1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include <sys/epoll.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
32 #include <sys/xattr.h>
36 #include "load-dropin.h"
37 #include "load-fragment.h"
40 #include "path-util.h"
41 #include "unit-name.h"
42 #include "unit-printf.h"
46 #include "exit-status.h"
48 #include "smack-util.h"
50 #include "bus-error.h"
51 #include "dbus-socket.h"
55 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
68 [SOCKET_FAILED] = UNIT_FAILED
71 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74 static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
78 assert(u->load_state == UNIT_STUB);
80 s->backlog = SOMAXCONN;
81 s->timeout_usec = u->manager->default_timeout_start_usec;
82 s->directory_mode = 0755;
83 s->socket_mode = 0666;
85 s->max_connections = 64;
92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
98 static void socket_unwatch_control_pid(Socket *s) {
101 if (s->control_pid <= 0)
104 unit_unwatch_pid(UNIT(s), s->control_pid);
108 void socket_free_ports(Socket *s) {
113 while ((p = s->ports)) {
114 LIST_REMOVE(port, s->ports, p);
116 sd_event_source_unref(p->event_source);
124 static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
129 socket_free_ports(s);
131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
133 s->control_command = NULL;
135 socket_unwatch_control_pid(s);
137 unit_ref_unset(&s->service);
139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
142 free(s->bind_to_device);
143 s->bind_to_device = NULL;
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
149 strv_free(s->symlinks);
154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
157 static int socket_arm_timer(Socket *s) {
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
183 int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL, *name = NULL;
190 /* This fills in s->service if it isn't filled in yet. For
191 * Accept=yes sockets we create the next connection service
192 * here. For Accept=no this is mostly a NOP since the service
193 * is figured out at load time anyway. */
195 if (UNIT_DEREF(s->service) || !s->accept)
198 prefix = unit_name_to_prefix(UNIT(s)->id);
202 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
205 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
210 unit_ref_set(&s->service, u);
212 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
215 static bool have_non_accept_socket(Socket *s) {
223 LIST_FOREACH(port, p, s->ports) {
225 if (p->type != SOCKET_SOCKET)
228 if (!socket_address_can_accept(&p->address))
235 static int socket_add_mount_links(Socket *s) {
241 LIST_FOREACH(port, p, s->ports) {
242 const char *path = NULL;
244 if (p->type == SOCKET_SOCKET)
245 path = socket_address_get_path(&p->address);
246 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
252 r = unit_require_mounts_for(UNIT(s), path);
260 static int socket_add_device_link(Socket *s) {
265 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
268 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
269 return unit_add_node_link(UNIT(s), t, false);
272 static int socket_add_default_dependencies(Socket *s) {
276 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
280 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
281 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
286 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
289 _pure_ static bool socket_has_exec(Socket *s) {
293 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
294 if (s->exec_command[i])
300 static int socket_add_extras(Socket *s) {
306 if (have_non_accept_socket(s)) {
308 if (!UNIT_DEREF(s->service)) {
311 r = unit_load_related_unit(u, ".service", &x);
315 unit_ref_set(&s->service, x);
318 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
323 r = socket_add_mount_links(s);
327 r = socket_add_device_link(s);
331 r = unit_patch_contexts(u);
335 if (socket_has_exec(s)) {
336 r = unit_add_exec_dependencies(u, &s->exec_context);
340 r = unit_add_default_slice(u, &s->cgroup_context);
345 if (u->default_dependencies) {
346 r = socket_add_default_dependencies(s);
354 static const char *socket_find_symlink_target(Socket *s) {
355 const char *found = NULL;
358 LIST_FOREACH(port, p, s->ports) {
359 const char *f = NULL;
368 if (p->address.sockaddr.un.sun_path[0] != 0)
369 f = p->address.sockaddr.un.sun_path;
387 static int socket_verify(Socket *s) {
390 if (UNIT(s)->load_state != UNIT_LOADED)
394 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
398 if (s->accept && have_non_accept_socket(s)) {
399 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
404 if (s->accept && s->max_connections <= 0) {
405 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
409 if (s->accept && UNIT_DEREF(s->service)) {
410 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
414 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
415 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
419 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
420 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
427 static int socket_load(Unit *u) {
428 Socket *s = SOCKET(u);
432 assert(u->load_state == UNIT_STUB);
434 r = unit_load_fragment_and_dropin(u);
438 if (u->load_state == UNIT_LOADED) {
439 /* This is a new unit? Then let's add in some extras */
440 r = socket_add_extras(s);
445 return socket_verify(s);
448 _const_ static const char* listen_lookup(int family, int type) {
