(u);
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- TargetState state;
-
- state = target_state_from_string(value);
- if (state < 0)
- log_debug("Failed to parse state value %s", value);
- else
- s->deserialized_state = state;
-
- } else
- log_debug("Unknown serialization key '%s'", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState target_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[TARGET(u)->state];
-}
-
-_pure_ static const char *target_sub_state_to_string(Unit *u) {
- assert(u);
-
- return target_state_to_string(TARGET(u)->state);
-}
-
-const UnitVTable target_vtable = {
- .object_size = sizeof(Target),
-
- .sections =
- "Unit\0"
- "Target\0"
- "Install\0",
-
- .load = target_load,
- .coldplug = target_coldplug,
-
- .dump = target_dump,
-
- .start = target_start,
- .stop = target_stop,
-
- .serialize = target_serialize,
- .deserialize_item = target_deserialize_item,
-
- .active_state = target_active_state,
- .sub_state_to_string = target_sub_state_to_string,
-
- .bus_vtable = bus_target_vtable,
-
- .status_message_formats = {
- .finished_start_job = {
- [JOB_DONE] = "Reached target %s.",
- },
- .finished_stop_job = {
- [JOB_DONE] = "Stopped target %s.",
- },
- },
-};
diff --git a/src/core/target.h b/src/core/target.h
deleted file mode 100644
index 339aea154e..0000000000
--- a/src/core/target.h
+++ /dev/null
@@ -1,30 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Target Target;
-
-struct Target {
- Unit meta;
-
- TargetState state, deserialized_state;
-};
-
-extern const UnitVTable target_vtable;
diff --git a/src/core/timer.c b/src/core/timer.c
deleted file mode 100644
index 2469a517ea..0000000000
--- a/src/core/timer.c
+++ /dev/null
@@ -1,865 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-
-#include "alloc-util.h"
-#include "bus-error.h"
-#include "bus-util.h"
-#include "dbus-timer.h"
-#include "fs-util.h"
-#include "parse-util.h"
-#include "random-util.h"
-#include "special.h"
-#include "string-table.h"
-#include "string-util.h"
-#include "timer.h"
-#include "unit-name.h"
-#include "unit.h"
-#include "user-util.h"
-#include "virt.h"
-
-static const UnitActiveState state_translation_table[_TIMER_STATE_MAX] = {
- [TIMER_DEAD] = UNIT_INACTIVE,
- [TIMER_WAITING] = UNIT_ACTIVE,
- [TIMER_RUNNING] = UNIT_ACTIVE,
- [TIMER_ELAPSED] = UNIT_ACTIVE,
- [TIMER_FAILED] = UNIT_FAILED
-};
-
-static int timer_dispatch(sd_event_source *s, uint64_t usec, void *userdata);
-
-static void timer_init(Unit *u) {
- Timer *t = TIMER(u);
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- t->next_elapse_monotonic_or_boottime = USEC_INFINITY;
- t->next_elapse_realtime = USEC_INFINITY;
- t->accuracy_usec = u->manager->default_timer_accuracy_usec;
- t->remain_after_elapse = true;
-}
-
-void timer_free_values(Timer *t) {
- TimerValue *v;
-
- assert(t);
-
- while ((v = t->values)) {
- LIST_REMOVE(value, t->values, v);
- calendar_spec_free(v->calendar_spec);
- free(v);
- }
-}
-
-static void timer_done(Unit *u) {
- Timer *t = TIMER(u);
-
- assert(t);
-
- timer_free_values(t);
-
- t->monotonic_event_source = sd_event_source_unref(t->monotonic_event_source);
- t->realtime_event_source = sd_event_source_unref(t->realtime_event_source);
-
- free(t->stamp_path);
-}
-
-static int timer_verify(Timer *t) {
- assert(t);
-
- if (UNIT(t)->load_state != UNIT_LOADED)
- return 0;
-
- if (!t->values) {
- log_unit_error(UNIT(t), "Timer unit lacks value setting. Refusing.");
- return -EINVAL;
- }
-
- return 0;
-}
-
-static int timer_add_default_dependencies(Timer *t) {
- int r;
- TimerValue *v;
-
- assert(t);
-
- if (!UNIT(t)->default_dependencies)
- return 0;
-
- r = unit_add_dependency_by_name(UNIT(t), UNIT_BEFORE, SPECIAL_TIMERS_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- if (MANAGER_IS_SYSTEM(UNIT(t)->manager)) {
- r = unit_add_two_dependencies_by_name(UNIT(t), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
- if (r < 0)
- return r;
-
- LIST_FOREACH(value, v, t->values) {
- if (v->base == TIMER_CALENDAR) {
- r = unit_add_dependency_by_name(UNIT(t), UNIT_AFTER, SPECIAL_TIME_SYNC_TARGET, NULL, true);
- if (r < 0)
- return r;
- break;
- }
- }
- }
-
- return unit_add_two_dependencies_by_name(UNIT(t), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
-}
-
-static int timer_setup_persistent(Timer *t) {
- int r;
-
- assert(t);
-
- if (!t->persistent)
- return 0;
-
- if (MANAGER_IS_SYSTEM(UNIT(t)->manager)) {
-
- r = unit_require_mounts_for(UNIT(t), "/var/lib/systemd/timers");
- if (r < 0)
- return r;
-
- t->stamp_path = strappend("/var/lib/systemd/timers/stamp-", UNIT(t)->id);
- } else {
- const char *e;
-
- e = getenv("XDG_DATA_HOME");
- if (e)
- t->stamp_path = strjoin(e, "/systemd/timers/stamp-", UNIT(t)->id, NULL);
- else {
-
- _cleanup_free_ char *h = NULL;
-
- r = get_home_dir(&h);
- if (r < 0)
- return log_unit_error_errno(UNIT(t), r, "Failed to determine home directory: %m");
-
- t->stamp_path = strjoin(h, "/.local/share/systemd/timers/stamp-", UNIT(t)->id, NULL);
- }
- }
-
- if (!t->stamp_path)
- return log_oom();
-
- return 0;
-}
-
-static int timer_load(Unit *u) {
- Timer *t = TIMER(u);
- int r;
-
- assert(u);
- assert(u->load_state == UNIT_STUB);
-
- r = unit_load_fragment_and_dropin(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_LOADED) {
-
- if (set_isempty(u->dependencies[UNIT_TRIGGERS])) {
- Unit *x;
-
- r = unit_load_related_unit(u, ".service", &x);
- if (r < 0)
- return r;
-
- r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, x, true);
- if (r < 0)
- return r;
- }
-
- r = timer_setup_persistent(t);
- if (r < 0)
- return r;
-
- r = timer_add_default_dependencies(t);
- if (r < 0)
- return r;
- }
-
- return timer_verify(t);
-}
-
-static void timer_dump(Unit *u, FILE *f, const char *prefix) {
- char buf[FORMAT_TIMESPAN_MAX];
- Timer *t = TIMER(u);
- Unit *trigger;
- TimerValue *v;
-
- trigger = UNIT_TRIGGER(u);
-
- fprintf(f,
- "%sTimer State: %s\n"
- "%sResult: %s\n"
- "%sUnit: %s\n"
- "%sPersistent: %s\n"
- "%sWakeSystem: %s\n"
- "%sAccuracy: %s\n"
- "%sRemainAfterElapse: %s\n",
- prefix, timer_state_to_string(t->state),
- prefix, timer_result_to_string(t->result),
- prefix, trigger ? trigger->id : "n/a",
- prefix, yes_no(t->persistent),
- prefix, yes_no(t->wake_system),
- prefix, format_timespan(buf, sizeof(buf), t->accuracy_usec, 1),
- prefix, yes_no(t->remain_after_elapse));
-
- LIST_FOREACH(value, v, t->values) {
-
- if (v->base == TIMER_CALENDAR) {
- _cleanup_free_ char *p = NULL;
-
- calendar_spec_to_string(v->calendar_spec, &p);
-
- fprintf(f,
- "%s%s: %s\n",
- prefix,
- timer_base_to_string(v->base),
- strna(p));
- } else {
- char timespan1[FORMAT_TIMESPAN_MAX];
-
- fprintf(f,
- "%s%s: %s\n",
- prefix,
- timer_base_to_string(v->base),
- format_timespan(timespan1, sizeof(timespan1), v->value, 0));
- }
- }
-}
-
-static void timer_set_state(Timer *t, TimerState state) {
- TimerState old_state;
- assert(t);
-
- old_state = t->state;
- t->state = state;
-
- if (state != TIMER_WAITING) {
- t->monotonic_event_source = sd_event_source_unref(t->monotonic_event_source);
- t->realtime_event_source = sd_event_source_unref(t->realtime_event_source);
- t->next_elapse_monotonic_or_boottime = USEC_INFINITY;
- t->next_elapse_realtime = USEC_INFINITY;
- }
-
- if (state != old_state)
- log_unit_debug(UNIT(t), "Changed %s -> %s", timer_state_to_string(old_state), timer_state_to_string(state));
-
- unit_notify(UNIT(t), state_translation_table[old_state], state_translation_table[state], true);
-}
-
-static void timer_enter_waiting(Timer *t, bool initial);
-
-static int timer_coldplug(Unit *u) {
- Timer *t = TIMER(u);
-
- assert(t);
- assert(t->state == TIMER_DEAD);
-
- if (t->deserialized_state == t->state)
- return 0;
-
- if (t->deserialized_state == TIMER_WAITING)
- timer_enter_waiting(t, false);
- else
- timer_set_state(t, t->deserialized_state);
-
- return 0;
-}
-
-static void timer_enter_dead(Timer *t, TimerResult f) {
- assert(t);
-
- if (t->result == TIMER_SUCCESS)
- t->result = f;
-
- timer_set_state(t, t->result != TIMER_SUCCESS ? TIMER_FAILED : TIMER_DEAD);
-}
-
-static void timer_enter_elapsed(Timer *t, bool leave_around) {
- assert(t);
-
- /* If a unit is marked with RemainAfterElapse=yes we leave it
- * around even after it elapsed once, so that starting it
- * later again does not necessarily mean immediate
- * retriggering. We unconditionally leave units with
- * TIMER_UNIT_ACTIVE or TIMER_UNIT_INACTIVE triggers around,
- * since they might be restarted automatically at any time
- * later on. */
-
- if (t->remain_after_elapse || leave_around)
- timer_set_state(t, TIMER_ELAPSED);
- else
- timer_enter_dead(t, TIMER_SUCCESS);
-}
-
-static usec_t monotonic_to_boottime(usec_t t) {
- usec_t a, b;
-
- if (t <= 0)
- return 0;
-
- a = now(clock_boottime_or_monotonic());
- b = now(CLOCK_MONOTONIC);
-
- if (t + a > b)
- return t + a - b;
- else
- return 0;
-}
-
-static void add_random(Timer *t, usec_t *v) {
- char s[FORMAT_TIMESPAN_MAX];
- usec_t add;
-
- assert(t);
- assert(v);
-
- if (t->random_usec == 0)
- return;
- if (*v == USEC_INFINITY)
- return;
-
- add = random_u64() % t->random_usec;
-
- if (*v + add < *v) /* overflow */
- *v = (usec_t) -2; /* Highest possible value, that is not USEC_INFINITY */
- else
- *v += add;
-
- log_unit_info(UNIT(t), "Adding %s random time.", format_timespan(s, sizeof(s), add, 0));
-}
-
-static void timer_enter_waiting(Timer *t, bool initial) {
- bool found_monotonic = false, found_realtime = false;
- usec_t ts_realtime, ts_monotonic;
- usec_t base = 0;
- bool leave_around = false;
- TimerValue *v;
- Unit *trigger;
- int r;
-
- assert(t);
-
- trigger = UNIT_TRIGGER(UNIT(t));
- if (!trigger) {
- log_unit_error(UNIT(t), "Unit to trigger vanished.");
- timer_enter_dead(t, TIMER_FAILURE_RESOURCES);
- return;
- }
-
- /* If we shall wake the system we use the boottime clock
- * rather than the monotonic clock. */
-
- ts_realtime = now(CLOCK_REALTIME);
- ts_monotonic = now(t->wake_system ? clock_boottime_or_monotonic() : CLOCK_MONOTONIC);
- t->next_elapse_monotonic_or_boottime = t->next_elapse_realtime = 0;
-
- LIST_FOREACH(value, v, t->values) {
-
- if (v->disabled)
- continue;
-
- if (v->base == TIMER_CALENDAR) {
- usec_t b;
-
- /* If we know the last time this was
- * triggered, schedule the job based relative
- * to that. If we don't just start from
- * now. */
-
- b = t->last_trigger.realtime > 0 ? t->last_trigger.realtime : ts_realtime;
-
- r = calendar_spec_next_usec(v->calendar_spec, b, &v->next_elapse);
- if (r < 0)
- continue;
-
- if (!found_realtime)
- t->next_elapse_realtime = v->next_elapse;
- else
- t->next_elapse_realtime = MIN(t->next_elapse_realtime, v->next_elapse);
-
- found_realtime = true;
-
- } else {
- switch (v->base) {
-
- case TIMER_ACTIVE:
- if (state_translation_table[t->state] == UNIT_ACTIVE)
- base = UNIT(t)->inactive_exit_timestamp.monotonic;
- else
- base = ts_monotonic;
- break;
-
- case TIMER_BOOT:
- if (detect_container() <= 0) {
- /* CLOCK_MONOTONIC equals the uptime on Linux */
- base = 0;
- break;
- }
- /* In a container we don't want to include the time the host
- * was already up when the container started, so count from
- * our own startup. Fall through. */
- case TIMER_STARTUP:
- base = UNIT(t)->manager->userspace_timestamp.monotonic;
- break;
-
- case TIMER_UNIT_ACTIVE:
- leave_around = true;
- base = trigger->inactive_exit_timestamp.monotonic;
-
- if (base <= 0)
- base = t->last_trigger.monotonic;
-
- if (base <= 0)
- continue;
-
- break;
-
- case TIMER_UNIT_INACTIVE:
- leave_around = true;
- base = trigger->inactive_enter_timestamp.monotonic;
-
- if (base <= 0)
- base = t->last_trigger.monotonic;
-
- if (base <= 0)
- continue;
-
- break;
-
- default:
- assert_not_reached("Unknown timer base");
- }
-
- if (t->wake_system)
- base = monotonic_to_boottime(base);
-
- v->next_elapse = base + v->value;
-
- if (!initial && v->next_elapse < ts_monotonic && IN_SET(v->base, TIMER_ACTIVE, TIMER_BOOT, TIMER_STARTUP)) {
- /* This is a one time trigger, disable it now */
- v->disabled = true;
- continue;
- }
-
- if (!found_monotonic)
- t->next_elapse_monotonic_or_boottime = v->next_elapse;
- else
- t->next_elapse_monotonic_or_boottime = MIN(t->next_elapse_monotonic_or_boottime, v->next_elapse);
-
- found_monotonic = true;
- }
- }
-
- if (!found_monotonic && !found_realtime) {
- log_unit_debug(UNIT(t), "Timer is elapsed.");
- timer_enter_elapsed(t, leave_around);
- return;
- }
-
- if (found_monotonic) {
- char buf[FORMAT_TIMESPAN_MAX];
- usec_t left;
-
- add_random(t, &t->next_elapse_monotonic_or_boottime);
-
- left = t->next_elapse_monotonic_or_boottime > ts_monotonic ? t->next_elapse_monotonic_or_boottime - ts_monotonic : 0;
- log_unit_debug(UNIT(t), "Monotonic timer elapses in %s.", format_timespan(buf, sizeof(buf), left, 0));
-
- if (t->monotonic_event_source) {
- r = sd_event_source_set_time(t->monotonic_event_source, t->next_elapse_monotonic_or_boottime);
- if (r < 0)
- goto fail;
-
- r = sd_event_source_set_enabled(t->monotonic_event_source, SD_EVENT_ONESHOT);
- if (r < 0)
- goto fail;
- } else {
-
- r = sd_event_add_time(
- UNIT(t)->manager->event,
- &t->monotonic_event_source,
- t->wake_system ? CLOCK_BOOTTIME_ALARM : CLOCK_MONOTONIC,
- t->next_elapse_monotonic_or_boottime, t->accuracy_usec,
- timer_dispatch, t);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(t->monotonic_event_source, "timer-monotonic");
- }
-
- } else if (t->monotonic_event_source) {
-
- r = sd_event_source_set_enabled(t->monotonic_event_source, SD_EVENT_OFF);
- if (r < 0)
- goto fail;
- }
-
- if (found_realtime) {
- char buf[FORMAT_TIMESTAMP_MAX];
-
- add_random(t, &t->next_elapse_realtime);
-
- log_unit_debug(UNIT(t), "Realtime timer elapses at %s.", format_timestamp(buf, sizeof(buf), t->next_elapse_realtime));
-
- if (t->realtime_event_source) {
- r = sd_event_source_set_time(t->realtime_event_source, t->next_elapse_realtime);
- if (r < 0)
- goto fail;
-
- r = sd_event_source_set_enabled(t->realtime_event_source, SD_EVENT_ONESHOT);
- if (r < 0)
- goto fail;
- } else {
- r = sd_event_add_time(
- UNIT(t)->manager->event,
- &t->realtime_event_source,
- t->wake_system ? CLOCK_REALTIME_ALARM : CLOCK_REALTIME,
- t->next_elapse_realtime, t->accuracy_usec,
- timer_dispatch, t);
- if (r < 0)
- goto fail;
-
- (void) sd_event_source_set_description(t->realtime_event_source, "timer-realtime");
- }
-
- } else if (t->realtime_event_source) {
-
- r = sd_event_source_set_enabled(t->realtime_event_source, SD_EVENT_OFF);
- if (r < 0)
- goto fail;
- }
-
- timer_set_state(t, TIMER_WAITING);
- return;
-
-fail:
- log_unit_warning_errno(UNIT(t), r, "Failed to enter waiting state: %m");
- timer_enter_dead(t, TIMER_FAILURE_RESOURCES);
-}
-
-static void timer_enter_running(Timer *t) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- Unit *trigger;
- int r;
-
- assert(t);
-
- /* Don't start job if we are supposed to go down */
- if (unit_stop_pending(UNIT(t)))
- return;
-
- trigger = UNIT_TRIGGER(UNIT(t));
- if (!trigger) {
- log_unit_error(UNIT(t), "Unit to trigger vanished.");
- timer_enter_dead(t, TIMER_FAILURE_RESOURCES);
- return;
- }
-
- r = manager_add_job(UNIT(t)->manager, JOB_START, trigger, JOB_REPLACE, &error, NULL);
- if (r < 0)
- goto fail;
-
- dual_timestamp_get(&t->last_trigger);
-
- if (t->stamp_path)
- touch_file(t->stamp_path, true, t->last_trigger.realtime, UID_INVALID, GID_INVALID, MODE_INVALID);
-
- timer_set_state(t, TIMER_RUNNING);
- return;
-
-fail:
- log_unit_warning(UNIT(t), "Failed to queue unit startup job: %s", bus_error_message(&error, r));
- timer_enter_dead(t, TIMER_FAILURE_RESOURCES);
-}
-
-static int timer_start(Unit *u) {
- Timer *t = TIMER(u);
- TimerValue *v;
- Unit *trigger;
- int r;
-
- assert(t);
- assert(t->state == TIMER_DEAD || t->state == TIMER_FAILED);
-
- trigger = UNIT_TRIGGER(u);
- if (!trigger || trigger->load_state != UNIT_LOADED) {
- log_unit_error(u, "Refusing to start, unit to trigger not loaded.");
- return -ENOENT;
- }
-
- r = unit_start_limit_test(u);
- if (r < 0) {
- timer_enter_dead(t, TIMER_FAILURE_START_LIMIT_HIT);
- return r;
- }
-
- r = unit_acquire_invocation_id(u);
- if (r < 0)
- return r;
-
- t->last_trigger = DUAL_TIMESTAMP_NULL;
-
- /* Reenable all timers that depend on unit activation time */
- LIST_FOREACH(value, v, t->values)
- if (v->base == TIMER_ACTIVE)
- v->disabled = false;
-
- if (t->stamp_path) {
- struct stat st;
-
- if (stat(t->stamp_path, &st) >= 0)
- t->last_trigger.realtime = timespec_load(&st.st_atim);
- else if (errno == ENOENT)
- /* The timer has never run before,
- * make sure a stamp file exists.
- */
- (void) touch_file(t->stamp_path, true, USEC_INFINITY, UID_INVALID, GID_INVALID, MODE_INVALID);
- }
-
- t->result = TIMER_SUCCESS;
- timer_enter_waiting(t, true);
- return 1;
-}
-
-static int timer_stop(Unit *u) {
- Timer *t = TIMER(u);
-
- assert(t);
- assert(t->state == TIMER_WAITING || t->state == TIMER_RUNNING || t->state == TIMER_ELAPSED);
-
- timer_enter_dead(t, TIMER_SUCCESS);
- return 1;
-}
-
-static int timer_serialize(Unit *u, FILE *f, FDSet *fds) {
- Timer *t = TIMER(u);
-
- assert(u);
- assert(f);
- assert(fds);
-
- unit_serialize_item(u, f, "state", timer_state_to_string(t->state));
- unit_serialize_item(u, f, "result", timer_result_to_string(t->result));
-
- if (t->last_trigger.realtime > 0)
- unit_serialize_item_format(u, f, "last-trigger-realtime", "%" PRIu64, t->last_trigger.realtime);
-
- if (t->last_trigger.monotonic > 0)
- unit_serialize_item_format(u, f, "last-trigger-monotonic", "%" PRIu64, t->last_trigger.monotonic);
-
- return 0;
-}
-
-static int timer_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
- Timer *t = TIMER(u);
- int r;
-
- assert(u);
- assert(key);
- assert(value);
- assert(fds);
-
- if (streq(key, "state")) {
- TimerState state;
-
- state = timer_state_from_string(value);
- if (state < 0)
- log_unit_debug(u, "Failed to parse state value: %s", value);
- else
- t->deserialized_state = state;
- } else if (streq(key, "result")) {
- TimerResult f;
-
- f = timer_result_from_string(value);
- if (f < 0)
- log_unit_debug(u, "Failed to parse result value: %s", value);
- else if (f != TIMER_SUCCESS)
- t->result = f;
- } else if (streq(key, "last-trigger-realtime")) {
-
- r = safe_atou64(value, &t->last_trigger.realtime);
- if (r < 0)
- log_unit_debug(u, "Failed to parse last-trigger-realtime value: %s", value);
-
- } else if (streq(key, "last-trigger-monotonic")) {
-
- r = safe_atou64(value, &t->last_trigger.monotonic);
- if (r < 0)
- log_unit_debug(u, "Failed to parse last-trigger-monotonic value: %s", value);
-
- } else
- log_unit_debug(u, "Unknown serialization key: %s", key);
-
- return 0;
-}
-
-_pure_ static UnitActiveState timer_active_state(Unit *u) {
- assert(u);
-
- return state_translation_table[TIMER(u)->state];
-}
-
-_pure_ static const char *timer_sub_state_to_string(Unit *u) {
- assert(u);
-
- return timer_state_to_string(TIMER(u)->state);
-}
-
-static int timer_dispatch(sd_event_source *s, uint64_t usec, void *userdata) {
- Timer *t = TIMER(userdata);
-
- assert(t);
-
- if (t->state != TIMER_WAITING)
- return 0;
-
- log_unit_debug(UNIT(t), "Timer elapsed.");
- timer_enter_running(t);
- return 0;
-}
-
-static void timer_trigger_notify(Unit *u, Unit *other) {
- Timer *t = TIMER(u);
- TimerValue *v;
-
- assert(u);
- assert(other);
-
- if (other->load_state != UNIT_LOADED)
- return;
-
- /* Reenable all timers that depend on unit state */
- LIST_FOREACH(value, v, t->values)
- if (v->base == TIMER_UNIT_ACTIVE ||
- v->base == TIMER_UNIT_INACTIVE)
- v->disabled = false;
-
- switch (t->state) {
-
- case TIMER_WAITING:
- case TIMER_ELAPSED:
-
- /* Recalculate sleep time */
- timer_enter_waiting(t, false);
- break;
-
- case TIMER_RUNNING:
-
- if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other))) {
- log_unit_debug(UNIT(t), "Got notified about unit deactivation.");
- timer_enter_waiting(t, false);
- }
- break;
-
- case TIMER_DEAD:
- case TIMER_FAILED:
- break;
-
- default:
- assert_not_reached("Unknown timer state");
- }
-}
-
-static void timer_reset_failed(Unit *u) {
- Timer *t = TIMER(u);
-
- assert(t);
-
- if (t->state == TIMER_FAILED)
- timer_set_state(t, TIMER_DEAD);
-
- t->result = TIMER_SUCCESS;
-}
-
-static void timer_time_change(Unit *u) {
- Timer *t = TIMER(u);
-
- assert(u);
-
- if (t->state != TIMER_WAITING)
- return;
-
- log_unit_debug(u, "Time change, recalculating next elapse.");
- timer_enter_waiting(t, false);
-}
-
-static const char* const timer_base_table[_TIMER_BASE_MAX] = {
- [TIMER_ACTIVE] = "OnActiveSec",
- [TIMER_BOOT] = "OnBootSec",
- [TIMER_STARTUP] = "OnStartupSec",
- [TIMER_UNIT_ACTIVE] = "OnUnitActiveSec",
- [TIMER_UNIT_INACTIVE] = "OnUnitInactiveSec",
- [TIMER_CALENDAR] = "OnCalendar"
-};
-
-DEFINE_STRING_TABLE_LOOKUP(timer_base, TimerBase);
-
-static const char* const timer_result_table[_TIMER_RESULT_MAX] = {
- [TIMER_SUCCESS] = "success",
- [TIMER_FAILURE_RESOURCES] = "resources",
- [TIMER_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
-};
-
-DEFINE_STRING_TABLE_LOOKUP(timer_result, TimerResult);
-
-const UnitVTable timer_vtable = {
- .object_size = sizeof(Timer),
-
- .sections =
- "Unit\0"
- "Timer\0"
- "Install\0",
- .private_section = "Timer",
-
- .init = timer_init,
- .done = timer_done,
- .load = timer_load,
-
- .coldplug = timer_coldplug,
-
- .dump = timer_dump,
-
- .start = timer_start,
- .stop = timer_stop,
-
- .serialize = timer_serialize,
- .deserialize_item = timer_deserialize_item,
-
- .active_state = timer_active_state,
- .sub_state_to_string = timer_sub_state_to_string,
-
- .trigger_notify = timer_trigger_notify,
-
- .reset_failed = timer_reset_failed,
- .time_change = timer_time_change,
-
- .bus_vtable = bus_timer_vtable,
- .bus_set_property = bus_timer_set_property,
-
- .can_transient = true,
-};
diff --git a/src/core/timer.h b/src/core/timer.h
deleted file mode 100644
index 9c4b64f898..0000000000
--- a/src/core/timer.h
+++ /dev/null
@@ -1,89 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Timer Timer;
-
-#include "calendarspec.h"
-
-typedef enum TimerBase {
- TIMER_ACTIVE,
- TIMER_BOOT,
- TIMER_STARTUP,
- TIMER_UNIT_ACTIVE,
- TIMER_UNIT_INACTIVE,
- TIMER_CALENDAR,
- _TIMER_BASE_MAX,
- _TIMER_BASE_INVALID = -1
-} TimerBase;
-
-typedef struct TimerValue {
- TimerBase base;
- bool disabled;
-
- usec_t value; /* only for monotonic events */
- CalendarSpec *calendar_spec; /* only for calendar events */
- usec_t next_elapse;
-
- LIST_FIELDS(struct TimerValue, value);
-} TimerValue;
-
-typedef enum TimerResult {
- TIMER_SUCCESS,
- TIMER_FAILURE_RESOURCES,
- TIMER_FAILURE_START_LIMIT_HIT,
- _TIMER_RESULT_MAX,
- _TIMER_RESULT_INVALID = -1
-} TimerResult;
-
-struct Timer {
- Unit meta;
-
- usec_t accuracy_usec;
- usec_t random_usec;
-
- LIST_HEAD(TimerValue, values);
- usec_t next_elapse_realtime;
- usec_t next_elapse_monotonic_or_boottime;
- dual_timestamp last_trigger;
-
- TimerState state, deserialized_state;
-
- sd_event_source *monotonic_event_source;
- sd_event_source *realtime_event_source;
-
- TimerResult result;
-
- bool persistent;
- bool wake_system;
- bool remain_after_elapse;
-
- char *stamp_path;
-};
-
-void timer_free_values(Timer *t);
-
-extern const UnitVTable timer_vtable;
-
-const char *timer_base_to_string(TimerBase i) _const_;
-TimerBase timer_base_from_string(const char *s) _pure_;
-
-const char* timer_result_to_string(TimerResult i) _const_;
-TimerResult timer_result_from_string(const char *s) _pure_;
diff --git a/src/core/transaction.c b/src/core/transaction.c
deleted file mode 100644
index e22e3b30c2..0000000000
--- a/src/core/transaction.c
+++ /dev/null
@@ -1,1100 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <fcntl.h>
-#include <unistd.h>
-
-#include "alloc-util.h"
-#include "bus-common-errors.h"
-#include "bus-error.h"
-#include "terminal-util.h"
-#include "transaction.h"
-#include "dbus-unit.h"
-
-static void transaction_unlink_job(Transaction *tr, Job *j, bool delete_dependencies);
-
-static void transaction_delete_job(Transaction *tr, Job *j, bool delete_dependencies) {
- assert(tr);
- assert(j);
-
- /* Deletes one job from the transaction */
-
- transaction_unlink_job(tr, j, delete_dependencies);
-
- job_free(j);
-}
-
-static void transaction_delete_unit(Transaction *tr, Unit *u) {
- Job *j;
-
- /* Deletes all jobs associated with a certain unit from the
- * transaction */
-
- while ((j = hashmap_get(tr->jobs, u)))
- transaction_delete_job(tr, j, true);
-}
-
-void transaction_abort(Transaction *tr) {
- Job *j;
-
- assert(tr);
-
- while ((j = hashmap_first(tr->jobs)))
- transaction_delete_job(tr, j, false);
-
- assert(hashmap_isempty(tr->jobs));
-}
-
-static void transaction_find_jobs_that_matter_to_anchor(Job *j, unsigned generation) {
- JobDependency *l;
-
- /* A recursive sweep through the graph that marks all units
- * that matter to the anchor job, i.e. are directly or
- * indirectly a dependency of the anchor job via paths that
- * are fully marked as mattering. */
-
- j->matters_to_anchor = true;
- j->generation = generation;
-
- LIST_FOREACH(subject, l, j->subject_list) {
-
- /* This link does not matter */
- if (!l->matters)
- continue;
-
- /* This unit has already been marked */
- if (l->object->generation == generation)
- continue;
-
- transaction_find_jobs_that_matter_to_anchor(l->object, generation);
- }
-}
-
-static void transaction_merge_and_delete_job(Transaction *tr, Job *j, Job *other, JobType t) {
- JobDependency *l, *last;
-
- assert(j);
- assert(other);
- assert(j->unit == other->unit);
- assert(!j->installed);
-
- /* Merges 'other' into 'j' and then deletes 'other'. */
-
- j->type = t;
- j->state = JOB_WAITING;
- j->irreversible = j->irreversible || other->irreversible;
- j->matters_to_anchor = j->matters_to_anchor || other->matters_to_anchor;
-
- /* Patch us in as new owner of the JobDependency objects */
- last = NULL;
- LIST_FOREACH(subject, l, other->subject_list) {
- assert(l->subject == other);
- l->subject = j;
- last = l;
- }
-
- /* Merge both lists */
- if (last) {
- last->subject_next = j->subject_list;
- if (j->subject_list)
- j->subject_list->subject_prev = last;
- j->subject_list = other->subject_list;
- }
-
- /* Patch us in as new owner of the JobDependency objects */
- last = NULL;
- LIST_FOREACH(object, l, other->object_list) {
- assert(l->object == other);
- l->object = j;
- last = l;
- }
-
- /* Merge both lists */
- if (last) {
- last->object_next = j->object_list;
- if (j->object_list)
- j->object_list->object_prev = last;
- j->object_list = other->object_list;
- }
-
