Print this page
6805730 some simple changes would make 'init 5' much faster
6809492 startd shouldn't let hung subprocesses impede shutdown
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/svc/startd/graph.c
+++ new/usr/src/cmd/svc/startd/graph.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 23 * Use is subject to license terms.
24 24 */
25 25
26 26 /*
27 27 * graph.c - master restarter graph engine
28 28 *
29 29 * The graph engine keeps a dependency graph of all service instances on the
30 30 * system, as recorded in the repository. It decides when services should
31 31 * be brought up or down based on service states and dependencies and sends
32 32 * commands to restarters to effect any changes. It also executes
33 33 * administrator commands sent by svcadm via the repository.
34 34 *
35 35 * The graph is stored in uu_list_t *dgraph and its vertices are
36 36 * graph_vertex_t's, each of which has a name and an integer id unique to
37 37 * its name (see dict.c). A vertex's type attribute designates the type
38 38 * of object it represents: GVT_INST for service instances, GVT_SVC for
39 39 * service objects (since service instances may depend on another service,
40 40 * rather than service instance), GVT_FILE for files (which services may
41 41 * depend on), and GVT_GROUP for dependencies on multiple objects. GVT_GROUP
42 42 * vertices are necessary because dependency lists may have particular
43 43 * grouping types (require any, require all, optional, or exclude) and
44 44 * event-propagation characteristics.
45 45 *
46 46 * The initial graph is built by libscf_populate_graph() invoking
47 47 * dgraph_add_instance() for each instance in the repository. The function
48 48 * adds a GVT_SVC vertex for the service if one does not already exist, adds
49 49 * a GVT_INST vertex named by the FMRI of the instance, and sets up the edges.
50 50 * The resulting web of vertices & edges associated with an instance's vertex
51 51 * includes
52 52 *
53 53 * - an edge from the GVT_SVC vertex for the instance's service
54 54 *
55 55 * - an edge to the GVT_INST vertex of the instance's resarter, if its
56 56 * restarter is not svc.startd
57 57 *
58 58 * - edges from other GVT_INST vertices if the instance is a restarter
59 59 *
60 60 * - for each dependency property group in the instance's "running"
61 61 * snapshot, an edge to a GVT_GROUP vertex named by the FMRI of the
62 62 * instance and the name of the property group
63 63 *
64 64 * - for each value of the "entities" property in each dependency property
65 65 * group, an edge from the corresponding GVT_GROUP vertex to a
66 66 * GVT_INST, GVT_SVC, or GVT_FILE vertex
67 67 *
68 68 * - edges from GVT_GROUP vertices for each dependent instance
69 69 *
70 70 * After the edges are set up the vertex's GV_CONFIGURED flag is set. If
71 71 * there are problems, or if a service is mentioned in a dependency but does
72 72 * not exist in the repository, the GV_CONFIGURED flag will be clear.
73 73 *
74 74 * The graph and all of its vertices are protected by the dgraph_lock mutex.
75 75 * See restarter.c for more information.
76 76 *
77 77 * The properties of an instance fall into two classes: immediate and
78 78 * snapshotted. Immediate properties should have an immediate effect when
79 79 * changed. Snapshotted properties should be read from a snapshot, so they
80 80 * only change when the snapshot changes. The immediate properties used by
81 81 * the graph engine are general/enabled, general/restarter, and the properties
82 82 * in the restarter_actions property group. Since they are immediate, they
83 83 * are not read out of a snapshot. The snapshotted properties used by the
84 84 * graph engine are those in the property groups with type "dependency" and
85 85 * are read out of the "running" snapshot. The "running" snapshot is created
86 86 * by the the graph engine as soon as possible, and it is updated, along with
87 87 * in-core copies of the data (dependency information for the graph engine) on
88 88 * receipt of the refresh command from svcadm. In addition, the graph engine
89 89 * updates the "start" snapshot from the "running" snapshot whenever a service
90 90 * comes online.
91 91 *
92 92 * When a DISABLE event is requested by the administrator, svc.startd shutdown
93 93 * the dependents first before shutting down the requested service.
94 94 * In graph_enable_by_vertex, we create a subtree that contains the dependent
95 95 * vertices by marking those vertices with the GV_TOOFFLINE flag. And we mark
96 96 * the vertex to disable with the GV_TODISABLE flag. Once the tree is created,
97 97 * we send the _ADMIN_DISABLE event to the leaves. The leaves will then
98 98 * transition from STATE_ONLINE/STATE_DEGRADED to STATE_OFFLINE/STATE_MAINT.
99 99 * In gt_enter_offline and gt_enter_maint if the vertex was in a subtree then
100 100 * we clear the GV_TOOFFLINE flag and walk the dependencies to offline the new
101 101 * exposed leaves. We do the same until we reach the last leaf (the one with
102 102 * the GV_TODISABLE flag). If the vertex to disable is also part of a larger
103 103 * subtree (eg. multiple DISABLE events on vertices in the same subtree) then
104 104 * once the first vertex is disabled (GV_TODISABLE flag is removed), we
105 105 * continue to propagate the offline event to the vertex's dependencies.
106 106 */
107 107
108 108 #include <sys/uadmin.h>
109 109 #include <sys/wait.h>
110 110
111 111 #include <assert.h>
112 112 #include <errno.h>
113 113 #include <fcntl.h>
114 114 #include <libscf.h>
115 115 #include <libscf_priv.h>
116 116 #include <libuutil.h>
117 117 #include <locale.h>
118 118 #include <poll.h>
119 119 #include <pthread.h>
120 120 #include <signal.h>
121 121 #include <stddef.h>
122 122 #include <stdio.h>
123 123 #include <stdlib.h>
124 124 #include <string.h>
125 125 #include <strings.h>
126 126 #include <sys/statvfs.h>
127 127 #include <sys/uadmin.h>
128 128 #include <zone.h>
129 129
130 130 #include "startd.h"
131 131 #include "protocol.h"
132 132
133 133
134 134 #define MILESTONE_NONE ((graph_vertex_t *)1)
135 135
136 136 #define CONSOLE_LOGIN_FMRI "svc:/system/console-login:default"
137 137 #define FS_MINIMAL_FMRI "svc:/system/filesystem/minimal:default"
138 138
139 139 #define VERTEX_REMOVED 0 /* vertex has been freed */
140 140 #define VERTEX_INUSE 1 /* vertex is still in use */
141 141
142 142 /*
143 143 * Services in these states are not considered 'down' by the
144 144 * milestone/shutdown code.
145 145 */
146 146 #define up_state(state) ((state) == RESTARTER_STATE_ONLINE || \
147 147 (state) == RESTARTER_STATE_DEGRADED || \
148 148 (state) == RESTARTER_STATE_OFFLINE)
149 149
150 150 static uu_list_pool_t *graph_edge_pool, *graph_vertex_pool;
151 151 static uu_list_t *dgraph;
152 152 static pthread_mutex_t dgraph_lock;
153 153
154 154 /*
155 155 * milestone indicates the current subgraph. When NULL, it is the entire
156 156 * graph. When MILESTONE_NONE, it is the empty graph. Otherwise, it is all
157 157 * services on which the target vertex depends.
158 158 */
159 159 static graph_vertex_t *milestone = NULL;
160 160 static boolean_t initial_milestone_set = B_FALSE;
161 161 static pthread_cond_t initial_milestone_cv = PTHREAD_COND_INITIALIZER;
162 162
163 163 /* protected by dgraph_lock */
164 164 static boolean_t sulogin_thread_running = B_FALSE;
165 165 static boolean_t sulogin_running = B_FALSE;
166 166 static boolean_t console_login_ready = B_FALSE;
167 167
168 168 /* Number of services to come down to complete milestone transition. */
169 169 static uint_t non_subgraph_svcs;
170 170
|
↓ open down ↓ |
170 lines elided |
↑ open up ↑ |
171 171 /*
172 172 * These variables indicate what should be done when we reach the milestone
173 173 * target milestone, i.e., when non_subgraph_svcs == 0. They are acted upon in
174 174 * dgraph_set_instance_state().
175 175 */
176 176 static int halting = -1;
177 177 static boolean_t go_single_user_mode = B_FALSE;
178 178 static boolean_t go_to_level1 = B_FALSE;
179 179
180 180 /*
181 + * Tracks when we started halting.
182 + */
183 +static time_t halting_time = 0;
184 +
185 +/*
181 186 * This tracks the legacy runlevel to ensure we signal init and manage
182 187 * utmpx entries correctly.
183 188 */
184 189 static char current_runlevel = '\0';
185 190
186 191 /* Number of single user threads currently running */
187 192 static pthread_mutex_t single_user_thread_lock;
188 193 static int single_user_thread_count = 0;
189 194
190 195 /* Statistics for dependency cycle-checking */
191 196 static u_longlong_t dep_inserts = 0;
192 197 static u_longlong_t dep_cycle_ns = 0;
193 198 static u_longlong_t dep_insert_ns = 0;
194 199
195 200
196 201 static const char * const emsg_invalid_restarter =
197 202 "Transitioning %s to maintenance, restarter FMRI %s is invalid "
198 203 "(see 'svcs -xv' for details).\n";
199 204 static const char * const console_login_fmri = CONSOLE_LOGIN_FMRI;
200 205 static const char * const single_user_fmri = SCF_MILESTONE_SINGLE_USER;
201 206 static const char * const multi_user_fmri = SCF_MILESTONE_MULTI_USER;
202 207 static const char * const multi_user_svr_fmri = SCF_MILESTONE_MULTI_USER_SERVER;
203 208
204 209
205 210 /*
206 211 * These services define the system being "up". If none of them can come
207 212 * online, then we will run sulogin on the console. Note that the install ones
208 213 * are for the miniroot and when installing CDs after the first. can_come_up()
209 214 * does the decision making, and an sulogin_thread() runs sulogin, which can be
210 215 * started by dgraph_set_instance_state() or single_user_thread().
211 216 *
212 217 * NOTE: can_come_up() relies on SCF_MILESTONE_SINGLE_USER being the first
213 218 * entry, which is only used when booting_to_single_user (boot -s) is set.
214 219 * This is because when doing a "boot -s", sulogin is started from specials.c
215 220 * after milestone/single-user comes online, for backwards compatibility.
216 221 * In this case, SCF_MILESTONE_SINGLE_USER needs to be part of up_svcs
217 222 * to ensure sulogin will be spawned if milestone/single-user cannot be reached.
218 223 */
219 224 static const char * const up_svcs[] = {
220 225 SCF_MILESTONE_SINGLE_USER,
221 226 CONSOLE_LOGIN_FMRI,
222 227 "svc:/system/install-setup:default",
223 228 "svc:/system/install:default",
224 229 NULL
225 230 };
226 231
227 232 /* This array must have an element for each non-NULL element of up_svcs[]. */
228 233 static graph_vertex_t *up_svcs_p[] = { NULL, NULL, NULL, NULL };
229 234
230 235 /* These are for seed repository magic. See can_come_up(). */
231 236 static const char * const manifest_import =
232 237 "svc:/system/manifest-import:default";
233 238 static graph_vertex_t *manifest_import_p = NULL;
234 239
235 240
236 241 static char target_milestone_as_runlevel(void);
237 242 static void graph_runlevel_changed(char rl, int online);
238 243 static int dgraph_set_milestone(const char *, scf_handle_t *, boolean_t);
239 244 static boolean_t should_be_in_subgraph(graph_vertex_t *v);
240 245 static int mark_subtree(graph_edge_t *, void *);
241 246 static boolean_t insubtree_dependents_down(graph_vertex_t *);
242 247
243 248 /*
244 249 * graph_vertex_compare()
245 250 * This function can compare either int *id or * graph_vertex_t *gv
246 251 * values, as the vertex id is always the first element of a
247 252 * graph_vertex structure.
248 253 */
249 254 /* ARGSUSED */
250 255 static int
251 256 graph_vertex_compare(const void *lc_arg, const void *rc_arg, void *private)
252 257 {
253 258 int lc_id = ((const graph_vertex_t *)lc_arg)->gv_id;
254 259 int rc_id = *(int *)rc_arg;
255 260
256 261 if (lc_id > rc_id)
257 262 return (1);
258 263 if (lc_id < rc_id)
259 264 return (-1);
260 265 return (0);
261 266 }
262 267
263 268 void
264 269 graph_init()
265 270 {
266 271 graph_edge_pool = startd_list_pool_create("graph_edges",
267 272 sizeof (graph_edge_t), offsetof(graph_edge_t, ge_link), NULL,
268 273 UU_LIST_POOL_DEBUG);
269 274 assert(graph_edge_pool != NULL);
270 275
271 276 graph_vertex_pool = startd_list_pool_create("graph_vertices",
272 277 sizeof (graph_vertex_t), offsetof(graph_vertex_t, gv_link),
273 278 graph_vertex_compare, UU_LIST_POOL_DEBUG);
274 279 assert(graph_vertex_pool != NULL);
275 280
276 281 (void) pthread_mutex_init(&dgraph_lock, &mutex_attrs);
277 282 (void) pthread_mutex_init(&single_user_thread_lock, &mutex_attrs);
278 283 dgraph = startd_list_create(graph_vertex_pool, NULL, UU_LIST_SORTED);
279 284 assert(dgraph != NULL);
280 285
281 286 if (!st->st_initial)
282 287 current_runlevel = utmpx_get_runlevel();
283 288
284 289 log_framework(LOG_DEBUG, "Initialized graph\n");
285 290 }
286 291
287 292 static graph_vertex_t *
288 293 vertex_get_by_name(const char *name)
289 294 {
290 295 int id;
291 296
292 297 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
293 298
294 299 id = dict_lookup_byname(name);
295 300 if (id == -1)
296 301 return (NULL);
297 302
298 303 return (uu_list_find(dgraph, &id, NULL, NULL));
299 304 }
300 305
301 306 static graph_vertex_t *
302 307 vertex_get_by_id(int id)
303 308 {
304 309 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
305 310
306 311 if (id == -1)
307 312 return (NULL);
308 313
309 314 return (uu_list_find(dgraph, &id, NULL, NULL));
310 315 }
311 316
312 317 /*
313 318 * Creates a new vertex with the given name, adds it to the graph, and returns
314 319 * a pointer to it. The graph lock must be held by this thread on entry.
315 320 */
316 321 static graph_vertex_t *
317 322 graph_add_vertex(const char *name)
318 323 {
319 324 int id;
320 325 graph_vertex_t *v;
321 326 void *p;
322 327 uu_list_index_t idx;
323 328
324 329 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
325 330
326 331 id = dict_insert(name);
327 332
328 333 v = startd_zalloc(sizeof (*v));
329 334
330 335 v->gv_id = id;
331 336
332 337 v->gv_name = startd_alloc(strlen(name) + 1);
333 338 (void) strcpy(v->gv_name, name);
334 339
335 340 v->gv_dependencies = startd_list_create(graph_edge_pool, v, 0);
336 341 v->gv_dependents = startd_list_create(graph_edge_pool, v, 0);
337 342
338 343 p = uu_list_find(dgraph, &id, NULL, &idx);
339 344 assert(p == NULL);
340 345
341 346 uu_list_node_init(v, &v->gv_link, graph_vertex_pool);
342 347 uu_list_insert(dgraph, v, idx);
343 348
344 349 return (v);
345 350 }
346 351
347 352 /*
348 353 * Removes v from the graph and frees it. The graph should be locked by this
349 354 * thread, and v should have no edges associated with it.
350 355 */
351 356 static void
352 357 graph_remove_vertex(graph_vertex_t *v)
353 358 {
354 359 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
355 360
356 361 assert(uu_list_numnodes(v->gv_dependencies) == 0);
357 362 assert(uu_list_numnodes(v->gv_dependents) == 0);
358 363 assert(v->gv_refs == 0);
359 364
360 365 startd_free(v->gv_name, strlen(v->gv_name) + 1);
361 366 uu_list_destroy(v->gv_dependencies);
362 367 uu_list_destroy(v->gv_dependents);
363 368 uu_list_remove(dgraph, v);
364 369
365 370 startd_free(v, sizeof (graph_vertex_t));
366 371 }
367 372
368 373 static void
369 374 graph_add_edge(graph_vertex_t *fv, graph_vertex_t *tv)
370 375 {
371 376 graph_edge_t *e, *re;
372 377 int r;
373 378
374 379 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
375 380
376 381 e = startd_alloc(sizeof (graph_edge_t));
377 382 re = startd_alloc(sizeof (graph_edge_t));
378 383
379 384 e->ge_parent = fv;
380 385 e->ge_vertex = tv;
381 386
382 387 re->ge_parent = tv;
383 388 re->ge_vertex = fv;
384 389
385 390 uu_list_node_init(e, &e->ge_link, graph_edge_pool);
386 391 r = uu_list_insert_before(fv->gv_dependencies, NULL, e);
387 392 assert(r == 0);
388 393
389 394 uu_list_node_init(re, &re->ge_link, graph_edge_pool);
390 395 r = uu_list_insert_before(tv->gv_dependents, NULL, re);
391 396 assert(r == 0);
392 397 }
393 398
394 399 static void
395 400 graph_remove_edge(graph_vertex_t *v, graph_vertex_t *dv)
396 401 {
397 402 graph_edge_t *e;
398 403
399 404 for (e = uu_list_first(v->gv_dependencies);
400 405 e != NULL;
401 406 e = uu_list_next(v->gv_dependencies, e)) {
402 407 if (e->ge_vertex == dv) {
403 408 uu_list_remove(v->gv_dependencies, e);
404 409 startd_free(e, sizeof (graph_edge_t));
405 410 break;
406 411 }
407 412 }
408 413
409 414 for (e = uu_list_first(dv->gv_dependents);
410 415 e != NULL;
411 416 e = uu_list_next(dv->gv_dependents, e)) {
412 417 if (e->ge_vertex == v) {
413 418 uu_list_remove(dv->gv_dependents, e);
414 419 startd_free(e, sizeof (graph_edge_t));
415 420 break;
416 421 }
417 422 }
418 423 }
419 424
420 425 static void
421 426 remove_inst_vertex(graph_vertex_t *v)
422 427 {
423 428 graph_edge_t *e;
424 429 graph_vertex_t *sv;
425 430 int i;
426 431
427 432 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
428 433 assert(uu_list_numnodes(v->gv_dependents) == 1);
429 434 assert(uu_list_numnodes(v->gv_dependencies) == 0);
430 435 assert(v->gv_refs == 0);
431 436 assert((v->gv_flags & GV_CONFIGURED) == 0);
432 437
433 438 e = uu_list_first(v->gv_dependents);
434 439 sv = e->ge_vertex;
435 440 graph_remove_edge(sv, v);
436 441
437 442 for (i = 0; up_svcs[i] != NULL; ++i) {
438 443 if (up_svcs_p[i] == v)
439 444 up_svcs_p[i] = NULL;
440 445 }
441 446
442 447 if (manifest_import_p == v)
443 448 manifest_import_p = NULL;
444 449
445 450 graph_remove_vertex(v);
446 451
447 452 if (uu_list_numnodes(sv->gv_dependencies) == 0 &&
448 453 uu_list_numnodes(sv->gv_dependents) == 0 &&
449 454 sv->gv_refs == 0)
450 455 graph_remove_vertex(sv);
451 456 }
452 457
453 458 static void
454 459 graph_walk_dependents(graph_vertex_t *v, void (*func)(graph_vertex_t *, void *),
455 460 void *arg)
456 461 {
457 462 graph_edge_t *e;
458 463
459 464 for (e = uu_list_first(v->gv_dependents);
460 465 e != NULL;
461 466 e = uu_list_next(v->gv_dependents, e))
462 467 func(e->ge_vertex, arg);
463 468 }
464 469
465 470 static void
466 471 graph_walk_dependencies(graph_vertex_t *v, void (*func)(graph_vertex_t *,
467 472 void *), void *arg)
468 473 {
469 474 graph_edge_t *e;
470 475
471 476 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
472 477
473 478 for (e = uu_list_first(v->gv_dependencies);
474 479 e != NULL;
475 480 e = uu_list_next(v->gv_dependencies, e)) {
476 481
477 482 func(e->ge_vertex, arg);
478 483 }
479 484 }
480 485
481 486 /*
482 487 * Generic graph walking function.
483 488 *
484 489 * Given a vertex, this function will walk either dependencies
485 490 * (WALK_DEPENDENCIES) or dependents (WALK_DEPENDENTS) of a vertex recursively
486 491 * for the entire graph. It will avoid cycles and never visit the same vertex
487 492 * twice.
488 493 *
489 494 * We avoid traversing exclusion dependencies, because they are allowed to
490 495 * create cycles in the graph. When propagating satisfiability, there is no
491 496 * need to walk exclusion dependencies because exclude_all_satisfied() doesn't
492 497 * test for satisfiability.
493 498 *
494 499 * The walker takes two callbacks. The first is called before examining the
495 500 * dependents of each vertex. The second is called on each vertex after
496 501 * examining its dependents. This allows is_path_to() to construct a path only
497 502 * after the target vertex has been found.
498 503 */
499 504 typedef enum {
500 505 WALK_DEPENDENTS,
501 506 WALK_DEPENDENCIES
502 507 } graph_walk_dir_t;
503 508
504 509 typedef int (*graph_walk_cb_t)(graph_vertex_t *, void *);
505 510
506 511 typedef struct graph_walk_info {
507 512 graph_walk_dir_t gi_dir;
508 513 uchar_t *gi_visited; /* vertex bitmap */
509 514 int (*gi_pre)(graph_vertex_t *, void *);
510 515 void (*gi_post)(graph_vertex_t *, void *);
511 516 void *gi_arg; /* callback arg */
512 517 int gi_ret; /* return value */
513 518 } graph_walk_info_t;
514 519
515 520 static int
516 521 graph_walk_recurse(graph_edge_t *e, graph_walk_info_t *gip)
517 522 {
518 523 uu_list_t *list;
519 524 int r;
520 525 graph_vertex_t *v = e->ge_vertex;
521 526 int i;
522 527 uint_t b;
523 528
524 529 i = v->gv_id / 8;
525 530 b = 1 << (v->gv_id % 8);
526 531
527 532 /*
528 533 * Check to see if we've visited this vertex already.
529 534 */
530 535 if (gip->gi_visited[i] & b)
531 536 return (UU_WALK_NEXT);
532 537
533 538 gip->gi_visited[i] |= b;
534 539
535 540 /*
536 541 * Don't follow exclusions.
537 542 */
538 543 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
539 544 return (UU_WALK_NEXT);
540 545
541 546 /*
542 547 * Call pre-visit callback. If this doesn't terminate the walk,
543 548 * continue search.
544 549 */
545 550 if ((gip->gi_ret = gip->gi_pre(v, gip->gi_arg)) == UU_WALK_NEXT) {
546 551 /*
547 552 * Recurse using appropriate list.
548 553 */
549 554 if (gip->gi_dir == WALK_DEPENDENTS)
550 555 list = v->gv_dependents;
551 556 else
552 557 list = v->gv_dependencies;
553 558
554 559 r = uu_list_walk(list, (uu_walk_fn_t *)graph_walk_recurse,
555 560 gip, 0);
556 561 assert(r == 0);
557 562 }
558 563
559 564 /*
560 565 * Callbacks must return either UU_WALK_NEXT or UU_WALK_DONE.
561 566 */
562 567 assert(gip->gi_ret == UU_WALK_NEXT || gip->gi_ret == UU_WALK_DONE);
563 568
564 569 /*
565 570 * If given a post-callback, call the function for every vertex.
566 571 */
567 572 if (gip->gi_post != NULL)
568 573 (void) gip->gi_post(v, gip->gi_arg);
569 574
570 575 /*
571 576 * Preserve the callback's return value. If the callback returns
572 577 * UU_WALK_DONE, then we propagate that to the caller in order to
573 578 * terminate the walk.
574 579 */
575 580 return (gip->gi_ret);
576 581 }
577 582
578 583 static void
579 584 graph_walk(graph_vertex_t *v, graph_walk_dir_t dir,
580 585 int (*pre)(graph_vertex_t *, void *),
581 586 void (*post)(graph_vertex_t *, void *), void *arg)
582 587 {
583 588 graph_walk_info_t gi;
584 589 graph_edge_t fake;
585 590 size_t sz = dictionary->dict_new_id / 8 + 1;
586 591
587 592 gi.gi_visited = startd_zalloc(sz);
588 593 gi.gi_pre = pre;
589 594 gi.gi_post = post;
590 595 gi.gi_arg = arg;
591 596 gi.gi_dir = dir;
592 597 gi.gi_ret = 0;
593 598
594 599 /*
595 600 * Fake up an edge for the first iteration
596 601 */
597 602 fake.ge_vertex = v;
598 603 (void) graph_walk_recurse(&fake, &gi);
599 604
600 605 startd_free(gi.gi_visited, sz);
601 606 }
602 607
603 608 typedef struct child_search {
604 609 int id; /* id of vertex to look for */
605 610 uint_t depth; /* recursion depth */
606 611 /*
607 612 * While the vertex is not found, path is NULL. After the search, if
608 613 * the vertex was found then path should point to a -1-terminated
609 614 * array of vertex id's which constitute the path to the vertex.
610 615 */
611 616 int *path;
612 617 } child_search_t;
613 618
614 619 static int
615 620 child_pre(graph_vertex_t *v, void *arg)
616 621 {
617 622 child_search_t *cs = arg;
618 623
619 624 cs->depth++;
620 625
621 626 if (v->gv_id == cs->id) {
622 627 cs->path = startd_alloc((cs->depth + 1) * sizeof (int));
623 628 cs->path[cs->depth] = -1;
624 629 return (UU_WALK_DONE);
625 630 }
626 631
627 632 return (UU_WALK_NEXT);
628 633 }
629 634
630 635 static void
631 636 child_post(graph_vertex_t *v, void *arg)
632 637 {
633 638 child_search_t *cs = arg;
634 639
635 640 cs->depth--;
636 641
637 642 if (cs->path != NULL)
638 643 cs->path[cs->depth] = v->gv_id;
639 644 }
640 645
641 646 /*
642 647 * Look for a path from from to to. If one exists, returns a pointer to
643 648 * a NULL-terminated array of pointers to the vertices along the path. If
644 649 * there is no path, returns NULL.
645 650 */
646 651 static int *
647 652 is_path_to(graph_vertex_t *from, graph_vertex_t *to)
648 653 {
649 654 child_search_t cs;
650 655
651 656 cs.id = to->gv_id;
652 657 cs.depth = 0;
653 658 cs.path = NULL;
654 659
655 660 graph_walk(from, WALK_DEPENDENCIES, child_pre, child_post, &cs);
656 661
657 662 return (cs.path);
658 663 }
659 664
660 665 /*
661 666 * Given an array of int's as returned by is_path_to, allocates a string of
662 667 * their names joined by newlines. Returns the size of the allocated buffer
663 668 * in *sz and frees path.
664 669 */
665 670 static void
666 671 path_to_str(int *path, char **cpp, size_t *sz)
667 672 {
668 673 int i;
669 674 graph_vertex_t *v;
670 675 size_t allocd, new_allocd;
671 676 char *new, *name;
672 677
673 678 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
674 679 assert(path[0] != -1);
675 680
676 681 allocd = 1;
677 682 *cpp = startd_alloc(1);
678 683 (*cpp)[0] = '\0';
679 684
680 685 for (i = 0; path[i] != -1; ++i) {
681 686 name = NULL;
682 687
683 688 v = vertex_get_by_id(path[i]);
684 689
685 690 if (v == NULL)
686 691 name = "<deleted>";
687 692 else if (v->gv_type == GVT_INST || v->gv_type == GVT_SVC)
688 693 name = v->gv_name;
689 694
690 695 if (name != NULL) {
691 696 new_allocd = allocd + strlen(name) + 1;
692 697 new = startd_alloc(new_allocd);
693 698 (void) strcpy(new, *cpp);
694 699 (void) strcat(new, name);
695 700 (void) strcat(new, "\n");
696 701
697 702 startd_free(*cpp, allocd);
698 703
699 704 *cpp = new;
700 705 allocd = new_allocd;
701 706 }
702 707 }
703 708
704 709 startd_free(path, sizeof (int) * (i + 1));
705 710
706 711 *sz = allocd;
707 712 }
708 713
709 714
710 715 /*
711 716 * This function along with run_sulogin() implements an exclusion relationship
712 717 * between system/console-login and sulogin. run_sulogin() will fail if
713 718 * system/console-login is online, and the graph engine should call
714 719 * graph_clogin_start() to bring system/console-login online, which defers the
715 720 * start if sulogin is running.
716 721 */
717 722 static void
718 723 graph_clogin_start(graph_vertex_t *v)
719 724 {
720 725 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
721 726
722 727 if (sulogin_running)
723 728 console_login_ready = B_TRUE;
724 729 else
725 730 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
726 731 }
727 732
728 733 static void
729 734 graph_su_start(graph_vertex_t *v)
730 735 {
731 736 /*
732 737 * /etc/inittab used to have the initial /sbin/rcS as a 'sysinit'
733 738 * entry with a runlevel of 'S', before jumping to the final
734 739 * target runlevel (as set in initdefault). We mimic that legacy
735 740 * behavior here.
736 741 */
737 742 utmpx_set_runlevel('S', '0', B_FALSE);
738 743 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
739 744 }
740 745
741 746 static void
742 747 graph_post_su_online(void)
743 748 {
744 749 graph_runlevel_changed('S', 1);
745 750 }
746 751
747 752 static void
748 753 graph_post_su_disable(void)
749 754 {
750 755 graph_runlevel_changed('S', 0);
751 756 }
752 757
753 758 static void
754 759 graph_post_mu_online(void)
755 760 {
756 761 graph_runlevel_changed('2', 1);
757 762 }
758 763
759 764 static void
760 765 graph_post_mu_disable(void)
761 766 {
762 767 graph_runlevel_changed('2', 0);
763 768 }
764 769
765 770 static void
766 771 graph_post_mus_online(void)
767 772 {
768 773 graph_runlevel_changed('3', 1);
769 774 }
770 775
771 776 static void
772 777 graph_post_mus_disable(void)
773 778 {
774 779 graph_runlevel_changed('3', 0);
775 780 }
776 781
777 782 static struct special_vertex_info {
778 783 const char *name;
779 784 void (*start_f)(graph_vertex_t *);
780 785 void (*post_online_f)(void);
781 786 void (*post_disable_f)(void);
782 787 } special_vertices[] = {
783 788 { CONSOLE_LOGIN_FMRI, graph_clogin_start, NULL, NULL },
784 789 { SCF_MILESTONE_SINGLE_USER, graph_su_start,
785 790 graph_post_su_online, graph_post_su_disable },
786 791 { SCF_MILESTONE_MULTI_USER, NULL,
787 792 graph_post_mu_online, graph_post_mu_disable },
788 793 { SCF_MILESTONE_MULTI_USER_SERVER, NULL,
789 794 graph_post_mus_online, graph_post_mus_disable },
790 795 { NULL },
791 796 };
792 797
793 798
794 799 void
795 800 vertex_send_event(graph_vertex_t *v, restarter_event_type_t e)
796 801 {
797 802 switch (e) {
798 803 case RESTARTER_EVENT_TYPE_ADD_INSTANCE:
799 804 assert(v->gv_state == RESTARTER_STATE_UNINIT);
800 805
801 806 MUTEX_LOCK(&st->st_load_lock);
802 807 st->st_load_instances++;
803 808 MUTEX_UNLOCK(&st->st_load_lock);
804 809 break;
805 810
806 811 case RESTARTER_EVENT_TYPE_ENABLE:
807 812 log_framework(LOG_DEBUG, "Enabling %s.\n", v->gv_name);
808 813 assert(v->gv_state == RESTARTER_STATE_UNINIT ||
809 814 v->gv_state == RESTARTER_STATE_DISABLED ||
810 815 v->gv_state == RESTARTER_STATE_MAINT);
811 816 break;
812 817
813 818 case RESTARTER_EVENT_TYPE_DISABLE:
814 819 case RESTARTER_EVENT_TYPE_ADMIN_DISABLE:
815 820 log_framework(LOG_DEBUG, "Disabling %s.\n", v->gv_name);
816 821 assert(v->gv_state != RESTARTER_STATE_DISABLED);
817 822 break;
818 823
819 824 case RESTARTER_EVENT_TYPE_STOP:
820 825 log_framework(LOG_DEBUG, "Stopping %s.\n", v->gv_name);
821 826 assert(v->gv_state == RESTARTER_STATE_DEGRADED ||
822 827 v->gv_state == RESTARTER_STATE_ONLINE);
823 828 break;
824 829
825 830 case RESTARTER_EVENT_TYPE_START:
826 831 log_framework(LOG_DEBUG, "Starting %s.\n", v->gv_name);
827 832 assert(v->gv_state == RESTARTER_STATE_OFFLINE);
828 833 break;
829 834
830 835 case RESTARTER_EVENT_TYPE_REMOVE_INSTANCE:
831 836 case RESTARTER_EVENT_TYPE_ADMIN_DEGRADED:
832 837 case RESTARTER_EVENT_TYPE_ADMIN_REFRESH:
833 838 case RESTARTER_EVENT_TYPE_ADMIN_RESTART:
834 839 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_OFF:
835 840 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON:
836 841 case RESTARTER_EVENT_TYPE_ADMIN_MAINT_ON_IMMEDIATE:
837 842 case RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE:
838 843 case RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY:
839 844 break;
840 845
841 846 default:
842 847 #ifndef NDEBUG
843 848 uu_warn("%s:%d: Bad event %d.\n", __FILE__, __LINE__, e);
844 849 #endif
845 850 abort();
846 851 }
847 852
848 853 restarter_protocol_send_event(v->gv_name, v->gv_restarter_channel, e);
849 854 }
850 855
851 856 static void
852 857 graph_unset_restarter(graph_vertex_t *v)
853 858 {
854 859 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
855 860 assert(v->gv_flags & GV_CONFIGURED);
856 861
857 862 vertex_send_event(v, RESTARTER_EVENT_TYPE_REMOVE_INSTANCE);
858 863
859 864 if (v->gv_restarter_id != -1) {
860 865 graph_vertex_t *rv;
861 866
862 867 rv = vertex_get_by_id(v->gv_restarter_id);
863 868 graph_remove_edge(v, rv);
864 869 }
865 870
866 871 v->gv_restarter_id = -1;
867 872 v->gv_restarter_channel = NULL;
868 873 }
869 874
870 875 /*
871 876 * Return VERTEX_REMOVED when the vertex passed in argument is deleted from the
872 877 * dgraph otherwise return VERTEX_INUSE.
