]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/journal/journald-server.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
journal: add void cast to journal_file_close() calls
[thirdparty/systemd.git] / src / journal / journald-server.c
CommitLineData
d025f1e4
ZJS		 1/***
2 This file is part of systemd.
3
4 Copyright 2011 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18***/
19
24882e06
LP		 20#ifdef HAVE_SELINUX
21#include <selinux/selinux.h>
22#endif
8580d1f7
LP		 23#include <sys/ioctl.h>
24#include <sys/mman.h>
25#include <sys/signalfd.h>
26#include <sys/statvfs.h>
07630cea 27#include <linux/sockios.h>
24882e06 28
b4bbcaa9 29#include "libudev.h"
8580d1f7 30#include "sd-daemon.h"
74df0fca
LP		 31#include "sd-journal.h"
32#include "sd-messages.h"
8580d1f7
LP		 33
34#include "acl-util.h"
b5efdb8a 35#include "alloc-util.h"
430f0182 36#include "audit-util.h"
d025f1e4 37#include "cgroup-util.h"
d025f1e4 38#include "conf-parser.h"
a0956174 39#include "dirent-util.h"
0dec689b 40#include "extract-word.h"
3ffd4af2 41#include "fd-util.h"
33d52ab9 42#include "fileio.h"
958b66ea 43#include "formats-util.h"
f4f15635 44#include "fs-util.h"
8580d1f7 45#include "hashmap.h"
958b66ea 46#include "hostname-util.h"
afc5dbf3 47#include "io-util.h"
8580d1f7
LP		 48#include "journal-authenticate.h"
49#include "journal-file.h"
d025f1e4
ZJS		 50#include "journal-internal.h"
51#include "journal-vacuum.h"
8580d1f7 52#include "journald-audit.h"
d025f1e4 53#include "journald-kmsg.h"
d025f1e4 54#include "journald-native.h"
8580d1f7 55#include "journald-rate-limit.h"
3ffd4af2 56#include "journald-server.h"
8580d1f7
LP		 57#include "journald-stream.h"
58#include "journald-syslog.h"
07630cea
LP		 59#include "missing.h"
60#include "mkdir.h"
6bedfcbb 61#include "parse-util.h"
4e731273 62#include "proc-cmdline.h"
07630cea
LP		 63#include "process-util.h"
64#include "rm-rf.h"
65#include "selinux-util.h"
66#include "signal-util.h"
67#include "socket-util.h"
32917e33 68#include "stdio-util.h"
8b43440b 69#include "string-table.h"
07630cea 70#include "string-util.h"
4a0b58c4 71#include "user-util.h"
8a03c9ef 72#include "log.h"
d025f1e4 73
d025f1e4
ZJS		 74#define USER_JOURNALS_MAX 1024
75
26687bf8 76#define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
7f1ad696
LP		 77#define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
78#define DEFAULT_RATE_LIMIT_BURST 1000
e150e820 79#define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
d025f1e4 80
8580d1f7 81#define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
d025f1e4 82
e22aa3d3
LP		 83#define NOTIFY_SNDBUF_SIZE (8*1024*1024)
84
7a24f3bf
VC		 85/* The period to insert between posting changes for coalescing */
86#define POST_CHANGE_TIMER_INTERVAL_USEC (250*USEC_PER_MSEC)
87
8580d1f7
LP		 88static int determine_space_for(
89 Server *s,
90 JournalMetrics *metrics,
91 const char *path,
92 const char *name,
93 bool verbose,
94 bool patch_min_use,
95 uint64_t *available,
96 uint64_t *limit) {
97
98 uint64_t sum = 0, ss_avail, avail;
7fd1b19b 99 _cleanup_closedir_ DIR *d = NULL;
8580d1f7
LP		 100 struct dirent *de;
101 struct statvfs ss;
102 const char *p;
d025f1e4 103 usec_t ts;
d025f1e4 104
8580d1f7
LP		 105 assert(s);
106 assert(metrics);
107 assert(path);
108 assert(name);
d025f1e4 109
8580d1f7 110 ts = now(CLOCK_MONOTONIC);
d025f1e4 111
8580d1f7 112 if (!verbose && s->cached_space_timestamp + RECHECK_SPACE_USEC > ts) {
d025f1e4 113
8580d1f7
LP		 114 if (available)
115 *available = s->cached_space_available;
116 if (limit)
117 *limit = s->cached_space_limit;
d025f1e4 118
d025f1e4 119 return 0;
8580d1f7 120 }
d025f1e4 121
8580d1f7 122 p = strjoina(path, SERVER_MACHINE_ID(s));
d025f1e4 123 d = opendir(p);
d025f1e4 124 if (!d)
8580d1f7 125 return log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_ERR, errno, "Failed to open %s: %m", p);
d025f1e4
ZJS		 126
127 if (fstatvfs(dirfd(d), &ss) < 0)
8580d1f7 128 return log_error_errno(errno, "Failed to fstatvfs(%s): %m", p);
d025f1e4 129
8580d1f7 130 FOREACH_DIRENT_ALL(de, d, break) {
d025f1e4 131 struct stat st;
d025f1e4
ZJS		 132
133 if (!endswith(de->d_name, ".journal") &&
134 !endswith(de->d_name, ".journal~"))
135 continue;
136
8580d1f7
LP		 137 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
138 log_debug_errno(errno, "Failed to stat %s/%s, ignoring: %m", p, de->d_name);
d025f1e4 139 continue;
8580d1f7 140 }
d025f1e4
ZJS		 141
142 if (!S_ISREG(st.st_mode))
143 continue;
144
145 sum += (uint64_t) st.st_blocks * 512UL;
146 }
147
8a03c9ef 148 /* If requested, then let's bump the min_use limit to the
8580d1f7
LP		 149 * current usage on disk. We do this when starting up and
150 * first opening the journal files. This way sudden spikes in
151 * disk usage will not cause journald to vacuum files without
152 * bounds. Note that this means that only a restart of
153 * journald will make it reset this value. */
d025f1e4 154
8580d1f7
LP		 155 if (patch_min_use)
156 metrics->min_use = MAX(metrics->min_use, sum);
348ced90 157
8580d1f7
LP		 158 ss_avail = ss.f_bsize * ss.f_bavail;
159 avail = LESS_BY(ss_avail, metrics->keep_free);
348ced90 160
8580d1f7
LP		 161 s->cached_space_limit = MIN(MAX(sum + avail, metrics->min_use), metrics->max_use);
162 s->cached_space_available = LESS_BY(s->cached_space_limit, sum);
163 s->cached_space_timestamp = ts;
d025f1e4 164
670b110c
ZJS		 165 if (verbose) {
166 char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
8580d1f7 167 fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX], fb6[FORMAT_BYTES_MAX];
282c5c4e
ZJS		 168 format_bytes(fb1, sizeof(fb1), sum);
169 format_bytes(fb2, sizeof(fb2), metrics->max_use);
170 format_bytes(fb3, sizeof(fb3), metrics->keep_free);
171 format_bytes(fb4, sizeof(fb4), ss_avail);
172 format_bytes(fb5, sizeof(fb5), s->cached_space_limit);
173 format_bytes(fb6, sizeof(fb6), s->cached_space_available);
670b110c
ZJS		 174
175 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
282c5c4e
ZJS		 176 LOG_MESSAGE("%s (%s) is %s, max %s, %s free.",
177 name, path, fb1, fb5, fb6),
178 "JOURNAL_NAME=%s", name,
179 "JOURNAL_PATH=%s", path,
180 "CURRENT_USE=%"PRIu64, sum,
181 "CURRENT_USE_PRETTY=%s", fb1,
182 "MAX_USE=%"PRIu64, metrics->max_use,
183 "MAX_USE_PRETTY=%s", fb2,
184 "DISK_KEEP_FREE=%"PRIu64, metrics->keep_free,
185 "DISK_KEEP_FREE_PRETTY=%s", fb3,
186 "DISK_AVAILABLE=%"PRIu64, ss_avail,
187 "DISK_AVAILABLE_PRETTY=%s", fb4,
188 "LIMIT=%"PRIu64, s->cached_space_limit,
189 "LIMIT_PRETTY=%s", fb5,
190 "AVAILABLE=%"PRIu64, s->cached_space_available,
191 "AVAILABLE_PRETTY=%s", fb6,
8a03c9ef 192 NULL);
8580d1f7
LP		 193 }
194
195 if (available)
196 *available = s->cached_space_available;
197 if (limit)
198 *limit = s->cached_space_limit;
199
200 return 1;
201}
202
203static int determine_space(Server *s, bool verbose, bool patch_min_use, uint64_t *available, uint64_t *limit) {
204 JournalMetrics *metrics;
205 const char *path, *name;
206
207 assert(s);
208
209 if (s->system_journal) {
210 path = "/var/log/journal/";
211 metrics = &s->system_metrics;
212 name = "System journal";
213 } else {
214 path = "/run/log/journal/";
215 metrics = &s->runtime_metrics;
216 name = "Runtime journal";
670b110c
ZJS		 217 }
218
8580d1f7 219 return determine_space_for(s, metrics, path, name, verbose, patch_min_use, available, limit);
d025f1e4
ZJS		 220}
221
5c3bde3f 222static void server_add_acls(JournalFile *f, uid_t uid) {
d025f1e4 223#ifdef HAVE_ACL
5c3bde3f 224 int r;
d025f1e4 225#endif
d025f1e4
ZJS		 226 assert(f);
227
d025f1e4 228#ifdef HAVE_ACL
34c10968 229 if (uid <= SYSTEM_UID_MAX)
d025f1e4
ZJS		 230 return;
231
5c3bde3f
ZJS		 232 r = add_acls_for_user(f->fd, uid);
233 if (r < 0)
234 log_warning_errno(r, "Failed to set ACL on %s, ignoring: %m", f->path);
d025f1e4
ZJS		 235#endif
236}
237
7a24f3bf