450 if (family == AF_NETLINK)
451 return "ListenNetlink";
453 if (type == SOCK_STREAM)
454 return "ListenStream";
455 else if (type == SOCK_DGRAM)
456 return "ListenDatagram";
457 else if (type == SOCK_SEQPACKET)
458 return "ListenSequentialPacket";
460 assert_not_reached("Unknown socket type");
464 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
466 Socket *s = SOCKET(u);
473 prefix2 = strappenda(prefix, "\t");
476 "%sSocket State: %s\n"
478 "%sBindIPv6Only: %s\n"
480 "%sSocketMode: %04o\n"
481 "%sDirectoryMode: %04o\n"
486 "%sTransparent: %s\n"
488 "%sPassCredentials: %s\n"
489 "%sPassSecurity: %s\n"
490 "%sTCPCongestion: %s\n"
491 "%sRemoveOnStop: %s\n",
492 prefix, socket_state_to_string(s->state),
493 prefix, socket_result_to_string(s->result),
494 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
496 prefix, s->socket_mode,
497 prefix, s->directory_mode,
498 prefix, yes_no(s->keep_alive),
499 prefix, yes_no(s->no_delay),
500 prefix, yes_no(s->fast_open),
501 prefix, yes_no(s->free_bind),
502 prefix, yes_no(s->transparent),
503 prefix, yes_no(s->broadcast),
504 prefix, yes_no(s->pass_cred),
505 prefix, yes_no(s->pass_sec),
506 prefix, strna(s->tcp_congestion),
507 prefix, yes_no(s->remove_on_stop));
509 if (s->control_pid > 0)
511 "%sControl PID: "PID_FMT"\n",
512 prefix, s->control_pid);
514 if (s->bind_to_device)
516 "%sBindToDevice: %s\n",
517 prefix, s->bind_to_device);
522 "%sNConnections: %u\n"
523 "%sMaxConnections: %u\n",
524 prefix, s->n_accepted,
525 prefix, s->n_connections,
526 prefix, s->max_connections);
528 if (s->priority >= 0)
531 prefix, s->priority);
533 if (s->receive_buffer > 0)
535 "%sReceiveBuffer: %zu\n",
536 prefix, s->receive_buffer);
538 if (s->send_buffer > 0)
540 "%sSendBuffer: %zu\n",
541 prefix, s->send_buffer);
553 if (s->pipe_size > 0)
556 prefix, s->pipe_size);
563 if (s->mq_maxmsg > 0)
565 "%sMessageQueueMaxMessages: %li\n",
566 prefix, s->mq_maxmsg);
568 if (s->mq_msgsize > 0)
570 "%sMessageQueueMessageSize: %li\n",
571 prefix, s->mq_msgsize);
576 prefix, yes_no(s->reuse_port));
580 "%sSmackLabel: %s\n",
585 "%sSmackLabelIPIn: %s\n",
586 prefix, s->smack_ip_in);
590 "%sSmackLabelIPOut: %s\n",
591 prefix, s->smack_ip_out);
593 if (!isempty(s->user) || !isempty(s->group))
596 "%sOwnerGroup: %s\n",
597 prefix, strna(s->user),
598 prefix, strna(s->group));
600 LIST_FOREACH(port, p, s->ports) {
602 if (p->type == SOCKET_SOCKET) {
607 if ((r = socket_address_print(&p->address, &k)) < 0)
612 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
614 } else if (p->type == SOCKET_SPECIAL)
615 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
616 else if (p->type == SOCKET_MQUEUE)
617 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
619 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
622 exec_context_dump(&s->exec_context, f, prefix);
623 kill_context_dump(&s->kill_context, f, prefix);
625 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
626 if (!s->exec_command[c])
629 fprintf(f, "%s-> %s:\n",
630 prefix, socket_exec_command_to_string(c));
632 exec_command_dump_list(s->exec_command[c], f, prefix2);
636 static int instance_from_socket(int fd, unsigned nr, char **instance) {
639 union sockaddr_union local, remote;
645 if (getsockname(fd, &local.sa, &l) < 0)
649 if (getpeername(fd, &remote.sa, &l) < 0)
652 switch (local.sa.sa_family) {
656 a = ntohl(local.in.sin_addr.s_addr),
657 b = ntohl(remote.in.sin_addr.s_addr);
660 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
662 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
663 ntohs(local.in.sin_port),
664 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
665 ntohs(remote.in.sin_port)) < 0)
672 static const unsigned char ipv4_prefix[] = {
673 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
676 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
677 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
679 *a = local.in6.sin6_addr.s6_addr+12,
680 *b = remote.in6.sin6_addr.s6_addr+12;
683 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
685 a[0], a[1], a[2], a[3],
686 ntohs(local.in6.sin6_port),
687 b[0], b[1], b[2], b[3],
688 ntohs(remote.in6.sin6_port)) < 0)
691 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
696 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
697 ntohs(local.in6.sin6_port),
698 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
699 ntohs(remote.in6.sin6_port)) < 0)
710 k = getpeercred(fd, &ucred);
713 "%u-"PID_FMT"-"UID_FMT,
714 nr, ucred.pid, ucred.uid) < 0)
716 } else if (k == -ENODATA) {
717 /* This handles the case where somebody is
718 * connecting from another pid/uid namespace
719 * (e.g. from outside of our container). */
731 assert_not_reached("Unhandled socket type.");
738 static void socket_close_fds(Socket *s) {
744 LIST_FOREACH(port, p, s->ports) {
746 p->event_source = sd_event_source_unref(p->event_source);
751 p->fd = safe_close(p->fd);
753 /* One little note: we should normally not delete any
754 * sockets in the file system here! After all some
755 * other process we spawned might still have a
756 * reference of this fd and wants to continue to use
757 * it. Therefore we delete sockets in the file system
758 * before we create a new one, not after we stopped
761 if (s->remove_on_stop) {
773 socket_address_unlink(&p->address);
782 if (s->remove_on_stop)
783 STRV_FOREACH(i, s->symlinks)
787 static void socket_apply_socket_options(Socket *s, int fd) {