873 878 */
874 879 static int
875 880 free_if_unrefed(graph_vertex_t *v)
876 881 {
877 882 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
878 883
879 884 if (v->gv_refs > 0)
880 885 return (VERTEX_INUSE);
881 886
882 887 if (v->gv_type == GVT_SVC &&
883 888 uu_list_numnodes(v->gv_dependents) == 0 &&
884 889 uu_list_numnodes(v->gv_dependencies) == 0) {
885 890 graph_remove_vertex(v);
886 891 return (VERTEX_REMOVED);
887 892 } else if (v->gv_type == GVT_INST &&
888 893 (v->gv_flags & GV_CONFIGURED) == 0 &&
889 894 uu_list_numnodes(v->gv_dependents) == 1 &&
890 895 uu_list_numnodes(v->gv_dependencies) == 0) {
891 896 remove_inst_vertex(v);
892 897 return (VERTEX_REMOVED);
893 898 }
894 899
895 900 return (VERTEX_INUSE);
896 901 }
897 902
898 903 static void
899 904 delete_depgroup(graph_vertex_t *v)
900 905 {
901 906 graph_edge_t *e;
902 907 graph_vertex_t *dv;
903 908
904 909 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
905 910 assert(v->gv_type == GVT_GROUP);
906 911 assert(uu_list_numnodes(v->gv_dependents) == 0);
907 912
908 913 while ((e = uu_list_first(v->gv_dependencies)) != NULL) {
909 914 dv = e->ge_vertex;
910 915
911 916 graph_remove_edge(v, dv);
912 917
913 918 switch (dv->gv_type) {
914 919 case GVT_INST: /* instance dependency */
915 920 case GVT_SVC: /* service dependency */
916 921 (void) free_if_unrefed(dv);
917 922 break;
918 923
919 924 case GVT_FILE: /* file dependency */
920 925 assert(uu_list_numnodes(dv->gv_dependencies) == 0);
921 926 if (uu_list_numnodes(dv->gv_dependents) == 0)
922 927 graph_remove_vertex(dv);
923 928 break;
924 929
925 930 default:
926 931 #ifndef NDEBUG
927 932 uu_warn("%s:%d: Unexpected node type %d", __FILE__,
928 933 __LINE__, dv->gv_type);
929 934 #endif
930 935 abort();
931 936 }
932 937 }
933 938
934 939 graph_remove_vertex(v);
935 940 }
936 941
937 942 static int
938 943 delete_instance_deps_cb(graph_edge_t *e, void **ptrs)
939 944 {
940 945 graph_vertex_t *v = ptrs[0];
941 946 boolean_t delete_restarter_dep = (boolean_t)ptrs[1];
942 947 graph_vertex_t *dv;
943 948
944 949 dv = e->ge_vertex;
945 950
946 951 /*
947 952 * We have four possibilities here:
948 953 * - GVT_INST: restarter
949 954 * - GVT_GROUP - GVT_INST: instance dependency
950 955 * - GVT_GROUP - GVT_SVC - GV_INST: service dependency
951 956 * - GVT_GROUP - GVT_FILE: file dependency
952 957 */
953 958 switch (dv->gv_type) {
954 959 case GVT_INST: /* restarter */
955 960 assert(dv->gv_id == v->gv_restarter_id);
956 961 if (delete_restarter_dep)
957 962 graph_remove_edge(v, dv);
958 963 break;
959 964
960 965 case GVT_GROUP: /* pg dependency */
961 966 graph_remove_edge(v, dv);
962 967 delete_depgroup(dv);
963 968 break;
964 969
965 970 case GVT_FILE:
966 971 /* These are currently not direct dependencies */
967 972
968 973 default:
969 974 #ifndef NDEBUG
970 975 uu_warn("%s:%d: Bad vertex type %d.\n", __FILE__, __LINE__,
971 976 dv->gv_type);
972 977 #endif
973 978 abort();
974 979 }
975 980
976 981 return (UU_WALK_NEXT);
977 982 }
978 983
979 984 static void
980 985 delete_instance_dependencies(graph_vertex_t *v, boolean_t delete_restarter_dep)
981 986 {
982 987 void *ptrs[2];
983 988 int r;
984 989
985 990 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
986 991 assert(v->gv_type == GVT_INST);
987 992
988 993 ptrs[0] = v;
989 994 ptrs[1] = (void *)delete_restarter_dep;
990 995
991 996 r = uu_list_walk(v->gv_dependencies,
992 997 (uu_walk_fn_t *)delete_instance_deps_cb, &ptrs, UU_WALK_ROBUST);
993 998 assert(r == 0);
994 999 }
995 1000
996 1001 /*
997 1002 * int graph_insert_vertex_unconfigured()
998 1003 * Insert a vertex without sending any restarter events. If the vertex
999 1004 * already exists or creation is successful, return a pointer to it in *vp.
1000 1005 *
1001 1006 * If type is not GVT_GROUP, dt can remain unset.
1002 1007 *
1003 1008 * Returns 0, EEXIST, or EINVAL if the arguments are invalid (i.e., fmri
1004 1009 * doesn't agree with type, or type doesn't agree with dt).
1005 1010 */
1006 1011 static int
1007 1012 graph_insert_vertex_unconfigured(const char *fmri, gv_type_t type,
1008 1013 depgroup_type_t dt, restarter_error_t rt, graph_vertex_t **vp)
1009 1014 {
1010 1015 int r;
1011 1016 int i;
1012 1017
1013 1018 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
1014 1019
1015 1020 switch (type) {
1016 1021 case GVT_SVC:
1017 1022 case GVT_INST:
1018 1023 if (strncmp(fmri, "svc:", sizeof ("svc:") - 1) != 0)
1019 1024 return (EINVAL);
1020 1025 break;
1021 1026
1022 1027 case GVT_FILE:
1023 1028 if (strncmp(fmri, "file:", sizeof ("file:") - 1) != 0)
1024 1029 return (EINVAL);
1025 1030 break;
1026 1031
1027 1032 case GVT_GROUP:
1028 1033 if (dt <= 0 || rt < 0)
1029 1034 return (EINVAL);
1030 1035 break;
1031 1036
1032 1037 default:
1033 1038 #ifndef NDEBUG
1034 1039 uu_warn("%s:%d: Unknown type %d.\n", __FILE__, __LINE__, type);
1035 1040 #endif
1036 1041 abort();
1037 1042 }
1038 1043
1039 1044 *vp = vertex_get_by_name(fmri);
1040 1045 if (*vp != NULL)
1041 1046 return (EEXIST);
1042 1047
1043 1048 *vp = graph_add_vertex(fmri);
1044 1049
1045 1050 (*vp)->gv_type = type;
1046 1051 (*vp)->gv_depgroup = dt;
1047 1052 (*vp)->gv_restart = rt;
1048 1053
1049 1054 (*vp)->gv_flags = 0;
1050 1055 (*vp)->gv_state = RESTARTER_STATE_NONE;
1051 1056
1052 1057 for (i = 0; special_vertices[i].name != NULL; ++i) {
1053 1058 if (strcmp(fmri, special_vertices[i].name) == 0) {
1054 1059 (*vp)->gv_start_f = special_vertices[i].start_f;
1055 1060 (*vp)->gv_post_online_f =
1056 1061 special_vertices[i].post_online_f;
1057 1062 (*vp)->gv_post_disable_f =
1058 1063 special_vertices[i].post_disable_f;
1059 1064 break;
1060 1065 }
1061 1066 }
1062 1067
1063 1068 (*vp)->gv_restarter_id = -1;
1064 1069 (*vp)->gv_restarter_channel = 0;
1065 1070
1066 1071 if (type == GVT_INST) {
1067 1072 char *sfmri;
1068 1073 graph_vertex_t *sv;
1069 1074
1070 1075 sfmri = inst_fmri_to_svc_fmri(fmri);
1071 1076 sv = vertex_get_by_name(sfmri);
1072 1077 if (sv == NULL) {
1073 1078 r = graph_insert_vertex_unconfigured(sfmri, GVT_SVC, 0,
1074 1079 0, &sv);
1075 1080 assert(r == 0);
1076 1081 }
1077 1082 startd_free(sfmri, max_scf_fmri_size);
1078 1083
1079 1084 graph_add_edge(sv, *vp);
1080 1085 }
1081 1086
1082 1087 /*
1083 1088 * If this vertex is in the subgraph, mark it as so, for both
1084 1089 * GVT_INST and GVT_SERVICE verteces.
1085 1090 * A GVT_SERVICE vertex can only be in the subgraph if another instance
1086 1091 * depends on it, in which case it's already been added to the graph
1087 1092 * and marked as in the subgraph (by refresh_vertex()). If a
1088 1093 * GVT_SERVICE vertex was freshly added (by the code above), it means
1089 1094 * that it has no dependents, and cannot be in the subgraph.
1090 1095 * Regardless of this, we still check that gv_flags includes
1091 1096 * GV_INSUBGRAPH in the event that future behavior causes the above
1092 1097 * code to add a GVT_SERVICE vertex which should be in the subgraph.
1093 1098 */
1094 1099
1095 1100 (*vp)->gv_flags |= (should_be_in_subgraph(*vp)? GV_INSUBGRAPH : 0);
1096 1101
1097 1102 return (0);
1098 1103 }
1099 1104
1100 1105 /*
1101 1106 * Returns 0 on success or ELOOP if the dependency would create a cycle.
1102 1107 */
1103 1108 static int
1104 1109 graph_insert_dependency(graph_vertex_t *fv, graph_vertex_t *tv, int **pathp)
1105 1110 {
1106 1111 hrtime_t now;
1107 1112
1108 1113 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
1109 1114
1110 1115 /* cycle detection */
1111 1116 now = gethrtime();
1112 1117
1113 1118 /* Don't follow exclusions. */
1114 1119 if (!(fv->gv_type == GVT_GROUP &&
1115 1120 fv->gv_depgroup == DEPGRP_EXCLUDE_ALL)) {
1116 1121 *pathp = is_path_to(tv, fv);
1117 1122 if (*pathp)
1118 1123 return (ELOOP);
1119 1124 }
1120 1125
1121 1126 dep_cycle_ns += gethrtime() - now;
1122 1127 ++dep_inserts;
1123 1128 now = gethrtime();
1124 1129
1125 1130 graph_add_edge(fv, tv);
1126 1131
1127 1132 dep_insert_ns += gethrtime() - now;
1128 1133
1129 1134 /* Check if the dependency adds the "to" vertex to the subgraph */
1130 1135 tv->gv_flags |= (should_be_in_subgraph(tv) ? GV_INSUBGRAPH : 0);
1131 1136
1132 1137 return (0);
1133 1138 }
1134 1139
1135 1140 static int
1136 1141 inst_running(graph_vertex_t *v)
1137 1142 {
1138 1143 assert(v->gv_type == GVT_INST);
1139 1144
1140 1145 if (v->gv_state == RESTARTER_STATE_ONLINE ||
1141 1146 v->gv_state == RESTARTER_STATE_DEGRADED)
1142 1147 return (1);
1143 1148
1144 1149 return (0);
1145 1150 }
1146 1151
1147 1152 /*
1148 1153 * The dependency evaluation functions return
1149 1154 * 1 - dependency satisfied
1150 1155 * 0 - dependency unsatisfied
1151 1156 * -1 - dependency unsatisfiable (without administrator intervention)
1152 1157 *
1153 1158 * The functions also take a boolean satbility argument. When true, the
1154 1159 * functions may recurse in order to determine satisfiability.
1155 1160 */
1156 1161 static int require_any_satisfied(graph_vertex_t *, boolean_t);
1157 1162 static int dependency_satisfied(graph_vertex_t *, boolean_t);
1158 1163
1159 1164 /*
1160 1165 * A require_all dependency is unsatisfied if any elements are unsatisfied. It
1161 1166 * is unsatisfiable if any elements are unsatisfiable.
1162 1167 */
1163 1168 static int
1164 1169 require_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1165 1170 {
1166 1171 graph_edge_t *edge;
1167 1172 int i;
1168 1173 boolean_t any_unsatisfied;
1169 1174
1170 1175 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1171 1176 return (1);
1172 1177
1173 1178 any_unsatisfied = B_FALSE;
1174 1179
1175 1180 for (edge = uu_list_first(groupv->gv_dependencies);
1176 1181 edge != NULL;
1177 1182 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1178 1183 i = dependency_satisfied(edge->ge_vertex, satbility);
1179 1184 if (i == 1)
1180 1185 continue;
1181 1186
1182 1187 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1183 1188 "require_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1184 1189 edge->ge_vertex->gv_name, i == 0 ? "ed" : "able");
1185 1190
1186 1191 if (!satbility)
1187 1192 return (0);
1188 1193
1189 1194 if (i == -1)
1190 1195 return (-1);
1191 1196
1192 1197 any_unsatisfied = B_TRUE;
1193 1198 }
1194 1199
1195 1200 return (any_unsatisfied ? 0 : 1);
1196 1201 }
1197 1202
1198 1203 /*
1199 1204 * A require_any dependency is satisfied if any element is satisfied. It is
1200 1205 * satisfiable if any element is satisfiable.
1201 1206 */
1202 1207 static int
1203 1208 require_any_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1204 1209 {
1205 1210 graph_edge_t *edge;
1206 1211 int s;
1207 1212 boolean_t satisfiable;
1208 1213
1209 1214 if (uu_list_numnodes(groupv->gv_dependencies) == 0)
1210 1215 return (1);
1211 1216
1212 1217 satisfiable = B_FALSE;
1213 1218
1214 1219 for (edge = uu_list_first(groupv->gv_dependencies);
1215 1220 edge != NULL;
1216 1221 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1217 1222 s = dependency_satisfied(edge->ge_vertex, satbility);
1218 1223
1219 1224 if (s == 1)
1220 1225 return (1);
1221 1226
1222 1227 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1223 1228 "require_any(%s): %s is unsatisfi%s.\n",
1224 1229 groupv->gv_name, edge->ge_vertex->gv_name,
1225 1230 s == 0 ? "ed" : "able");
1226 1231
1227 1232 if (satbility && s == 0)
1228 1233 satisfiable = B_TRUE;
1229 1234 }
1230 1235
1231 1236 return (!satbility || satisfiable ? 0 : -1);
1232 1237 }
1233 1238
1234 1239 /*
1235 1240 * An optional_all dependency only considers elements which are configured,
1236 1241 * enabled, and not in maintenance. If any are unsatisfied, then the dependency
1237 1242 * is unsatisfied.
1238 1243 *
1239 1244 * Offline dependencies which are waiting for a dependency to come online are
1240 1245 * unsatisfied. Offline dependences which cannot possibly come online
1241 1246 * (unsatisfiable) are always considered satisfied.
1242 1247 */
1243 1248 static int
1244 1249 optional_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1245 1250 {
1246 1251 graph_edge_t *edge;
1247 1252 graph_vertex_t *v;
1248 1253 boolean_t any_qualified;
1249 1254 boolean_t any_unsatisfied;
1250 1255 int i;
1251 1256
1252 1257 any_qualified = B_FALSE;
1253 1258 any_unsatisfied = B_FALSE;
1254 1259
1255 1260 for (edge = uu_list_first(groupv->gv_dependencies);
1256 1261 edge != NULL;
1257 1262 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1258 1263 v = edge->ge_vertex;
1259 1264
1260 1265 switch (v->gv_type) {
1261 1266 case GVT_INST:
1262 1267 /* Skip missing or disabled instances */
1263 1268 if ((v->gv_flags & (GV_CONFIGURED | GV_ENABLED)) !=
1264 1269 (GV_CONFIGURED | GV_ENABLED))
1265 1270 continue;
1266 1271
1267 1272 if (v->gv_state == RESTARTER_STATE_MAINT)
1268 1273 continue;
1269 1274
1270 1275 if (v->gv_flags & GV_TOOFFLINE)
1271 1276 continue;
1272 1277
1273 1278 any_qualified = B_TRUE;
1274 1279 if (v->gv_state == RESTARTER_STATE_OFFLINE) {
1275 1280 /*
1276 1281 * For offline dependencies, treat unsatisfiable
1277 1282 * as satisfied.
1278 1283 */
1279 1284 i = dependency_satisfied(v, B_TRUE);
1280 1285 if (i == -1)
1281 1286 i = 1;
1282 1287 } else if (v->gv_state == RESTARTER_STATE_DISABLED) {
1283 1288 /*
1284 1289 * The service is enabled, but hasn't
1285 1290 * transitioned out of disabled yet. Treat it
1286 1291 * as unsatisfied (not unsatisfiable).
1287 1292 */
1288 1293 i = 0;
1289 1294 } else {
1290 1295 i = dependency_satisfied(v, satbility);
1291 1296 }
1292 1297 break;
1293 1298
1294 1299 case GVT_FILE:
1295 1300 any_qualified = B_TRUE;
1296 1301 i = dependency_satisfied(v, satbility);
1297 1302
1298 1303 break;
1299 1304
1300 1305 case GVT_SVC: {
1301 1306 boolean_t svc_any_qualified;
1302 1307 boolean_t svc_satisfied;
1303 1308 boolean_t svc_satisfiable;
1304 1309 graph_vertex_t *v2;
1305 1310 graph_edge_t *e2;
1306 1311
1307 1312 svc_any_qualified = B_FALSE;
1308 1313 svc_satisfied = B_FALSE;
1309 1314 svc_satisfiable = B_FALSE;
1310 1315
1311 1316 for (e2 = uu_list_first(v->gv_dependencies);
1312 1317 e2 != NULL;
1313 1318 e2 = uu_list_next(v->gv_dependencies, e2)) {
1314 1319 v2 = e2->ge_vertex;
1315 1320 assert(v2->gv_type == GVT_INST);
1316 1321
1317 1322 if ((v2->gv_flags &
1318 1323 (GV_CONFIGURED | GV_ENABLED)) !=
1319 1324 (GV_CONFIGURED | GV_ENABLED))
1320 1325 continue;
1321 1326
1322 1327 if (v2->gv_state == RESTARTER_STATE_MAINT)
1323 1328 continue;
1324 1329
1325 1330 if (v2->gv_flags & GV_TOOFFLINE)
1326 1331 continue;
1327 1332
1328 1333 svc_any_qualified = B_TRUE;
1329 1334
1330 1335 if (v2->gv_state == RESTARTER_STATE_OFFLINE) {
1331 1336 /*
1332 1337 * For offline dependencies, treat
1333 1338 * unsatisfiable as satisfied.
1334 1339 */
1335 1340 i = dependency_satisfied(v2, B_TRUE);
1336 1341 if (i == -1)
1337 1342 i = 1;
1338 1343 } else if (v2->gv_state ==
1339 1344 RESTARTER_STATE_DISABLED) {
1340 1345 i = 0;
1341 1346 } else {
1342 1347 i = dependency_satisfied(v2, satbility);
1343 1348 }
1344 1349
1345 1350 if (i == 1) {
1346 1351 svc_satisfied = B_TRUE;
1347 1352 break;
1348 1353 }
1349 1354 if (i == 0)
1350 1355 svc_satisfiable = B_TRUE;
1351 1356 }
1352 1357
1353 1358 if (!svc_any_qualified)
1354 1359 continue;
1355 1360 any_qualified = B_TRUE;
1356 1361 if (svc_satisfied) {
1357 1362 i = 1;
1358 1363 } else if (svc_satisfiable) {
1359 1364 i = 0;
1360 1365 } else {
1361 1366 i = -1;
1362 1367 }
1363 1368 break;
1364 1369 }
1365 1370
1366 1371 case GVT_GROUP:
1367 1372 default:
1368 1373 #ifndef NDEBUG
1369 1374 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1370 1375 __LINE__, v->gv_type);
1371 1376 #endif
1372 1377 abort();
1373 1378 }
1374 1379
1375 1380 if (i == 1)
1376 1381 continue;
1377 1382
1378 1383 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES,
1379 1384 "optional_all(%s): %s is unsatisfi%s.\n", groupv->gv_name,
1380 1385 v->gv_name, i == 0 ? "ed" : "able");
1381 1386
1382 1387 if (!satbility)
1383 1388 return (0);
1384 1389 if (i == -1)
1385 1390 return (-1);
1386 1391 any_unsatisfied = B_TRUE;
1387 1392 }
1388 1393
1389 1394 if (!any_qualified)
1390 1395 return (1);
1391 1396
1392 1397 return (any_unsatisfied ? 0 : 1);
1393 1398 }
1394 1399
1395 1400 /*
1396 1401 * An exclude_all dependency is unsatisfied if any non-service element is
1397 1402 * satisfied or any service instance which is configured, enabled, and not in
1398 1403 * maintenance is satisfied. Usually when unsatisfied, it is also
1399 1404 * unsatisfiable.
1400 1405 */
1401 1406 #define LOG_EXCLUDE(u, v) \
1402 1407 log_framework2(LOG_DEBUG, DEBUG_DEPENDENCIES, \
1403 1408 "exclude_all(%s): %s is satisfied.\n", \
1404 1409 (u)->gv_name, (v)->gv_name)
1405 1410
1406 1411 /* ARGSUSED */
1407 1412 static int
1408 1413 exclude_all_satisfied(graph_vertex_t *groupv, boolean_t satbility)
1409 1414 {
1410 1415 graph_edge_t *edge, *e2;
1411 1416 graph_vertex_t *v, *v2;
1412 1417
1413 1418 for (edge = uu_list_first(groupv->gv_dependencies);
1414 1419 edge != NULL;
1415 1420 edge = uu_list_next(groupv->gv_dependencies, edge)) {
1416 1421 v = edge->ge_vertex;
1417 1422
1418 1423 switch (v->gv_type) {
1419 1424 case GVT_INST:
1420 1425 if ((v->gv_flags & GV_CONFIGURED) == 0)
1421 1426 continue;
1422 1427
1423 1428 switch (v->gv_state) {
1424 1429 case RESTARTER_STATE_ONLINE:
1425 1430 case RESTARTER_STATE_DEGRADED:
1426 1431 LOG_EXCLUDE(groupv, v);
1427 1432 return (v->gv_flags & GV_ENABLED ? -1 : 0);
1428 1433
1429 1434 case RESTARTER_STATE_OFFLINE:
1430 1435 case RESTARTER_STATE_UNINIT:
1431 1436 LOG_EXCLUDE(groupv, v);
1432 1437 return (0);
1433 1438
1434 1439 case RESTARTER_STATE_DISABLED:
1435 1440 case RESTARTER_STATE_MAINT:
1436 1441 continue;
1437 1442
1438 1443 default:
1439 1444 #ifndef NDEBUG
1440 1445 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1441 1446 __FILE__, __LINE__, v->gv_state);
1442 1447 #endif
1443 1448 abort();
1444 1449 }
1445 1450 /* NOTREACHED */
1446 1451
1447 1452 case GVT_SVC:
1448 1453 break;
1449 1454
1450 1455 case GVT_FILE:
1451 1456 if (!file_ready(v))
1452 1457 continue;
1453 1458 LOG_EXCLUDE(groupv, v);
1454 1459 return (-1);
1455 1460
1456 1461 case GVT_GROUP:
1457 1462 default:
1458 1463 #ifndef NDEBUG
1459 1464 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
1460 1465 __LINE__, v->gv_type);
1461 1466 #endif
1462 1467 abort();
1463 1468 }
1464 1469
1465 1470 /* v represents a service */
1466 1471 if (uu_list_numnodes(v->gv_dependencies) == 0)
1467 1472 continue;
1468 1473
1469 1474 for (e2 = uu_list_first(v->gv_dependencies);
1470 1475 e2 != NULL;
1471 1476 e2 = uu_list_next(v->gv_dependencies, e2)) {
1472 1477 v2 = e2->ge_vertex;
1473 1478 assert(v2->gv_type == GVT_INST);
1474 1479
1475 1480 if ((v2->gv_flags & GV_CONFIGURED) == 0)
1476 1481 continue;
1477 1482
1478 1483 switch (v2->gv_state) {
1479 1484 case RESTARTER_STATE_ONLINE:
1480 1485 case RESTARTER_STATE_DEGRADED:
1481 1486 LOG_EXCLUDE(groupv, v2);
1482 1487 return (v2->gv_flags & GV_ENABLED ? -1 : 0);
1483 1488
1484 1489 case RESTARTER_STATE_OFFLINE:
1485 1490 case RESTARTER_STATE_UNINIT:
1486 1491 LOG_EXCLUDE(groupv, v2);
1487 1492 return (0);
1488 1493
1489 1494 case RESTARTER_STATE_DISABLED:
1490 1495 case RESTARTER_STATE_MAINT:
1491 1496 continue;
1492 1497
1493 1498 default:
1494 1499 #ifndef NDEBUG
1495 1500 uu_warn("%s:%d: Unexpected vertex type %d.\n",
1496 1501 __FILE__, __LINE__, v2->gv_type);
1497 1502 #endif
1498 1503 abort();
1499 1504 }
1500 1505 }
1501 1506 }
1502 1507
1503 1508 return (1);
1504 1509 }
1505 1510
1506 1511 /*
1507 1512 * int instance_satisfied()
1508 1513 * Determine if all the dependencies are satisfied for the supplied instance
1509 1514 * vertex. Return 1 if they are, 0 if they aren't, and -1 if they won't be
1510 1515 * without administrator intervention.
1511 1516 */
1512 1517 static int
1513 1518 instance_satisfied(graph_vertex_t *v, boolean_t satbility)
1514 1519 {
1515 1520 assert(v->gv_type == GVT_INST);
1516 1521 assert(!inst_running(v));
1517 1522
1518 1523 return (require_all_satisfied(v, satbility));
1519 1524 }
1520 1525
1521 1526 /*
1522 1527 * Decide whether v can satisfy a dependency. v can either be a child of
1523 1528 * a group vertex, or of an instance vertex.
1524 1529 */
1525 1530 static int
1526 1531 dependency_satisfied(graph_vertex_t *v, boolean_t satbility)
1527 1532 {
1528 1533 switch (v->gv_type) {
1529 1534 case GVT_INST:
1530 1535 if ((v->gv_flags & GV_CONFIGURED) == 0) {
1531 1536 if (v->gv_flags & GV_DEATHROW) {
1532 1537 /*
1533 1538 * A dependency on an instance with GV_DEATHROW
1534 1539 * flag is always considered as satisfied.
1535 1540 */
1536 1541 return (1);
1537 1542 }
1538 1543 return (-1);
1539 1544 }
1540 1545
1541 1546 /*
1542 1547 * Any vertex with the GV_TOOFFLINE flag set is guaranteed
1543 1548 * to have its dependencies unsatisfiable.
1544 1549 */
1545 1550 if (v->gv_flags & GV_TOOFFLINE)
1546 1551 return (-1);
1547 1552
1548 1553 switch (v->gv_state) {
1549 1554 case RESTARTER_STATE_ONLINE:
1550 1555 case RESTARTER_STATE_DEGRADED:
1551 1556 return (1);
1552 1557
1553 1558 case RESTARTER_STATE_OFFLINE:
1554 1559 if (!satbility)
1555 1560 return (0);
1556 1561 return (instance_satisfied(v, satbility) != -1 ?
1557 1562 0 : -1);
1558 1563
1559 1564 case RESTARTER_STATE_DISABLED:
1560 1565 case RESTARTER_STATE_MAINT:
1561 1566 return (-1);
1562 1567
1563 1568 case RESTARTER_STATE_UNINIT:
1564 1569 return (0);
1565 1570
1566 1571 default:
1567 1572 #ifndef NDEBUG
1568 1573 uu_warn("%s:%d: Unexpected vertex state %d.\n",
1569 1574 __FILE__, __LINE__, v->gv_state);
1570 1575 #endif
1571 1576 abort();
1572 1577 /* NOTREACHED */
1573 1578 }
1574 1579
1575 1580 case GVT_SVC:
1576 1581 if (uu_list_numnodes(v->gv_dependencies) == 0)
1577 1582 return (-1);
1578 1583 return (require_any_satisfied(v, satbility));
1579 1584
1580 1585 case GVT_FILE:
1581 1586 /* i.e., we assume files will not be automatically generated */
1582 1587 return (file_ready(v) ? 1 : -1);
1583 1588
1584 1589 case GVT_GROUP:
1585 1590 break;
1586 1591
1587 1592 default:
1588 1593 #ifndef NDEBUG
1589 1594 uu_warn("%s:%d: Unexpected node type %d.\n", __FILE__, __LINE__,
1590 1595 v->gv_type);
1591 1596 #endif
1592 1597 abort();
1593 1598 /* NOTREACHED */
1594 1599 }
1595 1600
1596 1601 switch (v->gv_depgroup) {
1597 1602 case DEPGRP_REQUIRE_ANY:
1598 1603 return (require_any_satisfied(v, satbility));
1599 1604
1600 1605 case DEPGRP_REQUIRE_ALL:
1601 1606 return (require_all_satisfied(v, satbility));
1602 1607
1603 1608 case DEPGRP_OPTIONAL_ALL:
1604 1609 return (optional_all_satisfied(v, satbility));
1605 1610
1606 1611 case DEPGRP_EXCLUDE_ALL:
1607 1612 return (exclude_all_satisfied(v, satbility));
1608 1613
1609 1614 default:
1610 1615 #ifndef NDEBUG
1611 1616 uu_warn("%s:%d: Unknown dependency grouping %d.\n", __FILE__,
1612 1617 __LINE__, v->gv_depgroup);
1613 1618 #endif
1614 1619 abort();
1615 1620 }
1616 1621 }
1617 1622
1618 1623 void
1619 1624 graph_start_if_satisfied(graph_vertex_t *v)
1620 1625 {
1621 1626 if (v->gv_state == RESTARTER_STATE_OFFLINE &&
1622 1627 instance_satisfied(v, B_FALSE) == 1) {
1623 1628 if (v->gv_start_f == NULL)
1624 1629 vertex_send_event(v, RESTARTER_EVENT_TYPE_START);
1625 1630 else
1626 1631 v->gv_start_f(v);
1627 1632 }
1628 1633 }
1629 1634
1630 1635 /*
1631 1636 * propagate_satbility()
1632 1637 *
1633 1638 * This function is used when the given vertex changes state in such a way that
1634 1639 * one of its dependents may become unsatisfiable. This happens when an
1635 1640 * instance transitions between offline -> online, or from !running ->
1636 1641 * maintenance, as well as when an instance is removed from the graph.
1637 1642 *
1638 1643 * We have to walk all the dependents, since optional_all dependencies several
1639 1644 * levels up could become (un)satisfied, instead of unsatisfiable. For example,
1640 1645 *
1641 1646 * +-----+ optional_all +-----+ require_all +-----+
1642 1647 * | A |--------------->| B |-------------->| C |
1643 1648 * +-----+ +-----+ +-----+
1644 1649 *
1645 1650 * offline -> maintenance
1646 1651 *
1647 1652 * If C goes into maintenance, it's not enough simply to check B. Because A has
1648 1653 * an optional dependency, what was previously an unsatisfiable situation is now
1649 1654 * satisfied (B will never come online, even though its state hasn't changed).
1650 1655 *
1651 1656 * Note that it's not necessary to continue examining dependents after reaching
1652 1657 * an optional_all dependency. It's not possible for an optional_all dependency
1653 1658 * to change satisfiability without also coming online, in which case we get a
1654 1659 * start event and propagation continues naturally. However, it does no harm to
1655 1660 * continue propagating satisfiability (as it is a relatively rare event), and
1656 1661 * keeps the walker code simple and generic.
