1 /*-*- Mode: C; c-basic-offset: 8 -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <linux/oom.h>
29 #include <sys/prctl.h>
33 #include "conf-parser.h"
34 #include "load-fragment.h"
37 #include "securebits.h"
40 static int config_parse_deps(
49 UnitDependency d = PTR_TO_UINT(data);
59 FOREACH_WORD(w, l, rvalue, state) {
63 if (!(t = strndup(w, l)))
66 r = unit_add_dependency_by_name(u, d, t);
76 static int config_parse_names(
95 FOREACH_WORD(w, l, rvalue, state) {
100 if (!(t = strndup(w, l)))
103 other = manager_get_unit(u->meta.manager, t);
109 if (other->meta.load_state != UNIT_STUB) {
114 if ((r = unit_merge(u, other)) < 0) {
121 if ((r = unit_add_name(u, t)) < 0) {
133 static int config_parse_listen(
134 const char *filename,
153 if (!(p = new0(SocketPort, 1)))
156 if (streq(lvalue, "ListenFIFO")) {
157 p->type = SOCKET_FIFO;
159 if (!(p->path = strdup(rvalue))) {
164 p->type = SOCKET_SOCKET;
166 if ((r = socket_address_parse(&p->address, rvalue)) < 0) {
167 log_error("[%s:%u] Failed to parse address value: %s", filename, line, rvalue);
172 if (streq(lvalue, "ListenStream"))
173 p->address.type = SOCK_STREAM;
174 else if (streq(lvalue, "ListenDatagram"))
175 p->address.type = SOCK_DGRAM;
177 assert(streq(lvalue, "ListenSequentialPacket"));
178 p->address.type = SOCK_SEQPACKET;
181 if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
183 return -EPROTONOSUPPORT;
188 LIST_PREPEND(SocketPort, port, s->ports, p);
193 static int config_parse_socket_bind(
194 const char *filename,
212 if ((r = parse_boolean(rvalue)) < 0) {
213 log_error("[%s:%u] Failed to parse bind IPv6 only value: %s", filename, line, rvalue);
217 s->bind_ipv6_only = r ? SOCKET_ADDRESS_IPV6_ONLY : SOCKET_ADDRESS_BOTH;
222 static int config_parse_nice(
223 const char *filename,
231 ExecContext *c = data;
239 if ((r = safe_atoi(rvalue, &priority)) < 0) {
240 log_error("[%s:%u] Failed to parse nice priority: %s", filename, line, rvalue);
244 if (priority < PRIO_MIN || priority >= PRIO_MAX) {
245 log_error("[%s:%u] Nice priority out of range: %s", filename, line, rvalue);
255 static int config_parse_oom_adjust(
256 const char *filename,
264 ExecContext *c = data;
272 if ((r = safe_atoi(rvalue, &oa)) < 0) {
273 log_error("[%s:%u] Failed to parse OOM adjust value: %s", filename, line, rvalue);
277 if (oa < OOM_DISABLE || oa > OOM_ADJUST_MAX) {
278 log_error("[%s:%u] OOM adjust value out of range: %s", filename, line, rvalue);
283 c->oom_adjust_set = true;
288 static int config_parse_mode(
289 const char *filename,
307 l = strtol(rvalue, &x, 8);
308 if (!x || *x || errno) {
309 log_error("[%s:%u] Failed to parse mode value: %s", filename, line, rvalue);
310 return errno ? -errno : -EINVAL;
313 if (l < 0000 || l > 07777) {
314 log_error("[%s:%u] mode value out of range: %s", filename, line, rvalue);
322 static int config_parse_exec(
323 const char *filename,
331 ExecCommand **e = data, *nce = NULL;
344 FOREACH_WORD_QUOTED(w, l, rvalue, state)
347 if (!(n = new(char*, k+1)))
351 FOREACH_WORD_QUOTED(w, l, rvalue, state)
352 if (!(n[k++] = strndup(w, l)))
357 if (!n[0] || !path_is_absolute(n[0])) {
358 log_error("[%s:%u] Invalid executable path in command line: %s", filename, line, rvalue);
363 if (!(nce = new0(ExecCommand, 1)))
367 if (!(nce->path = strdup(n[0])))
