2017-11-18 17:09:20 +01:00
/* SPDX-License-Identifier: LGPL-2.1+ */
2010-02-03 13:03:47 +01:00
2010-01-23 01:52:57 +01:00
# include <errno.h>
2019-03-27 11:32:41 +01:00
# include <sys/stat.h>
# include <sys/types.h>
2010-02-14 01:09:01 +01:00
# include <unistd.h>
2010-01-23 01:52:57 +01:00
2017-08-09 21:12:55 +02:00
# include "sd-messages.h"
2015-10-27 03:01:06 +01:00
# include "alloc-util.h"
2014-05-13 23:22:13 +02:00
# include "async.h"
2015-10-23 18:52:53 +02:00
# include "bus-error.h"
# include "bus-kernel.h"
# include "bus-util.h"
2010-04-18 03:08:16 +02:00
# include "dbus-service.h"
2018-11-27 20:15:45 +01:00
# include "dbus-unit.h"
2011-03-17 04:02:35 +01:00
# include "def.h"
2013-02-11 03:46:08 +01:00
# include "env-util.h"
2015-10-23 18:52:53 +02:00
# include "escape.h"
# include "exit-status.h"
2015-10-25 13:14:12 +01:00
# include "fd-util.h"
2013-02-14 12:26:13 +01:00
# include "fileio.h"
2016-11-07 16:14:59 +01:00
# include "format-util.h"
2015-10-26 21:16:26 +01:00
# include "fs-util.h"
2015-10-23 18:52:53 +02:00
# include "load-dropin.h"
# include "load-fragment.h"
# include "log.h"
# include "manager.h"
2015-10-26 16:18:16 +01:00
# include "parse-util.h"
2015-10-23 18:52:53 +02:00
# include "path-util.h"
2015-04-10 19:10:00 +02:00
# include "process-util.h"
2018-10-17 20:40:09 +02:00
# include "serialize.h"
2015-10-25 13:14:12 +01:00
# include "service.h"
2015-05-29 20:14:11 +02:00
# include "signal-util.h"
2015-10-23 18:52:53 +02:00
# include "special.h"
2017-01-23 17:12:35 +01:00
# include "stdio-util.h"
2015-10-26 22:31:05 +01:00
# include "string-table.h"
2015-10-24 22:58:24 +02:00
# include "string-util.h"
2015-10-23 18:52:53 +02:00
# include "strv.h"
# include "unit-name.h"
# include "unit.h"
# include "utf8.h"
# include "util.h"
2010-01-26 04:18:44 +01:00
2010-01-27 04:31:52 +01:00
static const UnitActiveState state_translation_table [ _SERVICE_STATE_MAX ] = {
2010-01-26 21:39:06 +01:00
[ SERVICE_DEAD ] = UNIT_INACTIVE ,
2019-06-29 02:02:30 +02:00
[ SERVICE_CONDITION ] = UNIT_ACTIVATING ,
2010-01-26 21:39:06 +01:00
[ SERVICE_START_PRE ] = UNIT_ACTIVATING ,
[ SERVICE_START ] = UNIT_ACTIVATING ,
[ SERVICE_START_POST ] = UNIT_ACTIVATING ,
[ SERVICE_RUNNING ] = UNIT_ACTIVE ,
2010-04-13 02:06:27 +02:00
[ SERVICE_EXITED ] = UNIT_ACTIVE ,
2010-07-01 03:34:15 +02:00
[ SERVICE_RELOAD ] = UNIT_RELOADING ,
2010-01-26 21:39:06 +01:00
[ SERVICE_STOP ] = UNIT_DEACTIVATING ,
2018-09-19 21:03:01 +02:00
[ SERVICE_STOP_WATCHDOG ] = UNIT_DEACTIVATING ,
2010-01-26 21:39:06 +01:00
[ SERVICE_STOP_SIGTERM ] = UNIT_DEACTIVATING ,
[ SERVICE_STOP_SIGKILL ] = UNIT_DEACTIVATING ,
[ SERVICE_STOP_POST ] = UNIT_DEACTIVATING ,
2019-04-16 16:45:20 +02:00
[ SERVICE_FINAL_WATCHDOG ] = UNIT_DEACTIVATING ,
2010-01-26 21:39:06 +01:00
[ SERVICE_FINAL_SIGTERM ] = UNIT_DEACTIVATING ,
[ SERVICE_FINAL_SIGKILL ] = UNIT_DEACTIVATING ,
2010-08-31 00:23:34 +02:00
[ SERVICE_FAILED ] = UNIT_FAILED ,
2019-04-01 18:48:20 +02:00
[ SERVICE_AUTO_RESTART ] = UNIT_ACTIVATING ,
[ SERVICE_CLEANING ] = UNIT_MAINTENANCE ,
2010-01-26 04:18:44 +01:00
} ;
2010-01-23 01:52:57 +01:00
2012-05-24 02:22:35 +02:00
/* For Type=idle we never want to delay any other jobs, hence we
* consider idle jobs active as soon as we start working on them */
static const UnitActiveState state_translation_table_idle [ _SERVICE_STATE_MAX ] = {
[ SERVICE_DEAD ] = UNIT_INACTIVE ,
2019-06-29 02:02:30 +02:00
[ SERVICE_CONDITION ] = UNIT_ACTIVE ,
2012-05-24 02:22:35 +02:00
[ SERVICE_START_PRE ] = UNIT_ACTIVE ,
[ SERVICE_START ] = UNIT_ACTIVE ,
[ SERVICE_START_POST ] = UNIT_ACTIVE ,
[ SERVICE_RUNNING ] = UNIT_ACTIVE ,
[ SERVICE_EXITED ] = UNIT_ACTIVE ,
[ SERVICE_RELOAD ] = UNIT_RELOADING ,
[ SERVICE_STOP ] = UNIT_DEACTIVATING ,
2018-09-19 21:03:01 +02:00
[ SERVICE_STOP_WATCHDOG ] = UNIT_DEACTIVATING ,
2012-05-24 02:22:35 +02:00
[ SERVICE_STOP_SIGTERM ] = UNIT_DEACTIVATING ,
[ SERVICE_STOP_SIGKILL ] = UNIT_DEACTIVATING ,
[ SERVICE_STOP_POST ] = UNIT_DEACTIVATING ,
2019-04-16 16:45:20 +02:00
[ SERVICE_FINAL_WATCHDOG ] = UNIT_DEACTIVATING ,
2012-05-24 02:22:35 +02:00
[ SERVICE_FINAL_SIGTERM ] = UNIT_DEACTIVATING ,
[ SERVICE_FINAL_SIGKILL ] = UNIT_DEACTIVATING ,
[ SERVICE_FAILED ] = UNIT_FAILED ,
2019-04-01 18:48:20 +02:00
[ SERVICE_AUTO_RESTART ] = UNIT_ACTIVATING ,
[ SERVICE_CLEANING ] = UNIT_MAINTENANCE ,
2012-05-24 02:22:35 +02:00
} ;
2018-07-17 11:47:14 +02:00
static int service_dispatch_inotify_io ( sd_event_source * source , int fd , uint32_t events , void * userdata ) ;
2013-11-19 21:12:59 +01:00
static int service_dispatch_timer ( sd_event_source * source , usec_t usec , void * userdata ) ;
static int service_dispatch_watchdog ( sd_event_source * source , usec_t usec , void * userdata ) ;
2018-07-17 11:47:14 +02:00
static int service_dispatch_exec_io ( sd_event_source * source , int fd , uint32_t events , void * userdata ) ;
2013-11-19 21:12:59 +01:00
2013-12-11 20:49:43 +01:00
static void service_enter_signal ( Service * s , ServiceState state , ServiceResult f ) ;
2014-08-21 17:03:15 +02:00
static void service_enter_reload_by_notify ( Service * s ) ;
2013-12-11 20:49:43 +01:00
2010-04-21 03:27:44 +02:00
static void service_init ( Unit * u ) {
Service * s = SERVICE ( u ) ;
assert ( u ) ;
2012-01-15 12:04:08 +01:00
assert ( u - > load_state = = UNIT_STUB ) ;
2010-04-21 03:27:44 +02:00
2013-11-04 17:47:43 +01:00
s - > timeout_start_usec = u - > manager - > default_timeout_start_usec ;
s - > timeout_stop_usec = u - > manager - > default_timeout_stop_usec ;
2017-11-29 07:43:44 +01:00
s - > timeout_abort_usec = u - > manager - > default_timeout_abort_usec ;
s - > timeout_abort_set = u - > manager - > default_timeout_abort_set ;
2013-11-04 17:47:43 +01:00
s - > restart_usec = u - > manager - > default_restart_usec ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
s - > runtime_max_usec = USEC_INFINITY ;
2012-05-03 14:46:29 +02:00
s - > type = _SERVICE_TYPE_INVALID ;
2010-04-21 03:27:44 +02:00
s - > socket_fd = - 1 ;
2015-10-07 23:07:39 +02:00
s - > stdin_fd = s - > stdout_fd = s - > stderr_fd = - 1 ;
2011-02-13 18:51:30 +01:00
s - > guess_main_pid = true ;
2010-04-21 03:27:44 +02:00
s - > control_command_id = _SERVICE_EXEC_COMMAND_INVALID ;
2018-02-20 08:53:34 +01:00
s - > exec_context . keyring_mode = MANAGER_IS_SYSTEM ( u - > manager ) ?
EXEC_KEYRING_PRIVATE : EXEC_KEYRING_INHERIT ;
2018-10-24 19:04:41 +02:00
s - > watchdog_original_usec = USEC_INFINITY ;
2019-03-19 19:05:19 +01:00
s - > oom_policy = _OOM_POLICY_INVALID ;
2010-04-21 03:27:44 +02:00
}
2010-04-11 00:22:36 +02:00
static void service_unwatch_control_pid ( Service * s ) {
assert ( s ) ;
if ( s - > control_pid < = 0 )
return ;
unit_unwatch_pid ( UNIT ( s ) , s - > control_pid ) ;
s - > control_pid = 0 ;
}
static void service_unwatch_main_pid ( Service * s ) {
assert ( s ) ;
if ( s - > main_pid < = 0 )
return ;
unit_unwatch_pid ( UNIT ( s ) , s - > main_pid ) ;
s - > main_pid = 0 ;
}
2012-01-19 23:58:07 +01:00
static void service_unwatch_pid_file ( Service * s ) {
if ( ! s - > pid_file_pathspec )
return ;
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Stopping watch for PID file %s " , s - > pid_file_pathspec - > path ) ;
2013-11-19 21:12:59 +01:00
path_spec_unwatch ( s - > pid_file_pathspec ) ;
2012-01-19 23:58:07 +01:00
path_spec_done ( s - > pid_file_pathspec ) ;
2015-09-08 18:43:11 +02:00
s - > pid_file_pathspec = mfree ( s - > pid_file_pathspec ) ;
2012-01-19 23:58:07 +01:00
}
2010-06-17 22:55:53 +02:00
static int service_set_main_pid ( Service * s , pid_t pid ) {
assert ( s ) ;
if ( pid < = 1 )
return - EINVAL ;
2017-07-20 16:19:18 +02:00
if ( pid = = getpid_cached ( ) )
2010-06-17 22:55:53 +02:00
return - EINVAL ;
2013-10-01 05:06:56 +02:00
if ( s - > main_pid = = pid & & s - > main_pid_known )
return 0 ;
if ( s - > main_pid ! = pid ) {
service_unwatch_main_pid ( s ) ;
exec_status_start ( & s - > main_exec_status , pid ) ;
}
2013-08-09 16:40:57 +02:00
2011-04-28 04:56:53 +02:00
s - > main_pid = pid ;
s - > main_pid_known = true ;
2019-03-18 11:48:34 +01:00
s - > main_pid_alien = pid_is_my_child ( pid ) = = 0 ;
2011-04-28 04:56:53 +02:00
2019-03-18 11:48:34 +01:00
if ( s - > main_pid_alien )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " Supervising process " PID_FMT " which is not our child. We'll most likely not notice when it exits. " , pid ) ;
2010-06-17 22:55:53 +02:00
return 0 ;
}
2016-04-28 17:09:50 +02:00
void service_close_socket_fd ( Service * s ) {
2010-04-15 06:19:54 +02:00
assert ( s ) ;
2016-04-29 11:36:00 +02:00
/* Undo the effect of service_set_socket_fd(). */
2010-04-15 06:19:54 +02:00
2016-04-29 11:36:00 +02:00
s - > socket_fd = asynchronous_close ( s - > socket_fd ) ;
2010-06-19 04:25:28 +02:00
2016-04-29 11:36:00 +02:00
if ( UNIT_ISSET ( s - > accept_socket ) ) {
socket_connection_unref ( SOCKET ( UNIT_DEREF ( s - > accept_socket ) ) ) ;
unit_ref_unset ( & s - > accept_socket ) ;
}
2010-06-19 04:25:28 +02:00
}
2012-02-01 17:17:12 +01:00
static void service_stop_watchdog ( Service * s ) {
assert ( s ) ;
2013-11-19 21:12:59 +01:00
s - > watchdog_event_source = sd_event_source_unref ( s - > watchdog_event_source ) ;
2013-12-11 20:49:43 +01:00
s - > watchdog_timestamp = DUAL_TIMESTAMP_NULL ;
2012-02-01 17:17:12 +01:00
}
2013-12-11 20:49:43 +01:00
static void service_start_watchdog ( Service * s ) {
2016-06-22 13:26:05 +02:00
usec_t watchdog_usec ;
2018-10-24 18:59:03 +02:00
int r ;
2012-02-08 10:10:34 +01:00
assert ( s ) ;
2016-06-22 13:26:05 +02:00
watchdog_usec = service_get_watchdog_usec ( s ) ;
2018-10-24 18:59:03 +02:00
if ( IN_SET ( watchdog_usec , 0 , USEC_INFINITY ) ) {
service_stop_watchdog ( s ) ;
2012-02-08 10:10:34 +01:00
return ;
2018-10-24 18:59:03 +02:00
}
2012-02-08 10:10:34 +01:00
2013-11-19 21:12:59 +01:00
if ( s - > watchdog_event_source ) {
2016-06-22 13:26:05 +02:00
r = sd_event_source_set_time ( s - > watchdog_event_source , usec_add ( s - > watchdog_timestamp . monotonic , watchdog_usec ) ) ;
2013-11-19 21:12:59 +01:00
if ( r < 0 ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to reset watchdog timer: %m " ) ;
2013-11-19 21:12:59 +01:00
return ;
}
2013-12-11 20:49:43 +01:00
r = sd_event_source_set_enabled ( s - > watchdog_event_source , SD_EVENT_ONESHOT ) ;
2013-12-12 20:16:06 +01:00
} else {
2014-03-24 02:49:09 +01:00
r = sd_event_add_time (
UNIT ( s ) - > manager - > event ,
& s - > watchdog_event_source ,
CLOCK_MONOTONIC ,
2016-06-22 13:26:05 +02:00
usec_add ( s - > watchdog_timestamp . monotonic , watchdog_usec ) , 0 ,
2014-03-24 02:49:09 +01:00
service_dispatch_watchdog , s ) ;
2013-12-12 20:16:06 +01:00
if ( r < 0 ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to add watchdog timer: %m " ) ;
2013-12-12 20:16:06 +01:00
return ;
}
2015-04-29 16:05:32 +02:00
( void ) sd_event_source_set_description ( s - > watchdog_event_source , " service-watchdog " ) ;
2013-12-12 20:16:06 +01:00
/* Let's process everything else which might be a sign
* of living before we consider a service died . */
r = sd_event_source_set_priority ( s - > watchdog_event_source , SD_EVENT_PRIORITY_IDLE ) ;
}
2012-02-08 10:10:34 +01:00
if ( r < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to install watchdog timer: %m " ) ;
2012-02-08 10:10:34 +01:00
}
2018-10-24 19:02:13 +02:00
static void service_extend_event_source_timeout ( Service * s , sd_event_source * source , usec_t extended ) {
usec_t current ;
int r ;
2017-12-14 12:17:43 +01:00
assert ( s ) ;
2018-10-24 19:02:13 +02:00
/* Extends the specified event source timer to at least the specified time, unless it is already later
* anyway . */
2017-12-14 12:17:43 +01:00
2018-10-24 19:02:13 +02:00
if ( ! source )
return ;
2017-12-14 12:17:43 +01:00
2018-10-24 19:02:13 +02:00
r = sd_event_source_get_time ( source , & current ) ;
if ( r < 0 ) {
const char * desc ;
( void ) sd_event_source_get_description ( s - > timer_event_source , & desc ) ;
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to retrieve timeout time for event source '%s', ignoring: %m " , strna ( desc ) ) ;
return ;
}
2017-12-14 12:17:43 +01:00
2018-10-24 19:02:13 +02:00
if ( current > = extended ) /* Current timeout is already longer, ignore this. */
return ;
2017-12-14 12:17:43 +01:00
2018-10-24 19:02:13 +02:00
r = sd_event_source_set_time ( source , extended ) ;
if ( r < 0 ) {
const char * desc ;
( void ) sd_event_source_get_description ( s - > timer_event_source , & desc ) ;
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to set timeout time for even source '%s', ignoring %m " , strna ( desc ) ) ;
2017-12-14 12:17:43 +01:00
}
}
2018-10-24 19:02:13 +02:00
static void service_extend_timeout ( Service * s , usec_t extend_timeout_usec ) {
usec_t extended ;
assert ( s ) ;
if ( IN_SET ( extend_timeout_usec , 0 , USEC_INFINITY ) )
return ;
extended = usec_add ( now ( CLOCK_MONOTONIC ) , extend_timeout_usec ) ;
service_extend_event_source_timeout ( s , s - > timer_event_source , extended ) ;
service_extend_event_source_timeout ( s , s - > watchdog_event_source , extended ) ;
}
2012-02-01 17:17:12 +01:00
static void service_reset_watchdog ( Service * s ) {
assert ( s ) ;
dual_timestamp_get ( & s - > watchdog_timestamp ) ;
2013-12-11 20:49:43 +01:00
service_start_watchdog ( s ) ;
2012-02-01 17:17:12 +01:00
}
2018-10-24 19:03:04 +02:00
static void service_override_watchdog_timeout ( Service * s , usec_t watchdog_override_usec ) {
2016-06-22 13:26:05 +02:00
assert ( s ) ;
s - > watchdog_override_enable = true ;
s - > watchdog_override_usec = watchdog_override_usec ;
service_reset_watchdog ( s ) ;
log_unit_debug ( UNIT ( s ) , " watchdog_usec= " USEC_FMT , s - > watchdog_usec ) ;
log_unit_debug ( UNIT ( s ) , " watchdog_override_usec= " USEC_FMT , s - > watchdog_override_usec ) ;
}
2015-01-06 00:26:25 +01:00
static void service_fd_store_unlink ( ServiceFDStore * fs ) {
if ( ! fs )
return ;
if ( fs - > service ) {
assert ( fs - > service - > n_fd_store > 0 ) ;
LIST_REMOVE ( fd_store , fs - > service - > fd_store , fs ) ;
fs - > service - > n_fd_store - - ;
}
2019-05-08 14:47:32 +02:00
sd_event_source_disable_unref ( fs - > event_source ) ;
2015-01-06 00:26:25 +01:00
2015-10-04 17:36:19 +02:00
free ( fs - > fdname ) ;
2015-01-06 00:26:25 +01:00
safe_close ( fs - > fd ) ;
free ( fs ) ;
}
2016-10-23 04:16:02 +02:00
static void service_release_fd_store ( Service * s ) {
assert ( s ) ;
2017-11-13 15:08:49 +01:00
if ( s - > n_keep_fd_store > 0 )
return ;
2016-10-23 04:16:02 +02:00
log_unit_debug ( UNIT ( s ) , " Releasing all stored fds " ) ;
while ( s - > fd_store )
service_fd_store_unlink ( s - > fd_store ) ;
assert ( s - > n_fd_store = = 0 ) ;
}
2017-11-13 15:08:49 +01:00
static void service_release_resources ( Unit * u ) {
2015-01-06 00:26:25 +01:00
Service * s = SERVICE ( u ) ;
assert ( s ) ;
2015-10-07 23:07:39 +02:00
if ( ! s - > fd_store & & s - > stdin_fd < 0 & & s - > stdout_fd < 0 & & s - > stderr_fd < 0 )
2015-01-06 00:26:25 +01:00
return ;
2016-10-23 04:16:02 +02:00
log_unit_debug ( u , " Releasing resources. " ) ;
2015-01-06 00:26:25 +01:00
2015-10-07 23:07:39 +02:00
s - > stdin_fd = safe_close ( s - > stdin_fd ) ;
s - > stdout_fd = safe_close ( s - > stdout_fd ) ;
s - > stderr_fd = safe_close ( s - > stderr_fd ) ;
2017-11-13 15:08:49 +01:00
service_release_fd_store ( s ) ;
2015-01-06 00:26:25 +01:00
}
2010-01-26 21:39:06 +01:00
static void service_done ( Unit * u ) {
Service * s = SERVICE ( u ) ;
2010-01-26 07:02:51 +01:00
assert ( s ) ;
2015-09-08 18:43:11 +02:00
s - > pid_file = mfree ( s - > pid_file ) ;
s - > status_text = mfree ( s - > status_text ) ;
2014-03-25 14:15:45 +01:00
2018-02-06 08:00:34 +01:00
s - > exec_runtime = exec_runtime_unref ( s - > exec_runtime , false ) ;
2010-04-10 17:53:17 +02:00
exec_command_free_array ( s - > exec_command , _SERVICE_EXEC_COMMAND_MAX ) ;
2010-01-26 07:02:51 +01:00
s - > control_command = NULL ;
2011-01-20 18:46:38 +01:00
s - > main_command = NULL ;
2010-01-26 07:02:51 +01:00
2016-07-14 12:37:28 +02:00
dynamic_creds_unref ( & s - > dynamic_creds ) ;
2014-07-03 12:47:40 +02:00
exit_status_set_free ( & s - > restart_prevent_status ) ;
exit_status_set_free ( & s - > restart_force_status ) ;
exit_status_set_free ( & s - > success_status ) ;
2012-08-13 13:58:01 +02:00
2010-01-26 07:02:51 +01:00
/* This will leak a process, but at least no memory or any of
* our resources */
2010-04-11 00:22:36 +02:00
service_unwatch_main_pid ( s ) ;
service_unwatch_control_pid ( s ) ;
2012-01-19 23:58:07 +01:00
service_unwatch_pid_file ( s ) ;
2010-01-26 07:02:51 +01:00
2010-04-15 23:16:16 +02:00
if ( s - > bus_name ) {
2012-01-15 12:04:08 +01:00
unit_unwatch_bus_name ( u , s - > bus_name ) ;
2015-09-08 18:43:11 +02:00
s - > bus_name = mfree ( s - > bus_name ) ;
2010-04-15 23:16:16 +02:00
}
core: fix bus name synchronization after daemon-reload
During daemon-reload, PID1 temporarly loses its DBus connection, so there's
a small window in which all signals sent by dbus-daemon are lost.
This is a problem, since we rely on the NameOwnerChanged signals in order to
consider a service with Type=dbus fully started or terminated, respectively.
In order to fix this, a rewrite of bus_list_names() is necessary. We used
to walk the current list of names on the bus, and blindly triggered the
bus_name_owner_change() callback on each service, providing the actual name
as current owner. This implementation has a number of problems:
* We cannot detect if the the name was moved from one owner to the other
while we were reloading
* We don't notify services which missed the name loss signal
* Providing the actual name as current owner is a hack, as the comment also
admits.
To fix this, this patch carries the following changes:
* Track the name of the current bus name owner, and (de-)serialize it
during reload. This way, we can detect changes.
* In bus_list_names(), walk the list of bus names we're interested in
first, and then see if the name is active on the bus. If it is,
check it it's still the same as it used to be, and synthesize
NameOwnerChanged signals for the name add and/or loss.
This should fully synchronize the current name list with the internal
state of all services.
2015-12-18 17:28:15 +01:00
s - > bus_name_owner = mfree ( s - > bus_name_owner ) ;
2018-03-15 11:42:00 +01:00
s - > usb_function_descriptors = mfree ( s - > usb_function_descriptors ) ;
s - > usb_function_strings = mfree ( s - > usb_function_strings ) ;
2010-04-15 06:19:54 +02:00
service_close_socket_fd ( s ) ;
2016-08-02 19:48:23 +02:00
s - > peer = socket_peer_unref ( s - > peer ) ;
2010-04-15 06:19:54 +02:00
2012-01-06 23:08:54 +01:00
unit_ref_unset ( & s - > accept_socket ) ;
2010-10-05 19:49:15 +02:00
2012-02-08 10:10:34 +01:00
service_stop_watchdog ( s ) ;
2013-11-19 21:12:59 +01:00
s - > timer_event_source = sd_event_source_unref ( s - > timer_event_source ) ;
2018-07-17 11:47:14 +02:00
s - > exec_fd_event_source = sd_event_source_unref ( s - > exec_fd_event_source ) ;
2015-01-06 00:26:25 +01:00
2017-11-13 15:08:49 +01:00
service_release_resources ( u ) ;
2013-11-19 21:12:59 +01:00
}
2015-01-07 01:18:13 +01:00
static int on_fd_store_io ( sd_event_source * e , int fd , uint32_t revents , void * userdata ) {
ServiceFDStore * fs = userdata ;
assert ( e ) ;
assert ( fs ) ;
/* If we get either EPOLLHUP or EPOLLERR, it's time to remove this entry from the fd store */
2016-10-23 02:01:37 +02:00
log_unit_debug ( UNIT ( fs - > service ) ,
" Received %s on stored fd %d (%s), closing. " ,
revents & EPOLLERR ? " EPOLLERR " : " EPOLLHUP " ,
fs - > fd , strna ( fs - > fdname ) ) ;
2015-01-07 01:18:13 +01:00
service_fd_store_unlink ( fs ) ;
return 0 ;
}
2020-04-08 20:19:30 +02:00
static int service_add_fd_store ( Service * s , int fd , const char * name , bool do_poll ) {
2015-01-07 01:18:13 +01:00
ServiceFDStore * fs ;
int r ;
2016-10-23 00:53:24 +02:00
/* fd is always consumed if we return >= 0 */
2015-01-07 01:18:13 +01:00
assert ( s ) ;
assert ( fd > = 0 ) ;
if ( s - > n_fd_store > = s - > n_fd_store_max )
2016-11-02 20:00:54 +01:00
return - EXFULL ; /* Our store is full.
* Use this errno rather than E [ NM ] FILE to distinguish from
* the case where systemd itself hits the file limit . */
2015-01-07 01:18:13 +01:00
LIST_FOREACH ( fd_store , fs , s - > fd_store ) {
r = same_fd ( fs - > fd , fd ) ;
if ( r < 0 )
return r ;
if ( r > 0 ) {
safe_close ( fd ) ;
2016-10-23 00:53:24 +02:00
return 0 ; /* fd already included */
2015-01-07 01:18:13 +01:00
}
}
2020-05-26 14:31:34 +02:00
fs = new ( ServiceFDStore , 1 ) ;
2015-01-07 01:18:13 +01:00
if ( ! fs )
return - ENOMEM ;
2020-05-26 14:31:34 +02:00
* fs = ( ServiceFDStore ) {
. fd = fd ,
. service = s ,
. do_poll = do_poll ,
. fdname = strdup ( name ? : " stored " ) ,
} ;
2015-10-07 10:55:31 +02:00
if ( ! fs - > fdname ) {
free ( fs ) ;
2015-10-04 17:36:19 +02:00
return - ENOMEM ;
2015-10-07 10:55:31 +02:00
}
2015-01-07 01:18:13 +01:00
2020-04-08 20:19:30 +02:00
if ( do_poll ) {
r = sd_event_add_io ( UNIT ( s ) - > manager - > event , & fs - > event_source , fd , 0 , on_fd_store_io , fs ) ;
if ( r < 0 & & r ! = - EPERM ) { /* EPERM indicates fds that aren't pollable, which is OK */
free ( fs - > fdname ) ;
free ( fs ) ;
return r ;
} else if ( r > = 0 )
( void ) sd_event_source_set_description ( fs - > event_source , " service-fd-store " ) ;
}
2015-04-29 16:05:32 +02:00
2015-01-07 01:18:13 +01:00
LIST_PREPEND ( fd_store , s - > fd_store , fs ) ;
s - > n_fd_store + + ;
2016-10-23 00:53:24 +02:00
return 1 ; /* fd newly stored */
2015-01-07 01:18:13 +01:00
}
2020-04-08 20:19:30 +02:00
static int service_add_fd_store_set ( Service * s , FDSet * fds , const char * name , bool do_poll ) {
2015-01-07 01:18:13 +01:00
int r ;
assert ( s ) ;
2016-11-02 20:00:54 +01:00
while ( fdset_size ( fds ) > 0 ) {
2015-01-07 01:18:13 +01:00
_cleanup_close_ int fd = - 1 ;
fd = fdset_steal_first ( fds ) ;
if ( fd < 0 )
break ;
2020-04-08 20:19:30 +02:00
r = service_add_fd_store ( s , fd , name , do_poll ) ;
2016-11-02 20:00:54 +01:00
if ( r = = - EXFULL )
return log_unit_warning_errno ( UNIT ( s ) , r ,
" Cannot store more fds than FileDescriptorStoreMax=%u, closing remaining. " ,
s - > n_fd_store_max ) ;
2015-01-07 01:18:13 +01:00
if ( r < 0 )
2016-11-02 20:00:54 +01:00
return log_unit_error_errno ( UNIT ( s ) , r , " Failed to add fd to store: %m " ) ;
2016-10-23 00:53:24 +02:00
if ( r > 0 )
2016-10-23 02:01:37 +02:00
log_unit_debug ( UNIT ( s ) , " Added fd %u (%s) to fd store. " , fd , strna ( name ) ) ;
2016-10-23 00:53:24 +02:00
fd = - 1 ;
2015-01-07 01:18:13 +01:00
}
return 0 ;
}
2017-11-13 18:26:04 +01:00
static void service_remove_fd_store ( Service * s , const char * name ) {
ServiceFDStore * fs , * n ;
assert ( s ) ;
assert ( name ) ;
LIST_FOREACH_SAFE ( fd_store , fs , n , s - > fd_store ) {
if ( ! streq ( fs - > fdname , name ) )
continue ;
log_unit_debug ( UNIT ( s ) , " Got explicit request to remove fd %i (%s), closing. " , fs - > fd , name ) ;
service_fd_store_unlink ( fs ) ;
}
}
2013-11-19 21:12:59 +01:00
static int service_arm_timer ( Service * s , usec_t usec ) {
int r ;
assert ( s ) ;
if ( s - > timer_event_source ) {
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
r = sd_event_source_set_time ( s - > timer_event_source , usec ) ;
2013-11-19 21:12:59 +01:00
if ( r < 0 )
return r ;
return sd_event_source_set_enabled ( s - > timer_event_source , SD_EVENT_ONESHOT ) ;
}
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( usec = = USEC_INFINITY )
return 0 ;
2015-04-29 16:05:32 +02:00
r = sd_event_add_time (
2014-03-24 02:49:09 +01:00
UNIT ( s ) - > manager - > event ,
& s - > timer_event_source ,
CLOCK_MONOTONIC ,
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
usec , 0 ,
2014-03-24 02:49:09 +01:00
service_dispatch_timer , s ) ;
2015-04-29 16:05:32 +02:00
if ( r < 0 )
return r ;
( void ) sd_event_source_set_description ( s - > timer_event_source , " service-timer " ) ;
return 0 ;
2010-01-26 07:02:51 +01:00
}
2010-04-13 04:00:03 +02:00
static int service_verify ( Service * s ) {
assert ( s ) ;
2019-10-11 10:53:54 +02:00
assert ( UNIT ( s ) - > load_state = = UNIT_LOADED ) ;
2010-04-13 04:00:03 +02:00
2018-10-16 15:07:42 +02:00
if ( ! s - > exec_command [ SERVICE_EXEC_START ] & & ! s - > exec_command [ SERVICE_EXEC_STOP ]
& & UNIT ( s ) - > success_action = = EMERGENCY_ACTION_NONE ) {
/* FailureAction= only makes sense if one of the start or stop commands is specified.