1657 1662 */
1658 1663 /*ARGSUSED*/
1659 1664 static int
1660 1665 satbility_cb(graph_vertex_t *v, void *arg)
1661 1666 {
1662 1667 if (v->gv_type == GVT_INST)
1663 1668 graph_start_if_satisfied(v);
1664 1669
1665 1670 return (UU_WALK_NEXT);
1666 1671 }
1667 1672
1668 1673 static void
1669 1674 propagate_satbility(graph_vertex_t *v)
1670 1675 {
1671 1676 graph_walk(v, WALK_DEPENDENTS, satbility_cb, NULL, NULL);
1672 1677 }
1673 1678
1674 1679 static void propagate_stop(graph_vertex_t *, void *);
1675 1680
1676 1681 /* ARGSUSED */
1677 1682 static void
1678 1683 propagate_start(graph_vertex_t *v, void *arg)
1679 1684 {
1680 1685 switch (v->gv_type) {
1681 1686 case GVT_INST:
1682 1687 graph_start_if_satisfied(v);
1683 1688 break;
1684 1689
1685 1690 case GVT_GROUP:
1686 1691 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1687 1692 graph_walk_dependents(v, propagate_stop,
1688 1693 (void *)RERR_RESTART);
1689 1694 break;
1690 1695 }
1691 1696 /* FALLTHROUGH */
1692 1697
1693 1698 case GVT_SVC:
1694 1699 graph_walk_dependents(v, propagate_start, NULL);
1695 1700 break;
1696 1701
1697 1702 case GVT_FILE:
1698 1703 #ifndef NDEBUG
1699 1704 uu_warn("%s:%d: propagate_start() encountered GVT_FILE.\n",
1700 1705 __FILE__, __LINE__);
1701 1706 #endif
1702 1707 abort();
1703 1708 /* NOTREACHED */
1704 1709
1705 1710 default:
1706 1711 #ifndef NDEBUG
1707 1712 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1708 1713 v->gv_type);
1709 1714 #endif
1710 1715 abort();
1711 1716 }
1712 1717 }
1713 1718
1714 1719 static void
1715 1720 propagate_stop(graph_vertex_t *v, void *arg)
1716 1721 {
1717 1722 graph_edge_t *e;
1718 1723 graph_vertex_t *svc;
1719 1724 restarter_error_t err = (restarter_error_t)arg;
1720 1725
1721 1726 switch (v->gv_type) {
1722 1727 case GVT_INST:
1723 1728 /* Restarter */
1724 1729 if (err > RERR_NONE && inst_running(v))
1725 1730 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP);
1726 1731 break;
1727 1732
1728 1733 case GVT_SVC:
1729 1734 graph_walk_dependents(v, propagate_stop, arg);
1730 1735 break;
1731 1736
1732 1737 case GVT_FILE:
1733 1738 #ifndef NDEBUG
1734 1739 uu_warn("%s:%d: propagate_stop() encountered GVT_FILE.\n",
1735 1740 __FILE__, __LINE__);
1736 1741 #endif
1737 1742 abort();
1738 1743 /* NOTREACHED */
1739 1744
1740 1745 case GVT_GROUP:
1741 1746 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL) {
1742 1747 graph_walk_dependents(v, propagate_start, NULL);
1743 1748 break;
1744 1749 }
1745 1750
1746 1751 if (err == RERR_NONE || err > v->gv_restart)
1747 1752 break;
1748 1753
1749 1754 assert(uu_list_numnodes(v->gv_dependents) == 1);
1750 1755 e = uu_list_first(v->gv_dependents);
1751 1756 svc = e->ge_vertex;
1752 1757
1753 1758 if (inst_running(svc))
1754 1759 vertex_send_event(svc, RESTARTER_EVENT_TYPE_STOP);
1755 1760 break;
1756 1761
1757 1762 default:
1758 1763 #ifndef NDEBUG
1759 1764 uu_warn("%s:%d: Unknown vertex type %d.\n", __FILE__, __LINE__,
1760 1765 v->gv_type);
1761 1766 #endif
1762 1767 abort();
1763 1768 }
1764 1769 }
1765 1770
1766 1771 static void
1767 1772 offline_vertex(graph_vertex_t *v)
1768 1773 {
1769 1774 scf_handle_t *h = libscf_handle_create_bound_loop();
1770 1775 scf_instance_t *scf_inst = safe_scf_instance_create(h);
1771 1776 scf_propertygroup_t *pg = safe_scf_pg_create(h);
1772 1777 restarter_instance_state_t state, next_state;
1773 1778 int r;
1774 1779
1775 1780 assert(v->gv_type == GVT_INST);
1776 1781
1777 1782 if (scf_inst == NULL)
1778 1783 bad_error("safe_scf_instance_create", scf_error());
1779 1784 if (pg == NULL)
1780 1785 bad_error("safe_scf_pg_create", scf_error());
1781 1786
1782 1787 /* if the vertex is already going offline, return */
1783 1788 rep_retry:
1784 1789 if (scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, scf_inst, NULL,
1785 1790 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
1786 1791 switch (scf_error()) {
1787 1792 case SCF_ERROR_CONNECTION_BROKEN:
1788 1793 libscf_handle_rebind(h);
1789 1794 goto rep_retry;
1790 1795
1791 1796 case SCF_ERROR_NOT_FOUND:
1792 1797 scf_pg_destroy(pg);
1793 1798 scf_instance_destroy(scf_inst);
1794 1799 (void) scf_handle_unbind(h);
1795 1800 scf_handle_destroy(h);
1796 1801 return;
1797 1802 }
1798 1803 uu_die("Can't decode FMRI %s: %s\n", v->gv_name,
1799 1804 scf_strerror(scf_error()));
1800 1805 }
1801 1806
1802 1807 r = scf_instance_get_pg(scf_inst, SCF_PG_RESTARTER, pg);
1803 1808 if (r != 0) {
1804 1809 switch (scf_error()) {
1805 1810 case SCF_ERROR_CONNECTION_BROKEN:
1806 1811 libscf_handle_rebind(h);
1807 1812 goto rep_retry;
1808 1813
1809 1814 case SCF_ERROR_NOT_SET:
1810 1815 case SCF_ERROR_NOT_FOUND:
1811 1816 scf_pg_destroy(pg);
1812 1817 scf_instance_destroy(scf_inst);
1813 1818 (void) scf_handle_unbind(h);
1814 1819 scf_handle_destroy(h);
1815 1820 return;
1816 1821
1817 1822 default:
1818 1823 bad_error("scf_instance_get_pg", scf_error());
1819 1824 }
1820 1825 } else {
1821 1826 r = libscf_read_states(pg, &state, &next_state);
1822 1827 if (r == 0 && (next_state == RESTARTER_STATE_OFFLINE ||
1823 1828 next_state == RESTARTER_STATE_DISABLED)) {
1824 1829 log_framework(LOG_DEBUG,
1825 1830 "%s: instance is already going down.\n",
1826 1831 v->gv_name);
1827 1832 scf_pg_destroy(pg);
1828 1833 scf_instance_destroy(scf_inst);
1829 1834 (void) scf_handle_unbind(h);
1830 1835 scf_handle_destroy(h);
1831 1836 return;
1832 1837 }
1833 1838 }
1834 1839
1835 1840 scf_pg_destroy(pg);
1836 1841 scf_instance_destroy(scf_inst);
1837 1842 (void) scf_handle_unbind(h);
1838 1843 scf_handle_destroy(h);
1839 1844
1840 1845 vertex_send_event(v, RESTARTER_EVENT_TYPE_STOP);
1841 1846 }
1842 1847
1843 1848 /*
1844 1849 * void graph_enable_by_vertex()
1845 1850 * If admin is non-zero, this is an administrative request for change
1846 1851 * of the enabled property. Thus, send the ADMIN_DISABLE rather than
1847 1852 * a plain DISABLE restarter event.
1848 1853 */
1849 1854 void
1850 1855 graph_enable_by_vertex(graph_vertex_t *vertex, int enable, int admin)
1851 1856 {
1852 1857 graph_vertex_t *v;
1853 1858 int r;
1854 1859
1855 1860 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
1856 1861 assert((vertex->gv_flags & GV_CONFIGURED));
1857 1862
1858 1863 vertex->gv_flags = (vertex->gv_flags & ~GV_ENABLED) |
1859 1864 (enable ? GV_ENABLED : 0);
1860 1865
1861 1866 if (enable) {
1862 1867 if (vertex->gv_state != RESTARTER_STATE_OFFLINE &&
1863 1868 vertex->gv_state != RESTARTER_STATE_DEGRADED &&
1864 1869 vertex->gv_state != RESTARTER_STATE_ONLINE) {
1865 1870 /*
1866 1871 * In case the vertex was notified to go down,
1867 1872 * but now can return online, clear the _TOOFFLINE
1868 1873 * and _TODISABLE flags.
1869 1874 */
1870 1875 vertex->gv_flags &= ~GV_TOOFFLINE;
1871 1876 vertex->gv_flags &= ~GV_TODISABLE;
1872 1877
1873 1878 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ENABLE);
1874 1879 }
1875 1880
1876 1881 /*
1877 1882 * Wait for state update from restarter before sending _START or
1878 1883 * _STOP.
1879 1884 */
1880 1885
1881 1886 return;
1882 1887 }
1883 1888
1884 1889 if (vertex->gv_state == RESTARTER_STATE_DISABLED)
1885 1890 return;
1886 1891
1887 1892 if (!admin) {
1888 1893 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_DISABLE);
1889 1894
1890 1895 /*
1891 1896 * Wait for state update from restarter before sending _START or
1892 1897 * _STOP.
1893 1898 */
1894 1899
1895 1900 return;
1896 1901 }
1897 1902
1898 1903 /*
1899 1904 * If it is a DISABLE event requested by the administrator then we are
1900 1905 * offlining the dependents first.
1901 1906 */
1902 1907
1903 1908 /*
1904 1909 * Set GV_TOOFFLINE for the services we are offlining. We cannot
1905 1910 * clear the GV_TOOFFLINE bits from all the services because
1906 1911 * other DISABLE events might be handled at the same time.
1907 1912 */
1908 1913 vertex->gv_flags |= GV_TOOFFLINE;
1909 1914
1910 1915 /* remember which vertex to disable... */
1911 1916 vertex->gv_flags |= GV_TODISABLE;
1912 1917
1913 1918 log_framework(LOG_DEBUG, "Marking in-subtree vertices before "
1914 1919 "disabling %s.\n", vertex->gv_name);
1915 1920
1916 1921 /* set GV_TOOFFLINE for its dependents */
1917 1922 r = uu_list_walk(vertex->gv_dependents, (uu_walk_fn_t *)mark_subtree,
1918 1923 NULL, 0);
1919 1924 assert(r == 0);
1920 1925
1921 1926 /* disable the instance now if there is nothing else to offline */
1922 1927 if (insubtree_dependents_down(vertex) == B_TRUE) {
1923 1928 vertex_send_event(vertex, RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
1924 1929 return;
1925 1930 }
1926 1931
1927 1932 /*
1928 1933 * This loop is similar to the one used for the graph reversal shutdown
1929 1934 * and could be improved in term of performance for the subtree reversal
1930 1935 * disable case.
1931 1936 */
1932 1937 for (v = uu_list_first(dgraph); v != NULL;
1933 1938 v = uu_list_next(dgraph, v)) {
1934 1939 /* skip the vertex we are disabling for now */
1935 1940 if (v == vertex)
1936 1941 continue;
1937 1942
1938 1943 if (v->gv_type != GVT_INST ||
1939 1944 (v->gv_flags & GV_CONFIGURED) == 0 ||
1940 1945 (v->gv_flags & GV_ENABLED) == 0 ||
1941 1946 (v->gv_flags & GV_TOOFFLINE) == 0)
1942 1947 continue;
1943 1948
1944 1949 if ((v->gv_state != RESTARTER_STATE_ONLINE) &&
1945 1950 (v->gv_state != RESTARTER_STATE_DEGRADED)) {
1946 1951 /* continue if there is nothing to offline */
1947 1952 continue;
1948 1953 }
1949 1954
1950 1955 /*
1951 1956 * Instances which are up need to come down before we're
1952 1957 * done, but we can only offline the leaves here. An
1953 1958 * instance is a leaf when all its dependents are down.
1954 1959 */
1955 1960 if (insubtree_dependents_down(v) == B_TRUE) {
1956 1961 log_framework(LOG_DEBUG, "Offlining in-subtree "
1957 1962 "instance %s for %s.\n",
1958 1963 v->gv_name, vertex->gv_name);
1959 1964 offline_vertex(v);
1960 1965 }
1961 1966 }
1962 1967 }
1963 1968
1964 1969 static int configure_vertex(graph_vertex_t *, scf_instance_t *);
1965 1970
1966 1971 /*
1967 1972 * Set the restarter for v to fmri_arg. That is, make sure a vertex for
1968 1973 * fmri_arg exists, make v depend on it, and send _ADD_INSTANCE for v. If
1969 1974 * v is already configured and fmri_arg indicates the current restarter, do
1970 1975 * nothing. If v is configured and fmri_arg is a new restarter, delete v's
1971 1976 * dependency on the restarter, send _REMOVE_INSTANCE for v, and set the new
1972 1977 * restarter. Returns 0 on success, EINVAL if the FMRI is invalid,
1973 1978 * ECONNABORTED if the repository connection is broken, and ELOOP
1974 1979 * if the dependency would create a cycle. In the last case, *pathp will
1975 1980 * point to a -1-terminated array of ids which compose the path from v to
1976 1981 * restarter_fmri.
1977 1982 */
1978 1983 int
1979 1984 graph_change_restarter(graph_vertex_t *v, const char *fmri_arg, scf_handle_t *h,
1980 1985 int **pathp)
1981 1986 {
1982 1987 char *restarter_fmri = NULL;
1983 1988 graph_vertex_t *rv;
1984 1989 int err;
1985 1990 int id;
1986 1991
1987 1992 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
1988 1993
1989 1994 if (fmri_arg[0] != '\0') {
1990 1995 err = fmri_canonify(fmri_arg, &restarter_fmri, B_TRUE);
1991 1996 if (err != 0) {
1992 1997 assert(err == EINVAL);
1993 1998 return (err);
1994 1999 }
1995 2000 }
1996 2001
1997 2002 if (restarter_fmri == NULL ||
1998 2003 strcmp(restarter_fmri, SCF_SERVICE_STARTD) == 0) {
1999 2004 if (v->gv_flags & GV_CONFIGURED) {
2000 2005 if (v->gv_restarter_id == -1) {
2001 2006 if (restarter_fmri != NULL)
2002 2007 startd_free(restarter_fmri,
2003 2008 max_scf_fmri_size);
2004 2009 return (0);
2005 2010 }
2006 2011
2007 2012 graph_unset_restarter(v);
2008 2013 }
2009 2014
2010 2015 /* Master restarter, nothing to do. */
2011 2016 v->gv_restarter_id = -1;
2012 2017 v->gv_restarter_channel = NULL;
2013 2018 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2014 2019 return (0);
2015 2020 }
2016 2021
2017 2022 if (v->gv_flags & GV_CONFIGURED) {
2018 2023 id = dict_lookup_byname(restarter_fmri);
2019 2024 if (id != -1 && v->gv_restarter_id == id) {
2020 2025 startd_free(restarter_fmri, max_scf_fmri_size);
2021 2026 return (0);
2022 2027 }
2023 2028
2024 2029 graph_unset_restarter(v);
2025 2030 }
2026 2031
2027 2032 err = graph_insert_vertex_unconfigured(restarter_fmri, GVT_INST, 0,
2028 2033 RERR_NONE, &rv);
2029 2034 startd_free(restarter_fmri, max_scf_fmri_size);
2030 2035 assert(err == 0 || err == EEXIST);
2031 2036
2032 2037 if (rv->gv_delegate_initialized == 0) {
2033 2038 rv->gv_delegate_channel = restarter_protocol_init_delegate(
2034 2039 rv->gv_name);
2035 2040 rv->gv_delegate_initialized = 1;
2036 2041 }
2037 2042 v->gv_restarter_id = rv->gv_id;
2038 2043 v->gv_restarter_channel = rv->gv_delegate_channel;
2039 2044
2040 2045 err = graph_insert_dependency(v, rv, pathp);
2041 2046 if (err != 0) {
2042 2047 assert(err == ELOOP);
2043 2048 return (ELOOP);
2044 2049 }
2045 2050
2046 2051 vertex_send_event(v, RESTARTER_EVENT_TYPE_ADD_INSTANCE);
2047 2052
2048 2053 if (!(rv->gv_flags & GV_CONFIGURED)) {
2049 2054 scf_instance_t *inst;
2050 2055
2051 2056 err = libscf_fmri_get_instance(h, rv->gv_name, &inst);
2052 2057 switch (err) {
2053 2058 case 0:
2054 2059 err = configure_vertex(rv, inst);
2055 2060 scf_instance_destroy(inst);
2056 2061 switch (err) {
2057 2062 case 0:
2058 2063 case ECANCELED:
2059 2064 break;
2060 2065
2061 2066 case ECONNABORTED:
2062 2067 return (ECONNABORTED);
2063 2068
2064 2069 default:
2065 2070 bad_error("configure_vertex", err);
2066 2071 }
2067 2072 break;
2068 2073
2069 2074 case ECONNABORTED:
2070 2075 return (ECONNABORTED);
2071 2076
2072 2077 case ENOENT:
2073 2078 break;
2074 2079
2075 2080 case ENOTSUP:
2076 2081 /*
2077 2082 * The fmri doesn't specify an instance - translate
2078 2083 * to EINVAL.
2079 2084 */
2080 2085 return (EINVAL);
2081 2086
2082 2087 case EINVAL:
2083 2088 default:
2084 2089 bad_error("libscf_fmri_get_instance", err);
2085 2090 }
2086 2091 }
2087 2092
2088 2093 return (0);
2089 2094 }
2090 2095
2091 2096
2092 2097 /*
2093 2098 * Add all of the instances of the service named by fmri to the graph.
2094 2099 * Returns
2095 2100 * 0 - success
2096 2101 * ENOENT - service indicated by fmri does not exist
2097 2102 *
2098 2103 * In both cases *reboundp will be B_TRUE if the handle was rebound, or B_FALSE
2099 2104 * otherwise.
2100 2105 */
2101 2106 static int
2102 2107 add_service(const char *fmri, scf_handle_t *h, boolean_t *reboundp)
2103 2108 {
2104 2109 scf_service_t *svc;
2105 2110 scf_instance_t *inst;
2106 2111 scf_iter_t *iter;
2107 2112 char *inst_fmri;
2108 2113 int ret, r;
2109 2114
2110 2115 *reboundp = B_FALSE;
2111 2116
2112 2117 svc = safe_scf_service_create(h);
2113 2118 inst = safe_scf_instance_create(h);
2114 2119 iter = safe_scf_iter_create(h);
2115 2120 inst_fmri = startd_alloc(max_scf_fmri_size);
2116 2121
2117 2122 rebound:
2118 2123 if (scf_handle_decode_fmri(h, fmri, NULL, svc, NULL, NULL, NULL,
2119 2124 SCF_DECODE_FMRI_EXACT) != 0) {
2120 2125 switch (scf_error()) {
2121 2126 case SCF_ERROR_CONNECTION_BROKEN:
2122 2127 default:
2123 2128 libscf_handle_rebind(h);
2124 2129 *reboundp = B_TRUE;
2125 2130 goto rebound;
2126 2131
2127 2132 case SCF_ERROR_NOT_FOUND:
2128 2133 ret = ENOENT;
2129 2134 goto out;
2130 2135
2131 2136 case SCF_ERROR_INVALID_ARGUMENT:
2132 2137 case SCF_ERROR_CONSTRAINT_VIOLATED:
2133 2138 case SCF_ERROR_NOT_BOUND:
2134 2139 case SCF_ERROR_HANDLE_MISMATCH:
2135 2140 bad_error("scf_handle_decode_fmri", scf_error());
2136 2141 }
2137 2142 }
2138 2143
2139 2144 if (scf_iter_service_instances(iter, svc) != 0) {
2140 2145 switch (scf_error()) {
2141 2146 case SCF_ERROR_CONNECTION_BROKEN:
2142 2147 default:
2143 2148 libscf_handle_rebind(h);
2144 2149 *reboundp = B_TRUE;
2145 2150 goto rebound;
2146 2151
2147 2152 case SCF_ERROR_DELETED:
2148 2153 ret = ENOENT;
2149 2154 goto out;
2150 2155
2151 2156 case SCF_ERROR_HANDLE_MISMATCH:
2152 2157 case SCF_ERROR_NOT_BOUND:
2153 2158 case SCF_ERROR_NOT_SET:
2154 2159 bad_error("scf_iter_service_instances", scf_error());
2155 2160 }
2156 2161 }
2157 2162
2158 2163 for (;;) {
2159 2164 r = scf_iter_next_instance(iter, inst);
2160 2165 if (r == 0)
2161 2166 break;
2162 2167 if (r != 1) {
2163 2168 switch (scf_error()) {
2164 2169 case SCF_ERROR_CONNECTION_BROKEN:
2165 2170 default:
2166 2171 libscf_handle_rebind(h);
2167 2172 *reboundp = B_TRUE;
2168 2173 goto rebound;
2169 2174
2170 2175 case SCF_ERROR_DELETED:
2171 2176 ret = ENOENT;
2172 2177 goto out;
2173 2178
2174 2179 case SCF_ERROR_HANDLE_MISMATCH:
2175 2180 case SCF_ERROR_NOT_BOUND:
2176 2181 case SCF_ERROR_NOT_SET:
2177 2182 case SCF_ERROR_INVALID_ARGUMENT:
2178 2183 bad_error("scf_iter_next_instance",
2179 2184 scf_error());
2180 2185 }
2181 2186 }
2182 2187
2183 2188 if (scf_instance_to_fmri(inst, inst_fmri, max_scf_fmri_size) <
2184 2189 0) {
2185 2190 switch (scf_error()) {
2186 2191 case SCF_ERROR_CONNECTION_BROKEN:
2187 2192 libscf_handle_rebind(h);
2188 2193 *reboundp = B_TRUE;
2189 2194 goto rebound;
2190 2195
2191 2196 case SCF_ERROR_DELETED:
2192 2197 continue;
2193 2198
2194 2199 case SCF_ERROR_NOT_BOUND:
2195 2200 case SCF_ERROR_NOT_SET:
2196 2201 bad_error("scf_instance_to_fmri", scf_error());
2197 2202 }
2198 2203 }
2199 2204
2200 2205 r = dgraph_add_instance(inst_fmri, inst, B_FALSE);
2201 2206 switch (r) {
2202 2207 case 0:
2203 2208 case ECANCELED:
2204 2209 break;
2205 2210
2206 2211 case EEXIST:
2207 2212 continue;
2208 2213
2209 2214 case ECONNABORTED:
2210 2215 libscf_handle_rebind(h);
2211 2216 *reboundp = B_TRUE;
2212 2217 goto rebound;
2213 2218
2214 2219 case EINVAL:
2215 2220 default:
2216 2221 bad_error("dgraph_add_instance", r);
2217 2222 }
2218 2223 }
2219 2224
2220 2225 ret = 0;
2221 2226
2222 2227 out:
2223 2228 startd_free(inst_fmri, max_scf_fmri_size);
2224 2229 scf_iter_destroy(iter);
2225 2230 scf_instance_destroy(inst);
2226 2231 scf_service_destroy(svc);
2227 2232 return (ret);
2228 2233 }
2229 2234
2230 2235 struct depfmri_info {
2231 2236 graph_vertex_t *v; /* GVT_GROUP vertex */
2232 2237 gv_type_t type; /* type of dependency */
2233 2238 const char *inst_fmri; /* FMRI of parental GVT_INST vert. */
2234 2239 const char *pg_name; /* Name of dependency pg */
2235 2240 scf_handle_t *h;
2236 2241 int err; /* return error code */
2237 2242 int **pathp; /* return circular dependency path */
2238 2243 };
2239 2244
2240 2245 /*
2241 2246 * Find or create a vertex for fmri and make info->v depend on it.
2242 2247 * Returns
2243 2248 * 0 - success
2244 2249 * nonzero - failure
2245 2250 *
2246 2251 * On failure, sets info->err to
2247 2252 * EINVAL - fmri is invalid
2248 2253 * fmri does not match info->type
2249 2254 * ELOOP - Adding the dependency creates a circular dependency. *info->pathp
2250 2255 * will point to an array of the ids of the members of the cycle.
2251 2256 * ECONNABORTED - repository connection was broken
2252 2257 * ECONNRESET - succeeded, but repository connection was reset
2253 2258 */
2254 2259 static int
2255 2260 process_dependency_fmri(const char *fmri, struct depfmri_info *info)
2256 2261 {
2257 2262 int err;
2258 2263 graph_vertex_t *depgroup_v, *v;
2259 2264 char *fmri_copy, *cfmri;
2260 2265 size_t fmri_copy_sz;
2261 2266 const char *scope, *service, *instance, *pg;
2262 2267 scf_instance_t *inst;
2263 2268 boolean_t rebound;
2264 2269
2265 2270 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2266 2271
2267 2272 /* Get or create vertex for FMRI */
2268 2273 depgroup_v = info->v;
2269 2274
2270 2275 if (strncmp(fmri, "file:", sizeof ("file:") - 1) == 0) {
2271 2276 if (info->type != GVT_FILE) {
2272 2277 log_framework(LOG_NOTICE,
2273 2278 "FMRI \"%s\" is not allowed for the \"%s\" "
2274 2279 "dependency's type of instance %s.\n", fmri,
2275 2280 info->pg_name, info->inst_fmri);
2276 2281 return (info->err = EINVAL);
2277 2282 }
2278 2283
2279 2284 err = graph_insert_vertex_unconfigured(fmri, info->type, 0,
2280 2285 RERR_NONE, &v);
2281 2286 switch (err) {
2282 2287 case 0:
2283 2288 break;
2284 2289
2285 2290 case EEXIST:
2286 2291 assert(v->gv_type == GVT_FILE);
2287 2292 break;
2288 2293
2289 2294 case EINVAL: /* prevented above */
2290 2295 default:
2291 2296 bad_error("graph_insert_vertex_unconfigured", err);
2292 2297 }
2293 2298 } else {
2294 2299 if (info->type != GVT_INST) {
2295 2300 log_framework(LOG_NOTICE,
2296 2301 "FMRI \"%s\" is not allowed for the \"%s\" "
2297 2302 "dependency's type of instance %s.\n", fmri,
2298 2303 info->pg_name, info->inst_fmri);
2299 2304 return (info->err = EINVAL);
2300 2305 }
2301 2306
2302 2307 /*
2303 2308 * We must canonify fmri & add a vertex for it.
2304 2309 */
2305 2310 fmri_copy_sz = strlen(fmri) + 1;
2306 2311 fmri_copy = startd_alloc(fmri_copy_sz);
2307 2312 (void) strcpy(fmri_copy, fmri);
2308 2313
2309 2314 /* Determine if the FMRI is a property group or instance */
2310 2315 if (scf_parse_svc_fmri(fmri_copy, &scope, &service,
2311 2316 &instance, &pg, NULL) != 0) {
2312 2317 startd_free(fmri_copy, fmri_copy_sz);
2313 2318 log_framework(LOG_NOTICE,
2314 2319 "Dependency \"%s\" of %s has invalid FMRI "
2315 2320 "\"%s\".\n", info->pg_name, info->inst_fmri,
2316 2321 fmri);
2317 2322 return (info->err = EINVAL);
2318 2323 }
2319 2324
2320 2325 if (service == NULL || pg != NULL) {
2321 2326 startd_free(fmri_copy, fmri_copy_sz);
2322 2327 log_framework(LOG_NOTICE,
2323 2328 "Dependency \"%s\" of %s does not designate a "
2324 2329 "service or instance.\n", info->pg_name,
2325 2330 info->inst_fmri);
2326 2331 return (info->err = EINVAL);
2327 2332 }
2328 2333
2329 2334 if (scope == NULL || strcmp(scope, SCF_SCOPE_LOCAL) == 0) {
2330 2335 cfmri = uu_msprintf("svc:/%s%s%s",
2331 2336 service, instance ? ":" : "", instance ? instance :
2332 2337 "");
2333 2338 } else {
2334 2339 cfmri = uu_msprintf("svc://%s/%s%s%s",
2335 2340 scope, service, instance ? ":" : "", instance ?
2336 2341 instance : "");
2337 2342 }
2338 2343
2339 2344 startd_free(fmri_copy, fmri_copy_sz);
2340 2345
2341 2346 err = graph_insert_vertex_unconfigured(cfmri, instance ?
2342 2347 GVT_INST : GVT_SVC, instance ? 0 : DEPGRP_REQUIRE_ANY,
2343 2348 RERR_NONE, &v);
2344 2349 uu_free(cfmri);
2345 2350 switch (err) {
2346 2351 case 0:
2347 2352 break;
2348 2353
2349 2354 case EEXIST:
2350 2355 /* Verify v. */
2351 2356 if (instance != NULL)
2352 2357 assert(v->gv_type == GVT_INST);
2353 2358 else
2354 2359 assert(v->gv_type == GVT_SVC);
2355 2360 break;
2356 2361
2357 2362 default:
2358 2363 bad_error("graph_insert_vertex_unconfigured", err);
2359 2364 }
2360 2365 }
2361 2366
2362 2367 /* Add dependency from depgroup_v to new vertex */
2363 2368 info->err = graph_insert_dependency(depgroup_v, v, info->pathp);
2364 2369 switch (info->err) {
2365 2370 case 0:
2366 2371 break;
2367 2372
2368 2373 case ELOOP:
2369 2374 return (ELOOP);
2370 2375
2371 2376 default:
2372 2377 bad_error("graph_insert_dependency", info->err);
2373 2378 }
2374 2379
2375 2380 /* This must be after we insert the dependency, to avoid looping. */
2376 2381 switch (v->gv_type) {
2377 2382 case GVT_INST:
2378 2383 if ((v->gv_flags & GV_CONFIGURED) != 0)
2379 2384 break;
2380 2385
2381 2386 inst = safe_scf_instance_create(info->h);
2382 2387
2383 2388 rebound = B_FALSE;
2384 2389
2385 2390 rebound:
2386 2391 err = libscf_lookup_instance(v->gv_name, inst);
2387 2392 switch (err) {
2388 2393 case 0:
2389 2394 err = configure_vertex(v, inst);
2390 2395 switch (err) {
2391 2396 case 0:
2392 2397 case ECANCELED:
2393 2398 break;
2394 2399
2395 2400 case ECONNABORTED:
2396 2401 libscf_handle_rebind(info->h);
2397 2402 rebound = B_TRUE;
2398 2403 goto rebound;
2399 2404
2400 2405 default:
2401 2406 bad_error("configure_vertex", err);
2402 2407 }
2403 2408 break;
2404 2409
2405 2410 case ENOENT:
2406 2411 break;
2407 2412
2408 2413 case ECONNABORTED:
2409 2414 libscf_handle_rebind(info->h);
2410 2415 rebound = B_TRUE;
2411 2416 goto rebound;
2412 2417
2413 2418 case EINVAL:
2414 2419 case ENOTSUP:
2415 2420 default:
2416 2421 bad_error("libscf_fmri_get_instance", err);
2417 2422 }
2418 2423
2419 2424 scf_instance_destroy(inst);
2420 2425
2421 2426 if (rebound)
2422 2427 return (info->err = ECONNRESET);
2423 2428 break;
2424 2429
2425 2430 case GVT_SVC:
2426 2431 (void) add_service(v->gv_name, info->h, &rebound);
2427 2432 if (rebound)
2428 2433 return (info->err = ECONNRESET);
2429 2434 }
2430 2435
2431 2436 return (0);
2432 2437 }
2433 2438
2434 2439 struct deppg_info {
2435 2440 graph_vertex_t *v; /* GVT_INST vertex */
2436 2441 int err; /* return error */
2437 2442 int **pathp; /* return circular dependency path */
2438 2443 };
2439 2444
2440 2445 /*
2441 2446 * Make info->v depend on a new GVT_GROUP node for this property group,
2442 2447 * and then call process_dependency_fmri() for the values of the entity
2443 2448 * property. Return 0 on success, or if something goes wrong return nonzero
2444 2449 * and set info->err to ECONNABORTED, EINVAL, or the error code returned by
2445 2450 * process_dependency_fmri().
2446 2451 */
2447 2452 static int
2448 2453 process_dependency_pg(scf_propertygroup_t *pg, struct deppg_info *info)
2449 2454 {
2450 2455 scf_handle_t *h;
2451 2456 depgroup_type_t deptype;
2452 2457 restarter_error_t rerr;
2453 2458 struct depfmri_info linfo;
2454 2459 char *fmri, *pg_name;
2455 2460 size_t fmri_sz;
2456 2461 graph_vertex_t *depgrp;
2457 2462 scf_property_t *prop;
2458 2463 int err;
2459 2464 int empty;
2460 2465 scf_error_t scferr;
2461 2466 ssize_t len;
2462 2467
2463 2468 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2464 2469
2465 2470 h = scf_pg_handle(pg);
2466 2471
2467 2472 pg_name = startd_alloc(max_scf_name_size);
2468 2473
2469 2474 len = scf_pg_get_name(pg, pg_name, max_scf_name_size);
2470 2475 if (len < 0) {
2471 2476 startd_free(pg_name, max_scf_name_size);
2472 2477 switch (scf_error()) {
2473 2478 case SCF_ERROR_CONNECTION_BROKEN:
2474 2479 default:
2475 2480 return (info->err = ECONNABORTED);
2476 2481
2477 2482 case SCF_ERROR_DELETED:
2478 2483 return (info->err = 0);
2479 2484
2480 2485 case SCF_ERROR_NOT_SET:
2481 2486 bad_error("scf_pg_get_name", scf_error());
2482 2487 }
2483 2488 }
2484 2489
2485 2490 /*
2486 2491 * Skip over empty dependency groups. Since dependency property
2487 2492 * groups are updated atomically, they are either empty or
2488 2493 * fully populated.
2489 2494 */
2490 2495 empty = depgroup_empty(h, pg);
2491 2496 if (empty < 0) {
2492 2497 log_error(LOG_INFO,
2493 2498 "Error reading dependency group \"%s\" of %s: %s\n",
2494 2499 pg_name, info->v->gv_name, scf_strerror(scf_error()));
2495 2500 startd_free(pg_name, max_scf_name_size);
2496 2501 return (info->err = EINVAL);
2497 2502
2498 2503 } else if (empty == 1) {
2499 2504 log_framework(LOG_DEBUG,
2500 2505 "Ignoring empty dependency group \"%s\" of %s\n",
2501 2506 pg_name, info->v->gv_name);
2502 2507 startd_free(pg_name, max_scf_name_size);
2503 2508 return (info->err = 0);
2504 2509 }
2505 2510
2506 2511 fmri_sz = strlen(info->v->gv_name) + 1 + len + 1;
2507 2512 fmri = startd_alloc(fmri_sz);
2508 2513
2509 2514 (void) snprintf(fmri, max_scf_name_size, "%s>%s", info->v->gv_name,
2510 2515 pg_name);
2511 2516
2512 2517 /* Validate the pg before modifying the graph */
2513 2518 deptype = depgroup_read_grouping(h, pg);
2514 2519 if (deptype == DEPGRP_UNSUPPORTED) {
2515 2520 log_error(LOG_INFO,
2516 2521 "Dependency \"%s\" of %s has an unknown grouping value.\n",
2517 2522 pg_name, info->v->gv_name);
2518 2523 startd_free(fmri, fmri_sz);
2519 2524 startd_free(pg_name, max_scf_name_size);
2520 2525 return (info->err = EINVAL);
2521 2526 }
2522 2527
2523 2528 rerr = depgroup_read_restart(h, pg);
2524 2529 if (rerr == RERR_UNSUPPORTED) {
2525 2530 log_error(LOG_INFO,
2526 2531 "Dependency \"%s\" of %s has an unknown restart_on value."