370 exec_command_append_list(e, nce);
384 static int config_parse_usec(
385 const char *filename,
394 unsigned long long u;
402 if ((r = safe_atollu(rvalue, &u)) < 0) {
403 log_error("[%s:%u] Failed to parse time value: %s", filename, line, rvalue);
407 /* We actually assume the user configures seconds. Later on we
408 * might choose to support suffixes for time values, to
409 * configure bigger or smaller units */
411 *usec = u * USEC_PER_SEC;
416 static int config_parse_service_type(
417 const char *filename,
433 if ((x = service_type_from_string(rvalue)) < 0) {
434 log_error("[%s:%u] Failed to parse service type: %s", filename, line, rvalue);
443 static int config_parse_service_restart(
444 const char *filename,
460 if ((x = service_restart_from_string(rvalue)) < 0) {
461 log_error("[%s:%u] Failed to parse service restart specifier: %s", filename, line, rvalue);
470 static int config_parse_bindtodevice(
471 const char *filename,
487 if (rvalue[0] && !streq(rvalue, "*")) {
488 if (!(n = strdup(rvalue)))
493 free(s->bind_to_device);
494 s->bind_to_device = n;
499 static int config_parse_output(
500 const char *filename,
508 ExecOutput *o = data, x;
515 if ((x = exec_output_from_string(rvalue)) < 0) {
516 log_error("[%s:%u] Failed to parse output specifier: %s", filename, line, rvalue);
525 static int config_parse_input(
526 const char *filename,
534 ExecInput *i = data, x;
541 if ((x = exec_input_from_string(rvalue)) < 0) {
542 log_error("[%s:%u] Failed to parse input specifier: %s", filename, line, rvalue);
551 static int config_parse_facility(
552 const char *filename,
568 if ((x = log_facility_from_string(rvalue)) < 0)
570 /* Second try, let's see if this is a number. */
571 if (safe_atoi(rvalue, &x) < 0 || !log_facility_to_string(x)) {
572 log_error("[%s:%u] Failed to parse log facility: %s", filename, line, rvalue);
576 *o = LOG_MAKEPRI(x, LOG_PRI(*o));
581 static int config_parse_level(
582 const char *filename,
598 if ((x = log_level_from_string(rvalue)) < 0)
600 /* Second try, let's see if this is a number. */
601 if (safe_atoi(rvalue, &x) < 0 || !log_level_to_string(x)) {
602 log_error("[%s:%u] Failed to parse log level: %s", filename, line, rvalue);
606 *o = LOG_MAKEPRI(LOG_FAC(*o), x);
610 static int config_parse_io_class(
611 const char *filename,
619 ExecContext *c = data;
627 if ((x = ioprio_class_from_string(rvalue)) < 0)
629 /* Second try, let's see if this is a number. */
630 if (safe_atoi(rvalue, &x) < 0 || !ioprio_class_to_string(x)) {
631 log_error("[%s:%u] Failed to parse IO scheduling class: %s", filename, line, rvalue);
635 c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
636 c->ioprio_set = true;
641 static int config_parse_io_priority(
642 const char *filename,
650 ExecContext *c = data;
658 if (safe_atoi(rvalue, &i) < 0 || i < 0 || i >= IOPRIO_BE_NR) {
659 log_error("[%s:%u] Failed to parse io priority: %s", filename, line, rvalue);
663 c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
664 c->ioprio_set = true;
669 static int config_parse_cpu_sched_policy(
670 const char *filename,
679 ExecContext *c = data;
687 if ((x = sched_policy_from_string(rvalue)) < 0)
689 /* Second try, let's see if this is a number. */
690 if (safe_atoi(rvalue, &x) < 0 || !sched_policy_to_string(x)) {
