2017-11-18 17:09:20 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
2012-07-18 19:07:51 +02:00
|
|
|
#pragma once
|
2010-01-23 01:52:57 +01:00
|
|
|
|
|
|
|
typedef struct Socket Socket;
|
2016-08-02 19:48:23 +02:00
|
|
|
typedef struct SocketPeer SocketPeer;
|
2010-01-23 01:52:57 +01:00
|
|
|
|
2010-05-13 03:07:16 +02:00
|
|
|
#include "mount.h"
|
2012-01-06 23:08:54 +01:00
|
|
|
#include "service.h"
|
2015-11-18 22:46:33 +01:00
|
|
|
#include "socket-util.h"
|
2018-05-15 20:17:34 +02:00
|
|
|
#include "unit.h"
|
2010-01-23 01:52:57 +01:00
|
|
|
|
|
|
|
typedef enum SocketExecCommand {
|
|
|
|
SOCKET_EXEC_START_PRE,
|
2014-06-05 09:55:53 +02:00
|
|
|
SOCKET_EXEC_START_CHOWN,
|
2010-01-23 01:52:57 +01:00
|
|
|
SOCKET_EXEC_START_POST,
|
|
|
|
SOCKET_EXEC_STOP_PRE,
|
|
|
|
SOCKET_EXEC_STOP_POST,
|
2010-04-10 17:53:17 +02:00
|
|
|
_SOCKET_EXEC_COMMAND_MAX,
|
|
|
|
_SOCKET_EXEC_COMMAND_INVALID = -1
|
2010-01-23 01:52:57 +01:00
|
|
|
} SocketExecCommand;
|
|
|
|
|
2010-01-23 03:35:54 +01:00
|
|
|
typedef enum SocketType {
|
|
|
|
SOCKET_SOCKET,
|
2010-04-10 17:53:17 +02:00
|
|
|
SOCKET_FIFO,
|
2011-04-20 05:02:23 +02:00
|
|
|
SOCKET_SPECIAL,
|
2011-05-17 19:37:03 +02:00
|
|
|
SOCKET_MQUEUE,
|
2015-09-21 15:43:47 +02:00
|
|
|
SOCKET_USB_FUNCTION,
|
2017-12-23 08:29:40 +01:00
|
|
|
_SOCKET_TYPE_MAX,
|
|
|
|
_SOCKET_TYPE_INVALID = -1
|
2010-01-23 03:35:54 +01:00
|
|
|
} SocketType;
|
|
|
|
|
2012-02-03 02:31:54 +01:00
|
|
|
typedef enum SocketResult {
|
|
|
|
SOCKET_SUCCESS,
|
|
|
|
SOCKET_FAILURE_RESOURCES,
|
|
|
|
SOCKET_FAILURE_TIMEOUT,
|
|
|
|
SOCKET_FAILURE_EXIT_CODE,
|
|
|
|
SOCKET_FAILURE_SIGNAL,
|
|
|
|
SOCKET_FAILURE_CORE_DUMP,
|
core: move enforcement of the start limit into per-unit-type code again
Let's move the enforcement of the per-unit start limit from unit.c into the
type-specific files again. For unit types that know a concept of "result" codes
this allows us to hook up the start limit condition to it with an explicit
result code. Also, this makes sure that the state checks in clal like
service_start() may be done before the start limit is checked, as the start
limit really should be checked last, right before everything has been verified
to be in order.
The generic start limit logic is left in unit.c, but the invocation of it is
moved into the per-type files, in the various xyz_start() functions, so that
they may place the check at the right location.
Note that this change drops the enforcement entirely from device, slice, target
and scope units, since these unit types generally may not fail activation, or
may only be activated a single time. This is also documented now.
Note that restores the "start-limit-hit" result code that existed before
6bf0f408e4833152197fb38fb10a9989c89f3a59 already in the service code. However,
it's not introduced for all units that have a result code concept.
Fixes #3166.
2016-05-02 13:01:26 +02:00
|
|
|
SOCKET_FAILURE_START_LIMIT_HIT,
|
2016-04-26 20:26:15 +02:00
|
|
|
SOCKET_FAILURE_TRIGGER_LIMIT_HIT,
|
core: make the StartLimitXYZ= settings generic and apply to any kind of unit, not just services
This moves the StartLimitBurst=, StartLimitInterval=, StartLimitAction=, RebootArgument= from the [Service] section
into the [Unit] section of unit files, and thus support it in all unit types, not just in services.
