#include "dbus.h"
#include "execute.h"
#include "virt.h"
+#include "dropin.h"
const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
[UNIT_SERVICE] = &service_vtable,
return !!set_get(u->names, (char*) name);
}
+static void unit_init(Unit *u) {
+ CGroupContext *cc;
+ ExecContext *ec;
+ KillContext *kc;
+
+ assert(u);
+ assert(u->manager);
+ assert(u->type >= 0);
+
+ cc = unit_get_cgroup_context(u);
+ if (cc) {
+ cgroup_context_init(cc);
+
+ /* Copy in the manager defaults into the cgroup
+ * context, _before_ the rest of the settings have
+ * been initialized */
+
+ cc->cpu_accounting = u->manager->default_cpu_accounting;
+ cc->blockio_accounting = u->manager->default_blockio_accounting;
+ cc->memory_accounting = u->manager->default_memory_accounting;
+ }
+
+ ec = unit_get_exec_context(u);
+ if (ec)
+ exec_context_init(ec);
+
+ kc = unit_get_kill_context(u);
+ if (kc)
+ kill_context_init(kc);
+
+ if (UNIT_VTABLE(u)->init)
+ UNIT_VTABLE(u)->init(u);
+}
+
int unit_add_name(Unit *u, const char *text) {
+ _cleanup_free_ char *s = NULL, *i = NULL;
UnitType t;
- char *s, *i = NULL;
int r;
assert(u);
assert(text);
if (unit_name_is_template(text)) {
+
if (!u->instance)
return -EINVAL;
s = unit_name_replace_instance(text, u->instance);
} else
s = strdup(text);
-
if (!s)
return -ENOMEM;
- if (!unit_name_is_valid(s, TEMPLATE_INVALID)) {
- r = -EINVAL;
- goto fail;
- }
+ if (!unit_name_is_valid(s, TEMPLATE_INVALID))
+ return -EINVAL;
assert_se((t = unit_name_to_type(s)) >= 0);
- if (u->type != _UNIT_TYPE_INVALID && t != u->type) {
- r = -EINVAL;
- goto fail;
- }
+ if (u->type != _UNIT_TYPE_INVALID && t != u->type)
+ return -EINVAL;
r = unit_name_to_instance(s, &i);
if (r < 0)
- goto fail;
+ return r;
- if (i && unit_vtable[t]->no_instances) {
- r = -EINVAL;
- goto fail;
- }
+ if (i && unit_vtable[t]->no_instances)
+ return -EINVAL;
/* Ensure that this unit is either instanced or not instanced,
* but not both. */
- if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i) {
- r = -EINVAL;
- goto fail;
- }
+ if (u->type != _UNIT_TYPE_INVALID && !u->instance != !i)
+ return -EINVAL;
if (unit_vtable[t]->no_alias &&
!set_isempty(u->names) &&
- !set_get(u->names, s)) {
- r = -EEXIST;
- goto fail;
- }
+ !set_get(u->names, s))
+ return -EEXIST;
- if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES) {
- r = -E2BIG;
- goto fail;
- }
+ if (hashmap_size(u->manager->units) >= MANAGER_MAX_NAMES)
+ return -E2BIG;
r = set_put(u->names, s);
if (r < 0) {
if (r == -EEXIST)
- r = 0;
- goto fail;
+ return 0;
+
+ return r;
}
r = hashmap_put(u->manager->units, s, u);
if (r < 0) {
set_remove(u->names, s);
- goto fail;
+ return r;
}
if (u->type == _UNIT_TYPE_INVALID) {
-
u->type = t;
u->id = s;
u->instance = i;
LIST_PREPEND(units_by_type, u->manager->units_by_type[t], u);
- if (UNIT_VTABLE(u)->init)
- UNIT_VTABLE(u)->init(u);
- } else
- free(i);
+ unit_init(u);
- unit_add_to_dbus_queue(u);
- return 0;
+ i = NULL;
+ }
-fail:
- free(s);
- free(i);
+ s = NULL;
- return r;
+ unit_add_to_dbus_queue(u);
+ return 0;
}
int unit_choose_id(Unit *u, const char *name) {
- char *s, *i;
_cleanup_free_ char *t = NULL;
+ char *s, *i;
int r;
assert(u);
/* Selects one of the names of this unit as the id */
s = set_get(u->names, (char*) name);
-
if (!s)
return -ENOENT;
return;
/* Shortcut things if nobody cares */
- if (set_isempty(u->manager->subscribed)) {