691 log_error("[%s:%u] Failed to parse CPU scheduling policy: %s", filename, line, rvalue);
695 c->cpu_sched_policy = x;
696 c->cpu_sched_set = true;
701 static int config_parse_cpu_sched_prio(
702 const char *filename,
710 ExecContext *c = data;
718 /* On Linux RR/FIFO have the same range */
719 if (safe_atoi(rvalue, &i) < 0 || i < sched_get_priority_min(SCHED_RR) || i > sched_get_priority_max(SCHED_RR)) {
720 log_error("[%s:%u] Failed to parse CPU scheduling priority: %s", filename, line, rvalue);
724 c->cpu_sched_priority = i;
725 c->cpu_sched_set = true;
730 static int config_parse_cpu_affinity(
731 const char *filename,
739 ExecContext *c = data;
749 FOREACH_WORD(w, l, rvalue, state) {
754 if (!(t = strndup(w, l)))
757 r = safe_atou(t, &cpu);
760 if (r < 0 || cpu >= CPU_SETSIZE) {
761 log_error("[%s:%u] Failed to parse CPU affinity: %s", filename, line, rvalue);
765 CPU_SET(cpu, &c->cpu_affinity);
768 c->cpu_affinity_set = true;
773 static int config_parse_capabilities(
774 const char *filename,
782 ExecContext *c = data;
790 if (!(cap = cap_from_text(rvalue))) {
794 log_error("[%s:%u] Failed to parse capabilities: %s", filename, line, rvalue);
799 cap_free(c->capabilities);
800 c->capabilities = cap;
805 static int config_parse_secure_bits(
806 const char *filename,
814 ExecContext *c = data;
824 FOREACH_WORD(w, l, rvalue, state) {
825 if (first_word(w, "keep-caps"))
826 c->secure_bits |= SECURE_KEEP_CAPS;
827 else if (first_word(w, "keep-caps-locked"))
828 c->secure_bits |= SECURE_KEEP_CAPS_LOCKED;
829 else if (first_word(w, "no-setuid-fixup"))
830 c->secure_bits |= SECURE_NO_SETUID_FIXUP;
831 else if (first_word(w, "no-setuid-fixup-locked"))
832 c->secure_bits |= SECURE_NO_SETUID_FIXUP_LOCKED;
833 else if (first_word(w, "noroot"))
834 c->secure_bits |= SECURE_NOROOT;
835 else if (first_word(w, "noroot-locked"))
836 c->secure_bits |= SECURE_NOROOT_LOCKED;
838 log_error("[%s:%u] Failed to parse secure bits: %s", filename, line, rvalue);
846 static int config_parse_bounding_set(
847 const char *filename,
855 ExecContext *c = data;
865 FOREACH_WORD(w, l, rvalue, state) {
870 if (!(t = strndup(w, l)))
873 r = cap_from_name(t, &cap);
877 log_error("[%s:%u] Failed to parse capability bounding set: %s", filename, line, rvalue);
881 c->capability_bounding_set_drop |= 1 << cap;
887 static int config_parse_timer_slack_ns(
888 const char *filename,
896 ExecContext *c = data;
905 if ((r = safe_atolu(rvalue, &u)) < 0) {
906 log_error("[%s:%u] Failed to parse time slack value: %s", filename, line, rvalue);
910 c->timer_slack_ns = u;
915 static int config_parse_limit(
916 const char *filename,
924 struct rlimit **rl = data;
925 unsigned long long u;
933 if ((r = safe_atollu(rvalue, &u)) < 0) {
934 log_error("[%s:%u] Failed to parse resource value: %s", filename, line, rvalue);
939 if (!(*rl = new(struct rlimit, 1)))
942 (*rl)->rlim_cur = (*rl)->rlim_max = (rlim_t) u;
948 static int open_follow(char **filename, FILE **_f, Set *names, char **_id) {
959 /* This will update the filename pointer if the loaded file is
960 * reached by a symlink. The old string will be freed. */
963 char *target, *k, *name;
965 if (c++ >= FOLLOW_MAX)
968 path_kill_slashes(*filename);
970 /* Add the file name we are currently looking at to
971 * the names of this unit */
