#include "strv.h"
#include "build.h"
#include "unit-name.h"
+#include "env-util.h"
#include "path-util.h"
#include "bus-error.h"
static const char *arg_slice = NULL;
static bool arg_send_sighup = false;
static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
-static char *arg_host = NULL;
+static const char *arg_host = NULL;
static bool arg_user = false;
-
-static int help(void) {
-
+static const char *arg_service_type = NULL;
+static const char *arg_exec_user = NULL;
+static const char *arg_exec_group = NULL;
+static int arg_nice = 0;
+static bool arg_nice_set = false;
+static char **arg_environment = NULL;
+static char **arg_property = NULL;
+
+static void help(void) {
printf("%s [OPTIONS...] COMMAND [ARGS...]\n\n"
"Run the specified command in a transient scope or service unit.\n\n"
- " -h --help Show this help\n"
- " --version Show package version\n"
- " --user Run as user unit\n"
- " -H --host=[USER@]HOST Operate on remote host\n"
- " -M --machine=CONTAINER Operate on local container\n"
- " --scope Run this as scope rather than service\n"
- " --unit=UNIT Run under the specified unit name\n"
- " --description=TEXT Description for unit\n"
- " --slice=SLICE Run in the specified slice\n"
- " -r --remain-after-exit Leave service around until explicitly stopped\n"
- " --send-sighup Send SIGHUP when terminating\n",
+ " -h --help Show this help\n"
+ " --version Show package version\n"
+ " --user Run as user unit\n"
+ " -H --host=[USER@]HOST Operate on remote host\n"
+ " -M --machine=CONTAINER Operate on local container\n"
+ " --scope Run this as scope rather than service\n"
+ " --unit=UNIT Run under the specified unit name\n"
+ " -p --property=NAME=VALUE Set unit property\n"
+ " --description=TEXT Description for unit\n"
+ " --slice=SLICE Run in the specified slice\n"
+ " -r --remain-after-exit Leave service around until explicitly stopped\n"
+ " --send-sighup Send SIGHUP when terminating\n"
+ " --service-type=TYPE Service type\n"
+ " --uid=USER Run as system user\n"
+ " --gid=GROUP Run as system group\n"
+ " --nice=NICE Nice level\n"
+ " --setenv=NAME=VALUE Set environment\n",
program_invocation_short_name);
-
- return 0;
}
static int parse_argv(int argc, char *argv[]) {
ARG_DESCRIPTION,
ARG_SLICE,
ARG_SEND_SIGHUP,
+ ARG_EXEC_USER,
+ ARG_EXEC_GROUP,
+ ARG_SERVICE_TYPE,
+ ARG_NICE,
+ ARG_SETENV
};
static const struct option options[] = {
- { "help", no_argument, NULL, 'h' },
- { "version", no_argument, NULL, ARG_VERSION },
- { "user", no_argument, NULL, ARG_USER },
- { "system", no_argument, NULL, ARG_SYSTEM },
- { "scope", no_argument, NULL, ARG_SCOPE },
- { "unit", required_argument, NULL, ARG_UNIT },
- { "description", required_argument, NULL, ARG_DESCRIPTION },
- { "slice", required_argument, NULL, ARG_SLICE },
- { "remain-after-exit", no_argument, NULL, 'r' },
- { "send-sighup", no_argument, NULL, ARG_SEND_SIGHUP },
- { "host", required_argument, NULL, 'H' },
- { "machine", required_argument, NULL, 'M' },
+ { "help", no_argument, NULL, 'h' },
+ { "version", no_argument, NULL, ARG_VERSION },
+ { "user", no_argument, NULL, ARG_USER },
+ { "system", no_argument, NULL, ARG_SYSTEM },
+ { "scope", no_argument, NULL, ARG_SCOPE },
+ { "unit", required_argument, NULL, ARG_UNIT },
+ { "description", required_argument, NULL, ARG_DESCRIPTION },
+ { "slice", required_argument, NULL, ARG_SLICE },
+ { "remain-after-exit", no_argument, NULL, 'r' },
+ { "send-sighup", no_argument, NULL, ARG_SEND_SIGHUP },
+ { "host", required_argument, NULL, 'H' },