2527 2532 "\n", pg_name, info->v->gv_name);
2528 2533 startd_free(fmri, fmri_sz);
2529 2534 startd_free(pg_name, max_scf_name_size);
2530 2535 return (info->err = EINVAL);
2531 2536 }
2532 2537
2533 2538 prop = safe_scf_property_create(h);
2534 2539
2535 2540 if (scf_pg_get_property(pg, SCF_PROPERTY_ENTITIES, prop) != 0) {
2536 2541 scferr = scf_error();
2537 2542 scf_property_destroy(prop);
2538 2543 if (scferr == SCF_ERROR_DELETED) {
2539 2544 startd_free(fmri, fmri_sz);
2540 2545 startd_free(pg_name, max_scf_name_size);
2541 2546 return (info->err = 0);
2542 2547 } else if (scferr != SCF_ERROR_NOT_FOUND) {
2543 2548 startd_free(fmri, fmri_sz);
2544 2549 startd_free(pg_name, max_scf_name_size);
2545 2550 return (info->err = ECONNABORTED);
2546 2551 }
2547 2552
2548 2553 log_error(LOG_INFO,
2549 2554 "Dependency \"%s\" of %s is missing a \"%s\" property.\n",
2550 2555 pg_name, info->v->gv_name, SCF_PROPERTY_ENTITIES);
2551 2556
2552 2557 startd_free(fmri, fmri_sz);
2553 2558 startd_free(pg_name, max_scf_name_size);
2554 2559
2555 2560 return (info->err = EINVAL);
2556 2561 }
2557 2562
2558 2563 /* Create depgroup vertex for pg */
2559 2564 err = graph_insert_vertex_unconfigured(fmri, GVT_GROUP, deptype,
2560 2565 rerr, &depgrp);
2561 2566 assert(err == 0);
2562 2567 startd_free(fmri, fmri_sz);
2563 2568
2564 2569 /* Add dependency from inst vertex to new vertex */
2565 2570 err = graph_insert_dependency(info->v, depgrp, info->pathp);
2566 2571 /* ELOOP can't happen because this should be a new vertex */
2567 2572 assert(err == 0);
2568 2573
2569 2574 linfo.v = depgrp;
2570 2575 linfo.type = depgroup_read_scheme(h, pg);
2571 2576 linfo.inst_fmri = info->v->gv_name;
2572 2577 linfo.pg_name = pg_name;
2573 2578 linfo.h = h;
2574 2579 linfo.err = 0;
2575 2580 linfo.pathp = info->pathp;
2576 2581 err = walk_property_astrings(prop, (callback_t)process_dependency_fmri,
2577 2582 &linfo);
2578 2583
2579 2584 scf_property_destroy(prop);
2580 2585 startd_free(pg_name, max_scf_name_size);
2581 2586
2582 2587 switch (err) {
2583 2588 case 0:
2584 2589 case EINTR:
2585 2590 return (info->err = linfo.err);
2586 2591
2587 2592 case ECONNABORTED:
2588 2593 case EINVAL:
2589 2594 return (info->err = err);
2590 2595
2591 2596 case ECANCELED:
2592 2597 return (info->err = 0);
2593 2598
2594 2599 case ECONNRESET:
2595 2600 return (info->err = ECONNABORTED);
2596 2601
2597 2602 default:
2598 2603 bad_error("walk_property_astrings", err);
2599 2604 /* NOTREACHED */
2600 2605 }
2601 2606 }
2602 2607
2603 2608 /*
2604 2609 * Build the dependency info for v from the repository. Returns 0 on success,
2605 2610 * ECONNABORTED on repository disconnection, EINVAL if the repository
2606 2611 * configuration is invalid, and ELOOP if a dependency would cause a cycle.
2607 2612 * In the last case, *pathp will point to a -1-terminated array of ids which
2608 2613 * constitute the rest of the dependency cycle.
2609 2614 */
2610 2615 static int
2611 2616 set_dependencies(graph_vertex_t *v, scf_instance_t *inst, int **pathp)
2612 2617 {
2613 2618 struct deppg_info info;
2614 2619 int err;
2615 2620 uint_t old_configured;
2616 2621
2617 2622 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2618 2623
2619 2624 /*
2620 2625 * Mark the vertex as configured during dependency insertion to avoid
2621 2626 * dependency cycles (which can appear in the graph if one of the
2622 2627 * vertices is an exclusion-group).
2623 2628 */
2624 2629 old_configured = v->gv_flags & GV_CONFIGURED;
2625 2630 v->gv_flags |= GV_CONFIGURED;
2626 2631
2627 2632 info.err = 0;
2628 2633 info.v = v;
2629 2634 info.pathp = pathp;
2630 2635
2631 2636 err = walk_dependency_pgs(inst, (callback_t)process_dependency_pg,
2632 2637 &info);
2633 2638
2634 2639 if (!old_configured)
2635 2640 v->gv_flags &= ~GV_CONFIGURED;
2636 2641
2637 2642 switch (err) {
2638 2643 case 0:
2639 2644 case EINTR:
2640 2645 return (info.err);
2641 2646
2642 2647 case ECONNABORTED:
2643 2648 return (ECONNABORTED);
2644 2649
2645 2650 case ECANCELED:
2646 2651 /* Should get delete event, so return 0. */
2647 2652 return (0);
2648 2653
2649 2654 default:
2650 2655 bad_error("walk_dependency_pgs", err);
2651 2656 /* NOTREACHED */
2652 2657 }
2653 2658 }
2654 2659
2655 2660
2656 2661 static void
2657 2662 handle_cycle(const char *fmri, int *path)
2658 2663 {
2659 2664 const char *cp;
2660 2665 size_t sz;
2661 2666
2662 2667 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2663 2668
2664 2669 path_to_str(path, (char **)&cp, &sz);
2665 2670
2666 2671 log_error(LOG_ERR, "Transitioning %s to maintenance "
2667 2672 "because it completes a dependency cycle (see svcs -xv for "
2668 2673 "details):\n%s", fmri ? fmri : "?", cp);
2669 2674
2670 2675 startd_free((void *)cp, sz);
2671 2676 }
2672 2677
2673 2678 /*
2674 2679 * Increment the vertex's reference count to prevent the vertex removal
2675 2680 * from the dgraph.
2676 2681 */
2677 2682 static void
2678 2683 vertex_ref(graph_vertex_t *v)
2679 2684 {
2680 2685 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2681 2686
2682 2687 v->gv_refs++;
2683 2688 }
2684 2689
2685 2690 /*
2686 2691 * Decrement the vertex's reference count and remove the vertex from
2687 2692 * the dgraph when possible.
2688 2693 *
2689 2694 * Return VERTEX_REMOVED when the vertex has been removed otherwise
2690 2695 * return VERTEX_INUSE.
2691 2696 */
2692 2697 static int
2693 2698 vertex_unref(graph_vertex_t *v)
2694 2699 {
2695 2700 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2696 2701 assert(v->gv_refs > 0);
2697 2702
2698 2703 v->gv_refs--;
2699 2704
2700 2705 return (free_if_unrefed(v));
2701 2706 }
2702 2707
2703 2708 /*
2704 2709 * When run on the dependencies of a vertex, populates list with
2705 2710 * graph_edge_t's which point to the service vertices or the instance
2706 2711 * vertices (no GVT_GROUP nodes) on which the vertex depends.
2707 2712 *
2708 2713 * Increment the vertex's reference count once the vertex is inserted
2709 2714 * in the list. The vertex won't be able to be deleted from the dgraph
2710 2715 * while it is referenced.
2711 2716 */
2712 2717 static int
2713 2718 append_svcs_or_insts(graph_edge_t *e, uu_list_t *list)
2714 2719 {
2715 2720 graph_vertex_t *v = e->ge_vertex;
2716 2721 graph_edge_t *new;
2717 2722 int r;
2718 2723
2719 2724 switch (v->gv_type) {
2720 2725 case GVT_INST:
2721 2726 case GVT_SVC:
2722 2727 break;
2723 2728
2724 2729 case GVT_GROUP:
2725 2730 r = uu_list_walk(v->gv_dependencies,
2726 2731 (uu_walk_fn_t *)append_svcs_or_insts, list, 0);
2727 2732 assert(r == 0);
2728 2733 return (UU_WALK_NEXT);
2729 2734
2730 2735 case GVT_FILE:
2731 2736 return (UU_WALK_NEXT);
2732 2737
2733 2738 default:
2734 2739 #ifndef NDEBUG
2735 2740 uu_warn("%s:%d: Unexpected vertex type %d.\n", __FILE__,
2736 2741 __LINE__, v->gv_type);
2737 2742 #endif
2738 2743 abort();
2739 2744 }
2740 2745
2741 2746 new = startd_alloc(sizeof (*new));
2742 2747 new->ge_vertex = v;
2743 2748 uu_list_node_init(new, &new->ge_link, graph_edge_pool);
2744 2749 r = uu_list_insert_before(list, NULL, new);
2745 2750 assert(r == 0);
2746 2751
2747 2752 /*
2748 2753 * Because we are inserting the vertex in a list, we don't want
2749 2754 * the vertex to be freed while the list is in use. In order to
2750 2755 * achieve that, increment the vertex's reference count.
2751 2756 */
2752 2757 vertex_ref(v);
2753 2758
2754 2759 return (UU_WALK_NEXT);
2755 2760 }
2756 2761
2757 2762 static boolean_t
2758 2763 should_be_in_subgraph(graph_vertex_t *v)
2759 2764 {
2760 2765 graph_edge_t *e;
2761 2766
2762 2767 if (v == milestone)
2763 2768 return (B_TRUE);
2764 2769
2765 2770 /*
2766 2771 * v is in the subgraph if any of its dependents are in the subgraph.
2767 2772 * Except for EXCLUDE_ALL dependents. And OPTIONAL dependents only
2768 2773 * count if we're enabled.
2769 2774 */
2770 2775 for (e = uu_list_first(v->gv_dependents);
2771 2776 e != NULL;
2772 2777 e = uu_list_next(v->gv_dependents, e)) {
2773 2778 graph_vertex_t *dv = e->ge_vertex;
2774 2779
2775 2780 if (!(dv->gv_flags & GV_INSUBGRAPH))
2776 2781 continue;
2777 2782
2778 2783 /*
2779 2784 * Don't include instances that are optional and disabled.
2780 2785 */
2781 2786 if (v->gv_type == GVT_INST && dv->gv_type == GVT_SVC) {
2782 2787
2783 2788 int in = 0;
2784 2789 graph_edge_t *ee;
2785 2790
2786 2791 for (ee = uu_list_first(dv->gv_dependents);
2787 2792 ee != NULL;
2788 2793 ee = uu_list_next(dv->gv_dependents, ee)) {
2789 2794
2790 2795 graph_vertex_t *ddv = e->ge_vertex;
2791 2796
2792 2797 if (ddv->gv_type == GVT_GROUP &&
2793 2798 ddv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2794 2799 continue;
2795 2800
2796 2801 if (ddv->gv_type == GVT_GROUP &&
2797 2802 ddv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2798 2803 !(v->gv_flags & GV_ENBLD_NOOVR))
2799 2804 continue;
2800 2805
2801 2806 in = 1;
2802 2807 }
2803 2808 if (!in)
2804 2809 continue;
2805 2810 }
2806 2811 if (v->gv_type == GVT_INST &&
2807 2812 dv->gv_type == GVT_GROUP &&
2808 2813 dv->gv_depgroup == DEPGRP_OPTIONAL_ALL &&
2809 2814 !(v->gv_flags & GV_ENBLD_NOOVR))
2810 2815 continue;
2811 2816
2812 2817 /* Don't include excluded services and instances */
2813 2818 if (dv->gv_type == GVT_GROUP &&
2814 2819 dv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
2815 2820 continue;
2816 2821
2817 2822 return (B_TRUE);
2818 2823 }
2819 2824
2820 2825 return (B_FALSE);
2821 2826 }
2822 2827
2823 2828 /*
2824 2829 * Ensures that GV_INSUBGRAPH is set properly for v and its descendents. If
2825 2830 * any bits change, manipulate the repository appropriately. Returns 0 or
2826 2831 * ECONNABORTED.
2827 2832 */
2828 2833 static int
2829 2834 eval_subgraph(graph_vertex_t *v, scf_handle_t *h)
2830 2835 {
2831 2836 boolean_t old = (v->gv_flags & GV_INSUBGRAPH) != 0;
2832 2837 boolean_t new;
2833 2838 graph_edge_t *e;
2834 2839 scf_instance_t *inst;
2835 2840 int ret = 0, r;
2836 2841
2837 2842 assert(milestone != NULL && milestone != MILESTONE_NONE);
2838 2843
2839 2844 new = should_be_in_subgraph(v);
2840 2845
2841 2846 if (new == old)
2842 2847 return (0);
2843 2848
2844 2849 log_framework(LOG_DEBUG, new ? "Adding %s to the subgraph.\n" :
2845 2850 "Removing %s from the subgraph.\n", v->gv_name);
2846 2851
2847 2852 v->gv_flags = (v->gv_flags & ~GV_INSUBGRAPH) |
2848 2853 (new ? GV_INSUBGRAPH : 0);
2849 2854
2850 2855 if (v->gv_type == GVT_INST && (v->gv_flags & GV_CONFIGURED)) {
2851 2856 int err;
2852 2857
2853 2858 get_inst:
2854 2859 err = libscf_fmri_get_instance(h, v->gv_name, &inst);
2855 2860 if (err != 0) {
2856 2861 switch (err) {
2857 2862 case ECONNABORTED:
2858 2863 libscf_handle_rebind(h);
2859 2864 ret = ECONNABORTED;
2860 2865 goto get_inst;
2861 2866
2862 2867 case ENOENT:
2863 2868 break;
2864 2869
2865 2870 case EINVAL:
2866 2871 case ENOTSUP:
2867 2872 default:
2868 2873 bad_error("libscf_fmri_get_instance", err);
2869 2874 }
2870 2875 } else {
2871 2876 const char *f;
2872 2877
2873 2878 if (new) {
2874 2879 err = libscf_delete_enable_ovr(inst);
2875 2880 f = "libscf_delete_enable_ovr";
2876 2881 } else {
2877 2882 err = libscf_set_enable_ovr(inst, 0);
2878 2883 f = "libscf_set_enable_ovr";
2879 2884 }
2880 2885 scf_instance_destroy(inst);
2881 2886 switch (err) {
2882 2887 case 0:
2883 2888 case ECANCELED:
2884 2889 break;
2885 2890
2886 2891 case ECONNABORTED:
2887 2892 libscf_handle_rebind(h);
2888 2893 /*
2889 2894 * We must continue so the graph is updated,
2890 2895 * but we must return ECONNABORTED so any
2891 2896 * libscf state held by any callers is reset.
2892 2897 */
2893 2898 ret = ECONNABORTED;
2894 2899 goto get_inst;
2895 2900
2896 2901 case EROFS:
2897 2902 case EPERM:
2898 2903 log_error(LOG_WARNING,
2899 2904 "Could not set %s/%s for %s: %s.\n",
2900 2905 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
2901 2906 v->gv_name, strerror(err));
2902 2907 break;
2903 2908
2904 2909 default:
2905 2910 bad_error(f, err);
2906 2911 }
2907 2912 }
2908 2913 }
2909 2914
2910 2915 for (e = uu_list_first(v->gv_dependencies);
2911 2916 e != NULL;
2912 2917 e = uu_list_next(v->gv_dependencies, e)) {
2913 2918 r = eval_subgraph(e->ge_vertex, h);
2914 2919 if (r != 0) {
2915 2920 assert(r == ECONNABORTED);
2916 2921 ret = ECONNABORTED;
2917 2922 }
2918 2923 }
2919 2924
2920 2925 return (ret);
2921 2926 }
2922 2927
2923 2928 /*
2924 2929 * Delete the (property group) dependencies of v & create new ones based on
2925 2930 * inst. If doing so would create a cycle, log a message and put the instance
2926 2931 * into maintenance. Update GV_INSUBGRAPH flags as necessary. Returns 0 or
2927 2932 * ECONNABORTED.
2928 2933 */
2929 2934 int
2930 2935 refresh_vertex(graph_vertex_t *v, scf_instance_t *inst)
2931 2936 {
2932 2937 int err;
2933 2938 int *path;
2934 2939 char *fmri;
2935 2940 int r;
2936 2941 scf_handle_t *h = scf_instance_handle(inst);
2937 2942 uu_list_t *old_deps;
2938 2943 int ret = 0;
2939 2944 graph_edge_t *e;
2940 2945 graph_vertex_t *vv;
2941 2946
2942 2947 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
2943 2948 assert(v->gv_type == GVT_INST);
2944 2949
2945 2950 log_framework(LOG_DEBUG, "Graph engine: Refreshing %s.\n", v->gv_name);
2946 2951
2947 2952 if (milestone > MILESTONE_NONE) {
2948 2953 /*
2949 2954 * In case some of v's dependencies are being deleted we must
2950 2955 * make a list of them now for GV_INSUBGRAPH-flag evaluation
2951 2956 * after the new dependencies are in place.
2952 2957 */
2953 2958 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
2954 2959
2955 2960 err = uu_list_walk(v->gv_dependencies,
2956 2961 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
2957 2962 assert(err == 0);
2958 2963 }
2959 2964
2960 2965 delete_instance_dependencies(v, B_FALSE);
2961 2966
2962 2967 err = set_dependencies(v, inst, &path);
2963 2968 switch (err) {
2964 2969 case 0:
2965 2970 break;
2966 2971
2967 2972 case ECONNABORTED:
2968 2973 ret = err;
2969 2974 goto out;
2970 2975
2971 2976 case EINVAL:
2972 2977 case ELOOP:
2973 2978 r = libscf_instance_get_fmri(inst, &fmri);
2974 2979 switch (r) {
2975 2980 case 0:
2976 2981 break;
2977 2982
2978 2983 case ECONNABORTED:
2979 2984 ret = ECONNABORTED;
2980 2985 goto out;
2981 2986
2982 2987 case ECANCELED:
2983 2988 ret = 0;
2984 2989 goto out;
2985 2990
2986 2991 default:
2987 2992 bad_error("libscf_instance_get_fmri", r);
2988 2993 }
2989 2994
2990 2995 if (err == EINVAL) {
2991 2996 log_error(LOG_ERR, "Transitioning %s "
2992 2997 "to maintenance due to misconfiguration.\n",
2993 2998 fmri ? fmri : "?");
2994 2999 vertex_send_event(v,
2995 3000 RESTARTER_EVENT_TYPE_INVALID_DEPENDENCY);
2996 3001 } else {
2997 3002 handle_cycle(fmri, path);
2998 3003 vertex_send_event(v,
2999 3004 RESTARTER_EVENT_TYPE_DEPENDENCY_CYCLE);
3000 3005 }
3001 3006 startd_free(fmri, max_scf_fmri_size);
3002 3007 ret = 0;
3003 3008 goto out;
3004 3009
3005 3010 default:
3006 3011 bad_error("set_dependencies", err);
3007 3012 }
3008 3013
3009 3014 if (milestone > MILESTONE_NONE) {
3010 3015 boolean_t aborted = B_FALSE;
3011 3016
3012 3017 for (e = uu_list_first(old_deps);
3013 3018 e != NULL;
3014 3019 e = uu_list_next(old_deps, e)) {
3015 3020 vv = e->ge_vertex;
3016 3021
3017 3022 if (vertex_unref(vv) == VERTEX_INUSE &&
3018 3023 eval_subgraph(vv, h) == ECONNABORTED)
3019 3024 aborted = B_TRUE;
3020 3025 }
3021 3026
3022 3027 for (e = uu_list_first(v->gv_dependencies);
3023 3028 e != NULL;
3024 3029 e = uu_list_next(v->gv_dependencies, e)) {
3025 3030 if (eval_subgraph(e->ge_vertex, h) ==
3026 3031 ECONNABORTED)
3027 3032 aborted = B_TRUE;
3028 3033 }
3029 3034
3030 3035 if (aborted) {
3031 3036 ret = ECONNABORTED;
3032 3037 goto out;
3033 3038 }
3034 3039 }
3035 3040
3036 3041 graph_start_if_satisfied(v);
3037 3042
3038 3043 ret = 0;
3039 3044
3040 3045 out:
3041 3046 if (milestone > MILESTONE_NONE) {
3042 3047 void *cookie = NULL;
3043 3048
3044 3049 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL)
3045 3050 startd_free(e, sizeof (*e));
3046 3051
3047 3052 uu_list_destroy(old_deps);
3048 3053 }
3049 3054
3050 3055 return (ret);
3051 3056 }
3052 3057
3053 3058 /*
3054 3059 * Set up v according to inst. That is, make sure it depends on its
3055 3060 * restarter and set up its dependencies. Send the ADD_INSTANCE command to
3056 3061 * the restarter, and send ENABLE or DISABLE as appropriate.
3057 3062 *
3058 3063 * Returns 0 on success, ECONNABORTED on repository disconnection, or
3059 3064 * ECANCELED if inst is deleted.
3060 3065 */
3061 3066 static int
3062 3067 configure_vertex(graph_vertex_t *v, scf_instance_t *inst)
3063 3068 {
3064 3069 scf_handle_t *h;
3065 3070 scf_propertygroup_t *pg;
3066 3071 scf_snapshot_t *snap;
3067 3072 char *restarter_fmri = startd_alloc(max_scf_value_size);
3068 3073 int enabled, enabled_ovr;
3069 3074 int err;
3070 3075 int *path;
3071 3076 int deathrow;
3072 3077
3073 3078 restarter_fmri[0] = '\0';
3074 3079
3075 3080 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
3076 3081 assert(v->gv_type == GVT_INST);
3077 3082 assert((v->gv_flags & GV_CONFIGURED) == 0);
3078 3083
3079 3084 /* GV_INSUBGRAPH should already be set properly. */
3080 3085 assert(should_be_in_subgraph(v) ==
3081 3086 ((v->gv_flags & GV_INSUBGRAPH) != 0));
3082 3087
3083 3088 /*
3084 3089 * If the instance fmri is in the deathrow list then set the
3085 3090 * GV_DEATHROW flag on the vertex and create and set to true the
3086 3091 * SCF_PROPERTY_DEATHROW boolean property in the non-persistent
3087 3092 * repository for this instance fmri.
3088 3093 */
3089 3094 if ((v->gv_flags & GV_DEATHROW) ||
3090 3095 (is_fmri_in_deathrow(v->gv_name) == B_TRUE)) {
3091 3096 if ((v->gv_flags & GV_DEATHROW) == 0) {
3092 3097 /*
3093 3098 * Set flag GV_DEATHROW, create and set to true
3094 3099 * the SCF_PROPERTY_DEATHROW property in the
3095 3100 * non-persistent repository for this instance fmri.
3096 3101 */
3097 3102 v->gv_flags |= GV_DEATHROW;
3098 3103
3099 3104 switch (err = libscf_set_deathrow(inst, 1)) {
3100 3105 case 0:
3101 3106 break;
3102 3107
3103 3108 case ECONNABORTED:
3104 3109 case ECANCELED:
3105 3110 startd_free(restarter_fmri, max_scf_value_size);
3106 3111 return (err);
3107 3112
3108 3113 case EROFS:
3109 3114 log_error(LOG_WARNING, "Could not set %s/%s "
3110 3115 "for deathrow %s: %s.\n",
3111 3116 SCF_PG_DEATHROW, SCF_PROPERTY_DEATHROW,
3112 3117 v->gv_name, strerror(err));
3113 3118 break;
3114 3119
3115 3120 case EPERM:
3116 3121 uu_die("Permission denied.\n");
3117 3122 /* NOTREACHED */
3118 3123
3119 3124 default:
3120 3125 bad_error("libscf_set_deathrow", err);
3121 3126 }
3122 3127 log_framework(LOG_DEBUG, "Deathrow, graph set %s.\n",
3123 3128 v->gv_name);
3124 3129 }
3125 3130 startd_free(restarter_fmri, max_scf_value_size);
3126 3131 return (0);
3127 3132 }
3128 3133
3129 3134 h = scf_instance_handle(inst);
3130 3135
3131 3136 /*
3132 3137 * Using a temporary deathrow boolean property, set through
3133 3138 * libscf_set_deathrow(), only for fmris on deathrow, is necessary
3134 3139 * because deathrow_fini() may already have been called, and in case
3135 3140 * of a refresh, GV_DEATHROW may need to be set again.
3136 3141 * libscf_get_deathrow() sets deathrow to 1 only if this instance
3137 3142 * has a temporary boolean property named 'deathrow' valued true
3138 3143 * in a property group 'deathrow', -1 or 0 in all other cases.
3139 3144 */
3140 3145 err = libscf_get_deathrow(h, inst, &deathrow);
3141 3146 switch (err) {
3142 3147 case 0:
3143 3148 break;
3144 3149
3145 3150 case ECONNABORTED:
3146 3151 case ECANCELED:
3147 3152 startd_free(restarter_fmri, max_scf_value_size);
3148 3153 return (err);
3149 3154
3150 3155 default:
3151 3156 bad_error("libscf_get_deathrow", err);
3152 3157 }
3153 3158
3154 3159 if (deathrow == 1) {
3155 3160 v->gv_flags |= GV_DEATHROW;
3156 3161 startd_free(restarter_fmri, max_scf_value_size);
3157 3162 return (0);
3158 3163 }
3159 3164
3160 3165 log_framework(LOG_DEBUG, "Graph adding %s.\n", v->gv_name);
3161 3166
3162 3167 /*
3163 3168 * If the instance does not have a restarter property group,
3164 3169 * initialize its state to uninitialized/none, in case the restarter
3165 3170 * is not enabled.
3166 3171 */
3167 3172 pg = safe_scf_pg_create(h);
3168 3173
3169 3174 if (scf_instance_get_pg(inst, SCF_PG_RESTARTER, pg) != 0) {
3170 3175 instance_data_t idata;
3171 3176 uint_t count = 0, msecs = ALLOC_DELAY;
3172 3177
3173 3178 switch (scf_error()) {
3174 3179 case SCF_ERROR_NOT_FOUND:
3175 3180 break;
3176 3181
3177 3182 case SCF_ERROR_CONNECTION_BROKEN:
3178 3183 default:
3179 3184 scf_pg_destroy(pg);
3180 3185 return (ECONNABORTED);
3181 3186
3182 3187 case SCF_ERROR_DELETED:
3183 3188 scf_pg_destroy(pg);
3184 3189 return (ECANCELED);
3185 3190
3186 3191 case SCF_ERROR_NOT_SET:
3187 3192 bad_error("scf_instance_get_pg", scf_error());
3188 3193 }
3189 3194
3190 3195 switch (err = libscf_instance_get_fmri(inst,
3191 3196 (char **)&idata.i_fmri)) {
3192 3197 case 0:
3193 3198 break;
3194 3199
3195 3200 case ECONNABORTED:
3196 3201 case ECANCELED:
3197 3202 scf_pg_destroy(pg);
3198 3203 return (err);
3199 3204
3200 3205 default:
3201 3206 bad_error("libscf_instance_get_fmri", err);
3202 3207 }
3203 3208
3204 3209 idata.i_state = RESTARTER_STATE_NONE;
3205 3210 idata.i_next_state = RESTARTER_STATE_NONE;
3206 3211
3207 3212 init_state:
3208 3213 switch (err = _restarter_commit_states(h, &idata,
3209 3214 RESTARTER_STATE_UNINIT, RESTARTER_STATE_NONE, NULL)) {
3210 3215 case 0:
3211 3216 break;
3212 3217
3213 3218 case ENOMEM:
3214 3219 ++count;
3215 3220 if (count < ALLOC_RETRY) {
3216 3221 (void) poll(NULL, 0, msecs);
3217 3222 msecs *= ALLOC_DELAY_MULT;
3218 3223 goto init_state;
3219 3224 }
3220 3225
3221 3226 uu_die("Insufficient memory.\n");
3222 3227 /* NOTREACHED */
3223 3228
3224 3229 case ECONNABORTED:
3225 3230 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3226 3231 scf_pg_destroy(pg);
3227 3232 return (ECONNABORTED);
3228 3233
3229 3234 case ENOENT:
3230 3235 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3231 3236 scf_pg_destroy(pg);
3232 3237 return (ECANCELED);
3233 3238
3234 3239 case EPERM:
3235 3240 case EACCES:
3236 3241 case EROFS:
3237 3242 log_error(LOG_NOTICE, "Could not initialize state for "
3238 3243 "%s: %s.\n", idata.i_fmri, strerror(err));
3239 3244 break;
3240 3245
3241 3246 case EINVAL:
3242 3247 default:
3243 3248 bad_error("_restarter_commit_states", err);
3244 3249 }
3245 3250
3246 3251 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3247 3252 }
3248 3253
3249 3254 scf_pg_destroy(pg);
3250 3255
3251 3256 if (milestone != NULL) {
3252 3257 /*
3253 3258 * Make sure the enable-override is set properly before we
3254 3259 * read whether we should be enabled.
3255 3260 */
3256 3261 if (milestone == MILESTONE_NONE ||
3257 3262 !(v->gv_flags & GV_INSUBGRAPH)) {
3258 3263 /*
3259 3264 * This might seem unjustified after the milestone
3260 3265 * transition has completed (non_subgraph_svcs == 0),
3261 3266 * but it's important because when we boot to
3262 3267 * a milestone, we set the milestone before populating
3263 3268 * the graph, and all of the new non-subgraph services
3264 3269 * need to be disabled here.
3265 3270 */
3266 3271 switch (err = libscf_set_enable_ovr(inst, 0)) {
3267 3272 case 0:
3268 3273 break;
3269 3274
3270 3275 case ECONNABORTED:
3271 3276 case ECANCELED:
3272 3277 return (err);
3273 3278
3274 3279 case EROFS:
3275 3280 log_error(LOG_WARNING,
3276 3281 "Could not set %s/%s for %s: %s.\n",
3277 3282 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
3278 3283 v->gv_name, strerror(err));
3279 3284 break;
3280 3285
3281 3286 case EPERM:
3282 3287 uu_die("Permission denied.\n");
3283 3288 /* NOTREACHED */
3284 3289
3285 3290 default:
3286 3291 bad_error("libscf_set_enable_ovr", err);
3287 3292 }
3288 3293 } else {
3289 3294 assert(v->gv_flags & GV_INSUBGRAPH);
3290 3295 switch (err = libscf_delete_enable_ovr(inst)) {
3291 3296 case 0:
3292 3297 break;
3293 3298
3294 3299 case ECONNABORTED:
3295 3300 case ECANCELED:
3296 3301 return (err);
3297 3302
3298 3303 case EPERM:
3299 3304 uu_die("Permission denied.\n");
3300 3305 /* NOTREACHED */
3301 3306
3302 3307 default:
3303 3308 bad_error("libscf_delete_enable_ovr", err);
3304 3309 }
3305 3310 }
3306 3311 }
3307 3312
3308 3313 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
3309 3314 &enabled_ovr, &restarter_fmri);
3310 3315 switch (err) {
3311 3316 case 0:
3312 3317 break;
3313 3318
3314 3319 case ECONNABORTED:
3315 3320 case ECANCELED:
3316 3321 startd_free(restarter_fmri, max_scf_value_size);
3317 3322 return (err);
3318 3323
3319 3324 case ENOENT:
3320 3325 log_framework(LOG_DEBUG,
3321 3326 "Ignoring %s because it has no general property group.\n",
3322 3327 v->gv_name);
3323 3328 startd_free(restarter_fmri, max_scf_value_size);
3324 3329 return (0);
3325 3330
3326 3331 default:
3327 3332 bad_error("libscf_get_basic_instance_data", err);
3328 3333 }
3329 3334
3330 3335 if (enabled == -1) {
3331 3336 startd_free(restarter_fmri, max_scf_value_size);
3332 3337 return (0);
3333 3338 }
3334 3339
3335 3340 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
3336 3341 (enabled ? GV_ENBLD_NOOVR : 0);
3337 3342
3338 3343 if (enabled_ovr != -1)
3339 3344 enabled = enabled_ovr;
3340 3345
3341 3346 v->gv_state = RESTARTER_STATE_UNINIT;
3342 3347
3343 3348 snap = libscf_get_or_make_running_snapshot(inst, v->gv_name, B_TRUE);
3344 3349 scf_snapshot_destroy(snap);
3345 3350
3346 3351 /* Set up the restarter. (Sends _ADD_INSTANCE on success.) */
3347 3352 err = graph_change_restarter(v, restarter_fmri, h, &path);
3348 3353 if (err != 0) {
3349 3354 instance_data_t idata;
3350 3355 uint_t count = 0, msecs = ALLOC_DELAY;
3351 3356 const char *reason;
3352 3357
3353 3358 if (err == ECONNABORTED) {
3354 3359 startd_free(restarter_fmri, max_scf_value_size);
3355 3360 return (err);
3356 3361 }
3357 3362
3358 3363 assert(err == EINVAL || err == ELOOP);
3359 3364
3360 3365 if (err == EINVAL) {
3361 3366 log_framework(LOG_ERR, emsg_invalid_restarter,
3362 3367 v->gv_name);
3363 3368 reason = "invalid_restarter";
3364 3369 } else {
3365 3370 handle_cycle(v->gv_name, path);
3366 3371 reason = "dependency_cycle";
3367 3372 }
3368 3373
3369 3374 startd_free(restarter_fmri, max_scf_value_size);
3370 3375
3371 3376 /*
3372 3377 * We didn't register the instance with the restarter, so we
3373 3378 * must set maintenance mode ourselves.
