1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include <sys/epoll.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
32 #include <sys/xattr.h>
36 #include "load-dropin.h"
37 #include "load-fragment.h"
40 #include "path-util.h"
41 #include "unit-name.h"
42 #include "unit-printf.h"
46 #include "exit-status.h"
48 #include "smack-util.h"
50 #include "bus-error.h"
51 #include "dbus-socket.h"
55 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
68 [SOCKET_FAILED] = UNIT_FAILED
71 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74 static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
78 assert(u->load_state == UNIT_STUB);
80 s->backlog = SOMAXCONN;
81 s->timeout_usec = u->manager->default_timeout_start_usec;
82 s->directory_mode = 0755;
83 s->socket_mode = 0666;
85 s->max_connections = 64;
92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
98 static void socket_unwatch_control_pid(Socket *s) {
101 if (s->control_pid <= 0)
104 unit_unwatch_pid(UNIT(s), s->control_pid);
108 void socket_free_ports(Socket *s) {
113 while ((p = s->ports)) {
114 LIST_REMOVE(port, s->ports, p);
116 sd_event_source_unref(p->event_source);
124 static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
129 socket_free_ports(s);
131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
133 s->control_command = NULL;
135 socket_unwatch_control_pid(s);
137 unit_ref_unset(&s->service);
139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
142 free(s->bind_to_device);
143 s->bind_to_device = NULL;
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
149 strv_free(s->symlinks);
154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
157 static int socket_arm_timer(Socket *s) {
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
183 int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL, *name = NULL;
190 /* This fills in s->service if it isn't filled in yet. For
191 * Accept=yes sockets we create the next connection service
192 * here. For Accept=no this is mostly a NOP since the service
193 * is figured out at load time anyway. */
195 if (UNIT_DEREF(s->service) || !s->accept)
198 prefix = unit_name_to_prefix(UNIT(s)->id);
202 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
205 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
210 unit_ref_set(&s->service, u);
212 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
215 static bool have_non_accept_socket(Socket *s) {
223 LIST_FOREACH(port, p, s->ports) {
225 if (p->type != SOCKET_SOCKET)
228 if (!socket_address_can_accept(&p->address))
235 static int socket_add_mount_links(Socket *s) {
241 LIST_FOREACH(port, p, s->ports) {
242 const char *path = NULL;
244 if (p->type == SOCKET_SOCKET)
245 path = socket_address_get_path(&p->address);
246 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
252 r = unit_require_mounts_for(UNIT(s), path);
260 static int socket_add_device_link(Socket *s) {
265 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
268 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
269 return unit_add_node_link(UNIT(s), t, false);
272 static int socket_add_default_dependencies(Socket *s) {
276 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
280 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
281 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
286 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
289 _pure_ static bool socket_has_exec(Socket *s) {
293 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
294 if (s->exec_command[i])
300 static int socket_add_extras(Socket *s) {
306 if (have_non_accept_socket(s)) {
308 if (!UNIT_DEREF(s->service)) {
311 r = unit_load_related_unit(u, ".service", &x);
315 unit_ref_set(&s->service, x);
318 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
323 r = socket_add_mount_links(s);
327 r = socket_add_device_link(s);
331 r = unit_patch_contexts(u);
335 if (socket_has_exec(s)) {
336 r = unit_add_exec_dependencies(u, &s->exec_context);
340 r = unit_add_default_slice(u, &s->cgroup_context);
345 if (u->default_dependencies) {
346 r = socket_add_default_dependencies(s);
354 static const char *socket_find_symlink_target(Socket *s) {
355 const char *found = NULL;
358 LIST_FOREACH(port, p, s->ports) {
359 const char *f = NULL;
368 if (p->address.sockaddr.un.sun_path[0] != 0)
369 f = p->address.sockaddr.un.sun_path;
387 static int socket_verify(Socket *s) {
390 if (UNIT(s)->load_state != UNIT_LOADED)
394 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
398 if (s->accept && have_non_accept_socket(s)) {
399 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
404 if (s->accept && s->max_connections <= 0) {
405 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
409 if (s->accept && UNIT_DEREF(s->service)) {
410 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
414 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
415 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
419 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
420 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
427 static int socket_load(Unit *u) {
428 Socket *s = SOCKET(u);
432 assert(u->load_state == UNIT_STUB);
434 r = unit_load_fragment_and_dropin(u);
438 if (u->load_state == UNIT_LOADED) {