+ { "machine", required_argument, NULL, 'M' },
+ { "service-type", required_argument, NULL, ARG_SERVICE_TYPE },
+ { "uid", required_argument, NULL, ARG_EXEC_USER },
+ { "gid", required_argument, NULL, ARG_EXEC_GROUP },
+ { "nice", required_argument, NULL, ARG_NICE },
+ { "setenv", required_argument, NULL, ARG_SETENV },
+ { "property", required_argument, NULL, 'p' },
{},
};
- int c;
+ int r, c;
assert(argc >= 0);
assert(argv);
- while ((c = getopt_long(argc, argv, "+hrH:M:", options, NULL)) >= 0) {
+ while ((c = getopt_long(argc, argv, "+hrH:M:p:", options, NULL)) >= 0)
switch (c) {
case 'h':
- return help();
+ help();
+ return 0;
case ARG_VERSION:
puts(PACKAGE_STRING);
arg_host = optarg;
break;
+ case ARG_SERVICE_TYPE:
+ arg_service_type = optarg;
+ break;
+
+ case ARG_EXEC_USER:
+ arg_exec_user = optarg;
+ break;
+
+ case ARG_EXEC_GROUP:
+ arg_exec_group = optarg;
+ break;
+
+ case ARG_NICE:
+ r = safe_atoi(optarg, &arg_nice);
+ if (r < 0 || arg_nice < PRIO_MIN || arg_nice >= PRIO_MAX) {
+ log_error("Failed to parse nice value");
+ return -EINVAL;
+ }
+
+ arg_nice_set = true;
+ break;
+
+ case ARG_SETENV:
+
+ if (strv_extend(&arg_environment, optarg) < 0)
+ return log_oom();
+
+ break;
+
+ case 'p':
+
+ if (strv_extend(&arg_property, optarg) < 0)
+ return log_oom();
+
+ break;
+
case '?':
return -EINVAL;
default:
assert_not_reached("Unhandled option");
}
- }
if (optind >= argc) {
log_error("Command line to execute required.");
return -EINVAL;
}
+ if (arg_scope && (arg_remain_after_exit || arg_service_type)) {
+ log_error("--remain-after-exit and --service-type= are not supported in --scope mode.");
+ return -EINVAL;
+ }
+
return 1;
}
static int message_start_transient_unit_new(sd_bus *bus, const char *name, sd_bus_message **ret) {
_cleanup_bus_message_unref_ sd_bus_message *m = NULL;
+ char **i;
int r;
assert(bus);
assert(name);
assert(ret);
- log_info("Running as unit %s.", name);
-
r = sd_bus_message_new_method_call(
bus,
+ &m,
"org.freedesktop.systemd1",
"/org/freedesktop/systemd1",
"org.freedesktop.systemd1.Manager",
- "StartTransientUnit", &m);
+ "StartTransientUnit");
if (r < 0)
return r;
if (r < 0)
return r;
+ STRV_FOREACH(i, arg_property) {
+ r = sd_bus_message_open_container(m, 'r', "sv");
+ if (r < 0)
+ return r;
+
+ r = bus_append_unit_property_assignment(m, *i);
+ if (r < 0)
+ return r;
+
+ r = sd_bus_message_close_container(m);
+ if (r < 0)
+ return r;
+ }
+
r = sd_bus_message_append(m, "(sv)", "Description", "s", arg_description);
if (r < 0)
return r;
if (!isempty(arg_slice)) {
_cleanup_free_ char *slice;
- slice = unit_name_mangle_with_suffix(arg_slice, false, ".slice");
+ slice = unit_name_mangle_with_suffix(arg_slice, MANGLE_NOGLOB, ".slice");
if (!slice)
return -ENOMEM;
return r;
}
- r = sd_bus_message_append(m, "(sv)", "SendSIGHUP", "b", arg_send_sighup);
- if (r < 0)
- return r;
+ if (arg_send_sighup) {
+ r = sd_bus_message_append(m, "(sv)", "SendSIGHUP", "b", arg_send_sighup);
+ if (r < 0)
+ return r;
+ }
*ret = m;
m = NULL;
_cleanup_bus_message_unref_ sd_bus_message *m = NULL;
_cleanup_free_ char *name = NULL;
- char **i;
int r;
- if (arg_unit)
- name = unit_name_mangle_with_suffix(arg_unit, false, ".service");
- else
- asprintf(&name, "run-%lu.service", (unsigned long) getpid());
- if (!name)
- return -ENOMEM;
+ if (arg_unit) {
+ name = unit_name_mangle_with_suffix(arg_unit, MANGLE_NOGLOB, ".service");
+ if (!name)
+ return log_oom();
+ } else if (asprintf(&name, "run-"PID_FMT".service", getpid()) < 0)
