shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 01:27:11 +03:00
Code
6fb0926976
systemd/src/core/service.h

221 lines
6.6 KiB
C
Raw Normal View History

use #pragma once instead of foo*foo #define guards #pragma once has been "un-deprecated" in gcc since 3.3, and is widely supported in other compilers. I've been using and maintaining (rebasing) this patch for a while now, as it annoyed me to see #ifndef fooblahfoo, etc all over the place, almost arrogant about the annoyance of having to define all these names to perform a commen but neccicary functionality, when a completely superior alternative exists. I havn't sent it till now, cause its kindof a style change, and it is bad voodoo to mess with style that has been established by more established editors. So feel free to lambast me as a crazy bafoon. v2 - preserve externally used headers
2012-07-18 21:07:51 +04:00
#pragma once
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
license: add GPLv2+ license blurbs everwhere
2010-02-03 15:03:47 +03:00
/***
This file is part of systemd.
Copyright 2010 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-12 02:20:58 +04:00
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
license: add GPLv2+ license blurbs everwhere
2010-02-03 15:03:47 +03:00
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-12 02:20:58 +04:00
Lesser General Public License for more details.
license: add GPLv2+ license blurbs everwhere
2010-02-03 15:03:47 +03:00
relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-12 02:20:58 +04:00
You should have received a copy of the GNU Lesser General Public License
license: add GPLv2+ license blurbs everwhere
2010-02-03 15:03:47 +03:00
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
typedef struct Service Service;
core: add new logic for services to store file descriptors in PID 1 With this change it is possible to send file descriptors to PID 1, via sd_pid_notify_with_fds() which PID 1 will store individually for each service, and pass via the usual fd passing logic on next invocation. This is useful for enable daemon reload schemes where daemons serialize their state to /run, push their fds into PID 1 and terminate, restoring their state on next start from the data in /run and passed in from PID 1. The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on them, and the service they belong to are either not dead or failed, or have a job queued.
2015-01-06 02:26:25 +03:00
typedef struct ServiceFDStore ServiceFDStore;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
tree-wide: sort includes in *.h This is a continuation of the previous include sort patch, which only sorted for .c files.
2015-11-19 00:46:33 +03:00
#include "exit-status.h"
#include "kill.h"
fix compilation error with 'PathSpec redefined'
2012-01-05 03:56:21 +04:00
#include "path.h"
ratelimit start requests
2010-01-29 06:42:57 +03:00
#include "ratelimit.h"
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
typedef enum ServiceRestart {
service: rename settings for Restart= from 'restart-always' to 'always' and similar
2010-10-05 22:30:44 +04:00
SERVICE_RESTART_NO,
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
SERVICE_RESTART_ON_SUCCESS,
service: introduce Restart=on-failure and Restart=on-abort
2010-10-08 20:34:54 +04:00
SERVICE_RESTART_ON_FAILURE,
core: introduce new Restart=on-abnormal setting Restart=on-abnormal is similar to Restart=on-failure, but avoids restarts on unclean exit codes (but still doing restarts on all obviously unclean exits, such as timeouts, signals, coredumps, watchdog timeouts). Also see: https://fedorahosted.org/fpc/ticket/191
2014-06-05 20:42:52 +04:00
SERVICE_RESTART_ON_ABNORMAL,
service: Implement 'on-watchdog' restart option Services using the watchdog option might want to be restarted only if the watchdog triggers.
2013-07-25 16:07:59 +04:00
SERVICE_RESTART_ON_WATCHDOG,
service: introduce Restart=on-failure and Restart=on-abort
2010-10-08 20:34:54 +04:00
SERVICE_RESTART_ON_ABORT,
greatly extend what we enforce as process properties
2010-01-30 03:55:42 +03:00
SERVICE_RESTART_ALWAYS,
_SERVICE_RESTART_MAX,
_SERVICE_RESTART_INVALID = -1
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
} ServiceRestart;
typedef enum ServiceType {
service: optionally, trie dbus name cycle to service cycle
2010-04-16 01:16:16 +04:00
SERVICE_SIMPLE, /* we fork and go on right-away (i.e. modern socket activated daemons) */
service: change default service type to 'simple' since that is the future
2010-06-02 21:15:42 +04:00
SERVICE_FORKING, /* forks by itself (i.e. traditional daemons) */
service: rename Type=finish to Type=oneshot and allow multiple ExecStart= lines for oneshot services In contrast to the other service types oneshot services are usually not long lasting and there's not necessarily a single clean main process for them. This change allows multiple ExecStart= lines for this type of services so that the admin/developer doesn't have to arbitrarily pick on of various sequential commands as the "main one".