439 /* This is a new unit? Then let's add in some extras */
440 r = socket_add_extras(s);
445 return socket_verify(s);
448 _const_ static const char* listen_lookup(int family, int type) {
450 if (family == AF_NETLINK)
451 return "ListenNetlink";
453 if (type == SOCK_STREAM)
454 return "ListenStream";
455 else if (type == SOCK_DGRAM)
456 return "ListenDatagram";
457 else if (type == SOCK_SEQPACKET)
458 return "ListenSequentialPacket";
460 assert_not_reached("Unknown socket type");
464 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
465 char time_string[FORMAT_TIMESPAN_MAX];
467 Socket *s = SOCKET(u);
474 prefix2 = strappenda(prefix, "\t");
477 "%sSocket State: %s\n"
479 "%sBindIPv6Only: %s\n"
481 "%sSocketMode: %04o\n"
482 "%sDirectoryMode: %04o\n"
486 "%sTransparent: %s\n"
488 "%sPassCredentials: %s\n"
489 "%sPassSecurity: %s\n"
490 "%sTCPCongestion: %s\n"
491 "%sRemoveOnStop: %s\n",
492 prefix, socket_state_to_string(s->state),
493 prefix, socket_result_to_string(s->result),
494 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
496 prefix, s->socket_mode,
497 prefix, s->directory_mode,
498 prefix, yes_no(s->keep_alive),
499 prefix, yes_no(s->no_delay),
500 prefix, yes_no(s->free_bind),
501 prefix, yes_no(s->transparent),
502 prefix, yes_no(s->broadcast),
503 prefix, yes_no(s->pass_cred),
504 prefix, yes_no(s->pass_sec),
505 prefix, strna(s->tcp_congestion),
506 prefix, yes_no(s->remove_on_stop));
508 if (s->control_pid > 0)
510 "%sControl PID: "PID_FMT"\n",
511 prefix, s->control_pid);
513 if (s->bind_to_device)
515 "%sBindToDevice: %s\n",
516 prefix, s->bind_to_device);
521 "%sNConnections: %u\n"
522 "%sMaxConnections: %u\n",
523 prefix, s->n_accepted,
524 prefix, s->n_connections,
525 prefix, s->max_connections);
527 if (s->priority >= 0)
530 prefix, s->priority);
532 if (s->receive_buffer > 0)
534 "%sReceiveBuffer: %zu\n",
535 prefix, s->receive_buffer);
537 if (s->send_buffer > 0)
539 "%sSendBuffer: %zu\n",
540 prefix, s->send_buffer);
552 if (s->pipe_size > 0)
555 prefix, s->pipe_size);
562 if (s->mq_maxmsg > 0)
564 "%sMessageQueueMaxMessages: %li\n",
565 prefix, s->mq_maxmsg);
567 if (s->mq_msgsize > 0)
569 "%sMessageQueueMessageSize: %li\n",
570 prefix, s->mq_msgsize);
575 prefix, yes_no(s->reuse_port));
579 "%sSmackLabel: %s\n",
584 "%sSmackLabelIPIn: %s\n",
585 prefix, s->smack_ip_in);
589 "%sSmackLabelIPOut: %s\n",
590 prefix, s->smack_ip_out);
592 if (!isempty(s->user) || !isempty(s->group))
595 "%sOwnerGroup: %s\n",
596 prefix, strna(s->user),
597 prefix, strna(s->group));
599 if(s->keep_alive_time)
601 "%sKeepAliveTime: %s\n",
602 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX,
603 s->keep_alive_time, USEC_PER_SEC));
605 if(s->keep_alive_interval)
607 "%sKeepAliveInterval: %s\n",
608 prefix, format_timespan(time_string, FORMAT_TIMESPAN_MAX,
609 s->keep_alive_interval, USEC_PER_SEC));
611 if(s->keep_alive_cnt)
613 "%sKeepAliveProbes: %u\n",
614 prefix, s->keep_alive_cnt);
616 LIST_FOREACH(port, p, s->ports) {
618 if (p->type == SOCKET_SOCKET) {
623 if ((r = socket_address_print(&p->address, &k)) < 0)
628 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
630 } else if (p->type == SOCKET_SPECIAL)
631 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
632 else if (p->type == SOCKET_MQUEUE)
633 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
635 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
638 exec_context_dump(&s->exec_context, f, prefix);
639 kill_context_dump(&s->kill_context, f, prefix);
641 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
642 if (!s->exec_command[c])
645 fprintf(f, "%s-> %s:\n",
646 prefix, socket_exec_command_to_string(c));
648 exec_command_dump_list(s->exec_command[c], f, prefix2);
652 static int instance_from_socket(int fd, unsigned nr, char **instance) {
655 union sockaddr_union local, remote;
661 if (getsockname(fd, &local.sa, &l) < 0)
665 if (getpeername(fd, &remote.sa, &l) < 0)
668 switch (local.sa.sa_family) {
672 a = ntohl(local.in.sin_addr.s_addr),
673 b = ntohl(remote.in.sin_addr.s_addr);
676 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
678 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
679 ntohs(local.in.sin_port),
680 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
681 ntohs(remote.in.sin_port)) < 0)
688 static const unsigned char ipv4_prefix[] = {
689 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
692 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
693 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
695 *a = local.in6.sin6_addr.s6_addr+12,
696 *b = remote.in6.sin6_addr.s6_addr+12;
699 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
701 a[0], a[1], a[2], a[3],
702 ntohs(local.in6.sin6_port),
703 b[0], b[1], b[2], b[3],
704 ntohs(remote.in6.sin6_port)) < 0)
707 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
712 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
713 ntohs(local.in6.sin6_port),
714 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
715 ntohs(remote.in6.sin6_port)) < 0)
726 k = getpeercred(fd, &ucred);
729 "%u-"PID_FMT"-"UID_FMT,
730 nr, ucred.pid, ucred.uid) < 0)
732 } else if (k == -ENODATA) {
733 /* This handles the case where somebody is
734 * connecting from another pid/uid namespace
