Line data Source code
1 : /* SPDX-License-Identifier: LGPL-2.1+ */
2 :
3 : #include <errno.h>
4 : #include <signal.h>
5 : #include <sys/stat.h>
6 : #include <sys/types.h>
7 : #include <unistd.h>
8 :
9 : #include "sd-messages.h"
10 :
11 : #include "alloc-util.h"
12 : #include "async.h"
13 : #include "bus-error.h"
14 : #include "bus-kernel.h"
15 : #include "bus-util.h"
16 : #include "dbus-service.h"
17 : #include "dbus-unit.h"
18 : #include "def.h"
19 : #include "env-util.h"
20 : #include "escape.h"
21 : #include "exit-status.h"
22 : #include "fd-util.h"
23 : #include "fileio.h"
24 : #include "format-util.h"
25 : #include "fs-util.h"
26 : #include "load-dropin.h"
27 : #include "load-fragment.h"
28 : #include "log.h"
29 : #include "manager.h"
30 : #include "parse-util.h"
31 : #include "path-util.h"
32 : #include "process-util.h"
33 : #include "rm-rf.h"
34 : #include "serialize.h"
35 : #include "service.h"
36 : #include "signal-util.h"
37 : #include "special.h"
38 : #include "stdio-util.h"
39 : #include "string-table.h"
40 : #include "string-util.h"
41 : #include "strv.h"
42 : #include "unit-name.h"
43 : #include "unit.h"
44 : #include "utf8.h"
45 : #include "util.h"
46 :
47 : static const UnitActiveState state_translation_table[_SERVICE_STATE_MAX] = {
48 : [SERVICE_DEAD] = UNIT_INACTIVE,
49 : [SERVICE_CONDITION] = UNIT_ACTIVATING,
50 : [SERVICE_START_PRE] = UNIT_ACTIVATING,
51 : [SERVICE_START] = UNIT_ACTIVATING,
52 : [SERVICE_START_POST] = UNIT_ACTIVATING,
53 : [SERVICE_RUNNING] = UNIT_ACTIVE,
54 : [SERVICE_EXITED] = UNIT_ACTIVE,
55 : [SERVICE_RELOAD] = UNIT_RELOADING,
56 : [SERVICE_STOP] = UNIT_DEACTIVATING,
57 : [SERVICE_STOP_WATCHDOG] = UNIT_DEACTIVATING,
58 : [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
59 : [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
60 : [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
61 : [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
62 : [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
63 : [SERVICE_FAILED] = UNIT_FAILED,
64 : [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING,
65 : [SERVICE_CLEANING] = UNIT_MAINTENANCE,
66 : };
67 :
68 : /* For Type=idle we never want to delay any other jobs, hence we
69 : * consider idle jobs active as soon as we start working on them */
70 : static const UnitActiveState state_translation_table_idle[_SERVICE_STATE_MAX] = {
71 : [SERVICE_DEAD] = UNIT_INACTIVE,
72 : [SERVICE_CONDITION] = UNIT_ACTIVE,
73 : [SERVICE_START_PRE] = UNIT_ACTIVE,
74 : [SERVICE_START] = UNIT_ACTIVE,
75 : [SERVICE_START_POST] = UNIT_ACTIVE,
76 : [SERVICE_RUNNING] = UNIT_ACTIVE,
77 : [SERVICE_EXITED] = UNIT_ACTIVE,
78 : [SERVICE_RELOAD] = UNIT_RELOADING,
79 : [SERVICE_STOP] = UNIT_DEACTIVATING,
80 : [SERVICE_STOP_WATCHDOG] = UNIT_DEACTIVATING,
81 : [SERVICE_STOP_SIGTERM] = UNIT_DEACTIVATING,
82 : [SERVICE_STOP_SIGKILL] = UNIT_DEACTIVATING,
83 : [SERVICE_STOP_POST] = UNIT_DEACTIVATING,
84 : [SERVICE_FINAL_SIGTERM] = UNIT_DEACTIVATING,
85 : [SERVICE_FINAL_SIGKILL] = UNIT_DEACTIVATING,
86 : [SERVICE_FAILED] = UNIT_FAILED,
87 : [SERVICE_AUTO_RESTART] = UNIT_ACTIVATING,
88 : [SERVICE_CLEANING] = UNIT_MAINTENANCE,
89 : };
90 :
91 : static int service_dispatch_inotify_io(sd_event_source *source, int fd, uint32_t events, void *userdata);
92 : static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata);
93 : static int service_dispatch_watchdog(sd_event_source *source, usec_t usec, void *userdata);
94 : static int service_dispatch_exec_io(sd_event_source *source, int fd, uint32_t events, void *userdata);
95 :
96 : static void service_enter_signal(Service *s, ServiceState state, ServiceResult f);
97 : static void service_enter_reload_by_notify(Service *s);
98 :
99 46 : static void service_init(Unit *u) {
100 46 : Service *s = SERVICE(u);
101 :
102 46 : assert(u);
103 46 : assert(u->load_state == UNIT_STUB);
104 :
105 46 : s->timeout_start_usec = u->manager->default_timeout_start_usec;
106 46 : s->timeout_stop_usec = u->manager->default_timeout_stop_usec;
107 46 : s->timeout_abort_usec = u->manager->default_timeout_abort_usec;
108 46 : s->timeout_abort_set = u->manager->default_timeout_abort_set;
109 46 : s->restart_usec = u->manager->default_restart_usec;
110 46 : s->runtime_max_usec = USEC_INFINITY;
111 46 : s->timeout_clean_usec = USEC_INFINITY;
112 46 : s->type = _SERVICE_TYPE_INVALID;
113 46 : s->socket_fd = -1;
114 46 : s->stdin_fd = s->stdout_fd = s->stderr_fd = -1;
115 46 : s->guess_main_pid = true;
116 :
117 46 : s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
118 :
119 92 : s->exec_context.keyring_mode = MANAGER_IS_SYSTEM(u->manager) ?
120 46 : EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT;
121 :
122 46 : s->watchdog_original_usec = USEC_INFINITY;
123 :
124 46 : s->oom_policy = _OOM_POLICY_INVALID;
125 46 : }
126 :
127 64 : static void service_unwatch_control_pid(Service *s) {
128 64 : assert(s);
129 :
130 64 : if (s->control_pid <= 0)
131 64 : return;
132 :
133 0 : unit_unwatch_pid(UNIT(s), s->control_pid);
134 0 : s->control_pid = 0;
135 : }
136 :
137 58 : static void service_unwatch_main_pid(Service *s) {
138 58 : assert(s);
139 :
140 58 : if (s->main_pid <= 0)
141 52 : return;
142 :
143 6 : unit_unwatch_pid(UNIT(s), s->main_pid);
144 6 : s->main_pid = 0;
145 : }
146 :
147 52 : static void service_unwatch_pid_file(Service *s) {
148 52 : if (!s->pid_file_pathspec)
149 52 : return;
150 :
151 0 : log_unit_debug(UNIT(s), "Stopping watch for PID file %s", s->pid_file_pathspec->path);
152 0 : path_spec_unwatch(s->pid_file_pathspec);
153 0 : path_spec_done(s->pid_file_pathspec);
154 0 : s->pid_file_pathspec = mfree(s->pid_file_pathspec);
155 : }
156 :
157 6 : static int service_set_main_pid(Service *s, pid_t pid) {
158 6 : assert(s);
159 :
160 6 : if (pid <= 1)
161 0 : return -EINVAL;
162 :
163 6 : if (pid == getpid_cached())
164 0 : return -EINVAL;
165 :
166 6 : if (s->main_pid == pid && s->main_pid_known)
167 0 : return 0;
168 :
169 6 : if (s->main_pid != pid) {
170 6 : service_unwatch_main_pid(s);
171 6 : exec_status_start(&s->main_exec_status, pid);
172 : }
173 :
174 6 : s->main_pid = pid;
175 6 : s->main_pid_known = true;
176 6 : s->main_pid_alien = pid_is_my_child(pid) == 0;
177 :
178 6 : if (s->main_pid_alien)
179 0 : log_unit_warning(UNIT(s), "Supervising process "PID_FMT" which is not our child. We'll most likely not notice when it exits.", pid);
180 :
181 6 : return 0;
182 : }
183 :
184 46 : void service_close_socket_fd(Service *s) {
185 46 : assert(s);
186 :
187 : /* Undo the effect of service_set_socket_fd(). */
188 :
189 46 : s->socket_fd = asynchronous_close(s->socket_fd);
190 :
191 46 : if (UNIT_ISSET(s->accept_socket)) {
192 0 : socket_connection_unref(SOCKET(UNIT_DEREF(s->accept_socket)));
193 0 : unit_ref_unset(&s->accept_socket);
194 : }
195 46 : }
196 :
197 52 : static void service_stop_watchdog(Service *s) {
198 52 : assert(s);
199 :
200 52 : s->watchdog_event_source = sd_event_source_unref(s->watchdog_event_source);
201 52 : s->watchdog_timestamp = DUAL_TIMESTAMP_NULL;
202 52 : }
203 :
204 6 : static usec_t service_get_watchdog_usec(Service *s) {
205 6 : assert(s);
206 :
207 6 : if (s->watchdog_override_enable)
208 0 : return s->watchdog_override_usec;
209 :
210 6 : return s->watchdog_original_usec;
211 : }
212 :
213 0 : static void service_start_watchdog(Service *s) {
214 : usec_t watchdog_usec;
215 : int r;
216 :
217 0 : assert(s);
218 :
219 0 : watchdog_usec = service_get_watchdog_usec(s);
220 0 : if (IN_SET(watchdog_usec, 0, USEC_INFINITY)) {
221 0 : service_stop_watchdog(s);
222 0 : return;
223 : }
224 :
225 0 : if (s->watchdog_event_source) {
226 0 : r = sd_event_source_set_time(s->watchdog_event_source, usec_add(s->watchdog_timestamp.monotonic, watchdog_usec));
227 0 : if (r < 0) {
228 0 : log_unit_warning_errno(UNIT(s), r, "Failed to reset watchdog timer: %m");
229 0 : return;
230 : }
231 :
232 0 : r = sd_event_source_set_enabled(s->watchdog_event_source, SD_EVENT_ONESHOT);
233 : } else {
234 0 : r = sd_event_add_time(
235 0 : UNIT(s)->manager->event,
236 : &s->watchdog_event_source,
237 : CLOCK_MONOTONIC,
238 : usec_add(s->watchdog_timestamp.monotonic, watchdog_usec), 0,
239 : service_dispatch_watchdog, s);
240 0 : if (r < 0) {
241 0 : log_unit_warning_errno(UNIT(s), r, "Failed to add watchdog timer: %m");
242 0 : return;
243 : }
244 :
245 0 : (void) sd_event_source_set_description(s->watchdog_event_source, "service-watchdog");
246 :
247 : /* Let's process everything else which might be a sign
248 : * of living before we consider a service died. */
249 0 : r = sd_event_source_set_priority(s->watchdog_event_source, SD_EVENT_PRIORITY_IDLE);
250 : }
251 0 : if (r < 0)
252 0 : log_unit_warning_errno(UNIT(s), r, "Failed to install watchdog timer: %m");
253 : }
254 :
255 0 : static void service_extend_event_source_timeout(Service *s, sd_event_source *source, usec_t extended) {
256 : usec_t current;
257 : int r;
258 :
259 0 : assert(s);
260 :
261 : /* Extends the specified event source timer to at least the specified time, unless it is already later
262 : * anyway. */
263 :
264 0 : if (!source)
265 0 : return;
266 :
267 0 : r = sd_event_source_get_time(source, ¤t);
268 0 : if (r < 0) {
269 : const char *desc;
270 0 : (void) sd_event_source_get_description(s->timer_event_source, &desc);
271 0 : log_unit_warning_errno(UNIT(s), r, "Failed to retrieve timeout time for event source '%s', ignoring: %m", strna(desc));
272 0 : return;
273 : }
274 :
275 0 : if (current >= extended) /* Current timeout is already longer, ignore this. */
276 0 : return;
277 :
278 0 : r = sd_event_source_set_time(source, extended);
279 0 : if (r < 0) {
280 : const char *desc;
281 0 : (void) sd_event_source_get_description(s->timer_event_source, &desc);
282 0 : log_unit_warning_errno(UNIT(s), r, "Failed to set timeout time for even source '%s', ignoring %m", strna(desc));
283 : }
284 : }
285 :
286 0 : static void service_extend_timeout(Service *s, usec_t extend_timeout_usec) {
287 : usec_t extended;
288 :
289 0 : assert(s);
290 :
291 0 : if (IN_SET(extend_timeout_usec, 0, USEC_INFINITY))
292 0 : return;
293 :
294 0 : extended = usec_add(now(CLOCK_MONOTONIC), extend_timeout_usec);
295 :
296 0 : service_extend_event_source_timeout(s, s->timer_event_source, extended);
297 0 : service_extend_event_source_timeout(s, s->watchdog_event_source, extended);
298 : }
299 :
300 0 : static void service_reset_watchdog(Service *s) {
301 0 : assert(s);
302 :
303 0 : dual_timestamp_get(&s->watchdog_timestamp);
304 0 : service_start_watchdog(s);
305 0 : }
306 :
307 0 : static void service_override_watchdog_timeout(Service *s, usec_t watchdog_override_usec) {
308 0 : assert(s);
309 :
310 0 : s->watchdog_override_enable = true;
311 0 : s->watchdog_override_usec = watchdog_override_usec;
312 0 : service_reset_watchdog(s);
313 :
314 0 : log_unit_debug(UNIT(s), "watchdog_usec="USEC_FMT, s->watchdog_usec);
315 0 : log_unit_debug(UNIT(s), "watchdog_override_usec="USEC_FMT, s->watchdog_override_usec);
316 0 : }
317 :
318 0 : static void service_fd_store_unlink(ServiceFDStore *fs) {
319 :
320 0 : if (!fs)
321 0 : return;
322 :
323 0 : if (fs->service) {
324 0 : assert(fs->service->n_fd_store > 0);
325 0 : LIST_REMOVE(fd_store, fs->service->fd_store, fs);
326 0 : fs->service->n_fd_store--;
327 : }
328 :
329 0 : sd_event_source_disable_unref(fs->event_source);
330 :
331 0 : free(fs->fdname);
332 0 : safe_close(fs->fd);
333 0 : free(fs);
334 : }
335 :
336 0 : static void service_release_fd_store(Service *s) {
337 0 : assert(s);
338 :
339 0 : if (s->n_keep_fd_store > 0)
340 0 : return;
341 :
342 0 : log_unit_debug(UNIT(s), "Releasing all stored fds");
343 0 : while (s->fd_store)
344 0 : service_fd_store_unlink(s->fd_store);
345 :
346 0 : assert(s->n_fd_store == 0);
347 : }
348 :
349 134 : static void service_release_resources(Unit *u) {
350 134 : Service *s = SERVICE(u);
351 :
352 134 : assert(s);
353 :
354 134 : if (!s->fd_store && s->stdin_fd < 0 && s->stdout_fd < 0 && s->stderr_fd < 0)
355 134 : return;
356 :
357 0 : log_unit_debug(u, "Releasing resources.");
358 :
359 0 : s->stdin_fd = safe_close(s->stdin_fd);
360 0 : s->stdout_fd = safe_close(s->stdout_fd);
361 0 : s->stderr_fd = safe_close(s->stderr_fd);
362 :
363 0 : service_release_fd_store(s);
364 : }
365 :
366 46 : static void service_done(Unit *u) {
367 46 : Service *s = SERVICE(u);
368 :
369 46 : assert(s);
370 :
371 46 : s->pid_file = mfree(s->pid_file);
372 46 : s->status_text = mfree(s->status_text);
373 :
374 46 : s->exec_runtime = exec_runtime_unref(s->exec_runtime, false);
375 46 : exec_command_free_array(s->exec_command, _SERVICE_EXEC_COMMAND_MAX);
376 46 : s->control_command = NULL;
377 46 : s->main_command = NULL;
378 :
379 46 : dynamic_creds_unref(&s->dynamic_creds);
380 :
381 46 : exit_status_set_free(&s->restart_prevent_status);
382 46 : exit_status_set_free(&s->restart_force_status);
383 46 : exit_status_set_free(&s->success_status);
384 :
385 : /* This will leak a process, but at least no memory or any of
386 : * our resources */
387 46 : service_unwatch_main_pid(s);
388 46 : service_unwatch_control_pid(s);
389 46 : service_unwatch_pid_file(s);
390 :
391 46 : if (s->bus_name) {
392 0 : unit_unwatch_bus_name(u, s->bus_name);
393 0 : s->bus_name = mfree(s->bus_name);
394 : }
395 :
396 46 : s->bus_name_owner = mfree(s->bus_name_owner);
397 :
398 46 : s->usb_function_descriptors = mfree(s->usb_function_descriptors);
399 46 : s->usb_function_strings = mfree(s->usb_function_strings);
400 :
401 46 : service_close_socket_fd(s);
402 46 : s->peer = socket_peer_unref(s->peer);
403 :
404 46 : unit_ref_unset(&s->accept_socket);
405 :
406 46 : service_stop_watchdog(s);
407 :
408 46 : s->timer_event_source = sd_event_source_unref(s->timer_event_source);
409 46 : s->exec_fd_event_source = sd_event_source_unref(s->exec_fd_event_source);
410 :
411 46 : service_release_resources(u);
412 46 : }
413 :
414 0 : static int on_fd_store_io(sd_event_source *e, int fd, uint32_t revents, void *userdata) {
415 0 : ServiceFDStore *fs = userdata;
416 :
417 0 : assert(e);
418 0 : assert(fs);
419 :
420 : /* If we get either EPOLLHUP or EPOLLERR, it's time to remove this entry from the fd store */
421 0 : log_unit_debug(UNIT(fs->service),
422 : "Received %s on stored fd %d (%s), closing.",
423 : revents & EPOLLERR ? "EPOLLERR" : "EPOLLHUP",
424 : fs->fd, strna(fs->fdname));
425 0 : service_fd_store_unlink(fs);
426 0 : return 0;
427 : }
428 :
429 0 : static int service_add_fd_store(Service *s, int fd, const char *name) {
430 : ServiceFDStore *fs;
431 : int r;
432 :
433 : /* fd is always consumed if we return >= 0 */
434 :
435 0 : assert(s);
436 0 : assert(fd >= 0);
437 :
438 0 : if (s->n_fd_store >= s->n_fd_store_max)
439 0 : return -EXFULL; /* Our store is full.
440 : * Use this errno rather than E[NM]FILE to distinguish from
441 : * the case where systemd itself hits the file limit. */
442 :
443 0 : LIST_FOREACH(fd_store, fs, s->fd_store) {
444 0 : r = same_fd(fs->fd, fd);
445 0 : if (r < 0)
446 0 : return r;
447 0 : if (r > 0) {
448 0 : safe_close(fd);
449 0 : return 0; /* fd already included */
450 : }
451 : }
452 :
453 0 : fs = new0(ServiceFDStore, 1);
454 0 : if (!fs)
455 0 : return -ENOMEM;
456 :
457 0 : fs->fd = fd;
458 0 : fs->service = s;
459 0 : fs->fdname = strdup(name ?: "stored");
460 0 : if (!fs->fdname) {
461 0 : free(fs);
462 0 : return -ENOMEM;
463 : }
464 :
465 0 : r = sd_event_add_io(UNIT(s)->manager->event, &fs->event_source, fd, 0, on_fd_store_io, fs);
466 0 : if (r < 0 && r != -EPERM) { /* EPERM indicates fds that aren't pollable, which is OK */
467 0 : free(fs->fdname);
468 0 : free(fs);
469 0 : return r;
470 0 : } else if (r >= 0)
471 0 : (void) sd_event_source_set_description(fs->event_source, "service-fd-store");
472 :
473 0 : LIST_PREPEND(fd_store, s->fd_store, fs);
474 0 : s->n_fd_store++;
475 :
476 0 : return 1; /* fd newly stored */
477 : }
478 :
479 0 : static int service_add_fd_store_set(Service *s, FDSet *fds, const char *name) {
480 : int r;
481 :
482 0 : assert(s);
483 :
484 0 : while (fdset_size(fds) > 0) {
485 0 : _cleanup_close_ int fd = -1;
486 :
487 0 : fd = fdset_steal_first(fds);
488 0 : if (fd < 0)
489 0 : break;
490 :
491 0 : r = service_add_fd_store(s, fd, name);
492 0 : if (r == -EXFULL)
493 0 : return log_unit_warning_errno(UNIT(s), r,
494 : "Cannot store more fds than FileDescriptorStoreMax=%u, closing remaining.",
495 : s->n_fd_store_max);
496 0 : if (r < 0)
497 0 : return log_unit_error_errno(UNIT(s), r, "Failed to add fd to store: %m");
498 0 : if (r > 0)
499 0 : log_unit_debug(UNIT(s), "Added fd %u (%s) to fd store.", fd, strna(name));
500 0 : fd = -1;
501 : }
502 :
503 0 : return 0;
504 : }
505 :
506 0 : static void service_remove_fd_store(Service *s, const char *name) {
507 : ServiceFDStore *fs, *n;
508 :
509 0 : assert(s);
510 0 : assert(name);
511 :
512 0 : LIST_FOREACH_SAFE(fd_store, fs, n, s->fd_store) {
513 0 : if (!streq(fs->fdname, name))
514 0 : continue;
515 :
516 0 : log_unit_debug(UNIT(s), "Got explicit request to remove fd %i (%s), closing.", fs->fd, name);
517 0 : service_fd_store_unlink(fs);
518 : }
519 0 : }
520 :
521 6 : static int service_arm_timer(Service *s, usec_t usec) {
522 : int r;
523 :
524 6 : assert(s);
525 :
526 6 : if (s->timer_event_source) {
527 0 : r = sd_event_source_set_time(s->timer_event_source, usec);
528 0 : if (r < 0)
529 0 : return r;
530 :
531 0 : return sd_event_source_set_enabled(s->timer_event_source, SD_EVENT_ONESHOT);
532 : }
533 :
534 6 : if (usec == USEC_INFINITY)
535 6 : return 0;
536 :
537 0 : r = sd_event_add_time(
538 0 : UNIT(s)->manager->event,
539 : &s->timer_event_source,
540 : CLOCK_MONOTONIC,
541 : usec, 0,
542 : service_dispatch_timer, s);
543 0 : if (r < 0)
544 0 : return r;
545 :
546 0 : (void) sd_event_source_set_description(s->timer_event_source, "service-timer");
547 :
548 0 : return 0;
549 : }
550 :
551 33 : static int service_verify(Service *s) {
552 33 : assert(s);
553 :
554 33 : if (UNIT(s)->load_state != UNIT_LOADED)
555 0 : return 0;
556 :
557 33 : if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP]
558 0 : && UNIT(s)->success_action == EMERGENCY_ACTION_NONE) {
559 : /* FailureAction= only makes sense if one of the start or stop commands is specified.