- /* Kill the other job */
- other->subject_list = NULL;
- other->object_list = NULL;
- transaction_delete_job(tr, other, true);
-}
-
-_pure_ static bool job_is_conflicted_by(Job *j) {
- JobDependency *l;
-
- assert(j);
-
- /* Returns true if this job is pulled in by a least one
- * ConflictedBy dependency. */
-
- LIST_FOREACH(object, l, j->object_list)
- if (l->conflicts)
- return true;
-
- return false;
-}
-
-static int delete_one_unmergeable_job(Transaction *tr, Job *j) {
- Job *k;
-
- assert(j);
-
- /* Tries to delete one item in the linked list
- * j->transaction_next->transaction_next->... that conflicts
- * with another one, in an attempt to make an inconsistent
- * transaction work. */
-
- /* We rely here on the fact that if a merged with b does not
- * merge with c, either a or b merge with c neither */
- LIST_FOREACH(transaction, j, j)
- LIST_FOREACH(transaction, k, j->transaction_next) {
- Job *d;
-
- /* Is this one mergeable? Then skip it */
- if (job_type_is_mergeable(j->type, k->type))
- continue;
-
- /* Ok, we found two that conflict, let's see if we can
- * drop one of them */
- if (!j->matters_to_anchor && !k->matters_to_anchor) {
-
- /* Both jobs don't matter, so let's
- * find the one that is smarter to
- * remove. Let's think positive and
- * rather remove stops then starts --
- * except if something is being
- * stopped because it is conflicted by
- * another unit in which case we
- * rather remove the start. */
-
- log_unit_debug(j->unit,
- "Looking at job %s/%s conflicted_by=%s",
- j->unit->id, job_type_to_string(j->type),
- yes_no(j->type == JOB_STOP && job_is_conflicted_by(j)));
- log_unit_debug(k->unit,
- "Looking at job %s/%s conflicted_by=%s",
- k->unit->id, job_type_to_string(k->type),
- yes_no(k->type == JOB_STOP && job_is_conflicted_by(k)));
-
- if (j->type == JOB_STOP) {
-
- if (job_is_conflicted_by(j))
- d = k;
- else
- d = j;
-
- } else if (k->type == JOB_STOP) {
-
- if (job_is_conflicted_by(k))
- d = j;
- else
- d = k;
- } else
- d = j;
-
- } else if (!j->matters_to_anchor)
- d = j;
- else if (!k->matters_to_anchor)
- d = k;
- else
- return -ENOEXEC;
-
- /* Ok, we can drop one, so let's do so. */
- log_unit_debug(d->unit,
- "Fixing conflicting jobs %s/%s,%s/%s by deleting job %s/%s",
- j->unit->id, job_type_to_string(j->type),
- k->unit->id, job_type_to_string(k->type),
- d->unit->id, job_type_to_string(d->type));
- transaction_delete_job(tr, d, true);
- return 0;
- }
-
- return -EINVAL;
-}
-
-static int transaction_merge_jobs(Transaction *tr, sd_bus_error *e) {
- Job *j;
- Iterator i;
- int r;
-
- assert(tr);
-
- /* First step, check whether any of the jobs for one specific
- * task conflict. If so, try to drop one of them. */
- HASHMAP_FOREACH(j, tr->jobs, i) {
- JobType t;
- Job *k;
-
- t = j->type;
- LIST_FOREACH(transaction, k, j->transaction_next) {
- if (job_type_merge_and_collapse(&t, k->type, j->unit) >= 0)
- continue;
-
- /* OK, we could not merge all jobs for this
- * action. Let's see if we can get rid of one
- * of them */
-
- r = delete_one_unmergeable_job(tr, j);
- if (r >= 0)
- /* Ok, we managed to drop one, now
- * let's ask our callers to call us
- * again after garbage collecting */
- return -EAGAIN;
-
- /* We couldn't merge anything. Failure */
- return sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_JOBS_CONFLICTING,
- "Transaction contains conflicting jobs '%s' and '%s' for %s. "
- "Probably contradicting requirement dependencies configured.",
- job_type_to_string(t),
- job_type_to_string(k->type),
- k->unit->id);
- }
- }
-
- /* Second step, merge the jobs. */
- HASHMAP_FOREACH(j, tr->jobs, i) {
- JobType t = j->type;
- Job *k;
-
- /* Merge all transaction jobs for j->unit */
- LIST_FOREACH(transaction, k, j->transaction_next)
- assert_se(job_type_merge_and_collapse(&t, k->type, j->unit) == 0);
-
- while ((k = j->transaction_next)) {
- if (tr->anchor_job == k) {
- transaction_merge_and_delete_job(tr, k, j, t);
- j = k;
- } else
- transaction_merge_and_delete_job(tr, j, k, t);
- }
-
- assert(!j->transaction_next);
- assert(!j->transaction_prev);
- }
-
- return 0;
-}
-
-static void transaction_drop_redundant(Transaction *tr) {
- Job *j;
- Iterator i;
-
- /* Goes through the transaction and removes all jobs of the units
- * whose jobs are all noops. If not all of a unit's jobs are
- * redundant, they are kept. */
-
- assert(tr);
-
-rescan:
- HASHMAP_FOREACH(j, tr->jobs, i) {
- Job *k;
-
- LIST_FOREACH(transaction, k, j) {
-
- if (tr->anchor_job == k ||
- !job_type_is_redundant(k->type, unit_active_state(k->unit)) ||
- (k->unit->job && job_type_is_conflicting(k->type, k->unit->job->type)))
- goto next_unit;
- }
-
- /* log_debug("Found redundant job %s/%s, dropping.", j->unit->id, job_type_to_string(j->type)); */
- transaction_delete_job(tr, j, false);
- goto rescan;
- next_unit:;
- }
-}
-
-_pure_ static bool unit_matters_to_anchor(Unit *u, Job *j) {
- assert(u);
- assert(!j->transaction_prev);
-
- /* Checks whether at least one of the jobs for this unit
- * matters to the anchor. */
-
- LIST_FOREACH(transaction, j, j)
- if (j->matters_to_anchor)
- return true;
-
- return false;
-}
-
-static int transaction_verify_order_one(Transaction *tr, Job *j, Job *from, unsigned generation, sd_bus_error *e) {
- Iterator i;
- Unit *u;
- int r;
-
- assert(tr);
- assert(j);
- assert(!j->transaction_prev);
-
- /* Does a recursive sweep through the ordering graph, looking
- * for a cycle. If we find a cycle we try to break it. */
-
- /* Have we seen this before? */
- if (j->generation == generation) {
- Job *k, *delete;
-
- /* If the marker is NULL we have been here already and
- * decided the job was loop-free from here. Hence
- * shortcut things and return right-away. */
- if (!j->marker)
- return 0;
-
- /* So, the marker is not NULL and we already have been
- * here. We have a cycle. Let's try to break it. We go
- * backwards in our path and try to find a suitable
- * job to remove. We use the marker to find our way
- * back, since smart how we are we stored our way back
- * in there. */
- log_unit_warning(j->unit,
- "Found ordering cycle on %s/%s",
- j->unit->id, job_type_to_string(j->type));
-
- delete = NULL;
- for (k = from; k; k = ((k->generation == generation && k->marker != k) ? k->marker : NULL)) {
-
- /* logging for j not k here to provide consistent narrative */
- log_unit_warning(j->unit,
- "Found dependency on %s/%s",
- k->unit->id, job_type_to_string(k->type));
-
- if (!delete && hashmap_get(tr->jobs, k->unit) && !unit_matters_to_anchor(k->unit, k))
- /* Ok, we can drop this one, so let's
- * do so. */
- delete = k;
-
- /* Check if this in fact was the beginning of
- * the cycle */
- if (k == j)
- break;
- }
-
-
- if (delete) {
- const char *status;
- /* logging for j not k here to provide consistent narrative */
- log_unit_warning(j->unit,
- "Breaking ordering cycle by deleting job %s/%s",
- delete->unit->id, job_type_to_string(delete->type));
- log_unit_error(delete->unit,
- "Job %s/%s deleted to break ordering cycle starting with %s/%s",
- delete->unit->id, job_type_to_string(delete->type),
- j->unit->id, job_type_to_string(j->type));
-
- if (log_get_show_color())
- status = ANSI_HIGHLIGHT_RED " SKIP " ANSI_NORMAL;
- else
- status = " SKIP ";
-
- unit_status_printf(delete->unit, status,
- "Ordering cycle found, skipping %s");
- transaction_delete_unit(tr, delete->unit);
- return -EAGAIN;
- }
-
- log_error("Unable to break cycle");
-
- return sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_ORDER_IS_CYCLIC,
- "Transaction order is cyclic. See system logs for details.");
- }
-
- /* Make the marker point to where we come from, so that we can
- * find our way backwards if we want to break a cycle. We use
- * a special marker for the beginning: we point to
- * ourselves. */
- j->marker = from ? from : j;
- j->generation = generation;
-
- /* We assume that the dependencies are bidirectional, and
- * hence can ignore UNIT_AFTER */
- SET_FOREACH(u, j->unit->dependencies[UNIT_BEFORE], i) {
- Job *o;
-
- /* Is there a job for this unit? */
- o = hashmap_get(tr->jobs, u);
- if (!o) {
- /* Ok, there is no job for this in the
- * transaction, but maybe there is already one
- * running? */
- o = u->job;
- if (!o)
- continue;
- }
-
- r = transaction_verify_order_one(tr, o, j, generation, e);
- if (r < 0)
- return r;
- }
-
- /* Ok, let's backtrack, and remember that this entry is not on
- * our path anymore. */
- j->marker = NULL;
-
- return 0;
-}
-
-static int transaction_verify_order(Transaction *tr, unsigned *generation, sd_bus_error *e) {
- Job *j;
- int r;
- Iterator i;
- unsigned g;
-
- assert(tr);
- assert(generation);
-
- /* Check if the ordering graph is cyclic. If it is, try to fix
- * that up by dropping one of the jobs. */
-
- g = (*generation)++;
-
- HASHMAP_FOREACH(j, tr->jobs, i) {
- r = transaction_verify_order_one(tr, j, NULL, g, e);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-static void transaction_collect_garbage(Transaction *tr) {
- Iterator i;
- Job *j;
-
- assert(tr);
-
- /* Drop jobs that are not required by any other job */
-
-rescan:
- HASHMAP_FOREACH(j, tr->jobs, i) {
- if (tr->anchor_job == j || j->object_list) {
- /* log_debug("Keeping job %s/%s because of %s/%s", */
- /* j->unit->id, job_type_to_string(j->type), */
- /* j->object_list->subject ? j->object_list->subject->unit->id : "root", */
- /* j->object_list->subject ? job_type_to_string(j->object_list->subject->type) : "root"); */
- continue;
- }
-
- /* log_debug("Garbage collecting job %s/%s", j->unit->id, job_type_to_string(j->type)); */
- transaction_delete_job(tr, j, true);
- goto rescan;
- }
-}
-
-static int transaction_is_destructive(Transaction *tr, JobMode mode, sd_bus_error *e) {
- Iterator i;
- Job *j;
-
- assert(tr);
-
- /* Checks whether applying this transaction means that
- * existing jobs would be replaced */
-
- HASHMAP_FOREACH(j, tr->jobs, i) {
-
- /* Assume merged */
- assert(!j->transaction_prev);
- assert(!j->transaction_next);
-
- if (j->unit->job && (mode == JOB_FAIL || j->unit->job->irreversible) &&
- job_type_is_conflicting(j->unit->job->type, j->type))
- return sd_bus_error_setf(e, BUS_ERROR_TRANSACTION_IS_DESTRUCTIVE,
- "Transaction is destructive.");
- }
-
- return 0;
-}
-
-static void transaction_minimize_impact(Transaction *tr) {
- Job *j;
- Iterator i;
-
- assert(tr);
-
- /* Drops all unnecessary jobs that reverse already active jobs
- * or that stop a running service. */
-
-rescan:
- HASHMAP_FOREACH(j, tr->jobs, i) {
- LIST_FOREACH(transaction, j, j) {
- bool stops_running_service, changes_existing_job;
-
- /* If it matters, we shouldn't drop it */
- if (j->matters_to_anchor)
- continue;
-
- /* Would this stop a running service?
- * Would this change an existing job?
- * If so, let's drop this entry */
-
- stops_running_service =
- j->type == JOB_STOP && UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(j->unit));
-
- changes_existing_job =
- j->unit->job &&
- job_type_is_conflicting(j->type, j->unit->job->type);
-
- if (!stops_running_service && !changes_existing_job)
- continue;
-
- if (stops_running_service)
- log_unit_debug(j->unit,
- "%s/%s would stop a running service.",
- j->unit->id, job_type_to_string(j->type));
-
- if (changes_existing_job)
- log_unit_debug(j->unit,
- "%s/%s would change existing job.",
- j->unit->id, job_type_to_string(j->type));
-
- /* Ok, let's get rid of this */
- log_unit_debug(j->unit,
- "Deleting %s/%s to minimize impact.",
- j->unit->id, job_type_to_string(j->type));
-
- transaction_delete_job(tr, j, true);
- goto rescan;
- }
- }
-}
-
-static int transaction_apply(Transaction *tr, Manager *m, JobMode mode) {
- Iterator i;
- Job *j;
- int r;
-
- /* Moves the transaction jobs to the set of active jobs */
-
- if (mode == JOB_ISOLATE || mode == JOB_FLUSH) {
-
- /* When isolating first kill all installed jobs which
- * aren't part of the new transaction */
- HASHMAP_FOREACH(j, m->jobs, i) {
- assert(j->installed);
-
- if (j->unit->ignore_on_isolate)
- continue;
-
- if (hashmap_get(tr->jobs, j->unit))
- continue;
-
- /* Not invalidating recursively. Avoids triggering
- * OnFailure= actions of dependent jobs. Also avoids
- * invalidating our iterator. */
- job_finish_and_invalidate(j, JOB_CANCELED, false, false);
- }
- }
-
- HASHMAP_FOREACH(j, tr->jobs, i) {
- /* Assume merged */
- assert(!j->transaction_prev);
- assert(!j->transaction_next);
-
- r = hashmap_put(m->jobs, UINT32_TO_PTR(j->id), j);
- if (r < 0)
- goto rollback;
- }
-
- while ((j = hashmap_steal_first(tr->jobs))) {
- Job *installed_job;
-
- /* Clean the job dependencies */
- transaction_unlink_job(tr, j, false);
-
- installed_job = job_install(j);
- if (installed_job != j) {
- /* j has been merged into a previously installed job */
- if (tr->anchor_job == j)
- tr->anchor_job = installed_job;
- hashmap_remove(m->jobs, UINT32_TO_PTR(j->id));
- job_free(j);
- j = installed_job;
- }
-
- job_add_to_run_queue(j);
- job_add_to_dbus_queue(j);
- job_start_timer(j);
- job_shutdown_magic(j);
- }
-
- return 0;
-
-rollback:
-
- HASHMAP_FOREACH(j, tr->jobs, i)
- hashmap_remove(m->jobs, UINT32_TO_PTR(j->id));
-
- return r;
-}
-
-int transaction_activate(Transaction *tr, Manager *m, JobMode mode, sd_bus_error *e) {
- Iterator i;
- Job *j;
- int r;
- unsigned generation = 1;
-
- assert(tr);
-
- /* This applies the changes recorded in tr->jobs to
- * the actual list of jobs, if possible. */
-
- /* Reset the generation counter of all installed jobs. The detection of cycles
- * looks at installed jobs. If they had a non-zero generation from some previous
- * walk of the graph, the algorithm would break. */
- HASHMAP_FOREACH(j, m->jobs, i)
- j->generation = 0;
-
- /* First step: figure out which jobs matter */
- transaction_find_jobs_that_matter_to_anchor(tr->anchor_job, generation++);
-
- /* Second step: Try not to stop any running services if
- * we don't have to. Don't try to reverse running
- * jobs if we don't have to. */
- if (mode == JOB_FAIL)
- transaction_minimize_impact(tr);
-
- /* Third step: Drop redundant jobs */
- transaction_drop_redundant(tr);
-
- for (;;) {
- /* Fourth step: Let's remove unneeded jobs that might
- * be lurking. */
- if (mode != JOB_ISOLATE)
- transaction_collect_garbage(tr);
-
- /* Fifth step: verify order makes sense and correct
- * cycles if necessary and possible */
- r = transaction_verify_order(tr, &generation, e);
- if (r >= 0)
- break;
-
- if (r != -EAGAIN) {
- log_warning("Requested transaction contains an unfixable cyclic ordering dependency: %s", bus_error_message(e, r));
- return r;
- }
-
- /* Let's see if the resulting transaction ordering
- * graph is still cyclic... */
- }
-
- for (;;) {
- /* Sixth step: let's drop unmergeable entries if
- * necessary and possible, merge entries we can
- * merge */
- r = transaction_merge_jobs(tr, e);
- if (r >= 0)
- break;
-
- if (r != -EAGAIN) {
- log_warning("Requested transaction contains unmergeable jobs: %s", bus_error_message(e, r));
- return r;
- }
-
- /* Seventh step: an entry got dropped, let's garbage
- * collect its dependencies. */
- if (mode != JOB_ISOLATE)
- transaction_collect_garbage(tr);
-
- /* Let's see if the resulting transaction still has
- * unmergeable entries ... */
- }
-
- /* Eights step: Drop redundant jobs again, if the merging now allows us to drop more. */
- transaction_drop_redundant(tr);
-
- /* Ninth step: check whether we can actually apply this */
- r = transaction_is_destructive(tr, mode, e);
- if (r < 0) {
- log_notice("Requested transaction contradicts existing jobs: %s", bus_error_message(e, r));
- return r;
- }
-
- /* Tenth step: apply changes */
- r = transaction_apply(tr, m, mode);
- if (r < 0)
- return log_warning_errno(r, "Failed to apply transaction: %m");
-
- assert(hashmap_isempty(tr->jobs));
-
- if (!hashmap_isempty(m->jobs)) {
- /* Are there any jobs now? Then make sure we have the
- * idle pipe around. We don't really care too much
- * whether this works or not, as the idle pipe is a
- * feature for cosmetics, not actually useful for
- * anything beyond that. */
-
- if (m->idle_pipe[0] < 0 && m->idle_pipe[1] < 0 &&
- m->idle_pipe[2] < 0 && m->idle_pipe[3] < 0) {
- (void) pipe2(m->idle_pipe, O_NONBLOCK|O_CLOEXEC);
- (void) pipe2(m->idle_pipe + 2, O_NONBLOCK|O_CLOEXEC);
- }
- }
-
- return 0;
-}
-
-static Job* transaction_add_one_job(Transaction *tr, JobType type, Unit *unit, bool *is_new) {
- Job *j, *f;
-
- assert(tr);
- assert(unit);
-
- /* Looks for an existing prospective job and returns that. If
- * it doesn't exist it is created and added to the prospective
- * jobs list. */
-
- f = hashmap_get(tr->jobs, unit);
-
- LIST_FOREACH(transaction, j, f) {
- assert(j->unit == unit);
-
- if (j->type == type) {
- if (is_new)
- *is_new = false;
- return j;
- }
- }
-
- j = job_new(unit, type);
- if (!j)
- return NULL;
-
- j->generation = 0;
- j->marker = NULL;
- j->matters_to_anchor = false;
- j->irreversible = tr->irreversible;
-
- LIST_PREPEND(transaction, f, j);
-
- if (hashmap_replace(tr->jobs, unit, f) < 0) {
- LIST_REMOVE(transaction, f, j);
- job_free(j);
- return NULL;
- }
-
- if (is_new)
- *is_new = true;
-
- /* log_debug("Added job %s/%s to transaction.", unit->id, job_type_to_string(type)); */
-
- return j;
-}
-
-static void transaction_unlink_job(Transaction *tr, Job *j, bool delete_dependencies) {
- assert(tr);
- assert(j);
-
- if (j->transaction_prev)
- j->transaction_prev->transaction_next = j->transaction_next;
- else if (j->transaction_next)
- hashmap_replace(tr->jobs, j->unit, j->transaction_next);
- else
- hashmap_remove_value(tr->jobs, j->unit, j);
-
- if (j->transaction_next)
- j->transaction_next->transaction_prev = j->transaction_prev;
-
- j->transaction_prev = j->transaction_next = NULL;
-
- while (j->subject_list)
- job_dependency_free(j->subject_list);
-
- while (j->object_list) {
- Job *other = j->object_list->matters ? j->object_list->subject : NULL;
-
- job_dependency_free(j->object_list);
-
- if (other && delete_dependencies) {
- log_unit_debug(other->unit,
- "Deleting job %s/%s as dependency of job %s/%s",
- other->unit->id, job_type_to_string(other->type),
- j->unit->id, job_type_to_string(j->type));
- transaction_delete_job(tr, other, delete_dependencies);
- }
- }
-}
-
-int transaction_add_job_and_dependencies(
- Transaction *tr,
- JobType type,
- Unit *unit,
- Job *by,
- bool matters,
- bool conflicts,
- bool ignore_requirements,
- bool ignore_order,
- sd_bus_error *e) {
- Job *ret;
- Iterator i;
- Unit *dep;
- int r;
- bool is_new;
-
- assert(tr);
- assert(type < _JOB_TYPE_MAX);
- assert(type < _JOB_TYPE_MAX_IN_TRANSACTION);
- assert(unit);
-
- /* Before adding jobs for this unit, let's ensure that its state has been loaded
- * This matters when jobs are spawned as part of coldplugging itself (see e. g. path_coldplug()).
- * This way, we "recursively" coldplug units, ensuring that we do not look at state of
- * not-yet-coldplugged units. */
- if (MANAGER_IS_RELOADING(unit->manager))
- unit_coldplug(unit);
-
- /* log_debug("Pulling in %s/%s from %s/%s", */
- /* unit->id, job_type_to_string(type), */
- /* by ? by->unit->id : "NA", */
- /* by ? job_type_to_string(by->type) : "NA"); */
-
- if (!IN_SET(unit->load_state, UNIT_LOADED, UNIT_ERROR, UNIT_NOT_FOUND, UNIT_MASKED))
- return sd_bus_error_setf(e, BUS_ERROR_LOAD_FAILED, "Unit %s is not loaded properly.", unit->id);
-
- if (type != JOB_STOP) {
- r = bus_unit_check_load_state(unit, e);
- if (r < 0)
- return r;
- }
-
- if (!unit_job_is_applicable(unit, type))
- return sd_bus_error_setf(e, BUS_ERROR_JOB_TYPE_NOT_APPLICABLE,
- "Job type %s is not applicable for unit %s.",
- job_type_to_string(type), unit->id);
-
-
- /* First add the job. */
- ret = transaction_add_one_job(tr, type, unit, &is_new);
- if (!ret)
- return -ENOMEM;
-
- ret->ignore_order = ret->ignore_order || ignore_order;
-
- /* Then, add a link to the job. */
- if (by) {
- if (!job_dependency_new(by, ret, matters, conflicts))
- return -ENOMEM;
- } else {
- /* If the job has no parent job, it is the anchor job. */
- assert(!tr->anchor_job);
- tr->anchor_job = ret;
- }
-
- if (is_new && !ignore_requirements && type != JOB_NOP) {
- Set *following;
-
- /* If we are following some other unit, make sure we
- * add all dependencies of everybody following. */
- if (unit_following_set(ret->unit, &following) > 0) {
- SET_FOREACH(dep, following, i) {
- r = transaction_add_job_and_dependencies(tr, type, dep, ret, false, false, false, ignore_order, e);
- if (r < 0) {
- log_unit_warning(dep, "Cannot add dependency job for, ignoring: %s", bus_error_message(e, r));
- sd_bus_error_free(e);
- }
- }
-
- set_free(following);
- }
-
- /* Finally, recursively add in all dependencies. */
- if (type == JOB_START || type == JOB_RESTART) {
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_REQUIRES], i) {
- r = transaction_add_job_and_dependencies(tr, JOB_START, dep, ret, true, false, false, ignore_order, e);
- if (r < 0) {
- if (r != -EBADR) /* job type not applicable */
- goto fail;
-
- sd_bus_error_free(e);
- }
- }
-
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_BINDS_TO], i) {
- r = transaction_add_job_and_dependencies(tr, JOB_START, dep, ret, true, false, false, ignore_order, e);
- if (r < 0) {
- if (r != -EBADR) /* job type not applicable */
- goto fail;
-
- sd_bus_error_free(e);
- }
- }
-
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_WANTS], i) {
- r = transaction_add_job_and_dependencies(tr, JOB_START, dep, ret, false, false, false, ignore_order, e);
- if (r < 0) {
- /* unit masked, job type not applicable and unit not found are not considered as errors. */
- log_unit_full(dep,
- IN_SET(r, -ERFKILL, -EBADR, -ENOENT) ? LOG_DEBUG : LOG_WARNING,
- r, "Cannot add dependency job, ignoring: %s",
- bus_error_message(e, r));
- sd_bus_error_free(e);
- }
- }
-
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_REQUISITE], i) {
- r = transaction_add_job_and_dependencies(tr, JOB_VERIFY_ACTIVE, dep, ret, true, false, false, ignore_order, e);
- if (r < 0) {
- if (r != -EBADR) /* job type not applicable */
- goto fail;
-
- sd_bus_error_free(e);
- }
- }
-
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_CONFLICTS], i) {
- r = transaction_add_job_and_dependencies(tr, JOB_STOP, dep, ret, true, true, false, ignore_order, e);
- if (r < 0) {
- if (r != -EBADR) /* job type not applicable */
- goto fail;
-
- sd_bus_error_free(e);
- }
- }
-
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_CONFLICTED_BY], i) {
- r = transaction_add_job_and_dependencies(tr, JOB_STOP, dep, ret, false, false, false, ignore_order, e);
- if (r < 0) {
- log_unit_warning(dep,
- "Cannot add dependency job, ignoring: %s",
- bus_error_message(e, r));
- sd_bus_error_free(e);
- }
- }
-
- }
-
- if (type == JOB_STOP || type == JOB_RESTART) {
- static const UnitDependency propagate_deps[] = {
- UNIT_REQUIRED_BY,
- UNIT_REQUISITE_OF,
- UNIT_BOUND_BY,
- UNIT_CONSISTS_OF,
- };
-
- JobType ptype;
- unsigned j;
-
- /* We propagate STOP as STOP, but RESTART only
- * as TRY_RESTART, in order not to start
- * dependencies that are not around. */
- ptype = type == JOB_RESTART ? JOB_TRY_RESTART : type;
-
- for (j = 0; j < ELEMENTSOF(propagate_deps); j++)
- SET_FOREACH(dep, ret->unit->dependencies[propagate_deps[j]], i) {
- JobType nt;
-
- nt = job_type_collapse(ptype, dep);
- if (nt == JOB_NOP)
- continue;
-
- r = transaction_add_job_and_dependencies(tr, nt, dep, ret, true, false, false, ignore_order, e);
- if (r < 0) {
- if (r != -EBADR) /* job type not applicable */
- goto fail;
-
- sd_bus_error_free(e);
- }
- }
- }
-
- if (type == JOB_RELOAD) {
-
- SET_FOREACH(dep, ret->unit->dependencies[UNIT_PROPAGATES_RELOAD_TO], i) {
- JobType nt;
-
- nt = job_type_collapse(JOB_TRY_RELOAD, dep);
- if (nt == JOB_NOP)
- continue;
-
- r = transaction_add_job_and_dependencies(tr, nt, dep, ret, false, false, false, ignore_order, e);
- if (r < 0) {
- log_unit_warning(dep,
- "Cannot add dependency reload job, ignoring: %s",
- bus_error_message(e, r));
- sd_bus_error_free(e);
- }
- }
- }
-
- /* JOB_VERIFY_STARTED require no dependency handling */
- }
-
- return 0;
-
-fail:
- return r;
-}
-
-int transaction_add_isolate_jobs(Transaction *tr, Manager *m) {
- Iterator i;
- Unit *u;
- char *k;
- int r;
-
- assert(tr);
- assert(m);
-
- HASHMAP_FOREACH_KEY(u, k, m->units, i) {
-
- /* ignore aliases */
- if (u->id != k)
- continue;
-
- if (u->ignore_on_isolate)
- continue;
-
- /* No need to stop inactive jobs */
- if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(u)) && !u->job)
- continue;
-
- /* Is there already something listed for this? */
- if (hashmap_get(tr->jobs, u))
- continue;
-
- r = transaction_add_job_and_dependencies(tr, JOB_STOP, u, tr->anchor_job, true, false, false, false, NULL);
- if (r < 0)
- log_unit_warning_errno(u, r, "Cannot add isolate job, ignoring: %m");
- }
-
- return 0;
-}
-
-Transaction *transaction_new(bool irreversible) {
- Transaction *tr;
-
- tr = new0(Transaction, 1);
- if (!tr)
- return NULL;
-
- tr->jobs = hashmap_new(NULL);
- if (!tr->jobs)
- return mfree(tr);
-
- tr->irreversible = irreversible;
-
- return tr;
-}
-
-void transaction_free(Transaction *tr) {
- assert(hashmap_isempty(tr->jobs));
- hashmap_free(tr->jobs);
- free(tr);
-}
diff --git a/src/core/transaction.h b/src/core/transaction.h
deleted file mode 100644
index 6a3f927b0f..0000000000
--- a/src/core/transaction.h
+++ /dev/null
@@ -1,51 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-typedef struct Transaction Transaction;
-
-#include "hashmap.h"
-#include "job.h"
-#include "manager.h"
-#include "unit.h"
-
-struct Transaction {
- /* Jobs to be added */
- Hashmap *jobs; /* Unit object => Job object list 1:1 */
- Job *anchor_job; /* the job the user asked for */
- bool irreversible;
-};
-
-Transaction *transaction_new(bool irreversible);
-void transaction_free(Transaction *tr);
-
-int transaction_add_job_and_dependencies(
- Transaction *tr,
- JobType type,
- Unit *unit,
- Job *by,
- bool matters,
- bool conflicts,
- bool ignore_requirements,
- bool ignore_order,
- sd_bus_error *e);
-int transaction_activate(Transaction *tr, Manager *m, JobMode mode, sd_bus_error *e);
-int transaction_add_isolate_jobs(Transaction *tr, Manager *m);
-void transaction_abort(Transaction *tr);
diff --git a/src/core/triggers.systemd.in b/src/core/triggers.systemd.in
deleted file mode 100644
index 0d8c303136..0000000000
--- a/src/core/triggers.systemd.in
+++ /dev/null
@@ -1,66 +0,0 @@
-# -*- Mode: rpm-spec; indent-tabs-mode: nil -*- */
-#
-# This file is part of systemd.