VC		 238static int open_journal(
239 Server *s,
240 bool reliably,
241 const char *fname,
242 int flags,
243 bool seal,
244 JournalMetrics *metrics,
7a24f3bf
VC		 245 JournalFile **ret) {
246 int r;
e167d7fd 247 JournalFile *f;
7a24f3bf
VC		 248
249 assert(s);
250 assert(fname);
251 assert(ret);
252
253 if (reliably)
089ed40b 254 r = journal_file_open_reliably(fname, flags, 0640, s->compress, seal, metrics, s->mmap, NULL, &f);
7a24f3bf 255 else
089ed40b 256 r = journal_file_open(fname, flags, 0640, s->compress, seal, metrics, s->mmap, NULL, &f);
7a24f3bf
VC		 257 if (r < 0)
258 return r;
259
e167d7fd 260 r = journal_file_enable_post_change_timer(f, s->event, POST_CHANGE_TIMER_INTERVAL_USEC);
7a24f3bf 261 if (r < 0) {
69a3a6fd 262 (void) journal_file_close(f);
7a24f3bf
VC		 263 return r;
264 }
265
e167d7fd 266 *ret = f;
7a24f3bf
VC		 267 return r;
268}
269
d025f1e4 270static JournalFile* find_journal(Server *s, uid_t uid) {
ed375beb 271 _cleanup_free_ char *p = NULL;
d025f1e4
ZJS		 272 int r;
273 JournalFile *f;
274 sd_id128_t machine;
275
276 assert(s);
277
278 /* We split up user logs only on /var, not on /run. If the
279 * runtime file is open, we write to it exclusively, in order
280 * to guarantee proper order as soon as we flush /run to
281 * /var and close the runtime file. */
282
283 if (s->runtime_journal)
284 return s->runtime_journal;
285
f7dc3ab9 286 if (uid <= SYSTEM_UID_MAX)
d025f1e4
ZJS		 287 return s->system_journal;
288
289 r = sd_id128_get_machine(&machine);
290 if (r < 0)
291 return s->system_journal;
292
4a0b58c4 293 f = ordered_hashmap_get(s->user_journals, UID_TO_PTR(uid));
d025f1e4
ZJS		 294 if (f)
295 return f;
296
de0671ee
ZJS		 297 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-"UID_FMT".journal",
298 SD_ID128_FORMAT_VAL(machine), uid) < 0)
d025f1e4
ZJS		 299 return s->system_journal;
300
43cf8388 301 while (ordered_hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
d025f1e4 302 /* Too many open? Then let's close one */
43cf8388 303 f = ordered_hashmap_steal_first(s->user_journals);
d025f1e4 304 assert(f);
69a3a6fd 305 (void) journal_file_close(f);
d025f1e4
ZJS		 306 }
307
089ed40b 308 r = open_journal(s, true, p, O_RDWR|O_CREAT, s->seal, &s->system_metrics, &f);
d025f1e4
ZJS		 309 if (r < 0)
310 return s->system_journal;
311
5c3bde3f 312 server_add_acls(f, uid);
d025f1e4 313
4a0b58c4 314 r = ordered_hashmap_put(s->user_journals, UID_TO_PTR(uid), f);
d025f1e4 315 if (r < 0) {
69a3a6fd 316 (void) journal_file_close(f);
d025f1e4
ZJS		 317 return s->system_journal;
318 }
319
320 return f;
321}
322
ea69bd41
LP		 323static int do_rotate(
324 Server *s,
325 JournalFile **f,
326 const char* name,
327 bool seal,
328 uint32_t uid) {
329
fc55baee
ZJS		 330 int r;
331 assert(s);
332
333 if (!*f)
334 return -EINVAL;
335
336 r = journal_file_rotate(f, s->compress, seal);
337 if (r < 0)
338 if (*f)
ea69bd41 339 log_error_errno(r, "Failed to rotate %s: %m", (*f)->path);
fc55baee 340 else
ea69bd41 341 log_error_errno(r, "Failed to create new %s journal: %m", name);
fc55baee 342 else
5c3bde3f 343 server_add_acls(*f, uid);
2678031a 344
fc55baee
ZJS		 345 return r;
346}
347
d025f1e4
ZJS		 348void server_rotate(Server *s) {
349 JournalFile *f;
350 void *k;
351 Iterator i;
352 int r;
353
354 log_debug("Rotating...");
355
8580d1f7
LP		 356 (void) do_rotate(s, &s->runtime_journal, "runtime", false, 0);
357 (void) do_rotate(s, &s->system_journal, "system", s->seal, 0);
d025f1e4 358
43cf8388 359 ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
4a0b58c4 360 r = do_rotate(s, &f, "user", s->seal, PTR_TO_UID(k));
fc55baee 361 if (r >= 0)
43cf8388 362 ordered_hashmap_replace(s->user_journals, k, f);
fc55baee
ZJS		 363 else if (!f)
364 /* Old file has been closed and deallocated */
43cf8388 365 ordered_hashmap_remove(s->user_journals, k);
d025f1e4
ZJS		 366 }
367}
368
26687bf8
OS		 369void server_sync(Server *s) {
370 JournalFile *f;
26687bf8
OS		 371 Iterator i;
372 int r;
373
26687bf8
OS		 374 if (s->system_journal) {
375 r = journal_file_set_offline(s->system_journal);
376 if (r < 0)
65089b82 377 log_warning_errno(r, "Failed to sync system journal, ignoring: %m");
26687bf8
OS		 378 }
379
65c1d46b 380 ORDERED_HASHMAP_FOREACH(f, s->user_journals, i) {
26687bf8
OS		 381 r = journal_file_set_offline(f);
382 if (r < 0)
65089b82 383 log_warning_errno(r, "Failed to sync user journal, ignoring: %m");
26687bf8
OS		 384 }
385
f9a810be
LP		 386 if (s->sync_event_source) {
387 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
388 if (r < 0)
da927ba9 389 log_error_errno(r, "Failed to disable sync timer source: %m");
f9a810be 390 }
26687bf8
OS		 391
392 s->sync_scheduled = false;
393}
394
ea69bd41
LP		 395static void do_vacuum(
396 Server *s,
ea69bd41 397 JournalFile *f,
8580d1f7
LP		 398 JournalMetrics *metrics,
399 const char *path,
400 const char *name,
401 bool verbose,
402 bool patch_min_use) {
ea69bd41
LP		 403
404 const char *p;
8580d1f7 405 uint64_t limit;
63c8666b
ZJS		 406 int r;
407
8580d1f7
LP		 408 assert(s);
409 assert(metrics);
410 assert(path);
411 assert(name);
412
63c8666b
ZJS		 413 if (!f)
414 return;
415
8580d1f7
LP		 416 p = strjoina(path, SERVER_MACHINE_ID(s));
417
418 limit = metrics->max_use;
419 (void) determine_space_for(s, metrics, path, name, verbose, patch_min_use, NULL, &limit);
420
421 r = journal_directory_vacuum(p, limit, metrics->n_max_files, s->max_retention_usec, &s->oldest_file_usec, verbose);
63c8666b 422 if (r < 0 && r != -ENOENT)
8580d1f7 423 log_warning_errno(r, "Failed to vacuum %s, ignoring: %m", p);
63c8666b
ZJS		 424}
425
8580d1f7
LP		 426int server_vacuum(Server *s, bool verbose, bool patch_min_use) {
427 assert(s);
d025f1e4
ZJS		 428
429 log_debug("Vacuuming...");
430
431 s->oldest_file_usec = 0;
432
8580d1f7
LP		 433 do_vacuum(s, s->system_journal, &s->system_metrics, "/var/log/journal/", "System journal", verbose, patch_min_use);
434 do_vacuum(s, s->runtime_journal, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", verbose, patch_min_use);
d025f1e4 435
8580d1f7
LP		 436 s->cached_space_limit = 0;
437 s->cached_space_available = 0;
438 s->cached_space_timestamp = 0;
d025f1e4 439
8580d1f7 440 return 0;
d025f1e4
ZJS		 441}
442
0c24bb23
LP		 443static void server_cache_machine_id(Server *s) {
444 sd_id128_t id;
445 int r;
446
447 assert(s);
448
449 r = sd_id128_get_machine(&id);
450 if (r < 0)
451 return;
452
453 sd_id128_to_string(id, stpcpy(s->machine_id_field, "_MACHINE_ID="));
454}
455
456static void server_cache_boot_id(Server *s) {
457 sd_id128_t id;
458 int r;
459
460 assert(s);
461
462 r = sd_id128_get_boot(&id);
463 if (r < 0)
464 return;
465
466 sd_id128_to_string(id, stpcpy(s->boot_id_field, "_BOOT_ID="));
467}
468
469static void server_cache_hostname(Server *s) {
470 _cleanup_free_ char *t = NULL;
471 char *x;
472
473 assert(s);
474
475 t = gethostname_malloc();
476 if (!t)
477 return;
478
479 x = strappend("_HOSTNAME=", t);
480 if (!x)
481 return;
482
483 free(s->hostname_field);
484 s->hostname_field = x;
485}
486
8531ae70 487static bool shall_try_append_again(JournalFile *f, int r) {
d025f1e4
ZJS		 488
489 /* -E2BIG Hit configured limit
490 -EFBIG Hit fs limit
491 -EDQUOT Quota limit hit
492 -ENOSPC Disk full
fa6ac760 493 -EIO I/O error of some kind (mmap)
d025f1e4
ZJS		 494 -EHOSTDOWN Other machine
495 -EBUSY Unclean shutdown
496 -EPROTONOSUPPORT Unsupported feature
497 -EBADMSG Corrupted
498 -ENODATA Truncated
2678031a
LP		 499 -ESHUTDOWN Already archived
500 -EIDRM Journal file has been deleted */
d025f1e4
ZJS		 501
502 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
503 log_debug("%s: Allocation limit reached, rotating.", f->path);
504 else if (r == -EHOSTDOWN)
505 log_info("%s: Journal file from other machine, rotating.", f->path);
506 else if (r == -EBUSY)
