}
static int service_set_main_pid(Service *s, pid_t pid) {
+ pid_t ppid;
+
assert(s);
if (pid <= 1)
if (pid == getpid())
return -EINVAL;
+ if (get_parent_of_pid(pid, &ppid) >= 0 && ppid != getpid())
+ log_warning("%s: Supervising process %lu which is not our child. We'll most likely not notice when it exits.",
+ s->meta.id, (unsigned long) pid);
+
s->main_pid = pid;
s->main_pid_known = true;
return 0;
}
-static int service_set_control_pid(Service *s, pid_t pid) {
+static void service_close_socket_fd(Service *s) {
assert(s);
- if (pid <= 1)
- return -EINVAL;
-
- if (pid == getpid())
- return -EINVAL;
-
- s->control_pid = pid;
+ if (s->socket_fd < 0)
+ return;
- return 0;
+ close_nointr_nofail(s->socket_fd);
+ s->socket_fd = -1;
}
-static void service_close_socket_fd(Service *s) {
+static void service_connection_unref(Service *s) {
assert(s);
- if (s->socket_fd < 0)
+ if (!s->socket)
return;
- close_nointr_nofail(s->socket_fd);
- s->socket_fd = -1;
+ socket_connection_unref(s->socket);
+ s->socket = NULL;
}
static void service_done(Unit *u) {
}
service_close_socket_fd(s);
+ service_connection_unref(s);
unit_unwatch_timer(u, &s->timer_watch);
}
return -EINVAL;
}
+ if (s->exec_command[SERVICE_EXEC_START]->command_next) {
+ log_error("%s has more than one ExecStart setting. Refusing.", UNIT(s)->meta.id);
+ return -EINVAL;
+ }
+
if (s->type == SERVICE_DBUS && !s->bus_name) {
log_error("%s is of type D-Bus but no D-Bus service name has been specified. Refusing.", UNIT(s)->meta.id);
return -EINVAL;
if ((r = unit_watch_bus_name(u, s->bus_name)) < 0)
return r;
}
+
+ if (s->type == SERVICE_NOTIFY && s->notify_access == NOTIFY_NONE)
+ s->notify_access = NOTIFY_MAIN;
}
return service_verify(s);
"%sRootDirectoryStartOnly: %s\n"
"%sValidNoProcess: %s\n"
"%sKillMode: %s\n"
- "%sType: %s\n",
+ "%sType: %s\n"
+ "%sNotifyAccess: %s\n",
prefix, service_state_to_string(s->state),
prefix, yes_no(s->permissions_start_only),
prefix, yes_no(s->root_directory_start_only),
prefix, yes_no(s->valid_no_process),
prefix, kill_mode_to_string(s->kill_mode),
- prefix, service_type_to_string(s->type));
+ prefix, service_type_to_string(s->type),
+ prefix, notify_access_to_string(s->notify_access));
if (s->control_pid > 0)
fprintf(f,
assert(s);
assert(_set);
+ if (s->socket_fd >= 0)
+ return 0;
+
/* Collects all Socket objects that belong to this
* service. Note that a service might have multiple sockets
* via multiple names. */
assert(s);
+ if (s->socket_fd >= 0)
+ return 0;
+
/* Notifies all our sockets when we die */
if ((r = service_get_sockets(s, &set)) < 0)
return r;
if (state != SERVICE_START_PRE &&
state != SERVICE_START &&
- !(state == SERVICE_DEAD && UNIT(s)->meta.job))
+ state != SERVICE_START_POST &&
+ state != SERVICE_RUNNING &&
+ state != SERVICE_RELOAD &&
+ state != SERVICE_STOP &&
+ state != SERVICE_STOP_SIGTERM &&
+ state != SERVICE_STOP_SIGKILL &&
+ state != SERVICE_STOP_POST &&
+ state != SERVICE_FINAL_SIGTERM &&
+ state != SERVICE_FINAL_SIGKILL &&
+ !(state == SERVICE_DEAD && UNIT(s)->meta.job)) {
service_close_socket_fd(s);
+ service_connection_unref(s);
+ }
if (old_state != state)
log_debug("%s changed %s -> %s", UNIT(s)->meta.id, service_state_to_string(old_state), service_state_to_string(state));
assert(fds);
assert(n_fds);
+ if (s->socket_fd >= 0)
+ return 0;
+
if ((r = service_get_sockets(s, &set)) < 0)
return r;
bool pass_fds,
bool apply_permissions,
bool apply_chroot,
+ bool set_notify_socket,
pid_t *_pid) {
pid_t pid;
int r;
- int *fds = NULL;
+ int *fds = NULL, *fdsbuf = NULL;
unsigned n_fds = 0;
- char **argv;
+ char **argv = NULL, **env = NULL;
assert(s);
assert(c);
assert(_pid);
- if (pass_fds) {
+ if (pass_fds ||
+ s->exec_context.std_input == EXEC_INPUT_SOCKET ||
+ s->exec_context.std_output == EXEC_OUTPUT_SOCKET ||
+ s->exec_context.std_error == EXEC_OUTPUT_SOCKET) {
+
if (s->socket_fd >= 0) {
fds = &s->socket_fd;
n_fds = 1;
- } else if ((r = service_collect_fds(s, &fds, &n_fds)) < 0)
- goto fail;
+ } else {
+ if ((r = service_collect_fds(s, &fdsbuf, &n_fds)) < 0)
+ goto fail;
+
+ fds = fdsbuf;
+ }
}
if (timeout && s->timeout_usec) {
goto fail;
}
+ if (set_notify_socket) {
+ char *t;
+
+ if (asprintf(&t, "NOTIFY_SOCKET=@%s", s->meta.manager->notify_socket) < 0) {