2010-08-13 20:23:01 +04:00
SERVICE_ONESHOT, /* we fork and wait until the program finishes (i.e. programs like fsck which run and need to finish before we continue) */
service: optionally, trie dbus name cycle to service cycle
2010-04-16 01:16:16 +04:00
SERVICE_DBUS, /* we fork and wait until a specific D-Bus name appears on the bus */
notify: add minimal readiness/status protocol for spawned daemons
2010-06-16 07:10:31 +04:00
SERVICE_NOTIFY, /* we fork and wait until a daemon sends us a ready message with sd_notify() */
service: introduce Type=idle and use it for gettys Type=idle is much like Type=simple, however between the fork() and the exec() in the child we wait until PID 1 informs us that no jobs are left. This is mostly a cosmetic fix to make gettys appear only after all boot output is finished and complete. Note that this does not impact the normal job logic as we do not delay the completion of any jobs. We just delay the invocation of the actual binary, and only for services that otherwise would be of Type=simple.
2012-04-24 16:28:00 +04:00
SERVICE_IDLE, /* much like simple, but delay exec() until all jobs are dispatched. */
greatly extend what we enforce as process properties
2010-01-30 03:55:42 +03:00
_SERVICE_TYPE_MAX,
_SERVICE_TYPE_INVALID = -1
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
} ServiceType;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
typedef enum ServiceExecCommand {
SERVICE_EXEC_START_PRE,
SERVICE_EXEC_START,
SERVICE_EXEC_START_POST,
SERVICE_EXEC_RELOAD,
SERVICE_EXEC_STOP,
SERVICE_EXEC_STOP_POST,
mount: implement mounting properly This also includes code that writes utmp/wtmp records when applicable, making use the mount infrastructure to detct when those files are accessible. Finally, this also introduces a --dump-configuration-items switch.
2010-04-10 19:53:17 +04:00
_SERVICE_EXEC_COMMAND_MAX,
_SERVICE_EXEC_COMMAND_INVALID = -1
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
} ServiceExecCommand;
service: add minimal access control logic for notifcation socket
2010-06-19 01:12:48 +04:00
typedef enum NotifyAccess {
NOTIFY_NONE,
NOTIFY_ALL,
NOTIFY_MAIN,
_NOTIFY_ACCESS_MAX,
_NOTIFY_ACCESS_INVALID = -1
} NotifyAccess;
core: allow informing systemd about service status changes with RELOADING=1 and STOPPING=1 sd_notify() messages
2014-08-21 19:03:15 +04:00
typedef enum NotifyState {
NOTIFY_UNKNOWN,
NOTIFY_READY,
NOTIFY_RELOADING,
NOTIFY_STOPPING,
_NOTIFY_STATE_MAX,
_NOTIFY_STATE_INVALID = -1
} NotifyState;
service: replace "failure" boolean by enum, and export it This should give admins more useful hints why a service failed.
2012-02-03 05:01:35 +04:00
typedef enum ServiceResult {
SERVICE_SUCCESS,
core: fix description of "resources" service error (#3119) The "resources" error is really just the generic error we return when we hit some kind of error and we have no more appropriate error for the case to return, for example because of some OS error. Hence, reword the explanation and don't claim any relation to resource limits. Admittedly, the "resources" service error is a bit of a misnomer, but I figure it's kind of API now. Fixes: #2716
2016-04-25 22:36:25 +03:00
SERVICE_FAILURE_RESOURCES, /* a bit of a misnomer, just our catch-all error for errnos we didn't expect */
service: replace "failure" boolean by enum, and export it This should give admins more useful hints why a service failed.
