1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2010 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/types.h>
27 #include <sys/epoll.h>
29 #include <arpa/inet.h>
30 #include <netinet/tcp.h>
32 #include <sys/xattr.h>
36 #include "load-dropin.h"
37 #include "load-fragment.h"
40 #include "path-util.h"
41 #include "unit-name.h"
42 #include "unit-printf.h"
46 #include "exit-status.h"
48 #include "smack-util.h"
50 #include "bus-error.h"
51 #include "dbus-socket.h"
55 static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
56 [SOCKET_DEAD] = UNIT_INACTIVE,
57 [SOCKET_START_PRE] = UNIT_ACTIVATING,
58 [SOCKET_START_CHOWN] = UNIT_ACTIVATING,
59 [SOCKET_START_POST] = UNIT_ACTIVATING,
60 [SOCKET_LISTENING] = UNIT_ACTIVE,
61 [SOCKET_RUNNING] = UNIT_ACTIVE,
62 [SOCKET_STOP_PRE] = UNIT_DEACTIVATING,
63 [SOCKET_STOP_PRE_SIGTERM] = UNIT_DEACTIVATING,
64 [SOCKET_STOP_PRE_SIGKILL] = UNIT_DEACTIVATING,
65 [SOCKET_STOP_POST] = UNIT_DEACTIVATING,
66 [SOCKET_FINAL_SIGTERM] = UNIT_DEACTIVATING,
67 [SOCKET_FINAL_SIGKILL] = UNIT_DEACTIVATING,
68 [SOCKET_FAILED] = UNIT_FAILED
71 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata);
72 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
74 static void socket_init(Unit *u) {
75 Socket *s = SOCKET(u);
78 assert(u->load_state == UNIT_STUB);
80 s->backlog = SOMAXCONN;
81 s->timeout_usec = u->manager->default_timeout_start_usec;
82 s->directory_mode = 0755;
83 s->socket_mode = 0666;
85 s->max_connections = 64;
92 s->exec_context.std_output = u->manager->default_std_output;
93 s->exec_context.std_error = u->manager->default_std_error;
95 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
98 static void socket_unwatch_control_pid(Socket *s) {
101 if (s->control_pid <= 0)
104 unit_unwatch_pid(UNIT(s), s->control_pid);
108 void socket_free_ports(Socket *s) {
113 while ((p = s->ports)) {
114 LIST_REMOVE(port, s->ports, p);
116 sd_event_source_unref(p->event_source);
124 static void socket_done(Unit *u) {
125 Socket *s = SOCKET(u);
129 socket_free_ports(s);
131 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
132 exec_command_free_array(s->exec_command, _SOCKET_EXEC_COMMAND_MAX);
133 s->control_command = NULL;
135 socket_unwatch_control_pid(s);
137 unit_ref_unset(&s->service);
139 free(s->tcp_congestion);
140 s->tcp_congestion = NULL;
142 free(s->bind_to_device);
143 s->bind_to_device = NULL;
146 free(s->smack_ip_in);
147 free(s->smack_ip_out);
149 strv_free(s->symlinks);
154 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
157 static int socket_arm_timer(Socket *s) {
162 if (s->timeout_usec <= 0) {
163 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
167 if (s->timer_event_source) {
168 r = sd_event_source_set_time(s->timer_event_source, now(CLOCK_MONOTONIC) + s->timeout_usec);
172 return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
175 return sd_event_add_time(
176 UNIT(s)->manager->event,
177 &s->timer_event_source,
179 now(CLOCK_MONOTONIC) + s->timeout_usec, 0,
180 socket_dispatch_timer, s);
183 int socket_instantiate_service(Socket *s) {
184 _cleanup_free_ char *prefix = NULL, *name = NULL;
190 /* This fills in s->service if it isn't filled in yet. For
191 * Accept=yes sockets we create the next connection service
192 * here. For Accept=no this is mostly a NOP since the service
193 * is figured out at load time anyway. */
195 if (UNIT_DEREF(s->service) || !s->accept)
198 prefix = unit_name_to_prefix(UNIT(s)->id);
202 if (asprintf(&name, "%s@%u.service", prefix, s->n_accepted) < 0)
205 r = manager_load_unit(UNIT(s)->manager, name, NULL, NULL, &u);
210 unit_ref_set(&s->service, u);
212 return unit_add_two_dependencies(UNIT(s), UNIT_BEFORE, UNIT_TRIGGERS, u, false);
215 static bool have_non_accept_socket(Socket *s) {
223 LIST_FOREACH(port, p, s->ports) {
225 if (p->type != SOCKET_SOCKET)
228 if (!socket_address_can_accept(&p->address))
235 static int socket_add_mount_links(Socket *s) {
241 LIST_FOREACH(port, p, s->ports) {
242 const char *path = NULL;
244 if (p->type == SOCKET_SOCKET)
245 path = socket_address_get_path(&p->address);
246 else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
252 r = unit_require_mounts_for(UNIT(s), path);
260 static int socket_add_device_link(Socket *s) {
265 if (!s->bind_to_device || streq(s->bind_to_device, "lo"))
268 t = strappenda("/sys/subsystem/net/devices/", s->bind_to_device);
269 return unit_add_node_link(UNIT(s), t, false);
272 static int socket_add_default_dependencies(Socket *s) {
276 r = unit_add_dependency_by_name(UNIT(s), UNIT_BEFORE, SPECIAL_SOCKETS_TARGET, NULL, true);
280 if (UNIT(s)->manager->running_as == SYSTEMD_SYSTEM) {
281 r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, NULL, true);
286 return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, NULL, true);
289 _pure_ static bool socket_has_exec(Socket *s) {
293 for (i = 0; i < _SOCKET_EXEC_COMMAND_MAX; i++)
294 if (s->exec_command[i])
300 static int socket_add_extras(Socket *s) {
306 if (have_non_accept_socket(s)) {
308 if (!UNIT_DEREF(s->service)) {
311 r = unit_load_related_unit(u, ".service", &x);
315 unit_ref_set(&s->service, x);
318 r = unit_add_two_dependencies(u, UNIT_BEFORE, UNIT_TRIGGERS, UNIT_DEREF(s->service), true);
323 r = socket_add_mount_links(s);
327 r = socket_add_device_link(s);
331 r = unit_patch_contexts(u);
335 if (socket_has_exec(s)) {
336 r = unit_add_exec_dependencies(u, &s->exec_context);
340 r = unit_add_default_slice(u, &s->cgroup_context);
345 if (u->default_dependencies) {
346 r = socket_add_default_dependencies(s);
354 static const char *socket_find_symlink_target(Socket *s) {
355 const char *found = NULL;
358 LIST_FOREACH(port, p, s->ports) {
