}
static int service_set_main_pid(Service *s, pid_t pid) {
+ pid_t ppid;
+
assert(s);
if (pid <= 1)
if (pid == getpid())
return -EINVAL;
+ if (get_parent_of_pid(pid, &ppid) >= 0 && ppid != getpid())
+ log_warning("%s: Supervising process %lu which is not our child. We'll most likely not notice when it exits.",
+ s->meta.id, (unsigned long) pid);
+
s->main_pid = pid;
s->main_pid_known = true;
return 0;
}
-static int service_set_control_pid(Service *s, pid_t pid) {
- assert(s);
-
- if (pid <= 1)
- return -EINVAL;
-
- if (pid == getpid())
- return -EINVAL;
-
- s->control_pid = pid;
-
- return 0;
-}
-
static void service_close_socket_fd(Service *s) {
assert(s);
if ((r = unit_watch_bus_name(u, s->bus_name)) < 0)
return r;
}
+
+ if (s->type == SERVICE_NOTIFY && s->notify_access == NOTIFY_NONE)
+ s->notify_access = NOTIFY_MAIN;
}
return service_verify(s);
"%sRootDirectoryStartOnly: %s\n"
"%sValidNoProcess: %s\n"
"%sKillMode: %s\n"
- "%sType: %s\n",
+ "%sType: %s\n"
+ "%sNotifyAccess: %s\n",
prefix, service_state_to_string(s->state),
prefix, yes_no(s->permissions_start_only),
prefix, yes_no(s->root_directory_start_only),
prefix, yes_no(s->valid_no_process),
prefix, kill_mode_to_string(s->kill_mode),
- prefix, service_type_to_string(s->type));
+ prefix, service_type_to_string(s->type),
+ prefix, notify_access_to_string(s->notify_access));
if (s->control_pid > 0)
fprintf(f,
bool pass_fds,
bool apply_permissions,
bool apply_chroot,
+ bool set_notify_socket,
pid_t *_pid) {
pid_t pid;
int r;
int *fds = NULL;
unsigned n_fds = 0;
- char **argv;
+ char **argv = NULL, **env = NULL;
assert(s);
assert(c);
goto fail;
}
+ if (set_notify_socket) {
+ char *t;
+
+ if (asprintf(&t, "NOTIFY_SOCKET=@%s", s->meta.manager->notify_socket) < 0) {
+ r = -ENOMEM;
+ goto fail;
+ }
+
+ env = strv_env_set(s->meta.manager->environment, t);
+ free(t);
+
+ if (!env) {
+ r = -ENOMEM;
+ goto fail;
+ }
+ } else
+ env = s->meta.manager->environment;
+
r = exec_spawn(c,
argv,
&s->exec_context,
fds, n_fds,
- s->meta.manager->environment,
+ env,
apply_permissions,
apply_chroot,
UNIT(s)->meta.manager->confirm_spawn,
&pid);
strv_free(argv);
+ argv = NULL;
+
+ if (set_notify_socket)
+ strv_free(env);
+ env = NULL;
+
if (r < 0)
goto fail;
fail:
free(fds);
+ strv_free(argv);
+
+ if (set_notify_socket)
+ strv_free(env);
+
if (timeout)
unit_unwatch_timer(UNIT(s), &s->timer_watch);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
+ false,
&s->control_pid)) < 0)
goto fail;
static void service_enter_stop(Service *s, bool success) {
int r;
- pid_t pid;
assert(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_STOP);
} else
service_enter_signal(s, SERVICE_STOP_SIGTERM, true);
static void service_enter_start_post(Service *s) {
int r;
- pid_t pid;
assert(s);
service_unwatch_control_pid(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_START_POST);
} else
service_enter_running(s, true);
true,
true,
true,
+ s->notify_access != NOTIFY_NONE,
&pid)) < 0)
goto fail;
s->control_command_id = SERVICE_EXEC_START;
s->control_command = s->exec_command[SERVICE_EXEC_START];
- service_set_control_pid(s, pid);
+ s->control_pid = pid;
service_set_state(s, SERVICE_START);
} else if (s->type == SERVICE_FINISH ||
static void service_enter_start_pre(Service *s) {
int r;
- pid_t pid;
assert(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_START_PRE);
} else
service_enter_start(s);
static void service_enter_reload(Service *s) {
int r;
- pid_t pid;
assert(s);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
service_set_state(s, SERVICE_RELOAD);
} else
service_enter_running(s, true);
static void service_run_next(Service *s, bool success) {
int r;
- pid_t pid;
assert(s);
assert(s->control_command);
false,
!s->permissions_start_only,
!s->root_directory_start_only,
- &pid)) < 0)
+ false,
+ &s->control_pid)) < 0)
goto fail;
- service_set_control_pid(s, pid);
return;
fail:
if ((r = parse_pid(value, &pid)) < 0)
log_debug("Failed to parse control-pid value %s", value);
else
- service_set_control_pid(s, pid);
+ s->control_pid = pid;
} else if (streq(key, "main-pid")) {
pid_t pid;
}
}
-static void service_notify_message(Unit *u, char **tags) {
+static void service_notify_message(Unit *u, pid_t pid, char **tags) {
Service *s = SERVICE(u);
const char *e;
assert(u);
+ if (s->notify_access == NOTIFY_NONE) {
+ log_warning("%s: Got notification message from PID %lu, but reception is disabled.",
+ u->meta.id, (unsigned long) pid);
+ return;
+ }
+
+ if (s->notify_access == NOTIFY_MAIN && pid != s->main_pid) {
+ log_warning("%s: Got notification message from PID %lu, but reception only permitted for PID %lu",
+ u->meta.id, (unsigned long) pid, (unsigned long) s->main_pid);
+ return;
+ }
+
log_debug("%s: Got message", u->meta.id);
/* Interpret MAINPID= */
s->state == SERVICE_START_POST ||
s->state == SERVICE_RUNNING ||
s->state == SERVICE_RELOAD)) {
- pid_t pid;
if (parse_pid(e + 8, &pid) < 0)
log_warning("Failed to parse %s", e);
DEFINE_STRING_TABLE_LOOKUP(service_exec_command, ServiceExecCommand);
+static const char* const notify_access_table[_NOTIFY_ACCESS_MAX] = {
+ [NOTIFY_NONE] = "none",
+ [NOTIFY_MAIN] = "main",
+ [NOTIFY_ALL] = "all"
+};
+
+DEFINE_STRING_TABLE_LOOKUP(notify_access, NotifyAccess);
+
const UnitVTable service_vtable = {
.suffix = ".service",