* SuccessAction = will be executed unconditionally if no commands are specified . Hence ,
* either a command or SuccessAction = are required . */
log_unit_error ( UNIT ( s ) , " Service has no ExecStart=, ExecStop=, or SuccessAction=. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2010-04-13 04:00:03 +02:00
}
2014-08-21 18:50:42 +02:00
if ( s - > type ! = SERVICE_ONESHOT & & ! s - > exec_command [ SERVICE_EXEC_START ] ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_error ( UNIT ( s ) , " Service has no ExecStart= setting, which is only allowed for Type=oneshot services. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2014-08-21 18:50:42 +02:00
}
2018-10-16 15:07:42 +02:00
if ( ! s - > remain_after_exit & & ! s - > exec_command [ SERVICE_EXEC_START ] & & UNIT ( s ) - > success_action = = EMERGENCY_ACTION_NONE ) {
log_unit_error ( UNIT ( s ) , " Service has no ExecStart= and no SuccessAction= settings and does not have RemainAfterExit=yes set. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2014-08-21 18:50:42 +02:00
}
if ( s - > type ! = SERVICE_ONESHOT & & s - > exec_command [ SERVICE_EXEC_START ] - > command_next ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_error ( UNIT ( s ) , " Service has more than one ExecStart= setting, which is only allowed for Type=oneshot services. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2010-06-19 04:25:28 +02:00
}
2019-10-09 00:04:29 +02:00
if ( s - > type = = SERVICE_ONESHOT
& & ! IN_SET ( s - > restart , SERVICE_RESTART_NO , SERVICE_RESTART_ON_FAILURE , SERVICE_RESTART_ON_ABNORMAL , SERVICE_RESTART_ON_WATCHDOG , SERVICE_RESTART_ON_ABORT ) ) {
log_unit_error ( UNIT ( s ) , " Service has Restart= set to either always or on-success, which isn't allowed for Type=oneshot services. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2014-07-03 12:47:40 +02:00
}
2014-07-03 15:50:31 +02:00
if ( s - > type = = SERVICE_ONESHOT & & ! exit_status_set_is_empty ( & s - > restart_force_status ) ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_error ( UNIT ( s ) , " Service has RestartForceStatus= set, which isn't allowed for Type=oneshot services. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2013-08-09 12:54:10 +02:00
}
2010-04-15 23:16:16 +02:00
if ( s - > type = = SERVICE_DBUS & & ! s - > bus_name ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_error ( UNIT ( s ) , " Service is of type D-Bus but no D-Bus service name has been specified. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2010-06-19 16:57:54 +02:00
}
2012-05-03 14:42:49 +02:00
if ( s - > bus_name & & s - > type ! = SERVICE_DBUS )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " Service has a D-Bus service name specified, but is not of type dbus. Ignoring. " ) ;
2012-05-03 14:42:49 +02:00
2017-09-29 00:37:23 +02:00
if ( s - > exec_context . pam_name & & ! IN_SET ( s - > kill_context . kill_mode , KILL_CONTROL_GROUP , KILL_MIXED ) ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_error ( UNIT ( s ) , " Service has PAM enabled. Kill mode must be set to 'control-group' or 'mixed'. Refusing. " ) ;
2018-06-01 18:06:54 +02:00
return - ENOEXEC ;
2010-04-15 23:16:16 +02:00
}
2015-09-04 12:23:51 +02:00
if ( s - > usb_function_descriptors & & ! s - > usb_function_strings )
log_unit_warning ( UNIT ( s ) , " Service has USBFunctionDescriptors= setting, but no USBFunctionStrings=. Ignoring. " ) ;
if ( ! s - > usb_function_descriptors & & s - > usb_function_strings )
log_unit_warning ( UNIT ( s ) , " Service has USBFunctionStrings= setting, but no USBFunctionDescriptors=. Ignoring. " ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( s - > runtime_max_usec ! = USEC_INFINITY & & s - > type = = SERVICE_ONESHOT )
2019-06-12 09:24:45 +02:00
log_unit_warning ( UNIT ( s ) , " RuntimeMaxSec= has no effect in combination with Type=oneshot. Ignoring. " ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
2010-04-13 04:00:03 +02:00
return 0 ;
}
2010-07-03 19:48:33 +02:00
static int service_add_default_dependencies ( Service * s ) {
int r ;
assert ( s ) ;
2015-11-11 20:39:41 +01:00
if ( ! UNIT ( s ) - > default_dependencies )
return 0 ;
2010-07-03 19:48:33 +02:00
/* Add a number of automatic dependencies useful for the
* majority of services . */
2016-02-24 21:24:23 +01:00
if ( MANAGER_IS_SYSTEM ( UNIT ( s ) - > manager ) ) {
2015-11-11 16:22:25 +01:00
/* First, pull in the really early boot stuff, and
* require it , so that we fail if we can ' t acquire
* it . */
2018-09-15 20:02:00 +02:00
r = unit_add_two_dependencies_by_name ( UNIT ( s ) , UNIT_AFTER , UNIT_REQUIRES , SPECIAL_SYSINIT_TARGET , true , UNIT_DEPENDENCY_DEFAULT ) ;
2015-11-11 16:22:25 +01:00
if ( r < 0 )
return r ;
} else {
/* In the --user instance there's no sysinit.target,
* in that case require basic . target instead . */
2018-09-15 19:57:52 +02:00
r = unit_add_dependency_by_name ( UNIT ( s ) , UNIT_REQUIRES , SPECIAL_BASIC_TARGET , true , UNIT_DEPENDENCY_DEFAULT ) ;
2015-11-11 16:22:25 +01:00
if ( r < 0 )
return r ;
}
/* Second, if the rest of the base system is in the same
* transaction , order us after it , but do not pull it in or
* even require it . */
2018-09-15 19:57:52 +02:00
r = unit_add_dependency_by_name ( UNIT ( s ) , UNIT_AFTER , SPECIAL_BASIC_TARGET , true , UNIT_DEPENDENCY_DEFAULT ) ;
2014-01-06 04:52:17 +01:00
if ( r < 0 )
return r ;
2010-07-03 19:48:33 +02:00
2015-11-11 16:22:25 +01:00
/* Third, add us in for normal shutdown. */
2018-09-15 20:02:00 +02:00
return unit_add_two_dependencies_by_name ( UNIT ( s ) , UNIT_BEFORE , UNIT_CONFLICTS , SPECIAL_SHUTDOWN_TARGET , true , UNIT_DEPENDENCY_DEFAULT ) ;
2010-07-03 19:48:33 +02:00
}
2020-01-17 12:41:53 +01:00
static void service_fix_stdio ( Service * s ) {
2011-09-22 03:29:51 +02:00
assert ( s ) ;
2020-01-17 12:41:53 +01:00
/* Note that EXEC_INPUT_NULL and EXEC_OUTPUT_INHERIT play a special role here: they are both the
* default value that is subject to automatic overriding triggered by other settings and an explicit
2020-04-16 17:50:21 +02:00
* choice the user can make . We don ' t distinguish between these cases currently . */
2020-01-17 12:41:53 +01:00
if ( s - > exec_context . std_input = = EXEC_INPUT_NULL & &
s - > exec_context . stdin_data_size > 0 )
s - > exec_context . std_input = EXEC_INPUT_DATA ;
if ( IN_SET ( s - > exec_context . std_input ,
EXEC_INPUT_TTY ,
EXEC_INPUT_TTY_FORCE ,
EXEC_INPUT_TTY_FAIL ,
EXEC_INPUT_SOCKET ,
EXEC_INPUT_NAMED_FD ) )
return ;
/* We assume these listed inputs refer to bidirectional streams, and hence duplicating them from
* stdin to stdout / stderr makes sense and hence leaving EXEC_OUTPUT_INHERIT in place makes sense ,
* too . Outputs such as regular files or sealed data memfds otoh don ' t really make sense to be
* duplicated for both input and output at the same time ( since they then would cause a feedback
* loop ) , hence override EXEC_OUTPUT_INHERIT with the default stderr / stdout setting . */
2011-09-22 03:29:51 +02:00
if ( s - > exec_context . std_error = = EXEC_OUTPUT_INHERIT & &
2020-01-17 12:41:53 +01:00
s - > exec_context . std_output = = EXEC_OUTPUT_INHERIT )
2012-01-15 12:25:20 +01:00
s - > exec_context . std_error = UNIT ( s ) - > manager - > default_std_error ;
2011-09-22 03:29:51 +02:00
2020-01-17 12:41:53 +01:00
if ( s - > exec_context . std_output = = EXEC_OUTPUT_INHERIT )
2012-01-15 12:25:20 +01:00
s - > exec_context . std_output = UNIT ( s ) - > manager - > default_std_output ;
2011-09-22 03:29:51 +02:00
}
2015-11-11 20:39:41 +01:00
static int service_setup_bus_name ( Service * s ) {
int r ;
assert ( s ) ;
if ( ! s - > bus_name )
return 0 ;
2018-09-15 19:57:52 +02:00
r = unit_add_dependency_by_name ( UNIT ( s ) , UNIT_REQUIRES , SPECIAL_DBUS_SOCKET , true , UNIT_DEPENDENCY_FILE ) ;
2016-06-10 15:50:16 +02:00
if ( r < 0 )
return log_unit_error_errno ( UNIT ( s ) , r , " Failed to add dependency on " SPECIAL_DBUS_SOCKET " : %m " ) ;
2015-11-11 20:39:41 +01:00
2017-07-23 17:45:57 +02:00
/* We always want to be ordered against dbus.socket if both are in the transaction. */
2018-09-15 19:57:52 +02:00
r = unit_add_dependency_by_name ( UNIT ( s ) , UNIT_AFTER , SPECIAL_DBUS_SOCKET , true , UNIT_DEPENDENCY_FILE ) ;
2015-11-11 20:39:41 +01:00
if ( r < 0 )
2015-11-12 08:23:21 +01:00
return log_unit_error_errno ( UNIT ( s ) , r , " Failed to add dependency on " SPECIAL_DBUS_SOCKET " : %m " ) ;
2015-11-11 20:39:41 +01:00
r = unit_watch_bus_name ( UNIT ( s ) , s - > bus_name ) ;
if ( r = = - EEXIST )
return log_unit_error_errno ( UNIT ( s ) , r , " Two services allocated for the same bus name %s, refusing operation. " , s - > bus_name ) ;
if ( r < 0 )
return log_unit_error_errno ( UNIT ( s ) , r , " Cannot watch bus name %s: %m " , s - > bus_name ) ;
return 0 ;
}
2015-01-07 22:08:25 +01:00
static int service_add_extras ( Service * s ) {
int r ;
assert ( s ) ;
if ( s - > type = = _SERVICE_TYPE_INVALID ) {
/* Figure out a type automatically */
if ( s - > bus_name )
s - > type = SERVICE_DBUS ;
else if ( s - > exec_command [ SERVICE_EXEC_START ] )
s - > type = SERVICE_SIMPLE ;
else
s - > type = SERVICE_ONESHOT ;
}
/* Oneshot services have disabled start timeout by default */
if ( s - > type = = SERVICE_ONESHOT & & ! s - > start_timeout_defined )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
s - > timeout_start_usec = USEC_INFINITY ;
2015-01-07 22:08:25 +01:00
2020-01-17 12:41:53 +01:00
service_fix_stdio ( s ) ;
2015-01-07 22:08:25 +01:00
r = unit_patch_contexts ( UNIT ( s ) ) ;
if ( r < 0 )
return r ;
r = unit_add_exec_dependencies ( UNIT ( s ) , & s - > exec_context ) ;
if ( r < 0 )
return r ;
2015-08-28 17:36:39 +02:00
r = unit_set_default_slice ( UNIT ( s ) ) ;
2015-01-07 22:08:25 +01:00
if ( r < 0 )
return r ;
2018-05-14 16:45:09 +02:00
/* If the service needs the notify socket, let's enable it automatically. */
if ( s - > notify_access = = NOTIFY_NONE & &
( s - > type = = SERVICE_NOTIFY | | s - > watchdog_usec > 0 | | s - > n_fd_store_max > 0 ) )
2015-01-07 22:08:25 +01:00
s - > notify_access = NOTIFY_MAIN ;
2019-03-19 19:05:19 +01:00
/* If no OOM policy was explicitly set, then default to the configure default OOM policy. Except when
* delegation is on , in that case it we assume the payload knows better what to do and can process
2019-04-27 02:22:40 +02:00
* things in a more focused way . */
2019-03-19 19:05:19 +01:00
if ( s - > oom_policy < 0 )
s - > oom_policy = s - > cgroup_context . delegate ? OOM_CONTINUE : UNIT ( s ) - > manager - > default_oom_policy ;
/* Let the kernel do the killing if that's requested. */
s - > cgroup_context . memory_oom_group = s - > oom_policy = = OOM_KILL ;
2015-11-11 20:39:41 +01:00
r = service_add_default_dependencies ( s ) ;
if ( r < 0 )
return r ;
2015-01-07 22:08:25 +01:00
2015-11-11 20:39:41 +01:00
r = service_setup_bus_name ( s ) ;
if ( r < 0 )
return r ;
2015-01-07 22:08:25 +01:00
return 0 ;
}
2010-04-10 17:53:17 +02:00
static int service_load ( Unit * u ) {
Service * s = SERVICE ( u ) ;
2014-08-21 16:19:25 +02:00
int r ;
2010-04-10 17:53:17 +02:00
2019-10-11 10:53:54 +02:00
r = unit_load_fragment_and_dropin ( u , true ) ;
2013-06-28 04:12:58 +02:00
if ( r < 0 )
2010-01-23 01:52:57 +01:00
return r ;
2019-10-11 10:53:54 +02:00
if ( u - > load_state ! = UNIT_LOADED )
return 0 ;
2010-01-26 04:18:44 +01:00
2010-04-06 02:43:58 +02:00
/* This is a new unit? Then let's add in some extras */
2019-10-11 10:53:54 +02:00
r = service_add_extras ( s ) ;
if ( r < 0 )
return r ;
2010-03-31 16:29:55 +02:00
2010-04-13 04:00:03 +02:00
return service_verify ( s ) ;
2010-01-26 04:18:44 +01:00
}
2010-01-26 21:39:06 +01:00
static void service_dump ( Unit * u , FILE * f , const char * prefix ) {
2019-04-01 18:48:20 +02:00
char buf_restart [ FORMAT_TIMESPAN_MAX ] , buf_start [ FORMAT_TIMESPAN_MAX ] , buf_stop [ FORMAT_TIMESPAN_MAX ] ,
2019-08-25 10:47:57 +02:00
buf_runtime [ FORMAT_TIMESPAN_MAX ] , buf_watchdog [ FORMAT_TIMESPAN_MAX ] , buf_abort [ FORMAT_TIMESPAN_MAX ] ;
2010-01-23 01:52:57 +01:00
ServiceExecCommand c ;
2010-01-26 21:39:06 +01:00
Service * s = SERVICE ( u ) ;
2010-02-03 14:21:48 +01:00
const char * prefix2 ;
2010-01-23 01:52:57 +01:00
assert ( s ) ;
2014-08-21 16:15:49 +02:00
prefix = strempty ( prefix ) ;
2015-02-03 02:05:59 +01:00
prefix2 = strjoina ( prefix , " \t " ) ;
2010-01-26 07:02:51 +01:00
2010-01-23 01:52:57 +01:00
fprintf ( f ,
2010-02-14 22:43:08 +01:00
" %sService State: %s \n "
2012-02-03 02:01:35 +01:00
" %sResult: %s \n "
" %sReload Result: %s \n "
2019-04-01 18:48:20 +02:00
" %sClean Result: %s \n "
2010-02-14 22:43:08 +01:00
" %sPermissionsStartOnly: %s \n "
2010-03-31 16:29:55 +02:00
" %sRootDirectoryStartOnly: %s \n "
2010-08-17 19:37:36 +02:00
" %sRemainAfterExit: %s \n "
2011-02-13 18:51:30 +01:00
" %sGuessMainPID: %s \n "
2010-06-18 23:12:48 +02:00
" %sType: %s \n "
2010-08-09 17:03:46 +02:00
" %sRestart: %s \n "
2014-08-21 17:03:15 +02:00
" %sNotifyAccess: %s \n "
2019-03-19 19:05:19 +01:00
" %sNotifyState: %s \n "
" %sOOMPolicy: %s \n " ,
2010-02-14 22:43:08 +01:00
prefix , service_state_to_string ( s - > state ) ,
2012-02-03 02:01:35 +01:00
prefix , service_result_to_string ( s - > result ) ,
prefix , service_result_to_string ( s - > reload_result ) ,
2019-04-01 18:48:20 +02:00
prefix , service_result_to_string ( s - > clean_result ) ,
2010-02-14 22:43:08 +01:00
prefix , yes_no ( s - > permissions_start_only ) ,
2010-03-31 16:29:55 +02:00
prefix , yes_no ( s - > root_directory_start_only ) ,
2010-08-17 19:37:36 +02:00
prefix , yes_no ( s - > remain_after_exit ) ,
2011-02-13 18:51:30 +01:00
prefix , yes_no ( s - > guess_main_pid ) ,
2010-06-18 23:12:48 +02:00
prefix , service_type_to_string ( s - > type ) ,
2010-08-09 17:03:46 +02:00
prefix , service_restart_to_string ( s - > restart ) ,
2014-08-21 17:03:15 +02:00
prefix , notify_access_to_string ( s - > notify_access ) ,
2019-03-19 19:05:19 +01:00
prefix , notify_state_to_string ( s - > notify_state ) ,
prefix , oom_policy_to_string ( s - > oom_policy ) ) ;
2010-01-23 01:52:57 +01:00
2010-04-08 03:48:27 +02:00
if ( s - > control_pid > 0 )
fprintf ( f ,
2013-12-30 23:22:26 +01:00
" %sControl PID: " PID_FMT " \n " ,
prefix , s - > control_pid ) ;
2010-04-08 03:48:27 +02:00
if ( s - > main_pid > 0 )
fprintf ( f ,
2013-12-30 23:22:26 +01:00
" %sMain PID: " PID_FMT " \n "
2011-04-28 04:56:53 +02:00
" %sMain PID Known: %s \n "
" %sMain PID Alien: %s \n " ,
2013-12-30 23:22:26 +01:00
prefix , s - > main_pid ,
2011-04-28 04:56:53 +02:00
prefix , yes_no ( s - > main_pid_known ) ,
prefix , yes_no ( s - > main_pid_alien ) ) ;
2010-04-08 03:48:27 +02:00
2010-01-26 04:18:44 +01:00
if ( s - > pid_file )
fprintf ( f ,
" %sPIDFile: %s \n " ,
prefix , s - > pid_file ) ;
2010-04-15 23:16:16 +02:00
if ( s - > bus_name )
fprintf ( f ,
" %sBusName: %s \n "
" %sBus Name Good: %s \n " ,
prefix , s - > bus_name ,
prefix , yes_no ( s - > bus_name_good ) ) ;
2016-08-05 05:26:31 +02:00
if ( UNIT_ISSET ( s - > accept_socket ) )
fprintf ( f ,
" %sAccept Socket: %s \n " ,
prefix , UNIT_DEREF ( s - > accept_socket ) - > id ) ;
2018-01-30 09:10:47 +01:00
fprintf ( f ,
" %sRestartSec: %s \n "
" %sTimeoutStartSec: %s \n "
2019-04-16 16:45:20 +02:00
" %sTimeoutStopSec: %s \n "
" %sTimeoutStartFailureMode: %s \n "
" %sTimeoutStopFailureMode: %s \n " ,
2018-01-30 09:10:47 +01:00
prefix , format_timespan ( buf_restart , sizeof ( buf_restart ) , s - > restart_usec , USEC_PER_SEC ) ,
prefix , format_timespan ( buf_start , sizeof ( buf_start ) , s - > timeout_start_usec , USEC_PER_SEC ) ,
2019-04-16 16:45:20 +02:00
prefix , format_timespan ( buf_stop , sizeof ( buf_stop ) , s - > timeout_stop_usec , USEC_PER_SEC ) ,
prefix , service_timeout_failure_mode_to_string ( s - > timeout_start_failure_mode ) ,
prefix , service_timeout_failure_mode_to_string ( s - > timeout_stop_failure_mode ) ) ;
2019-04-14 13:47:13 +02:00
if ( s - > timeout_abort_set )
fprintf ( f ,
" %sTimeoutAbortSec: %s \n " ,
prefix , format_timespan ( buf_abort , sizeof ( buf_abort ) , s - > timeout_abort_usec , USEC_PER_SEC ) ) ;
fprintf ( f ,
" %sRuntimeMaxSec: %s \n "
" %sWatchdogSec: %s \n " ,
2018-01-30 09:10:47 +01:00
prefix , format_timespan ( buf_runtime , sizeof ( buf_runtime ) , s - > runtime_max_usec , USEC_PER_SEC ) ,
prefix , format_timespan ( buf_watchdog , sizeof ( buf_watchdog ) , s - > watchdog_usec , USEC_PER_SEC ) ) ;
2012-07-19 23:47:10 +02:00
kill_context_dump ( & s - > kill_context , f , prefix ) ;
2010-01-23 01:52:57 +01:00
exec_context_dump ( & s - > exec_context , f , prefix ) ;
2010-04-10 17:53:17 +02:00
for ( c = 0 ; c < _SERVICE_EXEC_COMMAND_MAX ; c + + ) {
2010-01-23 01:52:57 +01:00
2010-01-26 07:02:51 +01:00
if ( ! s - > exec_command [ c ] )
continue ;
2010-04-23 20:25:55 +02:00
fprintf ( f , " %s-> %s: \n " ,
2010-01-30 01:55:42 +01:00
prefix , service_exec_command_to_string ( c ) ) ;
2010-01-26 07:02:51 +01:00
exec_command_dump_list ( s - > exec_command [ c ] , f , prefix2 ) ;
2010-01-23 01:52:57 +01:00
}
2010-01-26 07:02:51 +01:00
2010-06-16 05:10:31 +02:00
if ( s - > status_text )
fprintf ( f , " %sStatus Text: %s \n " ,
prefix , s - > status_text ) ;
2015-01-06 00:26:25 +01:00
2015-09-08 23:03:38 +02:00
if ( s - > n_fd_store_max > 0 )
2015-01-06 00:26:25 +01:00
fprintf ( f ,
" %sFile Descriptor Store Max: %u \n "
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
" %sFile Descriptor Store Current: %zu \n " ,
2015-01-06 00:26:25 +01:00
prefix , s - > n_fd_store_max ,
prefix , s - > n_fd_store ) ;
2017-09-05 19:20:29 +02:00
2019-10-03 14:21:29 +02:00
cgroup_context_dump ( UNIT ( s ) , f , prefix ) ;
2010-01-23 01:52:57 +01:00
}
2018-01-05 12:20:22 +01:00
static int service_is_suitable_main_pid ( Service * s , pid_t pid , int prio ) {
Unit * owner ;
assert ( s ) ;
assert ( pid_is_valid ( pid ) ) ;
/* Checks whether the specified PID is suitable as main PID for this service. returns negative if not, 0 if the
* PID is questionnable but should be accepted if the source of configuration is trusted . > 0 if the PID is
* good */
if ( pid = = getpid_cached ( ) | | pid = = 1 ) {
log_unit_full ( UNIT ( s ) , prio , 0 , " New main PID " PID_FMT " is the manager, refusing. " , pid ) ;
return - EPERM ;
}
if ( pid = = s - > control_pid ) {
log_unit_full ( UNIT ( s ) , prio , 0 , " New main PID " PID_FMT " is the control process, refusing. " , pid ) ;
return - EPERM ;
}
if ( ! pid_is_alive ( pid ) ) {
log_unit_full ( UNIT ( s ) , prio , 0 , " New main PID " PID_FMT " does not exist or is a zombie. " , pid ) ;
return - ESRCH ;
}
owner = manager_get_unit_by_pid ( UNIT ( s ) - > manager , pid ) ;
if ( owner = = UNIT ( s ) ) {
log_unit_debug ( UNIT ( s ) , " New main PID " PID_FMT " belongs to service, we are happy. " , pid ) ;
return 1 ; /* Yay, it's definitely a good PID */
}
return 0 ; /* Hmm it's a suspicious PID, let's accept it if configuration source is trusted */
}
2011-11-10 09:55:47 +01:00
static int service_load_pid_file ( Service * s , bool may_warn ) {
2018-01-05 12:20:22 +01:00
char procfs [ STRLEN ( " /proc/self/fd/ " ) + DECIMAL_STR_MAX ( int ) ] ;
2018-02-09 17:05:17 +01:00
bool questionable_pid_file = false ;
2013-04-18 09:11:22 +02:00
_cleanup_free_ char * k = NULL ;
2018-01-05 12:20:22 +01:00
_cleanup_close_ int fd = - 1 ;
int r , prio ;
2010-06-17 22:55:53 +02:00
pid_t pid ;
2010-01-26 04:18:44 +01:00
assert ( s ) ;
if ( ! s - > pid_file )
2011-09-21 02:25:17 +02:00
return - ENOENT ;
2010-01-26 04:18:44 +01:00
2018-01-05 12:20:22 +01:00
prio = may_warn ? LOG_INFO : LOG_DEBUG ;
2019-10-24 10:33:20 +02:00
r = chase_symlinks ( s - > pid_file , NULL , CHASE_SAFE , NULL , & fd ) ;
if ( r = = - ENOLINK ) {
log_unit_full ( UNIT ( s ) , LOG_DEBUG , r ,
" Potentially unsafe symlink chain, will now retry with relaxed checks: %s " , s - > pid_file ) ;
2018-02-09 17:05:17 +01:00
questionable_pid_file = true ;
2019-10-24 10:33:20 +02:00
r = chase_symlinks ( s - > pid_file , NULL , 0 , NULL , & fd ) ;
2018-02-09 17:05:17 +01:00
}
2019-10-24 10:33:20 +02:00
if ( r < 0 )
return log_unit_full ( UNIT ( s ) , prio , fd ,
" Can't open PID file %s (yet?) after %s: %m " , s - > pid_file , service_state_to_string ( s - > state ) ) ;
2018-01-05 12:20:22 +01:00
2019-10-24 10:33:20 +02:00
/* Let's read the PID file now that we chased it down. But we need to convert the O_PATH fd
* chase_symlinks ( ) returned us into a proper fd first . */
2018-01-05 12:20:22 +01:00
xsprintf ( procfs , " /proc/self/fd/%i " , fd ) ;
r = read_one_line_file ( procfs , & k ) ;
if ( r < 0 )
2019-10-24 10:33:20 +02:00
return log_unit_error_errno ( UNIT ( s ) , r ,
" Can't convert PID files %s O_PATH file descriptor to proper file descriptor: %m " ,
s - > pid_file ) ;
2010-01-26 04:18:44 +01:00
2010-06-17 22:55:53 +02:00
r = parse_pid ( k , & pid ) ;
2018-01-05 12:20:22 +01:00
if ( r < 0 )
return log_unit_full ( UNIT ( s ) , prio , r , " Failed to parse PID from file %s: %m " , s - > pid_file ) ;
if ( s - > main_pid_known & & pid = = s - > main_pid )
return 0 ;
r = service_is_suitable_main_pid ( s , pid , prio ) ;
if ( r < 0 )
2010-06-17 22:55:53 +02:00
return r ;
2018-01-05 12:20:22 +01:00
if ( r = = 0 ) {
struct stat st ;
2010-06-15 19:47:13 +02:00
2018-02-09 17:05:17 +01:00
if ( questionable_pid_file ) {
log_unit_error ( UNIT ( s ) , " Refusing to accept PID outside of service control group, acquired through unsafe symlink chain: %s " , s - > pid_file ) ;
return - EPERM ;
}
2018-01-05 12:20:22 +01:00
/* Hmm, it's not clear if the new main PID is safe. Let's allow this if the PID file is owned by root */
if ( fstat ( fd , & st ) < 0 )
return log_unit_error_errno ( UNIT ( s ) , errno , " Failed to fstat() PID file O_PATH fd: %m " ) ;
if ( st . st_uid ! = 0 ) {
log_unit_error ( UNIT ( s ) , " New main PID " PID_FMT " does not belong to service, and PID file is not owned by root. Refusing. " , pid ) ;
return - EPERM ;
}
log_unit_debug ( UNIT ( s ) , " New main PID " PID_FMT " does not belong to service, but we'll accept it since PID file is owned by root. " , pid ) ;
2014-02-14 19:38:50 +01:00
}
2011-09-20 21:43:30 +02:00
if ( s - > main_pid_known ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Main PID changing: " PID_FMT " -> " PID_FMT , s - > main_pid , pid ) ;
2014-08-21 16:19:25 +02:00
2011-09-20 21:43:30 +02:00
service_unwatch_main_pid ( s ) ;
s - > main_pid_known = false ;
2011-12-03 02:13:30 +01:00
} else
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Main PID loaded: " PID_FMT , pid ) ;
2011-09-20 21:43:30 +02:00
2013-03-02 14:28:58 +01:00
r = service_set_main_pid ( s , pid ) ;
if ( r < 0 )
2010-04-08 04:05:56 +02:00
return r ;
2019-03-18 20:59:36 +01:00
r = unit_watch_pid ( UNIT ( s ) , pid , false ) ;
2017-02-28 16:08:21 +01:00
if ( r < 0 ) /* FIXME: we need to do something here */
return log_unit_warning_errno ( UNIT ( s ) , r , " Failed to watch PID " PID_FMT " for service: %m " , pid ) ;
2010-01-26 04:18:44 +01:00
2018-01-05 12:20:22 +01:00
return 1 ;
2010-01-26 04:18:44 +01:00
}
2016-04-09 03:09:11 +02:00
static void service_search_main_pid ( Service * s ) {
core: unified cgroup hierarchy support
This patch set adds full support the new unified cgroup hierarchy logic
of modern kernels.
A new kernel command line option "systemd.unified_cgroup_hierarchy=1" is
added. If specified the unified hierarchy is mounted to /sys/fs/cgroup
instead of a tmpfs. No further hierarchies are mounted. The kernel
command line option defaults to off. We can turn it on by default as
soon as the kernel's APIs regarding this are stabilized (but even then
downstream distros might want to turn this off, as this will break any
tools that access cgroupfs directly).
It is possibly to choose for each boot individually whether the unified
or the legacy hierarchy is used. nspawn will by default provide the
legacy hierarchy to containers if the host is using it, and the unified
otherwise. However it is possible to run containers with the unified
hierarchy on a legacy host and vice versa, by setting the
$UNIFIED_CGROUP_HIERARCHY environment variable for nspawn to 1 or 0,
respectively.
The unified hierarchy provides reliable cgroup empty notifications for
the first time, via inotify. To make use of this we maintain one
manager-wide inotify fd, and each cgroup to it.
This patch also removes cg_delete() which is unused now.
On kernel 4.2 only the "memory" controller is compatible with the
unified hierarchy, hence that's the only controller systemd exposes when
booted in unified heirarchy mode.
This introduces a new enum for enumerating supported controllers, plus a
related enum for the mask bits mapping to it. The core is changed to
make use of this everywhere.
This moves PID 1 into a new "init.scope" implicit scope unit in the root
slice. This is necessary since on the unified hierarchy cgroups may
either contain subgroups or processes but not both. PID 1 hence has to
move out of the root cgroup (strictly speaking the root cgroup is the
only one where processes and subgroups are still allowed, but in order
to support containers nicey, we move PID 1 into the new scope in all
cases.) This new unit is also used on legacy hierarchy setups. It's
actually pretty useful on all systems, as it can then be used to filter
journal messages coming from PID 1, and so on.
The root slice ("-.slice") is now implicitly created and started (and
does not require a unit file on disk anymore), since
that's where "init.scope" is located and the slice needs to be started
before the scope can.
To check whether we are in unified or legacy hierarchy mode we use
statfs() on /sys/fs/cgroup. If the .f_type field reports tmpfs we are in
legacy mode, if it reports cgroupfs we are in unified mode.
This patch set carefuly makes sure that cgls and cgtop continue to work
as desired.
When invoking nspawn as a service it will implicitly create two
subcgroups in the cgroup it is using, one to move the nspawn process
into, the other to move the actual container processes into. This is
done because of the requirement that cgroups may either contain
processes or other subgroups.
2015-09-01 19:22:36 +02:00
pid_t pid = 0 ;
2010-10-27 03:16:49 +02:00
int r ;
assert ( s ) ;
2020-08-20 11:23:26 +02:00
/* If we know it anyway, don't ever fall back to unreliable
2011-02-13 18:51:30 +01:00
* heuristics */
2010-10-27 03:16:49 +02:00
if ( s - > main_pid_known )
2016-04-09 03:09:11 +02:00
return ;
2010-10-27 03:16:49 +02:00
2011-02-13 18:51:30 +01:00
if ( ! s - > guess_main_pid )
2016-04-09 03:09:11 +02:00
return ;
2011-02-13 18:51:30 +01:00
2010-10-27 03:16:49 +02:00
assert ( s - > main_pid < = 0 ) ;
2016-04-09 03:09:11 +02:00
if ( unit_search_main_pid ( UNIT ( s ) , & pid ) < 0 )
return ;
2010-10-27 03:16:49 +02:00
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Main PID guessed: " PID_FMT , pid ) ;
2016-04-09 03:09:11 +02:00
if ( service_set_main_pid ( s , pid ) < 0 )
return ;
2010-10-27 03:16:49 +02:00
2019-03-18 20:59:36 +01:00
r = unit_watch_pid ( UNIT ( s ) , pid , false ) ;
2016-04-09 03:09:11 +02:00
if ( r < 0 )
2010-10-27 03:16:49 +02:00
/* FIXME: we need to do something here */
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to watch PID " PID_FMT " from: %m " , pid ) ;
2010-10-27 03:16:49 +02:00
}
2010-01-26 04:18:44 +01:00
static void service_set_state ( Service * s , ServiceState state ) {
ServiceState old_state ;
2012-05-24 02:22:35 +02:00
const UnitActiveState * table ;
2013-12-11 20:49:43 +01:00
2010-01-23 01:52:57 +01:00
assert ( s ) ;
2018-11-27 20:15:45 +01:00
if ( s - > state ! = state )
bus_unit_send_pending_change_signal ( UNIT ( s ) , false ) ;
2012-05-24 02:22:35 +02:00
table = s - > type = = SERVICE_IDLE ? state_translation_table_idle : state_translation_table ;
2010-01-26 04:18:44 +01:00
old_state = s - > state ;
2010-01-23 01:52:57 +01:00
s - > state = state ;
2010-01-26 04:18:44 +01:00
2011-12-03 02:13:30 +01:00
service_unwatch_pid_file ( s ) ;
2013-12-11 20:49:43 +01:00
if ( ! IN_SET ( state ,
2019-06-29 02:02:30 +02:00
SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST ,
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
SERVICE_RUNNING ,
2013-12-11 20:49:43 +01:00
SERVICE_RELOAD ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ,
2019-04-01 18:48:20 +02:00
SERVICE_AUTO_RESTART ,
SERVICE_CLEANING ) )
2013-11-19 21:12:59 +01:00
s - > timer_event_source = sd_event_source_unref ( s - > timer_event_source ) ;
2010-01-26 04:18:44 +01:00
2013-12-11 20:49:43 +01:00
if ( ! IN_SET ( state ,
SERVICE_START , SERVICE_START_POST ,
SERVICE_RUNNING , SERVICE_RELOAD ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ) ) {
2010-04-11 00:22:36 +02:00
service_unwatch_main_pid ( s ) ;
2011-01-20 18:46:38 +01:00
s - > main_command = NULL ;
}
2010-01-26 04:18:44 +01:00
2013-12-11 20:49:43 +01:00
if ( ! IN_SET ( state ,
2019-06-29 02:02:30 +02:00
SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST ,
2013-12-11 20:49:43 +01:00
SERVICE_RELOAD ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ,
2019-04-01 18:48:20 +02:00
SERVICE_CLEANING ) ) {
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
2010-01-26 04:18:44 +01:00
s - > control_command = NULL ;
2010-04-21 03:27:44 +02:00
s - > control_command_id = _SERVICE_EXEC_COMMAND_INVALID ;
2010-04-10 17:53:17 +02:00
}
2010-01-26 04:18:44 +01:00
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
if ( IN_SET ( state , SERVICE_DEAD , SERVICE_FAILED , SERVICE_AUTO_RESTART ) ) {
2014-02-06 17:17:51 +01:00
unit_unwatch_all_pids ( UNIT ( s ) ) ;
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
unit_dequeue_rewatch_pids ( UNIT ( s ) ) ;
}
2014-02-06 17:17:51 +01:00
2013-12-11 20:49:43 +01:00
if ( ! IN_SET ( state ,
2019-06-29 02:02:30 +02:00
SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST ,
2013-12-11 20:49:43 +01:00
SERVICE_RUNNING , SERVICE_RELOAD ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ) & &
2016-04-29 11:36:00 +02:00
! ( state = = SERVICE_DEAD & & UNIT ( s ) - > job ) )
2010-04-15 06:19:54 +02:00
service_close_socket_fd ( s ) ;
2018-07-17 11:47:14 +02:00
if ( state ! = SERVICE_START )
s - > exec_fd_event_source = sd_event_source_unref ( s - > exec_fd_event_source ) ;
2013-12-12 03:03:03 +01:00
if ( ! IN_SET ( state , SERVICE_START_POST , SERVICE_RUNNING , SERVICE_RELOAD ) )
2012-02-01 17:17:12 +01:00
service_stop_watchdog ( s ) ;
2010-07-12 02:31:40 +02:00
/* For the inactive states unit_notify() will trim the cgroup,
* but for exit we have to do that ourselves . . . */
2016-02-24 21:36:09 +01:00
if ( state = = SERVICE_EXITED & & ! MANAGER_IS_RELOADING ( UNIT ( s ) - > manager ) )
core: unified cgroup hierarchy support
This patch set adds full support the new unified cgroup hierarchy logic
of modern kernels.