507 log_info("%s: Unclean shutdown, rotating.", f->path);
508 else if (r == -EPROTONOSUPPORT)
509 log_info("%s: Unsupported feature, rotating.", f->path);
510 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
511 log_warning("%s: Journal file corrupted, rotating.", f->path);
fa6ac760
LP		 512 else if (r == -EIO)
513 log_warning("%s: IO error, rotating.", f->path);
2678031a
LP		 514 else if (r == -EIDRM)
515 log_warning("%s: Journal file has been deleted, rotating.", f->path);
d025f1e4
ZJS		 516 else
517 return false;
518
519 return true;
520}
521
d07f7b9e 522static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
d025f1e4
ZJS		 523 JournalFile *f;
524 bool vacuumed = false;
525 int r;
526
527 assert(s);
528 assert(iovec);
529 assert(n > 0);
530
531 f = find_journal(s, uid);
532 if (!f)
533 return;
534
535 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
536 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
537 server_rotate(s);
8580d1f7 538 server_vacuum(s, false, false);
d025f1e4
ZJS		 539 vacuumed = true;
540
541 f = find_journal(s, uid);
542 if (!f)
543 return;
544 }
545
546 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
26687bf8 547 if (r >= 0) {
d07f7b9e 548 server_schedule_sync(s, priority);
d025f1e4 549 return;
26687bf8 550 }
d025f1e4
ZJS		 551
552 if (vacuumed || !shall_try_append_again(f, r)) {
8266e1c0 553 log_error_errno(r, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
d025f1e4
ZJS		 554 return;
555 }
556
557 server_rotate(s);
8580d1f7 558 server_vacuum(s, false, false);
d025f1e4
ZJS		 559
560 f = find_journal(s, uid);
561 if (!f)
562 return;
563
564 log_debug("Retrying write.");
565 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
8266e1c0
LP		 566 if (r < 0)
567 log_error_errno(r, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
568 else
d07f7b9e 569 server_schedule_sync(s, priority);
d025f1e4
ZJS		 570}
571
572static void dispatch_message_real(
573 Server *s,
574 struct iovec *iovec, unsigned n, unsigned m,
3b3154df
LP		 575 const struct ucred *ucred,
576 const struct timeval *tv,
d025f1e4 577 const char *label, size_t label_len,
968f3196 578 const char *unit_id,
d07f7b9e 579 int priority,
968f3196 580 pid_t object_pid) {
d025f1e4 581
968f3196 582 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
ae018d9b
LP		 583 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
584 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
585 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
d3789917 586 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
968f3196
ZJS		 587 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
588 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
589 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
590 uid_t object_uid;
591 gid_t object_gid;
968f3196 592 char *x;
d025f1e4 593 int r;
ae018d9b 594 char *t, *c;
82499507
LP		 595 uid_t realuid = 0, owner = 0, journal_uid;
596 bool owner_valid = false;
ae018d9b 597#ifdef HAVE_AUDIT
968f3196
ZJS		 598 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
599 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
600 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
601 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
ae018d9b
LP		 602
603 uint32_t audit;
604 uid_t loginuid;
605#endif
d025f1e4
ZJS		 606
607 assert(s);
608 assert(iovec);
609 assert(n > 0);
968f3196 610 assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
d025f1e4
ZJS		 611
612 if (ucred) {
d025f1e4
ZJS		 613 realuid = ucred->uid;
614
de0671ee 615 sprintf(pid, "_PID="PID_FMT, ucred->pid);
c2457105 616 IOVEC_SET_STRING(iovec[n++], pid);
d025f1e4 617
de0671ee 618 sprintf(uid, "_UID="UID_FMT, ucred->uid);
c2457105 619 IOVEC_SET_STRING(iovec[n++], uid);
d025f1e4 620
de0671ee 621 sprintf(gid, "_GID="GID_FMT, ucred->gid);
c2457105 622 IOVEC_SET_STRING(iovec[n++], gid);
d025f1e4
ZJS		 623
624 r = get_process_comm(ucred->pid, &t);
625 if (r >= 0) {
63c372cb 626 x = strjoina("_COMM=", t);
d025f1e4 627 free(t);
968f3196 628 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 629 }
630
631 r = get_process_exe(ucred->pid, &t);
632 if (r >= 0) {
63c372cb 633 x = strjoina("_EXE=", t);
d025f1e4 634 free(t);
968f3196 635 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 636 }
637
9bdbc2e2 638 r = get_process_cmdline(ucred->pid, 0, false, &t);
d025f1e4 639 if (r >= 0) {
63c372cb 640 x = strjoina("_CMDLINE=", t);
d025f1e4 641 free(t);
3a832116
SL		 642 IOVEC_SET_STRING(iovec[n++], x);
643 }
644
645 r = get_process_capeff(ucred->pid, &t);
646 if (r >= 0) {
63c372cb 647 x = strjoina("_CAP_EFFECTIVE=", t);
3a832116 648 free(t);
968f3196 649 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 650 }
651
0a20e3c1 652#ifdef HAVE_AUDIT
d025f1e4 653 r = audit_session_from_pid(ucred->pid, &audit);
ae018d9b 654 if (r >= 0) {
de0671ee 655 sprintf(audit_session, "_AUDIT_SESSION=%"PRIu32, audit);
ae018d9b
LP		 656 IOVEC_SET_STRING(iovec[n++], audit_session);
657 }
d025f1e4
ZJS		 658
659 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
7027ff61 660 if (r >= 0) {
de0671ee 661 sprintf(audit_loginuid, "_AUDIT_LOGINUID="UID_FMT, loginuid);
ae018d9b 662 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
d025f1e4 663 }
ae018d9b 664#endif
d025f1e4 665
e9174f29 666 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &c);
7027ff61 667 if (r >= 0) {
968f3196
ZJS		 668 char *session = NULL;
669
63c372cb 670 x = strjoina("_SYSTEMD_CGROUP=", c);
968f3196 671 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4 672
ae018d9b
LP		 673 r = cg_path_get_session(c, &t);
674 if (r >= 0) {
63c372cb 675 session = strjoina("_SYSTEMD_SESSION=", t);
ae018d9b 676 free(t);
d025f1e4 677 IOVEC_SET_STRING(iovec[n++], session);
ae018d9b
LP		 678 }
679
680 if (cg_path_get_owner_uid(c, &owner) >= 0) {
681 owner_valid = true;
d025f1e4 682
de0671ee 683 sprintf(owner_uid, "_SYSTEMD_OWNER_UID="UID_FMT, owner);
d025f1e4 684 IOVEC_SET_STRING(iovec[n++], owner_uid);
ae018d9b 685 }
d025f1e4 686
ae018d9b 687 if (cg_path_get_unit(c, &t) >= 0) {
63c372cb 688 x = strjoina("_SYSTEMD_UNIT=", t);
ae018d9b 689 free(t);
19cace37
LP		 690 IOVEC_SET_STRING(iovec[n++], x);
691 } else if (unit_id && !session) {
63c372cb 692 x = strjoina("_SYSTEMD_UNIT=", unit_id);
19cace37
LP		 693 IOVEC_SET_STRING(iovec[n++], x);
694 }
695
696 if (cg_path_get_user_unit(c, &t) >= 0) {
63c372cb 697 x = strjoina("_SYSTEMD_USER_UNIT=", t);
ae018d9b 698 free(t);
968f3196 699 IOVEC_SET_STRING(iovec[n++], x);
19cace37 700 } else if (unit_id && session) {
63c372cb 701 x = strjoina("_SYSTEMD_USER_UNIT=", unit_id);
19cace37
LP		 702 IOVEC_SET_STRING(iovec[n++], x);
703 }
ae018d9b 704
0a244b8e 705 if (cg_path_get_slice(c, &t) >= 0) {
63c372cb 706 x = strjoina("_SYSTEMD_SLICE=", t);
0a244b8e
LP		 707 free(t);
708 IOVEC_SET_STRING(iovec[n++], x);
709 }
710
ae018d9b 711 free(c);
2d43b190 712 } else if (unit_id) {
63c372cb 713 x = strjoina("_SYSTEMD_UNIT=", unit_id);
2d43b190 714 IOVEC_SET_STRING(iovec[n++], x);
ef1673d1 715 }
d025f1e4 716
d025f1e4 717#ifdef HAVE_SELINUX
6355e756 718 if (mac_selinux_have()) {
d682b3a7 719 if (label) {
f8294e41 720 x = alloca(strlen("_SELINUX_CONTEXT=") + label_len + 1);
ae018d9b 721
d682b3a7
LP		 722 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
723 IOVEC_SET_STRING(iovec[n++], x);
724 } else {
725 security_context_t con;
d025f1e4 726
d682b3a7 727 if (getpidcon(ucred->pid, &con) >= 0) {
63c372cb 728 x = strjoina("_SELINUX_CONTEXT=", con);
e7ff4e7f 729
d682b3a7
LP		 730 freecon(con);
731 IOVEC_SET_STRING(iovec[n++], x);
732 }
d025f1e4
ZJS		 733 }
734 }
735#endif
736 }
968f3196
ZJS		 737 assert(n <= m);
738
739 if (object_pid) {
740 r = get_process_uid(object_pid, &object_uid);
741 if (r >= 0) {
de0671ee 742 sprintf(o_uid, "OBJECT_UID="UID_FMT, object_uid);
968f3196
ZJS		 743 IOVEC_SET_STRING(iovec[n++], o_uid);
744 }