972 name = file_name_from_path(*filename);
973 if (!(id = set_get(names, name))) {
975 if (!(id = strdup(name)))
978 if ((r = set_put(names, id)) < 0) {
984 /* Try to open the file name, but don't if its a symlink */
985 if ((fd = open(*filename, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW)) >= 0)
991 /* Hmm, so this is a symlink. Let's read the name, and follow it manually */
992 if ((r = readlink_malloc(*filename, &target)) < 0)
995 k = file_in_same_dir(*filename, target);
1005 if (!(f = fdopen(fd, "r"))) {
1007 assert(close_nointr(fd) == 0);
1016 static int load_from_path(Unit *u, const char *path) {
1018 static const char* const section_table[_UNIT_TYPE_MAX] = {
1019 [UNIT_SERVICE] = "Service",
1020 [UNIT_TIMER] = "Timer",
1021 [UNIT_SOCKET] = "Socket",
1022 [UNIT_TARGET] = "Target",
1023 [UNIT_DEVICE] = "Device",
1024 [UNIT_MOUNT] = "Mount",
1025 [UNIT_AUTOMOUNT] = "Automount",
1026 [UNIT_SNAPSHOT] = "Snapshot"
1029 #define EXEC_CONTEXT_CONFIG_ITEMS(context, section) \
1030 { "WorkingDirectory", config_parse_path, &(context).working_directory, section }, \
1031 { "RootDirectory", config_parse_path, &(context).root_directory, section }, \
1032 { "User", config_parse_string, &(context).user, section }, \
1033 { "Group", config_parse_string, &(context).group, section }, \
1034 { "SupplementaryGroups", config_parse_strv, &(context).supplementary_groups, section }, \
1035 { "Nice", config_parse_nice, &(context), section }, \
1036 { "OOMAdjust", config_parse_oom_adjust, &(context), section }, \
1037 { "IOSchedulingClass", config_parse_io_class, &(context), section }, \
1038 { "IOSchedulingPriority", config_parse_io_priority, &(context), section }, \
1039 { "CPUSchedulingPolicy", config_parse_cpu_sched_policy,&(context), section }, \
1040 { "CPUSchedulingPriority", config_parse_cpu_sched_prio, &(context), section }, \
1041 { "CPUSchedulingResetOnFork", config_parse_bool, &(context).cpu_sched_reset_on_fork, section }, \
1042 { "CPUAffinity", config_parse_cpu_affinity, &(context), section }, \
1043 { "UMask", config_parse_mode, &(context).umask, section }, \
1044 { "Environment", config_parse_strv, &(context).environment, section }, \
1045 { "Output", config_parse_output, &(context).output, section }, \
1046 { "Input", config_parse_input, &(context).input, section }, \
1047 { "SyslogIdentifier", config_parse_string, &(context).syslog_identifier, section }, \
1048 { "SyslogFacility", config_parse_facility, &(context).syslog_priority, section }, \
1049 { "SyslogLevel", config_parse_level, &(context).syslog_priority, section }, \
1050 { "Capabilities", config_parse_capabilities, &(context), section }, \
1051 { "SecureBits", config_parse_secure_bits, &(context), section }, \
1052 { "CapabilityBoundingSetDrop", config_parse_bounding_set, &(context), section }, \
1053 { "TimerSlackNS", config_parse_timer_slack_ns, &(context), section }, \
1054 { "LimitCPU", config_parse_limit, &(context).rlimit[RLIMIT_CPU], section }, \
1055 { "LimitFSIZE", config_parse_limit, &(context).rlimit[RLIMIT_FSIZE], section }, \
1056 { "LimitDATA", config_parse_limit, &(context).rlimit[RLIMIT_DATA], section }, \
1057 { "LimitSTACK", config_parse_limit, &(context).rlimit[RLIMIT_STACK], section }, \
1058 { "LimitCORE", config_parse_limit, &(context).rlimit[RLIMIT_CORE], section }, \