735 * (e.g. from outside of our container). */
747 assert_not_reached("Unhandled socket type.");
754 static void socket_close_fds(Socket *s) {
760 LIST_FOREACH(port, p, s->ports) {
762 p->event_source = sd_event_source_unref(p->event_source);
767 p->fd = safe_close(p->fd);
769 /* One little note: we should normally not delete any
770 * sockets in the file system here! After all some
771 * other process we spawned might still have a
772 * reference of this fd and wants to continue to use
773 * it. Therefore we delete sockets in the file system
774 * before we create a new one, not after we stopped
777 if (s->remove_on_stop) {
789 socket_address_unlink(&p->address);
798 if (s->remove_on_stop)
799 STRV_FOREACH(i, s->symlinks)
803 static void socket_apply_socket_options(Socket *s, int fd) {
808 int b = s->keep_alive;
809 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
810 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
813 if (s->keep_alive_time) {
814 int value = s->keep_alive_time / USEC_PER_SEC;
815 if (setsockopt(fd, SOL_TCP, TCP_KEEPIDLE, &value, sizeof(value)) < 0)
816 log_warning_unit(UNIT(s)->id, "TCP_KEEPIDLE failed: %m");
819 if (s->keep_alive_interval) {
820 int value = s->keep_alive_interval / USEC_PER_SEC;
821 if (setsockopt(fd, SOL_TCP, TCP_KEEPINTVL, &value, sizeof(value)) < 0)
822 log_warning_unit(UNIT(s)->id, "TCP_KEEPINTVL failed: %m");
825 if (s->keep_alive_cnt) {
826 int value = s->keep_alive_cnt;
827 if (setsockopt(fd, SOL_SOCKET, TCP_KEEPCNT, &value, sizeof(value)) < 0)
828 log_warning_unit(UNIT(s)->id, "TCP_KEEPCNT failed: %m");
833 if (setsockopt(fd, SOL_TCP, TCP_NODELAY, &b, sizeof(b)) < 0)
834 log_warning_unit(UNIT(s)->id, "TCP_NODELAY failed: %m");
839 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
840 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
845 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
846 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
851 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
852 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
855 if (s->priority >= 0)
856 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
857 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
859 if (s->receive_buffer > 0) {
860 int value = (int) s->receive_buffer;
862 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
864 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
865 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
866 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
869 if (s->send_buffer > 0) {
870 int value = (int) s->send_buffer;
871 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
872 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
873 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
877 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
878 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
881 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
882 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
884 if (s->ip_ttl >= 0) {
887 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
889 if (socket_ipv6_is_supported())
890 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
893 errno = EAFNOSUPPORT;
897 log_warning_unit(UNIT(s)->id,
898 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
901 if (s->tcp_congestion)
902 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
903 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
906 int b = s->reuse_port;
907 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
908 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
912 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
913 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
916 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
917 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
920 static void socket_apply_fifo_options(Socket *s, int fd) {
924 if (s->pipe_size > 0)
925 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
926 log_warning_unit(UNIT(s)->id,
930 if (smack_label_fd(fd, s->smack) < 0)
931 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
934 static int fifo_address_create(
936 mode_t directory_mode,
947 mkdir_parents_label(path, directory_mode);
949 r = label_context_set(path, S_IFIFO);
953 /* Enforce the right access mode for the fifo */
954 old_mask = umask(~ socket_mode);
956 /* Include the original umask in our mask */
957 umask(~socket_mode | old_mask);
959 r = mkfifo(path, socket_mode);
962 if (r < 0 && errno != EEXIST) {
967 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
972 label_context_clear();
974 if (fstat(fd, &st) < 0) {
979 if (!S_ISFIFO(st.st_mode) ||
980 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
981 st.st_uid != getuid() ||
982 st.st_gid != getgid()) {
992 label_context_clear();
998 static int special_address_create(
1008 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
1014 if (fstat(fd, &st) < 0) {
1019 /* Check whether this is a /proc, /sys or /dev file or char device */
1020 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
1034 static int mq_address_create(
1044 struct mq_attr _attr, *attr = NULL;
1049 if (maxmsg > 0 && msgsize > 0) {
1051 _attr.mq_flags = O_NONBLOCK;
1052 _attr.mq_maxmsg = maxmsg;
