1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
34 #include <sys/inotify.h>
39 #include "sd-journal.h"
42 #include "alloc-util.h"
43 #include "bus-error.h"
46 #include "chattr-util.h"
51 #include "glob-util.h"
52 #include "hostname-util.h"
54 #include "journal-def.h"
55 #include "journal-internal.h"
56 #include "journal-qrcode.h"
57 #include "journal-vacuum.h"
58 #include "journal-verify.h"
59 #include "locale-util.h"
61 #include "logs-show.h"
64 #include "parse-util.h"
65 #include "path-util.h"
66 #include "rlimit-util.h"
70 #include "syslog-util.h"
71 #include "terminal-util.h"
72 #include "unit-name.h"
73 #include "user-util.h"
75 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
78 /* Special values for arg_lines */
79 ARG_LINES_DEFAULT
= -2,
83 static OutputMode arg_output
= OUTPUT_SHORT
;
84 static bool arg_utc
= false;
85 static bool arg_pager_end
= false;
86 static bool arg_follow
= false;
87 static bool arg_full
= true;
88 static bool arg_all
= false;
89 static bool arg_no_pager
= false;
90 static int arg_lines
= ARG_LINES_DEFAULT
;
91 static bool arg_no_tail
= false;
92 static bool arg_quiet
= false;
93 static bool arg_merge
= false;
94 static bool arg_boot
= false;
95 static sd_id128_t arg_boot_id
= {};
96 static int arg_boot_offset
= 0;
97 static bool arg_dmesg
= false;
98 static const char *arg_cursor
= NULL
;
99 static const char *arg_after_cursor
= NULL
;
100 static bool arg_show_cursor
= false;
101 static const char *arg_directory
= NULL
;
102 static char **arg_file
= NULL
;
103 static int arg_priorities
= 0xFF;
104 static const char *arg_verify_key
= NULL
;
106 static usec_t arg_interval
= DEFAULT_FSS_INTERVAL_USEC
;
107 static bool arg_force
= false;
109 static usec_t arg_since
, arg_until
;
110 static bool arg_since_set
= false, arg_until_set
= false;
111 static char **arg_syslog_identifier
= NULL
;
112 static char **arg_system_units
= NULL
;
113 static char **arg_user_units
= NULL
;
114 static const char *arg_field
= NULL
;
115 static bool arg_catalog
= false;
116 static bool arg_reverse
= false;
117 static int arg_journal_type
= 0;
118 static char *arg_root
= NULL
;
119 static const char *arg_machine
= NULL
;
120 static uint64_t arg_vacuum_size
= 0;
121 static uint64_t arg_vacuum_n_files
= 0;
122 static usec_t arg_vacuum_time
= 0;
133 ACTION_UPDATE_CATALOG
,
138 } arg_action
= ACTION_SHOW
;
140 typedef struct BootId
{
144 LIST_FIELDS(struct BootId
, boot_list
);
147 static void pager_open_if_enabled(void) {
152 pager_open(arg_pager_end
);
155 static char *format_timestamp_maybe_utc(char *buf
, size_t l
, usec_t t
) {
158 return format_timestamp_utc(buf
, l
, t
);
160 return format_timestamp(buf
, l
, t
);
163 static int parse_boot_descriptor(const char *x
, sd_id128_t
*boot_id
, int *offset
) {
164 sd_id128_t id
= SD_ID128_NULL
;
167 if (strlen(x
) >= 32) {
171 r
= sd_id128_from_string(t
, &id
);
175 if (*x
!= '-' && *x
!= '+' && *x
!= 0)
179 r
= safe_atoi(x
, &off
);
184 r
= safe_atoi(x
, &off
);
198 static void help(void) {
200 pager_open_if_enabled();
202 printf("%s [OPTIONS...] [MATCHES...]\n\n"
203 "Query the journal.\n\n"
205 " --system Show the system journal\n"
206 " --user Show the user journal for the current user\n"
207 " -M --machine=CONTAINER Operate on local container\n"
208 " -S --since=DATE Show entries not older than the specified date\n"
209 " -U --until=DATE Show entries not newer than the specified date\n"
210 " -c --cursor=CURSOR Show entries starting at the specified cursor\n"
211 " --after-cursor=CURSOR Show entries after the specified cursor\n"
212 " --show-cursor Print the cursor after all the entries\n"
213 " -b --boot[=ID] Show current boot or the specified boot\n"