745
746 r = get_process_gid(object_pid, &object_gid);
747 if (r >= 0) {
de0671ee 748 sprintf(o_gid, "OBJECT_GID="GID_FMT, object_gid);
968f3196
ZJS		 749 IOVEC_SET_STRING(iovec[n++], o_gid);
750 }
751
752 r = get_process_comm(object_pid, &t);
753 if (r >= 0) {
63c372cb 754 x = strjoina("OBJECT_COMM=", t);
968f3196
ZJS		 755 free(t);
756 IOVEC_SET_STRING(iovec[n++], x);
757 }
758
759 r = get_process_exe(object_pid, &t);
760 if (r >= 0) {
63c372cb 761 x = strjoina("OBJECT_EXE=", t);
968f3196
ZJS		 762 free(t);
763 IOVEC_SET_STRING(iovec[n++], x);
764 }
765
766 r = get_process_cmdline(object_pid, 0, false, &t);
767 if (r >= 0) {
63c372cb 768 x = strjoina("OBJECT_CMDLINE=", t);
968f3196
ZJS		 769 free(t);
770 IOVEC_SET_STRING(iovec[n++], x);
771 }
772
773#ifdef HAVE_AUDIT
774 r = audit_session_from_pid(object_pid, &audit);
775 if (r >= 0) {
de0671ee 776 sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%"PRIu32, audit);
968f3196
ZJS		 777 IOVEC_SET_STRING(iovec[n++], o_audit_session);
778 }
779
780 r = audit_loginuid_from_pid(object_pid, &loginuid);
781 if (r >= 0) {
de0671ee 782 sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID="UID_FMT, loginuid);
968f3196
ZJS		 783 IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
784 }
785#endif
786
e9174f29 787 r = cg_pid_get_path_shifted(object_pid, s->cgroup_root, &c);
968f3196 788 if (r >= 0) {
63c372cb 789 x = strjoina("OBJECT_SYSTEMD_CGROUP=", c);
968f3196
ZJS		 790 IOVEC_SET_STRING(iovec[n++], x);
791
792 r = cg_path_get_session(c, &t);
793 if (r >= 0) {
63c372cb 794 x = strjoina("OBJECT_SYSTEMD_SESSION=", t);
968f3196
ZJS		 795 free(t);
796 IOVEC_SET_STRING(iovec[n++], x);
797 }
798
799 if (cg_path_get_owner_uid(c, &owner) >= 0) {
de0671ee 800 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT, owner);
968f3196
ZJS		 801 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
802 }
803
804 if (cg_path_get_unit(c, &t) >= 0) {
63c372cb 805 x = strjoina("OBJECT_SYSTEMD_UNIT=", t);
968f3196 806 free(t);
19cace37
LP		 807 IOVEC_SET_STRING(iovec[n++], x);
808 }
809
810 if (cg_path_get_user_unit(c, &t) >= 0) {
63c372cb 811 x = strjoina("OBJECT_SYSTEMD_USER_UNIT=", t);
968f3196 812 free(t);
968f3196 813 IOVEC_SET_STRING(iovec[n++], x);
19cace37 814 }
968f3196
ZJS		 815
816 free(c);
817 }
818 }
819 assert(n <= m);
d025f1e4
ZJS		 820
821 if (tv) {
ae018d9b 822 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
a5693989 823 IOVEC_SET_STRING(iovec[n++], source_time);
d025f1e4
ZJS		 824 }
825
826 /* Note that strictly speaking storing the boot id here is
827 * redundant since the entry includes this in-line
828 * anyway. However, we need this indexed, too. */
0c24bb23
LP		 829 if (!isempty(s->boot_id_field))
830 IOVEC_SET_STRING(iovec[n++], s->boot_id_field);
d025f1e4 831
0c24bb23
LP		 832 if (!isempty(s->machine_id_field))
833 IOVEC_SET_STRING(iovec[n++], s->machine_id_field);
d025f1e4 834
0c24bb23
LP		 835 if (!isempty(s->hostname_field))
836 IOVEC_SET_STRING(iovec[n++], s->hostname_field);
d025f1e4
ZJS		 837
838 assert(n <= m);
839
da499392 840 if (s->split_mode == SPLIT_UID && realuid > 0)
40adcda8 841 /* Split up strictly by any UID */
759c945a 842 journal_uid = realuid;
82499507 843 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
edc3797f
LP		 844 /* Split up by login UIDs. We do this only if the
845 * realuid is not root, in order not to accidentally
846 * leak privileged information to the user that is
847 * logged by a privileged process that is part of an
7517e174 848 * unprivileged session. */
8a0889df 849 journal_uid = owner;
da499392
KS		 850 else
851 journal_uid = 0;
759c945a 852
d07f7b9e 853 write_to_journal(s, journal_uid, iovec, n, priority);
d025f1e4
ZJS		 854}
855
856void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
857 char mid[11 + 32 + 1];
8a03c9ef
ZJS		 858 struct iovec iovec[N_IOVEC_META_FIELDS + 5 + N_IOVEC_PAYLOAD_FIELDS];
859 unsigned n = 0, m;
32917e33 860 int r;
d025f1e4 861 va_list ap;
b92bea5d 862 struct ucred ucred = {};
d025f1e4
ZJS		 863
864 assert(s);
865 assert(format);
866
4850d39a 867 assert_cc(3 == LOG_FAC(LOG_DAEMON));
b6fa2555
EV		 868 IOVEC_SET_STRING(iovec[n++], "SYSLOG_FACILITY=3");
869 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=systemd-journald");
870
d025f1e4 871 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
4850d39a 872 assert_cc(6 == LOG_INFO);
32917e33 873 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
d025f1e4
ZJS		 874
875 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
e2cc6eca 876 snprintf(mid, sizeof(mid), LOG_MESSAGE_ID(message_id));
d025f1e4
ZJS		 877 IOVEC_SET_STRING(iovec[n++], mid);
878 }
879
8a03c9ef
ZJS		 880 m = n;
881
882 va_start(ap, format);
32917e33
ZJS		 883 r = log_format_iovec(iovec, ELEMENTSOF(iovec), &n, false, 0, format, ap);
884 /* Error handling below */
8a03c9ef
ZJS		 885 va_end(ap);
886
d025f1e4
ZJS		 887 ucred.pid = getpid();
888 ucred.uid = getuid();
889 ucred.gid = getgid();
890
32917e33
ZJS		 891 if (r >= 0)
892 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
8a03c9ef
ZJS		 893
894 while (m < n)
895 free(iovec[m++].iov_base);
32917e33
ZJS		 896
897 if (r < 0) {
898 /* We failed to format the message. Emit a warning instead. */
899 char buf[LINE_MAX];
900
901 xsprintf(buf, "MESSAGE=Entry printing failed: %s", strerror(-r));
902
903 n = 3;
904 IOVEC_SET_STRING(iovec[n++], "PRIORITY=4");
905 IOVEC_SET_STRING(iovec[n++], buf);
906 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
907 }
d025f1e4
ZJS		 908}
909
910void server_dispatch_message(
911 Server *s,
912 struct iovec *iovec, unsigned n, unsigned m,
3b3154df
LP		 913 const struct ucred *ucred,
914 const struct timeval *tv,
d025f1e4
ZJS		 915 const char *label, size_t label_len,
916 const char *unit_id,
968f3196
ZJS		 917 int priority,
918 pid_t object_pid) {
d025f1e4 919
7027ff61 920 int rl, r;
7fd1b19b 921 _cleanup_free_ char *path = NULL;
8580d1f7 922 uint64_t available = 0;
db91ea32 923 char *c;
d025f1e4
ZJS		 924
925 assert(s);
926 assert(iovec || n == 0);
927
928 if (n == 0)
929 return;
930
931 if (LOG_PRI(priority) > s->max_level_store)
932 return;
933
2f5df74a
HHPF		 934 /* Stop early in case the information will not be stored
935 * in a journal. */
936 if (s->storage == STORAGE_NONE)
937 return;
938
d025f1e4
ZJS		 939 if (!ucred)
940 goto finish;
941
e9174f29 942 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &path);
7027ff61 943 if (r < 0)
d025f1e4
ZJS		 944 goto finish;
945
946 /* example: /user/lennart/3/foobar
947 * /system/dbus.service/foobar
948 *
949 * So let's cut of everything past the third /, since that is
950 * where user directories start */
951
952 c = strchr(path, '/');
953 if (c) {
954 c = strchr(c+1, '/');
955 if (c) {
956 c = strchr(c+1, '/');
957 if (c)
958 *c = 0;
959 }
960 }
961
8580d1f7
LP		 962 (void) determine_space(s, false, false, &available, NULL);
963 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available);
db91ea32 964 if (rl == 0)
d025f1e4 965 return;
d025f1e4
ZJS		 966
967 /* Write a suppression message if we suppressed something */
968 if (rl > 1)
db91ea32 969 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
8a03c9ef
ZJS		 970 LOG_MESSAGE("Suppressed %u messages from %s", rl - 1, path),
971 NULL);
d025f1e4
ZJS		 972
973finish:
d07f7b9e 974 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
d025f1e4
ZJS		 975}
976
977
caa2f4c0 978static int system_journal_open(Server *s, bool flush_requested) {
84267e40 979 const char *fn;
09eba4d4 980 int r = 0;
d025f1e4
ZJS		 981
982 if (!s->system_journal &&
983 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
caa2f4c0
ZJS		 984 (flush_requested
985 || access("/run/systemd/journal/flushed", F_OK) >= 0)) {
d025f1e4
ZJS		 986
987 /* If in auto mode: first try to create the machine
988 * path, but not the prefix.
