1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include <sys/epoll.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
32 #include <sys/xattr.h>
36 #include "load-dropin.h"
37 #include "load-fragment.h"
40 #include "path-util.h"
41 #include "unit-name.h"
42 #include "unit-printf.h"
46 #include "exit-status.h"
48 #include "smack-util.h"
50 #include "bus-error.h"
51 #include "dbus-socket.h"
55 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
68 [SOCKET_FAILED] = UNIT_FAILED
71 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74 static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
78 assert(u->load_state == UNIT_STUB);
80 s->backlog = SOMAXCONN;
81 s->timeout_usec = u->manager->default_timeout_start_usec;
82 s->directory_mode = 0755;
83 s->socket_mode = 0666;
85 s->max_connections = 64;
92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
98 static void socket_unwatch_control_pid(Socket *s) {
101 if (s->control_pid <= 0)
104 unit_unwatch_pid(UNIT(s), s->control_pid);
108 void socket_free_ports(Socket *s) {
113 while ((p = s->ports)) {
114 LIST_REMOVE(port, s->ports, p);
116 sd_event_source_unref(p->event_source);
124 static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
129 socket_free_ports(s);
131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
133 s->control_command = NULL;
135 socket_unwatch_control_pid(s);
137 unit_ref_unset(&s->service);
139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
142 free(s->bind_to_device);
143 s->bind_to_device = NULL;
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
149 strv_free(s->symlinks);
154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
157 static int socket_arm_timer(Socket *s) {
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
183 static int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL;
185 _cleanup_free_ char *name = NULL;
191 /* This fills in s->service if it isn't filled in yet. For
192 * Accept=yes sockets we create the next connection service
193 * here. For Accept=no this is mostly a NOP since the service
194 * is figured out at load time anyway. */
196 if (UNIT_DEREF(s->service))
201 prefix = unit_name_to_prefix(UNIT(s)->id);
205 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
208 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
213 unit_ref_set(&s->service, u);
215 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
218 static bool have_non_accept_socket(Socket *s) {
226 LIST_FOREACH(port, p, s->ports) {
228 if (p->type != SOCKET_SOCKET)
231 if (!socket_address_can_accept(&p->address))
238 static int socket_add_mount_links(Socket *s) {
244 LIST_FOREACH(port, p, s->ports) {
245 const char *path = NULL;
247 if (p->type == SOCKET_SOCKET)
248 path = socket_address_get_path(&p->address);
249 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
255 r = unit_require_mounts_for(UNIT(s), path);
263 static int socket_add_device_link(Socket *s) {
268 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
271 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
272 return unit_add_node_link(UNIT(s), t, false);
275 static int socket_add_default_dependencies(Socket *s) {
279 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
283 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
284 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
289 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
292 _pure_ static bool socket_has_exec(Socket *s) {
296 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
297 if (s->exec_command[i])
303 static int socket_add_extras(Socket *s) {
309 if (have_non_accept_socket(s)) {
311 if (!UNIT_DEREF(s->service)) {
314 r = unit_load_related_unit(u, ".service", &x);
318 unit_ref_set(&s->service, x);
321 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
326 r = socket_add_mount_links(s);
330 r = socket_add_device_link(s);
334 r = unit_patch_contexts(u);
338 if (socket_has_exec(s)) {
339 r = unit_add_exec_dependencies(u, &s->exec_context);
343 r = unit_add_default_slice(u, &s->cgroup_context);
348 if (u->default_dependencies) {
349 r = socket_add_default_dependencies(s);
357 static const char *socket_find_symlink_target(Socket *s) {
358 const char *found = NULL;
361 LIST_FOREACH(port, p, s->ports) {
362 const char *f = NULL;
371 if (p->address.sockaddr.un.sun_path[0] != 0)
372 f = p->address.sockaddr.un.sun_path;
390 static int socket_verify(Socket *s) {
393 if (UNIT(s)->load_state != UNIT_LOADED)
397 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
401 if (s->accept && have_non_accept_socket(s)) {
402 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
407 if (s->accept && s->max_connections <= 0) {
408 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
412 if (s->accept && UNIT_DEREF(s->service)) {
413 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
417 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
418 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
422 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
423 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
430 static int socket_load(Unit *u) {
431 Socket *s = SOCKET(u);
435 assert(u->load_state == UNIT_STUB);
437 r = unit_load_fragment_and_dropin(u);
441 if (u->load_state == UNIT_LOADED) {
442 /* This is a new unit? Then let's add in some extras */
443 r = socket_add_extras(s);
448 return socket_verify(s);