1053 _attr.mq_msgsize = msgsize;
1057 /* Enforce the right access mode for the mq */
1058 old_mask = umask(~ mq_mode);
1060 /* Include the original umask in our mask */
1061 umask(~mq_mode | old_mask);
1062 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1070 if (fstat(fd, &st) < 0) {
1075 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1076 st.st_uid != getuid() ||
1077 st.st_gid != getgid()) {
1091 static int socket_symlink(Socket *s) {
1097 p = socket_find_symlink_target(s);
1101 STRV_FOREACH(i, s->symlinks)
1107 static int socket_open_fds(Socket *s) {
1111 bool know_label = false;
1115 LIST_FOREACH(port, p, s->ports) {
1120 if (p->type == SOCKET_SOCKET) {
1124 r = socket_instantiate_service(s);
1128 if (UNIT_ISSET(s->service) &&
1129 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1130 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1131 if (r < 0 && r != -EPERM)
1138 r = socket_address_listen(
1140 SOCK_CLOEXEC|SOCK_NONBLOCK,
1153 socket_apply_socket_options(s, p->fd);
1156 } else if (p->type == SOCKET_SPECIAL) {
1158 r = special_address_create(
1164 } else if (p->type == SOCKET_FIFO) {
1166 r = fifo_address_create(
1174 socket_apply_fifo_options(s, p->fd);
1177 } else if (p->type == SOCKET_MQUEUE) {
1179 r = mq_address_create(
1188 assert_not_reached("Unknown port type");
1195 socket_close_fds(s);
1200 static void socket_unwatch_fds(Socket *s) {
1206 LIST_FOREACH(port, p, s->ports) {
1210 if (!p->event_source)
1213 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1215 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1219 static int socket_watch_fds(Socket *s) {
1225 LIST_FOREACH(port, p, s->ports) {
1229 if (p->event_source)
1230 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1232 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1235 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1243 socket_unwatch_fds(s);
1247 static void socket_set_state(Socket *s, SocketState state) {
1248 SocketState old_state;
1251 old_state = s->state;
1259 SOCKET_STOP_PRE_SIGTERM,
1260 SOCKET_STOP_PRE_SIGKILL,
1262 SOCKET_FINAL_SIGTERM,
1263 SOCKET_FINAL_SIGKILL)) {
1265 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1266 socket_unwatch_control_pid(s);
1267 s->control_command = NULL;
1268 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1271 if (state != SOCKET_LISTENING)
1272 socket_unwatch_fds(s);
1280 SOCKET_STOP_PRE_SIGTERM,
1281 SOCKET_STOP_PRE_SIGKILL))
1282 socket_close_fds(s);
1284 if (state != old_state)
1285 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1286 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1288 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1291 static int socket_coldplug(Unit *u) {
1292 Socket *s = SOCKET(u);
1296 assert(s->state == SOCKET_DEAD);
1298 if (s->deserialized_state == s->state)
1301 if (IN_SET(s->deserialized_state,
1306 SOCKET_STOP_PRE_SIGTERM,
1307 SOCKET_STOP_PRE_SIGKILL,
1309 SOCKET_FINAL_SIGTERM,
1310 SOCKET_FINAL_SIGKILL)) {
1312 if (s->control_pid <= 0)
1315 r = unit_watch_pid(UNIT(s), s->control_pid);
1319 r = socket_arm_timer(s);
1324 if (IN_SET(s->deserialized_state,
1330 SOCKET_STOP_PRE_SIGTERM,
1331 SOCKET_STOP_PRE_SIGKILL)) {
1332 r = socket_open_fds(s);
1337 if (s->deserialized_state == SOCKET_LISTENING) {
1338 r = socket_watch_fds(s);
1343 socket_set_state(s, s->deserialized_state);
1347 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1348 _cleanup_free_ char **argv = NULL;
1356 unit_realize_cgroup(UNIT(s));
1358 r = unit_setup_exec_runtime(UNIT(s));
1362 r = socket_arm_timer(s);
1366 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1374 UNIT(s)->manager->environment,
1378 UNIT(s)->manager->confirm_spawn,
1379 UNIT(s)->manager->cgroup_supported,
1380 UNIT(s)->cgroup_path,
1381 manager_get_runtime_prefix(UNIT(s)->manager),
1390 r = unit_watch_pid(UNIT(s), pid);
1392 /* FIXME: we need to do something here */
1399 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1403 static int socket_chown(Socket *s, pid_t *_pid) {
1407 r = socket_arm_timer(s);
1411 /* We have to resolve the user names out-of-process, hence
1412 * let's fork here. It's messy, but well, what can we do? */
1420 uid_t uid = (uid_t) -1;
1421 gid_t gid = (gid_t) -1;
1424 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1425 ignore_signals(SIGPIPE, -1);
1428 if (!isempty(s->user)) {
1429 const char *user = s->user;
1431 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1438 if (!isempty(s->group)) {
1439 const char *group = s->group;
1441 r = get_group_creds(&group, &gid);
1448 LIST_FOREACH(port, p, s->ports) {
1449 const char *path = NULL;
1451 if (p->type == SOCKET_SOCKET)
1452 path = socket_address_get_path(&p->address);
1453 else if (p->type == SOCKET_FIFO)
1459 if (chown(path, uid, gid) < 0) {
1470 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1475 r = unit_watch_pid(UNIT(s), pid);
1483 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1487 static void socket_enter_dead(Socket *s, SocketResult f) {
1490 if (f != SOCKET_SUCCESS)
1493 exec_runtime_destroy(s->exec_runtime);
