1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include <sys/epoll.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
32 #include <sys/xattr.h>
36 #include "load-dropin.h"
37 #include "load-fragment.h"
40 #include "path-util.h"
41 #include "unit-name.h"
42 #include "unit-printf.h"
46 #include "exit-status.h"
48 #include "smack-util.h"
50 #include "bus-error.h"
51 #include "dbus-socket.h"
55 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
68 [SOCKET_FAILED] = UNIT_FAILED
71 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74 static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
78 assert(u->load_state == UNIT_STUB);
80 s->backlog = SOMAXCONN;
81 s->timeout_usec = u->manager->default_timeout_start_usec;
82 s->directory_mode = 0755;
83 s->socket_mode = 0666;
85 s->max_connections = 64;
92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
98 static void socket_unwatch_control_pid(Socket *s) {
101 if (s->control_pid <= 0)
104 unit_unwatch_pid(UNIT(s), s->control_pid);
108 void socket_free_ports(Socket *s) {
113 while ((p = s->ports)) {
114 LIST_REMOVE(port, s->ports, p);
116 sd_event_source_unref(p->event_source);
124 static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
129 socket_free_ports(s);
131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
133 s->control_command = NULL;
135 socket_unwatch_control_pid(s);
137 unit_ref_unset(&s->service);
139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
142 free(s->bind_to_device);
143 s->bind_to_device = NULL;
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
149 strv_free(s->symlinks);
154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
157 static int socket_arm_timer(Socket *s) {
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
183 static int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL;
185 _cleanup_free_ char *name = NULL;
191 /* This fills in s->service if it isn't filled in yet. For
192 * Accept=yes sockets we create the next connection service
193 * here. For Accept=no this is mostly a NOP since the service
194 * is figured out at load time anyway. */
196 if (UNIT_DEREF(s->service))
201 prefix = unit_name_to_prefix(UNIT(s)->id);
205 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
208 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
213 unit_ref_set(&s->service, u);
215 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
218 static bool have_non_accept_socket(Socket *s) {
226 LIST_FOREACH(port, p, s->ports) {
228 if (p->type != SOCKET_SOCKET)
231 if (!socket_address_can_accept(&p->address))
238 static int socket_add_mount_links(Socket *s) {
244 LIST_FOREACH(port, p, s->ports) {
245 const char *path = NULL;
247 if (p->type == SOCKET_SOCKET)
248 path = socket_address_get_path(&p->address);
249 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
255 r = unit_require_mounts_for(UNIT(s), path);
263 static int socket_add_device_link(Socket *s) {
268 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
271 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
272 return unit_add_node_link(UNIT(s), t, false);
275 static int socket_add_default_dependencies(Socket *s) {
279 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
283 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
284 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
289 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
292 _pure_ static bool socket_has_exec(Socket *s) {
296 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
297 if (s->exec_command[i])
303 static int socket_add_extras(Socket *s) {
309 if (have_non_accept_socket(s)) {
311 if (!UNIT_DEREF(s->service)) {
314 r = unit_load_related_unit(u, ".service", &x);
318 unit_ref_set(&s->service, x);
321 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
326 r = socket_add_mount_links(s);
330 r = socket_add_device_link(s);
334 r = unit_patch_contexts(u);
338 if (socket_has_exec(s)) {
339 r = unit_add_exec_dependencies(u, &s->exec_context);
343 r = unit_add_default_slice(u, &s->cgroup_context);
348 if (u->default_dependencies) {
349 r = socket_add_default_dependencies(s);
357 static const char *socket_find_symlink_target(Socket *s) {
358 const char *found = NULL;
361 LIST_FOREACH(port, p, s->ports) {
362 const char *f = NULL;
371 if (p->address.sockaddr.un.sun_path[0] != 0)
372 f = p->address.sockaddr.un.sun_path;
390 static int socket_verify(Socket *s) {
393 if (UNIT(s)->load_state != UNIT_LOADED)
397 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
401 if (s->accept && have_non_accept_socket(s)) {
402 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
407 if (s->accept && s->max_connections <= 0) {
408 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
412 if (s->accept && UNIT_DEREF(s->service)) {
413 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
417 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
418 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
422 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
423 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
430 static int socket_load(Unit *u) {
431 Socket *s = SOCKET(u);
435 assert(u->load_state == UNIT_STUB);
437 r = unit_load_fragment_and_dropin(u);
441 if (u->load_state == UNIT_LOADED) {
442 /* This is a new unit? Then let's add in some extras */
443 r = socket_add_extras(s);
448 return socket_verify(s);