989 *
990 * If in persistent mode: create /var/log/journal and
991 * the machine path */
992
993 if (s->storage == STORAGE_PERSISTENT)
ac892057 994 (void) mkdir_p("/var/log/journal/", 0755);
d025f1e4 995
8580d1f7 996 fn = strjoina("/var/log/journal/", SERVER_MACHINE_ID(s));
d025f1e4 997 (void) mkdir(fn, 0755);
d025f1e4 998
63c372cb 999 fn = strjoina(fn, "/system.journal");
089ed40b 1000 r = open_journal(s, true, fn, O_RDWR|O_CREAT, s->seal, &s->system_metrics, &s->system_journal);
8580d1f7 1001 if (r >= 0) {
5c3bde3f 1002 server_add_acls(s->system_journal, 0);
8580d1f7
LP		 1003 (void) determine_space_for(s, &s->system_metrics, "/var/log/journal/", "System journal", true, true, NULL, NULL);
1004 } else if (r < 0) {
433dd100 1005 if (r != -ENOENT && r != -EROFS)
da927ba9 1006 log_warning_errno(r, "Failed to open system journal: %m");
e40ec7ae 1007
433dd100
LN		 1008 r = 0;
1009 }
d025f1e4
ZJS		 1010 }
1011
1012 if (!s->runtime_journal &&
1013 (s->storage != STORAGE_NONE)) {
1014
8580d1f7 1015 fn = strjoina("/run/log/journal/", SERVER_MACHINE_ID(s), "/system.journal");
d025f1e4
ZJS		 1016
1017 if (s->system_journal) {
1018
1019 /* Try to open the runtime journal, but only
1020 * if it already exists, so that we can flush
1021 * it into the system journal */
1022
089ed40b 1023 r = open_journal(s, false, fn, O_RDWR, false, &s->runtime_metrics, &s->runtime_journal);
d025f1e4
ZJS		 1024 if (r < 0) {
1025 if (r != -ENOENT)
da927ba9 1026 log_warning_errno(r, "Failed to open runtime journal: %m");
d025f1e4
ZJS		 1027
1028 r = 0;
1029 }
1030
1031 } else {
1032
1033 /* OK, we really need the runtime journal, so create
1034 * it if necessary. */
1035
fc1d70af
LP		 1036 (void) mkdir("/run/log", 0755);
1037 (void) mkdir("/run/log/journal", 0755);
1038 (void) mkdir_parents(fn, 0750);
1039
089ed40b 1040 r = open_journal(s, true, fn, O_RDWR|O_CREAT, false, &s->runtime_metrics, &s->runtime_journal);
23bbb0de
MS		 1041 if (r < 0)
1042 return log_error_errno(r, "Failed to open runtime journal: %m");
d025f1e4
ZJS		 1043 }
1044
8580d1f7 1045 if (s->runtime_journal) {
5c3bde3f 1046 server_add_acls(s->runtime_journal, 0);
8580d1f7
LP		 1047 (void) determine_space_for(s, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", true, true, NULL, NULL);
1048 }
d025f1e4
ZJS		 1049 }
1050
1051 return r;
1052}
1053
1054int server_flush_to_var(Server *s) {
d025f1e4
ZJS		 1055 sd_id128_t machine;
1056 sd_journal *j = NULL;
fbb63411
LP		 1057 char ts[FORMAT_TIMESPAN_MAX];
1058 usec_t start;
1059 unsigned n = 0;
1060 int r;
d025f1e4
ZJS		 1061
1062 assert(s);
1063
1064 if (s->storage != STORAGE_AUTO &&
1065 s->storage != STORAGE_PERSISTENT)
1066 return 0;
1067
1068 if (!s->runtime_journal)
1069 return 0;
1070
8580d1f7 1071 (void) system_journal_open(s, true);
d025f1e4
ZJS		 1072
1073 if (!s->system_journal)
1074 return 0;
1075
1076 log_debug("Flushing to /var...");
1077
fbb63411
LP		 1078 start = now(CLOCK_MONOTONIC);
1079
d025f1e4 1080 r = sd_id128_get_machine(&machine);
00a16861 1081 if (r < 0)
d025f1e4 1082 return r;
d025f1e4
ZJS		 1083
1084 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
23bbb0de
MS		 1085 if (r < 0)
1086 return log_error_errno(r, "Failed to read runtime journal: %m");
d025f1e4 1087
93b73b06
LP		 1088 sd_journal_set_data_threshold(j, 0);
1089
d025f1e4
ZJS		 1090 SD_JOURNAL_FOREACH(j) {
1091 Object *o = NULL;
1092 JournalFile *f;
1093
1094 f = j->current_file;
1095 assert(f && f->current_offset > 0);
1096
fbb63411
LP		 1097 n++;
1098
d025f1e4
ZJS		 1099 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1100 if (r < 0) {
da927ba9 1101 log_error_errno(r, "Can't read entry: %m");
d025f1e4
ZJS		 1102 goto finish;
1103 }
1104
1105 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1106 if (r >= 0)
1107 continue;
1108
1109 if (!shall_try_append_again(s->system_journal, r)) {
da927ba9 1110 log_error_errno(r, "Can't write entry: %m");
d025f1e4
ZJS		 1111 goto finish;
1112 }
1113
1114 server_rotate(s);
8580d1f7 1115 server_vacuum(s, false, false);
d025f1e4 1116
253f59df
LP		 1117 if (!s->system_journal) {
1118 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1119 r = -EIO;
1120 goto finish;
1121 }
1122
d025f1e4
ZJS		 1123 log_debug("Retrying write.");
1124 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1125 if (r < 0) {
da927ba9 1126 log_error_errno(r, "Can't write entry: %m");
d025f1e4
ZJS		 1127 goto finish;
1128 }
1129 }
1130
804ae586
LP		 1131 r = 0;
1132
d025f1e4
ZJS		 1133finish:
1134 journal_file_post_change(s->system_journal);
1135
804ae586 1136 s->runtime_journal = journal_file_close(s->runtime_journal);
d025f1e4
ZJS		 1137
1138 if (r >= 0)
c6878637 1139 (void) rm_rf("/run/log/journal", REMOVE_ROOT);
d025f1e4 1140
763c7aa2 1141 sd_journal_close(j);
d025f1e4 1142
8a03c9ef
ZJS		 1143 server_driver_message(s, SD_ID128_NULL,
1144 LOG_MESSAGE("Time spent on flushing to /var is %s for %u entries.",
1145 format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0),
1146 n),
1147 NULL);
fbb63411 1148
d025f1e4
ZJS		 1149 return r;
1150}
1151
8531ae70 1152int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
f9a810be 1153 Server *s = userdata;
a315ac4e
LP		 1154 struct ucred *ucred = NULL;
1155 struct timeval *tv = NULL;
1156 struct cmsghdr *cmsg;
1157 char *label = NULL;
1158 size_t label_len = 0, m;
1159 struct iovec iovec;
1160 ssize_t n;
1161 int *fds = NULL, v = 0;
1162 unsigned n_fds = 0;
1163
1164 union {
1165 struct cmsghdr cmsghdr;
1166
1167 /* We use NAME_MAX space for the SELinux label
1168 * here. The kernel currently enforces no
1169 * limit, but according to suggestions from
1170 * the SELinux people this will change and it
1171 * will probably be identical to NAME_MAX. For
1172 * now we use that, but this should be updated
1173 * one day when the final limit is known. */
1174 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1175 CMSG_SPACE(sizeof(struct timeval)) +
1176 CMSG_SPACE(sizeof(int)) + /* fd */
1177 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1178 } control = {};
1179
1180 union sockaddr_union sa = {};
1181
1182 struct msghdr msghdr = {
1183 .msg_iov = &iovec,
1184 .msg_iovlen = 1,
1185 .msg_control = &control,
1186 .msg_controllen = sizeof(control),
1187 .msg_name = &sa,
1188 .msg_namelen = sizeof(sa),
1189 };
f9a810be 1190
d025f1e4 1191 assert(s);
875c2e22 1192 assert(fd == s->native_fd || fd == s->syslog_fd || fd == s->audit_fd);
f9a810be
LP		 1193
1194 if (revents != EPOLLIN) {
1195 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1196 return -EIO;
1197 }
1198
a315ac4e
LP		 1199 /* Try to get the right size, if we can. (Not all
1200 * sockets support SIOCINQ, hence we just try, but
1201 * don't rely on it. */
1202 (void) ioctl(fd, SIOCINQ, &v);
d025f1e4 1203
a315ac4e
LP		 1204 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1205 m = PAGE_ALIGN(MAX3((size_t) v + 1,
1206 (size_t) LINE_MAX,
1207 ALIGN(sizeof(struct nlmsghdr)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH)) + 1);
d025f1e4 1208
a315ac4e
LP		 1209 if (!GREEDY_REALLOC(s->buffer, s->buffer_size, m))
1210 return log_oom();
875c2e22 1211
a315ac4e
LP		 1212 iovec.iov_base = s->buffer;
1213 iovec.iov_len = s->buffer_size - 1; /* Leave room for trailing NUL we add later */
d025f1e4 1214
a315ac4e
LP		 1215 n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1216 if (n < 0) {
1217 if (errno == EINTR || errno == EAGAIN)
1218 return 0;
875c2e22 1219
a315ac4e
LP		 1220 return log_error_errno(errno, "recvmsg() failed: %m");
1221 }
875c2e22 1222
a315ac4e
LP		 1223 CMSG_FOREACH(cmsg, &msghdr) {
1224
1225 if (cmsg->cmsg_level == SOL_SOCKET &&
1226 cmsg->cmsg_type == SCM_CREDENTIALS &&
1227 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1228 ucred = (struct ucred*) CMSG_DATA(cmsg);
1229 else if (cmsg->cmsg_level == SOL_SOCKET &&
1230 cmsg->cmsg_type == SCM_SECURITY) {
1231 label = (char*) CMSG_DATA(cmsg);
1232 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1233 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1234 cmsg->cmsg_type == SO_TIMESTAMP &&
1235 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1236 tv = (struct timeval*) CMSG_DATA(cmsg);
1237 else if (cmsg->cmsg_level == SOL_SOCKET &&
1238 cmsg->cmsg_type == SCM_RIGHTS) {
1239 fds = (int*) CMSG_DATA(cmsg);