+ return log_oom();
r = message_start_transient_unit_new(bus, name, &m);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
- r = sd_bus_message_append(m, "(sv)", "RemainAfterExit", "b", arg_remain_after_exit);
- if (r < 0)
- return r;
+ if (arg_remain_after_exit) {
+ r = sd_bus_message_append(m, "(sv)", "RemainAfterExit", "b", arg_remain_after_exit);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
+
+ if (arg_service_type) {
+ r = sd_bus_message_append(m, "(sv)", "Type", "s", arg_service_type);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
+
+ if (arg_exec_user) {
+ r = sd_bus_message_append(m, "(sv)", "User", "s", arg_exec_user);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
+
+ if (arg_exec_group) {
+ r = sd_bus_message_append(m, "(sv)", "Group", "s", arg_exec_group);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
+
+ if (arg_nice_set) {
+ r = sd_bus_message_append(m, "(sv)", "Nice", "i", arg_nice);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
+
+ if (!strv_isempty(arg_environment)) {
+ r = sd_bus_message_open_container(m, 'r', "sv");
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = sd_bus_message_append(m, "s", "Environment");
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = sd_bus_message_open_container(m, 'v', "as");
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = sd_bus_message_append_strv(m, arg_environment);
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = sd_bus_message_close_container(m);
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ r = sd_bus_message_close_container(m);
+ if (r < 0)
+ return bus_log_create_error(r);
+ }
r = sd_bus_message_open_container(m, 'r', "sv");
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_append(m, "s", "ExecStart");
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_open_container(m, 'v', "a(sasb)");
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_open_container(m, 'a', "(sasb)");
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_open_container(m, 'r', "sasb");
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_append(m, "s", argv[0]);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
- r = sd_bus_message_open_container(m, 'a', "s");
+ r = sd_bus_message_append_strv(m, argv);
if (r < 0)
- return r;
-
- STRV_FOREACH(i, argv) {
- r = sd_bus_message_append(m, "s", *i);
- if (r < 0)
- return r;
- }
-
- r = sd_bus_message_close_container(m);
- if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_append(m, "b", false);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_close_container(m);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_close_container(m);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_close_container(m);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_close_container(m);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
+
+ r = message_start_transient_unit_send(bus, m, error, NULL);
+ if (r < 0)
+ return bus_log_create_error(r);
+
+ log_info("Running as unit %s.", name);
- return message_start_transient_unit_send(bus, m, error, NULL);
+ return 0;
}
static int start_transient_scope(
_cleanup_bus_message_unref_ sd_bus_message *m = NULL;
_cleanup_free_ char *name = NULL;
+ _cleanup_strv_free_ char **env = NULL, **user_env = NULL;
int r;
assert(bus);
- if (arg_unit)
- name = unit_name_mangle_with_suffix(arg_unit, false, ".scope");
- else
- asprintf(&name, "run-%lu.scope", (unsigned long) getpid());
- if (!name)
- return -ENOMEM;
+ if (arg_unit) {