+ if (sd_bus_track_count(u->manager->subscribed) <= 0 &&
+ set_isempty(u->manager->private_buses)) {
u->sent_dbus_new_signal = true;
return;
}
u->requires_mounts_for = NULL;
}
+static void unit_done(Unit *u) {
+ ExecContext *ec;
+ CGroupContext *cc;
+
+ assert(u);
+
+ if (u->type < 0)
+ return;
+
+ if (UNIT_VTABLE(u)->done)
+ UNIT_VTABLE(u)->done(u);
+
+ ec = unit_get_exec_context(u);
+ if (ec)
+ exec_context_done(ec);
+
+ cc = unit_get_cgroup_context(u);
+ if (cc)
+ cgroup_context_done(cc);
+}
+
void unit_free(Unit *u) {
UnitDependency d;
Iterator i;
bus_unit_send_removed_signal(u);
- if (u->load_state != UNIT_STUB)
- if (UNIT_VTABLE(u)->done)
- UNIT_VTABLE(u)->done(u);
+ unit_done(u);
unit_free_requires_mounts_for(u);
free(u->cgroup_path);
}
+ set_remove(u->manager->failed_units, u);
+ set_remove(u->manager->startup_units, u);
+
free(u->description);
strv_free(u->documentation);
free(u->fragment_path);
return r;
}
+ if (u->manager->running_as != SYSTEMD_SYSTEM)
+ return 0;
+
+ if (c->private_tmp) {
+ r = unit_require_mounts_for(u, "/tmp");
+ if (r < 0)
+ return r;
+
+ r = unit_require_mounts_for(u, "/var/tmp");
+ if (r < 0)
+ return r;
+ }
+
if (c->std_output != EXEC_OUTPUT_KMSG &&
c->std_output != EXEC_OUTPUT_SYSLOG &&
c->std_output != EXEC_OUTPUT_JOURNAL &&
/* If syslog or kernel logging is requested, make sure our own
* logging daemon is run first. */
- if (u->manager->running_as == SYSTEMD_SYSTEM) {
- r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true);
- if (r < 0)
- return r;
- }
+ r = unit_add_dependency_by_name(u, UNIT_AFTER, SPECIAL_JOURNALD_SOCKET, NULL, true);
+ if (r < 0)
+ return r;
return 0;
}
return 0;
}
+static int unit_add_startup_units(Unit *u) {
+ CGroupContext *c;
+ int r = 0;
+
+ c = unit_get_cgroup_context(u);
+ if (!c)
+ return 0;
+
+ if (c->startup_cpu_shares == (unsigned long) -1 &&
+ c->startup_blockio_weight == (unsigned long) -1)
+ return 0;
+
+ r = set_put(u->manager->startup_units, u);
+ if (r == -EEXIST)
+ return 0;
+
+ return r;
+}
+
int unit_load(Unit *u) {
int r;
if (r < 0)
goto fail;
+ r = unit_add_startup_units(u);
+ if (r < 0)
+ goto fail;
+
if (u->on_failure_job_mode == JOB_ISOLATE && set_size(u->dependencies[UNIT_ON_FAILURE]) > 1) {
log_error_unit(u->id, "More than one OnFailure= dependencies specified for %s but OnFailureJobMode=isolate set. Refusing.", u->id);
r = -EINVAL;
/* Note that this is called for all low-level state changes,
* even if they might map to the same high-level
- * UnitActiveState! That means that ns == os is OK an expected
+ * UnitActiveState! That means that ns == os is an expected
* behavior here. For example: if a mount point is remounted
* this function will be called too! */
m = u->manager;
+ /* Update timestamps for state changes */
if (m->n_reloading <= 0) {
dual_timestamp ts;
u->active_exit_timestamp = ts;
}
+ /* Keep track of failed units */
+ if (ns == UNIT_FAILED && os != UNIT_FAILED)
+ set_put(u->manager->failed_units, u);
+ else if (os == UNIT_FAILED && ns != UNIT_FAILED)
+ set_remove(u->manager->failed_units, u);
+
+ /* Make sure the cgroup is always removed when we become inactive */
if (UNIT_IS_INACTIVE_OR_FAILED(ns))
unit_destroy_cgroup(u);
/* Note that this doesn't apply to RemainAfterExit services exiting
- * sucessfully, since there's no change of state in that case. Which is
+ * successfully, since there's no change of state in that case. Which is