2012-02-03 05:01:35 +04:00
SERVICE_FAILURE_TIMEOUT,
SERVICE_FAILURE_EXIT_CODE,
SERVICE_FAILURE_SIGNAL,
SERVICE_FAILURE_CORE_DUMP,
service: introduce WatchdogSec and hook up the watchdog with the existing failure logic
2012-02-08 13:10:34 +04:00
SERVICE_FAILURE_WATCHDOG,
core: move enforcement of the start limit into per-unit-type code again Let's move the enforcement of the per-unit start limit from unit.c into the type-specific files again. For unit types that know a concept of "result" codes this allows us to hook up the start limit condition to it with an explicit result code. Also, this makes sure that the state checks in clal like service_start() may be done before the start limit is checked, as the start limit really should be checked last, right before everything has been verified to be in order. The generic start limit logic is left in unit.c, but the invocation of it is moved into the per-type files, in the various xyz_start() functions, so that they may place the check at the right location. Note that this change drops the enforcement entirely from device, slice, target and scope units, since these unit types generally may not fail activation, or may only be activated a single time. This is also documented now. Note that restores the "start-limit-hit" result code that existed before 6bf0f408e4833152197fb38fb10a9989c89f3a59 already in the service code. However, it's not introduced for all units that have a result code concept. Fixes #3166.
2016-05-02 14:01:26 +03:00
SERVICE_FAILURE_START_LIMIT_HIT,
service: replace "failure" boolean by enum, and export it This should give admins more useful hints why a service failed.
2012-02-03 05:01:35 +04:00
_SERVICE_RESULT_MAX,
_SERVICE_RESULT_INVALID = -1
} ServiceResult;
core: add new logic for services to store file descriptors in PID 1 With this change it is possible to send file descriptors to PID 1, via sd_pid_notify_with_fds() which PID 1 will store individually for each service, and pass via the usual fd passing logic on next invocation. This is useful for enable daemon reload schemes where daemons serialize their state to /run, push their fds into PID 1 and terminate, restoring their state on next start from the data in /run and passed in from PID 1. The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on them, and the service they belong to are either not dead or failed, or have a job queued.
2015-01-06 02:26:25 +03:00
struct ServiceFDStore {
Service *service;
int fd;
core: add support for naming file descriptors passed using socket activation This adds support for naming file descriptors passed using socket activation. The names are passed in a new $LISTEN_FDNAMES= environment variable, that matches the existign $LISTEN_FDS= one and contains a colon-separated list of names. This also adds support for naming fds submitted to the per-service fd store using FDNAME= in the sd_notify() message. This also adds a new FileDescriptorName= setting for socket unit files to set the name for fds created by socket units. This also adds a new call sd_listen_fds_with_names(), that is similar to sd_listen_fds(), but also returns the names of the fds. systemd-activate gained the new --fdname= switch to specify a name for testing socket activation. This is based on #1247 by Maciej Wereski. Fixes #1247.
2015-10-04 18:36:19 +03:00
char *fdname;
core: add new logic for services to store file descriptors in PID 1 With this change it is possible to send file descriptors to PID 1, via sd_pid_notify_with_fds() which PID 1 will store individually for each service, and pass via the usual fd passing logic on next invocation. This is useful for enable daemon reload schemes where daemons serialize their state to /run, push their fds into PID 1 and terminate, restoring their state on next start from the data in /run and passed in from PID 1. The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on them, and the service they belong to are either not dead or failed, or have a job queued.
2015-01-06 02:26:25 +03:00
sd_event_source *event_source;
LIST_FIELDS(ServiceFDStore, fd_store);
};
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
struct Service {
unit: remove union Unit Now that objects of all unit types are allocated the exact amount of memory they need, the Unit union has lost its purpose. Remove it. "Unit" is a more natural name for the base unit class than "Meta", so rename Meta to Unit. Access to members of the base class gets simplified.
2012-01-15 15:04:08 +04:00
Unit meta;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
ServiceType type;
ServiceRestart restart;
core: introduce new RestartForceExitStatus= service setting This does the inverse of RestartPreventExitStatus=: it forces a restart of a service when a certain exit status is returned by a service process.
2014-07-03 14:47:40 +04:00
ExitStatusSet restart_prevent_status;
ExitStatusSet restart_force_status;
service: add options RestartPreventExitStatus and SuccessExitStatus In some cases, like wrong configuration, restarting after error does not help, so administrator can specify statuses by RestartPreventExitStatus which will not cause restart of a service. Sometimes you have non-standart exit status, so this can be specified by SuccessfulExitStatus.