792 int b = s->keep_alive;
793 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
794 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
799 if (setsockopt(fd, SOL_TCP, TCP_NODELAY, &b, sizeof(b)) < 0)
800 log_warning_unit(UNIT(s)->id, "TCP_NODELAY failed: %m");
804 int b = s->fast_open;
805 if (setsockopt(fd, SOL_TCP, TCP_FASTOPEN, &b, sizeof(b)) < 0)
806 log_warning_unit(UNIT(s)->id, "TCP_FASTOPEN failed: %m");
811 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
812 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
817 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
818 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
823 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
824 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
827 if (s->priority >= 0)
828 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
829 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
831 if (s->receive_buffer > 0) {
832 int value = (int) s->receive_buffer;
834 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
836 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
837 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
838 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
841 if (s->send_buffer > 0) {
842 int value = (int) s->send_buffer;
843 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
844 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
845 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
849 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
850 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
853 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
854 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
856 if (s->ip_ttl >= 0) {
859 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
861 if (socket_ipv6_is_supported())
862 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
865 errno = EAFNOSUPPORT;
869 log_warning_unit(UNIT(s)->id,
870 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
873 if (s->tcp_congestion)
874 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
875 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
878 int b = s->reuse_port;
879 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
880 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
884 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
885 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
888 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
889 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
892 static void socket_apply_fifo_options(Socket *s, int fd) {
896 if (s->pipe_size > 0)
897 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
898 log_warning_unit(UNIT(s)->id,
902 if (smack_label_fd(fd, s->smack) < 0)
903 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
906 static int fifo_address_create(
908 mode_t directory_mode,
919 mkdir_parents_label(path, directory_mode);
921 r = label_context_set(path, S_IFIFO);
925 /* Enforce the right access mode for the fifo */
926 old_mask = umask(~ socket_mode);
928 /* Include the original umask in our mask */
929 umask(~socket_mode | old_mask);
931 r = mkfifo(path, socket_mode);
934 if (r < 0 && errno != EEXIST) {
939 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
944 label_context_clear();
946 if (fstat(fd, &st) < 0) {
951 if (!S_ISFIFO(st.st_mode) ||
952 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
953 st.st_uid != getuid() ||
954 st.st_gid != getgid()) {
964 label_context_clear();
970 static int special_address_create(
980 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
986 if (fstat(fd, &st) < 0) {
991 /* Check whether this is a /proc, /sys or /dev file or char device */
992 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
1006 static int mq_address_create(
1016 struct mq_attr _attr, *attr = NULL;
1021 if (maxmsg > 0 && msgsize > 0) {
1023 _attr.mq_flags = O_NONBLOCK;
1024 _attr.mq_maxmsg = maxmsg;
1025 _attr.mq_msgsize = msgsize;
1029 /* Enforce the right access mode for the mq */
1030 old_mask = umask(~ mq_mode);
1032 /* Include the original umask in our mask */
1033 umask(~mq_mode | old_mask);
1034 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1042 if (fstat(fd, &st) < 0) {
1047 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1048 st.st_uid != getuid() ||
1049 st.st_gid != getgid()) {
1063 static int socket_symlink(Socket *s) {
1069 p = socket_find_symlink_target(s);
1073 STRV_FOREACH(i, s->symlinks)
1079 static int socket_open_fds(Socket *s) {
1083 bool know_label = false;
1087 LIST_FOREACH(port, p, s->ports) {
1092 if (p->type == SOCKET_SOCKET) {
1096 r = socket_instantiate_service(s);
1100 if (UNIT_ISSET(s->service) &&
1101 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1102 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1103 if (r < 0 && r != -EPERM)
1110 r = socket_address_listen(
1112 SOCK_CLOEXEC|SOCK_NONBLOCK,
1125 socket_apply_socket_options(s, p->fd);
1128 } else if (p->type == SOCKET_SPECIAL) {
1130 r = special_address_create(
1136 } else if (p->type == SOCKET_FIFO) {
1138 r = fifo_address_create(
1146 socket_apply_fifo_options(s, p->fd);
1149 } else if (p->type == SOCKET_MQUEUE) {
1151 r = mq_address_create(
1160 assert_not_reached("Unknown port type");
1167 socket_close_fds(s);
1172 static void socket_unwatch_fds(Socket *s) {
1178 LIST_FOREACH(port, p, s->ports) {
1182 if (!p->event_source)