* why it is handled in service_set_state() */
if (UNIT_IS_INACTIVE_OR_FAILED(os) != UNIT_IS_INACTIVE_OR_FAILED(ns)) {
ExecContext *ec;
if (UNIT_IS_ACTIVE_OR_RELOADING(ns)) {
if (unit_has_name(u, SPECIAL_DBUS_SERVICE))
- /* The bus just might have become available,
+ /* The bus might have just become available,
* hence try to connect to it, if we aren't
* yet connected. */
bus_init(m, true);
/* Watch a specific PID. We only support one or two units
* watching each PID for now, not more. */
- r = hashmap_ensure_allocated(&u->manager->watch_pids1, trivial_hash_func, trivial_compare_func);
+ r = set_ensure_allocated(&u->pids, trivial_hash_func, trivial_compare_func);
if (r < 0)
return r;
- r = set_ensure_allocated(&u->pids, trivial_hash_func, trivial_compare_func);
+ r = hashmap_ensure_allocated(&u->manager->watch_pids1, trivial_hash_func, trivial_compare_func);
if (r < 0)
return r;
set_remove(u->pids, LONG_TO_PTR(pid));
}
-static int watch_pids_in_path(Unit *u, const char *path) {
+void unit_unwatch_all_pids(Unit *u) {
+ assert(u);
+
+ while (!set_isempty(u->pids))
+ unit_unwatch_pid(u, PTR_TO_LONG(set_first(u->pids)));
+
+ set_free(u->pids);
+ u->pids = NULL;
+}
+
+static int unit_watch_pids_in_path(Unit *u, const char *path) {
_cleanup_closedir_ DIR *d = NULL;
_cleanup_fclose_ FILE *f = NULL;
int ret = 0, r;
if (!p)
return -ENOMEM;
- r = watch_pids_in_path(u, p);
+ r = unit_watch_pids_in_path(u, p);
if (r < 0 && ret >= 0)
ret = r;
}
return ret;
}
-
int unit_watch_all_pids(Unit *u) {
assert(u);
- if (!u->cgroup_path)
- return -ENOENT;
-
/* Adds all PIDs from our cgroup to the set of PIDs we watch */
- return watch_pids_in_path(u, u->cgroup_path);
-}
-
-void unit_unwatch_all_pids(Unit *u) {
- Iterator i;
- void *e;
-
- assert(u);
-
- SET_FOREACH(e, u->pids, i) {
- hashmap_remove_value(u->manager->watch_pids1, e, u);
- hashmap_remove_value(u->manager->watch_pids2, e, u);
- }
+ if (!u->cgroup_path)
+ return -ENOENT;
- set_free(u->pids);
- u->pids = NULL;
+ return unit_watch_pids_in_path(u, u->cgroup_path);
}
void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2) {
continue;
if (!pid_is_unwaited(pid))
- set_remove(u->pids, e);
+ unit_unwatch_pid(u, pid);
}
}
return strjoin(u->manager->cgroup_root, "/", escaped, NULL);
}
-int unit_add_default_slice(Unit *u) {
+int unit_add_default_slice(Unit *u, CGroupContext *c) {
_cleanup_free_ char *b = NULL;
const char *slice_name;
Unit *slice;
int r;
assert(u);
+ assert(c);
if (UNIT_ISSET(u->slice))
return 0;
- if (!unit_get_cgroup_context(u))
- return 0;
-
if (u->instance) {
_cleanup_free_ char *prefix = NULL, *escaped = NULL;
}
int unit_serialize(Unit *u, FILE *f, FDSet *fds, bool serialize_jobs) {
- ExecRuntime *rt;
int r;
assert(u);
assert(f);
assert(fds);
- if (!unit_can_serialize(u))
- return 0;
-
- r = UNIT_VTABLE(u)->serialize(u, f, fds);
- if (r < 0)
- return r;
+ if (unit_can_serialize(u)) {
+ ExecRuntime *rt;
- rt = unit_get_exec_runtime(u);
- if (rt) {
- r = exec_runtime_serialize(rt, u, f, fds);
+ r = UNIT_VTABLE(u)->serialize(u, f, fds);
if (r < 0)
return r;
+
+ rt = unit_get_exec_runtime(u);
+ if (rt) {
+ r = exec_runtime_serialize(rt, u, f, fds);
+ if (r < 0)
+ return r;
+ }
}
dual_timestamp_serialize(f, "inactive-exit-timestamp", &u->inactive_exit_timestamp);
}
int unit_deserialize(Unit *u, FILE *f, FDSet *fds) {
- size_t offset;
ExecRuntime **rt = NULL;
+ size_t offset;
int r;