2012-08-13 15:58:01 +04:00
ExitStatusSet success_status;
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
/* If set we'll read the main daemon PID from this file */
char *pid_file;
usec_t restart_usec;
systemd: introduced new timeout types Makes possible to specify separate timeout for start and stop of the service. [ Improved the manpage. Coding style fix. -- michich ]
2012-08-07 16:41:48 +04:00
usec_t timeout_start_usec;
usec_t timeout_stop_usec;
core: rework unit timeout handling, and add new setting RuntimeMaxSec= This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code (following the logic that 0 means "no", and USEC_INFINITY means "never"). This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated, and sd-event considers it has indication for turning off the event source. This also alters the deserialization of the units to restart timeouts from the time they were originally started from. Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to artificially prolonged timeouts if a daemon reload took place. Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs. This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn() calls fail. Fixes: #2249
2016-02-01 23:48:10 +03:00
usec_t runtime_max_usec;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
service: add watchdog timestamp This patch adds WatchdogTimestamp[Monotonic] to the systemd service D-Bus API. The timestamp is updated to the current time when the service calls 'sd_nofity("WATCHDOG=1\n")'. Using a timestamp instead of an 'alive' flag has two advantages: 1. No timeout is needed to define when a service is no longer alive. This simplifies both configuration (no timeout value) and implementation (no timeout event). 2. It is more robust. A 'dead' service might not be detected should systemd 'forget' to reset an 'alive' flag. It is much less likely to get a valid new timestamp if a service died.
2012-02-01 20:17:12 +04:00
dual_timestamp watchdog_timestamp;
service: introduce WatchdogSec and hook up the watchdog with the existing failure logic
2012-02-08 13:10:34 +04:00
usec_t watchdog_usec;
core: convert PID 1 to libsystemd-bus This patch converts PID 1 to libsystemd-bus and thus drops the dependency on libdbus. The only remaining code using libdbus is a test case that validates our bus marshalling against libdbus' marshalling, and this dependency can be turned off. This patch also adds a couple of things to libsystem-bus, that are necessary to make the port work: - Synthesizing of "Disconnected" messages when bus connections are severed. - Support for attaching multiple vtables for the same interface on the same path. This patch also fixes the SetDefaultTarget() and GetDefaultTarget() bus calls which used an inappropriate signature. As a side effect we will now generate PropertiesChanged messages which carry property contents, rather than just invalidation information.
2013-11-20 00:12:59 +04:00
sd_event_source *watchdog_event_source;
service: add watchdog timestamp This patch adds WatchdogTimestamp[Monotonic] to the systemd service D-Bus API. The timestamp is updated to the current time when the service calls 'sd_nofity("WATCHDOG=1\n")'. Using a timestamp instead of an 'alive' flag has two advantages: 1. No timeout is needed to define when a service is no longer alive. This simplifies both configuration (no timeout value) and implementation (no timeout event). 2. It is more robust. A 'dead' service might not be detected should systemd 'forget' to reset an 'alive' flag. It is much less likely to get a valid new timestamp if a service died.
2012-02-01 20:17:12 +04:00
mount: implement mounting properly This also includes code that writes utmp/wtmp records when applicable, making use the mount infrastructure to detct when those files are accessible. Finally, this also introduces a --dump-configuration-items switch.
2010-04-10 19:53:17 +04:00
ExecCommand* exec_command[_SERVICE_EXEC_COMMAND_MAX];
unit: split off KillContext from ExecContext containing only kill definitions
2012-07-20 01:47:10 +04:00
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
ExecContext exec_context;
unit: split off KillContext from ExecContext containing only kill definitions
2012-07-20 01:47:10 +04:00
KillContext kill_context;
core: general cgroup rework Replace the very generic cgroup hookup with a much simpler one. With this change only the high-level cgroup settings remain, the ability to set arbitrary cgroup attributes is removed, so is support for adding units to arbitrary cgroup controllers or setting arbitrary paths for them (especially paths that are different for the various controllers). This also introduces a new -.slice root slice, that is the parent of system.slice and friends. This enables easy admin configuration of root-level cgrouo properties. This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in /dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is turned off by DevicePolicy=).