1185 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1187 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1191 static int socket_watch_fds(Socket *s) {
1197 LIST_FOREACH(port, p, s->ports) {
1201 if (p->event_source)
1202 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1204 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1207 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1215 socket_unwatch_fds(s);
1219 static void socket_set_state(Socket *s, SocketState state) {
1220 SocketState old_state;
1223 old_state = s->state;
1231 SOCKET_STOP_PRE_SIGTERM,
1232 SOCKET_STOP_PRE_SIGKILL,
1234 SOCKET_FINAL_SIGTERM,
1235 SOCKET_FINAL_SIGKILL)) {
1237 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1238 socket_unwatch_control_pid(s);
1239 s->control_command = NULL;
1240 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1243 if (state != SOCKET_LISTENING)
1244 socket_unwatch_fds(s);
1252 SOCKET_STOP_PRE_SIGTERM,
1253 SOCKET_STOP_PRE_SIGKILL))
1254 socket_close_fds(s);
1256 if (state != old_state)
1257 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1258 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1260 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1263 static int socket_coldplug(Unit *u) {
1264 Socket *s = SOCKET(u);
1268 assert(s->state == SOCKET_DEAD);
1270 if (s->deserialized_state == s->state)
1273 if (IN_SET(s->deserialized_state,
1278 SOCKET_STOP_PRE_SIGTERM,
1279 SOCKET_STOP_PRE_SIGKILL,
1281 SOCKET_FINAL_SIGTERM,
1282 SOCKET_FINAL_SIGKILL)) {
1284 if (s->control_pid <= 0)
1287 r = unit_watch_pid(UNIT(s), s->control_pid);
1291 r = socket_arm_timer(s);
1296 if (IN_SET(s->deserialized_state,
1302 SOCKET_STOP_PRE_SIGTERM,
1303 SOCKET_STOP_PRE_SIGKILL)) {
1304 r = socket_open_fds(s);
1309 if (s->deserialized_state == SOCKET_LISTENING) {
1310 r = socket_watch_fds(s);
1315 socket_set_state(s, s->deserialized_state);
1319 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1320 _cleanup_free_ char **argv = NULL;
1328 unit_realize_cgroup(UNIT(s));
1330 r = unit_setup_exec_runtime(UNIT(s));
1334 r = socket_arm_timer(s);
1338 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1346 UNIT(s)->manager->environment,
1350 UNIT(s)->manager->confirm_spawn,
1351 UNIT(s)->manager->cgroup_supported,
1352 UNIT(s)->cgroup_path,
1353 manager_get_runtime_prefix(UNIT(s)->manager),
1362 r = unit_watch_pid(UNIT(s), pid);
1364 /* FIXME: we need to do something here */
1371 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1375 static int socket_chown(Socket *s, pid_t *_pid) {
1379 r = socket_arm_timer(s);
1383 /* We have to resolve the user names out-of-process, hence
1384 * let's fork here. It's messy, but well, what can we do? */
1392 uid_t uid = (uid_t) -1;
1393 gid_t gid = (gid_t) -1;
1396 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1397 ignore_signals(SIGPIPE, -1);
1400 if (!isempty(s->user)) {
1401 const char *user = s->user;
1403 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1410 if (!isempty(s->group)) {
1411 const char *group = s->group;
1413 r = get_group_creds(&group, &gid);
1420 LIST_FOREACH(port, p, s->ports) {
1421 const char *path = NULL;
1423 if (p->type == SOCKET_SOCKET)
1424 path = socket_address_get_path(&p->address);
1425 else if (p->type == SOCKET_FIFO)
1431 if (chown(path, uid, gid) < 0) {
1442 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1447 r = unit_watch_pid(UNIT(s), pid);
1455 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1459 static void socket_enter_dead(Socket *s, SocketResult f) {
1462 if (f != SOCKET_SUCCESS)
1465 exec_runtime_destroy(s->exec_runtime);
1466 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1468 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1470 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1473 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1475 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1479 if (f != SOCKET_SUCCESS)
1482 socket_unwatch_control_pid(s);
1483 s->control_command_id = SOCKET_EXEC_STOP_POST;
1484 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
1486 if (s->control_command) {
1487 r = socket_spawn(s, s->control_command, &s->control_pid);
1491 socket_set_state(s, SOCKET_STOP_POST);
1493 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1498 log_warning_unit(UNIT(s)->id,
1499 "%s failed to run 'stop-post' task: %s",
1500 UNIT(s)->id, strerror(-r));
1501 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1504 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1509 if (f != SOCKET_SUCCESS)
1512 r = unit_kill_context(
1515 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1523 r = socket_arm_timer(s);
1527 socket_set_state(s, state);
1528 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1529 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1530 else if (state == SOCKET_STOP_PRE_SIGKILL)
1531 socket_enter_stop_post(s, SOCKET_SUCCESS);
1532 else if (state == SOCKET_FINAL_SIGTERM)
1533 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1535 socket_enter_dead(s, SOCKET_SUCCESS);
1540 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1542 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1543 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1545 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1548 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1552 if (f != SOCKET_SUCCESS)
1555 socket_unwatch_control_pid(s);
