]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/journal/journalctl.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge pull request #9218 from systemd/finalize-coverity
[thirdparty/systemd.git] / src / journal / journalctl.c
CommitLineData
53e1b683 1/* SPDX-License-Identifier: LGPL-2.1+ */
87d2c1ff
LP		 2/***
3 This file is part of systemd.
4
5 Copyright 2011 Lennart Poettering
87d2c1ff
LP		 6***/
7
3f6fd1ba 8#include <errno.h>
87d2c1ff 9#include <fcntl.h>
ea18a4b5 10#include <fnmatch.h>
3f6fd1ba
LP		 11#include <getopt.h>
12#include <linux/fs.h>
13#include <locale.h>
14#include <poll.h>
15#include <signal.h>
87d2c1ff 16#include <stddef.h>
3fbf9cbb 17#include <stdio.h>
3fbf9cbb 18#include <stdlib.h>
3f6fd1ba 19#include <string.h>
74055aa7 20#include <sys/inotify.h>
3f6fd1ba
LP		 21#include <sys/stat.h>
22#include <unistd.h>
87d2c1ff 23
6becf48c
ZJS		 24#if HAVE_PCRE2
25# define PCRE2_CODE_UNIT_WIDTH 8
26# include <pcre2.h>
27#endif
28
74055aa7 29#include "sd-bus.h"
3f6fd1ba
LP		 30#include "sd-journal.h"
31
f8eeeaf9 32#include "acl-util.h"
b5efdb8a 33#include "alloc-util.h"
3f6fd1ba
LP		 34#include "bus-error.h"
35#include "bus-util.h"
36#include "catalog.h"
c8b3094d 37#include "chattr-util.h"
3ffd4af2 38#include "fd-util.h"
68fee104 39#include "fileio.h"
f4f15635 40#include "fs-util.h"
3f6fd1ba 41#include "fsprg.h"
7d50b32a 42#include "glob-util.h"
3f6fd1ba 43#include "hostname-util.h"
c004493c 44#include "io-util.h"
7560fffc 45#include "journal-def.h"
3f6fd1ba 46#include "journal-internal.h"
f6a971bc 47#include "journal-qrcode.h"
4f37cbd9 48#include "journal-util.h"
dbd2a83f 49#include "journal-vacuum.h"
3f6fd1ba 50#include "journal-verify.h"
8752c575 51#include "locale-util.h"
3f6fd1ba
LP		 52#include "log.h"
53#include "logs-show.h"
74055aa7 54#include "mkdir.h"
3f6fd1ba 55#include "pager.h"
6bedfcbb 56#include "parse-util.h"
3f6fd1ba 57#include "path-util.h"
78f22b97 58#include "rlimit-util.h"
3f6fd1ba
LP		 59#include "set.h"
60#include "sigbus.h"
5c828e66 61#include "string-table.h"
3f6fd1ba 62#include "strv.h"
7ccbd1ae 63#include "syslog-util.h"
288a74cc 64#include "terminal-util.h"
795ab08f 65#include "udev-util.h"
5c828e66 66#include "udev.h"
3f6fd1ba 67#include "unit-name.h"
b1d4f8e1 68#include "user-util.h"
7560fffc 69
baed47c3 70#define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
250d54b5 71
ec316d19
PP		 72#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */
73
6becf48c
ZJS		 74#if HAVE_PCRE2
75DEFINE_TRIVIAL_CLEANUP_FUNC(pcre2_match_data*, pcre2_match_data_free);
61c5f8a1 76DEFINE_TRIVIAL_CLEANUP_FUNC(pcre2_code*, pcre2_code_free);
6becf48c
ZJS		 77
78static int pattern_compile(const char *pattern, unsigned flags, pcre2_code **out) {
79 int errorcode, r;
80 PCRE2_SIZE erroroffset;
81 pcre2_code *p;
82
83 p = pcre2_compile((PCRE2_SPTR8) pattern,
84 PCRE2_ZERO_TERMINATED, flags, &errorcode, &erroroffset, NULL);
85 if (!p) {
86 unsigned char buf[LINE_MAX];
87
88 r = pcre2_get_error_message(errorcode, buf, sizeof buf);
89
90 log_error("Bad pattern \"%s\": %s",
91 pattern,
92 r < 0 ? "unknown error" : (char*) buf);
93 return -EINVAL;
94 }
95
96 *out = p;
97 return 0;
98}
99
100#endif
101
97e1cc8b
LP		 102enum {
103 /* Special values for arg_lines */
104 ARG_LINES_DEFAULT = -2,
105 ARG_LINES_ALL = -1,
106};
107
df50185b 108static OutputMode arg_output = OUTPUT_SHORT;
9fd29044 109static bool arg_utc = false;
1b12a7b5 110static bool arg_pager_end = false;
72f59706 111static bool arg_follow = false;
2b8f6883 112static bool arg_full = true;
cd4b13e0 113static bool arg_all = false;
0d43c694 114static bool arg_no_pager = false;
97e1cc8b 115static int arg_lines = ARG_LINES_DEFAULT;
e91af489 116static bool arg_no_tail = false;
43673799 117static bool arg_quiet = false;
9e8a535f 118static bool arg_merge = false;
d121b396 119static bool arg_boot = false;
442e2def
LP		 120static sd_id128_t arg_boot_id = {};
121static int arg_boot_offset = 0;
99271804 122static bool arg_dmesg = false;
991e274b 123static bool arg_no_hostname = false;
8f14c832 124static const char *arg_cursor = NULL;
248fc619
ZJS		 125static const char *arg_after_cursor = NULL;
126static bool arg_show_cursor = false;
a963990f 127static const char *arg_directory = NULL;
8d98da3f 128static char **arg_file = NULL;
5d1ce257 129static bool arg_file_stdin = false;
941e990d 130static int arg_priorities = 0xFF;
6bae9b2a 131static char *arg_verify_key = NULL;
349cc4a5 132#if HAVE_GCRYPT
baed47c3 133static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
b8547c10 134static bool arg_force = false;
feb12d3e 135#endif
cfbc22ab
LP		 136static usec_t arg_since, arg_until;
137static bool arg_since_set = false, arg_until_set = false;
73083640 138static char **arg_syslog_identifier = NULL;
b9e40524
HH		 139static char **arg_system_units = NULL;
140static char **arg_user_units = NULL;
3c1668da 141static const char *arg_field = NULL;
d4205751 142static bool arg_catalog = false;
d89d6c86 143static bool arg_reverse = false;
3f3a438f 144static int arg_journal_type = 0;
0f03c2a4 145static char *arg_root = NULL;
b6741478 146static const char *arg_machine = NULL;
8580d1f7
LP		 147static uint64_t arg_vacuum_size = 0;
148static uint64_t arg_vacuum_n_files = 0;
149static usec_t arg_vacuum_time = 0;
cc25a67e 150static char **arg_output_fields = NULL;
50f20cfd 151
6becf48c 152#if HAVE_PCRE2
61c5f8a1
ZJS		 153static const char *arg_pattern = NULL;
154static pcre2_code *arg_compiled_pattern = NULL;
155static int arg_case_sensitive = -1; /* -1 means be smart */
6becf48c
ZJS		 156#endif
157
7560fffc
LP		 158static enum {
159 ACTION_SHOW,
160 ACTION_NEW_ID128,
161 ACTION_PRINT_HEADER,
beec0085 162 ACTION_SETUP_KEYS,
a1a03e30
LP		 163 ACTION_VERIFY,
164 ACTION_DISK_USAGE,
d4205751 165 ACTION_LIST_CATALOG,
54b7254c 166 ACTION_DUMP_CATALOG,
f1188074
ZJS		 167 ACTION_UPDATE_CATALOG,
168 ACTION_LIST_BOOTS,
74055aa7 169 ACTION_FLUSH,
a020b3b3 170 ACTION_SYNC,
e3fdfb49 171 ACTION_ROTATE,
dbd2a83f 172 ACTION_VACUUM,
69e714f3
LP		 173 ACTION_LIST_FIELDS,
174 ACTION_LIST_FIELD_NAMES,
7560fffc
LP		 175} arg_action = ACTION_SHOW;
176
45bc27b6 177typedef struct BootId {
a331b5e6 178 sd_id128_t id;
f1188074
ZJS		 179 uint64_t first;
180 uint64_t last;
45bc27b6
LP		 181 LIST_FIELDS(struct BootId, boot_list);
182} BootId;
a331b5e6 183
795ab08f 184static int add_matches_for_device(sd_journal *j, const char *devpath) {
8e766630
LP		 185 _cleanup_(udev_unrefp) struct udev *udev = NULL;
186 _cleanup_(udev_device_unrefp) struct udev_device *device = NULL;
795ab08f
MS		 187 struct udev_device *d = NULL;
188 struct stat st;
e5ca27b7 189 int r;
795ab08f
MS		 190
191 assert(j);
192 assert(devpath);
193
194 if (!path_startswith(devpath, "/dev/")) {
195 log_error("Devpath does not start with /dev/");
196 return -EINVAL;
197 }
198
199 udev = udev_new();
200 if (!udev)
201 return log_oom();
202
e5ca27b7
LP		 203 if (stat(devpath, &st) < 0)
204 return log_error_errno(errno, "Couldn't stat file: %m");
795ab08f 205
e5ca27b7
LP		 206 r = udev_device_new_from_stat_rdev(udev, &st, &device);
207 if (r < 0)
208 return log_error_errno(r, "Failed to get udev device from devnum %u:%u: %m", major(st.st_rdev), minor(st.st_rdev));
795ab08f
MS		 209
210 while (d) {
211 _cleanup_free_ char *match = NULL;
212 const char *subsys, *sysname, *devnode;
213
214 subsys = udev_device_get_subsystem(d);
215 if (!subsys) {
216 d = udev_device_get_parent(d);
217 continue;
218 }
219
220 sysname = udev_device_get_sysname(d);
221 if (!sysname) {
222 d = udev_device_get_parent(d);
223 continue;
224 }
225
605405c6 226 match = strjoin("_KERNEL_DEVICE=+", subsys, ":", sysname);
795ab08f
MS		 227 if (!match)
228 return log_oom();
229
230 r = sd_journal_add_match(j, match, 0);
231 if (r < 0)
232 return log_error_errno(r, "Failed to add match: %m");
233
234 devnode = udev_device_get_devnode(d);
235 if (devnode) {
236 _cleanup_free_ char *match1 = NULL;
237
238 r = stat(devnode, &st);
239 if (r < 0)
240 return log_error_errno(r, "Failed to stat() device node \"%s\": %m", devnode);
241
242 r = asprintf(&match1, "_KERNEL_DEVICE=%c%u:%u", S_ISBLK(st.st_mode) ? 'b' : 'c', major(st.st_rdev), minor(st.st_rdev));
243 if (r < 0)
244 return log_oom();
245
246 r = sd_journal_add_match(j, match1, 0);
247 if (r < 0)
248 return log_error_errno(r, "Failed to add match: %m");
249 }
250
251 d = udev_device_get_parent(d);
252 }
253
485fd9a7
MS		 254 r = add_match_this_boot(j, arg_machine);
255 if (r < 0)
256 return log_error_errno(r, "Failed to add match for the current boot: %m");
257
795ab08f
MS		 258 return 0;
259}
260
5ab99e07
LP		 261static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
262
263 if (arg_utc)
264 return format_timestamp_utc(buf, l, t);
265
266 return format_timestamp(buf, l, t);
267}
268
442e2def
LP		 269static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
270 sd_id128_t id = SD_ID128_NULL;
271 int off = 0, r;
272
273 if (strlen(x) >= 32) {
274 char *t;
275
276 t = strndupa(x, 32);
277 r = sd_id128_from_string(t, &id);
278 if (r >= 0)
279 x += 32;
280
4c701096 281 if (!IN_SET(*x, 0, '-', '+'))
442e2def
LP		 282 return -EINVAL;
283
284 if (*x != 0) {
285 r = safe_atoi(x, &off);
286 if (r < 0)
287 return r;
288 }
289 } else {
290 r = safe_atoi(x, &off);
291 if (r < 0)
292 return r;
293 }
294
295 if (boot_id)
296 *boot_id = id;
297
298 if (offset)
299 *offset = off;
300
301 return 0;
302}
303
601185b4 304static void help(void) {
0d43c694 305
ee5324aa 306 (void) pager_open(arg_no_pager, arg_pager_end);
faf5077f 307
cd4b13e0 308 printf("%s [OPTIONS...] [MATCHES...]\n\n"
15119c16 309 "Query the journal.\n\n"
94b65516 310 "Options:\n"
61c5f8a1
ZJS		 311 " --system Show the system journal\n"
312 " --user Show the user journal for the current user\n"
313 " -M --machine=CONTAINER Operate on local container\n"
314 " -S --since=DATE Show entries not older than the specified date\n"
315 " -U --until=DATE Show entries not newer than the specified date\n"
316 " -c --cursor=CURSOR Show entries starting at the specified cursor\n"
317 " --after-cursor=CURSOR Show entries after the specified cursor\n"
318 " --show-cursor Print the cursor after all the entries\n"
319 " -b --boot[=ID] Show current boot or the specified boot\n"
320 " --list-boots Show terse information about recorded boots\n"
321 " -k --dmesg Show kernel message log from the current boot\n"
322 " -u --unit=UNIT Show logs from the specified unit\n"
323 " --user-unit=UNIT Show logs from the specified user unit\n"
324 " -t --identifier=STRING Show entries with the specified syslog identifier\n"
325 " -p --priority=RANGE Show entries with the specified priority\n"
fabf4dae 326 " -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n"
61c5f8a1
ZJS		 327 " --case-sensitive[=BOOL] Force case sensitive or insenstive matching\n"
328 " -e --pager-end Immediately jump to the end in the pager\n"
329 " -f --follow Follow the journal\n"
330 " -n --lines[=INTEGER] Number of journal entries to show\n"
331 " --no-tail Show all lines, even in follow mode\n"
332 " -r --reverse Show the newest entries first\n"
333 " -o --output=STRING Change journal output mode (short, short-precise,\n"
334 " short-iso, short-iso-precise, short-full,\n"
335 " short-monotonic, short-unix, verbose, export,\n"
49805b3d 336 " json, json-pretty, json-sse, cat, with-unit)\n"
61c5f8a1