359 const char *f = NULL;
368 if (p->address.sockaddr.un.sun_path[0] != 0)
369 f = p->address.sockaddr.un.sun_path;
387 static int socket_verify(Socket *s) {
390 if (UNIT(s)->load_state != UNIT_LOADED)
394 log_error_unit(UNIT(s)->id, "%s lacks Listen setting. Refusing.", UNIT(s)->id);
398 if (s->accept && have_non_accept_socket(s)) {
399 log_error_unit(UNIT(s)->id, "%s configured for accepting sockets, but sockets are non-accepting. Refusing.",
404 if (s->accept && s->max_connections <= 0) {
405 log_error_unit(UNIT(s)->id, "%s's MaxConnection setting too small. Refusing.", UNIT(s)->id);
409 if (s->accept && UNIT_DEREF(s->service)) {
410 log_error_unit(UNIT(s)->id, "Explicit service configuration for accepting sockets not supported on %s. Refusing.", UNIT(s)->id);
414 if (s->exec_context.pam_name && s->kill_context.kill_mode != KILL_CONTROL_GROUP) {
415 log_error_unit(UNIT(s)->id, "%s has PAM enabled. Kill mode must be set to 'control-group'. Refusing.", UNIT(s)->id);
419 if (!strv_isempty(s->symlinks) && !socket_find_symlink_target(s)) {
420 log_error_unit(UNIT(s)->id, "%s has symlinks set but none or more than one node in the file system. Refusing.", UNIT(s)->id);
427 static int socket_load(Unit *u) {
428 Socket *s = SOCKET(u);
432 assert(u->load_state == UNIT_STUB);
434 r = unit_load_fragment_and_dropin(u);
438 if (u->load_state == UNIT_LOADED) {
439 /* This is a new unit? Then let's add in some extras */
440 r = socket_add_extras(s);
445 return socket_verify(s);
448 _const_ static const char* listen_lookup(int family, int type) {
450 if (family == AF_NETLINK)
451 return "ListenNetlink";
453 if (type == SOCK_STREAM)
454 return "ListenStream";
455 else if (type == SOCK_DGRAM)
456 return "ListenDatagram";
457 else if (type == SOCK_SEQPACKET)
458 return "ListenSequentialPacket";
460 assert_not_reached("Unknown socket type");
464 static void socket_dump(Unit *u, FILE *f, const char *prefix) {
466 Socket *s = SOCKET(u);
473 prefix2 = strappenda(prefix, "\t");
476 "%sSocket State: %s\n"
478 "%sBindIPv6Only: %s\n"
480 "%sSocketMode: %04o\n"
481 "%sDirectoryMode: %04o\n"
484 "%sTransparent: %s\n"
486 "%sPassCredentials: %s\n"
487 "%sPassSecurity: %s\n"
488 "%sTCPCongestion: %s\n"
489 "%sRemoveOnStop: %s\n",
490 prefix, socket_state_to_string(s->state),
491 prefix, socket_result_to_string(s->result),
492 prefix, socket_address_bind_ipv6_only_to_string(s->bind_ipv6_only),
494 prefix, s->socket_mode,
495 prefix, s->directory_mode,
496 prefix, yes_no(s->keep_alive),
497 prefix, yes_no(s->free_bind),
498 prefix, yes_no(s->transparent),
499 prefix, yes_no(s->broadcast),
500 prefix, yes_no(s->pass_cred),
501 prefix, yes_no(s->pass_sec),
502 prefix, strna(s->tcp_congestion),
503 prefix, yes_no(s->remove_on_stop));
505 if (s->control_pid > 0)
507 "%sControl PID: "PID_FMT"\n",
508 prefix, s->control_pid);
510 if (s->bind_to_device)
512 "%sBindToDevice: %s\n",
513 prefix, s->bind_to_device);
518 "%sNConnections: %u\n"
519 "%sMaxConnections: %u\n",
520 prefix, s->n_accepted,
521 prefix, s->n_connections,
522 prefix, s->max_connections);
524 if (s->priority >= 0)
527 prefix, s->priority);
529 if (s->receive_buffer > 0)
531 "%sReceiveBuffer: %zu\n",
532 prefix, s->receive_buffer);
534 if (s->send_buffer > 0)
536 "%sSendBuffer: %zu\n",
537 prefix, s->send_buffer);
549 if (s->pipe_size > 0)
552 prefix, s->pipe_size);
559 if (s->mq_maxmsg > 0)
561 "%sMessageQueueMaxMessages: %li\n",
562 prefix, s->mq_maxmsg);
564 if (s->mq_msgsize > 0)
566 "%sMessageQueueMessageSize: %li\n",
567 prefix, s->mq_msgsize);
572 prefix, yes_no(s->reuse_port));
576 "%sSmackLabel: %s\n",
581 "%sSmackLabelIPIn: %s\n",
582 prefix, s->smack_ip_in);
586 "%sSmackLabelIPOut: %s\n",
587 prefix, s->smack_ip_out);
589 if (!isempty(s->user) || !isempty(s->group))
592 "%sOwnerGroup: %s\n",
593 prefix, strna(s->user),
594 prefix, strna(s->group));
596 LIST_FOREACH(port, p, s->ports) {
598 if (p->type == SOCKET_SOCKET) {
603 if ((r = socket_address_print(&p->address, &k)) < 0)
608 fprintf(f, "%s%s: %s\n", prefix, listen_lookup(socket_address_family(&p->address), p->address.type), t);
610 } else if (p->type == SOCKET_SPECIAL)
611 fprintf(f, "%sListenSpecial: %s\n", prefix, p->path);
612 else if (p->type == SOCKET_MQUEUE)
613 fprintf(f, "%sListenMessageQueue: %s\n", prefix, p->path);
615 fprintf(f, "%sListenFIFO: %s\n", prefix, p->path);
618 exec_context_dump(&s->exec_context, f, prefix);
619 kill_context_dump(&s->kill_context, f, prefix);
621 for (c = 0; c < _SOCKET_EXEC_COMMAND_MAX; c++) {
622 if (!s->exec_command[c])
625 fprintf(f, "%s-> %s:\n",
626 prefix, socket_exec_command_to_string(c));
628 exec_command_dump_list(s->exec_command[c], f, prefix2);
632 static int instance_from_socket(int fd, unsigned nr, char **instance) {
635 union sockaddr_union local, remote;
641 if (getsockname(fd, &local.sa, &l) < 0)
645 if (getpeername(fd, &remote.sa, &l) < 0)
648 switch (local.sa.sa_family) {
652 a = ntohl(local.in.sin_addr.s_addr),
653 b = ntohl(remote.in.sin_addr.s_addr);
656 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
658 a >> 24, (a >> 16) & 0xFF, (a >> 8) & 0xFF, a & 0xFF,
659 ntohs(local.in.sin_port),
660 b >> 24, (b >> 16) & 0xFF, (b >> 8) & 0xFF, b & 0xFF,
661 ntohs(remote.in.sin_port)) < 0)
668 static const unsigned char ipv4_prefix[] = {
669 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0xFF, 0xFF
672 if (memcmp(&local.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0 &&
673 memcmp(&remote.in6.sin6_addr, ipv4_prefix, sizeof(ipv4_prefix)) == 0) {
675 *a = local.in6.sin6_addr.s6_addr+12,
676 *b = remote.in6.sin6_addr.s6_addr+12;
679 "%u-%u.%u.%u.%u:%u-%u.%u.%u.%u:%u",
681 a[0], a[1], a[2], a[3],