2013-06-27 06:14:27 +04:00
CGroupContext cgroup_context;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
reload: implement reload/reexec logic
2010-04-21 05:27:44 +04:00
ServiceState state, deserialized_state;
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
service: make chain of main commands and control commands independent of each other, so that both can be executed simultaneously and independently
2011-01-20 20:46:38 +03:00
/* The exit status of the real main process */
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
ExecStatus main_exec_status;
service: make chain of main commands and control commands independent of each other, so that both can be executed simultaneously and independently
2011-01-20 20:46:38 +03:00
/* The currently executed control process */
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
ExecCommand *control_command;
service: make chain of main commands and control commands independent of each other, so that both can be executed simultaneously and independently
2011-01-20 20:46:38 +03:00
/* The currently executed main process, which may be NULL if
* the main process got started via forking mode and not by
* us */
ExecCommand *main_command;
/* The ID of the control command currently being executed */
reload: implement reload/reexec logic
2010-04-21 05:27:44 +04:00
ServiceExecCommand control_command_id;
service: make chain of main commands and control commands independent of each other, so that both can be executed simultaneously and independently
2011-01-20 20:46:38 +03:00
service: add the ability for units to join other unit's PrivateNetwork= and PrivateTmp= namespaces
2013-11-27 23:23:18 +04:00
/* Runtime data of the execution context */
ExecRuntime *exec_runtime;
first attempt at proper service/socket logic
2010-01-26 06:18:44 +03:00
pid_t main_pid, control_pid;
sysv: optionally disable of SysV init/rcN.d support at compile time This patch adds a cpp definition HAVE_SYSV_COMPAT that is used to isolate code dealing with /etc/init.d and /etc/rcN.d for systems where it does not make sense (one that does not use sysv or one that is fully systemd native). The patch tries to be as little intrusive as possible, however in order to minimize the number of #ifdef'ed regions I've reordered some code in path-lookup.c:lookup_paths_init() where all code dealing with sysv is now isolated under running_as == MANAGER_SYSTEM as well. Moreover, In struct Service, some fields were rearranged to reduce the number of ifdefs. Lennart's suggestions were fixed and squashed with the original patch, that was sent by Gustavo Sverzut Barbieri (barbieri@profusion.mobi).
2010-09-21 07:23:12 +04:00
int socket_fd;
socket: introduce SELinuxContextFromNet option This makes possible to spawn service instances triggered by socket with MLS/MCS SELinux labels which are created based on information provided by connected peer. Implementation of label_get_child_mls_label derived from xinetd. Reviewed-by: Paul Moore <pmoore@redhat.com>
2014-07-24 12:40:28 +04:00
bool socket_fd_selinux_context_net;
device: do not merge devices Don't try to merge devices that have been created via dependencies when they appear in the system and can be recognized as the same. Instead, simply continue to maintain them independently of each other, however with the same state cycle. Why? Because otherwise we'd have a hard time to seperate the dependencies after the devices are unplugged again and we hence cannot be sure anymore that next time the device is plugged in it will carry the same names. Example: if one depndency refers to dev-sda.device and another one to dev-by-id-xxxyyy.device we only learn at time of plug in of the device that it is actually the same device that was ment. In the moment the device is unplugged again we won't know anymore their relation to each other and the next time the harddisk is plugged it might even appear as dev-by-id-xxxyyy.device and dev-sdb.service. To ensure the dependencies continue to have the meaning they were intended to have let's hence keep the .device objects seperate all the time, even when they are plugged in. This patch also introduces a new Following= property which points from the various .device units of a specific device to the main .device unit for it. This can be used by the client side to figure out the relation of the .device units to each other and even filter units from display.
2010-07-20 22:33:19 +04:00
bool permissions_start_only;
bool root_directory_start_only;
service: rename ValidNoProcess= to RemainAfterExit=
2010-08-17 21:37:36 +04:00
bool remain_after_exit;
service: make main pid guessing optional, and reread pid file after reloads
2011-02-13 20:51:30 +03:00
bool guess_main_pid;
device: do not merge devices Don't try to merge devices that have been created via dependencies when they appear in the system and can be recognized as the same. Instead, simply continue to maintain them independently of each other, however with the same state cycle. Why? Because otherwise we'd have a hard time to seperate the dependencies after the devices are unplugged again and we hence cannot be sure anymore that next time the device is plugged in it will carry the same names. Example: if one depndency refers to dev-sda.device and another one to dev-by-id-xxxyyy.device we only learn at time of plug in of the device that it is actually the same device that was ment. In the moment the device is unplugged again we won't know anymore their relation to each other and the next time the harddisk is plugged it might even appear as dev-by-id-xxxyyy.device and dev-sdb.service. To ensure the dependencies continue to have the meaning they were intended to have let's hence keep the .device objects seperate all the time, even when they are plugged in. This patch also introduces a new Following= property which points from the various .device units of a specific device to the main .device unit for it. This can be used by the client side to figure out the relation of the .device units to each other and even filter units from display.