ZJS		 337 " --output-fields=LIST Select fields to print in verbose/export/json modes\n"
338 " --utc Express time in Coordinated Universal Time (UTC)\n"
339 " -x --catalog Add message explanations where available\n"
340 " --no-full Ellipsize fields\n"
341 " -a --all Show all fields, including long and unprintable\n"
342 " -q --quiet Do not show info messages and privilege warning\n"
343 " --no-pager Do not pipe output into a pager\n"
344 " --no-hostname Suppress output of hostname field\n"
345 " -m --merge Show entries from all available journals\n"
346 " -D --directory=PATH Show journal files from directory\n"
347 " --file=PATH Show journal file\n"
348 " --root=ROOT Operate on files below a root directory\n"
349cc4a5 349#if HAVE_GCRYPT
61c5f8a1
ZJS		 350 " --interval=TIME Time interval for changing the FSS sealing key\n"
351 " --verify-key=KEY Specify FSS verification key\n"
352 " --force Override of the FSS key pair with --setup-keys\n"
15119c16
LP		 353#endif
354 "\nCommands:\n"
61c5f8a1
ZJS		 355 " -h --help Show this help text\n"
356 " --version Show package version\n"
357 " -N --fields List all field names currently used\n"
358 " -F --field=FIELD List all values that a specified field takes\n"
359 " --disk-usage Show total disk usage of all journal files\n"
360 " --vacuum-size=BYTES Reduce disk usage below specified size\n"
361 " --vacuum-files=INT Leave only the specified number of journal files\n"
362 " --vacuum-time=TIME Remove journal files older than specified time\n"
363 " --verify Verify journal file consistency\n"
364 " --sync Synchronize unwritten journal messages to disk\n"
365 " --flush Flush all journal data from /run into /var\n"
366 " --rotate Request immediate rotation of the journal files\n"
367 " --header Show journal header information\n"
368 " --list-catalog Show all message IDs in the catalog\n"
369 " --dump-catalog Show entries in the message catalog\n"
370 " --update-catalog Update the message catalog database\n"
371 " --new-id128 Generate a new 128-bit ID\n"
349cc4a5 372#if HAVE_GCRYPT
61c5f8a1 373 " --setup-keys Generate a new FSS key pair\n"
feb12d3e
LP		 374#endif
375 , program_invocation_short_name);
0d43c694
LP		 376}
377
378static int parse_argv(int argc, char *argv[]) {
379
380 enum {
381 ARG_VERSION = 0x100,
e91af489 382 ARG_NO_PAGER,
2b8f6883 383 ARG_NO_FULL,
55ee336c 384 ARG_NO_TAIL,
dca6219e 385 ARG_NEW_ID128,
8453f062 386 ARG_THIS_BOOT,
f1188074 387 ARG_LIST_BOOTS,
3f3a438f
ZJS		 388 ARG_USER,
389 ARG_SYSTEM,
13cbf3a5 390 ARG_ROOT,
7560fffc 391 ARG_HEADER,
beec0085 392 ARG_SETUP_KEYS,
8d98da3f 393 ARG_FILE,
baed47c3 394 ARG_INTERVAL,
4da416aa 395 ARG_VERIFY,
a1a03e30 396 ARG_VERIFY_KEY,
cfbc22ab 397 ARG_DISK_USAGE,
248fc619
ZJS		 398 ARG_AFTER_CURSOR,
399 ARG_SHOW_CURSOR,
ffa7cd15 400 ARG_USER_UNIT,
d4205751 401 ARG_LIST_CATALOG,
54b7254c 402 ARG_DUMP_CATALOG,
3f3a438f 403 ARG_UPDATE_CATALOG,
b8547c10 404 ARG_FORCE,
61c5f8a1 405 ARG_CASE_SENSITIVE,
9fd29044 406 ARG_UTC,
94b65516 407 ARG_SYNC,
74055aa7 408 ARG_FLUSH,
e3fdfb49 409 ARG_ROTATE,
dbd2a83f 410 ARG_VACUUM_SIZE,
8580d1f7 411 ARG_VACUUM_FILES,
dbd2a83f 412 ARG_VACUUM_TIME,
991e274b 413 ARG_NO_HOSTNAME,
cc25a67e 414 ARG_OUTPUT_FIELDS,
0d43c694
LP		 415 };
416
417 static const struct option options[] = {
248fc619
ZJS		 418 { "help", no_argument, NULL, 'h' },
419 { "version" , no_argument, NULL, ARG_VERSION },
420 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
421 { "pager-end", no_argument, NULL, 'e' },
422 { "follow", no_argument, NULL, 'f' },
423 { "force", no_argument, NULL, ARG_FORCE },
424 { "output", required_argument, NULL, 'o' },
425 { "all", no_argument, NULL, 'a' },
426 { "full", no_argument, NULL, 'l' },
2b8f6883 427 { "no-full", no_argument, NULL, ARG_NO_FULL },
248fc619
ZJS		 428 { "lines", optional_argument, NULL, 'n' },
429 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
430 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
431 { "quiet", no_argument, NULL, 'q' },
432 { "merge", no_argument, NULL, 'm' },
8453f062 433 { "this-boot", no_argument, NULL, ARG_THIS_BOOT }, /* deprecated */
248fc619 434 { "boot", optional_argument, NULL, 'b' },
f1188074 435 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
248fc619
ZJS		 436 { "dmesg", no_argument, NULL, 'k' },
437 { "system", no_argument, NULL, ARG_SYSTEM },
438 { "user", no_argument, NULL, ARG_USER },
439 { "directory", required_argument, NULL, 'D' },
440 { "file", required_argument, NULL, ARG_FILE },
441 { "root", required_argument, NULL, ARG_ROOT },
442 { "header", no_argument, NULL, ARG_HEADER },
73083640 443 { "identifier", required_argument, NULL, 't' },
248fc619 444 { "priority", required_argument, NULL, 'p' },
6becf48c 445 { "grep", required_argument, NULL, 'g' },
61c5f8a1 446 { "case-sensitive", optional_argument, NULL, ARG_CASE_SENSITIVE },
248fc619
ZJS		 447 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
448 { "interval", required_argument, NULL, ARG_INTERVAL },
449 { "verify", no_argument, NULL, ARG_VERIFY },
450 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
451 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
452 { "cursor", required_argument, NULL, 'c' },
453 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
454 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
66f52924
JS		 455 { "since", required_argument, NULL, 'S' },
456 { "until", required_argument, NULL, 'U' },
248fc619
ZJS		 457 { "unit", required_argument, NULL, 'u' },
458 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
459 { "field", required_argument, NULL, 'F' },
69e714f3 460 { "fields", no_argument, NULL, 'N' },
248fc619
ZJS		 461 { "catalog", no_argument, NULL, 'x' },
462 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
463 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
464 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
465 { "reverse", no_argument, NULL, 'r' },
b6741478 466 { "machine", required_argument, NULL, 'M' },
9fd29044 467 { "utc", no_argument, NULL, ARG_UTC },
74055aa7 468 { "flush", no_argument, NULL, ARG_FLUSH },
94b65516 469 { "sync", no_argument, NULL, ARG_SYNC },
e3fdfb49 470 { "rotate", no_argument, NULL, ARG_ROTATE },
dbd2a83f 471 { "vacuum-size", required_argument, NULL, ARG_VACUUM_SIZE },
8580d1f7 472 { "vacuum-files", required_argument, NULL, ARG_VACUUM_FILES },
dbd2a83f 473 { "vacuum-time", required_argument, NULL, ARG_VACUUM_TIME },
991e274b 474 { "no-hostname", no_argument, NULL, ARG_NO_HOSTNAME },
cc25a67e 475 { "output-fields", required_argument, NULL, ARG_OUTPUT_FIELDS },
eb9da376 476 {}
0d43c694
LP		 477 };
478
2100675e 479 int c, r;
0d43c694
LP		 480
481 assert(argc >= 0);
482 assert(argv);
483
2de6b06b 484 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:u:NF:xrM:", options, NULL)) >= 0)
0d43c694
LP		 485
486 switch (c) {
487
488 case 'h':
601185b4
ZJS		 489 help();
490 return 0;
0d43c694
LP		 491
492 case ARG_VERSION:
3f6fd1ba 493 return version();
0d43c694
LP		 494
495 case ARG_NO_PAGER:
496 arg_no_pager = true;
497 break;
498
1b12a7b5
HH		 499 case 'e':
500 arg_pager_end = true;
fe59e38b 501
97e1cc8b 502 if (arg_lines == ARG_LINES_DEFAULT)
fe59e38b
LP		 503 arg_lines = 1000;
504
1b12a7b5
HH		 505 break;
506
0d43c694
LP		 507 case 'f':
508 arg_follow = true;
509 break;
510
511 case 'o':
5c828e66
LP		 512 if (streq(optarg, "help")) {
513 DUMP_STRING_TABLE(output_mode, OutputMode, _OUTPUT_MODE_MAX);
514 return 0;
515 }
516
1705594f 517 arg_output = output_mode_from_string(optarg);
df50185b 518 if (arg_output < 0) {
edfb521a 519 log_error("Unknown output format '%s'.", optarg);
0d43c694
LP		 520 return -EINVAL;
521 }
df50185b 522
3742095b 523 if (IN_SET(arg_output, OUTPUT_EXPORT, OUTPUT_JSON, OUTPUT_JSON_PRETTY, OUTPUT_JSON_SSE, OUTPUT_CAT))
edfb521a
ZJS		 524 arg_quiet = true;
525
0d43c694
LP		 526 break;
527
98a6e132 528 case 'l':
e3657ecd
ZJS		 529 arg_full = true;
530 break;
531
2b8f6883
ZJS		 532 case ARG_NO_FULL:
533 arg_full = false;
534 break;
535
0d43c694 536 case 'a':
cd4b13e0 537 arg_all = true;
0d43c694
LP		 538 break;
539
2100675e 540 case 'n':
1705594f 541 if (optarg) {
48382487 542 if (streq(optarg, "all"))
97e1cc8b 543 arg_lines = ARG_LINES_ALL;
48382487
JJ		 544 else {
545 r = safe_atoi(optarg, &arg_lines);
546 if (r < 0 || arg_lines < 0) {
547 log_error("Failed to parse lines '%s'", optarg);
548 return -EINVAL;
549 }
1705594f 550 }
96088db0 551 } else {
48382487 552 arg_lines = 10;
96088db0
LP		 553
554 /* Hmm, no argument? Maybe the next
555 * word on the command line is
556 * supposed to be the argument? Let's
557 * see if there is one, and is
48382487
JJ		 558 * parsable. */
559 if (optind < argc) {
560 int n;
561 if (streq(argv[optind], "all")) {
97e1cc8b 562 arg_lines = ARG_LINES_ALL;
48382487
JJ		 563 optind++;
564 } else if (safe_atoi(argv[optind], &n) >= 0 && n >= 0) {
565 arg_lines = n;
566 optind++;
567 }
568 }
96088db0 569 }
1705594f 570
2100675e
LP		 571 break;
572
e91af489
LP		 573 case ARG_NO_TAIL:
574 arg_no_tail = true;
575 break;
576
39f7f5c1 577 case ARG_NEW_ID128:
7560fffc 578 arg_action = ACTION_NEW_ID128;
55ee336c
LP		 579 break;
580
43673799
LP		 581 case 'q':
582 arg_quiet = true;
490e567d 583 break;
43673799 584
9e8a535f
LP		 585 case 'm':
586 arg_merge = true;
2bd3c38a
LP		 587 break;
588
8453f062
ZJS		 589 case ARG_THIS_BOOT:
590 arg_boot = true;
591 break;
592
59cea26a 593 case 'b':
d121b396 594 arg_boot = true;
6cebe83c 595
442e2def 596 if (optarg) {
909dea0c 597 r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
442e2def
LP		 598 if (r < 0) {
599 log_error("Failed to parse boot descriptor '%s'", optarg);
600 return -EINVAL;
601 }
602 } else {
6cebe83c 603
442e2def
LP		 604 /* Hmm, no argument? Maybe the next
605 * word on the command line is
606 * supposed to be the argument? Let's
607 * see if there is one and is parsable
608 * as a boot descriptor... */
609
610 if (optind < argc &&
611 parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
6cebe83c 612 optind++;
6cebe83c 613 }
d121b396 614
59cea26a
LP		 615 break;
616
f1188074
ZJS		 617 case ARG_LIST_BOOTS:
618 arg_action = ACTION_LIST_BOOTS;
619 break;
620
99271804 621 case 'k':
d121b396 622 arg_boot = arg_dmesg = true;
99271804
ZJS		 623 break;
624
3f3a438f
ZJS		 625 case ARG_SYSTEM:
626 arg_journal_type |= SD_JOURNAL_SYSTEM;
627 break;
628
629 case ARG_USER:
630 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
631 break;
632
b6741478
LP		 633 case 'M':
634 arg_machine = optarg;
635 break;
636
a963990f
LP		 637 case 'D':
638 arg_directory = optarg;
639 break;
640
8d98da3f 641 case ARG_FILE:
5d1ce257
LP		 642 if (streq(optarg, "-"))
643 /* An undocumented feature: we can read journal files from STDIN. We don't document
644 * this though, since after all we only support this for mmap-able, seekable files, and
645 * not for example pipes which are probably the primary usecase for reading things from
646 * STDIN. To avoid confusion we hence don't document this feature. */
647 arg_file_stdin = true;
648 else {
649 r = glob_extend(&arg_file, optarg);
650 if (r < 0)
651 return log_error_errno(r, "Failed to add paths: %m");
652 }
8d98da3f
ZJS		 653 break;
654
13cbf3a5 655 case ARG_ROOT:
0f03c2a4
LP		 656 r = parse_path_argument_and_warn(optarg, true, &arg_root);
657 if (r < 0)
658 return r;
13cbf3a5
ZJS		 659 break;
660
8f14c832
LP		 661 case 'c':
662 arg_cursor = optarg;
663 break;
664