-#
-# Copyright 2015 Zbigniew Jędrzejewski-Szmek
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-#
-# systemd is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with systemd; If not, see <http://www.gnu.org/licenses/>.
-
-# The contents of this are an example to be copied into systemd.spec.
-#
-# Minimum rpm version supported: 4.13.0
-
-%transfiletriggerin -P 900900 -p <lua> -- @systemunitdir@ /etc/systemd/system
--- This script will run after any package is initially installed or
--- upgraded. We care about the case where a package is initially
--- installed, because other cases are covered by the *un scriptlets,
--- so sometimes we will reload needlessly.
-
-pid = posix.fork()
-if pid == 0 then
- assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
-elseif pid > 0 then
- posix.wait(pid)
-end
-
-%transfiletriggerun -p <lua> -- @systemunitdir@ /etc/systemd/system
--- On removal, we need to run daemon-reload after any units have been
--- removed. %transfiletriggerpostun would be ideal, but it does not get
--- executed for some reason.
--- On upgrade, we need to run daemon-reload after any new unit files
--- have been installed, but before %postun scripts in packages get
--- executed. %transfiletriggerun gets the right list of files
--- but it is invoked too early (before changes happen).
--- %filetriggerpostun happens at the right time, but it fires for
--- every package.
--- To execute the reload at the right time, we create a state
--- file in %transfiletriggerun and execute the daemon-reload in
--- the first %filetriggerpostun.
-
-posix.mkdir("%{_localstatedir}/lib")
-posix.mkdir("%{_localstatedir}/lib/rpm-state")
-posix.mkdir("%{_localstatedir}/lib/rpm-state/systemd")
-io.open("%{_localstatedir}/lib/rpm-state/systemd/needs-reload", "w")
-
-%filetriggerpostun -P 1000100 -p <lua> -- @systemunitdir@ /etc/systemd/system
-if posix.access("%{_localstatedir}/lib/rpm-state/systemd/needs-reload") then
- posix.unlink("%{_localstatedir}/lib/rpm-state/systemd/needs-reload")
- posix.rmdir("%{_localstatedir}/lib/rpm-state/systemd")
- pid = posix.fork()
- if pid == 0 then
- assert(posix.exec("%{_bindir}/systemctl", "daemon-reload"))
- elseif pid > 0 then
- posix.wait(pid)
- end
-end
diff --git a/src/core/umount.c b/src/core/umount.c
deleted file mode 100644
index 1e5459ed80..0000000000
--- a/src/core/umount.c
+++ /dev/null
@@ -1,614 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 ProFUSION embedded systems
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <fcntl.h>
-#include <linux/dm-ioctl.h>
-#include <linux/loop.h>
-#include <string.h>
-#include <sys/mount.h>
-#include <sys/swap.h>
-
-#include "libudev.h"
-
-#include "alloc-util.h"
-#include "escape.h"
-#include "fd-util.h"
-#include "fstab-util.h"
-#include "list.h"
-#include "mount-setup.h"
-#include "path-util.h"
-#include "string-util.h"
-#include "udev-util.h"
-#include "umount.h"
-#include "util.h"
-#include "virt.h"
-
-typedef struct MountPoint {
- char *path;
- char *options;
- dev_t devnum;
- LIST_FIELDS(struct MountPoint, mount_point);
-} MountPoint;
-
-static void mount_point_free(MountPoint **head, MountPoint *m) {
- assert(head);
- assert(m);
-
- LIST_REMOVE(mount_point, *head, m);
-
- free(m->path);
- free(m);
-}
-
-static void mount_points_list_free(MountPoint **head) {
- assert(head);
-
- while (*head)
- mount_point_free(head, *head);
-}
-
-static int mount_points_list_get(MountPoint **head) {
- _cleanup_fclose_ FILE *proc_self_mountinfo = NULL;
- unsigned int i;
- int r;
-
- assert(head);
-
- proc_self_mountinfo = fopen("/proc/self/mountinfo", "re");
- if (!proc_self_mountinfo)
- return -errno;
-
- for (i = 1;; i++) {
- _cleanup_free_ char *path = NULL, *options = NULL;
- char *p = NULL;
- MountPoint *m;
- int k;
-
- k = fscanf(proc_self_mountinfo,
- "%*s " /* (1) mount id */
- "%*s " /* (2) parent id */
- "%*s " /* (3) major:minor */
- "%*s " /* (4) root */
- "%ms " /* (5) mount point */
- "%*s" /* (6) mount flags */
- "%*[^-]" /* (7) optional fields */
- "- " /* (8) separator */
- "%*s " /* (9) file system type */
- "%*s" /* (10) mount source */
- "%ms" /* (11) mount options */
- "%*[^\n]", /* some rubbish at the end */
- &path, &options);
- if (k != 2) {
- if (k == EOF)
- break;
-
- log_warning("Failed to parse /proc/self/mountinfo:%u.", i);
- continue;
- }
-
- r = cunescape(path, UNESCAPE_RELAX, &p);
- if (r < 0)
- return r;
-
- /* Ignore mount points we can't unmount because they
- * are API or because we are keeping them open (like
- * /dev/console). Also, ignore all mounts below API
- * file systems, since they are likely virtual too,
- * and hence not worth spending time on. Also, in
- * unprivileged containers we might lack the rights to
- * unmount these things, hence don't bother. */
- if (mount_point_is_api(p) ||
- mount_point_ignore(p) ||
- path_startswith(p, "/dev") ||
- path_startswith(p, "/sys") ||
- path_startswith(p, "/proc")) {
- free(p);
- continue;
- }
-
- m = new0(MountPoint, 1);
- if (!m) {
- free(p);
- return -ENOMEM;
- }
-
- m->path = p;
- m->options = options;
- options = NULL;
-
- LIST_PREPEND(mount_point, *head, m);
- }
-
- return 0;
-}
-
-static int swap_list_get(MountPoint **head) {
- _cleanup_fclose_ FILE *proc_swaps = NULL;
- unsigned int i;
- int r;
-
- assert(head);
-
- proc_swaps = fopen("/proc/swaps", "re");
- if (!proc_swaps)
- return (errno == ENOENT) ? 0 : -errno;
-
- (void) fscanf(proc_swaps, "%*s %*s %*s %*s %*s\n");
-
- for (i = 2;; i++) {
- MountPoint *swap;
- char *dev = NULL, *d;
- int k;
-
- k = fscanf(proc_swaps,
- "%ms " /* device/file */
- "%*s " /* type of swap */
- "%*s " /* swap size */
- "%*s " /* used */
- "%*s\n", /* priority */
- &dev);
-
- if (k != 1) {
- if (k == EOF)
- break;
-
- log_warning("Failed to parse /proc/swaps:%u.", i);
- free(dev);
- continue;
- }
-
- if (endswith(dev, " (deleted)")) {
- free(dev);
- continue;
- }
-
- r = cunescape(dev, UNESCAPE_RELAX, &d);
- free(dev);
- if (r < 0)
- return r;
-
- swap = new0(MountPoint, 1);
- if (!swap) {
- free(d);
- return -ENOMEM;
- }
-
- swap->path = d;
- LIST_PREPEND(mount_point, *head, swap);
- }
-
- return 0;
-}
-
-static int loopback_list_get(MountPoint **head) {
- _cleanup_udev_enumerate_unref_ struct udev_enumerate *e = NULL;
- struct udev_list_entry *item = NULL, *first = NULL;
- _cleanup_udev_unref_ struct udev *udev = NULL;
- int r;
-
- assert(head);
-
- udev = udev_new();
- if (!udev)
- return -ENOMEM;
-
- e = udev_enumerate_new(udev);
- if (!e)
- return -ENOMEM;
-
- r = udev_enumerate_add_match_subsystem(e, "block");
- if (r < 0)
- return r;
-
- r = udev_enumerate_add_match_sysname(e, "loop*");
- if (r < 0)
- return r;
-
- r = udev_enumerate_add_match_sysattr(e, "loop/backing_file", NULL);
- if (r < 0)
- return r;
-
- r = udev_enumerate_scan_devices(e);
- if (r < 0)
- return r;
-
- first = udev_enumerate_get_list_entry(e);
- udev_list_entry_foreach(item, first) {
- MountPoint *lb;
- _cleanup_udev_device_unref_ struct udev_device *d;
- char *loop;
- const char *dn;
-
- d = udev_device_new_from_syspath(udev, udev_list_entry_get_name(item));
- if (!d)
- return -ENOMEM;
-
- dn = udev_device_get_devnode(d);
- if (!dn)
- continue;
-
- loop = strdup(dn);
- if (!loop)
- return -ENOMEM;
-
- lb = new0(MountPoint, 1);
- if (!lb) {
- free(loop);
- return -ENOMEM;
- }
-
- lb->path = loop;
- LIST_PREPEND(mount_point, *head, lb);
- }
-
- return 0;
-}
-
-static int dm_list_get(MountPoint **head) {
- _cleanup_udev_enumerate_unref_ struct udev_enumerate *e = NULL;
- struct udev_list_entry *item = NULL, *first = NULL;
- _cleanup_udev_unref_ struct udev *udev = NULL;
- int r;
-
- assert(head);
-
- udev = udev_new();
- if (!udev)
- return -ENOMEM;
-
- e = udev_enumerate_new(udev);
- if (!e)
- return -ENOMEM;
-
- r = udev_enumerate_add_match_subsystem(e, "block");
- if (r < 0)
- return r;
-
- r = udev_enumerate_add_match_sysname(e, "dm-*");
- if (r < 0)
- return r;
-
- r = udev_enumerate_scan_devices(e);
- if (r < 0)
- return r;
-
- first = udev_enumerate_get_list_entry(e);
- udev_list_entry_foreach(item, first) {
- MountPoint *m;
- _cleanup_udev_device_unref_ struct udev_device *d;
- dev_t devnum;
- char *node;
- const char *dn;
-
- d = udev_device_new_from_syspath(udev, udev_list_entry_get_name(item));
- if (!d)
- return -ENOMEM;
-
- devnum = udev_device_get_devnum(d);
- dn = udev_device_get_devnode(d);
- if (major(devnum) == 0 || !dn)
- continue;
-
- node = strdup(dn);
- if (!node)
- return -ENOMEM;
-
- m = new(MountPoint, 1);
- if (!m) {
- free(node);
- return -ENOMEM;
- }
-
- m->path = node;
- m->devnum = devnum;
- LIST_PREPEND(mount_point, *head, m);
- }
-
- return 0;
-}
-
-static int delete_loopback(const char *device) {
- _cleanup_close_ int fd = -1;
- int r;
-
- fd = open(device, O_RDONLY|O_CLOEXEC);
- if (fd < 0)
- return errno == ENOENT ? 0 : -errno;
-
- r = ioctl(fd, LOOP_CLR_FD, 0);
- if (r >= 0)
- return 1;
-
- /* ENXIO: not bound, so no error */
- if (errno == ENXIO)
- return 0;
-
- return -errno;
-}
-
-static int delete_dm(dev_t devnum) {
- _cleanup_close_ int fd = -1;
- int r;
- struct dm_ioctl dm = {
- .version = {DM_VERSION_MAJOR,
- DM_VERSION_MINOR,
- DM_VERSION_PATCHLEVEL},
- .data_size = sizeof(dm),
- .dev = devnum,
- };
-
- assert(major(devnum) != 0);
-
- fd = open("/dev/mapper/control", O_RDWR|O_CLOEXEC);
- if (fd < 0)
- return -errno;
-
- r = ioctl(fd, DM_DEV_REMOVE, &dm);
- return r >= 0 ? 0 : -errno;
-}
-
-static int mount_points_list_umount(MountPoint **head, bool *changed, bool log_error) {
- MountPoint *m, *n;
- int n_failed = 0;
-
- assert(head);
-
- LIST_FOREACH_SAFE(mount_point, m, n, *head) {
-
- /* If we are in a container, don't attempt to
- read-only mount anything as that brings no real
- benefits, but might confuse the host, as we remount
- the superblock here, not the bind mount. */
- if (detect_container() <= 0) {
- _cleanup_free_ char *options = NULL;
- /* MS_REMOUNT requires that the data parameter
- * should be the same from the original mount
- * except for the desired changes. Since we want
- * to remount read-only, we should filter out
- * rw (and ro too, because it confuses the kernel) */
- (void) fstab_filter_options(m->options, "rw\0ro\0", NULL, NULL, &options);
-
- /* We always try to remount directories
- * read-only first, before we go on and umount
- * them.
- *
- * Mount points can be stacked. If a mount
- * point is stacked below / or /usr, we
- * cannot umount or remount it directly,
- * since there is no way to refer to the
- * underlying mount. There's nothing we can do
- * about it for the general case, but we can
- * do something about it if it is aliased
- * somehwere else via a bind mount. If we
- * explicitly remount the super block of that
- * alias read-only we hence should be
- * relatively safe regarding keeping the fs we
- * can otherwise not see dirty. */
- log_info("Remounting '%s' read-only with options '%s'.", m->path, options);
- (void) mount(NULL, m->path, NULL, MS_REMOUNT|MS_RDONLY, options);
- }
-
- /* Skip / and /usr since we cannot unmount that
- * anyway, since we are running from it. They have
- * already been remounted ro. */
- if (path_equal(m->path, "/")
-#ifndef HAVE_SPLIT_USR
- || path_equal(m->path, "/usr")
-#endif
- || path_startswith(m->path, "/run/initramfs")
- )
- continue;
-
- /* Trying to umount. We don't force here since we rely
- * on busy NFS and FUSE file systems to return EBUSY
- * until we closed everything on top of them. */
- log_info("Unmounting %s.", m->path);
- if (umount2(m->path, 0) == 0) {
- if (changed)
- *changed = true;
-
- mount_point_free(head, m);
- } else if (log_error) {
- log_warning_errno(errno, "Could not unmount %s: %m", m->path);
- n_failed++;
- }
- }
-
- return n_failed;
-}
-
-static int swap_points_list_off(MountPoint **head, bool *changed) {
- MountPoint *m, *n;
- int n_failed = 0;
-
- assert(head);
-
- LIST_FOREACH_SAFE(mount_point, m, n, *head) {
- log_info("Deactivating swap %s.", m->path);
- if (swapoff(m->path) == 0) {
- if (changed)
- *changed = true;
-
- mount_point_free(head, m);
- } else {
- log_warning_errno(errno, "Could not deactivate swap %s: %m", m->path);
- n_failed++;
- }
- }
-
- return n_failed;
-}
-
-static int loopback_points_list_detach(MountPoint **head, bool *changed) {
- MountPoint *m, *n;
- int n_failed = 0, k;
- struct stat root_st;
-
- assert(head);
-
- k = lstat("/", &root_st);
-
- LIST_FOREACH_SAFE(mount_point, m, n, *head) {
- int r;
- struct stat loopback_st;
-
- if (k >= 0 &&
- major(root_st.st_dev) != 0 &&
- lstat(m->path, &loopback_st) >= 0 &&
- root_st.st_dev == loopback_st.st_rdev) {
- n_failed++;
- continue;
- }
-
- log_info("Detaching loopback %s.", m->path);
- r = delete_loopback(m->path);
- if (r >= 0) {
- if (r > 0 && changed)
- *changed = true;
-
- mount_point_free(head, m);
- } else {
- log_warning_errno(errno, "Could not detach loopback %s: %m", m->path);
- n_failed++;
- }
- }
-
- return n_failed;
-}
-
-static int dm_points_list_detach(MountPoint **head, bool *changed) {
- MountPoint *m, *n;
- int n_failed = 0, k;
- struct stat root_st;
-
- assert(head);
-
- k = lstat("/", &root_st);
-
- LIST_FOREACH_SAFE(mount_point, m, n, *head) {
- int r;
-
- if (k >= 0 &&
- major(root_st.st_dev) != 0 &&
- root_st.st_dev == m->devnum) {
- n_failed++;
- continue;
- }
-
- log_info("Detaching DM %u:%u.", major(m->devnum), minor(m->devnum));
- r = delete_dm(m->devnum);
- if (r >= 0) {
- if (changed)
- *changed = true;
-
- mount_point_free(head, m);
- } else {
- log_warning_errno(errno, "Could not detach DM %s: %m", m->path);
- n_failed++;
- }
- }
-
- return n_failed;
-}
-
-int umount_all(bool *changed) {
- int r;
- bool umount_changed;
- LIST_HEAD(MountPoint, mp_list_head);
-
- LIST_HEAD_INIT(mp_list_head);
- r = mount_points_list_get(&mp_list_head);
- if (r < 0)
- goto end;
-
- /* retry umount, until nothing can be umounted anymore */
- do {
- umount_changed = false;
-
- mount_points_list_umount(&mp_list_head, &umount_changed, false);
- if (umount_changed)
- *changed = true;
-
- } while (umount_changed);
-
- /* umount one more time with logging enabled */
- r = mount_points_list_umount(&mp_list_head, &umount_changed, true);
- if (r <= 0)
- goto end;
-
- end:
- mount_points_list_free(&mp_list_head);
-
- return r;
-}
-
-int swapoff_all(bool *changed) {
- int r;
- LIST_HEAD(MountPoint, swap_list_head);
-
- LIST_HEAD_INIT(swap_list_head);
-
- r = swap_list_get(&swap_list_head);
- if (r < 0)
- goto end;
-
- r = swap_points_list_off(&swap_list_head, changed);
-
- end:
- mount_points_list_free(&swap_list_head);
-
- return r;
-}
-
-int loopback_detach_all(bool *changed) {
- int r;
- LIST_HEAD(MountPoint, loopback_list_head);
-
- LIST_HEAD_INIT(loopback_list_head);
-
- r = loopback_list_get(&loopback_list_head);
- if (r < 0)
- goto end;
-
- r = loopback_points_list_detach(&loopback_list_head, changed);
-
- end:
- mount_points_list_free(&loopback_list_head);
-
- return r;
-}
-
-int dm_detach_all(bool *changed) {
- int r;
- LIST_HEAD(MountPoint, dm_list_head);
-
- LIST_HEAD_INIT(dm_list_head);
-
- r = dm_list_get(&dm_list_head);
- if (r < 0)
- goto end;
-
- r = dm_points_list_detach(&dm_list_head, changed);
-
- end:
- mount_points_list_free(&dm_list_head);
-
- return r;
-}
diff --git a/src/core/umount.h b/src/core/umount.h
deleted file mode 100644
index 4e2215a47d..0000000000
--- a/src/core/umount.h
+++ /dev/null
@@ -1,28 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 ProFUSION embedded systems
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-int umount_all(bool *changed);
-
-int swapoff_all(bool *changed);
-
-int loopback_detach_all(bool *changed);
-
-int dm_detach_all(bool *changed);
diff --git a/src/core/unit-printf.c b/src/core/unit-printf.c
deleted file mode 100644
index f11df42af3..0000000000
--- a/src/core/unit-printf.c
+++ /dev/null
@@ -1,304 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "alloc-util.h"
-#include "cgroup-util.h"
-#include "formats-util.h"
-#include "macro.h"
-#include "specifier.h"
-#include "string-util.h"
-#include "strv.h"
-#include "unit-name.h"
-#include "unit-printf.h"
-#include "unit.h"
-#include "user-util.h"
-
-static int specifier_prefix_and_instance(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
-
- assert(u);
-
- return unit_name_to_prefix_and_instance(u->id, ret);
-}
-
-static int specifier_prefix(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
-
- assert(u);
-
- return unit_name_to_prefix(u->id, ret);
-}
-
-static int specifier_prefix_unescaped(char specifier, void *data, void *userdata, char **ret) {
- _cleanup_free_ char *p = NULL;
- Unit *u = userdata;
- int r;
-
- assert(u);
-
- r = unit_name_to_prefix(u->id, &p);
- if (r < 0)
- return r;
-
- return unit_name_unescape(p, ret);
-}
-
-static int specifier_instance_unescaped(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
-
- assert(u);
-
- return unit_name_unescape(strempty(u->instance), ret);
-}
-
-static int specifier_filename(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
-
- assert(u);
-
- if (u->instance)
- return unit_name_path_unescape(u->instance, ret);
- else
- return unit_name_to_path(u->id, ret);
-}
-
-static int specifier_cgroup(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
- char *n;
-
- assert(u);
-
- if (u->cgroup_path)
- n = strdup(u->cgroup_path);
- else
- n = unit_default_cgroup_path(u);
- if (!n)
- return -ENOMEM;
-
- *ret = n;
- return 0;
-}
-
-static int specifier_cgroup_root(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
- char *n;
-
- assert(u);
-
- n = strdup(u->manager->cgroup_root);
- if (!n)
- return -ENOMEM;
-
- *ret = n;
- return 0;
-}
-
-static int specifier_cgroup_slice(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
- char *n;
-
- assert(u);
-
- if (UNIT_ISSET(u->slice)) {
- Unit *slice;
-
- slice = UNIT_DEREF(u->slice);
-
- if (slice->cgroup_path)
- n = strdup(slice->cgroup_path);
- else
- n = unit_default_cgroup_path(slice);
- } else
- n = strdup(u->manager->cgroup_root);
- if (!n)
- return -ENOMEM;
-
- *ret = n;
- return 0;
-}
-
-static int specifier_runtime(char specifier, void *data, void *userdata, char **ret) {
- Unit *u = userdata;
- const char *e;
- char *n = NULL;
-
- assert(u);
-
- e = manager_get_runtime_prefix(u->manager);
- if (!e)
- return -EOPNOTSUPP;
- n = strdup(e);
- if (!n)
- return -ENOMEM;
-
- *ret = n;
- return 0;
-}
-
-static int specifier_user_name(char specifier, void *data, void *userdata, char **ret) {
- char *t;
-
- /* If we are UID 0 (root), this will not result in NSS,
- * otherwise it might. This is good, as we want to be able to
- * run this in PID 1, where our user ID is 0, but where NSS
- * lookups are not allowed. */
-
- t = getusername_malloc();
- if (!t)
- return -ENOMEM;
-
- *ret = t;
- return 0;
-}
-
-static int specifier_user_id(char specifier, void *data, void *userdata, char **ret) {
-
- if (asprintf(ret, UID_FMT, getuid()) < 0)
- return -ENOMEM;
-
- return 0;
-}
-
-static int specifier_user_home(char specifier, void *data, void *userdata, char **ret) {
-
- /* On PID 1 (which runs as root) this will not result in NSS,
- * which is good. See above */
-
- return get_home_dir(ret);
-}
-
-static int specifier_user_shell(char specifier, void *data, void *userdata, char **ret) {
-
- /* On PID 1 (which runs as root) this will not result in NSS,
- * which is good. See above */
-
- return get_shell(ret);
-}
-
-int unit_name_printf(Unit *u, const char* format, char **ret) {
-
- /*
- * This will use the passed string as format string and
- * replace the following specifiers:
- *
- * %n: the full id of the unit (foo@bar.waldo)
- * %N: the id of the unit without the suffix (foo@bar)
- * %p: the prefix (foo)
- * %i: the instance (bar)
- */
-
- const Specifier table[] = {
- { 'n', specifier_string, u->id },
- { 'N', specifier_prefix_and_instance, NULL },
- { 'p', specifier_prefix, NULL },
- { 'i', specifier_string, u->instance },
- { 0, NULL, NULL }
- };
-
- assert(u);
- assert(format);
- assert(ret);
-
- return specifier_printf(format, table, u, ret);
-}
-
-int unit_full_printf(Unit *u, const char *format, char **ret) {
-
- /* This is similar to unit_name_printf() but also supports
- * unescaping. Also, adds a couple of additional codes:
- *
- * %f the instance if set, otherwise the id
- * %c cgroup path of unit
- * %r where units in this slice are placed in the cgroup tree
- * %R the root of this systemd's instance tree
- * %t the runtime directory to place sockets in (e.g. "/run" or $XDG_RUNTIME_DIR)
- * %U the UID of the running user
- * %u the username of the running user
- * %h the homedir of the running user
- * %s the shell of the running user
- * %m the machine ID of the running system
- * %H the host name of the running system
- * %b the boot ID of the running system
- * %v `uname -r` of the running system
- */
-
- const Specifier table[] = {
- { 'n', specifier_string, u->id },
- { 'N', specifier_prefix_and_instance, NULL },
- { 'p', specifier_prefix, NULL },
- { 'P', specifier_prefix_unescaped, NULL },
- { 'i', specifier_string, u->instance },
- { 'I', specifier_instance_unescaped, NULL },
-
- { 'f', specifier_filename, NULL },
- { 'c', specifier_cgroup, NULL },
- { 'r', specifier_cgroup_slice, NULL },
- { 'R', specifier_cgroup_root, NULL },
- { 't', specifier_runtime, NULL },
-
- { 'U', specifier_user_id, NULL },
- { 'u', specifier_user_name, NULL },
- { 'h', specifier_user_home, NULL },
- { 's', specifier_user_shell, NULL },
-
- { 'm', specifier_machine_id, NULL },
- { 'H', specifier_host_name, NULL },
- { 'b', specifier_boot_id, NULL },
- { 'v', specifier_kernel_release, NULL },
- {}
- };
-
- assert(u);
- assert(format);
- assert(ret);
-
- return specifier_printf(format, table, u, ret);
-}
-
-int unit_full_printf_strv(Unit *u, char **l, char ***ret) {
- size_t n;
- char **r, **i, **j;
- int q;
-
- /* Applies unit_full_printf to every entry in l */
-
- assert(u);
-
- n = strv_length(l);
- r = new(char*, n+1);
- if (!r)
- return -ENOMEM;
-
- for (i = l, j = r; *i; i++, j++) {
- q = unit_full_printf(u, *i, j);
- if (q < 0)
- goto fail;
- }
-
- *j = NULL;
- *ret = r;
- return 0;
-
-fail:
- for (j--; j >= r; j--)
- free(*j);
-
- free(r);
- return q;
-}
diff --git a/src/core/unit-printf.h b/src/core/unit-printf.h
deleted file mode 100644
index 4fc8531228..0000000000
--- a/src/core/unit-printf.h
+++ /dev/null
@@ -1,26 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include "unit.h"
-
-int unit_name_printf(Unit *u, const char* text, char **ret);
-int unit_full_printf(Unit *u, const char *text, char **ret);
-int unit_full_printf_strv(Unit *u, char **l, char ***ret);
diff --git a/src/core/unit.c b/src/core/unit.c
deleted file mode 100644
index e664e23892..0000000000
--- a/src/core/unit.c
+++ /dev/null
@@ -1,4283 +0,0 @@
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <errno.h>
-#include <stdlib.h>
-#include <string.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "sd-id128.h"
-#include "sd-messages.h"
-
-#include "alloc-util.h"
-#include "bus-common-errors.h"
-#include "bus-util.h"
-#include "cgroup-util.h"
-#include "dbus-unit.h"
-#include "dbus.h"
-#include "dropin.h"
-#include "escape.h"
-#include "execute.h"
-#include "fileio-label.h"
-#include "formats-util.h"
-#include "id128-util.h"
-#include "load-dropin.h"
-#include "load-fragment.h"
-#include "log.h"
-#include "macro.h"
-#include "missing.h"
-#include "mkdir.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "process-util.h"
-#include "set.h"
-#include "signal-util.h"
-#include "special.h"
-#include "stat-util.h"
-#include "stdio-util.h"
-#include "string-util.h"
-#include "strv.h"
-#include "umask-util.h"
-#include "unit-name.h"
-#include "unit.h"
-#include "user-util.h"
-#include "virt.h"
-
-const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
- [UNIT_SERVICE] = &service_vtable,
- [UNIT_SOCKET] = &socket_vtable,
- [UNIT_BUSNAME] = &busname_vtable,
- [UNIT_TARGET] = &target_vtable,
- [UNIT_DEVICE] = &device_vtable,
- [UNIT_MOUNT] = &mount_vtable,
- [UNIT_AUTOMOUNT] = &automount_vtable,
- [UNIT_SWAP] = &swap_vtable,
