#include "label.h"
#include "exit-status.h"
#include "def.h"
+#include "smack-util.h"
static const UnitActiveState state_translation_table[_SOCKET_STATE_MAX] = {
[SOCKET_DEAD] = UNIT_INACTIVE,
assert(u->load_state == UNIT_STUB);
s->backlog = SOMAXCONN;
- s->timeout_usec = DEFAULT_TIMEOUT_USEC;
+ s->timeout_usec = u->manager->default_timeout_start_usec;
s->directory_mode = 0755;
s->socket_mode = 0666;
assert(s);
while ((p = s->ports)) {
- LIST_REMOVE(SocketPort, port, s->ports, p);
+ LIST_REMOVE(port, s->ports, p);
if (p->fd >= 0) {
unit_unwatch_fd(UNIT(s), &p->fd_watch);
return 0;
}
-static bool socket_needs_mount(Socket *s, const char *prefix) {
+static int socket_add_mount_links(Socket *s) {
SocketPort *p;
-
- assert(s);
-
- LIST_FOREACH(port, p, s->ports) {
-
- if (p->type == SOCKET_SOCKET) {
- if (socket_address_needs_mount(&p->address, prefix))
- return true;
- } else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL) {
- if (path_startswith(p->path, prefix))
- return true;
- }
- }
-
- return false;
-}
-
-int socket_add_one_mount_link(Socket *s, Mount *m) {
int r;
assert(s);
- assert(m);
- if (UNIT(s)->load_state != UNIT_LOADED ||
- UNIT(m)->load_state != UNIT_LOADED)
- return 0;
-
- if (!socket_needs_mount(s, m->where))
- return 0;
-
- r = unit_add_two_dependencies(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, UNIT(m), true);
- if (r < 0)
- return r;
+ LIST_FOREACH(port, p, s->ports) {
+ const char *path = NULL;
- return 0;
-}
+ if (p->type == SOCKET_SOCKET)
+ path = socket_address_get_path(&p->address);
+ else if (p->type == SOCKET_FIFO || p->type == SOCKET_SPECIAL)
+ path = p->path;
-static int socket_add_mount_links(Socket *s) {
- Unit *other;
- int r;
-
- assert(s);
+ if (!path)
+ continue;
- LIST_FOREACH(units_by_type, other, UNIT(s)->manager->units_by_type[UNIT_MOUNT]) {
- r = socket_add_one_mount_link(s, MOUNT(other));
+ r = unit_require_mounts_for(UNIT(s), path);
if (r < 0)
return r;
}
log_warning_unit(UNIT(s)->id, "SO_REUSEPORT failed: %m");
}
-#ifdef HAVE_SMACK
if (s->smack_ip_in)
- if (fsetxattr(fd, "security.SMACK64IPIN", s->smack_ip_in, strlen(s->smack_ip_in), 0) < 0)
- log_error_unit(UNIT(s)->id,
- "fsetxattr(\"security.SMACK64IPIN\"): %m");
+ if (smack_label_ip_in_fd(fd, s->smack_ip_in) < 0)
+ log_error_unit(UNIT(s)->id, "smack_label_ip_in_fd: %m");
if (s->smack_ip_out)
- if (fsetxattr(fd, "security.SMACK64IPOUT", s->smack_ip_out, strlen(s->smack_ip_out), 0) < 0)
- log_error_unit(UNIT(s)->id,
- "fsetxattr(\"security.SMACK64IPOUT\"): %m");
-#endif
+ if (smack_label_ip_out_fd(fd, s->smack_ip_out) < 0)
+ log_error_unit(UNIT(s)->id, "smack_label_ip_out_fd: %m");
}
static void socket_apply_fifo_options(Socket *s, int fd) {
log_warning_unit(UNIT(s)->id,
"F_SETPIPE_SZ: %m");
-#ifdef HAVE_SMACK
if (s->smack)
- if (fsetxattr(fd, "security.SMACK64", s->smack, strlen(s->smack), 0) < 0)
- log_error_unit(UNIT(s)->id,
- "fsetxattr(\"security.SMACK64\"): %m");
-#endif
+ if (smack_label_fd(fd, s->smack) < 0)
+ log_error_unit(UNIT(s)->id, "smack_label_fd: %m");
}
static int fifo_address_create(
know_label = true;
}
- if ((r = socket_address_listen(
- &p->address,
- s->backlog,
- s->bind_ipv6_only,
- s->bind_to_device,
- s->free_bind,
- s->transparent,
- s->directory_mode,
- s->socket_mode,
- label,
- &p->fd)) < 0)
+ r = socket_address_listen(
+ &p->address,
+ SOCK_CLOEXEC|SOCK_NONBLOCK,
+ s->backlog,
+ s->bind_ipv6_only,
+ s->bind_to_device,
+ s->free_bind,
+ s->transparent,
+ s->directory_mode,
+ s->socket_mode,
+ label);
+ if (r < 0)
goto rollback;
+ p->fd = r;
socket_apply_socket_options(s, p->fd);
} else if (p->type == SOCKET_SPECIAL) {
- if ((r = special_address_create(
- p->path,
- &p->fd)) < 0)
+ r = special_address_create(
+ p->path,
+ &p->fd);
+ if (r < 0)
goto rollback;
} else if (p->type == SOCKET_FIFO) {
- if ((r = fifo_address_create(
- p->path,
- s->directory_mode,
- s->socket_mode,
- &p->fd)) < 0)
+ r = fifo_address_create(
+ p->path,
+ s->directory_mode,
+ s->socket_mode,
+ &p->fd);
+ if (r < 0)
goto rollback;
socket_apply_fifo_options(s, p->fd);
} else if (p->type == SOCKET_MQUEUE) {
- if ((r = mq_address_create(
- p->path,
- s->socket_mode,
- s->mq_maxmsg,
- s->mq_msgsize,
- &p->fd)) < 0)
+ r = mq_address_create(
+ p->path,
+ s->socket_mode,
+ s->mq_maxmsg,
+ s->mq_msgsize,
+ &p->fd);
+ if (r < 0)
goto rollback;
} else
assert_not_reached("Unknown port type");
if (r < 0)
goto fail;
- argv = unit_full_printf_strv(UNIT(s), c->argv);
- if (!argv) {
- r = -ENOMEM;
+ r = unit_full_printf_strv(UNIT(s), c->argv, &argv);
+ if (r < 0)
goto fail;
- }
r = exec_spawn(c,
argv,
true,
true,
UNIT(s)->manager->confirm_spawn,
- UNIT(s)->cgroup_mask,
+ UNIT(s)->manager->cgroup_supported,
UNIT(s)->cgroup_path,
UNIT(s)->id,
NULL,