451 _const_ static const char* listen_lookup(int family, int type) {
453 if (family == AF_NETLINK)
454 return "ListenNetlink";
456 if (type == SOCK_STREAM)
457 return "ListenStream";
458 else if (type == SOCK_DGRAM)
459 return "ListenDatagram";
460 else if (type == SOCK_SEQPACKET)
461 return "ListenSequentialPacket";
463 assert_not_reached("Unknown socket type");
467 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
469 Socket *s = SOCKET(u);
476 prefix2 = strappenda(prefix, "\t");
479 "%sSocket State: %s\n"
481 "%sBindIPv6Only: %s\n"
483 "%sSocketMode: %04o\n"
484 "%sDirectoryMode: %04o\n"
487 "%sTransparent: %s\n"
489 "%sPassCredentials: %s\n"
490 "%sPassSecurity: %s\n"
491 "%sTCPCongestion: %s\n"
492 "%sRemoveOnStop: %s\n",
493 prefix, socket_state_to_string(s->state),
494 prefix, socket_result_to_string(s->result),
495 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
497 prefix, s->socket_mode,
498 prefix, s->directory_mode,
499 prefix, yes_no(s->keep_alive),
500 prefix, yes_no(s->free_bind),
501 prefix, yes_no(s->transparent),
502 prefix, yes_no(s->broadcast),
503 prefix, yes_no(s->pass_cred),
504 prefix, yes_no(s->pass_sec),
505 prefix, strna(s->tcp_congestion),
506 prefix, yes_no(s->remove_on_stop));
508 if (s->control_pid > 0)
510 "%sControl PID: "PID_FMT"\n",
511 prefix, s->control_pid);
513 if (s->bind_to_device)
515 "%sBindToDevice: %s\n",
516 prefix, s->bind_to_device);
521 "%sNConnections: %u\n"
522 "%sMaxConnections: %u\n",
523 prefix, s->n_accepted,
524 prefix, s->n_connections,
525 prefix, s->max_connections);
527 if (s->priority >= 0)
530 prefix, s->priority);
532 if (s->receive_buffer > 0)
534 "%sReceiveBuffer: %zu\n",
535 prefix, s->receive_buffer);
537 if (s->send_buffer > 0)
539 "%sSendBuffer: %zu\n",
540 prefix, s->send_buffer);
552 if (s->pipe_size > 0)
555 prefix, s->pipe_size);
562 if (s->mq_maxmsg > 0)
564 "%sMessageQueueMaxMessages: %li\n",
565 prefix, s->mq_maxmsg);
567 if (s->mq_msgsize > 0)
569 "%sMessageQueueMessageSize: %li\n",
570 prefix, s->mq_msgsize);
575 prefix, yes_no(s->reuse_port));
579 "%sSmackLabel: %s\n",
584 "%sSmackLabelIPIn: %s\n",
585 prefix, s->smack_ip_in);
589 "%sSmackLabelIPOut: %s\n",
590 prefix, s->smack_ip_out);
592 if (!isempty(s->user) || !isempty(s->group))
595 "%sOwnerGroup: %s\n",
596 prefix, strna(s->user),
597 prefix, strna(s->group));
599 LIST_FOREACH(port, p, s->ports) {
601 if (p->type == SOCKET_SOCKET) {
606 if ((r = socket_address_print(&p->address, &k)) < 0)
611 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
613 } else if (p->type == SOCKET_SPECIAL)
614 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
615 else if (p->type == SOCKET_MQUEUE)
616 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
618 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
621 exec_context_dump(&s->exec_context, f, prefix);
622 kill_context_dump(&s->kill_context, f, prefix);
624 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
625 if (!s->exec_command[c])
628 fprintf(f, "%s-> %s:\n",
629 prefix, socket_exec_command_to_string(c));
631 exec_command_dump_list(s->exec_command[c], f, prefix2);
635 static int instance_from_socket(int fd, unsigned nr, char **instance) {
638 union sockaddr_union local, remote;
644 if (getsockname(fd, &local.sa, &l) < 0)
648 if (getpeername(fd, &remote.sa, &l) < 0)
651 switch (local.sa.sa_family) {
655 a = ntohl(local.in.sin_addr.s_addr),
656 b = ntohl(remote.in.sin_addr.s_addr);
659 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
661 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
662 ntohs(local.in.sin_port),
663 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
664 ntohs(remote.in.sin_port)) < 0)
671 static const unsigned char ipv4_prefix[] = {
672 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
675 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
676 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
678 *a = local.in6.sin6_addr.s6_addr+12,
679 *b = remote.in6.sin6_addr.s6_addr+12;
682 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
684 a[0], a[1], a[2], a[3],
685 ntohs(local.in6.sin6_port),
686 b[0], b[1], b[2], b[3],
687 ntohs(remote.in6.sin6_port)) < 0)
690 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
695 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
696 ntohs(local.in6.sin6_port),
697 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
698 ntohs(remote.in6.sin6_port)) < 0)
709 k = getpeercred(fd, &ucred);
712 "%u-"PID_FMT"-"UID_FMT,
713 nr, ucred.pid, ucred.uid) < 0)
715 } else if (k == -ENODATA) {
716 /* This handles the case where somebody is
717 * connecting from another pid/uid namespace
718 * (e.g. from outside of our container). */
730 assert_not_reached("Unhandled socket type.");
737 static void socket_close_fds(Socket *s) {
743 LIST_FOREACH(port, p, s->ports) {
745 p->event_source = sd_event_source_unref(p->event_source);
750 p->fd = safe_close(p->fd);
752 /* One little note: we should normally not delete any
753 * sockets in the file system here! After all some
754 * other process we spawned might still have a
755 * reference of this fd and wants to continue to use
756 * it. Therefore we delete sockets in the file system
757 * before we create a new one, not after we stopped
760 if (s->remove_on_stop) {
772 socket_address_unlink(&p->address);
781 if (s->remove_on_stop)
782 STRV_FOREACH(i, s->symlinks)
