morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-15 00:47:10 +09:00
Code Issues Packages Projects Releases Wiki Activity
Files
9d8f5e22f8157a22a4db50f7429a882197d3ecc8
systemd/src/run/run.c

2489 lines
98 KiB
C
Raw Normal View History

license: LGPL-2.1+ -> LGPL-2.1-or-later
2020-11-09 13:23:58 +09:00
/* SPDX-License-Identifier: LGPL-2.1-or-later */
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
#include <getopt.h>
util: introduce common version() implementation and use it everywhere This also allows us to drop build.h from a ton of files, hence do so. Since we touched the #includes of those files, let's order them properly according to CODING_STYLE.
2015-09-23 03:01:06 +02:00
#include <stdio.h>
headers: remove unneeded includes from util.h This means we need to include many more headers in various files that simply included util.h before, but it seems cleaner to do it this way.
2019-03-27 11:32:41 +01:00
#include <fcntl.h>
#include <sys/stat.h>
#include <sys/types.h>
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
#include "sd-bus.h"
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
#include "sd-event.h"
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
#include "sd-json.h"
util: introduce common version() implementation and use it everywhere This also allows us to drop build.h from a ton of files, hence do so. Since we touched the #includes of those files, let's order them properly according to CODING_STYLE.
2015-09-23 03:01:06 +02:00
util-lib: split out allocation calls into alloc-util.[ch]
2015-10-27 03:01:06 +01:00
#include "alloc-util.h"
basic: move version() to build.h+c
2022-11-06 16:30:58 +01:00
#include "build.h"
util: introduce common version() implementation and use it everywhere This also allows us to drop build.h from a ton of files, hence do so. Since we touched the #includes of those files, let's order them properly according to CODING_STYLE.
2015-09-23 03:01:06 +02:00
#include "bus-error.h"
shared: actually move all BusLocator related calls to bus-locator.c
2020-06-28 15:59:37 +02:00
#include "bus-locator.h"
shared: split out code that maps properties to local structs Just some refactoring, no code changes.
2020-06-28 16:08:37 +02:00
#include "bus-map-properties.h"
shared: move unit-specific code from bus-util.h to bus-unit-util.h Previously we'd have generally useful sd-bus utilities in bust-util.h, intermixed with code that is specifically for writing clients for PID 1, wrapping job and unit handling. Let's split the latter out and move it into bus-unit-util.c, to make the sources a bit short and easier to grok.
2016-04-20 17:43:13 +02:00
#include "bus-unit-util.h"
shared: split out code to wait for jobs to complet into its own source file It's complex enough and quite a few functions. Let's hence split this out. No code change, just some rearranging of source files.
2019-03-06 19:38:45 +01:00
#include "bus-wait-for-jobs.h"
util: introduce common version() implementation and use it everywhere This also allows us to drop build.h from a ton of files, hence do so. Since we touched the #includes of those files, let's order them properly according to CODING_STYLE.
2015-09-23 03:01:06 +02:00
#include "calendarspec.h"
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
#include "capsule-util.h"
#include "chase.h"
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
#include "env-util.h"
run: escape command for description The command arguments may contain spurious characters, e.g. line-break. When we use command arguments as a description of a unit, we should escape them. Fixes #30187.
2023-11-25 01:05:41 +09:00
#include "escape.h"
run: clean up ExecCommandFlags serialization The current behavior is actually OK, since use_ex_prop = !arg_expand_environment, but that's very implicit and using STRV_MAKE() this way feels icky. Let's make this more readable, by using exec_command_flags_to_strv().
2024-07-10 22:27:21 +02:00
#include "exec-util.h"
run: propagate return code/status from the child Fixes #13756. We were returning things that didn't make much sense: we would always use the exit_code value as the exit code. But it sometimes contains a exit code from the process, and sometimes the number of a signal that was used to kill the process. We would also ignore SuccessExitStatus= and in general whether systemd thinks the service exited successfully (hence the issue in #13756, where systemd would return success/SIGTERM, but we'd just look at the SIGTERM part.) If we are doing --wait, let's always propagate the exit code/status from the child. While at it, make the documentation useful.
2019-10-29 18:07:07 +01:00
#include "exit-status.h"
util-lib: split out fd-related operations into fd-util.[ch] There are more than enough to deserve their own .c file, hence move them over.
2015-10-25 13:14:12 +01:00
#include "fd-util.h"
Rename formats-util.h to format-util.h We don't have plural in the name of any other -util files and this inconsistency trips me up every time I try to type this file name from memory. "formats-util" is even hard to pronounce.
2016-11-07 10:14:59 -05:00
#include "format-util.h"
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
#include "fs-util.h"
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
#include "hostname-util.h"
run: port to DEFINE_MAIN_FUNCTION()
2018-11-22 19:30:03 +01:00
#include "main-func.h"
Move and rename parse_path_argument() function This fits better in shared/, and the new parse-argument.c file is a good home for it.
2021-02-14 11:39:48 +01:00
#include "parse-argument.h"
tree-wide: sort includes Sort the includes accoding to the new coding style.
2015-11-16 22:09:36 +01:00
#include "parse-util.h"
Fix two compiler warnings
2013-09-09 17:31:10 -04:00
#include "path-util.h"
Rename spawn-polkit-agent.c to just polkit-agent.c The functions in the file were *not* using the spawn prefix, and the prefix seems completely unnecessary.
2024-06-26 12:07:36 +02:00
#include "polkit-agent.h"
Split out pretty-print.c and move pager.c and main-func.h to shared/ This is high-level functionality, and fits better in shared/ (which is for our executables), than in basic/ (which is also for libraries).
2018-11-20 15:42:57 +01:00
#include "pretty-print.h"
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
#include "process-util.h"
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
#include "ptyfwd.h"
util: split out signal-util.[ch] from util.[ch] No functional changes.
2015-05-29 20:14:11 +02:00
#include "signal-util.h"
run: use SPECIAL_USER_SLICE
2024-01-04 15:22:54 +01:00
#include "special.h"
util: introduce common version() implementation and use it everywhere This also allows us to drop build.h from a ton of files, hence do so. Since we touched the #includes of those files, let's order them properly according to CODING_STYLE.
2015-09-23 03:01:06 +02:00
#include "strv.h"
basic: move two more terminal-related calls into terminal-util.[ch]
2015-10-07 22:45:48 +02:00
#include "terminal-util.h"
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
#include "uid-classification.h"
bus-unit-util: add socket unit related options Also, split bus_append_unit_property_assignment().
2017-12-23 16:59:56 +09:00
#include "unit-def.h"
util: introduce common version() implementation and use it everywhere This also allows us to drop build.h from a ton of files, hence do so. Since we touched the #includes of those files, let's order them properly according to CODING_STYLE.
2015-09-23 03:01:06 +02:00
#include "unit-name.h"
util-lib: split out user/group/uid/gid calls into user-util.[ch]
2015-10-25 22:32:30 +01:00
#include "user-util.h"
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: enable interactive authorization
2015-09-01 16:43:08 +00:00
static bool arg_ask_password = true;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
static bool arg_scope = false;
core: allow setting RemainAfterExit= for transient services
2013-07-26 16:09:25 +02:00
static bool arg_remain_after_exit = false;
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
static bool arg_no_block = false;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
static bool arg_wait = false;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
static const char *arg_unit = NULL;
run: fix bad escaping and memory ownership confusion arg_description was either set to arg_unit (i.e. a const char*), or to char *description, the result of allocation in run(). But description was decorated with _cleanup_, so it would be freed when going out of the function. Nothing bad would happen, because the program would exit after exiting from run(), but this is just all too messy. Also, strv_join(" ") + shell_escape() is not a good way to escape command lines. In particular, one the join has happened, we cannot distinguish empty arguments, or arguments with whitespace, etc. We have a helper function to do the escaping properly, so let's use that. Fixup for 2c29813da3421b77eca5e5cdc3b9a863cad473b9.
2023-11-29 14:13:33 +01:00
static char *arg_description = NULL;
core: add support to run transient units in arbitrary slices
2013-07-01 03:02:42 +02:00
static const char *arg_slice = NULL;
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
static bool arg_slice_inherit = false;
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
static int arg_expand_environment = -1;
core: open up SendSIGHUP property for transient units
2013-07-30 02:28:22 +02:00
static bool arg_send_sighup = false;
run: add support for executing commands remotely via SSH or in a container Also, unify the transport logic a bit, since we reuse the same scheme in many of our client tools.
2013-10-30 16:44:55 +01:00
static BusTransport arg_transport = BUS_TRANSPORT_LOCAL;
systemd-run: add some extra safety checks
2014-03-05 03:38:36 +01:00
static const char *arg_host = NULL;
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
static RuntimeScope arg_runtime_scope = RUNTIME_SCOPE_SYSTEM;
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
static const char *arg_service_type = NULL;
static const char *arg_exec_user = NULL;
static const char *arg_exec_group = NULL;
static int arg_nice = 0;
static bool arg_nice_set = false;
static char **arg_environment = NULL;
systemd-run: add new --property= switch that can set arbitrary properties for the unit that is created The code for parsing these properties is shared with "systemctl set-property", which means all the resource control settings are immediately available.
2014-03-05 03:36:22 +01:00
static char **arg_property = NULL;
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
static enum {
ARG_STDIO_NONE, /* The default, as it is for normal services, stdin connected to /dev/null, and stdout+stderr to the journal */
ARG_STDIO_PTY, /* Interactive behaviour, requested by --pty: we allocate a pty and connect it to the TTY we are invoked from */
ARG_STDIO_DIRECT, /* Directly pass our stdin/stdout/stderr to the activated service, useful for usage in shell pipelines, requested by --pipe */
ARG_STDIO_AUTO, /* If --pipe and --pty are used together we use --pty when invoked on a TTY, and --pipe otherwise */
} arg_stdio = ARG_STDIO_NONE;
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
static char **arg_path_property = NULL;
static char **arg_socket_property = NULL;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
static char **arg_timer_property = NULL;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
static bool arg_with_timer = false;
systemd-run: add --quiet mode to suppress informational message on TTY usage
2014-12-22 20:39:10 +01:00
static bool arg_quiet = false;
run: add "-G" as shortcut for "--property=CollectMode=inactive-or-failed" This option is likely to be very useful for systemd-run invocations, hence let's add a shortcut for it. With this new concepts it's now very easy to put together systemd-run invocations that leave zero artifacts in the system, including when they fail.
2017-11-13 17:17:53 +01:00
static bool arg_aggressive_gc = false;
run: add a switch for specifiying the working directory of a service I find myself testing service management quite often with "systemd-run -t /bin/bash". For that it is handy if the invoked shell would use the working directory I am currently in. Hence introduce a shorthand for that: $ systemd-run -dt /bin/bash This will automatically insert a WorkingDirectory= property into the transient service, pointing to the working directory of the caller.
2018-11-22 12:07:25 +01:00
static char *arg_working_directory = NULL;
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
static bool arg_shell = false;
static char **arg_cmdline = NULL;
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
static char *arg_exec_path = NULL;
run: optionally set the "ignore-failure" flag for ExecStart= lines
2023-12-19 21:39:50 +01:00
static bool arg_ignore_failure = false;
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
static char *arg_background = NULL;
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
static sd_json_format_flags_t arg_json_format_flags = SD_JSON_FORMAT_OFF;
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: fix bad escaping and memory ownership confusion arg_description was either set to arg_unit (i.e. a const char*), or to char *description, the result of allocation in run(). But description was decorated with _cleanup_, so it would be freed when going out of the function. Nothing bad would happen, because the program would exit after exiting from run(), but this is just all too messy. Also, strv_join(" ") + shell_escape() is not a good way to escape command lines. In particular, one the join has happened, we cannot distinguish empty arguments, or arguments with whitespace, etc. We have a helper function to do the escaping properly, so let's use that. Fixup for 2c29813da3421b77eca5e5cdc3b9a863cad473b9.
2023-11-29 14:13:33 +01:00
STATIC_DESTRUCTOR_REGISTER(arg_description, freep);
run: port to static destructors
2018-11-22 19:34:15 +01:00
STATIC_DESTRUCTOR_REGISTER(arg_environment, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_property, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_path_property, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_socket_property, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_timer_property, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_working_directory, freep);
STATIC_DESTRUCTOR_REGISTER(arg_cmdline, strv_freep);
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
STATIC_DESTRUCTOR_REGISTER(arg_exec_path, freep);
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
STATIC_DESTRUCTOR_REGISTER(arg_background, freep);
run: port to static destructors
2018-11-22 19:34:15 +01:00
tree-wide: add clickable man page link to all --help texts This is a bit like the info link in most of GNU's --help texts, but we don't do info but man pages, and we make them properly clickable on terminal supporting that, because awesome. I think it's generally advisable to link up our (brief) --help texts and our (more comprehensive) man pages a bit, so this should be an easy and straight-forward way to do it.
2018-08-09 10:32:31 +02:00
static int help(void) {
_cleanup_free_ char *link = NULL;
int r;
r = terminal_urlify_man("systemd-run", "1", &link);
if (r < 0)
return log_oom();
run: underline section titles in --help as we usually do
2023-12-19 19:09:59 +01:00
printf("%1$s [OPTIONS...] COMMAND [ARGUMENTS...]\n"
"\n%5$sRun the specified command in a transient scope or service.%6$s\n\n"
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
" -h --help Show this help\n"
" --version Show package version\n"
run: enable interactive authorization
2015-09-01 16:43:08 +00:00
" --no-ask-password Do not prompt for password\n"
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
" --user Run as user unit\n"
" -H --host=[USER@]HOST Operate on remote host\n"
" -M --machine=CONTAINER Operate on local container\n"
" --scope Run this as scope rather than service\n"
run: add -u as a synonym for --unit Other tools that do have --unit= option (journalctl and systemd-cgls) already do this, so let's be consistent.
2019-10-23 09:13:15 +02:00
" -u --unit=UNIT Run under the specified unit name\n"
run: various minor improvements Let's improve the --help text a bit, and other changes.
2016-08-06 00:30:12 +02:00
" -p --property=NAME=VALUE Set service or scope unit property\n"
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
" --description=TEXT Description for unit\n"
" --slice=SLICE Run in the specified slice\n"
man: try to improve wording on --slice-inherit docs
2023-12-20 15:01:52 +01:00
" --slice-inherit Inherit the slice from the caller\n"
run: expand variables also with --scope This makes syntax be the same for commands which are started by the manager and those which are spawned directly (when --scope is used). Before: $ systemd-run -q -t echo '$TERM' xterm-256color $ systemd-run -q --scope echo '$TERM' $TERM Now: $ systemd-run -q --scope echo '$TERM' xterm-256color Previous behaviour can be restored via --expand-environment=no: $ systemd-run -q --scope --expand-environment=no echo '$TERM' $TERM Fixes #22948. At some level, this is a compat break. Fortunately --scope is not very widely used, so I think we can get away with this. Having different syntax depending on whether --scope was used or not was bad UX. A NEWS entry will be required.
2023-04-04 21:18:33 +02:00
" --expand-environment=BOOL Control expansion of environment variables\n"
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
" --no-block Do not wait until operation finished\n"
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
" -r --remain-after-exit Leave service around until explicitly stopped\n"
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
" --wait Wait until service stopped again\n"
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
" --send-sighup Send SIGHUP when terminating\n"
" --service-type=TYPE Service type\n"
" --uid=USER Run as system user\n"
" --gid=GROUP Run as system group\n"
" --nice=NICE Nice level\n"
run: add a switch for specifiying the working directory of a service I find myself testing service management quite often with "systemd-run -t /bin/bash". For that it is handy if the invoked shell would use the working directory I am currently in. Hence introduce a shorthand for that: $ systemd-run -dt /bin/bash This will automatically insert a WorkingDirectory= property into the transient service, pointing to the working directory of the caller.
2018-11-22 12:07:25 +01:00
" --working-directory=PATH Set working directory\n"
" -d --same-dir Inherit working directory from caller\n"
run: allow --setenv=FOO
2021-08-10 17:25:47 +02:00
" -E --setenv=NAME[=VALUE] Set environment variable\n"
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
" -t --pty Run service on pseudo TTY as STDIN/STDOUT/\n"
" STDERR\n"
" -P --pipe Pass STDIN/STDOUT/STDERR directly to service\n"
run: add "-G" as shortcut for "--property=CollectMode=inactive-or-failed" This option is likely to be very useful for systemd-run invocations, hence let's add a shortcut for it. With this new concepts it's now very easy to put together systemd-run invocations that leave zero artifacts in the system, including when they fail.
2017-11-13 17:17:53 +01:00
" -q --quiet Suppress information messages during runtime\n"
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
" --json=pretty|short|off Print unit name and invocation id as JSON\n"
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
" -G --collect Unload unit after it ran, even when failed\n"
run: underline section titles in --help as we usually do
2023-12-19 19:09:59 +01:00
" -S --shell Invoke a $SHELL interactively\n"
run: optionally set the "ignore-failure" flag for ExecStart= lines
2023-12-19 21:39:50 +01:00
" --ignore-failure Ignore the exit status of the invoked process\n"
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
" --background=COLOR Set ANSI color for background\n"
run: underline section titles in --help as we usually do
2023-12-19 19:09:59 +01:00
"\n%3$sPath options:%4$s\n"
" --path-property=NAME=VALUE Set path unit property\n"
"\n%3$sSocket options:%4$s\n"
" --socket-property=NAME=VALUE Set socket unit property\n"
"\n%3$sTimer options:%4$s\n"
notify,firstboot,analyze,run: trim --help output to 80 lines
2015-01-27 21:22:57 -05:00
" --on-active=SECONDS Run after SECONDS delay\n"
" --on-boot=SECONDS Run SECONDS after machine was booted up\n"
" --on-startup=SECONDS Run SECONDS after systemd activation\n"
" --on-unit-active=SECONDS Run SECONDS after the last activation\n"
" --on-unit-inactive=SECONDS Run SECONDS after the last deactivation\n"
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
" --on-calendar=SPEC Realtime timer\n"
core: optionally, trigger .timer units on timezone and clock changes Fixes: #6228
2019-03-14 21:36:47 +01:00
" --on-timezone-change Run when the timezone changes\n"
" --on-clock-change Run when the realtime clock jumps\n"
run: various minor improvements Let's improve the --help text a bit, and other changes.
2016-08-06 00:30:12 +02:00
" --timer-property=NAME=VALUE Set timer unit property\n"
run: underline section titles in --help as we usually do
2023-12-19 19:09:59 +01:00
"\nSee the %2$s for details.\n",
tree-wide: Drop custom formatting for print() help messages I think this formatting was originally used because it simplified adding new options to the help messages. However, these days, most tools their help message end with "\nSee the %s for details.\n" so the final line almost never has to be edited which eliminates the benefit of the custom formatting used for printf() help messages. Let's make things more consistent and use the same formatting for printf() help messages that we use everywhere else. Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
2021-01-30 14:13:04 +00:00
program_invocation_short_name,
run: underline section titles in --help as we usually do
2023-12-19 19:09:59 +01:00
link,
ansi_underline(), ansi_normal(),
ansi_highlight(), ansi_normal());
tree-wide: add clickable man page link to all --help texts This is a bit like the info link in most of GNU's --help texts, but we don't do info but man pages, and we make them properly clickable on terminal supporting that, because awesome. I think it's generally advisable to link up our (brief) --help texts and our (more comprehensive) man pages a bit, so this should be an easy and straight-forward way to do it.
