From: Lukas Nykryn Date: Wed, 8 Oct 2014 09:59:46 +0000 (+0200) Subject: systemctl: add add-wants and add-requires verbs X-Git-Tag: v217~284 X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=e94937df954451eb4aa63573f0d7404ed2db987e systemctl: add add-wants and add-requires verbs --- diff --git a/TODO b/TODO index 10baa1cec..b43716627 100644 --- a/TODO +++ b/TODO @@ -461,7 +461,6 @@ Features: - "systemctl mask" should find all names by which a unit is accessible (i.e. by scanning for symlinks to it) and link them all to /dev/null - systemctl list-unit-files should list generated files (and probably with a new state "generated" for them, or so) - - systemctl: maybe add "systemctl add-wants" or so... * timer units: - timer units should get the ability to trigger when: diff --git a/man/systemctl.xml b/man/systemctl.xml index b28a3b7e8..b2aa17f22 100644 --- a/man/systemctl.xml +++ b/man/systemctl.xml @@ -1097,6 +1097,25 @@ kobject-uevent 1 systemd-udevd-kernel.socket systemd-udevd.service + + add-wants TARGET + NAME... + add-requires TARGET + NAME... + + + Adds Wants= resp. Requires= + dependency to the specified TARGET for + one or more units. + + This command honors , + , and + in a similar way as + enable. + + + + link FILENAME... diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c index 533ce439a..57db1c9f6 100644 --- a/src/core/dbus-manager.c +++ b/src/core/dbus-manager.c @@ -1562,9 +1562,6 @@ static int method_enable_unit_files_generic( sd_bus_error *error) { _cleanup_strv_free_ char **l = NULL; -#ifdef HAVE_SELINUX - char **i; -#endif UnitFileChange *changes = NULL; unsigned n_changes = 0; UnitFileScope scope; @@ -1588,18 +1585,9 @@ static int method_enable_unit_files_generic( if (r < 0) return r; -#ifdef HAVE_SELINUX - STRV_FOREACH(i, l) { - Unit *u; - - u = manager_get_unit(m, *i); - if (u) { - r = selinux_unit_access_check(u, message, verb, error); - if (r < 0) - return r; - } - } -#endif + r = selinux_unit_access_check_strv(l, message, m, verb, error); + if (r < 0) + return r; scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER; @@ -1637,9 +1625,6 @@ static int method_mask_unit_files(sd_bus *bus, sd_bus_message *message, void *us static int method_preset_unit_files_with_mode(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { _cleanup_strv_free_ char **l = NULL; -#ifdef HAVE_SELINUX - char **i; -#endif UnitFileChange *changes = NULL; unsigned n_changes = 0; Manager *m = userdata; @@ -1674,18 +1659,9 @@ static int method_preset_unit_files_with_mode(sd_bus *bus, sd_bus_message *messa return -EINVAL; } -#ifdef HAVE_SELINUX - STRV_FOREACH(i, l) { - Unit *u; - - u = manager_get_unit(m, *i); - if (u) { - r = selinux_unit_access_check(u, message, "enable", error); - if (r < 0) - return r; - } - } -#endif + r = selinux_unit_access_check_strv(l, message, m, "enable", error); + if (r < 0) + return r; scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER; @@ -1828,6 +1804,52 @@ static int method_preset_all_unit_files(sd_bus *bus, sd_bus_message *message, vo return reply_unit_file_changes_and_free(m, bus, message, -1, changes, n_changes); } +static int method_add_dependency_unit_files(sd_bus *bus, sd_bus_message *message, void *userdata, sd_bus_error *error) { + _cleanup_strv_free_ char **l = NULL; + Manager *m = userdata; + UnitFileChange *changes = NULL; + unsigned n_changes = 0; + UnitFileScope scope; + int runtime, force, r; + char *target; + char *type; + UnitDependency dep; + + assert(bus); + assert(message); + assert(m); + + r = bus_verify_manage_unit_files_async(m, message, error); + if (r < 0) + return r; + if (r == 0) + return 1; /* No authorization for now, but the async polkit stuff will call us again when it has it */ + + r = sd_bus_message_read_strv(message, &l); + if (r < 0) + return r; + + r = sd_bus_message_read(message, "ssbb", &target, &type, &runtime, &force); + if (r < 0) + return r; + + dep = unit_dependency_from_string(type); + if (dep < 0) + return -EINVAL; + + r = selinux_unit_access_check_strv(l, message, m, "enable", error); + if (r < 0) + return r; + + scope = m->running_as == SYSTEMD_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER; + + r = unit_file_add_dependency(scope, runtime, NULL, l, target, dep, force, &changes, &n_changes); + if (r < 0) + return r; + + return reply_unit_file_changes_and_free(m, bus, message, -1, changes, n_changes); +} + const sd_bus_vtable bus_manager_vtable[] = { SD_BUS_VTABLE_START(0), @@ -1918,6 +1940,7 @@ const sd_bus_vtable bus_manager_vtable[] = { SD_BUS_METHOD("SetDefaultTarget", "sb", "a(sss)", method_set_default_target, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("GetDefaultTarget", NULL, "s", method_get_default_target, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_METHOD("PresetAllUnitFiles", "sbb", "a(sss)", method_preset_all_unit_files, SD_BUS_VTABLE_UNPRIVILEGED), + SD_BUS_METHOD("AddDependencyUnitFiles", "asssbb", "a(sss)", method_add_dependency_unit_files, SD_BUS_VTABLE_UNPRIVILEGED), SD_BUS_SIGNAL("UnitNew", "so", 0), SD_BUS_SIGNAL("UnitRemoved", "so", 0), diff --git a/src/core/org.freedesktop.systemd1.conf b/src/core/org.freedesktop.systemd1.conf index 3e1382524..6a7a37ee9 100644 --- a/src/core/org.freedesktop.systemd1.conf +++ b/src/core/org.freedesktop.systemd1.conf @@ -198,6 +198,10 @@ send_interface="org.freedesktop.systemd1.Manager" send_member="PresetAllUnitFiles"/> + + diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c index cdbfb83a1..184f202c1 100644 --- a/src/core/selinux-access.c +++ b/src/core/selinux-access.c @@ -250,6 +250,27 @@ finish: return r; } +int selinux_unit_access_check_strv(char **units, + sd_bus_message *message, + Manager *m, + const char *permission, + sd_bus_error *error) { + char **i; + Unit *u; + int r; + + STRV_FOREACH(i, units) { + u = manager_get_unit(m, *i); + if (u) { + r = selinux_unit_access_check(u, message, permission, error); + if (r < 0) + return r; + } + } + + return 0; +} + #else int selinux_generic_access_check( @@ -264,4 +285,12 @@ int selinux_generic_access_check( void selinux_access_free(void) { } +int selinux_unit_access_check_strv(char **units, + sd_bus_message *message, + Manager *m, + const char *permission, + sd_bus_error *error) { + return 0; +} + #endif diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h index 27d9e1459..6a4362a73 100644 --- a/src/core/selinux-access.h +++ b/src/core/selinux-access.h @@ -24,11 +24,14 @@ #include "sd-bus.h" #include "bus-error.h" #include "bus-util.h" +#include "manager.h" void selinux_access_free(void); int selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error); +int selinux_unit_access_check_strv(char **units, sd_bus_message *message, Manager *m, const char *permission, sd_bus_error *error); + #ifdef HAVE_SELINUX #define selinux_access_check(message, permission, error) \ diff --git a/src/shared/install.c b/src/shared/install.c index 945bb2748..ff5dcbac1 100644 --- a/src/shared/install.c +++ b/src/shared/install.c @@ -1042,7 +1042,8 @@ static int unit_file_load( InstallInfo *info, const char *path, const char *root_dir, - bool allow_symlink) { + bool allow_symlink, + bool load) { const ConfigTableItem items[] = { { "Install", "Alias", config_parse_strv, 0, &info->aliases }, @@ -1064,6 +1065,11 @@ static int unit_file_load( if (!isempty(root_dir)) path = strappenda(root_dir, "/", path); + if (!load) { + r = access(path, F_OK) ? -errno : 0; + return r; + } + fd = open(path, O_RDONLY|O_CLOEXEC|O_NOCTTY|(allow_symlink ? 