+ name = unit_name_mangle_with_suffix(arg_unit, MANGLE_NOGLOB, ".scope");
+ if (!name)
+ return log_oom();
+ } else if (asprintf(&name, "run-"PID_FMT".scope", getpid()) < 0)
+ return log_oom();
r = message_start_transient_unit_new(bus, name, &m);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = sd_bus_message_append(m, "(sv)", "PIDs", "au", 1, (uint32_t) getpid());
if (r < 0)
- return r;
+ return bus_log_create_error(r);
r = message_start_transient_unit_send(bus, m, error, NULL);
if (r < 0)
- return r;
+ return bus_log_create_error(r);
+
+ if (arg_nice_set) {
+ if (setpriority(PRIO_PROCESS, 0, arg_nice) < 0)
+ return log_error_errno(errno, "Failed to set nice level: %m");
+ }
+
+ if (arg_exec_group) {
+ gid_t gid;
- execvp(argv[0], argv);
- log_error("Failed to execute: %m");
+ r = get_group_creds(&arg_exec_group, &gid);
+ if (r < 0)
+ return log_error_errno(r, "Failed to resolve group %s: %m", arg_exec_group);
+
+ if (setresgid(gid, gid, gid) < 0)
+ return log_error_errno(errno, "Failed to change GID to " GID_FMT ": %m", gid);
+ }
+
+ if (arg_exec_user) {
+ const char *home, *shell;
+ uid_t uid;
+ gid_t gid;
+
+ r = get_user_creds(&arg_exec_user, &uid, &gid, &home, &shell);
+ if (r < 0)
+ return log_error_errno(r, "Failed to resolve user %s: %m", arg_exec_user);
+
+ r = strv_extendf(&user_env, "HOME=%s", home);
+ if (r < 0)
+ return log_oom();
+
+ r = strv_extendf(&user_env, "SHELL=%s", shell);
+ if (r < 0)
+ return log_oom();
+
+ r = strv_extendf(&user_env, "USER=%s", arg_exec_user);
+ if (r < 0)
+ return log_oom();
+
+ r = strv_extendf(&user_env, "LOGNAME=%s", arg_exec_user);
+ if (r < 0)
+ return log_oom();
+
+ if (!arg_exec_group) {
+ if (setresgid(gid, gid, gid) < 0)
+ return log_error_errno(errno, "Failed to change GID to " GID_FMT ": %m", gid);
+ }
+
+ if (setresuid(uid, uid, uid) < 0)
+ return log_error_errno(errno, "Failed to change UID to " UID_FMT ": %m", uid);
+ }
+
+ env = strv_env_merge(3, environ, user_env, arg_environment);
+ if (!env)
+ return log_oom();
+
+ log_info("Running as unit %s.", name);
+
+ execvpe(argv[0], argv, env);
+ log_error_errno(errno, "Failed to execute: %m");
return -errno;
}
int main(int argc, char* argv[]) {
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
- _cleanup_bus_unref_ sd_bus *bus = NULL;
+ _cleanup_bus_close_unref_ sd_bus *bus = NULL;
_cleanup_free_ char *description = NULL, *command = NULL;
int r;
if (r <= 0)
goto finish;
- r = find_binary(argv[optind], &command);
+ r = find_binary(argv[optind], arg_transport == BUS_TRANSPORT_LOCAL, &command);
if (r < 0) {
- log_error("Failed to find executable %s: %s", argv[optind], strerror(-r));
+ log_error_errno(r, "Failed to find executable %s%s: %m",
+ argv[optind],
+ arg_transport == BUS_TRANSPORT_LOCAL ? "" : " on local system");
goto finish;
}
argv[optind] = command;
arg_description = description;
}
- r = bus_open_transport(arg_transport, arg_host, arg_user, &bus);
+ r = bus_open_transport_systemd(arg_transport, arg_host, arg_user, &bus);
if (r < 0) {
- log_error("Failed to create bus connection: %s", strerror(-r));
+ log_error_errno(r, "Failed to create bus connection: %m");
goto finish;
}
r = start_transient_scope(bus, argv + optind, &error);
else
r = start_transient_service(bus, argv + optind, &error);
- if (r < 0)
- log_error("Failed start transient unit: %s", bus_error_message(&error, r));
finish:
+ strv_free(arg_environment);
+ strv_free(arg_property);
+
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}