682 ntohs(local.in6.sin6_port),
683 b[0], b[1], b[2], b[3],
684 ntohs(remote.in6.sin6_port)) < 0)
687 char a[INET6_ADDRSTRLEN], b[INET6_ADDRSTRLEN];
692 inet_ntop(AF_INET6, &local.in6.sin6_addr, a, sizeof(a)),
693 ntohs(local.in6.sin6_port),
694 inet_ntop(AF_INET6, &remote.in6.sin6_addr, b, sizeof(b)),
695 ntohs(remote.in6.sin6_port)) < 0)
706 k = getpeercred(fd, &ucred);
709 "%u-"PID_FMT"-"UID_FMT,
710 nr, ucred.pid, ucred.uid) < 0)
712 } else if (k == -ENODATA) {
713 /* This handles the case where somebody is
714 * connecting from another pid/uid namespace
715 * (e.g. from outside of our container). */
727 assert_not_reached("Unhandled socket type.");
734 static void socket_close_fds(Socket *s) {
740 LIST_FOREACH(port, p, s->ports) {
742 p->event_source = sd_event_source_unref(p->event_source);
747 p->fd = safe_close(p->fd);
749 /* One little note: we should normally not delete any
750 * sockets in the file system here! After all some
751 * other process we spawned might still have a
752 * reference of this fd and wants to continue to use
753 * it. Therefore we delete sockets in the file system
754 * before we create a new one, not after we stopped
757 if (s->remove_on_stop) {
769 socket_address_unlink(&p->address);
778 if (s->remove_on_stop)
779 STRV_FOREACH(i, s->symlinks)
783 static void socket_apply_socket_options(Socket *s, int fd) {
788 int b = s->keep_alive;
789 if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, &b, sizeof(b)) < 0)
790 log_warning_unit(UNIT(s)->id, "SO_KEEPALIVE failed: %m");
795 if (setsockopt(fd, SOL_SOCKET, SO_BROADCAST, &one, sizeof(one)) < 0)
796 log_warning_unit(UNIT(s)->id, "SO_BROADCAST failed: %m");
801 if (setsockopt(fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)) < 0)
802 log_warning_unit(UNIT(s)->id, "SO_PASSCRED failed: %m");
807 if (setsockopt(fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)) < 0)
808 log_warning_unit(UNIT(s)->id, "SO_PASSSEC failed: %m");
811 if (s->priority >= 0)
812 if (setsockopt(fd, SOL_SOCKET, SO_PRIORITY, &s->priority, sizeof(s->priority)) < 0)
813 log_warning_unit(UNIT(s)->id, "SO_PRIORITY failed: %m");
815 if (s->receive_buffer > 0) {
816 int value = (int) s->receive_buffer;
818 /* We first try with SO_RCVBUFFORCE, in case we have the perms for that */
820 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUFFORCE, &value, sizeof(value)) < 0)
821 if (setsockopt(fd, SOL_SOCKET, SO_RCVBUF, &value, sizeof(value)) < 0)
822 log_warning_unit(UNIT(s)->id, "SO_RCVBUF failed: %m");
825 if (s->send_buffer > 0) {
826 int value = (int) s->send_buffer;
827 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUFFORCE, &value, sizeof(value)) < 0)
828 if (setsockopt(fd, SOL_SOCKET, SO_SNDBUF, &value, sizeof(value)) < 0)
829 log_warning_unit(UNIT(s)->id, "SO_SNDBUF failed: %m");
833 if (setsockopt(fd, SOL_SOCKET, SO_MARK, &s->mark, sizeof(s->mark)) < 0)
834 log_warning_unit(UNIT(s)->id, "SO_MARK failed: %m");
837 if (setsockopt(fd, IPPROTO_IP, IP_TOS, &s->ip_tos, sizeof(s->ip_tos)) < 0)
838 log_warning_unit(UNIT(s)->id, "IP_TOS failed: %m");
840 if (s->ip_ttl >= 0) {
843 r = setsockopt(fd, IPPROTO_IP, IP_TTL, &s->ip_ttl, sizeof(s->ip_ttl));
845 if (socket_ipv6_is_supported())
846 x = setsockopt(fd, IPPROTO_IPV6, IPV6_UNICAST_HOPS, &s->ip_ttl, sizeof(s->ip_ttl));
849 errno = EAFNOSUPPORT;
853 log_warning_unit(UNIT(s)->id,
854 "IP_TTL/IPV6_UNICAST_HOPS failed: %m");
857 if (s->tcp_congestion)
858 if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0)
859 log_warning_unit(UNIT(s)->id, "TCP_CONGESTION failed: %m");
862 int b = s->reuse_port;
863 if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0)
864 log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
868 if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
869 log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
872 if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
873 log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
876 static void socket_apply_fifo_options(Socket *s, int fd) {
880 if (s->pipe_size > 0)
881 if (fcntl(fd, F_SETPIPE_SZ, s->pipe_size) < 0)
882 log_warning_unit(UNIT(s)->id,
886 if (smack_label_fd(fd, s->smack) < 0)
887 log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
890 static int fifo_address_create(
892 mode_t directory_mode,
903 mkdir_parents_label(path, directory_mode);
905 r = label_context_set(path, S_IFIFO);
909 /* Enforce the right access mode for the fifo */
910 old_mask = umask(~ socket_mode);
912 /* Include the original umask in our mask */
913 umask(~socket_mode | old_mask);
915 r = mkfifo(path, socket_mode);
918 if (r < 0 && errno != EEXIST) {
923 if ((fd = open(path, O_RDWR|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW)) < 0) {
928 label_context_clear();
930 if (fstat(fd, &st) < 0) {
935 if (!S_ISFIFO(st.st_mode) ||
936 (st.st_mode & 0777) != (socket_mode & ~old_mask) ||
937 st.st_uid != getuid() ||
938 st.st_gid != getgid()) {
948 label_context_clear();
954 static int special_address_create(
964 fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|O_NONBLOCK|O_NOFOLLOW);
970 if (fstat(fd, &st) < 0) {
975 /* Check whether this is a /proc, /sys or /dev file or char device */
976 if (!S_ISREG(st.st_mode) && !S_ISCHR(st.st_mode)) {
990 static int mq_address_create(
1000 struct mq_attr _attr, *attr = NULL;
1005 if (maxmsg > 0 && msgsize > 0) {
1007 _attr.mq_flags = O_NONBLOCK;
1008 _attr.mq_maxmsg = maxmsg;
1009 _attr.mq_msgsize = msgsize;
1013 /* Enforce the right access mode for the mq */
1014 old_mask = umask(~ mq_mode);
1016 /* Include the original umask in our mask */
1017 umask(~mq_mode | old_mask);