2010-07-20 22:33:19 +04:00
service: optionally, trie dbus name cycle to service cycle
2010-04-16 01:16:16 +04:00
/* If we shut down, remember why */
service: replace "failure" boolean by enum, and export it This should give admins more useful hints why a service failed.
2012-02-03 05:01:35 +04:00
ServiceResult result;
ServiceResult reload_result;
service: when reloading a service fails don't fail the entire service but just the reload job
2011-01-20 15:17:22 +03:00
service: properly remember if a sysv is actually enabled Previously we checked the SysV priority value to figure out if a SysV unit was enabled or not, since th value was mostly read from the S startup links. Since we read this value from the LSB headers as a fallback we hence ended up considering a lot more services enabled than were actually enabled. This patch adds an explicit boolean which encodes whether a sysv service is enabled or not via S links. https://bugzilla.redhat.com/show_bug.cgi?id=615293
2010-08-09 19:12:25 +04:00
bool main_pid_known:1;
service: properly notice when services with a main process that isn't a child of init die https://bugzilla.redhat.com/show_bug.cgi?id=699114
2011-04-28 06:56:53 +04:00
bool main_pid_alien:1;
service: optionally, trie dbus name cycle to service cycle
2010-04-16 01:16:16 +04:00
bool bus_name_good:1;
main: fix auto restarting of units after a configuration reload
2010-08-10 01:33:48 +04:00
bool forbid_restart:1;
systemd: introduced new timeout types Makes possible to specify separate timeout for start and stop of the service. [ Improved the manpage. Coding style fix. -- michich ]
2012-08-07 16:41:48 +04:00
bool start_timeout_defined:1;
service: add SysV init script parser
2010-02-14 03:09:01 +03:00
core: expose consumed CPU time per unit This adds support for showing the accumulated consumed CPU time per-unit in the "systemctl status" output. The property is also readable via the bus.
2015-03-01 18:24:19 +03:00
bool reset_cpu_usage:1;
service: optionally, trie dbus name cycle to service cycle
2010-04-16 01:16:16 +04:00
char *bus_name;
core: fix bus name synchronization after daemon-reload During daemon-reload, PID1 temporarly loses its DBus connection, so there's a small window in which all signals sent by dbus-daemon are lost. This is a problem, since we rely on the NameOwnerChanged signals in order to consider a service with Type=dbus fully started or terminated, respectively. In order to fix this, a rewrite of bus_list_names() is necessary. We used to walk the current list of names on the bus, and blindly triggered the bus_name_owner_change() callback on each service, providing the actual name as current owner. This implementation has a number of problems: * We cannot detect if the the name was moved from one owner to the other while we were reloading * We don't notify services which missed the name loss signal * Providing the actual name as current owner is a hack, as the comment also admits. To fix this, this patch carries the following changes: * Track the name of the current bus name owner, and (de-)serialize it during reload. This way, we can detect changes. * In bus_list_names(), walk the list of bus names we're interested in first, and then see if the name is active on the bus. If it is, check it it's still the same as it used to be, and synthesize NameOwnerChanged signals for the name add and/or loss. This should fully synchronize the current name list with the internal state of all services.
2015-12-18 19:28:15 +03:00
char *bus_name_owner; /* unique name of the current owner */
service: optionally, trie dbus name cycle to service cycle
2010-04-16 01:16:16 +04:00
notify: add minimal readiness/status protocol for spawned daemons
2010-06-16 07:10:31 +04:00
char *status_text;
core: Added support for ERRNO NOTIFY_SOCKET message parsing, and added StatusErrno dbus property along StatusText to allow notification of numeric status condition while degraded service operation or any other special situation.
2014-07-07 16:20:36 +04:00
int status_errno;
notify: add minimal readiness/status protocol for spawned daemons
2010-06-16 07:10:31 +04:00
core: add support for a configurable system-wide start-up timeout When this system-wide start-up timeout is hit we execute one of the failure actions already implemented for services that fail. This should not only be useful on embedded devices, but also on laptops which have the power-button reachable when the lid is closed. This devices, when in a backpack might get powered on by accident due to the easily reachable power button. We want to make sure that the system turns itself off if it starts up due this after a while. When the system manages to fully start-up logind will suspend the machine by default if the lid is closed. However, in some cases we don't even get as far as logind, and the boot hangs much earlier, for example because we ask for a LUKS password that nobody ever enters. Yeah, this is a real-life problem on my Yoga 13, which has one of those easily accessible power buttons, even if the device is closed.