1059 { "LimitRSS", config_parse_limit, &(context).rlimit[RLIMIT_RSS], section }, \
1060 { "LimitNOFILE", config_parse_limit, &(context).rlimit[RLIMIT_NOFILE], section }, \
1061 { "LimitAS", config_parse_limit, &(context).rlimit[RLIMIT_AS], section }, \
1062 { "LimitNPROC", config_parse_limit, &(context).rlimit[RLIMIT_NPROC], section }, \
1063 { "LimitMEMLOCK", config_parse_limit, &(context).rlimit[RLIMIT_MEMLOCK], section }, \
1064 { "LimitLOCKS", config_parse_limit, &(context).rlimit[RLIMIT_LOCKS], section }, \
1065 { "LimitSIGPENDING", config_parse_limit, &(context).rlimit[RLIMIT_SIGPENDING], section }, \
1066 { "LimitMSGQUEUE", config_parse_limit, &(context).rlimit[RLIMIT_MSGQUEUE], section }, \
1067 { "LimitNICE", config_parse_limit, &(context).rlimit[RLIMIT_NICE], section }, \
1068 { "LimitRTPRIO", config_parse_limit, &(context).rlimit[RLIMIT_RTPRIO], section }, \
1069 { "LimitRTTIME", config_parse_limit, &(context).rlimit[RLIMIT_RTTIME], section }, \
1070 { "NonBlocking", config_parse_bool, &(context).non_blocking, section }
1072 const ConfigItem items[] = {
1073 { "Names", config_parse_names, u, "Meta" },
1074 { "Description", config_parse_string, &u->meta.description, "Meta" },
1075 { "Requires", config_parse_deps, UINT_TO_PTR(UNIT_REQUIRES), "Meta" },
1076 { "SoftRequires", config_parse_deps, UINT_TO_PTR(UNIT_SOFT_REQUIRES), "Meta" },
1077 { "Wants", config_parse_deps, UINT_TO_PTR(UNIT_WANTS), "Meta" },
1078 { "Requisite", config_parse_deps, UINT_TO_PTR(UNIT_REQUISITE), "Meta" },
1079 { "SoftRequisite", config_parse_deps, UINT_TO_PTR(UNIT_SOFT_REQUISITE), "Meta" },
1080 { "Conflicts", config_parse_deps, UINT_TO_PTR(UNIT_CONFLICTS), "Meta" },
1081 { "Before", config_parse_deps, UINT_TO_PTR(UNIT_BEFORE), "Meta" },
1082 { "After", config_parse_deps, UINT_TO_PTR(UNIT_AFTER), "Meta" },
1083 { "RecursiveStop", config_parse_bool, &u->meta.recursive_stop, "Meta" },
1084 { "StopWhenUnneeded", config_parse_bool, &u->meta.stop_when_unneeded, "Meta" },
1086 { "PIDFile", config_parse_path, &u->service.pid_file, "Service" },
1087 { "ExecStartPre", config_parse_exec, u->service.exec_command+SERVICE_EXEC_START_PRE, "Service" },
1088 { "ExecStart", config_parse_exec, u->service.exec_command+SERVICE_EXEC_START, "Service" },
1089 { "ExecStartPost", config_parse_exec, u->service.exec_command+SERVICE_EXEC_START_POST, "Service" },
1090 { "ExecReload", config_parse_exec, u->service.exec_command+SERVICE_EXEC_RELOAD, "Service" },
1091 { "ExecStop", config_parse_exec, u->service.exec_command+SERVICE_EXEC_STOP, "Service" },
1092 { "ExecStopPost", config_parse_exec, u->service.exec_command+SERVICE_EXEC_STOP_POST, "Service" },
1093 { "RestartSec", config_parse_usec, &u->service.restart_usec, "Service" },
1094 { "TimeoutSec", config_parse_usec, &u->service.timeout_usec, "Service" },
1095 { "Type", config_parse_service_type, &u->service, "Service" },
1096 { "Restart", config_parse_service_restart, &u->service, "Service" },
1097 EXEC_CONTEXT_CONFIG_ITEMS(u->service.exec_context, "Service"),
1099 { "ListenStream", config_parse_listen, &u->socket, "Socket" },
1100 { "ListenDatagram", config_parse_listen, &u->socket, "Socket" },
1101 { "ListenSequentialPacket", config_parse_listen, &u->socket, "Socket" },
1102 { "ListenFIFO", config_parse_listen, &u->socket, "Socket" },