1018 fd = mq_open(path, O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_CREAT, mq_mode, attr);
1026 if (fstat(fd, &st) < 0) {
1031 if ((st.st_mode & 0777) != (mq_mode & ~old_mask) ||
1032 st.st_uid != getuid() ||
1033 st.st_gid != getgid()) {
1047 static int socket_symlink(Socket *s) {
1053 p = socket_find_symlink_target(s);
1057 STRV_FOREACH(i, s->symlinks)
1063 static int socket_open_fds(Socket *s) {
1067 bool know_label = false;
1071 LIST_FOREACH(port, p, s->ports) {
1076 if (p->type == SOCKET_SOCKET) {
1080 r = socket_instantiate_service(s);
1084 if (UNIT_ISSET(s->service) &&
1085 SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]) {
1086 r = label_get_create_label_from_exe(SERVICE(UNIT_DEREF(s->service))->exec_command[SERVICE_EXEC_START]->path, &label);
1087 if (r < 0 && r != -EPERM)
1094 r = socket_address_listen(
1096 SOCK_CLOEXEC|SOCK_NONBLOCK,
1109 socket_apply_socket_options(s, p->fd);
1112 } else if (p->type == SOCKET_SPECIAL) {
1114 r = special_address_create(
1120 } else if (p->type == SOCKET_FIFO) {
1122 r = fifo_address_create(
1130 socket_apply_fifo_options(s, p->fd);
1133 } else if (p->type == SOCKET_MQUEUE) {
1135 r = mq_address_create(
1144 assert_not_reached("Unknown port type");
1151 socket_close_fds(s);
1156 static void socket_unwatch_fds(Socket *s) {
1162 LIST_FOREACH(port, p, s->ports) {
1166 if (!p->event_source)
1169 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_OFF);
1171 log_debug_unit(UNIT(s)->id, "Failed to disable event source.");
1175 static int socket_watch_fds(Socket *s) {
1181 LIST_FOREACH(port, p, s->ports) {
1185 if (p->event_source)
1186 r = sd_event_source_set_enabled(p->event_source, SD_EVENT_ON);
1188 r = sd_event_add_io(UNIT(s)->manager->event, &p->event_source, p->fd, EPOLLIN, socket_dispatch_io, p);
1191 log_warning_unit(UNIT(s)->id, "Failed to watch listening fds: %s", strerror(-r));
1199 socket_unwatch_fds(s);
1203 static void socket_set_state(Socket *s, SocketState state) {
1204 SocketState old_state;
1207 old_state = s->state;
1215 SOCKET_STOP_PRE_SIGTERM,
1216 SOCKET_STOP_PRE_SIGKILL,
1218 SOCKET_FINAL_SIGTERM,
1219 SOCKET_FINAL_SIGKILL)) {
1221 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1222 socket_unwatch_control_pid(s);
1223 s->control_command = NULL;
1224 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
1227 if (state != SOCKET_LISTENING)
1228 socket_unwatch_fds(s);
1236 SOCKET_STOP_PRE_SIGTERM,
1237 SOCKET_STOP_PRE_SIGKILL))
1238 socket_close_fds(s);
1240 if (state != old_state)
1241 log_debug_unit(UNIT(s)->id, "%s changed %s -> %s",
1242 UNIT(s)->id, socket_state_to_string(old_state), socket_state_to_string(state));
1244 unit_notify(UNIT(s), state_translation_table[old_state], state_translation_table[state], true);
1247 static int socket_coldplug(Unit *u) {
1248 Socket *s = SOCKET(u);
1252 assert(s->state == SOCKET_DEAD);
1254 if (s->deserialized_state == s->state)
1257 if (IN_SET(s->deserialized_state,
1262 SOCKET_STOP_PRE_SIGTERM,
1263 SOCKET_STOP_PRE_SIGKILL,
1265 SOCKET_FINAL_SIGTERM,
1266 SOCKET_FINAL_SIGKILL)) {
1268 if (s->control_pid <= 0)
1271 r = unit_watch_pid(UNIT(s), s->control_pid);
1275 r = socket_arm_timer(s);
1280 if (IN_SET(s->deserialized_state,
1286 SOCKET_STOP_PRE_SIGTERM,
1287 SOCKET_STOP_PRE_SIGKILL)) {
1288 r = socket_open_fds(s);
1293 if (s->deserialized_state == SOCKET_LISTENING) {
1294 r = socket_watch_fds(s);
1299 socket_set_state(s, s->deserialized_state);
1303 static int socket_spawn(Socket *s, ExecCommand *c, pid_t *_pid) {
1304 _cleanup_free_ char **argv = NULL;
1312 unit_realize_cgroup(UNIT(s));
1314 r = unit_setup_exec_runtime(UNIT(s));
1318 r = socket_arm_timer(s);
1322 r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
1330 UNIT(s)->manager->environment,
1334 UNIT(s)->manager->confirm_spawn,
1335 UNIT(s)->manager->cgroup_supported,
1336 UNIT(s)->cgroup_path,
1337 manager_get_runtime_prefix(UNIT(s)->manager),
1346 r = unit_watch_pid(UNIT(s), pid);
1348 /* FIXME: we need to do something here */
1355 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1359 static int socket_chown(Socket *s, pid_t *_pid) {
1363 r = socket_arm_timer(s);
1367 /* We have to resolve the user names out-of-process, hence
1368 * let's fork here. It's messy, but well, what can we do? */
1376 uid_t uid = (uid_t) -1;
1377 gid_t gid = (gid_t) -1;
1380 default_signals(SIGNALS_CRASH_HANDLER, SIGNALS_IGNORE, -1);
1381 ignore_signals(SIGPIPE, -1);
1384 if (!isempty(s->user)) {
1385 const char *user = s->user;
1387 r = get_user_creds(&user, &uid, &gid, NULL, NULL);
1394 if (!isempty(s->group)) {
1395 const char *group = s->group;
1397 r = get_group_creds(&group, &gid);
1404 LIST_FOREACH(port, p, s->ports) {
1405 const char *path = NULL;
1407 if (p->type == SOCKET_SOCKET)
1408 path = socket_address_get_path(&p->address);
1409 else if (p->type == SOCKET_FIFO)
1415 if (chown(path, uid, gid) < 0) {
1426 log_error("Failed to chown socket at step %s: %s", exit_status_to_string(ret, EXIT_STATUS_SYSTEMD), strerror(-r));
1431 r = unit_watch_pid(UNIT(s), pid);
1439 s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1443 static void socket_enter_dead(Socket *s, SocketResult f) {
1446 if (f != SOCKET_SUCCESS)
1449 exec_runtime_destroy(s->exec_runtime);
1450 s->exec_runtime = exec_runtime_unref(s->exec_runtime);
1452 exec_context_destroy_runtime_directory(&s->exec_context, manager_get_runtime_prefix(UNIT(s)->manager));
1454 socket_set_state(s, s->result != SOCKET_SUCCESS ? SOCKET_FAILED : SOCKET_DEAD);
1457 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f);
1459 static void socket_enter_stop_post(Socket *s, SocketResult f) {
1463 if (f != SOCKET_SUCCESS)
1466 socket_unwatch_control_pid(s);