1240 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
d025f1e4 1241 }
a315ac4e 1242 }
d025f1e4 1243
a315ac4e
LP		 1244 /* And a trailing NUL, just in case */
1245 s->buffer[n] = 0;
1246
1247 if (fd == s->syslog_fd) {
1248 if (n > 0 && n_fds == 0)
1249 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1250 else if (n_fds > 0)
1251 log_warning("Got file descriptors via syslog socket. Ignoring.");
1252
1253 } else if (fd == s->native_fd) {
1254 if (n > 0 && n_fds == 0)
1255 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1256 else if (n == 0 && n_fds == 1)
1257 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1258 else if (n_fds > 0)
1259 log_warning("Got too many file descriptors via native socket. Ignoring.");
1260
1261 } else {
1262 assert(fd == s->audit_fd);
1263
1264 if (n > 0 && n_fds == 0)
1265 server_process_audit_message(s, s->buffer, n, ucred, &sa, msghdr.msg_namelen);
1266 else if (n_fds > 0)
1267 log_warning("Got file descriptors via audit socket. Ignoring.");
f9a810be 1268 }
a315ac4e
LP		 1269
1270 close_many(fds, n_fds);
1271 return 0;
f9a810be 1272}
d025f1e4 1273
f9a810be
LP		 1274static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1275 Server *s = userdata;
33d52ab9 1276 int r;
d025f1e4 1277
f9a810be 1278 assert(s);
d025f1e4 1279
94b65516 1280 log_info("Received request to flush runtime journal from PID " PID_FMT, si->ssi_pid);
d025f1e4 1281
f9a810be
LP		 1282 server_flush_to_var(s);
1283 server_sync(s);
8580d1f7 1284 server_vacuum(s, false, false);
d025f1e4 1285
33d52ab9
LP		 1286 r = touch("/run/systemd/journal/flushed");
1287 if (r < 0)
1288 log_warning_errno(r, "Failed to touch /run/systemd/journal/flushed, ignoring: %m");
74055aa7 1289
f9a810be
LP		 1290 return 0;
1291}
d025f1e4 1292
f9a810be
LP		 1293static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1294 Server *s = userdata;
33d52ab9 1295 int r;
d025f1e4 1296
f9a810be 1297 assert(s);
d025f1e4 1298
94b65516 1299 log_info("Received request to rotate journal from PID " PID_FMT, si->ssi_pid);
f9a810be 1300 server_rotate(s);
8580d1f7 1301 server_vacuum(s, true, true);
d025f1e4 1302
dbd6e31c 1303 /* Let clients know when the most recent rotation happened. */
33d52ab9
LP		 1304 r = write_timestamp_file_atomic("/run/systemd/journal/rotated", now(CLOCK_MONOTONIC));
1305 if (r < 0)
1306 log_warning_errno(r, "Failed to write /run/systemd/journal/rotated, ignoring: %m");
dbd6e31c 1307
f9a810be
LP		 1308 return 0;
1309}
d025f1e4 1310
f9a810be
LP		 1311static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1312 Server *s = userdata;
d025f1e4 1313
f9a810be 1314 assert(s);
d025f1e4 1315
4daf54a8 1316 log_received_signal(LOG_INFO, si);
d025f1e4 1317
6203e07a 1318 sd_event_exit(s->event, 0);
d025f1e4
ZJS		 1319 return 0;
1320}
1321
94b65516
LP		 1322static int dispatch_sigrtmin1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1323 Server *s = userdata;
33d52ab9 1324 int r;
94b65516
LP		 1325
1326 assert(s);
1327
1328 log_debug("Received request to sync from PID " PID_FMT, si->ssi_pid);
1329
1330 server_sync(s);
1331
1332 /* Let clients know when the most recent sync happened. */
33d52ab9
LP		 1333 r = write_timestamp_file_atomic("/run/systemd/journal/synced", now(CLOCK_MONOTONIC));
1334 if (r < 0)
1335 log_warning_errno(r, "Failed to write /run/systemd/journal/synced, ignoring: %m");
94b65516
LP		 1336
1337 return 0;
1338}
1339
f9a810be 1340static int setup_signals(Server *s) {
f9a810be 1341 int r;
d025f1e4
ZJS		 1342
1343 assert(s);
1344
94b65516 1345 assert(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, SIGRTMIN+1, -1) >= 0);
d025f1e4 1346
151b9b96 1347 r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s);
f9a810be
LP		 1348 if (r < 0)
1349 return r;
1350
151b9b96 1351 r = sd_event_add_signal(s->event, &s->sigusr2_event_source, SIGUSR2, dispatch_sigusr2, s);
f9a810be
LP		 1352 if (r < 0)
1353 return r;
d025f1e4 1354
151b9b96 1355 r = sd_event_add_signal(s->event, &s->sigterm_event_source, SIGTERM, dispatch_sigterm, s);
f9a810be
LP		 1356 if (r < 0)
1357 return r;
d025f1e4 1358
b374689c
LP		 1359 /* Let's process SIGTERM late, so that we flush all queued
1360 * messages to disk before we exit */
1361 r = sd_event_source_set_priority(s->sigterm_event_source, SD_EVENT_PRIORITY_NORMAL+20);
1362 if (r < 0)
1363 return r;
1364
1365 /* When journald is invoked on the terminal (when debugging),
1366 * it's useful if C-c is handled equivalent to SIGTERM. */
151b9b96 1367 r = sd_event_add_signal(s->event, &s->sigint_event_source, SIGINT, dispatch_sigterm, s);
f9a810be
LP		 1368 if (r < 0)
1369 return r;
d025f1e4 1370
b374689c
LP		 1371 r = sd_event_source_set_priority(s->sigint_event_source, SD_EVENT_PRIORITY_NORMAL+20);
1372 if (r < 0)
1373 return r;
1374
94b65516
LP		 1375 /* SIGRTMIN+1 causes an immediate sync. We process this very
1376 * late, so that everything else queued at this point is
1377 * really written to disk. Clients can watch
1378 * /run/systemd/journal/synced with inotify until its mtime
1379 * changes to see when a sync happened. */
1380 r = sd_event_add_signal(s->event, &s->sigrtmin1_event_source, SIGRTMIN+1, dispatch_sigrtmin1, s);
1381 if (r < 0)
1382 return r;
1383
1384 r = sd_event_source_set_priority(s->sigrtmin1_event_source, SD_EVENT_PRIORITY_NORMAL+15);
1385 if (r < 0)
1386 return r;
1387
d025f1e4
ZJS		 1388 return 0;
1389}
1390
1391static int server_parse_proc_cmdline(Server *s) {
7fd1b19b 1392 _cleanup_free_ char *line = NULL;
d581d9d9 1393 const char *p;
74df0fca 1394 int r;
d025f1e4 1395
74df0fca 1396 r = proc_cmdline(&line);
b5884878 1397 if (r < 0) {
da927ba9 1398 log_warning_errno(r, "Failed to read /proc/cmdline, ignoring: %m");
d025f1e4 1399 return 0;
b5884878 1400 }
d025f1e4 1401
d581d9d9
SS		 1402 p = line;
1403 for(;;) {
ff82c36c 1404 _cleanup_free_ char *word = NULL;
d025f1e4 1405
d581d9d9
SS		 1406 r = extract_first_word(&p, &word, NULL, 0);
1407 if (r < 0)
1408 return log_error_errno(r, "Failed to parse journald syntax \"%s\": %m", line);
1409
1410 if (r == 0)
1411 break;
d025f1e4
ZJS		 1412
1413 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1414 r = parse_boolean(word + 35);
1415 if (r < 0)
1416 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1417 else
1418 s->forward_to_syslog = r;
1419 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1420 r = parse_boolean(word + 33);
1421 if (r < 0)
1422 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1423 else
1424 s->forward_to_kmsg = r;
1425 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1426 r = parse_boolean(word + 36);
1427 if (r < 0)
1428 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1429 else
1430 s->forward_to_console = r;
40b71e89
ST		 1431 } else if (startswith(word, "systemd.journald.forward_to_wall=")) {
1432 r = parse_boolean(word + 33);
1433 if (r < 0)
1434 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word + 33);
1435 else
1436 s->forward_to_wall = r;
d025f1e4
ZJS		 1437 } else if (startswith(word, "systemd.journald"))
1438 log_warning("Invalid systemd.journald parameter. Ignoring.");
d025f1e4
ZJS		 1439 }
1440
804ae586 1441 /* do not warn about state here, since probably systemd already did */
db91ea32 1442 return 0;
d025f1e4
ZJS		 1443}
1444
1445static int server_parse_config_file(Server *s) {
d025f1e4
ZJS		 1446 assert(s);
1447
75eb6154
LP		 1448 return config_parse_many(PKGSYSCONFDIR "/journald.conf",
1449 CONF_PATHS_NULSTR("systemd/journald.conf.d"),
a9edaeff
JT		 1450 "Journal\0",
1451 config_item_perf_lookup, journald_gperf_lookup,
1452 false, s);
d025f1e4
ZJS		 1453}
1454
f9a810be
LP		 1455static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1456 Server *s = userdata;
26687bf8
OS		 1457
1458 assert(s);
1459
f9a810be 1460 server_sync(s);
26687bf8
OS		 1461 return 0;
1462}
1463
d07f7b9e 1464int server_schedule_sync(Server *s, int priority) {
26687bf8
OS		 1465 int r;
1466
26687bf8
OS		 1467 assert(s);
1468
d07f7b9e
LP		 1469 if (priority <= LOG_CRIT) {
1470 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1471 server_sync(s);
1472 return 0;
1473 }
1474
26687bf8
OS		 1475 if (s->sync_scheduled)
1476 return 0;
1477
f9a810be
LP		 1478 if (s->sync_interval_usec > 0) {
1479 usec_t when;
ca267016 1480
6a0f1f6d 1481 r = sd_event_now(s->event, CLOCK_MONOTONIC, &when);
f9a810be
LP		 1482 if (r < 0)