assert(u);
assert(f);
assert(fds);
- if (!unit_can_serialize(u))
- return 0;
-
offset = UNIT_VTABLE(u)->exec_runtime_offset;
if (offset > 0)
rt = (ExecRuntime**) ((uint8_t*) u + offset);
if (!s)
return -ENOMEM;
- free(u->cgroup_path);
- u->cgroup_path = s;
+ if (u->cgroup_path) {
+ void *p;
+ p = hashmap_remove(u->manager->cgroup_unit, u->cgroup_path);
+ log_info("Removing cgroup_path %s from hashmap (%p)",
+ u->cgroup_path, p);
+ free(u->cgroup_path);
+ }
+
+ u->cgroup_path = s;
assert(hashmap_put(u->manager->cgroup_unit, s, u) == 1);
+
continue;
}
- if (rt) {
- r = exec_runtime_deserialize_item(rt, u, l, v, fds);
+ if (unit_can_serialize(u)) {
+ if (rt) {
+ r = exec_runtime_deserialize_item(rt, u, l, v, fds);
+ if (r < 0)
+ return r;
+ if (r > 0)
+ continue;
+ }
+
+ r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
if (r < 0)
return r;
- if (r > 0)
- continue;
}
-
- r = UNIT_VTABLE(u)->deserialize_item(u, l, v, fds);
- if (r < 0)
- return r;
}
}
ref->unit = NULL;
}
-int unit_cgroup_context_init_defaults(Unit *u, CGroupContext *c) {
- assert(u);
- assert(c);
-
- /* Copy in the manager defaults into the cgroup context,
- * _before_ the rest of the settings have been initialized */
-
- c->cpu_accounting = u->manager->default_cpu_accounting;
- c->blockio_accounting = u->manager->default_blockio_accounting;
- c->memory_accounting = u->manager->default_memory_accounting;
-
- return 0;
-}
-
-int unit_exec_context_patch_defaults(Unit *u, ExecContext *c) {
+int unit_patch_contexts(Unit *u) {
+ CGroupContext *cc;
+ ExecContext *ec;
unsigned i;
int r;
assert(u);
- assert(c);
- /* Patch in the manager defaults into the exec context,
- * _after_ the rest of the settings have been initialized */
+ /* Patch in the manager defaults into the exec and cgroup
+ * contexts, _after_ the rest of the settings have been
+ * initialized */
- /* This only copies in the ones that need memory */
- for (i = 0; i < RLIMIT_NLIMITS; i++)
- if (u->manager->rlimit[i] && !c->rlimit[i]) {
- c->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
- if (!c->rlimit[i])
- return -ENOMEM;
+ ec = unit_get_exec_context(u);
+ if (ec) {
+ /* This only copies in the ones that need memory */
+ for (i = 0; i < _RLIMIT_MAX; i++)
+ if (u->manager->rlimit[i] && !ec->rlimit[i]) {
+ ec->rlimit[i] = newdup(struct rlimit, u->manager->rlimit[i], 1);
+ if (!ec->rlimit[i])
+ return -ENOMEM;
+ }
+
+ if (u->manager->running_as == SYSTEMD_USER &&
+ !ec->working_directory) {
+
+ r = get_home_dir(&ec->working_directory);
+ if (r < 0)
+ return r;
}
- if (u->manager->running_as == SYSTEMD_USER &&
- !c->working_directory) {
+ if (u->manager->running_as == SYSTEMD_USER &&
+ (ec->syscall_whitelist ||
+ !set_isempty(ec->syscall_filter) ||
+ !set_isempty(ec->syscall_archs) ||
+ ec->address_families_whitelist ||
+ !set_isempty(ec->address_families)))
+ ec->no_new_privileges = true;
- r = get_home_dir(&c->working_directory);
- if (r < 0)
- return r;
+ if (ec->private_devices)
+ ec->capability_bounding_set_drop |= (uint64_t) 1ULL << (uint64_t) CAP_MKNOD;
+ }
+
+ cc = unit_get_cgroup_context(u);
+ if (cc) {
+
+ if (ec &&
+ ec->private_devices &&
+ cc->device_policy == CGROUP_AUTO)
+ cc->device_policy = CGROUP_CLOSED;
}
return 0;
size_t offset;
assert(u);
+ if (u->type < 0)
+ return NULL;
+
offset = UNIT_VTABLE(u)->exec_context_offset;
if (offset <= 0)
return NULL;
size_t offset;
assert(u);