1467 s->control_command_id = SOCKET_EXEC_STOP_POST;
1468 s->control_command = s->exec_command[SOCKET_EXEC_STOP_POST];
1470 if (s->control_command) {
1471 r = socket_spawn(s, s->control_command, &s->control_pid);
1475 socket_set_state(s, SOCKET_STOP_POST);
1477 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_SUCCESS);
1482 log_warning_unit(UNIT(s)->id,
1483 "%s failed to run 'stop-post' task: %s",
1484 UNIT(s)->id, strerror(-r));
1485 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1488 static void socket_enter_signal(Socket *s, SocketState state, SocketResult f) {
1493 if (f != SOCKET_SUCCESS)
1496 r = unit_kill_context(
1499 state != SOCKET_STOP_PRE_SIGTERM && state != SOCKET_FINAL_SIGTERM,
1507 r = socket_arm_timer(s);
1511 socket_set_state(s, state);
1512 } else if (state == SOCKET_STOP_PRE_SIGTERM)
1513 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_SUCCESS);
1514 else if (state == SOCKET_STOP_PRE_SIGKILL)
1515 socket_enter_stop_post(s, SOCKET_SUCCESS);
1516 else if (state == SOCKET_FINAL_SIGTERM)
1517 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_SUCCESS);
1519 socket_enter_dead(s, SOCKET_SUCCESS);
1524 log_warning_unit(UNIT(s)->id, "%s failed to kill processes: %s", UNIT(s)->id, strerror(-r));
1526 if (state == SOCKET_STOP_PRE_SIGTERM || state == SOCKET_STOP_PRE_SIGKILL)
1527 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1529 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1532 static void socket_enter_stop_pre(Socket *s, SocketResult f) {
1536 if (f != SOCKET_SUCCESS)
1539 socket_unwatch_control_pid(s);
1540 s->control_command_id = SOCKET_EXEC_STOP_PRE;
1541 s->control_command = s->exec_command[SOCKET_EXEC_STOP_PRE];
1543 if (s->control_command) {
1544 r = socket_spawn(s, s->control_command, &s->control_pid);
1548 socket_set_state(s, SOCKET_STOP_PRE);
1550 socket_enter_stop_post(s, SOCKET_SUCCESS);
1555 log_warning_unit(UNIT(s)->id, "%s failed to run 'stop-pre' task: %s", UNIT(s)->id, strerror(-r));
1556 socket_enter_stop_post(s, SOCKET_FAILURE_RESOURCES);
1559 static void socket_enter_listening(Socket *s) {
1563 r = socket_watch_fds(s);
1565 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1569 socket_set_state(s, SOCKET_LISTENING);
1573 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1576 static void socket_enter_start_post(Socket *s) {
1580 socket_unwatch_control_pid(s);
1581 s->control_command_id = SOCKET_EXEC_START_POST;
1582 s->control_command = s->exec_command[SOCKET_EXEC_START_POST];
1584 if (s->control_command) {
1585 r = socket_spawn(s, s->control_command, &s->control_pid);
1587 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-post' task: %s", UNIT(s)->id, strerror(-r));
1591 socket_set_state(s, SOCKET_START_POST);
1593 socket_enter_listening(s);
1598 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1601 static void socket_enter_start_chown(Socket *s) {
1606 r = socket_open_fds(s);
1608 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1612 if (!isempty(s->user) || !isempty(s->group)) {
1614 socket_unwatch_control_pid(s);
1615 s->control_command_id = SOCKET_EXEC_START_CHOWN;
1616 s->control_command = NULL;
1618 r = socket_chown(s, &s->control_pid);
1620 log_warning_unit(UNIT(s)->id, "%s failed to fork 'start-chown' task: %s", UNIT(s)->id, strerror(-r));
1624 socket_set_state(s, SOCKET_START_CHOWN);
1626 socket_enter_start_post(s);
1631 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1634 static void socket_enter_start_pre(Socket *s) {
1638 socket_unwatch_control_pid(s);
1639 s->control_command_id = SOCKET_EXEC_START_PRE;
1640 s->control_command = s->exec_command[SOCKET_EXEC_START_PRE];
1642 if (s->control_command) {
1643 r = socket_spawn(s, s->control_command, &s->control_pid);
1645 log_warning_unit(UNIT(s)->id, "%s failed to run 'start-pre' task: %s", UNIT(s)->id, strerror(-r));
1649 socket_set_state(s, SOCKET_START_PRE);
1651 socket_enter_start_chown(s);
1656 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1659 static void socket_enter_running(Socket *s, int cfd) {
1660 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1665 /* We don't take connections anymore if we are supposed to
1666 * shut down anyway */
1667 if (unit_stop_pending(UNIT(s))) {
1669 log_debug_unit(UNIT(s)->id, "Suppressing connection request on %s since unit stop is scheduled.", UNIT(s)->id);
1674 /* Flush all sockets by closing and reopening them */
1675 socket_close_fds(s);
1677 r = socket_open_fds(s);
1679 log_warning_unit(UNIT(s)->id, "%s failed to listen on sockets: %s", UNIT(s)->id, strerror(-r));
1680 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1684 r = socket_watch_fds(s);
1686 log_warning_unit(UNIT(s)->id, "%s failed to watch sockets: %s", UNIT(s)->id, strerror(-r));
1687 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1697 bool pending = false;
1699 /* If there's already a start pending don't bother to
1701 SET_FOREACH(other, UNIT(s)->dependencies[UNIT_TRIGGERS], i)
1702 if (unit_active_or_pending(other)) {
1708 if (!UNIT_ISSET(s->service)) {
1709 log_error_unit(UNIT(s)->id, "%s: service to activate vanished, refusing activation.", UNIT(s)->id);
1714 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT_DEREF(s->service), JOB_REPLACE, true, &error, NULL);
1719 socket_set_state(s, SOCKET_RUNNING);
1721 _cleanup_free_ char *prefix = NULL, *instance = NULL, *name = NULL;
1724 if (s->n_connections >= s->max_connections) {
1725 log_warning_unit(UNIT(s)->id, "%s: Too many incoming connections (%u)", UNIT(s)->id, s->n_connections);
1730 r = socket_instantiate_service(s);
1734 r = instance_from_socket(cfd, s->n_accepted, &instance);
1739 /* ENOTCONN is legitimate if TCP RST was received.