A new kernel command line option "systemd.unified_cgroup_hierarchy=1" is
added. If specified the unified hierarchy is mounted to /sys/fs/cgroup
instead of a tmpfs. No further hierarchies are mounted. The kernel
command line option defaults to off. We can turn it on by default as
soon as the kernel's APIs regarding this are stabilized (but even then
downstream distros might want to turn this off, as this will break any
tools that access cgroupfs directly).
It is possibly to choose for each boot individually whether the unified
or the legacy hierarchy is used. nspawn will by default provide the
legacy hierarchy to containers if the host is using it, and the unified
otherwise. However it is possible to run containers with the unified
hierarchy on a legacy host and vice versa, by setting the
$UNIFIED_CGROUP_HIERARCHY environment variable for nspawn to 1 or 0,
respectively.
The unified hierarchy provides reliable cgroup empty notifications for
the first time, via inotify. To make use of this we maintain one
manager-wide inotify fd, and each cgroup to it.
This patch also removes cg_delete() which is unused now.
On kernel 4.2 only the "memory" controller is compatible with the
unified hierarchy, hence that's the only controller systemd exposes when
booted in unified heirarchy mode.
This introduces a new enum for enumerating supported controllers, plus a
related enum for the mask bits mapping to it. The core is changed to
make use of this everywhere.
This moves PID 1 into a new "init.scope" implicit scope unit in the root
slice. This is necessary since on the unified hierarchy cgroups may
either contain subgroups or processes but not both. PID 1 hence has to
move out of the root cgroup (strictly speaking the root cgroup is the
only one where processes and subgroups are still allowed, but in order
to support containers nicey, we move PID 1 into the new scope in all
cases.) This new unit is also used on legacy hierarchy setups. It's
actually pretty useful on all systems, as it can then be used to filter
journal messages coming from PID 1, and so on.
The root slice ("-.slice") is now implicitly created and started (and
does not require a unit file on disk anymore), since
that's where "init.scope" is located and the slice needs to be started
before the scope can.
To check whether we are in unified or legacy hierarchy mode we use
statfs() on /sys/fs/cgroup. If the .f_type field reports tmpfs we are in
legacy mode, if it reports cgroupfs we are in unified mode.
This patch set carefuly makes sure that cgls and cgtop continue to work
as desired.
When invoking nspawn as a service it will implicitly create two
subcgroups in the cgroup it is using, one to move the nspawn process
into, the other to move the actual container processes into. This is
done because of the requirement that cgroups may either contain
processes or other subgroups.
2015-09-01 19:22:36 +02:00
unit_prune_cgroup ( UNIT ( s ) ) ;
2010-07-12 02:31:40 +02:00
2010-04-10 17:53:17 +02:00
if ( old_state ! = state )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Changed %s -> %s " , service_state_to_string ( old_state ) , service_state_to_string ( state ) ) ;
2010-01-27 04:31:52 +01:00
2018-06-01 19:06:19 +02:00
unit_notify ( UNIT ( s ) , table [ old_state ] , table [ state ] ,
( s - > reload_result = = SERVICE_SUCCESS ? 0 : UNIT_NOTIFY_RELOAD_FAILURE ) |
2019-06-29 02:02:30 +02:00
( s - > will_auto_restart ? UNIT_NOTIFY_WILL_AUTO_RESTART : 0 ) |
( s - > result = = SERVICE_SKIP_CONDITION ? UNIT_NOTIFY_SKIP_CONDITION : 0 ) ) ;
2010-01-26 04:18:44 +01:00
}
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
static usec_t service_coldplug_timeout ( Service * s ) {
assert ( s ) ;
switch ( s - > deserialized_state ) {
2019-06-29 02:02:30 +02:00
case SERVICE_CONDITION :
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
case SERVICE_START_PRE :
case SERVICE_START :
case SERVICE_START_POST :
case SERVICE_RELOAD :
return usec_add ( UNIT ( s ) - > state_change_timestamp . monotonic , s - > timeout_start_usec ) ;
case SERVICE_RUNNING :
return usec_add ( UNIT ( s ) - > active_enter_timestamp . monotonic , s - > runtime_max_usec ) ;
case SERVICE_STOP :
case SERVICE_STOP_SIGTERM :
case SERVICE_STOP_SIGKILL :
case SERVICE_STOP_POST :
case SERVICE_FINAL_SIGTERM :
case SERVICE_FINAL_SIGKILL :
return usec_add ( UNIT ( s ) - > state_change_timestamp . monotonic , s - > timeout_stop_usec ) ;
2017-11-29 07:43:44 +01:00
case SERVICE_STOP_WATCHDOG :
2019-04-16 16:45:20 +02:00
case SERVICE_FINAL_WATCHDOG :
2017-11-29 07:43:44 +01:00
return usec_add ( UNIT ( s ) - > state_change_timestamp . monotonic , service_timeout_abort_usec ( s ) ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
case SERVICE_AUTO_RESTART :
return usec_add ( UNIT ( s ) - > inactive_enter_timestamp . monotonic , s - > restart_usec ) ;
2019-04-01 18:48:20 +02:00
case SERVICE_CLEANING :
2019-08-25 10:47:57 +02:00
return usec_add ( UNIT ( s ) - > state_change_timestamp . monotonic , s - > exec_context . timeout_clean_usec ) ;
2019-04-01 18:48:20 +02:00
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
default :
return USEC_INFINITY ;
}
}
2015-04-24 15:27:19 +02:00
static int service_coldplug ( Unit * u ) {
2010-04-21 03:27:44 +02:00
Service * s = SERVICE ( u ) ;
int r ;
assert ( s ) ;
assert ( s - > state = = SERVICE_DEAD ) ;
2015-10-27 18:02:24 +01:00
if ( s - > deserialized_state = = s - > state )
return 0 ;
2013-07-01 00:03:57 +02:00
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
r = service_arm_timer ( s , service_coldplug_timeout ( s ) ) ;
if ( r < 0 )
return r ;
2014-02-06 17:17:51 +01:00
2015-10-27 18:02:24 +01:00
if ( s - > main_pid > 0 & &
pid_is_unwaited ( s - > main_pid ) & &
2018-01-22 17:51:53 +01:00
( IN_SET ( s - > deserialized_state ,
2015-10-27 18:02:24 +01:00
SERVICE_START , SERVICE_START_POST ,
SERVICE_RUNNING , SERVICE_RELOAD ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ) ) ) {
2019-03-18 20:59:36 +01:00
r = unit_watch_pid ( UNIT ( s ) , s - > main_pid , false ) ;
2015-10-27 18:02:24 +01:00
if ( r < 0 )
return r ;
}
2012-02-08 10:10:34 +01:00
2015-10-27 18:02:24 +01:00
if ( s - > control_pid > 0 & &
pid_is_unwaited ( s - > control_pid ) & &
IN_SET ( s - > deserialized_state ,
2019-06-29 02:02:30 +02:00
SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST ,
2015-10-27 18:02:24 +01:00
SERVICE_RELOAD ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ,
2019-04-01 18:48:20 +02:00
SERVICE_CLEANING ) ) {
2019-03-18 20:59:36 +01:00
r = unit_watch_pid ( UNIT ( s ) , s - > control_pid , false ) ;
2015-10-27 18:02:24 +01:00
if ( r < 0 )
return r ;
2010-04-21 03:27:44 +02:00
}
2013-11-22 19:17:52 +01:00
2019-04-01 18:48:20 +02:00
if ( ! IN_SET ( s - > deserialized_state , SERVICE_DEAD , SERVICE_FAILED , SERVICE_AUTO_RESTART , SERVICE_CLEANING ) ) {
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
( void ) unit_enqueue_rewatch_pids ( u ) ;
2016-07-14 12:37:28 +02:00
( void ) unit_setup_dynamic_creds ( u ) ;
2018-02-06 08:00:34 +01:00
( void ) unit_setup_exec_runtime ( u ) ;
}
2016-07-14 12:37:28 +02:00
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
if ( IN_SET ( s - > deserialized_state , SERVICE_START_POST , SERVICE_RUNNING , SERVICE_RELOAD ) )
service_start_watchdog ( s ) ;
2016-08-05 05:42:27 +02:00
if ( UNIT_ISSET ( s - > accept_socket ) ) {
Socket * socket = SOCKET ( UNIT_DEREF ( s - > accept_socket ) ) ;
if ( socket - > max_connections_per_source > 0 ) {
SocketPeer * peer ;
/* Make a best-effort attempt at bumping the connection count */
if ( socket_acquire_peer ( socket , s - > socket_fd , & peer ) > 0 ) {
socket_peer_unref ( s - > peer ) ;
s - > peer = peer ;
}
}
}
2015-10-27 18:02:24 +01:00
service_set_state ( s , s - > deserialized_state ) ;
2010-04-21 03:27:44 +02:00
return 0 ;
}
2018-07-05 09:56:54 +02:00
static int service_collect_fds (
Service * s ,
int * * fds ,
char * * * fd_names ,
size_t * n_socket_fds ,
size_t * n_storage_fds ) {
2017-06-08 15:41:26 +02:00
2015-10-04 17:36:19 +02:00
_cleanup_strv_free_ char * * rfd_names = NULL ;
2015-01-06 00:26:25 +01:00
_cleanup_free_ int * rfds = NULL ;
2018-07-05 09:56:54 +02:00
size_t rn_socket_fds = 0 , rn_storage_fds = 0 ;
2017-06-08 15:41:26 +02:00
int r ;
2010-01-26 07:02:51 +01:00
assert ( s ) ;
assert ( fds ) ;
2015-10-04 17:36:19 +02:00
assert ( fd_names ) ;
2017-05-12 11:32:53 +02:00
assert ( n_socket_fds ) ;
2018-07-05 09:56:54 +02:00
assert ( n_storage_fds ) ;
2010-01-26 07:02:51 +01:00
2015-10-04 17:36:19 +02:00
if ( s - > socket_fd > = 0 ) {
2010-06-19 04:25:28 +02:00
2015-10-04 17:36:19 +02:00
/* Pass the per-connection socket */
2012-01-06 23:08:54 +01:00
2015-10-04 17:36:19 +02:00
rfds = new ( int , 1 ) ;
if ( ! rfds )
return - ENOMEM ;
rfds [ 0 ] = s - > socket_fd ;
2012-01-06 23:08:54 +01:00
2018-10-31 17:03:50 +01:00
rfd_names = strv_new ( " connection " ) ;
2015-10-04 17:36:19 +02:00
if ( ! rfd_names )
return - ENOMEM ;
2010-01-26 07:02:51 +01:00
2017-06-08 15:41:26 +02:00
rn_socket_fds = 1 ;
2015-10-04 17:36:19 +02:00
} else {
Iterator i ;
core: track why unit dependencies came to be
This replaces the dependencies Set* objects by Hashmap* objects, where
the key is the depending Unit, and the value is a bitmask encoding why
the specific dependency was created.
The bitmask contains a number of different, defined bits, that indicate
why dependencies exist, for example whether they are created due to
explicitly configured deps in files, by udev rules or implicitly.
Note that memory usage is not increased by this change, even though we
store more information, as we manage to encode the bit mask inside the
value pointer each Hashmap entry contains.
Why this all? When we know how a dependency came to be, we can update
dependencies correctly when a configuration source changes but others
are left unaltered. Specifically:
1. We can fix UDEV_WANTS dependency generation: so far we kept adding
dependencies configured that way, but if a device lost such a
dependency we couldn't them again as there was no scheme for removing
of dependencies in place.
2. We can implement "pin-pointed" reload of unit files. If we know what
dependencies were created as result of configuration in a unit file,
then we know what to flush out when we want to reload it.
3. It's useful for debugging: "systemd-analyze dump" now shows
this information, helping substantially with understanding how
systemd's dependency tree came to be the way it came to be.
2017-10-25 20:46:01 +02:00
void * v ;
2015-10-04 17:36:19 +02:00
Unit * u ;
2010-01-26 07:02:51 +01:00
2015-10-04 17:36:19 +02:00
/* Pass all our configured sockets for singleton services */
2010-01-26 07:02:51 +01:00
core: track why unit dependencies came to be
This replaces the dependencies Set* objects by Hashmap* objects, where
the key is the depending Unit, and the value is a bitmask encoding why
the specific dependency was created.
The bitmask contains a number of different, defined bits, that indicate
why dependencies exist, for example whether they are created due to
explicitly configured deps in files, by udev rules or implicitly.
Note that memory usage is not increased by this change, even though we
store more information, as we manage to encode the bit mask inside the
value pointer each Hashmap entry contains.
Why this all? When we know how a dependency came to be, we can update
dependencies correctly when a configuration source changes but others
are left unaltered. Specifically:
1. We can fix UDEV_WANTS dependency generation: so far we kept adding
dependencies configured that way, but if a device lost such a
dependency we couldn't them again as there was no scheme for removing
of dependencies in place.
2. We can implement "pin-pointed" reload of unit files. If we know what
dependencies were created as result of configuration in a unit file,
then we know what to flush out when we want to reload it.
3. It's useful for debugging: "systemd-analyze dump" now shows
this information, helping substantially with understanding how
systemd's dependency tree came to be the way it came to be.
2017-10-25 20:46:01 +02:00
HASHMAP_FOREACH_KEY ( v , u , UNIT ( s ) - > dependencies [ UNIT_TRIGGERED_BY ] , i ) {
2015-10-04 17:36:19 +02:00
_cleanup_free_ int * cfds = NULL ;
Socket * sock ;
int cn_fds ;
2010-01-26 07:02:51 +01:00
2015-10-04 17:36:19 +02:00
if ( u - > type ! = UNIT_SOCKET )
continue ;
2010-01-26 07:02:51 +01:00
2015-10-04 17:36:19 +02:00
sock = SOCKET ( u ) ;
2015-01-06 00:26:25 +01:00
2015-10-04 17:36:19 +02:00
cn_fds = socket_collect_fds ( sock , & cfds ) ;
if ( cn_fds < 0 )
return cn_fds ;
2010-01-26 07:02:51 +01:00
2015-10-04 17:36:19 +02:00
if ( cn_fds < = 0 )
continue ;
2015-10-03 16:41:36 +02:00
2015-10-04 17:36:19 +02:00
if ( ! rfds ) {
2018-04-05 07:26:26 +02:00
rfds = TAKE_PTR ( cfds ) ;
2017-06-08 15:41:26 +02:00
rn_socket_fds = cn_fds ;
2015-10-04 17:36:19 +02:00
} else {
int * t ;
2018-02-27 19:09:22 +01:00
t = reallocarray ( rfds , rn_socket_fds + cn_fds , sizeof ( int ) ) ;
2015-10-04 17:36:19 +02:00
if ( ! t )
return - ENOMEM ;
2017-06-08 15:41:26 +02:00
memcpy ( t + rn_socket_fds , cfds , cn_fds * sizeof ( int ) ) ;
2015-10-04 17:36:19 +02:00
rfds = t ;
2017-06-08 15:41:26 +02:00
rn_socket_fds + = cn_fds ;
2015-10-04 17:36:19 +02:00
}
r = strv_extend_n ( & rfd_names , socket_fdname ( sock ) , cn_fds ) ;
if ( r < 0 )
return r ;
2010-01-26 07:02:51 +01:00
}
}
2015-01-06 00:26:25 +01:00
if ( s - > n_fd_store > 0 ) {
ServiceFDStore * fs ;
2018-07-05 09:56:54 +02:00
size_t n_fds ;
2015-10-04 17:36:19 +02:00
char * * nl ;
2015-01-06 00:26:25 +01:00
int * t ;
2018-02-27 19:09:22 +01:00
t = reallocarray ( rfds , rn_socket_fds + s - > n_fd_store , sizeof ( int ) ) ;
2015-01-06 00:26:25 +01:00
if ( ! t )
return - ENOMEM ;
rfds = t ;
2015-10-04 17:36:19 +02:00
2018-02-27 19:09:22 +01:00
nl = reallocarray ( rfd_names , rn_socket_fds + s - > n_fd_store + 1 , sizeof ( char * ) ) ;
2015-10-04 17:36:19 +02:00
if ( ! nl )
return - ENOMEM ;
rfd_names = nl ;
2017-06-08 15:41:26 +02:00
n_fds = rn_socket_fds ;
2015-10-04 17:36:19 +02:00
LIST_FOREACH ( fd_store , fs , s - > fd_store ) {
2017-06-08 15:41:26 +02:00
rfds [ n_fds ] = fs - > fd ;
rfd_names [ n_fds ] = strdup ( strempty ( fs - > fdname ) ) ;
if ( ! rfd_names [ n_fds ] )
2015-10-04 17:36:19 +02:00
return - ENOMEM ;
2017-06-08 15:41:26 +02:00
rn_storage_fds + + ;
n_fds + + ;
2015-10-04 17:36:19 +02:00
}
2017-06-08 15:41:26 +02:00
rfd_names [ n_fds ] = NULL ;
2015-01-06 00:26:25 +01:00
}
2018-04-05 07:26:26 +02:00
* fds = TAKE_PTR ( rfds ) ;
* fd_names = TAKE_PTR ( rfd_names ) ;
2017-05-12 11:32:53 +02:00
* n_socket_fds = rn_socket_fds ;
2017-06-08 15:41:26 +02:00
* n_storage_fds = rn_storage_fds ;
2010-01-27 22:41:57 +01:00
2017-06-08 15:41:26 +02:00
return 0 ;
2010-01-26 07:02:51 +01:00
}
2018-07-17 11:47:14 +02:00
static int service_allocate_exec_fd_event_source (
Service * s ,
int fd ,
sd_event_source * * ret_event_source ) {
_cleanup_ ( sd_event_source_unrefp ) sd_event_source * source = NULL ;
int r ;
assert ( s ) ;
assert ( fd > = 0 ) ;
assert ( ret_event_source ) ;
r = sd_event_add_io ( UNIT ( s ) - > manager - > event , & source , fd , 0 , service_dispatch_exec_io , s ) ;
if ( r < 0 )
return log_unit_error_errno ( UNIT ( s ) , r , " Failed to allocate exec_fd event source: %m " ) ;
/* This is a bit lower priority than SIGCHLD, as that carries a lot more interesting failure information */
r = sd_event_source_set_priority ( source , SD_EVENT_PRIORITY_NORMAL - 3 ) ;
if ( r < 0 )
return log_unit_error_errno ( UNIT ( s ) , r , " Failed to adjust priority of exec_fd event source: %m " ) ;
( void ) sd_event_source_set_description ( source , " service event_fd " ) ;
r = sd_event_source_set_io_fd_own ( source , true ) ;
if ( r < 0 )
return log_unit_error_errno ( UNIT ( s ) , r , " Failed to pass ownership of fd to event source: %m " ) ;
* ret_event_source = TAKE_PTR ( source ) ;
return 0 ;
}
static int service_allocate_exec_fd (
Service * s ,
sd_event_source * * ret_event_source ,
int * ret_exec_fd ) {
_cleanup_close_pair_ int p [ 2 ] = { - 1 , - 1 } ;
int r ;
assert ( s ) ;
assert ( ret_event_source ) ;
assert ( ret_exec_fd ) ;
if ( pipe2 ( p , O_CLOEXEC | O_NONBLOCK ) < 0 )
return log_unit_error_errno ( UNIT ( s ) , errno , " Failed to allocate exec_fd pipe: %m " ) ;
r = service_allocate_exec_fd_event_source ( s , p [ 0 ] , ret_event_source ) ;
if ( r < 0 )
return r ;
p [ 0 ] = - 1 ;
* ret_exec_fd = TAKE_FD ( p [ 1 ] ) ;
return 0 ;
}
2016-11-24 10:56:32 +01:00
static bool service_exec_needs_notify_socket ( Service * s , ExecFlags flags ) {
assert ( s ) ;
/* Notifications are accepted depending on the process and
* the access setting of the service :
* process : \ access : NONE MAIN EXEC ALL
* main no yes yes yes
* control no no yes yes
* other ( forked ) no no no yes */
if ( flags & EXEC_IS_CONTROL )
/* A control process */
return IN_SET ( s - > notify_access , NOTIFY_EXEC , NOTIFY_ALL ) ;
/* We only spawn main processes and control processes, so any
* process that is not a control process is a main process */
return s - > notify_access ! = NOTIFY_NONE ;
}
2010-02-14 22:43:08 +01:00
static int service_spawn (
Service * s ,
ExecCommand * c ,
2014-08-21 18:01:22 +02:00
usec_t timeout ,
2016-07-26 17:40:35 +02:00
ExecFlags flags ,
2010-02-14 22:43:08 +01:00
pid_t * _pid ) {
2018-11-08 06:08:10 +01:00
_cleanup_ ( exec_params_clear ) ExecParameters exec_params = {
2020-07-22 15:18:43 +02:00
. flags = flags ,
. stdin_fd = - 1 ,
. stdout_fd = - 1 ,
. stderr_fd = - 1 ,
. exec_fd = - 1 ,
2014-08-23 15:28:37 +02:00
} ;
2018-07-17 11:47:14 +02:00
_cleanup_ ( sd_event_source_unrefp ) sd_event_source * exec_fd_source = NULL ;
2020-07-22 15:18:43 +02:00
_cleanup_strv_free_ char * * final_env = NULL , * * our_env = NULL ;
size_t n_env = 0 ;
2017-11-17 16:43:08 +01:00
pid_t pid ;
2015-10-04 17:36:19 +02:00
int r ;
2010-01-26 04:18:44 +01:00
assert ( s ) ;
assert ( c ) ;
assert ( _pid ) ;
2018-11-16 20:19:07 +01:00
r = unit_prepare_exec ( UNIT ( s ) ) ; /* This realizes the cgroup, among other things */
2017-11-17 16:43:08 +01:00
if ( r < 0 )
return r ;
2016-07-26 17:53:07 +02:00
if ( flags & EXEC_IS_CONTROL ) {
/* If this is a control process, mask the permissions/chroot application if this is requested. */
if ( s - > permissions_start_only )
core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING
"Permissions" was a bit of a misnomer, as it suggests that UNIX file
permission bits are adjusted, which aren't really changed here. Instead,
this is about UNIX credentials such as users or groups, as well as
namespacing, hence let's use a more generic term here, without any
misleading reference to UNIX file permissions: "sandboxing", which shall
refer to all kinds of sandboxing technologies, including UID/GID
dropping, selinux relabelling, namespacing, seccomp, and so on.
2017-08-01 11:30:44 +02:00
exec_params . flags & = ~ EXEC_APPLY_SANDBOXING ;
2016-07-26 17:53:07 +02:00
if ( s - > root_directory_start_only )
exec_params . flags & = ~ EXEC_APPLY_CHROOT ;
}
2016-07-26 17:40:35 +02:00
if ( ( flags & EXEC_PASS_FDS ) | |
2010-06-19 04:25:28 +02:00
s - > exec_context . std_input = = EXEC_INPUT_SOCKET | |
s - > exec_context . std_output = = EXEC_OUTPUT_SOCKET | |
s - > exec_context . std_error = = EXEC_OUTPUT_SOCKET ) {
2020-07-22 15:18:43 +02:00
r = service_collect_fds ( s ,
& exec_params . fds ,
& exec_params . fd_names ,
& exec_params . n_socket_fds ,
& exec_params . n_storage_fds ) ;
2015-10-04 17:36:19 +02:00
if ( r < 0 )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
return r ;
2010-06-19 04:25:28 +02:00
2020-07-22 15:18:43 +02:00
log_unit_debug ( UNIT ( s ) , " Passing %zu fds to service " , exec_params . n_socket_fds + exec_params . n_storage_fds ) ;
2010-04-15 06:19:54 +02:00
}
2010-01-26 07:02:51 +01:00
2018-07-17 11:47:14 +02:00
if ( ! FLAGS_SET ( flags , EXEC_IS_CONTROL ) & & s - > type = = SERVICE_EXEC ) {
assert ( ! s - > exec_fd_event_source ) ;
2020-07-22 15:18:43 +02:00
r = service_allocate_exec_fd ( s , & exec_fd_source , & exec_params . exec_fd ) ;
2018-07-17 11:47:14 +02:00
if ( r < 0 )
return r ;
}
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
r = service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) , timeout ) ) ;
if ( r < 0 )
return r ;
2010-01-26 04:18:44 +01:00
2019-01-30 17:39:09 +01:00
our_env = new0 ( char * , 10 ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( ! our_env )
return - ENOMEM ;
2010-06-18 23:12:48 +02:00
2016-11-24 10:56:32 +01:00
if ( service_exec_needs_notify_socket ( s , flags ) )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( asprintf ( our_env + n_env + + , " NOTIFY_SOCKET=%s " , UNIT ( s ) - > manager - > notify_socket ) < 0 )
return - ENOMEM ;
2010-06-18 23:12:48 +02:00
2010-07-08 00:47:35 +02:00
if ( s - > main_pid > 0 )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( asprintf ( our_env + n_env + + , " MAINPID= " PID_FMT , s - > main_pid ) < 0 )
return - ENOMEM ;
2010-07-08 00:47:35 +02:00
2016-07-26 17:40:35 +02:00
if ( MANAGER_IS_USER ( UNIT ( s ) - > manager ) )
2017-07-20 16:19:18 +02:00
if ( asprintf ( our_env + n_env + + , " MANAGERPID= " PID_FMT , getpid_cached ( ) ) < 0 )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
return - ENOMEM ;
2012-10-18 01:18:50 +02:00
2019-01-30 17:39:09 +01:00
if ( s - > pid_file )
if ( asprintf ( our_env + n_env + + , " PIDFILE=%s " , s - > pid_file ) < 0 )
return - ENOMEM ;
2015-10-04 17:36:19 +02:00
if ( s - > socket_fd > = 0 ) {
2015-03-10 12:41:59 +01:00
union sockaddr_union sa ;
socklen_t salen = sizeof ( sa ) ;
2017-11-17 15:22:11 +01:00
/* If this is a per-connection service instance, let's set $REMOTE_ADDR and $REMOTE_PORT to something
* useful . Note that we do this only when we are still connected at this point in time , which we might
* very well not be . Hence we ignore all errors when retrieving peer information ( as that might result
* in ENOTCONN ) , and just use whate we can use . */
2016-09-09 04:34:43 +02:00
2017-11-17 15:22:11 +01:00
if ( getpeername ( s - > socket_fd , & sa . sa , & salen ) > = 0 & &
IN_SET ( sa . sa . sa_family , AF_INET , AF_INET6 , AF_VSOCK ) ) {
2015-03-10 12:41:59 +01:00
_cleanup_free_ char * addr = NULL ;
char * t ;
2016-12-20 15:10:54 +01:00
unsigned port ;
2015-03-10 12:41:59 +01:00
r = sockaddr_pretty ( & sa . sa , salen , true , false , & addr ) ;
if ( r < 0 )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
return r ;
2015-03-10 12:41:59 +01:00
2019-07-11 19:14:16 +02:00
t = strjoin ( " REMOTE_ADDR= " , addr ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( ! t )
return - ENOMEM ;
2015-03-10 12:41:59 +01:00
our_env [ n_env + + ] = t ;
2016-12-20 15:10:54 +01:00
r = sockaddr_port ( & sa . sa , & port ) ;
if ( r < 0 )
return r ;
2015-03-10 12:41:59 +01:00
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( asprintf ( & t , " REMOTE_PORT=%u " , port ) < 0 )
return - ENOMEM ;
2015-03-10 12:41:59 +01:00
our_env [ n_env + + ] = t ;
}
}
2016-07-27 11:51:11 +02:00
if ( flags & EXEC_SETENV_RESULT ) {
if ( asprintf ( our_env + n_env + + , " SERVICE_RESULT=%s " , service_result_to_string ( s - > result ) ) < 0 )
return - ENOMEM ;
if ( s - > main_exec_status . pid > 0 & &
dual_timestamp_is_set ( & s - > main_exec_status . exit_timestamp ) ) {
if ( asprintf ( our_env + n_env + + , " EXIT_CODE=%s " , sigchld_code_to_string ( s - > main_exec_status . code ) ) < 0 )
return - ENOMEM ;
if ( s - > main_exec_status . code = = CLD_EXITED )
r = asprintf ( our_env + n_env + + , " EXIT_STATUS=%i " , s - > main_exec_status . status ) ;
else
r = asprintf ( our_env + n_env + + , " EXIT_STATUS=%s " , signal_to_string ( s - > main_exec_status . status ) ) ;
if ( r < 0 )
return - ENOMEM ;
}
}
2018-10-31 15:49:19 +01:00
r = unit_set_exec_params ( UNIT ( s ) , & exec_params ) ;
if ( r < 0 )
return r ;
core: add {State,Cache,Log,Configuration}Directory= (#6384)
This introduces {State,Cache,Log,Configuration}Directory= those are
similar to RuntimeDirectory=. They create the directories under
/var/lib, /var/cache/, /var/log, or /etc, respectively, with the mode
specified in {State,Cache,Log,Configuration}DirectoryMode=.
This also fixes #6391.