2018-08-09 10:32:31 +02:00
return 0;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
}
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
static int help_sudo_mode(void) {
_cleanup_free_ char *link = NULL;
int r;
Rename uid0 to run0 Naming is always a matter of preference, and the old name would certainly work, but I think the new one has the following advantages: - A verb is better than a noun. - The name more similar to "the competition", i.e. 'sudo', 'pkexec', 'runas', 'doas', which generally include an action verb. - The connection between 'systemd-run' and 'run0' is more obvious. There has been no release yet with the old name, so we can rename without caring for backwards compatibility.
2024-03-19 11:14:55 +01:00
r = terminal_urlify_man("run0", "1", &link);
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
if (r < 0)
return log_oom();
run0: add options to force allocation of PTY or of pipe use Fixes: #33033
2024-10-24 23:27:59 +02:00
/* NB: Let's not go overboard with short options: we try to keep a modicum of compatibility with
* sudo's short switches, hence please do not introduce new short switches unless they have a roughly
* equivalent purpose on sudo. Use long options for everything private to run0. */
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
printf("%s [OPTIONS...] COMMAND [ARGUMENTS...]\n"
"\n%sElevate privileges interactively.%s\n\n"
" -h --help Show this help\n"
" -V --version Show package version\n"
" --no-ask-password Do not prompt for password\n"
" --machine=CONTAINER Operate on local container\n"
" --unit=UNIT Run under the specified unit name\n"
" --property=NAME=VALUE Set service or scope unit property\n"
" --description=TEXT Description for unit\n"
" --slice=SLICE Run in the specified slice\n"
" --slice-inherit Inherit the slice\n"
" -u --user=USER Run as system user\n"
" -g --group=GROUP Run as system group\n"
" --nice=NICE Nice level\n"
" -D --chdir=PATH Set working directory\n"
" --setenv=NAME[=VALUE] Set environment variable\n"
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
" --background=COLOR Set ANSI color for background\n"
run0: add options to force allocation of PTY or of pipe use Fixes: #33033
2024-10-24 23:27:59 +02:00
" --pty Request allocation of a pseudo TTY for stdio\n"
" --pipe Request direct pipe for stdio\n"
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
"\nSee the %s for details.\n",
program_invocation_short_name,
ansi_highlight(),
ansi_normal(),
link);
return 0;
}
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
static bool privileged_execution(void) {
if (arg_runtime_scope != RUNTIME_SCOPE_SYSTEM)
return false;
return !arg_exec_user || STR_IN_SET(arg_exec_user, "root", "0");
}
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
static int add_timer_property(const char *name, const char *val) {
run: double free Introduced in f2b9f2c83e5b4035b22eb2f610531fce275bf55f. CID #1384218.
2018-01-04 11:12:57 +01:00
char *p;
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
assert(name);
assert(val);
p = strjoin(name, "=", val);
if (!p)
return log_oom();
if (strv_consume(&arg_timer_property, p) < 0)
return log_oom();
return 0;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
}
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
static char **make_login_shell_cmdline(const char *shell) {
_cleanup_free_ char *argv0 = NULL;
assert(shell);
argv0 = strjoin("-", shell); /* The - is how shells determine if they shall be consider login shells */
if (!argv0)
return NULL;
return strv_new(argv0);
}
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
static int parse_argv(int argc, char *argv[]) {
enum {
ARG_VERSION = 0x100,
ARG_USER,
run: support --system to match other commands, even if redundant
2013-11-06 17:31:20 +01:00
ARG_SYSTEM,
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
ARG_SCOPE,
core: add support to run transient units in arbitrary slices
2013-07-01 03:02:42 +02:00
ARG_DESCRIPTION,
core: open up SendSIGHUP property for transient units
2013-07-30 02:28:22 +02:00
ARG_SLICE,
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
ARG_SLICE_INHERIT,
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
ARG_EXPAND_ENVIRONMENT,
core: open up SendSIGHUP property for transient units
2013-07-30 02:28:22 +02:00
ARG_SEND_SIGHUP,
run: change --tty option to --pty as documented Keep the previous option name as hidden, for compatibility. Fixes #3054.
2016-04-17 20:46:00 -04:00
ARG_SERVICE_TYPE,
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
ARG_EXEC_USER,
ARG_EXEC_GROUP,
ARG_NICE,
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
ARG_ON_ACTIVE,
ARG_ON_BOOT,
ARG_ON_STARTUP,
ARG_ON_UNIT_ACTIVE,
ARG_ON_UNIT_INACTIVE,
ARG_ON_CALENDAR,
core: optionally, trigger .timer units on timezone and clock changes Fixes: #6228
2019-03-14 21:36:47 +01:00
ARG_ON_TIMEZONE_CHANGE,
ARG_ON_CLOCK_CHANGE,
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
ARG_TIMER_PROPERTY,
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
ARG_PATH_PROPERTY,
ARG_SOCKET_PROPERTY,
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
ARG_NO_BLOCK,
run: change --tty option to --pty as documented Keep the previous option name as hidden, for compatibility. Fixes #3054.
2016-04-17 20:46:00 -04:00
ARG_NO_ASK_PASSWORD,
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
ARG_WAIT,
run: add a switch for specifiying the working directory of a service I find myself testing service management quite often with "systemd-run -t /bin/bash". For that it is handy if the invoked shell would use the working directory I am currently in. Hence introduce a shorthand for that: $ systemd-run -dt /bin/bash This will automatically insert a WorkingDirectory= property into the transient service, pointing to the working directory of the caller.
2018-11-22 12:07:25 +01:00
ARG_WORKING_DIRECTORY,
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
ARG_SHELL,
run: optionally set the "ignore-failure" flag for ExecStart= lines
2023-12-19 21:39:50 +01:00
ARG_IGNORE_FAILURE,
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
ARG_BACKGROUND,
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
ARG_JSON,
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
};
static const struct option options[] = {
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "user", no_argument, NULL, ARG_USER },
{ "system", no_argument, NULL, ARG_SYSTEM },
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
{ "capsule", required_argument, NULL, 'C' },
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
{ "scope", no_argument, NULL, ARG_SCOPE },
{ "unit", required_argument, NULL, 'u' },
{ "description", required_argument, NULL, ARG_DESCRIPTION },
{ "slice", required_argument, NULL, ARG_SLICE },
{ "slice-inherit", no_argument, NULL, ARG_SLICE_INHERIT },
{ "remain-after-exit", no_argument, NULL, 'r' },
{ "expand-environment", required_argument, NULL, ARG_EXPAND_ENVIRONMENT },
{ "send-sighup", no_argument, NULL, ARG_SEND_SIGHUP },
{ "host", required_argument, NULL, 'H' },
{ "machine", required_argument, NULL, 'M' },
{ "service-type", required_argument, NULL, ARG_SERVICE_TYPE },
{ "wait", no_argument, NULL, ARG_WAIT },
{ "uid", required_argument, NULL, ARG_EXEC_USER },
{ "gid", required_argument, NULL, ARG_EXEC_GROUP },
{ "nice", required_argument, NULL, ARG_NICE },
{ "setenv", required_argument, NULL, 'E' },
{ "property", required_argument, NULL, 'p' },
{ "tty", no_argument, NULL, 't' }, /* deprecated alias */
{ "pty", no_argument, NULL, 't' },
{ "pipe", no_argument, NULL, 'P' },
{ "quiet", no_argument, NULL, 'q' },
{ "on-active", required_argument, NULL, ARG_ON_ACTIVE },
{ "on-boot", required_argument, NULL, ARG_ON_BOOT },
{ "on-startup", required_argument, NULL, ARG_ON_STARTUP },
{ "on-unit-active", required_argument, NULL, ARG_ON_UNIT_ACTIVE },
{ "on-unit-inactive", required_argument, NULL, ARG_ON_UNIT_INACTIVE },
{ "on-calendar", required_argument, NULL, ARG_ON_CALENDAR },
{ "on-timezone-change", no_argument, NULL, ARG_ON_TIMEZONE_CHANGE },
{ "on-clock-change", no_argument, NULL, ARG_ON_CLOCK_CHANGE },
{ "timer-property", required_argument, NULL, ARG_TIMER_PROPERTY },
{ "path-property", required_argument, NULL, ARG_PATH_PROPERTY },
{ "socket-property", required_argument, NULL, ARG_SOCKET_PROPERTY },
{ "no-block", no_argument, NULL, ARG_NO_BLOCK },
{ "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
{ "collect", no_argument, NULL, 'G' },
{ "working-directory", required_argument, NULL, ARG_WORKING_DIRECTORY },
{ "same-dir", no_argument, NULL, 'd' },
{ "shell", no_argument, NULL, 'S' },
run: optionally set the "ignore-failure" flag for ExecStart= lines
2023-12-19 21:39:50 +01:00
{ "ignore-failure", no_argument, NULL, ARG_IGNORE_FAILURE },
run: the --background= switch expects an argument We got this right when running as "uid0", but wrong when invoked under "systemd-run". Let's fix that.
2024-01-19 23:41:24 +01:00
{ "background", required_argument, NULL, ARG_BACKGROUND },
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
{ "json", required_argument, NULL, ARG_JSON },
clients: unify how we invoke getopt_long() Among other things this makes sure we always expose a --version command and show it in the help texts.
2013-11-06 18:28:39 +01:00
{},
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
};
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
bool with_trigger = false;
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
int r, c;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
assert(argc >= 0);
assert(argv);
tree-wide: reset optind to 0 when GNU extensions in optstring are used Otherwise, if getopt() and friends are used before parse_argv(), then the GNU extensions may be ignored. This should not change any behavior at least now, as we usually use getopt_long() only once per invocation. But in the next commit, getopt_long() will be used for other arrays, hence this change will become necessary.
2023-03-21 10:05:33 +09:00
/* Resetting to 0 forces the invocation of an internal initialization routine of getopt_long()
* that checks for GNU extensions in optstring ('-' or '+' at the beginning). */
optind = 0;
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
while ((c = getopt_long(argc, argv, "+hrC:H:M:E:p:tPqGdSu:", options, NULL)) >= 0)
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
switch (c) {
case 'h':
tree-wide: add clickable man page link to all --help texts This is a bit like the info link in most of GNU's --help texts, but we don't do info but man pages, and we make them properly clickable on terminal supporting that, because awesome. I think it's generally advisable to link up our (brief) --help texts and our (more comprehensive) man pages a bit, so this should be an easy and straight-forward way to do it.
2018-08-09 10:32:31 +02:00
return help();
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
run: various minor improvements Let's improve the --help text a bit, and other changes.
2016-08-06 00:30:12 +02:00
case ARG_VERSION:
return version();
run: enable interactive authorization
2015-09-01 16:43:08 +00:00
case ARG_NO_ASK_PASSWORD:
arg_ask_password = false;
break;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
case ARG_USER:
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
arg_runtime_scope = RUNTIME_SCOPE_USER;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
break;
run: support --system to match other commands, even if redundant
2013-11-06 17:31:20 +01:00
case ARG_SYSTEM:
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
arg_runtime_scope = RUNTIME_SCOPE_SYSTEM;
run: support --system to match other commands, even if redundant
2013-11-06 17:31:20 +01:00
break;
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
case 'C':
r = capsule_name_is_valid(optarg);
if (r < 0)
return log_error_errno(r, "Unable to validate capsule name '%s': %m", optarg);
if (r == 0)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Invalid capsule name: %s", optarg);
arg_host = optarg;
arg_transport = BUS_TRANSPORT_CAPSULE;
arg_runtime_scope = RUNTIME_SCOPE_USER;
break;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
case ARG_SCOPE:
arg_scope = true;
break;
run: add -u as a synonym for --unit Other tools that do have --unit= option (journalctl and systemd-cgls) already do this, so let's be consistent.
2019-10-23 09:13:15 +02:00
case 'u':
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
arg_unit = optarg;
break;
core: allow setting of the description string for transient units
2013-07-01 00:40:56 +02:00
case ARG_DESCRIPTION:
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
r = free_and_strdup_warn(&arg_description, optarg);
run: fix bad escaping and memory ownership confusion arg_description was either set to arg_unit (i.e. a const char*), or to char *description, the result of allocation in run(). But description was decorated with _cleanup_, so it would be freed when going out of the function. Nothing bad would happen, because the program would exit after exiting from run(), but this is just all too messy. Also, strv_join(" ") + shell_escape() is not a good way to escape command lines. In particular, one the join has happened, we cannot distinguish empty arguments, or arguments with whitespace, etc. We have a helper function to do the escaping properly, so let's use that. Fixup for 2c29813da3421b77eca5e5cdc3b9a863cad473b9.
2023-11-29 14:13:33 +01:00
if (r < 0)
return r;
core: allow setting of the description string for transient units
2013-07-01 00:40:56 +02:00
break;
core: add support to run transient units in arbitrary slices
2013-07-01 03:02:42 +02:00
case ARG_SLICE:
arg_slice = optarg;
break;
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
case ARG_SLICE_INHERIT:
arg_slice_inherit = true;
break;
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
case ARG_EXPAND_ENVIRONMENT: {
bool b;
r = parse_boolean_argument("--expand-environment=", optarg, &b);
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
if (r < 0)
return r;
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
arg_expand_environment = b;
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
break;
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
}
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
core: open up SendSIGHUP property for transient units
2013-07-30 02:28:22 +02:00
case ARG_SEND_SIGHUP:
arg_send_sighup = true;
break;
core: allow setting RemainAfterExit= for transient services
2013-07-26 16:09:25 +02:00
case 'r':
arg_remain_after_exit = true;
break;
run: add support for executing commands remotely via SSH or in a container Also, unify the transport logic a bit, since we reuse the same scheme in many of our client tools.
2013-10-30 16:44:55 +01:00
case 'H':
arg_transport = BUS_TRANSPORT_REMOTE;
arg_host = optarg;
break;
case 'M':
sd-bus: rename sd_bus_open_system_container() to sd_bus_open_system_machine() Pretty much everywhere else we use the generic term "machine" when referring to containers in API, so let's do though in sd-bus too. In particular, since the concept of a "container" exists in sd-bus too, but as part of the marshalling system.
2014-12-23 23:38:13 +01:00
arg_transport = BUS_TRANSPORT_MACHINE;
run: add support for executing commands remotely via SSH or in a container Also, unify the transport logic a bit, since we reuse the same scheme in many of our client tools.
2013-10-30 16:44:55 +01:00
arg_host = optarg;
break;
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
case ARG_SERVICE_TYPE:
arg_service_type = optarg;
break;
case ARG_EXEC_USER:
arg_exec_user = optarg;
break;
case ARG_EXEC_GROUP:
arg_exec_group = optarg;
break;
case ARG_NICE:
util-lib: unify parsing of nice level values This adds parse_nice() that parses a nice level and ensures it is in the right range, via a new nice_is_valid() helper. It then ports over a number of users to this. No functional changes.
2016-08-05 11:17:08 +02:00
r = parse_nice(optarg, &arg_nice);
if (r < 0)
return log_error_errno(r, "Failed to parse nice value: %s", optarg);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
arg_nice_set = true;
break;
run: add -E as alias for --setenv
2016-04-20 08:38:01 -04:00
case 'E':
run: allow --setenv=FOO
2021-08-10 17:25:47 +02:00
r = strv_env_replace_strdup_passthrough(&arg_environment, optarg);
if (r < 0)
return log_error_errno(r, "Cannot assign environment variable %s: %m", optarg);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
break;
systemd-run: add new --property= switch that can set arbitrary properties for the unit that is created The code for parsing these properties is shared with "systemctl set-property", which means all the resource control settings are immediately available.
2014-03-05 03:36:22 +01:00
case 'p':
if (strv_extend(&arg_property, optarg) < 0)
return log_oom();
break;
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
case 't': /* --pty */
if (IN_SET(arg_stdio, ARG_STDIO_DIRECT, ARG_STDIO_AUTO)) /* if --pipe is already used, upgrade to auto mode */
arg_stdio = ARG_STDIO_AUTO;
else
arg_stdio = ARG_STDIO_PTY;
break;
case 'P': /* --pipe */
if (IN_SET(arg_stdio, ARG_STDIO_PTY, ARG_STDIO_AUTO)) /* If --pty is already used, upgrade to auto mode */
arg_stdio = ARG_STDIO_AUTO;
else
arg_stdio = ARG_STDIO_DIRECT;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
break;
systemd-run: add --quiet mode to suppress informational message on TTY usage
2014-12-22 20:39:10 +01:00
case 'q':
arg_quiet = true;
break;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
case ARG_ON_ACTIVE:
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
r = add_timer_property("OnActiveSec", optarg);
if (r < 0)
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return r;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = true;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
case ARG_ON_BOOT:
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
r = add_timer_property("OnBootSec", optarg);
if (r < 0)
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return r;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = true;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
case ARG_ON_STARTUP:
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
r = add_timer_property("OnStartupSec", optarg);
if (r < 0)
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return r;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = true;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
case ARG_ON_UNIT_ACTIVE:
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
r = add_timer_property("OnUnitActiveSec", optarg);
if (r < 0)
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return r;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = true;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
case ARG_ON_UNIT_INACTIVE:
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
r = add_timer_property("OnUnitInactiveSec", optarg);
if (r < 0)
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return r;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = true;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
run: check if the specified calendar event is not in the past Check if calendar event specification passed by --on-calendar runs in some time in the future. If not, execute the given command immediately
2019-04-12 20:57:51 +02:00
case ARG_ON_CALENDAR: {
_cleanup_(calendar_spec_freep) CalendarSpec *cs = NULL;
r = calendar_spec_from_string(optarg, &cs);
if (r < 0)
run: when we determine a timer cannot elapse anymore, really just warn, nothing else When we determine that a calendar expression cannot elapse anymore, print a warning but proceed regardless like we normally would. Quite possibly a remote system has a different understanding of time (timezone, system clock) than we have, hence we really shouldn't change behaviour here client side, but log at best, and then leave the decision what to do to the server side. Follow-up for #12299
2019-04-25 13:22:55 +02:00
return log_error_errno(r, "Failed to parse calendar event specification: %m");
run: move comment to appropriate place
2019-07-16 12:22:37 +02:00
/* Let's make sure the given calendar event is not in the past */
run: when we determine a timer cannot elapse anymore, really just warn, nothing else When we determine that a calendar expression cannot elapse anymore, print a warning but proceed regardless like we normally would. Quite possibly a remote system has a different understanding of time (timezone, system clock) than we have, hence we really shouldn't change behaviour here client side, but log at best, and then leave the decision what to do to the server side. Follow-up for #12299
2019-04-25 13:22:55 +02:00
r = calendar_spec_next_usec(cs, now(CLOCK_REALTIME), NULL);
if (r == -ENOENT)
run: reword a comment Use unicode m-dash and remove the part about discoverability, since it's just a warning on the terminal.
2019-04-26 08:46:01 +02:00
/* The calendar event is in the past — let's warn about this, but install it
* anyway as is. The service manager will trigger the service right away.