560 : * SuccessAction= will be executed unconditionally if no commands are specified. Hence,
561 : * either a command or SuccessAction= are required. */
562 :
563 0 : log_unit_error(UNIT(s), "Service has no ExecStart=, ExecStop=, or SuccessAction=. Refusing.");
564 0 : return -ENOEXEC;
565 : }
566 :
567 33 : if (s->type != SERVICE_ONESHOT && !s->exec_command[SERVICE_EXEC_START]) {
568 0 : log_unit_error(UNIT(s), "Service has no ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.");
569 0 : return -ENOEXEC;
570 : }
571 :
572 33 : if (!s->remain_after_exit && !s->exec_command[SERVICE_EXEC_START] && UNIT(s)->success_action == EMERGENCY_ACTION_NONE) {
573 0 : log_unit_error(UNIT(s), "Service has no ExecStart= and no SuccessAction= settings and does not have RemainAfterExit=yes set. Refusing.");
574 0 : return -ENOEXEC;
575 : }
576 :
577 33 : if (s->type != SERVICE_ONESHOT && s->exec_command[SERVICE_EXEC_START]->command_next) {
578 0 : log_unit_error(UNIT(s), "Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing.");
579 0 : return -ENOEXEC;
580 : }
581 :
582 33 : if (s->type == SERVICE_ONESHOT && s->restart != SERVICE_RESTART_NO) {
583 0 : log_unit_error(UNIT(s), "Service has Restart= setting other than no, which isn't allowed for Type=oneshot services. Refusing.");
584 0 : return -ENOEXEC;
585 : }
586 :
587 33 : if (s->type == SERVICE_ONESHOT && !exit_status_set_is_empty(&s->restart_force_status)) {
588 0 : log_unit_error(UNIT(s), "Service has RestartForceStatus= set, which isn't allowed for Type=oneshot services. Refusing.");
589 0 : return -ENOEXEC;
590 : }
591 :
592 33 : if (s->type == SERVICE_DBUS && !s->bus_name) {
593 0 : log_unit_error(UNIT(s), "Service is of type D-Bus but no D-Bus service name has been specified. Refusing.");
594 0 : return -ENOEXEC;
595 : }
596 :
597 33 : if (s->bus_name && s->type != SERVICE_DBUS)
598 0 : log_unit_warning(UNIT(s), "Service has a D-Bus service name specified, but is not of type dbus. Ignoring.");
599 :
600 33 : if (s->exec_context.pam_name && !IN_SET(s->kill_context.kill_mode, KILL_CONTROL_GROUP, KILL_MIXED)) {
601 0 : log_unit_error(UNIT(s), "Service has PAM enabled. Kill mode must be set to 'control-group' or 'mixed'. Refusing.");
602 0 : return -ENOEXEC;
603 : }
604 :
605 33 : if (s->usb_function_descriptors && !s->usb_function_strings)
606 0 : log_unit_warning(UNIT(s), "Service has USBFunctionDescriptors= setting, but no USBFunctionStrings=. Ignoring.");
607 :
608 33 : if (!s->usb_function_descriptors && s->usb_function_strings)
609 0 : log_unit_warning(UNIT(s), "Service has USBFunctionStrings= setting, but no USBFunctionDescriptors=. Ignoring.");
610 :
611 33 : if (s->runtime_max_usec != USEC_INFINITY && s->type == SERVICE_ONESHOT)
612 0 : log_unit_warning(UNIT(s), "RuntimeMaxSec= has no effect in combination with Type=oneshot. Ignoring.");
613 :
614 33 : return 0;
615 : }
616 :
617 33 : static int service_add_default_dependencies(Service *s) {
618 : int r;
619 :
620 33 : assert(s);
621 :
622 33 : if (!UNIT(s)->default_dependencies)
623 0 : return 0;
624 :
625 : /* Add a number of automatic dependencies useful for the
626 : * majority of services. */
627 :
628 33 : if (MANAGER_IS_SYSTEM(UNIT(s)->manager)) {
629 : /* First, pull in the really early boot stuff, and
630 : * require it, so that we fail if we can't acquire
631 : * it. */
632 :
633 0 : r = unit_add_two_dependencies_by_name(UNIT(s), UNIT_AFTER, UNIT_REQUIRES, SPECIAL_SYSINIT_TARGET, true, UNIT_DEPENDENCY_DEFAULT);
634 0 : if (r < 0)
635 0 : return r;
636 : } else {
637 :
638 : /* In the --user instance there's no sysinit.target,
639 : * in that case require basic.target instead. */
640 :
641 33 : r = unit_add_dependency_by_name(UNIT(s), UNIT_REQUIRES, SPECIAL_BASIC_TARGET, true, UNIT_DEPENDENCY_DEFAULT);
642 33 : if (r < 0)
643 0 : return r;
644 : }
645 :
646 : /* Second, if the rest of the base system is in the same
647 : * transaction, order us after it, but do not pull it in or
648 : * even require it. */
649 33 : r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_BASIC_TARGET, true, UNIT_DEPENDENCY_DEFAULT);
650 33 : if (r < 0)
651 0 : return r;
652 :
653 : /* Third, add us in for normal shutdown. */
654 33 : return unit_add_two_dependencies_by_name(UNIT(s), UNIT_BEFORE, UNIT_CONFLICTS, SPECIAL_SHUTDOWN_TARGET, true, UNIT_DEPENDENCY_DEFAULT);
655 : }
656 :
657 33 : static void service_fix_output(Service *s) {
658 33 : assert(s);
659 :
660 : /* If nothing has been explicitly configured, patch default output in. If input is socket/tty we avoid this
661 : * however, since in that case we want output to default to the same place as we read input from. */
662 :
663 33 : if (s->exec_context.std_error == EXEC_OUTPUT_INHERIT &&
664 33 : s->exec_context.std_output == EXEC_OUTPUT_INHERIT &&
665 33 : s->exec_context.std_input == EXEC_INPUT_NULL)
666 33 : s->exec_context.std_error = UNIT(s)->manager->default_std_error;
667 :
668 33 : if (s->exec_context.std_output == EXEC_OUTPUT_INHERIT &&
669 33 : s->exec_context.std_input == EXEC_INPUT_NULL)
670 33 : s->exec_context.std_output = UNIT(s)->manager->default_std_output;
671 :
672 33 : if (s->exec_context.std_input == EXEC_INPUT_NULL &&
673 33 : s->exec_context.stdin_data_size > 0)
674 0 : s->exec_context.std_input = EXEC_INPUT_DATA;
675 33 : }
676 :
677 33 : static int service_setup_bus_name(Service *s) {
678 : int r;
679 :
680 33 : assert(s);
681 :
682 33 : if (!s->bus_name)
683 33 : return 0;
684 :
685 0 : r = unit_add_dependency_by_name(UNIT(s), UNIT_REQUIRES, SPECIAL_DBUS_SOCKET, true, UNIT_DEPENDENCY_FILE);
686 0 : if (r < 0)
687 0 : return log_unit_error_errno(UNIT(s), r, "Failed to add dependency on " SPECIAL_DBUS_SOCKET ": %m");
688 :
689 : /* We always want to be ordered against dbus.socket if both are in the transaction. */
690 0 : r = unit_add_dependency_by_name(UNIT(s), UNIT_AFTER, SPECIAL_DBUS_SOCKET, true, UNIT_DEPENDENCY_FILE);
691 0 : if (r < 0)
692 0 : return log_unit_error_errno(UNIT(s), r, "Failed to add dependency on " SPECIAL_DBUS_SOCKET ": %m");
693 :
694 0 : r = unit_watch_bus_name(UNIT(s), s->bus_name);
695 0 : if (r == -EEXIST)
696 0 : return log_unit_error_errno(UNIT(s), r, "Two services allocated for the same bus name %s, refusing operation.", s->bus_name);
697 0 : if (r < 0)
698 0 : return log_unit_error_errno(UNIT(s), r, "Cannot watch bus name %s: %m", s->bus_name);
699 :
700 0 : return 0;
701 : }
702 :
703 33 : static int service_add_extras(Service *s) {
704 : int r;
705 :
706 33 : assert(s);
707 :
708 33 : if (s->type == _SERVICE_TYPE_INVALID) {
709 : /* Figure out a type automatically */
710 16 : if (s->bus_name)
711 0 : s->type = SERVICE_DBUS;
712 16 : else if (s->exec_command[SERVICE_EXEC_START])
713 16 : s->type = SERVICE_SIMPLE;
714 : else
715 0 : s->type = SERVICE_ONESHOT;
716 : }
717 :
718 : /* Oneshot services have disabled start timeout by default */
719 33 : if (s->type == SERVICE_ONESHOT && !s->start_timeout_defined)
720 17 : s->timeout_start_usec = USEC_INFINITY;
721 :
722 33 : service_fix_output(s);
723 :
724 33 : r = unit_patch_contexts(UNIT(s));
725 33 : if (r < 0)
726 0 : return r;
727 :
728 33 : r = unit_add_exec_dependencies(UNIT(s), &s->exec_context);
729 33 : if (r < 0)
730 0 : return r;
731 :
732 33 : r = unit_set_default_slice(UNIT(s));
733 33 : if (r < 0)
734 0 : return r;
735 :
736 : /* If the service needs the notify socket, let's enable it automatically. */
737 33 : if (s->notify_access == NOTIFY_NONE &&
738 33 : (s->type == SERVICE_NOTIFY || s->watchdog_usec > 0 || s->n_fd_store_max > 0))
739 0 : s->notify_access = NOTIFY_MAIN;
740 :
741 : /* If no OOM policy was explicitly set, then default to the configure default OOM policy. Except when
742 : * delegation is on, in that case it we assume the payload knows better what to do and can process
743 : * things in a more focused way. */
744 33 : if (s->oom_policy < 0)
745 33 : s->oom_policy = s->cgroup_context.delegate ? OOM_CONTINUE : UNIT(s)->manager->default_oom_policy;
746 :
747 : /* Let the kernel do the killing if that's requested. */
748 33 : s->cgroup_context.memory_oom_group = s->oom_policy == OOM_KILL;
749 :
750 33 : r = service_add_default_dependencies(s);
751 33 : if (r < 0)
752 0 : return r;
753 :
754 33 : r = service_setup_bus_name(s);
755 33 : if (r < 0)
756 0 : return r;
757 :
758 33 : return 0;
759 : }
760 :
761 44 : static int service_load(Unit *u) {
762 44 : Service *s = SERVICE(u);
763 : int r;
764 :
765 44 : assert(s);
766 :
767 : /* Load a .service file */
768 44 : r = unit_load_fragment(u);
769 44 : if (r < 0)
770 0 : return r;
771 :
772 : /* Still nothing found? Then let's give up */
773 44 : if (u->load_state == UNIT_STUB)
774 11 : return -ENOENT;
775 :
776 : /* This is a new unit? Then let's add in some extras */
777 33 : if (u->load_state == UNIT_LOADED) {
778 :
779 : /* We were able to load something, then let's add in
780 : * the dropin directories. */
781 33 : r = unit_load_dropin(u);
782 33 : if (r < 0)
783 0 : return r;
784 :
785 : /* This is a new unit? Then let's add in some
786 : * extras */
787 33 : r = service_add_extras(s);
788 33 : if (r < 0)
789 0 : return r;
790 : }
791 :
792 33 : return service_verify(s);
793 : }
794 :
795 44 : static void service_dump(Unit *u, FILE *f, const char *prefix) {
796 : char buf_restart[FORMAT_TIMESPAN_MAX], buf_start[FORMAT_TIMESPAN_MAX], buf_stop[FORMAT_TIMESPAN_MAX],
797 : buf_runtime[FORMAT_TIMESPAN_MAX], buf_watchdog[FORMAT_TIMESPAN_MAX], buf_abort[FORMAT_TIMESPAN_MAX],
798 : buf_clean[FORMAT_TIMESPAN_MAX];
799 : ServiceExecCommand c;
800 44 : Service *s = SERVICE(u);
801 : const char *prefix2;
802 :
803 44 : assert(s);
804 :
805 44 : prefix = strempty(prefix);
806 220 : prefix2 = strjoina(prefix, "\t");
807 :
808 44 : fprintf(f,
809 : "%sService State: %s\n"
810 : "%sResult: %s\n"
811 : "%sReload Result: %s\n"
812 : "%sClean Result: %s\n"
813 : "%sPermissionsStartOnly: %s\n"
814 : "%sRootDirectoryStartOnly: %s\n"
815 : "%sRemainAfterExit: %s\n"
816 : "%sGuessMainPID: %s\n"
817 : "%sType: %s\n"
818 : "%sRestart: %s\n"
819 : "%sNotifyAccess: %s\n"
820 : "%sNotifyState: %s\n"
821 : "%sOOMPolicy: %s\n",
822 : prefix, service_state_to_string(s->state),
823 : prefix, service_result_to_string(s->result),
824 : prefix, service_result_to_string(s->reload_result),
825 : prefix, service_result_to_string(s->clean_result),
826 44 : prefix, yes_no(s->permissions_start_only),
827 44 : prefix, yes_no(s->root_directory_start_only),
828 44 : prefix, yes_no(s->remain_after_exit),
829 44 : prefix, yes_no(s->guess_main_pid),
830 : prefix, service_type_to_string(s->type),
831 : prefix, service_restart_to_string(s->restart),
832 : prefix, notify_access_to_string(s->notify_access),
833 : prefix, notify_state_to_string(s->notify_state),
834 : prefix, oom_policy_to_string(s->oom_policy));
835 :
836 44 : if (s->control_pid > 0)
837 0 : fprintf(f,
838 : "%sControl PID: "PID_FMT"\n",
839 : prefix, s->control_pid);
840 :
841 44 : if (s->main_pid > 0)
842 0 : fprintf(f,
843 : "%sMain PID: "PID_FMT"\n"
844 : "%sMain PID Known: %s\n"
845 : "%sMain PID Alien: %s\n",
846 : prefix, s->main_pid,
847 0 : prefix, yes_no(s->main_pid_known),
848 0 : prefix, yes_no(s->main_pid_alien));
849 :
850 44 : if (s->pid_file)
851 0 : fprintf(f,
852 : "%sPIDFile: %s\n",
853 : prefix, s->pid_file);
854 :
855 44 : if (s->bus_name)
856 0 : fprintf(f,
857 : "%sBusName: %s\n"
858 : "%sBus Name Good: %s\n",
859 : prefix, s->bus_name,
860 0 : prefix, yes_no(s->bus_name_good));
861 :
862 44 : if (UNIT_ISSET(s->accept_socket))
863 0 : fprintf(f,
864 : "%sAccept Socket: %s\n",
865 0 : prefix, UNIT_DEREF(s->accept_socket)->id);
866 :
867 44 : fprintf(f,
868 : "%sRestartSec: %s\n"
869 : "%sTimeoutStartSec: %s\n"
870 : "%sTimeoutStopSec: %s\n",
871 : prefix, format_timespan(buf_restart, sizeof(buf_restart), s->restart_usec, USEC_PER_SEC),
872 : prefix, format_timespan(buf_start, sizeof(buf_start), s->timeout_start_usec, USEC_PER_SEC),
873 : prefix, format_timespan(buf_stop, sizeof(buf_stop), s->timeout_stop_usec, USEC_PER_SEC));
874 :
875 44 : if (s->timeout_abort_set)
876 0 : fprintf(f,
877 : "%sTimeoutAbortSec: %s\n",
878 : prefix, format_timespan(buf_abort, sizeof(buf_abort), s->timeout_abort_usec, USEC_PER_SEC));
879 :
880 44 : fprintf(f,
881 : "%sTimeoutCleanSec: %s\n"
882 : "%sRuntimeMaxSec: %s\n"
883 : "%sWatchdogSec: %s\n",
884 : prefix, format_timespan(buf_clean, sizeof(buf_clean), s->timeout_clean_usec, USEC_PER_SEC),
885 : prefix, format_timespan(buf_runtime, sizeof(buf_runtime), s->runtime_max_usec, USEC_PER_SEC),
886 : prefix, format_timespan(buf_watchdog, sizeof(buf_watchdog), s->watchdog_usec, USEC_PER_SEC));
887 :
888 44 : kill_context_dump(&s->kill_context, f, prefix);
889 44 : exec_context_dump(&s->exec_context, f, prefix);
890 :
891 352 : for (c = 0; c < _SERVICE_EXEC_COMMAND_MAX; c++) {
892 :
893 308 : if (!s->exec_command[c])
894 264 : continue;
895 :
896 44 : fprintf(f, "%s-> %s:\n",
897 : prefix, service_exec_command_to_string(c));
898 :
899 44 : exec_command_dump_list(s->exec_command[c], f, prefix2);
900 : }
901 :
902 44 : if (s->status_text)
903 0 : fprintf(f, "%sStatus Text: %s\n",
904 : prefix, s->status_text);
905 :
906 44 : if (s->n_fd_store_max > 0)
907 0 : fprintf(f,
908 : "%sFile Descriptor Store Max: %u\n"
909 : "%sFile Descriptor Store Current: %zu\n",
910 : prefix, s->n_fd_store_max,
911 : prefix, s->n_fd_store);
912 :
913 44 : cgroup_context_dump(&s->cgroup_context, f, prefix);
914 44 : }
915 :
916 0 : static int service_is_suitable_main_pid(Service *s, pid_t pid, int prio) {
917 : Unit *owner;
918 :
919 0 : assert(s);
920 0 : assert(pid_is_valid(pid));
921 :
922 : /* Checks whether the specified PID is suitable as main PID for this service. returns negative if not, 0 if the
923 : * PID is questionnable but should be accepted if the source of configuration is trusted. > 0 if the PID is
924 : * good */
925 :
926 0 : if (pid == getpid_cached() || pid == 1) {
927 0 : log_unit_full(UNIT(s), prio, 0, "New main PID "PID_FMT" is the manager, refusing.", pid);
928 0 : return -EPERM;
929 : }
930 :
931 0 : if (pid == s->control_pid) {
932 0 : log_unit_full(UNIT(s), prio, 0, "New main PID "PID_FMT" is the control process, refusing.", pid);
933 0 : return -EPERM;
934 : }
935 :
936 0 : if (!pid_is_alive(pid)) {
937 0 : log_unit_full(UNIT(s), prio, 0, "New main PID "PID_FMT" does not exist or is a zombie.", pid);
938 0 : return -ESRCH;
939 : }
940 :
941 0 : owner = manager_get_unit_by_pid(UNIT(s)->manager, pid);
942 0 : if (owner == UNIT(s)) {
943 0 : log_unit_debug(UNIT(s), "New main PID "PID_FMT" belongs to service, we are happy.", pid);
944 0 : return 1; /* Yay, it's definitely a good PID */
945 : }
946 :
947 0 : return 0; /* Hmm it's a suspicious PID, let's accept it if configuration source is trusted */
948 : }
949 :
950 0 : static int service_load_pid_file(Service *s, bool may_warn) {
951 : char procfs[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
952 0 : bool questionable_pid_file = false;
953 0 : _cleanup_free_ char *k = NULL;
954 0 : _cleanup_close_ int fd = -1;
955 : int r, prio;
956 : pid_t pid;
957 :
958 0 : assert(s);
959 :
960 0 : if (!s->pid_file)
961 0 : return -ENOENT;
962 :
963 0 : prio = may_warn ? LOG_INFO : LOG_DEBUG;
964 :
965 0 : fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN|CHASE_SAFE, NULL);
966 0 : if (fd == -ENOLINK) {
967 0 : log_unit_full(UNIT(s), LOG_DEBUG, fd, "Potentially unsafe symlink chain, will now retry with relaxed checks: %s", s->pid_file);
968 :
969 0 : questionable_pid_file = true;
970 :
971 0 : fd = chase_symlinks(s->pid_file, NULL, CHASE_OPEN, NULL);
972 : }
973 0 : if (fd < 0)
974 0 : return log_unit_full(UNIT(s), prio, fd, "Can't open PID file %s (yet?) after %s: %m", s->pid_file, service_state_to_string(s->state));
975 :
976 : /* Let's read the PID file now that we chased it down. But we need to convert the O_PATH fd chase_symlinks() returned us into a proper fd first. */
977 0 : xsprintf(procfs, "/proc/self/fd/%i", fd);
978 0 : r = read_one_line_file(procfs, &k);
979 0 : if (r < 0)
980 0 : return log_unit_error_errno(UNIT(s), r, "Can't convert PID files %s O_PATH file descriptor to proper file descriptor: %m", s->pid_file);
981 :
982 0 : r = parse_pid(k, &pid);
983 0 : if (r < 0)
984 0 : return log_unit_full(UNIT(s), prio, r, "Failed to parse PID from file %s: %m", s->pid_file);
985 :
986 0 : if (s->main_pid_known && pid == s->main_pid)
987 0 : return 0;
988 :
989 0 : r = service_is_suitable_main_pid(s, pid, prio);
990 0 : if (r < 0)
991 0 : return r;
992 0 : if (r == 0) {
993 : struct stat st;
994 :
995 0 : if (questionable_pid_file) {
996 0 : log_unit_error(UNIT(s), "Refusing to accept PID outside of service control group, acquired through unsafe symlink chain: %s", s->pid_file);
997 0 : return -EPERM;
998 : }
999 :
1000 : /* Hmm, it's not clear if the new main PID is safe. Let's allow this if the PID file is owned by root */
1001 :
1002 0 : if (fstat(fd, &st) < 0)
1003 0 : return log_unit_error_errno(UNIT(s), errno, "Failed to fstat() PID file O_PATH fd: %m");
1004 :
1005 0 : if (st.st_uid != 0) {
1006 0 : log_unit_error(UNIT(s), "New main PID "PID_FMT" does not belong to service, and PID file is not owned by root. Refusing.", pid);
1007 0 : return -EPERM;
1008 : }
1009 :
1010 0 : log_unit_debug(UNIT(s), "New main PID "PID_FMT" does not belong to service, but we'll accept it since PID file is owned by root.", pid);
1011 : }
1012 :
1013 0 : if (s->main_pid_known) {
1014 0 : log_unit_debug(UNIT(s), "Main PID changing: "PID_FMT" -> "PID_FMT, s->main_pid, pid);
1015 :
1016 0 : service_unwatch_main_pid(s);
1017 0 : s->main_pid_known = false;