1483 return r;
26687bf8 1484
f9a810be
LP		 1485 when += s->sync_interval_usec;
1486
1487 if (!s->sync_event_source) {
6a0f1f6d
LP		 1488 r = sd_event_add_time(
1489 s->event,
1490 &s->sync_event_source,
1491 CLOCK_MONOTONIC,
1492 when, 0,
1493 server_dispatch_sync, s);
f9a810be
LP		 1494 if (r < 0)
1495 return r;
1496
1497 r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1498 } else {
1499 r = sd_event_source_set_time(s->sync_event_source, when);
1500 if (r < 0)
1501 return r;
1502
1503 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1504 }
26687bf8 1505 if (r < 0)
f9a810be 1506 return r;
26687bf8 1507
f9a810be
LP		 1508 s->sync_scheduled = true;
1509 }
26687bf8
OS		 1510
1511 return 0;
1512}
1513
0c24bb23
LP		 1514static int dispatch_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1515 Server *s = userdata;
1516
1517 assert(s);
1518
1519 server_cache_hostname(s);
1520 return 0;
1521}
1522
1523static int server_open_hostname(Server *s) {
1524 int r;
1525
1526 assert(s);
1527
1528 s->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
4a62c710
MS		 1529 if (s->hostname_fd < 0)
1530 return log_error_errno(errno, "Failed to open /proc/sys/kernel/hostname: %m");
0c24bb23 1531
151b9b96 1532 r = sd_event_add_io(s->event, &s->hostname_event_source, s->hostname_fd, 0, dispatch_hostname_change, s);
0c24bb23 1533 if (r < 0) {
28def94c
DR		 1534 /* kernels prior to 3.2 don't support polling this file. Ignore
1535 * the failure. */
1536 if (r == -EPERM) {
e53fc357 1537 log_warning_errno(r, "Failed to register hostname fd in event loop, ignoring: %m");
03e334a1 1538 s->hostname_fd = safe_close(s->hostname_fd);
28def94c
DR		 1539 return 0;
1540 }
1541
23bbb0de 1542 return log_error_errno(r, "Failed to register hostname fd in event loop: %m");
0c24bb23
LP		 1543 }
1544
1545 r = sd_event_source_set_priority(s->hostname_event_source, SD_EVENT_PRIORITY_IMPORTANT-10);
23bbb0de
MS		 1546 if (r < 0)
1547 return log_error_errno(r, "Failed to adjust priority of host name event source: %m");
0c24bb23
LP		 1548
1549 return 0;
1550}
1551
e22aa3d3
LP		 1552static int dispatch_notify_event(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1553 Server *s = userdata;
1554 int r;
1555
1556 assert(s);
1557 assert(s->notify_event_source == es);
1558 assert(s->notify_fd == fd);
1559
e22aa3d3 1560 /* The $NOTIFY_SOCKET is writable again, now send exactly one
119e9655
LP		 1561 * message on it. Either it's the wtachdog event, the initial
1562 * READY=1 event or an stdout stream event. If there's nothing
1563 * to write anymore, turn our event source off. The next time
1564 * there's something to send it will be turned on again. */
e22aa3d3
LP		 1565
1566 if (!s->sent_notify_ready) {
1567 static const char p[] =
1568 "READY=1\n"
1569 "STATUS=Processing requests...";
1570 ssize_t l;
1571
1572 l = send(s->notify_fd, p, strlen(p), MSG_DONTWAIT);
1573 if (l < 0) {
1574 if (errno == EAGAIN)
1575 return 0;
1576
1577 return log_error_errno(errno, "Failed to send READY=1 notification message: %m");
1578 }
1579
1580 s->sent_notify_ready = true;
1581 log_debug("Sent READY=1 notification.");
1582
119e9655
LP		 1583 } else if (s->send_watchdog) {
1584
1585 static const char p[] =
1586 "WATCHDOG=1";
1587
1588 ssize_t l;
1589
1590 l = send(s->notify_fd, p, strlen(p), MSG_DONTWAIT);
1591 if (l < 0) {
1592 if (errno == EAGAIN)
1593 return 0;
1594
1595 return log_error_errno(errno, "Failed to send WATCHDOG=1 notification message: %m");
1596 }
1597
1598 s->send_watchdog = false;
1599 log_debug("Sent WATCHDOG=1 notification.");
1600
e22aa3d3
LP		 1601 } else if (s->stdout_streams_notify_queue)
1602 /* Dispatch one stream notification event */
1603 stdout_stream_send_notify(s->stdout_streams_notify_queue);
1604
1605 /* Leave us enabled if there's still more to to do. */
119e9655 1606 if (s->send_watchdog || s->stdout_streams_notify_queue)
e22aa3d3
LP		 1607 return 0;
1608
1609 /* There was nothing to do anymore, let's turn ourselves off. */
1610 r = sd_event_source_set_enabled(es, SD_EVENT_OFF);
1611 if (r < 0)
1612 return log_error_errno(r, "Failed to turn off notify event source: %m");
1613
1614 return 0;
1615}
1616
119e9655
LP		 1617static int dispatch_watchdog(sd_event_source *es, uint64_t usec, void *userdata) {
1618 Server *s = userdata;
1619 int r;
1620
1621 assert(s);
1622
1623 s->send_watchdog = true;
1624
1625 r = sd_event_source_set_enabled(s->notify_event_source, SD_EVENT_ON);
1626 if (r < 0)
1627 log_warning_errno(r, "Failed to turn on notify event source: %m");
1628
1629 r = sd_event_source_set_time(s->watchdog_event_source, usec + s->watchdog_usec / 2);
1630 if (r < 0)
1631 return log_error_errno(r, "Failed to restart watchdog event source: %m");
1632
1633 r = sd_event_source_set_enabled(s->watchdog_event_source, SD_EVENT_ON);
1634 if (r < 0)
1635 return log_error_errno(r, "Failed to enable watchdog event source: %m");
1636
1637 return 0;
1638}
1639
e22aa3d3
LP		 1640static int server_connect_notify(Server *s) {
1641 union sockaddr_union sa = {
1642 .un.sun_family = AF_UNIX,
1643 };
1644 const char *e;
1645 int r;
1646
1647 assert(s);
1648 assert(s->notify_fd < 0);
1649 assert(!s->notify_event_source);
1650
1651 /*
1652 So here's the problem: we'd like to send notification
1653 messages to PID 1, but we cannot do that via sd_notify(),
1654 since that's synchronous, and we might end up blocking on
1655 it. Specifically: given that PID 1 might block on
1656 dbus-daemon during IPC, and dbus-daemon is logging to us,
1657 and might hence block on us, we might end up in a deadlock
1658 if we block on sending PID 1 notification messages -- by
1659 generating a full blocking circle. To avoid this, let's
1660 create a non-blocking socket, and connect it to the
1661 notification socket, and then wait for POLLOUT before we
1662 send anything. This should efficiently avoid any deadlocks,
1663 as we'll never block on PID 1, hence PID 1 can safely block
1664 on dbus-daemon which can safely block on us again.
1665
1666 Don't think that this issue is real? It is, see:
1667 https://github.com/systemd/systemd/issues/1505
1668 */
1669
1670 e = getenv("NOTIFY_SOCKET");
1671 if (!e)
1672 return 0;
1673
1674 if ((e[0] != '@' && e[0] != '/') || e[1] == 0) {
1675 log_error("NOTIFY_SOCKET set to an invalid value: %s", e);
1676 return -EINVAL;
1677 }
1678
1679 if (strlen(e) > sizeof(sa.un.sun_path)) {
1680 log_error("NOTIFY_SOCKET path too long: %s", e);
1681 return -EINVAL;
1682 }
1683
1684 s->notify_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
1685 if (s->notify_fd < 0)
1686 return log_error_errno(errno, "Failed to create notify socket: %m");
1687
1688 (void) fd_inc_sndbuf(s->notify_fd, NOTIFY_SNDBUF_SIZE);
1689
1690 strncpy(sa.un.sun_path, e, sizeof(sa.un.sun_path));
1691 if (sa.un.sun_path[0] == '@')
1692 sa.un.sun_path[0] = 0;
1693
1694 r = connect(s->notify_fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(e));
1695 if (r < 0)
1696 return log_error_errno(errno, "Failed to connect to notify socket: %m");
1697
1698 r = sd_event_add_io(s->event, &s->notify_event_source, s->notify_fd, EPOLLOUT, dispatch_notify_event, s);
1699 if (r < 0)
1700 return log_error_errno(r, "Failed to watch notification socket: %m");
1701
119e9655
LP		 1702 if (sd_watchdog_enabled(false, &s->watchdog_usec) > 0) {
1703 s->send_watchdog = true;
1704
4de2402b 1705 r = sd_event_add_time(s->event, &s->watchdog_event_source, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + s->watchdog_usec/2, s->watchdog_usec/4, dispatch_watchdog, s);
119e9655
LP		 1706 if (r < 0)
1707 return log_error_errno(r, "Failed to add watchdog time event: %m");
1708 }
1709
e22aa3d3
LP		 1710 /* This should fire pretty soon, which we'll use to send the
1711 * READY=1 event. */
1712
1713 return 0;
1714}
1715
d025f1e4 1716int server_init(Server *s) {
13790add 1717 _cleanup_fdset_free_ FDSet *fds = NULL;
d025f1e4 1718 int n, r, fd;
7d18d348 1719 bool no_sockets;
d025f1e4
ZJS		 1720
1721 assert(s);
1722
1723 zero(*s);
e22aa3d3 1724 s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = s->audit_fd = s->hostname_fd = s->notify_fd = -1;
d025f1e4
ZJS		 1725 s->compress = true;
1726 s->seal = true;
1727
119e9655
LP		 1728 s->watchdog_usec = USEC_INFINITY;
1729
26687bf8