* Moreover, the server side might have a different clock or timezone than we
* do, hence it should decide when or whether to run something. */
run: when we determine a timer cannot elapse anymore, really just warn, nothing else When we determine that a calendar expression cannot elapse anymore, print a warning but proceed regardless like we normally would. Quite possibly a remote system has a different understanding of time (timezone, system clock) than we have, hence we really shouldn't change behaviour here client side, but log at best, and then leave the decision what to do to the server side. Follow-up for #12299
2019-04-25 13:22:55 +02:00
log_warning("Specified calendar expression is in the past, proceeding anyway.");
else if (r < 0)
return log_error_errno(r, "Failed to calculate next time calendar expression elapses: %m");
run: check if the specified calendar event is not in the past Check if calendar event specification passed by --on-calendar runs in some time in the future. If not, execute the given command immediately
2019-04-12 20:57:51 +02:00
run: allow to specify multiple timer options
2017-12-11 21:21:10 +09:00
r = add_timer_property("OnCalendar", optarg);
if (r < 0)
core: optionally, trigger .timer units on timezone and clock changes Fixes: #6228
2019-03-14 21:36:47 +01:00
return r;
arg_with_timer = true;
break;
run: check if the specified calendar event is not in the past Check if calendar event specification passed by --on-calendar runs in some time in the future. If not, execute the given command immediately
2019-04-12 20:57:51 +02:00
}
core: optionally, trigger .timer units on timezone and clock changes Fixes: #6228
2019-03-14 21:36:47 +01:00
case ARG_ON_TIMEZONE_CHANGE:
r = add_timer_property("OnTimezoneChange", "yes");
if (r < 0)
return r;
arg_with_timer = true;
break;
case ARG_ON_CLOCK_CHANGE:
r = add_timer_property("OnClockChange", "yes");
if (r < 0)
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return r;
run: various modernizations and smaller fixes Including a fix for properly freeing a calendarspec object after use.
2015-10-08 15:01:42 +02:00
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = true;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
case ARG_TIMER_PROPERTY:
if (strv_extend(&arg_timer_property, optarg) < 0)
return log_oom();
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
arg_with_timer = arg_with_timer ||
tree-wide: port various places over to STARTSWITH_SET()
2018-11-23 16:30:23 +01:00
STARTSWITH_SET(optarg,
"OnActiveSec=",
"OnBootSec=",
"OnStartupSec=",
"OnUnitActiveSec=",
"OnUnitInactiveSec=",
"OnCalendar=");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
break;
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
case ARG_PATH_PROPERTY:
if (strv_extend(&arg_path_property, optarg) < 0)
return log_oom();
break;
case ARG_SOCKET_PROPERTY:
if (strv_extend(&arg_socket_property, optarg) < 0)
return log_oom();
break;
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
case ARG_NO_BLOCK:
arg_no_block = true;
break;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
case ARG_WAIT:
arg_wait = true;
break;
run: add a switch for specifiying the working directory of a service I find myself testing service management quite often with "systemd-run -t /bin/bash". For that it is handy if the invoked shell would use the working directory I am currently in. Hence introduce a shorthand for that: $ systemd-run -dt /bin/bash This will automatically insert a WorkingDirectory= property into the transient service, pointing to the working directory of the caller.
2018-11-22 12:07:25 +01:00
case ARG_WORKING_DIRECTORY:
Move and rename parse_path_argument() function This fits better in shared/, and the new parse-argument.c file is a good home for it.
2021-02-14 11:39:48 +01:00
r = parse_path_argument(optarg, true, &arg_working_directory);
run: add a switch for specifiying the working directory of a service I find myself testing service management quite often with "systemd-run -t /bin/bash". For that it is handy if the invoked shell would use the working directory I am currently in. Hence introduce a shorthand for that: $ systemd-run -dt /bin/bash This will automatically insert a WorkingDirectory= property into the transient service, pointing to the working directory of the caller.
2018-11-22 12:07:25 +01:00
if (r < 0)
return r;
break;
case 'd': {
_cleanup_free_ char *p = NULL;
r = safe_getcwd(&p);
if (r < 0)
return log_error_errno(r, "Failed to get current working directory: %m");
if (empty_or_root(p))
arg_working_directory = mfree(arg_working_directory);
else
free_and_replace(arg_working_directory, p);
break;
}
run: add "-G" as shortcut for "--property=CollectMode=inactive-or-failed" This option is likely to be very useful for systemd-run invocations, hence let's add a shortcut for it. With this new concepts it's now very easy to put together systemd-run invocations that leave zero artifacts in the system, including when they fail.
2017-11-13 17:17:53 +01:00
case 'G':
arg_aggressive_gc = true;
break;
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
case 'S':
arg_shell = true;
break;
run: optionally set the "ignore-failure" flag for ExecStart= lines
2023-12-19 21:39:50 +01:00
case ARG_IGNORE_FAILURE:
arg_ignore_failure = true;
break;
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
case ARG_BACKGROUND:
r = free_and_strdup_warn(&arg_background, optarg);
if (r < 0)
return r;
break;
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
case ARG_JSON:
r = parse_json_argument(optarg, &arg_json_format_flags);
if (r <= 0)
return r;
break;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
case '?':
return -EINVAL;
default:
Drop the text argument from assert_not_reached() In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
2021-07-27 12:27:28 +02:00
assert_not_reached();
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
}
run/mount/systemctl: don't fork off PolicyKit/ask-pw agent when in --user mode When we are in --user mode there's no point in doing PolicyKit/ask-pw because both of these systems are only used by system-level services. Let's disable the two agents for that automaticlly hence. Prompted by: #20576
2021-08-30 13:21:55 +02:00
/* If we are talking to the per-user instance PolicyKit isn't going to help */
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
if (arg_runtime_scope == RUNTIME_SCOPE_USER)
run/mount/systemctl: don't fork off PolicyKit/ask-pw agent when in --user mode When we are in --user mode there's no point in doing PolicyKit/ask-pw because both of these systems are only used by system-level services. Let's disable the two agents for that automaticlly hence. Prompted by: #20576
2021-08-30 13:21:55 +02:00
arg_ask_password = false;
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
with_trigger = !!arg_path_property || !!arg_socket_property || arg_with_timer;
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
/* currently, only single trigger (path, socket, timer) unit can be created simultaneously */
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
if ((int) !!arg_path_property + (int) !!arg_socket_property + (int) arg_with_timer > 1)
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Only single trigger (path, socket, timer) unit can be created.");
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
if (arg_shell) {
/* If --shell is imply --pty --pipe --same-dir --service-type=exec --wait --collect, unless otherwise
* specified. */
if (!arg_scope) {
if (arg_stdio == ARG_STDIO_NONE)
arg_stdio = ARG_STDIO_AUTO;
if (!arg_working_directory) {
r = safe_getcwd(&arg_working_directory);
if (r < 0)
return log_error_errno(r, "Failed to get current working directory: %m");
}
run: arg_service_type is not supposed to be allocated from heap
2023-12-19 19:10:36 +01:00
if (!arg_service_type)
arg_service_type = "exec";
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
arg_wait = true;
}
arg_aggressive_gc = true;
}
tree-wide: drop if braces around single line expressions as well
2020-10-09 15:06:34 +02:00
if (arg_stdio == ARG_STDIO_AUTO)
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
/* If we both --pty and --pipe are specified we'll automatically pick --pty if we are connected fully
* to a TTY and pick direct fd passing otherwise. This way, we automatically adapt to usage in a shell
* pipeline, but we are neatly interactive with tty-level isolation otherwise. */
tree-wide: use isatty_safe() everywhere
2024-10-24 23:12:31 +02:00
arg_stdio = isatty_safe(STDIN_FILENO) && isatty_safe(STDOUT_FILENO) && isatty_safe(STDERR_FILENO) ?
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
ARG_STDIO_PTY :
ARG_STDIO_DIRECT;
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
if (argc > optind) {
char **l;
if (arg_shell)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "If --shell is used, no command line is expected.");
l = strv_copy(argv + optind);
if (!l)
return log_oom();
strv_free_and_replace(arg_cmdline, l);
} else if (arg_shell) {
_cleanup_free_ char *s = NULL;
char **l;
r = get_shell(&s);
if (r < 0)
return log_error_errno(r, "Failed to determine shell: %m");
l = strv_new(s);
if (!l)
return log_oom();
strv_free_and_replace(arg_cmdline, l);
} else if (!arg_unit || !with_trigger)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Command line to execute required.");
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
if (arg_runtime_scope == RUNTIME_SCOPE_USER && arg_transport == BUS_TRANSPORT_REMOTE)
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
run: update checks to allow running with a user's bus systemd-run is documented to as being able to connect and run on a specific user bus with "--user --machine=lennart@.host" arguments. This PR updates some logic that prevented this from working.
2021-05-13 01:17:51 -07:00
"Execution in user context is not supported on remote systems.");
run: add support for executing commands remotely via SSH or in a container Also, unify the transport logic a bit, since we reuse the same scheme in many of our client tools.
2013-10-30 16:44:55 +01:00
run: update checks to allow running with a user's bus systemd-run is documented to as being able to connect and run on a specific user bus with "--user --machine=lennart@.host" arguments. This PR updates some logic that prevented this from working.
2021-05-13 01:17:51 -07:00
if (arg_scope && arg_transport == BUS_TRANSPORT_REMOTE)
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
run: update checks to allow running with a user's bus systemd-run is documented to as being able to connect and run on a specific user bus with "--user --machine=lennart@.host" arguments. This PR updates some logic that prevented this from working.
2021-05-13 01:17:51 -07:00
"Scope execution is not supported on remote systems.");
run: add support for executing commands remotely via SSH or in a container Also, unify the transport logic a bit, since we reuse the same scheme in many of our client tools.
2013-10-30 16:44:55 +01:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_scope && (arg_remain_after_exit || arg_service_type))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--remain-after-exit and --service-type= are not supported in --scope mode.");
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_stdio != ARG_STDIO_NONE && (with_trigger || arg_scope))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--pty/--pipe is not compatible in timer or --scope mode.");
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_stdio != ARG_STDIO_NONE && arg_transport == BUS_TRANSPORT_REMOTE)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--pty/--pipe is only supported when connecting to the local system or containers.");
run: various modernizations and smaller fixes Including a fix for properly freeing a calendarspec object after use.
2015-10-08 15:01:42 +02:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_stdio != ARG_STDIO_NONE && arg_no_block)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--pty/--pipe is not compatible with --no-block.");
run: complain when --pty is used together with --no-block, which makes no sense
2016-12-24 00:30:49 +01:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_scope && with_trigger)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Path, socket or timer options are not supported in --scope mode.");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: rename with_timer → arg_with_timer The value is directly initialized from cmdline args, hence let's name it so, following our usual naming style.
2019-03-14 19:55:29 +01:00
if (arg_timer_property && !arg_with_timer)
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--timer-property= has no effect without any other timer options.");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
if (arg_wait) {
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_no_block)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--wait may not be combined with --no-block.");
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (with_trigger)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--wait may not be combined with path, socket or timer operations.");
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (arg_scope)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--wait may not be combined with --scope.");
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
}
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
return 1;
}
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
static int parse_argv_sudo_mode(int argc, char *argv[]) {
enum {
ARG_NO_ASK_PASSWORD = 0x100,
ARG_HOST,
ARG_MACHINE,
ARG_UNIT,
ARG_PROPERTY,
ARG_DESCRIPTION,
ARG_SLICE,
ARG_SLICE_INHERIT,
ARG_NICE,
ARG_SETENV,
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
ARG_BACKGROUND,
run0: add options to force allocation of PTY or of pipe use Fixes: #33033
2024-10-24 23:27:59 +02:00
ARG_PTY,
ARG_PIPE,
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
};
Rename uid0 to run0 Naming is always a matter of preference, and the old name would certainly work, but I think the new one has the following advantages: - A verb is better than a noun. - The name more similar to "the competition", i.e. 'sudo', 'pkexec', 'runas', 'doas', which generally include an action verb. - The connection between 'systemd-run' and 'run0' is more obvious. There has been no release yet with the old name, so we can rename without caring for backwards compatibility.
2024-03-19 11:14:55 +01:00
/* If invoked as "run0" binary, let's expose a more sudo-like interface. We add various extensions
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
* though (but limit the extension to long options). */
static const struct option options[] = {
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, 'V' },
{ "no-ask-password", no_argument, NULL, ARG_NO_ASK_PASSWORD },
{ "machine", required_argument, NULL, ARG_MACHINE },
{ "unit", required_argument, NULL, ARG_UNIT },
{ "property", required_argument, NULL, ARG_PROPERTY },
{ "description", required_argument, NULL, ARG_DESCRIPTION },
{ "slice", required_argument, NULL, ARG_SLICE },
{ "slice-inherit", no_argument, NULL, ARG_SLICE_INHERIT },
{ "user", required_argument, NULL, 'u' },
{ "group", required_argument, NULL, 'g' },
{ "nice", required_argument, NULL, ARG_NICE },
{ "chdir", required_argument, NULL, 'D' },
{ "setenv", required_argument, NULL, ARG_SETENV },
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
{ "background", required_argument, NULL, ARG_BACKGROUND },
run0: add options to force allocation of PTY or of pipe use Fixes: #33033
2024-10-24 23:27:59 +02:00
{ "pty", no_argument, NULL, ARG_PTY },
{ "pipe", no_argument, NULL, ARG_PIPE },
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
{},
};
int r, c;
assert(argc >= 0);
assert(argv);
/* Resetting to 0 forces the invocation of an internal initialization routine of getopt_long()
* that checks for GNU extensions in optstring ('-' or '+' at the beginning). */
optind = 0;
while ((c = getopt_long(argc, argv, "+hVu:g:D:", options, NULL)) >= 0)
switch (c) {
case 'h':
return help_sudo_mode();
case 'V':
return version();
case ARG_NO_ASK_PASSWORD:
arg_ask_password = false;
break;
case ARG_MACHINE:
arg_transport = BUS_TRANSPORT_MACHINE;
arg_host = optarg;
break;
case ARG_UNIT:
arg_unit = optarg;
break;
case ARG_PROPERTY:
if (strv_extend(&arg_property, optarg) < 0)
return log_oom();
break;
case ARG_DESCRIPTION:
r = free_and_strdup_warn(&arg_description, optarg);
if (r < 0)
return r;
break;
case ARG_SLICE:
arg_slice = optarg;
break;
case ARG_SLICE_INHERIT:
arg_slice_inherit = true;
break;
case 'u':
arg_exec_user = optarg;
break;
case 'g':
arg_exec_group = optarg;
break;
case ARG_NICE:
r = parse_nice(optarg, &arg_nice);
if (r < 0)
return log_error_errno(r, "Failed to parse nice value: %s", optarg);
arg_nice_set = true;
break;
case 'D':
run: fix bug causing run0 to ignore `-D /`. Since the root directory was being suppressed to NULL, the subsequent check would erroneously think that no working directory was specified. This caused the default working directory to be applied instead.
2024-10-15 00:57:52 -04:00
/* Root will be manually suppressed later. */
r = parse_path_argument(optarg, /* suppress_root= */ false, &arg_working_directory);
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
if (r < 0)
return r;
break;
case ARG_SETENV:
r = strv_env_replace_strdup_passthrough(&arg_environment, optarg);
if (r < 0)
return log_error_errno(r, "Cannot assign environment variable %s: %m", optarg);
break;
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
case ARG_BACKGROUND:
r = free_and_strdup_warn(&arg_background, optarg);
if (r < 0)
return r;
break;
run0: add options to force allocation of PTY or of pipe use Fixes: #33033
2024-10-24 23:27:59 +02:00
case ARG_PTY:
if (IN_SET(arg_stdio, ARG_STDIO_DIRECT, ARG_STDIO_AUTO)) /* if --pipe is already used, upgrade to auto mode */
arg_stdio = ARG_STDIO_AUTO;
else
arg_stdio = ARG_STDIO_PTY;
break;
case ARG_PIPE:
if (IN_SET(arg_stdio, ARG_STDIO_PTY, ARG_STDIO_AUTO)) /* If --pty is already used, upgrade to auto mode */
arg_stdio = ARG_STDIO_AUTO;
else
arg_stdio = ARG_STDIO_DIRECT;
break;
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
case '?':
return -EINVAL;
default:
assert_not_reached();
}
if (!arg_working_directory) {
if (arg_exec_user) {
/* When switching to a specific user, also switch to its home directory. */
arg_working_directory = strdup("~");
if (!arg_working_directory)
return log_oom();
} else {
/* When switching to root without this being specified, then stay in the current directory */
r = safe_getcwd(&arg_working_directory);
if (r < 0)
return log_error_errno(r, "Failed to get current working directory: %m");
}
run: fix bug causing run0 to ignore `-D /`. Since the root directory was being suppressed to NULL, the subsequent check would erroneously think that no working directory was specified. This caused the default working directory to be applied instead.
2024-10-15 00:57:52 -04:00
} else {
/* Root was not suppressed earlier, to allow the above check to work properly. */
if (empty_or_root(arg_working_directory))
arg_working_directory = mfree(arg_working_directory);
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
}
arg_service_type = "exec";
arg_quiet = true;
arg_wait = true;
arg_aggressive_gc = true;
run0: add options to force allocation of PTY or of pipe use Fixes: #33033
2024-10-24 23:27:59 +02:00
if (IN_SET(arg_stdio, ARG_STDIO_NONE, ARG_STDIO_AUTO))
arg_stdio = isatty_safe(STDIN_FILENO) && isatty_safe(STDOUT_FILENO) && isatty_safe(STDERR_FILENO) ? ARG_STDIO_PTY : ARG_STDIO_DIRECT;
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
arg_expand_environment = false;
arg_send_sighup = true;
_cleanup_strv_free_ char **l = NULL;
if (argc > optind)
l = strv_copy(argv + optind);
else {
const char *e;
e = strv_env_get(arg_environment, "SHELL");
if (e)
arg_exec_path = strdup(e);
else {
if (arg_transport == BUS_TRANSPORT_LOCAL) {
r = get_shell(&arg_exec_path);
if (r < 0)
return log_error_errno(r, "Failed to determine shell: %m");
} else
arg_exec_path = strdup("/bin/sh");
}
if (!arg_exec_path)
return log_oom();
l = make_login_shell_cmdline(arg_exec_path);
}
if (!l)
return log_oom();
strv_free_and_replace(arg_cmdline, l);
if (!arg_slice) {
run: use SPECIAL_USER_SLICE
2024-01-04 15:22:54 +01:00
arg_slice = strdup(SPECIAL_USER_SLICE);
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
if (!arg_slice)
return log_oom();
}
_cleanup_free_ char *un = NULL;
un = getusername_malloc();
if (!un)
return log_oom();
/* Set a bunch of environment variables in a roughly sudo-compatible way */
r = strv_env_assign(&arg_environment, "SUDO_USER", un);
if (r < 0)
return log_error_errno(r, "Failed to set $SUDO_USER environment variable: %m");
r = strv_env_assignf(&arg_environment, "SUDO_UID", UID_FMT, getuid());
if (r < 0)
return log_error_errno(r, "Failed to set $SUDO_UID environment variable: %m");
r = strv_env_assignf(&arg_environment, "SUDO_GID", GID_FMT, getgid());
if (r < 0)
return log_error_errno(r, "Failed to set $SUDO_GID environment variable: %m");
if (strv_extendf(&arg_property, "LogExtraFields=ELEVATED_UID=" UID_FMT, getuid()) < 0)
return log_oom();
if (strv_extendf(&arg_property, "LogExtraFields=ELEVATED_GID=" GID_FMT, getgid()) < 0)
return log_oom();
if (strv_extendf(&arg_property, "LogExtraFields=ELEVATED_USER=%s", un) < 0)
return log_oom();
Rename uid0 to run0 Naming is always a matter of preference, and the old name would certainly work, but I think the new one has the following advantages: - A verb is better than a noun. - The name more similar to "the competition", i.e. 'sudo', 'pkexec', 'runas', 'doas', which generally include an action verb. - The connection between 'systemd-run' and 'run0' is more obvious. There has been no release yet with the old name, so we can rename without caring for backwards compatibility.