786 static void socket_apply_socket_options(Socket *s, int fd) {
791 int b = s->keep_alive;
792 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
793 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
798 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
799 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
804 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
805 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
810 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
811 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
814 if (s->priority >= 0)
815 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
816 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
818 if (s->receive_buffer > 0) {
819 int value = (int) s->receive_buffer;
821 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
823 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
824 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
825 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
828 if (s->send_buffer > 0) {
829 int value = (int) s->send_buffer;
830 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
831 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
832 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
836 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
837 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
840 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
841 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
843 if (s->ip_ttl >= 0) {
846 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
848 if (socket_ipv6_is_supported())
849 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
852 errno = EAFNOSUPPORT;
856 log_warning_unit(UNIT(s)->id,
857 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
860 if (s->tcp_congestion)
861 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
862 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
865 int b = s->reuse_port;
866 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
867 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
871 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
872 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
875 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
876 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
879 static void socket_apply_fifo_options(Socket *s, int fd) {
883 if (s->pipe_size > 0)
884 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
885 log_warning_unit(UNIT(s)->id,
889 if (smack_label_fd(fd, s->smack) < 0)
890 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
893 static int fifo_address_create(
895 mode_t directory_mode,
906 mkdir_parents_label(path, directory_mode);
908 r = label_context_set(path, S_IFIFO);
912 /* Enforce the right access mode for the fifo */
913 old_mask = umask(~ socket_mode);
915 /* Include the original umask in our mask */
916 umask(~socket_mode | old_mask);
918 r = mkfifo(path, socket_mode);
921 if (r < 0 && errno != EEXIST) {
926 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
931 label_context_clear();
933 if (fstat(fd, &st) < 0) {
938 if (!S_ISFIFO(st.st_mode) ||
939 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
940 st.st_uid != getuid() ||
941 st.st_gid != getgid()) {
951 label_context_clear();
957 static int special_address_create(
967 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
973 if (fstat(fd, &st) < 0) {
978 /* Check whether this is a /proc, /sys or /dev file or char device */
979 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
993 static int mq_address_create(
1003 struct mq_attr _attr, *attr = NULL;
1008 if (maxmsg > 0 && msgsize > 0) {
1010 _attr.mq_flags = O_NONBLOCK;
1011 _attr.mq_maxmsg = maxmsg;
1012 _attr.mq_msgsize = msgsize;
1016 /* Enforce the right access mode for the mq */
1017 old_mask = umask(~ mq_mode);
1019 /* Include the original umask in our mask */
1020 umask(~mq_mode | old_mask);
1021 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1029 if (fstat(fd, &st) < 0) {
1034 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1035 st.st_uid != getuid() ||
1036 st.st_gid != getgid()) {
1050 static int socket_symlink(Socket *s) {
1056 p = socket_find_symlink_target(s);
1060 STRV_FOREACH(i, s->symlinks)
1066 static int socket_open_fds(Socket *s) {
1070 bool know_label = false;
1074 LIST_FOREACH(port, p, s->ports) {
1079 if (p->type == SOCKET_SOCKET) {
1083 r = socket_instantiate_service(s);
1087 if (UNIT_ISSET(s->service) &&
1088 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1089 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1090 if (r < 0 && r != -EPERM)
1097 r = socket_address_listen(
1099 SOCK_CLOEXEC|SOCK_NONBLOCK,
1112 socket_apply_socket_options(s, p->fd);
1115 } else if (p->type == SOCKET_SPECIAL) {
1117 r = special_address_create(
1123 } else if (p->type == SOCKET_FIFO) {
1125 r = fifo_address_create(
1133 socket_apply_fifo_options(s, p->fd);
1136 } else if (p->type == SOCKET_MQUEUE) {
1138 r = mq_address_create(
1147 assert_not_reached("Unknown port type");
1154 socket_close_fds(s);
1159 static void socket_unwatch_fds(Socket *s) {
1165 LIST_FOREACH(port, p, s->ports) {
1169 if (!p->event_source)
1172 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1174 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1178 static int socket_watch_fds(Socket *s) {
1184 LIST_FOREACH(port, p, s->ports) {