0 : O_NOFOLLOW)); if (fd < 0) return -errno; @@ -1092,7 +1098,8 @@ static int unit_file_search( InstallInfo *info, LookupPaths *paths, const char *root_dir, - bool allow_symlink) { + bool allow_symlink, + bool load) { char **p; int r; @@ -1102,7 +1109,7 @@ static int unit_file_search( assert(paths); if (info->path) - return unit_file_load(c, info, info->path, root_dir, allow_symlink); + return unit_file_load(c, info, info->path, root_dir, allow_symlink, load); assert(info->name); @@ -1113,7 +1120,7 @@ static int unit_file_search( if (!path) return -ENOMEM; - r = unit_file_load(c, info, path, root_dir, allow_symlink); + r = unit_file_load(c, info, path, root_dir, allow_symlink, load); if (r >= 0) { info->path = path; path = NULL; @@ -1142,7 +1149,7 @@ static int unit_file_search( if (!path) return -ENOMEM; - r = unit_file_load(c, info, path, root_dir, allow_symlink); + r = unit_file_load(c, info, path, root_dir, allow_symlink, load); if (r >= 0) { info->path = path; path = NULL; @@ -1175,7 +1182,7 @@ static int unit_file_can_install( assert_se(i = hashmap_first(c.will_install)); - r = unit_file_search(&c, i, paths, root_dir, allow_symlink); + r = unit_file_search(&c, i, paths, root_dir, allow_symlink, true); if (r >= 0) r = @@ -1402,7 +1409,7 @@ static int install_context_apply( assert_se(hashmap_move_one(c->have_installed, c->will_install, i->name) == 0); - q = unit_file_search(c, i, paths, root_dir, false); + q = unit_file_search(c, i, paths, root_dir, false, true); if (q < 0) { if (r >= 0) r = q; @@ -1443,7 +1450,7 @@ static int install_context_mark_for_removal( assert_se(hashmap_move_one(c->have_installed, c->will_install, i->name) == 0); - q = unit_file_search(c, i, paths, root_dir, false); + q = unit_file_search(c, i, paths, root_dir, false, true); if (q == -ENOENT) { /* do nothing */ } else if (q < 0) { @@ -1489,6 +1496,83 @@ static int install_context_mark_for_removal( return r; } +int unit_file_add_dependency( + UnitFileScope scope, + bool runtime, + const char *root_dir, + char **files, + char *target, + UnitDependency dep, + bool force, + UnitFileChange **changes, + unsigned *n_changes) { + + _cleanup_lookup_paths_free_ LookupPaths paths = {}; + _cleanup_(install_context_done) InstallContext c = {}; + _cleanup_free_ char *config_path = NULL; + char **i; + int r; + InstallInfo *info; + + assert(scope >= 0); + assert(scope < _UNIT_FILE_SCOPE_MAX); + + r = lookup_paths_init_from_scope(&paths, scope, root_dir); + if (r < 0) + return r; + + r = get_config_path(scope, runtime, root_dir, &config_path); + if (r < 0) + return r; + + STRV_FOREACH(i, files) { + UnitFileState state; + + state = unit_file_get_state(scope, root_dir, *i); + if (state < 0) { + log_error("Failed to get unit file state for %s: %s", *i, strerror(-state)); + return state; + } + + if (state == UNIT_FILE_MASKED || state == UNIT_FILE_MASKED_RUNTIME) { + log_error("Failed to enable unit: Unit %s is masked", *i); + return -ENOTSUP; + } + + r = install_info_add_auto(&c, *i); + if (r < 0) + return r; + } + + while ((info = hashmap_first(c.will_install))) { + r = hashmap_ensure_allocated(&c.have_installed, &string_hash_ops); + if (r < 0) + return r; + + assert_se(hashmap_move_one(c.have_installed, c.will_install, info->name) == 0); + + r = unit_file_search(&c, info, &paths, root_dir, false, false); + if (r < 0) + return r; + + if (dep == UNIT_WANTS) + r = strv_extend(&info->wanted_by, target); + else if (dep == UNIT_REQUIRES) + r = strv_extend(&info->required_by, target); + else + r = -EINVAL; + + if (r < 0) + return r; + + r = install_info_apply(info, &paths, config_path, root_dir, force, changes, n_changes); + if (r < 0) + return r; + } + + return 0; +} + int unit_file_enable( UnitFileScope scope, bool runtime, @@ -1638,7 +1722,7 @@ int unit_file_set_default( assert_se(i = hashmap_first(c.will_install)); - r = unit_file_search(&c, i, &paths, root_dir, false); + r = unit_file_search(&c, i, &paths, root_dir, false, true); if (r < 0) return r; diff --git a/src/shared/install.h b/src/shared/install.h index ff16d9f68..c0b4df69d 100644 --- a/src/shared/install.h +++ b/src/shared/install.h @@ -22,6 +22,7 @@ ***/ #include "hashmap.h" +#include "unit-name.h" typedef enum UnitFileScope { UNIT_FILE_SYSTEM, @@ -93,6 +94,7 @@ int unit_file_mask(UnitFileScope scope, bool runtime, const char *root_dir, char int unit_file_unmask(UnitFileScope