2024-03-19 11:14:55 +01:00
if (strv_extend(&arg_property, "PAMName=systemd-run0") < 0)
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
return log_oom();
nspawn, vmspawn, run0: add env var for turning off background tinting Some people are just sad, sad lost souls who don't like even the tiniest ray of color in their life. Let's add an env var knob for allowing them to turn the background tinting off, to drive the last bit of color from their life so that they can stay in their grey grey life.
2024-05-02 17:07:51 +02:00
if (!arg_background && arg_stdio == ARG_STDIO_PTY && shall_tint_background()) {
pretty-print: split out color tinting into a helper of its own
2024-01-19 23:59:54 +01:00
double hue;
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
if (privileged_execution())
pretty-print: split out color tinting into a helper of its own
2024-01-19 23:59:54 +01:00
hue = 0; /* red */
else
hue = 60 /* yellow */;
r = terminal_tint_color(hue, &arg_background);
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
if (r < 0)
log_debug_errno(r, "Unable to get terminal background color, not tinting background: %m");
}
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
return 1;
}
bus-unit-util: add socket unit related options Also, split bus_append_unit_property_assignment().
2017-12-23 16:59:56 +09:00
static int transient_unit_set_properties(sd_bus_message *m, UnitType t, char **properties) {
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
int r;
run: pin the unit we invoke continously while we are running We read properties of the unit, hence it shouldn't be GC'ed as long as we run. Hence, let's just set AddRef unconditionally for the units we create.
2023-10-16 11:31:38 +02:00
assert(m);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
r = sd_bus_message_append(m, "(sv)", "Description", "s", arg_description);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: add "-G" as shortcut for "--property=CollectMode=inactive-or-failed" This option is likely to be very useful for systemd-run invocations, hence let's add a shortcut for it. With this new concepts it's now very easy to put together systemd-run invocations that leave zero artifacts in the system, including when they fail.
2017-11-13 17:17:53 +01:00
if (arg_aggressive_gc) {
r = sd_bus_message_append(m, "(sv)", "CollectMode", "s", "inactive-or-failed");
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: add "-G" as shortcut for "--property=CollectMode=inactive-or-failed" This option is likely to be very useful for systemd-run invocations, hence let's add a shortcut for it. With this new concepts it's now very easy to put together systemd-run invocations that leave zero artifacts in the system, including when they fail.
2017-11-13 17:17:53 +01:00
}
run: pin the unit we invoke continously while we are running We read properties of the unit, hence it shouldn't be GC'ed as long as we run. Hence, let's just set AddRef unconditionally for the units we create.
2023-10-16 11:31:38 +02:00
r = sd_bus_is_bus_client(sd_bus_message_get_bus(m));
if (r < 0)
return log_error_errno(r, "Can't determine if bus connection is direct or to broker: %m");
if (r > 0) {
/* Pin the object as least as long as we are around. Note that AddRef (currently) only works
* if we talk via the bus though. */
r = sd_bus_message_append(m, "(sv)", "AddRef", "b", 1);
if (r < 0)
return bus_log_create_error(r);
}
run: simplification
2022-08-16 18:41:00 +02:00
return bus_append_unit_property_assignment_many(m, t, properties);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
}
static int transient_cgroup_set_properties(sd_bus_message *m) {
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
_cleanup_free_ char *name = NULL;
_cleanup_free_ char *slice = NULL;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
int r;
assert(m);
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
if (arg_slice_inherit) {
char *end;
core: add support to run transient units in arbitrary slices
2013-07-01 03:02:42 +02:00
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
switch (arg_runtime_scope) {
case RUNTIME_SCOPE_USER:
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
r = cg_pid_get_user_slice(0, &name);
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
break;
case RUNTIME_SCOPE_SYSTEM:
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
r = cg_pid_get_slice(0, &name);
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
break;
default:
assert_not_reached();
}
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
if (r < 0)
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
return log_error_errno(r, "Failed to get PID slice: %m");
core: add support to run transient units in arbitrary slices
2013-07-01 03:02:42 +02:00
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
end = endswith(name, ".slice");
if (!end)
return -ENXIO;
*end = 0;
core: add support to run transient units in arbitrary slices
2013-07-01 03:02:42 +02:00
}
run: use strextend_with_separator()
2021-05-20 14:41:48 +09:00
if (!isempty(arg_slice) && !strextend_with_separator(&name, "-", arg_slice))
return log_oom();
systemd-run: add --slice-inherit Add a new option to easily place a slice within the systemd-run slice.
2020-04-08 14:57:52 +02:00
if (!name)
return 0;
r = unit_name_mangle_with_suffix(name, "as slice",
arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
".slice", &slice);
if (r < 0)
return log_error_errno(r, "Failed to mangle name '%s': %m", arg_slice);
r = sd_bus_message_append(m, "(sv)", "Slice", "s", slice);
if (r < 0)
return bus_log_create_error(r);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
return 0;
}
static int transient_kill_set_properties(sd_bus_message *m) {
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
int r;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
assert(m);
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
if (arg_send_sighup) {
r = sd_bus_message_append(m, "(sv)", "SendSIGHUP", "b", arg_send_sighup);
if (r < 0)
return bus_log_create_error(r);
}
return 0;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
}
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
static int transient_service_set_properties(sd_bus_message *m, const char *pty_path, int pty_fd) {
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
bool send_term = false;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
int r;
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
/* We disable environment expansion on the server side via ExecStartEx=:.
* ExecStartEx was added relatively recently (v243), and some bugs were fixed only later.
* So use that feature only if required. It will fail with older systemds. */
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
bool use_ex_prop = arg_expand_environment == 0;
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
bus: port remaining code over to use bus_error_message()
2013-11-08 19:49:49 +01:00
assert(m);
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
assert(pty_path || pty_fd < 0);
bus: port remaining code over to use bus_error_message()
2013-11-08 19:49:49 +01:00
bus-unit-util: add socket unit related options Also, split bus_append_unit_property_assignment().
2017-12-23 16:59:56 +09:00
r = transient_unit_set_properties(m, UNIT_SERVICE, arg_property);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
return r;
r = transient_kill_set_properties(m);
if (r < 0)
return r;
r = transient_cgroup_set_properties(m);
logind,machined,run: properly invoke StartTransientUnit() bus call
2013-11-21 20:05:49 +01:00
if (r < 0)
return r;
systemd-run: add new --property= switch that can set arbitrary properties for the unit that is created The code for parsing these properties is shared with "systemctl set-property", which means all the resource control settings are immediately available.
2014-03-05 03:36:22 +01:00
if (arg_remain_after_exit) {
r = sd_bus_message_append(m, "(sv)", "RemainAfterExit", "b", arg_remain_after_exit);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
systemd-run: add new --property= switch that can set arbitrary properties for the unit that is created The code for parsing these properties is shared with "systemctl set-property", which means all the resource control settings are immediately available.
2014-03-05 03:36:22 +01:00
}
core: allow setting RemainAfterExit= for transient services
2013-07-26 16:09:25 +02:00
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
if (arg_service_type) {
r = sd_bus_message_append(m, "(sv)", "Type", "s", arg_service_type);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
}
if (arg_exec_user) {
r = sd_bus_message_append(m, "(sv)", "User", "s", arg_exec_user);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
}
if (arg_exec_group) {
r = sd_bus_message_append(m, "(sv)", "Group", "s", arg_exec_group);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
}
if (arg_nice_set) {
r = sd_bus_message_append(m, "(sv)", "Nice", "i", arg_nice);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
}
run: add a switch for specifiying the working directory of a service I find myself testing service management quite often with "systemd-run -t /bin/bash". For that it is handy if the invoked shell would use the working directory I am currently in. Hence introduce a shorthand for that: $ systemd-run -dt /bin/bash This will automatically insert a WorkingDirectory= property into the transient service, pointing to the working directory of the caller.
2018-11-22 12:07:25 +01:00
if (arg_working_directory) {
r = sd_bus_message_append(m, "(sv)", "WorkingDirectory", "s", arg_working_directory);
if (r < 0)
return bus_log_create_error(r);
}
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (pty_path) {
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
r = sd_bus_message_append(m, "(sv)", "TTYPath", "s", pty_path);
if (r < 0)
return bus_log_create_error(r);
run: pass the pty slave fd to transient service The rationale is similar to 40e1f4ea7458a0a80eaf1ef356e52bfe0835412e. Currently, we only pass TTYPath=/dev/pts/... to the transient service spawned by systemd-run. This is a bit problematic though, when ExecStartPre= or ExecStopPost= is used. Since when these control processes get to run, the main process is not yet started/has already exited, hence the slave suffers from the same vhangup problem as the mentioned commit. By passing the slave fd in, the service manager will hold the fd open as long as the service is alive. Fixes #32916
2024-05-19 09:07:21 +08:00
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
if (pty_fd >= 0)
r = sd_bus_message_append(m,
"(sv)(sv)(sv)",
"StandardInputFileDescriptor", "h", pty_fd,
"StandardOutputFileDescriptor", "h", pty_fd,
"StandardErrorFileDescriptor", "h", pty_fd);
else
r = sd_bus_message_append(m,
"(sv)(sv)(sv)",
"StandardInput", "s", "tty",
"StandardOutput", "s", "tty",
"StandardError", "s", "tty");
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
send_term = true;
} else if (arg_stdio == ARG_STDIO_DIRECT) {
r = sd_bus_message_append(m,
"(sv)(sv)(sv)",
"StandardInputFileDescriptor", "h", STDIN_FILENO,
"StandardOutputFileDescriptor", "h", STDOUT_FILENO,
"StandardErrorFileDescriptor", "h", STDERR_FILENO);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
tree-wide: use isatty_safe() everywhere
2024-10-24 23:12:31 +02:00
send_term = isatty_safe(STDIN_FILENO) || isatty_safe(STDOUT_FILENO) || isatty_safe(STDERR_FILENO);
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
}
if (send_term) {
const char *e;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
e = getenv("TERM");
if (e) {
tree-wide: don't use strjoina() on getenv() values Avoid doing stack allocations on environment variables.
2022-01-26 10:53:40 -08:00
_cleanup_free_ char *n = NULL;
n = strjoin("TERM=", e);
if (!n)
return log_oom();
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
r = sd_bus_message_append(m,
"(sv)",
"Environment", "as", 1, n);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
}
}
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
if (!strv_isempty(arg_environment)) {
r = sd_bus_message_open_container(m, 'r', "sv");
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
r = sd_bus_message_append(m, "s", "Environment");
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
r = sd_bus_message_open_container(m, 'v', "as");
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
r = sd_bus_message_append_strv(m, arg_environment);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
r = sd_bus_message_close_container(m);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
core: allow User=, Group=, Nice=, Environment=, Type= to be passed when creating a transient service
2014-02-05 02:02:00 +01:00
r = sd_bus_message_close_container(m);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
}
/* Exec container */
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
if (!strv_isempty(arg_cmdline)) {
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
r = sd_bus_message_open_container(m, 'r', "sv");
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = sd_bus_message_append(m, "s",
use_ex_prop ? "ExecStartEx" : "ExecStart");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = sd_bus_message_open_container(m, 'v',
use_ex_prop ? "a(sasas)" : "a(sasb)");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = sd_bus_message_open_container(m, 'a',
use_ex_prop ? "(sasas)" : "(sasb)");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = sd_bus_message_open_container(m, 'r',
use_ex_prop ? "sasas" : "sasb");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
r = sd_bus_message_append(m, "s", arg_exec_path ?: arg_cmdline[0]);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
r = sd_bus_message_append_strv(m, arg_cmdline);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: clean up ExecCommandFlags serialization The current behavior is actually OK, since use_ex_prop = !arg_expand_environment, but that's very implicit and using STRV_MAKE() this way feels icky. Let's make this more readable, by using exec_command_flags_to_strv().
2024-07-10 22:27:21 +02:00
if (use_ex_prop) {
_cleanup_strv_free_ char **opts = NULL;
r = exec_command_flags_to_strv(
(arg_expand_environment > 0 ? 0 : EXEC_COMMAND_NO_ENV_EXPAND)|(arg_ignore_failure ? EXEC_COMMAND_IGNORE_FAILURE : 0),
&opts);
if (r < 0)
return log_error_errno(r, "Failed to format execute flags: %m");
r = sd_bus_message_append_strv(m, opts);
} else
run: optionally set the "ignore-failure" flag for ExecStart= lines
2023-12-19 21:39:50 +01:00
r = sd_bus_message_append(m, "b", arg_ignore_failure);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
r = sd_bus_message_close_container(m);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
r = sd_bus_message_close_container(m);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
r = sd_bus_message_close_container(m);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
r = sd_bus_message_close_container(m);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
}
return 0;
}
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
static int transient_scope_set_properties(sd_bus_message *m, bool allow_pidfd) {
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
int r;
assert(m);
bus-unit-util: add socket unit related options Also, split bus_append_unit_property_assignment().
2017-12-23 16:59:56 +09:00
r = transient_unit_set_properties(m, UNIT_SCOPE, arg_property);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
return r;
r = transient_kill_set_properties(m);
if (r < 0)
return r;
run: make --slice= work in conjunction with --scope Fixes: #2991
2016-04-22 17:31:40 +02:00
r = transient_cgroup_set_properties(m);
if (r < 0)
return r;
tree-wide: Add allow_pidfd argument to bus_append_scope_pidref()
2024-03-22 17:03:35 +01:00
_cleanup_(pidref_done) PidRef pidref = PIDREF_NULL;
tree-wide: prefer sending pifds over pids when creating scope units
2023-10-05 09:55:28 +02:00
tree-wide: Add allow_pidfd argument to bus_append_scope_pidref()
2024-03-22 17:03:35 +01:00
r = pidref_set_self(&pidref);
if (r < 0)
return r;
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
tree-wide: Add allow_pidfd argument to bus_append_scope_pidref()
2024-03-22 17:03:35 +01:00
r = bus_append_scope_pidref(m, &pidref, allow_pidfd);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
return 0;
}
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
static int transient_timer_set_properties(sd_bus_message *m) {
int r;
assert(m);
bus-unit-util: add socket unit related options Also, split bus_append_unit_property_assignment().
2017-12-23 16:59:56 +09:00
r = transient_unit_set_properties(m, UNIT_TIMER, arg_timer_property);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
return r;
run: automatically clean up transient timers created by systemd-run
2015-11-17 20:38:12 +01:00
/* Automatically clean up our transient timers */
r = sd_bus_message_append(m, "(sv)", "RemainAfterElapse", "b", false);
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return bus_log_create_error(r);
run: automatically clean up transient timers created by systemd-run
2015-11-17 20:38:12 +01:00
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
return 0;
}
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
static int make_unit_name(sd_bus *bus, UnitType t, char **ret) {
run: fix generated unit name clash after soft-reboot When sd-run connects to D-Bus rather than the private socket, it will generate the transient unit name using the bus ID assigned by the D-Bus broker/daemon. The issue is that this ID is only unique per D-Bus run, if the broker/daemon restarts it starts again from 1, and it's a simple incremental counter for each client. So if a transient unit run-u6.service starts and fails, and it is not collected (default on failure), and the system soft-reboots, any new transient unit might conflict as the counter will restart: Failed to start transient service unit: Unit run-u6.service was already loaded or has a fragment file. Get the soft-reboot counter, and if it's greater than zero, append it to the autogenerated unit name to avoid clashes.
2024-03-27 21:14:15 +00:00
unsigned soft_reboots_count = 0;
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
const char *unique, *id;
char *p;
int r;
assert(bus);
assert(t >= 0);
assert(t < _UNIT_TYPE_MAX);
run: query for SoftRebootsCount only for system scope runs Only the system manager records soft reboots, and the user session is restarted anyway so it doesn't suffer from the ID clash issue Follow-up for ed358516937780b524a2cfa833427da3df1bc87f
2024-04-06 00:00:41 +01:00
assert(ret);
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
r = sd_bus_get_unique_name(bus, &unique);
if (r < 0) {
sd_id128_t rnd;
/* We couldn't get the unique name, which is a pretty
* common case if we are connected to systemd
* directly. In that case, just pick a random uuid as
* name */
r = sd_id128_randomize(&rnd);
if (r < 0)
return log_error_errno(r, "Failed to generate random run unit name: %m");
if (asprintf(ret, "run-r" SD_ID128_FORMAT_STR ".%s", SD_ID128_FORMAT_VAL(rnd), unit_type_to_string(t)) < 0)
return log_oom();
return 0;
}
run: tweak algorithm for generating unit name from dbus unique name This reverts behaviour of systemd-run's unit name generation to the status quo ante of #18871: we chop off the ":1." prefix if we can. However, to address the issue that the unique name can overrun we then do what #18871 did as fallback: only chop off the ":" prefix. This way we should have pretty names that look like they always looked in the common case, but in the case of a unique name overrun we still will have names that work. Follow-up for #18871
2021-03-04 16:23:46 +01:00
/* We managed to get the unique name, then let's use that to name our transient units. */
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
run: tweak algorithm for generating unit name from dbus unique name This reverts behaviour of systemd-run's unit name generation to the status quo ante of #18871: we chop off the ":1." prefix if we can. However, to address the issue that the unique name can overrun we then do what #18871 did as fallback: only chop off the ":" prefix. This way we should have pretty names that look like they always looked in the common case, but in the case of a unique name overrun we still will have names that work. Follow-up for #18871
2021-03-04 16:23:46 +01:00
id = startswith(unique, ":1."); /* let' strip the usual prefix */
if (!id)
id = startswith(unique, ":"); /* the spec only requires things to start with a colon, hence
* let's add a generic fallback for that. */
coccinelle: make use of SYNTHETIC_ERRNO Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
2018-11-20 23:40:44 +01:00
if (!id)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Unique name %s has unexpected format.",
unique);
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
run: fix generated unit name clash after soft-reboot When sd-run connects to D-Bus rather than the private socket, it will generate the transient unit name using the bus ID assigned by the D-Bus broker/daemon. The issue is that this ID is only unique per D-Bus run, if the broker/daemon restarts it starts again from 1, and it's a simple incremental counter for each client. So if a transient unit run-u6.service starts and fails, and it is not collected (default on failure), and the system soft-reboots, any new transient unit might conflict as the counter will restart: Failed to start transient service unit: Unit run-u6.service was already loaded or has a fragment file. Get the soft-reboot counter, and if it's greater than zero, append it to the autogenerated unit name to avoid clashes.