2014-08-22 18:36:38 +04:00
FailureAction failure_action;
service: add StartLimitInterval/StartLimitBurst/StartLimitAction
2012-02-09 16:05:23 +04:00
unit: properly update references to units which are merged When we merge units that some kind of object points to, those pointers might become invalidated, and needs to be updated. Introduce a UnitRef struct which links up all the unit references, to ensure corrected references. At the same time, drop configured_sockets in the Service object, and replace it by proper UNIT_TRIGGERS resp. UNIT_TRIGGERED_BY dependencies, which allow us to simplify a lot of code.
2012-01-07 02:08:54 +04:00
UnitRef accept_socket;
socket: optionally call accept() for incoming connections and spawn one service instance per connection
2010-04-15 08:19:54 +04:00
core: convert PID 1 to libsystemd-bus This patch converts PID 1 to libsystemd-bus and thus drops the dependency on libdbus. The only remaining code using libdbus is a test case that validates our bus marshalling against libdbus' marshalling, and this dependency can be turned off. This patch also adds a couple of things to libsystem-bus, that are necessary to make the port work: - Synthesizing of "Disconnected" messages when bus connections are severed. - Support for attaching multiple vtables for the same interface on the same path. This patch also fixes the SetDefaultTarget() and GetDefaultTarget() bus calls which used an inappropriate signature. As a side effect we will now generate PropertiesChanged messages which carry property contents, rather than just invalidation information.
2013-11-20 00:12:59 +04:00
sd_event_source *timer_event_source;
service: handle services with racy daemonization gracefully There are a lot of forking daemons that do not exactly follow the initialization steps as described in daemon(7). It is common that they do not bother waiting in the parent process for the child to write the PID file before exiting. The daemons' developers often do not perceive this as a bug and they're unwilling to change. Currently systemd warns about the missing PID file and falls back to guessing the main PID. Being not quite deterministic, the guess can be wrong with bad consequences. If the guessing is disabled, determinism is achieved at the cost of losing the ability of noticing when the main process of the service dies. As long as it does not negatively affect properly written services, systemd should strive for compatibility even with services with racy daemonization. It is possible to provide determinism _and_ main process supervision to them. If the PID file is not there, rather than guessing and considering the service running immediately after getting the SIGCHLD from the ExecStart (or ExecStartPost) process, we can keep the service in the activating state for a bit longer. We can use inotify to wait for the PID file to appear. Only when it finally does appear and we read a valid PID from it, we'll move the service to the running state. If the PID file never appears, the usual timeout kicks in and the service fails.
2011-12-03 05:13:30 +04:00
PathSpec *pid_file_pathspec;
device: do not merge devices Don't try to merge devices that have been created via dependencies when they appear in the system and can be recognized as the same. Instead, simply continue to maintain them independently of each other, however with the same state cycle. Why? Because otherwise we'd have a hard time to seperate the dependencies after the devices are unplugged again and we hence cannot be sure anymore that next time the device is plugged in it will carry the same names. Example: if one depndency refers to dev-sda.device and another one to dev-by-id-xxxyyy.device we only learn at time of plug in of the device that it is actually the same device that was ment. In the moment the device is unplugged again we won't know anymore their relation to each other and the next time the harddisk is plugged it might even appear as dev-by-id-xxxyyy.device and dev-sdb.service. To ensure the dependencies continue to have the meaning they were intended to have let's hence keep the .device objects seperate all the time, even when they are plugged in. This patch also introduces a new Following= property which points from the various .device units of a specific device to the main .device unit for it. This can be used by the client side to figure out the relation of the .device units to each other and even filter units from display.
2010-07-20 22:33:19 +04:00
NotifyAccess notify_access;
core: allow informing systemd about service status changes with RELOADING=1 and STOPPING=1 sd_notify() messages
2014-08-21 19:03:15 +04:00
NotifyState notify_state;
core: add new logic for services to store file descriptors in PID 1 With this change it is possible to send file descriptors to PID 1, via sd_pid_notify_with_fds() which PID 1 will store individually for each service, and pass via the usual fd passing logic on next invocation. This is useful for enable daemon reload schemes where daemons serialize their state to /run, push their fds into PID 1 and terminate, restoring their state on next start from the data in /run and passed in from PID 1. The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on them, and the service they belong to are either not dead or failed, or have a job queued.