This way we can enforce the start limit much earlier, in particular before testing the unit conditions, so that
repeated start-up failure due to failed conditions is also considered for the start limit logic.
For compatibility the four options may also be configured in the [Service] section still, but we only document them in
their new section [Unit].
This also renamed the socket unit failure code "service-failed-permanent" into "service-start-limit-hit" to express
more clearly what it is about, after all it's only triggered through the start limit being hit.
Finally, the code in busname_trigger_notify() and socket_trigger_notify() is altered to become more alike.
Fixes: #2467
2016-02-09 18:38:03 +01:00
|
|
|
SOCKET_FAILURE_SERVICE_START_LIMIT_HIT,
|
2012-02-03 02:31:54 +01:00
|
|
|
_SOCKET_RESULT_MAX,
|
|
|
|
_SOCKET_RESULT_INVALID = -1
|
|
|
|
} SocketResult;
|
|
|
|
|
2010-05-24 05:25:33 +02:00
|
|
|
typedef struct SocketPort {
|
2013-11-19 21:12:59 +01:00
|
|
|
Socket *socket;
|
|
|
|
|
2010-01-23 03:35:54 +01:00
|
|
|
SocketType type;
|
2010-04-21 04:01:24 +02:00
|
|
|
int fd;
|
2015-09-21 16:30:41 +02:00
|
|
|
int *auxiliary_fds;
|
tree-wide: be more careful with the type of array sizes
Previously we were a bit sloppy with the index and size types of arrays,
we'd regularly use unsigned. While I don't think this ever resulted in
real issues I think we should be more careful there and follow a
stricter regime: unless there's a strong reason not to use size_t for
array sizes and indexes, size_t it should be. Any allocations we do
ultimately will use size_t anyway, and converting forth and back between
unsigned and size_t will always be a source of problems.
Note that on 32bit machines "unsigned" and "size_t" are equivalent, and
on 64bit machines our arrays shouldn't grow that large anyway, and if
they do we have a problem, however that kind of overly large allocation
we have protections for usually, but for overflows we do not have that
so much, hence let's add it.
So yeah, it's a story of the current code being already "good enough",
but I think some extra type hygiene is better.
This patch tries to be comprehensive, but it probably isn't and I missed
a few cases. But I guess we can cover that later as we notice it. Among
smaller fixes, this changes:
1. strv_length()' return type becomes size_t
2. the unit file changes array size becomes size_t
3. DNS answer and query array sizes become size_t
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=76745
2018-04-27 14:09:31 +02:00
|
|
|
size_t n_auxiliary_fds;
|
2010-01-23 03:35:54 +01:00
|
|
|
|
|
|
|
SocketAddress address;
|
|
|
|
char *path;
|
2013-11-19 21:12:59 +01:00
|
|
|
sd_event_source *event_source;
|
2010-01-23 03:35:54 +01:00
|
|
|
|
2010-05-24 05:25:33 +02:00
|
|
|
LIST_FIELDS(struct SocketPort, port);
|
|
|
|
} SocketPort;
|
2010-01-23 03:35:54 +01:00
|
|
|
|
2010-01-23 01:52:57 +01:00
|
|
|
struct Socket {
|