2024-03-27 21:14:15 +00:00
/* The unique D-Bus names are actually unique per D-Bus instance, so on soft-reboot they will wrap
* and start over since the D-Bus broker is restarted. If there's a failed unit left behind that
* hasn't been garbage collected, we'll conflict. Append the soft-reboot counter to avoid clashing. */
run: query for SoftRebootsCount only for system scope runs Only the system manager records soft reboots, and the user session is restarted anyway so it doesn't suffer from the ID clash issue Follow-up for ed358516937780b524a2cfa833427da3df1bc87f
2024-04-06 00:00:41 +01:00
if (arg_runtime_scope == RUNTIME_SCOPE_SYSTEM) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
r = bus_get_property_trivial(
bus, bus_systemd_mgr, "SoftRebootsCount", &error, 'u', &soft_reboots_count);
if (r < 0)
log_debug_errno(r,
"Failed to get SoftRebootsCount property, ignoring: %s",
bus_error_message(&error, r));
}
run: fix generated unit name clash after soft-reboot When sd-run connects to D-Bus rather than the private socket, it will generate the transient unit name using the bus ID assigned by the D-Bus broker/daemon. The issue is that this ID is only unique per D-Bus run, if the broker/daemon restarts it starts again from 1, and it's a simple incremental counter for each client. So if a transient unit run-u6.service starts and fails, and it is not collected (default on failure), and the system soft-reboots, any new transient unit might conflict as the counter will restart: Failed to start transient service unit: Unit run-u6.service was already loaded or has a fragment file. Get the soft-reboot counter, and if it's greater than zero, append it to the autogenerated unit name to avoid clashes.
2024-03-27 21:14:15 +00:00
if (soft_reboots_count > 0) {
if (asprintf(&p, "run-u%s-s%u.%s", id, soft_reboots_count, unit_type_to_string(t)) < 0)
return log_oom();
} else {
p = strjoin("run-u", id, ".", unit_type_to_string(t));
if (!p)
return log_oom();
}
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
*ret = p;
return 0;
}
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
typedef struct RunContext {
sd_bus *bus;
sd_event *event;
PTYForward *forward;
sd_bus_slot *match;
run: when waiting for unit, also check if no job is pending anymore This is a fix-up for a7c71d214c37797d82de2f66cfe0a0a79c3a5c92: since we now don't wait for the job to finish anymore right after enqueuing it, we should not exit our ptyfwd logic before the unit is back to inactive *and* no job pending anymore.
2020-05-26 16:22:36 +02:00
/* Current state of the unit */
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
char *active_state;
run: when waiting for unit, also check if no job is pending anymore This is a fix-up for a7c71d214c37797d82de2f66cfe0a0a79c3a5c92: since we now don't wait for the job to finish anymore right after enqueuing it, we should not exit our ptyfwd logic before the unit is back to inactive *and* no job pending anymore.
2020-05-26 16:22:36 +02:00
bool has_job;
/* The exit data of the unit */
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
uint64_t inactive_exit_usec;
uint64_t inactive_enter_usec;
char *result;
uint64_t cpu_usage_nsec;
run: include peak memory in output Fixes #28542. Signed-off-by: Florian Schmaus <flo@geekplace.eu>
2023-11-06 17:28:41 +01:00
uint64_t memory_peak;
cgroup: add support for memory.swap.peak
2023-11-08 19:22:06 +01:00
uint64_t memory_swap_peak;
run: also show IP traffic accounting data on "systemd-run --wait" If we collect we should show it.
2017-09-26 16:33:03 +02:00
uint64_t ip_ingress_bytes;
uint64_t ip_egress_bytes;
run: show IO stats in --wait resource output
2019-03-22 12:18:19 +01:00
uint64_t io_read_bytes;
uint64_t io_write_bytes;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
uint32_t exit_code;
uint32_t exit_status;
} RunContext;
static void run_context_free(RunContext *c) {
assert(c);
c->forward = pty_forward_free(c->forward);
c->match = sd_bus_slot_unref(c->match);
c->bus = sd_bus_unref(c->bus);
c->event = sd_event_unref(c->event);
free(c->active_state);
free(c->result);
}
static void run_context_check_done(RunContext *c) {
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
bool done;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
assert(c);
if (c->match)
run: when waiting for unit, also check if no job is pending anymore This is a fix-up for a7c71d214c37797d82de2f66cfe0a0a79c3a5c92: since we now don't wait for the job to finish anymore right after enqueuing it, we should not exit our ptyfwd logic before the unit is back to inactive *and* no job pending anymore.
2020-05-26 16:22:36 +02:00
done = STRPTR_IN_SET(c->active_state, "inactive", "failed") && !c->has_job;
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
else
done = true;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
run: when disconnected from PTY forwarder, exit event loop if not --wait Follow-up for ade0789fabbf01b95bf54d32f8cab1217a753f03 The change in behavior was partly intentional, as I think if both --wait and --pty are used, manually disconnecting from PTY forwarder should not result in systemd-run exiting with "Finished with ..." log. But we should check for --wait here. Closes #32953
2024-05-21 20:10:24 +08:00
if (c->forward && !pty_forward_is_done(c->forward) && done) /* If the service is gone, it's time to drain the output */
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
done = pty_forward_drain(c->forward);
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
if (done)
sd_event_exit(c->event, EXIT_SUCCESS);
}
run: when waiting for unit, also check if no job is pending anymore This is a fix-up for a7c71d214c37797d82de2f66cfe0a0a79c3a5c92: since we now don't wait for the job to finish anymore right after enqueuing it, we should not exit our ptyfwd logic before the unit is back to inactive *and* no job pending anymore.
2020-05-26 16:22:36 +02:00
static int map_job(sd_bus *bus, const char *member, sd_bus_message *m, sd_bus_error *error, void *userdata) {
bool *b = userdata;
const char *job;
uint32_t id;
int r;
r = sd_bus_message_read(m, "(uo)", &id, &job);
if (r < 0)
return r;
*b = id != 0 || !streq(job, "/");
return 0;
}
run: fix race for "systemd-run --wait" D-Bus is inherently racy when a function returns an object path for a newly allocated object the client shall watch: as the object already exists before the client can subscribe to it, it might lose messages from it. Let's fix this, by explicitly querying unit properties right after subscribing to its property changes. Fixes: #4920
2016-12-23 22:56:39 +01:00
static int run_context_update(RunContext *c, const char *path) {
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
static const struct bus_properties_map map[] = {
run: when waiting for unit, also check if no job is pending anymore This is a fix-up for a7c71d214c37797d82de2f66cfe0a0a79c3a5c92: since we now don't wait for the job to finish anymore right after enqueuing it, we should not exit our ptyfwd logic before the unit is back to inactive *and* no job pending anymore.
2020-05-26 16:22:36 +02:00
{ "ActiveState", "s", NULL, offsetof(RunContext, active_state) },
{ "InactiveExitTimestampMonotonic", "t", NULL, offsetof(RunContext, inactive_exit_usec) },
{ "InactiveEnterTimestampMonotonic", "t", NULL, offsetof(RunContext, inactive_enter_usec) },
{ "Result", "s", NULL, offsetof(RunContext, result) },
{ "ExecMainCode", "i", NULL, offsetof(RunContext, exit_code) },
{ "ExecMainStatus", "i", NULL, offsetof(RunContext, exit_status) },
{ "CPUUsageNSec", "t", NULL, offsetof(RunContext, cpu_usage_nsec) },
run: include peak memory in output Fixes #28542. Signed-off-by: Florian Schmaus <flo@geekplace.eu>
2023-11-06 17:28:41 +01:00
{ "MemoryPeak", "t", NULL, offsetof(RunContext, memory_peak) },
cgroup: add support for memory.swap.peak
2023-11-08 19:22:06 +01:00
{ "MemorySwapPeak", "t", NULL, offsetof(RunContext, memory_swap_peak) },
run: when waiting for unit, also check if no job is pending anymore This is a fix-up for a7c71d214c37797d82de2f66cfe0a0a79c3a5c92: since we now don't wait for the job to finish anymore right after enqueuing it, we should not exit our ptyfwd logic before the unit is back to inactive *and* no job pending anymore.
2020-05-26 16:22:36 +02:00
{ "IPIngressBytes", "t", NULL, offsetof(RunContext, ip_ingress_bytes) },
{ "IPEgressBytes", "t", NULL, offsetof(RunContext, ip_egress_bytes) },
{ "IOReadBytes", "t", NULL, offsetof(RunContext, io_read_bytes) },
{ "IOWriteBytes", "t", NULL, offsetof(RunContext, io_write_bytes) },
{ "Job", "(uo)", map_job, offsetof(RunContext, has_job) },
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
{}
};
tree-wide: make bus_map_all_properties return a proper sd_bus_error And then show it, to make things a bit friendlier to the user if we fail acquiring some props. In fact, this fixes a number of actual bugs, where we used an error structure for output that we actually never got an error in.
2017-02-08 17:59:58 +01:00
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
int r;
r = bus_map_all_properties(c->bus,
"org.freedesktop.systemd1",
run: fix race for "systemd-run --wait" D-Bus is inherently racy when a function returns an object path for a newly allocated object the client shall watch: as the object already exists before the client can subscribe to it, it might lose messages from it. Let's fix this, by explicitly querying unit properties right after subscribing to its property changes. Fixes: #4920
2016-12-23 22:56:39 +01:00
path,
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
map,
bus-util: add flags for bus_map_all_properties() (#8546) This adds flags BUS_MAP_STRDUP and BUS_MAP_BOOLEAN_AS_BOOL. If BUS_MAP_STRDUP is set, then each "s" message is duplicated. If BUS_MAP_BOOLEAN_AS_BOOL is set, then each "b" message is written to a bool pointer. Follow-up for #8488. See https://github.com/systemd/systemd/pull/8488#discussion_r175816270.
2018-03-28 20:37:27 +09:00
BUS_MAP_STRDUP,
tree-wide: make bus_map_all_properties return a proper sd_bus_error And then show it, to make things a bit friendlier to the user if we fail acquiring some props. In fact, this fixes a number of actual bugs, where we used an error structure for output that we actually never got an error in.
2017-02-08 17:59:58 +01:00
&error,
bus-util: make bus_map_all_properties() not copy string
2018-03-19 23:46:29 +09:00
NULL,
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
c);
if (r < 0) {
sd_event_exit(c->event, EXIT_FAILURE);
tree-wide: make bus_map_all_properties return a proper sd_bus_error And then show it, to make things a bit friendlier to the user if we fail acquiring some props. In fact, this fixes a number of actual bugs, where we used an error structure for output that we actually never got an error in.
2017-02-08 17:59:58 +01:00
return log_error_errno(r, "Failed to query unit state: %s", bus_error_message(&error, r));
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
}
run_context_check_done(c);
return 0;
}
run: fix race for "systemd-run --wait" D-Bus is inherently racy when a function returns an object path for a newly allocated object the client shall watch: as the object already exists before the client can subscribe to it, it might lose messages from it. Let's fix this, by explicitly querying unit properties right after subscribing to its property changes. Fixes: #4920
2016-12-23 22:56:39 +01:00
static int on_properties_changed(sd_bus_message *m, void *userdata, sd_bus_error *error) {
tree-wide: use ASSERT_PTR more
2022-08-09 14:35:15 +02:00
RunContext *c = ASSERT_PTR(userdata);
run: fix race for "systemd-run --wait" D-Bus is inherently racy when a function returns an object path for a newly allocated object the client shall watch: as the object already exists before the client can subscribe to it, it might lose messages from it. Let's fix this, by explicitly querying unit properties right after subscribing to its property changes. Fixes: #4920
2016-12-23 22:56:39 +01:00
assert(m);
return run_context_update(c, sd_bus_message_get_path(m));
}
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
static int pty_forward_handler(PTYForward *f, int rcode, void *userdata) {
run: do not log "Error on PTY forwarding logic" when disconnected due to user operation
2024-05-19 08:53:07 +08:00
RunContext *c = ASSERT_PTR(userdata);
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
assert(f);
run: when disconnected from PTY forwarder, exit event loop if not --wait Follow-up for ade0789fabbf01b95bf54d32f8cab1217a753f03 The change in behavior was partly intentional, as I think if both --wait and --pty are used, manually disconnecting from PTY forwarder should not result in systemd-run exiting with "Finished with ..." log. But we should check for --wait here. Closes #32953
2024-05-21 20:10:24 +08:00
if (rcode == -ECANCELED) {
run: do not log "Error on PTY forwarding logic" when disconnected due to user operation
2024-05-19 08:53:07 +08:00
log_debug_errno(rcode, "PTY forwarder disconnected.");
run: when disconnected from PTY forwarder, exit event loop if not --wait Follow-up for ade0789fabbf01b95bf54d32f8cab1217a753f03 The change in behavior was partly intentional, as I think if both --wait and --pty are used, manually disconnecting from PTY forwarder should not result in systemd-run exiting with "Finished with ..." log. But we should check for --wait here. Closes #32953
2024-05-21 20:10:24 +08:00
if (!arg_wait)
return sd_event_exit(c->event, EXIT_SUCCESS);
/* If --wait is specified, we'll only exit the pty forwarding, but will continue to wait
* for the service to end. If the user hits ^C we'll exit too. */
} else if (rcode < 0) {
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
sd_event_exit(c->event, EXIT_FAILURE);
return log_error_errno(rcode, "Error on PTY forwarding logic: %m");
}
run_context_check_done(c);
return 0;
}
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
static int make_transient_service_unit(
sd_bus *bus,
sd_bus_message **message,
const char *service,
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
const char *pty_path,
int pty_fd) {
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int r;
assert(bus);
assert(message);
assert(service);
r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
if (r < 0)
return bus_log_create_error(r);
/* Name and mode */
r = sd_bus_message_append(m, "ss", service, "fail");
if (r < 0)
return bus_log_create_error(r);
/* Properties */
r = sd_bus_message_open_container(m, 'a', "(sv)");
if (r < 0)
return bus_log_create_error(r);
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
r = transient_service_set_properties(m, pty_path, pty_fd);
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
if (r < 0)
return r;
r = sd_bus_message_close_container(m);
if (r < 0)
return bus_log_create_error(r);
/* Auxiliary units */
r = sd_bus_message_append(m, "a(sa(sv))", 0);
if (r < 0)
return bus_log_create_error(r);
*message = TAKE_PTR(m);
return 0;
}
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
static int bus_call_with_hint(
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
sd_bus *bus,
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
sd_bus_message *message,
const char *name,
sd_bus_message **reply) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
int r;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = sd_bus_call(bus, message, 0, &error, reply);
if (r < 0) {
log_error_errno(r, "Failed to start transient %s unit: %s", name, bus_error_message(&error, r));
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
if (arg_expand_environment == 0 &&
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
sd_bus_error_has_names(&error,
SD_BUS_ERROR_UNKNOWN_PROPERTY,
SD_BUS_ERROR_PROPERTY_READ_ONLY))
log_notice_errno(r, "Hint: --expand-environment=no is not supported by old systemd");
}
return r;
}
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
static int acquire_invocation_id(sd_bus *bus, const char *unit, sd_id128_t *ret) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
_cleanup_free_ char *object = NULL;
int r;
assert(bus);
assert(ret);
if (unit) {
object = unit_dbus_path_from_name(unit);
if (!object)
return log_oom();
}
r = sd_bus_get_property(bus,
"org.freedesktop.systemd1",
object ?: "/org/freedesktop/systemd1/unit/self",
"org.freedesktop.systemd1.Unit",
"InvocationID",
&error,
&reply,
"ay");
if (r < 0)
return log_error_errno(r, "Failed to request invocation ID for unit: %s", bus_error_message(&error, r));
bus-util: add generic parser for extracting id128 values from bus messages
2024-03-01 14:47:52 +01:00
r = bus_message_read_id128(reply, ret);
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
if (r < 0)
return bus_log_parse_error(r);
run/run: fix invocation ID handling Fixes a regression introduced by 8157cc0e3e33c97b406cc088cf001ca524154f64.
2024-04-24 14:58:07 +09:00
return r; /* Return true when we get a non-null invocation ID. */
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
}
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
static void set_window_title(PTYForward *f) {
_cleanup_free_ char *hn = NULL, *cl = NULL, *dot = NULL;
run: move condition inside set_window_title()
2024-06-19 09:23:03 +03:00
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
assert(f);
run: move condition inside set_window_title()
2024-06-19 09:23:03 +03:00
if (!shall_set_terminal_title())
return;
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
if (!arg_host)
(void) gethostname_strict(&hn);
cl = strv_join(arg_cmdline, " ");
if (!cl)
return (void) log_oom();
if (emoji_enabled())
dot = strjoin(special_glyph(privileged_execution() ? SPECIAL_GLYPH_RED_CIRCLE : SPECIAL_GLYPH_YELLOW_CIRCLE), " ");
if (arg_host || hn)
(void) pty_forward_set_titlef(f, "%s%s on %s", strempty(dot), cl, arg_host ?: hn);
else
(void) pty_forward_set_titlef(f, "%s%s", strempty(dot), cl);
ptyfwd: optionally prefix window title with colored dot in uid0/systemd-run/nspawn we already set a window title with a colorful unicode dot indicating the changed privileges/execution context. This typically gets overriden by the shell inside the environment however. Let's tweak this a bit: when we see the window title OSC ANSI sequence passing through, let's patch in the unicode dot as a prefix to the title. This is super pretty, since it makes sure root sessions via 0ad are really easily recognizable as such, because the window title carries an 🔴 red dot as prefix then.
2024-02-23 15:54:22 +01:00
(void) pty_forward_set_title_prefix(f, dot);
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
}
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
static int chown_to_capsule(const char *path, const char *capsule) {
_cleanup_free_ char *p = NULL;
int r;
assert(path);
assert(capsule);
p = path_join("/run/capsules/", capsule);
if (!p)
return -ENOMEM;
struct stat st;
r = chase_and_stat(p, /* root= */ NULL, CHASE_SAFE|CHASE_PROHIBIT_SYMLINKS, /* ret_path= */ NULL, &st);
if (r < 0)
return r;
if (uid_is_system(st.st_uid) || gid_is_system(st.st_gid)) /* paranoid safety check */
return -EPERM;
return chmod_and_chown(path, 0600, st.st_uid, st.st_gid);
}
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
static int print_unit_invocation(const char *unit, sd_id128_t invocation_id) {
_cleanup_(sd_json_variant_unrefp) sd_json_variant *v = NULL;
int r;
assert(unit);
if (FLAGS_SET(arg_json_format_flags, SD_JSON_FORMAT_OFF)) {
if (sd_id128_is_null(invocation_id))
log_info("Running as unit: %s", unit);
else
log_info("Running as unit: %s; invocation ID: " SD_ID128_FORMAT_STR, unit, SD_ID128_FORMAT_VAL(invocation_id));
return 0;
}
r = sd_json_variant_set_field_string(&v, "unit", unit);
if (r < 0)
return r;
if (!sd_id128_is_null(invocation_id)) {
run: use sd_json_variant_set_field_id128()
2024-08-14 15:53:42 +09:00
r = sd_json_variant_set_field_id128(&v, "invocation_id", invocation_id);
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
if (r < 0)
return r;
}
return sd_json_variant_dump(v, arg_json_format_flags, stdout, NULL);
}
run: simplify returning of status start_transient_service() would return two ints: one normally and one via *retval. We can just return one int and propagate it directly, because we use DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE().
2023-04-02 21:50:19 +02:00
static int start_transient_service(sd_bus *bus) {
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-27 19:13:45 +01:00
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
_cleanup_free_ char *service = NULL, *pty_path = NULL;
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
_cleanup_close_ int master = -EBADF, slave = -EBADF;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
int r;
assert(bus);
run: also enable interactive authentication on opening pty
2024-08-16 20:00:25 +09:00
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
if (arg_stdio == ARG_STDIO_PTY) {
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
if (IN_SET(arg_transport, BUS_TRANSPORT_LOCAL, BUS_TRANSPORT_CAPSULE)) {
tree-wide: some O_NDELAY → O_NONBLOCK fixes Somehow the coccinelle script misses these, hence fix them manually.