1494 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1496 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1498 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1501 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1503 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1507 if (f != SOCKET_SUCCESS)
1510 socket_unwatch_control_pid(s);
1511 s->control_command_id = SOCKET_EXEC_STOP_POST;
1512 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
1514 if (s->control_command) {
1515 r = socket_spawn(s, s->control_command, &s->control_pid);
1519 socket_set_state(s, SOCKET_STOP_POST);
1521 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1526 log_warning_unit(UNIT(s)->id,
1527 "%s failed to run 'stop-post' task: %s",
1528 UNIT(s)->id, strerror(-r));
1529 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1532 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1537 if (f != SOCKET_SUCCESS)
1540 r = unit_kill_context(
1543 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1551 r = socket_arm_timer(s);
1555 socket_set_state(s, state);
1556 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1557 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1558 else if (state == SOCKET_STOP_PRE_SIGKILL)
1559 socket_enter_stop_post(s, SOCKET_SUCCESS);
1560 else if (state == SOCKET_FINAL_SIGTERM)
1561 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1563 socket_enter_dead(s, SOCKET_SUCCESS);
1568 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1570 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1571 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1573 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1576 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1580 if (f != SOCKET_SUCCESS)
1583 socket_unwatch_control_pid(s);
1584 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1585 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
1587 if (s->control_command) {
1588 r = socket_spawn(s, s->control_command, &s->control_pid);
1592 socket_set_state(s, SOCKET_STOP_PRE);
1594 socket_enter_stop_post(s, SOCKET_SUCCESS);
1599 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1600 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1603 static void socket_enter_listening(Socket *s) {
1607 r = socket_watch_fds(s);
1609 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1613 socket_set_state(s, SOCKET_LISTENING);
1617 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1620 static void socket_enter_start_post(Socket *s) {
1624 socket_unwatch_control_pid(s);
1625 s->control_command_id = SOCKET_EXEC_START_POST;
1626 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1628 if (s->control_command) {
1629 r = socket_spawn(s, s->control_command, &s->control_pid);
1631 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1635 socket_set_state(s, SOCKET_START_POST);
1637 socket_enter_listening(s);
1642 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1645 static void socket_enter_start_chown(Socket *s) {
1650 r = socket_open_fds(s);
1652 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1656 if (!isempty(s->user) || !isempty(s->group)) {
1658 socket_unwatch_control_pid(s);
1659 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1660 s->control_command = NULL;
1662 r = socket_chown(s, &s->control_pid);
1664 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
1668 socket_set_state(s, SOCKET_START_CHOWN);
1670 socket_enter_start_post(s);
1675 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1678 static void socket_enter_start_pre(Socket *s) {
1682 socket_unwatch_control_pid(s);
1683 s->control_command_id = SOCKET_EXEC_START_PRE;
1684 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
1686 if (s->control_command) {
1687 r = socket_spawn(s, s->control_command, &s->control_pid);
1689 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1693 socket_set_state(s, SOCKET_START_PRE);
1695 socket_enter_start_chown(s);
1700 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1703 static void socket_enter_running(Socket *s, int cfd) {
1704 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1709 /* We don't take connections anymore if we are supposed to
1710 * shut down anyway */
1711 if (unit_stop_pending(UNIT(s))) {
1713 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1718 /* Flush all sockets by closing and reopening them */
1719 socket_close_fds(s);
1721 r = socket_open_fds(s);
1723 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1724 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1728 r = socket_watch_fds(s);
1730 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1731 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1741 bool pending = false;
1743 /* If there's already a start pending don't bother to
1745 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1746 if (unit_active_or_pending(other)) {
1752 if (!UNIT_ISSET(s->service)) {
1753 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1758 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1763 socket_set_state(s, SOCKET_RUNNING);
1765 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1768 if (s->n_connections >= s->max_connections) {
1769 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1774 r = socket_instantiate_service(s);
1778 r = instance_from_socket(cfd, s->n_accepted, &instance);
1783 /* ENOTCONN is legitimate if TCP RST was received.