3374 3379 */
3375 3380 err = libscf_instance_get_fmri(inst, (char **)&idata.i_fmri);
3376 3381 if (err != 0) {
3377 3382 assert(err == ECONNABORTED || err == ECANCELED);
3378 3383 return (err);
3379 3384 }
3380 3385
3381 3386 idata.i_state = RESTARTER_STATE_NONE;
3382 3387 idata.i_next_state = RESTARTER_STATE_NONE;
3383 3388
3384 3389 set_maint:
3385 3390 switch (err = _restarter_commit_states(h, &idata,
3386 3391 RESTARTER_STATE_MAINT, RESTARTER_STATE_NONE, reason)) {
3387 3392 case 0:
3388 3393 break;
3389 3394
3390 3395 case ENOMEM:
3391 3396 ++count;
3392 3397 if (count < ALLOC_RETRY) {
3393 3398 (void) poll(NULL, 0, msecs);
3394 3399 msecs *= ALLOC_DELAY_MULT;
3395 3400 goto set_maint;
3396 3401 }
3397 3402
3398 3403 uu_die("Insufficient memory.\n");
3399 3404 /* NOTREACHED */
3400 3405
3401 3406 case ECONNABORTED:
3402 3407 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3403 3408 return (ECONNABORTED);
3404 3409
3405 3410 case ENOENT:
3406 3411 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3407 3412 return (ECANCELED);
3408 3413
3409 3414 case EPERM:
3410 3415 case EACCES:
3411 3416 case EROFS:
3412 3417 log_error(LOG_NOTICE, "Could not initialize state for "
3413 3418 "%s: %s.\n", idata.i_fmri, strerror(err));
3414 3419 break;
3415 3420
3416 3421 case EINVAL:
3417 3422 default:
3418 3423 bad_error("_restarter_commit_states", err);
3419 3424 }
3420 3425
3421 3426 startd_free((void *)idata.i_fmri, max_scf_fmri_size);
3422 3427
3423 3428 v->gv_state = RESTARTER_STATE_MAINT;
3424 3429
3425 3430 goto out;
3426 3431 }
3427 3432 startd_free(restarter_fmri, max_scf_value_size);
3428 3433
3429 3434 /* Add all the other dependencies. */
3430 3435 err = refresh_vertex(v, inst);
3431 3436 if (err != 0) {
3432 3437 assert(err == ECONNABORTED);
3433 3438 return (err);
|
↓ open down ↓ |
3243 lines elided |
↑ open up ↑ |
3434 3439 }
3435 3440
3436 3441 out:
3437 3442 v->gv_flags |= GV_CONFIGURED;
3438 3443
3439 3444 graph_enable_by_vertex(v, enabled, 0);
3440 3445
3441 3446 return (0);
3442 3447 }
3443 3448
3449 +
3444 3450 static void
3451 +kill_user_procs(void)
3452 +{
3453 + (void) fputs("svc.startd: Killing user processes.\n", stdout);
3454 +
3455 + /*
3456 + * Despite its name, killall's role is to get select user processes--
3457 + * basically those representing terminal-based logins-- to die. Victims
3458 + * are located by killall in the utmp database. Since these are most
3459 + * often shell based logins, and many shells mask SIGTERM (but are
3460 + * responsive to SIGHUP) we first HUP and then shortly thereafter
3461 + * kill -9.
3462 + */
3463 + (void) fork_with_timeout("/usr/sbin/killall HUP", 1, 5);
3464 + (void) fork_with_timeout("/usr/sbin/killall KILL", 1, 5);
3465 +
3466 + /*
3467 + * Note the selection of user id's 0, 1 and 15, subsequently
3468 + * inverted by -v. 15 is reserved for dladmd. Yes, this is a
3469 + * kludge-- a better policy is needed.
3470 + *
3471 + * Note that fork_with_timeout will only wait out the 1 second
3472 + * "grace time" if pkill actually returns 0. So if there are
3473 + * no matches, this will run to completion much more quickly.
3474 + */
3475 + (void) fork_with_timeout("/usr/bin/pkill -TERM -v -u 0,1,15", 1, 5);
3476 + (void) fork_with_timeout("/usr/bin/pkill -KILL -v -u 0,1,15", 1, 5);
3477 +}
3478 +
3479 +static void
3445 3480 do_uadmin(void)
3446 3481 {
3447 - int fd, left;
3482 + int fd;
3448 3483 struct statvfs vfs;
3484 + time_t now;
3485 + struct tm nowtm;
3486 + char down_buf[256], time_buf[256];
3449 3487
3450 3488 const char * const resetting = "/etc/svc/volatile/resetting";
3451 3489
3452 3490 fd = creat(resetting, 0777);
3453 3491 if (fd >= 0)
3454 3492 startd_close(fd);
3455 3493 else
3456 3494 uu_warn("Could not create \"%s\"", resetting);
3457 3495
3458 3496 /* Kill dhcpagent if we're not using nfs for root */
3459 3497 if ((statvfs("/", &vfs) == 0) &&
3460 3498 (strncmp(vfs.f_basetype, "nfs", sizeof ("nfs") - 1) != 0))
3461 - (void) system("/usr/bin/pkill -x -u 0 dhcpagent");
3499 + fork_with_timeout("/usr/bin/pkill -x -u 0 dhcpagent", 0, 5);
3462 3500
3463 - (void) system("/usr/sbin/killall");
3464 - left = 5;
3465 - while (left > 0)
3466 - left = sleep(left);
3501 + /*
3502 + * Call sync(2) now, before we kill off user processes. This takes
3503 + * advantage of the several seconds of pause we have before the
3504 + * killalls are done. Time we can make good use of to get pages
3505 + * moving out to disk.
3506 + *
3507 + * Inside non-global zones, we don't bother, and it's better not to
3508 + * anyway, since sync(2) can have system-wide impact.
3509 + */
3510 + if (getzoneid() == 0)
3511 + sync();
3467 3512
3468 - (void) system("/usr/sbin/killall 9");
3469 - left = 10;
3470 - while (left > 0)
3471 - left = sleep(left);
3513 + kill_user_procs();
3472 3514
3473 - sync();
3474 - sync();
3475 - sync();
3515 + /*
3516 + * Note that this must come after the killing of user procs, since
3517 + * killall relies on utmpx, and this command affects the contents of
3518 + * said file.
3519 + */
3520 + if (access("/usr/lib/acct/closewtmp", X_OK) == 0)
3521 + fork_with_timeout("/usr/lib/acct/closewtmp", 0, 5);
3476 3522
3477 - (void) system("/sbin/umountall -l");
3478 - (void) system("/sbin/umount /tmp >/dev/null 2>&1");
3479 - (void) system("/sbin/umount /var/adm >/dev/null 2>&1");
3480 - (void) system("/sbin/umount /var/run >/dev/null 2>&1");
3481 - (void) system("/sbin/umount /var >/dev/null 2>&1");
3482 - (void) system("/sbin/umount /usr >/dev/null 2>&1");
3523 + /*
3524 + * For patches which may be installed as the system is shutting
3525 + * down, we need to ensure, one more time, that the boot archive
3526 + * really is up to date.
3527 + */
3528 + if (getzoneid() == 0 && access("/usr/sbin/bootadm", X_OK) == 0)
3529 + fork_with_timeout("/usr/sbin/bootadm -ea update_all", 0, 3600);
3483 3530
3484 - uu_warn("The system is down.\n");
3531 + fork_with_timeout("/sbin/umountall -l", 0, 5);
3532 + fork_with_timeout("/sbin/umount /tmp /var/adm /var/run /var "
3533 + ">/dev/null 2>&1", 0, 5);
3485 3534
3535 + /*
3536 + * Try to get to consistency for whatever UFS filesystems are left.
3537 + * This is pretty expensive, so we save it for the end in the hopes of
3538 + * minimizing what it must do. The other option would be to start in
3539 + * parallel with the killall's, but lockfs tends to throw out much more
3540 + * than is needed, and so subsequent commands (like umountall) take a
3541 + * long time to get going again.
3542 + *
3543 + * Inside of zones, we don't bother, since we're not about to terminate
3544 + * the whole OS instance.
3545 + *
3546 + * On systems using only ZFS, this call to lockfs -fa is a no-op.
3547 + */
3548 + if (getzoneid() == 0) {
3549 + if (access("/usr/sbin/lockfs", X_OK) == 0)
3550 + fork_with_timeout("/usr/sbin/lockfs -fa", 0, 30);
3551 +
3552 + sync(); /* once more, with feeling */
3553 + }
3554 +
3555 + fork_with_timeout("/sbin/umount /usr >/dev/null 2>&1", 0, 5);
3556 +
3557 + /*
3558 + * Construct and emit the last words from userland:
3559 + * "<timestamp> The system is down. Shutdown took <N> seconds."
3560 + *
3561 + * Normally we'd use syslog, but with /var and other things
3562 + * potentially gone, try to minimize the external dependencies.
3563 + */
3564 + now = time(NULL);
3565 + (void) localtime_r(&now, &nowtm);
3566 +
3567 + if (strftime(down_buf, sizeof (down_buf),
3568 + "%b %e %T The system is down.", &nowtm) == 0) {
3569 + (void) strlcpy(down_buf, "The system is down.",
3570 + sizeof (down_buf));
3571 + }
3572 +
3573 + if (halting_time != 0 && halting_time <= now) {
3574 + (void) snprintf(time_buf, sizeof (time_buf),
3575 + " Shutdown took %lu seconds.", now - halting_time);
3576 + } else {
3577 + time_buf[0] = '\0';
3578 + }
3579 + (void) printf("%s%s\n", down_buf, time_buf);
3580 +
3486 3581 (void) uadmin(A_SHUTDOWN, halting, NULL);
3487 3582 uu_warn("uadmin() failed");
3488 3583
3489 3584 if (remove(resetting) != 0 && errno != ENOENT)
3490 3585 uu_warn("Could not remove \"%s\"", resetting);
3491 3586 }
3492 3587
3493 3588 /*
3494 3589 * If any of the up_svcs[] are online or satisfiable, return true. If they are
3495 3590 * all missing, disabled, in maintenance, or unsatisfiable, return false.
3496 3591 */
3497 3592 boolean_t
3498 3593 can_come_up(void)
3499 3594 {
3500 3595 int i;
3501 3596
3502 3597 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
3503 3598
3504 3599 /*
3505 3600 * If we are booting to single user (boot -s),
3506 3601 * SCF_MILESTONE_SINGLE_USER is needed to come up because startd
3507 3602 * spawns sulogin after single-user is online (see specials.c).
3508 3603 */
3509 3604 i = (booting_to_single_user ? 0 : 1);
3510 3605
3511 3606 for (; up_svcs[i] != NULL; ++i) {
3512 3607 if (up_svcs_p[i] == NULL) {
3513 3608 up_svcs_p[i] = vertex_get_by_name(up_svcs[i]);
3514 3609
3515 3610 if (up_svcs_p[i] == NULL)
3516 3611 continue;
3517 3612 }
3518 3613
3519 3614 /*
3520 3615 * Ignore unconfigured services (the ones that have been
3521 3616 * mentioned in a dependency from other services, but do
3522 3617 * not exist in the repository). Services which exist
3523 3618 * in the repository but don't have general/enabled
3524 3619 * property will be also ignored.
3525 3620 */
3526 3621 if (!(up_svcs_p[i]->gv_flags & GV_CONFIGURED))
3527 3622 continue;
3528 3623
3529 3624 switch (up_svcs_p[i]->gv_state) {
3530 3625 case RESTARTER_STATE_ONLINE:
3531 3626 case RESTARTER_STATE_DEGRADED:
3532 3627 /*
3533 3628 * Deactivate verbose boot once a login service has been
3534 3629 * reached.
3535 3630 */
3536 3631 st->st_log_login_reached = 1;
3537 3632 /*FALLTHROUGH*/
3538 3633 case RESTARTER_STATE_UNINIT:
3539 3634 return (B_TRUE);
3540 3635
3541 3636 case RESTARTER_STATE_OFFLINE:
3542 3637 if (instance_satisfied(up_svcs_p[i], B_TRUE) != -1)
3543 3638 return (B_TRUE);
3544 3639 log_framework(LOG_DEBUG,
3545 3640 "can_come_up(): %s is unsatisfiable.\n",
3546 3641 up_svcs_p[i]->gv_name);
3547 3642 continue;
3548 3643
3549 3644 case RESTARTER_STATE_DISABLED:
3550 3645 case RESTARTER_STATE_MAINT:
3551 3646 log_framework(LOG_DEBUG,
3552 3647 "can_come_up(): %s is in state %s.\n",
3553 3648 up_svcs_p[i]->gv_name,
3554 3649 instance_state_str[up_svcs_p[i]->gv_state]);
3555 3650 continue;
3556 3651
3557 3652 default:
3558 3653 #ifndef NDEBUG
3559 3654 uu_warn("%s:%d: Unexpected vertex state %d.\n",
3560 3655 __FILE__, __LINE__, up_svcs_p[i]->gv_state);
3561 3656 #endif
3562 3657 abort();
3563 3658 }
3564 3659 }
3565 3660
3566 3661 /*
3567 3662 * In the seed repository, console-login is unsatisfiable because
3568 3663 * services are missing. To behave correctly in that case we don't want
3569 3664 * to return false until manifest-import is online.
3570 3665 */
3571 3666
3572 3667 if (manifest_import_p == NULL) {
3573 3668 manifest_import_p = vertex_get_by_name(manifest_import);
3574 3669
3575 3670 if (manifest_import_p == NULL)
3576 3671 return (B_FALSE);
3577 3672 }
3578 3673
3579 3674 switch (manifest_import_p->gv_state) {
3580 3675 case RESTARTER_STATE_ONLINE:
3581 3676 case RESTARTER_STATE_DEGRADED:
3582 3677 case RESTARTER_STATE_DISABLED:
3583 3678 case RESTARTER_STATE_MAINT:
3584 3679 break;
3585 3680
3586 3681 case RESTARTER_STATE_OFFLINE:
3587 3682 if (instance_satisfied(manifest_import_p, B_TRUE) == -1)
3588 3683 break;
3589 3684 /* FALLTHROUGH */
3590 3685
3591 3686 case RESTARTER_STATE_UNINIT:
3592 3687 return (B_TRUE);
3593 3688 }
3594 3689
3595 3690 return (B_FALSE);
3596 3691 }
3597 3692
3598 3693 /*
3599 3694 * Runs sulogin. Returns
3600 3695 * 0 - success
3601 3696 * EALREADY - sulogin is already running
3602 3697 * EBUSY - console-login is running
3603 3698 */
3604 3699 static int
3605 3700 run_sulogin(const char *msg)
3606 3701 {
3607 3702 graph_vertex_t *v;
3608 3703
3609 3704 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
3610 3705
3611 3706 if (sulogin_running)
3612 3707 return (EALREADY);
3613 3708
3614 3709 v = vertex_get_by_name(console_login_fmri);
3615 3710 if (v != NULL && inst_running(v))
3616 3711 return (EBUSY);
3617 3712
3618 3713 sulogin_running = B_TRUE;
3619 3714
3620 3715 MUTEX_UNLOCK(&dgraph_lock);
3621 3716
3622 3717 fork_sulogin(B_FALSE, msg);
3623 3718
3624 3719 MUTEX_LOCK(&dgraph_lock);
3625 3720
3626 3721 sulogin_running = B_FALSE;
3627 3722
3628 3723 if (console_login_ready) {
3629 3724 v = vertex_get_by_name(console_login_fmri);
3630 3725
3631 3726 if (v != NULL && v->gv_state == RESTARTER_STATE_OFFLINE &&
3632 3727 !inst_running(v)) {
3633 3728 if (v->gv_start_f == NULL)
3634 3729 vertex_send_event(v,
3635 3730 RESTARTER_EVENT_TYPE_START);
3636 3731 else
3637 3732 v->gv_start_f(v);
3638 3733 }
3639 3734
3640 3735 console_login_ready = B_FALSE;
3641 3736 }
3642 3737
3643 3738 return (0);
3644 3739 }
3645 3740
3646 3741 /*
3647 3742 * The sulogin thread runs sulogin while can_come_up() is false. run_sulogin()
3648 3743 * keeps sulogin from stepping on console-login's toes.
3649 3744 */
3650 3745 /* ARGSUSED */
3651 3746 static void *
3652 3747 sulogin_thread(void *unused)
3653 3748 {
3654 3749 MUTEX_LOCK(&dgraph_lock);
3655 3750
3656 3751 assert(sulogin_thread_running);
3657 3752
3658 3753 do {
3659 3754 (void) run_sulogin("Console login service(s) cannot run\n");
3660 3755 } while (!can_come_up());
3661 3756
3662 3757 sulogin_thread_running = B_FALSE;
3663 3758 MUTEX_UNLOCK(&dgraph_lock);
3664 3759
3665 3760 return (NULL);
3666 3761 }
3667 3762
3668 3763 /* ARGSUSED */
3669 3764 void *
3670 3765 single_user_thread(void *unused)
3671 3766 {
3672 3767 uint_t left;
3673 3768 scf_handle_t *h;
|
↓ open down ↓ |
178 lines elided |
↑ open up ↑ |
3674 3769 scf_instance_t *inst;
3675 3770 scf_property_t *prop;
3676 3771 scf_value_t *val;
3677 3772 const char *msg;
3678 3773 char *buf;
3679 3774 int r;
3680 3775
3681 3776 MUTEX_LOCK(&single_user_thread_lock);
3682 3777 single_user_thread_count++;
3683 3778
3684 - if (!booting_to_single_user) {
3685 - /*
3686 - * From rcS.sh: Look for ttymon, in.telnetd, in.rlogind and
3687 - * processes in their process groups so they can be terminated.
3688 - */
3689 - (void) fputs("svc.startd: Killing user processes: ", stdout);
3690 - (void) system("/usr/sbin/killall");
3691 - (void) system("/usr/sbin/killall 9");
3692 - (void) system("/usr/bin/pkill -TERM -v -u 0,1");
3779 + if (!booting_to_single_user)
3780 + kill_user_procs();
3693 3781
3694 - left = 5;
3695 - while (left > 0)
3696 - left = sleep(left);
3697 -
3698 - (void) system("/usr/bin/pkill -KILL -v -u 0,1");
3699 - (void) puts("done.");
3700 - }
3701 -
3702 3782 if (go_single_user_mode || booting_to_single_user) {
3703 3783 msg = "SINGLE USER MODE\n";
3704 3784 } else {
3705 3785 assert(go_to_level1);
3706 3786
3707 3787 fork_rc_script('1', "start", B_TRUE);
3708 3788
3709 3789 uu_warn("The system is ready for administration.\n");
3710 3790
3711 3791 msg = "";
3712 3792 }
3713 3793
3714 3794 MUTEX_UNLOCK(&single_user_thread_lock);
3715 3795
3716 3796 for (;;) {
3717 3797 MUTEX_LOCK(&dgraph_lock);
3718 3798 r = run_sulogin(msg);
3719 3799 MUTEX_UNLOCK(&dgraph_lock);
3720 3800 if (r == 0)
3721 3801 break;
3722 3802
3723 3803 assert(r == EALREADY || r == EBUSY);
3724 3804
3725 3805 left = 3;
3726 3806 while (left > 0)
3727 3807 left = sleep(left);
3728 3808 }
3729 3809
3730 3810 MUTEX_LOCK(&single_user_thread_lock);
3731 3811
3732 3812 /*
3733 3813 * If another single user thread has started, let it finish changing
3734 3814 * the run level.
3735 3815 */
3736 3816 if (single_user_thread_count > 1) {
3737 3817 single_user_thread_count--;
3738 3818 MUTEX_UNLOCK(&single_user_thread_lock);
3739 3819 return (NULL);
3740 3820 }
3741 3821
3742 3822 h = libscf_handle_create_bound_loop();
3743 3823 inst = scf_instance_create(h);
3744 3824 prop = safe_scf_property_create(h);
3745 3825 val = safe_scf_value_create(h);
3746 3826 buf = startd_alloc(max_scf_fmri_size);
3747 3827
3748 3828 lookup:
3749 3829 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
3750 3830 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
3751 3831 switch (scf_error()) {
3752 3832 case SCF_ERROR_NOT_FOUND:
3753 3833 r = libscf_create_self(h);
3754 3834 if (r == 0)
3755 3835 goto lookup;
3756 3836 assert(r == ECONNABORTED);
3757 3837 /* FALLTHROUGH */
3758 3838
3759 3839 case SCF_ERROR_CONNECTION_BROKEN:
3760 3840 libscf_handle_rebind(h);
3761 3841 goto lookup;
3762 3842
3763 3843 case SCF_ERROR_INVALID_ARGUMENT:
3764 3844 case SCF_ERROR_CONSTRAINT_VIOLATED:
3765 3845 case SCF_ERROR_NOT_BOUND:
3766 3846 case SCF_ERROR_HANDLE_MISMATCH:
3767 3847 default:
3768 3848 bad_error("scf_handle_decode_fmri", scf_error());
3769 3849 }
3770 3850 }
3771 3851
3772 3852 MUTEX_LOCK(&dgraph_lock);
3773 3853
3774 3854 r = scf_instance_delete_prop(inst, SCF_PG_OPTIONS_OVR,
3775 3855 SCF_PROPERTY_MILESTONE);
3776 3856 switch (r) {
3777 3857 case 0:
3778 3858 case ECANCELED:
3779 3859 break;
3780 3860
3781 3861 case ECONNABORTED:
3782 3862 MUTEX_UNLOCK(&dgraph_lock);
3783 3863 libscf_handle_rebind(h);
3784 3864 goto lookup;
3785 3865
3786 3866 case EPERM:
3787 3867 case EACCES:
3788 3868 case EROFS:
3789 3869 log_error(LOG_WARNING, "Could not clear temporary milestone: "
3790 3870 "%s.\n", strerror(r));
3791 3871 break;
3792 3872
3793 3873 default:
3794 3874 bad_error("scf_instance_delete_prop", r);
3795 3875 }
3796 3876
3797 3877 MUTEX_UNLOCK(&dgraph_lock);
3798 3878
3799 3879 r = libscf_get_milestone(inst, prop, val, buf, max_scf_fmri_size);
3800 3880 switch (r) {
3801 3881 case ECANCELED:
3802 3882 case ENOENT:
3803 3883 case EINVAL:
3804 3884 (void) strcpy(buf, "all");
3805 3885 /* FALLTHROUGH */
3806 3886
3807 3887 case 0:
3808 3888 uu_warn("Returning to milestone %s.\n", buf);
3809 3889 break;
3810 3890
3811 3891 case ECONNABORTED:
3812 3892 libscf_handle_rebind(h);
3813 3893 goto lookup;
3814 3894
3815 3895 default:
3816 3896 bad_error("libscf_get_milestone", r);
3817 3897 }
3818 3898
3819 3899 r = dgraph_set_milestone(buf, h, B_FALSE);
3820 3900 switch (r) {
3821 3901 case 0:
3822 3902 case ECONNRESET:
3823 3903 case EALREADY:
3824 3904 case EINVAL:
3825 3905 case ENOENT:
3826 3906 break;
3827 3907
3828 3908 default:
3829 3909 bad_error("dgraph_set_milestone", r);
3830 3910 }
3831 3911
3832 3912 /*
3833 3913 * See graph_runlevel_changed().
3834 3914 */
3835 3915 MUTEX_LOCK(&dgraph_lock);
3836 3916 utmpx_set_runlevel(target_milestone_as_runlevel(), 'S', B_TRUE);
3837 3917 MUTEX_UNLOCK(&dgraph_lock);
3838 3918
3839 3919 startd_free(buf, max_scf_fmri_size);
3840 3920 scf_value_destroy(val);
3841 3921 scf_property_destroy(prop);
3842 3922 scf_instance_destroy(inst);
3843 3923 scf_handle_destroy(h);
3844 3924
3845 3925 /*
3846 3926 * We'll give ourselves 3 seconds to respond to all of the enablings
3847 3927 * that setting the milestone should have created before checking
3848 3928 * whether to run sulogin.
3849 3929 */
3850 3930 left = 3;
3851 3931 while (left > 0)
3852 3932 left = sleep(left);
3853 3933
3854 3934 MUTEX_LOCK(&dgraph_lock);
3855 3935 /*
3856 3936 * Clearing these variables will allow the sulogin thread to run. We
3857 3937 * check here in case there aren't any more state updates anytime soon.
3858 3938 */
3859 3939 go_to_level1 = go_single_user_mode = booting_to_single_user = B_FALSE;
3860 3940 if (!sulogin_thread_running && !can_come_up()) {
3861 3941 (void) startd_thread_create(sulogin_thread, NULL);
3862 3942 sulogin_thread_running = B_TRUE;
3863 3943 }
3864 3944 MUTEX_UNLOCK(&dgraph_lock);
3865 3945 single_user_thread_count--;
3866 3946 MUTEX_UNLOCK(&single_user_thread_lock);
3867 3947 return (NULL);
3868 3948 }
3869 3949
3870 3950
3871 3951 /*
3872 3952 * Dependency graph operations API. These are handle-independent thread-safe
3873 3953 * graph manipulation functions which are the entry points for the event
3874 3954 * threads below.
3875 3955 */
3876 3956
3877 3957 /*
3878 3958 * If a configured vertex exists for inst_fmri, return EEXIST. If no vertex
3879 3959 * exists for inst_fmri, add one. Then fetch the restarter from inst, make
3880 3960 * this vertex dependent on it, and send _ADD_INSTANCE to the restarter.
3881 3961 * Fetch whether the instance should be enabled from inst and send _ENABLE or
3882 3962 * _DISABLE as appropriate. Finally rummage through inst's dependency
3883 3963 * property groups and add vertices and edges as appropriate. If anything
3884 3964 * goes wrong after sending _ADD_INSTANCE, send _ADMIN_MAINT_ON to put the
3885 3965 * instance in maintenance. Don't send _START or _STOP until we get a state
3886 3966 * update in case we're being restarted and the service is already running.
3887 3967 *
3888 3968 * To support booting to a milestone, we must also make sure all dependencies
3889 3969 * encountered are configured, if they exist in the repository.
3890 3970 *
3891 3971 * Returns 0 on success, ECONNABORTED on repository disconnection, EINVAL if
3892 3972 * inst_fmri is an invalid (or not canonical) FMRI, ECANCELED if inst is
3893 3973 * deleted, or EEXIST if a configured vertex for inst_fmri already exists.
3894 3974 */
3895 3975 int
3896 3976 dgraph_add_instance(const char *inst_fmri, scf_instance_t *inst,
3897 3977 boolean_t lock_graph)
3898 3978 {
3899 3979 graph_vertex_t *v;
3900 3980 int err;
3901 3981
3902 3982 if (strcmp(inst_fmri, SCF_SERVICE_STARTD) == 0)
3903 3983 return (0);
3904 3984
3905 3985 /* Check for a vertex for inst_fmri. */
3906 3986 if (lock_graph) {
3907 3987 MUTEX_LOCK(&dgraph_lock);
3908 3988 } else {
3909 3989 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
3910 3990 }
3911 3991
3912 3992 v = vertex_get_by_name(inst_fmri);
3913 3993
3914 3994 if (v != NULL) {
3915 3995 assert(v->gv_type == GVT_INST);
3916 3996
3917 3997 if (v->gv_flags & GV_CONFIGURED) {
3918 3998 if (lock_graph)
3919 3999 MUTEX_UNLOCK(&dgraph_lock);
3920 4000 return (EEXIST);
3921 4001 }
3922 4002 } else {
3923 4003 /* Add the vertex. */
3924 4004 err = graph_insert_vertex_unconfigured(inst_fmri, GVT_INST, 0,
3925 4005 RERR_NONE, &v);
3926 4006 if (err != 0) {
3927 4007 assert(err == EINVAL);
3928 4008 if (lock_graph)
3929 4009 MUTEX_UNLOCK(&dgraph_lock);
3930 4010 return (EINVAL);
3931 4011 }
3932 4012 }
3933 4013
3934 4014 err = configure_vertex(v, inst);
3935 4015
3936 4016 if (lock_graph)
3937 4017 MUTEX_UNLOCK(&dgraph_lock);
3938 4018
3939 4019 return (err);
3940 4020 }
3941 4021
3942 4022 /*
3943 4023 * Locate the vertex for this property group's instance. If it doesn't exist
3944 4024 * or is unconfigured, call dgraph_add_instance() & return. Otherwise fetch
3945 4025 * the restarter for the instance, and if it has changed, send
3946 4026 * _REMOVE_INSTANCE to the old restarter, remove the dependency, make sure the
3947 4027 * new restarter has a vertex, add a new dependency, and send _ADD_INSTANCE to
3948 4028 * the new restarter. Then fetch whether the instance should be enabled, and
3949 4029 * if it is different from what we had, or if we changed the restarter, send
3950 4030 * the appropriate _ENABLE or _DISABLE command.
3951 4031 *
3952 4032 * Returns 0 on success, ENOTSUP if the pg's parent is not an instance,
3953 4033 * ECONNABORTED on repository disconnection, ECANCELED if the instance is
3954 4034 * deleted, or -1 if the instance's general property group is deleted or if
3955 4035 * its enabled property is misconfigured.
3956 4036 */
3957 4037 static int
3958 4038 dgraph_update_general(scf_propertygroup_t *pg)
3959 4039 {
3960 4040 scf_handle_t *h;
3961 4041 scf_instance_t *inst;
3962 4042 char *fmri;
3963 4043 char *restarter_fmri;
3964 4044 graph_vertex_t *v;
3965 4045 int err;
3966 4046 int enabled, enabled_ovr;
3967 4047 int oldflags;
3968 4048
3969 4049 /* Find the vertex for this service */
3970 4050 h = scf_pg_handle(pg);
3971 4051
3972 4052 inst = safe_scf_instance_create(h);
3973 4053
3974 4054 if (scf_pg_get_parent_instance(pg, inst) != 0) {
3975 4055 switch (scf_error()) {
3976 4056 case SCF_ERROR_CONSTRAINT_VIOLATED:
3977 4057 return (ENOTSUP);
3978 4058
3979 4059 case SCF_ERROR_CONNECTION_BROKEN:
3980 4060 default:
3981 4061 return (ECONNABORTED);
3982 4062
3983 4063 case SCF_ERROR_DELETED:
3984 4064 return (0);
3985 4065
3986 4066 case SCF_ERROR_NOT_SET:
3987 4067 bad_error("scf_pg_get_parent_instance", scf_error());
3988 4068 }
3989 4069 }
3990 4070
3991 4071 err = libscf_instance_get_fmri(inst, &fmri);
3992 4072 switch (err) {
3993 4073 case 0:
3994 4074 break;
3995 4075
3996 4076 case ECONNABORTED:
3997 4077 scf_instance_destroy(inst);
3998 4078 return (ECONNABORTED);
3999 4079
4000 4080 case ECANCELED:
4001 4081 scf_instance_destroy(inst);
4002 4082 return (0);
4003 4083
4004 4084 default:
4005 4085 bad_error("libscf_instance_get_fmri", err);
4006 4086 }
4007 4087
4008 4088 log_framework(LOG_DEBUG,
4009 4089 "Graph engine: Reloading general properties for %s.\n", fmri);
4010 4090
4011 4091 MUTEX_LOCK(&dgraph_lock);
4012 4092
4013 4093 v = vertex_get_by_name(fmri);
4014 4094 if (v == NULL || !(v->gv_flags & GV_CONFIGURED)) {
4015 4095 /* Will get the up-to-date properties. */
4016 4096 MUTEX_UNLOCK(&dgraph_lock);
4017 4097 err = dgraph_add_instance(fmri, inst, B_TRUE);
4018 4098 startd_free(fmri, max_scf_fmri_size);
4019 4099 scf_instance_destroy(inst);
4020 4100 return (err == ECANCELED ? 0 : err);
4021 4101 }
4022 4102
4023 4103 /* Read enabled & restarter from repository. */
4024 4104 restarter_fmri = startd_alloc(max_scf_value_size);
4025 4105 err = libscf_get_basic_instance_data(h, inst, v->gv_name, &enabled,
4026 4106 &enabled_ovr, &restarter_fmri);
4027 4107 if (err != 0 || enabled == -1) {
4028 4108 MUTEX_UNLOCK(&dgraph_lock);
4029 4109 scf_instance_destroy(inst);
4030 4110 startd_free(fmri, max_scf_fmri_size);
4031 4111
4032 4112 switch (err) {
4033 4113 case ENOENT:
4034 4114 case 0:
4035 4115 startd_free(restarter_fmri, max_scf_value_size);
4036 4116 return (-1);
4037 4117
4038 4118 case ECONNABORTED:
4039 4119 case ECANCELED:
4040 4120 startd_free(restarter_fmri, max_scf_value_size);
4041 4121 return (err);
4042 4122
4043 4123 default:
4044 4124 bad_error("libscf_get_basic_instance_data", err);
4045 4125 }
4046 4126 }
4047 4127
4048 4128 oldflags = v->gv_flags;
4049 4129 v->gv_flags = (v->gv_flags & ~GV_ENBLD_NOOVR) |
4050 4130 (enabled ? GV_ENBLD_NOOVR : 0);
4051 4131
4052 4132 if (enabled_ovr != -1)
4053 4133 enabled = enabled_ovr;
4054 4134
4055 4135 /*
4056 4136 * If GV_ENBLD_NOOVR has changed, then we need to re-evaluate the
4057 4137 * subgraph.
