1 /* SPDX-License-Identifier: LGPL-2.1-or-later */
2
3 #include <stdlib.h>
4
5 #include "all-units.h"
6 #include "alloc-util.h"
7 #include "analyze-verify-util.h"
8 #include "bus-error.h"
9 #include "bus-util.h"
10 #include "log.h"
11 #include "manager.h"
12 #include "pager.h"
13 #include "path-util.h"
14 #include "string-table.h"
15 #include "strv.h"
16 #include "unit-name.h"
17 #include "unit-serialize.h"
18
log_syntax_callback(const char * unit,int level,void * userdata)19 static void log_syntax_callback(const char *unit, int level, void *userdata) {
20 Set **s = userdata;
21 int r;
22
23 assert(userdata);
24 assert(unit);
25
26 if (level > LOG_WARNING)
27 return;
28
29 if (*s == POINTER_MAX)
30 return;
31
32 r = set_put_strdup(s, unit);
33 if (r < 0) {
34 set_free_free(*s);
35 *s = POINTER_MAX;
36 }
37 }
38
verify_prepare_filename(const char * filename,char ** ret)39 int verify_prepare_filename(const char *filename, char **ret) {
40 int r;
41 const char *name;
42 _cleanup_free_ char *abspath = NULL;
43 _cleanup_free_ char *dir = NULL;
44 _cleanup_free_ char *with_instance = NULL;
45 char *c;
46
47 assert(filename);
48 assert(ret);
49
50 r = path_make_absolute_cwd(filename, &abspath);
51 if (r < 0)
52 return r;
53
54 name = basename(abspath);
55 if (!unit_name_is_valid(name, UNIT_NAME_ANY))
56 return -EINVAL;
57
58 if (unit_name_is_valid(name, UNIT_NAME_TEMPLATE)) {
59 r = unit_name_replace_instance(name, "i", &with_instance);
60 if (r < 0)
61 return r;
62 }
63
64 dir = dirname_malloc(abspath);
65 if (!dir)
66 return -ENOMEM;
67
68 c = path_join(dir, with_instance ?: name);
69 if (!c)
70 return -ENOMEM;
71
72 *ret = c;
73 return 0;
74 }
75
verify_generate_path(char ** var,char ** filenames)76 int verify_generate_path(char **var, char **filenames) {
77 _cleanup_strv_free_ char **ans = NULL;
78 const char *old;
79 int r;
80
81 STRV_FOREACH(filename, filenames) {
82 char *t;
83
84 t = dirname_malloc(*filename);
85 if (!t)
86 return -ENOMEM;
87
88 r = strv_consume(&ans, t);
89 if (r < 0)
90 return r;
91 }
92
93 assert_se(strv_uniq(ans));
94
95 /* First, prepend our directories. Second, if some path was specified, use that, and
96 * otherwise use the defaults. Any duplicates will be filtered out in path-lookup.c.
97 * Treat explicit empty path to mean that nothing should be appended.