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ env = strv_env_set(s->meta.manager->environment, t);
+ free(t);
+
+ if (!env) {
+ r = -ENOMEM;
+ goto fail;
+ }
+ } else
+ env = s->meta.manager->environment;
+
r = exec_spawn(c,
argv,
&s->exec_context,
fds, n_fds,
- s->meta.manager->environment,
+ env,
apply_permissions,
apply_chroot,
UNIT(s)->meta.manager->confirm_spawn,
&pid);
strv_free(argv);
+ argv = NULL;
+
+ if (set_notify_socket)
+ strv_free(env);
+ env = NULL;
+
if (r < 0)
goto fail;
- if (fds) {
- if (s->socket_fd >= 0)
- service_close_socket_fd(s);
- else
- free(fds);
- }
+ if (fdsbuf)
+ free(fdsbuf);
if ((r = unit_watch_pid(UNIT(s), pid)) < 0)
/* FIXME: we need to do something here */
fail:
free(fds);
+ strv_free(argv);
+
+ if (set_notify_socket)
+ strv_free(env);
+
if (timeout)
unit_unwatch_timer(UNIT(s), &s->timer_watch);
assert(s);
- if (s->valid_no_process)
- return -EAGAIN;
-
if ((r = cgroup_bonding_is_empty_list(UNIT(s)->meta.cgroup_bondings)) < 0)
return r;
false,
!s->permissions_start_only,
!s->root_directory_start_only,
+ false,
&s->control_pid)) < 0)
goto fail;
static void service_enter_stop(Service *s, bool success) {
int r;
- pid_t pid;
assert(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_STOP);
} else
service_enter_signal(s, SERVICE_STOP_SIGTERM, true);
static void service_enter_start_post(Service *s) {
int r;
- pid_t pid;
assert(s);
service_unwatch_control_pid(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_START_POST);
} else
service_enter_running(s, true);
true,
true,
true,
+ s->notify_access != NOTIFY_NONE,
&pid)) < 0)
goto fail;
s->control_command_id = SERVICE_EXEC_START;
s->control_command = s->exec_command[SERVICE_EXEC_START];
- service_set_control_pid(s, pid);
+ s->control_pid = pid;
service_set_state(s, SERVICE_START);
} else if (s->type == SERVICE_FINISH ||
static void service_enter_start_pre(Service *s) {
int r;
- pid_t pid;
assert(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_START_PRE);
} else
service_enter_start(s);
static void service_enter_reload(Service *s) {
int r;
- pid_t pid;
assert(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_RELOAD);
} else
service_enter_running(s, true);
static void service_run_next(Service *s, bool success) {
int r;
- pid_t pid;
assert(s);
assert(s->control_command);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
return;
fail:
- log_warning("%s failed to run spawn next task: %s", UNIT(s)->meta.id, strerror(-r));
+ log_warning("%s failed to run next task: %s", UNIT(s)->meta.id, strerror(-r));
if (s->state == SERVICE_START_PRE)
service_enter_signal(s, SERVICE_FINAL_SIGTERM, false);
if ((r = parse_pid(value, &pid)) < 0)
log_debug("Failed to parse control-pid value %s", value);
else
- service_set_control_pid(s, pid);
+ s->control_pid = pid;
} else if (streq(key, "main-pid")) {
pid_t pid;
}
}
-static void service_notify_message(Unit *u, char **tags) {
+static void service_notify_message(Unit *u, pid_t pid, char **tags) {
Service *s = SERVICE(u);
const char *e;
assert(u);
+ if (s->notify_access == NOTIFY_NONE) {
+ log_warning("%s: Got notification message from PID %lu, but reception is disabled.",
+ u->meta.id, (unsigned long) pid);
+ return;
+ }
+
+ if (s->notify_access == NOTIFY_MAIN && pid != s->main_pid) {
+ log_warning("%s: Got notification message from PID %lu, but reception only permitted for PID %lu",
+ u->meta.id, (unsigned long) pid, (unsigned long) s->main_pid);
+ return;
+ }
+
log_debug("%s: Got message", u->meta.id);
/* Interpret MAINPID= */
s->state == SERVICE_START_POST ||
s->state == SERVICE_RUNNING ||
s->state == SERVICE_RELOAD)) {
- pid_t pid;
if (parse_pid(e + 8, &pid) < 0)
log_warning("Failed to parse %s", e);
service_set_main_pid(s, pid);
}
-int service_set_socket_fd(Service *s, int fd) {
+int service_set_socket_fd(Service *s, int fd, Socket *sock) {
assert(s);
assert(fd >= 0);
s->socket_fd = fd;
s->got_socket_fd = true;
+ s->socket = sock;
+
return 0;
}
DEFINE_STRING_TABLE_LOOKUP(service_exec_command, ServiceExecCommand);
+static const char* const notify_access_table[_NOTIFY_ACCESS_MAX] = {
+ [NOTIFY_NONE] = "none",
+ [NOTIFY_MAIN] = "main",
+ [NOTIFY_ALL] = "all"
+};
+
+DEFINE_STRING_TABLE_LOOKUP(notify_access, NotifyAccess);
+
const UnitVTable service_vtable = {
.suffix = ".service",