- [UNIT_TIMER] = &timer_vtable,
- [UNIT_PATH] = &path_vtable,
- [UNIT_SLICE] = &slice_vtable,
- [UNIT_SCOPE] = &scope_vtable
-};
-
-static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency);
-
-Unit *unit_new(Manager *m, size_t size) {
- Unit *u;
-
- assert(m);
- assert(size >= sizeof(Unit));
-
- u = malloc0(size);
- if (!u)
- return NULL;
-
- u->names = set_new(&string_hash_ops);
- if (!u->names)
- return mfree(u);
-
- u->manager = m;
- u->type = _UNIT_TYPE_INVALID;
- u->default_dependencies = true;
- u->unit_file_state = _UNIT_FILE_STATE_INVALID;
- u->unit_file_preset = -1;
- u->on_failure_job_mode = JOB_REPLACE;
- u->cgroup_inotify_wd = -1;
- u->job_timeout = USEC_INFINITY;
- u->ref_uid = UID_INVALID;
- u->ref_gid = GID_INVALID;
- u->cpu_usage_last = NSEC_INFINITY;
-
- RATELIMIT_INIT(u->start_limit, m->default_start_limit_interval, m->default_start_limit_burst);
- RATELIMIT_INIT(u->auto_stop_ratelimit, 10 * USEC_PER_SEC, 16);
-
- return u;
-}
-
-int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret) {
- Unit *u;
- int r;
-
- u = unit_new(m, size);
- if (!u)
- return -ENOMEM;
-
- r = unit_add_name(u, name);
- if (r < 0) {
- unit_free(u);
- return r;
- }
-
- *ret = u;
- return r;
-}
-
-bool unit_has_name(Unit *u, const char *name) {
- assert(u);
- assert(name);
-
- return set_contains(u->names, (char*) name);
-}
-
-static void unit_init(Unit *u) {
- CGroupContext *cc;
- ExecContext *ec;
- KillContext *kc;
-
- assert(u);
- assert(u->manager);
- assert(u->type >= 0);
-
- cc = unit_get_cgroup_context(u);
- if (cc) {
- cgroup_context_init(cc);
-
- /* Copy in the manager defaults into the cgroup
- * context, _before_ the rest of the settings have
- * been initialized */
-
- cc->cpu_accounting = u->manager->default_cpu_accounting;
- cc->io_accounting = u->manager->default_io_accounting;
- cc->blockio_accounting = u->manager->default_blockio_accounting;
- cc->memory_accounting = u->manager->default_memory_accounting;
- cc->tasks_accounting = u->manager->default_tasks_accounting;
-
- if (u->type != UNIT_SLICE)
- cc->tasks_max = u->manager->default_tasks_max;
- }
-
- ec = unit_get_exec_context(u);
- if (ec)
- exec_context_init(ec);
-
- kc = unit_get_kill_context(u);
- if (kc)
- kill_context_init(kc);
-
- if (UNIT_VTABLE(u)->init)
- UNIT_VTABLE(u)->init(u);
-}
-
-int unit_add_name(Unit *u, const char *text) {
- _cleanup_free_ char *s = NULL, *i = NULL;
- UnitType t;
- int r;
-
- assert(u);
- assert(text);
-
- if (unit_name_is_valid(text, UNIT_NAME_TEMPLATE)) {
-
- if (!u->instance)
- return -EINVAL;
-
- r = unit_name_replace_instance(text, u->instance, &s);
- if (r < 0)
- return r;
- } else {
- s = strdup(text);
- if (!s)
- return -ENOMEM;
- }
-
- if (set_contains(u->names, s))
- return 0;
- if (hashmap_contains(u->manager->units, s))
- return -EEXIST;
-
- if (!unit_name_is_valid(s, UNIT_NAME_PLAIN|UNIT_NAME_INSTANCE))
- return -EINVAL;
-
- t = unit_name_to_type(s);
- if (t < 0)
- return -EINVAL;
-
- if (u->type != _UNIT_TYPE_INVALID && t != u->type)
- return -EINVAL;
-
- r = unit_name_to_instance(s, &i);
- if (r < 0)
- return r;
-
- if (i && !unit_type_may_template(t))
- return -EINVAL;
-
- /* Ensure that this unit is either instanced or not instanced,
- * but not both. Note that we do allow names with different
- * instance names however! */
- if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
- return -EINVAL;
-
- if (!unit_type_may_alias(t) && !set_isempty(u->names))
- return -EEXIST;
-
- if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
- return -E2BIG;
-
- r = set_put(u->names, s);
- if (r < 0)
- return r;
- assert(r > 0);
-
- r = hashmap_put(u->manager->units, s, u);
- if (r < 0) {
- (void) set_remove(u->names, s);
- return r;
- }
-
- if (u->type == _UNIT_TYPE_INVALID) {
- u->type = t;
- u->id = s;
- u->instance = i;
-
- LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
-
- unit_init(u);
-
- i = NULL;
- }
-
- s = NULL;
-
- unit_add_to_dbus_queue(u);
- return 0;
-}
-
-int unit_choose_id(Unit *u, const char *name) {
- _cleanup_free_ char *t = NULL;
- char *s, *i;
- int r;
-
- assert(u);
- assert(name);
-
- if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
-
- if (!u->instance)
- return -EINVAL;
-
- r = unit_name_replace_instance(name, u->instance, &t);
- if (r < 0)
- return r;
-
- name = t;
- }
-
- /* Selects one of the names of this unit as the id */
- s = set_get(u->names, (char*) name);
- if (!s)
- return -ENOENT;
-
- /* Determine the new instance from the new id */
- r = unit_name_to_instance(s, &i);
- if (r < 0)
- return r;
-
- u->id = s;
-
- free(u->instance);
- u->instance = i;
-
- unit_add_to_dbus_queue(u);
-
- return 0;
-}
-
-int unit_set_description(Unit *u, const char *description) {
- char *s;
-
- assert(u);
-
- if (isempty(description))
- s = NULL;
- else {
- s = strdup(description);
- if (!s)
- return -ENOMEM;
- }
-
- free(u->description);
- u->description = s;
-
- unit_add_to_dbus_queue(u);
- return 0;
-}
-
-bool unit_check_gc(Unit *u) {
- UnitActiveState state;
- bool inactive;
- assert(u);
-
- if (u->job)
- return true;
-
- if (u->nop_job)
- return true;
-
- state = unit_active_state(u);
- inactive = state == UNIT_INACTIVE;
-
- /* If the unit is inactive and failed and no job is queued for
- * it, then release its runtime resources */
- if (UNIT_IS_INACTIVE_OR_FAILED(state) &&
- UNIT_VTABLE(u)->release_resources)
- UNIT_VTABLE(u)->release_resources(u, inactive);
-
- /* But we keep the unit object around for longer when it is
- * referenced or configured to not be gc'ed */
- if (!inactive)
- return true;
-
- if (u->perpetual)
- return true;
-
- if (u->refs)
- return true;
-
- if (sd_bus_track_count(u->bus_track) > 0)
- return true;
-
- if (UNIT_VTABLE(u)->check_gc)
- if (UNIT_VTABLE(u)->check_gc(u))
- return true;
-
- return false;
-}
-
-void unit_add_to_load_queue(Unit *u) {
- assert(u);
- assert(u->type != _UNIT_TYPE_INVALID);
-
- if (u->load_state != UNIT_STUB || u->in_load_queue)
- return;
-
- LIST_PREPEND(load_queue, u->manager->load_queue, u);
- u->in_load_queue = true;
-}
-
-void unit_add_to_cleanup_queue(Unit *u) {
- assert(u);
-
- if (u->in_cleanup_queue)
- return;
-
- LIST_PREPEND(cleanup_queue, u->manager->cleanup_queue, u);
- u->in_cleanup_queue = true;
-}
-
-void unit_add_to_gc_queue(Unit *u) {
- assert(u);
-
- if (u->in_gc_queue || u->in_cleanup_queue)
- return;
-
- if (unit_check_gc(u))
- return;
-
- LIST_PREPEND(gc_queue, u->manager->gc_queue, u);
- u->in_gc_queue = true;
-
- u->manager->n_in_gc_queue++;
-}
-
-void unit_add_to_dbus_queue(Unit *u) {
- assert(u);
- assert(u->type != _UNIT_TYPE_INVALID);
-
- if (u->load_state == UNIT_STUB || u->in_dbus_queue)
- return;
-
- /* Shortcut things if nobody cares */
- if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
- set_isempty(u->manager->private_buses)) {
- u->sent_dbus_new_signal = true;
- return;
- }
-
- LIST_PREPEND(dbus_queue, u->manager->dbus_unit_queue, u);
- u->in_dbus_queue = true;
-}
-
-static void bidi_set_free(Unit *u, Set *s) {
- Iterator i;
- Unit *other;
-
- assert(u);
-
- /* Frees the set and makes sure we are dropped from the
- * inverse pointers */
-
- SET_FOREACH(other, s, i) {
- UnitDependency d;
-
- for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
- set_remove(other->dependencies[d], u);
-
- unit_add_to_gc_queue(other);
- }
-
- set_free(s);
-}
-
-static void unit_remove_transient(Unit *u) {
- char **i;
-
- assert(u);
-
- if (!u->transient)
- return;
-
- if (u->fragment_path)
- (void) unlink(u->fragment_path);
-
- STRV_FOREACH(i, u->dropin_paths) {
- _cleanup_free_ char *p = NULL, *pp = NULL;
-
- p = dirname_malloc(*i); /* Get the drop-in directory from the drop-in file */
- if (!p)
- continue;
-
- pp = dirname_malloc(p); /* Get the config directory from the drop-in directory */
- if (!pp)
- continue;
-
- /* Only drop transient drop-ins */
- if (!path_equal(u->manager->lookup_paths.transient, pp))
- continue;
-
- (void) unlink(*i);
- (void) rmdir(p);
- }
-}
-
-static void unit_free_requires_mounts_for(Unit *u) {
- char **j;
-
- STRV_FOREACH(j, u->requires_mounts_for) {
- char s[strlen(*j) + 1];
-
- PATH_FOREACH_PREFIX_MORE(s, *j) {
- char *y;
- Set *x;
-
- x = hashmap_get2(u->manager->units_requiring_mounts_for, s, (void**) &y);
- if (!x)
- continue;
-
- set_remove(x, u);
-
- if (set_isempty(x)) {
- hashmap_remove(u->manager->units_requiring_mounts_for, y);
- free(y);
- set_free(x);
- }
- }
- }
-
- u->requires_mounts_for = strv_free(u->requires_mounts_for);
-}
-
-static void unit_done(Unit *u) {
- ExecContext *ec;
- CGroupContext *cc;
-
- assert(u);
-
- if (u->type < 0)
- return;
-
- if (UNIT_VTABLE(u)->done)
- UNIT_VTABLE(u)->done(u);
-
- ec = unit_get_exec_context(u);
- if (ec)
- exec_context_done(ec);
-
- cc = unit_get_cgroup_context(u);
- if (cc)
- cgroup_context_done(cc);
-}
-
-void unit_free(Unit *u) {
- UnitDependency d;
- Iterator i;
- char *t;
-
- assert(u);
-
- if (u->transient_file)
- fclose(u->transient_file);
-
- if (!MANAGER_IS_RELOADING(u->manager))
- unit_remove_transient(u);
-
- bus_unit_send_removed_signal(u);
-
- unit_done(u);
-
- sd_bus_slot_unref(u->match_bus_slot);
-
- sd_bus_track_unref(u->bus_track);
- u->deserialized_refs = strv_free(u->deserialized_refs);
-
- unit_free_requires_mounts_for(u);
-
- SET_FOREACH(t, u->names, i)
- hashmap_remove_value(u->manager->units, t, u);
-
- if (!sd_id128_is_null(u->invocation_id))
- hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
-
- if (u->job) {
- Job *j = u->job;
- job_uninstall(j);
- job_free(j);
- }
-
- if (u->nop_job) {
- Job *j = u->nop_job;
- job_uninstall(j);
- job_free(j);
- }
-
- for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
- bidi_set_free(u, u->dependencies[d]);
-
- if (u->type != _UNIT_TYPE_INVALID)
- LIST_REMOVE(units_by_type, u->manager->units_by_type[u->type], u);
-
- if (u->in_load_queue)
- LIST_REMOVE(load_queue, u->manager->load_queue, u);
-
- if (u->in_dbus_queue)
- LIST_REMOVE(dbus_queue, u->manager->dbus_unit_queue, u);
-
- if (u->in_cleanup_queue)
- LIST_REMOVE(cleanup_queue, u->manager->cleanup_queue, u);
-
- if (u->in_gc_queue) {
- LIST_REMOVE(gc_queue, u->manager->gc_queue, u);
- u->manager->n_in_gc_queue--;
- }
-
- if (u->in_cgroup_queue)
- LIST_REMOVE(cgroup_queue, u->manager->cgroup_queue, u);
-
- unit_release_cgroup(u);
-
- unit_unref_uid_gid(u, false);
-
- (void) manager_update_failed_units(u->manager, u, false);
- set_remove(u->manager->startup_units, u);
-
- free(u->description);
- strv_free(u->documentation);
- free(u->fragment_path);
- free(u->source_path);
- strv_free(u->dropin_paths);
- free(u->instance);
-
- free(u->job_timeout_reboot_arg);
-
- set_free_free(u->names);
-
- unit_unwatch_all_pids(u);
-
- condition_free_list(u->conditions);
- condition_free_list(u->asserts);
-
- free(u->reboot_arg);
-
- unit_ref_unset(&u->slice);
-
- while (u->refs)
- unit_ref_unset(u->refs);
-
- free(u);
-}
-
-UnitActiveState unit_active_state(Unit *u) {
- assert(u);
-
- if (u->load_state == UNIT_MERGED)
- return unit_active_state(unit_follow_merge(u));
-
- /* After a reload it might happen that a unit is not correctly
- * loaded but still has a process around. That's why we won't
- * shortcut failed loading to UNIT_INACTIVE_FAILED. */
-
- return UNIT_VTABLE(u)->active_state(u);
-}
-
-const char* unit_sub_state_to_string(Unit *u) {
- assert(u);
-
- return UNIT_VTABLE(u)->sub_state_to_string(u);
-}
-
-static int complete_move(Set **s, Set **other) {
- int r;
-
- assert(s);
- assert(other);
-
- if (!*other)
- return 0;
-
- if (*s) {
- r = set_move(*s, *other);
- if (r < 0)
- return r;
- } else {
- *s = *other;
- *other = NULL;
- }
-
- return 0;
-}
-
-static int merge_names(Unit *u, Unit *other) {
- char *t;
- Iterator i;
- int r;
-
- assert(u);
- assert(other);
-
- r = complete_move(&u->names, &other->names);
- if (r < 0)
- return r;
-
- set_free_free(other->names);
- other->names = NULL;
- other->id = NULL;
-
- SET_FOREACH(t, u->names, i)
- assert_se(hashmap_replace(u->manager->units, t, u) == 0);
-
- return 0;
-}
-
-static int reserve_dependencies(Unit *u, Unit *other, UnitDependency d) {
- unsigned n_reserve;
-
- assert(u);
- assert(other);
- assert(d < _UNIT_DEPENDENCY_MAX);
-
- /*
- * If u does not have this dependency set allocated, there is no need
- * to reserve anything. In that case other's set will be transferred
- * as a whole to u by complete_move().
- */
- if (!u->dependencies[d])
- return 0;
-
- /* merge_dependencies() will skip a u-on-u dependency */
- n_reserve = set_size(other->dependencies[d]) - !!set_get(other->dependencies[d], u);
-
- return set_reserve(u->dependencies[d], n_reserve);
-}
-
-static void merge_dependencies(Unit *u, Unit *other, const char *other_id, UnitDependency d) {
- Iterator i;
- Unit *back;
- int r;
-
- assert(u);
- assert(other);
- assert(d < _UNIT_DEPENDENCY_MAX);
-
- /* Fix backwards pointers */
- SET_FOREACH(back, other->dependencies[d], i) {
- UnitDependency k;
-
- for (k = 0; k < _UNIT_DEPENDENCY_MAX; k++) {
- /* Do not add dependencies between u and itself */
- if (back == u) {
- if (set_remove(back->dependencies[k], other))
- maybe_warn_about_dependency(u, other_id, k);
- } else {
- r = set_remove_and_put(back->dependencies[k], other, u);
- if (r == -EEXIST)
- set_remove(back->dependencies[k], other);
- else
- assert(r >= 0 || r == -ENOENT);
- }
- }
- }
-
- /* Also do not move dependencies on u to itself */
- back = set_remove(other->dependencies[d], u);
- if (back)
- maybe_warn_about_dependency(u, other_id, d);
-
- /* The move cannot fail. The caller must have performed a reservation. */
- assert_se(complete_move(&u->dependencies[d], &other->dependencies[d]) == 0);
-
- other->dependencies[d] = set_free(other->dependencies[d]);
-}
-
-int unit_merge(Unit *u, Unit *other) {
- UnitDependency d;
- const char *other_id = NULL;
- int r;
-
- assert(u);
- assert(other);
- assert(u->manager == other->manager);
- assert(u->type != _UNIT_TYPE_INVALID);
-
- other = unit_follow_merge(other);
-
- if (other == u)
- return 0;
-
- if (u->type != other->type)
- return -EINVAL;
-
- if (!u->instance != !other->instance)
- return -EINVAL;
-
- if (!unit_type_may_alias(u->type)) /* Merging only applies to unit names that support aliases */
- return -EEXIST;
-
- if (other->load_state != UNIT_STUB &&
- other->load_state != UNIT_NOT_FOUND)
- return -EEXIST;
-
- if (other->job)
- return -EEXIST;
-
- if (other->nop_job)
- return -EEXIST;
-
- if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
- return -EEXIST;
-
- if (other->id)
- other_id = strdupa(other->id);
-
- /* Make reservations to ensure merge_dependencies() won't fail */
- for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
- r = reserve_dependencies(u, other, d);
- /*
- * We don't rollback reservations if we fail. We don't have
- * a way to undo reservations. A reservation is not a leak.
- */
- if (r < 0)
- return r;
- }
-
- /* Merge names */
- r = merge_names(u, other);
- if (r < 0)
- return r;
-
- /* Redirect all references */
- while (other->refs)
- unit_ref_set(other->refs, u);
-
- /* Merge dependencies */
- for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++)
- merge_dependencies(u, other, other_id, d);
-
- other->load_state = UNIT_MERGED;
- other->merged_into = u;
-
- /* If there is still some data attached to the other node, we
- * don't need it anymore, and can free it. */
- if (other->load_state != UNIT_STUB)
- if (UNIT_VTABLE(other)->done)
- UNIT_VTABLE(other)->done(other);
-
- unit_add_to_dbus_queue(u);
- unit_add_to_cleanup_queue(other);
-
- return 0;
-}
-
-int unit_merge_by_name(Unit *u, const char *name) {
- _cleanup_free_ char *s = NULL;
- Unit *other;
- int r;
-
- assert(u);
- assert(name);
-
- if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
- if (!u->instance)
- return -EINVAL;
-
- r = unit_name_replace_instance(name, u->instance, &s);
- if (r < 0)
- return r;
-
- name = s;
- }
-
- other = manager_get_unit(u->manager, name);
- if (other)
- return unit_merge(u, other);
-
- return unit_add_name(u, name);
-}
-
-Unit* unit_follow_merge(Unit *u) {
- assert(u);
-
- while (u->load_state == UNIT_MERGED)
- assert_se(u = u->merged_into);
-
- return u;
-}
-
-int unit_add_exec_dependencies(Unit *u, ExecContext *c) {
- int r;
-
- assert(u);
- assert(c);
-
- if (c->working_directory) {
- r = unit_require_mounts_for(u, c->working_directory);
- if (r < 0)
- return r;
- }
-
- if (c->root_directory) {
- r = unit_require_mounts_for(u, c->root_directory);
- if (r < 0)
- return r;
- }
-
- if (!MANAGER_IS_SYSTEM(u->manager))
- return 0;
-
- if (c->private_tmp) {
- r = unit_require_mounts_for(u, "/tmp");
- if (r < 0)
- return r;
-
- r = unit_require_mounts_for(u, "/var/tmp");
- if (r < 0)
- return r;
- }
-
- if (!IN_SET(c->std_output,
- EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
- EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
- EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE) &&
- !IN_SET(c->std_error,
- EXEC_OUTPUT_JOURNAL, EXEC_OUTPUT_JOURNAL_AND_CONSOLE,
- EXEC_OUTPUT_KMSG, EXEC_OUTPUT_KMSG_AND_CONSOLE,
- EXEC_OUTPUT_SYSLOG, EXEC_OUTPUT_SYSLOG_AND_CONSOLE))
- return 0;
-
- /* If syslog or kernel logging is requested, make sure our own
- * logging daemon is run first. */
-
- r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-const char *unit_description(Unit *u) {
- assert(u);
-
- if (u->description)
- return u->description;
-
- return strna(u->id);
-}
-
-void unit_dump(Unit *u, FILE *f, const char *prefix) {
- char *t, **j;
- UnitDependency d;
- Iterator i;
- const char *prefix2;
- char
- timestamp0[FORMAT_TIMESTAMP_MAX],
- timestamp1[FORMAT_TIMESTAMP_MAX],
- timestamp2[FORMAT_TIMESTAMP_MAX],
- timestamp3[FORMAT_TIMESTAMP_MAX],
- timestamp4[FORMAT_TIMESTAMP_MAX],
- timespan[FORMAT_TIMESPAN_MAX];
- Unit *following;
- _cleanup_set_free_ Set *following_set = NULL;
- int r;
- const char *n;
-
- assert(u);
- assert(u->type >= 0);
-
- prefix = strempty(prefix);
- prefix2 = strjoina(prefix, "\t");
-
- fprintf(f,
- "%s-> Unit %s:\n"
- "%s\tDescription: %s\n"
- "%s\tInstance: %s\n"
- "%s\tUnit Load State: %s\n"
- "%s\tUnit Active State: %s\n"
- "%s\tState Change Timestamp: %s\n"
- "%s\tInactive Exit Timestamp: %s\n"
- "%s\tActive Enter Timestamp: %s\n"
- "%s\tActive Exit Timestamp: %s\n"
- "%s\tInactive Enter Timestamp: %s\n"
- "%s\tGC Check Good: %s\n"
- "%s\tNeed Daemon Reload: %s\n"
- "%s\tTransient: %s\n"
- "%s\tPerpetual: %s\n"
- "%s\tSlice: %s\n"
- "%s\tCGroup: %s\n"
- "%s\tCGroup realized: %s\n"
- "%s\tCGroup mask: 0x%x\n"
- "%s\tCGroup members mask: 0x%x\n",
- prefix, u->id,
- prefix, unit_description(u),
- prefix, strna(u->instance),
- prefix, unit_load_state_to_string(u->load_state),
- prefix, unit_active_state_to_string(unit_active_state(u)),
- prefix, strna(format_timestamp(timestamp0, sizeof(timestamp0), u->state_change_timestamp.realtime)),
- prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->inactive_exit_timestamp.realtime)),
- prefix, strna(format_timestamp(timestamp2, sizeof(timestamp2), u->active_enter_timestamp.realtime)),
- prefix, strna(format_timestamp(timestamp3, sizeof(timestamp3), u->active_exit_timestamp.realtime)),
- prefix, strna(format_timestamp(timestamp4, sizeof(timestamp4), u->inactive_enter_timestamp.realtime)),
- prefix, yes_no(unit_check_gc(u)),
- prefix, yes_no(unit_need_daemon_reload(u)),
- prefix, yes_no(u->transient),
- prefix, yes_no(u->perpetual),
- prefix, strna(unit_slice_name(u)),
- prefix, strna(u->cgroup_path),
- prefix, yes_no(u->cgroup_realized),
- prefix, u->cgroup_realized_mask,
- prefix, u->cgroup_members_mask);
-
- SET_FOREACH(t, u->names, i)
- fprintf(f, "%s\tName: %s\n", prefix, t);
-
- if (!sd_id128_is_null(u->invocation_id))
- fprintf(f, "%s\tInvocation ID: " SD_ID128_FORMAT_STR "\n",
- prefix, SD_ID128_FORMAT_VAL(u->invocation_id));
-
- STRV_FOREACH(j, u->documentation)
- fprintf(f, "%s\tDocumentation: %s\n", prefix, *j);
-
- following = unit_following(u);
- if (following)
- fprintf(f, "%s\tFollowing: %s\n", prefix, following->id);
-
- r = unit_following_set(u, &following_set);
- if (r >= 0) {
- Unit *other;
-
- SET_FOREACH(other, following_set, i)
- fprintf(f, "%s\tFollowing Set Member: %s\n", prefix, other->id);
- }
-
- if (u->fragment_path)
- fprintf(f, "%s\tFragment Path: %s\n", prefix, u->fragment_path);
-
- if (u->source_path)
- fprintf(f, "%s\tSource Path: %s\n", prefix, u->source_path);
-
- STRV_FOREACH(j, u->dropin_paths)
- fprintf(f, "%s\tDropIn Path: %s\n", prefix, *j);
-
- if (u->job_timeout != USEC_INFINITY)
- fprintf(f, "%s\tJob Timeout: %s\n", prefix, format_timespan(timespan, sizeof(timespan), u->job_timeout, 0));
-
- if (u->job_timeout_action != EMERGENCY_ACTION_NONE)
- fprintf(f, "%s\tJob Timeout Action: %s\n", prefix, emergency_action_to_string(u->job_timeout_action));
-
- if (u->job_timeout_reboot_arg)
- fprintf(f, "%s\tJob Timeout Reboot Argument: %s\n", prefix, u->job_timeout_reboot_arg);
-
- condition_dump_list(u->conditions, f, prefix, condition_type_to_string);
- condition_dump_list(u->asserts, f, prefix, assert_type_to_string);
-
- if (dual_timestamp_is_set(&u->condition_timestamp))
- fprintf(f,
- "%s\tCondition Timestamp: %s\n"
- "%s\tCondition Result: %s\n",
- prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->condition_timestamp.realtime)),
- prefix, yes_no(u->condition_result));
-
- if (dual_timestamp_is_set(&u->assert_timestamp))
- fprintf(f,
- "%s\tAssert Timestamp: %s\n"
- "%s\tAssert Result: %s\n",
- prefix, strna(format_timestamp(timestamp1, sizeof(timestamp1), u->assert_timestamp.realtime)),
- prefix, yes_no(u->assert_result));
-
- for (d = 0; d < _UNIT_DEPENDENCY_MAX; d++) {
- Unit *other;
-
- SET_FOREACH(other, u->dependencies[d], i)
- fprintf(f, "%s\t%s: %s\n", prefix, unit_dependency_to_string(d), other->id);
- }
-
- if (!strv_isempty(u->requires_mounts_for)) {
- fprintf(f,
- "%s\tRequiresMountsFor:", prefix);
-
- STRV_FOREACH(j, u->requires_mounts_for)
- fprintf(f, " %s", *j);
-
- fputs("\n", f);
- }
-
- if (u->load_state == UNIT_LOADED) {
-
- fprintf(f,
- "%s\tStopWhenUnneeded: %s\n"
- "%s\tRefuseManualStart: %s\n"
- "%s\tRefuseManualStop: %s\n"
- "%s\tDefaultDependencies: %s\n"
- "%s\tOnFailureJobMode: %s\n"
- "%s\tIgnoreOnIsolate: %s\n",
- prefix, yes_no(u->stop_when_unneeded),
- prefix, yes_no(u->refuse_manual_start),
- prefix, yes_no(u->refuse_manual_stop),
- prefix, yes_no(u->default_dependencies),
- prefix, job_mode_to_string(u->on_failure_job_mode),
- prefix, yes_no(u->ignore_on_isolate));
-
- if (UNIT_VTABLE(u)->dump)
- UNIT_VTABLE(u)->dump(u, f, prefix2);
-
- } else if (u->load_state == UNIT_MERGED)
- fprintf(f,
- "%s\tMerged into: %s\n",
- prefix, u->merged_into->id);
- else if (u->load_state == UNIT_ERROR)
- fprintf(f, "%s\tLoad Error Code: %s\n", prefix, strerror(-u->load_error));
-
- for (n = sd_bus_track_first(u->bus_track); n; n = sd_bus_track_next(u->bus_track))
- fprintf(f, "%s\tBus Ref: %s\n", prefix, n);
-
- if (u->job)
- job_dump(u->job, f, prefix2);
-
- if (u->nop_job)
- job_dump(u->nop_job, f, prefix2);
-}
-
-/* Common implementation for multiple backends */
-int unit_load_fragment_and_dropin(Unit *u) {
- int r;
-
- assert(u);
-
- /* Load a .{service,socket,...} file */
- r = unit_load_fragment(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_STUB)
- return -ENOENT;
-
- /* Load drop-in directory data */
- r = unit_load_dropin(unit_follow_merge(u));
- if (r < 0)
- return r;
-
- return 0;
-}
-
-/* Common implementation for multiple backends */
-int unit_load_fragment_and_dropin_optional(Unit *u) {
- int r;
-
- assert(u);
-
- /* Same as unit_load_fragment_and_dropin(), but whether
- * something can be loaded or not doesn't matter. */
-
- /* Load a .service file */
- r = unit_load_fragment(u);
- if (r < 0)
- return r;
-
- if (u->load_state == UNIT_STUB)
- u->load_state = UNIT_LOADED;
-
- /* Load drop-in directory data */
- r = unit_load_dropin(unit_follow_merge(u));
- if (r < 0)
- return r;
-
- return 0;
-}
-
-int unit_add_default_target_dependency(Unit *u, Unit *target) {
- assert(u);
- assert(target);
-