2012-01-15 12:04:08 +01:00
|
|
|
Unit meta;
|
2010-01-23 01:52:57 +01:00
|
|
|
|
2010-01-23 03:35:54 +01:00
|
|
|
LIST_HEAD(SocketPort, ports);
|
|
|
|
|
2016-08-05 02:55:45 +02:00
|
|
|
Set *peers_by_address;
|
2016-08-02 19:48:23 +02:00
|
|
|
|
2010-08-11 22:37:10 +02:00
|
|
|
unsigned n_accepted;
|
|
|
|
unsigned n_connections;
|
2018-06-11 12:56:26 +02:00
|
|
|
unsigned n_refused;
|
2010-08-11 22:37:10 +02:00
|
|
|
unsigned max_connections;
|
2016-08-02 19:48:23 +02:00
|
|
|
unsigned max_connections_per_source;
|
2010-08-11 22:37:10 +02:00
|
|
|
|
2010-01-23 03:35:54 +01:00
|
|
|
unsigned backlog;
|
2014-08-14 19:36:11 +02:00
|
|
|
unsigned keep_alive_cnt;
|
2010-01-26 04:18:44 +01:00
|
|
|
usec_t timeout_usec;
|
2014-08-14 19:36:11 +02:00
|
|
|
usec_t keep_alive_time;
|
|
|
|
usec_t keep_alive_interval;
|
2014-08-14 19:36:12 +02:00
|
|
|
usec_t defer_accept;
|
2010-01-26 04:18:44 +01:00
|
|
|
|
2010-04-10 17:53:17 +02:00
|
|
|
ExecCommand* exec_command[_SOCKET_EXEC_COMMAND_MAX];
|
2010-01-23 01:52:57 +01:00
|
|
|
ExecContext exec_context;
|
2012-07-19 23:47:10 +02:00
|
|
|
KillContext kill_context;
|
2013-06-27 04:14:27 +02:00
|
|
|
CGroupContext cgroup_context;
|
2016-07-14 12:37:28 +02:00
|
|
|
|
2013-11-27 20:23:18 +01:00
|
|
|
ExecRuntime *exec_runtime;
|
2016-07-14 12:37:28 +02:00
|
|
|
DynamicCreds dynamic_creds;
|
2010-01-23 01:52:57 +01:00
|
|
|
|
2010-07-16 19:42:27 +02:00
|
|
|
/* For Accept=no sockets refers to the one service we'll
|
2018-02-13 10:50:13 +01:00
|
|
|
* activate. For Accept=yes sockets is either NULL, or filled
|
|
|
|
* to refer to the next service we spawn. */
|
2012-01-06 23:08:54 +01:00
|
|
|
UnitRef service;
|
2010-01-26 04:18:44 +01:00
|
|
|
|
2010-04-21 03:27:44 +02:00
|
|
|
SocketState state, deserialized_state;
|
2010-01-26 04:18:44 +01:00
|
|
|
|
2013-11-19 21:12:59 +01:00
|
|
|
sd_event_source *timer_event_source;
|
2010-08-11 22:37:10 +02:00
|
|
|
|
2010-01-26 04:18:44 +01:00
|
|
|
ExecCommand* control_command;
|
2010-04-21 03:27:44 +02:00
|
|
|
SocketExecCommand control_command_id;
|
2010-01-23 01:52:57 +01:00
|
|
|
pid_t control_pid;
|
|
|
|
|
2010-08-11 22:37:10 +02:00
|
|
|
mode_t directory_mode;
|
|
|
|
mode_t socket_mode;
|
2010-04-15 06:19:54 +02:00
|
|
|
|
2012-02-03 02:31:54 +01:00
|
|
|
SocketResult result;
|
2010-08-11 22:37:10 +02:00
|
|
|
|
2014-06-04 16:19:00 +02:00
|
|
|
char **symlinks;
|
|
|
|
|
2010-08-11 22:37:10 +02:00
|
|
|
bool accept;
|
2014-06-04 13:10:43 +02:00
|
|
|
bool remove_on_stop;
|
2015-10-01 14:28:13 +02:00
|
|
|
bool writable;
|
2010-07-01 00:29:17 +02:00
|
|
|
|
2015-11-16 07:45:47 +01:00
|
|
|
int socket_protocol;
|
|
|
|
|
2010-07-01 00:29:17 +02:00
|
|
|
/* Socket options */
|
|
|
|
bool keep_alive;
|
2014-07-28 08:48:29 +02:00
|
|
|
bool no_delay;
|
2010-08-11 22:37:10 +02:00
|
|
|
bool free_bind;
|
2011-05-19 13:22:31 +02:00
|
|
|
bool transparent;
|
2011-05-19 18:10:19 +02:00
|
|
|
bool broadcast;
|