1188 if (p->event_source)
1189 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1191 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1194 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1202 socket_unwatch_fds(s);
1206 static void socket_set_state(Socket *s, SocketState state) {
1207 SocketState old_state;
1210 old_state = s->state;
1218 SOCKET_STOP_PRE_SIGTERM,
1219 SOCKET_STOP_PRE_SIGKILL,
1221 SOCKET_FINAL_SIGTERM,
1222 SOCKET_FINAL_SIGKILL)) {
1224 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1225 socket_unwatch_control_pid(s);
1226 s->control_command = NULL;
1227 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1230 if (state != SOCKET_LISTENING)
1231 socket_unwatch_fds(s);
1239 SOCKET_STOP_PRE_SIGTERM,
1240 SOCKET_STOP_PRE_SIGKILL))
1241 socket_close_fds(s);
1243 if (state != old_state)
1244 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1245 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1247 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1250 static int socket_coldplug(Unit *u) {
1251 Socket *s = SOCKET(u);
1255 assert(s->state == SOCKET_DEAD);
1257 if (s->deserialized_state == s->state)
1260 if (IN_SET(s->deserialized_state,
1265 SOCKET_STOP_PRE_SIGTERM,
1266 SOCKET_STOP_PRE_SIGKILL,
1268 SOCKET_FINAL_SIGTERM,
1269 SOCKET_FINAL_SIGKILL)) {
1271 if (s->control_pid <= 0)
1274 r = unit_watch_pid(UNIT(s), s->control_pid);
1278 r = socket_arm_timer(s);
1283 if (IN_SET(s->deserialized_state,
1289 SOCKET_STOP_PRE_SIGTERM,
1290 SOCKET_STOP_PRE_SIGKILL)) {
1291 r = socket_open_fds(s);
1296 if (s->deserialized_state == SOCKET_LISTENING) {
1297 r = socket_watch_fds(s);
1302 socket_set_state(s, s->deserialized_state);
1306 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1307 _cleanup_free_ char **argv = NULL;
1315 unit_realize_cgroup(UNIT(s));
1317 r = unit_setup_exec_runtime(UNIT(s));
1321 r = socket_arm_timer(s);
1325 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1333 UNIT(s)->manager->environment,
1337 UNIT(s)->manager->confirm_spawn,
1338 UNIT(s)->manager->cgroup_supported,
1339 UNIT(s)->cgroup_path,
1340 manager_get_runtime_prefix(UNIT(s)->manager),
1349 r = unit_watch_pid(UNIT(s), pid);
1351 /* FIXME: we need to do something here */
1358 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1362 static int socket_chown(Socket *s, pid_t *_pid) {
1366 r = socket_arm_timer(s);
1370 /* We have to resolve the user names out-of-process, hence
1371 * let's fork here. It's messy, but well, what can we do? */
1379 uid_t uid = (uid_t) -1;
1380 gid_t gid = (gid_t) -1;
1383 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1384 ignore_signals(SIGPIPE, -1);
1387 if (!isempty(s->user)) {
1388 const char *user = s->user;
1390 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1397 if (!isempty(s->group)) {
1398 const char *group = s->group;
1400 r = get_group_creds(&group, &gid);
1407 LIST_FOREACH(port, p, s->ports) {
1408 const char *path = NULL;
1410 if (p->type == SOCKET_SOCKET)
1411 path = socket_address_get_path(&p->address);
1412 else if (p->type == SOCKET_FIFO)
1418 if (chown(path, uid, gid) < 0) {
1429 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1434 r = unit_watch_pid(UNIT(s), pid);
1442 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1446 static void socket_enter_dead(Socket *s, SocketResult f) {
1449 if (f != SOCKET_SUCCESS)
1452 exec_runtime_destroy(s->exec_runtime);
1453 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1455 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1457 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1460 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1462 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1466 if (f != SOCKET_SUCCESS)
1469 socket_unwatch_control_pid(s);
1470 s->control_command_id = SOCKET_EXEC_STOP_POST;
1471 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
1473 if (s->control_command) {
1474 r = socket_spawn(s, s->control_command, &s->control_pid);
1478 socket_set_state(s, SOCKET_STOP_POST);
1480 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1485 log_warning_unit(UNIT(s)->id,
1486 "%s failed to run 'stop-post' task: %s",
1487 UNIT(s)->id, strerror(-r));
1488 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1491 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1496 if (f != SOCKET_SUCCESS)
1499 r = unit_kill_context(
1502 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1510 r = socket_arm_timer(s);
1514 socket_set_state(s, state);
1515 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1516 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1517 else if (state == SOCKET_STOP_PRE_SIGKILL)
1518 socket_enter_stop_post(s, SOCKET_SUCCESS);
1519 else if (state == SOCKET_FINAL_SIGTERM)
1520 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1522 socket_enter_dead(s, SOCKET_SUCCESS);
1527 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1529 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1530 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1532 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1535 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1539 if (f != SOCKET_SUCCESS)
1542 socket_unwatch_control_pid(s);
1543 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1544 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
1546 if (s->control_command) {