1740 * This connection is over, but the socket unit lives on. */
1745 prefix = unit_name_to_prefix(UNIT(s)->id);
1751 name = unit_name_build(prefix, instance, ".service");
1757 r = unit_add_name(UNIT_DEREF(s->service), name);
1761 service = SERVICE(UNIT_DEREF(s->service));
1762 unit_ref_unset(&s->service);
1765 UNIT(service)->no_gc = false;
1767 unit_choose_id(UNIT(service), name);
1769 r = service_set_socket_fd(service, cfd, s);
1774 s->n_connections ++;
1776 r = manager_add_job(UNIT(s)->manager, JOB_START, UNIT(service), JOB_REPLACE, true, &error, NULL);
1780 /* Notify clients about changed counters */
1781 unit_add_to_dbus_queue(UNIT(s));
1787 log_warning_unit(UNIT(s)->id, "%s failed to queue service startup job (Maybe the service file is missing or not a %s unit?): %s",
1788 UNIT(s)->id, cfd >= 0 ? "template" : "non-template",
1789 bus_error_message(&error, r));
1791 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1795 static void socket_run_next(Socket *s) {
1799 assert(s->control_command);
1800 assert(s->control_command->command_next);
1802 socket_unwatch_control_pid(s);
1804 s->control_command = s->control_command->command_next;
1806 r = socket_spawn(s, s->control_command, &s->control_pid);
1813 log_warning_unit(UNIT(s)->id, "%s failed to run next task: %s", UNIT(s)->id, strerror(-r));
1815 if (s->state == SOCKET_START_POST)
1816 socket_enter_stop_pre(s, SOCKET_FAILURE_RESOURCES);
1817 else if (s->state == SOCKET_STOP_POST)
1818 socket_enter_dead(s, SOCKET_FAILURE_RESOURCES);
1820 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_RESOURCES);
1823 static int socket_start(Unit *u) {
1824 Socket *s = SOCKET(u);
1828 /* We cannot fulfill this request right now, try again later
1830 if (IN_SET(s->state,
1832 SOCKET_STOP_PRE_SIGKILL,
1833 SOCKET_STOP_PRE_SIGTERM,
1835 SOCKET_FINAL_SIGTERM,
1836 SOCKET_FINAL_SIGKILL))
1839 /* Already on it! */
1840 if (IN_SET(s->state,
1846 /* Cannot run this without the service being around */
1847 if (UNIT_ISSET(s->service)) {
1850 service = SERVICE(UNIT_DEREF(s->service));
1852 if (UNIT(service)->load_state != UNIT_LOADED) {
1853 log_error_unit(u->id, "Socket service %s not loaded, refusing.", UNIT(service)->id);
1857 /* If the service is already active we cannot start the
1859 if (service->state != SERVICE_DEAD &&
1860 service->state != SERVICE_FAILED &&
1861 service->state != SERVICE_AUTO_RESTART) {
1862 log_error_unit(u->id, "Socket service %s already active, refusing.", UNIT(service)->id);
1867 assert(s->state == SOCKET_DEAD || s->state == SOCKET_FAILED);
1869 s->result = SOCKET_SUCCESS;
1870 socket_enter_start_pre(s);
1875 static int socket_stop(Unit *u) {
1876 Socket *s = SOCKET(u);
1881 if (IN_SET(s->state,
1883 SOCKET_STOP_PRE_SIGTERM,
1884 SOCKET_STOP_PRE_SIGKILL,
1886 SOCKET_FINAL_SIGTERM,
1887 SOCKET_FINAL_SIGKILL))
1890 /* If there's already something running we go directly into
1892 if (IN_SET(s->state,
1895 SOCKET_START_POST)) {
1896 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_SUCCESS);
1900 assert(s->state == SOCKET_LISTENING || s->state == SOCKET_RUNNING);
1902 socket_enter_stop_pre(s, SOCKET_SUCCESS);
1906 static int socket_serialize(Unit *u, FILE *f, FDSet *fds) {
1907 Socket *s = SOCKET(u);
1915 unit_serialize_item(u, f, "state", socket_state_to_string(s->state));
1916 unit_serialize_item(u, f, "result", socket_result_to_string(s->result));
1917 unit_serialize_item_format(u, f, "n-accepted", "%u", s->n_accepted);
1919 if (s->control_pid > 0)
1920 unit_serialize_item_format(u, f, "control-pid", PID_FMT, s->control_pid);
1922 if (s->control_command_id >= 0)
1923 unit_serialize_item(u, f, "control-command", socket_exec_command_to_string(s->control_command_id));
1925 LIST_FOREACH(port, p, s->ports) {
1931 copy = fdset_put_dup(fds, p->fd);
1935 if (p->type == SOCKET_SOCKET) {
1936 _cleanup_free_ char *t = NULL;
1938 r = socket_address_print(&p->address, &t);
1942 if (socket_address_family(&p->address) == AF_NETLINK)
1943 unit_serialize_item_format(u, f, "netlink", "%i %s", copy, t);
1945 unit_serialize_item_format(u, f, "socket", "%i %i %s", copy, p->address.type, t);
1947 } else if (p->type == SOCKET_SPECIAL)
1948 unit_serialize_item_format(u, f, "special", "%i %s", copy, p->path);
1949 else if (p->type == SOCKET_MQUEUE)
1950 unit_serialize_item_format(u, f, "mqueue", "%i %s", copy, p->path);
1952 assert(p->type == SOCKET_FIFO);
1953 unit_serialize_item_format(u, f, "fifo", "%i %s", copy, p->path);
1960 static int socket_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
1961 Socket *s = SOCKET(u);
1967 if (streq(key, "state")) {
1970 state = socket_state_from_string(value);
1972 log_debug_unit(u->id, "Failed to parse state value %s", value);
1974 s->deserialized_state = state;
1975 } else if (streq(key, "result")) {
1978 f = socket_result_from_string(value);
1980 log_debug_unit(u->id, "Failed to parse result value %s", value);
1981 else if (f != SOCKET_SUCCESS)
1984 } else if (streq(key, "n-accepted")) {
1987 if (safe_atou(value, &k) < 0)
1988 log_debug_unit(u->id, "Failed to parse n-accepted value %s", value);
1991 } else if (streq(key, "control-pid")) {
1994 if (parse_pid(value, &pid) < 0)
1995 log_debug_unit(u->id, "Failed to parse control-pid value %s", value);
1997 s->control_pid = pid;
1998 } else if (streq(key, "control-command")) {
1999 SocketExecCommand id;
2001 id = socket_exec_command_from_string(value);
2003 log_debug_unit(u->id, "Failed to parse exec-command value %s", value);
2005 s->control_command_id = id;
2006 s->control_command = s->exec_command[id];
2008 } else if (streq(key, "fifo")) {
2012 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2013 log_debug_unit(u->id, "Failed to parse fifo value %s", value);
2016 LIST_FOREACH(port, p, s->ports)
2017 if (p->type == SOCKET_FIFO &&
2018 streq_ptr(p->path, value+skip))
2023 p->fd = fdset_remove(fds, fd);
2027 } else if (streq(key, "special")) {
2031 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2032 log_debug_unit(u->id, "Failed to parse special value %s", value);
2035 LIST_FOREACH(port, p, s->ports)
2036 if (p->type == SOCKET_SPECIAL &&
2037 streq_ptr(p->path, value+skip))
2042 p->fd = fdset_remove(fds, fd);
2046 } else if (streq(key, "mqueue")) {
2050 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2051 log_debug_unit(u->id, "Failed to parse mqueue value %s", value);
2054 LIST_FOREACH(port, p, s->ports)
2055 if (p->type == SOCKET_MQUEUE &&
2056 streq_ptr(p->path, value+skip))
2061 p->fd = fdset_remove(fds, fd);
2065 } else if (streq(key, "socket")) {
2066 int fd, type, skip = 0;
2069 if (sscanf(value, "%i %i %n", &fd, &type, &skip) < 2 || fd < 0 || type < 0 || !fdset_contains(fds, fd))
2070 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2073 LIST_FOREACH(port, p, s->ports)
2074 if (socket_address_is(&p->address, value+skip, type))
2079 p->fd = fdset_remove(fds, fd);
2083 } else if (streq(key, "netlink")) {
2087 if (sscanf(value, "%i %n", &fd, &skip) < 1 || fd < 0 || !fdset_contains(fds, fd))
2088 log_debug_unit(u->id, "Failed to parse socket value %s", value);