2015-01-06 02:26:25 +03:00
ServiceFDStore *fd_store;
unsigned n_fd_store;
unsigned n_fd_store_max;
core: Add FFSDescriptors and FFSStrings service parameters By using these parameters functionfs service can specify ffs descriptors and strings which should be written to ep0.
2015-09-04 13:23:51 +03:00
char *usb_function_descriptors;
char *usb_function_strings;
core: add support for setting stdin/stdout/stderr for transient services When starting a transient service, allow setting stdin/stdout/stderr fds for it, by passing them in via the bus. This also simplifies some of the serialization code for units.
2015-10-08 00:07:39 +03:00
int stdin_fd;
int stdout_fd;
int stderr_fd;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
};
build: basic autoconfization
2010-02-03 16:21:48 +03:00
extern const UnitVTable service_vtable;
first attempt in implementinging execution logic
2010-01-23 03:52:57 +03:00
socket: introduce SELinuxContextFromNet option This makes possible to spawn service instances triggered by socket with MLS/MCS SELinux labels which are created based on information provided by connected peer. Implementation of label_get_child_mls_label derived from xinetd. Reviewed-by: Paul Moore <pmoore@redhat.com>
2014-07-24 12:40:28 +04:00
int service_set_socket_fd(Service *s, int fd, struct Socket *socket, bool selinux_context_net);
core: make sure to close connection fd when we fail to activate a per-connection service Fixes: #2993 #2691
2016-04-28 18:09:50 +03:00
void service_close_socket_fd(Service *s);
socket: optionally call accept() for incoming connections and spawn one service instance per connection
2010-04-15 08:19:54 +04:00
Add __attribute__((const, pure, format)) in various places I'm assuming that it's fine if a _const_ or _pure_ function calls assert. It is assumed that the assert won't trigger, and even if it does, it can only trigger on the first call with a given set of parameters, and we don't care if the compiler moves the order of calls.
2013-05-03 06:51:50 +04:00
const char* service_restart_to_string(ServiceRestart i) _const_;
ServiceRestart service_restart_from_string(const char *s) _pure_;
greatly extend what we enforce as process properties
2010-01-30 03:55:42 +03:00
Add __attribute__((const, pure, format)) in various places I'm assuming that it's fine if a _const_ or _pure_ function calls assert. It is assumed that the assert won't trigger, and even if it does, it can only trigger on the first call with a given set of parameters, and we don't care if the compiler moves the order of calls.
2013-05-03 06:51:50 +04:00
const char* service_type_to_string(ServiceType i) _const_;
ServiceType service_type_from_string(const char *s) _pure_;
greatly extend what we enforce as process properties
2010-01-30 03:55:42 +03:00
Add __attribute__((const, pure, format)) in various places I'm assuming that it's fine if a _const_ or _pure_ function calls assert. It is assumed that the assert won't trigger, and even if it does, it can only trigger on the first call with a given set of parameters, and we don't care if the compiler moves the order of calls.
2013-05-03 06:51:50 +04:00
const char* service_exec_command_to_string(ServiceExecCommand i) _const_;
ServiceExecCommand service_exec_command_from_string(const char *s) _pure_;
greatly extend what we enforce as process properties
2010-01-30 03:55:42 +03:00
Add __attribute__((const, pure, format)) in various places I'm assuming that it's fine if a _const_ or _pure_ function calls assert. It is assumed that the assert won't trigger, and even if it does, it can only trigger on the first call with a given set of parameters, and we don't care if the compiler moves the order of calls.
2013-05-03 06:51:50 +04:00
const char* notify_access_to_string(NotifyAccess i) _const_;
NotifyAccess notify_access_from_string(const char *s) _pure_;
service: add minimal access control logic for notifcation socket
2010-06-19 01:12:48 +04:00
core: allow informing systemd about service status changes with RELOADING=1 and STOPPING=1 sd_notify() messages
2014-08-21 19:03:15 +04:00
const char* notify_state_to_string(NotifyState i) _const_;
NotifyState notify_state_from_string(const char *s) _pure_;
Add __attribute__((const, pure, format)) in various places I'm assuming that it's fine if a _const_ or _pure_ function calls assert. It is assumed that the assert won't trigger, and even if it does, it can only trigger on the first call with a given set of parameters, and we don't care if the compiler moves the order of calls.
2013-05-03 06:51:50 +04:00
const char* service_result_to_string(ServiceResult i) _const_;
ServiceResult service_result_from_string(const char *s) _pure_;
Copy Permalink