- if (target->type != UNIT_TARGET)
- return 0;
-
- /* Only add the dependency if both units are loaded, so that
- * that loop check below is reliable */
- if (u->load_state != UNIT_LOADED ||
- target->load_state != UNIT_LOADED)
- return 0;
-
- /* If either side wants no automatic dependencies, then let's
- * skip this */
- if (!u->default_dependencies ||
- !target->default_dependencies)
- return 0;
-
- /* Don't create loops */
- if (set_get(target->dependencies[UNIT_BEFORE], u))
- return 0;
-
- return unit_add_dependency(target, UNIT_AFTER, u, true);
-}
-
-static int unit_add_target_dependencies(Unit *u) {
-
- static const UnitDependency deps[] = {
- UNIT_REQUIRED_BY,
- UNIT_REQUISITE_OF,
- UNIT_WANTED_BY,
- UNIT_BOUND_BY
- };
-
- Unit *target;
- Iterator i;
- unsigned k;
- int r = 0;
-
- assert(u);
-
- for (k = 0; k < ELEMENTSOF(deps); k++)
- SET_FOREACH(target, u->dependencies[deps[k]], i) {
- r = unit_add_default_target_dependency(u, target);
- if (r < 0)
- return r;
- }
-
- return r;
-}
-
-static int unit_add_slice_dependencies(Unit *u) {
- assert(u);
-
- if (!UNIT_HAS_CGROUP_CONTEXT(u))
- return 0;
-
- if (UNIT_ISSET(u->slice))
- return unit_add_two_dependencies(u, UNIT_AFTER, UNIT_REQUIRES, UNIT_DEREF(u->slice), true);
-
- if (unit_has_name(u, SPECIAL_ROOT_SLICE))
- return 0;
-
- return unit_add_two_dependencies_by_name(u, UNIT_AFTER, UNIT_REQUIRES, SPECIAL_ROOT_SLICE, NULL, true);
-}
-
-static int unit_add_mount_dependencies(Unit *u) {
- char **i;
- int r;
-
- assert(u);
-
- STRV_FOREACH(i, u->requires_mounts_for) {
- char prefix[strlen(*i) + 1];
-
- PATH_FOREACH_PREFIX_MORE(prefix, *i) {
- _cleanup_free_ char *p = NULL;
- Unit *m;
-
- r = unit_name_from_path(prefix, ".mount", &p);
- if (r < 0)
- return r;
-
- m = manager_get_unit(u->manager, p);
- if (!m) {
- /* Make sure to load the mount unit if
- * it exists. If so the dependencies
- * on this unit will be added later
- * during the loading of the mount
- * unit. */
- (void) manager_load_unit_prepare(u->manager, p, NULL, NULL, &m);
- continue;
- }
- if (m == u)
- continue;
-
- if (m->load_state != UNIT_LOADED)
- continue;
-
- r = unit_add_dependency(u, UNIT_AFTER, m, true);
- if (r < 0)
- return r;
-
- if (m->fragment_path) {
- r = unit_add_dependency(u, UNIT_REQUIRES, m, true);
- if (r < 0)
- return r;
- }
- }
- }
-
- return 0;
-}
-
-static int unit_add_startup_units(Unit *u) {
- CGroupContext *c;
- int r;
-
- c = unit_get_cgroup_context(u);
- if (!c)
- return 0;
-
- if (c->startup_cpu_shares == CGROUP_CPU_SHARES_INVALID &&
- c->startup_io_weight == CGROUP_WEIGHT_INVALID &&
- c->startup_blockio_weight == CGROUP_BLKIO_WEIGHT_INVALID)
- return 0;
-
- r = set_ensure_allocated(&u->manager->startup_units, NULL);
- if (r < 0)
- return r;
-
- return set_put(u->manager->startup_units, u);
-}
-
-int unit_load(Unit *u) {
- int r;
-
- assert(u);
-
- if (u->in_load_queue) {
- LIST_REMOVE(load_queue, u->manager->load_queue, u);
- u->in_load_queue = false;
- }
-
- if (u->type == _UNIT_TYPE_INVALID)
- return -EINVAL;
-
- if (u->load_state != UNIT_STUB)
- return 0;
-
- if (u->transient_file) {
- r = fflush_and_check(u->transient_file);
- if (r < 0)
- goto fail;
-
- fclose(u->transient_file);
- u->transient_file = NULL;
-
- u->fragment_mtime = now(CLOCK_REALTIME);
- }
-
- if (UNIT_VTABLE(u)->load) {
- r = UNIT_VTABLE(u)->load(u);
- if (r < 0)
- goto fail;
- }
-
- if (u->load_state == UNIT_STUB) {
- r = -ENOENT;
- goto fail;
- }
-
- if (u->load_state == UNIT_LOADED) {
-
- r = unit_add_target_dependencies(u);
- if (r < 0)
- goto fail;
-
- r = unit_add_slice_dependencies(u);
- if (r < 0)
- goto fail;
-
- r = unit_add_mount_dependencies(u);
- if (r < 0)
- goto fail;
-
- r = unit_add_startup_units(u);
- if (r < 0)
- goto fail;
-
- if (u->on_failure_job_mode == JOB_ISOLATE && set_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
- log_unit_error(u, "More than one OnFailure= dependencies specified but OnFailureJobMode=isolate set. Refusing.");
- r = -EINVAL;
- goto fail;
- }
-
- unit_update_cgroup_members_masks(u);
- }
-
- assert((u->load_state != UNIT_MERGED) == !u->merged_into);
-
- unit_add_to_dbus_queue(unit_follow_merge(u));
- unit_add_to_gc_queue(u);
-
- return 0;
-
-fail:
- u->load_state = u->load_state == UNIT_STUB ? UNIT_NOT_FOUND : UNIT_ERROR;
- u->load_error = r;
- unit_add_to_dbus_queue(u);
- unit_add_to_gc_queue(u);
-
- log_unit_debug_errno(u, r, "Failed to load configuration: %m");
-
- return r;
-}
-
-static bool unit_condition_test_list(Unit *u, Condition *first, const char *(*to_string)(ConditionType t)) {
- Condition *c;
- int triggered = -1;
-
- assert(u);
- assert(to_string);
-
- /* If the condition list is empty, then it is true */
- if (!first)
- return true;
-
- /* Otherwise, if all of the non-trigger conditions apply and
- * if any of the trigger conditions apply (unless there are
- * none) we return true */
- LIST_FOREACH(conditions, c, first) {
- int r;
-
- r = condition_test(c);
- if (r < 0)
- log_unit_warning(u,
- "Couldn't determine result for %s=%s%s%s, assuming failed: %m",
- to_string(c->type),
- c->trigger ? "|" : "",
- c->negate ? "!" : "",
- c->parameter);
- else
- log_unit_debug(u,
- "%s=%s%s%s %s.",
- to_string(c->type),
- c->trigger ? "|" : "",
- c->negate ? "!" : "",
- c->parameter,
- condition_result_to_string(c->result));
-
- if (!c->trigger && r <= 0)
- return false;
-
- if (c->trigger && triggered <= 0)
- triggered = r > 0;
- }
-
- return triggered != 0;
-}
-
-static bool unit_condition_test(Unit *u) {
- assert(u);
-
- dual_timestamp_get(&u->condition_timestamp);
- u->condition_result = unit_condition_test_list(u, u->conditions, condition_type_to_string);
-
- return u->condition_result;
-}
-
-static bool unit_assert_test(Unit *u) {
- assert(u);
-
- dual_timestamp_get(&u->assert_timestamp);
- u->assert_result = unit_condition_test_list(u, u->asserts, assert_type_to_string);
-
- return u->assert_result;
-}
-
-void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) {
- DISABLE_WARNING_FORMAT_NONLITERAL;
- manager_status_printf(u->manager, STATUS_TYPE_NORMAL, status, unit_status_msg_format, unit_description(u));
- REENABLE_WARNING;
-}
-
-_pure_ static const char* unit_get_status_message_format(Unit *u, JobType t) {
- const char *format;
- const UnitStatusMessageFormats *format_table;
-
- assert(u);
- assert(IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD));
-
- if (t != JOB_RELOAD) {
- format_table = &UNIT_VTABLE(u)->status_message_formats;
- if (format_table) {
- format = format_table->starting_stopping[t == JOB_STOP];
- if (format)
- return format;
- }
- }
-
- /* Return generic strings */
- if (t == JOB_START)
- return "Starting %s.";
- else if (t == JOB_STOP)
- return "Stopping %s.";
- else
- return "Reloading %s.";
-}
-
-static void unit_status_print_starting_stopping(Unit *u, JobType t) {
- const char *format;
-
- assert(u);
-
- /* Reload status messages have traditionally not been printed to console. */
- if (!IN_SET(t, JOB_START, JOB_STOP))
- return;
-
- format = unit_get_status_message_format(u, t);
-
- DISABLE_WARNING_FORMAT_NONLITERAL;
- unit_status_printf(u, "", format);
- REENABLE_WARNING;
-}
-
-static void unit_status_log_starting_stopping_reloading(Unit *u, JobType t) {
- const char *format;
- char buf[LINE_MAX];
- sd_id128_t mid;
-
- assert(u);
-
- if (!IN_SET(t, JOB_START, JOB_STOP, JOB_RELOAD))
- return;
-
- if (log_on_console())
- return;
-
- /* We log status messages for all units and all operations. */
-
- format = unit_get_status_message_format(u, t);
-
- DISABLE_WARNING_FORMAT_NONLITERAL;
- snprintf(buf, sizeof buf, format, unit_description(u));
- REENABLE_WARNING;
-
- mid = t == JOB_START ? SD_MESSAGE_UNIT_STARTING :
- t == JOB_STOP ? SD_MESSAGE_UNIT_STOPPING :
- SD_MESSAGE_UNIT_RELOADING;
-
- /* Note that we deliberately use LOG_MESSAGE() instead of
- * LOG_UNIT_MESSAGE() here, since this is supposed to mimic
- * closely what is written to screen using the status output,
- * which is supposed the highest level, friendliest output
- * possible, which means we should avoid the low-level unit
- * name. */
- log_struct(LOG_INFO,
- LOG_MESSAGE_ID(mid),
- LOG_UNIT_ID(u),
- LOG_MESSAGE("%s", buf),
- NULL);
-}
-
-void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t) {
- assert(u);
- assert(t >= 0);
- assert(t < _JOB_TYPE_MAX);
-
- unit_status_log_starting_stopping_reloading(u, t);
- unit_status_print_starting_stopping(u, t);
-}
-
-int unit_start_limit_test(Unit *u) {
- assert(u);
-
- if (ratelimit_test(&u->start_limit)) {
- u->start_limit_hit = false;
- return 0;
- }
-
- log_unit_warning(u, "Start request repeated too quickly.");
- u->start_limit_hit = true;
-
- return emergency_action(u->manager, u->start_limit_action, u->reboot_arg, "unit failed");
-}
-
-/* Errors:
- * -EBADR: This unit type does not support starting.
- * -EALREADY: Unit is already started.
- * -EAGAIN: An operation is already in progress. Retry later.
- * -ECANCELED: Too many requests for now.
- * -EPROTO: Assert failed
- * -EINVAL: Unit not loaded
- * -EOPNOTSUPP: Unit type not supported
- */
-int unit_start(Unit *u) {
- UnitActiveState state;
- Unit *following;
-
- assert(u);
-
- /* If this is already started, then this will succeed. Note
- * that this will even succeed if this unit is not startable
- * by the user. This is relied on to detect when we need to
- * wait for units and when waiting is finished. */
- state = unit_active_state(u);
- if (UNIT_IS_ACTIVE_OR_RELOADING(state))
- return -EALREADY;
-
- /* Units that aren't loaded cannot be started */
- if (u->load_state != UNIT_LOADED)
- return -EINVAL;
-
- /* If the conditions failed, don't do anything at all. If we
- * already are activating this call might still be useful to
- * speed up activation in case there is some hold-off time,
- * but we don't want to recheck the condition in that case. */
- if (state != UNIT_ACTIVATING &&
- !unit_condition_test(u)) {
- log_unit_debug(u, "Starting requested but condition failed. Not starting unit.");
- return -EALREADY;
- }
-
- /* If the asserts failed, fail the entire job */
- if (state != UNIT_ACTIVATING &&
- !unit_assert_test(u)) {
- log_unit_notice(u, "Starting requested but asserts failed.");
- return -EPROTO;
- }
-
- /* Units of types that aren't supported cannot be
- * started. Note that we do this test only after the condition
- * checks, so that we rather return condition check errors
- * (which are usually not considered a true failure) than "not
- * supported" errors (which are considered a failure).
- */
- if (!unit_supported(u))
- return -EOPNOTSUPP;
-
- /* Forward to the main object, if we aren't it. */
- following = unit_following(u);
- if (following) {
- log_unit_debug(u, "Redirecting start request from %s to %s.", u->id, following->id);
- return unit_start(following);
- }
-
- /* If it is stopped, but we cannot start it, then fail */
- if (!UNIT_VTABLE(u)->start)
- return -EBADR;
-
- /* We don't suppress calls to ->start() here when we are
- * already starting, to allow this request to be used as a
- * "hurry up" call, for example when the unit is in some "auto
- * restart" state where it waits for a holdoff timer to elapse
- * before it will start again. */
-
- unit_add_to_dbus_queue(u);
-
- return UNIT_VTABLE(u)->start(u);
-}
-
-bool unit_can_start(Unit *u) {
- assert(u);
-
- if (u->load_state != UNIT_LOADED)
- return false;
-
- if (!unit_supported(u))
- return false;
-
- return !!UNIT_VTABLE(u)->start;
-}
-
-bool unit_can_isolate(Unit *u) {
- assert(u);
-
- return unit_can_start(u) &&
- u->allow_isolate;
-}
-
-/* Errors:
- * -EBADR: This unit type does not support stopping.
- * -EALREADY: Unit is already stopped.
- * -EAGAIN: An operation is already in progress. Retry later.
- */
-int unit_stop(Unit *u) {
- UnitActiveState state;
- Unit *following;
-
- assert(u);
-
- state = unit_active_state(u);
- if (UNIT_IS_INACTIVE_OR_FAILED(state))
- return -EALREADY;
-
- following = unit_following(u);
- if (following) {
- log_unit_debug(u, "Redirecting stop request from %s to %s.", u->id, following->id);
- return unit_stop(following);
- }
-
- if (!UNIT_VTABLE(u)->stop)
- return -EBADR;
-
- unit_add_to_dbus_queue(u);
-
- return UNIT_VTABLE(u)->stop(u);
-}
-
-bool unit_can_stop(Unit *u) {
- assert(u);
-
- if (!unit_supported(u))
- return false;
-
- if (u->perpetual)
- return false;
-
- return !!UNIT_VTABLE(u)->stop;
-}
-
-/* Errors:
- * -EBADR: This unit type does not support reloading.
- * -ENOEXEC: Unit is not started.
- * -EAGAIN: An operation is already in progress. Retry later.
- */
-int unit_reload(Unit *u) {
- UnitActiveState state;
- Unit *following;
-
- assert(u);
-
- if (u->load_state != UNIT_LOADED)
- return -EINVAL;
-
- if (!unit_can_reload(u))
- return -EBADR;
-
- state = unit_active_state(u);
- if (state == UNIT_RELOADING)
- return -EALREADY;
-
- if (state != UNIT_ACTIVE) {
- log_unit_warning(u, "Unit cannot be reloaded because it is inactive.");
- return -ENOEXEC;
- }
-
- following = unit_following(u);
- if (following) {
- log_unit_debug(u, "Redirecting reload request from %s to %s.", u->id, following->id);
- return unit_reload(following);
- }
-
- unit_add_to_dbus_queue(u);
-
- return UNIT_VTABLE(u)->reload(u);
-}
-
-bool unit_can_reload(Unit *u) {
- assert(u);
-
- if (!UNIT_VTABLE(u)->reload)
- return false;
-
- if (!UNIT_VTABLE(u)->can_reload)
- return true;
-
- return UNIT_VTABLE(u)->can_reload(u);
-}
-
-static void unit_check_unneeded(Unit *u) {
-
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
-
- static const UnitDependency needed_dependencies[] = {
- UNIT_REQUIRED_BY,
- UNIT_REQUISITE_OF,
- UNIT_WANTED_BY,
- UNIT_BOUND_BY,
- };
-
- Unit *other;
- Iterator i;
- unsigned j;
- int r;
-
- assert(u);
-
- /* If this service shall be shut down when unneeded then do
- * so. */
-
- if (!u->stop_when_unneeded)
- return;
-
- if (!UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
- return;
-
- for (j = 0; j < ELEMENTSOF(needed_dependencies); j++)
- SET_FOREACH(other, u->dependencies[needed_dependencies[j]], i)
- if (unit_active_or_pending(other))
- return;
-
- /* If stopping a unit fails continuously we might enter a stop
- * loop here, hence stop acting on the service being
- * unnecessary after a while. */
- if (!ratelimit_test(&u->auto_stop_ratelimit)) {
- log_unit_warning(u, "Unit not needed anymore, but not stopping since we tried this too often recently.");
- return;
- }
-
- log_unit_info(u, "Unit not needed anymore. Stopping.");
-
- /* Ok, nobody needs us anymore. Sniff. Then let's commit suicide */
- r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
- if (r < 0)
- log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
-}
-
-static void unit_check_binds_to(Unit *u) {
- _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
- bool stop = false;
- Unit *other;
- Iterator i;
- int r;
-
- assert(u);
-
- if (u->job)
- return;
-
- if (unit_active_state(u) != UNIT_ACTIVE)
- return;
-
- SET_FOREACH(other, u->dependencies[UNIT_BINDS_TO], i) {
- if (other->job)
- continue;
-
- if (!UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(other)))
- continue;
-
- stop = true;
- break;
- }
-
- if (!stop)
- return;
-
- /* If stopping a unit fails continuously we might enter a stop
- * loop here, hence stop acting on the service being
- * unnecessary after a while. */
- if (!ratelimit_test(&u->auto_stop_ratelimit)) {
- log_unit_warning(u, "Unit is bound to inactive unit %s, but not stopping since we tried this too often recently.", other->id);
- return;
- }
-
- assert(other);
- log_unit_info(u, "Unit is bound to inactive unit %s. Stopping, too.", other->id);
-
- /* A unit we need to run is gone. Sniff. Let's stop this. */
- r = manager_add_job(u->manager, JOB_STOP, u, JOB_FAIL, &error, NULL);
- if (r < 0)
- log_unit_warning_errno(u, r, "Failed to enqueue stop job, ignoring: %s", bus_error_message(&error, r));
-}
-
-static void retroactively_start_dependencies(Unit *u) {
- Iterator i;
- Unit *other;
-
- assert(u);
- assert(UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)));
-
- SET_FOREACH(other, u->dependencies[UNIT_REQUIRES], i)
- if (!set_get(u->dependencies[UNIT_AFTER], other) &&
- !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
- manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
-
- SET_FOREACH(other, u->dependencies[UNIT_BINDS_TO], i)
- if (!set_get(u->dependencies[UNIT_AFTER], other) &&
- !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
- manager_add_job(u->manager, JOB_START, other, JOB_REPLACE, NULL, NULL);
-
- SET_FOREACH(other, u->dependencies[UNIT_WANTS], i)
- if (!set_get(u->dependencies[UNIT_AFTER], other) &&
- !UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(other)))
- manager_add_job(u->manager, JOB_START, other, JOB_FAIL, NULL, NULL);
-
- SET_FOREACH(other, u->dependencies[UNIT_CONFLICTS], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
-
- SET_FOREACH(other, u->dependencies[UNIT_CONFLICTED_BY], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
-}
-
-static void retroactively_stop_dependencies(Unit *u) {
- Iterator i;
- Unit *other;
-
- assert(u);
- assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
-
- /* Pull down units which are bound to us recursively if enabled */
- SET_FOREACH(other, u->dependencies[UNIT_BOUND_BY], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- manager_add_job(u->manager, JOB_STOP, other, JOB_REPLACE, NULL, NULL);
-}
-
-static void check_unneeded_dependencies(Unit *u) {
- Iterator i;
- Unit *other;
-
- assert(u);
- assert(UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)));
-
- /* Garbage collect services that might not be needed anymore, if enabled */
- SET_FOREACH(other, u->dependencies[UNIT_REQUIRES], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- unit_check_unneeded(other);
- SET_FOREACH(other, u->dependencies[UNIT_WANTS], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- unit_check_unneeded(other);
- SET_FOREACH(other, u->dependencies[UNIT_REQUISITE], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- unit_check_unneeded(other);
- SET_FOREACH(other, u->dependencies[UNIT_BINDS_TO], i)
- if (!UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(other)))
- unit_check_unneeded(other);
-}
-
-void unit_start_on_failure(Unit *u) {
- Unit *other;
- Iterator i;
-
- assert(u);
-
- if (set_size(u->dependencies[UNIT_ON_FAILURE]) <= 0)
- return;
-
- log_unit_info(u, "Triggering OnFailure= dependencies.");
-
- SET_FOREACH(other, u->dependencies[UNIT_ON_FAILURE], i) {
- int r;
-
- r = manager_add_job(u->manager, JOB_START, other, u->on_failure_job_mode, NULL, NULL);
- if (r < 0)
- log_unit_error_errno(u, r, "Failed to enqueue OnFailure= job: %m");
- }
-}
-
-void unit_trigger_notify(Unit *u) {
- Unit *other;
- Iterator i;
-
- assert(u);
-
- SET_FOREACH(other, u->dependencies[UNIT_TRIGGERED_BY], i)
- if (UNIT_VTABLE(other)->trigger_notify)
- UNIT_VTABLE(other)->trigger_notify(other, u);
-}
-
-void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success) {
- Manager *m;
- bool unexpected;
-
- assert(u);
- assert(os < _UNIT_ACTIVE_STATE_MAX);
- assert(ns < _UNIT_ACTIVE_STATE_MAX);
-
- /* Note that this is called for all low-level state changes,
- * even if they might map to the same high-level
- * UnitActiveState! That means that ns == os is an expected
- * behavior here. For example: if a mount point is remounted
- * this function will be called too! */
-
- m = u->manager;
-
- /* Update timestamps for state changes */
- if (!MANAGER_IS_RELOADING(m)) {
- dual_timestamp_get(&u->state_change_timestamp);
-
- if (UNIT_IS_INACTIVE_OR_FAILED(os) && !UNIT_IS_INACTIVE_OR_FAILED(ns))
- u->inactive_exit_timestamp = u->state_change_timestamp;
- else if (!UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_INACTIVE_OR_FAILED(ns))
- u->inactive_enter_timestamp = u->state_change_timestamp;
-
- if (!UNIT_IS_ACTIVE_OR_RELOADING(os) && UNIT_IS_ACTIVE_OR_RELOADING(ns))
- u->active_enter_timestamp = u->state_change_timestamp;
- else if (UNIT_IS_ACTIVE_OR_RELOADING(os) && !UNIT_IS_ACTIVE_OR_RELOADING(ns))
- u->active_exit_timestamp = u->state_change_timestamp;
- }
-
- /* Keep track of failed units */
- (void) manager_update_failed_units(u->manager, u, ns == UNIT_FAILED);
-
- /* Make sure the cgroup is always removed when we become inactive */
- if (UNIT_IS_INACTIVE_OR_FAILED(ns))
- unit_prune_cgroup(u);
-
- /* Note that this doesn't apply to RemainAfterExit services exiting
- * successfully, since there's no change of state in that case. Which is
- * why it is handled in service_set_state() */
- if (UNIT_IS_INACTIVE_OR_FAILED(os) != UNIT_IS_INACTIVE_OR_FAILED(ns)) {
- ExecContext *ec;
-
- ec = unit_get_exec_context(u);
- if (ec && exec_context_may_touch_console(ec)) {
- if (UNIT_IS_INACTIVE_OR_FAILED(ns)) {
- m->n_on_console--;
-
- if (m->n_on_console == 0)
- /* unset no_console_output flag, since the console is free */
- m->no_console_output = false;
- } else
- m->n_on_console++;
- }
- }
-
- if (u->job) {
- unexpected = false;
-
- if (u->job->state == JOB_WAITING)
-
- /* So we reached a different state for this
- * job. Let's see if we can run it now if it
- * failed previously due to EAGAIN. */
- job_add_to_run_queue(u->job);
-
- /* Let's check whether this state change constitutes a
- * finished job, or maybe contradicts a running job and
- * hence needs to invalidate jobs. */
-
- switch (u->job->type) {
-
- case JOB_START:
- case JOB_VERIFY_ACTIVE:
-
- if (UNIT_IS_ACTIVE_OR_RELOADING(ns))
- job_finish_and_invalidate(u->job, JOB_DONE, true, false);
- else if (u->job->state == JOB_RUNNING && ns != UNIT_ACTIVATING) {
- unexpected = true;
-
- if (UNIT_IS_INACTIVE_OR_FAILED(ns))
- job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
- }
-
- break;
-
- case JOB_RELOAD:
- case JOB_RELOAD_OR_START:
- case JOB_TRY_RELOAD:
-
- if (u->job->state == JOB_RUNNING) {
- if (ns == UNIT_ACTIVE)
- job_finish_and_invalidate(u->job, reload_success ? JOB_DONE : JOB_FAILED, true, false);
- else if (ns != UNIT_ACTIVATING && ns != UNIT_RELOADING) {
- unexpected = true;
-
- if (UNIT_IS_INACTIVE_OR_FAILED(ns))
- job_finish_and_invalidate(u->job, ns == UNIT_FAILED ? JOB_FAILED : JOB_DONE, true, false);
- }
- }
-
- break;
-
- case JOB_STOP:
- case JOB_RESTART:
- case JOB_TRY_RESTART:
-
- if (UNIT_IS_INACTIVE_OR_FAILED(ns))
- job_finish_and_invalidate(u->job, JOB_DONE, true, false);
- else if (u->job->state == JOB_RUNNING && ns != UNIT_DEACTIVATING) {
- unexpected = true;
- job_finish_and_invalidate(u->job, JOB_FAILED, true, false);
- }
-
- break;
-
- default:
- assert_not_reached("Job type unknown");
- }
-
- } else
- unexpected = true;
-
- if (!MANAGER_IS_RELOADING(m)) {
-
- /* If this state change happened without being
- * requested by a job, then let's retroactively start
- * or stop dependencies. We skip that step when
- * deserializing, since we don't want to create any
- * additional jobs just because something is already
- * activated. */
-
- if (unexpected) {
- if (UNIT_IS_INACTIVE_OR_FAILED(os) && UNIT_IS_ACTIVE_OR_ACTIVATING(ns))
- retroactively_start_dependencies(u);
- else if (UNIT_IS_ACTIVE_OR_ACTIVATING(os) && UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
- retroactively_stop_dependencies(u);
- }
-
- /* stop unneeded units regardless if going down was expected or not */
- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(ns))
- check_unneeded_dependencies(u);
-
- if (ns != os && ns == UNIT_FAILED) {
- log_unit_notice(u, "Unit entered failed state.");
- unit_start_on_failure(u);
- }
- }
-
- /* Some names are special */
- if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
-
- if (unit_has_name(u, SPECIAL_DBUS_SERVICE))
- /* The bus might have just become available,
- * hence try to connect to it, if we aren't
- * yet connected. */
- bus_init(m, true);
-
- if (u->type == UNIT_SERVICE &&
- !UNIT_IS_ACTIVE_OR_RELOADING(os) &&
- !MANAGER_IS_RELOADING(m)) {
- /* Write audit record if we have just finished starting up */
- manager_send_unit_audit(m, u, AUDIT_SERVICE_START, true);
- u->in_audit = true;
- }
-