1556 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1557 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
1559 if (s->control_command) {
1560 r = socket_spawn(s, s->control_command, &s->control_pid);
1564 socket_set_state(s, SOCKET_STOP_PRE);
1566 socket_enter_stop_post(s, SOCKET_SUCCESS);
1571 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1572 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1575 static void socket_enter_listening(Socket *s) {
1579 r = socket_watch_fds(s);
1581 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1585 socket_set_state(s, SOCKET_LISTENING);
1589 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1592 static void socket_enter_start_post(Socket *s) {
1596 socket_unwatch_control_pid(s);
1597 s->control_command_id = SOCKET_EXEC_START_POST;
1598 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1600 if (s->control_command) {
1601 r = socket_spawn(s, s->control_command, &s->control_pid);
1603 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1607 socket_set_state(s, SOCKET_START_POST);
1609 socket_enter_listening(s);
1614 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1617 static void socket_enter_start_chown(Socket *s) {
1622 r = socket_open_fds(s);
1624 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1628 if (!isempty(s->user) || !isempty(s->group)) {
1630 socket_unwatch_control_pid(s);
1631 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1632 s->control_command = NULL;
1634 r = socket_chown(s, &s->control_pid);
1636 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
1640 socket_set_state(s, SOCKET_START_CHOWN);
1642 socket_enter_start_post(s);
1647 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1650 static void socket_enter_start_pre(Socket *s) {
1654 socket_unwatch_control_pid(s);
1655 s->control_command_id = SOCKET_EXEC_START_PRE;
1656 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
1658 if (s->control_command) {
1659 r = socket_spawn(s, s->control_command, &s->control_pid);
1661 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1665 socket_set_state(s, SOCKET_START_PRE);
1667 socket_enter_start_chown(s);
1672 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1675 static void socket_enter_running(Socket *s, int cfd) {
1676 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1681 /* We don't take connections anymore if we are supposed to
1682 * shut down anyway */
1683 if (unit_stop_pending(UNIT(s))) {
1685 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1690 /* Flush all sockets by closing and reopening them */
1691 socket_close_fds(s);
1693 r = socket_open_fds(s);
1695 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1696 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1700 r = socket_watch_fds(s);
1702 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1703 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1713 bool pending = false;
1715 /* If there's already a start pending don't bother to
1717 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1718 if (unit_active_or_pending(other)) {
1724 if (!UNIT_ISSET(s->service)) {
1725 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1730 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1735 socket_set_state(s, SOCKET_RUNNING);
1737 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1740 if (s->n_connections >= s->max_connections) {
1741 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1746 r = socket_instantiate_service(s);
1750 r = instance_from_socket(cfd, s->n_accepted, &instance);
1755 /* ENOTCONN is legitimate if TCP RST was received.
1756 * This connection is over, but the socket unit lives on. */
1761 prefix = unit_name_to_prefix(UNIT(s)->id);
1767 name = unit_name_build(prefix, instance, ".service");
1773 r = unit_add_name(UNIT_DEREF(s->service), name);
1777 service = SERVICE(UNIT_DEREF(s->service));
1778 unit_ref_unset(&s->service);
1781 UNIT(service)->no_gc = false;
1783 unit_choose_id(UNIT(service), name);
1785 r = service_set_socket_fd(service, cfd, s);
1790 s->n_connections ++;
1792 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1796 /* Notify clients about changed counters */
1797 unit_add_to_dbus_queue(UNIT(s));
1803 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1804 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1805 bus_error_message(&error, r));
1807 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1811 static void socket_run_next(Socket *s) {
1815 assert(s->control_command);
1816 assert(s->control_command->command_next);
1818 socket_unwatch_control_pid(s);
1820 s->control_command = s->control_command->command_next;
1822 r = socket_spawn(s, s->control_command, &s->control_pid);
1829 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1831 if (s->state == SOCKET_START_POST)
1832 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1833 else if (s->state == SOCKET_STOP_POST)
1834 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1836 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1839 static int socket_start(Unit *u) {
1840 Socket *s = SOCKET(u);
1844 /* We cannot fulfill this request right now, try again later
1846 if (IN_SET(s->state,
1848 SOCKET_STOP_PRE_SIGKILL,
1849 SOCKET_STOP_PRE_SIGTERM,
1851 SOCKET_FINAL_SIGTERM,
1852 SOCKET_FINAL_SIGKILL))
1855 /* Already on it! */
1856 if (IN_SET(s->state,
1862 /* Cannot run this without the service being around */
1863 if (UNIT_ISSET(s->service)) {
1866 service = SERVICE(UNIT_DEREF(s->service));