248fc619
ZJS		 665 case ARG_AFTER_CURSOR:
666 arg_after_cursor = optarg;
667 break;
668
669 case ARG_SHOW_CURSOR:
670 arg_show_cursor = true;
671 break;
672
dca6219e 673 case ARG_HEADER:
7560fffc
LP		 674 arg_action = ACTION_PRINT_HEADER;
675 break;
676
feb12d3e
LP		 677 case ARG_VERIFY:
678 arg_action = ACTION_VERIFY;
679 break;
680
a1a03e30
LP		 681 case ARG_DISK_USAGE:
682 arg_action = ACTION_DISK_USAGE;
683 break;
684
dbd2a83f
LP		 685 case ARG_VACUUM_SIZE:
686 r = parse_size(optarg, 1024, &arg_vacuum_size);
687 if (r < 0) {
688 log_error("Failed to parse vacuum size: %s", optarg);
689 return r;
690 }
691
692 arg_action = ACTION_VACUUM;
693 break;
694
8580d1f7
LP		 695 case ARG_VACUUM_FILES:
696 r = safe_atou64(optarg, &arg_vacuum_n_files);
697 if (r < 0) {
698 log_error("Failed to parse vacuum files: %s", optarg);
699 return r;
700 }
701
702 arg_action = ACTION_VACUUM;
703 break;
704
dbd2a83f
LP		 705 case ARG_VACUUM_TIME:
706 r = parse_sec(optarg, &arg_vacuum_time);
707 if (r < 0) {
708 log_error("Failed to parse vacuum time: %s", optarg);
709 return r;
710 }
711
712 arg_action = ACTION_VACUUM;
713 break;
714
349cc4a5 715#if HAVE_GCRYPT
b8547c10
SL		 716 case ARG_FORCE:
717 arg_force = true;
718 break;
719
7560fffc
LP		 720 case ARG_SETUP_KEYS:
721 arg_action = ACTION_SETUP_KEYS;
dca6219e
LP		 722 break;
723
baed47c3 724 case ARG_VERIFY_KEY:
4da416aa 725 arg_action = ACTION_VERIFY;
e50412ef
ZJS		 726 r = free_and_strdup(&arg_verify_key, optarg);
727 if (r < 0)
728 return r;
1075122f
ZJS		 729 /* Use memset not string_erase so this doesn't look confusing
730 * in ps or htop output. */
731 memset(optarg, 'x', strlen(optarg));
e50412ef
ZJS		 732
733 arg_merge = false;
4da416aa
LP		 734 break;
735
baed47c3 736 case ARG_INTERVAL:
7f602784 737 r = parse_sec(optarg, &arg_interval);
baed47c3
LP		 738 if (r < 0 || arg_interval <= 0) {
739 log_error("Failed to parse sealing key change interval: %s", optarg);
14d10188
LP		 740 return -EINVAL;
741 }
742 break;
feb12d3e
LP		 743#else
744 case ARG_SETUP_KEYS:
745 case ARG_VERIFY_KEY:
746 case ARG_INTERVAL:
b8547c10 747 case ARG_FORCE:
feb12d3e 748 log_error("Forward-secure sealing not available.");
15411c0c 749 return -EOPNOTSUPP;
feb12d3e 750#endif
14d10188 751
941e990d
LP		 752 case 'p': {
753 const char *dots;
754
755 dots = strstr(optarg, "..");
756 if (dots) {
757 char *a;
758 int from, to, i;
759
760 /* a range */
761 a = strndup(optarg, dots - optarg);
762 if (!a)
763 return log_oom();
764
765 from = log_level_from_string(a);
766 to = log_level_from_string(dots + 2);
767 free(a);
768
769 if (from < 0 || to < 0) {
770 log_error("Failed to parse log level range %s", optarg);
771 return -EINVAL;
772 }
773
774 arg_priorities = 0;
775
776 if (from < to) {
777 for (i = from; i <= to; i++)
778 arg_priorities |= 1 << i;
779 } else {
780 for (i = to; i <= from; i++)
781 arg_priorities |= 1 << i;
782 }
783
784 } else {
785 int p, i;
786
787 p = log_level_from_string(optarg);
788 if (p < 0) {
789 log_error("Unknown log level %s", optarg);
790 return -EINVAL;
791 }
792
793 arg_priorities = 0;
794
795 for (i = 0; i <= p; i++)
796 arg_priorities |= 1 << i;
797 }
798
799 break;
800 }
801
6becf48c 802#if HAVE_PCRE2
61c5f8a1
ZJS		 803 case 'g':
804 arg_pattern = optarg;
6becf48c 805 break;
6becf48c 806
61c5f8a1
ZJS		 807 case ARG_CASE_SENSITIVE:
808 if (optarg) {
809 r = parse_boolean(optarg);
810 if (r < 0)
811 return log_error_errno(r, "Bad --case-sensitive= argument \"%s\": %m", optarg);
812 arg_case_sensitive = r;
813 } else
814 arg_case_sensitive = true;
815
816 break;
6becf48c
ZJS		 817#else
818 case 'g':
61c5f8a1 819 case ARG_CASE_SENSITIVE:
6becf48c
ZJS		 820 return log_error("Compiled without pattern matching support");
821#endif
822
66f52924 823 case 'S':
cfbc22ab
LP		 824 r = parse_timestamp(optarg, &arg_since);
825 if (r < 0) {
826 log_error("Failed to parse timestamp: %s", optarg);
827 return -EINVAL;
828 }
829 arg_since_set = true;
830 break;
831
66f52924 832 case 'U':
cfbc22ab
LP		 833 r = parse_timestamp(optarg, &arg_until);
834 if (r < 0) {
835 log_error("Failed to parse timestamp: %s", optarg);
836 return -EINVAL;
837 }
838 arg_until_set = true;
839 break;
840
73083640
HH		 841 case 't':
842 r = strv_extend(&arg_syslog_identifier, optarg);
843 if (r < 0)
844 return log_oom();
845 break;
846
7199aa96 847 case 'u':
b9e40524
HH		 848 r = strv_extend(&arg_system_units, optarg);
849 if (r < 0)
850 return log_oom();
ffa7cd15
DW		 851 break;
852
7199aa96 853 case ARG_USER_UNIT:
b9e40524
HH		 854 r = strv_extend(&arg_user_units, optarg);
855 if (r < 0)
856 return log_oom();
c3f60ec5
LP		 857 break;
858
15119c16 859 case 'F':
69e714f3 860 arg_action = ACTION_LIST_FIELDS;
15119c16
LP		 861 arg_field = optarg;
862 break;
863
69e714f3
LP		 864 case 'N':
865 arg_action = ACTION_LIST_FIELD_NAMES;
866 break;
867
991e274b
LP		 868 case ARG_NO_HOSTNAME:
869 arg_no_hostname = true;
870 break;
871
d4205751
LP		 872 case 'x':
873 arg_catalog = true;
874 break;
875
876 case ARG_LIST_CATALOG:
877 arg_action = ACTION_LIST_CATALOG;
878 break;
879
54b7254c
ZJS		 880 case ARG_DUMP_CATALOG:
881 arg_action = ACTION_DUMP_CATALOG;
882 break;
883
d4205751
LP		 884 case ARG_UPDATE_CATALOG:
885 arg_action = ACTION_UPDATE_CATALOG;
886 break;
887
d89d6c86
LN		 888 case 'r':
889 arg_reverse = true;
890 break;
891
9fd29044
JS		 892 case ARG_UTC:
893 arg_utc = true;
894 break;
895
74055aa7
LP		 896 case ARG_FLUSH:
897 arg_action = ACTION_FLUSH;
898 break;
899
e3fdfb49
EV		 900 case ARG_ROTATE:
901 arg_action = ACTION_ROTATE;
902 break;
903
94b65516
LP		 904 case ARG_SYNC:
905 arg_action = ACTION_SYNC;
906 break;
907
cc25a67e
LK		 908 case ARG_OUTPUT_FIELDS: {
909 _cleanup_strv_free_ char **v = NULL;
910
911 v = strv_split(optarg, ",");
912 if (!v)
913 return log_oom();
914
1cc6c93a
YW		 915 if (!arg_output_fields)
916 arg_output_fields = TAKE_PTR(v);
917 else {
cc25a67e
LK		 918 r = strv_extend_strv(&arg_output_fields, v, true);
919 if (r < 0)
920 return log_oom();
921 }
922 break;
923 }
924
eb9da376 925 case '?':
0d43c694 926 return -EINVAL;
eb9da376
LP		 927
928 default:
929 assert_not_reached("Unhandled option");
0d43c694 930 }
0d43c694 931
70af7b8a 932 if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT)
e91af489
LP		 933 arg_lines = 10;
934
0a175093
ZJS		 935 if (!!arg_directory + !!arg_file + !!arg_machine + !!arg_root > 1) {
936 log_error("Please specify at most one of -D/--directory=, --file=, -M/--machine=, --root.");
8d98da3f
ZJS		 937 return -EINVAL;
938 }
939
3ba09ee8 940 if (arg_since_set && arg_until_set && arg_since > arg_until) {
cfbc22ab
LP		 941 log_error("--since= must be before --until=.");
942 return -EINVAL;
943 }
944
248fc619
ZJS		 945 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
946 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
cfbc22ab
LP		 947 return -EINVAL;
948 }
949
d89d6c86
LN		 950 if (arg_follow && arg_reverse) {
951 log_error("Please specify either --reverse= or --follow=, not both.");
952 return -EINVAL;
953 }
954
f98a41c2 955 if (!IN_SET(arg_action, ACTION_SHOW, ACTION_DUMP_CATALOG, ACTION_LIST_CATALOG) && optind < argc) {
0b6b7c20
ZJS		 956 log_error("Extraneous arguments starting with '%s'", argv[optind]);
957 return -EINVAL;
958 }
959
f3bd7561
ZJS		 960 if ((arg_boot || arg_action == ACTION_LIST_BOOTS) && arg_merge) {
961 log_error("Using --boot or --list-boots with --merge is not supported.");
596a2329
JJ		 962 return -EINVAL;
963 }
964
e79d0b59 965 if (!strv_isempty(arg_system_units) && arg_journal_type == SD_JOURNAL_CURRENT_USER) {
52051dd8
LP		 966 /* Specifying --user and --unit= at the same time makes no sense (as the former excludes the user
967 * journal, but the latter excludes the system journal, thus resulting in empty output). Let's be nice
968 * to users, and automatically turn --unit= into --user-unit= if combined with --user. */
969 r = strv_extend_strv(&arg_user_units, arg_system_units, true);
970 if (r < 0)
e50412ef 971 return r;
52051dd8
LP		 972
973 arg_system_units = strv_free(arg_system_units);
974 }
975
61c5f8a1
ZJS		 976#if HAVE_PCRE2
977 if (arg_pattern) {
978 unsigned flags;
979
980 if (arg_case_sensitive >= 0)
981 flags = !arg_case_sensitive * PCRE2_CASELESS;
982 else {
983 _cleanup_(pcre2_match_data_freep) pcre2_match_data *md = NULL;
984 bool has_case;
985 _cleanup_(pcre2_code_freep) pcre2_code *cs = NULL;
986
987 md = pcre2_match_data_create(1, NULL);
988 if (!md)
989 return log_oom();
990
991 r = pattern_compile("[[:upper:]]", 0, &cs);
992 if (r < 0)
993 return r;
994
995 r = pcre2_match(cs, (PCRE2_SPTR8) arg_pattern, PCRE2_ZERO_TERMINATED, 0, 0, md, NULL);
996 has_case = r >= 0;
997
998 flags = !has_case * PCRE2_CASELESS;
999 }
1000
1001 log_debug("Doing case %s matching based on %s",
1002 flags & PCRE2_CASELESS ? "insensitive" : "sensitive",
1003 arg_case_sensitive >= 0 ? "request" : "pattern casing");
1004
1005 r = pattern_compile(arg_pattern, flags, &arg_compiled_pattern);
1006 if (r < 0)
1007 return r;
1008 }
1009#endif
1010
0d43c694
LP		 1011 return 1;
1012}
1013
39f7f5c1 1014static int generate_new_id128(void) {
55ee336c
LP		 1015 sd_id128_t id;
1016 int r;
1017 unsigned i;
1018
1019 r = sd_id128_randomize(&id);
23bbb0de
MS		 1020 if (r < 0)
1021 return log_error_errno(r, "Failed to generate ID: %m");
55ee336c
LP		 1022
1023 printf("As string:\n"
1024 SD_ID128_FORMAT_STR "\n\n"
1025 "As UUID:\n"
1026 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
cc7de2ba 1027 "As man:sd-id128(3) macro:\n"
d489071f 1028 "#define MESSAGE_XYZ SD_ID128_MAKE(",
55ee336c
LP		 1029 SD_ID128_FORMAT_VAL(id),
1030 SD_ID128_FORMAT_VAL(id));
55ee336c
LP		 1031 for (i = 0; i < 16; i++)
1032 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
d489071f 1033 fputs(")\n\n", stdout);
55ee336c 1034
d489071f
ZJS		 1035 printf("As Python constant:\n"
1036 ">>> import uuid\n"
1037 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
1038 SD_ID128_FORMAT_VAL(id));
55ee336c
LP		 1039
1040 return 0;
1041}
1042
a963990f
LP		 1043static int add_matches(sd_journal *j, char **args) {
1044 char **i;
4e602943 1045 bool have_term = false;
59cea26a 1046
a963990f 1047 assert(j);
59cea26a 1048
a963990f 1049 STRV_FOREACH(i, args) {
52aeb63c 1050 int r;
59cea26a 1051
4e602943
ZJS		 1052 if (streq(*i, "+")) {
1053 if (!have_term)
1054 break;
cbdca852 1055 r = sd_journal_add_disjunction(j);
4e602943
ZJS		 1056 have_term = false;
1057
1058 } else if (path_is_absolute(*i)) {
e1873695 1059 _cleanup_free_ char *p = NULL, *t = NULL, *t2 = NULL, *interpreter = NULL;
a963990f 1060 struct stat st;
e5124088 1061
62570f6f 1062 r = chase_symlinks(*i, NULL, CHASE_TRAIL_SLASH, &p);
e1873695
LP		 1063 if (r < 0)
1064 return log_error_errno(r, "Couldn't canonicalize path: %m");
e5124088 1065
e1873695 1066 if (lstat(p, &st) < 0)
4a62c710 1067 return log_error_errno(errno, "Couldn't stat file: %m");
e5124088 1068
68fee104 1069 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
e1873695 1070 if (executable_is_script(p, &interpreter) > 0) {
68fee104
ZJS		 1071 _cleanup_free_ char *comm;
1072
e1873695 1073 comm = strndup(basename(p), 15);
68fee104
ZJS		 1074 if (!comm)
1075 return log_oom();
1076
1077 t = strappend("_COMM=", comm);
795ab08f
MS		 1078 if (!t)
1079 return log_oom();
68fee104
ZJS		 1080
1081 /* Append _EXE only if the interpreter is not a link.