1784 * This connection is over, but the socket unit lives on. */
1789 prefix = unit_name_to_prefix(UNIT(s)->id);
1795 name = unit_name_build(prefix, instance, ".service");
1801 r = unit_add_name(UNIT_DEREF(s->service), name);
1805 service = SERVICE(UNIT_DEREF(s->service));
1806 unit_ref_unset(&s->service);
1809 UNIT(service)->no_gc = false;
1811 unit_choose_id(UNIT(service), name);
1813 r = service_set_socket_fd(service, cfd, s);
1818 s->n_connections ++;
1820 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1824 /* Notify clients about changed counters */
1825 unit_add_to_dbus_queue(UNIT(s));
1831 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1832 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1833 bus_error_message(&error, r));
1835 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1839 static void socket_run_next(Socket *s) {
1843 assert(s->control_command);
1844 assert(s->control_command->command_next);
1846 socket_unwatch_control_pid(s);
1848 s->control_command = s->control_command->command_next;
1850 r = socket_spawn(s, s->control_command, &s->control_pid);
1857 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1859 if (s->state == SOCKET_START_POST)
1860 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1861 else if (s->state == SOCKET_STOP_POST)
1862 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1864 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1867 static int socket_start(Unit *u) {
1868 Socket *s = SOCKET(u);
1872 /* We cannot fulfill this request right now, try again later
1874 if (IN_SET(s->state,
1876 SOCKET_STOP_PRE_SIGKILL,
1877 SOCKET_STOP_PRE_SIGTERM,
1879 SOCKET_FINAL_SIGTERM,
1880 SOCKET_FINAL_SIGKILL))
1883 /* Already on it! */
1884 if (IN_SET(s->state,
1890 /* Cannot run this without the service being around */
1891 if (UNIT_ISSET(s->service)) {
1894 service = SERVICE(UNIT_DEREF(s->service));
1896 if (UNIT(service)->load_state != UNIT_LOADED) {
1897 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1901 /* If the service is already active we cannot start the
1903 if (service->state != SERVICE_DEAD &&
1904 service->state != SERVICE_FAILED &&
1905 service->state != SERVICE_AUTO_RESTART) {
1906 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1911 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1913 s->result = SOCKET_SUCCESS;
1914 socket_enter_start_pre(s);
1919 static int socket_stop(Unit *u) {
1920 Socket *s = SOCKET(u);
1925 if (IN_SET(s->state,
1927 SOCKET_STOP_PRE_SIGTERM,
1928 SOCKET_STOP_PRE_SIGKILL,
1930 SOCKET_FINAL_SIGTERM,
1931 SOCKET_FINAL_SIGKILL))
1934 /* If there's already something running we go directly into
1936 if (IN_SET(s->state,
1939 SOCKET_START_POST)) {
1940 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1944 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1946 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1950 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1951 Socket *s = SOCKET(u);
1959 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1960 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1961 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1963 if (s->control_pid > 0)
1964 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
1966 if (s->control_command_id >= 0)
1967 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1969 LIST_FOREACH(port, p, s->ports) {
1975 copy = fdset_put_dup(fds, p->fd);
1979 if (p->type == SOCKET_SOCKET) {
1980 _cleanup_free_ char *t = NULL;
1982 r = socket_address_print(&p->address, &t);
1986 if (socket_address_family(&p->address) == AF_NETLINK)
1987 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1989 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1991 } else if (p->type == SOCKET_SPECIAL)
1992 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1993 else if (p->type == SOCKET_MQUEUE)
1994 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1996 assert(p->type == SOCKET_FIFO);
1997 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
2004 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
2005 Socket *s = SOCKET(u);
2011 if (streq(key, "state")) {
2014 state = socket_state_from_string(value);
2016 log_debug_unit(u->id, "Failed to parse state value %s", value);
2018 s->deserialized_state = state;
2019 } else if (streq(key, "result")) {
2022 f = socket_result_from_string(value);
2024 log_debug_unit(u->id, "Failed to parse result value %s", value);
2025 else if (f != SOCKET_SUCCESS)
2028 } else if (streq(key, "n-accepted")) {
2031 if (safe_atou(value, &k) < 0)
2032 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
2035 } else if (streq(key, "control-pid")) {
2038 if (parse_pid(value, &pid) < 0)
2039 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
2041 s->control_pid = pid;
2042 } else if (streq(key, "control-command")) {
2043 SocketExecCommand id;
2045 id = socket_exec_command_from_string(value);
2047 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
2049 s->control_command_id = id;
2050 s->control_command = s->exec_command[id];
2052 } else if (streq(key, "fifo")) {
2056 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2057 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
2060 LIST_FOREACH(port, p, s->ports)
2061 if (p->type == SOCKET_FIFO &&
2062 streq_ptr(p->path, value+skip))
2067 p->fd = fdset_remove(fds, fd);
2071 } else if (streq(key, "special")) {
2075 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2076 log_debug_unit(u->id, "Failed to parse special value %s", value);
2079 LIST_FOREACH(port, p, s->ports)
2080 if (p->type == SOCKET_SPECIAL &&
2081 streq_ptr(p->path, value+skip))
2086 p->fd = fdset_remove(fds, fd);
2090 } else if (streq(key, "mqueue")) {
2094 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2095 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
2098 LIST_FOREACH(port, p, s->ports)
2099 if (p->type == SOCKET_MQUEUE &&
2100 streq_ptr(p->path, value+skip))
2105 p->fd = fdset_remove(fds, fd);
2109 } else if (streq(key, "socket")) {
2110 int fd, type, skip = 0;
2113 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
2114 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2117 LIST_FOREACH(port, p, s->ports)
2118 if (socket_address_is(&p->address, value+skip, type))
2123 p->fd = fdset_remove(fds, fd);
2127 } else if (streq(key, "netlink")) {