1018 : } else
1019 0 : log_unit_debug(UNIT(s), "Main PID loaded: "PID_FMT, pid);
1020 :
1021 0 : r = service_set_main_pid(s, pid);
1022 0 : if (r < 0)
1023 0 : return r;
1024 :
1025 0 : r = unit_watch_pid(UNIT(s), pid, false);
1026 0 : if (r < 0) /* FIXME: we need to do something here */
1027 0 : return log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" for service: %m", pid);
1028 :
1029 0 : return 1;
1030 : }
1031 :
1032 0 : static void service_search_main_pid(Service *s) {
1033 0 : pid_t pid = 0;
1034 : int r;
1035 :
1036 0 : assert(s);
1037 :
1038 : /* If we know it anyway, don't ever fallback to unreliable
1039 : * heuristics */
1040 0 : if (s->main_pid_known)
1041 0 : return;
1042 :
1043 0 : if (!s->guess_main_pid)
1044 0 : return;
1045 :
1046 0 : assert(s->main_pid <= 0);
1047 :
1048 0 : if (unit_search_main_pid(UNIT(s), &pid) < 0)
1049 0 : return;
1050 :
1051 0 : log_unit_debug(UNIT(s), "Main PID guessed: "PID_FMT, pid);
1052 0 : if (service_set_main_pid(s, pid) < 0)
1053 0 : return;
1054 :
1055 0 : r = unit_watch_pid(UNIT(s), pid, false);
1056 0 : if (r < 0)
1057 : /* FIXME: we need to do something here */
1058 0 : log_unit_warning_errno(UNIT(s), r, "Failed to watch PID "PID_FMT" from: %m", pid);
1059 : }
1060 :
1061 6 : static void service_set_state(Service *s, ServiceState state) {
1062 : ServiceState old_state;
1063 : const UnitActiveState *table;
1064 :
1065 6 : assert(s);
1066 :
1067 6 : if (s->state != state)
1068 6 : bus_unit_send_pending_change_signal(UNIT(s), false);
1069 :
1070 6 : table = s->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
1071 :
1072 6 : old_state = s->state;
1073 6 : s->state = state;
1074 :
1075 6 : service_unwatch_pid_file(s);
1076 :
1077 6 : if (!IN_SET(state,
1078 : SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
1079 : SERVICE_RUNNING,
1080 : SERVICE_RELOAD,
1081 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1082 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
1083 : SERVICE_AUTO_RESTART,
1084 : SERVICE_CLEANING))
1085 0 : s->timer_event_source = sd_event_source_unref(s->timer_event_source);
1086 :
1087 6 : if (!IN_SET(state,
1088 : SERVICE_START, SERVICE_START_POST,
1089 : SERVICE_RUNNING, SERVICE_RELOAD,
1090 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1091 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL)) {
1092 0 : service_unwatch_main_pid(s);
1093 0 : s->main_command = NULL;
1094 : }
1095 :
1096 6 : if (!IN_SET(state,
1097 : SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
1098 : SERVICE_RELOAD,
1099 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1100 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
1101 : SERVICE_CLEANING)) {
1102 0 : service_unwatch_control_pid(s);
1103 0 : s->control_command = NULL;
1104 0 : s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
1105 : }
1106 :
1107 6 : if (IN_SET(state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART)) {
1108 0 : unit_unwatch_all_pids(UNIT(s));
1109 0 : unit_dequeue_rewatch_pids(UNIT(s));
1110 : }
1111 :
1112 6 : if (!IN_SET(state,
1113 : SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
1114 : SERVICE_RUNNING, SERVICE_RELOAD,
1115 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1116 0 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL) &&
1117 0 : !(state == SERVICE_DEAD && UNIT(s)->job))
1118 0 : service_close_socket_fd(s);
1119 :
1120 6 : if (state != SERVICE_START)
1121 0 : s->exec_fd_event_source = sd_event_source_unref(s->exec_fd_event_source);
1122 :
1123 6 : if (!IN_SET(state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
1124 6 : service_stop_watchdog(s);
1125 :
1126 : /* For the inactive states unit_notify() will trim the cgroup,
1127 : * but for exit we have to do that ourselves... */
1128 6 : if (state == SERVICE_EXITED && !MANAGER_IS_RELOADING(UNIT(s)->manager))
1129 0 : unit_prune_cgroup(UNIT(s));
1130 :
1131 6 : if (old_state != state)
1132 6 : log_unit_debug(UNIT(s), "Changed %s -> %s", service_state_to_string(old_state), service_state_to_string(state));
1133 :
1134 6 : unit_notify(UNIT(s), table[old_state], table[state],
1135 12 : (s->reload_result == SERVICE_SUCCESS ? 0 : UNIT_NOTIFY_RELOAD_FAILURE) |
1136 6 : (s->will_auto_restart ? UNIT_NOTIFY_WILL_AUTO_RESTART : 0) |
1137 6 : (s->result == SERVICE_SKIP_CONDITION ? UNIT_NOTIFY_SKIP_CONDITION : 0));
1138 6 : }
1139 :
1140 0 : static usec_t service_coldplug_timeout(Service *s) {
1141 0 : assert(s);
1142 :
1143 0 : switch (s->deserialized_state) {
1144 :
1145 0 : case SERVICE_CONDITION:
1146 : case SERVICE_START_PRE:
1147 : case SERVICE_START:
1148 : case SERVICE_START_POST:
1149 : case SERVICE_RELOAD:
1150 0 : return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_start_usec);
1151 :
1152 0 : case SERVICE_RUNNING:
1153 0 : return usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec);
1154 :
1155 0 : case SERVICE_STOP:
1156 : case SERVICE_STOP_SIGTERM:
1157 : case SERVICE_STOP_SIGKILL:
1158 : case SERVICE_STOP_POST:
1159 : case SERVICE_FINAL_SIGTERM:
1160 : case SERVICE_FINAL_SIGKILL:
1161 0 : return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_stop_usec);
1162 :
1163 0 : case SERVICE_STOP_WATCHDOG:
1164 0 : return usec_add(UNIT(s)->state_change_timestamp.monotonic, service_timeout_abort_usec(s));
1165 :
1166 0 : case SERVICE_AUTO_RESTART:
1167 0 : return usec_add(UNIT(s)->inactive_enter_timestamp.monotonic, s->restart_usec);
1168 :
1169 0 : case SERVICE_CLEANING:
1170 0 : return usec_add(UNIT(s)->state_change_timestamp.monotonic, s->timeout_clean_usec);
1171 :
1172 0 : default:
1173 0 : return USEC_INFINITY;
1174 : }
1175 : }
1176 :
1177 0 : static int service_coldplug(Unit *u) {
1178 0 : Service *s = SERVICE(u);
1179 : int r;
1180 :
1181 0 : assert(s);
1182 0 : assert(s->state == SERVICE_DEAD);
1183 :
1184 0 : if (s->deserialized_state == s->state)
1185 0 : return 0;
1186 :
1187 0 : r = service_arm_timer(s, service_coldplug_timeout(s));
1188 0 : if (r < 0)
1189 0 : return r;
1190 :
1191 0 : if (s->main_pid > 0 &&
1192 0 : pid_is_unwaited(s->main_pid) &&
1193 0 : (IN_SET(s->deserialized_state,
1194 : SERVICE_START, SERVICE_START_POST,
1195 : SERVICE_RUNNING, SERVICE_RELOAD,
1196 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1197 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))) {
1198 0 : r = unit_watch_pid(UNIT(s), s->main_pid, false);
1199 0 : if (r < 0)
1200 0 : return r;
1201 : }
1202 :
1203 0 : if (s->control_pid > 0 &&
1204 0 : pid_is_unwaited(s->control_pid) &&
1205 0 : IN_SET(s->deserialized_state,
1206 : SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST,
1207 : SERVICE_RELOAD,
1208 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
1209 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL,
1210 : SERVICE_CLEANING)) {
1211 0 : r = unit_watch_pid(UNIT(s), s->control_pid, false);
1212 0 : if (r < 0)
1213 0 : return r;
1214 : }
1215 :
1216 0 : if (!IN_SET(s->deserialized_state, SERVICE_DEAD, SERVICE_FAILED, SERVICE_AUTO_RESTART, SERVICE_CLEANING)) {
1217 0 : (void) unit_enqueue_rewatch_pids(u);
1218 0 : (void) unit_setup_dynamic_creds(u);
1219 0 : (void) unit_setup_exec_runtime(u);
1220 : }
1221 :
1222 0 : if (IN_SET(s->deserialized_state, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
1223 0 : service_start_watchdog(s);
1224 :
1225 0 : if (UNIT_ISSET(s->accept_socket)) {
1226 0 : Socket* socket = SOCKET(UNIT_DEREF(s->accept_socket));
1227 :
1228 0 : if (socket->max_connections_per_source > 0) {
1229 : SocketPeer *peer;
1230 :
1231 : /* Make a best-effort attempt at bumping the connection count */
1232 0 : if (socket_acquire_peer(socket, s->socket_fd, &peer) > 0) {
1233 0 : socket_peer_unref(s->peer);
1234 0 : s->peer = peer;
1235 : }
1236 : }
1237 : }
1238 :
1239 0 : service_set_state(s, s->deserialized_state);
1240 0 : return 0;
1241 : }
1242 :
1243 6 : static int service_collect_fds(
1244 : Service *s,
1245 : int **fds,
1246 : char ***fd_names,
1247 : size_t *n_socket_fds,
1248 : size_t *n_storage_fds) {
1249 :
1250 6 : _cleanup_strv_free_ char **rfd_names = NULL;
1251 6 : _cleanup_free_ int *rfds = NULL;
1252 6 : size_t rn_socket_fds = 0, rn_storage_fds = 0;
1253 : int r;
1254 :
1255 6 : assert(s);
1256 6 : assert(fds);
1257 6 : assert(fd_names);
1258 6 : assert(n_socket_fds);
1259 6 : assert(n_storage_fds);
1260 :
1261 6 : if (s->socket_fd >= 0) {
1262 :
1263 : /* Pass the per-connection socket */
1264 :
1265 0 : rfds = new(int, 1);
1266 0 : if (!rfds)
1267 0 : return -ENOMEM;
1268 0 : rfds[0] = s->socket_fd;
1269 :
1270 0 : rfd_names = strv_new("connection");
1271 0 : if (!rfd_names)
1272 0 : return -ENOMEM;
1273 :
1274 0 : rn_socket_fds = 1;
1275 : } else {
1276 : Iterator i;
1277 : void *v;
1278 : Unit *u;
1279 :
1280 : /* Pass all our configured sockets for singleton services */
1281 :
1282 12 : HASHMAP_FOREACH_KEY(v, u, UNIT(s)->dependencies[UNIT_TRIGGERED_BY], i) {
1283 6 : _cleanup_free_ int *cfds = NULL;
1284 : Socket *sock;
1285 : int cn_fds;
1286 :
1287 6 : if (u->type != UNIT_SOCKET)
1288 6 : continue;
1289 :
1290 0 : sock = SOCKET(u);
1291 :
1292 0 : cn_fds = socket_collect_fds(sock, &cfds);
1293 0 : if (cn_fds < 0)
1294 0 : return cn_fds;
1295 :
1296 0 : if (cn_fds <= 0)
1297 0 : continue;
1298 :
1299 0 : if (!rfds) {
1300 0 : rfds = TAKE_PTR(cfds);
1301 0 : rn_socket_fds = cn_fds;
1302 : } else {
1303 : int *t;
1304 :
1305 0 : t = reallocarray(rfds, rn_socket_fds + cn_fds, sizeof(int));
1306 0 : if (!t)
1307 0 : return -ENOMEM;
1308 :
1309 0 : memcpy(t + rn_socket_fds, cfds, cn_fds * sizeof(int));
1310 :
1311 0 : rfds = t;
1312 0 : rn_socket_fds += cn_fds;
1313 : }
1314 :
1315 0 : r = strv_extend_n(&rfd_names, socket_fdname(sock), cn_fds);
1316 0 : if (r < 0)
1317 0 : return r;
1318 : }
1319 : }
1320 :
1321 6 : if (s->n_fd_store > 0) {
1322 : ServiceFDStore *fs;
1323 : size_t n_fds;
1324 : char **nl;
1325 : int *t;
1326 :
1327 0 : t = reallocarray(rfds, rn_socket_fds + s->n_fd_store, sizeof(int));
1328 0 : if (!t)
1329 0 : return -ENOMEM;
1330 :
1331 0 : rfds = t;
1332 :
1333 0 : nl = reallocarray(rfd_names, rn_socket_fds + s->n_fd_store + 1, sizeof(char *));
1334 0 : if (!nl)
1335 0 : return -ENOMEM;
1336 :
1337 0 : rfd_names = nl;
1338 0 : n_fds = rn_socket_fds;
1339 :
1340 0 : LIST_FOREACH(fd_store, fs, s->fd_store) {
1341 0 : rfds[n_fds] = fs->fd;
1342 0 : rfd_names[n_fds] = strdup(strempty(fs->fdname));
1343 0 : if (!rfd_names[n_fds])
1344 0 : return -ENOMEM;
1345 :
1346 0 : rn_storage_fds++;
1347 0 : n_fds++;
1348 : }
1349 :
1350 0 : rfd_names[n_fds] = NULL;
1351 : }
1352 :
1353 6 : *fds = TAKE_PTR(rfds);
1354 6 : *fd_names = TAKE_PTR(rfd_names);
1355 6 : *n_socket_fds = rn_socket_fds;
1356 6 : *n_storage_fds = rn_storage_fds;
1357 :
1358 6 : return 0;
1359 : }
1360 :
1361 0 : static int service_allocate_exec_fd_event_source(
1362 : Service *s,
1363 : int fd,
1364 : sd_event_source **ret_event_source) {
1365 :
1366 0 : _cleanup_(sd_event_source_unrefp) sd_event_source *source = NULL;
1367 : int r;
1368 :
1369 0 : assert(s);
1370 0 : assert(fd >= 0);
1371 0 : assert(ret_event_source);
1372 :
1373 0 : r = sd_event_add_io(UNIT(s)->manager->event, &source, fd, 0, service_dispatch_exec_io, s);
1374 0 : if (r < 0)
1375 0 : return log_unit_error_errno(UNIT(s), r, "Failed to allocate exec_fd event source: %m");
1376 :
1377 : /* This is a bit lower priority than SIGCHLD, as that carries a lot more interesting failure information */
1378 :
1379 0 : r = sd_event_source_set_priority(source, SD_EVENT_PRIORITY_NORMAL-3);
1380 0 : if (r < 0)
1381 0 : return log_unit_error_errno(UNIT(s), r, "Failed to adjust priority of exec_fd event source: %m");
1382 :
1383 0 : (void) sd_event_source_set_description(source, "service event_fd");
1384 :
1385 0 : r = sd_event_source_set_io_fd_own(source, true);
1386 0 : if (r < 0)
1387 0 : return log_unit_error_errno(UNIT(s), r, "Failed to pass ownership of fd to event source: %m");
1388 :
1389 0 : *ret_event_source = TAKE_PTR(source);
1390 0 : return 0;
1391 : }
1392 :
1393 0 : static int service_allocate_exec_fd(
1394 : Service *s,
1395 : sd_event_source **ret_event_source,
1396 : int* ret_exec_fd) {
1397 :
1398 0 : _cleanup_close_pair_ int p[2] = { -1, -1 };
1399 : int r;
1400 :
1401 0 : assert(s);
1402 0 : assert(ret_event_source);
1403 0 : assert(ret_exec_fd);
1404 :
1405 0 : if (pipe2(p, O_CLOEXEC|O_NONBLOCK) < 0)
1406 0 : return log_unit_error_errno(UNIT(s), errno, "Failed to allocate exec_fd pipe: %m");
1407 :
1408 0 : r = service_allocate_exec_fd_event_source(s, p[0], ret_event_source);
1409 0 : if (r < 0)
1410 0 : return r;
1411 :
1412 0 : p[0] = -1;
1413 0 : *ret_exec_fd = TAKE_FD(p[1]);
1414 :
1415 0 : return 0;
1416 : }
1417 :
1418 6 : static bool service_exec_needs_notify_socket(Service *s, ExecFlags flags) {
1419 6 : assert(s);
1420 :
1421 : /* Notifications are accepted depending on the process and
1422 : * the access setting of the service:
1423 : * process: \ access: NONE MAIN EXEC ALL
1424 : * main no yes yes yes
1425 : * control no no yes yes
1426 : * other (forked) no no no yes */
1427 :
1428 6 : if (flags & EXEC_IS_CONTROL)
1429 : /* A control process */
1430 0 : return IN_SET(s->notify_access, NOTIFY_EXEC, NOTIFY_ALL);
1431 :
1432 : /* We only spawn main processes and control processes, so any
1433 : * process that is not a control process is a main process */
1434 6 : return s->notify_access != NOTIFY_NONE;
1435 : }
1436 :
1437 6 : static int service_spawn(
1438 : Service *s,
1439 : ExecCommand *c,
1440 : usec_t timeout,
1441 : ExecFlags flags,
1442 : pid_t *_pid) {
1443 :
1444 6 : _cleanup_(exec_params_clear) ExecParameters exec_params = {
1445 : .flags = flags,
1446 : .stdin_fd = -1,
1447 : .stdout_fd = -1,
1448 : .stderr_fd = -1,
1449 : .exec_fd = -1,
1450 : };
1451 6 : _cleanup_strv_free_ char **final_env = NULL, **our_env = NULL, **fd_names = NULL;
1452 6 : _cleanup_(sd_event_source_unrefp) sd_event_source *exec_fd_source = NULL;
1453 6 : size_t n_socket_fds = 0, n_storage_fds = 0, n_env = 0;
1454 6 : _cleanup_close_ int exec_fd = -1;
1455 6 : _cleanup_free_ int *fds = NULL;
1456 : pid_t pid;
1457 : int r;
1458 :
1459 6 : assert(s);
1460 6 : assert(c);
1461 6 : assert(_pid);
1462 :
1463 6 : r = unit_prepare_exec(UNIT(s)); /* This realizes the cgroup, among other things */
1464 6 : if (r < 0)
1465 0 : return r;
1466 :
1467 6 : if (flags & EXEC_IS_CONTROL) {
1468 : /* If this is a control process, mask the permissions/chroot application if this is requested. */
1469 0 : if (s->permissions_start_only)
1470 0 : exec_params.flags &= ~EXEC_APPLY_SANDBOXING;
1471 0 : if (s->root_directory_start_only)
1472 0 : exec_params.flags &= ~EXEC_APPLY_CHROOT;
1473 : }
1474 :
1475 6 : if ((flags & EXEC_PASS_FDS) ||
1476 0 : s->exec_context.std_input == EXEC_INPUT_SOCKET ||
1477 0 : s->exec_context.std_output == EXEC_OUTPUT_SOCKET ||
1478 0 : s->exec_context.std_error == EXEC_OUTPUT_SOCKET) {
1479 :
1480 6 : r = service_collect_fds(s, &fds, &fd_names, &n_socket_fds, &n_storage_fds);
1481 6 : if (r < 0)
1482 0 : return r;
1483 :
1484 6 : log_unit_debug(UNIT(s), "Passing %zu fds to service", n_socket_fds + n_storage_fds);
1485 : }
1486 :
1487 6 : if (!FLAGS_SET(flags, EXEC_IS_CONTROL) && s->type == SERVICE_EXEC) {
1488 0 : assert(!s->exec_fd_event_source);
1489 :
1490 0 : r = service_allocate_exec_fd(s, &exec_fd_source, &exec_fd);
1491 0 : if (r < 0)
1492 0 : return r;
1493 : }
1494 :
1495 6 : r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), timeout));
1496 6 : if (r < 0)
1497 0 : return r;
1498 :
1499 6 : our_env = new0(char*, 10);
1500 6 : if (!our_env)
1501 0 : return -ENOMEM;
1502 :
1503 6 : if (service_exec_needs_notify_socket(s, flags))
1504 0 : if (asprintf(our_env + n_env++, "NOTIFY_SOCKET=%s", UNIT(s)->manager->notify_socket) < 0)
1505 0 : return -ENOMEM;
1506 :
1507 6 : if (s->main_pid > 0)
1508 0 : if (asprintf(our_env + n_env++, "MAINPID="PID_FMT, s->main_pid) < 0)
1509 0 : return -ENOMEM;
1510 :
1511 6 : if (MANAGER_IS_USER(UNIT(s)->manager))
1512 6 : if (asprintf(our_env + n_env++, "MANAGERPID="PID_FMT, getpid_cached()) < 0)
1513 0 : return -ENOMEM;
1514 :
1515 6 : if (s->pid_file)
1516 0 : if (asprintf(our_env + n_env++, "PIDFILE=%s", s->pid_file) < 0)
1517 0 : return -ENOMEM;
1518 :
1519 6 : if (s->socket_fd >= 0) {
1520 : union sockaddr_union sa;
1521 0 : socklen_t salen = sizeof(sa);
1522 :
1523 : /* If this is a per-connection service instance, let's set $REMOTE_ADDR and $REMOTE_PORT to something
1524 : * useful. Note that we do this only when we are still connected at this point in time, which we might
1525 : * very well not be. Hence we ignore all errors when retrieving peer information (as that might result
1526 : * in ENOTCONN), and just use whate we can use. */
1527 :
1528 0 : if (getpeername(s->socket_fd, &sa.sa, &salen) >= 0 &&
1529 0 : IN_SET(sa.sa.sa_family, AF_INET, AF_INET6, AF_VSOCK)) {
1530 :
1531 0 : _cleanup_free_ char *addr = NULL;
1532 : char *t;
1533 : unsigned port;
1534 :
1535 0 : r = sockaddr_pretty(&sa.sa, salen, true, false, &addr);
1536 0 : if (r < 0)
1537 0 : return r;
1538 :
1539 0 : t = strjoin("REMOTE_ADDR=", addr);
1540 0 : if (!t)
1541 0 : return -ENOMEM;
1542 0 : our_env[n_env++] = t;
1543 :
1544 0 : r = sockaddr_port(&sa.sa, &port);
1545 0 : if (r < 0)
1546 0 : return r;
1547 :
1548 0 : if (asprintf(&t, "REMOTE_PORT=%u", port) < 0)
1549 0 : return -ENOMEM;
1550 0 : our_env[n_env++] = t;
1551 : }
1552 : }
1553 :
1554 6 : if (flags & EXEC_SETENV_RESULT) {
1555 0 : if (asprintf(our_env + n_env++, "SERVICE_RESULT=%s", service_result_to_string(s->result)) < 0)
1556 0 : return -ENOMEM;
1557 :
1558 0 : if (s->main_exec_status.pid > 0 &&