4058 4138 */
4059 4139 if (milestone > MILESTONE_NONE && v->gv_flags != oldflags)
4060 4140 (void) eval_subgraph(v, h);
4061 4141
4062 4142 scf_instance_destroy(inst);
4063 4143
4064 4144 /* Ignore restarter change for now. */
4065 4145
4066 4146 startd_free(restarter_fmri, max_scf_value_size);
4067 4147 startd_free(fmri, max_scf_fmri_size);
4068 4148
4069 4149 /*
4070 4150 * Always send _ENABLE or _DISABLE. We could avoid this if the
4071 4151 * restarter didn't change and the enabled value didn't change, but
4072 4152 * that's not easy to check and improbable anyway, so we'll just do
4073 4153 * this.
4074 4154 */
4075 4155 graph_enable_by_vertex(v, enabled, 1);
4076 4156
4077 4157 MUTEX_UNLOCK(&dgraph_lock);
4078 4158
4079 4159 return (0);
4080 4160 }
4081 4161
4082 4162 /*
4083 4163 * Delete all of the property group dependencies of v, update inst's running
4084 4164 * snapshot, and add the dependencies in the new snapshot. If any of the new
4085 4165 * dependencies would create a cycle, send _ADMIN_MAINT_ON. Otherwise
4086 4166 * reevaluate v's dependencies, send _START or _STOP as appropriate, and do
4087 4167 * the same for v's dependents.
4088 4168 *
4089 4169 * Returns
4090 4170 * 0 - success
4091 4171 * ECONNABORTED - repository connection broken
4092 4172 * ECANCELED - inst was deleted
4093 4173 * EINVAL - inst is invalid (e.g., missing general/enabled)
4094 4174 * -1 - libscf_snapshots_refresh() failed
4095 4175 */
4096 4176 static int
4097 4177 dgraph_refresh_instance(graph_vertex_t *v, scf_instance_t *inst)
4098 4178 {
4099 4179 int r;
4100 4180 int enabled;
4101 4181
4102 4182 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4103 4183 assert(v->gv_type == GVT_INST);
4104 4184
4105 4185 /* Only refresh services with valid general/enabled properties. */
4106 4186 r = libscf_get_basic_instance_data(scf_instance_handle(inst), inst,
4107 4187 v->gv_name, &enabled, NULL, NULL);
4108 4188 switch (r) {
4109 4189 case 0:
4110 4190 break;
4111 4191
4112 4192 case ECONNABORTED:
4113 4193 case ECANCELED:
4114 4194 return (r);
4115 4195
4116 4196 case ENOENT:
4117 4197 log_framework(LOG_DEBUG,
4118 4198 "Ignoring %s because it has no general property group.\n",
4119 4199 v->gv_name);
4120 4200 return (EINVAL);
4121 4201
4122 4202 default:
4123 4203 bad_error("libscf_get_basic_instance_data", r);
4124 4204 }
4125 4205
4126 4206 if (enabled == -1)
4127 4207 return (EINVAL);
4128 4208
4129 4209 r = libscf_snapshots_refresh(inst, v->gv_name);
4130 4210 if (r != 0) {
4131 4211 if (r != -1)
4132 4212 bad_error("libscf_snapshots_refresh", r);
4133 4213
4134 4214 /* error logged */
4135 4215 return (r);
4136 4216 }
4137 4217
4138 4218 r = refresh_vertex(v, inst);
4139 4219 if (r != 0 && r != ECONNABORTED)
4140 4220 bad_error("refresh_vertex", r);
4141 4221 return (r);
4142 4222 }
4143 4223
4144 4224 /*
4145 4225 * Returns true only if none of this service's dependents are 'up' -- online
4146 4226 * or degraded (offline is considered down in this situation). This function
4147 4227 * is somehow similar to is_nonsubgraph_leaf() but works on subtrees.
4148 4228 */
4149 4229 static boolean_t
4150 4230 insubtree_dependents_down(graph_vertex_t *v)
4151 4231 {
4152 4232 graph_vertex_t *vv;
4153 4233 graph_edge_t *e;
4154 4234
4155 4235 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4156 4236
4157 4237 for (e = uu_list_first(v->gv_dependents); e != NULL;
4158 4238 e = uu_list_next(v->gv_dependents, e)) {
4159 4239 vv = e->ge_vertex;
4160 4240 if (vv->gv_type == GVT_INST) {
4161 4241 if ((vv->gv_flags & GV_CONFIGURED) == 0)
4162 4242 continue;
4163 4243
4164 4244 if ((vv->gv_flags & GV_TOOFFLINE) == 0)
4165 4245 continue;
4166 4246
4167 4247 if ((vv->gv_state == RESTARTER_STATE_ONLINE) ||
4168 4248 (vv->gv_state == RESTARTER_STATE_DEGRADED))
4169 4249 return (B_FALSE);
4170 4250 } else {
4171 4251 /*
4172 4252 * For dependency groups or service vertices, keep
4173 4253 * traversing to see if instances are running.
4174 4254 */
4175 4255 if (insubtree_dependents_down(vv) == B_FALSE)
4176 4256 return (B_FALSE);
4177 4257 }
4178 4258 }
4179 4259
4180 4260 return (B_TRUE);
4181 4261 }
4182 4262
4183 4263 /*
4184 4264 * Returns true only if none of this service's dependents are 'up' -- online,
4185 4265 * degraded, or offline.
4186 4266 */
4187 4267 static int
4188 4268 is_nonsubgraph_leaf(graph_vertex_t *v)
4189 4269 {
4190 4270 graph_vertex_t *vv;
4191 4271 graph_edge_t *e;
4192 4272
4193 4273 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4194 4274
4195 4275 for (e = uu_list_first(v->gv_dependents);
4196 4276 e != NULL;
4197 4277 e = uu_list_next(v->gv_dependents, e)) {
4198 4278
4199 4279 vv = e->ge_vertex;
4200 4280 if (vv->gv_type == GVT_INST) {
4201 4281 if ((vv->gv_flags & GV_CONFIGURED) == 0)
4202 4282 continue;
4203 4283
4204 4284 if (vv->gv_flags & GV_INSUBGRAPH)
4205 4285 continue;
4206 4286
4207 4287 if (up_state(vv->gv_state))
4208 4288 return (0);
4209 4289 } else {
4210 4290 /*
4211 4291 * For dependency group or service vertices, keep
4212 4292 * traversing to see if instances are running.
4213 4293 *
4214 4294 * We should skip exclude_all dependencies otherwise
4215 4295 * the vertex will never be considered as a leaf
4216 4296 * if the dependent is offline. The main reason for
4217 4297 * this is that disable_nonsubgraph_leaves() skips
4218 4298 * exclusion dependencies.
4219 4299 */
4220 4300 if (vv->gv_type == GVT_GROUP &&
4221 4301 vv->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4222 4302 continue;
4223 4303
4224 4304 if (!is_nonsubgraph_leaf(vv))
4225 4305 return (0);
4226 4306 }
4227 4307 }
4228 4308
4229 4309 return (1);
4230 4310 }
4231 4311
4232 4312 /*
4233 4313 * Disable v temporarily. Attempt to do this by setting its enabled override
4234 4314 * property in the repository. If that fails, send a _DISABLE command.
4235 4315 * Returns 0 on success and ECONNABORTED if the repository connection is
4236 4316 * broken.
4237 4317 */
4238 4318 static int
4239 4319 disable_service_temporarily(graph_vertex_t *v, scf_handle_t *h)
4240 4320 {
4241 4321 const char * const emsg = "Could not temporarily disable %s because "
4242 4322 "%s. Will stop service anyways. Repository status for the "
4243 4323 "service may be inaccurate.\n";
4244 4324 const char * const emsg_cbroken =
4245 4325 "the repository connection was broken";
4246 4326
4247 4327 scf_instance_t *inst;
4248 4328 int r;
4249 4329
4250 4330 inst = scf_instance_create(h);
4251 4331 if (inst == NULL) {
4252 4332 char buf[100];
4253 4333
4254 4334 (void) snprintf(buf, sizeof (buf),
4255 4335 "scf_instance_create() failed (%s)",
4256 4336 scf_strerror(scf_error()));
4257 4337 log_error(LOG_WARNING, emsg, v->gv_name, buf);
4258 4338
4259 4339 graph_enable_by_vertex(v, 0, 0);
4260 4340 return (0);
4261 4341 }
4262 4342
4263 4343 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
4264 4344 NULL, NULL, SCF_DECODE_FMRI_EXACT);
4265 4345 if (r != 0) {
4266 4346 switch (scf_error()) {
4267 4347 case SCF_ERROR_CONNECTION_BROKEN:
4268 4348 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4269 4349 graph_enable_by_vertex(v, 0, 0);
4270 4350 return (ECONNABORTED);
4271 4351
4272 4352 case SCF_ERROR_NOT_FOUND:
4273 4353 return (0);
4274 4354
4275 4355 case SCF_ERROR_HANDLE_MISMATCH:
4276 4356 case SCF_ERROR_INVALID_ARGUMENT:
4277 4357 case SCF_ERROR_CONSTRAINT_VIOLATED:
4278 4358 case SCF_ERROR_NOT_BOUND:
4279 4359 default:
4280 4360 bad_error("scf_handle_decode_fmri",
4281 4361 scf_error());
4282 4362 }
4283 4363 }
4284 4364
4285 4365 r = libscf_set_enable_ovr(inst, 0);
4286 4366 switch (r) {
4287 4367 case 0:
4288 4368 scf_instance_destroy(inst);
4289 4369 return (0);
4290 4370
4291 4371 case ECANCELED:
4292 4372 scf_instance_destroy(inst);
4293 4373 return (0);
4294 4374
4295 4375 case ECONNABORTED:
4296 4376 log_error(LOG_WARNING, emsg, v->gv_name, emsg_cbroken);
4297 4377 graph_enable_by_vertex(v, 0, 0);
4298 4378 return (ECONNABORTED);
4299 4379
4300 4380 case EPERM:
4301 4381 log_error(LOG_WARNING, emsg, v->gv_name,
4302 4382 "the repository denied permission");
4303 4383 graph_enable_by_vertex(v, 0, 0);
4304 4384 return (0);
4305 4385
4306 4386 case EROFS:
4307 4387 log_error(LOG_WARNING, emsg, v->gv_name,
4308 4388 "the repository is read-only");
4309 4389 graph_enable_by_vertex(v, 0, 0);
4310 4390 return (0);
4311 4391
4312 4392 default:
4313 4393 bad_error("libscf_set_enable_ovr", r);
4314 4394 /* NOTREACHED */
4315 4395 }
4316 4396 }
4317 4397
4318 4398 /*
4319 4399 * Of the transitive instance dependencies of v, offline those which are
4320 4400 * in the subtree and which are leaves (i.e., have no dependents which are
4321 4401 * "up").
4322 4402 */
4323 4403 void
4324 4404 offline_subtree_leaves(graph_vertex_t *v, void *arg)
4325 4405 {
4326 4406 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4327 4407
4328 4408 /* If v isn't an instance, recurse on its dependencies. */
4329 4409 if (v->gv_type != GVT_INST) {
4330 4410 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4331 4411 return;
4332 4412 }
4333 4413
4334 4414 /*
4335 4415 * If v is not in the subtree, so should all of its dependencies,
4336 4416 * so do nothing.
4337 4417 */
4338 4418 if ((v->gv_flags & GV_TOOFFLINE) == 0)
4339 4419 return;
4340 4420
4341 4421 /* If v isn't a leaf because it's already down, recurse. */
4342 4422 if (!up_state(v->gv_state)) {
4343 4423 graph_walk_dependencies(v, offline_subtree_leaves, arg);
4344 4424 return;
4345 4425 }
4346 4426
4347 4427 /* if v is a leaf, offline it or disable it if it's the last one */
4348 4428 if (insubtree_dependents_down(v) == B_TRUE) {
4349 4429 if (v->gv_flags & GV_TODISABLE)
4350 4430 vertex_send_event(v,
4351 4431 RESTARTER_EVENT_TYPE_ADMIN_DISABLE);
4352 4432 else
4353 4433 offline_vertex(v);
4354 4434 }
4355 4435 }
4356 4436
4357 4437 void
4358 4438 graph_offline_subtree_leaves(graph_vertex_t *v, void *h)
4359 4439 {
4360 4440 graph_walk_dependencies(v, offline_subtree_leaves, (void *)h);
4361 4441 }
4362 4442
4363 4443
4364 4444 /*
4365 4445 * Of the transitive instance dependencies of v, disable those which are not
4366 4446 * in the subgraph and which are leaves (i.e., have no dependents which are
4367 4447 * "up").
4368 4448 */
4369 4449 static void
4370 4450 disable_nonsubgraph_leaves(graph_vertex_t *v, void *arg)
4371 4451 {
4372 4452 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4373 4453
4374 4454 /*
4375 4455 * We must skip exclusion dependencies because they are allowed to
4376 4456 * complete dependency cycles. This is correct because A's exclusion
4377 4457 * dependency on B doesn't bear on the order in which they should be
4378 4458 * stopped. Indeed, the exclusion dependency should guarantee that
4379 4459 * they are never online at the same time.
4380 4460 */
4381 4461 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
4382 4462 return;
4383 4463
4384 4464 /* If v isn't an instance, recurse on its dependencies. */
4385 4465 if (v->gv_type != GVT_INST)
4386 4466 goto recurse;
4387 4467
4388 4468 if ((v->gv_flags & GV_CONFIGURED) == 0)
4389 4469 /*
4390 4470 * Unconfigured instances should have no dependencies, but in
4391 4471 * case they ever get them,
4392 4472 */
4393 4473 goto recurse;
4394 4474
4395 4475 /*
4396 4476 * If v is in the subgraph, so should all of its dependencies, so do
4397 4477 * nothing.
4398 4478 */
4399 4479 if (v->gv_flags & GV_INSUBGRAPH)
4400 4480 return;
4401 4481
4402 4482 /* If v isn't a leaf because it's already down, recurse. */
4403 4483 if (!up_state(v->gv_state))
4404 4484 goto recurse;
4405 4485
4406 4486 /* If v is disabled but not down yet, be patient. */
4407 4487 if ((v->gv_flags & GV_ENABLED) == 0)
4408 4488 return;
4409 4489
4410 4490 /* If v is a leaf, disable it. */
4411 4491 if (is_nonsubgraph_leaf(v))
4412 4492 (void) disable_service_temporarily(v, (scf_handle_t *)arg);
4413 4493
4414 4494 return;
4415 4495
4416 4496 recurse:
4417 4497 graph_walk_dependencies(v, disable_nonsubgraph_leaves, arg);
4418 4498 }
4419 4499
4420 4500 /*
4421 4501 * Find the vertex for inst_name. If it doesn't exist, return ENOENT.
4422 4502 * Otherwise set its state to state. If the instance has entered a state
4423 4503 * which requires automatic action, take it (Uninitialized: do
4424 4504 * dgraph_refresh_instance() without the snapshot update. Disabled: if the
4425 4505 * instance should be enabled, send _ENABLE. Offline: if the instance should
4426 4506 * be disabled, send _DISABLE, and if its dependencies are satisfied, send
4427 4507 * _START. Online, Degraded: if the instance wasn't running, update its start
4428 4508 * snapshot. Maintenance: no action.)
4429 4509 *
4430 4510 * Also fails with ECONNABORTED, or EINVAL if state is invalid.
4431 4511 */
4432 4512 static int
4433 4513 dgraph_set_instance_state(scf_handle_t *h, const char *inst_name,
4434 4514 restarter_instance_state_t state, restarter_error_t serr)
4435 4515 {
4436 4516 graph_vertex_t *v;
4437 4517 int err = 0;
4438 4518 restarter_instance_state_t old_state;
4439 4519
4440 4520 MUTEX_LOCK(&dgraph_lock);
4441 4521
4442 4522 v = vertex_get_by_name(inst_name);
4443 4523 if (v == NULL) {
4444 4524 MUTEX_UNLOCK(&dgraph_lock);
4445 4525 return (ENOENT);
4446 4526 }
4447 4527
4448 4528 assert(v->gv_type == GVT_INST);
4449 4529
4450 4530 switch (state) {
4451 4531 case RESTARTER_STATE_UNINIT:
4452 4532 case RESTARTER_STATE_DISABLED:
4453 4533 case RESTARTER_STATE_OFFLINE:
4454 4534 case RESTARTER_STATE_ONLINE:
4455 4535 case RESTARTER_STATE_DEGRADED:
4456 4536 case RESTARTER_STATE_MAINT:
4457 4537 break;
4458 4538
4459 4539 default:
4460 4540 MUTEX_UNLOCK(&dgraph_lock);
4461 4541 return (EINVAL);
4462 4542 }
4463 4543
4464 4544 log_framework(LOG_DEBUG, "Graph noting %s %s -> %s.\n", v->gv_name,
4465 4545 instance_state_str[v->gv_state], instance_state_str[state]);
4466 4546
4467 4547 old_state = v->gv_state;
4468 4548 v->gv_state = state;
4469 4549
4470 4550 err = gt_transition(h, v, serr, old_state);
4471 4551
4472 4552 MUTEX_UNLOCK(&dgraph_lock);
4473 4553 return (err);
4474 4554 }
4475 4555
4476 4556 /*
4477 4557 * Handle state changes during milestone shutdown. See
4478 4558 * dgraph_set_milestone(). If the repository connection is broken,
4479 4559 * ECONNABORTED will be returned, though a _DISABLE command will be sent for
4480 4560 * the vertex anyway.
4481 4561 */
4482 4562 int
4483 4563 vertex_subgraph_dependencies_shutdown(scf_handle_t *h, graph_vertex_t *v,
4484 4564 restarter_instance_state_t old_state)
4485 4565 {
4486 4566 int was_up, now_up;
4487 4567 int ret = 0;
4488 4568
4489 4569 assert(v->gv_type == GVT_INST);
4490 4570
4491 4571 /* Don't care if we're not going to a milestone. */
4492 4572 if (milestone == NULL)
4493 4573 return (0);
4494 4574
4495 4575 /* Don't care if we already finished coming down. */
4496 4576 if (non_subgraph_svcs == 0)
4497 4577 return (0);
4498 4578
4499 4579 /* Don't care if the service is in the subgraph. */
4500 4580 if (v->gv_flags & GV_INSUBGRAPH)
4501 4581 return (0);
4502 4582
4503 4583 /*
4504 4584 * Update non_subgraph_svcs. It is the number of non-subgraph
4505 4585 * services which are in online, degraded, or offline.
4506 4586 */
4507 4587
4508 4588 was_up = up_state(old_state);
4509 4589 now_up = up_state(v->gv_state);
4510 4590
4511 4591 if (!was_up && now_up) {
4512 4592 ++non_subgraph_svcs;
4513 4593 } else if (was_up && !now_up) {
4514 4594 --non_subgraph_svcs;
4515 4595
4516 4596 if (non_subgraph_svcs == 0) {
4517 4597 if (halting != -1) {
4518 4598 do_uadmin();
4519 4599 } else if (go_single_user_mode || go_to_level1) {
4520 4600 (void) startd_thread_create(single_user_thread,
4521 4601 NULL);
4522 4602 }
4523 4603 return (0);
4524 4604 }
4525 4605 }
4526 4606
4527 4607 /* If this service is a leaf, it should be disabled. */
4528 4608 if ((v->gv_flags & GV_ENABLED) && is_nonsubgraph_leaf(v)) {
4529 4609 int r;
4530 4610
4531 4611 r = disable_service_temporarily(v, h);
4532 4612 switch (r) {
4533 4613 case 0:
4534 4614 break;
4535 4615
4536 4616 case ECONNABORTED:
4537 4617 ret = ECONNABORTED;
4538 4618 break;
4539 4619
4540 4620 default:
4541 4621 bad_error("disable_service_temporarily", r);
4542 4622 }
4543 4623 }
4544 4624
4545 4625 /*
4546 4626 * If the service just came down, propagate the disable to the newly
4547 4627 * exposed leaves.
4548 4628 */
4549 4629 if (was_up && !now_up)
4550 4630 graph_walk_dependencies(v, disable_nonsubgraph_leaves,
4551 4631 (void *)h);
4552 4632
4553 4633 return (ret);
4554 4634 }
4555 4635
4556 4636 /*
4557 4637 * Decide whether to start up an sulogin thread after a service is
4558 4638 * finished changing state. Only need to do the full can_come_up()
4559 4639 * evaluation if an instance is changing state, we're not halfway through
4560 4640 * loading the thread, and we aren't shutting down or going to the single
4561 4641 * user milestone.
4562 4642 */
4563 4643 void
4564 4644 graph_transition_sulogin(restarter_instance_state_t state,
4565 4645 restarter_instance_state_t old_state)
4566 4646 {
4567 4647 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4568 4648
4569 4649 if (state != old_state && st->st_load_complete &&
4570 4650 !go_single_user_mode && !go_to_level1 &&
4571 4651 halting == -1) {
4572 4652 if (!sulogin_thread_running && !can_come_up()) {
4573 4653 (void) startd_thread_create(sulogin_thread, NULL);
4574 4654 sulogin_thread_running = B_TRUE;
4575 4655 }
4576 4656 }
4577 4657 }
4578 4658
4579 4659 /*
4580 4660 * Propagate a start, stop event, or a satisfiability event.
4581 4661 *
4582 4662 * PROPAGATE_START and PROPAGATE_STOP simply propagate the transition event
4583 4663 * to direct dependents. PROPAGATE_SAT propagates a start then walks the
4584 4664 * full dependent graph to check for newly satisfied nodes. This is
4585 4665 * necessary for cases when non-direct dependents may be effected but direct
4586 4666 * dependents may not (e.g. for optional_all evaluations, see the
4587 4667 * propagate_satbility() comments).
4588 4668 *
4589 4669 * PROPAGATE_SAT should be used whenever a non-running service moves into
4590 4670 * a state which can satisfy optional dependencies, like disabled or
4591 4671 * maintenance.
4592 4672 */
4593 4673 void
4594 4674 graph_transition_propagate(graph_vertex_t *v, propagate_event_t type,
4595 4675 restarter_error_t rerr)
4596 4676 {
4597 4677 if (type == PROPAGATE_STOP) {
4598 4678 graph_walk_dependents(v, propagate_stop, (void *)rerr);
4599 4679 } else if (type == PROPAGATE_START || type == PROPAGATE_SAT) {
4600 4680 graph_walk_dependents(v, propagate_start, NULL);
4601 4681
4602 4682 if (type == PROPAGATE_SAT)
4603 4683 propagate_satbility(v);
4604 4684 } else {
4605 4685 #ifndef NDEBUG
4606 4686 uu_warn("%s:%d: Unexpected type value %d.\n", __FILE__,
4607 4687 __LINE__, type);
4608 4688 #endif
4609 4689 abort();
4610 4690 }
4611 4691 }
4612 4692
4613 4693 /*
4614 4694 * If a vertex for fmri exists and it is enabled, send _DISABLE to the
4615 4695 * restarter. If it is running, send _STOP. Send _REMOVE_INSTANCE. Delete
4616 4696 * all property group dependencies, and the dependency on the restarter,
4617 4697 * disposing of vertices as appropriate. If other vertices depend on this
4618 4698 * one, mark it unconfigured and return. Otherwise remove the vertex. Always
4619 4699 * returns 0.
4620 4700 */
4621 4701 static int
4622 4702 dgraph_remove_instance(const char *fmri, scf_handle_t *h)
4623 4703 {
4624 4704 graph_vertex_t *v;
4625 4705 graph_edge_t *e;
4626 4706 uu_list_t *old_deps;
4627 4707 int err;
4628 4708
4629 4709 log_framework(LOG_DEBUG, "Graph engine: Removing %s.\n", fmri);
4630 4710
4631 4711 MUTEX_LOCK(&dgraph_lock);
4632 4712
4633 4713 v = vertex_get_by_name(fmri);
4634 4714 if (v == NULL) {
4635 4715 MUTEX_UNLOCK(&dgraph_lock);
4636 4716 return (0);
4637 4717 }
4638 4718
4639 4719 /* Send restarter delete event. */
4640 4720 if (v->gv_flags & GV_CONFIGURED)
4641 4721 graph_unset_restarter(v);
4642 4722
4643 4723 if (milestone > MILESTONE_NONE) {
4644 4724 /*
4645 4725 * Make a list of v's current dependencies so we can
4646 4726 * reevaluate their GV_INSUBGRAPH flags after the dependencies
4647 4727 * are removed.
4648 4728 */
4649 4729 old_deps = startd_list_create(graph_edge_pool, NULL, 0);
4650 4730
4651 4731 err = uu_list_walk(v->gv_dependencies,
4652 4732 (uu_walk_fn_t *)append_svcs_or_insts, old_deps, 0);
4653 4733 assert(err == 0);
4654 4734 }
4655 4735
4656 4736 delete_instance_dependencies(v, B_TRUE);
4657 4737
4658 4738 /*
4659 4739 * Deleting an instance can both satisfy and unsatisfy dependencies,
4660 4740 * depending on their type. First propagate the stop as a RERR_RESTART
4661 4741 * event -- deletion isn't a fault, just a normal stop. This gives
4662 4742 * dependent services the chance to do a clean shutdown. Then, mark
4663 4743 * the service as unconfigured and propagate the start event for the
4664 4744 * optional_all dependencies that might have become satisfied.
4665 4745 */
4666 4746 graph_walk_dependents(v, propagate_stop, (void *)RERR_RESTART);
4667 4747
4668 4748 v->gv_flags &= ~GV_CONFIGURED;
4669 4749 v->gv_flags &= ~GV_DEATHROW;
4670 4750
4671 4751 graph_walk_dependents(v, propagate_start, NULL);
4672 4752 propagate_satbility(v);
4673 4753
4674 4754 /*
4675 4755 * If there are no (non-service) dependents, the vertex can be
4676 4756 * completely removed.
4677 4757 */
4678 4758 if (v != milestone && v->gv_refs == 0 &&
4679 4759 uu_list_numnodes(v->gv_dependents) == 1)
4680 4760 remove_inst_vertex(v);
4681 4761
4682 4762 if (milestone > MILESTONE_NONE) {
4683 4763 void *cookie = NULL;
4684 4764
4685 4765 while ((e = uu_list_teardown(old_deps, &cookie)) != NULL) {
4686 4766 v = e->ge_vertex;
4687 4767
4688 4768 if (vertex_unref(v) == VERTEX_INUSE)
4689 4769 while (eval_subgraph(v, h) == ECONNABORTED)
4690 4770 libscf_handle_rebind(h);
4691 4771
4692 4772 startd_free(e, sizeof (*e));
4693 4773 }
4694 4774
4695 4775 uu_list_destroy(old_deps);
4696 4776 }
4697 4777
4698 4778 MUTEX_UNLOCK(&dgraph_lock);
4699 4779
4700 4780 return (0);
4701 4781 }
4702 4782
4703 4783 /*
4704 4784 * Return the eventual (maybe current) milestone in the form of a
4705 4785 * legacy runlevel.
4706 4786 */
4707 4787 static char
4708 4788 target_milestone_as_runlevel()
4709 4789 {
4710 4790 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4711 4791
4712 4792 if (milestone == NULL)
4713 4793 return ('3');
4714 4794 else if (milestone == MILESTONE_NONE)
4715 4795 return ('0');
4716 4796
4717 4797 if (strcmp(milestone->gv_name, multi_user_fmri) == 0)
4718 4798 return ('2');
4719 4799 else if (strcmp(milestone->gv_name, single_user_fmri) == 0)
4720 4800 return ('S');
4721 4801 else if (strcmp(milestone->gv_name, multi_user_svr_fmri) == 0)
4722 4802 return ('3');
4723 4803
4724 4804 #ifndef NDEBUG
4725 4805 (void) fprintf(stderr, "%s:%d: Unknown milestone name \"%s\".\n",
4726 4806 __FILE__, __LINE__, milestone->gv_name);
4727 4807 #endif
4728 4808 abort();
4729 4809 /* NOTREACHED */
4730 4810 }
4731 4811
4732 4812 static struct {
4733 4813 char rl;
4734 4814 int sig;
4735 4815 } init_sigs[] = {
4736 4816 { 'S', SIGBUS },
4737 4817 { '0', SIGINT },
4738 4818 { '1', SIGQUIT },
4739 4819 { '2', SIGILL },
4740 4820 { '3', SIGTRAP },
4741 4821 { '4', SIGIOT },
4742 4822 { '5', SIGEMT },
4743 4823 { '6', SIGFPE },
4744 4824 { 0, 0 }
4745 4825 };
4746 4826
4747 4827 static void
4748 4828 signal_init(char rl)
4749 4829 {
4750 4830 pid_t init_pid;
4751 4831 int i;
4752 4832
4753 4833 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4754 4834
4755 4835 if (zone_getattr(getzoneid(), ZONE_ATTR_INITPID, &init_pid,
4756 4836 sizeof (init_pid)) != sizeof (init_pid)) {
4757 4837 log_error(LOG_NOTICE, "Could not get pid to signal init.\n");
4758 4838 return;
4759 4839 }
4760 4840
4761 4841 for (i = 0; init_sigs[i].rl != 0; ++i)
4762 4842 if (init_sigs[i].rl == rl)
4763 4843 break;
4764 4844
4765 4845 if (init_sigs[i].rl != 0) {
4766 4846 if (kill(init_pid, init_sigs[i].sig) != 0) {
4767 4847 switch (errno) {
4768 4848 case EPERM:
4769 4849 case ESRCH:
4770 4850 log_error(LOG_NOTICE, "Could not signal init: "
4771 4851 "%s.\n", strerror(errno));
4772 4852 break;
4773 4853
4774 4854 case EINVAL:
4775 4855 default:
4776 4856 bad_error("kill", errno);
4777 4857 }
4778 4858 }
4779 4859 }
4780 4860 }
4781 4861
4782 4862 /*
4783 4863 * This is called when one of the major milestones changes state, or when
4784 4864 * init is signalled and tells us it was told to change runlevel. We wait
4785 4865 * to reach the milestone because this allows /etc/inittab entries to retain
4786 4866 * some boot ordering: historically, entries could place themselves before/after
4787 4867 * the running of /sbin/rcX scripts but we can no longer make the
4788 4868 * distinction because the /sbin/rcX scripts no longer exist as punctuation
4789 4869 * marks in /etc/inittab.
4790 4870 *
4791 4871 * Also, we only trigger an update when we reach the eventual target
4792 4872 * milestone: without this, an /etc/inittab entry marked only for
4793 4873 * runlevel 2 would be executed for runlevel 3, which is not how
4794 4874 * /etc/inittab entries work.
4795 4875 *
4796 4876 * If we're single user coming online, then we set utmpx to the target
4797 4877 * runlevel so that legacy scripts can work as expected.
4798 4878 */
4799 4879 static void
4800 4880 graph_runlevel_changed(char rl, int online)
4801 4881 {
4802 4882 char trl;
4803 4883
4804 4884 assert(PTHREAD_MUTEX_HELD(&dgraph_lock));
4805 4885
4806 4886 trl = target_milestone_as_runlevel();
4807 4887
4808 4888 if (online) {
4809 4889 if (rl == trl) {
4810 4890 current_runlevel = trl;
4811 4891 signal_init(trl);
4812 4892 } else if (rl == 'S') {
4813 4893 /*
4814 4894 * At boot, set the entry early for the benefit of the
4815 4895 * legacy init scripts.
4816 4896 */
4817 4897 utmpx_set_runlevel(trl, 'S', B_FALSE);
4818 4898 }
4819 4899 } else {
4820 4900 if (rl == '3' && trl == '2') {
4821 4901 current_runlevel = trl;
4822 4902 signal_init(trl);
4823 4903 } else if (rl == '2' && trl == 'S') {
4824 4904 current_runlevel = trl;
4825 4905 signal_init(trl);
4826 4906 }
4827 4907 }
4828 4908 }
4829 4909
4830 4910 /*
4831 4911 * Move to a backwards-compatible runlevel by executing the appropriate
4832 4912 * /etc/rc?.d/K* scripts and/or setting the milestone.
4833 4913 *
4834 4914 * Returns
4835 4915 * 0 - success
4836 4916 * ECONNRESET - success, but handle was reset
4837 4917 * ECONNABORTED - repository connection broken
4838 4918 * ECANCELED - pg was deleted
4839 4919 */
4840 4920 static int
4841 4921 dgraph_set_runlevel(scf_propertygroup_t *pg, scf_property_t *prop)
4842 4922 {
4843 4923 char rl;
4844 4924 scf_handle_t *h;
4845 4925 int r;
4846 4926 const char *ms = NULL; /* what to commit as options/milestone */
4847 4927 boolean_t rebound = B_FALSE;
4848 4928 int mark_rl = 0;
4849 4929
4850 4930 const char * const stop = "stop";
4851 4931
4852 4932 r = libscf_extract_runlevel(prop, &rl);
4853 4933 switch (r) {
4854 4934 case 0:
4855 4935 break;
4856 4936
4857 4937 case ECONNABORTED:
4858 4938 case ECANCELED:
4859 4939 return (r);
4860 4940
4861 4941 case EINVAL:
4862 4942 case ENOENT:
4863 4943 log_error(LOG_WARNING, "runlevel property is misconfigured; "
4864 4944 "ignoring.\n");
4865 4945 /* delete the bad property */
4866 4946 goto nolock_out;
4867 4947
4868 4948 default:
4869 4949 bad_error("libscf_extract_runlevel", r);
4870 4950 }
4871 4951
4872 4952 switch (rl) {
4873 4953 case 's':
4874 4954 rl = 'S';
4875 4955 /* FALLTHROUGH */
4876 4956
4877 4957 case 'S':
4878 4958 case '2':
4879 4959 case '3':
4880 4960 /*
4881 4961 * These cases cause a milestone change, so
4882 4962 * graph_runlevel_changed() will eventually deal with
4883 4963 * signalling init.