2131 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2132 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2135 LIST_FOREACH(port, p, s->ports)
2136 if (socket_address_is_netlink(&p->address, value+skip))
2141 p->fd = fdset_remove(fds, fd);
2145 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
2150 static int socket_distribute_fds(Unit *u, FDSet *fds) {
2151 Socket *s = SOCKET(u);
2156 LIST_FOREACH(port, p, s->ports) {
2160 if (p->type != SOCKET_SOCKET)
2166 FDSET_FOREACH(fd, fds, i) {
2167 if (socket_address_matches_fd(&p->address, fd)) {
2168 p->fd = fdset_remove(fds, fd);
2169 s->deserialized_state = SOCKET_LISTENING;
2178 _pure_ static UnitActiveState socket_active_state(Unit *u) {
2181 return state_translation_table[SOCKET(u)->state];
2184 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
2187 return socket_state_to_string(SOCKET(u)->state);
2190 const char* socket_port_type_to_string(SocketPort *p) {
2198 switch (p->address.type) {
2206 case SOCK_SEQPACKET:
2207 return "SequentialPacket";
2210 if (socket_address_family(&p->address) == AF_NETLINK)
2217 case SOCKET_SPECIAL:
2221 return "MessageQueue";
2231 _pure_ static bool socket_check_gc(Unit *u) {
2232 Socket *s = SOCKET(u);
2236 return s->n_connections > 0;
2239 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2240 SocketPort *p = userdata;
2246 if (p->socket->state != SOCKET_LISTENING)
2249 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2251 if (revents != EPOLLIN) {
2253 if (revents & EPOLLHUP)
2254 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2255 UNIT(p->socket)->id);
2257 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2258 UNIT(p->socket)->id, revents);
2263 if (p->socket->accept &&
2264 p->type == SOCKET_SOCKET &&
2265 socket_address_can_accept(&p->address)) {
2269 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2275 log_error_unit(UNIT(p->socket)->id,
2276 "Failed to accept socket: %m");
2283 socket_apply_socket_options(p->socket, cfd);
2286 socket_enter_running(p->socket, cfd);
2290 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2294 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2295 Socket *s = SOCKET(u);
2301 if (pid != s->control_pid)
2306 if (is_clean_exit(code, status, NULL))
2308 else if (code == CLD_EXITED)
2309 f = SOCKET_FAILURE_EXIT_CODE;
2310 else if (code == CLD_KILLED)
2311 f = SOCKET_FAILURE_SIGNAL;
2312 else if (code == CLD_DUMPED)
2313 f = SOCKET_FAILURE_CORE_DUMP;
2315 assert_not_reached("Unknown sigchld code");
2317 if (s->control_command) {
2318 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2320 if (s->control_command->ignore)
2324 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2326 "%s control process exited, code=%s status=%i",
2327 u->id, sigchld_code_to_string(code), status);
2329 if (f != SOCKET_SUCCESS)
2332 if (s->control_command &&
2333 s->control_command->command_next &&
2334 f == SOCKET_SUCCESS) {
2336 log_debug_unit(u->id,
2337 "%s running next command for state %s",
2338 u->id, socket_state_to_string(s->state));
2341 s->control_command = NULL;
2342 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2344 /* No further commands for this step, so let's figure
2345 * out what to do next */
2347 log_debug_unit(u->id,
2348 "%s got final SIGCHLD for state %s",
2349 u->id, socket_state_to_string(s->state));
2353 case SOCKET_START_PRE:
2354 if (f == SOCKET_SUCCESS)
2355 socket_enter_start_chown(s);
2357 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2360 case SOCKET_START_CHOWN:
2361 if (f == SOCKET_SUCCESS)
2362 socket_enter_start_post(s);
2364 socket_enter_stop_pre(s, f);
2367 case SOCKET_START_POST:
2368 if (f == SOCKET_SUCCESS)
2369 socket_enter_listening(s);
2371 socket_enter_stop_pre(s, f);
2374 case SOCKET_STOP_PRE:
2375 case SOCKET_STOP_PRE_SIGTERM:
2376 case SOCKET_STOP_PRE_SIGKILL:
2377 socket_enter_stop_post(s, f);
2380 case SOCKET_STOP_POST:
2381 case SOCKET_FINAL_SIGTERM:
2382 case SOCKET_FINAL_SIGKILL:
2383 socket_enter_dead(s, f);
2387 assert_not_reached("Uh, control process died at wrong time.");
2391 /* Notify clients about changed exit status */
2392 unit_add_to_dbus_queue(u);
2395 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2396 Socket *s = SOCKET(userdata);
2399 assert(s->timer_event_source == source);
2403 case SOCKET_START_PRE:
2404 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
2405 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2408 case SOCKET_START_CHOWN:
2409 case SOCKET_START_POST:
2410 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
2411 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2414 case SOCKET_STOP_PRE:
2415 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
2416 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2419 case SOCKET_STOP_PRE_SIGTERM:
2420 if (s->kill_context.send_sigkill) {
2421 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
2422 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2424 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2425 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2429 case SOCKET_STOP_PRE_SIGKILL:
2430 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2431 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2434 case SOCKET_STOP_POST:
2435 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2436 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2439 case SOCKET_FINAL_SIGTERM:
2440 if (s->kill_context.send_sigkill) {
2441 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
2442 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2444 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2445 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2449 case SOCKET_FINAL_SIGKILL:
2450 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
2451 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2455 assert_not_reached("Timeout at wrong time.");
2461 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2470 /* Called from the service code for requesting our fds */
2473 LIST_FOREACH(port, p, s->ports)
2483 if (!(rfds = new(int, rn_fds)))
2487 LIST_FOREACH(port, p, s->ports)
2491 assert(k == rn_fds);
2499 static void socket_reset_failed(Unit *u) {
2500 Socket *s = SOCKET(u);
2504 if (s->state == SOCKET_FAILED)
2505 socket_set_state(s, SOCKET_DEAD);
2507 s->result = SOCKET_SUCCESS;
2510 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2513 /* The service is dead. Dang!