1559 0 : dual_timestamp_is_set(&s->main_exec_status.exit_timestamp)) {
1560 0 : if (asprintf(our_env + n_env++, "EXIT_CODE=%s", sigchld_code_to_string(s->main_exec_status.code)) < 0)
1561 0 : return -ENOMEM;
1562 :
1563 0 : if (s->main_exec_status.code == CLD_EXITED)
1564 0 : r = asprintf(our_env + n_env++, "EXIT_STATUS=%i", s->main_exec_status.status);
1565 : else
1566 0 : r = asprintf(our_env + n_env++, "EXIT_STATUS=%s", signal_to_string(s->main_exec_status.status));
1567 0 : if (r < 0)
1568 0 : return -ENOMEM;
1569 : }
1570 : }
1571 :
1572 6 : r = unit_set_exec_params(UNIT(s), &exec_params);
1573 6 : if (r < 0)
1574 0 : return r;
1575 :
1576 6 : final_env = strv_env_merge(2, exec_params.environment, our_env, NULL);
1577 6 : if (!final_env)
1578 0 : return -ENOMEM;
1579 :
1580 : /* System D-Bus needs nss-systemd disabled, so that we don't deadlock */
1581 6 : SET_FLAG(exec_params.flags, EXEC_NSS_BYPASS_BUS,
1582 : MANAGER_IS_SYSTEM(UNIT(s)->manager) && unit_has_name(UNIT(s), SPECIAL_DBUS_SERVICE));
1583 :
1584 6 : strv_free_and_replace(exec_params.environment, final_env);
1585 6 : exec_params.fds = fds;
1586 6 : exec_params.fd_names = fd_names;
1587 6 : exec_params.n_socket_fds = n_socket_fds;
1588 6 : exec_params.n_storage_fds = n_storage_fds;
1589 6 : exec_params.watchdog_usec = service_get_watchdog_usec(s);
1590 6 : exec_params.selinux_context_net = s->socket_fd_selinux_context_net;
1591 6 : if (s->type == SERVICE_IDLE)
1592 0 : exec_params.idle_pipe = UNIT(s)->manager->idle_pipe;
1593 6 : exec_params.stdin_fd = s->stdin_fd;
1594 6 : exec_params.stdout_fd = s->stdout_fd;
1595 6 : exec_params.stderr_fd = s->stderr_fd;
1596 6 : exec_params.exec_fd = exec_fd;
1597 :
1598 6 : r = exec_spawn(UNIT(s),
1599 : c,
1600 6 : &s->exec_context,
1601 : &exec_params,
1602 : s->exec_runtime,
1603 : &s->dynamic_creds,
1604 : &pid);
1605 6 : if (r < 0)
1606 0 : return r;
1607 :
1608 6 : s->exec_fd_event_source = TAKE_PTR(exec_fd_source);
1609 6 : s->exec_fd_hot = false;
1610 :
1611 6 : r = unit_watch_pid(UNIT(s), pid, true);
1612 6 : if (r < 0)
1613 0 : return r;
1614 :
1615 6 : *_pid = pid;
1616 :
1617 6 : return 0;
1618 : }
1619 :
1620 88 : static int main_pid_good(Service *s) {
1621 88 : assert(s);
1622 :
1623 : /* Returns 0 if the pid is dead, > 0 if it is good, < 0 if we don't know */
1624 :
1625 : /* If we know the pid file, then let's just check if it is
1626 : * still valid */
1627 88 : if (s->main_pid_known) {
1628 :
1629 : /* If it's an alien child let's check if it is still
1630 : * alive ... */
1631 0 : if (s->main_pid_alien && s->main_pid > 0)
1632 0 : return pid_is_alive(s->main_pid);
1633 :
1634 : /* .. otherwise assume we'll get a SIGCHLD for it,
1635 : * which we really should wait for to collect exit
1636 : * status and code */
1637 0 : return s->main_pid > 0;
1638 : }
1639 :
1640 : /* We don't know the pid */
1641 88 : return -EAGAIN;
1642 : }
1643 :
1644 88 : static int control_pid_good(Service *s) {
1645 88 : assert(s);
1646 :
1647 : /* Returns 0 if the control PID is dead, > 0 if it is good. We never actually return < 0 here, but in order to
1648 : * make this function as similar as possible to main_pid_good() and cgroup_good(), we pretend that < 0 also
1649 : * means: we can't figure it out. */
1650 :
1651 88 : return s->control_pid > 0;
1652 : }
1653 :
1654 0 : static int cgroup_good(Service *s) {
1655 : int r;
1656 :
1657 0 : assert(s);
1658 :
1659 : /* Returns 0 if the cgroup is empty or doesn't exist, > 0 if it is exists and is populated, < 0 if we can't
1660 : * figure it out */
1661 :
1662 0 : if (!UNIT(s)->cgroup_path)
1663 0 : return 0;
1664 :
1665 0 : r = cg_is_empty_recursive(SYSTEMD_CGROUP_CONTROLLER, UNIT(s)->cgroup_path);
1666 0 : if (r < 0)
1667 0 : return r;
1668 :
1669 0 : return r == 0;
1670 : }
1671 :
1672 0 : static bool service_shall_restart(Service *s) {
1673 0 : assert(s);
1674 :
1675 : /* Don't restart after manual stops */
1676 0 : if (s->forbid_restart)
1677 0 : return false;
1678 :
1679 : /* Never restart if this is configured as special exception */
1680 0 : if (exit_status_set_test(&s->restart_prevent_status, s->main_exec_status.code, s->main_exec_status.status))
1681 0 : return false;
1682 :
1683 : /* Restart if the exit code/status are configured as restart triggers */
1684 0 : if (exit_status_set_test(&s->restart_force_status, s->main_exec_status.code, s->main_exec_status.status))
1685 0 : return true;
1686 :
1687 0 : switch (s->restart) {
1688 :
1689 0 : case SERVICE_RESTART_NO:
1690 0 : return false;
1691 :
1692 0 : case SERVICE_RESTART_ALWAYS:
1693 0 : return true;
1694 :
1695 0 : case SERVICE_RESTART_ON_SUCCESS:
1696 0 : return s->result == SERVICE_SUCCESS;
1697 :
1698 0 : case SERVICE_RESTART_ON_FAILURE:
1699 0 : return s->result != SERVICE_SUCCESS;
1700 :
1701 0 : case SERVICE_RESTART_ON_ABNORMAL:
1702 0 : return !IN_SET(s->result, SERVICE_SUCCESS, SERVICE_FAILURE_EXIT_CODE);
1703 :
1704 0 : case SERVICE_RESTART_ON_WATCHDOG:
1705 0 : return s->result == SERVICE_FAILURE_WATCHDOG;
1706 :
1707 0 : case SERVICE_RESTART_ON_ABORT:
1708 0 : return IN_SET(s->result, SERVICE_FAILURE_SIGNAL, SERVICE_FAILURE_CORE_DUMP);
1709 :
1710 0 : default:
1711 0 : assert_not_reached("unknown restart setting");
1712 : }
1713 : }
1714 :
1715 0 : static bool service_will_restart(Unit *u) {
1716 0 : Service *s = SERVICE(u);
1717 :
1718 0 : assert(s);
1719 :
1720 0 : if (s->will_auto_restart)
1721 0 : return true;
1722 0 : if (s->state == SERVICE_AUTO_RESTART)
1723 0 : return true;
1724 0 : if (!UNIT(s)->job)
1725 0 : return false;
1726 0 : if (UNIT(s)->job->type == JOB_START)
1727 0 : return true;
1728 :
1729 0 : return false;
1730 : }
1731 :
1732 0 : static void service_enter_dead(Service *s, ServiceResult f, bool allow_restart) {
1733 : ServiceState end_state;
1734 : int r;
1735 :
1736 0 : assert(s);
1737 :
1738 : /* If there's a stop job queued before we enter the DEAD state, we shouldn't act on Restart=, in order to not
1739 : * undo what has already been enqueued. */
1740 0 : if (unit_stop_pending(UNIT(s)))
1741 0 : allow_restart = false;
1742 :
1743 0 : if (s->result == SERVICE_SUCCESS)
1744 0 : s->result = f;
1745 :
1746 0 : if (s->result == SERVICE_SUCCESS) {
1747 0 : unit_log_success(UNIT(s));
1748 0 : end_state = SERVICE_DEAD;
1749 0 : } else if (s->result == SERVICE_SKIP_CONDITION) {
1750 0 : unit_log_skip(UNIT(s), service_result_to_string(s->result));
1751 0 : end_state = SERVICE_DEAD;
1752 : } else {
1753 0 : unit_log_failure(UNIT(s), service_result_to_string(s->result));
1754 0 : end_state = SERVICE_FAILED;
1755 : }
1756 :
1757 0 : if (allow_restart && service_shall_restart(s))
1758 0 : s->will_auto_restart = true;
1759 :
1760 : /* Make sure service_release_resources() doesn't destroy our FD store, while we are changing through
1761 : * SERVICE_FAILED/SERVICE_DEAD before entering into SERVICE_AUTO_RESTART. */
1762 0 : s->n_keep_fd_store ++;
1763 :
1764 0 : service_set_state(s, end_state);
1765 :
1766 0 : if (s->will_auto_restart) {
1767 0 : s->will_auto_restart = false;
1768 :
1769 0 : r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
1770 0 : if (r < 0) {
1771 0 : s->n_keep_fd_store--;
1772 0 : goto fail;
1773 : }
1774 :
1775 0 : service_set_state(s, SERVICE_AUTO_RESTART);
1776 : } else
1777 : /* If we shan't restart, then flush out the restart counter. But don't do that immediately, so that the
1778 : * user can still introspect the counter. Do so on the next start. */
1779 0 : s->flush_n_restarts = true;
1780 :
1781 : /* The new state is in effect, let's decrease the fd store ref counter again. Let's also re-add us to the GC
1782 : * queue, so that the fd store is possibly gc'ed again */
1783 0 : s->n_keep_fd_store--;
1784 0 : unit_add_to_gc_queue(UNIT(s));
1785 :
1786 : /* The next restart might not be a manual stop, hence reset the flag indicating manual stops */
1787 0 : s->forbid_restart = false;
1788 :
1789 : /* We want fresh tmpdirs in case service is started again immediately */
1790 0 : s->exec_runtime = exec_runtime_unref(s->exec_runtime, true);
1791 :
1792 0 : if (s->exec_context.runtime_directory_preserve_mode == EXEC_PRESERVE_NO ||
1793 0 : (s->exec_context.runtime_directory_preserve_mode == EXEC_PRESERVE_RESTART && !service_will_restart(UNIT(s))))
1794 : /* Also, remove the runtime directory */
1795 0 : exec_context_destroy_runtime_directory(&s->exec_context, UNIT(s)->manager->prefix[EXEC_DIRECTORY_RUNTIME]);
1796 :
1797 : /* Get rid of the IPC bits of the user */
1798 0 : unit_unref_uid_gid(UNIT(s), true);
1799 :
1800 : /* Release the user, and destroy it if we are the only remaining owner */
1801 0 : dynamic_creds_destroy(&s->dynamic_creds);
1802 :
1803 : /* Try to delete the pid file. At this point it will be
1804 : * out-of-date, and some software might be confused by it, so
1805 : * let's remove it. */
1806 0 : if (s->pid_file)
1807 0 : (void) unlink(s->pid_file);
1808 :
1809 : /* Reset TTY ownership if necessary */
1810 0 : exec_context_revert_tty(&s->exec_context);
1811 :
1812 0 : return;
1813 :
1814 0 : fail:
1815 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run install restart timer: %m");
1816 0 : service_enter_dead(s, SERVICE_FAILURE_RESOURCES, false);
1817 : }
1818 :
1819 0 : static void service_enter_stop_post(Service *s, ServiceResult f) {
1820 : int r;
1821 0 : assert(s);
1822 :
1823 0 : if (s->result == SERVICE_SUCCESS)
1824 0 : s->result = f;
1825 :
1826 0 : service_unwatch_control_pid(s);
1827 0 : (void) unit_enqueue_rewatch_pids(UNIT(s));
1828 :
1829 0 : s->control_command = s->exec_command[SERVICE_EXEC_STOP_POST];
1830 0 : if (s->control_command) {
1831 0 : s->control_command_id = SERVICE_EXEC_STOP_POST;
1832 :
1833 0 : r = service_spawn(s,
1834 : s->control_command,
1835 : s->timeout_stop_usec,
1836 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_IS_CONTROL|EXEC_SETENV_RESULT|EXEC_CONTROL_CGROUP,
1837 : &s->control_pid);
1838 0 : if (r < 0)
1839 0 : goto fail;
1840 :
1841 0 : service_set_state(s, SERVICE_STOP_POST);
1842 : } else
1843 0 : service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_SUCCESS);
1844 :
1845 0 : return;
1846 :
1847 0 : fail:
1848 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop-post' task: %m");
1849 0 : service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_RESOURCES);
1850 : }
1851 :
1852 0 : static int state_to_kill_operation(ServiceState state) {
1853 0 : switch (state) {
1854 :
1855 0 : case SERVICE_STOP_WATCHDOG:
1856 0 : return KILL_WATCHDOG;
1857 :
1858 0 : case SERVICE_STOP_SIGTERM:
1859 : case SERVICE_FINAL_SIGTERM:
1860 0 : return KILL_TERMINATE;
1861 :
1862 0 : case SERVICE_STOP_SIGKILL:
1863 : case SERVICE_FINAL_SIGKILL:
1864 0 : return KILL_KILL;
1865 :
1866 0 : default:
1867 0 : return _KILL_OPERATION_INVALID;
1868 : }
1869 : }
1870 :
1871 0 : static void service_enter_signal(Service *s, ServiceState state, ServiceResult f) {
1872 : int r;
1873 :
1874 0 : assert(s);
1875 :
1876 0 : if (s->result == SERVICE_SUCCESS)
1877 0 : s->result = f;
1878 :
1879 : /* Before sending any signal, make sure we track all members of this cgroup */
1880 0 : (void) unit_watch_all_pids(UNIT(s));
1881 :
1882 : /* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
1883 : * died now */
1884 0 : (void) unit_enqueue_rewatch_pids(UNIT(s));
1885 :
1886 0 : r = unit_kill_context(
1887 0 : UNIT(s),
1888 : &s->kill_context,
1889 0 : state_to_kill_operation(state),
1890 : s->main_pid,
1891 : s->control_pid,
1892 0 : s->main_pid_alien);
1893 0 : if (r < 0)
1894 0 : goto fail;
1895 :
1896 0 : if (r > 0) {
1897 0 : r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC),
1898 0 : state == SERVICE_STOP_WATCHDOG ? service_timeout_abort_usec(s) : s->timeout_stop_usec));
1899 0 : if (r < 0)
1900 0 : goto fail;
1901 :
1902 0 : service_set_state(s, state);
1903 0 : } else if (IN_SET(state, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM) && s->kill_context.send_sigkill)
1904 0 : service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_SUCCESS);
1905 0 : else if (IN_SET(state, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL))
1906 0 : service_enter_stop_post(s, SERVICE_SUCCESS);
1907 0 : else if (state == SERVICE_FINAL_SIGTERM && s->kill_context.send_sigkill)
1908 0 : service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_SUCCESS);
1909 : else
1910 0 : service_enter_dead(s, SERVICE_SUCCESS, true);
1911 :
1912 0 : return;
1913 :
1914 0 : fail:
1915 0 : log_unit_warning_errno(UNIT(s), r, "Failed to kill processes: %m");
1916 :
1917 0 : if (IN_SET(state, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL))
1918 0 : service_enter_stop_post(s, SERVICE_FAILURE_RESOURCES);
1919 : else
1920 0 : service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
1921 : }
1922 :
1923 0 : static void service_enter_stop_by_notify(Service *s) {
1924 0 : assert(s);
1925 :
1926 0 : (void) unit_enqueue_rewatch_pids(UNIT(s));
1927 :
1928 0 : service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_stop_usec));
1929 :
1930 : /* The service told us it's stopping, so it's as if we SIGTERM'd it. */
1931 0 : service_set_state(s, SERVICE_STOP_SIGTERM);
1932 0 : }
1933 :
1934 0 : static void service_enter_stop(Service *s, ServiceResult f) {
1935 : int r;
1936 :
1937 0 : assert(s);
1938 :
1939 0 : if (s->result == SERVICE_SUCCESS)
1940 0 : s->result = f;
1941 :
1942 0 : service_unwatch_control_pid(s);
1943 0 : (void) unit_enqueue_rewatch_pids(UNIT(s));
1944 :
1945 0 : s->control_command = s->exec_command[SERVICE_EXEC_STOP];
1946 0 : if (s->control_command) {
1947 0 : s->control_command_id = SERVICE_EXEC_STOP;
1948 :
1949 0 : r = service_spawn(s,
1950 : s->control_command,
1951 : s->timeout_stop_usec,
1952 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_SETENV_RESULT|EXEC_CONTROL_CGROUP,
1953 : &s->control_pid);
1954 0 : if (r < 0)
1955 0 : goto fail;
1956 :
1957 0 : service_set_state(s, SERVICE_STOP);
1958 : } else
1959 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_SUCCESS);
1960 :
1961 0 : return;
1962 :
1963 0 : fail:
1964 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'stop' task: %m");
1965 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
1966 : }
1967 :
1968 0 : static bool service_good(Service *s) {
1969 : int main_pid_ok;
1970 0 : assert(s);
1971 :
1972 0 : if (s->type == SERVICE_DBUS && !s->bus_name_good)
1973 0 : return false;
1974 :
1975 0 : main_pid_ok = main_pid_good(s);
1976 0 : if (main_pid_ok > 0) /* It's alive */
1977 0 : return true;
1978 0 : if (main_pid_ok == 0) /* It's dead */
1979 0 : return false;
1980 :
1981 : /* OK, we don't know anything about the main PID, maybe
1982 : * because there is none. Let's check the control group
1983 : * instead. */
1984 :
1985 0 : return cgroup_good(s) != 0;
1986 : }
1987 :
1988 0 : static void service_enter_running(Service *s, ServiceResult f) {
1989 0 : assert(s);
1990 :
1991 0 : if (s->result == SERVICE_SUCCESS)
1992 0 : s->result = f;
1993 :
1994 0 : service_unwatch_control_pid(s);
1995 :
1996 0 : if (s->result != SERVICE_SUCCESS)
1997 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
1998 0 : else if (service_good(s)) {
1999 :
2000 : /* If there are any queued up sd_notify() notifications, process them now */
2001 0 : if (s->notify_state == NOTIFY_RELOADING)
2002 0 : service_enter_reload_by_notify(s);
2003 0 : else if (s->notify_state == NOTIFY_STOPPING)
2004 0 : service_enter_stop_by_notify(s);
2005 : else {
2006 0 : service_set_state(s, SERVICE_RUNNING);
2007 0 : service_arm_timer(s, usec_add(UNIT(s)->active_enter_timestamp.monotonic, s->runtime_max_usec));
2008 : }
2009 :
2010 0 : } else if (s->remain_after_exit)
2011 0 : service_set_state(s, SERVICE_EXITED);
2012 : else
2013 0 : service_enter_stop(s, SERVICE_SUCCESS);
2014 0 : }
2015 :
2016 0 : static void service_enter_start_post(Service *s) {
2017 : int r;
2018 0 : assert(s);
2019 :
2020 0 : service_unwatch_control_pid(s);
2021 0 : service_reset_watchdog(s);
2022 :
2023 0 : s->control_command = s->exec_command[SERVICE_EXEC_START_POST];
2024 0 : if (s->control_command) {
2025 0 : s->control_command_id = SERVICE_EXEC_START_POST;
2026 :
2027 0 : r = service_spawn(s,
2028 : s->control_command,
2029 : s->timeout_start_usec,
2030 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_CONTROL_CGROUP,
2031 : &s->control_pid);
2032 0 : if (r < 0)
2033 0 : goto fail;
2034 :
2035 0 : service_set_state(s, SERVICE_START_POST);
2036 : } else
2037 0 : service_enter_running(s, SERVICE_SUCCESS);
2038 :
2039 0 : return;
2040 :
2041 0 : fail:
2042 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-post' task: %m");
2043 0 : service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
2044 : }
2045 :
2046 0 : static void service_kill_control_process(Service *s) {
2047 : int r;
2048 :
2049 0 : assert(s);
2050 :
2051 0 : if (s->control_pid <= 0)
2052 0 : return;
2053 :
2054 0 : r = kill_and_sigcont(s->control_pid, SIGKILL);
2055 0 : if (r < 0) {
2056 0 : _cleanup_free_ char *comm = NULL;
2057 :
2058 0 : (void) get_process_comm(s->control_pid, &comm);
2059 :
2060 0 : log_unit_debug_errno(UNIT(s), r, "Failed to kill control process " PID_FMT " (%s), ignoring: %m",
2061 : s->control_pid, strna(comm));
2062 : }
2063 : }
2064 :
2065 6 : static int service_adverse_to_leftover_processes(Service *s) {
2066 6 : assert(s);
2067 :
2068 : /* KillMode=mixed and control group are used to indicate that all process should be killed off.
2069 : * SendSIGKILL is used for services that require a clean shutdown. These are typically database
2070 : * service where a SigKilled process would result in a lengthy recovery and who's shutdown or
2071 : * startup time is quite variable (so Timeout settings aren't of use).