451 _const_ static const char* listen_lookup(int family, int type) {
453 if (family == AF_NETLINK)
454 return "ListenNetlink";
456 if (type == SOCK_STREAM)
457 return "ListenStream";
458 else if (type == SOCK_DGRAM)
459 return "ListenDatagram";
460 else if (type == SOCK_SEQPACKET)
461 return "ListenSequentialPacket";
463 assert_not_reached("Unknown socket type");
467 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
469 Socket *s = SOCKET(u);
476 prefix2 = strappenda(prefix, "\t");
479 "%sSocket State: %s\n"
481 "%sBindIPv6Only: %s\n"
483 "%sSocketMode: %04o\n"
484 "%sDirectoryMode: %04o\n"
487 "%sTransparent: %s\n"
489 "%sPassCredentials: %s\n"
490 "%sPassSecurity: %s\n"
491 "%sTCPCongestion: %s\n"
492 "%sRemoveOnStop: %s\n",
493 prefix, socket_state_to_string(s->state),
494 prefix, socket_result_to_string(s->result),
495 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
497 prefix, s->socket_mode,
498 prefix, s->directory_mode,
499 prefix, yes_no(s->keep_alive),
500 prefix, yes_no(s->free_bind),
501 prefix, yes_no(s->transparent),
502 prefix, yes_no(s->broadcast),
503 prefix, yes_no(s->pass_cred),
504 prefix, yes_no(s->pass_sec),
505 prefix, strna(s->tcp_congestion),
506 prefix, yes_no(s->remove_on_stop));
508 if (s->control_pid > 0)
510 "%sControl PID: "PID_FMT"\n",
511 prefix, s->control_pid);
513 if (s->bind_to_device)
515 "%sBindToDevice: %s\n",
516 prefix, s->bind_to_device);
521 "%sNConnections: %u\n"
522 "%sMaxConnections: %u\n",
523 prefix, s->n_accepted,
524 prefix, s->n_connections,
525 prefix, s->max_connections);
527 if (s->priority >= 0)
530 prefix, s->priority);
532 if (s->receive_buffer > 0)
534 "%sReceiveBuffer: %zu\n",
535 prefix, s->receive_buffer);
537 if (s->send_buffer > 0)
539 "%sSendBuffer: %zu\n",
540 prefix, s->send_buffer);
552 if (s->pipe_size > 0)
555 prefix, s->pipe_size);
562 if (s->mq_maxmsg > 0)
564 "%sMessageQueueMaxMessages: %li\n",
565 prefix, s->mq_maxmsg);
567 if (s->mq_msgsize > 0)
569 "%sMessageQueueMessageSize: %li\n",
570 prefix, s->mq_msgsize);
575 prefix, yes_no(s->reuse_port));
579 "%sSmackLabel: %s\n",
584 "%sSmackLabelIPIn: %s\n",
585 prefix, s->smack_ip_in);
589 "%sSmackLabelIPOut: %s\n",
590 prefix, s->smack_ip_out);
592 if (!isempty(s->user) || !isempty(s->group))
595 "%sOwnerGroup: %s\n",
596 prefix, strna(s->user),
597 prefix, strna(s->group));
599 LIST_FOREACH(port, p, s->ports) {
601 if (p->type == SOCKET_SOCKET) {
606 if ((r = socket_address_print(&p->address, &k)) < 0)
611 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
613 } else if (p->type == SOCKET_SPECIAL)
614 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
615 else if (p->type == SOCKET_MQUEUE)
616 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
618 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
621 exec_context_dump(&s->exec_context, f, prefix);
622 kill_context_dump(&s->kill_context, f, prefix);
624 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
625 if (!s->exec_command[c])
628 fprintf(f, "%s-> %s:\n",
629 prefix, socket_exec_command_to_string(c));
631 exec_command_dump_list(s->exec_command[c], f, prefix2);
635 static int instance_from_socket(int fd, unsigned nr, char **instance) {
638 union sockaddr_union local, remote;
644 if (getsockname(fd, &local.sa, &l) < 0)
648 if (getpeername(fd, &remote.sa, &l) < 0)
651 switch (local.sa.sa_family) {
655 a = ntohl(local.in.sin_addr.s_addr),
656 b = ntohl(remote.in.sin_addr.s_addr);
659 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
661 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
662 ntohs(local.in.sin_port),
663 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
664 ntohs(remote.in.sin_port)) < 0)
671 static const unsigned char ipv4_prefix[] = {
672 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
675 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
676 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
678 *a = local.in6.sin6_addr.s6_addr+12,
679 *b = remote.in6.sin6_addr.s6_addr+12;
682 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
684 a[0], a[1], a[2], a[3],
685 ntohs(local.in6.sin6_port),
686 b[0], b[1], b[2], b[3],
687 ntohs(remote.in6.sin6_port)) < 0)
690 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
695 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
696 ntohs(local.in6.sin6_port),
697 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
698 ntohs(remote.in6.sin6_port)) < 0)
709 k = getpeercred(fd, &ucred);
712 "%u-"PID_FMT"-"UID_FMT,
713 nr, ucred.pid, ucred.uid) < 0)
715 } else if (k == -ENODATA) {
716 /* This handles the case where somebody is
717 * connecting from another pid/uid namespace
718 * (e.g. from outside of our container). */
730 assert_not_reached("Unhandled socket type.");
737 static void socket_close_fds(Socket *s) {
743 LIST_FOREACH(port, p, s->ports) {
745 p->event_source = sd_event_source_unref(p->event_source);
750 p->fd = safe_close(p->fd);
752 /* One little note: we should normally not delete any
753 * sockets in the file system here! After all some
754 * other process we spawned might still have a
755 * reference of this fd and wants to continue to use
756 * it. Therefore we delete sockets in the file system
757 * before we create a new one, not after we stopped
760 if (s->remove_on_stop) {
772 socket_address_unlink(&p->address);
781 if (s->remove_on_stop)
782 STRV_FOREACH(i, s->symlinks)