+ if (u->type < 0)
+ return NULL;
+
offset = UNIT_VTABLE(u)->kill_context_offset;
if (offset <= 0)
return NULL;
CGroupContext *unit_get_cgroup_context(Unit *u) {
size_t offset;
+ if (u->type < 0)
+ return NULL;
+
offset = UNIT_VTABLE(u)->cgroup_context_offset;
if (offset <= 0)
return NULL;
ExecRuntime *unit_get_exec_runtime(Unit *u) {
size_t offset;
+ if (u->type < 0)
+ return NULL;
+
offset = UNIT_VTABLE(u)->exec_runtime_offset;
if (offset <= 0)
return NULL;
return *(ExecRuntime**) ((uint8_t*) u + offset);
}
-static int drop_in_file(Unit *u, UnitSetPropertiesMode mode, const char *name, char **_p, char **_q) {
- _cleanup_free_ char *b = NULL;
- char *p, *q;
- int r;
-
- assert(u);
- assert(name);
- assert(_p);
- assert(_q);
-
- b = xescape(name, "/.");
- if (!b)
- return -ENOMEM;
-
- if (!filename_is_safe(b))
- return -EINVAL;
-
+static int unit_drop_in_dir(Unit *u, UnitSetPropertiesMode mode, bool transient, char **dir) {
if (u->manager->running_as == SYSTEMD_USER) {
- _cleanup_free_ char *c = NULL;
+ int r;
- r = user_config_home(&c);
- if (r < 0)
- return r;
+ r = user_config_home(dir);
if (r == 0)
return -ENOENT;
+ return r;
+ }
- p = strjoin(c, "/", u->id, ".d", NULL);
- } else if (mode == UNIT_PERSISTENT && !u->transient)
- p = strjoin("/etc/systemd/system/", u->id, ".d", NULL);
+ if (mode == UNIT_PERSISTENT && !transient)
+ *dir = strdup("/etc/systemd/system");
else
- p = strjoin("/run/systemd/system/", u->id, ".d", NULL);
- if (!p)
- return -ENOMEM;
-
- q = strjoin(p, "/90-", b, ".conf", NULL);
- if (!q) {
- free(p);
+ *dir = strdup("/run/systemd/system");
+ if (!*dir)
return -ENOMEM;
- }
- *_p = p;
- *_q = q;
return 0;
}
+static int unit_drop_in_file(Unit *u,
+ UnitSetPropertiesMode mode, const char *name, char **p, char **q) {
+ _cleanup_free_ char *dir = NULL;
+ int r;
+
+ assert(u);
+
+ r = unit_drop_in_dir(u, mode, u->transient, &dir);
+ if (r < 0)
+ return r;
+
+ return drop_in_file(dir, u->id, 50, name, p, q);
+}
+
int unit_write_drop_in(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *data) {
- _cleanup_free_ char *p = NULL, *q = NULL;
+
+ _cleanup_free_ char *dir = NULL;
int r;
assert(u);
- assert(name);
- assert(data);
if (!IN_SET(mode, UNIT_PERSISTENT, UNIT_RUNTIME))
return 0;
- r = drop_in_file(u, mode, name, &p, &q);
+ r = unit_drop_in_dir(u, mode, u->transient, &dir);
if (r < 0)
return r;
- mkdir_p(p, 0755);
- return write_string_file_atomic_label(q, data);
+ return write_drop_in(dir, u->id, 50, name, data);
}
int unit_write_drop_in_format(Unit *u, UnitSetPropertiesMode mode, const char *name, const char *format, ...) {
if (!IN_SET(mode, UNIT_PERSISTENT, UNIT_RUNTIME))
return 0;
- r = drop_in_file(u, mode, name, &p, &q);
+ r = unit_drop_in_file(u, mode, name, &p, &q);
if (r < 0)
return r;
return 0;
}
- r = strv_push(&u->requires_mounts_for, p);
- if (r < 0) {
- free(p);
+ r = strv_consume(&u->requires_mounts_for, p);
+ if (r < 0)
return r;
- }
PATH_FOREACH_PREFIX_MORE(prefix, p) {
Set *x;
[UNIT_TRIGGERED_BY] = "TriggeredBy",
[UNIT_PROPAGATES_RELOAD_TO] = "PropagatesReloadTo",
[UNIT_RELOAD_PROPAGATED_FROM] = "ReloadPropagatedFrom",
+ [UNIT_JOINS_NAMESPACE_OF] = "JoinsNamespaceOf",
[UNIT_REFERENCES] = "References",
[UNIT_REFERENCED_BY] = "ReferencedBy",
- [UNIT_JOINS_NAMESPACE_OF] = "JoinsNamespaceOf",
};
DEFINE_STRING_TABLE_LOOKUP(unit_dependency, UnitDependency);
~ianmdlvl / elogind.git / blobdiff