2072 : *
2073 : * Here we take these two factors and refuse to start a service if there are existing processes
2074 : * within a control group. Databases, while generally having some protection against multiple
2075 : * instances running, lets not stress the rigor of these. Also ExecStartPre parts of the service
2076 : * aren't as rigoriously written to protect aganst against multiple use. */
2077 6 : if (unit_warn_leftover_processes(UNIT(s)) &&
2078 0 : IN_SET(s->kill_context.kill_mode, KILL_MIXED, KILL_CONTROL_GROUP) &&
2079 0 : !s->kill_context.send_sigkill)
2080 0 : return log_unit_error_errno(UNIT(s), SYNTHETIC_ERRNO(EBUSY),
2081 : "Will not start SendSIGKILL=no service of type KillMode=control-group or mixed while processes exist");
2082 :
2083 6 : return 0;
2084 : }
2085 :
2086 6 : static void service_enter_start(Service *s) {
2087 : ExecCommand *c;
2088 : usec_t timeout;
2089 : pid_t pid;
2090 : int r;
2091 :
2092 6 : assert(s);
2093 :
2094 6 : service_unwatch_control_pid(s);
2095 6 : service_unwatch_main_pid(s);
2096 :
2097 6 : r = service_adverse_to_leftover_processes(s);
2098 6 : if (r < 0)
2099 0 : goto fail;
2100 :
2101 6 : if (s->type == SERVICE_FORKING) {
2102 0 : s->control_command_id = SERVICE_EXEC_START;
2103 0 : c = s->control_command = s->exec_command[SERVICE_EXEC_START];
2104 :
2105 0 : s->main_command = NULL;
2106 : } else {
2107 6 : s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
2108 6 : s->control_command = NULL;
2109 :
2110 6 : c = s->main_command = s->exec_command[SERVICE_EXEC_START];
2111 : }
2112 :
2113 6 : if (!c) {
2114 0 : if (s->type != SERVICE_ONESHOT) {
2115 : /* There's no command line configured for the main command? Hmm, that is strange. This can only
2116 : * happen if the configuration changes at runtime. In this case, let's enter a failure
2117 : * state. */
2118 0 : log_unit_error(UNIT(s), "There's no 'start' task anymore we could start.");
2119 0 : r = -ENXIO;
2120 0 : goto fail;
2121 : }
2122 :
2123 : /* We force a fake state transition here. Otherwise, the unit would go directly from
2124 : * SERVICE_DEAD to SERVICE_DEAD without SERVICE_ACTIVATING or SERVICE_ACTIVE
2125 : * in between. This way we can later trigger actions that depend on the state
2126 : * transition, including SuccessAction=. */
2127 0 : service_set_state(s, SERVICE_START);
2128 :
2129 0 : service_enter_start_post(s);
2130 6 : return;
2131 : }
2132 :
2133 6 : if (IN_SET(s->type, SERVICE_SIMPLE, SERVICE_IDLE))
2134 : /* For simple + idle this is the main process. We don't apply any timeout here, but
2135 : * service_enter_running() will later apply the .runtime_max_usec timeout. */
2136 0 : timeout = USEC_INFINITY;
2137 : else
2138 6 : timeout = s->timeout_start_usec;
2139 :
2140 6 : r = service_spawn(s,
2141 : c,
2142 : timeout,
2143 : EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG,
2144 : &pid);
2145 6 : if (r < 0)
2146 0 : goto fail;
2147 :
2148 6 : if (IN_SET(s->type, SERVICE_SIMPLE, SERVICE_IDLE)) {
2149 : /* For simple services we immediately start
2150 : * the START_POST binaries. */
2151 :
2152 0 : service_set_main_pid(s, pid);
2153 0 : service_enter_start_post(s);
2154 :
2155 6 : } else if (s->type == SERVICE_FORKING) {
2156 :
2157 : /* For forking services we wait until the start
2158 : * process exited. */
2159 :
2160 0 : s->control_pid = pid;
2161 0 : service_set_state(s, SERVICE_START);
2162 :
2163 6 : } else if (IN_SET(s->type, SERVICE_ONESHOT, SERVICE_DBUS, SERVICE_NOTIFY, SERVICE_EXEC)) {
2164 :
2165 : /* For oneshot services we wait until the start process exited, too, but it is our main process. */
2166 :
2167 : /* For D-Bus services we know the main pid right away, but wait for the bus name to appear on the
2168 : * bus. 'notify' and 'exec' services are similar. */
2169 :
2170 6 : service_set_main_pid(s, pid);
2171 6 : service_set_state(s, SERVICE_START);
2172 : } else
2173 0 : assert_not_reached("Unknown service type");
2174 :
2175 6 : return;
2176 :
2177 0 : fail:
2178 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'start' task: %m");
2179 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
2180 : }
2181 :
2182 6 : static void service_enter_start_pre(Service *s) {
2183 : int r;
2184 :
2185 6 : assert(s);
2186 :
2187 6 : service_unwatch_control_pid(s);
2188 :
2189 6 : s->control_command = s->exec_command[SERVICE_EXEC_START_PRE];
2190 6 : if (s->control_command) {
2191 :
2192 0 : r = service_adverse_to_leftover_processes(s);
2193 0 : if (r < 0)
2194 0 : goto fail;
2195 :
2196 0 : s->control_command_id = SERVICE_EXEC_START_PRE;
2197 :
2198 0 : r = service_spawn(s,
2199 : s->control_command,
2200 : s->timeout_start_usec,
2201 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_APPLY_TTY_STDIN,
2202 : &s->control_pid);
2203 0 : if (r < 0)
2204 0 : goto fail;
2205 :
2206 0 : service_set_state(s, SERVICE_START_PRE);
2207 : } else
2208 6 : service_enter_start(s);
2209 :
2210 6 : return;
2211 :
2212 0 : fail:
2213 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'start-pre' task: %m");
2214 0 : service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
2215 : }
2216 :
2217 6 : static void service_enter_condition(Service *s) {
2218 : int r;
2219 :
2220 6 : assert(s);
2221 :
2222 6 : service_unwatch_control_pid(s);
2223 :
2224 6 : s->control_command = s->exec_command[SERVICE_EXEC_CONDITION];
2225 6 : if (s->control_command) {
2226 :
2227 0 : r = service_adverse_to_leftover_processes(s);
2228 0 : if (r < 0)
2229 0 : goto fail;
2230 :
2231 0 : s->control_command_id = SERVICE_EXEC_CONDITION;
2232 :
2233 0 : r = service_spawn(s,
2234 : s->control_command,
2235 : s->timeout_start_usec,
2236 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_APPLY_TTY_STDIN,
2237 : &s->control_pid);
2238 :
2239 0 : if (r < 0)
2240 0 : goto fail;
2241 :
2242 0 : service_set_state(s, SERVICE_CONDITION);
2243 : } else
2244 6 : service_enter_start_pre(s);
2245 :
2246 6 : return;
2247 :
2248 0 : fail:
2249 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'exec-condition' task: %m");
2250 0 : service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
2251 : }
2252 :
2253 0 : static void service_enter_restart(Service *s) {
2254 0 : _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2255 : int r;
2256 :
2257 0 : assert(s);
2258 :
2259 0 : if (UNIT(s)->job && UNIT(s)->job->type == JOB_STOP) {
2260 : /* Don't restart things if we are going down anyway */
2261 0 : log_unit_info(UNIT(s), "Stop job pending for unit, delaying automatic restart.");
2262 :
2263 0 : r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->restart_usec));
2264 0 : if (r < 0)
2265 0 : goto fail;
2266 :
2267 0 : return;
2268 : }
2269 :
2270 : /* Any units that are bound to this service must also be
2271 : * restarted. We use JOB_RESTART (instead of the more obvious
2272 : * JOB_START) here so that those dependency jobs will be added
2273 : * as well. */
2274 0 : r = manager_add_job(UNIT(s)->manager, JOB_RESTART, UNIT(s), JOB_REPLACE, NULL, &error, NULL);
2275 0 : if (r < 0)
2276 0 : goto fail;
2277 :
2278 : /* Count the jobs we enqueue for restarting. This counter is maintained as long as the unit isn't fully
2279 : * stopped, i.e. as long as it remains up or remains in auto-start states. The use can reset the counter
2280 : * explicitly however via the usual "systemctl reset-failure" logic. */
2281 0 : s->n_restarts ++;
2282 0 : s->flush_n_restarts = false;
2283 :
2284 0 : log_struct(LOG_INFO,
2285 : "MESSAGE_ID=" SD_MESSAGE_UNIT_RESTART_SCHEDULED_STR,
2286 : LOG_UNIT_ID(UNIT(s)),
2287 : LOG_UNIT_INVOCATION_ID(UNIT(s)),
2288 : LOG_UNIT_MESSAGE(UNIT(s), "Scheduled restart job, restart counter is at %u.", s->n_restarts),
2289 : "N_RESTARTS=%u", s->n_restarts);
2290 :
2291 : /* Notify clients about changed restart counter */
2292 0 : unit_add_to_dbus_queue(UNIT(s));
2293 :
2294 : /* Note that we stay in the SERVICE_AUTO_RESTART state here,
2295 : * it will be canceled as part of the service_stop() call that
2296 : * is executed as part of JOB_RESTART. */
2297 :
2298 0 : return;
2299 :
2300 0 : fail:
2301 0 : log_unit_warning(UNIT(s), "Failed to schedule restart job: %s", bus_error_message(&error, -r));
2302 0 : service_enter_dead(s, SERVICE_FAILURE_RESOURCES, false);
2303 : }
2304 :
2305 0 : static void service_enter_reload_by_notify(Service *s) {
2306 0 : _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2307 : int r;
2308 :
2309 0 : assert(s);
2310 :
2311 0 : service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_start_usec));
2312 0 : service_set_state(s, SERVICE_RELOAD);
2313 :
2314 : /* service_enter_reload_by_notify is never called during a reload, thus no loops are possible. */
2315 0 : r = manager_propagate_reload(UNIT(s)->manager, UNIT(s), JOB_FAIL, &error);
2316 0 : if (r < 0)
2317 0 : log_unit_warning(UNIT(s), "Failed to schedule propagation of reload: %s", bus_error_message(&error, -r));
2318 0 : }
2319 :
2320 0 : static void service_enter_reload(Service *s) {
2321 : int r;
2322 :
2323 0 : assert(s);
2324 :
2325 0 : service_unwatch_control_pid(s);
2326 0 : s->reload_result = SERVICE_SUCCESS;
2327 :
2328 0 : s->control_command = s->exec_command[SERVICE_EXEC_RELOAD];
2329 0 : if (s->control_command) {
2330 0 : s->control_command_id = SERVICE_EXEC_RELOAD;
2331 :
2332 0 : r = service_spawn(s,
2333 : s->control_command,
2334 : s->timeout_start_usec,
2335 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|EXEC_CONTROL_CGROUP,
2336 : &s->control_pid);
2337 0 : if (r < 0)
2338 0 : goto fail;
2339 :
2340 0 : service_set_state(s, SERVICE_RELOAD);
2341 : } else
2342 0 : service_enter_running(s, SERVICE_SUCCESS);
2343 :
2344 0 : return;
2345 :
2346 0 : fail:
2347 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run 'reload' task: %m");
2348 0 : s->reload_result = SERVICE_FAILURE_RESOURCES;
2349 0 : service_enter_running(s, SERVICE_SUCCESS);
2350 : }
2351 :
2352 0 : static void service_run_next_control(Service *s) {
2353 : usec_t timeout;
2354 : int r;
2355 :
2356 0 : assert(s);
2357 0 : assert(s->control_command);
2358 0 : assert(s->control_command->command_next);
2359 :
2360 0 : assert(s->control_command_id != SERVICE_EXEC_START);
2361 :
2362 0 : s->control_command = s->control_command->command_next;
2363 0 : service_unwatch_control_pid(s);
2364 :
2365 0 : if (IN_SET(s->state, SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD))
2366 0 : timeout = s->timeout_start_usec;
2367 : else
2368 0 : timeout = s->timeout_stop_usec;
2369 :
2370 0 : r = service_spawn(s,
2371 : s->control_command,
2372 : timeout,
2373 0 : EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_IS_CONTROL|
2374 0 : (IN_SET(s->control_command_id, SERVICE_EXEC_CONDITION, SERVICE_EXEC_START_PRE, SERVICE_EXEC_STOP_POST) ? EXEC_APPLY_TTY_STDIN : 0)|
2375 0 : (IN_SET(s->control_command_id, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_SETENV_RESULT : 0)|
2376 0 : (IN_SET(s->control_command_id, SERVICE_EXEC_START_POST, SERVICE_EXEC_RELOAD, SERVICE_EXEC_STOP, SERVICE_EXEC_STOP_POST) ? EXEC_CONTROL_CGROUP : 0),
2377 : &s->control_pid);
2378 0 : if (r < 0)
2379 0 : goto fail;
2380 :
2381 0 : return;
2382 :
2383 0 : fail:
2384 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run next control task: %m");
2385 :
2386 0 : if (IN_SET(s->state, SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START_POST, SERVICE_STOP))
2387 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
2388 0 : else if (s->state == SERVICE_STOP_POST)
2389 0 : service_enter_dead(s, SERVICE_FAILURE_RESOURCES, true);
2390 0 : else if (s->state == SERVICE_RELOAD) {
2391 0 : s->reload_result = SERVICE_FAILURE_RESOURCES;
2392 0 : service_enter_running(s, SERVICE_SUCCESS);
2393 : } else
2394 0 : service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
2395 : }
2396 :
2397 0 : static void service_run_next_main(Service *s) {
2398 : pid_t pid;
2399 : int r;
2400 :
2401 0 : assert(s);
2402 0 : assert(s->main_command);
2403 0 : assert(s->main_command->command_next);
2404 0 : assert(s->type == SERVICE_ONESHOT);
2405 :
2406 0 : s->main_command = s->main_command->command_next;
2407 0 : service_unwatch_main_pid(s);
2408 :
2409 0 : r = service_spawn(s,
2410 : s->main_command,
2411 : s->timeout_start_usec,
2412 : EXEC_PASS_FDS|EXEC_APPLY_SANDBOXING|EXEC_APPLY_CHROOT|EXEC_APPLY_TTY_STDIN|EXEC_SET_WATCHDOG,
2413 : &pid);
2414 0 : if (r < 0)
2415 0 : goto fail;
2416 :
2417 0 : service_set_main_pid(s, pid);
2418 :
2419 0 : return;
2420 :
2421 0 : fail:
2422 0 : log_unit_warning_errno(UNIT(s), r, "Failed to run next main task: %m");
2423 0 : service_enter_stop(s, SERVICE_FAILURE_RESOURCES);
2424 : }
2425 :
2426 6 : static int service_start(Unit *u) {
2427 6 : Service *s = SERVICE(u);
2428 : int r;
2429 :
2430 6 : assert(s);
2431 :
2432 : /* We cannot fulfill this request right now, try again later
2433 : * please! */
2434 6 : if (IN_SET(s->state,
2435 : SERVICE_STOP, SERVICE_STOP_WATCHDOG, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
2436 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL, SERVICE_CLEANING))
2437 0 : return -EAGAIN;
2438 :
2439 : /* Already on it! */
2440 6 : if (IN_SET(s->state, SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST))
2441 0 : return 0;
2442 :
2443 : /* A service that will be restarted must be stopped first to
2444 : * trigger BindsTo and/or OnFailure dependencies. If a user
2445 : * does not want to wait for the holdoff time to elapse, the
2446 : * service should be manually restarted, not started. We
2447 : * simply return EAGAIN here, so that any start jobs stay
2448 : * queued, and assume that the auto restart timer will
2449 : * eventually trigger the restart. */
2450 6 : if (s->state == SERVICE_AUTO_RESTART)
2451 0 : return -EAGAIN;
2452 :
2453 6 : assert(IN_SET(s->state, SERVICE_DEAD, SERVICE_FAILED));
2454 :
2455 : /* Make sure we don't enter a busy loop of some kind. */
2456 6 : r = unit_test_start_limit(u);
2457 6 : if (r < 0) {
2458 0 : service_enter_dead(s, SERVICE_FAILURE_START_LIMIT_HIT, false);
2459 0 : return r;
2460 : }
2461 :
2462 6 : r = unit_acquire_invocation_id(u);
2463 6 : if (r < 0)
2464 0 : return r;
2465 :
2466 6 : s->result = SERVICE_SUCCESS;
2467 6 : s->reload_result = SERVICE_SUCCESS;
2468 6 : s->main_pid_known = false;
2469 6 : s->main_pid_alien = false;
2470 6 : s->forbid_restart = false;
2471 :
2472 6 : s->status_text = mfree(s->status_text);
2473 6 : s->status_errno = 0;
2474 :
2475 6 : s->notify_state = NOTIFY_UNKNOWN;
2476 :
2477 6 : s->watchdog_original_usec = s->watchdog_usec;
2478 6 : s->watchdog_override_enable = false;
2479 6 : s->watchdog_override_usec = USEC_INFINITY;
2480 :
2481 6 : exec_command_reset_status_list_array(s->exec_command, _SERVICE_EXEC_COMMAND_MAX);
2482 6 : exec_status_reset(&s->main_exec_status);
2483 :
2484 : /* This is not an automatic restart? Flush the restart counter then */
2485 6 : if (s->flush_n_restarts) {
2486 0 : s->n_restarts = 0;
2487 0 : s->flush_n_restarts = false;
2488 : }
2489 :
2490 6 : u->reset_accounting = true;
2491 :
2492 6 : service_enter_condition(s);
2493 6 : return 1;
2494 : }
2495 :
2496 0 : static int service_stop(Unit *u) {
2497 0 : Service *s = SERVICE(u);
2498 :
2499 0 : assert(s);
2500 :
2501 : /* Don't create restart jobs from manual stops. */
2502 0 : s->forbid_restart = true;
2503 :
2504 : /* Already on it */
2505 0 : if (IN_SET(s->state,
2506 : SERVICE_STOP, SERVICE_STOP_SIGTERM, SERVICE_STOP_SIGKILL, SERVICE_STOP_POST,
2507 : SERVICE_FINAL_SIGTERM, SERVICE_FINAL_SIGKILL))
2508 0 : return 0;
2509 :
2510 : /* A restart will be scheduled or is in progress. */
2511 0 : if (s->state == SERVICE_AUTO_RESTART) {
2512 0 : service_set_state(s, SERVICE_DEAD);
2513 0 : return 0;
2514 : }
2515 :
2516 : /* If there's already something running we go directly into
2517 : * kill mode. */
2518 0 : if (IN_SET(s->state, SERVICE_CONDITION, SERVICE_START_PRE, SERVICE_START, SERVICE_START_POST, SERVICE_RELOAD, SERVICE_STOP_WATCHDOG)) {
2519 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_SUCCESS);
2520 0 : return 0;
2521 : }
2522 :
2523 : /* If we are currently cleaning, then abort it, brutally. */
2524 0 : if (s->state == SERVICE_CLEANING) {
2525 0 : service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_SUCCESS);
2526 0 : return 0;
2527 : }
2528 :
2529 0 : assert(IN_SET(s->state, SERVICE_RUNNING, SERVICE_EXITED));
2530 :
2531 0 : service_enter_stop(s, SERVICE_SUCCESS);
2532 0 : return 1;
2533 : }
2534 :
2535 0 : static int service_reload(Unit *u) {
2536 0 : Service *s = SERVICE(u);
2537 :
2538 0 : assert(s);
2539 :
2540 0 : assert(IN_SET(s->state, SERVICE_RUNNING, SERVICE_EXITED));
2541 :
2542 0 : service_enter_reload(s);
2543 0 : return 1;
2544 : }
2545 :
2546 0 : _pure_ static bool service_can_reload(Unit *u) {
2547 0 : Service *s = SERVICE(u);
2548 :
2549 0 : assert(s);
2550 :
2551 0 : return !!s->exec_command[SERVICE_EXEC_RELOAD];
2552 : }
2553 :
2554 0 : static unsigned service_exec_command_index(Unit *u, ServiceExecCommand id, ExecCommand *current) {
2555 0 : Service *s = SERVICE(u);
2556 0 : unsigned idx = 0;
2557 : ExecCommand *first, *c;
2558 :
2559 0 : assert(s);
2560 :
2561 0 : first = s->exec_command[id];
2562 :
2563 : /* Figure out where we are in the list by walking back to the beginning */
2564 0 : for (c = current; c != first; c = c->command_prev)
2565 0 : idx++;
2566 :
2567 0 : return idx;
2568 : }
2569 :
2570 0 : static int service_serialize_exec_command(Unit *u, FILE *f, ExecCommand *command) {
2571 0 : _cleanup_free_ char *args = NULL, *p = NULL;
2572 0 : size_t allocated = 0, length = 0;
2573 0 : Service *s = SERVICE(u);
2574 : const char *type, *key;
2575 : ServiceExecCommand id;
2576 : unsigned idx;
2577 : char **arg;
2578 :
2579 0 : assert(s);
2580 0 : assert(f);
2581 :
2582 0 : if (!command)
2583 0 : return 0;
2584 :
2585 0 : if (command == s->control_command) {
2586 0 : type = "control";
2587 0 : id = s->control_command_id;
2588 : } else {
2589 0 : type = "main";
2590 0 : id = SERVICE_EXEC_START;
2591 : }
2592 :
2593 0 : idx = service_exec_command_index(u, id, command);
2594 :
2595 0 : STRV_FOREACH(arg, command->argv) {
2596 0 : _cleanup_free_ char *e = NULL;
2597 : size_t n;
2598 :
2599 0 : e = cescape(*arg);
2600 0 : if (!e)
2601 0 : return log_oom();
2602 :
2603 0 : n = strlen(e);
2604 0 : if (!GREEDY_REALLOC(args, allocated, length + 2 + n + 2))
2605 0 : return log_oom();
2606 :
2607 0 : if (length > 0)
2608 0 : args[length++] = ' ';
2609 :
2610 0 : args[length++] = '"';
2611 0 : memcpy(args + length, e, n);
2612 0 : length += n;
2613 0 : args[length++] = '"';
2614 : }
2615 :
2616 0 : if (!GREEDY_REALLOC(args, allocated, length + 1))
2617 0 : return log_oom();
2618 :
2619 0 : args[length++] = 0;
2620 :
2621 0 : p = cescape(command->path);
2622 0 : if (!p)
2623 0 : return -ENOMEM;
2624 :
2625 0 : key = strjoina(type, "-command");
2626 0 : return serialize_item_format(f, key, "%s %u %s %s", service_exec_command_to_string(id), idx, p, args);
2627 : }
2628 :
2629 0 : static int service_serialize(Unit *u, FILE *f, FDSet *fds) {
2630 0 : Service *s = SERVICE(u);
2631 : ServiceFDStore *fs;
2632 : int r;
2633 :
2634 0 : assert(u);
2635 0 : assert(f);
2636 0 : assert(fds);
2637 :
2638 0 : (void) serialize_item(f, "state", service_state_to_string(s->state));
2639 0 : (void) serialize_item(f, "result", service_result_to_string(s->result));
2640 0 : (void) serialize_item(f, "reload-result", service_result_to_string(s->reload_result));
2641 :
2642 0 : if (s->control_pid > 0)
2643 0 : (void) serialize_item_format(f, "control-pid", PID_FMT, s->control_pid);
2644 :
2645 0 : if (s->main_pid_known && s->main_pid > 0)
2646 0 : (void) serialize_item_format(f, "main-pid", PID_FMT, s->main_pid);
2647 :
2648 0 : (void) serialize_bool(f, "main-pid-known", s->main_pid_known);
2649 0 : (void) serialize_bool(f, "bus-name-good", s->bus_name_good);
2650 0 : (void) serialize_bool(f, "bus-name-owner", s->bus_name_owner);
2651 :
2652 0 : (void) serialize_item_format(f, "n-restarts", "%u", s->n_restarts);
2653 0 : (void) serialize_bool(f, "flush-n-restarts", s->flush_n_restarts);
2654 :
2655 0 : r = serialize_item_escaped(f, "status-text", s->status_text);
2656 0 : if (r < 0)
2657 0 : return r;
2658 :
2659 0 : service_serialize_exec_command(u, f, s->control_command);
2660 0 : service_serialize_exec_command(u, f, s->main_command);
2661 :
2662 0 : r = serialize_fd(f, fds, "stdin-fd", s->stdin_fd);
2663 0 : if (r < 0)
2664 0 : return r;
2665 0 : r = serialize_fd(f, fds, "stdout-fd", s->stdout_fd);
2666 0 : if (r < 0)
2667 0 : return r;
2668 0 : r = serialize_fd(f, fds, "stderr-fd", s->stderr_fd);
2669 0 : if (r < 0)
2670 0 : return r;
2671 :
2672 0 : if (s->exec_fd_event_source) {
2673 0 : r = serialize_fd(f, fds, "exec-fd", sd_event_source_get_io_fd(s->exec_fd_event_source));
2674 0 : if (r < 0)
2675 0 : return r;
2676 :
2677 0 : (void) serialize_bool(f, "exec-fd-hot", s->exec_fd_hot);
2678 : }
2679 :
2680 0 : if (UNIT_ISSET(s->accept_socket)) {
2681 0 : r = serialize_item(f, "accept-socket", UNIT_DEREF(s->accept_socket)->id);
2682 0 : if (r < 0)
2683 0 : return r;
2684 : }
2685 :
2686 0 : r = serialize_fd(f, fds, "socket-fd", s->socket_fd);
2687 0 : if (r < 0)
2688 0 : return r;
2689 :
2690 0 : LIST_FOREACH(fd_store, fs, s->fd_store) {
2691 0 : _cleanup_free_ char *c = NULL;
2692 : int copy;
2693 :
2694 0 : copy = fdset_put_dup(fds, fs->fd);
2695 0 : if (copy < 0)
2696 0 : return log_error_errno(copy, "Failed to copy file descriptor for serialization: %m");
2697 :
2698 0 : c = cescape(fs->fdname);
2699 0 : if (!c)
2700 0 : return log_oom();
2701 :
2702 0 : (void) serialize_item_format(f, "fd-store-fd", "%i %s", copy, c);
2703 : }
2704 :
2705 0 : if (s->main_exec_status.pid > 0) {
2706 0 : (void) serialize_item_format(f, "main-exec-status-pid", PID_FMT, s->main_exec_status.pid);
2707 0 : (void) serialize_dual_timestamp(f, "main-exec-status-start", &s->main_exec_status.start_timestamp);
2708 0 : (void) serialize_dual_timestamp(f, "main-exec-status-exit", &s->main_exec_status.exit_timestamp);
2709 :
2710 0 : if (dual_timestamp_is_set(&s->main_exec_status.exit_timestamp)) {
2711 0 : (void) serialize_item_format(f, "main-exec-status-code", "%i", s->main_exec_status.code);
2712 0 : (void) serialize_item_format(f, "main-exec-status-status", "%i", s->main_exec_status.status);
2713 : }
2714 : }
2715 :
2716 0 : (void) serialize_dual_timestamp(f, "watchdog-timestamp", &s->watchdog_timestamp);
2717 0 : (void) serialize_bool(f, "forbid-restart", s->forbid_restart);
2718 :
2719 0 : if (s->watchdog_override_enable)
2720 0 : (void) serialize_item_format(f, "watchdog-override-usec", USEC_FMT, s->watchdog_override_usec);
2721 :
2722 0 : if (s->watchdog_original_usec != USEC_INFINITY)
2723 0 : (void) serialize_item_format(f, "watchdog-original-usec", USEC_FMT, s->watchdog_original_usec);