73e231ab 1082 Otherwise, it might be outdated often. */
795ab08f 1083 if (lstat(interpreter, &st) == 0 && !S_ISLNK(st.st_mode)) {
68fee104
ZJS		 1084 t2 = strappend("_EXE=", interpreter);
1085 if (!t2)
1086 return log_oom();
1087 }
795ab08f 1088 } else {
e1873695 1089 t = strappend("_EXE=", p);
795ab08f
MS		 1090 if (!t)
1091 return log_oom();
1092 }
1093
1094 r = sd_journal_add_match(j, t, 0);
1095
1096 if (r >=0 && t2)
1097 r = sd_journal_add_match(j, t2, 0);
1098
1099 } else if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) {
e1873695 1100 r = add_matches_for_device(j, p);
795ab08f
MS		 1101 if (r < 0)
1102 return r;
1103 } else {
fb93cf73 1104 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
a963990f 1105 return -EINVAL;
50940700 1106 }
e5124088 1107
4e602943 1108 have_term = true;
4e602943 1109 } else {
cbdca852 1110 r = sd_journal_add_match(j, *i, 0);
4e602943
ZJS		 1111 have_term = true;
1112 }
e5124088 1113
23bbb0de
MS		 1114 if (r < 0)
1115 return log_error_errno(r, "Failed to add match '%s': %m", *i);
de7b95cd
LP		 1116 }
1117
4e602943
ZJS		 1118 if (!strv_isempty(args) && !have_term) {
1119 log_error("\"+\" can only be used between terms");
1120 return -EINVAL;
1121 }
1122
a963990f
LP		 1123 return 0;
1124}
1125
9530e0d0
LP		 1126static void boot_id_free_all(BootId *l) {
1127
1128 while (l) {
1129 BootId *i = l;
1130 LIST_REMOVE(boot_list, l, i);
1131 free(i);
1132 }
1133}
1134
dc009662
LP		 1135static int discover_next_boot(sd_journal *j,
1136 sd_id128_t previous_boot_id,
1137 bool advance_older,
1138 BootId **ret) {
45bc27b6 1139
45bc27b6 1140 _cleanup_free_ BootId *next_boot = NULL;
dc009662
LP		 1141 char match[9+32+1] = "_BOOT_ID=";
1142 sd_id128_t boot_id;
1143 int r;
ea7061e4
JJ		 1144
1145 assert(j);
dc009662 1146 assert(ret);
596a2329
JJ		 1147
1148 /* We expect the journal to be on the last position of a boot
1149 * (in relation to the direction we are going), so that the next
1150 * invocation of sd_journal_next/previous will be from a different
1151 * boot. We then collect any information we desire and then jump
1152 * to the last location of the new boot by using a _BOOT_ID match
1153 * coming from the other journal direction. */
1154
1155 /* Make sure we aren't restricted by any _BOOT_ID matches, so that
1156 * we can actually advance to a *different* boot. */
1157 sd_journal_flush_matches(j);
1158
dc009662
LP		 1159 do {
1160 if (advance_older)
1161 r = sd_journal_previous(j);
1162 else
1163 r = sd_journal_next(j);
1164 if (r < 0)
1165 return r;
1166 else if (r == 0)
1167 return 0; /* End of journal, yay. */
1168
1169 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1170 if (r < 0)
1171 return r;
1172
1173 /* We iterate through this in a loop, until the boot ID differs from the previous one. Note that
1174 * normally, this will only require a single iteration, as we seeked to the last entry of the previous
1175 * boot entry already. However, it might happen that the per-journal-field entry arrays are less
1176 * complete than the main entry array, and hence might reference an entry that's not actually the last
1177 * one of the boot ID as last one. Let's hence use the per-field array is initial seek position to
1178 * speed things up, but let's not trust that it is complete, and hence, manually advance as
1179 * necessary. */
1180
1181 } while (sd_id128_equal(boot_id, previous_boot_id));
596a2329 1182
45bc27b6 1183 next_boot = new0(BootId, 1);
596a2329 1184 if (!next_boot)
b56d608e 1185 return -ENOMEM;
f1188074 1186
dc009662 1187 next_boot->id = boot_id;
f1188074 1188
d1bf9dc9
LP		 1189 r = sd_journal_get_realtime_usec(j, &next_boot->first);
1190 if (r < 0)
1191 return r;
ea7061e4 1192
596a2329
JJ		 1193 /* Now seek to the last occurrence of this boot ID. */
1194 sd_id128_to_string(next_boot->id, match + 9);
1195 r = sd_journal_add_match(j, match, sizeof(match) - 1);
1196 if (r < 0)
1197 return r;
f1188074 1198
596a2329
JJ		 1199 if (advance_older)
1200 r = sd_journal_seek_head(j);
1201 else
1202 r = sd_journal_seek_tail(j);
1203 if (r < 0)
1204 return r;
f1188074 1205
596a2329
JJ		 1206 if (advance_older)
1207 r = sd_journal_next(j);
1208 else
1209 r = sd_journal_previous(j);
1210 if (r < 0)
1211 return r;
202fd896
LP		 1212 else if (r == 0) {
1213 log_debug("Whoopsie! We found a boot ID but can't read its last entry.");
596a2329 1214 return -ENODATA; /* This shouldn't happen. We just came from this very boot ID. */
202fd896 1215 }
f1188074 1216
d1bf9dc9
LP		 1217 r = sd_journal_get_realtime_usec(j, &next_boot->last);
1218 if (r < 0)
1219 return r;
596a2329 1220
1cc6c93a 1221 *ret = TAKE_PTR(next_boot);
9530e0d0 1222
596a2329
JJ		 1223 return 0;
1224}
1225
45bc27b6
LP		 1226static int get_boots(
1227 sd_journal *j,
1228 BootId **boots,
07ff6b08
ZJS		 1229 sd_id128_t *boot_id,
1230 int offset) {
45bc27b6 1231
596a2329
JJ		 1232 bool skip_once;
1233 int r, count = 0;
ec02a6c9 1234 BootId *head = NULL, *tail = NULL, *id;
07ff6b08 1235 const bool advance_older = boot_id && offset <= 0;
dc009662 1236 sd_id128_t previous_boot_id;
596a2329
JJ		 1237
1238 assert(j);
f1188074 1239
596a2329
JJ		 1240 /* Adjust for the asymmetry that offset 0 is
1241 * the last (and current) boot, while 1 is considered the
1242 * (chronological) first boot in the journal. */
592855c3 1243 skip_once = boot_id && sd_id128_is_null(*boot_id) && offset <= 0;
596a2329
JJ		 1244
1245 /* Advance to the earliest/latest occurrence of our reference
1246 * boot ID (taking our lookup direction into account), so that
1247 * discover_next_boot() can do its job.
1248 * If no reference is given, the journal head/tail will do,
1249 * they're "virtual" boots after all. */
07ff6b08 1250 if (boot_id && !sd_id128_is_null(*boot_id)) {
596a2329
JJ		 1251 char match[9+32+1] = "_BOOT_ID=";
1252
1253 sd_journal_flush_matches(j);
1254
07ff6b08 1255 sd_id128_to_string(*boot_id, match + 9);
596a2329 1256 r = sd_journal_add_match(j, match, sizeof(match) - 1);
f1188074
ZJS		 1257 if (r < 0)
1258 return r;
1259
596a2329 1260 if (advance_older)
c4fbc6b6 1261 r = sd_journal_seek_head(j); /* seek to oldest */
596a2329 1262 else
c4fbc6b6 1263 r = sd_journal_seek_tail(j); /* seek to newest */
f1188074
ZJS		 1264 if (r < 0)
1265 return r;
1266
596a2329 1267 if (advance_older)
c4fbc6b6 1268 r = sd_journal_next(j); /* read the oldest entry */
596a2329 1269 else
c4fbc6b6 1270 r = sd_journal_previous(j); /* read the most recently added entry */
f1188074
ZJS		 1271 if (r < 0)
1272 return r;
1273 else if (r == 0)
596a2329 1274 goto finish;
07ff6b08 1275 else if (offset == 0) {
596a2329
JJ		 1276 count = 1;
1277 goto finish;
1278 }
c4fbc6b6
LP		 1279
1280 /* At this point the read pointer is positioned at the oldest/newest occurence of the reference boot
1281 * ID. After flushing the matches, one more invocation of _previous()/_next() will hence place us at
1282 * the following entry, which must then have an older/newer boot ID */
596a2329 1283 } else {
c4fbc6b6 1284
596a2329 1285 if (advance_older)
c4fbc6b6 1286 r = sd_journal_seek_tail(j); /* seek to newest */
596a2329 1287 else
c4fbc6b6 1288 r = sd_journal_seek_head(j); /* seek to oldest */
f1188074
ZJS		 1289 if (r < 0)
1290 return r;
1291
c4fbc6b6
LP		 1292 /* No sd_journal_next()/_previous() here.