2017-07-18 14:34:52 +02:00
final_env = strv_env_merge ( 2 , exec_params . environment , our_env , NULL ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( ! final_env )
return - ENOMEM ;
2010-06-18 23:12:48 +02:00
2017-08-01 10:43:04 +02:00
/* System D-Bus needs nss-systemd disabled, so that we don't deadlock */
SET_FLAG ( exec_params . flags , EXEC_NSS_BYPASS_BUS ,
MANAGER_IS_SYSTEM ( UNIT ( s ) - > manager ) & & unit_has_name ( UNIT ( s ) , SPECIAL_DBUS_SERVICE ) ) ;
2013-06-27 04:14:27 +02:00
2018-11-08 06:08:10 +01:00
strv_free_and_replace ( exec_params . environment , final_env ) ;
2018-10-24 19:03:41 +02:00
exec_params . watchdog_usec = service_get_watchdog_usec ( s ) ;
2015-10-07 23:07:39 +02:00
exec_params . selinux_context_net = s - > socket_fd_selinux_context_net ;
2014-08-23 15:28:37 +02:00
if ( s - > type = = SERVICE_IDLE )
exec_params . idle_pipe = UNIT ( s ) - > manager - > idle_pipe ;
2015-10-07 23:07:39 +02:00
exec_params . stdin_fd = s - > stdin_fd ;
exec_params . stdout_fd = s - > stdout_fd ;
exec_params . stderr_fd = s - > stderr_fd ;
2014-08-23 15:28:37 +02:00
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
r = exec_spawn ( UNIT ( s ) ,
c ,
2010-04-15 03:11:11 +02:00
& s - > exec_context ,
2014-08-23 15:28:37 +02:00
& exec_params ,
2013-11-27 20:23:18 +01:00
s - > exec_runtime ,
2016-07-14 12:37:28 +02:00
& s - > dynamic_creds ,
2010-04-15 03:11:11 +02:00
& pid ) ;
if ( r < 0 )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
return r ;
2010-01-26 04:18:44 +01:00
2018-07-17 11:47:14 +02:00
s - > exec_fd_event_source = TAKE_PTR ( exec_fd_source ) ;
s - > exec_fd_hot = false ;
2019-03-18 20:59:36 +01:00
r = unit_watch_pid ( UNIT ( s ) , pid , true ) ;
if ( r < 0 )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
return r ;
2010-01-26 04:18:44 +01:00
* _pid = pid ;
2010-01-23 01:52:57 +01:00
return 0 ;
2010-01-26 04:18:44 +01:00
}
2010-04-13 02:06:27 +02:00
static int main_pid_good ( Service * s ) {
assert ( s ) ;
2017-09-27 19:56:36 +02:00
/* Returns 0 if the pid is dead, > 0 if it is good, < 0 if we don't know */
2010-04-13 02:06:27 +02:00
2015-07-07 02:09:54 +02:00
/* If we know the pid file, then let's just check if it is
2010-04-13 02:06:27 +02:00
* still valid */
2011-04-28 04:56:53 +02:00
if ( s - > main_pid_known ) {
/* If it's an alien child let's check if it is still
* alive . . . */
2013-06-09 18:28:44 +02:00
if ( s - > main_pid_alien & & s - > main_pid > 0 )
2014-02-17 18:28:53 +01:00
return pid_is_alive ( s - > main_pid ) ;
2011-04-28 04:56:53 +02:00
/* .. otherwise assume we'll get a SIGCHLD for it,
* which we really should wait for to collect exit
* status and code */
2010-04-13 02:06:27 +02:00
return s - > main_pid > 0 ;
2011-04-28 04:56:53 +02:00
}
2010-04-13 02:06:27 +02:00
/* We don't know the pid */
return - EAGAIN ;
}
2017-09-29 16:39:46 +02:00
static int control_pid_good ( Service * s ) {
2010-04-13 02:06:27 +02:00
assert ( s ) ;
2017-10-02 12:57:03 +02:00
/* Returns 0 if the control PID is dead, > 0 if it is good. We never actually return < 0 here, but in order to
* make this function as similar as possible to main_pid_good ( ) and cgroup_good ( ) , we pretend that < 0 also
* means : we can ' t figure it out . */
2010-04-13 02:06:27 +02:00
return s - > control_pid > 0 ;
}
static int cgroup_good ( Service * s ) {
int r ;
assert ( s ) ;
2017-10-02 12:57:03 +02:00
/* Returns 0 if the cgroup is empty or doesn't exist, > 0 if it is exists and is populated, < 0 if we can't
* figure it out */
2013-06-27 04:14:27 +02:00
if ( ! UNIT ( s ) - > cgroup_path )
return 0 ;
2015-09-01 18:32:07 +02:00
r = cg_is_empty_recursive ( SYSTEMD_CGROUP_CONTROLLER , UNIT ( s ) - > cgroup_path ) ;
2013-03-02 14:28:58 +01:00
if ( r < 0 )
2010-04-13 02:06:27 +02:00
return r ;
2017-09-29 16:41:34 +02:00
return r = = 0 ;
2010-04-13 02:06:27 +02:00
}
2019-10-29 09:39:25 +01:00
static bool service_shall_restart ( Service * s , const char * * reason ) {
2015-04-28 20:45:25 +02:00
assert ( s ) ;
/* Don't restart after manual stops */
2019-10-29 09:39:25 +01:00
if ( s - > forbid_restart ) {
* reason = " manual stop " ;
2015-04-28 20:45:25 +02:00
return false ;
2019-10-29 09:39:25 +01:00
}
2015-04-28 20:45:25 +02:00
/* Never restart if this is configured as special exception */
2019-10-29 09:39:25 +01:00
if ( exit_status_set_test ( & s - > restart_prevent_status , s - > main_exec_status . code , s - > main_exec_status . status ) ) {
* reason = " prevented by exit status " ;
2015-04-28 20:45:25 +02:00
return false ;
2019-10-29 09:39:25 +01:00
}
2015-04-28 20:45:25 +02:00
/* Restart if the exit code/status are configured as restart triggers */
2019-10-29 09:39:25 +01:00
if ( exit_status_set_test ( & s - > restart_force_status , s - > main_exec_status . code , s - > main_exec_status . status ) ) {
* reason = " forced by exit status " ;
2015-04-28 20:45:25 +02:00
return true ;
2019-10-29 09:39:25 +01:00
}
2015-04-28 20:45:25 +02:00
2019-10-29 09:39:25 +01:00
* reason = " restart setting " ;
2015-04-28 20:45:25 +02:00
switch ( s - > restart ) {
case SERVICE_RESTART_NO :
return false ;
case SERVICE_RESTART_ALWAYS :
return true ;
case SERVICE_RESTART_ON_SUCCESS :
return s - > result = = SERVICE_SUCCESS ;
case SERVICE_RESTART_ON_FAILURE :
2020-06-10 10:18:00 +02:00
return ! IN_SET ( s - > result , SERVICE_SUCCESS , SERVICE_SKIP_CONDITION ) ;
2015-04-28 20:45:25 +02:00
case SERVICE_RESTART_ON_ABNORMAL :
2020-06-10 10:18:00 +02:00
return ! IN_SET ( s - > result , SERVICE_SUCCESS , SERVICE_FAILURE_EXIT_CODE , SERVICE_SKIP_CONDITION ) ;
2015-04-28 20:45:25 +02:00
case SERVICE_RESTART_ON_WATCHDOG :
return s - > result = = SERVICE_FAILURE_WATCHDOG ;
case SERVICE_RESTART_ON_ABORT :
return IN_SET ( s - > result , SERVICE_FAILURE_SIGNAL , SERVICE_FAILURE_CORE_DUMP ) ;
default :
assert_not_reached ( " unknown restart setting " ) ;
}
}
2017-12-05 16:51:19 +01:00
static bool service_will_restart ( Unit * u ) {
Service * s = SERVICE ( u ) ;
2017-07-17 09:22:25 +02:00
assert ( s ) ;
2017-12-05 16:51:19 +01:00
if ( s - > will_auto_restart )
return true ;
2017-07-17 09:22:25 +02:00
if ( s - > state = = SERVICE_AUTO_RESTART )
return true ;
2018-06-01 19:06:19 +02:00
2019-08-22 17:08:16 +02:00
return unit_will_restart_default ( u ) ;
2017-07-17 09:22:25 +02:00
}
2012-02-03 02:01:35 +01:00
static void service_enter_dead ( Service * s , ServiceResult f , bool allow_restart ) {
2019-06-29 02:02:30 +02:00
ServiceState end_state ;
2010-01-26 04:18:44 +01:00
int r ;
2017-08-26 15:07:23 +02:00
2010-01-26 04:18:44 +01:00
assert ( s ) ;
2017-08-26 15:07:23 +02:00
/* If there's a stop job queued before we enter the DEAD state, we shouldn't act on Restart=, in order to not
* undo what has already been enqueued . */
if ( unit_stop_pending ( UNIT ( s ) ) )
allow_restart = false ;
core: remember first unit failure, not last unit failure
Previously, the result value of a unit was overriden with each failure that
took place, so that the result always reported the last failure that took
place.
With this commit this is changed, so that the first failure taking place is
stored instead. This should normally not matter much as multiple failures are
sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT
to a service due to a watchdog timeout, then this currently would be reported
as "coredump" failure, rather than the "watchodg" failure it really is. Hence,
in order to report information about the type of the failure, and not about
the effect of it, let's change this from all unit type to store the first, not
the last failure.
This addresses the issue pointed out here:
https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04 21:14:27 +02:00
if ( s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-01-26 04:18:44 +01:00
2019-06-29 02:02:30 +02:00
if ( s - > result = = SERVICE_SUCCESS ) {
unit_log_success ( UNIT ( s ) ) ;
end_state = SERVICE_DEAD ;
} else if ( s - > result = = SERVICE_SKIP_CONDITION ) {
unit_log_skip ( UNIT ( s ) , service_result_to_string ( s - > result ) ) ;
end_state = SERVICE_DEAD ;
} else {
unit_log_failure ( UNIT ( s ) , service_result_to_string ( s - > result ) ) ;
end_state = SERVICE_FAILED ;
}
2020-05-26 14:29:46 +02:00
unit_warn_leftover_processes ( UNIT ( s ) , unit_log_leftover_process_stop ) ;
2017-09-26 23:35:58 +02:00
2019-10-29 09:39:25 +01:00
if ( ! allow_restart )
log_unit_debug ( UNIT ( s ) , " Service restart not allowed. " ) ;
else {
const char * reason ;
bool shall_restart ;
shall_restart = service_shall_restart ( s , & reason ) ;
log_unit_debug ( UNIT ( s ) , " Service will %srestart (%s) " ,
shall_restart ? " " : " not " ,
reason ) ;
if ( shall_restart )
s - > will_auto_restart = true ;
}
2017-12-05 16:51:19 +01:00
2017-11-13 15:08:49 +01:00
/* Make sure service_release_resources() doesn't destroy our FD store, while we are changing through
* SERVICE_FAILED / SERVICE_DEAD before entering into SERVICE_AUTO_RESTART . */
s - > n_keep_fd_store + + ;
2019-06-29 02:02:30 +02:00
service_set_state ( s , end_state ) ;
2012-06-26 11:42:52 +02:00
2017-12-05 16:51:19 +01:00
if ( s - > will_auto_restart ) {
s - > will_auto_restart = false ;
2010-01-26 04:18:44 +01:00
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
r = service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) , s - > restart_usec ) ) ;
2017-11-13 15:08:49 +01:00
if ( r < 0 ) {
s - > n_keep_fd_store - - ;
2010-01-26 04:18:44 +01:00
goto fail ;
2017-11-13 15:08:49 +01:00
}
2010-01-26 04:18:44 +01:00
service_set_state ( s , SERVICE_AUTO_RESTART ) ;
2017-08-09 21:12:55 +02:00
} else
/* If we shan't restart, then flush out the restart counter. But don't do that immediately, so that the
* user can still introspect the counter . Do so on the next start . */
s - > flush_n_restarts = true ;
2010-01-26 04:18:44 +01:00
2019-04-27 02:22:40 +02:00
/* The new state is in effect, let's decrease the fd store ref counter again. Let's also re-add us to the GC
2017-11-13 15:08:49 +01:00
* queue , so that the fd store is possibly gc ' ed again */
s - > n_keep_fd_store - - ;
unit_add_to_gc_queue ( UNIT ( s ) ) ;
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
/* The next restart might not be a manual stop, hence reset the flag indicating manual stops */
2010-08-09 23:33:48 +02:00
s - > forbid_restart = false ;
2014-03-03 17:14:07 +01:00
/* We want fresh tmpdirs in case service is started again immediately */
2018-02-06 08:00:34 +01:00
s - > exec_runtime = exec_runtime_unref ( s - > exec_runtime , true ) ;
2013-03-14 18:12:27 +01:00
2019-08-22 16:49:49 +02:00
/* Also, remove the runtime directory */
unit_destroy_runtime_directory ( UNIT ( s ) , & s - > exec_context ) ;
2014-03-03 17:14:07 +01:00
2016-08-01 19:24:40 +02:00
/* Get rid of the IPC bits of the user */
unit_unref_uid_gid ( UNIT ( s ) , true ) ;
2016-07-14 12:37:28 +02:00
/* Release the user, and destroy it if we are the only remaining owner */
dynamic_creds_destroy ( & s - > dynamic_creds ) ;
2013-08-28 19:27:44 +02:00
/* Try to delete the pid file. At this point it will be
* out - of - date , and some software might be confused by it , so
* let ' s remove it . */
if ( s - > pid_file )
2016-02-01 21:55:39 +01:00
( void ) unlink ( s - > pid_file ) ;
2013-08-28 19:27:44 +02:00
2019-03-20 21:28:02 +01:00
/* Reset TTY ownership if necessary */
exec_context_revert_tty ( & s - > exec_context ) ;
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run install restart timer: %m " ) ;
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_RESOURCES , false ) ;
2010-01-26 04:18:44 +01:00
}
2012-02-03 02:01:35 +01:00
static void service_enter_stop_post ( Service * s , ServiceResult f ) {
2010-01-26 04:18:44 +01:00
int r ;
assert ( s ) ;
core: remember first unit failure, not last unit failure
Previously, the result value of a unit was overriden with each failure that
took place, so that the result always reported the last failure that took
place.
With this commit this is changed, so that the first failure taking place is
stored instead. This should normally not matter much as multiple failures are
sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT
to a service due to a watchdog timeout, then this currently would be reported
as "coredump" failure, rather than the "watchodg" failure it really is. Hence,
in order to report information about the type of the failure, and not about
the effect of it, let's change this from all unit type to store the first, not
the last failure.
This addresses the issue pointed out here:
https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04 21:14:27 +02:00
if ( s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-01-26 04:18:44 +01:00
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
( void ) unit_enqueue_rewatch_pids ( UNIT ( s ) ) ;
2010-04-11 00:22:36 +02:00
2013-03-02 14:28:58 +01:00
s - > control_command = s - > exec_command [ SERVICE_EXEC_STOP_POST ] ;
if ( s - > control_command ) {
2011-01-20 18:46:38 +01:00
s - > control_command_id = SERVICE_EXEC_STOP_POST ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > control_command ,
2014-08-21 18:01:22 +02:00
s - > timeout_stop_usec ,
2018-11-16 20:19:07 +01:00
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_APPLY_TTY_STDIN | EXEC_IS_CONTROL | EXEC_SETENV_RESULT | EXEC_CONTROL_CGROUP ,
2012-04-13 23:24:47 +02:00
& s - > control_pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_STOP_POST ) ;
} else
2014-01-29 14:58:04 +01:00
service_enter_signal ( s , SERVICE_FINAL_SIGTERM , SERVICE_SUCCESS ) ;
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'stop-post' task: %m " ) ;
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_FINAL_SIGTERM , SERVICE_FAILURE_RESOURCES ) ;
2010-01-26 04:18:44 +01:00
}
2019-10-01 15:15:06 +02:00
static int state_to_kill_operation ( Service * s , ServiceState state ) {
2015-04-21 02:17:01 +02:00
switch ( state ) {
2018-09-19 21:03:01 +02:00
case SERVICE_STOP_WATCHDOG :
2019-04-16 16:45:20 +02:00
case SERVICE_FINAL_WATCHDOG :
2018-09-19 21:03:01 +02:00
return KILL_WATCHDOG ;
2015-04-21 02:17:01 +02:00
case SERVICE_STOP_SIGTERM :
2019-10-01 15:15:06 +02:00
if ( unit_has_job_type ( UNIT ( s ) , JOB_RESTART ) )
return KILL_RESTART ;
_fallthrough_ ;
2015-04-21 02:17:01 +02:00
case SERVICE_FINAL_SIGTERM :
return KILL_TERMINATE ;
case SERVICE_STOP_SIGKILL :
case SERVICE_FINAL_SIGKILL :
return KILL_KILL ;
default :
return _KILL_OPERATION_INVALID ;
}
}
2012-02-03 02:01:35 +01:00
static void service_enter_signal ( Service * s , ServiceState state , ServiceResult f ) {
2019-04-16 16:45:20 +02:00
int kill_operation , r ;
2010-01-26 04:18:44 +01:00
assert ( s ) ;
core: remember first unit failure, not last unit failure
Previously, the result value of a unit was overriden with each failure that
took place, so that the result always reported the last failure that took
place.
With this commit this is changed, so that the first failure taking place is
stored instead. This should normally not matter much as multiple failures are
sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT
to a service due to a watchdog timeout, then this currently would be reported
as "coredump" failure, rather than the "watchodg" failure it really is. Hence,
in order to report information about the type of the failure, and not about
the effect of it, let's change this from all unit type to store the first, not
the last failure.
This addresses the issue pointed out here:
https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04 21:14:27 +02:00
if ( s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-01-26 04:18:44 +01:00
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
/* Before sending any signal, make sure we track all members of this cgroup */
( void ) unit_watch_all_pids ( UNIT ( s ) ) ;
/* Also, enqueue a job that we recheck all our PIDs a bit later, given that it's likely some processes have
* died now */
( void ) unit_enqueue_rewatch_pids ( UNIT ( s ) ) ;
2014-02-06 17:17:51 +01:00
2019-04-16 16:45:20 +02:00
kill_operation = state_to_kill_operation ( s , state ) ;
2013-01-26 05:53:30 +01:00
r = unit_kill_context (
UNIT ( s ) ,
& s - > kill_context ,
2019-04-16 16:45:20 +02:00
kill_operation ,
2013-01-26 05:53:30 +01:00
s - > main_pid ,
s - > control_pid ,
s - > main_pid_alien ) ;
if ( r < 0 )
goto fail ;
2010-01-26 04:18:44 +01:00
2013-01-26 05:53:30 +01:00
if ( r > 0 ) {
2017-11-29 07:43:44 +01:00
r = service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) ,
2019-04-16 16:45:20 +02:00
kill_operation = = KILL_WATCHDOG ? service_timeout_abort_usec ( s ) : s - > timeout_stop_usec ) ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( r < 0 )
goto fail ;
2010-01-28 01:59:41 +01:00
2010-04-13 02:06:27 +02:00
service_set_state ( s , state ) ;
2018-09-19 21:03:01 +02:00
} else if ( IN_SET ( state , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM ) & & s - > kill_context . send_sigkill )
2014-01-29 14:58:04 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_SUCCESS ) ;
2018-09-19 21:03:01 +02:00
else if ( IN_SET ( state , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL ) )
2012-02-03 02:01:35 +01:00
service_enter_stop_post ( s , SERVICE_SUCCESS ) ;
2019-04-16 16:45:20 +02:00
else if ( IN_SET ( state , SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM ) & & s - > kill_context . send_sigkill )
2014-01-29 14:58:04 +01:00
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , SERVICE_SUCCESS ) ;
2010-04-13 02:06:27 +02:00
else
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_SUCCESS , true ) ;
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to kill processes: %m " ) ;
2010-01-26 04:18:44 +01:00
2018-09-19 21:03:01 +02:00
if ( IN_SET ( state , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL ) )
2012-02-03 02:01:35 +01:00
service_enter_stop_post ( s , SERVICE_FAILURE_RESOURCES ) ;
2010-01-26 04:18:44 +01:00
else
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_RESOURCES , true ) ;
2010-01-26 04:18:44 +01:00
}
2014-08-21 17:03:15 +02:00
static void service_enter_stop_by_notify ( Service * s ) {
assert ( s ) ;
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
( void ) unit_enqueue_rewatch_pids ( UNIT ( s ) ) ;
2014-08-21 17:03:15 +02:00
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) , s - > timeout_stop_usec ) ) ;
2014-08-21 17:03:15 +02:00
2014-10-09 17:27:57 +02:00
/* The service told us it's stopping, so it's as if we SIGTERM'd it. */
service_set_state ( s , SERVICE_STOP_SIGTERM ) ;
2014-08-21 17:03:15 +02:00
}
2012-02-03 02:01:35 +01:00
static void service_enter_stop ( Service * s , ServiceResult f ) {
2010-01-26 04:18:44 +01:00
int r ;
2010-06-17 22:55:53 +02:00
2010-01-26 04:18:44 +01:00
assert ( s ) ;
core: remember first unit failure, not last unit failure
Previously, the result value of a unit was overriden with each failure that
took place, so that the result always reported the last failure that took
place.
With this commit this is changed, so that the first failure taking place is
stored instead. This should normally not matter much as multiple failures are
sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT
to a service due to a watchdog timeout, then this currently would be reported
as "coredump" failure, rather than the "watchodg" failure it really is. Hence,
in order to report information about the type of the failure, and not about
the effect of it, let's change this from all unit type to store the first, not
the last failure.
This addresses the issue pointed out here:
https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04 21:14:27 +02:00
if ( s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-01-26 04:18:44 +01:00
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
core: rework how we track service and scope PIDs
This reworks how systemd tracks processes on cgroupv1 systems where
cgroup notification is not reliable. Previously, whenever we had reason
to believe that new processes showed up or got removed we'd scan the
cgroup of the scope or service unit for new processes, and would tidy up
the list of PIDs previously watched. This scanning is relatively slow,
and does not scale well. With this change behaviour is changed: instead
of scanning for new/removed processes right away we do this work in a
per-unit deferred event loop job. This event source is scheduled at a
very low priority, so that it is executed when we have time but does not
starve other event sources. This has two benefits: this expensive work is
coalesced, if events happen in quick succession, and we won't delay
SIGCHLD handling for too long.
This patch basically replaces all direct invocation of
unit_watch_all_pids() in scope.c and service.c with invocations of the
new unit_enqueue_rewatch_pids() call which just enqueues a request of
watching/tidying up the PID sets (with one exception: in
scope_enter_signal() and service_enter_signal() we'll still do
unit_watch_all_pids() synchronously first, since we really want to know
all processes we are about to kill so that we can track them properly.
Moreover, all direct invocations of unit_tidy_watch_pids() and
unit_synthesize_cgroup_empty_event() are removed too, when the
unit_enqueue_rewatch_pids() call is invoked, as the queued job will run
those operations too.
All of this is done on cgroupsv1 systems only, and is disabled on
cgroupsv2 systems as cgroup-empty notifications are reliable there, and
we do not need SIGCHLD events to track processes there.
Fixes: #9138
2018-05-31 15:41:59 +02:00
( void ) unit_enqueue_rewatch_pids ( UNIT ( s ) ) ;
2010-04-11 00:22:36 +02:00
2013-03-02 14:28:58 +01:00
s - > control_command = s - > exec_command [ SERVICE_EXEC_STOP ] ;
if ( s - > control_command ) {
2011-01-20 18:46:38 +01:00
s - > control_command_id = SERVICE_EXEC_STOP ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > control_command ,
2014-08-21 18:01:22 +02:00
s - > timeout_stop_usec ,
2018-11-16 20:19:07 +01:00
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_IS_CONTROL | EXEC_SETENV_RESULT | EXEC_CONTROL_CGROUP ,
2012-04-13 23:24:47 +02:00
& s - > control_pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_STOP ) ;
} else
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_SUCCESS ) ;
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'stop' task: %m " ) ;
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_RESOURCES ) ;
2010-01-26 04:18:44 +01:00
}
2015-09-01 16:45:34 +02:00
static bool service_good ( Service * s ) {
int main_pid_ok ;
assert ( s ) ;
if ( s - > type = = SERVICE_DBUS & & ! s - > bus_name_good )
return false ;
main_pid_ok = main_pid_good ( s ) ;
if ( main_pid_ok > 0 ) /* It's alive */
return true ;
if ( main_pid_ok = = 0 ) /* It's dead */
return false ;
/* OK, we don't know anything about the main PID, maybe
* because there is none . Let ' s check the control group
* instead . */
return cgroup_good ( s ) ! = 0 ;
}
2012-02-03 02:01:35 +01:00
static void service_enter_running ( Service * s , ServiceResult f ) {
2010-04-13 02:06:27 +02:00
assert ( s ) ;
core: remember first unit failure, not last unit failure
Previously, the result value of a unit was overriden with each failure that
took place, so that the result always reported the last failure that took
place.
With this commit this is changed, so that the first failure taking place is
stored instead. This should normally not matter much as multiple failures are
sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT
to a service due to a watchdog timeout, then this currently would be reported
as "coredump" failure, rather than the "watchodg" failure it really is. Hence,
in order to report information about the type of the failure, and not about
the effect of it, let's change this from all unit type to store the first, not
the last failure.
This addresses the issue pointed out here:
https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04 21:14:27 +02:00
if ( s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-04-13 02:06:27 +02:00
2016-02-03 23:55:53 +01:00
service_unwatch_control_pid ( s ) ;
2018-06-04 11:35:25 +02:00
if ( s - > result ! = SERVICE_SUCCESS )
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
else if ( service_good ( s ) ) {
2014-08-21 17:03:15 +02:00
2018-06-04 11:35:25 +02:00
/* If there are any queued up sd_notify() notifications, process them now */
2014-08-21 17:03:15 +02:00
if ( s - > notify_state = = NOTIFY_RELOADING )
service_enter_reload_by_notify ( s ) ;
else if ( s - > notify_state = = NOTIFY_STOPPING )
service_enter_stop_by_notify ( s ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
else {
2014-08-21 17:03:15 +02:00
service_set_state ( s , SERVICE_RUNNING ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
service_arm_timer ( s , usec_add ( UNIT ( s ) - > active_enter_timestamp . monotonic , s - > runtime_max_usec ) ) ;
}
2014-08-21 17:03:15 +02:00
2018-06-04 11:35:25 +02:00
} else if ( s - > remain_after_exit )
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_EXITED ) ;
else
2012-02-03 02:01:35 +01:00
service_enter_stop ( s , SERVICE_SUCCESS ) ;
2010-04-13 02:06:27 +02:00
}
2010-01-26 04:18:44 +01:00
static void service_enter_start_post ( Service * s ) {
int r ;
assert ( s ) ;
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
2013-12-11 20:49:43 +01:00
service_reset_watchdog ( s ) ;
2012-02-08 10:10:34 +01:00
2013-03-02 14:28:58 +01:00
s - > control_command = s - > exec_command [ SERVICE_EXEC_START_POST ] ;
if ( s - > control_command ) {
2011-01-20 18:46:38 +01:00
s - > control_command_id = SERVICE_EXEC_START_POST ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > control_command ,
2014-08-21 18:01:22 +02:00
s - > timeout_start_usec ,
2018-11-16 20:19:07 +01:00
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_IS_CONTROL | EXEC_CONTROL_CGROUP ,
2012-04-13 23:24:47 +02:00
& s - > control_pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_START_POST ) ;
} else
2012-02-03 02:01:35 +01:00
service_enter_running ( s , SERVICE_SUCCESS ) ;
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'start-post' task: %m " ) ;
2012-02-03 02:01:35 +01:00
service_enter_stop ( s , SERVICE_FAILURE_RESOURCES ) ;
2010-01-26 04:18:44 +01:00
}
2017-11-24 20:11:27 +01:00
static void service_kill_control_process ( Service * s ) {
2017-09-25 17:17:30 +02:00
int r ;
2013-06-27 04:14:27 +02:00
2017-09-25 17:17:30 +02:00
assert ( s ) ;
2017-11-24 20:11:27 +01:00
if ( s - > control_pid < = 0 )
return ;
2013-06-27 04:14:27 +02:00
2017-11-24 20:11:27 +01:00
r = kill_and_sigcont ( s - > control_pid , SIGKILL ) ;
if ( r < 0 ) {
_cleanup_free_ char * comm = NULL ;
2017-09-25 17:17:30 +02:00
2017-11-24 20:11:27 +01:00
( void ) get_process_comm ( s - > control_pid , & comm ) ;
2017-09-25 17:17:30 +02:00
2017-11-24 20:11:27 +01:00
log_unit_debug_errno ( UNIT ( s ) , r , " Failed to kill control process " PID_FMT " (%s), ignoring: %m " ,
s - > control_pid , strna ( comm ) ) ;
2017-09-25 17:17:30 +02:00
}
2013-06-27 04:14:27 +02:00
}
2019-01-16 11:20:18 +01:00
static int service_adverse_to_leftover_processes ( Service * s ) {
assert ( s ) ;
/* KillMode=mixed and control group are used to indicate that all process should be killed off.
2020-05-26 14:29:46 +02:00
* SendSIGKILL = is used for services that require a clean shutdown . These are typically database
* service where a SigKilled process would result in a lengthy recovery and who ' s shutdown or startup
* time is quite variable ( so Timeout settings aren ' t of use ) .
2019-01-16 11:20:18 +01:00
*
* Here we take these two factors and refuse to start a service if there are existing processes
* within a control group . Databases , while generally having some protection against multiple
2020-05-26 14:29:46 +02:00
* instances running , lets not stress the rigor of these . Also ExecStartPre = parts of the service
2019-01-16 11:20:18 +01:00
* aren ' t as rigoriously written to protect aganst against multiple use . */
2020-05-26 14:29:46 +02:00
if ( unit_warn_leftover_processes ( UNIT ( s ) , unit_log_leftover_process_start ) > 0 & &
2019-01-16 11:20:18 +01:00
IN_SET ( s - > kill_context . kill_mode , KILL_MIXED , KILL_CONTROL_GROUP ) & &
2019-05-19 13:44:41 +02:00
! s - > kill_context . send_sigkill )
return log_unit_error_errno ( UNIT ( s ) , SYNTHETIC_ERRNO ( EBUSY ) ,
" Will not start SendSIGKILL=no service of type KillMode=control-group or mixed while processes exist " ) ;
2019-01-16 11:20:18 +01:00
return 0 ;
}
2010-01-26 04:18:44 +01:00
static void service_enter_start ( Service * s ) {
2013-06-27 04:14:27 +02:00
ExecCommand * c ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
usec_t timeout ;
2010-01-26 04:18:44 +01:00
pid_t pid ;
int r ;
assert ( s ) ;
2013-08-09 16:40:57 +02:00
service_unwatch_control_pid ( s ) ;
service_unwatch_main_pid ( s ) ;
2010-04-13 02:06:27 +02:00
2019-01-16 11:20:18 +01:00
r = service_adverse_to_leftover_processes ( s ) ;
if ( r < 0 )
goto fail ;
2017-11-24 22:02:22 +01:00
2011-01-20 18:46:38 +01:00
if ( s - > type = = SERVICE_FORKING ) {
s - > control_command_id = SERVICE_EXEC_START ;
c = s - > control_command = s - > exec_command [ SERVICE_EXEC_START ] ;
s - > main_command = NULL ;
} else {
s - > control_command_id = _SERVICE_EXEC_COMMAND_INVALID ;
s - > control_command = NULL ;
c = s - > main_command = s - > exec_command [ SERVICE_EXEC_START ] ;
}
2010-08-13 18:23:01 +02:00
2014-08-21 18:50:42 +02:00
if ( ! c ) {
2016-10-21 12:27:46 +02:00
if ( s - > type ! = SERVICE_ONESHOT ) {
2020-06-27 13:23:08 +02:00
/* There's no command line configured for the main command? Hmm, that is strange.
* This can only happen if the configuration changes at runtime . In this case ,
* let ' s enter a failure state . */
2018-06-05 20:18:47 +02:00
log_unit_error ( UNIT ( s ) , " There's no 'start' task anymore we could start. " ) ;
2016-10-21 12:27:46 +02:00
r = - ENXIO ;
goto fail ;
}
2018-10-16 22:45:34 +02:00
/* We force a fake state transition here. Otherwise, the unit would go directly from
* SERVICE_DEAD to SERVICE_DEAD without SERVICE_ACTIVATING or SERVICE_ACTIVE
2019-04-27 02:22:40 +02:00
* in between . This way we can later trigger actions that depend on the state
2018-10-16 22:45:34 +02:00
* transition , including SuccessAction = . */
service_set_state ( s , SERVICE_START ) ;
2014-08-21 18:50:42 +02:00
service_enter_start_post ( s ) ;
return ;
}
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( IN_SET ( s - > type , SERVICE_SIMPLE , SERVICE_IDLE ) )
/* For simple + idle this is the main process. We don't apply any timeout here, but
* service_enter_running ( ) will later apply the . runtime_max_usec timeout . */
timeout = USEC_INFINITY ;
else
timeout = s - > timeout_start_usec ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
c ,
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
timeout ,
core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING
"Permissions" was a bit of a misnomer, as it suggests that UNIX file
permission bits are adjusted, which aren't really changed here. Instead,
this is about UNIX credentials such as users or groups, as well as
namespacing, hence let's use a more generic term here, without any
misleading reference to UNIX file permissions: "sandboxing", which shall
refer to all kinds of sandboxing technologies, including UID/GID
dropping, selinux relabelling, namespacing, seccomp, and so on.
2017-08-01 11:30:44 +02:00
EXEC_PASS_FDS | EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_APPLY_TTY_STDIN | EXEC_SET_WATCHDOG ,
2012-04-13 23:24:47 +02:00
& pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
if ( IN_SET ( s - > type , SERVICE_SIMPLE , SERVICE_IDLE ) ) {
2010-01-26 04:18:44 +01:00
/* For simple services we immediately start
* the START_POST binaries . */
2010-06-17 22:55:53 +02:00
service_set_main_pid ( s , pid ) ;
2010-01-26 04:18:44 +01:00
service_enter_start_post ( s ) ;
} else if ( s - > type = = SERVICE_FORKING ) {
/* For forking services we wait until the start
* process exited . */
2010-06-18 22:05:29 +02:00
s - > control_pid = pid ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_START ) ;
2018-07-17 11:47:14 +02:00
} else if ( IN_SET ( s - > type , SERVICE_ONESHOT , SERVICE_DBUS , SERVICE_NOTIFY , SERVICE_EXEC ) ) {
2010-01-30 02:07:35 +01:00
2018-07-17 11:47:14 +02:00
/* For oneshot services we wait until the start process exited, too, but it is our main process. */
2010-01-30 02:07:35 +01:00
2018-07-17 11:47:14 +02:00
/* For D-Bus services we know the main pid right away, but wait for the bus name to appear on the
* bus . ' notify ' and ' exec ' services are similar . */
2010-04-15 23:16:16 +02:00
2010-06-17 22:55:53 +02:00
service_set_main_pid ( s , pid ) ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_START ) ;
2010-01-26 04:18:44 +01:00
} else
assert_not_reached ( " Unknown service type " ) ;
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'start' task: %m " ) ;
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_RESOURCES ) ;
2010-01-26 04:18:44 +01:00
}
static void service_enter_start_pre ( Service * s ) {
int r ;
assert ( s ) ;
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
2013-03-02 14:28:58 +01:00
s - > control_command = s - > exec_command [ SERVICE_EXEC_START_PRE ] ;
if ( s - > control_command ) {
2012-01-11 01:51:32 +01:00
2019-01-16 11:20:18 +01:00
r = service_adverse_to_leftover_processes ( s ) ;
if ( r < 0 )
goto fail ;
2017-11-24 22:02:22 +01:00
2011-01-20 18:46:38 +01:00
s - > control_command_id = SERVICE_EXEC_START_PRE ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > control_command ,
2014-08-21 18:01:22 +02:00
s - > timeout_start_usec ,
core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING
"Permissions" was a bit of a misnomer, as it suggests that UNIX file
permission bits are adjusted, which aren't really changed here. Instead,
this is about UNIX credentials such as users or groups, as well as
namespacing, hence let's use a more generic term here, without any
misleading reference to UNIX file permissions: "sandboxing", which shall
refer to all kinds of sandboxing technologies, including UID/GID
dropping, selinux relabelling, namespacing, seccomp, and so on.
2017-08-01 11:30:44 +02:00
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_IS_CONTROL | EXEC_APPLY_TTY_STDIN ,
2012-04-13 23:24:47 +02:00
& s - > control_pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_START_PRE ) ;
} else
2010-01-26 04:18:44 +01:00
service_enter_start ( s ) ;
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'start-pre' task: %m " ) ;
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_RESOURCES , true ) ;
2010-01-26 04:18:44 +01:00
}
2019-06-29 02:02:30 +02:00
static void service_enter_condition ( Service * s ) {
int r ;
assert ( s ) ;
service_unwatch_control_pid ( s ) ;
s - > control_command = s - > exec_command [ SERVICE_EXEC_CONDITION ] ;
if ( s - > control_command ) {
r = service_adverse_to_leftover_processes ( s ) ;
if ( r < 0 )
goto fail ;
s - > control_command_id = SERVICE_EXEC_CONDITION ;
r = service_spawn ( s ,
s - > control_command ,
s - > timeout_start_usec ,
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_IS_CONTROL | EXEC_APPLY_TTY_STDIN ,
& s - > control_pid ) ;
if ( r < 0 )
goto fail ;
service_set_state ( s , SERVICE_CONDITION ) ;
} else
service_enter_start_pre ( s ) ;
return ;
fail :
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'exec-condition' task: %m " ) ;
service_enter_dead ( s , SERVICE_FAILURE_RESOURCES , true ) ;
}
2010-01-26 04:18:44 +01:00
static void service_enter_restart ( Service * s ) {
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy
GLIB has recently started to officially support the gcc cleanup
attribute in its public API, hence let's do the same for our APIs.
With this patch we'll define an xyz_unrefp() call for each public
xyz_unref() call, to make it easy to use inside a
__attribute__((cleanup())) expression. Then, all code is ported over to
make use of this.