4884 4964 */
4885 4965 break;
4886 4966
4887 4967 case '0':
4888 4968 case '1':
4889 4969 case '4':
4890 4970 case '5':
4891 4971 case '6':
4892 4972 mark_rl = 1;
4893 4973 break;
4894 4974
4895 4975 default:
4896 4976 log_framework(LOG_NOTICE, "Unknown runlevel '%c'.\n", rl);
4897 4977 ms = NULL;
4898 4978 goto nolock_out;
4899 4979 }
4900 4980
4901 4981 h = scf_pg_handle(pg);
4902 4982
4903 4983 MUTEX_LOCK(&dgraph_lock);
4904 4984
4905 4985 /*
4906 4986 * Since this triggers no milestone changes, force it by hand.
4907 4987 */
4908 4988 if (current_runlevel == '4' && rl == '3')
4909 4989 mark_rl = 1;
4910 4990
4911 4991 /*
4912 4992 * 1. If we are here after an "init X":
4913 4993 *
4914 4994 * init X
4915 4995 * init/lscf_set_runlevel()
4916 4996 * process_pg_event()
4917 4997 * dgraph_set_runlevel()
4918 4998 *
4919 4999 * then we haven't passed through graph_runlevel_changed() yet,
4920 5000 * therefore 'current_runlevel' has not changed for sure but 'rl' has.
4921 5001 * In consequence, if 'rl' is lower than 'current_runlevel', we change
4922 5002 * the system runlevel and execute the appropriate /etc/rc?.d/K* scripts
4923 5003 * past this test.
4924 5004 *
4925 5005 * 2. On the other hand, if we are here after a "svcadm milestone":
4926 5006 *
4927 5007 * svcadm milestone X
4928 5008 * dgraph_set_milestone()
4929 5009 * handle_graph_update_event()
4930 5010 * dgraph_set_instance_state()
4931 5011 * graph_post_X_[online|offline]()
4932 5012 * graph_runlevel_changed()
4933 5013 * signal_init()
4934 5014 * init/lscf_set_runlevel()
4935 5015 * process_pg_event()
4936 5016 * dgraph_set_runlevel()
4937 5017 *
4938 5018 * then we already passed through graph_runlevel_changed() (by the way
4939 5019 * of dgraph_set_milestone()) and 'current_runlevel' may have changed
4940 5020 * and already be equal to 'rl' so we are going to return immediately
4941 5021 * from dgraph_set_runlevel() without changing the system runlevel and
4942 5022 * without executing the /etc/rc?.d/K* scripts.
4943 5023 */
4944 5024 if (rl == current_runlevel) {
4945 5025 ms = NULL;
4946 5026 goto out;
4947 5027 }
4948 5028
4949 5029 log_framework(LOG_DEBUG, "Changing to runlevel '%c'.\n", rl);
4950 5030
4951 5031 /*
4952 5032 * Make sure stop rc scripts see the new settings via who -r.
4953 5033 */
4954 5034 utmpx_set_runlevel(rl, current_runlevel, B_TRUE);
4955 5035
4956 5036 /*
4957 5037 * Some run levels don't have a direct correspondence to any
4958 5038 * milestones, so we have to signal init directly.
4959 5039 */
4960 5040 if (mark_rl) {
4961 5041 current_runlevel = rl;
4962 5042 signal_init(rl);
4963 5043 }
4964 5044
|
↓ open down ↓ |
1253 lines elided |
↑ open up ↑ |
4965 5045 switch (rl) {
4966 5046 case 'S':
4967 5047 uu_warn("The system is coming down for administration. "
4968 5048 "Please wait.\n");
4969 5049 fork_rc_script(rl, stop, B_FALSE);
4970 5050 ms = single_user_fmri;
4971 5051 go_single_user_mode = B_TRUE;
4972 5052 break;
4973 5053
4974 5054 case '0':
5055 + halting_time = time(NULL);
4975 5056 fork_rc_script(rl, stop, B_TRUE);
4976 5057 halting = AD_HALT;
4977 5058 goto uadmin;
4978 5059
4979 5060 case '5':
5061 + halting_time = time(NULL);
4980 5062 fork_rc_script(rl, stop, B_TRUE);
4981 5063 halting = AD_POWEROFF;
4982 5064 goto uadmin;
4983 5065
4984 5066 case '6':
5067 + halting_time = time(NULL);
4985 5068 fork_rc_script(rl, stop, B_TRUE);
4986 5069 halting = AD_BOOT;
4987 5070 goto uadmin;
4988 5071
4989 5072 uadmin:
4990 5073 uu_warn("The system is coming down. Please wait.\n");
4991 5074 ms = "none";
4992 5075
4993 5076 /*
4994 5077 * We can't wait until all services are offline since this
4995 5078 * thread is responsible for taking them offline. Instead we
4996 5079 * set halting to the second argument for uadmin() and call
4997 5080 * do_uadmin() from dgraph_set_instance_state() when
4998 5081 * appropriate.
4999 5082 */
5000 5083 break;
5001 5084
5002 5085 case '1':
5003 5086 if (current_runlevel != 'S') {
5004 5087 uu_warn("Changing to state 1.\n");
5005 5088 fork_rc_script(rl, stop, B_FALSE);
5006 5089 } else {
5007 5090 uu_warn("The system is coming up for administration. "
5008 5091 "Please wait.\n");
5009 5092 }
5010 5093 ms = single_user_fmri;
5011 5094 go_to_level1 = B_TRUE;
5012 5095 break;
5013 5096
5014 5097 case '2':
5015 5098 if (current_runlevel == '3' || current_runlevel == '4')
5016 5099 fork_rc_script(rl, stop, B_FALSE);
5017 5100 ms = multi_user_fmri;
5018 5101 break;
5019 5102
5020 5103 case '3':
5021 5104 case '4':
5022 5105 ms = "all";
5023 5106 break;
5024 5107
5025 5108 default:
5026 5109 #ifndef NDEBUG
5027 5110 (void) fprintf(stderr, "%s:%d: Uncaught case %d ('%c').\n",
5028 5111 __FILE__, __LINE__, rl, rl);
5029 5112 #endif
5030 5113 abort();
5031 5114 }
5032 5115
5033 5116 out:
5034 5117 MUTEX_UNLOCK(&dgraph_lock);
5035 5118
5036 5119 nolock_out:
5037 5120 switch (r = libscf_clear_runlevel(pg, ms)) {
5038 5121 case 0:
5039 5122 break;
5040 5123
5041 5124 case ECONNABORTED:
5042 5125 libscf_handle_rebind(h);
5043 5126 rebound = B_TRUE;
5044 5127 goto nolock_out;
5045 5128
5046 5129 case ECANCELED:
5047 5130 break;
5048 5131
5049 5132 case EPERM:
5050 5133 case EACCES:
5051 5134 case EROFS:
5052 5135 log_error(LOG_NOTICE, "Could not delete \"%s/%s\" property: "
5053 5136 "%s.\n", SCF_PG_OPTIONS, "runlevel", strerror(r));
5054 5137 break;
5055 5138
5056 5139 default:
5057 5140 bad_error("libscf_clear_runlevel", r);
5058 5141 }
5059 5142
5060 5143 return (rebound ? ECONNRESET : 0);
5061 5144 }
5062 5145
5063 5146 /*
5064 5147 * mark_subtree walks the dependents and add the GV_TOOFFLINE flag
5065 5148 * to the instances that are supposed to go offline during an
5066 5149 * administrative disable operation.
5067 5150 */
5068 5151 static int
5069 5152 mark_subtree(graph_edge_t *e, void *arg)
5070 5153 {
5071 5154 graph_vertex_t *v;
5072 5155 int r;
5073 5156
5074 5157 v = e->ge_vertex;
5075 5158
5076 5159 /* If it's already in the subgraph, skip. */
5077 5160 if (v->gv_flags & GV_TOOFFLINE)
5078 5161 return (UU_WALK_NEXT);
5079 5162
5080 5163 switch (v->gv_type) {
5081 5164 case GVT_INST:
5082 5165 /* If the instance is already disabled, skip it. */
5083 5166 if (!(v->gv_flags & GV_ENABLED))
5084 5167 return (UU_WALK_NEXT);
5085 5168
5086 5169 v->gv_flags |= GV_TOOFFLINE;
5087 5170 log_framework(LOG_DEBUG, "%s added to subtree\n", v->gv_name);
5088 5171 break;
5089 5172 case GVT_GROUP:
5090 5173 /*
5091 5174 * Skip all excluded and optional_all dependencies and decide
5092 5175 * whether to offline the service based on restart_on attribute.
5093 5176 */
5094 5177 if (v->gv_depgroup == DEPGRP_EXCLUDE_ALL ||
5095 5178 v->gv_depgroup == DEPGRP_OPTIONAL_ALL ||
5096 5179 v->gv_restart < RERR_RESTART)
5097 5180 return (UU_WALK_NEXT);
5098 5181 break;
5099 5182 }
5100 5183
5101 5184 r = uu_list_walk(v->gv_dependents, (uu_walk_fn_t *)mark_subtree, arg,
5102 5185 0);
5103 5186 assert(r == 0);
5104 5187 return (UU_WALK_NEXT);
5105 5188 }
5106 5189
5107 5190 static int
5108 5191 mark_subgraph(graph_edge_t *e, void *arg)
5109 5192 {
5110 5193 graph_vertex_t *v;
5111 5194 int r;
5112 5195 int optional = (int)arg;
5113 5196
5114 5197 v = e->ge_vertex;
5115 5198
5116 5199 /* If it's already in the subgraph, skip. */
5117 5200 if (v->gv_flags & GV_INSUBGRAPH)
5118 5201 return (UU_WALK_NEXT);
5119 5202
5120 5203 /*
5121 5204 * Keep track if walk has entered an optional dependency group
5122 5205 */
5123 5206 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_OPTIONAL_ALL) {
5124 5207 optional = 1;
5125 5208 }
5126 5209 /*
5127 5210 * Quit if we are in an optional dependency group and the instance
5128 5211 * is disabled
5129 5212 */
5130 5213 if (optional && (v->gv_type == GVT_INST) &&
5131 5214 (!(v->gv_flags & GV_ENBLD_NOOVR)))
5132 5215 return (UU_WALK_NEXT);
5133 5216
5134 5217 v->gv_flags |= GV_INSUBGRAPH;
5135 5218
5136 5219 /* Skip all excluded dependencies. */
5137 5220 if (v->gv_type == GVT_GROUP && v->gv_depgroup == DEPGRP_EXCLUDE_ALL)
5138 5221 return (UU_WALK_NEXT);
5139 5222
5140 5223 r = uu_list_walk(v->gv_dependencies, (uu_walk_fn_t *)mark_subgraph,
5141 5224 (void *)optional, 0);
5142 5225 assert(r == 0);
5143 5226 return (UU_WALK_NEXT);
5144 5227 }
5145 5228
5146 5229 /*
5147 5230 * Bring down all services which are not dependencies of fmri. The
5148 5231 * dependencies of fmri (direct & indirect) will constitute the "subgraph",
5149 5232 * and will have the GV_INSUBGRAPH flag set. The rest must be brought down,
5150 5233 * which means the state is "disabled", "maintenance", or "uninitialized". We
5151 5234 * could consider "offline" to be down, and refrain from sending start
5152 5235 * commands for such services, but that's not strictly necessary, so we'll
5153 5236 * decline to intrude on the state machine. It would probably confuse users
5154 5237 * anyway.
5155 5238 *
5156 5239 * The services should be brought down in reverse-dependency order, so we
5157 5240 * can't do it all at once here. We initiate by override-disabling the leaves
5158 5241 * of the dependency tree -- those services which are up but have no
5159 5242 * dependents which are up. When they come down,
5160 5243 * vertex_subgraph_dependencies_shutdown() will override-disable the newly
5161 5244 * exposed leaves. Perseverance will ensure completion.
5162 5245 *
5163 5246 * Sometimes we need to take action when the transition is complete, like
5164 5247 * start sulogin or halt the system. To tell when we're done, we initialize
5165 5248 * non_subgraph_svcs here to be the number of services which need to come
5166 5249 * down. As each does, we decrement the counter. When it hits zero, we take
5167 5250 * the appropriate action. See vertex_subgraph_dependencies_shutdown().
5168 5251 *
5169 5252 * In case we're coming up, we also remove any enable-overrides for the
5170 5253 * services which are dependencies of fmri.
5171 5254 *
5172 5255 * If norepository is true, the function will not change the repository.
5173 5256 *
5174 5257 * The decision to change the system run level in accordance with the milestone
5175 5258 * is taken in dgraph_set_runlevel().
5176 5259 *
5177 5260 * Returns
5178 5261 * 0 - success
5179 5262 * ECONNRESET - success, but handle was rebound
5180 5263 * EINVAL - fmri is invalid (error is logged)
5181 5264 * EALREADY - the milestone is already set to fmri
5182 5265 * ENOENT - a configured vertex does not exist for fmri (an error is logged)
5183 5266 */
5184 5267 static int
5185 5268 dgraph_set_milestone(const char *fmri, scf_handle_t *h, boolean_t norepository)
5186 5269 {
5187 5270 const char *cfmri, *fs;
5188 5271 graph_vertex_t *nm, *v;
5189 5272 int ret = 0, r;
5190 5273 scf_instance_t *inst;
5191 5274 boolean_t isall, isnone, rebound = B_FALSE;
5192 5275
5193 5276 /* Validate fmri */
5194 5277 isall = (strcmp(fmri, "all") == 0);
5195 5278 isnone = (strcmp(fmri, "none") == 0);
5196 5279
5197 5280 if (!isall && !isnone) {
5198 5281 if (fmri_canonify(fmri, (char **)&cfmri, B_FALSE) == EINVAL)
5199 5282 goto reject;
5200 5283
5201 5284 if (strcmp(cfmri, single_user_fmri) != 0 &&
5202 5285 strcmp(cfmri, multi_user_fmri) != 0 &&
5203 5286 strcmp(cfmri, multi_user_svr_fmri) != 0) {
5204 5287 startd_free((void *)cfmri, max_scf_fmri_size);
5205 5288 reject:
5206 5289 log_framework(LOG_WARNING,
5207 5290 "Rejecting request for invalid milestone \"%s\".\n",
5208 5291 fmri);
5209 5292 return (EINVAL);
5210 5293 }
5211 5294 }
5212 5295
5213 5296 inst = safe_scf_instance_create(h);
5214 5297
5215 5298 MUTEX_LOCK(&dgraph_lock);
5216 5299
5217 5300 if (milestone == NULL) {
5218 5301 if (isall) {
5219 5302 log_framework(LOG_DEBUG,
5220 5303 "Milestone already set to all.\n");
5221 5304 ret = EALREADY;
5222 5305 goto out;
5223 5306 }
5224 5307 } else if (milestone == MILESTONE_NONE) {
5225 5308 if (isnone) {
5226 5309 log_framework(LOG_DEBUG,
5227 5310 "Milestone already set to none.\n");
5228 5311 ret = EALREADY;
5229 5312 goto out;
5230 5313 }
5231 5314 } else {
5232 5315 if (!isall && !isnone &&
5233 5316 strcmp(cfmri, milestone->gv_name) == 0) {
5234 5317 log_framework(LOG_DEBUG,
5235 5318 "Milestone already set to %s.\n", cfmri);
5236 5319 ret = EALREADY;
5237 5320 goto out;
5238 5321 }
5239 5322 }
5240 5323
5241 5324 if (!isall && !isnone) {
5242 5325 nm = vertex_get_by_name(cfmri);
5243 5326 if (nm == NULL || !(nm->gv_flags & GV_CONFIGURED)) {
5244 5327 log_framework(LOG_WARNING, "Cannot set milestone to %s "
5245 5328 "because no such service exists.\n", cfmri);
5246 5329 ret = ENOENT;
5247 5330 goto out;
5248 5331 }
5249 5332 }
5250 5333
5251 5334 log_framework(LOG_DEBUG, "Changing milestone to %s.\n", fmri);
5252 5335
5253 5336 /*
5254 5337 * Set milestone, removing the old one if this was the last reference.
5255 5338 */
5256 5339 if (milestone > MILESTONE_NONE)
5257 5340 (void) vertex_unref(milestone);
5258 5341
5259 5342 if (isall)
5260 5343 milestone = NULL;
5261 5344 else if (isnone)
5262 5345 milestone = MILESTONE_NONE;
5263 5346 else {
5264 5347 milestone = nm;
5265 5348 /* milestone should count as a reference */
5266 5349 vertex_ref(milestone);
5267 5350 }
5268 5351
5269 5352 /* Clear all GV_INSUBGRAPH bits. */
5270 5353 for (v = uu_list_first(dgraph); v != NULL; v = uu_list_next(dgraph, v))
5271 5354 v->gv_flags &= ~GV_INSUBGRAPH;
5272 5355
5273 5356 if (!isall && !isnone) {
5274 5357 /* Set GV_INSUBGRAPH for milestone & descendents. */
5275 5358 milestone->gv_flags |= GV_INSUBGRAPH;
5276 5359
5277 5360 r = uu_list_walk(milestone->gv_dependencies,
5278 5361 (uu_walk_fn_t *)mark_subgraph, NULL, 0);
5279 5362 assert(r == 0);
5280 5363 }
5281 5364
5282 5365 /* Un-override services in the subgraph & override-disable the rest. */
5283 5366 if (norepository)
5284 5367 goto out;
5285 5368
5286 5369 non_subgraph_svcs = 0;
5287 5370 for (v = uu_list_first(dgraph);
5288 5371 v != NULL;
5289 5372 v = uu_list_next(dgraph, v)) {
5290 5373 if (v->gv_type != GVT_INST ||
5291 5374 (v->gv_flags & GV_CONFIGURED) == 0)
5292 5375 continue;
5293 5376
5294 5377 again:
5295 5378 r = scf_handle_decode_fmri(h, v->gv_name, NULL, NULL, inst,
5296 5379 NULL, NULL, SCF_DECODE_FMRI_EXACT);
5297 5380 if (r != 0) {
5298 5381 switch (scf_error()) {
5299 5382 case SCF_ERROR_CONNECTION_BROKEN:
5300 5383 default:
5301 5384 libscf_handle_rebind(h);
5302 5385 rebound = B_TRUE;
5303 5386 goto again;
5304 5387
5305 5388 case SCF_ERROR_NOT_FOUND:
5306 5389 continue;
5307 5390
5308 5391 case SCF_ERROR_HANDLE_MISMATCH:
5309 5392 case SCF_ERROR_INVALID_ARGUMENT:
5310 5393 case SCF_ERROR_CONSTRAINT_VIOLATED:
5311 5394 case SCF_ERROR_NOT_BOUND:
5312 5395 bad_error("scf_handle_decode_fmri",
5313 5396 scf_error());
5314 5397 }
5315 5398 }
5316 5399
5317 5400 if (isall || (v->gv_flags & GV_INSUBGRAPH)) {
5318 5401 r = libscf_delete_enable_ovr(inst);
5319 5402 fs = "libscf_delete_enable_ovr";
5320 5403 } else {
5321 5404 assert(isnone || (v->gv_flags & GV_INSUBGRAPH) == 0);
5322 5405
5323 5406 /*
5324 5407 * Services which are up need to come down before
5325 5408 * we're done, but we can only disable the leaves
5326 5409 * here.
5327 5410 */
5328 5411
5329 5412 if (up_state(v->gv_state))
5330 5413 ++non_subgraph_svcs;
5331 5414
5332 5415 /* If it's already disabled, don't bother. */
5333 5416 if ((v->gv_flags & GV_ENABLED) == 0)
5334 5417 continue;
5335 5418
5336 5419 if (!is_nonsubgraph_leaf(v))
5337 5420 continue;
5338 5421
5339 5422 r = libscf_set_enable_ovr(inst, 0);
5340 5423 fs = "libscf_set_enable_ovr";
5341 5424 }
5342 5425 switch (r) {
5343 5426 case 0:
5344 5427 case ECANCELED:
5345 5428 break;
5346 5429
5347 5430 case ECONNABORTED:
5348 5431 libscf_handle_rebind(h);
5349 5432 rebound = B_TRUE;
5350 5433 goto again;
5351 5434
5352 5435 case EPERM:
5353 5436 case EROFS:
5354 5437 log_error(LOG_WARNING,
5355 5438 "Could not set %s/%s for %s: %s.\n",
5356 5439 SCF_PG_GENERAL_OVR, SCF_PROPERTY_ENABLED,
5357 5440 v->gv_name, strerror(r));
5358 5441 break;
5359 5442
5360 5443 default:
5361 5444 bad_error(fs, r);
5362 5445 }
5363 5446 }
5364 5447
5365 5448 if (halting != -1) {
5366 5449 if (non_subgraph_svcs > 1)
5367 5450 uu_warn("%d system services are now being stopped.\n",
5368 5451 non_subgraph_svcs);
5369 5452 else if (non_subgraph_svcs == 1)
5370 5453 uu_warn("One system service is now being stopped.\n");
5371 5454 else if (non_subgraph_svcs == 0)
5372 5455 do_uadmin();
5373 5456 }
5374 5457
5375 5458 ret = rebound ? ECONNRESET : 0;
5376 5459
5377 5460 out:
5378 5461 MUTEX_UNLOCK(&dgraph_lock);
5379 5462 if (!isall && !isnone)
5380 5463 startd_free((void *)cfmri, max_scf_fmri_size);
5381 5464 scf_instance_destroy(inst);
5382 5465 return (ret);
5383 5466 }
5384 5467
5385 5468
5386 5469 /*
5387 5470 * Returns 0, ECONNABORTED, or EINVAL.
5388 5471 */
5389 5472 static int
5390 5473 handle_graph_update_event(scf_handle_t *h, graph_protocol_event_t *e)
5391 5474 {
5392 5475 int r;
5393 5476
5394 5477 switch (e->gpe_type) {
5395 5478 case GRAPH_UPDATE_RELOAD_GRAPH:
5396 5479 log_error(LOG_WARNING,
5397 5480 "graph_event: reload graph unimplemented\n");
5398 5481 break;
5399 5482
5400 5483 case GRAPH_UPDATE_STATE_CHANGE: {
5401 5484 protocol_states_t *states = e->gpe_data;
5402 5485
5403 5486 switch (r = dgraph_set_instance_state(h, e->gpe_inst,
5404 5487 states->ps_state, states->ps_err)) {
5405 5488 case 0:
5406 5489 case ENOENT:
5407 5490 break;
5408 5491
5409 5492 case ECONNABORTED:
5410 5493 return (ECONNABORTED);
5411 5494
5412 5495 case EINVAL:
5413 5496 default:
5414 5497 #ifndef NDEBUG
5415 5498 (void) fprintf(stderr, "dgraph_set_instance_state() "
5416 5499 "failed with unexpected error %d at %s:%d.\n", r,
5417 5500 __FILE__, __LINE__);
5418 5501 #endif
5419 5502 abort();
5420 5503 }
5421 5504
5422 5505 startd_free(states, sizeof (protocol_states_t));
5423 5506 break;
5424 5507 }
5425 5508
5426 5509 default:
5427 5510 log_error(LOG_WARNING,
5428 5511 "graph_event_loop received an unknown event: %d\n",
5429 5512 e->gpe_type);
5430 5513 break;
5431 5514 }
5432 5515
5433 5516 return (0);
5434 5517 }
5435 5518
5436 5519 /*
5437 5520 * graph_event_thread()
5438 5521 * Wait for state changes from the restarters.
5439 5522 */
5440 5523 /*ARGSUSED*/
5441 5524 void *
5442 5525 graph_event_thread(void *unused)
5443 5526 {
5444 5527 scf_handle_t *h;
5445 5528 int err;
5446 5529
5447 5530 h = libscf_handle_create_bound_loop();
5448 5531
5449 5532 /*CONSTCOND*/
5450 5533 while (1) {
5451 5534 graph_protocol_event_t *e;
5452 5535
5453 5536 MUTEX_LOCK(&gu->gu_lock);
5454 5537
5455 5538 while (gu->gu_wakeup == 0)
5456 5539 (void) pthread_cond_wait(&gu->gu_cv, &gu->gu_lock);
5457 5540
5458 5541 gu->gu_wakeup = 0;
5459 5542
5460 5543 while ((e = graph_event_dequeue()) != NULL) {
5461 5544 MUTEX_LOCK(&e->gpe_lock);
5462 5545 MUTEX_UNLOCK(&gu->gu_lock);
5463 5546
5464 5547 while ((err = handle_graph_update_event(h, e)) ==
5465 5548 ECONNABORTED)
5466 5549 libscf_handle_rebind(h);
5467 5550
5468 5551 if (err == 0)
5469 5552 graph_event_release(e);
5470 5553 else
5471 5554 graph_event_requeue(e);
5472 5555
5473 5556 MUTEX_LOCK(&gu->gu_lock);
5474 5557 }
5475 5558
5476 5559 MUTEX_UNLOCK(&gu->gu_lock);
5477 5560 }
5478 5561
5479 5562 /*
5480 5563 * Unreachable for now -- there's currently no graceful cleanup
5481 5564 * called on exit().
5482 5565 */
5483 5566 MUTEX_UNLOCK(&gu->gu_lock);
5484 5567 scf_handle_destroy(h);
5485 5568 return (NULL);
5486 5569 }
5487 5570
5488 5571 static void
5489 5572 set_initial_milestone(scf_handle_t *h)
5490 5573 {
5491 5574 scf_instance_t *inst;
5492 5575 char *fmri, *cfmri;
5493 5576 size_t sz;
5494 5577 int r;
5495 5578
5496 5579 inst = safe_scf_instance_create(h);
5497 5580 fmri = startd_alloc(max_scf_fmri_size);
5498 5581
5499 5582 /*
5500 5583 * If -m milestone= was specified, we want to set options_ovr/milestone
5501 5584 * to it. Otherwise we want to read what the milestone should be set
5502 5585 * to. Either way we need our inst.
5503 5586 */
5504 5587 get_self:
5505 5588 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL, inst,
5506 5589 NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5507 5590 switch (scf_error()) {
5508 5591 case SCF_ERROR_CONNECTION_BROKEN:
5509 5592 libscf_handle_rebind(h);
5510 5593 goto get_self;
5511 5594
5512 5595 case SCF_ERROR_NOT_FOUND:
5513 5596 if (st->st_subgraph != NULL &&
5514 5597 st->st_subgraph[0] != '\0') {
5515 5598 sz = strlcpy(fmri, st->st_subgraph,
5516 5599 max_scf_fmri_size);
5517 5600 assert(sz < max_scf_fmri_size);
5518 5601 } else {
5519 5602 fmri[0] = '\0';
5520 5603 }
5521 5604 break;
5522 5605
5523 5606 case SCF_ERROR_INVALID_ARGUMENT:
5524 5607 case SCF_ERROR_CONSTRAINT_VIOLATED:
5525 5608 case SCF_ERROR_HANDLE_MISMATCH:
5526 5609 default:
5527 5610 bad_error("scf_handle_decode_fmri", scf_error());
5528 5611 }
5529 5612 } else {
5530 5613 if (st->st_subgraph != NULL && st->st_subgraph[0] != '\0') {
5531 5614 scf_propertygroup_t *pg;
5532 5615
5533 5616 pg = safe_scf_pg_create(h);
5534 5617
5535 5618 sz = strlcpy(fmri, st->st_subgraph, max_scf_fmri_size);
5536 5619 assert(sz < max_scf_fmri_size);
5537 5620
5538 5621 r = libscf_inst_get_or_add_pg(inst, SCF_PG_OPTIONS_OVR,
5539 5622 SCF_PG_OPTIONS_OVR_TYPE, SCF_PG_OPTIONS_OVR_FLAGS,
5540 5623 pg);
5541 5624 switch (r) {
5542 5625 case 0:
5543 5626 break;
5544 5627
5545 5628 case ECONNABORTED:
5546 5629 libscf_handle_rebind(h);
5547 5630 goto get_self;
5548 5631
5549 5632 case EPERM:
5550 5633 case EACCES:
5551 5634 case EROFS:
5552 5635 log_error(LOG_WARNING, "Could not set %s/%s: "
5553 5636 "%s.\n", SCF_PG_OPTIONS_OVR,
5554 5637 SCF_PROPERTY_MILESTONE, strerror(r));
5555 5638 /* FALLTHROUGH */
5556 5639
5557 5640 case ECANCELED:
5558 5641 sz = strlcpy(fmri, st->st_subgraph,
5559 5642 max_scf_fmri_size);
5560 5643 assert(sz < max_scf_fmri_size);
5561 5644 break;
5562 5645
5563 5646 default:
5564 5647 bad_error("libscf_inst_get_or_add_pg", r);
5565 5648 }
5566 5649
5567 5650 r = libscf_clear_runlevel(pg, fmri);
5568 5651 switch (r) {
5569 5652 case 0:
5570 5653 break;
5571 5654
5572 5655 case ECONNABORTED:
5573 5656 libscf_handle_rebind(h);
5574 5657 goto get_self;
5575 5658
5576 5659 case EPERM:
5577 5660 case EACCES:
5578 5661 case EROFS:
5579 5662 log_error(LOG_WARNING, "Could not set %s/%s: "
5580 5663 "%s.\n", SCF_PG_OPTIONS_OVR,
5581 5664 SCF_PROPERTY_MILESTONE, strerror(r));
5582 5665 /* FALLTHROUGH */
5583 5666
5584 5667 case ECANCELED:
5585 5668 sz = strlcpy(fmri, st->st_subgraph,
5586 5669 max_scf_fmri_size);
5587 5670 assert(sz < max_scf_fmri_size);
5588 5671 break;
5589 5672
5590 5673 default:
5591 5674 bad_error("libscf_clear_runlevel", r);
5592 5675 }
5593 5676
5594 5677 scf_pg_destroy(pg);
5595 5678 } else {
5596 5679 scf_property_t *prop;
5597 5680 scf_value_t *val;
5598 5681
5599 5682 prop = safe_scf_property_create(h);
5600 5683 val = safe_scf_value_create(h);
5601 5684
5602 5685 r = libscf_get_milestone(inst, prop, val, fmri,
5603 5686 max_scf_fmri_size);
5604 5687 switch (r) {
5605 5688 case 0:
5606 5689 break;
5607 5690
5608 5691 case ECONNABORTED:
5609 5692 libscf_handle_rebind(h);
5610 5693 goto get_self;
5611 5694
5612 5695 case EINVAL:
5613 5696 log_error(LOG_WARNING, "Milestone property is "
5614 5697 "misconfigured. Defaulting to \"all\".\n");
5615 5698 /* FALLTHROUGH */
5616 5699
5617 5700 case ECANCELED:
5618 5701 case ENOENT:
5619 5702 fmri[0] = '\0';
5620 5703 break;
5621 5704
5622 5705 default:
5623 5706 bad_error("libscf_get_milestone", r);
5624 5707 }
5625 5708
5626 5709 scf_value_destroy(val);
5627 5710 scf_property_destroy(prop);
5628 5711 }
5629 5712 }
5630 5713
5631 5714 if (fmri[0] == '\0' || strcmp(fmri, "all") == 0)
5632 5715 goto out;
5633 5716
5634 5717 if (strcmp(fmri, "none") != 0) {
5635 5718 retry:
5636 5719 if (scf_handle_decode_fmri(h, fmri, NULL, NULL, inst, NULL,
5637 5720 NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5638 5721 switch (scf_error()) {
5639 5722 case SCF_ERROR_INVALID_ARGUMENT:
5640 5723 log_error(LOG_WARNING,
5641 5724 "Requested milestone \"%s\" is invalid. "
5642 5725 "Reverting to \"all\".\n", fmri);
5643 5726 goto out;
5644 5727
5645 5728 case SCF_ERROR_CONSTRAINT_VIOLATED:
5646 5729 log_error(LOG_WARNING, "Requested milestone "
5647 5730 "\"%s\" does not specify an instance. "
5648 5731 "Reverting to \"all\".\n", fmri);
5649 5732 goto out;
5650 5733
5651 5734 case SCF_ERROR_CONNECTION_BROKEN:
5652 5735 libscf_handle_rebind(h);
5653 5736 goto retry;
5654 5737
5655 5738 case SCF_ERROR_NOT_FOUND:
5656 5739 log_error(LOG_WARNING, "Requested milestone "
5657 5740 "\"%s\" not in repository. Reverting to "
5658 5741 "\"all\".\n", fmri);
5659 5742 goto out;
5660 5743
5661 5744 case SCF_ERROR_HANDLE_MISMATCH:
5662 5745 default:
5663 5746 bad_error("scf_handle_decode_fmri",
5664 5747 scf_error());
5665 5748 }
5666 5749 }
5667 5750
5668 5751 r = fmri_canonify(fmri, &cfmri, B_FALSE);
5669 5752 assert(r == 0);
5670 5753
5671 5754 r = dgraph_add_instance(cfmri, inst, B_TRUE);
5672 5755 startd_free(cfmri, max_scf_fmri_size);
5673 5756 switch (r) {
5674 5757 case 0:
5675 5758 break;
5676 5759
5677 5760 case ECONNABORTED:
5678 5761 goto retry;
5679 5762
5680 5763 case EINVAL:
5681 5764 log_error(LOG_WARNING,
5682 5765 "Requested milestone \"%s\" is invalid. "
5683 5766 "Reverting to \"all\".\n", fmri);
5684 5767 goto out;
5685 5768
5686 5769 case ECANCELED:
5687 5770 log_error(LOG_WARNING,
5688 5771 "Requested milestone \"%s\" not "
5689 5772 "in repository. Reverting to \"all\".\n",
5690 5773 fmri);
5691 5774 goto out;
5692 5775
5693 5776 case EEXIST:
5694 5777 default:
5695 5778 bad_error("dgraph_add_instance", r);
5696 5779 }
5697 5780 }
5698 5781
5699 5782 log_console(LOG_INFO, "Booting to milestone \"%s\".\n", fmri);
5700 5783
5701 5784 r = dgraph_set_milestone(fmri, h, B_FALSE);
5702 5785 switch (r) {
5703 5786 case 0:
5704 5787 case ECONNRESET:
5705 5788 case EALREADY:
5706 5789 break;
5707 5790
5708 5791 case EINVAL:
5709 5792 case ENOENT:
5710 5793 default:
5711 5794 bad_error("dgraph_set_milestone", r);
5712 5795 }
5713 5796
5714 5797 out:
5715 5798 startd_free(fmri, max_scf_fmri_size);
5716 5799 scf_instance_destroy(inst);
5717 5800 }
5718 5801
5719 5802 void
5720 5803 set_restart_milestone(scf_handle_t *h)
5721 5804 {
5722 5805 scf_instance_t *inst;
5723 5806 scf_property_t *prop;
5724 5807 scf_value_t *val;
5725 5808 char *fmri;
5726 5809 int r;
5727 5810
5728 5811 inst = safe_scf_instance_create(h);
5729 5812
5730 5813 get_self:
5731 5814 if (scf_handle_decode_fmri(h, SCF_SERVICE_STARTD, NULL, NULL,
5732 5815 inst, NULL, NULL, SCF_DECODE_FMRI_EXACT) != 0) {
5733 5816 switch (scf_error()) {
5734 5817 case SCF_ERROR_CONNECTION_BROKEN:
5735 5818 libscf_handle_rebind(h);
5736 5819 goto get_self;
5737 5820
5738 5821 case SCF_ERROR_NOT_FOUND:
5739 5822 break;
5740 5823
5741 5824 case SCF_ERROR_INVALID_ARGUMENT:
5742 5825 case SCF_ERROR_CONSTRAINT_VIOLATED:
5743 5826 case SCF_ERROR_HANDLE_MISMATCH:
5744 5827 default:
5745 5828 bad_error("scf_handle_decode_fmri", scf_error());
5746 5829 }
5747 5830
5748 5831 scf_instance_destroy(inst);
5749 5832 return;
5750 5833 }
5751 5834
5752 5835 prop = safe_scf_property_create(h);
5753 5836 val = safe_scf_value_create(h);
5754 5837 fmri = startd_alloc(max_scf_fmri_size);
5755 5838
5756 5839 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
5757 5840 switch (r) {
5758 5841 case 0:
5759 5842 break;
5760 5843
5761 5844 case ECONNABORTED:
5762 5845 libscf_handle_rebind(h);
5763 5846 goto get_self;
5764 5847
5765 5848 case ECANCELED:
5766 5849 case ENOENT:
5767 5850 case EINVAL:
5768 5851 goto out;
5769 5852
5770 5853 default:
5771 5854 bad_error("libscf_get_milestone", r);
5772 5855 }
5773 5856
5774 5857 r = dgraph_set_milestone(fmri, h, B_TRUE);
5775 5858 switch (r) {
5776 5859 case 0:
5777 5860 case ECONNRESET:
5778 5861 case EALREADY:
5779 5862 case EINVAL:
5780 5863 case ENOENT:
5781 5864 break;
5782 5865
5783 5866 default:
5784 5867 bad_error("dgraph_set_milestone", r);
5785 5868 }
5786 5869
5787 5870 out:
5788 5871 startd_free(fmri, max_scf_fmri_size);
5789 5872 scf_value_destroy(val);
5790 5873 scf_property_destroy(prop);
5791 5874 scf_instance_destroy(inst);
5792 5875 }
5793 5876
5794 5877 /*
5795 5878 * void *graph_thread(void *)
5796 5879 *
5797 5880 * Graph management thread.