1293 *
1294 * At this point the read pointer is positioned after the newest/before the oldest entry in the whole
1295 * journal. The next invocation of _previous()/_next() will hence position us at the newest/oldest
1296 * entry we have. */
596a2329 1297 }
f1188074 1298
dc009662 1299 previous_boot_id = SD_ID128_NULL;
45bc27b6
LP		 1300 for (;;) {
1301 _cleanup_free_ BootId *current = NULL;
f1188074 1302
dc009662 1303 r = discover_next_boot(j, previous_boot_id, advance_older, &current);
596a2329 1304 if (r < 0) {
9530e0d0 1305 boot_id_free_all(head);
596a2329 1306 return r;
ea7061e4 1307 }
f1188074 1308
596a2329
JJ		 1309 if (!current)
1310 break;
1311
dc009662
LP		 1312 previous_boot_id = current->id;
1313
07ff6b08 1314 if (boot_id) {
596a2329 1315 if (!skip_once)
07ff6b08 1316 offset += advance_older ? 1 : -1;
596a2329
JJ		 1317 skip_once = false;
1318
07ff6b08 1319 if (offset == 0) {
596a2329 1320 count = 1;
07ff6b08 1321 *boot_id = current->id;
596a2329
JJ		 1322 break;
1323 }
1324 } else {
ec02a6c9
HK		 1325 LIST_FOREACH(boot_list, id, head) {
1326 if (sd_id128_equal(id->id, current->id)) {
1327 /* boot id already stored, something wrong with the journal files */
1328 /* exiting as otherwise this problem would cause forever loop */
1329 goto finish;
1330 }
1331 }
596a2329 1332 LIST_INSERT_AFTER(boot_list, head, tail, current);
1cc6c93a 1333 tail = TAKE_PTR(current);
596a2329
JJ		 1334 count++;
1335 }
f1188074
ZJS		 1336 }
1337
596a2329
JJ		 1338finish:
1339 if (boots)
1340 *boots = head;
1341
1342 sd_journal_flush_matches(j);
1343
1344 return count;
ea7061e4
JJ		 1345}
1346
1347static int list_boots(sd_journal *j) {
596a2329 1348 int w, i, count;
9530e0d0 1349 BootId *id, *all_ids;
ea7061e4
JJ		 1350
1351 assert(j);
1352
596a2329 1353 count = get_boots(j, &all_ids, NULL, 0);
b56d608e
LP		 1354 if (count < 0)
1355 return log_error_errno(count, "Failed to determine boots: %m");
1356 if (count == 0)
596a2329 1357 return count;
ea7061e4 1358
ee5324aa 1359 (void) pager_open(arg_no_pager, arg_pager_end);
f1188074
ZJS		 1360
1361 /* numbers are one less, but we need an extra char for the sign */
1362 w = DECIMAL_STR_WIDTH(count - 1) + 1;
1363
596a2329 1364 i = 0;
9530e0d0 1365 LIST_FOREACH(boot_list, id, all_ids) {
f1188074
ZJS		 1366 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
1367
1368 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
1369 w, i - count + 1,
1370 SD_ID128_FORMAT_VAL(id->id),
5ab99e07
LP		 1371 format_timestamp_maybe_utc(a, sizeof(a), id->first),
1372 format_timestamp_maybe_utc(b, sizeof(b), id->last));
596a2329 1373 i++;
d121b396 1374 }
a963990f 1375
9530e0d0
LP		 1376 boot_id_free_all(all_ids);
1377
a331b5e6
JJ		 1378 return 0;
1379}
1380
1381static int add_boot(sd_journal *j) {
1382 char match[9+32+1] = "_BOOT_ID=";
07ff6b08 1383 sd_id128_t boot_id;
442e2def 1384 int r;
a331b5e6
JJ		 1385
1386 assert(j);
1387
d121b396 1388 if (!arg_boot)
a331b5e6
JJ		 1389 return 0;
1390
592855c3
ZJS		 1391 /* Take a shortcut and use the current boot_id, which we can do very quickly.
1392 * We can do this only when we logs are coming from the current machine,
1393 * so take the slow path if log location is specified. */
3bbaff3e 1394 if (arg_boot_offset == 0 && sd_id128_is_null(arg_boot_id) &&
0a175093 1395 !arg_directory && !arg_file && !arg_root)
592855c3 1396
b6741478 1397 return add_match_this_boot(j, arg_machine);
a331b5e6 1398
07ff6b08
ZJS		 1399 boot_id = arg_boot_id;
1400 r = get_boots(j, NULL, &boot_id, arg_boot_offset);
596a2329
JJ		 1401 assert(r <= 1);
1402 if (r <= 0) {
1403 const char *reason = (r == 0) ? "No such boot ID in journal" : strerror(-r);
1404
1405 if (sd_id128_is_null(arg_boot_id))
c34e9399
JS		 1406 log_error("Data from the specified boot (%+i) is not available: %s",
1407 arg_boot_offset, reason);
d121b396 1408 else
c34e9399
JS		 1409 log_error("Data from the specified boot ("SD_ID128_FORMAT_STR") is not available: %s",
1410 SD_ID128_FORMAT_VAL(arg_boot_id), reason);
596a2329
JJ		 1411
1412 return r == 0 ? -ENODATA : r;
a331b5e6
JJ		 1413 }
1414
07ff6b08 1415 sd_id128_to_string(boot_id, match + 9);
d121b396
ZJS		 1416
1417 r = sd_journal_add_match(j, match, sizeof(match) - 1);
23bbb0de
MS		 1418 if (r < 0)
1419 return log_error_errno(r, "Failed to add match: %m");
a331b5e6
JJ		 1420
1421 r = sd_journal_add_conjunction(j);
1422 if (r < 0)
b56d608e 1423 return log_error_errno(r, "Failed to add conjunction: %m");
a331b5e6
JJ		 1424
1425 return 0;
a963990f
LP		 1426}
1427
99271804
ZJS		 1428static int add_dmesg(sd_journal *j) {
1429 int r;
1430 assert(j);
1431
1432 if (!arg_dmesg)
1433 return 0;
1434
fbd0b64f
LP		 1435 r = sd_journal_add_match(j, "_TRANSPORT=kernel",
1436 STRLEN("_TRANSPORT=kernel"));
23bbb0de
MS		 1437 if (r < 0)
1438 return log_error_errno(r, "Failed to add match: %m");
99271804
ZJS		 1439
1440 r = sd_journal_add_conjunction(j);
1441 if (r < 0)
b56d608e 1442 return log_error_errno(r, "Failed to add conjunction: %m");
99271804
ZJS		 1443
1444 return 0;
1445}
1446
b56d608e
LP		 1447static int get_possible_units(
1448 sd_journal *j,
1449 const char *fields,
1450 char **patterns,
1451 Set **units) {
1452
ea18a4b5
ZJS		 1453 _cleanup_set_free_free_ Set *found;
1454 const char *field;
c3f60ec5 1455 int r;
ea18a4b5 1456
d5099efc 1457 found = set_new(&string_hash_ops);
ea18a4b5 1458 if (!found)
b56d608e 1459 return -ENOMEM;
ea18a4b5
ZJS		 1460
1461 NULSTR_FOREACH(field, fields) {
1462 const void *data;
1463 size_t size;
1464
1465 r = sd_journal_query_unique(j, field);
1466 if (r < 0)
1467 return r;
1468
1469 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1470 char **pattern, *eq;
1471 size_t prefix;
1472 _cleanup_free_ char *u = NULL;
1473
1474 eq = memchr(data, '=', size);
1475 if (eq)
1476 prefix = eq - (char*) data + 1;
1477 else
1478 prefix = 0;
1479
1480 u = strndup((char*) data + prefix, size - prefix);
1481 if (!u)
b56d608e 1482 return -ENOMEM;
ea18a4b5
ZJS		 1483
1484 STRV_FOREACH(pattern, patterns)
1485 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1486 log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1487
1488 r = set_consume(found, u);
1489 u = NULL;
1490 if (r < 0 && r != -EEXIST)
1491 return r;
1492
1493 break;
1494 }
1495 }
1496 }
1497
1cc6c93a
YW		 1498 *units = TAKE_PTR(found);
1499
ea18a4b5
ZJS		 1500 return 0;
1501}
1502
1503/* This list is supposed to return the superset of unit names
1504 * possibly matched by rules added with add_matches_for_unit... */
1505#define SYSTEM_UNITS \
1506 "_SYSTEMD_UNIT\0" \
1507 "COREDUMP_UNIT\0" \
1508 "UNIT\0" \
1509 "OBJECT_SYSTEMD_UNIT\0" \
1510 "_SYSTEMD_SLICE\0"
1511
1512/* ... and add_matches_for_user_unit */
1513#define USER_UNITS \
1514 "_SYSTEMD_USER_UNIT\0" \
1515 "USER_UNIT\0" \
1516 "COREDUMP_USER_UNIT\0" \
1517 "OBJECT_SYSTEMD_USER_UNIT\0"
1518
1519static int add_units(sd_journal *j) {
1520 _cleanup_strv_free_ char **patterns = NULL;
1521 int r, count = 0;
b9e40524 1522 char **i;
c3f60ec5
LP		 1523
1524 assert(j);
1525
b9e40524 1526 STRV_FOREACH(i, arg_system_units) {
ea18a4b5
ZJS		 1527 _cleanup_free_ char *u = NULL;
1528
37cbc1d5 1529 r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
7410616c
LP		 1530 if (r < 0)
1531 return r;
ea18a4b5
ZJS		 1532
1533 if (string_is_glob(u)) {
1534 r = strv_push(&patterns, u);
1535 if (r < 0)
1536 return r;
1537 u = NULL;
1538 } else {
1539 r = add_matches_for_unit(j, u);
1540 if (r < 0)
1541 return r;
1542 r = sd_journal_add_disjunction(j);
1543 if (r < 0)
1544 return r;
313cefa1 1545 count++;
ea18a4b5
ZJS		 1546 }
1547 }
1548
1549 if (!strv_isempty(patterns)) {
1550 _cleanup_set_free_free_ Set *units = NULL;
1551 Iterator it;
1552 char *u;
1553
1554 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
b9e40524
HH		 1555 if (r < 0)
1556 return r;
ea18a4b5
ZJS		 1557
1558 SET_FOREACH(u, units, it) {
1559 r = add_matches_for_unit(j, u);
1560 if (r < 0)
1561 return r;
1562 r = sd_journal_add_disjunction(j);
1563 if (r < 0)
1564 return r;
313cefa1 1565 count++;
ea18a4b5 1566 }
b9e40524 1567 }
c3f60ec5 1568
97b11eed 1569 patterns = strv_free(patterns);
ea18a4b5 1570
b9e40524 1571 STRV_FOREACH(i, arg_user_units) {
ea18a4b5
ZJS		 1572 _cleanup_free_ char *u = NULL;
1573
37cbc1d5 1574 r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
7410616c
LP		 1575 if (r < 0)
1576 return r;
c3f60ec5 1577
ea18a4b5
ZJS		 1578 if (string_is_glob(u)) {
1579 r = strv_push(&patterns, u);
1580 if (r < 0)
1581 return r;
1582 u = NULL;
1583 } else {
1584 r = add_matches_for_user_unit(j, u, getuid());
1585 if (r < 0)
1586 return r;
1587 r = sd_journal_add_disjunction(j);
1588 if (r < 0)
1589 return r;
313cefa1 1590 count++;
ea18a4b5
ZJS		 1591 }
1592 }
1593
1594 if (!strv_isempty(patterns)) {
1595 _cleanup_set_free_free_ Set *units = NULL;
1596 Iterator it;
1597 char *u;
b9e40524 1598
ea18a4b5 1599 r = get_possible_units(j, USER_UNITS, patterns, &units);
b9e40524
HH		 1600 if (r < 0)
1601 return r;
1602
ea18a4b5
ZJS		 1603 SET_FOREACH(u, units, it) {
1604 r = add_matches_for_user_unit(j, u, getuid());
1605 if (r < 0)
1606 return r;
1607 r = sd_journal_add_disjunction(j);
1608 if (r < 0)
1609 return r;
313cefa1 1610 count++;
ea18a4b5 1611 }
b9e40524 1612 }
c3f60ec5 1613
ea18a4b5
ZJS		 1614 /* Complain if the user request matches but nothing whatsoever was
1615 * found, since otherwise everything would be matched. */
1616 if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1617 return -ENODATA;
1618
cd34b3c6
HH		 1619 r = sd_journal_add_conjunction(j);
1620 if (r < 0)
1621 return r;
1622
c3f60ec5
LP		 1623 return 0;
1624}
1625
941e990d
LP		 1626static int add_priorities(sd_journal *j) {
1627 char match[] = "PRIORITY=0";
1628 int i, r;
941e990d
LP		 1629 assert(j);
1630
1631 if (arg_priorities == 0xFF)
1632 return 0;
1633
1634 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1635 if (arg_priorities & (1 << i)) {
1636 match[sizeof(match)-2] = '0' + i;
1637
941e990d 1638 r = sd_journal_add_match(j, match, strlen(match));
23bbb0de
MS		 1639 if (r < 0)
1640 return log_error_errno(r, "Failed to add match: %m");
941e990d
LP		 1641 }
1642
cd34b3c6
HH		 1643 r = sd_journal_add_conjunction(j);
1644 if (r < 0)
b56d608e 1645 return log_error_errno(r, "Failed to add conjunction: %m");
cd34b3c6 1646
941e990d
LP		 1647 return 0;
1648}
1649
73083640
HH		 1650static int add_syslog_identifier(sd_journal *j) {
1651 int r;
1652 char **i;
1653
1654 assert(j);
1655
1656 STRV_FOREACH(i, arg_syslog_identifier) {
1657 char *u;
1658
63c372cb 1659 u = strjoina("SYSLOG_IDENTIFIER=", *i);
73083640
HH		 1660 r = sd_journal_add_match(j, u, 0);
1661 if (r < 0)
1662 return r;
1663 r = sd_journal_add_disjunction(j);
1664 if (r < 0)
1665 return r;
1666 }
1667