- if (!UNIT_IS_ACTIVE_OR_RELOADING(os))
- manager_send_unit_plymouth(m, u);
-
- } else {
-
- /* We don't care about D-Bus here, since we'll get an
- * asynchronous notification for it anyway. */
-
- if (u->type == UNIT_SERVICE &&
- UNIT_IS_INACTIVE_OR_FAILED(ns) &&
- !UNIT_IS_INACTIVE_OR_FAILED(os) &&
- !MANAGER_IS_RELOADING(m)) {
-
- /* Hmm, if there was no start record written
- * write it now, so that we always have a nice
- * pair */
- if (!u->in_audit) {
- manager_send_unit_audit(m, u, AUDIT_SERVICE_START, ns == UNIT_INACTIVE);
-
- if (ns == UNIT_INACTIVE)
- manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, true);
- } else
- /* Write audit record if we have just finished shutting down */
- manager_send_unit_audit(m, u, AUDIT_SERVICE_STOP, ns == UNIT_INACTIVE);
-
- u->in_audit = false;
- }
- }
-
- manager_recheck_journal(m);
- unit_trigger_notify(u);
-
- if (!MANAGER_IS_RELOADING(u->manager)) {
- /* Maybe we finished startup and are now ready for
- * being stopped because unneeded? */
- unit_check_unneeded(u);
-
- /* Maybe we finished startup, but something we needed
- * has vanished? Let's die then. (This happens when
- * something BindsTo= to a Type=oneshot unit, as these
- * units go directly from starting to inactive,
- * without ever entering started.) */
- unit_check_binds_to(u);
- }
-
- unit_add_to_dbus_queue(u);
- unit_add_to_gc_queue(u);
-}
-
-int unit_watch_pid(Unit *u, pid_t pid) {
- int q, r;
-
- assert(u);
- assert(pid >= 1);
-
- /* Watch a specific PID. We only support one or two units
- * watching each PID for now, not more. */
-
- r = set_ensure_allocated(&u->pids, NULL);
- if (r < 0)
- return r;
-
- r = hashmap_ensure_allocated(&u->manager->watch_pids1, NULL);
- if (r < 0)
- return r;
-
- r = hashmap_put(u->manager->watch_pids1, PID_TO_PTR(pid), u);
- if (r == -EEXIST) {
- r = hashmap_ensure_allocated(&u->manager->watch_pids2, NULL);
- if (r < 0)
- return r;
-
- r = hashmap_put(u->manager->watch_pids2, PID_TO_PTR(pid), u);
- }
-
- q = set_put(u->pids, PID_TO_PTR(pid));
- if (q < 0)
- return q;
-
- return r;
-}
-
-void unit_unwatch_pid(Unit *u, pid_t pid) {
- assert(u);
- assert(pid >= 1);
-
- (void) hashmap_remove_value(u->manager->watch_pids1, PID_TO_PTR(pid), u);
- (void) hashmap_remove_value(u->manager->watch_pids2, PID_TO_PTR(pid), u);
- (void) set_remove(u->pids, PID_TO_PTR(pid));
-}
-
-void unit_unwatch_all_pids(Unit *u) {
- assert(u);
-
- while (!set_isempty(u->pids))
- unit_unwatch_pid(u, PTR_TO_PID(set_first(u->pids)));
-
- u->pids = set_free(u->pids);
-}
-
-void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
- Iterator i;
- void *e;
-
- assert(u);
-
- /* Cleans dead PIDs from our list */
-
- SET_FOREACH(e, u->pids, i) {
- pid_t pid = PTR_TO_PID(e);
-
- if (pid == except1 || pid == except2)
- continue;
-
- if (!pid_is_unwaited(pid))
- unit_unwatch_pid(u, pid);
- }
-}
-
-bool unit_job_is_applicable(Unit *u, JobType j) {
- assert(u);
- assert(j >= 0 && j < _JOB_TYPE_MAX);
-
- switch (j) {
-
- case JOB_VERIFY_ACTIVE:
- case JOB_START:
- case JOB_NOP:
- /* Note that we don't check unit_can_start() here. That's because .device units and suchlike are not
- * startable by us but may appear due to external events, and it thus makes sense to permit enqueing
- * jobs for it. */
- return true;
-
- case JOB_STOP:
- /* Similar as above. However, perpetual units can never be stopped (neither explicitly nor due to
- * external events), hence it makes no sense to permit enqueing such a request either. */
- return !u->perpetual;
-
- case JOB_RESTART:
- case JOB_TRY_RESTART:
- return unit_can_stop(u) && unit_can_start(u);
-
- case JOB_RELOAD:
- case JOB_TRY_RELOAD:
- return unit_can_reload(u);
-
- case JOB_RELOAD_OR_START:
- return unit_can_reload(u) && unit_can_start(u);
-
- default:
- assert_not_reached("Invalid job type");
- }
-}
-
-static void maybe_warn_about_dependency(Unit *u, const char *other, UnitDependency dependency) {
- assert(u);
-
- /* Only warn about some unit types */
- if (!IN_SET(dependency, UNIT_CONFLICTS, UNIT_CONFLICTED_BY, UNIT_BEFORE, UNIT_AFTER, UNIT_ON_FAILURE, UNIT_TRIGGERS, UNIT_TRIGGERED_BY))
- return;
-
- if (streq_ptr(u->id, other))
- log_unit_warning(u, "Dependency %s=%s dropped", unit_dependency_to_string(dependency), u->id);
- else
- log_unit_warning(u, "Dependency %s=%s dropped, merged into %s", unit_dependency_to_string(dependency), strna(other), u->id);
-}
-
-int unit_add_dependency(Unit *u, UnitDependency d, Unit *other, bool add_reference) {
-
- static const UnitDependency inverse_table[_UNIT_DEPENDENCY_MAX] = {
- [UNIT_REQUIRES] = UNIT_REQUIRED_BY,
- [UNIT_WANTS] = UNIT_WANTED_BY,
- [UNIT_REQUISITE] = UNIT_REQUISITE_OF,
- [UNIT_BINDS_TO] = UNIT_BOUND_BY,
- [UNIT_PART_OF] = UNIT_CONSISTS_OF,
- [UNIT_REQUIRED_BY] = UNIT_REQUIRES,
- [UNIT_REQUISITE_OF] = UNIT_REQUISITE,
- [UNIT_WANTED_BY] = UNIT_WANTS,
- [UNIT_BOUND_BY] = UNIT_BINDS_TO,
- [UNIT_CONSISTS_OF] = UNIT_PART_OF,
- [UNIT_CONFLICTS] = UNIT_CONFLICTED_BY,
- [UNIT_CONFLICTED_BY] = UNIT_CONFLICTS,
- [UNIT_BEFORE] = UNIT_AFTER,
- [UNIT_AFTER] = UNIT_BEFORE,
- [UNIT_ON_FAILURE] = _UNIT_DEPENDENCY_INVALID,
- [UNIT_REFERENCES] = UNIT_REFERENCED_BY,
- [UNIT_REFERENCED_BY] = UNIT_REFERENCES,
- [UNIT_TRIGGERS] = UNIT_TRIGGERED_BY,
- [UNIT_TRIGGERED_BY] = UNIT_TRIGGERS,
- [UNIT_PROPAGATES_RELOAD_TO] = UNIT_RELOAD_PROPAGATED_FROM,
- [UNIT_RELOAD_PROPAGATED_FROM] = UNIT_PROPAGATES_RELOAD_TO,
- [UNIT_JOINS_NAMESPACE_OF] = UNIT_JOINS_NAMESPACE_OF,
- };
- int r, q = 0, v = 0, w = 0;
- Unit *orig_u = u, *orig_other = other;
-
- assert(u);
- assert(d >= 0 && d < _UNIT_DEPENDENCY_MAX);
- assert(other);
-
- u = unit_follow_merge(u);
- other = unit_follow_merge(other);
-
- /* We won't allow dependencies on ourselves. We will not
- * consider them an error however. */
- if (u == other) {
- maybe_warn_about_dependency(orig_u, orig_other->id, d);
- return 0;
- }
-
- if (d == UNIT_BEFORE && other->type == UNIT_DEVICE) {
- log_unit_warning(u, "Dependency Before=%s ignored (.device units cannot be delayed)", other->id);
- return 0;
- }
-
- r = set_ensure_allocated(&u->dependencies[d], NULL);
- if (r < 0)
- return r;
-
- if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID) {
- r = set_ensure_allocated(&other->dependencies[inverse_table[d]], NULL);
- if (r < 0)
- return r;
- }
-
- if (add_reference) {
- r = set_ensure_allocated(&u->dependencies[UNIT_REFERENCES], NULL);
- if (r < 0)
- return r;
-
- r = set_ensure_allocated(&other->dependencies[UNIT_REFERENCED_BY], NULL);
- if (r < 0)
- return r;
- }
-
- q = set_put(u->dependencies[d], other);
- if (q < 0)
- return q;
-
- if (inverse_table[d] != _UNIT_DEPENDENCY_INVALID && inverse_table[d] != d) {
- v = set_put(other->dependencies[inverse_table[d]], u);
- if (v < 0) {
- r = v;
- goto fail;
- }
- }
-
- if (add_reference) {
- w = set_put(u->dependencies[UNIT_REFERENCES], other);
- if (w < 0) {
- r = w;
- goto fail;
- }
-
- r = set_put(other->dependencies[UNIT_REFERENCED_BY], u);
- if (r < 0)
- goto fail;
- }
-
- unit_add_to_dbus_queue(u);
- return 0;
-
-fail:
- if (q > 0)
- set_remove(u->dependencies[d], other);
-
- if (v > 0)
- set_remove(other->dependencies[inverse_table[d]], u);
-
- if (w > 0)
- set_remove(u->dependencies[UNIT_REFERENCES], other);
-
- return r;
-}
-
-int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference) {
- int r;
-
- assert(u);
-
- r = unit_add_dependency(u, d, other, add_reference);
- if (r < 0)
- return r;
-
- return unit_add_dependency(u, e, other, add_reference);
-}
-
-static int resolve_template(Unit *u, const char *name, const char*path, char **buf, const char **ret) {
- int r;
-
- assert(u);
- assert(name || path);
- assert(buf);
- assert(ret);
-
- if (!name)
- name = basename(path);
-
- if (!unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
- *buf = NULL;
- *ret = name;
- return 0;
- }
-
- if (u->instance)
- r = unit_name_replace_instance(name, u->instance, buf);
- else {
- _cleanup_free_ char *i = NULL;
-
- r = unit_name_to_prefix(u->id, &i);
- if (r < 0)
- return r;
-
- r = unit_name_replace_instance(name, i, buf);
- }
- if (r < 0)
- return r;
-
- *ret = *buf;
- return 0;
-}
-
-int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *path, bool add_reference) {
- _cleanup_free_ char *buf = NULL;
- Unit *other;
- int r;
-
- assert(u);
- assert(name || path);
-
- r = resolve_template(u, name, path, &buf, &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(u->manager, name, path, NULL, &other);
- if (r < 0)
- return r;
-
- return unit_add_dependency(u, d, other, add_reference);
-}
-
-int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference) {
- _cleanup_free_ char *buf = NULL;
- Unit *other;
- int r;
-
- assert(u);
- assert(name || path);
-
- r = resolve_template(u, name, path, &buf, &name);
- if (r < 0)
- return r;
-
- r = manager_load_unit(u->manager, name, path, NULL, &other);
- if (r < 0)
- return r;
-
- return unit_add_two_dependencies(u, d, e, other, add_reference);
-}
-
-int set_unit_path(const char *p) {
- /* This is mostly for debug purposes */
- if (setenv("SYSTEMD_UNIT_PATH", p, 1) < 0)
- return -errno;
-
- return 0;
-}
-
-char *unit_dbus_path(Unit *u) {
- assert(u);
-
- if (!u->id)
- return NULL;
-
- return unit_dbus_path_from_name(u->id);
-}
-
-char *unit_dbus_path_invocation_id(Unit *u) {
- assert(u);
-
- if (sd_id128_is_null(u->invocation_id))
- return NULL;
-
- return unit_dbus_path_from_name(u->invocation_id_string);
-}
-
-int unit_set_slice(Unit *u, Unit *slice) {
- assert(u);
- assert(slice);
-
- /* Sets the unit slice if it has not been set before. Is extra
- * careful, to only allow this for units that actually have a
- * cgroup context. Also, we don't allow to set this for slices
- * (since the parent slice is derived from the name). Make
- * sure the unit we set is actually a slice. */
-
- if (!UNIT_HAS_CGROUP_CONTEXT(u))
- return -EOPNOTSUPP;
-
- if (u->type == UNIT_SLICE)
- return -EINVAL;
-
- if (unit_active_state(u) != UNIT_INACTIVE)
- return -EBUSY;
-
- if (slice->type != UNIT_SLICE)
- return -EINVAL;
-
- if (unit_has_name(u, SPECIAL_INIT_SCOPE) &&
- !unit_has_name(slice, SPECIAL_ROOT_SLICE))
- return -EPERM;
-
- if (UNIT_DEREF(u->slice) == slice)
- return 0;
-
- /* Disallow slice changes if @u is already bound to cgroups */
- if (UNIT_ISSET(u->slice) && u->cgroup_realized)
- return -EBUSY;
-
- unit_ref_unset(&u->slice);
- unit_ref_set(&u->slice, slice);
- return 1;
-}
-
-int unit_set_default_slice(Unit *u) {
- _cleanup_free_ char *b = NULL;
- const char *slice_name;
- Unit *slice;
- int r;
-
- assert(u);
-
- if (UNIT_ISSET(u->slice))
- return 0;
-
- if (u->instance) {
- _cleanup_free_ char *prefix = NULL, *escaped = NULL;
-
- /* Implicitly place all instantiated units in their
- * own per-template slice */
-
- r = unit_name_to_prefix(u->id, &prefix);
- if (r < 0)
- return r;
-
- /* The prefix is already escaped, but it might include
- * "-" which has a special meaning for slice units,
- * hence escape it here extra. */
- escaped = unit_name_escape(prefix);
- if (!escaped)
- return -ENOMEM;
-
- if (MANAGER_IS_SYSTEM(u->manager))
- b = strjoin("system-", escaped, ".slice", NULL);
- else
- b = strappend(escaped, ".slice");
- if (!b)
- return -ENOMEM;
-
- slice_name = b;
- } else
- slice_name =
- MANAGER_IS_SYSTEM(u->manager) && !unit_has_name(u, SPECIAL_INIT_SCOPE)
- ? SPECIAL_SYSTEM_SLICE
- : SPECIAL_ROOT_SLICE;
-
- r = manager_load_unit(u->manager, slice_name, NULL, NULL, &slice);
- if (r < 0)
- return r;
-
- return unit_set_slice(u, slice);
-}
-
-const char *unit_slice_name(Unit *u) {
- assert(u);
-
- if (!UNIT_ISSET(u->slice))
- return NULL;
-
- return UNIT_DEREF(u->slice)->id;
-}
-
-int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
- _cleanup_free_ char *t = NULL;
- int r;
-
- assert(u);
- assert(type);
- assert(_found);
-
- r = unit_name_change_suffix(u->id, type, &t);
- if (r < 0)
- return r;
- if (unit_has_name(u, t))
- return -EINVAL;
-
- r = manager_load_unit(u->manager, t, NULL, NULL, _found);
- assert(r < 0 || *_found != u);
- return r;
-}
-
-static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
- const char *name, *old_owner, *new_owner;
- Unit *u = userdata;
- int r;
-
- assert(message);
- assert(u);
-
- r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
- if (r < 0) {
- bus_log_parse_error(r);
- return 0;
- }
-
- if (UNIT_VTABLE(u)->bus_name_owner_change)
- UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
-
- return 0;
-}
-
-int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name) {
- const char *match;
-
- assert(u);
- assert(bus);
- assert(name);
-
- if (u->match_bus_slot)
- return -EBUSY;
-
- match = strjoina("type='signal',"
- "sender='org.freedesktop.DBus',"
- "path='/org/freedesktop/DBus',"
- "interface='org.freedesktop.DBus',"
- "member='NameOwnerChanged',"
- "arg0='", name, "'");
-
- return sd_bus_add_match(bus, &u->match_bus_slot, match, signal_name_owner_changed, u);
-}
-
-int unit_watch_bus_name(Unit *u, const char *name) {
- int r;
-
- assert(u);
- assert(name);
-
- /* Watch a specific name on the bus. We only support one unit
- * watching each name for now. */
-
- if (u->manager->api_bus) {
- /* If the bus is already available, install the match directly.
- * Otherwise, just put the name in the list. bus_setup_api() will take care later. */
- r = unit_install_bus_match(u, u->manager->api_bus, name);
- if (r < 0)
- return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal for '%s': %m", name);
- }
-
- r = hashmap_put(u->manager->watch_bus, name, u);
- if (r < 0) {
- u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
- return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
- }
-
- return 0;
-}
-
-void unit_unwatch_bus_name(Unit *u, const char *name) {
- assert(u);
- assert(name);
-
- hashmap_remove_value(u->manager->watch_bus, name, u);
- u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
-}
-
-bool unit_can_serialize(Unit *u) {
- assert(u);
-
- return UNIT_VTABLE(u)->serialize && UNIT_VTABLE(u)->deserialize_item;
-}
-
-int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
- int r;
-
- assert(u);
- assert(f);
- assert(fds);
-
- if (unit_can_serialize(u)) {
- ExecRuntime *rt;
-
- r = UNIT_VTABLE(u)->serialize(u, f, fds);
- if (r < 0)
- return r;
-
- rt = unit_get_exec_runtime(u);
- if (rt) {
- r = exec_runtime_serialize(u, rt, f, fds);
- if (r < 0)
- return r;
- }
- }
-
- dual_timestamp_serialize(f, "state-change-timestamp", &u->state_change_timestamp);
-
- dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
- dual_timestamp_serialize(f, "active-enter-timestamp", &u->active_enter_timestamp);
- dual_timestamp_serialize(f, "active-exit-timestamp", &u->active_exit_timestamp);
- dual_timestamp_serialize(f, "inactive-enter-timestamp", &u->inactive_enter_timestamp);
-
- dual_timestamp_serialize(f, "condition-timestamp", &u->condition_timestamp);
- dual_timestamp_serialize(f, "assert-timestamp", &u->assert_timestamp);
-
- if (dual_timestamp_is_set(&u->condition_timestamp))
- unit_serialize_item(u, f, "condition-result", yes_no(u->condition_result));
-
- if (dual_timestamp_is_set(&u->assert_timestamp))
- unit_serialize_item(u, f, "assert-result", yes_no(u->assert_result));
-
- unit_serialize_item(u, f, "transient", yes_no(u->transient));
-
- unit_serialize_item_format(u, f, "cpu-usage-base", "%" PRIu64, u->cpu_usage_base);
- if (u->cpu_usage_last != NSEC_INFINITY)
- unit_serialize_item_format(u, f, "cpu-usage-last", "%" PRIu64, u->cpu_usage_last);
-
- if (u->cgroup_path)
- unit_serialize_item(u, f, "cgroup", u->cgroup_path);
- unit_serialize_item(u, f, "cgroup-realized", yes_no(u->cgroup_realized));
-
- if (uid_is_valid(u->ref_uid))
- unit_serialize_item_format(u, f, "ref-uid", UID_FMT, u->ref_uid);
- if (gid_is_valid(u->ref_gid))
- unit_serialize_item_format(u, f, "ref-gid", GID_FMT, u->ref_gid);
-
- if (!sd_id128_is_null(u->invocation_id))
- unit_serialize_item_format(u, f, "invocation-id", SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(u->invocation_id));
-
- bus_track_serialize(u->bus_track, f, "ref");
-
- if (serialize_jobs) {
- if (u->job) {
- fprintf(f, "job\n");
- job_serialize(u->job, f);
- }
-
- if (u->nop_job) {
- fprintf(f, "job\n");
- job_serialize(u->nop_job, f);
- }
- }
-
- /* End marker */
- fputc('\n', f);
- return 0;
-}
-
-int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value) {
- assert(u);
- assert(f);
- assert(key);
-
- if (!value)
- return 0;
-
- fputs(key, f);
- fputc('=', f);
- fputs(value, f);
- fputc('\n', f);
-
- return 1;
-}
-
-int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value) {
- _cleanup_free_ char *c = NULL;
-
- assert(u);
- assert(f);
- assert(key);
-
- if (!value)
- return 0;
-
- c = cescape(value);
- if (!c)
- return -ENOMEM;
-
- fputs(key, f);
- fputc('=', f);
- fputs(c, f);
- fputc('\n', f);
-
- return 1;
-}
-
-int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd) {
- int copy;
-
- assert(u);
- assert(f);
- assert(key);
-
- if (fd < 0)
- return 0;
-
- copy = fdset_put_dup(fds, fd);
- if (copy < 0)
- return copy;
-
- fprintf(f, "%s=%i\n", key, copy);
- return 1;
-}
-
-void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *format, ...) {
- va_list ap;
-
- assert(u);
- assert(f);
- assert(key);
- assert(format);
-
- fputs(key, f);
- fputc('=', f);
-
- va_start(ap, format);
- vfprintf(f, format, ap);
- va_end(ap);
-
- fputc('\n', f);
-}
-
-int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
- ExecRuntime **rt = NULL;
- size_t offset;
- int r;
-
- assert(u);
- assert(f);
- assert(fds);
-
- offset = UNIT_VTABLE(u)->exec_runtime_offset;
- if (offset > 0)
- rt = (ExecRuntime**) ((uint8_t*) u + offset);
-
- for (;;) {
- char line[LINE_MAX], *l, *v;
- size_t k;
-
- if (!fgets(line, sizeof(line), f)) {
- if (feof(f))
- return 0;
- return -errno;
- }
-
- char_array_0(line);
- l = strstrip(line);
-
- /* End marker */
- if (isempty(l))
- break;
-
- k = strcspn(l, "=");
-
- if (l[k] == '=') {
- l[k] = 0;
- v = l+k+1;
- } else
- v = l+k;
-
- if (streq(l, "job")) {
- if (v[0] == '\0') {
- /* new-style serialized job */
- Job *j;
-
- j = job_new_raw(u);
- if (!j)
- return log_oom();
-
- r = job_deserialize(j, f);
- if (r < 0) {
- job_free(j);
- return r;
- }
-
- r = hashmap_put(u->manager->jobs, UINT32_TO_PTR(j->id), j);
- if (r < 0) {
- job_free(j);
- return r;
- }
-
- r = job_install_deserialized(j);
- if (r < 0) {
- hashmap_remove(u->manager->jobs, UINT32_TO_PTR(j->id));
- job_free(j);
- return r;
- }
- } else /* legacy for pre-44 */
- log_unit_warning(u, "Update from too old systemd versions are unsupported, cannot deserialize job: %s", v);
- continue;
- } else if (streq(l, "state-change-timestamp")) {
- dual_timestamp_deserialize(v, &u->state_change_timestamp);
- continue;
- } else if (streq(l, "inactive-exit-timestamp")) {
- dual_timestamp_deserialize(v, &u->inactive_exit_timestamp);
- continue;
- } else if (streq(l, "active-enter-timestamp")) {
- dual_timestamp_deserialize(v, &u->active_enter_timestamp);
- continue;
- } else if (streq(l, "active-exit-timestamp")) {
- dual_timestamp_deserialize(v, &u->active_exit_timestamp);
- continue;
- } else if (streq(l, "inactive-enter-timestamp")) {
- dual_timestamp_deserialize(v, &u->inactive_enter_timestamp);
- continue;
- } else if (streq(l, "condition-timestamp")) {
- dual_timestamp_deserialize(v, &u->condition_timestamp);
- continue;
- } else if (streq(l, "assert-timestamp")) {
- dual_timestamp_deserialize(v, &u->assert_timestamp);
- continue;
- } else if (streq(l, "condition-result")) {
-
- r = parse_boolean(v);
- if (r < 0)
- log_unit_debug(u, "Failed to parse condition result value %s, ignoring.", v);
- else
- u->condition_result = r;
-
- continue;
-
- } else if (streq(l, "assert-result")) {
-
- r = parse_boolean(v);
- if (r < 0)
- log_unit_debug(u, "Failed to parse assert result value %s, ignoring.", v);
- else
- u->assert_result = r;
-
- continue;
-
- } else if (streq(l, "transient")) {
-
- r = parse_boolean(v);
- if (r < 0)
- log_unit_debug(u, "Failed to parse transient bool %s, ignoring.", v);
- else
- u->transient = r;
-
- continue;
-
- } else if (STR_IN_SET(l, "cpu-usage-base", "cpuacct-usage-base")) {
-
- r = safe_atou64(v, &u->cpu_usage_base);
- if (r < 0)
- log_unit_debug(u, "Failed to parse CPU usage base %s, ignoring.", v);
-
- continue;
-
- } else if (streq(l, "cpu-usage-last")) {
-
- r = safe_atou64(v, &u->cpu_usage_last);
- if (r < 0)
- log_unit_debug(u, "Failed to read CPU usage last %s, ignoring.", v);
-
- continue;
-
- } else if (streq(l, "cgroup")) {
-
- r = unit_set_cgroup_path(u, v);
- if (r < 0)
- log_unit_debug_errno(u, r, "Failed to set cgroup path %s, ignoring: %m", v);
-
- (void) unit_watch_cgroup(u);
-
- continue;
- } else if (streq(l, "cgroup-realized")) {
- int b;
-
- b = parse_boolean(v);
- if (b < 0)
- log_unit_debug(u, "Failed to parse cgroup-realized bool %s, ignoring.", v);
- else
- u->cgroup_realized = b;
-
- continue;
-
- } else if (streq(l, "ref-uid")) {
- uid_t uid;
-
- r = parse_uid(v, &uid);
- if (r < 0)
- log_unit_debug(u, "Failed to parse referenced UID %s, ignoring.", v);
- else
- unit_ref_uid_gid(u, uid, GID_INVALID);
-
- continue;
-
- } else if (streq(l, "ref-gid")) {
- gid_t gid;
-
- r = parse_gid(v, &gid);
- if (r < 0)
- log_unit_debug(u, "Failed to parse referenced GID %s, ignoring.", v);
- else
- unit_ref_uid_gid(u, UID_INVALID, gid);
-
- } else if (streq(l, "ref")) {
-
- r = strv_extend(&u->deserialized_refs, v);
- if (r < 0)
- log_oom();
-
- continue;
- } else if (streq(l, "invocation-id")) {
- sd_id128_t id;
-
- r = sd_id128_from_string(v, &id);
- if (r < 0)
- log_unit_debug(u, "Failed to parse invocation id %s, ignoring.", v);
- else {
- r = unit_set_invocation_id(u, id);
- if (r < 0)
- log_unit_warning_errno(u, r, "Failed to set invocation ID for unit: %m");
- }
-
- continue;
- }
-
- if (unit_can_serialize(u)) {
- if (rt) {
- r = exec_runtime_deserialize_item(u, rt, l, v, fds);
- if (r < 0) {
- log_unit_warning(u, "Failed to deserialize runtime parameter '%s', ignoring.", l);
- continue;
- }
-
- /* Returns positive if key was handled by the call */
- if (r > 0)
- continue;
- }
-
- r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
- if (r < 0)
- log_unit_warning(u, "Failed to deserialize unit parameter '%s', ignoring.", l);
- }
- }
-
- /* Versions before 228 did not carry a state change timestamp. In this case, take the current time. This is
- * useful, so that timeouts based on this timestamp don't trigger too early, and is in-line with the logic from
- * before 228 where the base for timeouts was not persistent across reboots. */
-
- if (!dual_timestamp_is_set(&u->state_change_timestamp))
- dual_timestamp_get(&u->state_change_timestamp);
-
- return 0;
-}
-
-int unit_add_node_link(Unit *u, const char *what, bool wants, UnitDependency dep) {
- Unit *device;
- _cleanup_free_ char *e = NULL;
- int r;
-
- assert(u);
-
- /* Adds in links to the device node that this unit is based on */
- if (isempty(what))
- return 0;
-
- if (!is_device_path(what))
- return 0;
-
- /* When device units aren't supported (such as in a
- * container), don't create dependencies on them. */
- if (!unit_type_supported(UNIT_DEVICE))
- return 0;
-
- r = unit_name_from_path(what, ".device", &e);
- if (r < 0)
- return r;
-
- r = manager_load_unit(u->manager, e, NULL, NULL, &device);
- if (r < 0)
- return r;
-
- r = unit_add_two_dependencies(u, UNIT_AFTER,
- MANAGER_IS_SYSTEM(u->manager) ? dep : UNIT_WANTS,
- device, true);
- if (r < 0)
- return r;
-
- if (wants) {
- r = unit_add_dependency(device, UNIT_WANTS, u, false);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-int unit_coldplug(Unit *u) {
- int r = 0, q;
- char **i;
-
- assert(u);
-
- /* Make sure we don't enter a loop, when coldplugging
- * recursively. */
- if (u->coldplugged)
- return 0;
-
- u->coldplugged = true;
-
- STRV_FOREACH(i, u->deserialized_refs) {
- q = bus_unit_track_add_name(u, *i);
- if (q < 0 && r >= 0)
- r = q;
- }
- u->deserialized_refs = strv_free(u->deserialized_refs);
-
- if (UNIT_VTABLE(u)->coldplug) {
- q = UNIT_VTABLE(u)->coldplug(u);