The new calls are also documented in the man pages, with examples how to
use them (well, I only added docs where the _unref() call itself already
had docs, and the examples, only cover sd_bus_unrefp() and
sd_event_unrefp()).
This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we
tend to call our destructors these days.
Note that this defines no public macro that wraps gcc's attribute and
makes it easier to use. While I think it's our duty in the library to
make our stuff easy to use, I figure it's not our duty to make gcc's own
features easy to use on its own. Most likely, client code which wants to
make use of this should define its own:
#define _cleanup_(function) __attribute__((cleanup(function)))
Or similar, to make the gcc feature easier to use.
Making this logic public has the benefit that we can remove three header
files whose only purpose was to define these functions internally.
See #2008.
2015-11-27 19:13:45 +01:00
_cleanup_ ( sd_bus_error_free ) sd_bus_error error = SD_BUS_ERROR_NULL ;
2010-01-26 04:18:44 +01:00
int r ;
2010-07-08 02:43:18 +02:00
2010-01-26 04:18:44 +01:00
assert ( s ) ;
2019-10-01 14:58:55 +02:00
if ( unit_has_job_type ( UNIT ( s ) , JOB_STOP ) ) {
2012-07-18 02:28:08 +02:00
/* Don't restart things if we are going down anyway */
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_info ( UNIT ( s ) , " Stop job pending for unit, delaying automatic restart. " ) ;
2010-11-01 17:50:43 +01:00
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
r = service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) , s - > restart_usec ) ) ;
2012-07-18 02:28:08 +02:00
if ( r < 0 )
2010-11-01 17:50:43 +01:00
goto fail ;
2012-04-29 15:35:40 +02:00
return ;
2010-11-01 17:50:43 +01:00
}
2012-04-03 05:45:35 +02:00
/* Any units that are bound to this service must also be
* restarted . We use JOB_RESTART ( instead of the more obvious
* JOB_START ) here so that those dependency jobs will be added
* as well . */
2019-03-22 20:57:30 +01:00
r = manager_add_job ( UNIT ( s ) - > manager , JOB_RESTART , UNIT ( s ) , JOB_REPLACE , NULL , & error , NULL ) ;
2012-04-03 05:45:35 +02:00
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
2017-08-09 21:12:55 +02:00
/* Count the jobs we enqueue for restarting. This counter is maintained as long as the unit isn't fully
* stopped , i . e . as long as it remains up or remains in auto - start states . The use can reset the counter
* explicitly however via the usual " systemctl reset-failure " logic . */
s - > n_restarts + + ;
s - > flush_n_restarts = false ;
log_struct ( LOG_INFO ,
" MESSAGE_ID= " SD_MESSAGE_UNIT_RESTART_SCHEDULED_STR ,
LOG_UNIT_ID ( UNIT ( s ) ) ,
2017-09-20 18:27:53 +02:00
LOG_UNIT_INVOCATION_ID ( UNIT ( s ) ) ,
2017-08-09 21:12:55 +02:00
LOG_UNIT_MESSAGE ( UNIT ( s ) , " Scheduled restart job, restart counter is at %u. " , s - > n_restarts ) ,
2018-06-04 12:59:22 +02:00
" N_RESTARTS=%u " , s - > n_restarts ) ;
2017-08-09 21:12:55 +02:00
/* Notify clients about changed restart counter */
unit_add_to_dbus_queue ( UNIT ( s ) ) ;
2012-07-18 02:28:08 +02:00
/* Note that we stay in the SERVICE_AUTO_RESTART state here,
* it will be canceled as part of the service_stop ( ) call that
* is executed as part of JOB_RESTART . */
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " Failed to schedule restart job: %s " , bus_error_message ( & error , - r ) ) ;
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_RESOURCES , false ) ;
2010-01-26 04:18:44 +01:00
}
2014-08-21 17:03:15 +02:00
static void service_enter_reload_by_notify ( Service * s ) {
2017-08-07 11:27:24 +02:00
_cleanup_ ( sd_bus_error_free ) sd_bus_error error = SD_BUS_ERROR_NULL ;
int r ;
2014-08-21 17:03:15 +02:00
assert ( s ) ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) , s - > timeout_start_usec ) ) ;
2014-08-21 17:03:15 +02:00
service_set_state ( s , SERVICE_RELOAD ) ;
2017-08-07 11:27:24 +02:00
/* service_enter_reload_by_notify is never called during a reload, thus no loops are possible. */
r = manager_propagate_reload ( UNIT ( s ) - > manager , UNIT ( s ) , JOB_FAIL , & error ) ;
if ( r < 0 )
log_unit_warning ( UNIT ( s ) , " Failed to schedule propagation of reload: %s " , bus_error_message ( & error , - r ) ) ;
2014-08-21 17:03:15 +02:00
}
2010-01-26 04:18:44 +01:00
static void service_enter_reload ( Service * s ) {
int r ;
assert ( s ) ;
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
2015-10-03 13:37:21 +02:00
s - > reload_result = SERVICE_SUCCESS ;
2010-04-11 00:22:36 +02:00
2013-03-02 14:28:58 +01:00
s - > control_command = s - > exec_command [ SERVICE_EXEC_RELOAD ] ;
if ( s - > control_command ) {
2011-01-20 18:46:38 +01:00
s - > control_command_id = SERVICE_EXEC_RELOAD ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > control_command ,
2014-08-21 18:01:22 +02:00
s - > timeout_start_usec ,
2018-11-16 20:19:07 +01:00
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_IS_CONTROL | EXEC_CONTROL_CGROUP ,
2012-04-13 23:24:47 +02:00
& s - > control_pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
2010-04-13 02:06:27 +02:00
service_set_state ( s , SERVICE_RELOAD ) ;
} else
2012-02-03 02:01:35 +01:00
service_enter_running ( s , SERVICE_SUCCESS ) ;
2010-01-26 04:18:44 +01:00
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run 'reload' task: %m " ) ;
2012-02-03 02:01:35 +01:00
s - > reload_result = SERVICE_FAILURE_RESOURCES ;
service_enter_running ( s , SERVICE_SUCCESS ) ;
2010-01-26 04:18:44 +01:00
}
2012-02-03 02:01:35 +01:00
static void service_run_next_control ( Service * s ) {
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
usec_t timeout ;
2010-01-26 04:18:44 +01:00
int r ;
assert ( s ) ;
assert ( s - > control_command ) ;
assert ( s - > control_command - > command_next ) ;
2010-08-13 18:23:01 +02:00
assert ( s - > control_command_id ! = SERVICE_EXEC_START ) ;
2010-01-26 04:18:44 +01:00
2010-08-13 18:23:01 +02:00
s - > control_command = s - > control_command - > command_next ;
2010-04-11 00:22:36 +02:00
service_unwatch_control_pid ( s ) ;
2019-06-29 02:02:30 +02:00
if ( IN_SET ( s - > state , SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST , SERVICE_RUNNING , SERVICE_RELOAD ) )
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
timeout = s - > timeout_start_usec ;
else
timeout = s - > timeout_stop_usec ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > control_command ,
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
timeout ,
core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING
"Permissions" was a bit of a misnomer, as it suggests that UNIX file
permission bits are adjusted, which aren't really changed here. Instead,
this is about UNIX credentials such as users or groups, as well as
namespacing, hence let's use a more generic term here, without any
misleading reference to UNIX file permissions: "sandboxing", which shall
refer to all kinds of sandboxing technologies, including UID/GID
dropping, selinux relabelling, namespacing, seccomp, and so on.
2017-08-01 11:30:44 +02:00
EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_IS_CONTROL |
2019-06-29 02:02:30 +02:00
( IN_SET ( s - > control_command_id , SERVICE_EXEC_CONDITION , SERVICE_EXEC_START_PRE , SERVICE_EXEC_STOP_POST ) ? EXEC_APPLY_TTY_STDIN : 0 ) |
2018-11-16 20:19:07 +01:00
( IN_SET ( s - > control_command_id , SERVICE_EXEC_STOP , SERVICE_EXEC_STOP_POST ) ? EXEC_SETENV_RESULT : 0 ) |
( IN_SET ( s - > control_command_id , SERVICE_EXEC_START_POST , SERVICE_EXEC_RELOAD , SERVICE_EXEC_STOP , SERVICE_EXEC_STOP_POST ) ? EXEC_CONTROL_CGROUP : 0 ) ,
2012-04-13 23:24:47 +02:00
& s - > control_pid ) ;
if ( r < 0 )
2010-01-26 04:18:44 +01:00
goto fail ;
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run next control task: %m " ) ;
2010-01-26 04:18:44 +01:00
2019-06-29 02:02:30 +02:00
if ( IN_SET ( s - > state , SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START_POST , SERVICE_STOP ) )
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_RESOURCES ) ;
2010-01-26 04:18:44 +01:00
else if ( s - > state = = SERVICE_STOP_POST )
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_RESOURCES , true ) ;
2011-01-20 13:17:22 +01:00
else if ( s - > state = = SERVICE_RELOAD ) {
2012-02-03 02:01:35 +01:00
s - > reload_result = SERVICE_FAILURE_RESOURCES ;
service_enter_running ( s , SERVICE_SUCCESS ) ;
2011-01-20 13:17:22 +01:00
} else
2012-02-03 02:01:35 +01:00
service_enter_stop ( s , SERVICE_FAILURE_RESOURCES ) ;
2010-01-23 01:52:57 +01:00
}
2012-02-03 02:01:35 +01:00
static void service_run_next_main ( Service * s ) {
2010-08-13 18:23:01 +02:00
pid_t pid ;
int r ;
assert ( s ) ;
2011-01-20 18:46:38 +01:00
assert ( s - > main_command ) ;
assert ( s - > main_command - > command_next ) ;
assert ( s - > type = = SERVICE_ONESHOT ) ;
2010-08-13 18:23:01 +02:00
2011-01-20 18:46:38 +01:00
s - > main_command = s - > main_command - > command_next ;
2010-08-13 18:23:01 +02:00
service_unwatch_main_pid ( s ) ;
2012-04-13 23:24:47 +02:00
r = service_spawn ( s ,
s - > main_command ,
2014-08-21 18:01:22 +02:00
s - > timeout_start_usec ,
core: rename EXEC_APPLY_PERMISSIONS → EXEC_APPLY_SANDBOXING
"Permissions" was a bit of a misnomer, as it suggests that UNIX file
permission bits are adjusted, which aren't really changed here. Instead,
this is about UNIX credentials such as users or groups, as well as
namespacing, hence let's use a more generic term here, without any
misleading reference to UNIX file permissions: "sandboxing", which shall
refer to all kinds of sandboxing technologies, including UID/GID
dropping, selinux relabelling, namespacing, seccomp, and so on.
2017-08-01 11:30:44 +02:00
EXEC_PASS_FDS | EXEC_APPLY_SANDBOXING | EXEC_APPLY_CHROOT | EXEC_APPLY_TTY_STDIN | EXEC_SET_WATCHDOG ,
2012-04-13 23:24:47 +02:00
& pid ) ;
if ( r < 0 )
2010-08-13 18:23:01 +02:00
goto fail ;
service_set_main_pid ( s , pid ) ;
return ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to run next main task: %m " ) ;
2012-02-03 02:01:35 +01:00
service_enter_stop ( s , SERVICE_FAILURE_RESOURCES ) ;
2010-08-13 18:23:01 +02:00
}
2010-01-26 21:39:06 +01:00
static int service_start ( Unit * u ) {
Service * s = SERVICE ( u ) ;
core: move enforcement of the start limit into per-unit-type code again
Let's move the enforcement of the per-unit start limit from unit.c into the
type-specific files again. For unit types that know a concept of "result" codes
this allows us to hook up the start limit condition to it with an explicit
result code. Also, this makes sure that the state checks in clal like
service_start() may be done before the start limit is checked, as the start
limit really should be checked last, right before everything has been verified
to be in order.
The generic start limit logic is left in unit.c, but the invocation of it is
moved into the per-type files, in the various xyz_start() functions, so that
they may place the check at the right location.
Note that this change drops the enforcement entirely from device, slice, target
and scope units, since these unit types generally may not fail activation, or
may only be activated a single time. This is also documented now.
Note that restores the "start-limit-hit" result code that existed before
6bf0f408e4833152197fb38fb10a9989c89f3a59 already in the service code. However,
it's not introduced for all units that have a result code concept.
Fixes #3166.
2016-05-02 13:01:26 +02:00
int r ;
2010-01-23 01:52:57 +01:00
assert ( s ) ;
2010-01-26 04:18:44 +01:00
/* We cannot fulfill this request right now, try again later
* please ! */
2015-04-21 02:19:58 +02:00
if ( IN_SET ( s - > state ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP , SERVICE_STOP_WATCHDOG , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL , SERVICE_CLEANING ) )
2010-01-23 01:52:57 +01:00
return - EAGAIN ;
2010-01-26 04:18:44 +01:00
/* Already on it! */
2019-06-29 02:02:30 +02:00
if ( IN_SET ( s - > state , SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST ) )
2010-01-26 04:18:44 +01:00
return 0 ;
2012-04-29 15:35:51 +02:00
/* A service that will be restarted must be stopped first to
2012-07-13 23:34:40 +02:00
* trigger BindsTo and / or OnFailure dependencies . If a user
2012-04-29 15:35:51 +02:00
* does not want to wait for the holdoff time to elapse , the
2012-07-18 02:42:43 +02:00
* service should be manually restarted , not started . We
* simply return EAGAIN here , so that any start jobs stay
* queued , and assume that the auto restart timer will
* eventually trigger the restart . */
if ( s - > state = = SERVICE_AUTO_RESTART )
2012-07-18 02:28:08 +02:00
return - EAGAIN ;
2012-04-29 15:35:51 +02:00
2015-04-21 02:19:58 +02:00
assert ( IN_SET ( s - > state , SERVICE_DEAD , SERVICE_FAILED ) ) ;
2010-01-23 01:52:57 +01:00
core: move enforcement of the start limit into per-unit-type code again
Let's move the enforcement of the per-unit start limit from unit.c into the
type-specific files again. For unit types that know a concept of "result" codes
this allows us to hook up the start limit condition to it with an explicit
result code. Also, this makes sure that the state checks in clal like
service_start() may be done before the start limit is checked, as the start
limit really should be checked last, right before everything has been verified
to be in order.
The generic start limit logic is left in unit.c, but the invocation of it is
moved into the per-type files, in the various xyz_start() functions, so that
they may place the check at the right location.
Note that this change drops the enforcement entirely from device, slice, target
and scope units, since these unit types generally may not fail activation, or
may only be activated a single time. This is also documented now.
Note that restores the "start-limit-hit" result code that existed before
6bf0f408e4833152197fb38fb10a9989c89f3a59 already in the service code. However,
it's not introduced for all units that have a result code concept.
Fixes #3166.
2016-05-02 13:01:26 +02:00
/* Make sure we don't enter a busy loop of some kind. */
2019-03-18 12:21:27 +01:00
r = unit_test_start_limit ( u ) ;
core: move enforcement of the start limit into per-unit-type code again
Let's move the enforcement of the per-unit start limit from unit.c into the
type-specific files again. For unit types that know a concept of "result" codes
this allows us to hook up the start limit condition to it with an explicit
result code. Also, this makes sure that the state checks in clal like
service_start() may be done before the start limit is checked, as the start
limit really should be checked last, right before everything has been verified
to be in order.
The generic start limit logic is left in unit.c, but the invocation of it is
moved into the per-type files, in the various xyz_start() functions, so that
they may place the check at the right location.
Note that this change drops the enforcement entirely from device, slice, target
and scope units, since these unit types generally may not fail activation, or
may only be activated a single time. This is also documented now.
Note that restores the "start-limit-hit" result code that existed before
6bf0f408e4833152197fb38fb10a9989c89f3a59 already in the service code. However,
it's not introduced for all units that have a result code concept.
Fixes #3166.
2016-05-02 13:01:26 +02:00
if ( r < 0 ) {
service_enter_dead ( s , SERVICE_FAILURE_START_LIMIT_HIT , false ) ;
return r ;
}
2016-08-30 23:18:46 +02:00
r = unit_acquire_invocation_id ( u ) ;
if ( r < 0 )
return r ;
2012-02-03 02:01:35 +01:00
s - > result = SERVICE_SUCCESS ;
s - > reload_result = SERVICE_SUCCESS ;
2010-01-26 04:18:44 +01:00
s - > main_pid_known = false ;
2011-04-28 04:56:53 +02:00
s - > main_pid_alien = false ;
2010-08-09 23:33:48 +02:00
s - > forbid_restart = false ;
2017-11-17 16:43:08 +01:00
2015-09-08 18:43:11 +02:00
s - > status_text = mfree ( s - > status_text ) ;
2014-07-07 17:33:46 +02:00
s - > status_errno = 0 ;
2014-08-21 17:03:15 +02:00
s - > notify_state = NOTIFY_UNKNOWN ;
2018-10-24 19:04:41 +02:00
s - > watchdog_original_usec = s - > watchdog_usec ;
2016-06-22 13:26:05 +02:00
s - > watchdog_override_enable = false ;
2018-10-24 19:04:41 +02:00
s - > watchdog_override_usec = USEC_INFINITY ;
2016-06-22 13:26:05 +02:00
2018-07-17 19:36:46 +02:00
exec_command_reset_status_list_array ( s - > exec_command , _SERVICE_EXEC_COMMAND_MAX ) ;
exec_status_reset ( & s - > main_exec_status ) ;
2017-08-09 21:12:55 +02:00
/* This is not an automatic restart? Flush the restart counter then */
if ( s - > flush_n_restarts ) {
s - > n_restarts = 0 ;
s - > flush_n_restarts = false ;
}
2018-07-17 19:36:46 +02:00
u - > reset_accounting = true ;
2019-06-29 02:02:30 +02:00
service_enter_condition ( s ) ;
2015-01-28 15:07:13 +01:00
return 1 ;
2010-01-23 01:52:57 +01:00
}
2010-01-26 21:39:06 +01:00
static int service_stop ( Unit * u ) {
Service * s = SERVICE ( u ) ;
2010-01-23 01:52:57 +01:00
assert ( s ) ;
2015-04-28 20:45:25 +02:00
/* Don't create restart jobs from manual stops. */
2010-08-09 23:33:48 +02:00
s - > forbid_restart = true ;
2010-01-26 04:18:44 +01:00
2010-04-10 17:53:17 +02:00
/* Already on it */
2015-04-21 02:19:58 +02:00
if ( IN_SET ( s - > state ,
2017-11-29 07:43:44 +01:00
SERVICE_STOP , SERVICE_STOP_SIGTERM , SERVICE_STOP_SIGKILL , SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG , SERVICE_FINAL_SIGTERM , SERVICE_FINAL_SIGKILL ) )
2010-04-10 17:53:17 +02:00
return 0 ;
2012-04-29 15:35:48 +02:00
/* A restart will be scheduled or is in progress. */
2010-01-26 04:18:44 +01:00
if ( s - > state = = SERVICE_AUTO_RESTART ) {
2012-06-26 11:42:52 +02:00
service_set_state ( s , SERVICE_DEAD ) ;
2010-01-26 04:18:44 +01:00
return 0 ;
}
2010-07-10 04:52:00 +02:00
/* If there's already something running we go directly into
* kill mode . */
2019-06-29 02:02:30 +02:00
if ( IN_SET ( s - > state , SERVICE_CONDITION , SERVICE_START_PRE , SERVICE_START , SERVICE_START_POST , SERVICE_RELOAD , SERVICE_STOP_WATCHDOG ) ) {
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_SUCCESS ) ;
2010-07-10 04:52:00 +02:00
return 0 ;
}
2010-01-23 01:52:57 +01:00
2019-04-01 18:48:20 +02:00
/* If we are currently cleaning, then abort it, brutally. */
if ( s - > state = = SERVICE_CLEANING ) {
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , SERVICE_SUCCESS ) ;
return 0 ;
}
2015-04-21 02:19:58 +02:00
assert ( IN_SET ( s - > state , SERVICE_RUNNING , SERVICE_EXITED ) ) ;
2010-04-23 22:55:14 +02:00
2012-02-03 02:01:35 +01:00
service_enter_stop ( s , SERVICE_SUCCESS ) ;
2015-01-28 15:07:13 +01:00
return 1 ;
2010-01-23 01:52:57 +01:00
}
2010-01-26 21:39:06 +01:00
static int service_reload ( Unit * u ) {
Service * s = SERVICE ( u ) ;
2010-01-26 04:18:44 +01:00
assert ( s ) ;
2017-09-29 00:37:23 +02:00
assert ( IN_SET ( s - > state , SERVICE_RUNNING , SERVICE_EXITED ) ) ;
2010-01-26 04:18:44 +01:00
service_enter_reload ( s ) ;
2015-07-16 21:39:56 +02:00
return 1 ;
2010-01-23 01:52:57 +01:00
}
2013-05-03 04:51:50 +02:00
_pure_ static bool service_can_reload ( Unit * u ) {
2010-01-26 21:39:06 +01:00
Service * s = SERVICE ( u ) ;
2010-01-26 04:18:44 +01:00
assert ( s ) ;
return ! ! s - > exec_command [ SERVICE_EXEC_RELOAD ] ;
}
2017-01-23 17:12:35 +01:00
static unsigned service_exec_command_index ( Unit * u , ServiceExecCommand id , ExecCommand * current ) {
Service * s = SERVICE ( u ) ;
unsigned idx = 0 ;
ExecCommand * first , * c ;
assert ( s ) ;
2020-04-22 20:33:57 +02:00
assert ( id > = 0 ) ;
assert ( id < _SERVICE_EXEC_COMMAND_MAX ) ;
2017-01-23 17:12:35 +01:00
first = s - > exec_command [ id ] ;
/* Figure out where we are in the list by walking back to the beginning */
for ( c = current ; c ! = first ; c = c - > command_prev )
idx + + ;
return idx ;
}
static int service_serialize_exec_command ( Unit * u , FILE * f , ExecCommand * command ) {
2018-10-17 20:40:09 +02:00
_cleanup_free_ char * args = NULL , * p = NULL ;
size_t allocated = 0 , length = 0 ;
2017-01-23 17:12:35 +01:00
Service * s = SERVICE ( u ) ;
2018-10-17 20:40:09 +02:00
const char * type , * key ;
2017-01-23 17:12:35 +01:00
ServiceExecCommand id ;
unsigned idx ;
char * * arg ;
assert ( s ) ;
assert ( f ) ;
if ( ! command )
return 0 ;
if ( command = = s - > control_command ) {
type = " control " ;
id = s - > control_command_id ;
} else {
type = " main " ;
id = SERVICE_EXEC_START ;
}
idx = service_exec_command_index ( u , id , command ) ;
STRV_FOREACH ( arg , command - > argv ) {
_cleanup_free_ char * e = NULL ;
2018-10-17 20:40:09 +02:00
size_t n ;
2017-01-23 17:12:35 +01:00
2018-10-17 20:40:09 +02:00
e = cescape ( * arg ) ;
2017-01-23 17:12:35 +01:00
if ( ! e )
2018-10-17 20:40:09 +02:00
return log_oom ( ) ;
2017-01-23 17:12:35 +01:00
n = strlen ( e ) ;
2019-07-08 14:18:46 +02:00
if ( ! GREEDY_REALLOC ( args , allocated , length + 2 + n + 2 ) )
2018-10-17 20:40:09 +02:00
return log_oom ( ) ;
2017-01-23 17:12:35 +01:00
if ( length > 0 )
args [ length + + ] = ' ' ;
2019-07-08 14:18:46 +02:00
args [ length + + ] = ' " ' ;
2017-01-23 17:12:35 +01:00
memcpy ( args + length , e , n ) ;
length + = n ;
2019-07-08 14:18:46 +02:00
args [ length + + ] = ' " ' ;
2017-01-23 17:12:35 +01:00
}
if ( ! GREEDY_REALLOC ( args , allocated , length + 1 ) )
2018-10-17 20:40:09 +02:00
return log_oom ( ) ;
2017-01-23 17:12:35 +01:00
args [ length + + ] = 0 ;
2018-10-17 20:40:09 +02:00
p = cescape ( command - > path ) ;
2017-01-23 17:12:35 +01:00
if ( ! p )
2020-04-22 20:33:57 +02:00
return log_oom ( ) ;
2017-01-23 17:12:35 +01:00
2018-10-17 20:40:09 +02:00
key = strjoina ( type , " -command " ) ;
2020-04-22 20:33:57 +02:00
( void ) serialize_item_format ( f , key , " %s %u %s %s " , service_exec_command_to_string ( id ) , idx , p , args ) ;
return 0 ;
2017-01-23 17:12:35 +01:00
}
2010-04-21 03:27:44 +02:00
static int service_serialize ( Unit * u , FILE * f , FDSet * fds ) {
Service * s = SERVICE ( u ) ;
2015-01-07 01:18:13 +01:00
ServiceFDStore * fs ;
2015-10-07 23:07:39 +02:00
int r ;
2010-04-21 03:27:44 +02:00
assert ( u ) ;
assert ( f ) ;
assert ( fds ) ;
2018-10-17 20:40:09 +02:00
( void ) serialize_item ( f , " state " , service_state_to_string ( s - > state ) ) ;
( void ) serialize_item ( f , " result " , service_result_to_string ( s - > result ) ) ;
( void ) serialize_item ( f , " reload-result " , service_result_to_string ( s - > reload_result ) ) ;
2010-04-21 03:27:44 +02:00
if ( s - > control_pid > 0 )
2018-10-17 20:40:09 +02:00
( void ) serialize_item_format ( f , " control-pid " , PID_FMT , s - > control_pid ) ;
2010-04-21 03:27:44 +02:00
2010-06-17 22:55:53 +02:00
if ( s - > main_pid_known & & s - > main_pid > 0 )
2018-10-17 20:40:09 +02:00
( void ) serialize_item_format ( f , " main-pid " , PID_FMT , s - > main_pid ) ;
2010-04-21 03:27:44 +02:00
2018-10-17 20:40:09 +02:00
( void ) serialize_bool ( f , " main-pid-known " , s - > main_pid_known ) ;
( void ) serialize_bool ( f , " bus-name-good " , s - > bus_name_good ) ;
( void ) serialize_bool ( f , " bus-name-owner " , s - > bus_name_owner ) ;
2010-04-21 03:27:44 +02:00
2018-10-17 20:40:09 +02:00
( void ) serialize_item_format ( f , " n-restarts " , " %u " , s - > n_restarts ) ;
( void ) serialize_bool ( f , " flush-n-restarts " , s - > flush_n_restarts ) ;
2017-08-09 21:12:55 +02:00
2018-10-17 20:40:09 +02:00
r = serialize_item_escaped ( f , " status-text " , s - > status_text ) ;
2015-10-07 23:07:39 +02:00
if ( r < 0 )
return r ;
2010-07-21 05:16:45 +02:00
2017-01-23 17:12:35 +01:00
service_serialize_exec_command ( u , f , s - > control_command ) ;
service_serialize_exec_command ( u , f , s - > main_command ) ;
2010-04-21 03:27:44 +02:00
2018-10-17 20:40:09 +02:00
r = serialize_fd ( f , fds , " stdin-fd " , s - > stdin_fd ) ;
2015-10-07 23:07:39 +02:00
if ( r < 0 )
return r ;
2018-10-17 20:40:09 +02:00
r = serialize_fd ( f , fds , " stdout-fd " , s - > stdout_fd ) ;
2015-10-07 23:07:39 +02:00
if ( r < 0 )
return r ;
2018-10-17 20:40:09 +02:00
r = serialize_fd ( f , fds , " stderr-fd " , s - > stderr_fd ) ;
2015-10-07 23:07:39 +02:00
if ( r < 0 )
return r ;
2014-08-22 19:02:03 +02:00
2018-07-17 11:47:14 +02:00
if ( s - > exec_fd_event_source ) {
2018-10-17 20:40:09 +02:00
r = serialize_fd ( f , fds , " exec-fd " , sd_event_source_get_io_fd ( s - > exec_fd_event_source ) ) ;
2018-07-17 11:47:14 +02:00
if ( r < 0 )
return r ;
2018-10-17 20:40:09 +02:00
( void ) serialize_bool ( f , " exec-fd-hot " , s - > exec_fd_hot ) ;
2018-07-17 11:47:14 +02:00
}
2016-08-05 05:26:31 +02:00
if ( UNIT_ISSET ( s - > accept_socket ) ) {
2018-10-17 20:40:09 +02:00
r = serialize_item ( f , " accept-socket " , UNIT_DEREF ( s - > accept_socket ) - > id ) ;
2016-08-05 05:26:31 +02:00
if ( r < 0 )
return r ;
}
2018-10-17 20:40:09 +02:00
r = serialize_fd ( f , fds , " socket-fd " , s - > socket_fd ) ;
2015-10-07 23:07:39 +02:00
if ( r < 0 )
return r ;
2014-08-22 19:02:03 +02:00
2015-01-07 01:18:13 +01:00
LIST_FOREACH ( fd_store , fs , s - > fd_store ) {
2015-10-04 17:36:19 +02:00
_cleanup_free_ char * c = NULL ;
2015-01-07 01:18:13 +01:00
int copy ;
copy = fdset_put_dup ( fds , fs - > fd ) ;
if ( copy < 0 )
2018-10-17 20:40:09 +02:00
return log_error_errno ( copy , " Failed to copy file descriptor for serialization: %m " ) ;
2015-01-07 01:18:13 +01:00
2015-10-04 17:36:19 +02:00
c = cescape ( fs - > fdname ) ;
2018-10-17 20:40:09 +02:00
if ( ! c )
return log_oom ( ) ;
2015-10-04 17:36:19 +02:00
2020-04-09 15:30:02 +02:00
( void ) serialize_item_format ( f , " fd-store-fd " , " %i \" %s \" %i " , copy , c , fs - > do_poll ) ;
2015-01-07 01:18:13 +01:00
}
2010-07-07 04:12:59 +02:00
if ( s - > main_exec_status . pid > 0 ) {
2018-10-17 20:40:09 +02:00
( void ) serialize_item_format ( f , " main-exec-status-pid " , PID_FMT , s - > main_exec_status . pid ) ;
( void ) serialize_dual_timestamp ( f , " main-exec-status-start " , & s - > main_exec_status . start_timestamp ) ;
( void ) serialize_dual_timestamp ( f , " main-exec-status-exit " , & s - > main_exec_status . exit_timestamp ) ;
2010-07-07 04:12:59 +02:00
2010-10-28 03:16:03 +02:00
if ( dual_timestamp_is_set ( & s - > main_exec_status . exit_timestamp ) ) {
2018-10-17 20:40:09 +02:00
( void ) serialize_item_format ( f , " main-exec-status-code " , " %i " , s - > main_exec_status . code ) ;
( void ) serialize_item_format ( f , " main-exec-status-status " , " %i " , s - > main_exec_status . status ) ;
2010-07-07 04:12:59 +02:00
}
}
2015-04-24 12:25:55 +02:00
2018-10-17 20:40:09 +02:00
( void ) serialize_dual_timestamp ( f , " watchdog-timestamp " , & s - > watchdog_timestamp ) ;
( void ) serialize_bool ( f , " forbid-restart " , s - > forbid_restart ) ;
2013-10-07 05:06:35 +02:00
2016-06-22 13:26:05 +02:00
if ( s - > watchdog_override_enable )
2018-10-17 20:40:09 +02:00
( void ) serialize_item_format ( f , " watchdog-override-usec " , USEC_FMT , s - > watchdog_override_usec ) ;
2016-06-22 13:26:05 +02:00
2018-10-24 19:04:41 +02:00
if ( s - > watchdog_original_usec ! = USEC_INFINITY )
( void ) serialize_item_format ( f , " watchdog-original-usec " , USEC_FMT , s - > watchdog_original_usec ) ;
2010-04-21 03:27:44 +02:00
return 0 ;
}
2020-04-22 20:33:57 +02:00
static int service_deserialize_exec_command (
Unit * u ,
const char * key ,
const char * value ) {
2017-01-23 17:12:35 +01:00
Service * s = SERVICE ( u ) ;
int r ;
unsigned idx = 0 , i ;
bool control , found = false ;
ServiceExecCommand id = _SERVICE_EXEC_COMMAND_INVALID ;
ExecCommand * command = NULL ;
2017-04-28 23:49:50 +02:00
_cleanup_free_ char * path = NULL ;
2017-01-23 17:12:35 +01:00
_cleanup_strv_free_ char * * argv = NULL ;
enum ExecCommandState {
STATE_EXEC_COMMAND_TYPE ,
STATE_EXEC_COMMAND_INDEX ,
STATE_EXEC_COMMAND_PATH ,
STATE_EXEC_COMMAND_ARGS ,
_STATE_EXEC_COMMAND_MAX ,
_STATE_EXEC_COMMAND_INVALID = - 1 ,
} state ;
assert ( s ) ;
assert ( key ) ;
assert ( value ) ;
control = streq ( key , " control-command " ) ;
state = STATE_EXEC_COMMAND_TYPE ;
for ( ; ; ) {
_cleanup_free_ char * arg = NULL ;
2019-07-08 14:18:46 +02:00
r = extract_first_word ( & value , & arg , NULL , EXTRACT_CUNESCAPE | EXTRACT_UNQUOTE ) ;
2018-10-17 20:18:27 +02:00
if ( r < 0 )
return r ;
2017-01-23 17:12:35 +01:00
if ( r = = 0 )
break ;
switch ( state ) {
case STATE_EXEC_COMMAND_TYPE :
id = service_exec_command_from_string ( arg ) ;
if ( id < 0 )
return - EINVAL ;
state = STATE_EXEC_COMMAND_INDEX ;
break ;
case STATE_EXEC_COMMAND_INDEX :
r = safe_atou ( arg , & idx ) ;
if ( r < 0 )
return - EINVAL ;
state = STATE_EXEC_COMMAND_PATH ;
break ;
case STATE_EXEC_COMMAND_PATH :
2018-03-22 16:53:26 +01:00
path = TAKE_PTR ( arg ) ;
2017-01-23 17:12:35 +01:00
state = STATE_EXEC_COMMAND_ARGS ;
if ( ! path_is_absolute ( path ) )
return - EINVAL ;
break ;
case STATE_EXEC_COMMAND_ARGS :
r = strv_extend ( & argv , arg ) ;
if ( r < 0 )
return - ENOMEM ;
break ;
default :
assert_not_reached ( " Unknown error at deserialization of exec command " ) ;
break ;
}
}
if ( state ! = STATE_EXEC_COMMAND_ARGS )
return - EINVAL ;
/* Let's check whether exec command on given offset matches data that we just deserialized */
for ( command = s - > exec_command [ id ] , i = 0 ; command ; command = command - > command_next , i + + ) {
if ( i ! = idx )
continue ;
found = strv_equal ( argv , command - > argv ) & & streq ( command - > path , path ) ;
break ;
}
if ( ! found ) {
/* Command at the index we serialized is different, let's look for command that exactly
* matches but is on different index . If there is no such command we will not resume execution . */
for ( command = s - > exec_command [ id ] ; command ; command = command - > command_next )
if ( strv_equal ( command - > argv , argv ) & & streq ( command - > path , path ) )
break ;
}
2020-04-22 20:34:02 +02:00
if ( command & & control ) {
2017-01-23 17:12:35 +01:00
s - > control_command = command ;
2020-04-22 20:34:02 +02:00
s - > control_command_id = id ;
} else if ( command )
2017-01-23 17:12:35 +01:00
s - > main_command = command ;
else
log_unit_warning ( u , " Current command vanished from the unit file, execution of the command list won't be resumed. " ) ;
return 0 ;
}
2010-04-21 03:27:44 +02:00
static int service_deserialize_item ( Unit * u , const char * key , const char * value , FDSet * fds ) {
Service * s = SERVICE ( u ) ;
2015-01-07 01:18:13 +01:00
int r ;
2010-04-21 03:27:44 +02:00
assert ( u ) ;
assert ( key ) ;
assert ( value ) ;
assert ( fds ) ;
if ( streq ( key , " state " ) ) {
ServiceState state ;
2013-03-02 14:28:58 +01:00
state = service_state_from_string ( value ) ;
if ( state < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse state value: %s " , value ) ;
2010-04-21 03:27:44 +02:00
else
s - > deserialized_state = state ;
2012-02-03 02:01:35 +01:00
} else if ( streq ( key , " result " ) ) {
ServiceResult f ;
f = service_result_from_string ( value ) ;
if ( f < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse result value: %s " , value ) ;
2012-02-03 02:01:35 +01:00
else if ( f ! = SERVICE_SUCCESS )
s - > result = f ;
} else if ( streq ( key , " reload-result " ) ) {
ServiceResult f ;
f = service_result_from_string ( value ) ;
if ( f < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse reload result value: %s " , value ) ;
2012-02-03 02:01:35 +01:00
else if ( f ! = SERVICE_SUCCESS )
s - > reload_result = f ;
2010-04-21 03:27:44 +02:00
} else if ( streq ( key , " control-pid " ) ) {
2010-06-17 22:55:53 +02:00
pid_t pid ;
2010-04-21 03:27:44 +02:00
2010-08-11 22:04:22 +02:00
if ( parse_pid ( value , & pid ) < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse control-pid value: %s " , value ) ;
2010-04-21 03:27:44 +02:00
else
2010-06-18 22:05:29 +02:00
s - > control_pid = pid ;
2010-04-21 03:27:44 +02:00
} else if ( streq ( key , " main-pid " ) ) {
2010-06-17 22:55:53 +02:00
pid_t pid ;
2010-04-21 03:27:44 +02:00
2010-08-11 22:04:22 +02:00
if ( parse_pid ( value , & pid ) < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse main-pid value: %s " , value ) ;
2018-01-22 17:44:43 +01:00
else
( void ) service_set_main_pid ( s , pid ) ;
2010-04-21 03:27:44 +02:00
} else if ( streq ( key , " main-pid-known " ) ) {
int b ;
2013-03-02 14:28:58 +01:00
b = parse_boolean ( value ) ;
if ( b < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse main-pid-known value: %s " , value ) ;
2010-04-21 03:27:44 +02:00
else
s - > main_pid_known = b ;
2015-06-10 14:36:50 +02:00
} else if ( streq ( key , " bus-name-good " ) ) {
int b ;
b = parse_boolean ( value ) ;
if ( b < 0 )
log_unit_debug ( u , " Failed to parse bus-name-good value: %s " , value ) ;
else
s - > bus_name_good = b ;
core: fix bus name synchronization after daemon-reload
During daemon-reload, PID1 temporarly loses its DBus connection, so there's
a small window in which all signals sent by dbus-daemon are lost.