1868 if (UNIT(service)->load_state != UNIT_LOADED) {
1869 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1873 /* If the service is already active we cannot start the
1875 if (service->state != SERVICE_DEAD &&
1876 service->state != SERVICE_FAILED &&
1877 service->state != SERVICE_AUTO_RESTART) {
1878 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1883 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1885 s->result = SOCKET_SUCCESS;
1886 socket_enter_start_pre(s);
1891 static int socket_stop(Unit *u) {
1892 Socket *s = SOCKET(u);
1897 if (IN_SET(s->state,
1899 SOCKET_STOP_PRE_SIGTERM,
1900 SOCKET_STOP_PRE_SIGKILL,
1902 SOCKET_FINAL_SIGTERM,
1903 SOCKET_FINAL_SIGKILL))
1906 /* If there's already something running we go directly into
1908 if (IN_SET(s->state,
1911 SOCKET_START_POST)) {
1912 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1916 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1918 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1922 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1923 Socket *s = SOCKET(u);
1931 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1932 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1933 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1935 if (s->control_pid > 0)
1936 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
1938 if (s->control_command_id >= 0)
1939 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1941 LIST_FOREACH(port, p, s->ports) {
1947 copy = fdset_put_dup(fds, p->fd);
1951 if (p->type == SOCKET_SOCKET) {
1952 _cleanup_free_ char *t = NULL;
1954 r = socket_address_print(&p->address, &t);
1958 if (socket_address_family(&p->address) == AF_NETLINK)
1959 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1961 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1963 } else if (p->type == SOCKET_SPECIAL)
1964 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1965 else if (p->type == SOCKET_MQUEUE)
1966 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1968 assert(p->type == SOCKET_FIFO);
1969 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1976 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1977 Socket *s = SOCKET(u);
1983 if (streq(key, "state")) {
1986 state = socket_state_from_string(value);
1988 log_debug_unit(u->id, "Failed to parse state value %s", value);
1990 s->deserialized_state = state;
1991 } else if (streq(key, "result")) {
1994 f = socket_result_from_string(value);
1996 log_debug_unit(u->id, "Failed to parse result value %s", value);
1997 else if (f != SOCKET_SUCCESS)
2000 } else if (streq(key, "n-accepted")) {
2003 if (safe_atou(value, &k) < 0)
2004 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
2007 } else if (streq(key, "control-pid")) {
2010 if (parse_pid(value, &pid) < 0)
2011 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
2013 s->control_pid = pid;
2014 } else if (streq(key, "control-command")) {
2015 SocketExecCommand id;
2017 id = socket_exec_command_from_string(value);
2019 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
2021 s->control_command_id = id;
2022 s->control_command = s->exec_command[id];
2024 } else if (streq(key, "fifo")) {
2028 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2029 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
2032 LIST_FOREACH(port, p, s->ports)
2033 if (p->type == SOCKET_FIFO &&
2034 streq_ptr(p->path, value+skip))
2039 p->fd = fdset_remove(fds, fd);
2043 } else if (streq(key, "special")) {
2047 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2048 log_debug_unit(u->id, "Failed to parse special value %s", value);
2051 LIST_FOREACH(port, p, s->ports)
2052 if (p->type == SOCKET_SPECIAL &&
2053 streq_ptr(p->path, value+skip))
2058 p->fd = fdset_remove(fds, fd);
2062 } else if (streq(key, "mqueue")) {
2066 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2067 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
2070 LIST_FOREACH(port, p, s->ports)
2071 if (p->type == SOCKET_MQUEUE &&
2072 streq_ptr(p->path, value+skip))
2077 p->fd = fdset_remove(fds, fd);
2081 } else if (streq(key, "socket")) {
2082 int fd, type, skip = 0;
2085 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
2086 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2089 LIST_FOREACH(port, p, s->ports)
2090 if (socket_address_is(&p->address, value+skip, type))
2095 p->fd = fdset_remove(fds, fd);
2099 } else if (streq(key, "netlink")) {
2103 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2104 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2107 LIST_FOREACH(port, p, s->ports)
2108 if (socket_address_is_netlink(&p->address, value+skip))
2113 p->fd = fdset_remove(fds, fd);
2117 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
2122 static int socket_distribute_fds(Unit *u, FDSet *fds) {
2123 Socket *s = SOCKET(u);
2128 LIST_FOREACH(port, p, s->ports) {
2132 if (p->type != SOCKET_SOCKET)
2138 FDSET_FOREACH(fd, fds, i) {
2139 if (socket_address_matches_fd(&p->address, fd)) {
2140 p->fd = fdset_remove(fds, fd);
2141 s->deserialized_state = SOCKET_LISTENING;
2150 _pure_ static UnitActiveState socket_active_state(Unit *u) {
2153 return state_translation_table[SOCKET(u)->state];
2156 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
2159 return socket_state_to_string(SOCKET(u)->state);
2162 const char* socket_port_type_to_string(SocketPort *p) {
2170 switch (p->address.type) {