1547 r = socket_spawn(s, s->control_command, &s->control_pid);
1551 socket_set_state(s, SOCKET_STOP_PRE);
1553 socket_enter_stop_post(s, SOCKET_SUCCESS);
1558 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1559 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1562 static void socket_enter_listening(Socket *s) {
1566 r = socket_watch_fds(s);
1568 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1572 socket_set_state(s, SOCKET_LISTENING);
1576 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1579 static void socket_enter_start_post(Socket *s) {
1583 socket_unwatch_control_pid(s);
1584 s->control_command_id = SOCKET_EXEC_START_POST;
1585 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1587 if (s->control_command) {
1588 r = socket_spawn(s, s->control_command, &s->control_pid);
1590 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1594 socket_set_state(s, SOCKET_START_POST);
1596 socket_enter_listening(s);
1601 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1604 static void socket_enter_start_chown(Socket *s) {
1609 r = socket_open_fds(s);
1611 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1615 if (!isempty(s->user) || !isempty(s->group)) {
1617 socket_unwatch_control_pid(s);
1618 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1619 s->control_command = NULL;
1621 r = socket_chown(s, &s->control_pid);
1623 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
1627 socket_set_state(s, SOCKET_START_CHOWN);
1629 socket_enter_start_post(s);
1634 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1637 static void socket_enter_start_pre(Socket *s) {
1641 socket_unwatch_control_pid(s);
1642 s->control_command_id = SOCKET_EXEC_START_PRE;
1643 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
1645 if (s->control_command) {
1646 r = socket_spawn(s, s->control_command, &s->control_pid);
1648 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1652 socket_set_state(s, SOCKET_START_PRE);
1654 socket_enter_start_chown(s);
1659 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1662 static void socket_enter_running(Socket *s, int cfd) {
1663 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1668 /* We don't take connections anymore if we are supposed to
1669 * shut down anyway */
1670 if (unit_stop_pending(UNIT(s))) {
1672 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1677 /* Flush all sockets by closing and reopening them */
1678 socket_close_fds(s);
1680 r = socket_open_fds(s);
1682 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1683 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1687 r = socket_watch_fds(s);
1689 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1690 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1700 bool pending = false;
1702 /* If there's already a start pending don't bother to
1704 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1705 if (unit_active_or_pending(other)) {
1711 if (!UNIT_ISSET(s->service)) {
1712 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1717 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1722 socket_set_state(s, SOCKET_RUNNING);
1724 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1727 if (s->n_connections >= s->max_connections) {
1728 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1733 r = socket_instantiate_service(s);
1737 r = instance_from_socket(cfd, s->n_accepted, &instance);
1742 /* ENOTCONN is legitimate if TCP RST was received.
1743 * This connection is over, but the socket unit lives on. */
1748 prefix = unit_name_to_prefix(UNIT(s)->id);
1754 name = unit_name_build(prefix, instance, ".service");
1760 r = unit_add_name(UNIT_DEREF(s->service), name);
1764 service = SERVICE(UNIT_DEREF(s->service));
1765 unit_ref_unset(&s->service);
1768 UNIT(service)->no_gc = false;
1770 unit_choose_id(UNIT(service), name);
1772 r = service_set_socket_fd(service, cfd, s);
1777 s->n_connections ++;
1779 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1783 /* Notify clients about changed counters */
1784 unit_add_to_dbus_queue(UNIT(s));
1790 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1791 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1792 bus_error_message(&error, r));
1794 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1798 static void socket_run_next(Socket *s) {
1802 assert(s->control_command);
1803 assert(s->control_command->command_next);
1805 socket_unwatch_control_pid(s);
1807 s->control_command = s->control_command->command_next;
1809 r = socket_spawn(s, s->control_command, &s->control_pid);
1816 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1818 if (s->state == SOCKET_START_POST)
1819 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1820 else if (s->state == SOCKET_STOP_POST)
1821 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1823 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1826 static int socket_start(Unit *u) {
1827 Socket *s = SOCKET(u);
1831 /* We cannot fulfill this request right now, try again later
1833 if (IN_SET(s->state,
1835 SOCKET_STOP_PRE_SIGKILL,
1836 SOCKET_STOP_PRE_SIGTERM,
1838 SOCKET_FINAL_SIGTERM,
1839 SOCKET_FINAL_SIGKILL))
1842 /* Already on it! */
1843 if (IN_SET(s->state,
1849 /* Cannot run this without the service being around */
1850 if (UNIT_ISSET(s->service)) {
1853 service = SERVICE(UNIT_DEREF(s->service));
1855 if (UNIT(service)->load_state != UNIT_LOADED) {