786 static void socket_apply_socket_options(Socket *s, int fd) {
791 int b = s->keep_alive;
792 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
793 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
798 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
799 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
804 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
805 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
810 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
811 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
814 if (s->priority >= 0)
815 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
816 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
818 if (s->receive_buffer > 0) {
819 int value = (int) s->receive_buffer;
821 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
823 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
824 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
825 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
828 if (s->send_buffer > 0) {
829 int value = (int) s->send_buffer;
830 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
831 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
832 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
836 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
837 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
840 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
841 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
843 if (s->ip_ttl >= 0) {
846 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
848 if (socket_ipv6_is_supported())
849 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
852 errno = EAFNOSUPPORT;
856 log_warning_unit(UNIT(s)->id,
857 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
860 if (s->tcp_congestion)
861 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
862 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
865 int b = s->reuse_port;
866 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
867 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
871 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
872 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
875 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
876 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
879 static void socket_apply_fifo_options(Socket *s, int fd) {
883 if (s->pipe_size > 0)
884 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
885 log_warning_unit(UNIT(s)->id,
889 if (smack_label_fd(fd, s->smack) < 0)
890 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
893 static int fifo_address_create(
895 mode_t directory_mode,
906 mkdir_parents_label(path, directory_mode);
908 r = label_context_set(path, S_IFIFO);
912 /* Enforce the right access mode for the fifo */
913 old_mask = umask(~ socket_mode);
915 /* Include the original umask in our mask */
916 umask(~socket_mode | old_mask);
918 r = mkfifo(path, socket_mode);
921 if (r < 0 && errno != EEXIST) {
926 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
931 label_context_clear();
933 if (fstat(fd, &st) < 0) {
938 if (!S_ISFIFO(st.st_mode) ||
939 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
940 st.st_uid != getuid() ||
941 st.st_gid != getgid()) {
951 label_context_clear();
957 static int special_address_create(
967 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
973 if (fstat(fd, &st) < 0) {
978 /* Check whether this is a /proc, /sys or /dev file or char device */
979 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
993 static int mq_address_create(
1003 struct mq_attr _attr, *attr = NULL;
1008 if (maxmsg > 0 && msgsize > 0) {
1010 _attr.mq_flags = O_NONBLOCK;
1011 _attr.mq_maxmsg = maxmsg;
1012 _attr.mq_msgsize = msgsize;
1016 /* Enforce the right access mode for the mq */
1017 old_mask = umask(~ mq_mode);
1019 /* Include the original umask in our mask */
1020 umask(~mq_mode | old_mask);
1021 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1029 if (fstat(fd, &st) < 0) {
1034 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1035 st.st_uid != getuid() ||
1036 st.st_gid != getgid()) {
1050 static int socket_symlink(Socket *s) {
1056 p = socket_find_symlink_target(s);
1060 STRV_FOREACH(i, s->symlinks)
1066 static int socket_open_fds(Socket *s) {
1070 bool know_label = false;
1074 LIST_FOREACH(port, p, s->ports) {
1079 if (p->type == SOCKET_SOCKET) {
1083 r = socket_instantiate_service(s);
1087 if (UNIT_ISSET(s->service) &&
1088 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1089 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1090 if (r < 0 && r != -EPERM)
1097 r = socket_address_listen(
1099 SOCK_CLOEXEC|SOCK_NONBLOCK,
1112 socket_apply_socket_options(s, p->fd);
1115 } else if (p->type == SOCKET_SPECIAL) {
1117 r = special_address_create(
1123 } else if (p->type == SOCKET_FIFO) {
1125 r = fifo_address_create(
1133 socket_apply_fifo_options(s, p->fd);
1136 } else if (p->type == SOCKET_MQUEUE) {
1138 r = mq_address_create(
1147 assert_not_reached("Unknown port type");
1154 socket_close_fds(s);
1159 static void socket_unwatch_fds(Socket *s) {
1165 LIST_FOREACH(port, p, s->ports) {
1169 if (!p->event_source)
1172 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1174 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1178 static int socket_watch_fds(Socket *s) {
1184 LIST_FOREACH(port, p, s->ports) {