2018-05-31 12:04:37 +02:00
master = posix_openpt(O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
if (master < 0)
return log_error_errno(errno, "Failed to acquire pseudo tty: %m");
r = ptsname_malloc(master, &pty_path);
if (r < 0)
return log_error_errno(r, "Failed to determine tty name: %m");
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
if (arg_transport == BUS_TRANSPORT_CAPSULE) {
/* If we are in capsule mode, we must give the capsule UID/GID access to the PTY we just allocated first. */
r = chown_to_capsule(pty_path, arg_host);
if (r < 0)
return log_error_errno(r, "Failed to chown tty to capsule UID/GID: %m");
}
machined: call unlockpt() in container, not host It makes assumptions about the pty path, hence better call it in the container namespace rather than the host.
2015-09-01 19:39:14 +02:00
if (unlockpt(master) < 0)
return log_error_errno(errno, "Failed to unlock tty: %m");
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
slave = open_terminal(pty_path, O_RDWR|O_NOCTTY|O_CLOEXEC);
if (slave < 0)
return log_error_errno(slave, "Failed to open pty slave: %m");
sd-bus: rename sd_bus_open_system_container() to sd_bus_open_system_machine() Pretty much everywhere else we use the generic term "machine" when referring to containers in API, so let's do though in sd-bus too. In particular, since the concept of a "container" exists in sd-bus too, but as part of the marshalling system.
2014-12-23 23:38:13 +01:00
} else if (arg_transport == BUS_TRANSPORT_MACHINE) {
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-27 19:13:45 +01:00
_cleanup_(sd_bus_unrefp) sd_bus *system_bus = NULL;
run: do not try to use reply after freeing it (#3318) We'd call sd_bus_message_unref and then proceed to use variables pointing into the reply buffer (fd and char*). dup the fd and copy the string before destorying the reply. This makes systemd-run run again for me. https://bugzilla.redhat.com/show_bug.cgi?id=1337636
2016-05-21 18:30:33 -04:00
_cleanup_(sd_bus_message_unrefp) sd_bus_message *pty_reply = NULL;
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
const char *s;
run: various modernizations and smaller fixes Including a fix for properly freeing a calendarspec object after use.
2015-10-08 15:01:42 +02:00
r = sd_bus_default_system(&system_bus);
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
if (r < 0)
run: various modernizations and smaller fixes Including a fix for properly freeing a calendarspec object after use.
2015-10-08 15:01:42 +02:00
return log_error_errno(r, "Failed to connect to system bus: %m");
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
run: also enable interactive authentication on opening pty
2024-08-16 20:00:25 +09:00
(void) sd_bus_set_allow_interactive_authorization(system_bus, arg_ask_password);
run: change sd_bus_call_method to bus_call_method (#27518) Migrates the sd_bus_call_method code in run.c to use bus-locator.h api
2023-05-03 18:41:10 -07:00
r = bus_call_method(system_bus,
bus_machine_mgr,
"OpenMachinePTY",
&error,
&pty_reply,
"s", arg_host);
tree-wide: shorten error logging a bit Continuation of 4027f96aa08c73f109aa46b89842ca0e25c9c0e9.
2018-08-07 10:14:30 +09:00
if (r < 0)
tree-wide: don't needlessly negate error number passed to bus_error_message() Like it's customary in our codebase bus_error_message() internally takes abs() of the passed error anyway, hence no need to explicitly negate it. We mostly got this right, but in too many cases we didn't. Fix that.
2020-09-14 18:16:54 +02:00
return log_error_errno(r, "Failed to get machine PTY: %s", bus_error_message(&error, r));
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
run: do not try to use reply after freeing it (#3318) We'd call sd_bus_message_unref and then proceed to use variables pointing into the reply buffer (fd and char*). dup the fd and copy the string before destorying the reply. This makes systemd-run run again for me. https://bugzilla.redhat.com/show_bug.cgi?id=1337636
2016-05-21 18:30:33 -04:00
r = sd_bus_message_read(pty_reply, "hs", &master, &s);
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
if (r < 0)
return bus_log_parse_error(r);
master = fcntl(master, F_DUPFD_CLOEXEC, 3);
if (master < 0)
return log_error_errno(errno, "Failed to duplicate master fd: %m");
pty_path = strdup(s);
if (!pty_path)
return log_oom();
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
// FIXME: Introduce OpenMachinePTYEx() that accepts ownership/permission as param
// and additionally returns the pty fd, for #33216 and #32999
systemd-run: support -t mode when combined with -M For that, ask machined for a container PTY and use that.
2014-12-23 01:58:49 +01:00
} else
Drop the text argument from assert_not_reached() In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
2021-07-27 12:27:28 +02:00
assert_not_reached();
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
}
run: don't wait for start job to complete when running interactively anyway Otherwise we'd not read the services input while waiting for the job to wait, and there's no point in waiting for the job anyway if we wait for the unit to stop ultimately. Fixes: #15395
2020-04-22 20:08:34 +02:00
/* Optionally, wait for the start job to complete. If we are supposed to read the service's stdin
* lets skip this however, because we should start that already when the start job is running, and
* there's little point in waiting for the start job to complete in that case anyway, as we'll wait
* for EOF anyway, which is going to be much later. */
if (!arg_no_block && arg_stdio == ARG_STDIO_NONE) {
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
r = bus_wait_for_jobs_new(bus, &w);
if (r < 0)
return log_error_errno(r, "Could not watch jobs: %m");
}
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (arg_unit) {
various tools: be more explicit when a glob is passed when not supported See https://bugzilla.redhat.com/show_bug.cgi?id=1763488: when we say that 'foo@*.service' is not a valid unit name, this is not clear enough. Let's include the name of the operation that does not support globbing in the error message: $ build/systemctl enable 'foo@*.service' Glob pattern passed to enable, but globs are not supported for this. Invalid unit name "foo@*.service" escaped as "foo@\x2a.service". ...
2019-10-24 14:09:11 +02:00
r = unit_name_mangle_with_suffix(arg_unit, "as unit",
arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
".service", &service);
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
if (r < 0)
return log_error_errno(r, "Failed to mangle unit name: %m");
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
} else {
r = make_unit_name(bus, UNIT_SERVICE, &service);
if (r < 0)
return r;
}
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
r = make_transient_service_unit(bus, &m, service, pty_path, slave);
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return r;
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
slave = safe_close(slave);
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = bus_call_with_hint(bus, m, "service", &reply);
run: various modernizations and smaller fixes Including a fix for properly freeing a calendarspec object after use.
2015-10-08 15:01:42 +02:00
if (r < 0)
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
return r;
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
if (w) {
const char *object;
r = sd_bus_message_read(reply, "o", &object);
if (r < 0)
return bus_log_parse_error(r);
run: adjust indentation
2023-11-29 14:01:13 +01:00
r = bus_wait_for_jobs_one(w,
object,
dbus-wait-for-jobs: change 'quiet' flag to enum Change the 'quiet' flag to `bus_wait_for_jobs()` to an enum, so we can select with more granularity the type of information logged.
2023-12-14 15:22:14 +01:00
arg_quiet ? 0 : BUS_WAIT_JOBS_LOG_ERROR,
run: adjust indentation
2023-11-29 14:01:13 +01:00
arg_runtime_scope == RUNTIME_SCOPE_USER ? STRV_MAKE_CONST("--user") : NULL);
run: by default, wait until the transient unit finished start-up Make this blocking behaviour optional with --no-block, similar to systemctl's switch of this name.
2015-04-28 12:33:19 +02:00
if (r < 0)
return r;
}
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
if (!arg_quiet) {
run: drop unnecessary initializations Follow-up for fe5a6c47af675bc0020c545d86fb103492e1d77c.
2024-08-14 15:45:31 +09:00
sd_id128_t invocation_id;
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
r = acquire_invocation_id(bus, service, &invocation_id);
if (r < 0)
return r;
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
r = print_unit_invocation(service, invocation_id);
if (r < 0)
return r;
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
}
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
run: add new --pipe option for including "systemd-run" commands in shell pipelines In this mode, we'll directly connect stdin/stdout/stderr of the invoked service with whatever systemd-run itself is invoked on. This allows inclusion of "systemd-run" commands in shell pipelines, as unlike "--pty" this means EOF of stdin/stdout/stderr are propagated independently. If --pty and --pipe are combined systemd-run will automatically pick the right choice for the context it is invoked in, i.e. --pty when invoked on a TTY, and --pipe otherwise.
2017-09-08 15:38:40 +02:00
if (arg_wait || arg_stdio != ARG_STDIO_NONE) {
run: also show IP traffic accounting data on "systemd-run --wait" If we collect we should show it.
2017-09-26 16:33:03 +02:00
_cleanup_(run_context_free) RunContext c = {
.cpu_usage_nsec = NSEC_INFINITY,
run: include peak memory in output Fixes #28542. Signed-off-by: Florian Schmaus <flo@geekplace.eu>
2023-11-06 17:28:41 +01:00
.memory_peak = UINT64_MAX,
cgroup: add support for memory.swap.peak
2023-11-08 19:22:06 +01:00
.memory_swap_peak = UINT64_MAX,
run: also show IP traffic accounting data on "systemd-run --wait" If we collect we should show it.
2017-09-26 16:33:03 +02:00
.ip_ingress_bytes = UINT64_MAX,
.ip_egress_bytes = UINT64_MAX,
run: show IO stats in --wait resource output
2019-03-22 12:18:19 +01:00
.io_read_bytes = UINT64_MAX,
.io_write_bytes = UINT64_MAX,
run: also show IP traffic accounting data on "systemd-run --wait" If we collect we should show it.
2017-09-26 16:33:03 +02:00
.inactive_exit_usec = USEC_INFINITY,
.inactive_enter_usec = USEC_INFINITY,
};
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
_cleanup_free_ char *path = NULL;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
c.bus = sd_bus_ref(bus);
r = sd_event_default(&c.event);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
return log_error_errno(r, "Failed to get event loop: %m");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
if (master >= 0) {
run: use sd_event_set_signal_exit() at one more place
2024-02-23 12:19:43 +01:00
(void) sd_event_set_signal_exit(c.event, true);
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
if (!arg_quiet)
log_info("Press ^] three times within 1s to disconnect TTY.");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
r = pty_forward_new(c.event, master, PTY_FORWARD_IGNORE_INITIAL_VHANGUP, &c.forward);
if (r < 0)
return log_error_errno(r, "Failed to create PTY forwarder: %m");
pty_forward_set_handler(c.forward, pty_forward_handler, &c);
run: run pty forwarder at higher event priority than the bus We want any tty I/O to happen before we look at service messages, hence let's set priorities on them, and give tty I/O a higher priority.
2017-12-05 18:31:32 +01:00
/* Make sure to process any TTY events before we process bus events */
(void) pty_forward_set_priority(c.forward, SD_EVENT_PRIORITY_IMPORTANT);
run/uid0: tint the terminal background color (and add new --background= switch) This adds a new --background= switch that allows specifiying a background color for the terminal while the tool runs. It also teaches the tool when invoked as uid0 to tint the terminal in a reddish hue when operating as root, and in a yellowish hue when operating as any other user. This should highlight nicely when the user is operating with elevated privileges, or changed privileges.
2023-12-20 12:09:27 +01:00
if (!isempty(arg_background))
(void) pty_forward_set_background_color(c.forward, arg_background);
run: set window title In interactive terminal mode, let's set a window title that reflects our change of context to the target. Let's prefix it it with red/yellow emoji dot in case we changed privileges.
2024-02-01 10:43:44 +01:00
set_window_title(c.forward);
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
}
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
path = unit_dbus_path_from_name(service);
if (!path)
return log_oom();
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
tree-wide: install matches asynchronously Let's remove a number of synchronization points from our service startups: let's drop synchronous match installation, and let's opt for asynchronous instead. Also, let's use sd_bus_match_signal() instead of sd_bus_add_match() where we can.
2017-12-19 12:29:04 +01:00
r = sd_bus_match_signal_async(
bus,
&c.match,
"org.freedesktop.systemd1",
path,
"org.freedesktop.DBus.Properties",
"PropertiesChanged",
on_properties_changed, NULL, &c);
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
if (r < 0)
tree-wide: install matches asynchronously Let's remove a number of synchronization points from our service startups: let's drop synchronous match installation, and let's opt for asynchronous instead. Also, let's use sd_bus_match_signal() instead of sd_bus_add_match() where we can.
2017-12-19 12:29:04 +01:00
return log_error_errno(r, "Failed to request properties changed signal match: %m");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: run pty forwarder at higher event priority than the bus We want any tty I/O to happen before we look at service messages, hence let's set priorities on them, and give tty I/O a higher priority.
2017-12-05 18:31:32 +01:00
r = sd_bus_attach_event(bus, c.event, SD_EVENT_PRIORITY_NORMAL);
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
if (r < 0)
tree-wide: install matches asynchronously Let's remove a number of synchronization points from our service startups: let's drop synchronous match installation, and let's opt for asynchronous instead. Also, let's use sd_bus_match_signal() instead of sd_bus_add_match() where we can.
2017-12-19 12:29:04 +01:00
return log_error_errno(r, "Failed to attach bus to event loop: %m");
run: fix race for "systemd-run --wait" D-Bus is inherently racy when a function returns an object path for a newly allocated object the client shall watch: as the object already exists before the client can subscribe to it, it might lose messages from it. Let's fix this, by explicitly querying unit properties right after subscribing to its property changes. Fixes: #4920
2016-12-23 22:56:39 +01:00
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
r = run_context_update(&c, path);
if (r < 0)
return r;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
r = sd_event_loop(c.event);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
if (r < 0)
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
return log_error_errno(r, "Failed to run event loop: %m");
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
if (c.forward) {
char last_char = 0;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
r = pty_forward_get_last_char(c.forward, &last_char);
if (r >= 0 && !arg_quiet && last_char != '\n')
fputc('\n', stdout);
}
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: exit early in --pty if service failed This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2016-12-24 00:35:58 +01:00
if (arg_wait && !arg_quiet) {
run: explicitly close pty forwarder before printing summary If the PTY forwarder is still around our TTY will have borked settings, regarding newlines, hence explicitly close it before showing the summary, so that it looks pretty.
2016-12-24 00:34:34 +01:00
nspawn: wrap some long lines
2019-10-29 17:30:36 +01:00
/* Explicitly destroy the PTY forwarder, so that the PTY device is usable again, with its
run: explicitly close pty forwarder before printing summary If the PTY forwarder is still around our TTY will have borked settings, regarding newlines, hence explicitly close it before showing the summary, so that it looks pretty.
2016-12-24 00:34:34 +01:00
* original settings (i.e. proper line breaks), so that we can show the summary in a pretty
* way. */
c.forward = pty_forward_free(c.forward);
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
if (!isempty(c.result))
log_info("Finished with result: %s", strna(c.result));
core: allow setting of the description string for transient units
2013-07-01 00:40:56 +02:00
run: also show a pretty string for main exit status, if any This brings output on par with unit_log_process_exit().
2024-05-26 10:33:59 +08:00
if (c.exit_code > 0)
log_info("Main processes terminated with: code=%s, status=%u/%s",
sigchld_code_to_string(c.exit_code),
c.exit_status,
strna(c.exit_code == CLD_EXITED ?
exit_status_to_string(c.exit_status, EXIT_STATUS_FULL) :
signal_to_string(c.exit_status)));
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
basic/time-util: add helper function to check if timestamp is set No functional change.
2019-07-04 19:10:11 +02:00
if (timestamp_is_set(c.inactive_enter_usec) &&
timestamp_is_set(c.inactive_exit_usec) &&
tree-wide: add FORMAT_TIMESPAN()
2021-07-01 14:32:46 +02:00
c.inactive_enter_usec > c.inactive_exit_usec)
nspawn: wrap some long lines
2019-10-29 17:30:36 +01:00
log_info("Service runtime: %s",
tree-wide: add FORMAT_TIMESPAN()
2021-07-01 14:32:46 +02:00
FORMAT_TIMESPAN(c.inactive_enter_usec - c.inactive_exit_usec, USEC_PER_MSEC));
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
tree-wide: add FORMAT_TIMESPAN()
2021-07-01 14:32:46 +02:00
if (c.cpu_usage_nsec != NSEC_INFINITY)
nspawn: wrap some long lines
2019-10-29 17:30:36 +01:00
log_info("CPU time consumed: %s",
tree-wide: add FORMAT_TIMESPAN()
2021-07-01 14:32:46 +02:00
FORMAT_TIMESPAN(DIV_ROUND_UP(c.cpu_usage_nsec, NSEC_PER_USEC), USEC_PER_MSEC));
run: also show IP traffic accounting data on "systemd-run --wait" If we collect we should show it.
2017-09-26 16:33:03 +02:00
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
if (c.memory_peak != UINT64_MAX) {
const char *swap;
run: include peak memory in output Fixes #28542. Signed-off-by: Florian Schmaus <flo@geekplace.eu>
2023-11-06 17:28:41 +01:00
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
if (c.memory_swap_peak != UINT64_MAX)
run: strjoina is used, not sprintf Follow-up for 43ead5e3d611e7d3a2e723f5a3cdbf1f8686cea0
2024-01-17 21:35:47 +08:00
swap = strjoina(" (swap: ", FORMAT_BYTES(c.memory_swap_peak), ")");
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
else
swap = "";
cgroup: add support for memory.swap.peak
2023-11-08 19:22:06 +01:00
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
log_info("Memory peak: %s%s", FORMAT_BYTES(c.memory_peak), swap);
}
tree-wide: add FORMAT_BYTES()
2021-07-06 09:14:01 +02:00
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
const char *ip_ingress = NULL, *ip_egress = NULL;
run: don't show IP/IO accounting data if 0
2024-01-12 17:35:21 +08:00
if (!IN_SET(c.ip_ingress_bytes, 0, UINT64_MAX))
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
ip_ingress = strjoina(" received: ", FORMAT_BYTES(c.ip_ingress_bytes));
run: don't show IP/IO accounting data if 0
2024-01-12 17:35:21 +08:00
if (!IN_SET(c.ip_egress_bytes, 0, UINT64_MAX))
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
ip_egress = strjoina(" sent: ", FORMAT_BYTES(c.ip_egress_bytes));
tree-wide: add FORMAT_BYTES()
2021-07-06 09:14:01 +02:00
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
if (ip_ingress || ip_egress)
log_info("IP traffic%s%s", strempty(ip_ingress), strempty(ip_egress));
const char *io_read = NULL, *io_write = NULL;
tree-wide: add FORMAT_BYTES()
2021-07-06 09:14:01 +02:00
run: don't show IP/IO accounting data if 0
2024-01-12 17:35:21 +08:00
if (!IN_SET(c.io_read_bytes, 0, UINT64_MAX))
run: strjoina is used, not sprintf Follow-up for 43ead5e3d611e7d3a2e723f5a3cdbf1f8686cea0
2024-01-17 21:35:47 +08:00
io_read = strjoina(" read: ", FORMAT_BYTES(c.io_read_bytes));
run: don't show IP/IO accounting data if 0
2024-01-12 17:35:21 +08:00
if (!IN_SET(c.io_write_bytes, 0, UINT64_MAX))
run: strjoina is used, not sprintf Follow-up for 43ead5e3d611e7d3a2e723f5a3cdbf1f8686cea0
2024-01-17 21:35:47 +08:00
io_write = strjoina(" written: ", FORMAT_BYTES(c.io_write_bytes));
run: show accounting data of same type in the same line
2024-01-12 16:57:13 +08:00
if (io_read || io_write)
log_info("IO bytes%s%s", strempty(io_read), strempty(io_write));
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
}
run: propagate return code/status from the child Fixes #13756. We were returning things that didn't make much sense: we would always use the exit_code value as the exit code. But it sometimes contains a exit code from the process, and sometimes the number of a signal that was used to kill the process. We would also ignore SuccessExitStatus= and in general whether systemd thinks the service exited successfully (hence the issue in #13756, where systemd would return success/SIGTERM, but we'd just look at the SIGTERM part.) If we are doing --wait, let's always propagate the exit code/status from the child. While at it, make the documentation useful.