1668 r = sd_journal_add_conjunction(j);
1669 if (r < 0)
1670 return r;
1671
1672 return 0;
1673}
1674
7560fffc 1675static int setup_keys(void) {
349cc4a5 1676#if HAVE_GCRYPT
7560fffc
LP		 1677 size_t mpk_size, seed_size, state_size, i;
1678 uint8_t *mpk, *seed, *state;
11689d2a 1679 int fd = -1, r;
7560fffc
LP		 1680 sd_id128_t machine, boot;
1681 char *p = NULL, *k = NULL;
baed47c3 1682 struct FSSHeader h;
14d10188 1683 uint64_t n;
b98e3866
SL		 1684 struct stat st;
1685
1686 r = stat("/var/log/journal", &st);
4c701096 1687 if (r < 0 && !IN_SET(errno, ENOENT, ENOTDIR))
4a62c710 1688 return log_error_errno(errno, "stat(\"%s\") failed: %m", "/var/log/journal");
b98e3866
SL		 1689
1690 if (r < 0 || !S_ISDIR(st.st_mode)) {
1691 log_error("%s is not a directory, must be using persistent logging for FSS.",
1692 "/var/log/journal");
1693 return r < 0 ? -errno : -ENOTDIR;
1694 }
7560fffc
LP		 1695
1696 r = sd_id128_get_machine(&machine);
23bbb0de
MS		 1697 if (r < 0)
1698 return log_error_errno(r, "Failed to get machine ID: %m");
7560fffc
LP		 1699
1700 r = sd_id128_get_boot(&boot);
23bbb0de
MS		 1701 if (r < 0)
1702 return log_error_errno(r, "Failed to get boot ID: %m");
7560fffc 1703
baed47c3 1704 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
7560fffc
LP		 1705 SD_ID128_FORMAT_VAL(machine)) < 0)
1706 return log_oom();
1707
faf9da01
ZJS		 1708 if (arg_force) {
1709 r = unlink(p);
1710 if (r < 0 && errno != ENOENT) {
1711 r = log_error_errno(errno, "unlink(\"%s\") failed: %m", p);
b8547c10
SL		 1712 goto finish;
1713 }
faf9da01
ZJS		 1714 } else if (access(p, F_OK) >= 0) {
1715 log_error("Sealing key file %s exists already. Use --force to recreate.", p);
1716 r = -EEXIST;
1717 goto finish;
7560fffc
LP		 1718 }
1719
baed47c3 1720 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
7560fffc
LP		 1721 SD_ID128_FORMAT_VAL(machine)) < 0) {
1722 r = log_oom();
1723 goto finish;
1724 }
1725
1726 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1727 mpk = alloca(mpk_size);
1728
1729 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1730 seed = alloca(seed_size);
1731
1732 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1733 state = alloca(state_size);
1734
1735 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1736 if (fd < 0) {
76ef789d 1737 r = log_error_errno(errno, "Failed to open /dev/random: %m");
7560fffc
LP		 1738 goto finish;
1739 }
1740
1741 log_info("Generating seed...");
a6dcc7e5
ZJS		 1742 r = loop_read_exact(fd, seed, seed_size, true);
1743 if (r < 0) {
1744 log_error_errno(r, "Failed to read random seed: %m");
7560fffc
LP		 1745 goto finish;
1746 }
1747
1748 log_info("Generating key pair...");
1749 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1750
baed47c3 1751 log_info("Generating sealing key...");
7560fffc
LP		 1752 FSPRG_GenState0(state, mpk, seed, seed_size);
1753
baed47c3
LP		 1754 assert(arg_interval > 0);
1755
7560fffc 1756 n = now(CLOCK_REALTIME);
baed47c3 1757 n /= arg_interval;
7560fffc 1758
03e334a1 1759 safe_close(fd);
646853bd 1760 fd = mkostemp_safe(k);
7560fffc 1761 if (fd < 0) {
709f6e46 1762 r = log_error_errno(fd, "Failed to open %s: %m", k);
7560fffc
LP		 1763 goto finish;
1764 }
1765
f982e6f7
LP		 1766 /* Enable secure remove, exclusion from dump, synchronous
1767 * writing and in-place updating */
1ed8f8c1 1768 r = chattr_fd(fd, FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL, FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL);
11689d2a 1769 if (r < 0)
709f6e46 1770 log_warning_errno(r, "Failed to set file attributes: %m");
f982e6f7 1771
7560fffc
LP		 1772 zero(h);
1773 memcpy(h.signature, "KSHHRHLP", 8);
1774 h.machine_id = machine;
1775 h.boot_id = boot;
1776 h.header_size = htole64(sizeof(h));
baed47c3
LP		 1777 h.start_usec = htole64(n * arg_interval);
1778 h.interval_usec = htole64(arg_interval);
1779 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1780 h.fsprg_state_size = htole64(state_size);
7560fffc 1781
553acb7b
ZJS		 1782 r = loop_write(fd, &h, sizeof(h), false);
1783 if (r < 0) {
1784 log_error_errno(r, "Failed to write header: %m");
7560fffc
LP		 1785 goto finish;
1786 }
1787
553acb7b
ZJS		 1788 r = loop_write(fd, state, state_size, false);
1789 if (r < 0) {
1790 log_error_errno(r, "Failed to write state: %m");
7560fffc
LP		 1791 goto finish;
1792 }
1793
1794 if (link(k, p) < 0) {
76ef789d 1795 r = log_error_errno(errno, "Failed to link file: %m");
7560fffc
LP		 1796 goto finish;
1797 }
1798
8481248b 1799 if (on_tty()) {
7560fffc
LP		 1800 fprintf(stderr,
1801 "\n"
54f8c958 1802 "The new key pair has been generated. The %ssecret sealing key%s has been written to\n"
c05276f2
LP		 1803 "the following local file. This key file is automatically updated when the\n"
1804 "sealing key is advanced. It should not be used on multiple hosts.\n"
7560fffc
LP		 1805 "\n"
1806 "\t%s\n"
1807 "\n"
54f8c958 1808 "Please write down the following %ssecret verification key%s. It should be stored\n"
baed47c3 1809 "at a safe location and should not be saved locally on disk.\n"
54f8c958
LP		 1810 "\n\t%s",
1811 ansi_highlight(), ansi_normal(),
9ea78383 1812 p,
54f8c958 1813 ansi_highlight(), ansi_normal(),
9ea78383 1814 ansi_highlight_red());
7560fffc
LP		 1815 fflush(stderr);
1816 }
1817 for (i = 0; i < seed_size; i++) {
1818 if (i > 0 && i % 3 == 0)
1819 putchar('-');
1820 printf("%02x", ((uint8_t*) seed)[i]);
1821 }
1822
baed47c3
LP		 1823 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1824
8481248b 1825 if (on_tty()) {
f6a971bc 1826 char tsb[FORMAT_TIMESPAN_MAX], *hn;
7560fffc 1827
baed47c3 1828 fprintf(stderr,
54f8c958 1829 "%s\n"
baed47c3 1830 "The sealing key is automatically changed every %s.\n",
54f8c958 1831 ansi_normal(),
2fa4092c 1832 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
f6a971bc
LP		 1833
1834 hn = gethostname_malloc();
1835
1836 if (hn) {
ae691c1d 1837 hostname_cleanup(hn);
adac1c93 1838 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
f6a971bc 1839 } else
adac1c93 1840 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
f6a971bc 1841
349cc4a5 1842#if HAVE_QRENCODE
cf5a3432 1843 /* If this is not an UTF-8 system don't print any QR codes */
09017585 1844 if (is_locale_utf8()) {
cf5a3432
LP		 1845 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1846 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1847 }
f6a971bc
LP		 1848#endif
1849 free(hn);
baed47c3 1850 }
7560fffc
LP		 1851
1852 r = 0;
1853
1854finish:
03e334a1 1855 safe_close(fd);
7560fffc
LP		 1856
1857 if (k) {
1858 unlink(k);
1859 free(k);
1860 }
1861
1862 free(p);
1863
1864 return r;
1865#else
feb12d3e 1866 log_error("Forward-secure sealing not available.");
15411c0c 1867 return -EOPNOTSUPP;
7560fffc
LP		 1868#endif
1869}
1870
beec0085
LP		 1871static int verify(sd_journal *j) {
1872 int r = 0;
1873 Iterator i;
1874 JournalFile *f;
1875
1876 assert(j);
1877
cedb42bb
LP		 1878 log_show_color(true);
1879
c1f906bd 1880 ORDERED_HASHMAP_FOREACH(f, j->files, i) {
beec0085 1881 int k;
a7f7d1bd 1882 usec_t first = 0, validated = 0, last = 0;
beec0085 1883
349cc4a5 1884#if HAVE_GCRYPT
feb12d3e 1885 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
cedb42bb 1886 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
56e81f7c 1887#endif
4da416aa 1888
2a7b539a 1889 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
56e81f7c 1890 if (k == -EINVAL) {
baed47c3 1891 /* If the key was invalid give up right-away. */
56e81f7c
LP		 1892 return k;
1893 } else if (k < 0) {
e53fc357 1894 log_warning_errno(k, "FAIL: %s (%m)", f->path);
56e81f7c 1895 r = k;
6c7be122
LP		 1896 } else {
1897 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
beec0085 1898 log_info("PASS: %s", f->path);
6c7be122 1899
c0ca7aee 1900 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
2a7b539a 1901 if (validated > 0) {
c0ca7aee 1902 log_info("=> Validated from %s to %s, final %s entries not sealed.",
5ab99e07
LP		 1903 format_timestamp_maybe_utc(a, sizeof(a), first),
1904 format_timestamp_maybe_utc(b, sizeof(b), validated),
2fa4092c 1905 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
2a7b539a 1906 } else if (last > 0)
c0ca7aee 1907 log_info("=> No sealing yet, %s of entries not sealed.",
2fa4092c 1908 format_timespan(c, sizeof(c), last - first, 0));
c0ca7aee
LP		 1909 else
1910 log_info("=> No sealing yet, no entries in file.");
1911 }
6c7be122 1912 }
beec0085
LP		 1913 }
1914
1915 return r;
1916}
1917
74055aa7 1918static int flush_to_var(void) {
4afd3348
LP		 1919 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1920 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
74055aa7
LP		 1921 _cleanup_close_ int watch_fd = -1;
1922 int r;
1923
176ee07b
LP		 1924 if (arg_machine) {
1925 log_error("--flush is not supported in conjunction with --machine=.");
1926 return -EOPNOTSUPP;
1927 }
1928
74055aa7
LP		 1929 /* Quick exit */
1930 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1931 return 0;
1932
1933 /* OK, let's actually do the full logic, send SIGUSR1 to the
1934 * daemon and set up inotify to wait for the flushed file to appear */
266f3e26 1935 r = bus_connect_system_systemd(&bus);
23bbb0de
MS		 1936 if (r < 0)
1937 return log_error_errno(r, "Failed to get D-Bus connection: %m");
74055aa7
LP		 1938
1939 r = sd_bus_call_method(
1940 bus,
1941 "org.freedesktop.systemd1",
1942 "/org/freedesktop/systemd1",
1943 "org.freedesktop.systemd1.Manager",
1944 "KillUnit",
1945 &error,
1946 NULL,
1947 "ssi", "systemd-journald.service", "main", SIGUSR1);
94b65516
LP		 1948 if (r < 0)
1949 return log_error_errno(r, "Failed to kill journal service: %s", bus_error_message(&error, r));
74055aa7
LP		 1950
1951 mkdir_p("/run/systemd/journal", 0755);
1952
1953 watch_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
4a62c710
MS		 1954 if (watch_fd < 0)
1955 return log_error_errno(errno, "Failed to create inotify watch: %m");
74055aa7
LP		 1956
1957 r = inotify_add_watch(watch_fd, "/run/systemd/journal", IN_CREATE|IN_DONT_FOLLOW|IN_ONLYDIR);
4a62c710
MS		 1958 if (r < 0)
1959 return log_error_errno(errno, "Failed to watch journal directory: %m");
74055aa7
LP		 1960
1961 for (;;) {
1962 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1963 break;
1964
4a62c710 1965 if (errno != ENOENT)
f131770b 1966 return log_error_errno(errno, "Failed to check for existence of /run/systemd/journal/flushed: %m");
74055aa7
LP		 1967
1968 r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY);
23bbb0de
MS		 1969 if (r < 0)
1970 return log_error_errno(r, "Failed to wait for event: %m");
74055aa7
LP		 1971
1972 r = flush_fd(watch_fd);
23bbb0de
MS		 1973 if (r < 0)
1974 return log_error_errno(r, "Failed to flush inotify events: %m");
74055aa7
LP		 1975 }
1976
1977 return 0;