- if (q < 0 && r >= 0)
- r = q;
- }
-
- if (u->job) {
- q = job_coldplug(u->job);
- if (q < 0 && r >= 0)
- r = q;
- }
-
- return r;
-}
-
-static bool fragment_mtime_newer(const char *path, usec_t mtime, bool path_masked) {
- struct stat st;
-
- if (!path)
- return false;
-
- if (stat(path, &st) < 0)
- /* What, cannot access this anymore? */
- return true;
-
- if (path_masked)
- /* For masked files check if they are still so */
- return !null_or_empty(&st);
- else
- /* For non-empty files check the mtime */
- return timespec_load(&st.st_mtim) > mtime;
-
- return false;
-}
-
-bool unit_need_daemon_reload(Unit *u) {
- _cleanup_strv_free_ char **t = NULL;
- char **path;
-
- assert(u);
-
- /* For unit files, we allow masking… */
- if (fragment_mtime_newer(u->fragment_path, u->fragment_mtime,
- u->load_state == UNIT_MASKED))
- return true;
-
- /* Source paths should not be masked… */
- if (fragment_mtime_newer(u->source_path, u->source_mtime, false))
- return true;
-
- (void) unit_find_dropin_paths(u, &t);
- if (!strv_equal(u->dropin_paths, t))
- return true;
-
- /* … any drop-ins that are masked are simply omitted from the list. */
- STRV_FOREACH(path, u->dropin_paths)
- if (fragment_mtime_newer(*path, u->dropin_mtime, false))
- return true;
-
- return false;
-}
-
-void unit_reset_failed(Unit *u) {
- assert(u);
-
- if (UNIT_VTABLE(u)->reset_failed)
- UNIT_VTABLE(u)->reset_failed(u);
-
- RATELIMIT_RESET(u->start_limit);
- u->start_limit_hit = false;
-}
-
-Unit *unit_following(Unit *u) {
- assert(u);
-
- if (UNIT_VTABLE(u)->following)
- return UNIT_VTABLE(u)->following(u);
-
- return NULL;
-}
-
-bool unit_stop_pending(Unit *u) {
- assert(u);
-
- /* This call does check the current state of the unit. It's
- * hence useful to be called from state change calls of the
- * unit itself, where the state isn't updated yet. This is
- * different from unit_inactive_or_pending() which checks both
- * the current state and for a queued job. */
-
- return u->job && u->job->type == JOB_STOP;
-}
-
-bool unit_inactive_or_pending(Unit *u) {
- assert(u);
-
- /* Returns true if the unit is inactive or going down */
-
- if (UNIT_IS_INACTIVE_OR_DEACTIVATING(unit_active_state(u)))
- return true;
-
- if (unit_stop_pending(u))
- return true;
-
- return false;
-}
-
-bool unit_active_or_pending(Unit *u) {
- assert(u);
-
- /* Returns true if the unit is active or going up */
-
- if (UNIT_IS_ACTIVE_OR_ACTIVATING(unit_active_state(u)))
- return true;
-
- if (u->job &&
- (u->job->type == JOB_START ||
- u->job->type == JOB_RELOAD_OR_START ||
- u->job->type == JOB_RESTART))
- return true;
-
- return false;
-}
-
-int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error) {
- assert(u);
- assert(w >= 0 && w < _KILL_WHO_MAX);
- assert(SIGNAL_VALID(signo));
-
- if (!UNIT_VTABLE(u)->kill)
- return -EOPNOTSUPP;
-
- return UNIT_VTABLE(u)->kill(u, w, signo, error);
-}
-
-static Set *unit_pid_set(pid_t main_pid, pid_t control_pid) {
- Set *pid_set;
- int r;
-
- pid_set = set_new(NULL);
- if (!pid_set)
- return NULL;
-
- /* Exclude the main/control pids from being killed via the cgroup */
- if (main_pid > 0) {
- r = set_put(pid_set, PID_TO_PTR(main_pid));
- if (r < 0)
- goto fail;
- }
-
- if (control_pid > 0) {
- r = set_put(pid_set, PID_TO_PTR(control_pid));
- if (r < 0)
- goto fail;
- }
-
- return pid_set;
-
-fail:
- set_free(pid_set);
- return NULL;
-}
-
-int unit_kill_common(
- Unit *u,
- KillWho who,
- int signo,
- pid_t main_pid,
- pid_t control_pid,
- sd_bus_error *error) {
-
- int r = 0;
- bool killed = false;
-
- if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL)) {
- if (main_pid < 0)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no main processes", unit_type_to_string(u->type));
- else if (main_pid == 0)
- return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No main process to kill");
- }
-
- if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL)) {
- if (control_pid < 0)
- return sd_bus_error_setf(error, BUS_ERROR_NO_SUCH_PROCESS, "%s units have no control processes", unit_type_to_string(u->type));
- else if (control_pid == 0)
- return sd_bus_error_set_const(error, BUS_ERROR_NO_SUCH_PROCESS, "No control process to kill");
- }
-
- if (IN_SET(who, KILL_CONTROL, KILL_CONTROL_FAIL, KILL_ALL, KILL_ALL_FAIL))
- if (control_pid > 0) {
- if (kill(control_pid, signo) < 0)
- r = -errno;
- else
- killed = true;
- }
-
- if (IN_SET(who, KILL_MAIN, KILL_MAIN_FAIL, KILL_ALL, KILL_ALL_FAIL))
- if (main_pid > 0) {
- if (kill(main_pid, signo) < 0)
- r = -errno;
- else
- killed = true;
- }
-
- if (IN_SET(who, KILL_ALL, KILL_ALL_FAIL) && u->cgroup_path) {
- _cleanup_set_free_ Set *pid_set = NULL;
- int q;
-
- /* Exclude the main/control pids from being killed via the cgroup */
- pid_set = unit_pid_set(main_pid, control_pid);
- if (!pid_set)
- return -ENOMEM;
-
- q = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path, signo, 0, pid_set, NULL, NULL);
- if (q < 0 && q != -EAGAIN && q != -ESRCH && q != -ENOENT)
- r = q;
- else
- killed = true;
- }
-
- if (r == 0 && !killed && IN_SET(who, KILL_ALL_FAIL, KILL_CONTROL_FAIL))
- return -ESRCH;
-
- return r;
-}
-
-int unit_following_set(Unit *u, Set **s) {
- assert(u);
- assert(s);
-
- if (UNIT_VTABLE(u)->following_set)
- return UNIT_VTABLE(u)->following_set(u, s);
-
- *s = NULL;
- return 0;
-}
-
-UnitFileState unit_get_unit_file_state(Unit *u) {
- int r;
-
- assert(u);
-
- if (u->unit_file_state < 0 && u->fragment_path) {
- r = unit_file_get_state(
- u->manager->unit_file_scope,
- NULL,
- basename(u->fragment_path),
- &u->unit_file_state);
- if (r < 0)
- u->unit_file_state = UNIT_FILE_BAD;
- }
-
- return u->unit_file_state;
-}
-
-int unit_get_unit_file_preset(Unit *u) {
- assert(u);
-
- if (u->unit_file_preset < 0 && u->fragment_path)
- u->unit_file_preset = unit_file_query_preset(
- u->manager->unit_file_scope,
- NULL,
- basename(u->fragment_path));
-
- return u->unit_file_preset;
-}
-
-Unit* unit_ref_set(UnitRef *ref, Unit *u) {
- assert(ref);
- assert(u);
-
- if (ref->unit)
- unit_ref_unset(ref);
-
- ref->unit = u;
- LIST_PREPEND(refs, u->refs, ref);
- return u;
-}
-
-void unit_ref_unset(UnitRef *ref) {
- assert(ref);
-
- if (!ref->unit)
- return;
-
- /* We are about to drop a reference to the unit, make sure the garbage collection has a look at it as it might
- * be unreferenced now. */
- unit_add_to_gc_queue(ref->unit);
-
- LIST_REMOVE(refs, ref->unit->refs, ref);
- ref->unit = NULL;
-}
-
-static int user_from_unit_name(Unit *u, char **ret) {
-
- static const uint8_t hash_key[] = {
- 0x58, 0x1a, 0xaf, 0xe6, 0x28, 0x58, 0x4e, 0x96,
- 0xb4, 0x4e, 0xf5, 0x3b, 0x8c, 0x92, 0x07, 0xec
- };
-
- _cleanup_free_ char *n = NULL;
- int r;
-
- r = unit_name_to_prefix(u->id, &n);
- if (r < 0)
- return r;
-
- if (valid_user_group_name(n)) {
- *ret = n;
- n = NULL;
- return 0;
- }
-
- /* If we can't use the unit name as a user name, then let's hash it and use that */
- if (asprintf(ret, "_du%016" PRIx64, siphash24(n, strlen(n), hash_key)) < 0)
- return -ENOMEM;
-
- return 0;
-}
-
-int unit_patch_contexts(Unit *u) {
- CGroupContext *cc;
- ExecContext *ec;
- unsigned i;
- int r;
-
- assert(u);
-
- /* Patch in the manager defaults into the exec and cgroup
- * contexts, _after_ the rest of the settings have been
- * initialized */
-
- ec = unit_get_exec_context(u);
- if (ec) {
- /* This only copies in the ones that need memory */
- for (i = 0; i < _RLIMIT_MAX; i++)
- if (u->manager->rlimit[i] && !ec->rlimit[i]) {
- ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
- if (!ec->rlimit[i])
- return -ENOMEM;
- }
-
- if (MANAGER_IS_USER(u->manager) &&
- !ec->working_directory) {
-
- r = get_home_dir(&ec->working_directory);
- if (r < 0)
- return r;
-
- /* Allow user services to run, even if the
- * home directory is missing */
- ec->working_directory_missing_ok = true;
- }
-
- if (MANAGER_IS_USER(u->manager) &&
- (ec->syscall_whitelist ||
- !set_isempty(ec->syscall_filter) ||
- !set_isempty(ec->syscall_archs) ||
- ec->address_families_whitelist ||
- !set_isempty(ec->address_families)))
- ec->no_new_privileges = true;
-
- if (ec->private_devices)
- ec->capability_bounding_set &= ~((UINT64_C(1) << CAP_MKNOD) | (UINT64_C(1) << CAP_SYS_RAWIO));
-
- if (ec->protect_kernel_modules)
- ec->capability_bounding_set &= ~(UINT64_C(1) << CAP_SYS_MODULE);
-
- if (ec->dynamic_user) {
- if (!ec->user) {
- r = user_from_unit_name(u, &ec->user);
- if (r < 0)
- return r;
- }
-
- if (!ec->group) {
- ec->group = strdup(ec->user);
- if (!ec->group)
- return -ENOMEM;
- }
-
- /* If the dynamic user option is on, let's make sure that the unit can't leave its UID/GID
- * around in the file system or on IPC objects. Hence enforce a strict sandbox. */
-
- ec->private_tmp = true;
- ec->remove_ipc = true;
- ec->protect_system = PROTECT_SYSTEM_STRICT;
- if (ec->protect_home == PROTECT_HOME_NO)
- ec->protect_home = PROTECT_HOME_READ_ONLY;
- }
- }
-
- cc = unit_get_cgroup_context(u);
- if (cc) {
-
- if (ec &&
- ec->private_devices &&
- cc->device_policy == CGROUP_AUTO)
- cc->device_policy = CGROUP_CLOSED;
- }
-
- return 0;
-}
-
-ExecContext *unit_get_exec_context(Unit *u) {
- size_t offset;
- assert(u);
-
- if (u->type < 0)
- return NULL;
-
- offset = UNIT_VTABLE(u)->exec_context_offset;
- if (offset <= 0)
- return NULL;
-
- return (ExecContext*) ((uint8_t*) u + offset);
-}
-
-KillContext *unit_get_kill_context(Unit *u) {
- size_t offset;
- assert(u);
-
- if (u->type < 0)
- return NULL;
-
- offset = UNIT_VTABLE(u)->kill_context_offset;
- if (offset <= 0)
- return NULL;
-
- return (KillContext*) ((uint8_t*) u + offset);
-}
-
-CGroupContext *unit_get_cgroup_context(Unit *u) {
- size_t offset;
-
- if (u->type < 0)
- return NULL;
-
- offset = UNIT_VTABLE(u)->cgroup_context_offset;
- if (offset <= 0)
- return NULL;
-
- return (CGroupContext*) ((uint8_t*) u + offset);
-}
-
-ExecRuntime *unit_get_exec_runtime(Unit *u) {
- size_t offset;
-
- if (u->type < 0)
- return NULL;
-
- offset = UNIT_VTABLE(u)->exec_runtime_offset;
- if (offset <= 0)
- return NULL;
-
- return *(ExecRuntime**) ((uint8_t*) u + offset);
-}
-
-static const char* unit_drop_in_dir(Unit *u, UnitSetPropertiesMode mode) {
- assert(u);
-
- if (!IN_SET(mode, UNIT_RUNTIME, UNIT_PERSISTENT))
- return NULL;
-
- if (u->transient) /* Redirect drop-ins for transient units always into the transient directory. */
- return u->manager->lookup_paths.transient;
-
- if (mode == UNIT_RUNTIME)
- return u->manager->lookup_paths.runtime_control;
-
- if (mode == UNIT_PERSISTENT)
- return u->manager->lookup_paths.persistent_control;
-
- return NULL;
-}
-
-int unit_write_drop_in(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *data) {
- _cleanup_free_ char *p = NULL, *q = NULL;
- const char *dir, *wrapped;
- int r;
-
- assert(u);
-
- if (u->transient_file) {
- /* When this is a transient unit file in creation, then let's not create a new drop-in but instead
- * write to the transient unit file. */
- fputs(data, u->transient_file);
- fputc('\n', u->transient_file);
- return 0;
- }
-
- if (!IN_SET(mode, UNIT_PERSISTENT, UNIT_RUNTIME))
- return 0;
-
- dir = unit_drop_in_dir(u, mode);
- if (!dir)
- return -EINVAL;
-
- wrapped = strjoina("# This is a drop-in unit file extension, created via \"systemctl set-property\"\n"
- "# or an equivalent operation. Do not edit.\n",
- data,
- "\n");
-
- r = drop_in_file(dir, u->id, 50, name, &p, &q);
- if (r < 0)
- return r;
-
- (void) mkdir_p(p, 0755);
- r = write_string_file_atomic_label(q, wrapped);
- if (r < 0)
- return r;
-
- r = strv_push(&u->dropin_paths, q);
- if (r < 0)
- return r;
- q = NULL;
-
- strv_uniq(u->dropin_paths);
-
- u->dropin_mtime = now(CLOCK_REALTIME);
-
- return 0;
-}
-
-int unit_write_drop_in_format(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *format, ...) {
- _cleanup_free_ char *p = NULL;
- va_list ap;
- int r;
-
- assert(u);
- assert(name);
- assert(format);
-
- if (!IN_SET(mode, UNIT_PERSISTENT, UNIT_RUNTIME))
- return 0;
-
- va_start(ap, format);
- r = vasprintf(&p, format, ap);
- va_end(ap);
-
- if (r < 0)
- return -ENOMEM;
-
- return unit_write_drop_in(u, mode, name, p);
-}
-
-int unit_write_drop_in_private(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *data) {
- const char *ndata;
-
- assert(u);
- assert(name);
- assert(data);
-
- if (!UNIT_VTABLE(u)->private_section)
- return -EINVAL;
-
- if (!IN_SET(mode, UNIT_PERSISTENT, UNIT_RUNTIME))
- return 0;
-
- ndata = strjoina("[", UNIT_VTABLE(u)->private_section, "]\n", data);
-
- return unit_write_drop_in(u, mode, name, ndata);
-}
-
-int unit_write_drop_in_private_format(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *format, ...) {
- _cleanup_free_ char *p = NULL;
- va_list ap;
- int r;
-
- assert(u);
- assert(name);
- assert(format);
-
- if (!IN_SET(mode, UNIT_PERSISTENT, UNIT_RUNTIME))
- return 0;
-
- va_start(ap, format);
- r = vasprintf(&p, format, ap);
- va_end(ap);
-
- if (r < 0)
- return -ENOMEM;
-
- return unit_write_drop_in_private(u, mode, name, p);
-}
-
-int unit_make_transient(Unit *u) {
- FILE *f;
- char *path;
-
- assert(u);
-
- if (!UNIT_VTABLE(u)->can_transient)
- return -EOPNOTSUPP;
-
- path = strjoin(u->manager->lookup_paths.transient, "/", u->id, NULL);
- if (!path)
- return -ENOMEM;
-
- /* Let's open the file we'll write the transient settings into. This file is kept open as long as we are
- * creating the transient, and is closed in unit_load(), as soon as we start loading the file. */
-
- RUN_WITH_UMASK(0022) {
- f = fopen(path, "we");
- if (!f) {
- free(path);
- return -errno;
- }
- }
-
- if (u->transient_file)
- fclose(u->transient_file);
- u->transient_file = f;
-
- free(u->fragment_path);
- u->fragment_path = path;
-
- u->source_path = mfree(u->source_path);
- u->dropin_paths = strv_free(u->dropin_paths);
- u->fragment_mtime = u->source_mtime = u->dropin_mtime = 0;
-
- u->load_state = UNIT_STUB;
- u->load_error = 0;
- u->transient = true;
-
- unit_add_to_dbus_queue(u);
- unit_add_to_gc_queue(u);
-
- fputs("# This is a transient unit file, created programmatically via the systemd API. Do not edit.\n",
- u->transient_file);
-
- return 0;
-}
-
-static void log_kill(pid_t pid, int sig, void *userdata) {
- _cleanup_free_ char *comm = NULL;
-
- (void) get_process_comm(pid, &comm);
-
- /* Don't log about processes marked with brackets, under the assumption that these are temporary processes
- only, like for example systemd's own PAM stub process. */
- if (comm && comm[0] == '(')
- return;
-
- log_unit_notice(userdata,
- "Killing process " PID_FMT " (%s) with signal SIG%s.",
- pid,
- strna(comm),
- signal_to_string(sig));
-}
-
-static int operation_to_signal(KillContext *c, KillOperation k) {
- assert(c);
-
- switch (k) {
-
- case KILL_TERMINATE:
- case KILL_TERMINATE_AND_LOG:
- return c->kill_signal;
-
- case KILL_KILL:
- return SIGKILL;
-
- case KILL_ABORT:
- return SIGABRT;
-
- default:
- assert_not_reached("KillOperation unknown");
- }
-}
-
-int unit_kill_context(
- Unit *u,
- KillContext *c,
- KillOperation k,
- pid_t main_pid,
- pid_t control_pid,
- bool main_pid_alien) {
-
- bool wait_for_exit = false, send_sighup;
- cg_kill_log_func_t log_func;
- int sig, r;
-
- assert(u);
- assert(c);
-
- /* Kill the processes belonging to this unit, in preparation for shutting the unit down. Returns > 0 if we
- * killed something worth waiting for, 0 otherwise. */
-
- if (c->kill_mode == KILL_NONE)
- return 0;
-
- sig = operation_to_signal(c, k);
-
- send_sighup =
- c->send_sighup &&
- IN_SET(k, KILL_TERMINATE, KILL_TERMINATE_AND_LOG) &&
- sig != SIGHUP;
-
- log_func =
- k != KILL_TERMINATE ||
- IN_SET(sig, SIGKILL, SIGABRT) ? log_kill : NULL;
-
- if (main_pid > 0) {
- if (log_func)
- log_func(main_pid, sig, u);
-
- r = kill_and_sigcont(main_pid, sig);
- if (r < 0 && r != -ESRCH) {
- _cleanup_free_ char *comm = NULL;
- (void) get_process_comm(main_pid, &comm);
-
- log_unit_warning_errno(u, r, "Failed to kill main process " PID_FMT " (%s), ignoring: %m", main_pid, strna(comm));
- } else {
- if (!main_pid_alien)
- wait_for_exit = true;
-
- if (r != -ESRCH && send_sighup)
- (void) kill(main_pid, SIGHUP);
- }
- }
-
- if (control_pid > 0) {
- if (log_func)
- log_func(control_pid, sig, u);
-
- r = kill_and_sigcont(control_pid, sig);
- if (r < 0 && r != -ESRCH) {
- _cleanup_free_ char *comm = NULL;
- (void) get_process_comm(control_pid, &comm);
-
- log_unit_warning_errno(u, r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m", control_pid, strna(comm));
- } else {
- wait_for_exit = true;
-
- if (r != -ESRCH && send_sighup)
- (void) kill(control_pid, SIGHUP);
- }
- }
-
- if (u->cgroup_path &&
- (c->kill_mode == KILL_CONTROL_GROUP || (c->kill_mode == KILL_MIXED && k == KILL_KILL))) {
- _cleanup_set_free_ Set *pid_set = NULL;
-
- /* Exclude the main/control pids from being killed via the cgroup */
- pid_set = unit_pid_set(main_pid, control_pid);
- if (!pid_set)
- return -ENOMEM;
-
- r = cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
- sig,
- CGROUP_SIGCONT|CGROUP_IGNORE_SELF,
- pid_set,
- log_func, u);
- if (r < 0) {
- if (r != -EAGAIN && r != -ESRCH && r != -ENOENT)
- log_unit_warning_errno(u, r, "Failed to kill control group %s, ignoring: %m", u->cgroup_path);
-
- } else if (r > 0) {
-
- /* FIXME: For now, on the legacy hierarchy, we
- * will not wait for the cgroup members to die
- * if we are running in a container or if this
- * is a delegation unit, simply because cgroup
- * notification is unreliable in these
- * cases. It doesn't work at all in
- * containers, and outside of containers it
- * can be confused easily by left-over
- * directories in the cgroup — which however
- * should not exist in non-delegated units. On
- * the unified hierarchy that's different,
- * there we get proper events. Hence rely on
- * them.*/
-
- if (cg_unified(SYSTEMD_CGROUP_CONTROLLER) > 0 ||
- (detect_container() == 0 && !unit_cgroup_delegate(u)))
- wait_for_exit = true;
-
- if (send_sighup) {
- set_free(pid_set);
-
- pid_set = unit_pid_set(main_pid, control_pid);
- if (!pid_set)
- return -ENOMEM;
-
- cg_kill_recursive(SYSTEMD_CGROUP_CONTROLLER, u->cgroup_path,
- SIGHUP,
- CGROUP_IGNORE_SELF,
- pid_set,
- NULL, NULL);
- }
- }
- }
-
- return wait_for_exit;
-}
-
-int unit_require_mounts_for(Unit *u, const char *path) {
- char prefix[strlen(path) + 1], *p;
- int r;
-
- assert(u);
- assert(path);
-
- /* Registers a unit for requiring a certain path and all its
- * prefixes. We keep a simple array of these paths in the
- * unit, since its usually short. However, we build a prefix
- * table for all possible prefixes so that new appearing mount
- * units can easily determine which units to make themselves a
- * dependency of. */
-
- if (!path_is_absolute(path))
- return -EINVAL;
-
- p = strdup(path);
- if (!p)
- return -ENOMEM;
-
- path_kill_slashes(p);
-
- if (!path_is_safe(p)) {
- free(p);
- return -EPERM;
- }
-
- if (strv_contains(u->requires_mounts_for, p)) {
- free(p);
- return 0;
- }
-
- r = strv_consume(&u->requires_mounts_for, p);
- if (r < 0)
- return r;
-
- PATH_FOREACH_PREFIX_MORE(prefix, p) {
- Set *x;
-
- x = hashmap_get(u->manager->units_requiring_mounts_for, prefix);
- if (!x) {
- char *q;
-
- r = hashmap_ensure_allocated(&u->manager->units_requiring_mounts_for, &string_hash_ops);
- if (r < 0)
- return r;
-
- q = strdup(prefix);
- if (!q)
- return -ENOMEM;
-
- x = set_new(NULL);
- if (!x) {
- free(q);
- return -ENOMEM;
- }
-
- r = hashmap_put(u->manager->units_requiring_mounts_for, q, x);
- if (r < 0) {
- free(q);
- set_free(x);
- return r;
- }
- }
-
- r = set_put(x, u);
- if (r < 0)
- return r;
- }
-
- return 0;
-}
-
-int unit_setup_exec_runtime(Unit *u) {
- ExecRuntime **rt;
- size_t offset;
- Iterator i;
- Unit *other;
-
- offset = UNIT_VTABLE(u)->exec_runtime_offset;
- assert(offset > 0);
-
- /* Check if there already is an ExecRuntime for this unit? */
- rt = (ExecRuntime**) ((uint8_t*) u + offset);
- if (*rt)
- return 0;
-
- /* Try to get it from somebody else */
- SET_FOREACH(other, u->dependencies[UNIT_JOINS_NAMESPACE_OF], i) {
-
- *rt = unit_get_exec_runtime(other);
- if (*rt) {
- exec_runtime_ref(*rt);
- return 0;
- }
- }
-
- return exec_runtime_make(rt, unit_get_exec_context(u), u->id);
-}
-
-int unit_setup_dynamic_creds(Unit *u) {
- ExecContext *ec;
- DynamicCreds *dcreds;
- size_t offset;
-
- assert(u);
-
- offset = UNIT_VTABLE(u)->dynamic_creds_offset;
- assert(offset > 0);
- dcreds = (DynamicCreds*) ((uint8_t*) u + offset);
-
- ec = unit_get_exec_context(u);
- assert(ec);
-
- if (!ec->dynamic_user)
- return 0;
-
- return dynamic_creds_acquire(dcreds, u->manager, ec->user, ec->group);
-}
-
-bool unit_type_supported(UnitType t) {
- if (_unlikely_(t < 0))
- return false;
- if (_unlikely_(t >= _UNIT_TYPE_MAX))
- return false;
-
- if (!unit_vtable[t]->supported)
- return true;
-
- return unit_vtable[t]->supported();
-}
-
-void unit_warn_if_dir_nonempty(Unit *u, const char* where) {
- int r;
-
- assert(u);
- assert(where);
-
- r = dir_is_empty(where);
- if (r > 0)
- return;
- if (r < 0) {
- log_unit_warning_errno(u, r, "Failed to check directory %s: %m", where);
- return;
- }
-
- log_struct(LOG_NOTICE,
- LOG_MESSAGE_ID(SD_MESSAGE_OVERMOUNTING),
- LOG_UNIT_ID(u),
- LOG_UNIT_MESSAGE(u, "Directory %s to mount over is not empty, mounting anyway.", where),
- "WHERE=%s", where,
- NULL);
-}
-
-int unit_fail_if_symlink(Unit *u, const char* where) {
- int r;
-
- assert(u);
- assert(where);
-
- r = is_symlink(where);
- if (r < 0) {
- log_unit_debug_errno(u, r, "Failed to check symlink %s, ignoring: %m", where);
- return 0;
- }
- if (r == 0)
- return 0;
-
- log_struct(LOG_ERR,
- LOG_MESSAGE_ID(SD_MESSAGE_OVERMOUNTING),
- LOG_UNIT_ID(u),
- LOG_UNIT_MESSAGE(u, "Mount on symlink %s not allowed.", where),
- "WHERE=%s", where,
- NULL);
-
- return -ELOOP;
-}
-
-bool unit_is_pristine(Unit *u) {
- assert(u);
-
- /* Check if the unit already exists or is already around,
- * in a number of different ways. Note that to cater for unit
- * types such as slice, we are generally fine with units that
- * are marked UNIT_LOADED even though nothing was
- * actually loaded, as those unit types don't require a file
- * on disk to validly load. */
-
- return !(!IN_SET(u->load_state, UNIT_NOT_FOUND, UNIT_LOADED) ||
- u->fragment_path ||
- u->source_path ||
- !strv_isempty(u->dropin_paths) ||
- u->job ||
- u->merged_into);
-}
-
-pid_t unit_control_pid(Unit *u) {
- assert(u);
-
- if (UNIT_VTABLE(u)->control_pid)
- return UNIT_VTABLE(u)->control_pid(u);
-
- return 0;
-}
-
-pid_t unit_main_pid(Unit *u) {
- assert(u);
-
- if (UNIT_VTABLE(u)->main_pid)
- return UNIT_VTABLE(u)->main_pid(u);
-
- return 0;
-}
-
-static void unit_unref_uid_internal(
- Unit *u,
- uid_t *ref_uid,
- bool destroy_now,
- void (*_manager_unref_uid)(Manager *m, uid_t uid, bool destroy_now)) {
-
- assert(u);
- assert(ref_uid);
- assert(_manager_unref_uid);
-
- /* Generic implementation of both unit_unref_uid() and unit_unref_gid(), under the assumption that uid_t and
- * gid_t are actually the same time, with the same validity rules.
- *
- * Drops a reference to UID/GID from a unit. */
-
- assert_cc(sizeof(uid_t) == sizeof(gid_t));
- assert_cc(UID_INVALID == (uid_t) GID_INVALID);
-
- if (!uid_is_valid(*ref_uid))
- return;
-
- _manager_unref_uid(u->manager, *ref_uid, destroy_now);
- *ref_uid = UID_INVALID;
-}
-
-void unit_unref_uid(Unit *u, bool destroy_now) {
- unit_unref_uid_internal(u, &u->ref_uid, destroy_now, manager_unref_uid);
-}
-
-void unit_unref_gid(Unit *u, bool destroy_now) {
- unit_unref_uid_internal(u, (uid_t*) &u->ref_gid, destroy_now, manager_unref_gid);
-}
-
-static int unit_ref_uid_internal(
- Unit *u,
- uid_t *ref_uid,
- uid_t uid,
- bool clean_ipc,
- int (*_manager_ref_uid)(Manager *m, uid_t uid, bool clean_ipc)) {
-
- int r;
-
- assert(u);
- assert(ref_uid);
- assert(uid_is_valid(uid));
- assert(_manager_ref_uid);
-
- /* Generic implementation of both unit_ref_uid() and unit_ref_guid(), under the assumption that uid_t and gid_t
- * are actually the same type, and have the same validity rules.