2091 LIST_FOREACH(port, p, s->ports)
2092 if (socket_address_is_netlink(&p->address, value+skip))
2097 p->fd = fdset_remove(fds, fd);
2101 log_debug_unit(UNIT(s)->id, "Unknown serialization key '%s'", key);
2106 static int socket_distribute_fds(Unit *u, FDSet *fds) {
2107 Socket *s = SOCKET(u);
2112 LIST_FOREACH(port, p, s->ports) {
2116 if (p->type != SOCKET_SOCKET)
2122 FDSET_FOREACH(fd, fds, i) {
2123 if (socket_address_matches_fd(&p->address, fd)) {
2124 p->fd = fdset_remove(fds, fd);
2125 s->deserialized_state = SOCKET_LISTENING;
2134 _pure_ static UnitActiveState socket_active_state(Unit *u) {
2137 return state_translation_table[SOCKET(u)->state];
2140 _pure_ static const char *socket_sub_state_to_string(Unit *u) {
2143 return socket_state_to_string(SOCKET(u)->state);
2146 const char* socket_port_type_to_string(SocketPort *p) {
2154 switch (p->address.type) {
2162 case SOCK_SEQPACKET:
2163 return "SequentialPacket";
2166 if (socket_address_family(&p->address) == AF_NETLINK)
2173 case SOCKET_SPECIAL:
2177 return "MessageQueue";
2187 _pure_ static bool socket_check_gc(Unit *u) {
2188 Socket *s = SOCKET(u);
2192 return s->n_connections > 0;
2195 static int socket_dispatch_io(sd_event_source *source, int fd, uint32_t revents, void *userdata) {
2196 SocketPort *p = userdata;
2202 if (p->socket->state != SOCKET_LISTENING)
2205 log_debug_unit(UNIT(p->socket)->id, "Incoming traffic on %s", UNIT(p->socket)->id);
2207 if (revents != EPOLLIN) {
2209 if (revents & EPOLLHUP)
2210 log_error_unit(UNIT(p->socket)->id, "%s: Got POLLHUP on a listening socket. The service probably invoked shutdown() on it, and should better not do that.",
2211 UNIT(p->socket)->id);
2213 log_error_unit(UNIT(p->socket)->id, "%s: Got unexpected poll event (0x%x) on socket.",
2214 UNIT(p->socket)->id, revents);
2219 if (p->socket->accept &&
2220 p->type == SOCKET_SOCKET &&
2221 socket_address_can_accept(&p->address)) {
2225 cfd = accept4(fd, NULL, NULL, SOCK_NONBLOCK);
2231 log_error_unit(UNIT(p->socket)->id,
2232 "Failed to accept socket: %m");
2239 socket_apply_socket_options(p->socket, cfd);
2242 socket_enter_running(p->socket, cfd);
2246 socket_enter_stop_pre(p->socket, SOCKET_FAILURE_RESOURCES);
2250 static void socket_sigchld_event(Unit *u, pid_t pid, int code, int status) {
2251 Socket *s = SOCKET(u);
2257 if (pid != s->control_pid)
2262 if (is_clean_exit(code, status, NULL))
2264 else if (code == CLD_EXITED)
2265 f = SOCKET_FAILURE_EXIT_CODE;
2266 else if (code == CLD_KILLED)
2267 f = SOCKET_FAILURE_SIGNAL;
2268 else if (code == CLD_DUMPED)
2269 f = SOCKET_FAILURE_CORE_DUMP;
2271 assert_not_reached("Unknown sigchld code");
2273 if (s->control_command) {
2274 exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
2276 if (s->control_command->ignore)
2280 log_full_unit(f == SOCKET_SUCCESS ? LOG_DEBUG : LOG_NOTICE,
2282 "%s control process exited, code=%s status=%i",
2283 u->id, sigchld_code_to_string(code), status);
2285 if (f != SOCKET_SUCCESS)
2288 if (s->control_command &&
2289 s->control_command->command_next &&
2290 f == SOCKET_SUCCESS) {
2292 log_debug_unit(u->id,
2293 "%s running next command for state %s",
2294 u->id, socket_state_to_string(s->state));
2297 s->control_command = NULL;
2298 s->control_command_id = _SOCKET_EXEC_COMMAND_INVALID;
2300 /* No further commands for this step, so let's figure
2301 * out what to do next */
2303 log_debug_unit(u->id,
2304 "%s got final SIGCHLD for state %s",
2305 u->id, socket_state_to_string(s->state));
2309 case SOCKET_START_PRE:
2310 if (f == SOCKET_SUCCESS)
2311 socket_enter_start_chown(s);
2313 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, f);
2316 case SOCKET_START_CHOWN:
2317 if (f == SOCKET_SUCCESS)
2318 socket_enter_start_post(s);
2320 socket_enter_stop_pre(s, f);
2323 case SOCKET_START_POST:
2324 if (f == SOCKET_SUCCESS)
2325 socket_enter_listening(s);
2327 socket_enter_stop_pre(s, f);
2330 case SOCKET_STOP_PRE:
2331 case SOCKET_STOP_PRE_SIGTERM:
2332 case SOCKET_STOP_PRE_SIGKILL:
2333 socket_enter_stop_post(s, f);
2336 case SOCKET_STOP_POST:
2337 case SOCKET_FINAL_SIGTERM:
2338 case SOCKET_FINAL_SIGKILL:
2339 socket_enter_dead(s, f);
2343 assert_not_reached("Uh, control process died at wrong time.");
2347 /* Notify clients about changed exit status */
2348 unit_add_to_dbus_queue(u);
2351 static int socket_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
2352 Socket *s = SOCKET(userdata);
2355 assert(s->timer_event_source == source);
2359 case SOCKET_START_PRE:
2360 log_warning_unit(UNIT(s)->id, "%s starting timed out. Terminating.", UNIT(s)->id);
2361 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2364 case SOCKET_START_CHOWN:
2365 case SOCKET_START_POST:
2366 log_warning_unit(UNIT(s)->id, "%s starting timed out. Stopping.", UNIT(s)->id);
2367 socket_enter_stop_pre(s, SOCKET_FAILURE_TIMEOUT);
2370 case SOCKET_STOP_PRE:
2371 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Terminating.", UNIT(s)->id);
2372 socket_enter_signal(s, SOCKET_STOP_PRE_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2375 case SOCKET_STOP_PRE_SIGTERM:
2376 if (s->kill_context.send_sigkill) {
2377 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Killing.", UNIT(s)->id);
2378 socket_enter_signal(s, SOCKET_STOP_PRE_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2380 log_warning_unit(UNIT(s)->id, "%s stopping timed out. Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2381 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2385 case SOCKET_STOP_PRE_SIGKILL:
2386 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL. Ignoring.", UNIT(s)->id);
2387 socket_enter_stop_post(s, SOCKET_FAILURE_TIMEOUT);
2390 case SOCKET_STOP_POST:
2391 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Terminating.", UNIT(s)->id);
2392 socket_enter_signal(s, SOCKET_FINAL_SIGTERM, SOCKET_FAILURE_TIMEOUT);
2395 case SOCKET_FINAL_SIGTERM:
2396 if (s->kill_context.send_sigkill) {
2397 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Killing.", UNIT(s)->id);
2398 socket_enter_signal(s, SOCKET_FINAL_SIGKILL, SOCKET_FAILURE_TIMEOUT);
2400 log_warning_unit(UNIT(s)->id, "%s stopping timed out (2). Skipping SIGKILL. Ignoring.", UNIT(s)->id);
2401 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2405 case SOCKET_FINAL_SIGKILL:
2406 log_warning_unit(UNIT(s)->id, "%s still around after SIGKILL (2). Entering failed mode.", UNIT(s)->id);
2407 socket_enter_dead(s, SOCKET_FAILURE_TIMEOUT);
2411 assert_not_reached("Timeout at wrong time.");
2417 int socket_collect_fds(Socket *s, int **fds, unsigned *n_fds) {
2426 /* Called from the service code for requesting our fds */
2429 LIST_FOREACH(port, p, s->ports)
2439 if (!(rfds = new(int, rn_fds)))
2443 LIST_FOREACH(port, p, s->ports)
2447 assert(k == rn_fds);
2455 static void socket_reset_failed(Unit *u) {
2456 Socket *s = SOCKET(u);
2460 if (s->state == SOCKET_FAILED)
2461 socket_set_state(s, SOCKET_DEAD);
2463 s->result = SOCKET_SUCCESS;
2466 static void socket_notify_service_dead(Socket *s, bool failed_permanent) {
2469 /* The service is dead. Dang!