This is a problem, since we rely on the NameOwnerChanged signals in order to
consider a service with Type=dbus fully started or terminated, respectively.
In order to fix this, a rewrite of bus_list_names() is necessary. We used
to walk the current list of names on the bus, and blindly triggered the
bus_name_owner_change() callback on each service, providing the actual name
as current owner. This implementation has a number of problems:
* We cannot detect if the the name was moved from one owner to the other
while we were reloading
* We don't notify services which missed the name loss signal
* Providing the actual name as current owner is a hack, as the comment also
admits.
To fix this, this patch carries the following changes:
* Track the name of the current bus name owner, and (de-)serialize it
during reload. This way, we can detect changes.
* In bus_list_names(), walk the list of bus names we're interested in
first, and then see if the name is active on the bus. If it is,
check it it's still the same as it used to be, and synthesize
NameOwnerChanged signals for the name add and/or loss.
This should fully synchronize the current name list with the internal
state of all services.
2015-12-18 17:28:15 +01:00
} else if ( streq ( key , " bus-name-owner " ) ) {
r = free_and_strdup ( & s - > bus_name_owner , value ) ;
if ( r < 0 )
log_unit_error_errno ( u , r , " Unable to deserialize current bus owner %s: %m " , value ) ;
2010-07-21 05:16:45 +02:00
} else if ( streq ( key , " status-text " ) ) {
char * t ;
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
r = cunescape ( value , 0 , & t ) ;
if ( r < 0 )
2018-10-19 18:40:42 +02:00
log_unit_debug_errno ( u , r , " Failed to unescape status text '%s': %m " , value ) ;
2018-10-17 20:18:27 +02:00
else
free_and_replace ( s - > status_text , t ) ;
2010-07-21 05:16:45 +02:00
2016-08-05 05:26:31 +02:00
} else if ( streq ( key , " accept-socket " ) ) {
Unit * socket ;
r = manager_load_unit ( u - > manager , value , NULL , NULL , & socket ) ;
if ( r < 0 )
2018-10-19 18:40:42 +02:00
log_unit_debug_errno ( u , r , " Failed to load accept-socket unit '%s': %m " , value ) ;
2016-08-05 05:26:31 +02:00
else {
2018-02-13 13:12:43 +01:00
unit_ref_set ( & s - > accept_socket , u , socket ) ;
2016-08-05 05:26:31 +02:00
SOCKET ( socket ) - > n_connections + + ;
}
2010-04-21 03:27:44 +02:00
} else if ( streq ( key , " socket-fd " ) ) {
int fd ;
if ( safe_atoi ( value , & fd ) < 0 | | fd < 0 | | ! fdset_contains ( fds , fd ) )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse socket-fd value: %s " , value ) ;
2010-04-21 03:27:44 +02:00
else {
2014-05-13 23:22:13 +02:00
asynchronous_close ( s - > socket_fd ) ;
2010-04-21 03:27:44 +02:00
s - > socket_fd = fdset_remove ( fds , fd ) ;
}
2015-01-07 01:18:13 +01:00
} else if ( streq ( key , " fd-store-fd " ) ) {
2020-04-09 15:30:02 +02:00
_cleanup_free_ char * fdv = NULL , * fdn = NULL , * fdp = NULL ;
2015-01-07 01:18:13 +01:00
int fd ;
2020-04-09 15:30:02 +02:00
int do_poll ;
2015-01-07 01:18:13 +01:00
2020-04-09 15:30:02 +02:00
r = extract_first_word ( & value , & fdv , NULL , 0 ) ;
if ( r < = 0 | | safe_atoi ( fdv , & fd ) < 0 | | fd < 0 | | ! fdset_contains ( fds , fd ) ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse fd-store-fd value: %s " , value ) ;
2020-04-09 15:30:02 +02:00
return 0 ;
}
2015-10-04 17:36:19 +02:00
2020-04-09 15:30:02 +02:00
r = extract_first_word ( & value , & fdn , NULL , EXTRACT_CUNESCAPE | EXTRACT_UNQUOTE ) ;
if ( r < = 0 ) {
log_unit_debug_errno ( u , r , " Failed to parse fd-store-fd value \" %s \" : %m " , value ) ;
return 0 ;
}
2015-10-04 17:36:19 +02:00
2020-04-09 15:30:02 +02:00
r = extract_first_word ( & value , & fdp , NULL , 0 ) ;
if ( r = = 0 ) {
/* If the value is not present, we assume the default */
do_poll = 1 ;
} else if ( r < 0 | | safe_atoi ( fdp , & do_poll ) < 0 ) {
log_unit_debug_errno ( u , r , " Failed to parse fd-store-fd value \" %s \" : %m " , value ) ;
return 0 ;
2015-01-07 01:18:13 +01:00
}
2020-04-09 15:30:02 +02:00
r = service_add_fd_store ( s , fd , fdn , do_poll ) ;
if ( r < 0 )
log_unit_error_errno ( u , r , " Failed to add fd to store: %m " ) ;
else
fdset_remove ( fds , fd ) ;
2010-07-07 04:12:59 +02:00
} else if ( streq ( key , " main-exec-status-pid " ) ) {
pid_t pid ;
2010-08-11 22:04:22 +02:00
if ( parse_pid ( value , & pid ) < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse main-exec-status-pid value: %s " , value ) ;
2010-07-07 04:12:59 +02:00
else
s - > main_exec_status . pid = pid ;
} else if ( streq ( key , " main-exec-status-code " ) ) {
int i ;
2010-08-11 22:04:22 +02:00
if ( safe_atoi ( value , & i ) < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse main-exec-status-code value: %s " , value ) ;
2010-07-07 04:12:59 +02:00
else
s - > main_exec_status . code = i ;
} else if ( streq ( key , " main-exec-status-status " ) ) {
int i ;
2010-08-11 22:04:22 +02:00
if ( safe_atoi ( value , & i ) < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse main-exec-status-status value: %s " , value ) ;
2010-07-07 04:12:59 +02:00
else
s - > main_exec_status . status = i ;
2010-10-28 03:16:03 +02:00
} else if ( streq ( key , " main-exec-status-start " ) )
2018-10-17 20:40:09 +02:00
deserialize_dual_timestamp ( value , & s - > main_exec_status . start_timestamp ) ;
2010-10-28 03:16:03 +02:00
else if ( streq ( key , " main-exec-status-exit " ) )
2018-10-17 20:40:09 +02:00
deserialize_dual_timestamp ( value , & s - > main_exec_status . exit_timestamp ) ;
2012-02-01 17:17:12 +01:00
else if ( streq ( key , " watchdog-timestamp " ) )
2018-10-17 20:40:09 +02:00
deserialize_dual_timestamp ( value , & s - > watchdog_timestamp ) ;
2013-11-27 20:23:18 +01:00
else if ( streq ( key , " forbid-restart " ) ) {
2013-10-07 05:06:35 +02:00
int b ;
b = parse_boolean ( value ) ;
if ( b < 0 )
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Failed to parse forbid-restart value: %s " , value ) ;
2013-10-07 05:06:35 +02:00
else
s - > forbid_restart = b ;
2015-10-07 23:07:39 +02:00
} else if ( streq ( key , " stdin-fd " ) ) {
int fd ;
if ( safe_atoi ( value , & fd ) < 0 | | fd < 0 | | ! fdset_contains ( fds , fd ) )
log_unit_debug ( u , " Failed to parse stdin-fd value: %s " , value ) ;
else {
asynchronous_close ( s - > stdin_fd ) ;
s - > stdin_fd = fdset_remove ( fds , fd ) ;
2016-01-28 16:25:39 +01:00
s - > exec_context . stdio_as_fds = true ;
2015-10-07 23:07:39 +02:00
}
} else if ( streq ( key , " stdout-fd " ) ) {
int fd ;
if ( safe_atoi ( value , & fd ) < 0 | | fd < 0 | | ! fdset_contains ( fds , fd ) )
log_unit_debug ( u , " Failed to parse stdout-fd value: %s " , value ) ;
else {
asynchronous_close ( s - > stdout_fd ) ;
s - > stdout_fd = fdset_remove ( fds , fd ) ;
2016-01-28 16:25:39 +01:00
s - > exec_context . stdio_as_fds = true ;
2015-10-07 23:07:39 +02:00
}
} else if ( streq ( key , " stderr-fd " ) ) {
int fd ;
if ( safe_atoi ( value , & fd ) < 0 | | fd < 0 | | ! fdset_contains ( fds , fd ) )
log_unit_debug ( u , " Failed to parse stderr-fd value: %s " , value ) ;
else {
asynchronous_close ( s - > stderr_fd ) ;
s - > stderr_fd = fdset_remove ( fds , fd ) ;
2016-01-28 16:25:39 +01:00
s - > exec_context . stdio_as_fds = true ;
2015-10-07 23:07:39 +02:00
}
2018-07-17 11:47:14 +02:00
} else if ( streq ( key , " exec-fd " ) ) {
int fd ;
if ( safe_atoi ( value , & fd ) < 0 | | fd < 0 | | ! fdset_contains ( fds , fd ) )
log_unit_debug ( u , " Failed to parse exec-fd value: %s " , value ) ;
else {
s - > exec_fd_event_source = sd_event_source_unref ( s - > exec_fd_event_source ) ;
fd = fdset_remove ( fds , fd ) ;
if ( service_allocate_exec_fd_event_source ( s , fd , & s - > exec_fd_event_source ) < 0 )
safe_close ( fd ) ;
}
2016-06-22 13:26:05 +02:00
} else if ( streq ( key , " watchdog-override-usec " ) ) {
2018-10-17 20:40:09 +02:00
if ( deserialize_usec ( value , & s - > watchdog_override_usec ) < 0 )
2016-06-22 13:26:05 +02:00
log_unit_debug ( u , " Failed to parse watchdog_override_usec value: %s " , value ) ;
2018-10-17 20:40:09 +02:00
else
2016-06-22 13:26:05 +02:00
s - > watchdog_override_enable = true ;
2018-10-17 20:40:09 +02:00
2018-10-24 19:04:41 +02:00
} else if ( streq ( key , " watchdog-original-usec " ) ) {
if ( deserialize_usec ( value , & s - > watchdog_original_usec ) < 0 )
log_unit_debug ( u , " Failed to parse watchdog_original_usec value: %s " , value ) ;
2017-01-23 17:12:35 +01:00
} else if ( STR_IN_SET ( key , " main-command " , " control-command " ) ) {
r = service_deserialize_exec_command ( u , key , value ) ;
if ( r < 0 )
log_unit_debug_errno ( u , r , " Failed to parse serialized command \" %s \" : %m " , value ) ;
2017-08-09 21:12:55 +02:00
} else if ( streq ( key , " n-restarts " ) ) {
r = safe_atou ( value , & s - > n_restarts ) ;
if ( r < 0 )
log_unit_debug_errno ( u , r , " Failed to parse serialized restart counter '%s': %m " , value ) ;
} else if ( streq ( key , " flush-n-restarts " ) ) {
r = parse_boolean ( value ) ;
if ( r < 0 )
log_unit_debug_errno ( u , r , " Failed to parse serialized flush restart counter setting '%s': %m " , value ) ;
else
s - > flush_n_restarts = r ;
2013-03-14 18:12:27 +01:00
} else
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Unknown serialization key: %s " , key ) ;
2010-04-21 03:27:44 +02:00
return 0 ;
}
2013-05-03 04:51:50 +02:00
_pure_ static UnitActiveState service_active_state ( Unit * u ) {
2012-05-24 02:22:35 +02:00
const UnitActiveState * table ;
2010-01-26 21:39:06 +01:00
assert ( u ) ;
2010-01-23 01:52:57 +01:00
2012-05-24 02:22:35 +02:00
table = SERVICE ( u ) - > type = = SERVICE_IDLE ? state_translation_table_idle : state_translation_table ;
return table [ SERVICE ( u ) - > state ] ;
2010-01-26 04:18:44 +01:00
}
2010-04-13 20:59:01 +02:00
static const char * service_sub_state_to_string ( Unit * u ) {
assert ( u ) ;
return service_state_to_string ( SERVICE ( u ) - > state ) ;
}
2018-02-13 10:50:13 +01:00
static bool service_may_gc ( Unit * u ) {
2010-04-21 06:01:13 +02:00
Service * s = SERVICE ( u ) ;
assert ( s ) ;
2017-11-24 20:27:01 +01:00
/* Never clean up services that still have a process around, even if the service is formally dead. Note that
2018-02-13 10:50:13 +01:00
* unit_may_gc ( ) already checked our cgroup for us , we just check our two additional PIDs , too , in case they
2017-11-24 20:27:01 +01:00
* have moved outside of the cgroup . */
if ( main_pid_good ( s ) > 0 | |
2011-02-25 01:49:10 +01:00
control_pid_good ( s ) > 0 )
2018-02-13 10:50:13 +01:00
return false ;
2011-02-25 01:49:10 +01:00
2018-02-13 10:50:13 +01:00
return true ;
2011-02-25 01:49:10 +01:00
}
2011-12-03 02:13:30 +01:00
static int service_retry_pid_file ( Service * s ) {
int r ;
assert ( s - > pid_file ) ;
2017-09-29 00:37:23 +02:00
assert ( IN_SET ( s - > state , SERVICE_START , SERVICE_START_POST ) ) ;
2011-12-03 02:13:30 +01:00
r = service_load_pid_file ( s , false ) ;
if ( r < 0 )
return r ;
service_unwatch_pid_file ( s ) ;
2012-02-03 02:01:35 +01:00
service_enter_running ( s , SERVICE_SUCCESS ) ;
2011-12-03 02:13:30 +01:00
return 0 ;
}
static int service_watch_pid_file ( Service * s ) {
int r ;
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Setting watch for PID file %s " , s - > pid_file_pathspec - > path ) ;
2014-08-21 16:19:25 +02:00
2018-07-17 11:47:14 +02:00
r = path_spec_watch ( s - > pid_file_pathspec , service_dispatch_inotify_io ) ;
2011-12-03 02:13:30 +01:00
if ( r < 0 )
goto fail ;
/* the pidfile might have appeared just before we set the watch */
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " Trying to read PID file %s in case it changed " , s - > pid_file_pathspec - > path ) ;
2011-12-03 02:13:30 +01:00
service_retry_pid_file ( s ) ;
return 0 ;
fail :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_error_errno ( UNIT ( s ) , r , " Failed to set a watch for PID file %s: %m " , s - > pid_file_pathspec - > path ) ;
2011-12-03 02:13:30 +01:00
service_unwatch_pid_file ( s ) ;
return r ;
}
static int service_demand_pid_file ( Service * s ) {
PathSpec * ps ;
assert ( s - > pid_file ) ;
assert ( ! s - > pid_file_pathspec ) ;
ps = new0 ( PathSpec , 1 ) ;
if ( ! ps )
return - ENOMEM ;
2013-11-19 21:12:59 +01:00
ps - > unit = UNIT ( s ) ;
2011-12-03 02:13:30 +01:00
ps - > path = strdup ( s - > pid_file ) ;
if ( ! ps - > path ) {
free ( ps ) ;
return - ENOMEM ;
}
2018-05-31 16:39:31 +02:00
path_simplify ( ps - > path , false ) ;
2011-12-03 02:13:30 +01:00
/* PATH_CHANGED would not be enough. There are daemons (sendmail) that
* keep their PID file open all the time . */
ps - > type = PATH_MODIFIED ;
ps - > inotify_fd = - 1 ;
s - > pid_file_pathspec = ps ;
return service_watch_pid_file ( s ) ;
}
2018-07-17 11:47:14 +02:00
static int service_dispatch_inotify_io ( sd_event_source * source , int fd , uint32_t events , void * userdata ) {
2013-11-25 22:20:57 +01:00
PathSpec * p = userdata ;
Service * s ;
assert ( p ) ;
s = SERVICE ( p - > unit ) ;
2011-12-03 02:13:30 +01:00
assert ( s ) ;
assert ( fd > = 0 ) ;
2017-09-29 00:37:23 +02:00
assert ( IN_SET ( s - > state , SERVICE_START , SERVICE_START_POST ) ) ;
2011-12-03 02:13:30 +01:00
assert ( s - > pid_file_pathspec ) ;
2012-01-06 23:08:54 +01:00
assert ( path_spec_owns_inotify_fd ( s - > pid_file_pathspec , fd ) ) ;
2011-12-03 02:13:30 +01:00
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( UNIT ( s ) , " inotify event " ) ;
2011-12-03 02:13:30 +01:00
2013-11-25 22:20:57 +01:00
if ( path_spec_fd_event ( p , events ) < 0 )
2011-12-03 02:13:30 +01:00
goto fail ;
if ( service_retry_pid_file ( s ) = = 0 )
2013-11-19 21:12:59 +01:00
return 0 ;
2011-12-03 02:13:30 +01:00
if ( service_watch_pid_file ( s ) < 0 )
goto fail ;
2013-11-19 21:12:59 +01:00
return 0 ;
2011-12-03 02:13:30 +01:00
fail :
service_unwatch_pid_file ( s ) ;
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_RESOURCES ) ;
2013-11-19 21:12:59 +01:00
return 0 ;
2011-12-03 02:13:30 +01:00
}
2018-07-17 11:47:14 +02:00
static int service_dispatch_exec_io ( sd_event_source * source , int fd , uint32_t events , void * userdata ) {
Service * s = SERVICE ( userdata ) ;
assert ( s ) ;
log_unit_debug ( UNIT ( s ) , " got exec-fd event " ) ;
/* If Type=exec is set, we'll consider a service started successfully the instant we invoked execve()
* successfully for it . We implement this through a pipe ( ) towards the child , which the kernel automatically
* closes for us due to O_CLOEXEC on execve ( ) in the child , which then triggers EOF on the pipe in the
* parent . We need to be careful however , as there are other reasons that we might cause the child ' s side of
* the pipe to be closed ( for example , a simple exit ( ) ) . To deal with that we ' ll ignore EOFs on the pipe unless
* the child signalled us first that it is about to call the execve ( ) . It does so by sending us a simple
* non - zero byte via the pipe . We also provide the child with a way to inform us in case execve ( ) failed : if it
* sends a zero byte we ' ll ignore POLLHUP on the fd again . */
for ( ; ; ) {
uint8_t x ;
ssize_t n ;
n = read ( fd , & x , sizeof ( x ) ) ;
if ( n < 0 ) {
if ( errno = = EAGAIN ) /* O_NONBLOCK in effect → everything queued has now been processed. */
return 0 ;
return log_unit_error_errno ( UNIT ( s ) , errno , " Failed to read from exec_fd: %m " ) ;
}
if ( n = = 0 ) { /* EOF → the event we are waiting for */
s - > exec_fd_event_source = sd_event_source_unref ( s - > exec_fd_event_source ) ;
if ( s - > exec_fd_hot ) { /* Did the child tell us to expect EOF now? */
log_unit_debug ( UNIT ( s ) , " Got EOF on exec-fd " ) ;
s - > exec_fd_hot = false ;
/* Nice! This is what we have been waiting for. Transition to next state. */
if ( s - > type = = SERVICE_EXEC & & s - > state = = SERVICE_START )
service_enter_start_post ( s ) ;
} else
log_unit_debug ( UNIT ( s ) , " Got EOF on exec-fd while it was disabled, ignoring. " ) ;
return 0 ;
}
/* A byte was read → this turns on/off the exec fd logic */
assert ( n = = sizeof ( x ) ) ;
s - > exec_fd_hot = x ;
}
return 0 ;
}
2014-02-06 17:17:51 +01:00
static void service_notify_cgroup_empty_event ( Unit * u ) {
Service * s = SERVICE ( u ) ;
assert ( u ) ;
2019-03-19 17:28:02 +01:00
log_unit_debug ( u , " Control group is empty. " ) ;
2014-02-06 17:17:51 +01:00
switch ( s - > state ) {
/* Waiting for SIGCHLD is usually more interesting,
* because it includes return codes / signals . Which is
* why we ignore the cgroup events for most cases ,
* except when we don ' t know pid which to expect the
* SIGCHLD for . */
case SERVICE_START :
2017-09-27 19:56:57 +02:00
if ( s - > type = = SERVICE_NOTIFY & &
main_pid_good ( s ) = = 0 & &
control_pid_good ( s ) = = 0 ) {
2016-10-01 14:06:48 +02:00
/* No chance of getting a ready notification anymore */
2016-12-06 13:30:28 +01:00
service_enter_stop_post ( s , SERVICE_FAILURE_PROTOCOL ) ;
2016-11-24 21:05:47 +01:00
break ;
}
2017-11-19 19:06:10 +01:00
_fallthrough_ ;
2016-11-24 21:05:47 +01:00
case SERVICE_START_POST :
2017-09-27 19:56:57 +02:00
if ( s - > pid_file_pathspec & &
main_pid_good ( s ) = = 0 & &
control_pid_good ( s ) = = 0 ) {
2016-10-01 14:06:48 +02:00
/* Give up hoping for the daemon to write its PID file */
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( u , " Daemon never wrote its PID file. Failing. " ) ;
2014-08-21 16:19:25 +02:00
2014-02-06 17:17:51 +01:00
service_unwatch_pid_file ( s ) ;
if ( s - > state = = SERVICE_START )
2016-12-06 13:30:28 +01:00
service_enter_stop_post ( s , SERVICE_FAILURE_PROTOCOL ) ;
2014-02-06 17:17:51 +01:00
else
2016-11-22 17:39:56 +01:00
service_enter_stop ( s , SERVICE_FAILURE_PROTOCOL ) ;
2014-02-06 17:17:51 +01:00
}
break ;
case SERVICE_RUNNING :
/* service_enter_running() will figure out what to do */
service_enter_running ( s , SERVICE_SUCCESS ) ;
break ;
2018-09-19 21:03:01 +02:00
case SERVICE_STOP_WATCHDOG :
2014-02-06 17:17:51 +01:00
case SERVICE_STOP_SIGTERM :
case SERVICE_STOP_SIGKILL :
2017-09-29 16:41:34 +02:00
if ( main_pid_good ( s ) < = 0 & & control_pid_good ( s ) < = 0 )
2014-02-06 17:17:51 +01:00
service_enter_stop_post ( s , SERVICE_SUCCESS ) ;
break ;
case SERVICE_STOP_POST :
2019-04-16 16:45:20 +02:00
case SERVICE_FINAL_WATCHDOG :
2014-02-06 17:17:51 +01:00
case SERVICE_FINAL_SIGTERM :
case SERVICE_FINAL_SIGKILL :
2017-09-29 16:41:34 +02:00
if ( main_pid_good ( s ) < = 0 & & control_pid_good ( s ) < = 0 )
2014-02-06 17:17:51 +01:00
service_enter_dead ( s , SERVICE_SUCCESS , true ) ;
break ;
default :
;
}
}
2019-03-19 19:05:19 +01:00
static void service_notify_cgroup_oom_event ( Unit * u ) {
Service * s = SERVICE ( u ) ;
log_unit_debug ( u , " Process of control group was killed by the OOM killer. " ) ;
if ( s - > oom_policy = = OOM_CONTINUE )
return ;
switch ( s - > state ) {
2019-06-29 02:02:30 +02:00
case SERVICE_CONDITION :
2019-03-19 19:05:19 +01:00
case SERVICE_START_PRE :
case SERVICE_START :
case SERVICE_START_POST :
case SERVICE_STOP :
if ( s - > oom_policy = = OOM_STOP )
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_OOM_KILL ) ;
else if ( s - > oom_policy = = OOM_KILL )
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_OOM_KILL ) ;
break ;
case SERVICE_EXITED :
case SERVICE_RUNNING :
if ( s - > oom_policy = = OOM_STOP )
service_enter_stop ( s , SERVICE_FAILURE_OOM_KILL ) ;
else if ( s - > oom_policy = = OOM_KILL )
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_OOM_KILL ) ;
break ;
case SERVICE_STOP_WATCHDOG :
case SERVICE_STOP_SIGTERM :
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_OOM_KILL ) ;
break ;
case SERVICE_STOP_SIGKILL :
case SERVICE_FINAL_SIGKILL :
if ( s - > result = = SERVICE_SUCCESS )
s - > result = SERVICE_FAILURE_OOM_KILL ;
break ;
case SERVICE_STOP_POST :
case SERVICE_FINAL_SIGTERM :
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , SERVICE_FAILURE_OOM_KILL ) ;
break ;
default :
;
}
}
2010-01-26 21:39:06 +01:00
static void service_sigchld_event ( Unit * u , pid_t pid , int code , int status ) {
2018-01-12 13:05:07 +01:00
bool notify_dbus = true ;
2010-01-26 21:39:06 +01:00
Service * s = SERVICE ( u ) ;
2012-02-03 02:01:35 +01:00
ServiceResult f ;
2019-02-21 19:37:40 +01:00
ExitClean clean_mode ;
2010-01-23 01:52:57 +01:00
assert ( s ) ;
2010-01-26 04:18:44 +01:00
assert ( pid > = 0 ) ;
2019-02-21 19:37:40 +01:00
/* Oneshot services and non-SERVICE_EXEC_START commands should not be
* considered daemons as they are typically not long running . */
if ( s - > type = = SERVICE_ONESHOT | | ( s - > control_pid = = pid & & s - > control_command_id ! = SERVICE_EXEC_START ) )
clean_mode = EXIT_CLEAN_COMMAND ;
else
clean_mode = EXIT_CLEAN_DAEMON ;
if ( is_clean_exit ( code , status , clean_mode , & s - > success_status ) )
2012-02-03 02:01:35 +01:00
f = SERVICE_SUCCESS ;
else if ( code = = CLD_EXITED )
f = SERVICE_FAILURE_EXIT_CODE ;
else if ( code = = CLD_KILLED )
f = SERVICE_FAILURE_SIGNAL ;
else if ( code = = CLD_DUMPED )
f = SERVICE_FAILURE_CORE_DUMP ;
2010-08-19 03:18:49 +02:00
else
2012-02-03 02:31:54 +01:00
assert_not_reached ( " Unknown code " ) ;
2010-01-26 04:18:44 +01:00
if ( s - > main_pid = = pid ) {
2011-09-20 21:43:30 +02:00
/* Forking services may occasionally move to a new PID.
* As long as they update the PID file before exiting the old
* PID , they ' re fine . */
2018-01-05 12:20:22 +01:00
if ( service_load_pid_file ( s , false ) > 0 )
2011-09-20 21:43:30 +02:00
return ;
2010-01-26 04:18:44 +01:00
s - > main_pid = 0 ;
2011-05-18 01:07:31 +02:00
exec_status_exit ( & s - > main_exec_status , & s - > exec_context , pid , code , status ) ;
2010-01-26 04:18:44 +01:00
2011-01-20 18:46:38 +01:00
if ( s - > main_command ) {
2013-01-14 21:05:17 +01:00
/* If this is not a forking service than the
* main process got started and hence we copy
* the exit status so that it is recorded both
* as main and as control process exit
* status */
2011-01-20 18:46:38 +01:00
s - > main_command - > exec_status = s - > main_exec_status ;
2010-07-12 02:25:42 +02:00
2017-08-01 10:16:42 +02:00
if ( s - > main_command - > flags & EXEC_COMMAND_IGNORE_FAILURE )
2012-02-03 02:01:35 +01:00
f = SERVICE_SUCCESS ;
2013-01-14 21:05:17 +01:00
} else if ( s - > exec_command [ SERVICE_EXEC_START ] ) {
/* If this is a forked process, then we should
* ignore the return value if this was
* configured for the starter process */
2017-08-01 10:16:42 +02:00
if ( s - > exec_command [ SERVICE_EXEC_START ] - > flags & EXEC_COMMAND_IGNORE_FAILURE )
2013-01-14 21:05:17 +01:00
f = SERVICE_SUCCESS ;
2010-01-26 04:18:44 +01:00
}
2018-11-13 22:10:38 +01:00
unit_log_process_exit (
2019-08-21 16:20:59 +02:00
u ,
2018-11-13 22:10:38 +01:00
" Main process " ,
service_exec_command_to_string ( SERVICE_EXEC_START ) ,
2019-08-21 16:20:59 +02:00
f = = SERVICE_SUCCESS ,
2018-11-13 22:10:38 +01:00
code , status ) ;
2012-02-03 02:01:35 +01:00
core: remember first unit failure, not last unit failure
Previously, the result value of a unit was overriden with each failure that
took place, so that the result always reported the last failure that took
place.
With this commit this is changed, so that the first failure taking place is
stored instead. This should normally not matter much as multiple failures are
sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT
to a service due to a watchdog timeout, then this currently would be reported
as "coredump" failure, rather than the "watchodg" failure it really is. Hence,
in order to report information about the type of the failure, and not about
the effect of it, let's change this from all unit type to store the first, not
the last failure.
This addresses the issue pointed out here:
https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04 21:14:27 +02:00
if ( s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-01-26 04:18:44 +01:00
2011-01-20 18:46:38 +01:00
if ( s - > main_command & &
s - > main_command - > command_next & &
2017-08-25 15:36:10 +02:00
s - > type = = SERVICE_ONESHOT & &
2012-02-03 02:01:35 +01:00
f = = SERVICE_SUCCESS ) {
2010-01-26 04:18:44 +01:00
2010-08-13 18:23:01 +02:00
/* There is another command to *
* execute , so let ' s do that . */
2010-01-26 04:18:44 +01:00
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Running next main command for state %s. " , service_state_to_string ( s - > state ) ) ;
2012-02-03 02:01:35 +01:00
service_run_next_main ( s ) ;
2010-01-26 04:18:44 +01:00
2010-08-13 18:23:01 +02:00
} else {
/* The service exited, so the service is officially
* gone . */
2011-01-20 18:46:38 +01:00
s - > main_command = NULL ;
2010-08-13 18:23:01 +02:00
switch ( s - > state ) {
case SERVICE_START_POST :
case SERVICE_RELOAD :
case SERVICE_STOP :
/* Need to wait until the operation is
* done */
2010-06-04 21:23:00 +02:00
break ;
2010-01-30 02:07:35 +01:00
2010-08-13 18:23:01 +02:00
case SERVICE_START :
if ( s - > type = = SERVICE_ONESHOT ) {
/* This was our main goal, so let's go on */
2012-02-03 02:01:35 +01:00
if ( f = = SERVICE_SUCCESS )
2010-08-13 18:23:01 +02:00
service_enter_start_post ( s ) ;
else
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
2010-08-13 18:23:01 +02:00
break ;
2016-10-01 14:06:48 +02:00
} else if ( s - > type = = SERVICE_NOTIFY ) {
/* Only enter running through a notification, so that the
* SERVICE_START state signifies that no ready notification
* has been received */
if ( f ! = SERVICE_SUCCESS )
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
2017-10-02 16:35:27 +02:00
else if ( ! s - > remain_after_exit | | s - > notify_access = = NOTIFY_MAIN )
/* The service has never been and will never be active */
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_PROTOCOL ) ;
2016-10-01 14:06:48 +02:00
break ;
2010-08-13 18:23:01 +02:00
}
2010-01-26 04:18:44 +01:00
2017-11-19 19:06:10 +01:00
_fallthrough_ ;
2010-08-13 18:23:01 +02:00
case SERVICE_RUNNING :
2012-02-03 02:01:35 +01:00
service_enter_running ( s , f ) ;
2010-08-13 18:23:01 +02:00
break ;
2010-01-26 04:18:44 +01:00
2018-09-19 21:03:01 +02:00
case SERVICE_STOP_WATCHDOG :
2010-08-13 18:23:01 +02:00
case SERVICE_STOP_SIGTERM :
case SERVICE_STOP_SIGKILL :
2010-01-23 01:52:57 +01:00
2017-09-29 16:41:34 +02:00
if ( control_pid_good ( s ) < = 0 )
2012-02-03 02:01:35 +01:00
service_enter_stop_post ( s , f ) ;
2010-01-23 01:52:57 +01:00
2010-08-13 18:23:01 +02:00
/* If there is still a control process, wait for that first */
break ;
2013-12-18 04:19:20 +01:00
case SERVICE_STOP_POST :
2020-01-25 16:46:16 +01:00
if ( control_pid_good ( s ) < = 0 )
service_enter_signal ( s , SERVICE_FINAL_SIGTERM , f ) ;
break ;
2019-04-16 16:45:20 +02:00
case SERVICE_FINAL_WATCHDOG :
2013-12-18 04:19:20 +01:00
case SERVICE_FINAL_SIGTERM :
case SERVICE_FINAL_SIGKILL :
2017-09-29 16:41:34 +02:00
if ( control_pid_good ( s ) < = 0 )
2013-12-18 04:19:20 +01:00
service_enter_dead ( s , f , true ) ;
break ;
2010-08-13 18:23:01 +02:00
default :
assert_not_reached ( " Uh, main process died at wrong time. " ) ;
}
2010-01-26 04:18:44 +01:00
}
2010-01-23 01:52:57 +01:00
2010-01-26 04:18:44 +01:00
} else if ( s - > control_pid = = pid ) {
2010-08-13 18:23:01 +02:00
s - > control_pid = 0 ;
2019-06-29 02:02:30 +02:00
/* ExecCondition= calls that exit with (0, 254] should invoke skip-like behavior instead of failing */
if ( f = = SERVICE_FAILURE_EXIT_CODE & & s - > state = = SERVICE_CONDITION & & status < 255 )
f = SERVICE_SKIP_CONDITION ;
2010-07-12 02:25:42 +02:00
if ( s - > control_command ) {
2014-08-21 16:19:25 +02:00
exec_status_exit ( & s - > control_command - > exec_status , & s - > exec_context , pid , code , status ) ;
2010-04-21 03:27:44 +02:00
2017-08-01 10:16:42 +02:00
if ( s - > control_command - > flags & EXEC_COMMAND_IGNORE_FAILURE )
2012-02-03 02:01:35 +01:00
f = SERVICE_SUCCESS ;
2010-07-12 02:25:42 +02:00
}
2018-11-13 22:10:38 +01:00
unit_log_process_exit (
2019-08-21 16:20:59 +02:00
u ,
2018-11-13 22:10:38 +01:00
" Control process " ,
service_exec_command_to_string ( s - > control_command_id ) ,
2019-08-21 16:20:59 +02:00
f = = SERVICE_SUCCESS ,
2018-11-13 22:10:38 +01:00
code , status ) ;
2012-02-03 02:01:35 +01:00
2019-07-17 19:16:33 +02:00
if ( s - > state ! = SERVICE_RELOAD & & s - > result = = SERVICE_SUCCESS )
2012-02-03 02:01:35 +01:00
s - > result = f ;
2010-01-26 04:18:44 +01:00
2010-08-13 18:23:01 +02:00
if ( s - > control_command & &
s - > control_command - > command_next & &
2012-02-03 02:01:35 +01:00
f = = SERVICE_SUCCESS ) {
2010-01-26 04:18:44 +01:00
/* There is another command to *
* execute , so let ' s do that . */
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Running next control command for state %s. " , service_state_to_string ( s - > state ) ) ;
2012-02-03 02:01:35 +01:00
service_run_next_control ( s ) ;
2010-01-26 04:18:44 +01:00
2010-04-13 02:06:27 +02:00
} else {
2010-01-26 04:18:44 +01:00
/* No further commands for this step, so let's
* figure out what to do next */
2010-04-21 03:27:44 +02:00
s - > control_command = NULL ;
s - > control_command_id = _SERVICE_EXEC_COMMAND_INVALID ;
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_debug ( u , " Got final SIGCHLD for state %s. " , service_state_to_string ( s - > state ) ) ;
2010-01-27 05:32:31 +01:00
2010-01-26 04:18:44 +01:00
switch ( s - > state ) {
2019-06-29 02:02:30 +02:00
case SERVICE_CONDITION :
if ( f = = SERVICE_SUCCESS )
service_enter_start_pre ( s ) ;
else
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
break ;
2010-01-26 04:18:44 +01:00
case SERVICE_START_PRE :
2012-02-03 02:01:35 +01:00
if ( f = = SERVICE_SUCCESS )
2010-01-26 04:18:44 +01:00
service_enter_start ( s ) ;
else
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_START :
2012-09-17 14:55:56 +02:00
if ( s - > type ! = SERVICE_FORKING )
/* Maybe spurious event due to a reload that changed the type? */
break ;
2010-01-26 04:18:44 +01:00
2012-02-03 02:01:35 +01:00
if ( f ! = SERVICE_SUCCESS ) {
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
2011-12-03 02:13:30 +01:00
break ;
}
2010-01-26 04:18:44 +01:00
2011-12-03 02:13:30 +01:00
if ( s - > pid_file ) {
2012-02-03 02:01:35 +01:00
bool has_start_post ;
int r ;
2011-12-03 02:13:30 +01:00
/* Let's try to load the pid file here if we can.
* The PID file might actually be created by a START_POST
* script . In that case don ' t worry if the loading fails . */
2012-02-03 02:01:35 +01:00
2018-06-11 16:02:03 +02:00
has_start_post = s - > exec_command [ SERVICE_EXEC_START_POST ] ;
2012-02-03 02:01:35 +01:00
r = service_load_pid_file ( s , ! has_start_post ) ;
2011-12-03 02:13:30 +01:00
if ( ! has_start_post & & r < 0 ) {
r = service_demand_pid_file ( s ) ;
2017-09-29 16:41:34 +02:00
if ( r < 0 | | cgroup_good ( s ) = = 0 )
2016-12-06 13:30:28 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_PROTOCOL ) ;
2011-12-03 02:13:30 +01:00
break ;
}
2010-01-26 04:18:44 +01:00
} else
2016-04-09 03:09:11 +02:00
service_search_main_pid ( s ) ;
2010-01-26 04:18:44 +01:00
2011-12-03 02:13:30 +01:00
service_enter_start_post ( s ) ;
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_START_POST :
2012-02-03 02:01:35 +01:00
if ( f ! = SERVICE_SUCCESS ) {
2016-02-03 23:38:50 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
2011-12-03 21:34:34 +01:00
break ;
2010-01-26 04:18:44 +01:00
}
2011-12-03 21:34:34 +01:00
if ( s - > pid_file ) {
2012-02-03 02:01:35 +01:00
int r ;
r = service_load_pid_file ( s , true ) ;
2011-12-03 21:34:34 +01:00
if ( r < 0 ) {
r = service_demand_pid_file ( s ) ;
2017-09-29 16:41:34 +02:00
if ( r < 0 | | cgroup_good ( s ) = = 0 )
2016-11-22 17:39:56 +01:00
service_enter_stop ( s , SERVICE_FAILURE_PROTOCOL ) ;
2011-12-03 21:34:34 +01:00
break ;
}
} else
2016-04-09 03:09:11 +02:00
service_search_main_pid ( s ) ;
2011-12-03 21:34:34 +01:00
2012-02-03 02:01:35 +01:00
service_enter_running ( s , SERVICE_SUCCESS ) ;
2011-02-13 18:51:30 +01:00
break ;
2010-01-26 04:18:44 +01:00
case SERVICE_RELOAD :
2016-04-09 03:09:17 +02:00
if ( f = = SERVICE_SUCCESS )
if ( service_load_pid_file ( s , true ) < 0 )
service_search_main_pid ( s ) ;
2011-02-13 18:51:30 +01:00
2012-02-03 02:01:35 +01:00
s - > reload_result = f ;
service_enter_running ( s , SERVICE_SUCCESS ) ;
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_STOP :
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGTERM , f ) ;
2010-01-26 04:18:44 +01:00
break ;
2018-09-19 21:03:01 +02:00
case SERVICE_STOP_WATCHDOG :
2010-01-26 04:18:44 +01:00
case SERVICE_STOP_SIGTERM :
case SERVICE_STOP_SIGKILL :
if ( main_pid_good ( s ) < = 0 )
2012-02-03 02:01:35 +01:00
service_enter_stop_post ( s , f ) ;
2010-01-26 04:18:44 +01:00
2019-03-19 10:59:26 +01:00
/* If there is still a service process around, wait until
2010-01-26 04:18:44 +01:00
* that one quit , too */
break ;
case SERVICE_STOP_POST :
2020-01-25 16:46:16 +01:00
if ( main_pid_good ( s ) < = 0 )
service_enter_signal ( s , SERVICE_FINAL_SIGTERM , f ) ;
break ;
2019-04-16 16:45:20 +02:00
case SERVICE_FINAL_WATCHDOG :
2010-01-26 04:18:44 +01:00
case SERVICE_FINAL_SIGTERM :
case SERVICE_FINAL_SIGKILL :
2013-12-18 04:19:20 +01:00
if ( main_pid_good ( s ) < = 0 )
service_enter_dead ( s , f , true ) ;
2010-01-26 04:18:44 +01:00
break ;
2019-04-01 18:48:20 +02:00
case SERVICE_CLEANING :
if ( s - > clean_result = = SERVICE_SUCCESS )
s - > clean_result = f ;
service_enter_dead ( s , SERVICE_SUCCESS , false ) ;
break ;
2010-01-26 04:18:44 +01:00
default :
assert_not_reached ( " Uh, control process died at wrong time. " ) ;
}
}
2018-01-12 13:05:07 +01:00
} else /* Neither control nor main PID? If so, don't notify about anything */
notify_dbus = false ;
2010-08-20 02:26:05 +02:00
/* Notify clients about changed exit status */
2018-01-12 13:05:07 +01:00
if ( notify_dbus )
unit_add_to_dbus_queue ( u ) ;
2014-02-06 17:17:51 +01:00
2019-03-19 10:59:26 +01:00
/* We watch the main/control process otherwise we can't retrieve the unit they
* belong to with cgroupv1 . But if they are not our direct child , we won ' t get a
* SIGCHLD for them . Therefore we need to look for others to watch so we can
* detect when the cgroup becomes empty . Note that the control process is always
* our child so it ' s pointless to watch all other processes . */
if ( ! control_pid_good ( s ) )
if ( ! s - > main_pid_known | | s - > main_pid_alien )
( void ) unit_enqueue_rewatch_pids ( u ) ;
2010-01-26 04:18:44 +01:00
}
2013-11-19 21:12:59 +01:00
static int service_dispatch_timer ( sd_event_source * source , usec_t usec , void * userdata ) {
Service * s = SERVICE ( userdata ) ;
2010-01-26 04:18:44 +01:00
assert ( s ) ;
2013-11-19 21:12:59 +01:00
assert ( source = = s - > timer_event_source ) ;
2010-01-26 04:18:44 +01:00
switch ( s - > state ) {
2019-06-29 02:02:30 +02:00
case SERVICE_CONDITION :
2010-01-26 04:18:44 +01:00
case SERVICE_START_PRE :
case SERVICE_START :
case SERVICE_START_POST :
2019-04-16 16:45:20 +02:00
switch ( s - > timeout_start_failure_mode ) {
case SERVICE_TIMEOUT_TERMINATE :
log_unit_warning ( UNIT ( s ) , " %s operation timed out. Terminating. " , service_state_to_string ( s - > state ) ) ;
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_TIMEOUT ) ;
break ;
case SERVICE_TIMEOUT_ABORT :
log_unit_warning ( UNIT ( s ) , " %s operation timed out. Aborting. " , service_state_to_string ( s - > state ) ) ;
service_enter_signal ( s , SERVICE_STOP_WATCHDOG , SERVICE_FAILURE_TIMEOUT ) ;
break ;
case SERVICE_TIMEOUT_KILL :
if ( s - > kill_context . send_sigkill ) {
log_unit_warning ( UNIT ( s ) , " %s operation timed out. Killing. " , service_state_to_string ( s - > state ) ) ;
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
} else {
log_unit_warning ( UNIT ( s ) , " %s operation timed out. Skipping SIGKILL. " , service_state_to_string ( s - > state ) ) ;
service_enter_stop_post ( s , SERVICE_FAILURE_TIMEOUT ) ;
}
break ;
default :
assert_not_reached ( " unknown timeout mode " ) ;
}
2010-01-26 04:18:44 +01:00
break ;
core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
2016-02-01 21:48:10 +01:00
case SERVICE_RUNNING :
log_unit_warning ( UNIT ( s ) , " Service reached runtime time limit. Stopping. " ) ;
service_enter_stop ( s , SERVICE_FAILURE_TIMEOUT ) ;
break ;
2011-01-20 13:17:22 +01:00
case SERVICE_RELOAD :
2016-02-03 23:55:53 +01:00
log_unit_warning ( UNIT ( s ) , " Reload operation timed out. Killing reload process. " ) ;
2017-11-24 20:11:27 +01:00
service_kill_control_process ( s ) ;
2012-02-03 02:01:35 +01:00
s - > reload_result = SERVICE_FAILURE_TIMEOUT ;
service_enter_running ( s , SERVICE_SUCCESS ) ;
2011-01-20 13:17:22 +01:00
break ;
2010-01-26 04:18:44 +01:00
case SERVICE_STOP :
2019-04-16 16:45:20 +02:00
switch ( s - > timeout_stop_failure_mode ) {
case SERVICE_TIMEOUT_TERMINATE :
log_unit_warning ( UNIT ( s ) , " Stopping timed out. Terminating. " ) ;
service_enter_signal ( s , SERVICE_STOP_SIGTERM , SERVICE_FAILURE_TIMEOUT ) ;
break ;
case SERVICE_TIMEOUT_ABORT :
log_unit_warning ( UNIT ( s ) , " Stopping timed out. Aborting. " ) ;
service_enter_signal ( s , SERVICE_STOP_WATCHDOG , SERVICE_FAILURE_TIMEOUT ) ;
break ;
case SERVICE_TIMEOUT_KILL :
if ( s - > kill_context . send_sigkill ) {
log_unit_warning ( UNIT ( s ) , " Stopping timed out. Killing. " ) ;
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
} else {
log_unit_warning ( UNIT ( s ) , " Stopping timed out. Skipping SIGKILL. " ) ;
service_enter_stop_post ( s , SERVICE_FAILURE_TIMEOUT ) ;
}
break ;
default :
assert_not_reached ( " unknown timeout mode " ) ;
}
2010-01-26 04:18:44 +01:00
break ;
2018-09-19 21:03:01 +02:00
case SERVICE_STOP_WATCHDOG :
2019-04-16 16:45:20 +02:00
if ( s - > kill_context . send_sigkill ) {
log_unit_warning ( UNIT ( s ) , " State 'stop-watchdog' timed out. Killing. " ) ;
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
} else {
log_unit_warning ( UNIT ( s ) , " State 'stop-watchdog' timed out. Skipping SIGKILL. " ) ;
service_enter_stop_post ( s , SERVICE_FAILURE_TIMEOUT ) ;
}
2014-10-28 16:35:40 +01:00
break ;
2010-01-26 04:18:44 +01:00
case SERVICE_STOP_SIGTERM :
2019-04-16 16:45:20 +02:00
if ( s - > timeout_stop_failure_mode = = SERVICE_TIMEOUT_ABORT ) {
log_unit_warning ( UNIT ( s ) , " State 'stop-sigterm' timed out. Aborting. " ) ;
service_enter_signal ( s , SERVICE_STOP_WATCHDOG , SERVICE_FAILURE_TIMEOUT ) ;
} else if ( s - > kill_context . send_sigkill ) {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " State 'stop-sigterm' timed out. Killing. " ) ;
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_STOP_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
2011-01-18 22:55:54 +01:00
} else {
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " State 'stop-sigterm' timed out. Skipping SIGKILL. " ) ;
2012-02-03 02:01:35 +01:00
service_enter_stop_post ( s , SERVICE_FAILURE_TIMEOUT ) ;
2011-01-18 22:55:54 +01:00
}
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_STOP_SIGKILL :
2011-02-21 15:32:17 +01:00
/* Uh, we sent a SIGKILL and it is still not gone?
2010-01-26 04:18:44 +01:00
* Must be something we cannot kill , so let ' s just be
* weirded out and continue */
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " Processes still around after SIGKILL. Ignoring. " ) ;
2012-02-03 02:01:35 +01:00
service_enter_stop_post ( s , SERVICE_FAILURE_TIMEOUT ) ;
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_STOP_POST :
2019-04-16 16:45:20 +02:00
switch ( s - > timeout_stop_failure_mode ) {
case SERVICE_TIMEOUT_TERMINATE :
log_unit_warning ( UNIT ( s ) , " State 'stop-post' timed out. Terminating. " ) ;
service_enter_signal ( s , SERVICE_FINAL_SIGTERM , SERVICE_FAILURE_TIMEOUT ) ;
break ;
case SERVICE_TIMEOUT_ABORT :
log_unit_warning ( UNIT ( s ) , " State 'stop-post' timed out. Aborting. " ) ;
service_enter_signal ( s , SERVICE_FINAL_WATCHDOG , SERVICE_FAILURE_TIMEOUT ) ;
break ;
case SERVICE_TIMEOUT_KILL :
if ( s - > kill_context . send_sigkill ) {
log_unit_warning ( UNIT ( s ) , " State 'stop-post' timed out. Killing. " ) ;
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
} else {
log_unit_warning ( UNIT ( s ) , " State 'stop-post' timed out. Skipping SIGKILL. Entering failed mode. " ) ;
service_enter_dead ( s , SERVICE_FAILURE_TIMEOUT , false ) ;
}
break ;
default :
assert_not_reached ( " unknown timeout mode " ) ;
}
2010-01-26 04:18:44 +01:00
break ;
2019-04-16 16:45:20 +02:00
case SERVICE_FINAL_WATCHDOG :
2012-07-19 23:47:10 +02:00
if ( s - > kill_context . send_sigkill ) {
2019-04-16 16:45:20 +02:00
log_unit_warning ( UNIT ( s ) , " State 'final-watchdog' timed out. Killing. " ) ;
2012-02-03 02:01:35 +01:00
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
2011-01-18 22:55:54 +01:00
} else {
2019-04-16 16:45:20 +02:00
log_unit_warning ( UNIT ( s ) , " State 'final-watchdog' timed out. Skipping SIGKILL. Entering failed mode. " ) ;
service_enter_dead ( s , SERVICE_FAILURE_TIMEOUT , false ) ;
}
break ;
case SERVICE_FINAL_SIGTERM :
if ( s - > timeout_stop_failure_mode = = SERVICE_TIMEOUT_ABORT ) {
log_unit_warning ( UNIT ( s ) , " State 'final-sigterm' timed out. Aborting. " ) ;
service_enter_signal ( s , SERVICE_FINAL_WATCHDOG , SERVICE_FAILURE_TIMEOUT ) ;
} else if ( s - > kill_context . send_sigkill ) {
log_unit_warning ( UNIT ( s ) , " State 'final-sigterm' timed out. Killing. " ) ;
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , SERVICE_FAILURE_TIMEOUT ) ;
} else {
log_unit_warning ( UNIT ( s ) , " State 'final-sigterm' timed out. Skipping SIGKILL. Entering failed mode. " ) ;
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_TIMEOUT , false ) ;
2011-01-18 22:55:54 +01:00
}
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_FINAL_SIGKILL :
core,network: major per-object logging rework
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
2015-05-11 20:38:21 +02:00
log_unit_warning ( UNIT ( s ) , " Processes still around after final SIGKILL. Entering failed mode. " ) ;
2012-02-03 02:01:35 +01:00
service_enter_dead ( s , SERVICE_FAILURE_TIMEOUT , true ) ;
2010-01-26 04:18:44 +01:00
break ;
case SERVICE_AUTO_RESTART :
2018-03-23 14:43:52 +01:00
if ( s - > restart_usec > 0 ) {
char buf_restart [ FORMAT_TIMESPAN_MAX ] ;
2019-11-22 14:19:51 +01:00
log_unit_debug ( UNIT ( s ) ,
" Service RestartSec=%s expired, scheduling restart. " ,
format_timespan ( buf_restart , sizeof buf_restart , s - > restart_usec , USEC_PER_SEC ) ) ;
2018-03-23 14:43:52 +01:00
} else
2019-11-22 14:19:51 +01:00
log_unit_debug ( UNIT ( s ) ,
" Service has no hold-off time (RestartSec=0), scheduling restart. " ) ;
2018-03-23 14:43:52 +01:00
2010-01-26 04:18:44 +01:00
service_enter_restart ( s ) ;
break ;
2019-04-01 18:48:20 +02:00
case SERVICE_CLEANING :
log_unit_warning ( UNIT ( s ) , " Cleaning timed out. killing. " ) ;
if ( s - > clean_result = = SERVICE_SUCCESS )
s - > clean_result = SERVICE_FAILURE_TIMEOUT ;
service_enter_signal ( s , SERVICE_FINAL_SIGKILL , 0 ) ;
break ;
2010-01-26 04:18:44 +01:00
default :
assert_not_reached ( " Timeout at wrong time. " ) ;
}
2013-11-19 21:12:59 +01:00
return 0 ;
}
static int service_dispatch_watchdog ( sd_event_source * source , usec_t usec , void * userdata ) {
Service * s = SERVICE ( userdata ) ;
2013-12-27 23:14:24 +01:00
char t [ FORMAT_TIMESPAN_MAX ] ;
2016-06-22 13:26:05 +02:00
usec_t watchdog_usec ;
2013-11-19 21:12:59 +01:00
assert ( s ) ;
assert ( source = = s - > watchdog_event_source ) ;
2016-06-22 13:26:05 +02:00
watchdog_usec = service_get_watchdog_usec ( s ) ;
2017-03-20 13:10:43 +01:00
if ( UNIT ( s ) - > manager - > service_watchdogs ) {
log_unit_error ( UNIT ( s ) , " Watchdog timeout (limit %s)! " ,
format_timespan ( t , sizeof ( t ) , watchdog_usec , 1 ) ) ;
2014-08-21 16:19:25 +02:00
2018-09-19 21:03:01 +02:00
service_enter_signal ( s , SERVICE_STOP_WATCHDOG , SERVICE_FAILURE_WATCHDOG ) ;
2017-03-20 13:10:43 +01:00
} else
log_unit_warning ( UNIT ( s ) , " Watchdog disabled! Ignoring watchdog timeout (limit %s)! " ,
format_timespan ( t , sizeof ( t ) , watchdog_usec , 1 ) ) ;
2013-12-11 20:49:43 +01:00
2013-11-19 21:12:59 +01:00
return 0 ;
2010-01-23 01:52:57 +01:00
}
2020-05-10 18:38:08 +02:00
static bool service_notify_message_authorized ( Service * s , pid_t pid , FDSet * fds ) {
2017-11-13 17:48:50 +01:00
assert ( s ) ;
2010-06-16 05:10:31 +02:00
2010-06-18 23:12:48 +02:00
if ( s - > notify_access = = NOTIFY_NONE ) {
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception is disabled. " , pid ) ;
return false ;
}
if ( s - > notify_access = = NOTIFY_MAIN & & pid ! = s - > main_pid ) {
2014-02-14 02:04:09 +01:00
if ( s - > main_pid ! = 0 )
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception only permitted for main PID " PID_FMT , pid , s - > main_pid ) ;
2014-02-14 02:04:09 +01:00
else
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception only permitted for main PID which is currently not known " , pid ) ;
return false ;
}
if ( s - > notify_access = = NOTIFY_EXEC & & pid ! = s - > main_pid & & pid ! = s - > control_pid ) {
2016-11-24 10:56:32 +01:00
if ( s - > main_pid ! = 0 & & s - > control_pid ! = 0 )
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception only permitted for main PID " PID_FMT " and control PID " PID_FMT ,
2016-11-24 10:56:32 +01:00
pid , s - > main_pid , s - > control_pid ) ;
else if ( s - > main_pid ! = 0 )
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception only permitted for main PID " PID_FMT , pid , s - > main_pid ) ;
2016-11-24 10:56:32 +01:00
else if ( s - > control_pid ! = 0 )
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception only permitted for control PID " PID_FMT , pid , s - > control_pid ) ;
2016-11-24 10:56:32 +01:00
else
2017-11-13 17:48:50 +01:00
log_unit_warning ( UNIT ( s ) , " Got notification message from PID " PID_FMT " , but reception only permitted for main PID and control PID which are currently not known " , pid ) ;
return false ;
2017-11-13 17:44:00 +01:00
}
2017-11-13 17:48:50 +01:00
return true ;
}
2018-03-07 14:16:49 +01:00
static void service_force_watchdog ( Service * s ) {
if ( ! UNIT ( s ) - > manager - > service_watchdogs )
return ;
log_unit_error ( UNIT ( s ) , " Watchdog request (last status: %s)! " ,
s - > status_text ? s - > status_text : " <unset> " ) ;
service_enter_signal ( s , SERVICE_STOP_WATCHDOG , SERVICE_FAILURE_WATCHDOG ) ;
}
2018-01-05 12:20:22 +01:00
static void service_notify_message (
Unit * u ,
const struct ucred * ucred ,
2020-05-10 18:38:08 +02:00
char * const * tags ,
2018-01-05 12:20:22 +01:00
FDSet * fds ) {
2017-11-13 17:48:50 +01:00
Service * s = SERVICE ( u ) ;
bool notify_dbus = false ;
const char * e ;
2020-05-10 18:38:08 +02:00
char * const * i ;
2018-01-05 12:20:22 +01:00
int r ;
2017-11-13 17:48:50 +01:00
assert ( u ) ;
2018-01-05 12:20:22 +01:00
assert ( ucred ) ;
2017-11-13 17:48:50 +01:00
2020-05-10 18:38:08 +02:00
if ( ! service_notify_message_authorized ( SERVICE ( u ) , ucred - > pid , fds ) )
2017-11-13 17:48:50 +01:00
return ;
2017-12-15 11:09:00 +01:00
if ( DEBUG_LOGGING ) {
2017-11-13 17:44:00 +01:00
_cleanup_free_ char * cc = NULL ;
cc = strv_join ( tags , " , " ) ;
2018-01-05 12:20:22 +01:00
log_unit_debug ( u , " Got notification message from PID " PID_FMT " (%s) " , ucred - > pid , isempty ( cc ) ? " n/a " : cc ) ;
2017-11-13 17:44:00 +01:00
}
2010-06-18 23:12:48 +02:00
2010-06-16 05:10:31 +02:00
/* Interpret MAINPID= */
2014-08-21 16:22:34 +02:00
e = strv_find_startswith ( tags , " MAINPID= " ) ;
2014-07-07 17:03:34 +02:00
if ( e & & IN_SET ( s - > state , SERVICE_START , SERVICE_START_POST , SERVICE_RUNNING , SERVICE_RELOAD ) ) {
2018-01-05 12:20:22 +01:00
pid_t new_main_pid ;
if ( parse_pid ( e , & new_main_pid ) < 0 )
log_unit_warning ( u , " Failed to parse MAINPID= field in notification message, ignoring: %s " , e ) ;
else if ( ! s - > main_pid_known | | new_main_pid ! = s - > main_pid ) {
r = service_is_suitable_main_pid ( s , new_main_pid , LOG_WARNING ) ;
if ( r = = 0 ) {
2019-04-27 02:22:40 +02:00
/* The new main PID is a bit suspicious, which is OK if the sender is privileged. */
2018-01-05 12:20:22 +01:00
if ( ucred - > uid = = 0 ) {
log_unit_debug ( u , " New main PID " PID_FMT " does not belong to service, but we'll accept it as the request to change it came from a privileged process. " , new_main_pid ) ;
r = 1 ;
} else
log_unit_debug ( u , " New main PID " PID_FMT " does not belong to service, refusing. " , new_main_pid ) ;
}
if ( r > 0 ) {
service_set_main_pid ( s , new_main_pid ) ;
2018-10-16 13:47:23 +02:00
2019-03-18 20:59:36 +01:00
r = unit_watch_pid ( UNIT ( s ) , new_main_pid , false ) ;
2018-10-16 13:47:23 +02:00
if ( r < 0 )
log_unit_warning_errno ( UNIT ( s ) , r , " Failed to watch new main PID " PID_FMT " for service: %m " , new_main_pid ) ;
2018-01-05 12:20:22 +01:00
notify_dbus = true ;
}
2010-06-16 05:10:31 +02:00
}
}
2017-11-13 18:14:20 +01:00
/* Interpret READY=/STOPPING=/RELOADING=. Last one wins. */
STRV_FOREACH_BACKWARDS ( i , tags ) {
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
if ( streq ( * i , " READY=1 " ) ) {
s - > notify_state = NOTIFY_READY ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
/* Type=notify services inform us about completed
* initialization with READY = 1 */
if ( s - > type = = SERVICE_NOTIFY & & s - > state = = SERVICE_START )
service_enter_start_post ( s ) ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
/* Sending READY=1 while we are reloading informs us
* that the reloading is complete */
if ( s - > state = = SERVICE_RELOAD & & s - > control_pid = = 0 )
service_enter_running ( s , SERVICE_SUCCESS ) ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
notify_dbus = true ;
break ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
} else if ( streq ( * i , " RELOADING=1 " ) ) {
s - > notify_state = NOTIFY_RELOADING ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
if ( s - > state = = SERVICE_RUNNING )
service_enter_reload_by_notify ( s ) ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
notify_dbus = true ;
break ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
} else if ( streq ( * i , " STOPPING=1 " ) ) {
s - > notify_state = NOTIFY_STOPPING ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
if ( s - > state = = SERVICE_RUNNING )
service_enter_stop_by_notify ( s ) ;
2014-08-21 17:03:15 +02:00
2017-11-13 18:14:20 +01:00
notify_dbus = true ;
break ;
}
2010-06-16 05:10:31 +02:00
}
/* Interpret STATUS= */
2014-08-21 16:22:34 +02:00
e = strv_find_startswith ( tags , " STATUS= " ) ;
2012-03-12 22:22:16 +01:00
if ( e ) {
2014-08-21 16:22:34 +02:00
_cleanup_free_ char * t = NULL ;
2010-06-16 05:10:31 +02:00
2014-08-21 16:22:34 +02:00
if ( ! isempty ( e ) ) {
2018-10-17 18:37:48 +02:00
/* Note that this size limit check is mostly paranoia: since the datagram size we are willing
* to process is already limited to NOTIFY_BUFFER_MAX , this limit here should never be hit . */
if ( strlen ( e ) > STATUS_TEXT_MAX )
log_unit_warning ( u , " Status message overly long (%zu > %u), ignoring. " , strlen ( e ) , STATUS_TEXT_MAX ) ;
else if ( ! utf8_is_valid ( e ) )
log_unit_warning ( u , " Status message in notification message is not UTF-8 clean, ignoring. " ) ;
2014-08-21 16:22:34 +02:00
else {
t = strdup ( e ) ;
if ( ! t )
log_oom ( ) ;
2010-07-21 05:16:45 +02:00
}
2014-08-21 16:22:34 +02:00
}
2010-06-16 05:10:31 +02:00
2013-12-19 21:34:09 +01:00
if ( ! streq_ptr ( s - > status_text , t ) ) {
2016-10-17 01:23:35 +02:00
free_and_replace ( s - > status_text , t ) ;
2013-12-19 21:34:09 +01:00
notify_dbus = true ;
2014-08-21 16:22:34 +02:00
}
2010-06-16 05:10:31 +02:00
}
2013-12-11 20:49:43 +01:00
2014-07-07 14:20:36 +02:00
/* Interpret ERRNO= */
2014-08-21 16:22:34 +02:00
e = strv_find_startswith ( tags , " ERRNO= " ) ;
2014-07-07 14:20:36 +02:00
if ( e ) {
int status_errno ;
2017-11-27 16:53:03 +01:00
status_errno = parse_errno ( e ) ;
if ( status_errno < 0 )
log_unit_warning_errno ( u , status_errno ,
2018-10-19 18:40:42 +02:00
" Failed to parse ERRNO= field value '%s' in notification message: %m " , e ) ;
2017-11-27 16:53:03 +01:00
else if ( s - > status_errno ! = status_errno ) {
s - > status_errno = status_errno ;
notify_dbus = true ;
2014-07-07 14:20:36 +02:00
}
}
2017-12-14 12:17:43 +01:00
/* Interpret EXTEND_TIMEOUT= */
e = strv_find_startswith ( tags , " EXTEND_TIMEOUT_USEC= " ) ;
if ( e ) {
usec_t extend_timeout_usec ;
if ( safe_atou64 ( e , & extend_timeout_usec ) < 0 )
log_unit_warning ( u , " Failed to parse EXTEND_TIMEOUT_USEC=%s " , e ) ;
else
service_extend_timeout ( s , extend_timeout_usec ) ;
}
2014-03-14 21:13:38 +01:00
/* Interpret WATCHDOG= */
2018-03-07 14:16:49 +01:00
e = strv_find_startswith ( tags , " WATCHDOG= " ) ;
if ( e ) {
if ( streq ( e , " 1 " ) )
service_reset_watchdog ( s ) ;
else if ( streq ( e , " trigger " ) )
service_force_watchdog ( s ) ;
else
log_unit_warning ( u , " Passed WATCHDOG= field is invalid, ignoring. " ) ;
}
2010-08-20 02:26:05 +02:00
2017-11-13 18:06:09 +01:00
e = strv_find_startswith ( tags , " WATCHDOG_USEC= " ) ;
if ( e ) {
usec_t watchdog_override_usec ;
if ( safe_atou64 ( e , & watchdog_override_usec ) < 0 )
log_unit_warning ( u , " Failed to parse WATCHDOG_USEC=%s " , e ) ;
else
2018-10-24 19:03:04 +02:00
service_override_watchdog_timeout ( s , watchdog_override_usec ) ;
2017-11-13 18:06:09 +01:00
}
2017-11-13 18:26:04 +01:00
/* Process FD store messages. Either FDSTOREREMOVE=1 for removal, or FDSTORE=1 for addition. In both cases,
* process FDNAME = for picking the file descriptor name to use . Note that FDNAME = is required when removing
* fds , but optional when pushing in new fds , for compatibility reasons . */
if ( strv_find ( tags , " FDSTOREREMOVE=1 " ) ) {
const char * name ;
name = strv_find_startswith ( tags , " FDNAME= " ) ;
if ( ! name | | ! fdname_is_valid ( name ) )
log_unit_warning ( u , " FDSTOREREMOVE=1 requested, but no valid file descriptor name passed, ignoring. " ) ;
else
service_remove_fd_store ( s , name ) ;
} else if ( strv_find ( tags , " FDSTORE=1 " ) ) {
2015-10-04 17:36:19 +02:00
const char * name ;
name = strv_find_startswith ( tags , " FDNAME= " ) ;
if ( name & & ! fdname_is_valid ( name ) ) {
log_unit_warning ( u , " Passed FDNAME= name is invalid, ignoring. " ) ;
name = NULL ;
}
2020-04-08 20:19:30 +02:00
( void ) service_add_fd_store_set ( s , fds , name , ! strv_contains ( tags , " FDPOLL=0 " ) ) ;
2015-10-04 17:36:19 +02:00
}
2015-01-06 00:26:25 +01:00
2010-08-20 02:26:05 +02:00
/* Notify clients about changed status or main pid */
2013-12-19 21:34:09 +01:00
if ( notify_dbus )
unit_add_to_dbus_queue ( u ) ;
2010-06-16 05:10:31 +02:00
}
2016-02-04 00:35:43 +01:00
static int service_get_timeout ( Unit * u , usec_t * timeout ) {
2014-01-27 06:57:34 +01:00
Service * s = SERVICE ( u ) ;
2016-02-04 00:35:43 +01:00
uint64_t t ;
2014-01-27 06:57:34 +01:00
int r ;
if ( ! s - > timer_event_source )
return 0 ;
2016-02-04 00:35:43 +01:00
r = sd_event_source_get_time ( s - > timer_event_source , & t ) ;
2014-01-27 06:57:34 +01:00
if ( r < 0 )
return r ;
2016-02-04 00:35:43 +01:00
if ( t = = USEC_INFINITY )
return 0 ;
2014-01-27 06:57:34 +01:00
2016-02-04 00:35:43 +01:00
* timeout = t ;
2014-01-27 06:57:34 +01:00
return 1 ;
}
core: drop initial ListNames() bus call from PID 1
Previously, when first connecting to the bus after connecting to it we'd
issue a ListNames() bus call to the driver to figure out which bus names
are currently active. This information was then used to initialize the
initial state for services that use BusName=.