2011-11-29 22:15:41 +01:00
|
|
|
bool pass_cred;
|
2012-03-13 00:00:27 +01:00
|
|
|
bool pass_sec;
|
2013-05-08 03:07:39 +02:00
|
|
|
|
|
|
|
/* Only for INET6 sockets: issue IPV6_V6ONLY sockopt */
|
|
|
|
SocketAddressBindIPv6Only bind_ipv6_only;
|
|
|
|
|
2010-07-01 00:29:17 +02:00
|
|
|
int priority;
|
2010-08-11 22:37:10 +02:00
|
|
|
int mark;
|
2010-07-01 00:29:17 +02:00
|
|
|
size_t receive_buffer;
|
|
|
|
size_t send_buffer;
|
|
|
|
int ip_tos;
|
|
|
|
int ip_ttl;
|
|
|
|
size_t pipe_size;
|
|
|
|
char *bind_to_device;
|
2010-08-03 13:33:40 +02:00
|
|
|
char *tcp_congestion;
|
2013-11-19 21:12:59 +01:00
|
|
|
bool reuse_port;
|
2011-05-17 19:37:03 +02:00
|
|
|
long mq_maxmsg;
|
|
|
|
long mq_msgsize;
|
2012-01-06 23:08:54 +01:00
|
|
|
|
2012-10-29 23:30:05 +01:00
|
|
|
char *smack;
|
|
|
|
char *smack_ip_in;
|
|
|
|
char *smack_ip_out;
|
2014-06-05 09:55:53 +02:00
|
|
|
|
2014-07-24 10:40:28 +02:00
|
|
|
bool selinux_context_from_net;
|
|
|
|
|
2014-06-05 09:55:53 +02:00
|
|
|
char *user, *group;
|
2015-03-01 16:24:19 +01:00
|
|
|
|
2015-10-04 17:36:19 +02:00
|
|
|
char *fdname;
|
2016-04-26 20:26:15 +02:00
|
|
|
|
|
|
|
RateLimit trigger_limit;
|
2010-01-23 01:52:57 +01:00
|
|
|
};
|
|
|
|
|
2016-08-02 19:48:23 +02:00
|
|
|
SocketPeer *socket_peer_ref(SocketPeer *p);
|
|
|
|
SocketPeer *socket_peer_unref(SocketPeer *p);
|
2016-08-05 05:42:27 +02:00
|
|
|
int socket_acquire_peer(Socket *s, int fd, SocketPeer **p);
|
2016-08-02 19:48:23 +02:00
|
|
|
|
|
|
|
DEFINE_TRIVIAL_CLEANUP_FUNC(SocketPeer*, socket_peer_unref);
|
|
|
|
|
2010-01-26 07:02:51 +01:00
|
|
|
/* Called from the service code when collecting fds */
|
2015-10-03 16:41:36 +02:00
|
|
|
int socket_collect_fds(Socket *s, int **fds);
|
2010-01-26 07:02:51 +01:00
|
|
|
|
2010-06-19 04:25:28 +02:00
|
|
|
/* Called from the service code when a per-connection service ended */
|
|
|
|
void socket_connection_unref(Socket *s);
|
|
|
|
|
2013-01-17 02:27:06 +01:00
|
|
|
void socket_free_ports(Socket *s);
|
|
|
|
|
2015-10-04 17:36:19 +02:00
|
|
|
int socket_instantiate_service(Socket *s);
|
|
|
|
|
|
|
|
char *socket_fdname(Socket *s);
|
|
|
|
|
2010-01-26 21:39:06 +01:00
|
|
|
extern const UnitVTable socket_vtable;
|
2010-01-23 01:52:57 +01:00
|
|
|
|
2013-05-03 04:51:50 +02:00
|
|
|
const char* socket_exec_command_to_string(SocketExecCommand i) _const_;
|
|
|
|
SocketExecCommand socket_exec_command_from_string(const char *s) _pure_;
|
2010-04-21 03:27:44 +02:00
|
|
|
|
2013-05-03 04:51:50 +02:00
|
|
|
const char* socket_result_to_string(SocketResult i) _const_;
|
|
|
|
SocketResult socket_result_from_string(const char *s) _pure_;
|
2013-04-01 22:09:45 +02:00
|
|
|
|
2013-05-03 04:51:50 +02:00
|
|
|
const char* socket_port_type_to_string(SocketPort *p) _pure_;
|
2017-12-23 08:29:40 +01:00
|
|
|
SocketType socket_port_type_from_string(const char *p) _pure_;
|
2018-05-15 20:17:34 +02:00
|
|
|
|
|
|
|
DEFINE_CAST(SOCKET, Socket);
|