2471 * This is strictly for one-instance-for-all-connections
2474 if (s->state == SOCKET_RUNNING) {
2475 log_debug_unit(UNIT(s)->id, "%s got notified about service death (failed permanently: %s)", UNIT(s)->id, yes_no(failed_permanent));
2476 if (failed_permanent)
2477 socket_enter_stop_pre(s, SOCKET_FAILURE_SERVICE_FAILED_PERMANENT);
2479 socket_enter_listening(s);
2483 void socket_connection_unref(Socket *s) {
2486 /* The service is dead. Yay!
2488 * This is strictly for one-instance-per-connection
2491 assert(s->n_connections > 0);
2494 log_debug_unit(UNIT(s)->id, "%s: One connection closed, %u left.", UNIT(s)->id, s->n_connections);
2497 static void socket_trigger_notify(Unit *u, Unit *other) {
2498 Socket *s = SOCKET(u);
2504 /* Don't propagate state changes from the service if we are
2505 already down or accepting connections */
2506 if ((s->state != SOCKET_RUNNING &&
2507 s->state != SOCKET_LISTENING) ||
2511 if (other->load_state != UNIT_LOADED ||
2512 other->type != UNIT_SERVICE)
2515 se = SERVICE(other);
2517 if (se->state == SERVICE_FAILED)
2518 socket_notify_service_dead(s, se->result == SERVICE_FAILURE_START_LIMIT);
2520 if (se->state == SERVICE_DEAD ||
2521 se->state == SERVICE_STOP ||
2522 se->state == SERVICE_STOP_SIGTERM ||
2523 se->state == SERVICE_STOP_SIGKILL ||
2524 se->state == SERVICE_STOP_POST ||
2525 se->state == SERVICE_FINAL_SIGTERM ||
2526 se->state == SERVICE_FINAL_SIGKILL ||
2527 se->state == SERVICE_AUTO_RESTART)
2528 socket_notify_service_dead(s, false);
2530 if (se->state == SERVICE_RUNNING)
2531 socket_set_state(s, SOCKET_RUNNING);
2534 static int socket_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
2535 return unit_kill_common(u, who, signo, -1, SOCKET(u)->control_pid, error);
2538 static int socket_get_timeout(Unit *u, uint64_t *timeout) {
2539 Socket *s = SOCKET(u);
2542 if (!s->timer_event_source)
2545 r = sd_event_source_get_time(s->timer_event_source, timeout);
2552 static const char* const socket_state_table[_SOCKET_STATE_MAX] = {
2553 [SOCKET_DEAD] = "dead",
2554 [SOCKET_START_PRE] = "start-pre",
2555 [SOCKET_START_CHOWN] = "start-chown",
2556 [SOCKET_START_POST] = "start-post",
2557 [SOCKET_LISTENING] = "listening",
2558 [SOCKET_RUNNING] = "running",
2559 [SOCKET_STOP_PRE] = "stop-pre",
2560 [SOCKET_STOP_PRE_SIGTERM] = "stop-pre-sigterm",
2561 [SOCKET_STOP_PRE_SIGKILL] = "stop-pre-sigkill",
2562 [SOCKET_STOP_POST] = "stop-post",
2563 [SOCKET_FINAL_SIGTERM] = "final-sigterm",
2564 [SOCKET_FINAL_SIGKILL] = "final-sigkill",
2565 [SOCKET_FAILED] = "failed"
2568 DEFINE_STRING_TABLE_LOOKUP(socket_state, SocketState);
2570 static const char* const socket_exec_command_table[_SOCKET_EXEC_COMMAND_MAX] = {
2571 [SOCKET_EXEC_START_PRE] = "StartPre",
2572 [SOCKET_EXEC_START_CHOWN] = "StartChown",
2573 [SOCKET_EXEC_START_POST] = "StartPost",
2574 [SOCKET_EXEC_STOP_PRE] = "StopPre",
2575 [SOCKET_EXEC_STOP_POST] = "StopPost"
2578 DEFINE_STRING_TABLE_LOOKUP(socket_exec_command, SocketExecCommand);
2580 static const char* const socket_result_table[_SOCKET_RESULT_MAX] = {
2581 [SOCKET_SUCCESS] = "success",
2582 [SOCKET_FAILURE_RESOURCES] = "resources",
2583 [SOCKET_FAILURE_TIMEOUT] = "timeout",
2584 [SOCKET_FAILURE_EXIT_CODE] = "exit-code",
2585 [SOCKET_FAILURE_SIGNAL] = "signal",
2586 [SOCKET_FAILURE_CORE_DUMP] = "core-dump",
2587 [SOCKET_FAILURE_SERVICE_FAILED_PERMANENT] = "service-failed-permanent"
2590 DEFINE_STRING_TABLE_LOOKUP(socket_result, SocketResult);
2592 const UnitVTable socket_vtable = {
2593 .object_size = sizeof(Socket),
2594 .exec_context_offset = offsetof(Socket, exec_context),
2595 .cgroup_context_offset = offsetof(Socket, cgroup_context),
2596 .kill_context_offset = offsetof(Socket, kill_context),
2597 .exec_runtime_offset = offsetof(Socket, exec_runtime),
2603 .private_section = "Socket",
2605 .init = socket_init,
2606 .done = socket_done,
2607 .load = socket_load,
2609 .coldplug = socket_coldplug,
2611 .dump = socket_dump,
2613 .start = socket_start,
2614 .stop = socket_stop,
2616 .kill = socket_kill,
2618 .get_timeout = socket_get_timeout,
2620 .serialize = socket_serialize,
2621 .deserialize_item = socket_deserialize_item,
2622 .distribute_fds = socket_distribute_fds,
2624 .active_state = socket_active_state,
2625 .sub_state_to_string = socket_sub_state_to_string,
2627 .check_gc = socket_check_gc,
2629 .sigchld_event = socket_sigchld_event,
2631 .trigger_notify = socket_trigger_notify,
2633 .reset_failed = socket_reset_failed,
2635 .bus_interface = "org.freedesktop.systemd1.Socket",
2636 .bus_vtable = bus_socket_vtable,
2637 .bus_set_property = bus_socket_set_property,
2638 .bus_commit_properties = bus_socket_commit_properties,
2640 .status_message_formats = {
2641 /*.starting_stopping = {
2642 [0] = "Starting socket %s...",
2643 [1] = "Stopping socket %s...",
2645 .finished_start_job = {
2646 [JOB_DONE] = "Listening on %s.",
2647 [JOB_FAILED] = "Failed to listen on %s.",
2648 [JOB_DEPENDENCY] = "Dependency failed for %s.",
2649 [JOB_TIMEOUT] = "Timed out starting %s.",
2651 .finished_stop_job = {
2652 [JOB_DONE] = "Closed %s.",
2653 [JOB_FAILED] = "Failed stopping %s.",
2654 [JOB_TIMEOUT] = "Timed out stopping %s.",