2178 case SOCK_SEQPACKET:
2179 return "SequentialPacket";
2182 if (socket_address_family(&p->address) == AF_NETLINK)
2189 case SOCKET_SPECIAL:
2193 return "MessageQueue";
2203 _pure_ static bool socket_check_gc(Unit *u) {
2204 Socket *s = SOCKET(u);
2208 return s->n_connections > 0;
2211 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2212 SocketPort *p = userdata;
2218 if (p->socket->state != SOCKET_LISTENING)
2221 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2223 if (revents != EPOLLIN) {
2225 if (revents & EPOLLHUP)
2226 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2227 UNIT(p->socket)->id);
2229 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2230 UNIT(p->socket)->id, revents);
2235 if (p->socket->accept &&
2236 p->type == SOCKET_SOCKET &&
2237 socket_address_can_accept(&p->address)) {
2241 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2247 log_error_unit(UNIT(p->socket)->id,
2248 "Failed to accept socket: %m");
2255 socket_apply_socket_options(p->socket, cfd);
2258 socket_enter_running(p->socket, cfd);
2262 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2266 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2267 Socket *s = SOCKET(u);
2273 if (pid != s->control_pid)
2278 if (is_clean_exit(code, status, NULL))
2280 else if (code == CLD_EXITED)
2281 f = SOCKET_FAILURE_EXIT_CODE;
2282 else if (code == CLD_KILLED)
2283 f = SOCKET_FAILURE_SIGNAL;
2284 else if (code == CLD_DUMPED)
2285 f = SOCKET_FAILURE_CORE_DUMP;
2287 assert_not_reached("Unknown sigchld code");
2289 if (s->control_command) {
2290 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2292 if (s->control_command->ignore)
2296 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2298 "%s control process exited, code=%s status=%i",
2299 u->id, sigchld_code_to_string(code), status);
2301 if (f != SOCKET_SUCCESS)
2304 if (s->control_command &&
2305 s->control_command->command_next &&
2306 f == SOCKET_SUCCESS) {
2308 log_debug_unit(u->id,
2309 "%s running next command for state %s",
2310 u->id, socket_state_to_string(s->state));
2313 s->control_command = NULL;
2314 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2316 /* No further commands for this step, so let's figure
2317 * out what to do next */
2319 log_debug_unit(u->id,
2320 "%s got final SIGCHLD for state %s",
2321 u->id, socket_state_to_string(s->state));
2325 case SOCKET_START_PRE:
2326 if (f == SOCKET_SUCCESS)
2327 socket_enter_start_chown(s);
2329 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2332 case SOCKET_START_CHOWN:
2333 if (f == SOCKET_SUCCESS)
2334 socket_enter_start_post(s);
2336 socket_enter_stop_pre(s, f);
2339 case SOCKET_START_POST:
2340 if (f == SOCKET_SUCCESS)
2341 socket_enter_listening(s);
2343 socket_enter_stop_pre(s, f);
2346 case SOCKET_STOP_PRE:
2347 case SOCKET_STOP_PRE_SIGTERM:
2348 case SOCKET_STOP_PRE_SIGKILL:
2349 socket_enter_stop_post(s, f);
2352 case SOCKET_STOP_POST:
2353 case SOCKET_FINAL_SIGTERM:
2354 case SOCKET_FINAL_SIGKILL:
2355 socket_enter_dead(s, f);
2359 assert_not_reached("Uh, control process died at wrong time.");
2363 /* Notify clients about changed exit status */
2364 unit_add_to_dbus_queue(u);
2367 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2368 Socket *s = SOCKET(userdata);
2371 assert(s->timer_event_source == source);
2375 case SOCKET_START_PRE:
2376 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
2377 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2380 case SOCKET_START_CHOWN:
2381 case SOCKET_START_POST:
2382 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
2383 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2386 case SOCKET_STOP_PRE:
2387 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
2388 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2391 case SOCKET_STOP_PRE_SIGTERM:
2392 if (s->kill_context.send_sigkill) {
2393 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
2394 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2396 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2397 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2401 case SOCKET_STOP_PRE_SIGKILL:
2402 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2403 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2406 case SOCKET_STOP_POST:
2407 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2408 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2411 case SOCKET_FINAL_SIGTERM:
2412 if (s->kill_context.send_sigkill) {
2413 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
2414 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2416 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2417 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2421 case SOCKET_FINAL_SIGKILL:
2422 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
2423 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2427 assert_not_reached("Timeout at wrong time.");
2433 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2442 /* Called from the service code for requesting our fds */
2445 LIST_FOREACH(port, p, s->ports)
2455 if (!(rfds = new(int, rn_fds)))
2459 LIST_FOREACH(port, p, s->ports)
2463 assert(k == rn_fds);
2471 static void socket_reset_failed(Unit *u) {
2472 Socket *s = SOCKET(u);
2476 if (s->state == SOCKET_FAILED)
2477 socket_set_state(s, SOCKET_DEAD);
2479 s->result = SOCKET_SUCCESS;
2482 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2485 /* The service is dead. Dang!
