s->state = SERVICE_DEAD;
s->sysv_start_priority = -1;
+ s->permissions_start_only = false;
+ s->root_directory_start_only = false;
RATELIMIT_INIT(s->ratelimit, 10*USEC_PER_SEC, 5);
return r;
}
+ /* Add default cgroup */
+ if ((r = unit_add_default_cgroup(u)) < 0) {
+ service_done(u);
+ return r;
+ }
+
return 0;
}
prefix2 = p2 ? p2 : prefix;
fprintf(f,
- "%sService State: %s\n",
- prefix, service_state_to_string(s->state));
+ "%sService State: %s\n"
+ "%sPermissionsStartOnly: %s\n"
+ "%sRootDirectoryStartOnly: %s\n"
+ "%sValidNoProcess: %s\n",
+ prefix, service_state_to_string(s->state),
+ prefix, yes_no(s->permissions_start_only),
+ prefix, yes_no(s->root_directory_start_only),
+ prefix, yes_no(s->valid_no_process));
if (s->pid_file)
fprintf(f,
return r;
}
-static int service_spawn(Service *s, ExecCommand *c, bool timeout, bool pass_fds, pid_t *_pid) {
+static int service_spawn(
+ Service *s,
+ ExecCommand *c,
+ bool timeout,
+ bool pass_fds,
+ bool apply_permissions,
+ bool apply_chroot,
+ pid_t *_pid) {
+
pid_t pid;
int r;
int *fds = NULL;
} else
unit_unwatch_timer(UNIT(s), &s->timer_watch);
- if ((r = exec_spawn(c, &s->exec_context, fds, n_fds, &pid)) < 0)
+ if ((r = exec_spawn(c,
+ &s->exec_context,
+ fds, n_fds,
+ apply_permissions,
+ apply_chroot,
+ UNIT(s)->meta.cgroup_bondings,
+ &pid)) < 0)
goto fail;
if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
s->failure = true;
if ((s->control_command = s->exec_command[SERVICE_EXEC_STOP_POST]))
- if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
+ if ((r = service_spawn(s,
+ s->control_command,
+ true,
+ false,
+ !s->permissions_start_only,
+ !s->root_directory_start_only,
+ &s->control_pid)) < 0)
goto fail;
s->failure = true;
if ((s->control_command = s->exec_command[SERVICE_EXEC_STOP]))
- if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
+ if ((r = service_spawn(s,
+ s->control_command,
+ true,
+ false,
+ !s->permissions_start_only,
+ !s->root_directory_start_only,
+ &s->control_pid)) < 0)
goto fail;
service_set_state(s, SERVICE_STOP);
assert(s);
if ((s->control_command = s->exec_command[SERVICE_EXEC_START_POST]))
- if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
+ if ((r = service_spawn(s,
+ s->control_command,
+ true,
+ false,
+ !s->permissions_start_only,
+ !s->root_directory_start_only,
+ &s->control_pid)) < 0)
goto fail;
assert(s->exec_command[SERVICE_EXEC_START]);
assert(!s->exec_command[SERVICE_EXEC_START]->command_next);
- if ((r = service_spawn(s, s->exec_command[SERVICE_EXEC_START], s->type == SERVICE_FORKING, true, &pid)) < 0)
+ if ((r = service_spawn(s,
+ s->exec_command[SERVICE_EXEC_START],
+ s->type == SERVICE_FORKING,
+ true,
+ true,
+ true,
+ &pid)) < 0)
goto fail;
service_set_state(s, SERVICE_START);
assert(s);
if ((s->control_command = s->exec_command[SERVICE_EXEC_START_PRE]))
- if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
+ if ((r = service_spawn(s,
+ s->control_command,
+ true,
+ false,
+ !s->permissions_start_only,
+ !s->root_directory_start_only,
+ &s->control_pid)) < 0)
goto fail;
service_set_state(s, SERVICE_START_PRE);
assert(s);
if ((s->control_command = s->exec_command[SERVICE_EXEC_RELOAD]))
- if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
+ if ((r = service_spawn(s,
+ s->control_command,
+ true,
+ false,
+ !s->permissions_start_only,
+ !s->root_directory_start_only,
+ &s->control_pid)) < 0)
goto fail;
service_set_state(s, SERVICE_RELOAD);
s->control_command = s->control_command->command_next;
- if ((r = service_spawn(s, s->control_command, true, false, &s->control_pid)) < 0)
+ if ((r = service_spawn(s,
+ s->control_command,
+ true,
+ false,
+ !s->permissions_start_only,
+ !s->root_directory_start_only,
+ &s->control_pid)) < 0)
goto fail;
return;
return s->main_pid > 0;
/* We don't know the pid */
- return -1;
+ return -EAGAIN;
}
static bool control_pid_good(Service *s) {
return s->control_pid > 0;
}
+static int cgroup_good(Service *s) {
+ assert(s);
+
+ if (s->valid_no_process)
+ return -EAGAIN;
+
+ return cgroup_bonding_is_empty_list(UNIT(s)->meta.cgroup_bondings);
+}
+
static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
Service *s = SERVICE(u);
bool success;
case SERVICE_RELOAD:
if (success) {
- if (main_pid_good(s) != 0)
+ if (main_pid_good(s) != 0 && cgroup_good(s) != 0)
service_set_state(s, SERVICE_RUNNING);
else
service_enter_stop(s, true);
}
}
+static void service_cgroup_notify_event(Unit *u) {
+ Service *s = SERVICE(u);
+
+ assert(u);
+
+ log_debug("%s: cgroup is empty", unit_id(u));
+
+ switch (s->state) {
+
+ /* Waiting for SIGCHLD is usually more interesting,
+ * because it includes return codes/signals. Which is
+ * why we ignore the cgroup events for most cases,
+ * except when we don't know pid which to expect the
+ * SIGCHLD for. */
+
+ case SERVICE_RUNNING:
+
+ if (!s->valid_no_process && main_pid_good(s) <= 0)
+ service_enter_stop(s, true);
+
+ break;
+
+ default:
+ ;
+ }
+}
+
static int service_enumerate(Manager *m) {
static const char * const rcnd[] = {
if ((r = manager_load_unit(m, name, &service)) < 0)
goto finish;
- /* Don't allow that non-SysV services
- * are started via rcN.d/ links. */
- if (!SERVICE(service)->sysv_path)
- continue;
-
if ((r = manager_load_unit(m, rcnd[i+1], &runlevel)) < 0)
goto finish;
.sigchld_event = service_sigchld_event,
.timer_event = service_timer_event,
+ .cgroup_notify_empty = service_cgroup_notify_event,
+
.enumerate = service_enumerate
};