- *
- * Adds a reference on a specific UID/GID to this unit. Each unit referencing the same UID/GID maintains a
- * reference so that we can destroy the UID/GID's IPC resources as soon as this is requested and the counter
- * drops to zero. */
-
- assert_cc(sizeof(uid_t) == sizeof(gid_t));
- assert_cc(UID_INVALID == (uid_t) GID_INVALID);
-
- if (*ref_uid == uid)
- return 0;
-
- if (uid_is_valid(*ref_uid)) /* Already set? */
- return -EBUSY;
-
- r = _manager_ref_uid(u->manager, uid, clean_ipc);
- if (r < 0)
- return r;
-
- *ref_uid = uid;
- return 1;
-}
-
-int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc) {
- return unit_ref_uid_internal(u, &u->ref_uid, uid, clean_ipc, manager_ref_uid);
-}
-
-int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc) {
- return unit_ref_uid_internal(u, (uid_t*) &u->ref_gid, (uid_t) gid, clean_ipc, manager_ref_gid);
-}
-
-static int unit_ref_uid_gid_internal(Unit *u, uid_t uid, gid_t gid, bool clean_ipc) {
- int r = 0, q = 0;
-
- assert(u);
-
- /* Reference both a UID and a GID in one go. Either references both, or neither. */
-
- if (uid_is_valid(uid)) {
- r = unit_ref_uid(u, uid, clean_ipc);
- if (r < 0)
- return r;
- }
-
- if (gid_is_valid(gid)) {
- q = unit_ref_gid(u, gid, clean_ipc);
- if (q < 0) {
- if (r > 0)
- unit_unref_uid(u, false);
-
- return q;
- }
- }
-
- return r > 0 || q > 0;
-}
-
-int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid) {
- ExecContext *c;
- int r;
-
- assert(u);
-
- c = unit_get_exec_context(u);
-
- r = unit_ref_uid_gid_internal(u, uid, gid, c ? c->remove_ipc : false);
- if (r < 0)
- return log_unit_warning_errno(u, r, "Couldn't add UID/GID reference to unit, proceeding without: %m");
-
- return r;
-}
-
-void unit_unref_uid_gid(Unit *u, bool destroy_now) {
- assert(u);
-
- unit_unref_uid(u, destroy_now);
- unit_unref_gid(u, destroy_now);
-}
-
-void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid) {
- int r;
-
- assert(u);
-
- /* This is invoked whenever one of the forked off processes let's us know the UID/GID its user name/group names
- * resolved to. We keep track of which UID/GID is currently assigned in order to be able to destroy its IPC
- * objects when no service references the UID/GID anymore. */
-
- r = unit_ref_uid_gid(u, uid, gid);
- if (r > 0)
- bus_unit_send_change_signal(u);
-}
-
-int unit_set_invocation_id(Unit *u, sd_id128_t id) {
- int r;
-
- assert(u);
-
- /* Set the invocation ID for this unit. If we cannot, this will not roll back, but reset the whole thing. */
-
- if (sd_id128_equal(u->invocation_id, id))
- return 0;
-
- if (!sd_id128_is_null(u->invocation_id))
- (void) hashmap_remove_value(u->manager->units_by_invocation_id, &u->invocation_id, u);
-
- if (sd_id128_is_null(id)) {
- r = 0;
- goto reset;
- }
-
- r = hashmap_ensure_allocated(&u->manager->units_by_invocation_id, &id128_hash_ops);
- if (r < 0)
- goto reset;
-
- u->invocation_id = id;
- sd_id128_to_string(id, u->invocation_id_string);
-
- r = hashmap_put(u->manager->units_by_invocation_id, &u->invocation_id, u);
- if (r < 0)
- goto reset;
-
- return 0;
-
-reset:
- u->invocation_id = SD_ID128_NULL;
- u->invocation_id_string[0] = 0;
- return r;
-}
-
-int unit_acquire_invocation_id(Unit *u) {
- sd_id128_t id;
- int r;
-
- assert(u);
-
- r = sd_id128_randomize(&id);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to generate invocation ID for unit: %m");
-
- r = unit_set_invocation_id(u, id);
- if (r < 0)
- return log_unit_error_errno(u, r, "Failed to set invocation ID for unit: %m");
-
- return 0;
-}
diff --git a/src/core/unit.h b/src/core/unit.h
deleted file mode 100644
index 991543664b..0000000000
--- a/src/core/unit.h
+++ /dev/null
@@ -1,679 +0,0 @@
-#pragma once
-
-/***
- This file is part of systemd.
-
- Copyright 2010 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
-
-#include <stdbool.h>
-#include <stdlib.h>
-#include <unistd.h>
-
-typedef struct Unit Unit;
-typedef struct UnitVTable UnitVTable;
-typedef struct UnitRef UnitRef;
-typedef struct UnitStatusMessageFormats UnitStatusMessageFormats;
-
-#include "condition.h"
-#include "emergency-action.h"
-#include "install.h"
-#include "list.h"
-#include "unit-name.h"
-
-typedef enum KillOperation {
- KILL_TERMINATE,
- KILL_TERMINATE_AND_LOG,
- KILL_KILL,
- KILL_ABORT,
- _KILL_OPERATION_MAX,
- _KILL_OPERATION_INVALID = -1
-} KillOperation;
-
-static inline bool UNIT_IS_ACTIVE_OR_RELOADING(UnitActiveState t) {
- return t == UNIT_ACTIVE || t == UNIT_RELOADING;
-}
-
-static inline bool UNIT_IS_ACTIVE_OR_ACTIVATING(UnitActiveState t) {
- return t == UNIT_ACTIVE || t == UNIT_ACTIVATING || t == UNIT_RELOADING;
-}
-
-static inline bool UNIT_IS_INACTIVE_OR_DEACTIVATING(UnitActiveState t) {
- return t == UNIT_INACTIVE || t == UNIT_FAILED || t == UNIT_DEACTIVATING;
-}
-
-static inline bool UNIT_IS_INACTIVE_OR_FAILED(UnitActiveState t) {
- return t == UNIT_INACTIVE || t == UNIT_FAILED;
-}
-
-#include "job.h"
-
-struct UnitRef {
- /* Keeps tracks of references to a unit. This is useful so
- * that we can merge two units if necessary and correct all
- * references to them */
-
- Unit* unit;
- LIST_FIELDS(UnitRef, refs);
-};
-
-struct Unit {
- Manager *manager;
-
- UnitType type;
- UnitLoadState load_state;
- Unit *merged_into;
-
- char *id; /* One name is special because we use it for identification. Points to an entry in the names set */
- char *instance;
-
- Set *names;
- Set *dependencies[_UNIT_DEPENDENCY_MAX];
-
- char **requires_mounts_for;
-
- char *description;
- char **documentation;
-
- char *fragment_path; /* if loaded from a config file this is the primary path to it */
- char *source_path; /* if converted, the source file */
- char **dropin_paths;
-
- usec_t fragment_mtime;
- usec_t source_mtime;
- usec_t dropin_mtime;
-
- /* If this is a transient unit we are currently writing, this is where we are writing it to */
- FILE *transient_file;
-
- /* If there is something to do with this unit, then this is the installed job for it */
- Job *job;
-
- /* JOB_NOP jobs are special and can be installed without disturbing the real job. */
- Job *nop_job;
-
- /* The slot used for watching NameOwnerChanged signals */
- sd_bus_slot *match_bus_slot;
-
- /* References to this unit from clients */
- sd_bus_track *bus_track;
- char **deserialized_refs;
-
- /* Job timeout and action to take */
- usec_t job_timeout;
- EmergencyAction job_timeout_action;
- char *job_timeout_reboot_arg;
-
- /* References to this */
- LIST_HEAD(UnitRef, refs);
-
- /* Conditions to check */
- LIST_HEAD(Condition, conditions);
- LIST_HEAD(Condition, asserts);
-
- dual_timestamp condition_timestamp;
- dual_timestamp assert_timestamp;
-
- /* Updated whenever the low-level state changes */
- dual_timestamp state_change_timestamp;
-
- /* Updated whenever the (high-level) active state enters or leaves the active or inactive states */
- dual_timestamp inactive_exit_timestamp;
- dual_timestamp active_enter_timestamp;
- dual_timestamp active_exit_timestamp;
- dual_timestamp inactive_enter_timestamp;
-
- UnitRef slice;
-
- /* Per type list */
- LIST_FIELDS(Unit, units_by_type);
-
- /* All units which have requires_mounts_for set */
- LIST_FIELDS(Unit, has_requires_mounts_for);
-
- /* Load queue */
- LIST_FIELDS(Unit, load_queue);
-
- /* D-Bus queue */
- LIST_FIELDS(Unit, dbus_queue);
-
- /* Cleanup queue */
- LIST_FIELDS(Unit, cleanup_queue);
-
- /* GC queue */
- LIST_FIELDS(Unit, gc_queue);
-
- /* CGroup realize members queue */
- LIST_FIELDS(Unit, cgroup_queue);
-
- /* Units with the same CGroup netclass */
- LIST_FIELDS(Unit, cgroup_netclass);
-
- /* PIDs we keep an eye on. Note that a unit might have many
- * more, but these are the ones we care enough about to
- * process SIGCHLD for */
- Set *pids;
-
- /* Used in sigchld event invocation to avoid repeat events being invoked */
- uint64_t sigchldgen;
-
- /* Used during GC sweeps */
- unsigned gc_marker;
-
- /* Error code when we didn't manage to load the unit (negative) */
- int load_error;
-
- /* Put a ratelimit on unit starting */
- RateLimit start_limit;
- EmergencyAction start_limit_action;
- char *reboot_arg;
-
- /* Make sure we never enter endless loops with the check unneeded logic, or the BindsTo= logic */
- RateLimit auto_stop_ratelimit;
-
- /* Reference to a specific UID/GID */
- uid_t ref_uid;
- gid_t ref_gid;
-
- /* Cached unit file state and preset */
- UnitFileState unit_file_state;
- int unit_file_preset;
-
- /* Where the cpu.stat or cpuacct.usage was at the time the unit was started */
- nsec_t cpu_usage_base;
- nsec_t cpu_usage_last; /* the most recently read value */
-
- /* Counterparts in the cgroup filesystem */
- char *cgroup_path;
- CGroupMask cgroup_realized_mask;
- CGroupMask cgroup_enabled_mask;
- CGroupMask cgroup_subtree_mask;
- CGroupMask cgroup_members_mask;
- int cgroup_inotify_wd;
-
- /* How to start OnFailure units */
- JobMode on_failure_job_mode;
-
- /* The current invocation ID */
- sd_id128_t invocation_id;
- char invocation_id_string[SD_ID128_STRING_MAX]; /* useful when logging */
-
- /* Garbage collect us we nobody wants or requires us anymore */
- bool stop_when_unneeded;
-
- /* Create default dependencies */
- bool default_dependencies;
-
- /* Refuse manual starting, allow starting only indirectly via dependency. */
- bool refuse_manual_start;
-
- /* Don't allow the user to stop this unit manually, allow stopping only indirectly via dependency. */
- bool refuse_manual_stop;
-
- /* Allow isolation requests */
- bool allow_isolate;
-
- /* Ignore this unit when isolating */
- bool ignore_on_isolate;
-
- /* Did the last condition check succeed? */
- bool condition_result;
- bool assert_result;
-
- /* Is this a transient unit? */
- bool transient;
-
- /* Is this a unit that is always running and cannot be stopped? */
- bool perpetual;
-
- bool in_load_queue:1;
- bool in_dbus_queue:1;
- bool in_cleanup_queue:1;
- bool in_gc_queue:1;
- bool in_cgroup_queue:1;
-
- bool sent_dbus_new_signal:1;
-
- bool in_audit:1;
-
- bool cgroup_realized:1;
- bool cgroup_members_mask_valid:1;
- bool cgroup_subtree_mask_valid:1;
-
- bool start_limit_hit:1;
-
- /* Did we already invoke unit_coldplug() for this unit? */
- bool coldplugged:1;
-
- /* For transient units: whether to add a bus track reference after creating the unit */
- bool bus_track_add:1;
-};
-
-struct UnitStatusMessageFormats {
- const char *starting_stopping[2];
- const char *finished_start_job[_JOB_RESULT_MAX];
- const char *finished_stop_job[_JOB_RESULT_MAX];
-};
-
-typedef enum UnitSetPropertiesMode {
- UNIT_CHECK = 0,
- UNIT_RUNTIME = 1,
- UNIT_PERSISTENT = 2,
-} UnitSetPropertiesMode;
-
-#include "automount.h"
-#include "busname.h"
-#include "device.h"
-#include "path.h"
-#include "scope.h"
-#include "slice.h"
-#include "socket.h"
-#include "swap.h"
-#include "target.h"
-#include "timer.h"
-
-struct UnitVTable {
- /* How much memory does an object of this unit type need */
- size_t object_size;
-
- /* If greater than 0, the offset into the object where
- * ExecContext is found, if the unit type has that */
- size_t exec_context_offset;
-
- /* If greater than 0, the offset into the object where
- * CGroupContext is found, if the unit type has that */
- size_t cgroup_context_offset;
-
- /* If greater than 0, the offset into the object where
- * KillContext is found, if the unit type has that */
- size_t kill_context_offset;
-
- /* If greater than 0, the offset into the object where the
- * pointer to ExecRuntime is found, if the unit type has
- * that */
- size_t exec_runtime_offset;
-
- /* If greater than 0, the offset into the object where the pointer to DynamicCreds is found, if the unit type
- * has that. */
- size_t dynamic_creds_offset;
-
- /* The name of the configuration file section with the private settings of this unit */
- const char *private_section;
-
- /* Config file sections this unit type understands, separated
- * by NUL chars */
- const char *sections;
-
- /* This should reset all type-specific variables. This should
- * not allocate memory, and is called with zero-initialized
- * data. It should hence only initialize variables that need
- * to be set != 0. */
- void (*init)(Unit *u);
-
- /* This should free all type-specific variables. It should be
- * idempotent. */
- void (*done)(Unit *u);
-
- /* Actually load data from disk. This may fail, and should set
- * load_state to UNIT_LOADED, UNIT_MERGED or leave it at
- * UNIT_STUB if no configuration could be found. */
- int (*load)(Unit *u);
-
- /* If a lot of units got created via enumerate(), this is
- * where to actually set the state and call unit_notify(). */
- int (*coldplug)(Unit *u);
-
- void (*dump)(Unit *u, FILE *f, const char *prefix);
-
- int (*start)(Unit *u);
- int (*stop)(Unit *u);
- int (*reload)(Unit *u);
-
- int (*kill)(Unit *u, KillWho w, int signo, sd_bus_error *error);
-
- bool (*can_reload)(Unit *u);
-
- /* Write all data that cannot be restored from other sources
- * away using unit_serialize_item() */
- int (*serialize)(Unit *u, FILE *f, FDSet *fds);
-
- /* Restore one item from the serialization */
- int (*deserialize_item)(Unit *u, const char *key, const char *data, FDSet *fds);
-
- /* Try to match up fds with what we need for this unit */
- void (*distribute_fds)(Unit *u, FDSet *fds);
-
- /* Boils down the more complex internal state of this unit to
- * a simpler one that the engine can understand */
- UnitActiveState (*active_state)(Unit *u);
-
- /* Returns the substate specific to this unit type as
- * string. This is purely information so that we can give the
- * user a more fine grained explanation in which actual state a
- * unit is in. */
- const char* (*sub_state_to_string)(Unit *u);
-
- /* Return true when there is reason to keep this entry around
- * even nothing references it and it isn't active in any
- * way */
- bool (*check_gc)(Unit *u);
-
- /* When the unit is not running and no job for it queued we
- * shall release its runtime resources */
- void (*release_resources)(Unit *u, bool inactive);
-
- /* Invoked on every child that died */
- void (*sigchld_event)(Unit *u, pid_t pid, int code, int status);
-
- /* Reset failed state if we are in failed state */
- void (*reset_failed)(Unit *u);
-
- /* Called whenever any of the cgroups this unit watches for
- * ran empty */
- void (*notify_cgroup_empty)(Unit *u);
-
- /* Called whenever a process of this unit sends us a message */
- void (*notify_message)(Unit *u, pid_t pid, char **tags, FDSet *fds);
-
- /* Called whenever a name this Unit registered for comes or goes away. */
- void (*bus_name_owner_change)(Unit *u, const char *name, const char *old_owner, const char *new_owner);
-
- /* Called for each property that is being set */
- int (*bus_set_property)(Unit *u, const char *name, sd_bus_message *message, UnitSetPropertiesMode mode, sd_bus_error *error);
-
- /* Called after at least one property got changed to apply the necessary change */
- int (*bus_commit_properties)(Unit *u);
-
- /* Return the unit this unit is following */
- Unit *(*following)(Unit *u);
-
- /* Return the set of units that are following each other */
- int (*following_set)(Unit *u, Set **s);
-
- /* Invoked each time a unit this unit is triggering changes
- * state or gains/loses a job */
- void (*trigger_notify)(Unit *u, Unit *trigger);
-
- /* Called whenever CLOCK_REALTIME made a jump */
- void (*time_change)(Unit *u);
-
- /* Returns the next timeout of a unit */
- int (*get_timeout)(Unit *u, usec_t *timeout);
-
- /* Returns the main PID if there is any defined, or 0. */
- pid_t (*main_pid)(Unit *u);
-
- /* Returns the main PID if there is any defined, or 0. */
- pid_t (*control_pid)(Unit *u);
-
- /* This is called for each unit type and should be used to
- * enumerate existing devices and load them. However,
- * everything that is loaded here should still stay in
- * inactive state. It is the job of the coldplug() call above
- * to put the units into the initial state. */
- void (*enumerate)(Manager *m);
-
- /* Type specific cleanups. */
- void (*shutdown)(Manager *m);
-
- /* If this function is set and return false all jobs for units
- * of this type will immediately fail. */
- bool (*supported)(void);
-
- /* The bus vtable */
- const sd_bus_vtable *bus_vtable;
-
- /* The strings to print in status messages */
- UnitStatusMessageFormats status_message_formats;
-
- /* True if transient units of this type are OK */
- bool can_transient:1;
-};
-
-extern const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX];
-
-#define UNIT_VTABLE(u) unit_vtable[(u)->type]
-
-/* For casting a unit into the various unit types */
-#define DEFINE_CAST(UPPERCASE, MixedCase) \
- static inline MixedCase* UPPERCASE(Unit *u) { \
- if (_unlikely_(!u || u->type != UNIT_##UPPERCASE)) \
- return NULL; \
- \
- return (MixedCase*) u; \
- }
-
-/* For casting the various unit types into a unit */
-#define UNIT(u) (&(u)->meta)
-
-#define UNIT_HAS_EXEC_CONTEXT(u) (UNIT_VTABLE(u)->exec_context_offset > 0)
-#define UNIT_HAS_CGROUP_CONTEXT(u) (UNIT_VTABLE(u)->cgroup_context_offset > 0)
-#define UNIT_HAS_KILL_CONTEXT(u) (UNIT_VTABLE(u)->kill_context_offset > 0)
-
-#define UNIT_TRIGGER(u) ((Unit*) set_first((u)->dependencies[UNIT_TRIGGERS]))
-
-DEFINE_CAST(SERVICE, Service);
-DEFINE_CAST(SOCKET, Socket);
-DEFINE_CAST(BUSNAME, BusName);
-DEFINE_CAST(TARGET, Target);
-DEFINE_CAST(DEVICE, Device);
-DEFINE_CAST(MOUNT, Mount);
-DEFINE_CAST(AUTOMOUNT, Automount);
-DEFINE_CAST(SWAP, Swap);
-DEFINE_CAST(TIMER, Timer);
-DEFINE_CAST(PATH, Path);
-DEFINE_CAST(SLICE, Slice);
-DEFINE_CAST(SCOPE, Scope);
-
-Unit *unit_new(Manager *m, size_t size);
-void unit_free(Unit *u);
-
-int unit_new_for_name(Manager *m, size_t size, const char *name, Unit **ret);
-int unit_add_name(Unit *u, const char *name);
-
-int unit_add_dependency(Unit *u, UnitDependency d, Unit *other, bool add_reference);
-int unit_add_two_dependencies(Unit *u, UnitDependency d, UnitDependency e, Unit *other, bool add_reference);
-
-int unit_add_dependency_by_name(Unit *u, UnitDependency d, const char *name, const char *filename, bool add_reference);
-int unit_add_two_dependencies_by_name(Unit *u, UnitDependency d, UnitDependency e, const char *name, const char *path, bool add_reference);
-
-int unit_add_exec_dependencies(Unit *u, ExecContext *c);
-
-int unit_choose_id(Unit *u, const char *name);
-int unit_set_description(Unit *u, const char *description);
-
-bool unit_check_gc(Unit *u);
-
-void unit_add_to_load_queue(Unit *u);
-void unit_add_to_dbus_queue(Unit *u);
-void unit_add_to_cleanup_queue(Unit *u);
-void unit_add_to_gc_queue(Unit *u);
-
-int unit_merge(Unit *u, Unit *other);
-int unit_merge_by_name(Unit *u, const char *other);
-
-Unit *unit_follow_merge(Unit *u) _pure_;
-
-int unit_load_fragment_and_dropin(Unit *u);
-int unit_load_fragment_and_dropin_optional(Unit *u);
-int unit_load(Unit *unit);
-
-int unit_set_slice(Unit *u, Unit *slice);
-int unit_set_default_slice(Unit *u);
-
-const char *unit_description(Unit *u) _pure_;
-
-bool unit_has_name(Unit *u, const char *name);
-
-UnitActiveState unit_active_state(Unit *u);
-
-const char* unit_sub_state_to_string(Unit *u);
-
-void unit_dump(Unit *u, FILE *f, const char *prefix);
-
-bool unit_can_reload(Unit *u) _pure_;
-bool unit_can_start(Unit *u) _pure_;
-bool unit_can_stop(Unit *u) _pure_;
-bool unit_can_isolate(Unit *u) _pure_;
-
-int unit_start(Unit *u);
-int unit_stop(Unit *u);
-int unit_reload(Unit *u);
-
-int unit_kill(Unit *u, KillWho w, int signo, sd_bus_error *error);
-int unit_kill_common(Unit *u, KillWho who, int signo, pid_t main_pid, pid_t control_pid, sd_bus_error *error);
-
-void unit_notify(Unit *u, UnitActiveState os, UnitActiveState ns, bool reload_success);
-
-int unit_watch_pid(Unit *u, pid_t pid);
-void unit_unwatch_pid(Unit *u, pid_t pid);
-void unit_unwatch_all_pids(Unit *u);
-
-void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2);
-
-int unit_install_bus_match(Unit *u, sd_bus *bus, const char *name);
-int unit_watch_bus_name(Unit *u, const char *name);
-void unit_unwatch_bus_name(Unit *u, const char *name);
-
-bool unit_job_is_applicable(Unit *u, JobType j);
-
-int set_unit_path(const char *p);
-
-char *unit_dbus_path(Unit *u);
-char *unit_dbus_path_invocation_id(Unit *u);
-
-int unit_load_related_unit(Unit *u, const char *type, Unit **_found);
-
-bool unit_can_serialize(Unit *u) _pure_;
-
-int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs);
-int unit_deserialize(Unit *u, FILE *f, FDSet *fds);
-
-int unit_serialize_item(Unit *u, FILE *f, const char *key, const char *value);
-int unit_serialize_item_escaped(Unit *u, FILE *f, const char *key, const char *value);
-int unit_serialize_item_fd(Unit *u, FILE *f, FDSet *fds, const char *key, int fd);
-void unit_serialize_item_format(Unit *u, FILE *f, const char *key, const char *value, ...) _printf_(4,5);
-
-int unit_add_node_link(Unit *u, const char *what, bool wants, UnitDependency d);
-
-int unit_coldplug(Unit *u);
-
-void unit_status_printf(Unit *u, const char *status, const char *unit_status_msg_format) _printf_(3, 0);
-void unit_status_emit_starting_stopping_reloading(Unit *u, JobType t);
-
-bool unit_need_daemon_reload(Unit *u);
-
-void unit_reset_failed(Unit *u);
-
-Unit *unit_following(Unit *u);
-int unit_following_set(Unit *u, Set **s);
-
-const char *unit_slice_name(Unit *u);
-
-bool unit_stop_pending(Unit *u) _pure_;
-bool unit_inactive_or_pending(Unit *u) _pure_;
-bool unit_active_or_pending(Unit *u);
-
-int unit_add_default_target_dependency(Unit *u, Unit *target);
-
-void unit_start_on_failure(Unit *u);
-void unit_trigger_notify(Unit *u);
-
-UnitFileState unit_get_unit_file_state(Unit *u);
-int unit_get_unit_file_preset(Unit *u);
-
-Unit* unit_ref_set(UnitRef *ref, Unit *u);
-void unit_ref_unset(UnitRef *ref);
-
-#define UNIT_DEREF(ref) ((ref).unit)
-#define UNIT_ISSET(ref) (!!(ref).unit)
-
-int unit_patch_contexts(Unit *u);
-
-ExecContext *unit_get_exec_context(Unit *u) _pure_;
-KillContext *unit_get_kill_context(Unit *u) _pure_;
-CGroupContext *unit_get_cgroup_context(Unit *u) _pure_;
-
-ExecRuntime *unit_get_exec_runtime(Unit *u) _pure_;
-
-int unit_setup_exec_runtime(Unit *u);
-int unit_setup_dynamic_creds(Unit *u);
-
-int unit_write_drop_in(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *data);
-int unit_write_drop_in_format(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *format, ...) _printf_(4,5);
-
-int unit_write_drop_in_private(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *data);
-int unit_write_drop_in_private_format(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *format, ...) _printf_(4,5);
-
-int unit_kill_context(Unit *u, KillContext *c, KillOperation k, pid_t main_pid, pid_t control_pid, bool main_pid_alien);
-
-int unit_make_transient(Unit *u);
-
-int unit_require_mounts_for(Unit *u, const char *path);
-
-bool unit_type_supported(UnitType t);
-
-bool unit_is_pristine(Unit *u);
-
-pid_t unit_control_pid(Unit *u);
-pid_t unit_main_pid(Unit *u);
-
-static inline bool unit_supported(Unit *u) {
- return unit_type_supported(u->type);
-}
-
-void unit_warn_if_dir_nonempty(Unit *u, const char* where);
-int unit_fail_if_symlink(Unit *u, const char* where);
-
-int unit_start_limit_test(Unit *u);
-
-void unit_unref_uid(Unit *u, bool destroy_now);
-int unit_ref_uid(Unit *u, uid_t uid, bool clean_ipc);
-
-void unit_unref_gid(Unit *u, bool destroy_now);
-int unit_ref_gid(Unit *u, gid_t gid, bool clean_ipc);
-
-int unit_ref_uid_gid(Unit *u, uid_t uid, gid_t gid);
-void unit_unref_uid_gid(Unit *u, bool destroy_now);
-
-void unit_notify_user_lookup(Unit *u, uid_t uid, gid_t gid);
-
-int unit_set_invocation_id(Unit *u, sd_id128_t id);
-int unit_acquire_invocation_id(Unit *u);
-
-/* Macros which append UNIT= or USER_UNIT= to the message */
-
-#define log_unit_full(unit, level, error, ...) \
- ({ \
- const Unit *_u = (unit); \
- _u ? log_object_internal(level, error, __FILE__, __LINE__, __func__, _u->manager->unit_log_field, _u->id, _u->manager->invocation_log_field, _u->invocation_id_string, ##__VA_ARGS__) : \
- log_internal(level, error, __FILE__, __LINE__, __func__, ##__VA_ARGS__); \
- })
-
-#define log_unit_debug(unit, ...) log_unit_full(unit, LOG_DEBUG, 0, ##__VA_ARGS__)
-#define log_unit_info(unit, ...) log_unit_full(unit, LOG_INFO, 0, ##__VA_ARGS__)
-#define log_unit_notice(unit, ...) log_unit_full(unit, LOG_NOTICE, 0, ##__VA_ARGS__)
-#define log_unit_warning(unit, ...) log_unit_full(unit, LOG_WARNING, 0, ##__VA_ARGS__)
-#define log_unit_error(unit, ...) log_unit_full(unit, LOG_ERR, 0, ##__VA_ARGS__)
-
-#define log_unit_debug_errno(unit, error, ...) log_unit_full(unit, LOG_DEBUG, error, ##__VA_ARGS__)
-#define log_unit_info_errno(unit, error, ...) log_unit_full(unit, LOG_INFO, error, ##__VA_ARGS__)
-#define log_unit_notice_errno(unit, error, ...) log_unit_full(unit, LOG_NOTICE, error, ##__VA_ARGS__)
-#define log_unit_warning_errno(unit, error, ...) log_unit_full(unit, LOG_WARNING, error, ##__VA_ARGS__)
-#define log_unit_error_errno(unit, error, ...) log_unit_full(unit, LOG_ERR, error, ##__VA_ARGS__)
-
-#define LOG_UNIT_MESSAGE(unit, fmt, ...) "MESSAGE=%s: " fmt, (unit)->id, ##__VA_ARGS__
-#define LOG_UNIT_ID(unit) (unit)->manager->unit_log_format_string, (unit)->id
diff --git a/src/core/user.conf b/src/core/user.conf
deleted file mode 100644
index b427f1ef6d..0000000000
--- a/src/core/user.conf
+++ /dev/null
@@ -1,44 +0,0 @@
-# This file is part of systemd.
-#
-# systemd is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or
-# (at your option) any later version.
-#
-# You can override the directives in this file by creating files in
-# /etc/systemd/user.conf.d/*.conf.
-#
-# See systemd-user.conf(5) for details
-
-[Manager]
-#LogLevel=info
-#LogTarget=console
-#LogColor=yes
-#LogLocation=no
-#SystemCallArchitectures=
-#TimerSlackNSec=
-#DefaultTimerAccuracySec=1min
-#DefaultStandardOutput=inherit
-#DefaultStandardError=inherit
-#DefaultTimeoutStartSec=90s
-#DefaultTimeoutStopSec=90s
-#DefaultRestartSec=100ms
-#DefaultStartLimitIntervalSec=10s
-#DefaultStartLimitBurst=5
-#DefaultEnvironment=
-#DefaultLimitCPU=
-#DefaultLimitFSIZE=
-#DefaultLimitDATA=
-#DefaultLimitSTACK=
-#DefaultLimitCORE=
-#DefaultLimitRSS=
-#DefaultLimitNOFILE=
-#DefaultLimitAS=
-#DefaultLimitNPROC=
-#DefaultLimitMEMLOCK=
-#DefaultLimitLOCKS=
-#DefaultLimitSIGPENDING=
-#DefaultLimitMSGQUEUE=
-#DefaultLimitNICE=
-#DefaultLimitRTPRIO=
-#DefaultLimitRTTIME=