2515 * This is strictly for one-instance-for-all-connections
2518 if (s->state == SOCKET_RUNNING) {
2519 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2520 if (failed_permanent)
2521 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2523 socket_enter_listening(s);
2527 void socket_connection_unref(Socket *s) {
2530 /* The service is dead. Yay!
2532 * This is strictly for one-instance-per-connection
2535 assert(s->n_connections > 0);
2538 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2541 static void socket_trigger_notify(Unit *u, Unit *other) {
2542 Socket *s = SOCKET(u);
2548 /* Don't propagate state changes from the service if we are
2549 already down or accepting connections */
2550 if ((s->state != SOCKET_RUNNING &&
2551 s->state != SOCKET_LISTENING) ||
2555 if (other->load_state != UNIT_LOADED ||
2556 other->type != UNIT_SERVICE)
2559 se = SERVICE(other);
2561 if (se->state == SERVICE_FAILED)
2562 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2564 if (se->state == SERVICE_DEAD ||
2565 se->state == SERVICE_STOP ||
2566 se->state == SERVICE_STOP_SIGTERM ||
2567 se->state == SERVICE_STOP_SIGKILL ||
2568 se->state == SERVICE_STOP_POST ||
2569 se->state == SERVICE_FINAL_SIGTERM ||
2570 se->state == SERVICE_FINAL_SIGKILL ||
2571 se->state == SERVICE_AUTO_RESTART)
2572 socket_notify_service_dead(s, false);
2574 if (se->state == SERVICE_RUNNING)
2575 socket_set_state(s, SOCKET_RUNNING);
2578 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2579 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2582 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2583 Socket *s = SOCKET(u);
2586 if (!s->timer_event_source)
2589 r = sd_event_source_get_time(s->timer_event_source, timeout);
2596 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2597 [SOCKET_DEAD] = "dead",
2598 [SOCKET_START_PRE] = "start-pre",
2599 [SOCKET_START_CHOWN] = "start-chown",
2600 [SOCKET_START_POST] = "start-post",
2601 [SOCKET_LISTENING] = "listening",
2602 [SOCKET_RUNNING] = "running",
2603 [SOCKET_STOP_PRE] = "stop-pre",
2604 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2605 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2606 [SOCKET_STOP_POST] = "stop-post",
2607 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2608 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2609 [SOCKET_FAILED] = "failed"
2612 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2614 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2615 [SOCKET_EXEC_START_PRE] = "StartPre",
2616 [SOCKET_EXEC_START_CHOWN] = "StartChown",
2617 [SOCKET_EXEC_START_POST] = "StartPost",
2618 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2619 [SOCKET_EXEC_STOP_POST] = "StopPost"
2622 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2624 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2625 [SOCKET_SUCCESS] = "success",
2626 [SOCKET_FAILURE_RESOURCES] = "resources",
2627 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2628 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2629 [SOCKET_FAILURE_SIGNAL] = "signal",
2630 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2631 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2634 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2636 const UnitVTable socket_vtable = {
2637 .object_size = sizeof(Socket),
2638 .exec_context_offset = offsetof(Socket, exec_context),
2639 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2640 .kill_context_offset = offsetof(Socket, kill_context),
2641 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2647 .private_section = "Socket",
2649 .init = socket_init,
2650 .done = socket_done,
2651 .load = socket_load,
2653 .coldplug = socket_coldplug,
2655 .dump = socket_dump,
2657 .start = socket_start,
2658 .stop = socket_stop,
2660 .kill = socket_kill,
2662 .get_timeout = socket_get_timeout,
2664 .serialize = socket_serialize,
2665 .deserialize_item = socket_deserialize_item,
2666 .distribute_fds = socket_distribute_fds,
2668 .active_state = socket_active_state,
2669 .sub_state_to_string = socket_sub_state_to_string,
2671 .check_gc = socket_check_gc,
2673 .sigchld_event = socket_sigchld_event,
2675 .trigger_notify = socket_trigger_notify,
2677 .reset_failed = socket_reset_failed,
2679 .bus_interface = "org.freedesktop.systemd1.Socket",
2680 .bus_vtable = bus_socket_vtable,
2681 .bus_set_property = bus_socket_set_property,
2682 .bus_commit_properties = bus_socket_commit_properties,
2684 .status_message_formats = {
2685 /*.starting_stopping = {
2686 [0] = "Starting socket %s...",
2687 [1] = "Stopping socket %s...",
2689 .finished_start_job = {
2690 [JOB_DONE] = "Listening on %s.",
2691 [JOB_FAILED] = "Failed to listen on %s.",
2692 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2693 [JOB_TIMEOUT] = "Timed out starting %s.",
2695 .finished_stop_job = {
2696 [JOB_DONE] = "Closed %s.",
2697 [JOB_FAILED] = "Failed stopping %s.",
2698 [JOB_TIMEOUT] = "Timed out stopping %s.",