1856 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1860 /* If the service is already active we cannot start the
1862 if (service->state != SERVICE_DEAD &&
1863 service->state != SERVICE_FAILED &&
1864 service->state != SERVICE_AUTO_RESTART) {
1865 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1870 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1872 s->result = SOCKET_SUCCESS;
1873 socket_enter_start_pre(s);
1878 static int socket_stop(Unit *u) {
1879 Socket *s = SOCKET(u);
1884 if (IN_SET(s->state,
1886 SOCKET_STOP_PRE_SIGTERM,
1887 SOCKET_STOP_PRE_SIGKILL,
1889 SOCKET_FINAL_SIGTERM,
1890 SOCKET_FINAL_SIGKILL))
1893 /* If there's already something running we go directly into
1895 if (IN_SET(s->state,
1898 SOCKET_START_POST)) {
1899 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1903 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1905 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1909 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1910 Socket *s = SOCKET(u);
1918 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1919 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1920 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1922 if (s->control_pid > 0)
1923 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
1925 if (s->control_command_id >= 0)
1926 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1928 LIST_FOREACH(port, p, s->ports) {
1934 copy = fdset_put_dup(fds, p->fd);
1938 if (p->type == SOCKET_SOCKET) {
1939 _cleanup_free_ char *t = NULL;
1941 r = socket_address_print(&p->address, &t);
1945 if (socket_address_family(&p->address) == AF_NETLINK)
1946 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1948 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1950 } else if (p->type == SOCKET_SPECIAL)
1951 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1952 else if (p->type == SOCKET_MQUEUE)
1953 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1955 assert(p->type == SOCKET_FIFO);
1956 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1963 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1964 Socket *s = SOCKET(u);
1970 if (streq(key, "state")) {
1973 state = socket_state_from_string(value);
1975 log_debug_unit(u->id, "Failed to parse state value %s", value);
1977 s->deserialized_state = state;
1978 } else if (streq(key, "result")) {
1981 f = socket_result_from_string(value);
1983 log_debug_unit(u->id, "Failed to parse result value %s", value);
1984 else if (f != SOCKET_SUCCESS)
1987 } else if (streq(key, "n-accepted")) {
1990 if (safe_atou(value, &k) < 0)
1991 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1994 } else if (streq(key, "control-pid")) {
1997 if (parse_pid(value, &pid) < 0)
1998 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
2000 s->control_pid = pid;
2001 } else if (streq(key, "control-command")) {
2002 SocketExecCommand id;
2004 id = socket_exec_command_from_string(value);
2006 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
2008 s->control_command_id = id;
2009 s->control_command = s->exec_command[id];
2011 } else if (streq(key, "fifo")) {
2015 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2016 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
2019 LIST_FOREACH(port, p, s->ports)
2020 if (p->type == SOCKET_FIFO &&
2021 streq_ptr(p->path, value+skip))
2026 p->fd = fdset_remove(fds, fd);
2030 } else if (streq(key, "special")) {
2034 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2035 log_debug_unit(u->id, "Failed to parse special value %s", value);
2038 LIST_FOREACH(port, p, s->ports)
2039 if (p->type == SOCKET_SPECIAL &&
2040 streq_ptr(p->path, value+skip))
2045 p->fd = fdset_remove(fds, fd);
2049 } else if (streq(key, "mqueue")) {
2053 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2054 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
2057 LIST_FOREACH(port, p, s->ports)
2058 if (p->type == SOCKET_MQUEUE &&
2059 streq_ptr(p->path, value+skip))
2064 p->fd = fdset_remove(fds, fd);
2068 } else if (streq(key, "socket")) {
2069 int fd, type, skip = 0;
2072 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
2073 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2076 LIST_FOREACH(port, p, s->ports)
2077 if (socket_address_is(&p->address, value+skip, type))
2082 p->fd = fdset_remove(fds, fd);
2086 } else if (streq(key, "netlink")) {
2090 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2091 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2094 LIST_FOREACH(port, p, s->ports)
2095 if (socket_address_is_netlink(&p->address, value+skip))
2100 p->fd = fdset_remove(fds, fd);
2104 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
2109 static int socket_distribute_fds(Unit *u, FDSet *fds) {
2110 Socket *s = SOCKET(u);
2115 LIST_FOREACH(port, p, s->ports) {
2119 if (p->type != SOCKET_SOCKET)
2125 FDSET_FOREACH(fd, fds, i) {
2126 if (socket_address_matches_fd(&p->address, fd)) {
2127 p->fd = fdset_remove(fds, fd);
2128 s->deserialized_state = SOCKET_LISTENING;
2137 _pure_ static UnitActiveState socket_active_state(Unit *u) {
2140 return state_translation_table[SOCKET(u)->state];
2143 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
2146 return socket_state_to_string(SOCKET(u)->state);
2149 const char* socket_port_type_to_string(SocketPort *p) {
2157 switch (p->address.type) {
2165 case SOCK_SEQPACKET:
2166 return "SequentialPacket";