1188 if (p->event_source)
1189 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1191 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1194 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1202 socket_unwatch_fds(s);
1206 static void socket_set_state(Socket *s, SocketState state) {
1207 SocketState old_state;
1210 old_state = s->state;
1218 SOCKET_STOP_PRE_SIGTERM,
1219 SOCKET_STOP_PRE_SIGKILL,
1221 SOCKET_FINAL_SIGTERM,
1222 SOCKET_FINAL_SIGKILL)) {
1224 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1225 socket_unwatch_control_pid(s);
1226 s->control_command = NULL;
1227 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1230 if (state != SOCKET_LISTENING)
1231 socket_unwatch_fds(s);
1239 SOCKET_STOP_PRE_SIGTERM,
1240 SOCKET_STOP_PRE_SIGKILL))
1241 socket_close_fds(s);
1243 if (state != old_state)
1244 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1245 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1247 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1250 static int socket_coldplug(Unit *u) {
1251 Socket *s = SOCKET(u);
1255 assert(s->state == SOCKET_DEAD);
1257 if (s->deserialized_state == s->state)
1260 if (IN_SET(s->deserialized_state,
1265 SOCKET_STOP_PRE_SIGTERM,
1266 SOCKET_STOP_PRE_SIGKILL,
1268 SOCKET_FINAL_SIGTERM,
1269 SOCKET_FINAL_SIGKILL)) {
1271 if (s->control_pid <= 0)
1274 r = unit_watch_pid(UNIT(s), s->control_pid);
1278 r = socket_arm_timer(s);
1283 if (IN_SET(s->deserialized_state,
1289 SOCKET_STOP_PRE_SIGTERM,
1290 SOCKET_STOP_PRE_SIGKILL)) {
1291 r = socket_open_fds(s);
1296 if (s->deserialized_state == SOCKET_LISTENING) {
1297 r = socket_watch_fds(s);
1302 socket_set_state(s, s->deserialized_state);
1306 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1307 _cleanup_free_ char **argv = NULL;
1315 unit_realize_cgroup(UNIT(s));
1317 r = unit_setup_exec_runtime(UNIT(s));
1321 r = socket_arm_timer(s);
1325 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1333 UNIT(s)->manager->environment,
1337 UNIT(s)->manager->confirm_spawn,
1338 UNIT(s)->manager->cgroup_supported,
1339 UNIT(s)->cgroup_path,
1340 manager_get_runtime_prefix(UNIT(s)->manager),
1347 r = unit_watch_pid(UNIT(s), pid);
1349 /* FIXME: we need to do something here */
1356 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1360 static int socket_chown(Socket *s, pid_t *_pid) {
1364 r = socket_arm_timer(s);
1368 /* We have to resolve the user names out-of-process, hence
1369 * let's fork here. It's messy, but well, what can we do? */
1377 uid_t uid = (uid_t) -1;
1378 gid_t gid = (gid_t) -1;
1381 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1382 ignore_signals(SIGPIPE, -1);
1385 if (!isempty(s->user)) {
1386 const char *user = s->user;
1388 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1395 if (!isempty(s->group)) {
1396 const char *group = s->group;
1398 r = get_group_creds(&group, &gid);
1405 LIST_FOREACH(port, p, s->ports) {
1406 const char *path = NULL;
1408 if (p->type == SOCKET_SOCKET)
1409 path = socket_address_get_path(&p->address);
1410 else if (p->type == SOCKET_FIFO)
1416 if (chown(path, uid, gid) < 0) {
1427 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1432 r = unit_watch_pid(UNIT(s), pid);
1440 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1444 static void socket_enter_dead(Socket *s, SocketResult f) {
1447 if (f != SOCKET_SUCCESS)
1450 exec_runtime_destroy(s->exec_runtime);
1451 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1453 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1455 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1458 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1460 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1464 if (f != SOCKET_SUCCESS)
1467 socket_unwatch_control_pid(s);
1468 s->control_command_id = SOCKET_EXEC_STOP_POST;
1469 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
1471 if (s->control_command) {
1472 r = socket_spawn(s, s->control_command, &s->control_pid);
1476 socket_set_state(s, SOCKET_STOP_POST);
1478 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1483 log_warning_unit(UNIT(s)->id,
1484 "%s failed to run 'stop-post' task: %s",
1485 UNIT(s)->id, strerror(-r));
1486 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1489 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1494 if (f != SOCKET_SUCCESS)
1497 r = unit_kill_context(
1500 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1508 r = socket_arm_timer(s);
1512 socket_set_state(s, state);
1513 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1514 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1515 else if (state == SOCKET_STOP_PRE_SIGKILL)
1516 socket_enter_stop_post(s, SOCKET_SUCCESS);
1517 else if (state == SOCKET_FINAL_SIGTERM)
1518 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1520 socket_enter_dead(s, SOCKET_SUCCESS);
1525 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1527 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1528 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1530 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1533 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1537 if (f != SOCKET_SUCCESS)
1540 socket_unwatch_control_pid(s);
1541 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1542 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
1544 if (s->control_command) {
1545 r = socket_spawn(s, s->control_command, &s->control_pid);
1549 socket_set_state(s, SOCKET_STOP_PRE);
1551 socket_enter_stop_post(s, SOCKET_SUCCESS);
1556 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1557 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1560 static void socket_enter_listening(Socket *s) {
1564 r = socket_watch_fds(s);
1566 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1570 socket_set_state(s, SOCKET_LISTENING);
1574 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1577 static void socket_enter_start_post(Socket *s) {
1581 socket_unwatch_control_pid(s);
1582 s->control_command_id = SOCKET_EXEC_START_POST;
1583 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1585 if (s->control_command) {
1586 r = socket_spawn(s, s->control_command, &s->control_pid);
1588 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1592 socket_set_state(s, SOCKET_START_POST);
1594 socket_enter_listening(s);
1599 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1602 static void socket_enter_start_chown(Socket *s) {
1607 r = socket_open_fds(s);
1609 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1613 if (!isempty(s->user) || !isempty(s->group)) {
1615 socket_unwatch_control_pid(s);
1616 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1617 s->control_command = NULL;
1619 r = socket_chown(s, &s->control_pid);
1621 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
1625 socket_set_state(s, SOCKET_START_CHOWN);
1627 socket_enter_start_post(s);
1632 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1635 static void socket_enter_start_pre(Socket *s) {
1639 socket_unwatch_control_pid(s);
1640 s->control_command_id = SOCKET_EXEC_START_PRE;
1641 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
1643 if (s->control_command) {
1644 r = socket_spawn(s, s->control_command, &s->control_pid);
1646 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1650 socket_set_state(s, SOCKET_START_PRE);
1652 socket_enter_start_chown(s);
1657 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1660 static void socket_enter_running(Socket *s, int cfd) {
1661 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1666 /* We don't take connections anymore if we are supposed to
1667 * shut down anyway */
1668 if (unit_stop_pending(UNIT(s))) {
1670 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1675 /* Flush all sockets by closing and reopening them */
1676 socket_close_fds(s);
1678 r = socket_open_fds(s);
1680 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1681 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1685 r = socket_watch_fds(s);
1687 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1688 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1698 bool pending = false;
1700 /* If there's already a start pending don't bother to
1702 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1703 if (unit_active_or_pending(other)) {
1709 if (!UNIT_ISSET(s->service)) {
1710 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1715 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1720 socket_set_state(s, SOCKET_RUNNING);
1722 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1725 if (s->n_connections >= s->max_connections) {
1726 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1731 r = socket_instantiate_service(s);
1735 r = instance_from_socket(cfd, s->n_accepted, &instance);
1740 /* ENOTCONN is legitimate if TCP RST was received.
1741 * This connection is over, but the socket unit lives on. */
1746 prefix = unit_name_to_prefix(UNIT(s)->id);
1752 name = unit_name_build(prefix, instance, ".service");
1758 r = unit_add_name(UNIT_DEREF(s->service), name);
1762 service = SERVICE(UNIT_DEREF(s->service));
1763 unit_ref_unset(&s->service);
1766 UNIT(service)->no_gc = false;
1768 unit_choose_id(UNIT(service), name);
1770 r = service_set_socket_fd(service, cfd, s);
1775 s->n_connections ++;
1777 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1781 /* Notify clients about changed counters */
1782 unit_add_to_dbus_queue(UNIT(s));
1788 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1789 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1790 bus_error_message(&error, r));
1792 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1796 static void socket_run_next(Socket *s) {
1800 assert(s->control_command);
1801 assert(s->control_command->command_next);
1803 socket_unwatch_control_pid(s);
1805 s->control_command = s->control_command->command_next;
1807 r = socket_spawn(s, s->control_command, &s->control_pid);
1814 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1816 if (s->state == SOCKET_START_POST)
1817 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1818 else if (s->state == SOCKET_STOP_POST)
1819 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1821 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1824 static int socket_start(Unit *u) {
1825 Socket *s = SOCKET(u);
1829 /* We cannot fulfill this request right now, try again later
1831 if (IN_SET(s->state,
1833 SOCKET_STOP_PRE_SIGKILL,
1834 SOCKET_STOP_PRE_SIGTERM,
1836 SOCKET_FINAL_SIGTERM,
1837 SOCKET_FINAL_SIGKILL))
1840 /* Already on it! */
1841 if (IN_SET(s->state,
1847 /* Cannot run this without the service being around */
1848 if (UNIT_ISSET(s->service)) {
1851 service = SERVICE(UNIT_DEREF(s->service));
1853 if (UNIT(service)->load_state != UNIT_LOADED) {