2724 :
2725 0 : return 0;
2726 : }
2727 :
2728 0 : static int service_deserialize_exec_command(Unit *u, const char *key, const char *value) {
2729 0 : Service *s = SERVICE(u);
2730 : int r;
2731 0 : unsigned idx = 0, i;
2732 0 : bool control, found = false;
2733 0 : ServiceExecCommand id = _SERVICE_EXEC_COMMAND_INVALID;
2734 0 : ExecCommand *command = NULL;
2735 0 : _cleanup_free_ char *path = NULL;
2736 0 : _cleanup_strv_free_ char **argv = NULL;
2737 :
2738 : enum ExecCommandState {
2739 : STATE_EXEC_COMMAND_TYPE,
2740 : STATE_EXEC_COMMAND_INDEX,
2741 : STATE_EXEC_COMMAND_PATH,
2742 : STATE_EXEC_COMMAND_ARGS,
2743 : _STATE_EXEC_COMMAND_MAX,
2744 : _STATE_EXEC_COMMAND_INVALID = -1,
2745 : } state;
2746 :
2747 0 : assert(s);
2748 0 : assert(key);
2749 0 : assert(value);
2750 :
2751 0 : control = streq(key, "control-command");
2752 :
2753 0 : state = STATE_EXEC_COMMAND_TYPE;
2754 :
2755 0 : for (;;) {
2756 0 : _cleanup_free_ char *arg = NULL;
2757 :
2758 0 : r = extract_first_word(&value, &arg, NULL, EXTRACT_CUNESCAPE | EXTRACT_UNQUOTE);
2759 0 : if (r < 0)
2760 0 : return r;
2761 0 : if (r == 0)
2762 0 : break;
2763 :
2764 0 : switch (state) {
2765 0 : case STATE_EXEC_COMMAND_TYPE:
2766 0 : id = service_exec_command_from_string(arg);
2767 0 : if (id < 0)
2768 0 : return -EINVAL;
2769 :
2770 0 : state = STATE_EXEC_COMMAND_INDEX;
2771 0 : break;
2772 0 : case STATE_EXEC_COMMAND_INDEX:
2773 0 : r = safe_atou(arg, &idx);
2774 0 : if (r < 0)
2775 0 : return -EINVAL;
2776 :
2777 0 : state = STATE_EXEC_COMMAND_PATH;
2778 0 : break;
2779 0 : case STATE_EXEC_COMMAND_PATH:
2780 0 : path = TAKE_PTR(arg);
2781 0 : state = STATE_EXEC_COMMAND_ARGS;
2782 :
2783 0 : if (!path_is_absolute(path))
2784 0 : return -EINVAL;
2785 0 : break;
2786 0 : case STATE_EXEC_COMMAND_ARGS:
2787 0 : r = strv_extend(&argv, arg);
2788 0 : if (r < 0)
2789 0 : return -ENOMEM;
2790 0 : break;
2791 0 : default:
2792 0 : assert_not_reached("Unknown error at deserialization of exec command");
2793 : break;
2794 : }
2795 : }
2796 :
2797 0 : if (state != STATE_EXEC_COMMAND_ARGS)
2798 0 : return -EINVAL;
2799 :
2800 : /* Let's check whether exec command on given offset matches data that we just deserialized */
2801 0 : for (command = s->exec_command[id], i = 0; command; command = command->command_next, i++) {
2802 0 : if (i != idx)
2803 0 : continue;
2804 :
2805 0 : found = strv_equal(argv, command->argv) && streq(command->path, path);
2806 0 : break;
2807 : }
2808 :
2809 0 : if (!found) {
2810 : /* Command at the index we serialized is different, let's look for command that exactly
2811 : * matches but is on different index. If there is no such command we will not resume execution. */
2812 0 : for (command = s->exec_command[id]; command; command = command->command_next)
2813 0 : if (strv_equal(command->argv, argv) && streq(command->path, path))
2814 0 : break;
2815 : }
2816 :
2817 0 : if (command && control)
2818 0 : s->control_command = command;
2819 0 : else if (command)
2820 0 : s->main_command = command;
2821 : else
2822 0 : log_unit_warning(u, "Current command vanished from the unit file, execution of the command list won't be resumed.");
2823 :
2824 0 : return 0;
2825 : }
2826 :
2827 0 : static int service_deserialize_item(Unit *u, const char *key, const char *value, FDSet *fds) {
2828 0 : Service *s = SERVICE(u);
2829 : int r;
2830 :
2831 0 : assert(u);
2832 0 : assert(key);
2833 0 : assert(value);
2834 0 : assert(fds);
2835 :
2836 0 : if (streq(key, "state")) {
2837 : ServiceState state;
2838 :
2839 0 : state = service_state_from_string(value);
2840 0 : if (state < 0)
2841 0 : log_unit_debug(u, "Failed to parse state value: %s", value);
2842 : else
2843 0 : s->deserialized_state = state;
2844 0 : } else if (streq(key, "result")) {
2845 : ServiceResult f;
2846 :
2847 0 : f = service_result_from_string(value);
2848 0 : if (f < 0)
2849 0 : log_unit_debug(u, "Failed to parse result value: %s", value);
2850 0 : else if (f != SERVICE_SUCCESS)
2851 0 : s->result = f;
2852 :
2853 0 : } else if (streq(key, "reload-result")) {
2854 : ServiceResult f;
2855 :
2856 0 : f = service_result_from_string(value);
2857 0 : if (f < 0)
2858 0 : log_unit_debug(u, "Failed to parse reload result value: %s", value);
2859 0 : else if (f != SERVICE_SUCCESS)
2860 0 : s->reload_result = f;
2861 :
2862 0 : } else if (streq(key, "control-pid")) {
2863 : pid_t pid;
2864 :
2865 0 : if (parse_pid(value, &pid) < 0)
2866 0 : log_unit_debug(u, "Failed to parse control-pid value: %s", value);
2867 : else
2868 0 : s->control_pid = pid;
2869 0 : } else if (streq(key, "main-pid")) {
2870 : pid_t pid;
2871 :
2872 0 : if (parse_pid(value, &pid) < 0)
2873 0 : log_unit_debug(u, "Failed to parse main-pid value: %s", value);
2874 : else
2875 0 : (void) service_set_main_pid(s, pid);
2876 0 : } else if (streq(key, "main-pid-known")) {
2877 : int b;
2878 :
2879 0 : b = parse_boolean(value);
2880 0 : if (b < 0)
2881 0 : log_unit_debug(u, "Failed to parse main-pid-known value: %s", value);
2882 : else
2883 0 : s->main_pid_known = b;
2884 0 : } else if (streq(key, "bus-name-good")) {
2885 : int b;
2886 :
2887 0 : b = parse_boolean(value);
2888 0 : if (b < 0)
2889 0 : log_unit_debug(u, "Failed to parse bus-name-good value: %s", value);
2890 : else
2891 0 : s->bus_name_good = b;
2892 0 : } else if (streq(key, "bus-name-owner")) {
2893 0 : r = free_and_strdup(&s->bus_name_owner, value);
2894 0 : if (r < 0)
2895 0 : log_unit_error_errno(u, r, "Unable to deserialize current bus owner %s: %m", value);
2896 0 : } else if (streq(key, "status-text")) {
2897 : char *t;
2898 :
2899 0 : r = cunescape(value, 0, &t);
2900 0 : if (r < 0)
2901 0 : log_unit_debug_errno(u, r, "Failed to unescape status text '%s': %m", value);
2902 : else
2903 0 : free_and_replace(s->status_text, t);
2904 :
2905 0 : } else if (streq(key, "accept-socket")) {
2906 : Unit *socket;
2907 :
2908 0 : r = manager_load_unit(u->manager, value, NULL, NULL, &socket);
2909 0 : if (r < 0)
2910 0 : log_unit_debug_errno(u, r, "Failed to load accept-socket unit '%s': %m", value);
2911 : else {
2912 0 : unit_ref_set(&s->accept_socket, u, socket);
2913 0 : SOCKET(socket)->n_connections++;
2914 : }
2915 :
2916 0 : } else if (streq(key, "socket-fd")) {
2917 : int fd;
2918 :
2919 0 : if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2920 0 : log_unit_debug(u, "Failed to parse socket-fd value: %s", value);
2921 : else {
2922 0 : asynchronous_close(s->socket_fd);
2923 0 : s->socket_fd = fdset_remove(fds, fd);
2924 : }
2925 0 : } else if (streq(key, "fd-store-fd")) {
2926 : const char *fdv;
2927 : size_t pf;
2928 : int fd;
2929 :
2930 0 : pf = strcspn(value, WHITESPACE);
2931 0 : fdv = strndupa(value, pf);
2932 :
2933 0 : if (safe_atoi(fdv, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2934 0 : log_unit_debug(u, "Failed to parse fd-store-fd value: %s", value);
2935 : else {
2936 0 : _cleanup_free_ char *t = NULL;
2937 : const char *fdn;
2938 :
2939 0 : fdn = value + pf;
2940 0 : fdn += strspn(fdn, WHITESPACE);
2941 0 : (void) cunescape(fdn, 0, &t);
2942 :
2943 0 : r = service_add_fd_store(s, fd, t);
2944 0 : if (r < 0)
2945 0 : log_unit_error_errno(u, r, "Failed to add fd to store: %m");
2946 : else
2947 0 : fdset_remove(fds, fd);
2948 : }
2949 :
2950 0 : } else if (streq(key, "main-exec-status-pid")) {
2951 : pid_t pid;
2952 :
2953 0 : if (parse_pid(value, &pid) < 0)
2954 0 : log_unit_debug(u, "Failed to parse main-exec-status-pid value: %s", value);
2955 : else
2956 0 : s->main_exec_status.pid = pid;
2957 0 : } else if (streq(key, "main-exec-status-code")) {
2958 : int i;
2959 :
2960 0 : if (safe_atoi(value, &i) < 0)
2961 0 : log_unit_debug(u, "Failed to parse main-exec-status-code value: %s", value);
2962 : else
2963 0 : s->main_exec_status.code = i;
2964 0 : } else if (streq(key, "main-exec-status-status")) {
2965 : int i;
2966 :
2967 0 : if (safe_atoi(value, &i) < 0)
2968 0 : log_unit_debug(u, "Failed to parse main-exec-status-status value: %s", value);
2969 : else
2970 0 : s->main_exec_status.status = i;
2971 0 : } else if (streq(key, "main-exec-status-start"))
2972 0 : deserialize_dual_timestamp(value, &s->main_exec_status.start_timestamp);
2973 0 : else if (streq(key, "main-exec-status-exit"))
2974 0 : deserialize_dual_timestamp(value, &s->main_exec_status.exit_timestamp);
2975 0 : else if (streq(key, "watchdog-timestamp"))
2976 0 : deserialize_dual_timestamp(value, &s->watchdog_timestamp);
2977 0 : else if (streq(key, "forbid-restart")) {
2978 : int b;
2979 :
2980 0 : b = parse_boolean(value);
2981 0 : if (b < 0)
2982 0 : log_unit_debug(u, "Failed to parse forbid-restart value: %s", value);
2983 : else
2984 0 : s->forbid_restart = b;
2985 0 : } else if (streq(key, "stdin-fd")) {
2986 : int fd;
2987 :
2988 0 : if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2989 0 : log_unit_debug(u, "Failed to parse stdin-fd value: %s", value);
2990 : else {
2991 0 : asynchronous_close(s->stdin_fd);
2992 0 : s->stdin_fd = fdset_remove(fds, fd);
2993 0 : s->exec_context.stdio_as_fds = true;
2994 : }
2995 0 : } else if (streq(key, "stdout-fd")) {
2996 : int fd;
2997 :
2998 0 : if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
2999 0 : log_unit_debug(u, "Failed to parse stdout-fd value: %s", value);
3000 : else {
3001 0 : asynchronous_close(s->stdout_fd);
3002 0 : s->stdout_fd = fdset_remove(fds, fd);
3003 0 : s->exec_context.stdio_as_fds = true;
3004 : }
3005 0 : } else if (streq(key, "stderr-fd")) {
3006 : int fd;
3007 :
3008 0 : if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
3009 0 : log_unit_debug(u, "Failed to parse stderr-fd value: %s", value);
3010 : else {
3011 0 : asynchronous_close(s->stderr_fd);
3012 0 : s->stderr_fd = fdset_remove(fds, fd);
3013 0 : s->exec_context.stdio_as_fds = true;
3014 : }
3015 0 : } else if (streq(key, "exec-fd")) {
3016 : int fd;
3017 :
3018 0 : if (safe_atoi(value, &fd) < 0 || fd < 0 || !fdset_contains(fds, fd))
3019 0 : log_unit_debug(u, "Failed to parse exec-fd value: %s", value);
3020 : else {
3021 0 : s->exec_fd_event_source = sd_event_source_unref(s->exec_fd_event_source);
3022 :
3023 0 : fd = fdset_remove(fds, fd);
3024 0 : if (service_allocate_exec_fd_event_source(s, fd, &s->exec_fd_event_source) < 0)
3025 0 : safe_close(fd);
3026 : }
3027 0 : } else if (streq(key, "watchdog-override-usec")) {
3028 0 : if (deserialize_usec(value, &s->watchdog_override_usec) < 0)
3029 0 : log_unit_debug(u, "Failed to parse watchdog_override_usec value: %s", value);
3030 : else
3031 0 : s->watchdog_override_enable = true;
3032 :
3033 0 : } else if (streq(key, "watchdog-original-usec")) {
3034 0 : if (deserialize_usec(value, &s->watchdog_original_usec) < 0)
3035 0 : log_unit_debug(u, "Failed to parse watchdog_original_usec value: %s", value);
3036 :
3037 0 : } else if (STR_IN_SET(key, "main-command", "control-command")) {
3038 0 : r = service_deserialize_exec_command(u, key, value);
3039 0 : if (r < 0)
3040 0 : log_unit_debug_errno(u, r, "Failed to parse serialized command \"%s\": %m", value);
3041 :
3042 0 : } else if (streq(key, "n-restarts")) {
3043 0 : r = safe_atou(value, &s->n_restarts);
3044 0 : if (r < 0)
3045 0 : log_unit_debug_errno(u, r, "Failed to parse serialized restart counter '%s': %m", value);
3046 :
3047 0 : } else if (streq(key, "flush-n-restarts")) {
3048 0 : r = parse_boolean(value);
3049 0 : if (r < 0)
3050 0 : log_unit_debug_errno(u, r, "Failed to parse serialized flush restart counter setting '%s': %m", value);
3051 : else
3052 0 : s->flush_n_restarts = r;
3053 : } else
3054 0 : log_unit_debug(u, "Unknown serialization key: %s", key);
3055 :
3056 0 : return 0;
3057 : }
3058 :
3059 379 : _pure_ static UnitActiveState service_active_state(Unit *u) {
3060 : const UnitActiveState *table;
3061 :
3062 379 : assert(u);
3063 :
3064 379 : table = SERVICE(u)->type == SERVICE_IDLE ? state_translation_table_idle : state_translation_table;
3065 :
3066 379 : return table[SERVICE(u)->state];
3067 : }
3068 :
3069 0 : static const char *service_sub_state_to_string(Unit *u) {
3070 0 : assert(u);
3071 :
3072 0 : return service_state_to_string(SERVICE(u)->state);
3073 : }
3074 :
3075 88 : static bool service_may_gc(Unit *u) {
3076 88 : Service *s = SERVICE(u);
3077 :
3078 88 : assert(s);
3079 :
3080 : /* Never clean up services that still have a process around, even if the service is formally dead. Note that
3081 : * unit_may_gc() already checked our cgroup for us, we just check our two additional PIDs, too, in case they
3082 : * have moved outside of the cgroup. */
3083 :
3084 176 : if (main_pid_good(s) > 0 ||
3085 88 : control_pid_good(s) > 0)
3086 0 : return false;
3087 :
3088 88 : return true;
3089 : }
3090 :
3091 0 : static int service_retry_pid_file(Service *s) {
3092 : int r;
3093 :
3094 0 : assert(s->pid_file);
3095 0 : assert(IN_SET(s->state, SERVICE_START, SERVICE_START_POST));
3096 :
3097 0 : r = service_load_pid_file(s, false);
3098 0 : if (r < 0)
3099 0 : return r;
3100 :
3101 0 : service_unwatch_pid_file(s);
3102 :
3103 0 : service_enter_running(s, SERVICE_SUCCESS);
3104 0 : return 0;
3105 : }
3106 :
3107 0 : static int service_watch_pid_file(Service *s) {
3108 : int r;
3109 :
3110 0 : log_unit_debug(UNIT(s), "Setting watch for PID file %s", s->pid_file_pathspec->path);
3111 :
3112 0 : r = path_spec_watch(s->pid_file_pathspec, service_dispatch_inotify_io);
3113 0 : if (r < 0)
3114 0 : goto fail;
3115 :
3116 : /* the pidfile might have appeared just before we set the watch */
3117 0 : log_unit_debug(UNIT(s), "Trying to read PID file %s in case it changed", s->pid_file_pathspec->path);
3118 0 : service_retry_pid_file(s);
3119 :
3120 0 : return 0;
3121 0 : fail:
3122 0 : log_unit_error_errno(UNIT(s), r, "Failed to set a watch for PID file %s: %m", s->pid_file_pathspec->path);
3123 0 : service_unwatch_pid_file(s);
3124 0 : return r;
3125 : }
3126 :
3127 0 : static int service_demand_pid_file(Service *s) {
3128 : PathSpec *ps;
3129 :
3130 0 : assert(s->pid_file);
3131 0 : assert(!s->pid_file_pathspec);
3132 :
3133 0 : ps = new0(PathSpec, 1);
3134 0 : if (!ps)
3135 0 : return -ENOMEM;
3136 :
3137 0 : ps->unit = UNIT(s);
3138 0 : ps->path = strdup(s->pid_file);
3139 0 : if (!ps->path) {
3140 0 : free(ps);
3141 0 : return -ENOMEM;
3142 : }
3143 :
3144 0 : path_simplify(ps->path, false);
3145 :
3146 : /* PATH_CHANGED would not be enough. There are daemons (sendmail) that
3147 : * keep their PID file open all the time. */
3148 0 : ps->type = PATH_MODIFIED;
3149 0 : ps->inotify_fd = -1;
3150 :
3151 0 : s->pid_file_pathspec = ps;
3152 :
3153 0 : return service_watch_pid_file(s);
3154 : }
3155 :
3156 0 : static int service_dispatch_inotify_io(sd_event_source *source, int fd, uint32_t events, void *userdata) {
3157 0 : PathSpec *p = userdata;
3158 : Service *s;
3159 :
3160 0 : assert(p);
3161 :
3162 0 : s = SERVICE(p->unit);
3163 :
3164 0 : assert(s);
3165 0 : assert(fd >= 0);
3166 0 : assert(IN_SET(s->state, SERVICE_START, SERVICE_START_POST));
3167 0 : assert(s->pid_file_pathspec);
3168 0 : assert(path_spec_owns_inotify_fd(s->pid_file_pathspec, fd));
3169 :
3170 0 : log_unit_debug(UNIT(s), "inotify event");
3171 :
3172 0 : if (path_spec_fd_event(p, events) < 0)
3173 0 : goto fail;
3174 :
3175 0 : if (service_retry_pid_file(s) == 0)
3176 0 : return 0;
3177 :
3178 0 : if (service_watch_pid_file(s) < 0)
3179 0 : goto fail;
3180 :
3181 0 : return 0;
3182 :
3183 0 : fail:
3184 0 : service_unwatch_pid_file(s);
3185 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_RESOURCES);
3186 0 : return 0;
3187 : }
3188 :
3189 0 : static int service_dispatch_exec_io(sd_event_source *source, int fd, uint32_t events, void *userdata) {
3190 0 : Service *s = SERVICE(userdata);
3191 :
3192 0 : assert(s);
3193 :
3194 0 : log_unit_debug(UNIT(s), "got exec-fd event");
3195 :
3196 : /* If Type=exec is set, we'll consider a service started successfully the instant we invoked execve()
3197 : * successfully for it. We implement this through a pipe() towards the child, which the kernel automatically
3198 : * closes for us due to O_CLOEXEC on execve() in the child, which then triggers EOF on the pipe in the
3199 : * parent. We need to be careful however, as there are other reasons that we might cause the child's side of
3200 : * the pipe to be closed (for example, a simple exit()). To deal with that we'll ignore EOFs on the pipe unless
3201 : * the child signalled us first that it is about to call the execve(). It does so by sending us a simple
3202 : * non-zero byte via the pipe. We also provide the child with a way to inform us in case execve() failed: if it
3203 : * sends a zero byte we'll ignore POLLHUP on the fd again. */
3204 :
3205 0 : for (;;) {
3206 : uint8_t x;
3207 : ssize_t n;
3208 :
3209 0 : n = read(fd, &x, sizeof(x));
3210 0 : if (n < 0) {
3211 0 : if (errno == EAGAIN) /* O_NONBLOCK in effect → everything queued has now been processed. */
3212 0 : return 0;
3213 :
3214 0 : return log_unit_error_errno(UNIT(s), errno, "Failed to read from exec_fd: %m");
3215 : }
3216 0 : if (n == 0) { /* EOF → the event we are waiting for */
3217 :
3218 0 : s->exec_fd_event_source = sd_event_source_unref(s->exec_fd_event_source);
3219 :
3220 0 : if (s->exec_fd_hot) { /* Did the child tell us to expect EOF now? */
3221 0 : log_unit_debug(UNIT(s), "Got EOF on exec-fd");
3222 :
3223 0 : s->exec_fd_hot = false;
3224 :
3225 : /* Nice! This is what we have been waiting for. Transition to next state. */
3226 0 : if (s->type == SERVICE_EXEC && s->state == SERVICE_START)
3227 0 : service_enter_start_post(s);
3228 : } else
3229 0 : log_unit_debug(UNIT(s), "Got EOF on exec-fd while it was disabled, ignoring.");
3230 :
3231 0 : return 0;
3232 : }
3233 :
3234 : /* A byte was read → this turns on/off the exec fd logic */
3235 0 : assert(n == sizeof(x));
3236 0 : s->exec_fd_hot = x;
3237 : }
3238 :
3239 : return 0;
3240 : }
3241 :
3242 0 : static void service_notify_cgroup_empty_event(Unit *u) {
3243 0 : Service *s = SERVICE(u);
3244 :
3245 0 : assert(u);
3246 :
3247 0 : log_unit_debug(u, "Control group is empty.");
3248 :
3249 0 : switch (s->state) {
3250 :
3251 : /* Waiting for SIGCHLD is usually more interesting,
3252 : * because it includes return codes/signals. Which is
3253 : * why we ignore the cgroup events for most cases,
3254 : * except when we don't know pid which to expect the
3255 : * SIGCHLD for. */
3256 :
3257 0 : case SERVICE_START:
3258 0 : if (s->type == SERVICE_NOTIFY &&
3259 0 : main_pid_good(s) == 0 &&
3260 0 : control_pid_good(s) == 0) {
3261 : /* No chance of getting a ready notification anymore */
3262 0 : service_enter_stop_post(s, SERVICE_FAILURE_PROTOCOL);
3263 0 : break;
3264 : }
3265 :
3266 : _fallthrough_;
3267 : case SERVICE_START_POST:
3268 0 : if (s->pid_file_pathspec &&
3269 0 : main_pid_good(s) == 0 &&
3270 0 : control_pid_good(s) == 0) {
3271 :
3272 : /* Give up hoping for the daemon to write its PID file */
3273 0 : log_unit_warning(u, "Daemon never wrote its PID file. Failing.");
3274 :
3275 0 : service_unwatch_pid_file(s);
3276 0 : if (s->state == SERVICE_START)
3277 0 : service_enter_stop_post(s, SERVICE_FAILURE_PROTOCOL);
3278 : else
3279 0 : service_enter_stop(s, SERVICE_FAILURE_PROTOCOL);
3280 : }
3281 0 : break;
3282 :
3283 0 : case SERVICE_RUNNING:
3284 : /* service_enter_running() will figure out what to do */
3285 0 : service_enter_running(s, SERVICE_SUCCESS);
3286 0 : break;
3287 :
3288 0 : case SERVICE_STOP_WATCHDOG:
3289 : case SERVICE_STOP_SIGTERM:
3290 : case SERVICE_STOP_SIGKILL:
3291 :
3292 0 : if (main_pid_good(s) <= 0 && control_pid_good(s) <= 0)
3293 0 : service_enter_stop_post(s, SERVICE_SUCCESS);
3294 :
3295 0 : break;
3296 :
3297 0 : case SERVICE_STOP_POST:
3298 : case SERVICE_FINAL_SIGTERM:
3299 : case SERVICE_FINAL_SIGKILL:
3300 0 : if (main_pid_good(s) <= 0 && control_pid_good(s) <= 0)
3301 0 : service_enter_dead(s, SERVICE_SUCCESS, true);
3302 :
3303 0 : break;
3304 :
3305 0 : default:
3306 : ;
3307 : }
3308 0 : }
3309 :
3310 0 : static void service_notify_cgroup_oom_event(Unit *u) {
3311 0 : Service *s = SERVICE(u);
3312 :
3313 0 : log_unit_debug(u, "Process of control group was killed by the OOM killer.");
3314 :
3315 0 : if (s->oom_policy == OOM_CONTINUE)
3316 0 : return;
3317 :
3318 0 : switch (s->state) {
3319 :
3320 0 : case SERVICE_CONDITION:
3321 : case SERVICE_START_PRE:
3322 : case SERVICE_START:
3323 : case SERVICE_START_POST:
3324 : case SERVICE_STOP:
3325 0 : if (s->oom_policy == OOM_STOP)
3326 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_OOM_KILL);
3327 0 : else if (s->oom_policy == OOM_KILL)
3328 0 : service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_FAILURE_OOM_KILL);
3329 :
3330 0 : break;
3331 :
3332 0 : case SERVICE_EXITED:
3333 : case SERVICE_RUNNING:
3334 0 : if (s->oom_policy == OOM_STOP)
3335 0 : service_enter_stop(s, SERVICE_FAILURE_OOM_KILL);
3336 0 : else if (s->oom_policy == OOM_KILL)
3337 0 : service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_FAILURE_OOM_KILL);
3338 :
3339 0 : break;
3340 :
3341 0 : case SERVICE_STOP_WATCHDOG:
3342 : case SERVICE_STOP_SIGTERM:
3343 0 : service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_FAILURE_OOM_KILL);
3344 0 : break;
3345 :
3346 0 : case SERVICE_STOP_SIGKILL:
3347 : case SERVICE_FINAL_SIGKILL:
3348 0 : if (s->result == SERVICE_SUCCESS)
3349 0 : s->result = SERVICE_FAILURE_OOM_KILL;
3350 0 : break;
3351 :
3352 0 : case SERVICE_STOP_POST:
3353 : case SERVICE_FINAL_SIGTERM:
3354 0 : service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_FAILURE_OOM_KILL);
3355 0 : break;
3356 :
3357 : default:
3358 : ;
3359 : }
3360 : }
3361 :
3362 0 : static void service_sigchld_event(Unit *u, pid_t pid, int code, int status) {
3363 0 : bool notify_dbus = true;
3364 0 : Service *s = SERVICE(u);
3365 : ServiceResult f;
3366 : ExitClean clean_mode;
3367 :
3368 0 : assert(s);
3369 0 : assert(pid >= 0);
3370 :
3371 : /* Oneshot services and non-SERVICE_EXEC_START commands should not be
3372 : * considered daemons as they are typically not long running. */
3373 0 : if (s->type == SERVICE_ONESHOT || (s->control_pid == pid && s->control_command_id != SERVICE_EXEC_START))
3374 0 : clean_mode = EXIT_CLEAN_COMMAND;
3375 : else
3376 0 : clean_mode = EXIT_CLEAN_DAEMON;
3377 :
3378 0 : if (is_clean_exit(code, status, clean_mode, &s->success_status))
3379 0 : f = SERVICE_SUCCESS;
3380 0 : else if (code == CLD_EXITED)
3381 0 : f = SERVICE_FAILURE_EXIT_CODE;
3382 0 : else if (code == CLD_KILLED)
3383 0 : f = SERVICE_FAILURE_SIGNAL;
3384 0 : else if (code == CLD_DUMPED)
3385 0 : f = SERVICE_FAILURE_CORE_DUMP;
3386 : else
3387 0 : assert_not_reached("Unknown code");
3388 :
3389 0 : if (s->main_pid == pid) {
3390 : /* Forking services may occasionally move to a new PID.