5798 5881 */
5799 5882 /*ARGSUSED*/
5800 5883 void *
5801 5884 graph_thread(void *arg)
5802 5885 {
5803 5886 scf_handle_t *h;
5804 5887 int err;
5805 5888
5806 5889 h = libscf_handle_create_bound_loop();
5807 5890
5808 5891 if (st->st_initial)
5809 5892 set_initial_milestone(h);
5810 5893
5811 5894 MUTEX_LOCK(&dgraph_lock);
5812 5895 initial_milestone_set = B_TRUE;
5813 5896 err = pthread_cond_broadcast(&initial_milestone_cv);
5814 5897 assert(err == 0);
5815 5898 MUTEX_UNLOCK(&dgraph_lock);
5816 5899
5817 5900 libscf_populate_graph(h);
5818 5901
5819 5902 if (!st->st_initial)
5820 5903 set_restart_milestone(h);
5821 5904
5822 5905 MUTEX_LOCK(&st->st_load_lock);
5823 5906 st->st_load_complete = 1;
5824 5907 (void) pthread_cond_broadcast(&st->st_load_cv);
5825 5908 MUTEX_UNLOCK(&st->st_load_lock);
5826 5909
5827 5910 MUTEX_LOCK(&dgraph_lock);
5828 5911 /*
5829 5912 * Now that we've set st_load_complete we need to check can_come_up()
5830 5913 * since if we booted to a milestone, then there won't be any more
5831 5914 * state updates.
5832 5915 */
5833 5916 if (!go_single_user_mode && !go_to_level1 &&
5834 5917 halting == -1) {
5835 5918 if (!sulogin_thread_running && !can_come_up()) {
5836 5919 (void) startd_thread_create(sulogin_thread, NULL);
5837 5920 sulogin_thread_running = B_TRUE;
5838 5921 }
5839 5922 }
5840 5923 MUTEX_UNLOCK(&dgraph_lock);
5841 5924
5842 5925 (void) pthread_mutex_lock(&gu->gu_freeze_lock);
5843 5926
5844 5927 /*CONSTCOND*/
5845 5928 while (1) {
5846 5929 (void) pthread_cond_wait(&gu->gu_freeze_cv,
5847 5930 &gu->gu_freeze_lock);
5848 5931 }
5849 5932
5850 5933 /*
5851 5934 * Unreachable for now -- there's currently no graceful cleanup
5852 5935 * called on exit().
5853 5936 */
5854 5937 (void) pthread_mutex_unlock(&gu->gu_freeze_lock);
5855 5938 scf_handle_destroy(h);
5856 5939
5857 5940 return (NULL);
5858 5941 }
5859 5942
5860 5943
5861 5944 /*
5862 5945 * int next_action()
5863 5946 * Given an array of timestamps 'a' with 'num' elements, find the
5864 5947 * lowest non-zero timestamp and return its index. If there are no
5865 5948 * non-zero elements, return -1.
5866 5949 */
5867 5950 static int
5868 5951 next_action(hrtime_t *a, int num)
5869 5952 {
5870 5953 hrtime_t t = 0;
5871 5954 int i = 0, smallest = -1;
5872 5955
5873 5956 for (i = 0; i < num; i++) {
5874 5957 if (t == 0) {
5875 5958 t = a[i];
5876 5959 smallest = i;
5877 5960 } else if (a[i] != 0 && a[i] < t) {
5878 5961 t = a[i];
5879 5962 smallest = i;
5880 5963 }
5881 5964 }
5882 5965
5883 5966 if (t == 0)
5884 5967 return (-1);
5885 5968 else
5886 5969 return (smallest);
5887 5970 }
5888 5971
5889 5972 /*
5890 5973 * void process_actions()
5891 5974 * Process actions requested by the administrator. Possibilities include:
5892 5975 * refresh, restart, maintenance mode off, maintenance mode on,
5893 5976 * maintenance mode immediate, and degraded.
5894 5977 *
5895 5978 * The set of pending actions is represented in the repository as a
5896 5979 * per-instance property group, with each action being a single property
5897 5980 * in that group. This property group is converted to an array, with each
5898 5981 * action type having an array slot. The actions in the array at the
5899 5982 * time process_actions() is called are acted on in the order of the
5900 5983 * timestamp (which is the value stored in the slot). A value of zero
5901 5984 * indicates that there is no pending action of the type associated with
5902 5985 * a particular slot.
5903 5986 *
5904 5987 * Sending an action event multiple times before the restarter has a
5905 5988 * chance to process that action will force it to be run at the last
5906 5989 * timestamp where it appears in the ordering.
5907 5990 *
5908 5991 * Turning maintenance mode on trumps all other actions.
5909 5992 *
5910 5993 * Returns 0 or ECONNABORTED.
5911 5994 */
5912 5995 static int
5913 5996 process_actions(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst)
5914 5997 {
5915 5998 scf_property_t *prop = NULL;
5916 5999 scf_value_t *val = NULL;
5917 6000 scf_type_t type;
5918 6001 graph_vertex_t *vertex;
5919 6002 admin_action_t a;
5920 6003 int i, ret = 0, r;
5921 6004 hrtime_t action_ts[NACTIONS];
5922 6005 char *inst_name;
5923 6006
5924 6007 r = libscf_instance_get_fmri(inst, &inst_name);
5925 6008 switch (r) {
5926 6009 case 0:
5927 6010 break;
5928 6011
5929 6012 case ECONNABORTED:
5930 6013 return (ECONNABORTED);
5931 6014
5932 6015 case ECANCELED:
5933 6016 return (0);
5934 6017
5935 6018 default:
5936 6019 bad_error("libscf_instance_get_fmri", r);
5937 6020 }
5938 6021
5939 6022 MUTEX_LOCK(&dgraph_lock);
5940 6023
5941 6024 vertex = vertex_get_by_name(inst_name);
5942 6025 if (vertex == NULL) {
5943 6026 MUTEX_UNLOCK(&dgraph_lock);
5944 6027 startd_free(inst_name, max_scf_fmri_size);
5945 6028 log_framework(LOG_DEBUG, "%s: Can't find graph vertex. "
5946 6029 "The instance must have been removed.\n", inst_name);
5947 6030 return (0);
5948 6031 }
5949 6032
5950 6033 prop = safe_scf_property_create(h);
5951 6034 val = safe_scf_value_create(h);
5952 6035
5953 6036 for (i = 0; i < NACTIONS; i++) {
5954 6037 if (scf_pg_get_property(pg, admin_actions[i], prop) != 0) {
5955 6038 switch (scf_error()) {
5956 6039 case SCF_ERROR_CONNECTION_BROKEN:
5957 6040 default:
5958 6041 ret = ECONNABORTED;
5959 6042 goto out;
5960 6043
5961 6044 case SCF_ERROR_DELETED:
5962 6045 goto out;
5963 6046
5964 6047 case SCF_ERROR_NOT_FOUND:
5965 6048 action_ts[i] = 0;
5966 6049 continue;
5967 6050
5968 6051 case SCF_ERROR_HANDLE_MISMATCH:
5969 6052 case SCF_ERROR_INVALID_ARGUMENT:
5970 6053 case SCF_ERROR_NOT_SET:
5971 6054 bad_error("scf_pg_get_property", scf_error());
5972 6055 }
5973 6056 }
5974 6057
5975 6058 if (scf_property_type(prop, &type) != 0) {
5976 6059 switch (scf_error()) {
5977 6060 case SCF_ERROR_CONNECTION_BROKEN:
5978 6061 default:
5979 6062 ret = ECONNABORTED;
5980 6063 goto out;
5981 6064
5982 6065 case SCF_ERROR_DELETED:
5983 6066 action_ts[i] = 0;
5984 6067 continue;
5985 6068
5986 6069 case SCF_ERROR_NOT_SET:
5987 6070 bad_error("scf_property_type", scf_error());
5988 6071 }
5989 6072 }
5990 6073
5991 6074 if (type != SCF_TYPE_INTEGER) {
5992 6075 action_ts[i] = 0;
5993 6076 continue;
5994 6077 }
5995 6078
5996 6079 if (scf_property_get_value(prop, val) != 0) {
5997 6080 switch (scf_error()) {
5998 6081 case SCF_ERROR_CONNECTION_BROKEN:
5999 6082 default:
6000 6083 ret = ECONNABORTED;
6001 6084 goto out;
6002 6085
6003 6086 case SCF_ERROR_DELETED:
6004 6087 goto out;
6005 6088
6006 6089 case SCF_ERROR_NOT_FOUND:
6007 6090 case SCF_ERROR_CONSTRAINT_VIOLATED:
6008 6091 action_ts[i] = 0;
6009 6092 continue;
6010 6093
6011 6094 case SCF_ERROR_NOT_SET:
6012 6095 case SCF_ERROR_PERMISSION_DENIED:
6013 6096 bad_error("scf_property_get_value",
6014 6097 scf_error());
6015 6098 }
6016 6099 }
6017 6100
6018 6101 r = scf_value_get_integer(val, &action_ts[i]);
6019 6102 assert(r == 0);
6020 6103 }
6021 6104
6022 6105 a = ADMIN_EVENT_MAINT_ON_IMMEDIATE;
6023 6106 if (action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ||
6024 6107 action_ts[ADMIN_EVENT_MAINT_ON]) {
6025 6108 a = action_ts[ADMIN_EVENT_MAINT_ON_IMMEDIATE] ?
6026 6109 ADMIN_EVENT_MAINT_ON_IMMEDIATE : ADMIN_EVENT_MAINT_ON;
6027 6110
6028 6111 vertex_send_event(vertex, admin_events[a]);
6029 6112 r = libscf_unset_action(h, pg, a, action_ts[a]);
6030 6113 switch (r) {
6031 6114 case 0:
6032 6115 case EACCES:
6033 6116 break;
6034 6117
6035 6118 case ECONNABORTED:
6036 6119 ret = ECONNABORTED;
6037 6120 goto out;
6038 6121
6039 6122 case EPERM:
6040 6123 uu_die("Insufficient privilege.\n");
6041 6124 /* NOTREACHED */
6042 6125
6043 6126 default:
6044 6127 bad_error("libscf_unset_action", r);
6045 6128 }
6046 6129 }
6047 6130
6048 6131 while ((a = next_action(action_ts, NACTIONS)) != -1) {
6049 6132 log_framework(LOG_DEBUG,
6050 6133 "Graph: processing %s action for %s.\n", admin_actions[a],
6051 6134 inst_name);
6052 6135
6053 6136 if (a == ADMIN_EVENT_REFRESH) {
6054 6137 r = dgraph_refresh_instance(vertex, inst);
6055 6138 switch (r) {
6056 6139 case 0:
6057 6140 case ECANCELED:
6058 6141 case EINVAL:
6059 6142 case -1:
6060 6143 break;
6061 6144
6062 6145 case ECONNABORTED:
6063 6146 /* pg & inst are reset now, so just return. */
6064 6147 ret = ECONNABORTED;
6065 6148 goto out;
6066 6149
6067 6150 default:
6068 6151 bad_error("dgraph_refresh_instance", r);
6069 6152 }
6070 6153 }
6071 6154
6072 6155 vertex_send_event(vertex, admin_events[a]);
6073 6156
6074 6157 r = libscf_unset_action(h, pg, a, action_ts[a]);
6075 6158 switch (r) {
6076 6159 case 0:
6077 6160 case EACCES:
6078 6161 break;
6079 6162
6080 6163 case ECONNABORTED:
6081 6164 ret = ECONNABORTED;
6082 6165 goto out;
6083 6166
6084 6167 case EPERM:
6085 6168 uu_die("Insufficient privilege.\n");
6086 6169 /* NOTREACHED */
6087 6170
6088 6171 default:
6089 6172 bad_error("libscf_unset_action", r);
6090 6173 }
6091 6174
6092 6175 action_ts[a] = 0;
6093 6176 }
6094 6177
6095 6178 out:
6096 6179 MUTEX_UNLOCK(&dgraph_lock);
6097 6180
6098 6181 scf_property_destroy(prop);
6099 6182 scf_value_destroy(val);
6100 6183 startd_free(inst_name, max_scf_fmri_size);
6101 6184 return (ret);
6102 6185 }
6103 6186
6104 6187 /*
6105 6188 * inst and pg_name are scratch space, and are unset on entry.
6106 6189 * Returns
6107 6190 * 0 - success
6108 6191 * ECONNRESET - success, but repository handle rebound
6109 6192 * ECONNABORTED - repository connection broken
6110 6193 */
6111 6194 static int
6112 6195 process_pg_event(scf_handle_t *h, scf_propertygroup_t *pg, scf_instance_t *inst,
6113 6196 char *pg_name)
6114 6197 {
6115 6198 int r;
6116 6199 scf_property_t *prop;
6117 6200 scf_value_t *val;
6118 6201 char *fmri;
6119 6202 boolean_t rebound = B_FALSE, rebind_inst = B_FALSE;
6120 6203
6121 6204 if (scf_pg_get_name(pg, pg_name, max_scf_value_size) < 0) {
6122 6205 switch (scf_error()) {
6123 6206 case SCF_ERROR_CONNECTION_BROKEN:
6124 6207 default:
6125 6208 return (ECONNABORTED);
6126 6209
6127 6210 case SCF_ERROR_DELETED:
6128 6211 return (0);
6129 6212
6130 6213 case SCF_ERROR_NOT_SET:
6131 6214 bad_error("scf_pg_get_name", scf_error());
6132 6215 }
6133 6216 }
6134 6217
6135 6218 if (strcmp(pg_name, SCF_PG_GENERAL) == 0 ||
6136 6219 strcmp(pg_name, SCF_PG_GENERAL_OVR) == 0) {
6137 6220 r = dgraph_update_general(pg);
6138 6221 switch (r) {
6139 6222 case 0:
6140 6223 case ENOTSUP:
6141 6224 case ECANCELED:
6142 6225 return (0);
6143 6226
6144 6227 case ECONNABORTED:
6145 6228 return (ECONNABORTED);
6146 6229
6147 6230 case -1:
6148 6231 /* Error should have been logged. */
6149 6232 return (0);
6150 6233
6151 6234 default:
6152 6235 bad_error("dgraph_update_general", r);
6153 6236 }
6154 6237 } else if (strcmp(pg_name, SCF_PG_RESTARTER_ACTIONS) == 0) {
6155 6238 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6156 6239 switch (scf_error()) {
6157 6240 case SCF_ERROR_CONNECTION_BROKEN:
6158 6241 return (ECONNABORTED);
6159 6242
6160 6243 case SCF_ERROR_DELETED:
6161 6244 case SCF_ERROR_CONSTRAINT_VIOLATED:
6162 6245 /* Ignore commands on services. */
6163 6246 return (0);
6164 6247
6165 6248 case SCF_ERROR_NOT_BOUND:
6166 6249 case SCF_ERROR_HANDLE_MISMATCH:
6167 6250 case SCF_ERROR_NOT_SET:
6168 6251 default:
6169 6252 bad_error("scf_pg_get_parent_instance",
6170 6253 scf_error());
6171 6254 }
6172 6255 }
6173 6256
6174 6257 return (process_actions(h, pg, inst));
6175 6258 }
6176 6259
6177 6260 if (strcmp(pg_name, SCF_PG_OPTIONS) != 0 &&
6178 6261 strcmp(pg_name, SCF_PG_OPTIONS_OVR) != 0)
6179 6262 return (0);
6180 6263
6181 6264 /*
6182 6265 * We only care about the options[_ovr] property groups of our own
6183 6266 * instance, so get the fmri and compare. Plus, once we know it's
6184 6267 * correct, if the repository connection is broken we know exactly what
6185 6268 * property group we were operating on, and can look it up again.
6186 6269 */
6187 6270 if (scf_pg_get_parent_instance(pg, inst) != 0) {
6188 6271 switch (scf_error()) {
6189 6272 case SCF_ERROR_CONNECTION_BROKEN:
6190 6273 return (ECONNABORTED);
6191 6274
6192 6275 case SCF_ERROR_DELETED:
6193 6276 case SCF_ERROR_CONSTRAINT_VIOLATED:
6194 6277 return (0);
6195 6278
6196 6279 case SCF_ERROR_HANDLE_MISMATCH:
6197 6280 case SCF_ERROR_NOT_BOUND:
6198 6281 case SCF_ERROR_NOT_SET:
6199 6282 default:
6200 6283 bad_error("scf_pg_get_parent_instance",
6201 6284 scf_error());
6202 6285 }
6203 6286 }
6204 6287
6205 6288 switch (r = libscf_instance_get_fmri(inst, &fmri)) {
6206 6289 case 0:
6207 6290 break;
6208 6291
6209 6292 case ECONNABORTED:
6210 6293 return (ECONNABORTED);
6211 6294
6212 6295 case ECANCELED:
6213 6296 return (0);
6214 6297
6215 6298 default:
6216 6299 bad_error("libscf_instance_get_fmri", r);
6217 6300 }
6218 6301
6219 6302 if (strcmp(fmri, SCF_SERVICE_STARTD) != 0) {
6220 6303 startd_free(fmri, max_scf_fmri_size);
6221 6304 return (0);
6222 6305 }
6223 6306
6224 6307 prop = safe_scf_property_create(h);
6225 6308 val = safe_scf_value_create(h);
6226 6309
6227 6310 if (strcmp(pg_name, SCF_PG_OPTIONS_OVR) == 0) {
6228 6311 /* See if we need to set the runlevel. */
6229 6312 /* CONSTCOND */
6230 6313 if (0) {
6231 6314 rebind_pg:
6232 6315 libscf_handle_rebind(h);
6233 6316 rebound = B_TRUE;
6234 6317
6235 6318 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6236 6319 switch (r) {
6237 6320 case 0:
6238 6321 break;
6239 6322
6240 6323 case ECONNABORTED:
6241 6324 goto rebind_pg;
6242 6325
6243 6326 case ENOENT:
6244 6327 goto out;
6245 6328
6246 6329 case EINVAL:
6247 6330 case ENOTSUP:
6248 6331 bad_error("libscf_lookup_instance", r);
6249 6332 }
6250 6333
6251 6334 if (scf_instance_get_pg(inst, pg_name, pg) != 0) {
6252 6335 switch (scf_error()) {
6253 6336 case SCF_ERROR_DELETED:
6254 6337 case SCF_ERROR_NOT_FOUND:
6255 6338 goto out;
6256 6339
6257 6340 case SCF_ERROR_CONNECTION_BROKEN:
6258 6341 goto rebind_pg;
6259 6342
6260 6343 case SCF_ERROR_HANDLE_MISMATCH:
6261 6344 case SCF_ERROR_NOT_BOUND:
6262 6345 case SCF_ERROR_NOT_SET:
6263 6346 case SCF_ERROR_INVALID_ARGUMENT:
6264 6347 default:
6265 6348 bad_error("scf_instance_get_pg",
6266 6349 scf_error());
6267 6350 }
6268 6351 }
6269 6352 }
6270 6353
6271 6354 if (scf_pg_get_property(pg, "runlevel", prop) == 0) {
6272 6355 r = dgraph_set_runlevel(pg, prop);
6273 6356 switch (r) {
6274 6357 case ECONNRESET:
6275 6358 rebound = B_TRUE;
6276 6359 rebind_inst = B_TRUE;
6277 6360 /* FALLTHROUGH */
6278 6361
6279 6362 case 0:
6280 6363 break;
6281 6364
6282 6365 case ECONNABORTED:
6283 6366 goto rebind_pg;
6284 6367
6285 6368 case ECANCELED:
6286 6369 goto out;
6287 6370
6288 6371 default:
6289 6372 bad_error("dgraph_set_runlevel", r);
6290 6373 }
6291 6374 } else {
6292 6375 switch (scf_error()) {
6293 6376 case SCF_ERROR_CONNECTION_BROKEN:
6294 6377 default:
6295 6378 goto rebind_pg;
6296 6379
6297 6380 case SCF_ERROR_DELETED:
6298 6381 goto out;
6299 6382
6300 6383 case SCF_ERROR_NOT_FOUND:
6301 6384 break;
6302 6385
6303 6386 case SCF_ERROR_INVALID_ARGUMENT:
6304 6387 case SCF_ERROR_HANDLE_MISMATCH:
6305 6388 case SCF_ERROR_NOT_BOUND:
6306 6389 case SCF_ERROR_NOT_SET:
6307 6390 bad_error("scf_pg_get_property", scf_error());
6308 6391 }
6309 6392 }
6310 6393 }
6311 6394
6312 6395 if (rebind_inst) {
6313 6396 lookup_inst:
6314 6397 r = libscf_lookup_instance(SCF_SERVICE_STARTD, inst);
6315 6398 switch (r) {
6316 6399 case 0:
6317 6400 break;
6318 6401
6319 6402 case ECONNABORTED:
6320 6403 libscf_handle_rebind(h);
6321 6404 rebound = B_TRUE;
6322 6405 goto lookup_inst;
6323 6406
6324 6407 case ENOENT:
6325 6408 goto out;
6326 6409
6327 6410 case EINVAL:
6328 6411 case ENOTSUP:
6329 6412 bad_error("libscf_lookup_instance", r);
6330 6413 }
6331 6414 }
6332 6415
6333 6416 r = libscf_get_milestone(inst, prop, val, fmri, max_scf_fmri_size);
6334 6417 switch (r) {
6335 6418 case 0:
6336 6419 break;
6337 6420
6338 6421 case ECONNABORTED:
6339 6422 libscf_handle_rebind(h);
6340 6423 rebound = B_TRUE;
6341 6424 goto lookup_inst;
6342 6425
6343 6426 case EINVAL:
6344 6427 log_error(LOG_NOTICE,
6345 6428 "%s/%s property of %s is misconfigured.\n", pg_name,
6346 6429 SCF_PROPERTY_MILESTONE, SCF_SERVICE_STARTD);
6347 6430 /* FALLTHROUGH */
6348 6431
6349 6432 case ECANCELED:
6350 6433 case ENOENT:
6351 6434 (void) strcpy(fmri, "all");
6352 6435 break;
6353 6436
6354 6437 default:
6355 6438 bad_error("libscf_get_milestone", r);
6356 6439 }
6357 6440
6358 6441 r = dgraph_set_milestone(fmri, h, B_FALSE);
6359 6442 switch (r) {
6360 6443 case 0:
6361 6444 case ECONNRESET:
6362 6445 case EALREADY:
6363 6446 break;
6364 6447
6365 6448 case EINVAL:
6366 6449 log_error(LOG_WARNING, "Milestone %s is invalid.\n", fmri);
6367 6450 break;
6368 6451
6369 6452 case ENOENT:
6370 6453 log_error(LOG_WARNING, "Milestone %s does not exist.\n", fmri);
6371 6454 break;
6372 6455
6373 6456 default:
6374 6457 bad_error("dgraph_set_milestone", r);
6375 6458 }
6376 6459
6377 6460 out:
6378 6461 startd_free(fmri, max_scf_fmri_size);
6379 6462 scf_value_destroy(val);
6380 6463 scf_property_destroy(prop);
6381 6464
6382 6465 return (rebound ? ECONNRESET : 0);
6383 6466 }
6384 6467
6385 6468 /*
6386 6469 * process_delete() deletes an instance from the dgraph if 'fmri' is an
6387 6470 * instance fmri or if 'fmri' matches the 'general' property group of an
6388 6471 * instance (or the 'general/enabled' property).
6389 6472 *
6390 6473 * 'fmri' may be overwritten and cannot be trusted on return by the caller.
6391 6474 */
6392 6475 static void
6393 6476 process_delete(char *fmri, scf_handle_t *h)
6394 6477 {
6395 6478 char *lfmri, *end_inst_fmri;
6396 6479 const char *inst_name = NULL;
6397 6480 const char *pg_name = NULL;
6398 6481 const char *prop_name = NULL;
6399 6482
6400 6483 lfmri = safe_strdup(fmri);
6401 6484
6402 6485 /* Determine if the FMRI is a property group or instance */
6403 6486 if (scf_parse_svc_fmri(lfmri, NULL, NULL, &inst_name, &pg_name,
6404 6487 &prop_name) != SCF_SUCCESS) {
6405 6488 log_error(LOG_WARNING,
6406 6489 "Received invalid FMRI \"%s\" from repository server.\n",
6407 6490 fmri);
6408 6491 } else if (inst_name != NULL && pg_name == NULL) {
6409 6492 (void) dgraph_remove_instance(fmri, h);
6410 6493 } else if (inst_name != NULL && pg_name != NULL) {
6411 6494 /*
6412 6495 * If we're deleting the 'general' property group or
6413 6496 * 'general/enabled' property then the whole instance
6414 6497 * must be removed from the dgraph.
6415 6498 */
6416 6499 if (strcmp(pg_name, SCF_PG_GENERAL) != 0) {
6417 6500 free(lfmri);
6418 6501 return;
6419 6502 }
6420 6503
6421 6504 if (prop_name != NULL &&
6422 6505 strcmp(prop_name, SCF_PROPERTY_ENABLED) != 0) {
6423 6506 free(lfmri);
6424 6507 return;
6425 6508 }
6426 6509
6427 6510 /*
6428 6511 * Because the instance has already been deleted from the
6429 6512 * repository, we cannot use any scf_ functions to retrieve
6430 6513 * the instance FMRI however we can easily reconstruct it
6431 6514 * manually.
6432 6515 */
6433 6516 end_inst_fmri = strstr(fmri, SCF_FMRI_PROPERTYGRP_PREFIX);
6434 6517 if (end_inst_fmri == NULL)
6435 6518 bad_error("process_delete", 0);
6436 6519
6437 6520 end_inst_fmri[0] = '\0';
6438 6521
6439 6522 (void) dgraph_remove_instance(fmri, h);
6440 6523 }
6441 6524
6442 6525 free(lfmri);
6443 6526 }
6444 6527
6445 6528 /*ARGSUSED*/
6446 6529 void *
6447 6530 repository_event_thread(void *unused)
6448 6531 {
6449 6532 scf_handle_t *h;
6450 6533 scf_propertygroup_t *pg;
6451 6534 scf_instance_t *inst;
6452 6535 char *fmri = startd_alloc(max_scf_fmri_size);
6453 6536 char *pg_name = startd_alloc(max_scf_value_size);
6454 6537 int r;
6455 6538
6456 6539 h = libscf_handle_create_bound_loop();
6457 6540
6458 6541 pg = safe_scf_pg_create(h);
6459 6542 inst = safe_scf_instance_create(h);
6460 6543
6461 6544 retry:
6462 6545 if (_scf_notify_add_pgtype(h, SCF_GROUP_FRAMEWORK) != SCF_SUCCESS) {
6463 6546 if (scf_error() == SCF_ERROR_CONNECTION_BROKEN) {
6464 6547 libscf_handle_rebind(h);
6465 6548 } else {
6466 6549 log_error(LOG_WARNING,
6467 6550 "Couldn't set up repository notification "
6468 6551 "for property group type %s: %s\n",
6469 6552 SCF_GROUP_FRAMEWORK, scf_strerror(scf_error()));
6470 6553
6471 6554 (void) sleep(1);
6472 6555 }
6473 6556
6474 6557 goto retry;
6475 6558 }
6476 6559
6477 6560 /*CONSTCOND*/
6478 6561 while (1) {
6479 6562 ssize_t res;
6480 6563
6481 6564 /* Note: fmri is only set on delete events. */
6482 6565 res = _scf_notify_wait(pg, fmri, max_scf_fmri_size);
6483 6566 if (res < 0) {
6484 6567 libscf_handle_rebind(h);
6485 6568 goto retry;
6486 6569 } else if (res == 0) {
6487 6570 /*
6488 6571 * property group modified. inst and pg_name are
6489 6572 * pre-allocated scratch space.
6490 6573 */
6491 6574 if (scf_pg_update(pg) < 0) {
6492 6575 switch (scf_error()) {
6493 6576 case SCF_ERROR_DELETED:
6494 6577 continue;
6495 6578
6496 6579 case SCF_ERROR_CONNECTION_BROKEN:
6497 6580 log_error(LOG_WARNING,
6498 6581 "Lost repository event due to "
6499 6582 "disconnection.\n");
6500 6583 libscf_handle_rebind(h);
6501 6584 goto retry;
6502 6585
6503 6586 case SCF_ERROR_NOT_BOUND:
6504 6587 case SCF_ERROR_NOT_SET:
6505 6588 default:
6506 6589 bad_error("scf_pg_update", scf_error());
6507 6590 }
6508 6591 }
6509 6592
6510 6593 r = process_pg_event(h, pg, inst, pg_name);
6511 6594 switch (r) {
6512 6595 case 0:
6513 6596 break;
6514 6597
6515 6598 case ECONNABORTED:
6516 6599 log_error(LOG_WARNING, "Lost repository event "
6517 6600 "due to disconnection.\n");
6518 6601 libscf_handle_rebind(h);
6519 6602 /* FALLTHROUGH */
6520 6603
6521 6604 case ECONNRESET:
6522 6605 goto retry;
6523 6606
6524 6607 default:
6525 6608 bad_error("process_pg_event", r);
6526 6609 }
6527 6610 } else {
6528 6611 /*
6529 6612 * Service, instance, or pg deleted.
6530 6613 * Don't trust fmri on return.
6531 6614 */
6532 6615 process_delete(fmri, h);
6533 6616 }
6534 6617 }
6535 6618
6536 6619 /*NOTREACHED*/
6537 6620 return (NULL);
6538 6621 }
6539 6622
6540 6623 void
6541 6624 graph_engine_start()
6542 6625 {
6543 6626 int err;
6544 6627
6545 6628 (void) startd_thread_create(graph_thread, NULL);
6546 6629
6547 6630 MUTEX_LOCK(&dgraph_lock);
6548 6631 while (!initial_milestone_set) {
6549 6632 err = pthread_cond_wait(&initial_milestone_cv, &dgraph_lock);
6550 6633 assert(err == 0);
6551 6634 }
6552 6635 MUTEX_UNLOCK(&dgraph_lock);
6553 6636
6554 6637 (void) startd_thread_create(repository_event_thread, NULL);
6555 6638 (void) startd_thread_create(graph_event_thread, NULL);
6556 6639 }
|
↓ open down ↓ |
1562 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX