+#include <unistd.h>
+#include <fcntl.h>
+#include <sched.h>
+#include <sys/prctl.h>
+
+#include "unit.h"
+#include "strv.h"
+#include "conf-parser.h"
+#include "load-fragment.h"
+#include "log.h"
+#include "ioprio.h"
+#include "securebits.h"
+#include "missing.h"
+
+static int config_parse_deps(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ UnitDependency d = PTR_TO_UINT(data);
+ Unit *u = userdata;
+ char *w;
+ size_t l;
+ char *state;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+
+ FOREACH_WORD(w, l, rvalue, state) {
+ char *t;
+ int r;
+
+ if (!(t = strndup(w, l)))
+ return -ENOMEM;
+
+ r = unit_add_dependency_by_name(u, d, t);
+ free(t);
+
+ if (r < 0)
+ return r;
+ }
+
+ return 0;
+}
+
+static int config_parse_names(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Unit *u = userdata;
+ char *w;
+ size_t l;
+ char *state;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ FOREACH_WORD(w, l, rvalue, state) {
+ char *t;
+ int r;
+
+ if (!(t = strndup(w, l)))
+ return -ENOMEM;
+
+ r = unit_merge_by_name(u, t);
+ free(t);
+
+ if (r < 0)
+ return r;
+ }
+
+ return 0;
+}
+
+static int config_parse_listen(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ int r;
+ SocketPort *p;
+ Socket *s;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ s = (Socket*) data;
+
+ if (!(p = new0(SocketPort, 1)))
+ return -ENOMEM;
+
+ if (streq(lvalue, "ListenFIFO")) {
+ p->type = SOCKET_FIFO;
+
+ if (!(p->path = strdup(rvalue))) {
+ free(p);
+ return -ENOMEM;
+ }
+ } else {
+ p->type = SOCKET_SOCKET;
+
+ if ((r = socket_address_parse(&p->address, rvalue)) < 0) {
+ log_error("[%s:%u] Failed to parse address value: %s", filename, line, rvalue);
+ free(p);
+ return r;
+ }
+
+ if (streq(lvalue, "ListenStream"))
+ p->address.type = SOCK_STREAM;
+ else if (streq(lvalue, "ListenDatagram"))
+ p->address.type = SOCK_DGRAM;
+ else {
+ assert(streq(lvalue, "ListenSequentialPacket"));
+ p->address.type = SOCK_SEQPACKET;
+ }
+
+ if (socket_address_family(&p->address) != AF_LOCAL && p->address.type == SOCK_SEQPACKET) {
+ free(p);
+ return -EPROTONOSUPPORT;
+ }
+ }
+
+ p->fd = -1;
+ LIST_PREPEND(SocketPort, port, s->ports, p);
+
+ return 0;
+}
+
+static int config_parse_socket_bind(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ int r;
+ Socket *s;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ s = (Socket*) data;
+
+ if ((r = parse_boolean(rvalue)) < 0) {
+ log_error("[%s:%u] Failed to parse bind IPv6 only value: %s", filename, line, rvalue);
+ return r;
+ }
+
+ s->bind_ipv6_only = r ? SOCKET_ADDRESS_IPV6_ONLY : SOCKET_ADDRESS_BOTH;
+
+ return 0;
+}
+
+static int config_parse_nice(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecContext *c = data;
+ int priority, r;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((r = safe_atoi(rvalue, &priority)) < 0) {
+ log_error("[%s:%u] Failed to parse nice priority: %s", filename, line, rvalue);
+ return r;
+ }
+
+ if (priority < PRIO_MIN || priority >= PRIO_MAX) {
+ log_error("[%s:%u] Nice priority out of range: %s", filename, line, rvalue);
+ return -ERANGE;
+ }
+
+ c->nice = priority;
+ c->nice_set = false;
+
+ return 0;
+}
+
+static int config_parse_oom_adjust(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecContext *c = data;
+ int oa, r;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((r = safe_atoi(rvalue, &oa)) < 0) {
+ log_error("[%s:%u] Failed to parse OOM adjust value: %s", filename, line, rvalue);
+ return r;
+ }
+
+ if (oa < OOM_DISABLE || oa > OOM_ADJUST_MAX) {
+ log_error("[%s:%u] OOM adjust value out of range: %s", filename, line, rvalue);
+ return -ERANGE;
+ }
+
+ c->oom_adjust = oa;
+ c->oom_adjust_set = true;
+
+ return 0;
+}
+
+static int config_parse_mode(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ mode_t *m = data;
+ long l;
+ char *x = NULL;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ errno = 0;
+ l = strtol(rvalue, &x, 8);
+ if (!x || *x || errno) {
+ log_error("[%s:%u] Failed to parse mode value: %s", filename, line, rvalue);
+ return errno ? -errno : -EINVAL;
+ }
+
+ if (l < 0000 || l > 07777) {
+ log_error("[%s:%u] mode value out of range: %s", filename, line, rvalue);
+ return -ERANGE;
+ }
+
+ *m = (mode_t) l;
+ return 0;
+}
+
+static int config_parse_exec(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecCommand **e = data, *nce = NULL;
+ char **n;
+ char *w;
+ unsigned k;
+ size_t l;
+ char *state;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ k = 0;
+ FOREACH_WORD_QUOTED(w, l, rvalue, state)
+ k++;
+
+ if (!(n = new(char*, k+1)))
+ return -ENOMEM;
+
+ k = 0;
+ FOREACH_WORD_QUOTED(w, l, rvalue, state)
+ if (!(n[k++] = strndup(w, l)))
+ goto fail;
+
+ n[k] = NULL;
+
+ if (!n[0] || !path_is_absolute(n[0])) {
+ log_error("[%s:%u] Invalid executable path in command line: %s", filename, line, rvalue);
+ strv_free(n);
+ return -EINVAL;
+ }
+
+ if (!(nce = new0(ExecCommand, 1)))
+ goto fail;
+
+ nce->argv = n;
+ if (!(nce->path = strdup(n[0])))
+ goto fail;
+
+ exec_command_append_list(e, nce);
+
+ return 0;
+
+fail:
+ for (; k > 0; k--)
+ free(n[k-1]);
+ free(n);
+
+ free(nce);
+
+ return -ENOMEM;
+}
+
+static int config_parse_usec(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ usec_t *usec = data;
+ unsigned long long u;
+ int r;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((r = safe_atollu(rvalue, &u)) < 0) {
+ log_error("[%s:%u] Failed to parse time value: %s", filename, line, rvalue);
+ return r;
+ }
+
+ /* We actually assume the user configures seconds. Later on we
+ * might choose to support suffixes for time values, to
+ * configure bigger or smaller units */
+
+ *usec = u * USEC_PER_SEC;
+
+ return 0;
+}
+
+static int config_parse_service_type(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Service *s = data;
+ ServiceType x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = service_type_from_string(rvalue)) < 0) {
+ log_error("[%s:%u] Failed to parse service type: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ s->type = x;
+
+ return 0;
+}
+
+static int config_parse_service_restart(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Service *s = data;
+ ServiceRestart x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = service_restart_from_string(rvalue)) < 0) {
+ log_error("[%s:%u] Failed to parse service restart specifier: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ s->restart = x;
+
+ return 0;
+}
+
+static int config_parse_bindtodevice(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ Socket *s = data;
+ char *n;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if (rvalue[0] && !streq(rvalue, "*")) {
+ if (!(n = strdup(rvalue)))
+ return -ENOMEM;
+ } else
+ n = NULL;
+
+ free(s->bind_to_device);
+ s->bind_to_device = n;
+
+ return 0;
+}
+
+static int config_parse_output(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecOutput *o = data, x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = exec_output_from_string(rvalue)) < 0) {
+ log_error("[%s:%u] Failed to parse output specifier: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ *o = x;
+
+ return 0;
+}
+
+static int config_parse_input(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecInput *i = data, x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = exec_input_from_string(rvalue)) < 0) {
+ log_error("[%s:%u] Failed to parse input specifier: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ *i = x;
+
+ return 0;
+}
+
+static int config_parse_facility(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+
+ int *o = data, x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = log_facility_from_string(rvalue)) < 0)
+
+ /* Second try, let's see if this is a number. */
+ if (safe_atoi(rvalue, &x) < 0 || !log_facility_to_string(x)) {
+ log_error("[%s:%u] Failed to parse log facility: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ *o = LOG_MAKEPRI(x, LOG_PRI(*o));
+
+ return 0;
+}
+
+static int config_parse_level(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+
+ int *o = data, x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = log_level_from_string(rvalue)) < 0)
+
+ /* Second try, let's see if this is a number. */
+ if (safe_atoi(rvalue, &x) < 0 || !log_level_to_string(x)) {
+ log_error("[%s:%u] Failed to parse log level: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ *o = LOG_MAKEPRI(LOG_FAC(*o), x);
+ return 0;
+}
+
+static int config_parse_io_class(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecContext *c = data;
+ int x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = ioprio_class_from_string(rvalue)) < 0)
+
+ /* Second try, let's see if this is a number. */
+ if (safe_atoi(rvalue, &x) < 0 || !ioprio_class_to_string(x)) {
+ log_error("[%s:%u] Failed to parse IO scheduling class: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ c->ioprio = IOPRIO_PRIO_VALUE(x, IOPRIO_PRIO_DATA(c->ioprio));
+ c->ioprio_set = true;
+
+ return 0;
+}
+
+static int config_parse_io_priority(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecContext *c = data;
+ int i;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if (safe_atoi(rvalue, &i) < 0 || i < 0 || i >= IOPRIO_BE_NR) {
+ log_error("[%s:%u] Failed to parse io priority: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ c->ioprio = IOPRIO_PRIO_VALUE(IOPRIO_PRIO_CLASS(c->ioprio), i);
+ c->ioprio_set = true;
+
+ return 0;
+}
+
+static int config_parse_cpu_sched_policy(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+
+ ExecContext *c = data;
+ int x;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);
+
+ if ((x = sched_policy_from_string(rvalue)) < 0)
+
+ /* Second try, let's see if this is a number. */
+ if (safe_atoi(rvalue, &x) < 0 || !sched_policy_to_string(x)) {
+ log_error("[%s:%u] Failed to parse CPU scheduling policy: %s", filename, line, rvalue);
+ return -EBADMSG;
+ }
+
+ c->cpu_sched_policy = x;
+ c->cpu_sched_set = true;
+
+ return 0;
+}
+
+static int config_parse_cpu_sched_prio(
+ const char *filename,
+ unsigned line,
+ const char *section,
+ const char *lvalue,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ ExecContext *c = data;
+ int i;
+
+ assert(filename);
+ assert(lvalue);
+ assert(rvalue);
+ assert(data);