2169 if (socket_address_family(&p->address) == AF_NETLINK)
2176 case SOCKET_SPECIAL:
2180 return "MessageQueue";
2190 _pure_ static bool socket_check_gc(Unit *u) {
2191 Socket *s = SOCKET(u);
2195 return s->n_connections > 0;
2198 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2199 SocketPort *p = userdata;
2205 if (p->socket->state != SOCKET_LISTENING)
2208 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2210 if (revents != EPOLLIN) {
2212 if (revents & EPOLLHUP)
2213 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2214 UNIT(p->socket)->id);
2216 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2217 UNIT(p->socket)->id, revents);
2222 if (p->socket->accept &&
2223 p->type == SOCKET_SOCKET &&
2224 socket_address_can_accept(&p->address)) {
2228 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2234 log_error_unit(UNIT(p->socket)->id,
2235 "Failed to accept socket: %m");
2242 socket_apply_socket_options(p->socket, cfd);
2245 socket_enter_running(p->socket, cfd);
2249 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2253 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2254 Socket *s = SOCKET(u);
2260 if (pid != s->control_pid)
2265 if (is_clean_exit(code, status, NULL))
2267 else if (code == CLD_EXITED)
2268 f = SOCKET_FAILURE_EXIT_CODE;
2269 else if (code == CLD_KILLED)
2270 f = SOCKET_FAILURE_SIGNAL;
2271 else if (code == CLD_DUMPED)
2272 f = SOCKET_FAILURE_CORE_DUMP;
2274 assert_not_reached("Unknown sigchld code");
2276 if (s->control_command) {
2277 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2279 if (s->control_command->ignore)
2283 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2285 "%s control process exited, code=%s status=%i",
2286 u->id, sigchld_code_to_string(code), status);
2288 if (f != SOCKET_SUCCESS)
2291 if (s->control_command &&
2292 s->control_command->command_next &&
2293 f == SOCKET_SUCCESS) {
2295 log_debug_unit(u->id,
2296 "%s running next command for state %s",
2297 u->id, socket_state_to_string(s->state));
2300 s->control_command = NULL;
2301 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2303 /* No further commands for this step, so let's figure
2304 * out what to do next */
2306 log_debug_unit(u->id,
2307 "%s got final SIGCHLD for state %s",
2308 u->id, socket_state_to_string(s->state));
2312 case SOCKET_START_PRE:
2313 if (f == SOCKET_SUCCESS)
2314 socket_enter_start_chown(s);
2316 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2319 case SOCKET_START_CHOWN:
2320 if (f == SOCKET_SUCCESS)
2321 socket_enter_start_post(s);
2323 socket_enter_stop_pre(s, f);
2326 case SOCKET_START_POST:
2327 if (f == SOCKET_SUCCESS)
2328 socket_enter_listening(s);
2330 socket_enter_stop_pre(s, f);
2333 case SOCKET_STOP_PRE:
2334 case SOCKET_STOP_PRE_SIGTERM:
2335 case SOCKET_STOP_PRE_SIGKILL:
2336 socket_enter_stop_post(s, f);
2339 case SOCKET_STOP_POST:
2340 case SOCKET_FINAL_SIGTERM:
2341 case SOCKET_FINAL_SIGKILL:
2342 socket_enter_dead(s, f);
2346 assert_not_reached("Uh, control process died at wrong time.");
2350 /* Notify clients about changed exit status */
2351 unit_add_to_dbus_queue(u);
2354 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2355 Socket *s = SOCKET(userdata);
2358 assert(s->timer_event_source == source);
2362 case SOCKET_START_PRE:
2363 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
2364 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2367 case SOCKET_START_CHOWN:
2368 case SOCKET_START_POST:
2369 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
2370 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2373 case SOCKET_STOP_PRE:
2374 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
2375 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2378 case SOCKET_STOP_PRE_SIGTERM:
2379 if (s->kill_context.send_sigkill) {
2380 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
2381 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2383 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2384 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2388 case SOCKET_STOP_PRE_SIGKILL:
2389 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2390 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2393 case SOCKET_STOP_POST:
2394 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2395 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2398 case SOCKET_FINAL_SIGTERM:
2399 if (s->kill_context.send_sigkill) {
2400 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
2401 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2403 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2404 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2408 case SOCKET_FINAL_SIGKILL:
2409 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
2410 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2414 assert_not_reached("Timeout at wrong time.");
2420 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2429 /* Called from the service code for requesting our fds */
2432 LIST_FOREACH(port, p, s->ports)
2442 if (!(rfds = new(int, rn_fds)))
2446 LIST_FOREACH(port, p, s->ports)
2450 assert(k == rn_fds);
2458 static void socket_reset_failed(Unit *u) {
2459 Socket *s = SOCKET(u);
2463 if (s->state == SOCKET_FAILED)
2464 socket_set_state(s, SOCKET_DEAD);
2466 s->result = SOCKET_SUCCESS;
2469 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2472 /* The service is dead. Dang!