1103 { "BindIPv6Only", config_parse_socket_bind, &u->socket, "Socket" },
1104 { "Backlog", config_parse_unsigned, &u->socket.backlog, "Socket" },
1105 { "BindToDevice", config_parse_bindtodevice, &u->socket, "Socket" },
1106 { "ExecStartPre", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_START_PRE, "Socket" },
1107 { "ExecStartPost", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_START_POST, "Socket" },
1108 { "ExecStopPre", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_STOP_PRE, "Socket" },
1109 { "ExecStopPost", config_parse_exec, u->socket.exec_command+SOCKET_EXEC_STOP_POST, "Socket" },
1110 { "DirectoryMode", config_parse_mode, &u->socket.directory_mode, "Socket" },
1111 { "SocketMode", config_parse_mode, &u->socket.socket_mode, "Socket" },
1112 EXEC_CONTEXT_CONFIG_ITEMS(u->socket.exec_context, "Socket"),
1114 EXEC_CONTEXT_CONFIG_ITEMS(u->automount.exec_context, "Automount"),
1116 { NULL, NULL, NULL, NULL }
1119 #undef EXEC_CONTEXT_CONFIG_ITEMS
1121 const char *sections[3];
1126 char *filename = NULL, *id;
1128 sections[0] = "Meta";
1129 sections[1] = section_table[u->meta.type];
1132 if (!(symlink_names = set_new(string_hash_func, string_compare_func)))
1135 if (path_is_absolute(path)) {
1137 if (!(filename = strdup(path))) {
1142 if ((r = open_follow(&filename, &f, symlink_names, &id)) < 0) {
1153 STRV_FOREACH(p, u->meta.manager->unit_path) {
1155 /* Instead of opening the path right away, we manually
1156 * follow all symlinks and add their name to our unit
1157 * name set while doing so */
1158 if (!(filename = path_make_absolute(path, *p))) {
1163 if ((r = open_follow(&filename, &f, symlink_names, &id)) < 0) {
1172 /* Empty the symlink names for the next run */
1173 while ((sn = set_steal_first(symlink_names)))
1184 r = 0; /* returning 0 means: no suitable config file found */
1188 /* Now, parse the file contents */
1189 r = config_parse(filename, f, sections, items, u);
1193 /* Let's try to add in all symlink names we found */
1194 while ((k = set_steal_first(symlink_names))) {
1195 if ((r = unit_add_name(u, k)) < 0)
1200 unit_choose_id(u, id);
1205 free(u->meta.fragment_path);
1206 u->meta.fragment_path = filename;
1209 r = 1; /* returning 1 means: suitable config file found and loaded */
1212 while ((k = set_steal_first(symlink_names)))
1214 set_free(symlink_names);
1220 int unit_load_fragment(Unit *u) {
1224 assert(u->meta.load_state == UNIT_STUB);
1226 if (u->meta.fragment_path)
1227 r = load_from_path(u, u->meta.fragment_path);
1232 /* Try to find the unit under its id */
1233 if ((t = unit_id(u)))
1234 r = load_from_path(u, t);
1236 /* Try to find an alias we can load this with */
1238 SET_FOREACH(t, u->meta.names, i)
1239 if ((r = load_from_path(u, t)) != 0)
1246 if (u->meta.type == UNIT_SOCKET)
1247 c = &u->socket.exec_context;
1248 else if (u->meta.type == UNIT_SERVICE)
1249 c = &u->service.exec_context;
1253 if (c && (c->output == EXEC_OUTPUT_KERNEL || c->output == EXEC_OUTPUT_SYSLOG)) {
1256 /* If syslog or kernel logging is requested, make sure
1257 * our own logging daemon is run first. */
1259 if ((k = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_LOGGER_SOCKET)) < 0)
1262 if ((k = unit_add_dependency_by_name(u, UNIT_REQUIRES, SPECIAL_LOGGER_SOCKET)) < 0)