scope, bool runtime, const char *root_dir, char **files, UnitFileChange **changes, unsigned *n_changes); int unit_file_set_default(UnitFileScope scope, const char *root_dir, const char *file, bool force, UnitFileChange **changes, unsigned *n_changes); int unit_file_get_default(UnitFileScope scope, const char *root_dir, char **name); +int unit_file_add_dependency(UnitFileScope scope, bool runtime, const char *root_dir, char **files, char *target, UnitDependency dep, bool force, UnitFileChange **changes, unsigned *n_changes); UnitFileState unit_file_get_state(UnitFileScope scope, const char *root_dir, const char *filename); diff --git a/src/systemctl/systemctl.c b/src/systemctl/systemctl.c index 1c6fef484..12175923e 100644 --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c @@ -5288,6 +5288,100 @@ finish: return r; } +static int add_dependency(sd_bus *bus, char **args) { + _cleanup_strv_free_ char **names = NULL; + _cleanup_free_ char *target = NULL; + const char *verb = args[0]; + UnitDependency dep; + int r = 0; + + if (!args[1]) + return 0; + + target = unit_name_mangle_with_suffix(args[1], MANGLE_NOGLOB, ".target"); + if (!target) + return log_oom(); + + r = mangle_names(args+2, &names); + if (r < 0) + return r; + + if (streq(verb, "add-wants")) + dep = UNIT_WANTS; + else if (streq(verb, "add-requires")) + dep = UNIT_REQUIRES; + else + assert_not_reached("Unknown verb"); + + if (!bus || avoid_bus()) { + UnitFileChange *changes = NULL; + unsigned n_changes = 0; + + r = unit_file_add_dependency(arg_scope, arg_runtime, arg_root, names, target, dep, arg_force, &changes, &n_changes); + + if (r < 0) { + log_error("Can't add dependency: %s", strerror(-r)); + return r; + } + + if (!arg_quiet) + dump_unit_file_changes(changes, n_changes); + + unit_file_changes_free(changes, n_changes); + + } else { + _cleanup_bus_message_unref_ sd_bus_message *reply = NULL, *m = NULL; + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; + + r = sd_bus_message_new_method_call( + bus, + &m, + "org.freedesktop.systemd1", + "/org/freedesktop/systemd1", + "org.freedesktop.systemd1.Manager", + "AddDependencyUnitFiles"); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append_strv(m, names); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append(m, "s", target); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append(m, "s", unit_dependency_to_string(dep)); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append(m, "b", arg_runtime); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_message_append(m, "b", arg_force); + if (r < 0) + return bus_log_create_error(r); + + r = sd_bus_call(bus, m, 0, &error, &reply); + if (r < 0) { + log_error("Failed to execute operation: %s", bus_error_message(&error, r)); + return r; + } + + r = deserialize_and_dump_unit_file_changes(reply); + if (r < 0) + return r; + + if (!arg_no_reload) + r = daemon_reload(bus, args); + else + r = 0; + } + + return r; +} + static int preset_all(sd_bus *bus, char **args) { UnitFileChange *changes = NULL; unsigned n_changes = 0; @@ -5533,6 +5627,10 @@ static void systemctl_help(void) { " unmask NAME... Unmask one or more units\n" " link PATH... Link one or more units files into\n" " the search path\n" + " add-wants TARGET NAME... Add 'Wants' dependency for the target\n" + " on specified one or more units\n" + " add-requires TARGET NAME... Add 'Requires' dependency for the target\n" + " on specified one or more units\n" " get-default Get the name of the default target\n" " set-default NAME Set the default target\n\n" "Machine Commands:\n" @@ -6543,6 +6641,8 @@ static int systemctl_main(sd_bus *bus, int argc, char *argv[], int bus_error) { { "get-default", EQUAL, 1, get_default, NOBUS }, { "set-property", MORE, 3, set_property }, { "is-system-running", EQUAL, 1, is_system_running }, + { "add-wants", MORE, 3, add_dependency, NOBUS }, + { "add-requires", MORE, 3, add_dependency, NOBUS }, {} }, *verb = verbs;