2474 * This is strictly for one-instance-for-all-connections
2477 if (s->state == SOCKET_RUNNING) {
2478 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2479 if (failed_permanent)
2480 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2482 socket_enter_listening(s);
2486 void socket_connection_unref(Socket *s) {
2489 /* The service is dead. Yay!
2491 * This is strictly for one-instance-per-connection
2494 assert(s->n_connections > 0);
2497 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2500 static void socket_trigger_notify(Unit *u, Unit *other) {
2501 Socket *s = SOCKET(u);
2507 /* Don't propagate state changes from the service if we are
2508 already down or accepting connections */
2509 if ((s->state != SOCKET_RUNNING &&
2510 s->state != SOCKET_LISTENING) ||
2514 if (other->load_state != UNIT_LOADED ||
2515 other->type != UNIT_SERVICE)
2518 se = SERVICE(other);
2520 if (se->state == SERVICE_FAILED)
2521 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2523 if (se->state == SERVICE_DEAD ||
2524 se->state == SERVICE_STOP ||
2525 se->state == SERVICE_STOP_SIGTERM ||
2526 se->state == SERVICE_STOP_SIGKILL ||
2527 se->state == SERVICE_STOP_POST ||
2528 se->state == SERVICE_FINAL_SIGTERM ||
2529 se->state == SERVICE_FINAL_SIGKILL ||
2530 se->state == SERVICE_AUTO_RESTART)
2531 socket_notify_service_dead(s, false);
2533 if (se->state == SERVICE_RUNNING)
2534 socket_set_state(s, SOCKET_RUNNING);
2537 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2538 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2541 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2542 Socket *s = SOCKET(u);
2545 if (!s->timer_event_source)
2548 r = sd_event_source_get_time(s->timer_event_source, timeout);
2555 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2556 [SOCKET_DEAD] = "dead",
2557 [SOCKET_START_PRE] = "start-pre",
2558 [SOCKET_START_CHOWN] = "start-chown",
2559 [SOCKET_START_POST] = "start-post",
2560 [SOCKET_LISTENING] = "listening",
2561 [SOCKET_RUNNING] = "running",
2562 [SOCKET_STOP_PRE] = "stop-pre",
2563 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2564 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2565 [SOCKET_STOP_POST] = "stop-post",
2566 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2567 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2568 [SOCKET_FAILED] = "failed"
2571 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2573 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2574 [SOCKET_EXEC_START_PRE] = "StartPre",
2575 [SOCKET_EXEC_START_CHOWN] = "StartChown",
2576 [SOCKET_EXEC_START_POST] = "StartPost",
2577 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2578 [SOCKET_EXEC_STOP_POST] = "StopPost"
2581 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2583 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2584 [SOCKET_SUCCESS] = "success",
2585 [SOCKET_FAILURE_RESOURCES] = "resources",
2586 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2587 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2588 [SOCKET_FAILURE_SIGNAL] = "signal",
2589 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2590 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2593 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2595 const UnitVTable socket_vtable = {
2596 .object_size = sizeof(Socket),
2597 .exec_context_offset = offsetof(Socket, exec_context),
2598 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2599 .kill_context_offset = offsetof(Socket, kill_context),
2600 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2606 .private_section = "Socket",
2608 .init = socket_init,
2609 .done = socket_done,
2610 .load = socket_load,
2612 .coldplug = socket_coldplug,
2614 .dump = socket_dump,
2616 .start = socket_start,
2617 .stop = socket_stop,
2619 .kill = socket_kill,
2621 .get_timeout = socket_get_timeout,
2623 .serialize = socket_serialize,
2624 .deserialize_item = socket_deserialize_item,
2625 .distribute_fds = socket_distribute_fds,
2627 .active_state = socket_active_state,
2628 .sub_state_to_string = socket_sub_state_to_string,
2630 .check_gc = socket_check_gc,
2632 .sigchld_event = socket_sigchld_event,
2634 .trigger_notify = socket_trigger_notify,
2636 .reset_failed = socket_reset_failed,
2638 .bus_interface = "org.freedesktop.systemd1.Socket",
2639 .bus_vtable = bus_socket_vtable,
2640 .bus_set_property = bus_socket_set_property,
2641 .bus_commit_properties = bus_socket_commit_properties,
2643 .status_message_formats = {
2644 /*.starting_stopping = {
2645 [0] = "Starting socket %s...",
2646 [1] = "Stopping socket %s...",
2648 .finished_start_job = {
2649 [JOB_DONE] = "Listening on %s.",
2650 [JOB_FAILED] = "Failed to listen on %s.",
2651 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2652 [JOB_TIMEOUT] = "Timed out starting %s.",
2654 .finished_stop_job = {
2655 [JOB_DONE] = "Closed %s.",
2656 [JOB_FAILED] = "Failed stopping %s.",
2657 [JOB_TIMEOUT] = "Timed out stopping %s.",