OS		 1730 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1731 s->sync_scheduled = false;
1732
d025f1e4
ZJS		 1733 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1734 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1735
40b71e89 1736 s->forward_to_wall = true;
d025f1e4 1737
e150e820
MB		 1738 s->max_file_usec = DEFAULT_MAX_FILE_USEC;
1739
d025f1e4
ZJS		 1740 s->max_level_store = LOG_DEBUG;
1741 s->max_level_syslog = LOG_DEBUG;
1742 s->max_level_kmsg = LOG_NOTICE;
1743 s->max_level_console = LOG_INFO;
40b71e89 1744 s->max_level_wall = LOG_EMERG;
d025f1e4 1745
8580d1f7
LP		 1746 journal_reset_metrics(&s->system_metrics);
1747 journal_reset_metrics(&s->runtime_metrics);
d025f1e4
ZJS		 1748
1749 server_parse_config_file(s);
1750 server_parse_proc_cmdline(s);
8580d1f7 1751
d288f79f 1752 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
b1389b0d
ZJS		 1753 log_debug("Setting both rate limit interval and burst from "USEC_FMT",%u to 0,0",
1754 s->rate_limit_interval, s->rate_limit_burst);
d288f79f
ZJS		 1755 s->rate_limit_interval = s->rate_limit_burst = 0;
1756 }
d025f1e4 1757
8580d1f7 1758 (void) mkdir_p("/run/systemd/journal", 0755);
d025f1e4 1759
43cf8388 1760 s->user_journals = ordered_hashmap_new(NULL);
d025f1e4
ZJS		 1761 if (!s->user_journals)
1762 return log_oom();
1763
1764 s->mmap = mmap_cache_new();
1765 if (!s->mmap)
1766 return log_oom();
1767
f9a810be 1768 r = sd_event_default(&s->event);
23bbb0de
MS		 1769 if (r < 0)
1770 return log_error_errno(r, "Failed to create event loop: %m");
d025f1e4
ZJS		 1771
1772 n = sd_listen_fds(true);
23bbb0de
MS		 1773 if (n < 0)
1774 return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
d025f1e4
ZJS		 1775
1776 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1777
1778 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1779
1780 if (s->native_fd >= 0) {
1781 log_error("Too many native sockets passed.");
1782 return -EINVAL;
1783 }
1784
1785 s->native_fd = fd;
1786
1787 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1788
1789 if (s->stdout_fd >= 0) {
1790 log_error("Too many stdout sockets passed.");
1791 return -EINVAL;
1792 }
1793
1794 s->stdout_fd = fd;
1795
03ee5c38
LP		 1796 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 ||
1797 sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) {
d025f1e4
ZJS		 1798
1799 if (s->syslog_fd >= 0) {
1800 log_error("Too many /dev/log sockets passed.");
1801 return -EINVAL;
1802 }
1803
1804 s->syslog_fd = fd;
1805
875c2e22
LP		 1806 } else if (sd_is_socket(fd, AF_NETLINK, SOCK_RAW, -1) > 0) {
1807
1808 if (s->audit_fd >= 0) {
1809 log_error("Too many audit sockets passed.");
1810 return -EINVAL;
1811 }
1812
1813 s->audit_fd = fd;
1814
4ec3cd73 1815 } else {
4ec3cd73 1816
13790add
LP		 1817 if (!fds) {
1818 fds = fdset_new();
1819 if (!fds)
1820 return log_oom();
1821 }
4ec3cd73 1822
13790add
LP		 1823 r = fdset_put(fds, fd);
1824 if (r < 0)
1825 return log_oom();
4ec3cd73 1826 }
d025f1e4
ZJS		 1827 }
1828
15d91bff
ZJS		 1829 /* Try to restore streams, but don't bother if this fails */
1830 (void) server_restore_streams(s, fds);
d025f1e4 1831
13790add
LP		 1832 if (fdset_size(fds) > 0) {
1833 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
1834 fds = fdset_free(fds);
1835 }
1836
7d18d348
ZJS		 1837 no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0;
1838
1839 /* always open stdout, syslog, native, and kmsg sockets */
37b7affe
ZJS		 1840
1841 /* systemd-journald.socket: /run/systemd/journal/stdout */
15d91bff
ZJS		 1842 r = server_open_stdout_socket(s);
1843 if (r < 0)
1844 return r;
1845
37b7affe 1846 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
13790add 1847 r = server_open_syslog_socket(s);
d025f1e4
ZJS		 1848 if (r < 0)
1849 return r;
1850
37b7affe 1851 /* systemd-journald.socket: /run/systemd/journal/socket */
13790add 1852 r = server_open_native_socket(s);
d025f1e4
ZJS		 1853 if (r < 0)
1854 return r;
1855
37b7affe 1856 /* /dev/ksmg */
d025f1e4
ZJS		 1857 r = server_open_dev_kmsg(s);
1858 if (r < 0)
1859 return r;
1860
7d18d348
ZJS		 1861 /* Unless we got *some* sockets and not audit, open audit socket */
1862 if (s->audit_fd >= 0 || no_sockets) {
1863 r = server_open_audit(s);
1864 if (r < 0)
1865 return r;
1866 }
875c2e22 1867
d025f1e4
ZJS		 1868 r = server_open_kernel_seqnum(s);
1869 if (r < 0)
1870 return r;
1871
0c24bb23
LP		 1872 r = server_open_hostname(s);
1873 if (r < 0)
1874 return r;
1875
f9a810be 1876 r = setup_signals(s);
d025f1e4
ZJS		 1877 if (r < 0)
1878 return r;
1879
1880 s->udev = udev_new();
1881 if (!s->udev)
1882 return -ENOMEM;
1883
f9a810be 1884 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
d025f1e4
ZJS		 1885 if (!s->rate_limit)
1886 return -ENOMEM;
1887
e9174f29
LP		 1888 r = cg_get_root_path(&s->cgroup_root);
1889 if (r < 0)
1890 return r;
1891
0c24bb23
LP		 1892 server_cache_hostname(s);
1893 server_cache_boot_id(s);
1894 server_cache_machine_id(s);
1895
e22aa3d3
LP		 1896 (void) server_connect_notify(s);
1897
804ae586 1898 return system_journal_open(s, false);
d025f1e4
ZJS		 1899}
1900
1901void server_maybe_append_tags(Server *s) {
1902#ifdef HAVE_GCRYPT
1903 JournalFile *f;
1904 Iterator i;
1905 usec_t n;
1906
1907 n = now(CLOCK_REALTIME);
1908
1909 if (s->system_journal)
1910 journal_file_maybe_append_tag(s->system_journal, n);
1911
43cf8388 1912 ORDERED_HASHMAP_FOREACH(f, s->user_journals, i)
d025f1e4
ZJS		 1913 journal_file_maybe_append_tag(f, n);
1914#endif
1915}
1916
1917void server_done(Server *s) {
1918 JournalFile *f;
1919 assert(s);
1920
1921 while (s->stdout_streams)
1922 stdout_stream_free(s->stdout_streams);
1923
1924 if (s->system_journal)
69a3a6fd 1925 (void) journal_file_close(s->system_journal);
d025f1e4
ZJS		 1926
1927 if (s->runtime_journal)
69a3a6fd 1928 (void) journal_file_close(s->runtime_journal);
d025f1e4 1929
43cf8388 1930 while ((f = ordered_hashmap_steal_first(s->user_journals)))
69a3a6fd 1931 (void) journal_file_close(f);
d025f1e4 1932
43cf8388 1933 ordered_hashmap_free(s->user_journals);
d025f1e4 1934
f9a810be
LP		 1935 sd_event_source_unref(s->syslog_event_source);
1936 sd_event_source_unref(s->native_event_source);
1937 sd_event_source_unref(s->stdout_event_source);
1938 sd_event_source_unref(s->dev_kmsg_event_source);
875c2e22 1939 sd_event_source_unref(s->audit_event_source);
f9a810be
LP		 1940 sd_event_source_unref(s->sync_event_source);
1941 sd_event_source_unref(s->sigusr1_event_source);
1942 sd_event_source_unref(s->sigusr2_event_source);
1943 sd_event_source_unref(s->sigterm_event_source);
1944 sd_event_source_unref(s->sigint_event_source);
94b65516 1945 sd_event_source_unref(s->sigrtmin1_event_source);
0c24bb23 1946 sd_event_source_unref(s->hostname_event_source);
e22aa3d3 1947 sd_event_source_unref(s->notify_event_source);
119e9655 1948 sd_event_source_unref(s->watchdog_event_source);
f9a810be 1949 sd_event_unref(s->event);
d025f1e4 1950
03e334a1
LP		 1951 safe_close(s->syslog_fd);
1952 safe_close(s->native_fd);
1953 safe_close(s->stdout_fd);
1954 safe_close(s->dev_kmsg_fd);
875c2e22 1955 safe_close(s->audit_fd);
03e334a1 1956 safe_close(s->hostname_fd);
e22aa3d3 1957 safe_close(s->notify_fd);
0c24bb23 1958
d025f1e4
ZJS		 1959 if (s->rate_limit)
1960 journal_rate_limit_free(s->rate_limit);
1961
1962 if (s->kernel_seqnum)
1963 munmap(s->kernel_seqnum, sizeof(uint64_t));
1964
1965 free(s->buffer);
1966 free(s->tty_path);
e9174f29 1967 free(s->cgroup_root);
99d0966e 1968 free(s->hostname_field);
d025f1e4
ZJS		 1969
1970 if (s->mmap)
1971 mmap_cache_unref(s->mmap);
1972
3e044c49 1973 udev_unref(s->udev);
d025f1e4 1974}
8580d1f7
LP		 1975
1976static const char* const storage_table[_STORAGE_MAX] = {
1977 [STORAGE_AUTO] = "auto",
1978 [STORAGE_VOLATILE] = "volatile",
1979 [STORAGE_PERSISTENT] = "persistent",
1980 [STORAGE_NONE] = "none"
1981};
1982
1983DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
1984DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
1985
1986static const char* const split_mode_table[_SPLIT_MAX] = {
1987 [SPLIT_LOGIN] = "login",
1988 [SPLIT_UID] = "uid",
1989 [SPLIT_NONE] = "none",
1990};
1991
1992DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
1993DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
Unnamed repository; edit this file 'description' to name the repository.