2019-10-29 18:07:07 +01:00
/* Try to propagate the service's return value. But if the service defines
* e.g. SuccessExitStatus, honour this, and return 0 to mean "success". */
if (streq_ptr(c.result, "success"))
run: simplify returning of status start_transient_service() would return two ints: one normally and one via *retval. We can just return one int and propagate it directly, because we use DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE().
2023-04-02 21:50:19 +02:00
return EXIT_SUCCESS;
if (streq_ptr(c.result, "exit-code") && c.exit_status > 0)
return c.exit_status;
if (streq_ptr(c.result, "signal"))
return EXIT_EXCEPTION;
return EXIT_FAILURE;
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
}
systemd-run: don't print error messages twice
2014-03-05 19:02:53 +01:00
run: simplify returning of status start_transient_service() would return two ints: one normally and one via *retval. We can just return one int and propagate it directly, because we use DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE().
2023-04-02 21:50:19 +02:00
return EXIT_SUCCESS;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
}
run: set $INVOCATION_ID for scope units Services invoked by PID1 have $INVOCATION_ID initialized, hence let's do that for scope units (where the payload process is invoked by us on the client side) too, to minimize needless differences. Fixes: #8082
2018-11-22 20:40:00 +01:00
static int start_transient_scope(sd_bus *bus) {
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
run: synchronously wait until the scope unit we create is started Otherwise it might happen that by the time PID 1 adds our process to the scope unit the process might already have died, if the process is short-running (such as an invocation to /bin/true). https://bugs.freedesktop.org/show_bug.cgi?id=86520
2015-04-28 12:21:31 +02:00
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
env-file: when resolving env vars in command lines, collect list of unset/invalid ones When resolving environment variables we currently silently resolve unset and invalid environment variables to empty strings. Let's do this slightly less silently: log about unset and invalid env vars, but still resolve them to an empty string. Fixes: #27036
2023-06-26 17:20:49 +02:00
_cleanup_strv_free_ char **env = NULL, **user_env = NULL;
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
_cleanup_free_ char *scope = NULL;
run: synchronously wait until the scope unit we create is started Otherwise it might happen that by the time PID 1 adds our process to the scope unit the process might already have died, if the process is short-running (such as an invocation to /bin/true). https://bugs.freedesktop.org/show_bug.cgi?id=86520
2015-04-28 12:21:31 +02:00
const char *object = NULL;
run: drop unnecessary initializations Follow-up for fe5a6c47af675bc0020c545d86fb103492e1d77c.
2024-08-14 15:45:31 +09:00
sd_id128_t invocation_id;
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
bool allow_pidfd = true;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
int r;
bus: port remaining code over to use bus_error_message()
2013-11-08 19:49:49 +01:00
assert(bus);
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
assert(!strv_isempty(arg_cmdline));
bus: port remaining code over to use bus_error_message()
2013-11-08 19:49:49 +01:00
run: synchronously wait until the scope unit we create is started Otherwise it might happen that by the time PID 1 adds our process to the scope unit the process might already have died, if the process is short-running (such as an invocation to /bin/true). https://bugs.freedesktop.org/show_bug.cgi?id=86520
2015-04-28 12:21:31 +02:00
r = bus_wait_for_jobs_new(bus, &w);
if (r < 0)
various: fix error message for bus_wait_for_jobs_new() As pointed out by Mike Yuan in review of grandparent commit, bus_wait_for_jobs_new() can also fail for non-oom reasons.
2023-05-26 15:09:03 +02:00
return log_error_errno(r, "Could not watch jobs: %m");
run: synchronously wait until the scope unit we create is started Otherwise it might happen that by the time PID 1 adds our process to the scope unit the process might already have died, if the process is short-running (such as an invocation to /bin/true). https://bugs.freedesktop.org/show_bug.cgi?id=86520
2015-04-28 12:21:31 +02:00
Always check asprintf return code There is a small number of the places in sources where we don't check asprintf() return code and assume that after error the function returns NULL pointer via the first argument. That's wrong, after error the content of pointer is undefined.
2014-07-25 15:38:31 +02:00
if (arg_unit) {
various tools: be more explicit when a glob is passed when not supported See https://bugzilla.redhat.com/show_bug.cgi?id=1763488: when we say that 'foo@*.service' is not a valid unit name, this is not clear enough. Let's include the name of the operation that does not support globbing in the error message: $ build/systemctl enable 'foo@*.service' Glob pattern passed to enable, but globs are not supported for this. Invalid unit name "foo@*.service" escaped as "foo@\x2a.service". ...
2019-10-24 14:09:11 +02:00
r = unit_name_mangle_with_suffix(arg_unit, "as unit",
arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
".scope", &scope);
core: rework unit name validation and manipulation logic A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-30 20:21:00 +02:00
if (r < 0)
return log_error_errno(r, "Failed to mangle scope name: %m");
run: when automatically generating names for transient units, use unique bus ID, fallback to random Previously we used the process ID to generate transient unit names. However, that is problematic as PIDs get reused easily, and applying them to remote systems makes little sense. Fortunately, each bus peer gets a unique, non-reusable ID assigned when attaching to a bus, hence let's use that, if we can. In some cases we cannot however, because we connect directly to PID's private socket, and thus are not a proper bus peer with a unique ID. In that case generate a random UUID to name the unit after.
2015-11-17 14:11:12 +01:00
} else {
r = make_unit_name(bus, UNIT_SCOPE, &scope);
if (r < 0)
return r;
}
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
tree-wide: voidify polkit_agent_open_if_enabled()
2024-08-16 19:33:41 +09:00
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
for (;;) {
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
run: enable interactive authorization
2015-09-01 16:43:08 +00:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
if (r < 0)
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
/* Name and Mode */
r = sd_bus_message_append(m, "ss", scope, "fail");
if (r < 0)
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
/* Properties */
r = sd_bus_message_open_container(m, 'a', "(sv)");
if (r < 0)
return bus_log_create_error(r);
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
r = transient_scope_set_properties(m, allow_pidfd);
if (r < 0)
return r;
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
r = sd_bus_message_close_container(m);
if (r < 0)
return bus_log_create_error(r);
run: enable interactive authorization
2015-09-01 16:43:08 +00:00
run: support --scope on old service managers that lack native PIDFD support Before this we'd fail with a complaint that PIDFDs is not supported by the service manager. Add some compat support by falling back to classic numeric PIDs in that case.
2023-10-12 12:02:03 +02:00
/* Auxiliary units */
r = sd_bus_message_append(m, "a(sa(sv))", 0);
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_call(bus, m, 0, &error, &reply);
if (r < 0) {
if (sd_bus_error_has_names(&error, SD_BUS_ERROR_UNKNOWN_PROPERTY, SD_BUS_ERROR_PROPERTY_READ_ONLY) && allow_pidfd) {
log_debug("Retrying with classic PIDs.");
allow_pidfd = false;
continue;
}
return log_error_errno(r, "Failed to start transient scope unit: %s", bus_error_message(&error, r));
}
break;
}
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: set $INVOCATION_ID for scope units Services invoked by PID1 have $INVOCATION_ID initialized, hence let's do that for scope units (where the payload process is invoked by us on the client side) too, to minimize needless differences. Fixes: #8082
2018-11-22 20:40:00 +01:00
r = sd_bus_message_read(reply, "o", &object);
if (r < 0)
return bus_log_parse_error(r);
dbus-wait-for-jobs: change 'quiet' flag to enum Change the 'quiet' flag to `bus_wait_for_jobs()` to an enum, so we can select with more granularity the type of information logged.
2023-12-14 15:22:14 +01:00
r = bus_wait_for_jobs_one(w, object, arg_quiet ? 0 : BUS_WAIT_JOBS_LOG_ERROR,
arg_runtime_scope == RUNTIME_SCOPE_USER ? STRV_MAKE_CONST("--user") : NULL);
run: set $INVOCATION_ID for scope units Services invoked by PID1 have $INVOCATION_ID initialized, hence let's do that for scope units (where the payload process is invoked by us on the client side) too, to minimize needless differences. Fixes: #8082
2018-11-22 20:40:00 +01:00
if (r < 0)
return r;
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
r = acquire_invocation_id(bus, NULL, &invocation_id);
run: set $INVOCATION_ID for scope units Services invoked by PID1 have $INVOCATION_ID initialized, hence let's do that for scope units (where the payload process is invoked by us on the client side) too, to minimize needless differences. Fixes: #8082
2018-11-22 20:40:00 +01:00
if (r < 0)
return r;
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
if (r == 0)
log_debug("No invocation ID set.");
else {
if (strv_extendf(&user_env, "INVOCATION_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(invocation_id)) < 0)
return log_oom();
}
run: set $INVOCATION_ID for scope units Services invoked by PID1 have $INVOCATION_ID initialized, hence let's do that for scope units (where the payload process is invoked by us on the client side) too, to minimize needless differences. Fixes: #8082
2018-11-22 20:40:00 +01:00
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
if (arg_nice_set) {
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (setpriority(PRIO_PROCESS, 0, arg_nice) < 0)
return log_error_errno(errno, "Failed to set nice level: %m");
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
}
if (arg_exec_group) {
gid_t gid;
user-util: rework get_user_creds() Let's fold get_user_creds_clean() into get_user_creds(), and introduce a flags argument for it to select "clean" behaviour. This flags parameter also learns to other new flags: - USER_CREDS_SYNTHESIZE_FALLBACK: in this mode the user records for root/nobody are only synthesized as fallback. Normally, the synthesized records take precedence over what is in the user database. With this flag set this is reversed, and the user database takes precedence, and the synthesized records are only used if they are missing there. This flag should be set in cases where doing NSS is deemed safe, and where there's interest in knowing the correct shell, for example if the admin changed root's shell to zsh or suchlike. - USER_CREDS_ALLOW_MISSING: if set, and a UID/GID is specified by numeric value, and there's no user/group record for it accept it anyway. This allows us to fix #9767 This then also ports all users to set the most appropriate flags. Fixes: #9767 [zj: remove one isempty() call]
2018-08-02 18:36:47 +02:00
r = get_group_creds(&arg_exec_group, &gid, 0);
treewide: yet more log_*_errno + return simplifications Using: find . -name '*.[ch]' | while read f; do perl -i.mmm -e \ 'local $/; local $_=<>; s/(if\s*\([^\n]+\))\s*{\n(\s*)(log_[a-z_]*_errno\(\s*([->a-zA-Z_]+)\s*,[^;]+);\s*return\s+\g4;\s+}/\1\n\2return \3;/msg; print;' $f done And a couple of manual whitespace fixups.
2014-11-28 18:50:43 +01:00
if (r < 0)
return log_error_errno(r, "Failed to resolve group %s: %m", arg_exec_group);
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (setresgid(gid, gid, gid) < 0)
return log_error_errno(errno, "Failed to change GID to " GID_FMT ": %m", gid);
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
}
if (arg_exec_user) {
const char *home, *shell;
uid_t uid;
gid_t gid;
Rename USER_CREDS_SYNTHESIZE_FALLBACK to …_PREFER_NSS
2018-08-20 16:06:41 +02:00
r = get_user_creds(&arg_exec_user, &uid, &gid, &home, &shell, USER_CREDS_CLEAN|USER_CREDS_PREFER_NSS);
treewide: yet more log_*_errno + return simplifications Using: find . -name '*.[ch]' | while read f; do perl -i.mmm -e \ 'local $/; local $_=<>; s/(if\s*\([^\n]+\))\s*{\n(\s*)(log_[a-z_]*_errno\(\s*([->a-zA-Z_]+)\s*,[^;]+);\s*return\s+\g4;\s+}/\1\n\2return \3;/msg; print;' $f done And a couple of manual whitespace fixups.
2014-11-28 18:50:43 +01:00
if (r < 0)
return log_error_errno(r, "Failed to resolve user %s: %m", arg_exec_user);
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
execute: move suppression of HOME=/ and SHELL=/bin/nologin into user-util.c This adds a new call get_user_creds_clean(), which is just like get_user_creds() but returns NULL in the home/shell parameters if they contain no useful information. This code previously lived in execute.c, but by generalizing this we can reuse it in run.c.
2016-08-25 10:24:10 +02:00
if (home) {
r = strv_extendf(&user_env, "HOME=%s", home);
if (r < 0)
return log_oom();
}
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
execute: move suppression of HOME=/ and SHELL=/bin/nologin into user-util.c This adds a new call get_user_creds_clean(), which is just like get_user_creds() but returns NULL in the home/shell parameters if they contain no useful information. This code previously lived in execute.c, but by generalizing this we can reuse it in run.c.
2016-08-25 10:24:10 +02:00
if (shell) {
r = strv_extendf(&user_env, "SHELL=%s", shell);
if (r < 0)
return log_oom();
}
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
r = strv_extendf(&user_env, "USER=%s", arg_exec_user);
if (r < 0)
return log_oom();
r = strv_extendf(&user_env, "LOGNAME=%s", arg_exec_user);
if (r < 0)
return log_oom();
if (!arg_exec_group) {
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (setresgid(gid, gid, gid) < 0)
return log_error_errno(errno, "Failed to change GID to " GID_FMT ": %m", gid);
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
}
treewide: another round of simplifications Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28 19:57:32 +01:00
if (setresuid(uid, uid, uid) < 0)
return log_error_errno(errno, "Failed to change UID to " UID_FMT ": %m", uid);
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
}
run: make --working-directory= work for --scope too This sounds like a more user-friendly alternative to #24780
2022-09-22 14:21:46 +02:00
if (arg_working_directory && chdir(arg_working_directory) < 0)
return log_error_errno(errno, "Failed to change directory to '%s': %m", arg_working_directory);
Add implicit sentinel to strv_env_merge() Just to make it a tiny bit nicer to use.
2021-08-07 10:16:19 +02:00
env = strv_env_merge(environ, user_env, arg_environment);
systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode
2014-03-05 18:57:21 +01:00
if (!env)
return log_oom();
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
if (!arg_quiet) {
systemd-run: add unit and invocation_id JSON output
2024-08-12 15:15:15 +02:00
r = print_unit_invocation(scope, invocation_id);
if (r < 0)
return r;
run: output invocation ID when starting service and scope units
2023-10-12 12:03:03 +02:00
}
systemd-run: don't print error messages twice
2014-03-05 19:02:53 +01:00
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
if (arg_expand_environment > 0) {
env-file: when resolving env vars in command lines, collect list of unset/invalid ones When resolving environment variables we currently silently resolve unset and invalid environment variables to empty strings. Let's do this slightly less silently: log about unset and invalid env vars, but still resolve them to an empty string. Fixes: #27036
2023-06-26 17:20:49 +02:00
_cleanup_strv_free_ char **expanded_cmdline = NULL, **unset_variables = NULL, **bad_variables = NULL;
r = replace_env_argv(arg_cmdline, env, &expanded_cmdline, &unset_variables, &bad_variables);
if (r < 0)
return log_error_errno(r, "Failed to expand environment variables: %m");
free_and_replace(arg_cmdline, expanded_cmdline);
if (!strv_isempty(unset_variables)) {
_cleanup_free_ char *ju = strv_join(unset_variables, ", ");
log_warning("Referenced but unset environment variable evaluates to an empty string: %s", strna(ju));
}
if (!strv_isempty(bad_variables)) {
_cleanup_free_ char *jb = strv_join(bad_variables, ", ");
log_warning("Invalid environment variable name evaluates to an empty string: %s", strna(jb));
}
run: expand variables also with --scope This makes syntax be the same for commands which are started by the manager and those which are spawned directly (when --scope is used). Before: $ systemd-run -q -t echo '$TERM' xterm-256color $ systemd-run -q --scope echo '$TERM' $TERM Now: $ systemd-run -q --scope echo '$TERM' xterm-256color Previous behaviour can be restored via --expand-environment=no: $ systemd-run -q --scope --expand-environment=no echo '$TERM' $TERM Fixes #22948. At some level, this is a compat break. Fortunately --scope is not very widely used, so I think we can get away with this. Having different syntax depending on whether --scope was used or not was bad UX. A NEWS entry will be required.
2023-04-04 21:18:33 +02:00
}
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
execvpe(arg_cmdline[0], arg_cmdline, env);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
return log_error_errno(errno, "Failed to execute: %m");
}
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
static int make_transient_trigger_unit(
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
sd_bus *bus,
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
sd_bus_message **message,
const char *suffix,
const char *trigger,
const char *service) {
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
int r;
assert(bus);
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
assert(message);
assert(suffix);
assert(trigger);
assert(service);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: switch to BusLocator-oriented helpers Mechanical substitution reducing some verbosity
2020-05-02 23:41:14 -07:00
r = bus_message_new_method_call(bus, &m, bus_systemd_mgr, "StartTransientUnit");
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
return bus_log_create_error(r);
/* Name and Mode */
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
r = sd_bus_message_append(m, "ss", trigger, "fail");
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
return bus_log_create_error(r);
/* Properties */
r = sd_bus_message_open_container(m, 'a', "(sv)");
if (r < 0)
return bus_log_create_error(r);
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
if (streq(suffix, ".path"))
r = transient_unit_set_properties(m, UNIT_PATH, arg_path_property);
else if (streq(suffix, ".socket"))
r = transient_unit_set_properties(m, UNIT_SOCKET, arg_socket_property);
else if (streq(suffix, ".timer"))
r = transient_timer_set_properties(m);
else
Drop the text argument from assert_not_reached() In general we almost never hit those asserts in production code, so users see them very rarely, if ever. But either way, we just need something that users can pass to the developers. We have quite a few of those asserts, and some have fairly nice messages, but many are like "WTF?" or "???" or "unexpected something". The error that is printed includes the file location, and function name. In almost all functions there's at most one assert, so the function name alone is enough to identify the failure for a developer. So we don't get much extra from the message, and we might just as well drop them. Dropping them makes our code a tiny bit smaller, and most importantly, improves development experience by making it easy to insert such an assert in the code without thinking how to phrase the argument.