1978}
1979
dbd6e31c 1980static int send_signal_and_wait(int sig, const char *watch_path) {
4afd3348 1981 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
94b65516
LP		 1982 _cleanup_close_ int watch_fd = -1;
1983 usec_t start;
1984 int r;
1985
176ee07b
LP		 1986 if (arg_machine) {
1987 log_error("--sync and --rotate are not supported in conjunction with --machine=.");
1988 return -EOPNOTSUPP;
1989 }
1990
33d52ab9 1991 start = now(CLOCK_MONOTONIC);
94b65516 1992
dbd6e31c
LP		 1993 /* This call sends the specified signal to journald, and waits
1994 * for acknowledgment by watching the mtime of the specified
1995 * flag file. This is used to trigger syncing or rotation and
1996 * then wait for the operation to complete. */
94b65516
LP		 1997
1998 for (;;) {
33d52ab9 1999 usec_t tstamp;
94b65516
LP		 2000
2001 /* See if a sync happened by now. */
33d52ab9
LP		 2002 r = read_timestamp_file(watch_path, &tstamp);
2003 if (r < 0 && r != -ENOENT)
2004 return log_error_errno(errno, "Failed to read %s: %m", watch_path);
2005 if (r >= 0 && tstamp >= start)
2006 return 0;
94b65516
LP		 2007
2008 /* Let's ask for a sync, but only once. */
2009 if (!bus) {
4afd3348 2010 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
94b65516
LP		 2011
2012 r = bus_connect_system_systemd(&bus);
2013 if (r < 0)
2014 return log_error_errno(r, "Failed to get D-Bus connection: %m");
2015
2016 r = sd_bus_call_method(
2017 bus,
2018 "org.freedesktop.systemd1",
2019 "/org/freedesktop/systemd1",
2020 "org.freedesktop.systemd1.Manager",
2021 "KillUnit",
2022 &error,
2023 NULL,
dbd6e31c 2024 "ssi", "systemd-journald.service", "main", sig);
94b65516
LP		 2025 if (r < 0)
2026 return log_error_errno(r, "Failed to kill journal service: %s", bus_error_message(&error, r));
2027
2028 continue;
2029 }
2030
2031 /* Let's install the inotify watch, if we didn't do that yet. */
2032 if (watch_fd < 0) {
2033
2034 mkdir_p("/run/systemd/journal", 0755);
2035
2036 watch_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
2037 if (watch_fd < 0)
2038 return log_error_errno(errno, "Failed to create inotify watch: %m");
2039
33d52ab9 2040 r = inotify_add_watch(watch_fd, "/run/systemd/journal", IN_MOVED_TO|IN_DONT_FOLLOW|IN_ONLYDIR);
94b65516
LP		 2041 if (r < 0)
2042 return log_error_errno(errno, "Failed to watch journal directory: %m");
2043
2044 /* Recheck the flag file immediately, so that we don't miss any event since the last check. */
2045 continue;
2046 }
2047
2048 /* OK, all preparatory steps done, let's wait until
2049 * inotify reports an event. */
2050
2051 r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY);
2052 if (r < 0)
2053 return log_error_errno(r, "Failed to wait for event: %m");
2054
2055 r = flush_fd(watch_fd);
2056 if (r < 0)
2057 return log_error_errno(r, "Failed to flush inotify events: %m");
2058 }
2059
2060 return 0;
2061}
2062
dbd6e31c
LP		 2063static int rotate(void) {
2064 return send_signal_and_wait(SIGUSR2, "/run/systemd/journal/rotated");
2065}
2066
2067static int sync_journal(void) {
2068 return send_signal_and_wait(SIGRTMIN+1, "/run/systemd/journal/synced");
2069}
2070
a963990f
LP		 2071int main(int argc, char *argv[]) {
2072 int r;
4afd3348 2073 _cleanup_(sd_journal_closep) sd_journal *j = NULL;
a963990f 2074 bool need_seek = false;
14a65d65 2075 sd_id128_t previous_boot_id;
67e04a48
ZJS		 2076 bool previous_boot_id_valid = false, first_line = true;
2077 int n_shown = 0;
94e0bd7d 2078 bool ellipsized = false;
a963990f 2079
a9cdc94f 2080 setlocale(LC_ALL, "");
a963990f
LP		 2081 log_parse_environment();
2082 log_open();
2083
2084 r = parse_argv(argc, argv);
2085 if (r <= 0)
2086 goto finish;
2087
ed757c0c 2088 signal(SIGWINCH, columns_lines_cache_reset);
2cf4172a 2089 sigbus_install();
ed757c0c 2090
de45d726
LP		 2091 /* Increase max number of open files to 16K if we can, we
2092 * might needs this when browsing journal files, which might
2093 * be split up into many files. */
2094 setrlimit_closest(RLIMIT_NOFILE, &RLIMIT_MAKE_CONST(16384));
2095
a020b3b3 2096 switch (arg_action) {
94b65516 2097
a020b3b3
LP		 2098 case ACTION_NEW_ID128:
2099 r = generate_new_id128();
e3fdfb49 2100 goto finish;
e3fdfb49 2101
a020b3b3 2102 case ACTION_SETUP_KEYS:
7560fffc
LP		 2103 r = setup_keys();
2104 goto finish;
844ec79b 2105
a020b3b3
LP		 2106 case ACTION_LIST_CATALOG:
2107 case ACTION_DUMP_CATALOG:
2108 case ACTION_UPDATE_CATALOG: {
0c6ea3a4
ZJS		 2109 _cleanup_free_ char *database;
2110
2111 database = path_join(arg_root, CATALOG_DATABASE, NULL);
2112 if (!database) {
2113 r = log_oom();
2114 goto finish;
13cbf3a5
ZJS		 2115 }
2116
844ec79b 2117 if (arg_action == ACTION_UPDATE_CATALOG) {
13cbf3a5 2118 r = catalog_update(database, arg_root, catalog_file_dirs);
844ec79b 2119 if (r < 0)
da927ba9 2120 log_error_errno(r, "Failed to list catalog: %m");
844ec79b
ZJS		 2121 } else {
2122 bool oneline = arg_action == ACTION_LIST_CATALOG;
2123
ee5324aa 2124 (void) pager_open(arg_no_pager, arg_pager_end);
a020b3b3 2125
844ec79b 2126 if (optind < argc)
a020b3b3 2127 r = catalog_list_items(stdout, database, oneline, argv + optind);
844ec79b 2128 else
13cbf3a5 2129 r = catalog_list(stdout, database, oneline);
844ec79b 2130 if (r < 0)
da927ba9 2131 log_error_errno(r, "Failed to list catalog: %m");
844ec79b 2132 }
d4205751 2133
d4205751
LP		 2134 goto finish;
2135 }
2136
a020b3b3
LP		 2137 case ACTION_FLUSH:
2138 r = flush_to_var();
2139 goto finish;
2140
2141 case ACTION_SYNC:
2142 r = sync_journal();
2143 goto finish;
2144
2145 case ACTION_ROTATE:
2146 r = rotate();
2147 goto finish;
2148
2149 case ACTION_SHOW:
2150 case ACTION_PRINT_HEADER:
2151 case ACTION_VERIFY:
2152 case ACTION_DISK_USAGE:
2153 case ACTION_LIST_BOOTS:
2154 case ACTION_VACUUM:
69e714f3
LP		 2155 case ACTION_LIST_FIELDS:
2156 case ACTION_LIST_FIELD_NAMES:
a020b3b3
LP		 2157 /* These ones require access to the journal files, continue below. */
2158 break;
2159
2160 default:
2161 assert_not_reached("Unknown action");
2162 }
2163
a963990f 2164 if (arg_directory)
3f3a438f 2165 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
0a175093
ZJS		 2166 else if (arg_root)
2167 r = sd_journal_open_directory(&j, arg_root, arg_journal_type | SD_JOURNAL_OS_ROOT);
5d1ce257
LP		 2168 else if (arg_file_stdin) {
2169 int ifd = STDIN_FILENO;
2170 r = sd_journal_open_files_fd(&j, &ifd, 1, 0);
2171 } else if (arg_file)
8d98da3f 2172 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
d38c62cc
LP		 2173 else if (arg_machine) {
2174 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2175 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
2176 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
2177 int fd;
2178
2179 if (geteuid() != 0) {
2180 /* The file descriptor returned by OpenMachineRootDirectory() will be owned by users/groups of
2181 * the container, thus we need root privileges to override them. */
2182 log_error("Using the --machine= switch requires root privileges.");
2183 r = -EPERM;
2184 goto finish;
2185 }
2186
2187 r = sd_bus_open_system(&bus);
2188 if (r < 0) {
2189 log_error_errno(r, "Failed to open system bus: %m");
2190 goto finish;
2191 }
2192
2193 r = sd_bus_call_method(
2194 bus,
2195 "org.freedesktop.machine1",
2196 "/org/freedesktop/machine1",
2197 "org.freedesktop.machine1.Manager",
2198 "OpenMachineRootDirectory",
2199 &error,
2200 &reply,
2201 "s", arg_machine);
2202 if (r < 0) {
2203 log_error_errno(r, "Failed to open root directory: %s", bus_error_message(&error, r));
2204 goto finish;
2205 }
2206
2207 r = sd_bus_message_read(reply, "h", &fd);
2208 if (r < 0) {
2209 bus_log_parse_error(r);
2210 goto finish;
2211 }
2212
2213 fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
2214 if (fd < 0) {
2215 r = log_error_errno(errno, "Failed to duplicate file descriptor: %m");
2216 goto finish;
2217 }
2218
2219 r = sd_journal_open_directory_fd(&j, fd, SD_JOURNAL_OS_ROOT);
2220 if (r < 0)
2221 safe_close(fd);
2222 } else
3f3a438f 2223 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
a963990f 2224 if (r < 0) {
a020b3b3 2225 log_error_errno(r, "Failed to open %s: %m", arg_directory ?: arg_file ? "files" : "journal");
909dea0c 2226 goto finish;
a963990f
LP		 2227 }
2228
e79d0b59
ZJS		 2229 r = journal_access_check_and_warn(j, arg_quiet,
2230 !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units));
6fe391c5 2231 if (r < 0)
909dea0c 2232 goto finish;
6fe391c5 2233
a020b3b3 2234 switch (arg_action) {
beec0085 2235
a020b3b3
LP		 2236 case ACTION_NEW_ID128:
2237 case ACTION_SETUP_KEYS:
2238 case ACTION_LIST_CATALOG:
2239 case ACTION_DUMP_CATALOG:
2240 case ACTION_UPDATE_CATALOG:
2241 case ACTION_FLUSH:
2242 case ACTION_SYNC:
2243 case ACTION_ROTATE:
2244 assert_not_reached("Unexpected action.");
2245
2246 case ACTION_PRINT_HEADER:
dca6219e 2247 journal_print_header(j);
909dea0c
LP		 2248 r = 0;
2249 goto finish;
dca6219e 2250
a020b3b3
LP		 2251 case ACTION_VERIFY:
2252 r = verify(j);
2253 goto finish;
2254
2255 case ACTION_DISK_USAGE: {
39883f62 2256 uint64_t bytes = 0;
a1a03e30
LP		 2257 char sbytes[FORMAT_BYTES_MAX];
2258
2259 r = sd_journal_get_usage(j, &bytes);
2260 if (r < 0)
909dea0c 2261 goto finish;
a1a03e30 2262
8da830bc 2263 printf("Archived and active journals take up %s in the file system.\n",
763c7aa2 2264 format_bytes(sbytes, sizeof(sbytes), bytes));
909dea0c 2265 goto finish;
a1a03e30
LP		 2266 }
2267
a020b3b3
LP		 2268 case ACTION_LIST_BOOTS:
2269 r = list_boots(j);
2270 goto finish;
2271
2272 case ACTION_VACUUM: {
dbd2a83f
LP		 2273 Directory *d;
2274 Iterator i;
2275
2276 HASHMAP_FOREACH(d, j->directories_by_path, i) {
2277 int q;
2278
2279 if (d->is_root)
2280 continue;
2281
e3695e49 2282 q = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet);
dbd2a83f 2283 if (q < 0) {
8580d1f7 2284 log_error_errno(q, "Failed to vacuum %s: %m", d->path);
dbd2a83f
LP		 2285 r = q;
2286 }
2287 }
2288
909dea0c 2289 goto finish;
dbd2a83f
LP		 2290 }
2291
69e714f3
LP		 2292 case ACTION_LIST_FIELD_NAMES: {
2293 const char *field;
2294
2295 SD_JOURNAL_FOREACH_FIELD(j, field) {
2296 printf("%s\n", field);
313cefa1 2297 n_shown++;
69e714f3
LP		 2298 }
2299
2300 r = 0;
2301 goto finish;
2302 }
2303
a020b3b3 2304 case ACTION_SHOW:
69e714f3 2305 case ACTION_LIST_FIELDS:
a020b3b3
LP		 2306 break;
2307
2308 default:
2309 assert_not_reached("Unknown action");
f1188074
ZJS		 2310 }
2311
0f1a9a83
JS		 2312 if (arg_boot_offset != 0 &&
2313 sd_journal_has_runtime_files(j) > 0 &&
2314 sd_journal_has_persistent_files(j) == 0) {
493097ee 2315 log_info("Specifying boot ID or boot offset has no effect, no persistent journal was found.");
0f1a9a83
JS		 2316 r = 0;
2317 goto finish;
2318 }
a331b5e6
JJ		 2319 /* add_boot() must be called first!