3391 : * As long as they update the PID file before exiting the old
3392 : * PID, they're fine. */
3393 0 : if (service_load_pid_file(s, false) > 0)
3394 0 : return;
3395 :
3396 0 : s->main_pid = 0;
3397 0 : exec_status_exit(&s->main_exec_status, &s->exec_context, pid, code, status);
3398 :
3399 0 : if (s->main_command) {
3400 : /* If this is not a forking service than the
3401 : * main process got started and hence we copy
3402 : * the exit status so that it is recorded both
3403 : * as main and as control process exit
3404 : * status */
3405 :
3406 0 : s->main_command->exec_status = s->main_exec_status;
3407 :
3408 0 : if (s->main_command->flags & EXEC_COMMAND_IGNORE_FAILURE)
3409 0 : f = SERVICE_SUCCESS;
3410 0 : } else if (s->exec_command[SERVICE_EXEC_START]) {
3411 :
3412 : /* If this is a forked process, then we should
3413 : * ignore the return value if this was
3414 : * configured for the starter process */
3415 :
3416 0 : if (s->exec_command[SERVICE_EXEC_START]->flags & EXEC_COMMAND_IGNORE_FAILURE)
3417 0 : f = SERVICE_SUCCESS;
3418 : }
3419 :
3420 0 : unit_log_process_exit(
3421 : u,
3422 : "Main process",
3423 : service_exec_command_to_string(SERVICE_EXEC_START),
3424 : f == SERVICE_SUCCESS,
3425 : code, status);
3426 :
3427 0 : if (s->result == SERVICE_SUCCESS)
3428 0 : s->result = f;
3429 :
3430 0 : if (s->main_command &&
3431 0 : s->main_command->command_next &&
3432 0 : s->type == SERVICE_ONESHOT &&
3433 : f == SERVICE_SUCCESS) {
3434 :
3435 : /* There is another command to *
3436 : * execute, so let's do that. */
3437 :
3438 0 : log_unit_debug(u, "Running next main command for state %s.", service_state_to_string(s->state));
3439 0 : service_run_next_main(s);
3440 :
3441 : } else {
3442 :
3443 : /* The service exited, so the service is officially
3444 : * gone. */
3445 0 : s->main_command = NULL;
3446 :
3447 0 : switch (s->state) {
3448 :
3449 0 : case SERVICE_START_POST:
3450 : case SERVICE_RELOAD:
3451 : case SERVICE_STOP:
3452 : /* Need to wait until the operation is
3453 : * done */
3454 0 : break;
3455 :
3456 0 : case SERVICE_START:
3457 0 : if (s->type == SERVICE_ONESHOT) {
3458 : /* This was our main goal, so let's go on */
3459 0 : if (f == SERVICE_SUCCESS)
3460 0 : service_enter_start_post(s);
3461 : else
3462 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3463 0 : break;
3464 0 : } else if (s->type == SERVICE_NOTIFY) {
3465 : /* Only enter running through a notification, so that the
3466 : * SERVICE_START state signifies that no ready notification
3467 : * has been received */
3468 0 : if (f != SERVICE_SUCCESS)
3469 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3470 0 : else if (!s->remain_after_exit || s->notify_access == NOTIFY_MAIN)
3471 : /* The service has never been and will never be active */
3472 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_PROTOCOL);
3473 0 : break;
3474 : }
3475 :
3476 : _fallthrough_;
3477 : case SERVICE_RUNNING:
3478 0 : service_enter_running(s, f);
3479 0 : break;
3480 :
3481 0 : case SERVICE_STOP_WATCHDOG:
3482 : case SERVICE_STOP_SIGTERM:
3483 : case SERVICE_STOP_SIGKILL:
3484 :
3485 0 : if (control_pid_good(s) <= 0)
3486 0 : service_enter_stop_post(s, f);
3487 :
3488 : /* If there is still a control process, wait for that first */
3489 0 : break;
3490 :
3491 0 : case SERVICE_STOP_POST:
3492 : case SERVICE_FINAL_SIGTERM:
3493 : case SERVICE_FINAL_SIGKILL:
3494 :
3495 0 : if (control_pid_good(s) <= 0)
3496 0 : service_enter_dead(s, f, true);
3497 0 : break;
3498 :
3499 0 : default:
3500 0 : assert_not_reached("Uh, main process died at wrong time.");
3501 : }
3502 : }
3503 :
3504 0 : } else if (s->control_pid == pid) {
3505 0 : s->control_pid = 0;
3506 :
3507 : /* ExecCondition= calls that exit with (0, 254] should invoke skip-like behavior instead of failing */
3508 0 : if (f == SERVICE_FAILURE_EXIT_CODE && s->state == SERVICE_CONDITION && status < 255)
3509 0 : f = SERVICE_SKIP_CONDITION;
3510 :
3511 0 : if (s->control_command) {
3512 0 : exec_status_exit(&s->control_command->exec_status, &s->exec_context, pid, code, status);
3513 :
3514 0 : if (s->control_command->flags & EXEC_COMMAND_IGNORE_FAILURE)
3515 0 : f = SERVICE_SUCCESS;
3516 : }
3517 :
3518 0 : unit_log_process_exit(
3519 : u,
3520 : "Control process",
3521 : service_exec_command_to_string(s->control_command_id),
3522 : f == SERVICE_SUCCESS,
3523 : code, status);
3524 :
3525 0 : if (s->state != SERVICE_RELOAD && s->result == SERVICE_SUCCESS)
3526 0 : s->result = f;
3527 :
3528 0 : if (s->control_command &&
3529 0 : s->control_command->command_next &&
3530 : f == SERVICE_SUCCESS) {
3531 :
3532 : /* There is another command to *
3533 : * execute, so let's do that. */
3534 :
3535 0 : log_unit_debug(u, "Running next control command for state %s.", service_state_to_string(s->state));
3536 0 : service_run_next_control(s);
3537 :
3538 : } else {
3539 : /* No further commands for this step, so let's
3540 : * figure out what to do next */
3541 :
3542 0 : s->control_command = NULL;
3543 0 : s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
3544 :
3545 0 : log_unit_debug(u, "Got final SIGCHLD for state %s.", service_state_to_string(s->state));
3546 :
3547 0 : switch (s->state) {
3548 :
3549 0 : case SERVICE_CONDITION:
3550 0 : if (f == SERVICE_SUCCESS)
3551 0 : service_enter_start_pre(s);
3552 : else
3553 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3554 0 : break;
3555 :
3556 0 : case SERVICE_START_PRE:
3557 0 : if (f == SERVICE_SUCCESS)
3558 0 : service_enter_start(s);
3559 : else
3560 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3561 0 : break;
3562 :
3563 0 : case SERVICE_START:
3564 0 : if (s->type != SERVICE_FORKING)
3565 : /* Maybe spurious event due to a reload that changed the type? */
3566 0 : break;
3567 :
3568 0 : if (f != SERVICE_SUCCESS) {
3569 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3570 0 : break;
3571 : }
3572 :
3573 0 : if (s->pid_file) {
3574 : bool has_start_post;
3575 : int r;
3576 :
3577 : /* Let's try to load the pid file here if we can.
3578 : * The PID file might actually be created by a START_POST
3579 : * script. In that case don't worry if the loading fails. */
3580 :
3581 0 : has_start_post = s->exec_command[SERVICE_EXEC_START_POST];
3582 0 : r = service_load_pid_file(s, !has_start_post);
3583 0 : if (!has_start_post && r < 0) {
3584 0 : r = service_demand_pid_file(s);
3585 0 : if (r < 0 || cgroup_good(s) == 0)
3586 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_PROTOCOL);
3587 0 : break;
3588 : }
3589 : } else
3590 0 : service_search_main_pid(s);
3591 :
3592 0 : service_enter_start_post(s);
3593 0 : break;
3594 :
3595 0 : case SERVICE_START_POST:
3596 0 : if (f != SERVICE_SUCCESS) {
3597 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3598 0 : break;
3599 : }
3600 :
3601 0 : if (s->pid_file) {
3602 : int r;
3603 :
3604 0 : r = service_load_pid_file(s, true);
3605 0 : if (r < 0) {
3606 0 : r = service_demand_pid_file(s);
3607 0 : if (r < 0 || cgroup_good(s) == 0)
3608 0 : service_enter_stop(s, SERVICE_FAILURE_PROTOCOL);
3609 0 : break;
3610 : }
3611 : } else
3612 0 : service_search_main_pid(s);
3613 :
3614 0 : service_enter_running(s, SERVICE_SUCCESS);
3615 0 : break;
3616 :
3617 0 : case SERVICE_RELOAD:
3618 0 : if (f == SERVICE_SUCCESS)
3619 0 : if (service_load_pid_file(s, true) < 0)
3620 0 : service_search_main_pid(s);
3621 :
3622 0 : s->reload_result = f;
3623 0 : service_enter_running(s, SERVICE_SUCCESS);
3624 0 : break;
3625 :
3626 0 : case SERVICE_STOP:
3627 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, f);
3628 0 : break;
3629 :
3630 0 : case SERVICE_STOP_WATCHDOG:
3631 : case SERVICE_STOP_SIGTERM:
3632 : case SERVICE_STOP_SIGKILL:
3633 0 : if (main_pid_good(s) <= 0)
3634 0 : service_enter_stop_post(s, f);
3635 :
3636 : /* If there is still a service process around, wait until
3637 : * that one quit, too */
3638 0 : break;
3639 :
3640 0 : case SERVICE_STOP_POST:
3641 : case SERVICE_FINAL_SIGTERM:
3642 : case SERVICE_FINAL_SIGKILL:
3643 0 : if (main_pid_good(s) <= 0)
3644 0 : service_enter_dead(s, f, true);
3645 0 : break;
3646 :
3647 0 : case SERVICE_CLEANING:
3648 :
3649 0 : if (s->clean_result == SERVICE_SUCCESS)
3650 0 : s->clean_result = f;
3651 :
3652 0 : service_enter_dead(s, SERVICE_SUCCESS, false);
3653 0 : break;
3654 :
3655 0 : default:
3656 0 : assert_not_reached("Uh, control process died at wrong time.");
3657 : }
3658 : }
3659 : } else /* Neither control nor main PID? If so, don't notify about anything */
3660 0 : notify_dbus = false;
3661 :
3662 : /* Notify clients about changed exit status */
3663 0 : if (notify_dbus)
3664 0 : unit_add_to_dbus_queue(u);
3665 :
3666 : /* We watch the main/control process otherwise we can't retrieve the unit they
3667 : * belong to with cgroupv1. But if they are not our direct child, we won't get a
3668 : * SIGCHLD for them. Therefore we need to look for others to watch so we can
3669 : * detect when the cgroup becomes empty. Note that the control process is always
3670 : * our child so it's pointless to watch all other processes. */
3671 0 : if (!control_pid_good(s))
3672 0 : if (!s->main_pid_known || s->main_pid_alien)
3673 0 : (void) unit_enqueue_rewatch_pids(u);
3674 : }
3675 :
3676 0 : static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *userdata) {
3677 0 : Service *s = SERVICE(userdata);
3678 :
3679 0 : assert(s);
3680 0 : assert(source == s->timer_event_source);
3681 :
3682 0 : switch (s->state) {
3683 :
3684 0 : case SERVICE_CONDITION:
3685 : case SERVICE_START_PRE:
3686 : case SERVICE_START:
3687 0 : log_unit_warning(UNIT(s), "%s operation timed out. Terminating.", service_state_to_string(s->state));
3688 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3689 0 : break;
3690 :
3691 0 : case SERVICE_START_POST:
3692 0 : log_unit_warning(UNIT(s), "Start-post operation timed out. Stopping.");
3693 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3694 0 : break;
3695 :
3696 0 : case SERVICE_RUNNING:
3697 0 : log_unit_warning(UNIT(s), "Service reached runtime time limit. Stopping.");
3698 0 : service_enter_stop(s, SERVICE_FAILURE_TIMEOUT);
3699 0 : break;
3700 :
3701 0 : case SERVICE_RELOAD:
3702 0 : log_unit_warning(UNIT(s), "Reload operation timed out. Killing reload process.");
3703 0 : service_kill_control_process(s);
3704 0 : s->reload_result = SERVICE_FAILURE_TIMEOUT;
3705 0 : service_enter_running(s, SERVICE_SUCCESS);
3706 0 : break;
3707 :
3708 0 : case SERVICE_STOP:
3709 0 : log_unit_warning(UNIT(s), "Stopping timed out. Terminating.");
3710 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3711 0 : break;
3712 :
3713 0 : case SERVICE_STOP_WATCHDOG:
3714 0 : log_unit_warning(UNIT(s), "State 'stop-watchdog' timed out. Terminating.");
3715 0 : service_enter_signal(s, SERVICE_STOP_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3716 0 : break;
3717 :
3718 0 : case SERVICE_STOP_SIGTERM:
3719 0 : if (s->kill_context.send_sigkill) {
3720 0 : log_unit_warning(UNIT(s), "State 'stop-sigterm' timed out. Killing.");
3721 0 : service_enter_signal(s, SERVICE_STOP_SIGKILL, SERVICE_FAILURE_TIMEOUT);
3722 : } else {
3723 0 : log_unit_warning(UNIT(s), "State 'stop-sigterm' timed out. Skipping SIGKILL.");
3724 0 : service_enter_stop_post(s, SERVICE_FAILURE_TIMEOUT);
3725 : }
3726 :
3727 0 : break;
3728 :
3729 0 : case SERVICE_STOP_SIGKILL:
3730 : /* Uh, we sent a SIGKILL and it is still not gone?
3731 : * Must be something we cannot kill, so let's just be
3732 : * weirded out and continue */
3733 :
3734 0 : log_unit_warning(UNIT(s), "Processes still around after SIGKILL. Ignoring.");
3735 0 : service_enter_stop_post(s, SERVICE_FAILURE_TIMEOUT);
3736 0 : break;
3737 :
3738 0 : case SERVICE_STOP_POST:
3739 0 : log_unit_warning(UNIT(s), "State 'stop-post' timed out. Terminating.");
3740 0 : service_enter_signal(s, SERVICE_FINAL_SIGTERM, SERVICE_FAILURE_TIMEOUT);
3741 0 : break;
3742 :
3743 0 : case SERVICE_FINAL_SIGTERM:
3744 0 : if (s->kill_context.send_sigkill) {
3745 0 : log_unit_warning(UNIT(s), "State 'stop-final-sigterm' timed out. Killing.");
3746 0 : service_enter_signal(s, SERVICE_FINAL_SIGKILL, SERVICE_FAILURE_TIMEOUT);
3747 : } else {
3748 0 : log_unit_warning(UNIT(s), "State 'stop-final-sigterm' timed out. Skipping SIGKILL. Entering failed mode.");
3749 0 : service_enter_dead(s, SERVICE_FAILURE_TIMEOUT, false);
3750 : }
3751 :
3752 0 : break;
3753 :
3754 0 : case SERVICE_FINAL_SIGKILL:
3755 0 : log_unit_warning(UNIT(s), "Processes still around after final SIGKILL. Entering failed mode.");
3756 0 : service_enter_dead(s, SERVICE_FAILURE_TIMEOUT, true);
3757 0 : break;
3758 :
3759 0 : case SERVICE_AUTO_RESTART:
3760 0 : if (s->restart_usec > 0) {
3761 : char buf_restart[FORMAT_TIMESPAN_MAX];
3762 0 : log_unit_info(UNIT(s),
3763 : "Service RestartSec=%s expired, scheduling restart.",
3764 : format_timespan(buf_restart, sizeof buf_restart, s->restart_usec, USEC_PER_SEC));
3765 : } else
3766 0 : log_unit_info(UNIT(s),
3767 : "Service has no hold-off time (RestartSec=0), scheduling restart.");
3768 :
3769 0 : service_enter_restart(s);
3770 0 : break;
3771 :
3772 0 : case SERVICE_CLEANING:
3773 0 : log_unit_warning(UNIT(s), "Cleaning timed out. killing.");
3774 :
3775 0 : if (s->clean_result == SERVICE_SUCCESS)
3776 0 : s->clean_result = SERVICE_FAILURE_TIMEOUT;
3777 :
3778 0 : service_enter_signal(s, SERVICE_FINAL_SIGKILL, 0);
3779 0 : break;
3780 :
3781 0 : default:
3782 0 : assert_not_reached("Timeout at wrong time.");
3783 : }
3784 :
3785 0 : return 0;
3786 : }
3787 :
3788 0 : static int service_dispatch_watchdog(sd_event_source *source, usec_t usec, void *userdata) {
3789 0 : Service *s = SERVICE(userdata);
3790 : char t[FORMAT_TIMESPAN_MAX];
3791 : usec_t watchdog_usec;
3792 :
3793 0 : assert(s);
3794 0 : assert(source == s->watchdog_event_source);
3795 :
3796 0 : watchdog_usec = service_get_watchdog_usec(s);
3797 :
3798 0 : if (UNIT(s)->manager->service_watchdogs) {
3799 0 : log_unit_error(UNIT(s), "Watchdog timeout (limit %s)!",
3800 : format_timespan(t, sizeof(t), watchdog_usec, 1));
3801 :
3802 0 : service_enter_signal(s, SERVICE_STOP_WATCHDOG, SERVICE_FAILURE_WATCHDOG);
3803 : } else
3804 0 : log_unit_warning(UNIT(s), "Watchdog disabled! Ignoring watchdog timeout (limit %s)!",
3805 : format_timespan(t, sizeof(t), watchdog_usec, 1));
3806 :
3807 0 : return 0;
3808 : }
3809 :
3810 0 : static bool service_notify_message_authorized(Service *s, pid_t pid, char **tags, FDSet *fds) {
3811 0 : assert(s);
3812 :
3813 0 : if (s->notify_access == NOTIFY_NONE) {
3814 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception is disabled.", pid);
3815 0 : return false;
3816 : }
3817 :
3818 0 : if (s->notify_access == NOTIFY_MAIN && pid != s->main_pid) {
3819 0 : if (s->main_pid != 0)
3820 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT, pid, s->main_pid);
3821 : else
3822 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID which is currently not known", pid);
3823 :
3824 0 : return false;
3825 : }
3826 :
3827 0 : if (s->notify_access == NOTIFY_EXEC && pid != s->main_pid && pid != s->control_pid) {
3828 0 : if (s->main_pid != 0 && s->control_pid != 0)
3829 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT" and control PID "PID_FMT,
3830 : pid, s->main_pid, s->control_pid);
3831 0 : else if (s->main_pid != 0)
3832 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID "PID_FMT, pid, s->main_pid);
3833 0 : else if (s->control_pid != 0)
3834 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for control PID "PID_FMT, pid, s->control_pid);
3835 : else
3836 0 : log_unit_warning(UNIT(s), "Got notification message from PID "PID_FMT", but reception only permitted for main PID and control PID which are currently not known", pid);
3837 :
3838 0 : return false;
3839 : }
3840 :
3841 0 : return true;
3842 : }
3843 :
3844 0 : static void service_force_watchdog(Service *s) {
3845 0 : if (!UNIT(s)->manager->service_watchdogs)
3846 0 : return;
3847 :
3848 0 : log_unit_error(UNIT(s), "Watchdog request (last status: %s)!",
3849 : s->status_text ? s->status_text : "<unset>");
3850 :
3851 0 : service_enter_signal(s, SERVICE_STOP_WATCHDOG, SERVICE_FAILURE_WATCHDOG);
3852 : }
3853 :
3854 0 : static void service_notify_message(
3855 : Unit *u,
3856 : const struct ucred *ucred,
3857 : char **tags,
3858 : FDSet *fds) {
3859 :
3860 0 : Service *s = SERVICE(u);
3861 0 : bool notify_dbus = false;
3862 : const char *e;
3863 : char **i;
3864 : int r;
3865 :
3866 0 : assert(u);
3867 0 : assert(ucred);
3868 :
3869 0 : if (!service_notify_message_authorized(SERVICE(u), ucred->pid, tags, fds))
3870 0 : return;
3871 :
3872 0 : if (DEBUG_LOGGING) {
3873 0 : _cleanup_free_ char *cc = NULL;
3874 :
3875 0 : cc = strv_join(tags, ", ");
3876 0 : log_unit_debug(u, "Got notification message from PID "PID_FMT" (%s)", ucred->pid, isempty(cc) ? "n/a" : cc);
3877 : }
3878 :
3879 : /* Interpret MAINPID= */
3880 0 : e = strv_find_startswith(tags, "MAINPID=");
3881 0 : if (e && IN_SET(s->state, SERVICE_START, SERVICE_START_POST, SERVICE_RUNNING, SERVICE_RELOAD)) {
3882 : pid_t new_main_pid;
3883 :
3884 0 : if (parse_pid(e, &new_main_pid) < 0)
3885 0 : log_unit_warning(u, "Failed to parse MAINPID= field in notification message, ignoring: %s", e);
3886 0 : else if (!s->main_pid_known || new_main_pid != s->main_pid) {
3887 :
3888 0 : r = service_is_suitable_main_pid(s, new_main_pid, LOG_WARNING);
3889 0 : if (r == 0) {
3890 : /* The new main PID is a bit suspicious, which is OK if the sender is privileged. */
3891 :
3892 0 : if (ucred->uid == 0) {
3893 0 : log_unit_debug(u, "New main PID "PID_FMT" does not belong to service, but we'll accept it as the request to change it came from a privileged process.", new_main_pid);
3894 0 : r = 1;
3895 : } else
3896 0 : log_unit_debug(u, "New main PID "PID_FMT" does not belong to service, refusing.", new_main_pid);
3897 : }
3898 0 : if (r > 0) {
3899 0 : service_set_main_pid(s, new_main_pid);
3900 :
3901 0 : r = unit_watch_pid(UNIT(s), new_main_pid, false);
3902 0 : if (r < 0)
3903 0 : log_unit_warning_errno(UNIT(s), r, "Failed to watch new main PID "PID_FMT" for service: %m", new_main_pid);
3904 :
3905 0 : notify_dbus = true;
3906 : }
3907 : }
3908 : }
3909 :
3910 : /* Interpret READY=/STOPPING=/RELOADING=. Last one wins. */
3911 0 : STRV_FOREACH_BACKWARDS(i, tags) {