2487 * This is strictly for one-instance-for-all-connections
2490 if (s->state == SOCKET_RUNNING) {
2491 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2492 if (failed_permanent)
2493 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2495 socket_enter_listening(s);
2499 void socket_connection_unref(Socket *s) {
2502 /* The service is dead. Yay!
2504 * This is strictly for one-instance-per-connection
2507 assert(s->n_connections > 0);
2510 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2513 static void socket_trigger_notify(Unit *u, Unit *other) {
2514 Socket *s = SOCKET(u);
2520 /* Don't propagate state changes from the service if we are
2521 already down or accepting connections */
2522 if ((s->state != SOCKET_RUNNING &&
2523 s->state != SOCKET_LISTENING) ||
2527 if (other->load_state != UNIT_LOADED ||
2528 other->type != UNIT_SERVICE)
2531 se = SERVICE(other);
2533 if (se->state == SERVICE_FAILED)
2534 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2536 if (se->state == SERVICE_DEAD ||
2537 se->state == SERVICE_STOP ||
2538 se->state == SERVICE_STOP_SIGTERM ||
2539 se->state == SERVICE_STOP_SIGKILL ||
2540 se->state == SERVICE_STOP_POST ||
2541 se->state == SERVICE_FINAL_SIGTERM ||
2542 se->state == SERVICE_FINAL_SIGKILL ||
2543 se->state == SERVICE_AUTO_RESTART)
2544 socket_notify_service_dead(s, false);
2546 if (se->state == SERVICE_RUNNING)
2547 socket_set_state(s, SOCKET_RUNNING);
2550 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2551 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2554 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2555 Socket *s = SOCKET(u);
2558 if (!s->timer_event_source)
2561 r = sd_event_source_get_time(s->timer_event_source, timeout);
2568 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2569 [SOCKET_DEAD] = "dead",
2570 [SOCKET_START_PRE] = "start-pre",
2571 [SOCKET_START_CHOWN] = "start-chown",
2572 [SOCKET_START_POST] = "start-post",
2573 [SOCKET_LISTENING] = "listening",
2574 [SOCKET_RUNNING] = "running",
2575 [SOCKET_STOP_PRE] = "stop-pre",
2576 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2577 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2578 [SOCKET_STOP_POST] = "stop-post",
2579 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2580 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2581 [SOCKET_FAILED] = "failed"
2584 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2586 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2587 [SOCKET_EXEC_START_PRE] = "StartPre",
2588 [SOCKET_EXEC_START_CHOWN] = "StartChown",
2589 [SOCKET_EXEC_START_POST] = "StartPost",
2590 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2591 [SOCKET_EXEC_STOP_POST] = "StopPost"
2594 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2596 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2597 [SOCKET_SUCCESS] = "success",
2598 [SOCKET_FAILURE_RESOURCES] = "resources",
2599 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2600 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2601 [SOCKET_FAILURE_SIGNAL] = "signal",
2602 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2603 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2606 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2608 const UnitVTable socket_vtable = {
2609 .object_size = sizeof(Socket),
2610 .exec_context_offset = offsetof(Socket, exec_context),
2611 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2612 .kill_context_offset = offsetof(Socket, kill_context),
2613 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2619 .private_section = "Socket",
2621 .init = socket_init,
2622 .done = socket_done,
2623 .load = socket_load,
2625 .coldplug = socket_coldplug,
2627 .dump = socket_dump,
2629 .start = socket_start,
2630 .stop = socket_stop,
2632 .kill = socket_kill,
2634 .get_timeout = socket_get_timeout,
2636 .serialize = socket_serialize,
2637 .deserialize_item = socket_deserialize_item,
2638 .distribute_fds = socket_distribute_fds,
2640 .active_state = socket_active_state,
2641 .sub_state_to_string = socket_sub_state_to_string,
2643 .check_gc = socket_check_gc,
2645 .sigchld_event = socket_sigchld_event,
2647 .trigger_notify = socket_trigger_notify,
2649 .reset_failed = socket_reset_failed,
2651 .bus_interface = "org.freedesktop.systemd1.Socket",
2652 .bus_vtable = bus_socket_vtable,
2653 .bus_set_property = bus_socket_set_property,
2654 .bus_commit_properties = bus_socket_commit_properties,
2656 .status_message_formats = {
2657 /*.starting_stopping = {
2658 [0] = "Starting socket %s...",
2659 [1] = "Stopping socket %s...",
2661 .finished_start_job = {
2662 [JOB_DONE] = "Listening on %s.",
2663 [JOB_FAILED] = "Failed to listen on %s.",
2664 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2665 [JOB_TIMEOUT] = "Timed out starting %s.",
2667 .finished_stop_job = {
2668 [JOB_DONE] = "Closed %s.",
2669 [JOB_FAILED] = "Failed stopping %s.",
2670 [JOB_TIMEOUT] = "Timed out stopping %s.",