This change removes the whole code for this and replaces it with
something vastly simpler.
First of all, the ListNames() call was issues synchronosuly, which meant
if dbus was for some reason synchronously calling into PID1 for some
reason we'd deadlock. As it turns out there's now a good chance it does:
the nss-systemd userdb hookup means that any user dbus-daemon resolves
might result in a varlink call into PID 1, and dbus resolves quite a lot
of users while parsing its policy. My original goal was to fix this
deadlock.
But as it turns out we don't need the ListNames() call at all anymore,
since #12957 has been merged. That PR was supposed to fix a race where
asynchronous installation of bus matches would cause us missing the
initial owner of a bus name when a service is first started. It fixed it
(correctly) by enquiring with GetOwnerName() who currently owns the
name, right after installing the match. But this means whenever we start watching a bus name we anyway
issue a GetOwnerName() for it, and that means also when first connecting
to the bus we don't need to issue ListNames() anymore since that just
tells us the same info: which names are currently owned.
hence, let's drop ListNames() and instead make better use of the
GetOwnerName() result: if it failed the name is not owned.
Also, while we are at it, let's simplify the unit's owner_name_changed()
callback(): let's drop the "old_owner" argument. We never used that
besides logging, and it's hard to synthesize from just the return of a
GetOwnerName(), hence don't bother.
2019-12-23 17:31:34 +01:00
static void service_bus_name_owner_change ( Unit * u , const char * new_owner ) {
2010-04-15 23:16:16 +02:00
Service * s = SERVICE ( u ) ;
2013-11-19 21:12:59 +01:00
int r ;
2010-04-15 23:16:16 +02:00
assert ( s ) ;
core: drop initial ListNames() bus call from PID 1
Previously, when first connecting to the bus after connecting to it we'd
issue a ListNames() bus call to the driver to figure out which bus names
are currently active. This information was then used to initialize the
initial state for services that use BusName=.
This change removes the whole code for this and replaces it with
something vastly simpler.
First of all, the ListNames() call was issues synchronosuly, which meant
if dbus was for some reason synchronously calling into PID1 for some
reason we'd deadlock. As it turns out there's now a good chance it does:
the nss-systemd userdb hookup means that any user dbus-daemon resolves
might result in a varlink call into PID 1, and dbus resolves quite a lot
of users while parsing its policy. My original goal was to fix this
deadlock.
But as it turns out we don't need the ListNames() call at all anymore,
since #12957 has been merged. That PR was supposed to fix a race where
asynchronous installation of bus matches would cause us missing the
initial owner of a bus name when a service is first started. It fixed it
(correctly) by enquiring with GetOwnerName() who currently owns the
name, right after installing the match. But this means whenever we start watching a bus name we anyway
issue a GetOwnerName() for it, and that means also when first connecting
to the bus we don't need to issue ListNames() anymore since that just
tells us the same info: which names are currently owned.
hence, let's drop ListNames() and instead make better use of the
GetOwnerName() result: if it failed the name is not owned.
Also, while we are at it, let's simplify the unit's owner_name_changed()
callback(): let's drop the "old_owner" argument. We never used that
besides logging, and it's hard to synthesize from just the return of a
GetOwnerName(), hence don't bother.
2019-12-23 17:31:34 +01:00
if ( new_owner )
log_unit_debug ( u , " D-Bus name %s now owned by %s " , s - > bus_name , new_owner ) ;
2010-04-15 23:16:16 +02:00
else
core: drop initial ListNames() bus call from PID 1
Previously, when first connecting to the bus after connecting to it we'd
issue a ListNames() bus call to the driver to figure out which bus names
are currently active. This information was then used to initialize the
initial state for services that use BusName=.
This change removes the whole code for this and replaces it with
something vastly simpler.
First of all, the ListNames() call was issues synchronosuly, which meant
if dbus was for some reason synchronously calling into PID1 for some
reason we'd deadlock. As it turns out there's now a good chance it does:
the nss-systemd userdb hookup means that any user dbus-daemon resolves
might result in a varlink call into PID 1, and dbus resolves quite a lot
of users while parsing its policy. My original goal was to fix this
deadlock.
But as it turns out we don't need the ListNames() call at all anymore,
since #12957 has been merged. That PR was supposed to fix a race where
asynchronous installation of bus matches would cause us missing the
initial owner of a bus name when a service is first started. It fixed it
(correctly) by enquiring with GetOwnerName() who currently owns the
name, right after installing the match. But this means whenever we start watching a bus name we anyway
issue a GetOwnerName() for it, and that means also when first connecting
to the bus we don't need to issue ListNames() anymore since that just
tells us the same info: which names are currently owned.
hence, let's drop ListNames() and instead make better use of the
GetOwnerName() result: if it failed the name is not owned.
Also, while we are at it, let's simplify the unit's owner_name_changed()
callback(): let's drop the "old_owner" argument. We never used that
besides logging, and it's hard to synthesize from just the return of a
GetOwnerName(), hence don't bother.
2019-12-23 17:31:34 +01:00
log_unit_debug ( u , " D-Bus name %s now not owned by anyone. " , s - > bus_name ) ;
2010-04-15 23:16:16 +02:00
s - > bus_name_good = ! ! new_owner ;
core: fix bus name synchronization after daemon-reload
During daemon-reload, PID1 temporarly loses its DBus connection, so there's
a small window in which all signals sent by dbus-daemon are lost.
This is a problem, since we rely on the NameOwnerChanged signals in order to
consider a service with Type=dbus fully started or terminated, respectively.
In order to fix this, a rewrite of bus_list_names() is necessary. We used
to walk the current list of names on the bus, and blindly triggered the
bus_name_owner_change() callback on each service, providing the actual name
as current owner. This implementation has a number of problems:
* We cannot detect if the the name was moved from one owner to the other
while we were reloading
* We don't notify services which missed the name loss signal
* Providing the actual name as current owner is a hack, as the comment also
admits.
To fix this, this patch carries the following changes:
* Track the name of the current bus name owner, and (de-)serialize it
during reload. This way, we can detect changes.
* In bus_list_names(), walk the list of bus names we're interested in
first, and then see if the name is active on the bus. If it is,
check it it's still the same as it used to be, and synthesize
NameOwnerChanged signals for the name add and/or loss.
This should fully synchronize the current name list with the internal
state of all services.
2015-12-18 17:28:15 +01:00
/* Track the current owner, so we can reconstruct changes after a daemon reload */
r = free_and_strdup ( & s - > bus_name_owner , new_owner ) ;
if ( r < 0 ) {
log_unit_error_errno ( u , r , " Unable to set new bus name owner %s: %m " , new_owner ) ;
return ;
}
2010-04-15 23:16:16 +02:00
if ( s - > type = = SERVICE_DBUS ) {
/* service_enter_running() will figure out what to
* do */
if ( s - > state = = SERVICE_RUNNING )
2012-02-03 02:01:35 +01:00
service_enter_running ( s , SERVICE_SUCCESS ) ;
2010-04-15 23:16:16 +02:00
else if ( s - > state = = SERVICE_START & & new_owner )
service_enter_start_post ( s ) ;
} else if ( new_owner & &
s - > main_pid < = 0 & &
2017-09-25 17:17:30 +02:00
IN_SET ( s - > state ,
SERVICE_START ,
SERVICE_START_POST ,
SERVICE_RUNNING ,
SERVICE_RELOAD ) ) {
2010-04-15 23:16:16 +02:00
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy
GLIB has recently started to officially support the gcc cleanup
attribute in its public API, hence let's do the same for our APIs.
With this patch we'll define an xyz_unrefp() call for each public
xyz_unref() call, to make it easy to use inside a
__attribute__((cleanup())) expression. Then, all code is ported over to
make use of this.
The new calls are also documented in the man pages, with examples how to
use them (well, I only added docs where the _unref() call itself already
had docs, and the examples, only cover sd_bus_unrefp() and
sd_event_unrefp()).
This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we
tend to call our destructors these days.
Note that this defines no public macro that wraps gcc's attribute and
makes it easier to use. While I think it's our duty in the library to
make our stuff easy to use, I figure it's not our duty to make gcc's own
features easy to use on its own. Most likely, client code which wants to
make use of this should define its own:
#define _cleanup_(function) __attribute__((cleanup(function)))
Or similar, to make the gcc feature easier to use.
Making this logic public has the benefit that we can remove three header
files whose only purpose was to define these functions internally.
See #2008.
2015-11-27 19:13:45 +01:00
_cleanup_ ( sd_bus_creds_unrefp ) sd_bus_creds * creds = NULL ;
2013-11-19 21:12:59 +01:00
pid_t pid ;
2010-04-15 23:16:16 +02:00
2013-11-19 21:12:59 +01:00
/* Try to acquire PID from bus service */
2010-04-15 23:16:16 +02:00
2019-07-11 18:13:46 +02:00
r = sd_bus_get_name_creds ( u - > manager - > api_bus , s - > bus_name , SD_BUS_CREDS_PID , & creds ) ;
2013-11-28 17:50:02 +01:00
if ( r > = 0 )
r = sd_bus_creds_get_pid ( creds , & pid ) ;
2013-11-19 21:12:59 +01:00
if ( r > = 0 ) {
2019-07-11 18:13:46 +02:00
log_unit_debug ( u , " D-Bus name %s is now owned by process " PID_FMT , s - > bus_name , pid ) ;
2010-04-15 23:16:16 +02:00
2013-11-19 21:12:59 +01:00
service_set_main_pid ( s , pid ) ;
2019-03-18 20:59:36 +01:00
unit_watch_pid ( UNIT ( s ) , pid , false ) ;
2013-11-19 21:12:59 +01:00
}
2013-10-01 05:06:56 +02:00
}
2010-04-15 23:16:16 +02:00
}
2014-07-24 10:40:28 +02:00
int service_set_socket_fd ( Service * s , int fd , Socket * sock , bool selinux_context_net ) {
2013-12-24 21:18:21 +01:00
_cleanup_free_ char * peer = NULL ;
int r ;
2012-01-06 23:08:54 +01:00
2010-04-15 06:19:54 +02:00
assert ( s ) ;
assert ( fd > = 0 ) ;
2016-04-28 16:51:30 +02:00
/* This is called by the socket code when instantiating a new service for a stream socket and the socket needs
* to be configured . We take ownership of the passed fd on success . */
2010-04-15 06:19:54 +02:00
2012-01-15 12:25:20 +01:00
if ( UNIT ( s ) - > load_state ! = UNIT_LOADED )
2010-04-15 06:19:54 +02:00
return - EINVAL ;
if ( s - > socket_fd > = 0 )
return - EBUSY ;
if ( s - > state ! = SERVICE_DEAD )
return - EAGAIN ;
2015-12-01 18:29:59 +01:00
if ( getpeername_pretty ( fd , true , & peer ) > = 0 ) {
2013-12-24 21:18:21 +01:00
if ( UNIT ( s ) - > description ) {
_cleanup_free_ char * a ;
2016-10-23 17:43:27 +02:00
a = strjoin ( UNIT ( s ) - > description , " ( " , peer , " ) " ) ;
2013-12-24 21:18:21 +01:00
if ( ! a )
return - ENOMEM ;
r = unit_set_description ( UNIT ( s ) , a ) ;
} else
r = unit_set_description ( UNIT ( s ) , peer ) ;
if ( r < 0 )
return r ;
}
core: track why unit dependencies came to be
This replaces the dependencies Set* objects by Hashmap* objects, where
the key is the depending Unit, and the value is a bitmask encoding why
the specific dependency was created.
The bitmask contains a number of different, defined bits, that indicate
why dependencies exist, for example whether they are created due to
explicitly configured deps in files, by udev rules or implicitly.
Note that memory usage is not increased by this change, even though we
store more information, as we manage to encode the bit mask inside the
value pointer each Hashmap entry contains.
Why this all? When we know how a dependency came to be, we can update
dependencies correctly when a configuration source changes but others
are left unaltered. Specifically:
1. We can fix UDEV_WANTS dependency generation: so far we kept adding
dependencies configured that way, but if a device lost such a
dependency we couldn't them again as there was no scheme for removing
of dependencies in place.
2. We can implement "pin-pointed" reload of unit files. If we know what
dependencies were created as result of configuration in a unit file,
then we know what to flush out when we want to reload it.
3. It's useful for debugging: "systemd-analyze dump" now shows
this information, helping substantially with understanding how
systemd's dependency tree came to be the way it came to be.
2017-10-25 20:46:01 +02:00
r = unit_add_two_dependencies ( UNIT ( sock ) , UNIT_BEFORE , UNIT_TRIGGERS , UNIT ( s ) , false , UNIT_DEPENDENCY_IMPLICIT ) ;
2016-04-28 16:51:30 +02:00
if ( r < 0 )
return r ;
2010-04-15 06:19:54 +02:00
s - > socket_fd = fd ;
2014-07-24 10:40:28 +02:00
s - > socket_fd_selinux_context_net = selinux_context_net ;
2010-06-19 04:25:28 +02:00
2018-02-13 13:12:43 +01:00
unit_ref_set ( & s - > accept_socket , UNIT ( s ) , UNIT ( sock ) ) ;
2016-04-28 16:51:30 +02:00
return 0 ;
2010-04-15 06:19:54 +02:00
}
2010-08-31 00:23:34 +02:00
static void service_reset_failed ( Unit * u ) {
2010-07-18 04:58:01 +02:00
Service * s = SERVICE ( u ) ;
assert ( s ) ;
2010-08-31 00:23:34 +02:00
if ( s - > state = = SERVICE_FAILED )
2010-07-18 04:58:01 +02:00
service_set_state ( s , SERVICE_DEAD ) ;
2012-02-03 02:01:35 +01:00
s - > result = SERVICE_SUCCESS ;
s - > reload_result = SERVICE_SUCCESS ;
2019-04-01 18:48:20 +02:00
s - > clean_result = SERVICE_SUCCESS ;
2017-08-09 21:12:55 +02:00
s - > n_restarts = 0 ;
s - > flush_n_restarts = false ;
2010-07-18 04:58:01 +02:00
}
2013-11-19 21:12:59 +01:00
static int service_kill ( Unit * u , KillWho who , int signo , sd_bus_error * error ) {
2010-10-22 16:11:50 +02:00
Service * s = SERVICE ( u ) ;
2013-08-09 16:40:57 +02:00
2017-09-25 17:17:30 +02:00
assert ( s ) ;
2013-03-02 22:31:09 +01:00
return unit_kill_common ( u , who , signo , s - > main_pid , s - > control_pid , error ) ;
2010-10-22 16:11:50 +02:00
}
2016-04-20 15:28:28 +02:00
static int service_main_pid ( Unit * u ) {
Service * s = SERVICE ( u ) ;
assert ( s ) ;
return s - > main_pid ;
}
static int service_control_pid ( Unit * u ) {
Service * s = SERVICE ( u ) ;
assert ( s ) ;
return s - > control_pid ;
}
2018-01-24 19:54:26 +01:00
static bool service_needs_console ( Unit * u ) {
Service * s = SERVICE ( u ) ;
assert ( s ) ;
/* We provide our own implementation of this here, instead of relying of the generic implementation
* unit_needs_console ( ) provides , since we want to return false if we are in SERVICE_EXITED state . */
if ( ! exec_context_may_touch_console ( & s - > exec_context ) )
return false ;
return IN_SET ( s - > state ,
2019-06-29 02:02:30 +02:00
SERVICE_CONDITION ,
2018-01-24 19:54:26 +01:00
SERVICE_START_PRE ,
SERVICE_START ,
SERVICE_START_POST ,
SERVICE_RUNNING ,
SERVICE_RELOAD ,
SERVICE_STOP ,
2018-09-19 21:03:01 +02:00
SERVICE_STOP_WATCHDOG ,
2018-01-24 19:54:26 +01:00
SERVICE_STOP_SIGTERM ,
SERVICE_STOP_SIGKILL ,
SERVICE_STOP_POST ,
2019-04-16 16:45:20 +02:00
SERVICE_FINAL_WATCHDOG ,
2018-01-24 19:54:26 +01:00
SERVICE_FINAL_SIGTERM ,
SERVICE_FINAL_SIGKILL ) ;
}
2018-11-16 11:41:18 +01:00
static int service_exit_status ( Unit * u ) {
Service * s = SERVICE ( u ) ;
assert ( u ) ;
if ( s - > main_exec_status . pid < = 0 | |
! dual_timestamp_is_set ( & s - > main_exec_status . exit_timestamp ) )
return - ENODATA ;
if ( s - > main_exec_status . code ! = CLD_EXITED )
return - EBADE ;
return s - > main_exec_status . status ;
}
2019-04-01 18:48:20 +02:00
static int service_clean ( Unit * u , ExecCleanMask mask ) {
_cleanup_strv_free_ char * * l = NULL ;
Service * s = SERVICE ( u ) ;
int r ;
assert ( s ) ;
assert ( mask ! = 0 ) ;
if ( s - > state ! = SERVICE_DEAD )
return - EBUSY ;
r = exec_context_get_clean_directories ( & s - > exec_context , u - > manager - > prefix , mask , & l ) ;
if ( r < 0 )
return r ;
if ( strv_isempty ( l ) )
return - EUNATCH ;
service_unwatch_control_pid ( s ) ;
s - > clean_result = SERVICE_SUCCESS ;
s - > control_command = NULL ;
s - > control_command_id = _SERVICE_EXEC_COMMAND_INVALID ;
2019-08-25 10:47:57 +02:00
r = service_arm_timer ( s , usec_add ( now ( CLOCK_MONOTONIC ) , s - > exec_context . timeout_clean_usec ) ) ;
2019-04-01 18:48:20 +02:00
if ( r < 0 )
goto fail ;
2019-08-25 10:57:08 +02:00
r = unit_fork_and_watch_rm_rf ( u , l , & s - > control_pid ) ;
2019-04-01 18:48:20 +02:00
if ( r < 0 )
goto fail ;
service_set_state ( s , SERVICE_CLEANING ) ;
return 0 ;
fail :
2019-08-25 10:57:08 +02:00
log_unit_warning_errno ( u , r , " Failed to initiate cleaning: %m " ) ;
2019-04-01 18:48:20 +02:00
s - > clean_result = SERVICE_FAILURE_RESOURCES ;
s - > timer_event_source = sd_event_source_unref ( s - > timer_event_source ) ;
return r ;
}
static int service_can_clean ( Unit * u , ExecCleanMask * ret ) {
Service * s = SERVICE ( u ) ;
assert ( s ) ;
return exec_context_get_clean_mask ( & s - > exec_context , ret ) ;
}
2020-03-05 17:24:19 +01:00
static const char * service_finished_job ( Unit * u , JobType t , JobResult result ) {
if ( t = = JOB_START & & result = = JOB_DONE ) {
Service * s = SERVICE ( u ) ;
if ( s - > type = = SERVICE_ONESHOT )
return " Finished %s. " ;
}
/* Fall back to generic */
return NULL ;
}
2010-01-30 01:55:42 +01:00
static const char * const service_restart_table [ _SERVICE_RESTART_MAX ] = {
2010-10-05 20:30:44 +02:00
[ SERVICE_RESTART_NO ] = " no " ,
[ SERVICE_RESTART_ON_SUCCESS ] = " on-success " ,
2010-10-08 18:34:54 +02:00
[ SERVICE_RESTART_ON_FAILURE ] = " on-failure " ,
2014-06-05 18:42:52 +02:00
[ SERVICE_RESTART_ON_ABNORMAL ] = " on-abnormal " ,
2013-07-25 14:07:59 +02:00
[ SERVICE_RESTART_ON_WATCHDOG ] = " on-watchdog " ,
2010-10-08 18:34:54 +02:00
[ SERVICE_RESTART_ON_ABORT ] = " on-abort " ,
2014-06-05 18:42:52 +02:00
[ SERVICE_RESTART_ALWAYS ] = " always " ,
2010-01-30 01:55:42 +01:00
} ;
DEFINE_STRING_TABLE_LOOKUP ( service_restart , ServiceRestart ) ;
static const char * const service_type_table [ _SERVICE_TYPE_MAX ] = {
[ SERVICE_SIMPLE ] = " simple " ,
2010-07-01 19:39:35 +02:00
[ SERVICE_FORKING ] = " forking " ,
2010-08-13 18:23:01 +02:00
[ SERVICE_ONESHOT ] = " oneshot " ,
2010-06-16 05:10:31 +02:00
[ SERVICE_DBUS ] = " dbus " ,
2012-04-24 14:28:00 +02:00
[ SERVICE_NOTIFY ] = " notify " ,
2018-07-17 11:47:14 +02:00
[ SERVICE_IDLE ] = " idle " ,
[ SERVICE_EXEC ] = " exec " ,
2010-01-30 01:55:42 +01:00
} ;
DEFINE_STRING_TABLE_LOOKUP ( service_type , ServiceType ) ;
2010-04-10 17:53:17 +02:00
static const char * const service_exec_command_table [ _SERVICE_EXEC_COMMAND_MAX ] = {
2019-06-29 02:02:30 +02:00
[ SERVICE_EXEC_CONDITION ] = " ExecCondition " ,
2010-01-30 01:55:42 +01:00
[ SERVICE_EXEC_START_PRE ] = " ExecStartPre " ,
[ SERVICE_EXEC_START ] = " ExecStart " ,
[ SERVICE_EXEC_START_POST ] = " ExecStartPost " ,
[ SERVICE_EXEC_RELOAD ] = " ExecReload " ,
[ SERVICE_EXEC_STOP ] = " ExecStop " ,
[ SERVICE_EXEC_STOP_POST ] = " ExecStopPost " ,
} ;
DEFINE_STRING_TABLE_LOOKUP ( service_exec_command , ServiceExecCommand ) ;
2019-02-20 23:53:58 +01:00
static const char * const service_exec_ex_command_table [ _SERVICE_EXEC_COMMAND_MAX ] = {
2019-08-21 02:39:38 +02:00
[ SERVICE_EXEC_CONDITION ] = " ExecConditionEx " ,
2019-02-20 23:53:58 +01:00
[ SERVICE_EXEC_START_PRE ] = " ExecStartPreEx " ,
[ SERVICE_EXEC_START ] = " ExecStartEx " ,
[ SERVICE_EXEC_START_POST ] = " ExecStartPostEx " ,
2019-08-21 02:39:38 +02:00
[ SERVICE_EXEC_RELOAD ] = " ExecReloadEx " ,
[ SERVICE_EXEC_STOP ] = " ExecStopEx " ,
[ SERVICE_EXEC_STOP_POST ] = " ExecStopPostEx " ,
2019-02-20 23:53:58 +01:00
} ;
DEFINE_STRING_TABLE_LOOKUP ( service_exec_ex_command , ServiceExecCommand ) ;
2014-08-21 17:03:15 +02:00
static const char * const notify_state_table [ _NOTIFY_STATE_MAX ] = {
[ NOTIFY_UNKNOWN ] = " unknown " ,
[ NOTIFY_READY ] = " ready " ,
[ NOTIFY_RELOADING ] = " reloading " ,
[ NOTIFY_STOPPING ] = " stopping " ,
} ;
DEFINE_STRING_TABLE_LOOKUP ( notify_state , NotifyState ) ;
2012-02-03 02:01:35 +01:00
static const char * const service_result_table [ _SERVICE_RESULT_MAX ] = {
[ SERVICE_SUCCESS ] = " success " ,
[ SERVICE_FAILURE_RESOURCES ] = " resources " ,
2016-11-22 17:39:56 +01:00
[ SERVICE_FAILURE_PROTOCOL ] = " protocol " ,
2012-02-03 02:01:35 +01:00
[ SERVICE_FAILURE_TIMEOUT ] = " timeout " ,
[ SERVICE_FAILURE_EXIT_CODE ] = " exit-code " ,
[ SERVICE_FAILURE_SIGNAL ] = " signal " ,
2012-02-08 10:10:34 +01:00
[ SERVICE_FAILURE_CORE_DUMP ] = " core-dump " ,
2012-08-22 05:02:33 +02:00
[ SERVICE_FAILURE_WATCHDOG ] = " watchdog " ,
core: move enforcement of the start limit into per-unit-type code again
Let's move the enforcement of the per-unit start limit from unit.c into the
type-specific files again. For unit types that know a concept of "result" codes
this allows us to hook up the start limit condition to it with an explicit
result code. Also, this makes sure that the state checks in clal like
service_start() may be done before the start limit is checked, as the start
limit really should be checked last, right before everything has been verified
to be in order.
The generic start limit logic is left in unit.c, but the invocation of it is
moved into the per-type files, in the various xyz_start() functions, so that
they may place the check at the right location.
Note that this change drops the enforcement entirely from device, slice, target
and scope units, since these unit types generally may not fail activation, or
may only be activated a single time. This is also documented now.
Note that restores the "start-limit-hit" result code that existed before
6bf0f408e4833152197fb38fb10a9989c89f3a59 already in the service code. However,
it's not introduced for all units that have a result code concept.
Fixes #3166.
2016-05-02 13:01:26 +02:00
[ SERVICE_FAILURE_START_LIMIT_HIT ] = " start-limit-hit " ,
2019-03-19 19:05:19 +01:00
[ SERVICE_FAILURE_OOM_KILL ] = " oom-kill " ,
2019-06-29 02:02:30 +02:00
[ SERVICE_SKIP_CONDITION ] = " exec-condition " ,
2012-02-03 02:01:35 +01:00
} ;
DEFINE_STRING_TABLE_LOOKUP ( service_result , ServiceResult ) ;
2019-04-16 16:45:20 +02:00
static const char * const service_timeout_failure_mode_table [ _SERVICE_TIMEOUT_FAILURE_MODE_MAX ] = {
[ SERVICE_TIMEOUT_TERMINATE ] = " terminate " ,
[ SERVICE_TIMEOUT_ABORT ] = " abort " ,
[ SERVICE_TIMEOUT_KILL ] = " kill " ,
} ;
DEFINE_STRING_TABLE_LOOKUP ( service_timeout_failure_mode , ServiceTimeoutFailureMode ) ;
2010-01-26 21:39:06 +01:00
const UnitVTable service_vtable = {
2012-01-15 10:53:49 +01:00
. object_size = sizeof ( Service ) ,
2013-11-19 21:12:59 +01:00
. exec_context_offset = offsetof ( Service , exec_context ) ,
. cgroup_context_offset = offsetof ( Service , cgroup_context ) ,
. kill_context_offset = offsetof ( Service , kill_context ) ,
2013-11-27 20:23:18 +01:00
. exec_runtime_offset = offsetof ( Service , exec_runtime ) ,
2016-07-14 12:37:28 +02:00
. dynamic_creds_offset = offsetof ( Service , dynamic_creds ) ,
2012-09-18 11:40:01 +02:00
2011-08-01 00:43:05 +02:00
. sections =
" Unit \0 "
" Service \0 "
" Install \0 " ,
2013-06-27 04:14:27 +02:00
. private_section = " Service " ,
2013-01-19 01:01:41 +01:00
2018-02-06 11:57:35 +01:00
. can_transient = true ,
. can_delegate = true ,
2020-01-07 11:48:57 +01:00
. can_fail = true ,
2018-02-06 11:57:35 +01:00
2010-01-26 04:18:44 +01:00
. init = service_init ,
. done = service_done ,
2010-04-21 03:27:44 +02:00
. load = service_load ,
2015-01-06 00:26:25 +01:00
. release_resources = service_release_resources ,
2010-04-21 03:27:44 +02:00
. coldplug = service_coldplug ,
2010-01-26 04:18:44 +01:00
2010-01-23 01:52:57 +01:00
. dump = service_dump ,
. start = service_start ,
. stop = service_stop ,
. reload = service_reload ,
2010-01-26 04:18:44 +01:00
. can_reload = service_can_reload ,
2010-10-22 16:11:50 +02:00
. kill = service_kill ,
2019-04-01 18:48:20 +02:00
. clean = service_clean ,
. can_clean = service_can_clean ,
2010-10-22 16:11:50 +02:00
2020-04-29 17:53:43 +02:00
. freeze = unit_freeze_vtable_common ,
. thaw = unit_thaw_vtable_common ,
2010-04-21 03:27:44 +02:00
. serialize = service_serialize ,
. deserialize_item = service_deserialize_item ,
2010-01-23 01:52:57 +01:00
. active_state = service_active_state ,
2010-04-13 20:59:01 +02:00
. sub_state_to_string = service_sub_state_to_string ,
2010-01-23 01:52:57 +01:00
2017-12-05 16:51:19 +01:00
. will_restart = service_will_restart ,
2018-02-13 10:50:13 +01:00
. may_gc = service_may_gc ,
2010-04-21 06:01:13 +02:00
2010-01-26 04:18:44 +01:00
. sigchld_event = service_sigchld_event ,
2010-02-14 01:09:01 +01:00
2010-08-31 00:23:34 +02:00
. reset_failed = service_reset_failed ,
2010-07-18 04:58:01 +02:00
2013-06-27 04:14:27 +02:00
. notify_cgroup_empty = service_notify_cgroup_empty_event ,
2019-03-19 19:05:19 +01:00
. notify_cgroup_oom = service_notify_cgroup_oom_event ,
2010-06-16 05:10:31 +02:00
. notify_message = service_notify_message ,
2010-03-31 16:29:55 +02:00
2016-04-20 15:28:28 +02:00
. main_pid = service_main_pid ,
. control_pid = service_control_pid ,
2010-04-15 23:16:16 +02:00
. bus_name_owner_change = service_bus_name_owner_change ,
2013-06-27 23:21:21 +02:00
. bus_set_property = bus_service_set_property ,
. bus_commit_properties = bus_service_commit_properties ,
2010-04-18 03:08:16 +02:00
2014-01-27 06:57:34 +01:00
. get_timeout = service_get_timeout ,
2018-01-24 19:54:26 +01:00
. needs_console = service_needs_console ,
2018-11-16 11:41:18 +01:00
. exit_status = service_exit_status ,
2013-11-19 21:12:59 +01:00
2012-05-13 18:18:54 +02:00
. status_message_formats = {
. starting_stopping = {
[ 0 ] = " Starting %s... " ,
[ 1 ] = " Stopping %s... " ,
} ,
. finished_start_job = {
[ JOB_FAILED ] = " Failed to start %s. " ,
2019-06-29 02:02:30 +02:00
[ JOB_SKIPPED ] = " Skipped %s. " ,
2012-05-13 18:18:54 +02:00
} ,
. finished_stop_job = {
[ JOB_DONE ] = " Stopped %s. " ,
[ JOB_FAILED ] = " Stopped (with error) %s. " ,
} ,
2020-03-05 17:24:19 +01:00
. finished_job = service_finished_job ,
2012-05-13 18:18:54 +02:00
} ,
2010-01-23 01:52:57 +01:00
} ;