3912 :
3913 0 : if (streq(*i, "READY=1")) {
3914 0 : s->notify_state = NOTIFY_READY;
3915 :
3916 : /* Type=notify services inform us about completed
3917 : * initialization with READY=1 */
3918 0 : if (s->type == SERVICE_NOTIFY && s->state == SERVICE_START)
3919 0 : service_enter_start_post(s);
3920 :
3921 : /* Sending READY=1 while we are reloading informs us
3922 : * that the reloading is complete */
3923 0 : if (s->state == SERVICE_RELOAD && s->control_pid == 0)
3924 0 : service_enter_running(s, SERVICE_SUCCESS);
3925 :
3926 0 : notify_dbus = true;
3927 0 : break;
3928 :
3929 0 : } else if (streq(*i, "RELOADING=1")) {
3930 0 : s->notify_state = NOTIFY_RELOADING;
3931 :
3932 0 : if (s->state == SERVICE_RUNNING)
3933 0 : service_enter_reload_by_notify(s);
3934 :
3935 0 : notify_dbus = true;
3936 0 : break;
3937 :
3938 0 : } else if (streq(*i, "STOPPING=1")) {
3939 0 : s->notify_state = NOTIFY_STOPPING;
3940 :
3941 0 : if (s->state == SERVICE_RUNNING)
3942 0 : service_enter_stop_by_notify(s);
3943 :
3944 0 : notify_dbus = true;
3945 0 : break;
3946 : }
3947 : }
3948 :
3949 : /* Interpret STATUS= */
3950 0 : e = strv_find_startswith(tags, "STATUS=");
3951 0 : if (e) {
3952 0 : _cleanup_free_ char *t = NULL;
3953 :
3954 0 : if (!isempty(e)) {
3955 : /* Note that this size limit check is mostly paranoia: since the datagram size we are willing
3956 : * to process is already limited to NOTIFY_BUFFER_MAX, this limit here should never be hit. */
3957 0 : if (strlen(e) > STATUS_TEXT_MAX)
3958 0 : log_unit_warning(u, "Status message overly long (%zu > %u), ignoring.", strlen(e), STATUS_TEXT_MAX);
3959 0 : else if (!utf8_is_valid(e))
3960 0 : log_unit_warning(u, "Status message in notification message is not UTF-8 clean, ignoring.");
3961 : else {
3962 0 : t = strdup(e);
3963 0 : if (!t)
3964 0 : log_oom();
3965 : }
3966 : }
3967 :
3968 0 : if (!streq_ptr(s->status_text, t)) {
3969 0 : free_and_replace(s->status_text, t);
3970 0 : notify_dbus = true;
3971 : }
3972 : }
3973 :
3974 : /* Interpret ERRNO= */
3975 0 : e = strv_find_startswith(tags, "ERRNO=");
3976 0 : if (e) {
3977 : int status_errno;
3978 :
3979 0 : status_errno = parse_errno(e);
3980 0 : if (status_errno < 0)
3981 0 : log_unit_warning_errno(u, status_errno,
3982 : "Failed to parse ERRNO= field value '%s' in notification message: %m", e);
3983 0 : else if (s->status_errno != status_errno) {
3984 0 : s->status_errno = status_errno;
3985 0 : notify_dbus = true;
3986 : }
3987 : }
3988 :
3989 : /* Interpret EXTEND_TIMEOUT= */
3990 0 : e = strv_find_startswith(tags, "EXTEND_TIMEOUT_USEC=");
3991 0 : if (e) {
3992 : usec_t extend_timeout_usec;
3993 0 : if (safe_atou64(e, &extend_timeout_usec) < 0)
3994 0 : log_unit_warning(u, "Failed to parse EXTEND_TIMEOUT_USEC=%s", e);
3995 : else
3996 0 : service_extend_timeout(s, extend_timeout_usec);
3997 : }
3998 :
3999 : /* Interpret WATCHDOG= */
4000 0 : e = strv_find_startswith(tags, "WATCHDOG=");
4001 0 : if (e) {
4002 0 : if (streq(e, "1"))
4003 0 : service_reset_watchdog(s);
4004 0 : else if (streq(e, "trigger"))
4005 0 : service_force_watchdog(s);
4006 : else
4007 0 : log_unit_warning(u, "Passed WATCHDOG= field is invalid, ignoring.");
4008 : }
4009 :
4010 0 : e = strv_find_startswith(tags, "WATCHDOG_USEC=");
4011 0 : if (e) {
4012 : usec_t watchdog_override_usec;
4013 0 : if (safe_atou64(e, &watchdog_override_usec) < 0)
4014 0 : log_unit_warning(u, "Failed to parse WATCHDOG_USEC=%s", e);
4015 : else
4016 0 : service_override_watchdog_timeout(s, watchdog_override_usec);
4017 : }
4018 :
4019 : /* Process FD store messages. Either FDSTOREREMOVE=1 for removal, or FDSTORE=1 for addition. In both cases,
4020 : * process FDNAME= for picking the file descriptor name to use. Note that FDNAME= is required when removing
4021 : * fds, but optional when pushing in new fds, for compatibility reasons. */
4022 0 : if (strv_find(tags, "FDSTOREREMOVE=1")) {
4023 : const char *name;
4024 :
4025 0 : name = strv_find_startswith(tags, "FDNAME=");
4026 0 : if (!name || !fdname_is_valid(name))
4027 0 : log_unit_warning(u, "FDSTOREREMOVE=1 requested, but no valid file descriptor name passed, ignoring.");
4028 : else
4029 0 : service_remove_fd_store(s, name);
4030 :
4031 0 : } else if (strv_find(tags, "FDSTORE=1")) {
4032 : const char *name;
4033 :
4034 0 : name = strv_find_startswith(tags, "FDNAME=");
4035 0 : if (name && !fdname_is_valid(name)) {
4036 0 : log_unit_warning(u, "Passed FDNAME= name is invalid, ignoring.");
4037 0 : name = NULL;
4038 : }
4039 :
4040 0 : (void) service_add_fd_store_set(s, fds, name);
4041 : }
4042 :
4043 : /* Notify clients about changed status or main pid */
4044 0 : if (notify_dbus)
4045 0 : unit_add_to_dbus_queue(u);
4046 : }
4047 :
4048 0 : static int service_get_timeout(Unit *u, usec_t *timeout) {
4049 0 : Service *s = SERVICE(u);
4050 : uint64_t t;
4051 : int r;
4052 :
4053 0 : if (!s->timer_event_source)
4054 0 : return 0;
4055 :
4056 0 : r = sd_event_source_get_time(s->timer_event_source, &t);
4057 0 : if (r < 0)
4058 0 : return r;
4059 0 : if (t == USEC_INFINITY)
4060 0 : return 0;
4061 :
4062 0 : *timeout = t;
4063 0 : return 1;
4064 : }
4065 :
4066 0 : static void service_bus_name_owner_change(
4067 : Unit *u,
4068 : const char *old_owner,
4069 : const char *new_owner) {
4070 :
4071 0 : Service *s = SERVICE(u);
4072 : int r;
4073 :
4074 0 : assert(s);
4075 :
4076 0 : assert(old_owner || new_owner);
4077 :
4078 0 : if (old_owner && new_owner)
4079 0 : log_unit_debug(u, "D-Bus name %s changed owner from %s to %s", s->bus_name, old_owner, new_owner);
4080 0 : else if (old_owner)
4081 0 : log_unit_debug(u, "D-Bus name %s no longer registered by %s", s->bus_name, old_owner);
4082 : else
4083 0 : log_unit_debug(u, "D-Bus name %s now registered by %s", s->bus_name, new_owner);
4084 :
4085 0 : s->bus_name_good = !!new_owner;
4086 :
4087 : /* Track the current owner, so we can reconstruct changes after a daemon reload */
4088 0 : r = free_and_strdup(&s->bus_name_owner, new_owner);
4089 0 : if (r < 0) {
4090 0 : log_unit_error_errno(u, r, "Unable to set new bus name owner %s: %m", new_owner);
4091 0 : return;
4092 : }
4093 :
4094 0 : if (s->type == SERVICE_DBUS) {
4095 :
4096 : /* service_enter_running() will figure out what to
4097 : * do */
4098 0 : if (s->state == SERVICE_RUNNING)
4099 0 : service_enter_running(s, SERVICE_SUCCESS);
4100 0 : else if (s->state == SERVICE_START && new_owner)
4101 0 : service_enter_start_post(s);
4102 :
4103 0 : } else if (new_owner &&
4104 0 : s->main_pid <= 0 &&
4105 0 : IN_SET(s->state,
4106 : SERVICE_START,
4107 : SERVICE_START_POST,
4108 : SERVICE_RUNNING,
4109 : SERVICE_RELOAD)) {
4110 :
4111 0 : _cleanup_(sd_bus_creds_unrefp) sd_bus_creds *creds = NULL;
4112 : pid_t pid;
4113 :
4114 : /* Try to acquire PID from bus service */
4115 :
4116 0 : r = sd_bus_get_name_creds(u->manager->api_bus, s->bus_name, SD_BUS_CREDS_PID, &creds);
4117 0 : if (r >= 0)
4118 0 : r = sd_bus_creds_get_pid(creds, &pid);
4119 0 : if (r >= 0) {
4120 0 : log_unit_debug(u, "D-Bus name %s is now owned by process " PID_FMT, s->bus_name, pid);
4121 :
4122 0 : service_set_main_pid(s, pid);
4123 0 : unit_watch_pid(UNIT(s), pid, false);
4124 : }
4125 : }
4126 : }
4127 :
4128 0 : int service_set_socket_fd(Service *s, int fd, Socket *sock, bool selinux_context_net) {
4129 0 : _cleanup_free_ char *peer = NULL;
4130 : int r;
4131 :
4132 0 : assert(s);
4133 0 : assert(fd >= 0);
4134 :
4135 : /* This is called by the socket code when instantiating a new service for a stream socket and the socket needs
4136 : * to be configured. We take ownership of the passed fd on success. */
4137 :
4138 0 : if (UNIT(s)->load_state != UNIT_LOADED)
4139 0 : return -EINVAL;
4140 :
4141 0 : if (s->socket_fd >= 0)
4142 0 : return -EBUSY;
4143 :
4144 0 : if (s->state != SERVICE_DEAD)
4145 0 : return -EAGAIN;
4146 :
4147 0 : if (getpeername_pretty(fd, true, &peer) >= 0) {
4148 :
4149 0 : if (UNIT(s)->description) {
4150 0 : _cleanup_free_ char *a;
4151 :
4152 0 : a = strjoin(UNIT(s)->description, " (", peer, ")");
4153 0 : if (!a)
4154 0 : return -ENOMEM;
4155 :
4156 0 : r = unit_set_description(UNIT(s), a);
4157 : } else
4158 0 : r = unit_set_description(UNIT(s), peer);
4159 :
4160 0 : if (r < 0)
4161 0 : return r;
4162 : }
4163 :
4164 0 : r = unit_add_two_dependencies(UNIT(sock), UNIT_BEFORE, UNIT_TRIGGERS, UNIT(s), false, UNIT_DEPENDENCY_IMPLICIT);
4165 0 : if (r < 0)
4166 0 : return r;
4167 :
4168 0 : s->socket_fd = fd;
4169 0 : s->socket_fd_selinux_context_net = selinux_context_net;
4170 :
4171 0 : unit_ref_set(&s->accept_socket, UNIT(s), UNIT(sock));
4172 0 : return 0;
4173 : }
4174 :
4175 0 : static void service_reset_failed(Unit *u) {
4176 0 : Service *s = SERVICE(u);
4177 :
4178 0 : assert(s);
4179 :
4180 0 : if (s->state == SERVICE_FAILED)
4181 0 : service_set_state(s, SERVICE_DEAD);
4182 :
4183 0 : s->result = SERVICE_SUCCESS;
4184 0 : s->reload_result = SERVICE_SUCCESS;
4185 0 : s->clean_result = SERVICE_SUCCESS;
4186 0 : s->n_restarts = 0;
4187 0 : s->flush_n_restarts = false;
4188 0 : }
4189 :
4190 0 : static int service_kill(Unit *u, KillWho who, int signo, sd_bus_error *error) {
4191 0 : Service *s = SERVICE(u);
4192 :
4193 0 : assert(s);
4194 :
4195 0 : return unit_kill_common(u, who, signo, s->main_pid, s->control_pid, error);
4196 : }
4197 :
4198 0 : static int service_main_pid(Unit *u) {
4199 0 : Service *s = SERVICE(u);
4200 :
4201 0 : assert(s);
4202 :
4203 0 : return s->main_pid;
4204 : }
4205 :
4206 0 : static int service_control_pid(Unit *u) {
4207 0 : Service *s = SERVICE(u);
4208 :
4209 0 : assert(s);
4210 :
4211 0 : return s->control_pid;
4212 : }
4213 :
4214 6 : static bool service_needs_console(Unit *u) {
4215 6 : Service *s = SERVICE(u);
4216 :
4217 6 : assert(s);
4218 :
4219 : /* We provide our own implementation of this here, instead of relying of the generic implementation
4220 : * unit_needs_console() provides, since we want to return false if we are in SERVICE_EXITED state. */
4221 :
4222 6 : if (!exec_context_may_touch_console(&s->exec_context))
4223 6 : return false;
4224 :
4225 0 : return IN_SET(s->state,
4226 : SERVICE_CONDITION,
4227 : SERVICE_START_PRE,
4228 : SERVICE_START,
4229 : SERVICE_START_POST,
4230 : SERVICE_RUNNING,
4231 : SERVICE_RELOAD,
4232 : SERVICE_STOP,
4233 : SERVICE_STOP_WATCHDOG,
4234 : SERVICE_STOP_SIGTERM,
4235 : SERVICE_STOP_SIGKILL,
4236 : SERVICE_STOP_POST,
4237 : SERVICE_FINAL_SIGTERM,
4238 : SERVICE_FINAL_SIGKILL);
4239 : }
4240 :
4241 0 : static int service_exit_status(Unit *u) {
4242 0 : Service *s = SERVICE(u);
4243 :
4244 0 : assert(u);
4245 :
4246 0 : if (s->main_exec_status.pid <= 0 ||
4247 0 : !dual_timestamp_is_set(&s->main_exec_status.exit_timestamp))
4248 0 : return -ENODATA;
4249 :
4250 0 : if (s->main_exec_status.code != CLD_EXITED)
4251 0 : return -EBADE;
4252 :
4253 0 : return s->main_exec_status.status;
4254 : }
4255 :
4256 0 : static int service_clean(Unit *u, ExecCleanMask mask) {
4257 0 : _cleanup_strv_free_ char **l = NULL;
4258 0 : Service *s = SERVICE(u);
4259 : pid_t pid;
4260 : int r;
4261 :
4262 0 : assert(s);
4263 0 : assert(mask != 0);
4264 :
4265 0 : if (s->state != SERVICE_DEAD)
4266 0 : return -EBUSY;
4267 :
4268 0 : r = exec_context_get_clean_directories(&s->exec_context, u->manager->prefix, mask, &l);
4269 0 : if (r < 0)
4270 0 : return r;
4271 :
4272 0 : if (strv_isempty(l))
4273 0 : return -EUNATCH;
4274 :
4275 0 : service_unwatch_control_pid(s);
4276 0 : s->clean_result = SERVICE_SUCCESS;
4277 0 : s->control_command = NULL;
4278 0 : s->control_command_id = _SERVICE_EXEC_COMMAND_INVALID;
4279 :
4280 0 : r = service_arm_timer(s, usec_add(now(CLOCK_MONOTONIC), s->timeout_clean_usec));
4281 0 : if (r < 0)
4282 0 : goto fail;
4283 :
4284 0 : r = unit_fork_helper_process(UNIT(s), "(sd-rmrf)", &pid);
4285 0 : if (r < 0)
4286 0 : goto fail;
4287 0 : if (r == 0) {
4288 0 : int ret = EXIT_SUCCESS;
4289 : char **i;
4290 :
4291 0 : STRV_FOREACH(i, l) {
4292 0 : r = rm_rf(*i, REMOVE_ROOT|REMOVE_PHYSICAL|REMOVE_MISSING_OK);
4293 0 : if (r < 0) {
4294 0 : log_error_errno(r, "Failed to remove '%s': %m", *i);
4295 0 : ret = EXIT_FAILURE;
4296 : }
4297 : }
4298 :
4299 0 : _exit(ret);
4300 : }
4301 :
4302 0 : r = unit_watch_pid(u, pid, true);
4303 0 : if (r < 0)
4304 0 : goto fail;
4305 :
4306 0 : s->control_pid = pid;
4307 :
4308 0 : service_set_state(s, SERVICE_CLEANING);
4309 :
4310 0 : return 0;
4311 :
4312 0 : fail:
4313 0 : log_unit_warning_errno(UNIT(s), r, "Failed to initiate cleaning: %m");
4314 0 : s->clean_result = SERVICE_FAILURE_RESOURCES;
4315 0 : s->timer_event_source = sd_event_source_unref(s->timer_event_source);
4316 0 : return r;
4317 : }
4318 :
4319 0 : static int service_can_clean(Unit *u, ExecCleanMask *ret) {
4320 0 : Service *s = SERVICE(u);
4321 :
4322 0 : assert(s);
4323 :
4324 0 : return exec_context_get_clean_mask(&s->exec_context, ret);
4325 : }
4326 :
4327 : static const char* const service_restart_table[_SERVICE_RESTART_MAX] = {
4328 : [SERVICE_RESTART_NO] = "no",
4329 : [SERVICE_RESTART_ON_SUCCESS] = "on-success",
4330 : [SERVICE_RESTART_ON_FAILURE] = "on-failure",
4331 : [SERVICE_RESTART_ON_ABNORMAL] = "on-abnormal",
4332 : [SERVICE_RESTART_ON_WATCHDOG] = "on-watchdog",
4333 : [SERVICE_RESTART_ON_ABORT] = "on-abort",
4334 : [SERVICE_RESTART_ALWAYS] = "always",
4335 : };
4336 :
4337 62 : DEFINE_STRING_TABLE_LOOKUP(service_restart, ServiceRestart);
4338 :
4339 : static const char* const service_type_table[_SERVICE_TYPE_MAX] = {
4340 : [SERVICE_SIMPLE] = "simple",
4341 : [SERVICE_FORKING] = "forking",
4342 : [SERVICE_ONESHOT] = "oneshot",
4343 : [SERVICE_DBUS] = "dbus",
4344 : [SERVICE_NOTIFY] = "notify",
4345 : [SERVICE_IDLE] = "idle",
4346 : [SERVICE_EXEC] = "exec",
4347 : };
4348 :
4349 79 : DEFINE_STRING_TABLE_LOOKUP(service_type, ServiceType);
4350 :
4351 : static const char* const service_exec_command_table[_SERVICE_EXEC_COMMAND_MAX] = {
4352 : [SERVICE_EXEC_CONDITION] = "ExecCondition",
4353 : [SERVICE_EXEC_START_PRE] = "ExecStartPre",
4354 : [SERVICE_EXEC_START] = "ExecStart",
4355 : [SERVICE_EXEC_START_POST] = "ExecStartPost",
4356 : [SERVICE_EXEC_RELOAD] = "ExecReload",
4357 : [SERVICE_EXEC_STOP] = "ExecStop",
4358 : [SERVICE_EXEC_STOP_POST] = "ExecStopPost",
4359 : };
4360 :
4361 62 : DEFINE_STRING_TABLE_LOOKUP(service_exec_command, ServiceExecCommand);
4362 :
4363 : static const char* const service_exec_ex_command_table[_SERVICE_EXEC_COMMAND_MAX] = {
4364 : [SERVICE_EXEC_START_PRE] = "ExecStartPreEx",
4365 : [SERVICE_EXEC_START] = "ExecStartEx",
4366 : [SERVICE_EXEC_START_POST] = "ExecStartPostEx",
4367 : };
4368 :
4369 0 : DEFINE_STRING_TABLE_LOOKUP(service_exec_ex_command, ServiceExecCommand);
4370 :
4371 : static const char* const notify_state_table[_NOTIFY_STATE_MAX] = {
4372 : [NOTIFY_UNKNOWN] = "unknown",
4373 : [NOTIFY_READY] = "ready",
4374 : [NOTIFY_RELOADING] = "reloading",
4375 : [NOTIFY_STOPPING] = "stopping",
4376 : };
4377 :
4378 56 : DEFINE_STRING_TABLE_LOOKUP(notify_state, NotifyState);
4379 :
4380 : static const char* const service_result_table[_SERVICE_RESULT_MAX] = {
4381 : [SERVICE_SUCCESS] = "success",
4382 : [SERVICE_FAILURE_RESOURCES] = "resources",
4383 : [SERVICE_FAILURE_PROTOCOL] = "protocol",
4384 : [SERVICE_FAILURE_TIMEOUT] = "timeout",
4385 : [SERVICE_FAILURE_EXIT_CODE] = "exit-code",
4386 : [SERVICE_FAILURE_SIGNAL] = "signal",
4387 : [SERVICE_FAILURE_CORE_DUMP] = "core-dump",
4388 : [SERVICE_FAILURE_WATCHDOG] = "watchdog",
4389 : [SERVICE_FAILURE_START_LIMIT_HIT] = "start-limit-hit",
4390 : [SERVICE_FAILURE_OOM_KILL] = "oom-kill",
4391 : [SERVICE_SKIP_CONDITION] = "exec-condition",
4392 : };
4393 :
4394 186 : DEFINE_STRING_TABLE_LOOKUP(service_result, ServiceResult);
4395 :
4396 : const UnitVTable service_vtable = {
4397 : .object_size = sizeof(Service),
4398 : .exec_context_offset = offsetof(Service, exec_context),
4399 : .cgroup_context_offset = offsetof(Service, cgroup_context),
4400 : .kill_context_offset = offsetof(Service, kill_context),
4401 : .exec_runtime_offset = offsetof(Service, exec_runtime),
4402 : .dynamic_creds_offset = offsetof(Service, dynamic_creds),
4403 :
4404 : .sections =
4405 : "Unit\0"
4406 : "Service\0"
4407 : "Install\0",
4408 : .private_section = "Service",
4409 :
4410 : .can_transient = true,
4411 : .can_delegate = true,
4412 :
4413 : .init = service_init,
4414 : .done = service_done,
4415 : .load = service_load,
4416 : .release_resources = service_release_resources,
4417 :
4418 : .coldplug = service_coldplug,
4419 :
4420 : .dump = service_dump,
4421 :
4422 : .start = service_start,
4423 : .stop = service_stop,
4424 : .reload = service_reload,
4425 :
4426 : .can_reload = service_can_reload,
4427 :
4428 : .kill = service_kill,
4429 : .clean = service_clean,
4430 : .can_clean = service_can_clean,
4431 :
4432 : .serialize = service_serialize,
4433 : .deserialize_item = service_deserialize_item,
4434 :
4435 : .active_state = service_active_state,
4436 : .sub_state_to_string = service_sub_state_to_string,
4437 :
4438 : .will_restart = service_will_restart,
4439 :
4440 : .may_gc = service_may_gc,
4441 :
4442 : .sigchld_event = service_sigchld_event,
4443 :
4444 : .reset_failed = service_reset_failed,
4445 :
4446 : .notify_cgroup_empty = service_notify_cgroup_empty_event,
4447 : .notify_cgroup_oom = service_notify_cgroup_oom_event,
4448 : .notify_message = service_notify_message,
4449 :
4450 : .main_pid = service_main_pid,
4451 : .control_pid = service_control_pid,
4452 :
4453 : .bus_name_owner_change = service_bus_name_owner_change,
4454 :
4455 : .bus_vtable = bus_service_vtable,
4456 : .bus_set_property = bus_service_set_property,
4457 : .bus_commit_properties = bus_service_commit_properties,
4458 :
4459 : .get_timeout = service_get_timeout,
4460 : .needs_console = service_needs_console,
4461 : .exit_status = service_exit_status,
4462 :
4463 : .status_message_formats = {
4464 : .starting_stopping = {
4465 : [0] = "Starting %s...",
4466 : [1] = "Stopping %s...",
4467 : },
4468 : .finished_start_job = {
4469 : [JOB_DONE] = "Started %s.",
4470 : [JOB_FAILED] = "Failed to start %s.",
4471 : [JOB_SKIPPED] = "Skipped %s.",
4472 : },
4473 : .finished_stop_job = {
4474 : [JOB_DONE] = "Stopped %s.",
4475 : [JOB_FAILED] = "Stopped (with error) %s.",
4476 : },
4477 : },
4478 : };
|