98 */
99 old = getenv("SYSTEMD_UNIT_PATH");
100 if (!streq_ptr(old, "")) {
101 if (!old)
102 old = ":";
103
104 r = strv_extend(&ans, old);
105 if (r < 0)
106 return r;
107 }
108
109 *var = strv_join(ans, ":");
110 if (!*var)
111 return -ENOMEM;
112
113 return 0;
114 }
115
verify_socket(Unit * u)116 static int verify_socket(Unit *u) {
117 Unit *service;
118 int r;
119
120 assert(u);
121
122 if (u->type != UNIT_SOCKET)
123 return 0;
124
125 r = socket_load_service_unit(SOCKET(u), -1, &service);
126 if (r < 0)
127 return log_unit_error_errno(u, r, "service unit for the socket cannot be loaded: %m");
128
129 if (service->load_state != UNIT_LOADED)
130 return log_unit_error_errno(u, SYNTHETIC_ERRNO(ENOENT),
131 "service %s not loaded, socket cannot be started.", service->id);
132
133 log_unit_debug(u, "using service unit %s.", service->id);
134 return 0;
135 }
136
verify_executable(Unit * u,const ExecCommand * exec,const char * root)137 int verify_executable(Unit *u, const ExecCommand *exec, const char *root) {
138 int r;
139
140 if (!exec)
141 return 0;
142
143 if (exec->flags & EXEC_COMMAND_IGNORE_FAILURE)
144 return 0;
145
146 r = find_executable_full(exec->path, root, NULL, false, NULL, NULL);
147 if (r < 0)
148 return log_unit_error_errno(u, r, "Command %s is not executable: %m", exec->path);
149
150 return 0;
151 }
152
verify_executables(Unit * u,const char * root)153 static int verify_executables(Unit *u, const char *root) {
154 ExecCommand *exec;
155 int r = 0, k;
156 unsigned i;
157
158 assert(u);
159
160 exec = u->type == UNIT_SOCKET ? SOCKET(u)->control_command :
161 u->type == UNIT_MOUNT ? MOUNT(u)->control_command :
162 u->type == UNIT_SWAP ? SWAP(u)->control_command : NULL;
163 k = verify_executable(u, exec, root);
164 if (k < 0 && r == 0)
165 r = k;
166
167 if (u->type == UNIT_SERVICE)
168 for (i = 0; i < ELEMENTSOF(SERVICE(u)->exec_command); i++) {
169 k = verify_executable(u, SERVICE(u)->exec_command[i], root);
170 if (k < 0 && r == 0)
171 r = k;
172 }
173
174 if (u->type == UNIT_SOCKET)
175 for (i = 0; i < ELEMENTSOF(SOCKET(u)->exec_command); i++) {
176 k = verify_executable(u, SOCKET(u)->exec_command[i], root);
177 if (k < 0 && r == 0)
178 r = k;
179 }
180
181 return r;
182 }
183
verify_documentation(Unit * u,bool check_man)184 static int verify_documentation(Unit *u, bool check_man) {
185 int r = 0, k;
186
187 STRV_FOREACH(p, u->documentation) {
188 log_unit_debug(u, "Found documentation item: %s", *p);
189
190 if (check_man && startswith(*p, "man:")) {
191 k = show_man_page(*p + 4, true);
192 if (k != 0) {
193 if (k < 0)
194 log_unit_error_errno(u, k, "Can't show %s: %m", *p + 4);
195 else {
196 log_unit_error(u, "Command 'man %s' failed with code %d", *p + 4, k);
197 k = -ENOEXEC;
198 }
199 if (r == 0)
200 r = k;
201 }
202 }
203 }
204
205 /* Check remote URLs? */
206
207 return r;
208 }
209
verify_unit(Unit * u,bool check_man,const char * root)210 static int verify_unit(Unit *u, bool check_man, const char *root) {
211 _cleanup_(sd_bus_error_free) sd_bus_error err = SD_BUS_ERROR_NULL;
212 int r, k;
213
214 assert(u);
215
216 if (DEBUG_LOGGING)
217 unit_dump(u, stdout, "\t");
218
219 log_unit_debug(u, "Creating %s/start job", u->id);
220 r = manager_add_job(u->manager, JOB_START, u, JOB_REPLACE, NULL, &err, NULL);
221 if (r < 0)
222 log_unit_error_errno(u, r, "Failed to create %s/start: %s", u->id, bus_error_message(&err, r));
223
224 k = verify_socket(u);
225 if (k < 0 && r == 0)
226 r = k;
227
228 k = verify_executables(u, root);
229 if (k < 0 && r == 0)
230 r = k;
231
232 k = verify_documentation(u, check_man);
233 if (k < 0 && r == 0)
234 r = k;
235
236 return r;
237 }
238
set_destroy_ignore_pointer_max(Set ** s)239 static void set_destroy_ignore_pointer_max(Set** s) {