2320 * It may need to seek the journal to find parent boot IDs. */
2321 r = add_boot(j);
a963990f 2322 if (r < 0)
909dea0c 2323 goto finish;
a963990f 2324
99271804
ZJS		 2325 r = add_dmesg(j);
2326 if (r < 0)
909dea0c 2327 goto finish;
99271804 2328
b9e40524 2329 r = add_units(j);
ea18a4b5 2330 if (r < 0) {
da927ba9 2331 log_error_errno(r, "Failed to add filter for units: %m");
909dea0c 2332 goto finish;
ea18a4b5 2333 }
c3f60ec5 2334
73083640
HH		 2335 r = add_syslog_identifier(j);
2336 if (r < 0) {
da927ba9 2337 log_error_errno(r, "Failed to add filter for syslog identifiers: %m");
909dea0c 2338 goto finish;
73083640
HH		 2339 }
2340
cd34b3c6 2341 r = add_priorities(j);
b56d608e 2342 if (r < 0)
909dea0c 2343 goto finish;
a963990f 2344
cd34b3c6 2345 r = add_matches(j, argv + optind);
b56d608e 2346 if (r < 0)
909dea0c 2347 goto finish;
941e990d 2348
f1d34068 2349 if (DEBUG_LOGGING) {
4ad16808
ZJS		 2350 _cleanup_free_ char *filter;
2351
2352 filter = journal_make_match_string(j);
b56d608e
LP		 2353 if (!filter)
2354 return log_oom();
2355
4ad16808
ZJS		 2356 log_debug("Journal filter: %s", filter);
2357 }
67e04a48 2358
69e714f3 2359 if (arg_action == ACTION_LIST_FIELDS) {
15119c16
LP		 2360 const void *data;
2361 size_t size;
2362
69e714f3
LP		 2363 assert(arg_field);
2364
21ae4593
ZJS		 2365 r = sd_journal_set_data_threshold(j, 0);
2366 if (r < 0) {
b56d608e 2367 log_error_errno(r, "Failed to unset data size threshold: %m");
909dea0c 2368 goto finish;
21ae4593
ZJS		 2369 }
2370
15119c16
LP		 2371 r = sd_journal_query_unique(j, arg_field);
2372 if (r < 0) {
da927ba9 2373 log_error_errno(r, "Failed to query unique data objects: %m");
909dea0c 2374 goto finish;
15119c16
LP		 2375 }
2376
2377 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
2378 const void *eq;
2379
67e04a48 2380 if (arg_lines >= 0 && n_shown >= arg_lines)
fd6e8875
LP		 2381 break;
2382
15119c16
LP		 2383 eq = memchr(data, '=', size);
2384 if (eq)
2385 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
2386 else
2387 printf("%.*s\n", (int) size, (const char*) data);
fd6e8875 2388
313cefa1 2389 n_shown++;
15119c16
LP		 2390 }
2391
909dea0c
LP		 2392 r = 0;
2393 goto finish;
15119c16
LP		 2394 }
2395
8d98da3f
ZJS		 2396 /* Opening the fd now means the first sd_journal_wait() will actually wait */
2397 if (arg_follow) {
2398 r = sd_journal_get_fd(j);
5d1ce257
LP		 2399 if (r == -EMEDIUMTYPE) {
2400 log_error_errno(r, "The --follow switch is not supported in conjunction with reading from STDIN.");
2401 goto finish;
2402 }
b56d608e
LP		 2403 if (r < 0) {
2404 log_error_errno(r, "Failed to get journal fd: %m");
909dea0c 2405 goto finish;
b56d608e 2406 }
8d98da3f
ZJS		 2407 }
2408
248fc619 2409 if (arg_cursor || arg_after_cursor) {
eacbb4d3 2410 r = sd_journal_seek_cursor(j, arg_cursor ?: arg_after_cursor);
08984293 2411 if (r < 0) {
da927ba9 2412 log_error_errno(r, "Failed to seek to cursor: %m");
909dea0c 2413 goto finish;
08984293 2414 }
909dea0c 2415
d89d6c86 2416 if (!arg_reverse)
248fc619 2417 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
d89d6c86 2418 else
248fc619
ZJS		 2419 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
2420
8ee8e536 2421 if (arg_after_cursor && r < 2) {
248fc619 2422 /* We couldn't find the next entry after the cursor. */
8ee8e536
WD		 2423 if (arg_follow)
2424 need_seek = true;
2425 else
2426 arg_lines = 0;
2427 }
08984293 2428
d89d6c86 2429 } else if (arg_since_set && !arg_reverse) {
cfbc22ab 2430 r = sd_journal_seek_realtime_usec(j, arg_since);
8f14c832 2431 if (r < 0) {
da927ba9 2432 log_error_errno(r, "Failed to seek to date: %m");
909dea0c 2433 goto finish;
8f14c832 2434 }
8f14c832
LP		 2435 r = sd_journal_next(j);
2436
d89d6c86
LN		 2437 } else if (arg_until_set && arg_reverse) {
2438 r = sd_journal_seek_realtime_usec(j, arg_until);
2439 if (r < 0) {
da927ba9 2440 log_error_errno(r, "Failed to seek to date: %m");
909dea0c 2441 goto finish;
d89d6c86
LN		 2442 }
2443 r = sd_journal_previous(j);
2444
67e04a48 2445 } else if (arg_lines >= 0) {
2100675e
LP		 2446 r = sd_journal_seek_tail(j);
2447 if (r < 0) {
da927ba9 2448 log_error_errno(r, "Failed to seek to tail: %m");
909dea0c 2449 goto finish;
2100675e
LP		 2450 }
2451
2452 r = sd_journal_previous_skip(j, arg_lines);
8f14c832 2453
d89d6c86
LN		 2454 } else if (arg_reverse) {
2455 r = sd_journal_seek_tail(j);
2456 if (r < 0) {
da927ba9 2457 log_error_errno(r, "Failed to seek to tail: %m");
909dea0c 2458 goto finish;
d89d6c86
LN		 2459 }
2460
2461 r = sd_journal_previous(j);
2462
2100675e
LP		 2463 } else {
2464 r = sd_journal_seek_head(j);
2465 if (r < 0) {
da927ba9 2466 log_error_errno(r, "Failed to seek to head: %m");
909dea0c 2467 goto finish;
2100675e 2468 }
6f003b43
LP		 2469
2470 r = sd_journal_next(j);
2471 }
2472
2473 if (r < 0) {
da927ba9 2474 log_error_errno(r, "Failed to iterate through journal: %m");
909dea0c 2475 goto finish;
50f20cfd 2476 }
5f42943c
LK		 2477 if (r == 0)
2478 need_seek = true;
87d2c1ff 2479
faf5077f 2480 if (!arg_follow)
ee5324aa 2481 (void) pager_open(arg_no_pager, arg_pager_end);
0d43c694 2482
5f42943c 2483 if (!arg_quiet && (arg_lines != 0 || arg_follow)) {
cfbc22ab
LP		 2484 usec_t start, end;
2485 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
2486
2487 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
2488 if (r < 0) {
da927ba9 2489 log_error_errno(r, "Failed to get cutoff: %m");
cfbc22ab
LP		 2490 goto finish;
2491 }
2492
2493 if (r > 0) {
2494 if (arg_follow)
9048b11f 2495 printf("-- Logs begin at %s. --\n",
5ab99e07 2496 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
cfbc22ab 2497 else
9048b11f 2498 printf("-- Logs begin at %s, end at %s. --\n",
5ab99e07
LP		 2499 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
2500 format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
cfbc22ab
LP		 2501 }
2502 }
2503
50f20cfd 2504 for (;;) {
67e04a48 2505 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
cfbc22ab 2506 int flags;
b4766d5f 2507 size_t highlight[2] = {};
cfbc22ab 2508
6f003b43 2509 if (need_seek) {
99613ec5 2510 if (!arg_reverse)
d89d6c86
LN		 2511 r = sd_journal_next(j);
2512 else
2513 r = sd_journal_previous(j);
6f003b43 2514 if (r < 0) {
da927ba9 2515 log_error_errno(r, "Failed to iterate through journal: %m");
6f003b43
LP		 2516 goto finish;
2517 }
a72b6353
ZJS		 2518 if (r == 0)
2519 break;
0d43c694
LP		 2520 }
2521
d89d6c86 2522 if (arg_until_set && !arg_reverse) {
cfbc22ab
LP		 2523 usec_t usec;
2524
2525 r = sd_journal_get_realtime_usec(j, &usec);
2526 if (r < 0) {
da927ba9 2527 log_error_errno(r, "Failed to determine timestamp: %m");
cfbc22ab
LP		 2528 goto finish;
2529 }
3ba09ee8
PF		 2530 if (usec > arg_until)
2531 goto finish;
cfbc22ab
LP		 2532 }
2533
d89d6c86
LN		 2534 if (arg_since_set && arg_reverse) {
2535 usec_t usec;
2536
2537 r = sd_journal_get_realtime_usec(j, &usec);
2538 if (r < 0) {
da927ba9 2539 log_error_errno(r, "Failed to determine timestamp: %m");
d89d6c86
LN		 2540 goto finish;
2541 }
2542 if (usec < arg_since)
2543 goto finish;
2544 }
2545
4bed2485 2546 if (!arg_merge && !arg_quiet) {
cd931c0a 2547 sd_id128_t boot_id;
14a65d65 2548
cd931c0a
LP		 2549 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
2550 if (r >= 0) {
2551 if (previous_boot_id_valid &&
2552 !sd_id128_equal(boot_id, previous_boot_id))
0b5a519c 2553 printf("%s-- Reboot --%s\n",
1fc464f6 2554 ansi_highlight(), ansi_normal());
cd931c0a
LP		 2555
2556 previous_boot_id = boot_id;
2557 previous_boot_id_valid = true;
2558 }
14a65d65
LP		 2559 }
2560
6becf48c 2561#if HAVE_PCRE2
61c5f8a1 2562 if (arg_compiled_pattern) {
6becf48c
ZJS		 2563 _cleanup_(pcre2_match_data_freep) pcre2_match_data *md = NULL;
2564 const void *message;
2565 size_t len;
b4766d5f 2566 PCRE2_SIZE *ovec;
6becf48c
ZJS		 2567
2568 md = pcre2_match_data_create(1, NULL);
2569 if (!md)
2570 return log_oom();
2571
2572 r = sd_journal_get_data(j, "MESSAGE", &message, &len);
2573 if (r < 0) {
2574 if (r == -ENOENT) {
2575 need_seek = true;
2576 continue;
2577 }
2578
2579 log_error_errno(r, "Failed to get MESSAGE field: %m");
2580 goto finish;
2581 }
2582
2583 assert_se(message = startswith(message, "MESSAGE="));
2584
61c5f8a1 2585 r = pcre2_match(arg_compiled_pattern,
6becf48c
ZJS		 2586 message,
2587 len - strlen("MESSAGE="),
2588 0, /* start at offset 0 in the subject */
2589 0, /* default options */
2590 md,
2591 NULL);
2592 if (r == PCRE2_ERROR_NOMATCH) {
2593 need_seek = true;
2594 continue;
2595 }
2596 if (r < 0) {
2597 unsigned char buf[LINE_MAX];
2598 int r2;
2599
2600 r2 = pcre2_get_error_message(r, buf, sizeof buf);
2601 log_error("Pattern matching failed: %s",
2602 r2 < 0 ? "unknown error" : (char*) buf);
2603 r = -EINVAL;
2604 goto finish;
2605 }
b4766d5f
ZJS		 2606
2607 ovec = pcre2_get_ovector_pointer(md);
2608 highlight[0] = ovec[0];
2609 highlight[1] = ovec[1];
6becf48c
ZJS		 2610 }
2611#endif
2612
cfbc22ab 2613 flags =
cd4b13e0 2614 arg_all * OUTPUT_SHOW_ALL |
2b8f6883 2615 arg_full * OUTPUT_FULL_WIDTH |
40c9fe4c 2616 colors_enabled() * OUTPUT_COLOR |
9fd29044 2617 arg_catalog * OUTPUT_CATALOG |
991e274b
LP		 2618 arg_utc * OUTPUT_UTC |
2619 arg_no_hostname * OUTPUT_NO_HOSTNAME;
cfbc22ab 2620
9b972c9a
ZJS		 2621 r = show_journal_entry(stdout, j, arg_output, 0, flags,
2622 arg_output_fields, highlight, &ellipsized);
a72b6353
ZJS		 2623 need_seek = true;
2624 if (r == -EADDRNOTAVAIL)
2625 break;
2626 else if (r < 0 || ferror(stdout))
72f59706 2627 goto finish;
6f003b43 2628
cfbc22ab 2629 n_shown++;
ec316d19
PP		 2630
2631 /* If journalctl take a long time to process messages, and during that time journal file
2632 * rotation occurs, a journalctl client will keep those rotated files open until it calls
2633 * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below
2634 * in the "following" case. By periodically calling sd_journal_process() during the processing
2635 * loop we shrink the window of time a client instance has open file descriptors for rotated
2636 * (deleted) journal files. */
2637 if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) {
2638 r = sd_journal_process(j);
2639 if (r < 0) {
2640 log_error_errno(r, "Failed to process inotify events: %m");
2641 goto finish;
2642 }
2643 }
87d2c1ff
LP		 2644 }
2645
248fc619 2646 if (!arg_follow) {
5f42943c
LK		 2647 if (n_shown == 0 && !arg_quiet)
2648 printf("-- No entries --\n");
2649
248fc619
ZJS		 2650 if (arg_show_cursor) {
2651 _cleanup_free_ char *cursor = NULL;
2652
2653 r = sd_journal_get_cursor(j, &cursor);
2654 if (r < 0 && r != -EADDRNOTAVAIL)
da927ba9 2655 log_error_errno(r, "Failed to get cursor: %m");
248fc619
ZJS		 2656 else if (r >= 0)
2657 printf("-- cursor: %s\n", cursor);
2658 }
2659
50f20cfd 2660 break;
248fc619 2661 }
50f20cfd 2662
b1aa5ced 2663 fflush(stdout);
e02d1cf7 2664 r = sd_journal_wait(j, (uint64_t) -1);
50f20cfd 2665 if (r < 0) {
da927ba9 2666 log_error_errno(r, "Couldn't wait for journal event: %m");
50f20cfd
LP		 2667 goto finish;
2668 }
67e04a48
ZJS		 2669
2670 first_line = false;
de190aef 2671 }
87d2c1ff
LP		 2672
2673finish:
b1aa5ced 2674 fflush(stdout);
0d43c694
LP		 2675 pager_close();
2676
a36b8deb
ZJS		 2677 strv_free(arg_file);
2678
d52da205
LP		 2679 strv_free(arg_syslog_identifier);
2680 strv_free(arg_system_units);
2681 strv_free(arg_user_units);
cc25a67e 2682 strv_free(arg_output_fields);
d52da205 2683
0f03c2a4 2684 free(arg_root);
6bae9b2a 2685 free(arg_verify_key);
0f03c2a4 2686
6becf48c 2687#if HAVE_PCRE2
61c5f8a1
ZJS		 2688 if (arg_compiled_pattern)
2689 pcre2_code_free(arg_compiled_pattern);
6becf48c
ZJS		 2690#endif
2691
3fbf9cbb 2692 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
87d2c1ff 2693}
Unnamed repository; edit this file 'description' to name the repository.