1854 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1858 /* If the service is already active we cannot start the
1860 if (service->state != SERVICE_DEAD &&
1861 service->state != SERVICE_FAILED &&
1862 service->state != SERVICE_AUTO_RESTART) {
1863 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1868 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1870 s->result = SOCKET_SUCCESS;
1871 socket_enter_start_pre(s);
1876 static int socket_stop(Unit *u) {
1877 Socket *s = SOCKET(u);
1882 if (IN_SET(s->state,
1884 SOCKET_STOP_PRE_SIGTERM,
1885 SOCKET_STOP_PRE_SIGKILL,
1887 SOCKET_FINAL_SIGTERM,
1888 SOCKET_FINAL_SIGKILL))
1891 /* If there's already something running we go directly into
1893 if (IN_SET(s->state,
1896 SOCKET_START_POST)) {
1897 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1901 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1903 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1907 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1908 Socket *s = SOCKET(u);
1916 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1917 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1918 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1920 if (s->control_pid > 0)
1921 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
1923 if (s->control_command_id >= 0)
1924 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1926 LIST_FOREACH(port, p, s->ports) {
1932 copy = fdset_put_dup(fds, p->fd);
1936 if (p->type == SOCKET_SOCKET) {
1937 _cleanup_free_ char *t = NULL;
1939 r = socket_address_print(&p->address, &t);
1943 if (socket_address_family(&p->address) == AF_NETLINK)
1944 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1946 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1948 } else if (p->type == SOCKET_SPECIAL)
1949 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1950 else if (p->type == SOCKET_MQUEUE)
1951 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1953 assert(p->type == SOCKET_FIFO);
1954 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1961 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1962 Socket *s = SOCKET(u);
1968 if (streq(key, "state")) {
1971 state = socket_state_from_string(value);
1973 log_debug_unit(u->id, "Failed to parse state value %s", value);
1975 s->deserialized_state = state;
1976 } else if (streq(key, "result")) {
1979 f = socket_result_from_string(value);
1981 log_debug_unit(u->id, "Failed to parse result value %s", value);
1982 else if (f != SOCKET_SUCCESS)
1985 } else if (streq(key, "n-accepted")) {
1988 if (safe_atou(value, &k) < 0)
1989 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1992 } else if (streq(key, "control-pid")) {
1995 if (parse_pid(value, &pid) < 0)
1996 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
1998 s->control_pid = pid;
1999 } else if (streq(key, "control-command")) {
2000 SocketExecCommand id;
2002 id = socket_exec_command_from_string(value);
2004 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
2006 s->control_command_id = id;
2007 s->control_command = s->exec_command[id];
2009 } else if (streq(key, "fifo")) {
2013 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2014 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
2017 LIST_FOREACH(port, p, s->ports)
2018 if (p->type == SOCKET_FIFO &&
2019 streq_ptr(p->path, value+skip))
2024 p->fd = fdset_remove(fds, fd);
2028 } else if (streq(key, "special")) {
2032 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2033 log_debug_unit(u->id, "Failed to parse special value %s", value);
2036 LIST_FOREACH(port, p, s->ports)
2037 if (p->type == SOCKET_SPECIAL &&
2038 streq_ptr(p->path, value+skip))
2043 p->fd = fdset_remove(fds, fd);
2047 } else if (streq(key, "mqueue")) {
2051 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2052 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
2055 LIST_FOREACH(port, p, s->ports)
2056 if (p->type == SOCKET_MQUEUE &&
2057 streq_ptr(p->path, value+skip))
2062 p->fd = fdset_remove(fds, fd);
2066 } else if (streq(key, "socket")) {
2067 int fd, type, skip = 0;
2070 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
2071 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2074 LIST_FOREACH(port, p, s->ports)
2075 if (socket_address_is(&p->address, value+skip, type))
2080 p->fd = fdset_remove(fds, fd);
2084 } else if (streq(key, "netlink")) {
2088 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2089 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2092 LIST_FOREACH(port, p, s->ports)
2093 if (socket_address_is_netlink(&p->address, value+skip))
2098 p->fd = fdset_remove(fds, fd);
2102 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
2107 static int socket_distribute_fds(Unit *u, FDSet *fds) {
2108 Socket *s = SOCKET(u);
2113 LIST_FOREACH(port, p, s->ports) {
2117 if (p->type != SOCKET_SOCKET)
2123 FDSET_FOREACH(fd, fds, i) {
2124 if (socket_address_matches_fd(&p->address, fd)) {
2125 p->fd = fdset_remove(fds, fd);
2126 s->deserialized_state = SOCKET_LISTENING;
2135 _pure_ static UnitActiveState socket_active_state(Unit *u) {
2138 return state_translation_table[SOCKET(u)->state];
2141 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
2144 return socket_state_to_string(SOCKET(u)->state);
2147 const char* socket_port_type_to_string(SocketPort *p) {
2155 switch (p->address.type) {
2163 case SOCK_SEQPACKET:
2164 return "SequentialPacket";
2167 if (socket_address_family(&p->address) == AF_NETLINK)
2174 case SOCKET_SPECIAL:
2178 return "MessageQueue";
2188 _pure_ static bool socket_check_gc(Unit *u) {
2189 Socket *s = SOCKET(u);
2193 return s->n_connections > 0;
2196 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2197 SocketPort *p = userdata;
2203 if (p->socket->state != SOCKET_LISTENING)
2206 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2208 if (revents != EPOLLIN) {
2210 if (revents & EPOLLHUP)
2211 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2212 UNIT(p->socket)->id);
2214 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2215 UNIT(p->socket)->id, revents);
2220 if (p->socket->accept &&
2221 p->type == SOCKET_SOCKET &&
2222 socket_address_can_accept(&p->address)) {
2226 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2232 log_error_unit(UNIT(p->socket)->id,
2233 "Failed to accept socket: %m");
2240 socket_apply_socket_options(p->socket, cfd);
2243 socket_enter_running(p->socket, cfd);
2247 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2251 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2252 Socket *s = SOCKET(u);
2258 if (pid != s->control_pid)
2263 if (is_clean_exit(code, status, NULL))
2265 else if (code == CLD_EXITED)
2266 f = SOCKET_FAILURE_EXIT_CODE;
2267 else if (code == CLD_KILLED)
2268 f = SOCKET_FAILURE_SIGNAL;
2269 else if (code == CLD_DUMPED)
2270 f = SOCKET_FAILURE_CORE_DUMP;
2272 assert_not_reached("Unknown sigchld code");
2274 if (s->control_command) {
2275 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2277 if (s->control_command->ignore)
2281 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2283 "%s control process exited, code=%s status=%i",
2284 u->id, sigchld_code_to_string(code), status);
2286 if (f != SOCKET_SUCCESS)
2289 if (s->control_command &&
2290 s->control_command->command_next &&
2291 f == SOCKET_SUCCESS) {
2293 log_debug_unit(u->id,
2294 "%s running next command for state %s",
2295 u->id, socket_state_to_string(s->state));
2298 s->control_command = NULL;
2299 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2301 /* No further commands for this step, so let's figure
2302 * out what to do next */
2304 log_debug_unit(u->id,
2305 "%s got final SIGCHLD for state %s",
2306 u->id, socket_state_to_string(s->state));
2310 case SOCKET_START_PRE:
2311 if (f == SOCKET_SUCCESS)
2312 socket_enter_start_chown(s);
2314 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2317 case SOCKET_START_CHOWN:
2318 if (f == SOCKET_SUCCESS)
2319 socket_enter_start_post(s);
2321 socket_enter_stop_pre(s, f);
2324 case SOCKET_START_POST:
2325 if (f == SOCKET_SUCCESS)
2326 socket_enter_listening(s);
2328 socket_enter_stop_pre(s, f);
2331 case SOCKET_STOP_PRE:
2332 case SOCKET_STOP_PRE_SIGTERM:
2333 case SOCKET_STOP_PRE_SIGKILL:
2334 socket_enter_stop_post(s, f);
2337 case SOCKET_STOP_POST:
2338 case SOCKET_FINAL_SIGTERM:
2339 case SOCKET_FINAL_SIGKILL:
2340 socket_enter_dead(s, f);
2344 assert_not_reached("Uh, control process died at wrong time.");
2348 /* Notify clients about changed exit status */
2349 unit_add_to_dbus_queue(u);
2352 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2353 Socket *s = SOCKET(userdata);
2356 assert(s->timer_event_source == source);
2360 case SOCKET_START_PRE:
2361 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
2362 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2365 case SOCKET_START_CHOWN:
2366 case SOCKET_START_POST:
2367 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
2368 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2371 case SOCKET_STOP_PRE:
2372 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
2373 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2376 case SOCKET_STOP_PRE_SIGTERM:
2377 if (s->kill_context.send_sigkill) {
2378 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
2379 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2381 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2382 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2386 case SOCKET_STOP_PRE_SIGKILL:
2387 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2388 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2391 case SOCKET_STOP_POST:
2392 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2393 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2396 case SOCKET_FINAL_SIGTERM:
2397 if (s->kill_context.send_sigkill) {
2398 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
2399 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2401 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2402 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2406 case SOCKET_FINAL_SIGKILL:
2407 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
2408 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2412 assert_not_reached("Timeout at wrong time.");
2418 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2427 /* Called from the service code for requesting our fds */
2430 LIST_FOREACH(port, p, s->ports)
2440 if (!(rfds = new(int, rn_fds)))
2444 LIST_FOREACH(port, p, s->ports)
2448 assert(k == rn_fds);
2456 static void socket_reset_failed(Unit *u) {
2457 Socket *s = SOCKET(u);
2461 if (s->state == SOCKET_FAILED)
2462 socket_set_state(s, SOCKET_DEAD);
2464 s->result = SOCKET_SUCCESS;
2467 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2470 /* The service is dead. Dang!
2472 * This is strictly for one-instance-for-all-connections
2475 if (s->state == SOCKET_RUNNING) {
2476 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2477 if (failed_permanent)
2478 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2480 socket_enter_listening(s);
2484 void socket_connection_unref(Socket *s) {
2487 /* The service is dead. Yay!
2489 * This is strictly for one-instance-per-connection
2492 assert(s->n_connections > 0);
2495 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2498 static void socket_trigger_notify(Unit *u, Unit *other) {
2499 Socket *s = SOCKET(u);
2505 /* Don't propagate state changes from the service if we are
2506 already down or accepting connections */
2507 if ((s->state != SOCKET_RUNNING &&
2508 s->state != SOCKET_LISTENING) ||
2512 if (other->load_state != UNIT_LOADED ||
2513 other->type != UNIT_SERVICE)
2516 se = SERVICE(other);
2518 if (se->state == SERVICE_FAILED)
2519 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2521 if (se->state == SERVICE_DEAD ||
2522 se->state == SERVICE_STOP ||
2523 se->state == SERVICE_STOP_SIGTERM ||
2524 se->state == SERVICE_STOP_SIGKILL ||
2525 se->state == SERVICE_STOP_POST ||
2526 se->state == SERVICE_FINAL_SIGTERM ||
2527 se->state == SERVICE_FINAL_SIGKILL ||
2528 se->state == SERVICE_AUTO_RESTART)
2529 socket_notify_service_dead(s, false);
2531 if (se->state == SERVICE_RUNNING)
2532 socket_set_state(s, SOCKET_RUNNING);
2535 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2536 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2539 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2540 Socket *s = SOCKET(u);
2543 if (!s->timer_event_source)
2546 r = sd_event_source_get_time(s->timer_event_source, timeout);
2553 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2554 [SOCKET_DEAD] = "dead",
2555 [SOCKET_START_PRE] = "start-pre",
2556 [SOCKET_START_CHOWN] = "start-chown",
2557 [SOCKET_START_POST] = "start-post",
2558 [SOCKET_LISTENING] = "listening",
2559 [SOCKET_RUNNING] = "running",
2560 [SOCKET_STOP_PRE] = "stop-pre",
2561 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2562 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2563 [SOCKET_STOP_POST] = "stop-post",
2564 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2565 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2566 [SOCKET_FAILED] = "failed"
2569 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2571 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2572 [SOCKET_EXEC_START_PRE] = "StartPre",
2573 [SOCKET_EXEC_START_CHOWN] = "StartChown",
2574 [SOCKET_EXEC_START_POST] = "StartPost",
2575 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2576 [SOCKET_EXEC_STOP_POST] = "StopPost"
2579 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2581 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2582 [SOCKET_SUCCESS] = "success",
2583 [SOCKET_FAILURE_RESOURCES] = "resources",
2584 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2585 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2586 [SOCKET_FAILURE_SIGNAL] = "signal",
2587 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2588 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2591 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2593 const UnitVTable socket_vtable = {
2594 .object_size = sizeof(Socket),
2595 .exec_context_offset = offsetof(Socket, exec_context),
2596 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2597 .kill_context_offset = offsetof(Socket, kill_context),
2598 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2604 .private_section = "Socket",
2606 .init = socket_init,
2607 .done = socket_done,
2608 .load = socket_load,
2610 .coldplug = socket_coldplug,
2612 .dump = socket_dump,
2614 .start = socket_start,
2615 .stop = socket_stop,
2617 .kill = socket_kill,
2619 .get_timeout = socket_get_timeout,
2621 .serialize = socket_serialize,
2622 .deserialize_item = socket_deserialize_item,
2623 .distribute_fds = socket_distribute_fds,
2625 .active_state = socket_active_state,
2626 .sub_state_to_string = socket_sub_state_to_string,
2628 .check_gc = socket_check_gc,
2630 .sigchld_event = socket_sigchld_event,
2632 .trigger_notify = socket_trigger_notify,
2634 .reset_failed = socket_reset_failed,
2636 .bus_interface = "org.freedesktop.systemd1.Socket",
2637 .bus_vtable = bus_socket_vtable,
2638 .bus_set_property = bus_socket_set_property,
2639 .bus_commit_properties = bus_socket_commit_properties,
2641 .status_message_formats = {
2642 /*.starting_stopping = {
2643 [0] = "Starting socket %s...",
2644 [1] = "Stopping socket %s...",
2646 .finished_start_job = {
2647 [JOB_DONE] = "Listening on %s.",
2648 [JOB_FAILED] = "Failed to listen on %s.",
2649 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2650 [JOB_TIMEOUT] = "Timed out starting %s.",
2652 .finished_stop_job = {
2653 [JOB_DONE] = "Closed %s.",
2654 [JOB_FAILED] = "Failed stopping %s.",
2655 [JOB_TIMEOUT] = "Timed out stopping %s.",