240 if (*s == POINTER_MAX)
241 return;
242 set_free_free(*s);
243 }
244
verify_units(char ** filenames,LookupScope scope,bool check_man,bool run_generators,RecursiveErrors recursive_errors,const char * root)245 int verify_units(char **filenames, LookupScope scope, bool check_man, bool run_generators, RecursiveErrors recursive_errors, const char *root) {
246 const ManagerTestRunFlags flags =
247 MANAGER_TEST_RUN_MINIMAL |
248 MANAGER_TEST_RUN_ENV_GENERATORS |
249 (recursive_errors == RECURSIVE_ERRORS_NO) * MANAGER_TEST_RUN_IGNORE_DEPENDENCIES |
250 run_generators * MANAGER_TEST_RUN_GENERATORS;
251
252 _cleanup_(manager_freep) Manager *m = NULL;
253 _cleanup_(set_destroy_ignore_pointer_max) Set *s = NULL;
254 _unused_ _cleanup_(clear_log_syntax_callback) dummy_t dummy;
255 Unit *units[strv_length(filenames)];
256 _cleanup_free_ char *var = NULL;
257 int r, k, i, count = 0;
258
259 if (strv_isempty(filenames))
260 return 0;
261
262 /* Allow systemd-analyze to hook in a callback function so that it can get
263 * all the required log data from the function itself without having to rely
264 * on a global set variable for the same */
265 set_log_syntax_callback(log_syntax_callback, &s);
266
267 /* set the path */
268 r = verify_generate_path(&var, filenames);
269 if (r < 0)
270 return log_error_errno(r, "Failed to generate unit load path: %m");
271
272 assert_se(set_unit_path(var) >= 0);
273
274 r = manager_new(scope, flags, &m);
275 if (r < 0)
276 return log_error_errno(r, "Failed to initialize manager: %m");
277
278 log_debug("Starting manager...");
279
280 r = manager_startup(m, /* serialization= */ NULL, /* fds= */ NULL, root);
281 if (r < 0)
282 return r;
283
284 manager_clear_jobs(m);
285
286 log_debug("Loading remaining units from the command line...");
287
288 STRV_FOREACH(filename, filenames) {
289 _cleanup_free_ char *prepared = NULL;
290
291 log_debug("Handling %s...", *filename);
292
293 k = verify_prepare_filename(*filename, &prepared);
294 if (k < 0) {
295 log_error_errno(k, "Failed to prepare filename %s: %m", *filename);
296 if (r == 0)
297 r = k;
298 continue;
299 }
300
301 k = manager_load_startable_unit_or_warn(m, NULL, prepared, &units[count]);
302 if (k < 0) {
303 if (r == 0)
304 r = k;
305 continue;
306 }
307
308 count++;
309 }
310
311 for (i = 0; i < count; i++) {
312 k = verify_unit(units[i], check_man, root);
313 if (k < 0 && r == 0)
314 r = k;
315 }
316
317 if (s == POINTER_MAX)
318 return log_oom();
319
320 if (set_isempty(s) || r != 0)
321 return r;
322
323 /* If all previous verifications succeeded, then either the recursive parsing of all the
324 * associated dependencies with RECURSIVE_ERRORS_YES or the parsing of the specified unit file
325 * with RECURSIVE_ERRORS_NO must have yielded a syntax warning and hence, a non-empty set. */
326 if (IN_SET(recursive_errors, RECURSIVE_ERRORS_YES, RECURSIVE_ERRORS_NO))
327 return -ENOTRECOVERABLE;
328
329 /* If all previous verifications succeeded, then the non-empty set could have resulted from
330 * a syntax warning encountered during the recursive parsing of the specified unit file and
331 * its direct dependencies. Hence, search for any of the filenames in the set and if found,
332 * return a non-zero process exit status. */
333 if (recursive_errors == RECURSIVE_ERRORS_ONE)
334 STRV_FOREACH(filename, filenames)
335 if (set_contains(s, basename(*filename)))
336 return -ENOTRECOVERABLE;
337
338 return 0;
339 }
340
341 static const char* const recursive_errors_table[_RECURSIVE_ERRORS_MAX] = {
342 [RECURSIVE_ERRORS_NO] = "no",
343 [RECURSIVE_ERRORS_YES] = "yes",
344 [RECURSIVE_ERRORS_ONE] = "one",
345 };
346
347 DEFINE_STRING_TABLE_LOOKUP(recursive_errors, RecursiveErrors);
348