2021-07-27 12:27:28 +02:00
assert_not_reached();
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return r;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
r = sd_bus_message_close_container(m);
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_open_container(m, 'a', "(sa(sv))");
if (r < 0)
return bus_log_create_error(r);
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
if (!strv_isempty(arg_cmdline)) {
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
r = sd_bus_message_open_container(m, 'r', "sa(sv)");
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_append(m, "s", service);
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_open_container(m, 'a', "(sv)");
if (r < 0)
return bus_log_create_error(r);
run: do not pass the pty slave fd to transient service in a machine Follow-up for 28459ba1f4df824d5ef7f7d1a9acb6953ea24045 The pty path returned by OpenMachinePTY() cannot be opened from outside the machine, hence let's use the plain Standard{Input,Output,Error}=tty in such a case. This means if --machine= is specified, #32916 would occur. A comprehensive fix requires a new dbus method in machined, which shall be material for v257. See also: https://github.com/systemd/systemd/pull/33216#discussion_r1628020429 Replaces #33216 Co-authored-by: Mike Yuan <me@yhndnzj.com>
2024-06-06 13:30:09 +02:00
r = transient_service_set_properties(m, /* pty_path = */ NULL, /* pty_fd = */ -EBADF);
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
if (r < 0)
run: rearrange error handling when adding unit properties Let's always leave logging to the call that actually added the fields to the bus message. This way we don't get duplicate logging whenver bus_append_unit_property_assignment() ends up being called, which does all its logging on its own (and probably should do, as it can output much more precise errors).
2017-11-29 20:05:22 +01:00
return r;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
r = sd_bus_message_close_container(m);
if (r < 0)
return bus_log_create_error(r);
r = sd_bus_message_close_container(m);
if (r < 0)
return bus_log_create_error(r);
}
r = sd_bus_message_close_container(m);
if (r < 0)
return bus_log_create_error(r);
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
*message = TAKE_PTR(m);
return 0;
}
static int start_transient_trigger(sd_bus *bus, const char *suffix) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL, *reply = NULL;
_cleanup_(bus_wait_for_jobs_freep) BusWaitForJobs *w = NULL;
_cleanup_free_ char *trigger = NULL, *service = NULL;
const char *object = NULL;
int r;
assert(bus);
assert(suffix);
r = bus_wait_for_jobs_new(bus, &w);
if (r < 0)
various: fix error message for bus_wait_for_jobs_new() As pointed out by Mike Yuan in review of grandparent commit, bus_wait_for_jobs_new() can also fail for non-oom reasons.
2023-05-26 15:09:03 +02:00
return log_error_errno(r, "Could not watch jobs: %m");
run: split out creation of unit creation messages Just refactoring, in preparation for future changes. (Though I think it'd be reasonable to do anyway, those functions were awfully long.) 'git diff' displays this badly. The middle part of start_transient_service() is moved to make_transient_service_unit(), and the middle part of start_transient_trigger() is moved to make_transient_trigger_unit().
2023-04-02 22:27:58 +02:00
if (arg_unit) {
switch (unit_name_to_type(arg_unit)) {
case UNIT_SERVICE:
service = strdup(arg_unit);
if (!service)
return log_oom();
r = unit_name_change_suffix(service, suffix, &trigger);
if (r < 0)
return log_error_errno(r, "Failed to change unit suffix: %m");
break;
case UNIT_TIMER:
trigger = strdup(arg_unit);
if (!trigger)
return log_oom();
r = unit_name_change_suffix(trigger, ".service", &service);
if (r < 0)
return log_error_errno(r, "Failed to change unit suffix: %m");
break;
default:
r = unit_name_mangle_with_suffix(arg_unit, "as unit",
arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
".service", &service);
if (r < 0)
return log_error_errno(r, "Failed to mangle unit name: %m");
r = unit_name_mangle_with_suffix(arg_unit, "as trigger",
arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN,
suffix, &trigger);
if (r < 0)
return log_error_errno(r, "Failed to mangle unit name: %m");
break;
}
} else {
r = make_unit_name(bus, UNIT_SERVICE, &service);
if (r < 0)
return r;
r = unit_name_change_suffix(service, suffix, &trigger);
if (r < 0)
return log_error_errno(r, "Failed to change unit suffix: %m");
}
r = make_transient_trigger_unit(bus, &m, suffix, trigger, service);
if (r < 0)
return r;
tree-wide: voidify polkit_agent_open_if_enabled()
2024-08-16 19:33:41 +09:00
(void) polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
run: enable interactive authorization
2015-09-01 16:43:08 +00:00
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
r = bus_call_with_hint(bus, m, suffix + 1, &reply);
tree-wide: shorten error logging a bit Continuation of 4027f96aa08c73f109aa46b89842ca0e25c9c0e9.
2018-08-07 10:14:30 +09:00
if (r < 0)
run: add --expand-environment=no to disable server-side envvar expansion This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with older systemds. A hint is emitted if we get an error indicating lack of support. PID1 returns SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
2023-04-02 23:17:58 +02:00
return r;
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: synchronously wait until the scope unit we create is started Otherwise it might happen that by the time PID 1 adds our process to the scope unit the process might already have died, if the process is short-running (such as an invocation to /bin/true). https://bugs.freedesktop.org/show_bug.cgi?id=86520
2015-04-28 12:21:31 +02:00
r = sd_bus_message_read(reply, "o", &object);
if (r < 0)
return bus_log_parse_error(r);
dbus-wait-for-jobs: change 'quiet' flag to enum Change the 'quiet' flag to `bus_wait_for_jobs()` to an enum, so we can select with more granularity the type of information logged.
2023-12-14 15:22:14 +01:00
r = bus_wait_for_jobs_one(w, object, arg_quiet ? 0 : BUS_WAIT_JOBS_LOG_ERROR,
arg_runtime_scope == RUNTIME_SCOPE_USER ? STRV_MAKE_CONST("--user") : NULL);
run: synchronously wait until the scope unit we create is started Otherwise it might happen that by the time PID 1 adds our process to the scope unit the process might already have died, if the process is short-running (such as an invocation to /bin/true). https://bugs.freedesktop.org/show_bug.cgi?id=86520
2015-04-28 12:21:31 +02:00
if (r < 0)
return r;
run: respect quiet when starting timer (#4029)
2016-08-24 03:12:18 -07:00
if (!arg_quiet) {
run: add support to create transient path and socket unit
2017-12-18 23:46:45 +09:00
log_info("Running %s as unit: %s", suffix + 1, trigger);
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
if (!strv_isempty(arg_cmdline))
run: respect quiet when starting timer (#4029)
2016-08-24 03:12:18 -07:00
log_info("Will run service as unit: %s", service);
}
run: add a new "-t" mode for invoking a binary on an allocated TTY
2014-12-22 19:45:32 +01:00
run: simplify returning of status start_transient_service() would return two ints: one normally and one via *retval. We can just return one int and propagate it directly, because we use DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE().
2023-04-02 21:50:19 +02:00
return EXIT_SUCCESS;
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
}
run: do not validate exe early if MountImages/ExtensionImages are used Same as with RootImage&friends, the executable might be in the image, so it's not visible in the host before the unit is set up.
2021-10-27 11:59:19 +01:00
static bool shall_make_executable_absolute(void) {
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
if (arg_exec_path)
return false;
run: do not validate exe early if MountImages/ExtensionImages are used Same as with RootImage&friends, the executable might be in the image, so it's not visible in the host before the unit is set up.
2021-10-27 11:59:19 +01:00
if (strv_isempty(arg_cmdline))
return false;
if (arg_transport != BUS_TRANSPORT_LOCAL)
return false;
FOREACH_STRING(f, "RootDirectory=", "RootImage=", "ExecSearchPath=", "MountImages=", "ExtensionImages=")
if (strv_find_startswith(arg_property, f))
return false;
return true;
}
run: port to DEFINE_MAIN_FUNCTION()
2018-11-22 19:30:03 +01:00
static int run(int argc, char* argv[]) {
tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.
2015-11-27 19:13:45 +01:00
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
run: simplify returning of status start_transient_service() would return two ints: one normally and one via *retval. We can just return one int and propagate it directly, because we use DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE().
2023-04-02 21:50:19 +02:00
int r;
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
tree-wide: Use log_setup() everywhere Otherwise the default log target is the console and we won't use the journal socket even if it is available.
2024-04-25 14:09:09 +02:00
log_setup();
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
Rename uid0 to run0 Naming is always a matter of preference, and the old name would certainly work, but I think the new one has the following advantages: - A verb is better than a noun. - The name more similar to "the competition", i.e. 'sudo', 'pkexec', 'runas', 'doas', which generally include an action verb. - The connection between 'systemd-run' and 'run0' is more obvious. There has been no release yet with the old name, so we can rename without caring for backwards compatibility.
2024-03-19 11:14:55 +01:00
if (invoked_as(argv, "run0"))
run: when invoked as "uid0", expose some sudo-like behaviour This turns "systemd-run" into a multi-call binary. When invoked under the name "uid0", then it behaves a bit more like traditional "sudo". This mostly means defaults appropriuate for that, for example a PAM stack, interactivity and more. Fixes: #29199
2023-12-19 19:10:52 +01:00
r = parse_argv_sudo_mode(argc, argv);
else
r = parse_argv(argc, argv);
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
if (r <= 0)
run: port to static destructors
2018-11-22 19:34:15 +01:00
return r;
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: do not validate exe early if MountImages/ExtensionImages are used Same as with RootImage&friends, the executable might be in the image, so it's not visible in the host before the unit is set up.
2021-10-27 11:59:19 +01:00
if (shall_make_executable_absolute()) {
run: let systemd resolve the path with RootDirectory=/RootImage= Fixes #13338.
2020-09-17 15:44:59 +02:00
/* Patch in an absolute path to fail early for user convenience, but only when we can do it
* (i.e. we will be running from the same file system). This also uses the user's $PATH,
* while we use a fixed search path in the manager. */
path-util: rework find_binary(), fsck_exists() and mkfs_exists() Modernize the code a bit: - Get rid of FOREACH_WORD_SEPARATOR() loop in favour of a extract_first_word() loop. - Remove find_binary()'s "local" flag. It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could. - When we cannot find a suitable binary, return the last error returned from access() rather than ENOENT unconditionally. - Rework fsck_exists() and mkfs_exists() to return 1 on success, 0 if the implementation is missing and negative on real errors. This is more like we do it in other functions. - Make sure we also detect direct fsck symlinks to "true", rather than just absolute ones to /bin/true.
2015-10-22 18:24:59 +02:00
run: let systemd resolve the path with RootDirectory=/RootImage= Fixes #13338.
2020-09-17 15:44:59 +02:00
_cleanup_free_ char *command = NULL;
Rename find_binary to find_executable "executable" is more correct than "binary", since scripts are OK too.
2020-09-17 13:44:12 +02:00
r = find_executable(arg_cmdline[0], &command);
run: port to static destructors
2018-11-22 19:34:15 +01:00
if (r < 0)
return log_error_errno(r, "Failed to find executable %s: %m", arg_cmdline[0]);
path-util: rework find_binary(), fsck_exists() and mkfs_exists() Modernize the code a bit: - Get rid of FOREACH_WORD_SEPARATOR() loop in favour of a extract_first_word() loop. - Remove find_binary()'s "local" flag. It's not reasonably possible to look for binaries on remote systems, we hence should not pretend we could. - When we cannot find a suitable binary, return the last error returned from access() rather than ENOENT unconditionally. - Rework fsck_exists() and mkfs_exists() to return 1 on success, 0 if the implementation is missing and negative on real errors. This is more like we do it in other functions. - Make sure we also detect direct fsck symlinks to "true", rather than just absolute ones to /bin/true.
2015-10-22 18:24:59 +02:00
run: add new --shell switch for spawning a shell as service I keep running "systemd-run -t /bin/bash" to quickly get a shell running in service context. I suspect I am not the only one, hence let's add a shortcut for it. While we are at it, let's make it smarter, and automatically inherit the $SHELL of the invoking user as well as the working directory, and let's imply --pty. --shell (or -S) is hence equivalent to "-t -d $SHELL".
2018-11-22 19:24:48 +01:00
free_and_replace(arg_cmdline[0], command);
run: allow non-absolute paths as command
2013-09-08 07:51:39 -04:00
}
core: allow setting of the description string for transient units
2013-07-01 00:40:56 +02:00
if (!arg_description) {
run: fix bad escaping and memory ownership confusion arg_description was either set to arg_unit (i.e. a const char*), or to char *description, the result of allocation in run(). But description was decorated with _cleanup_, so it would be freed when going out of the function. Nothing bad would happen, because the program would exit after exiting from run(), but this is just all too messy. Also, strv_join(" ") + shell_escape() is not a good way to escape command lines. In particular, one the join has happened, we cannot distinguish empty arguments, or arguments with whitespace, etc. We have a helper function to do the escaping properly, so let's use that. Fixup for 2c29813da3421b77eca5e5cdc3b9a863cad473b9.
2023-11-29 14:13:33 +01:00
char *t;
core: allow setting of the description string for transient units
2013-07-01 00:40:56 +02:00
run: fix bad escaping and memory ownership confusion arg_description was either set to arg_unit (i.e. a const char*), or to char *description, the result of allocation in run(). But description was decorated with _cleanup_, so it would be freed when going out of the function. Nothing bad would happen, because the program would exit after exiting from run(), but this is just all too messy. Also, strv_join(" ") + shell_escape() is not a good way to escape command lines. In particular, one the join has happened, we cannot distinguish empty arguments, or arguments with whitespace, etc. We have a helper function to do the escaping properly, so let's use that. Fixup for 2c29813da3421b77eca5e5cdc3b9a863cad473b9.
2023-11-29 14:13:33 +01:00
if (strv_isempty(arg_cmdline))
t = strdup(arg_unit);
else
t = quote_command_line(arg_cmdline, SHELL_ESCAPE_EMPTY);
if (!t)
return log_oom();
run: introduce timer support option Support timer options --on-active=, --on-boot=, --on-startup=, --on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=, OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer respectively. And OnCalendar= and WakeSystem= supported by --timer-property= option like --property= of systemd-run. And if --unit= option and timer options are specified the command can be omitted. In this case, systemd-run assumes the target service is already loaded. And just try to generate transient timer unit only.
2014-12-09 16:07:16 +09:00
run: fix bad escaping and memory ownership confusion arg_description was either set to arg_unit (i.e. a const char*), or to char *description, the result of allocation in run(). But description was decorated with _cleanup_, so it would be freed when going out of the function. Nothing bad would happen, because the program would exit after exiting from run(), but this is just all too messy. Also, strv_join(" ") + shell_escape() is not a good way to escape command lines. In particular, one the join has happened, we cannot distinguish empty arguments, or arguments with whitespace, etc. We have a helper function to do the escaping properly, so let's use that. Fixup for 2c29813da3421b77eca5e5cdc3b9a863cad473b9.
2023-11-29 14:13:33 +01:00
free_and_replace(arg_description, t);
core: allow setting of the description string for transient units
2013-07-01 00:40:56 +02:00
}
run: disable --expand-environment by default for --scope The intention was to have this option enabled by default everywhere, but unfortunately at least one case was found where it breaks compatibility of a program using systemd-run --scopes and expecting variables not to be expanded: https://sources.debian.org/src/pbuilder/0.231/pbuilder-checkparams/#L400 Example run: systemd-run --quiet --scope --description=pbuilder_build_xfce4-notes-plugin_1.10.0-1.dsc '--slice=system-pbuilder-build-xfce4\x2dnotes\x2dplugin_1.10.0\x2d1-449932.slice' chroot /var/cache/pbuilder/build/449932 dpkg-query -W '--showformat=${Version}' apt Restore backward compatibility and make the option disabled by default when --scope is used, and enabled by default for other types. In case --expand-environment is not specified and a '$' character is detected, print a warning to nudge users toward specifying the parameter as needed. In the future we can then flip the default. Follow-up for 2ed7a221fafb25eea937c4e86fb88ee501dba51e
2023-07-19 22:56:02 +01:00
/* For backward compatibility reasons env var expansion is disabled by default for scopes, and
* enabled by default for everything else. Try to detect it and print a warning, so that we can
* change it in the future and harmonize it. */
if (arg_expand_environment < 0) {
arg_expand_environment = !arg_scope;
if (!arg_quiet && arg_scope && strchr(arg_description, '$'))
log_warning("Scope command line contains environment variable, which is not expanded"
" by default for now, but will be expanded by default in the future."
" Use --expand-environment=yes/no to explicitly control it as needed.");
}
run: adjust indentation
2023-11-29 14:01:13 +01:00
/* If --wait is used connect via the bus, unconditionally, as ref/unref is not supported via the
* limited direct connection */
if (arg_wait ||
arg_stdio != ARG_STDIO_NONE ||
run: allow connecting to capsule instances with --capsule=/-C
2023-10-26 09:19:04 +02:00
(arg_runtime_scope == RUNTIME_SCOPE_USER && !IN_SET(arg_transport, BUS_TRANSPORT_LOCAL, BUS_TRANSPORT_CAPSULE)))
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
r = bus_connect_transport(arg_transport, arg_host, arg_runtime_scope, &bus);
run: optionally, wait for the service to finish and show its result
2016-08-17 14:24:17 +02:00
else
basic: add RuntimeScope enum In various tools and services we have a per-system and per-user concept. So far we sometimes used a boolean indicating whether we are in system mode, or a reversed boolean indicating whether we are in user mode, or the LookupScope enum used by the lookup path logic. Let's address that, in introduce a common enum for this, we can use all across the board. This is mostly just search/replace, no actual code changes.
2023-03-10 09:47:10 +01:00
r = bus_connect_transport_systemd(arg_transport, arg_host, arg_runtime_scope, &bus);
run: port to static destructors
2018-11-22 19:34:15 +01:00
if (r < 0)
bus-util: Log more information when connecting to a bus socket fails Let's log about which bus we're trying to connect to and what transport we're using to do it.
2024-10-08 16:22:58 +02:00
return bus_log_connect_error(r, arg_transport, arg_runtime_scope);
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
run: use sd_bus_set_allow_interactive_authorization()
2024-08-16 19:59:30 +09:00
(void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
core: add new "scope" unit type for making a unit of pre-existing processes "Scope" units are very much like service units, however with the difference that they are created from pre-existing processes, rather than processes that systemd itself forks off. This means they are generated programmatically via the bus API as transient units rather than from static configuration read from disk. Also, they do not provide execution-time parameters, as at the time systemd adds the processes to the scope unit they already exist and the parameters cannot be applied anymore. The primary benefit of this new unit type is to create arbitrary cgroups for worker-processes forked off an existing service. This commit also adds a a new mode to "systemd-run" to run the specified processes in a scope rather then a transient service.
2013-07-01 00:03:57 +02:00
if (arg_scope)
run: simplify returning of status start_transient_service() would return two ints: one normally and one via *retval. We can just return one int and propagate it directly, because we use DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE().
2023-04-02 21:50:19 +02:00
return start_transient_scope(bus);
if (arg_path_property)
return start_transient_trigger(bus, ".path");
if (arg_socket_property)
return start_transient_trigger(bus, ".socket");
if (arg_with_timer)
return start_transient_trigger(bus, ".timer");
return start_transient_service(bus);
core: add transient units Transient units can be created via the bus API. They are configured via the method call parameters rather than on-disk files. They are subject to normal GC. Transient units currently may only be created for services (however, we will extend this), and currently only ExecStart= and the cgroup parameters can be configured (also to be extended). Transient units require a unique name, that previously had no configuration file on disk. A tool systemd-run is added that makes use of this functionality to run arbitrary command lines as transient services: $ systemd-run /bin/ping www.heise.de Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
}
run: port to DEFINE_MAIN_FUNCTION()
2018-11-22 19:30:03 +01:00
DEFINE_MAIN_FUNCTION_WITH_POSITIVE_FAILURE(run);
Reference in New Issue Copy Permalink