214 " --list-boots Show terse information about recorded boots\n"
215 " -k --dmesg Show kernel message log from the current boot\n"
216 " -u --unit=UNIT Show logs from the specified unit\n"
217 " --user-unit=UNIT Show logs from the specified user unit\n"
218 " -t --identifier=STRING Show entries with the specified syslog identifier\n"
219 " -p --priority=RANGE Show entries with the specified priority\n"
220 " -e --pager-end Immediately jump to the end in the pager\n"
221 " -f --follow Follow the journal\n"
222 " -n --lines[=INTEGER] Number of journal entries to show\n"
223 " --no-tail Show all lines, even in follow mode\n"
224 " -r --reverse Show the newest entries first\n"
225 " -o --output=STRING Change journal output mode (short, short-iso,\n"
226 " short-precise, short-monotonic, verbose,\n"
227 " export, json, json-pretty, json-sse, cat)\n"
228 " --utc Express time in Coordinated Universal Time (UTC)\n"
229 " -x --catalog Add message explanations where available\n"
230 " --no-full Ellipsize fields\n"
231 " -a --all Show all fields, including long and unprintable\n"
232 " -q --quiet Do not show info messages and privilege warning\n"
233 " --no-pager Do not pipe output into a pager\n"
234 " -m --merge Show entries from all available journals\n"
235 " -D --directory=PATH Show journal files from directory\n"
236 " --file=PATH Show journal file\n"
237 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
239 " --interval=TIME Time interval for changing the FSS sealing key\n"
240 " --verify-key=KEY Specify FSS verification key\n"
241 " --force Override of the FSS key pair with --setup-keys\n"
244 " -h --help Show this help text\n"
245 " --version Show package version\n"
246 " -F --field=FIELD List all values that a specified field takes\n"
247 " --new-id128 Generate a new 128-bit ID\n"
248 " --disk-usage Show total disk usage of all journal files\n"
249 " --vacuum-size=BYTES Reduce disk usage below specified size\n"
250 " --vacuum-files=INT Leave only the specified number of journal files\n"
251 " --vacuum-time=TIME Remove journal files older than specified time\n"
252 " --flush Flush all journal data from /run into /var\n"
253 " --rotate Request immediate rotation of the journal files\n"
254 " --header Show journal header information\n"
255 " --list-catalog Show all message IDs in the catalog\n"
256 " --dump-catalog Show entries in the message catalog\n"
257 " --update-catalog Update the message catalog database\n"
259 " --setup-keys Generate a new FSS key pair\n"
260 " --verify Verify journal file consistency\n"
262 , program_invocation_short_name
);
265 static int parse_argv(int argc
, char *argv
[]) {
299 static const struct option options
[] = {
300 { "help", no_argument
, NULL
, 'h' },
301 { "version" , no_argument
, NULL
, ARG_VERSION
},
302 { "no-pager", no_argument
, NULL
, ARG_NO_PAGER
},
303 { "pager-end", no_argument
, NULL
, 'e' },
304 { "follow", no_argument
, NULL
, 'f' },
305 { "force", no_argument
, NULL
, ARG_FORCE
},
306 { "output", required_argument
, NULL
, 'o' },
307 { "all", no_argument
, NULL
, 'a' },
308 { "full", no_argument
, NULL
, 'l' },
309 { "no-full", no_argument
, NULL
, ARG_NO_FULL
},
310 { "lines", optional_argument
, NULL
, 'n' },
311 { "no-tail", no_argument
, NULL
, ARG_NO_TAIL
},
312 { "new-id128", no_argument
, NULL
, ARG_NEW_ID128
},
313 { "quiet", no_argument
, NULL
, 'q' },
314 { "merge", no_argument
, NULL
, 'm' },
315 { "boot", optional_argument
, NULL
, 'b' },
316 { "list-boots", no_argument
, NULL
, ARG_LIST_BOOTS
},
317 { "this-boot", optional_argument
, NULL
, 'b' }, /* deprecated */
318 { "dmesg", no_argument
, NULL
, 'k' },
319 { "system", no_argument
, NULL
, ARG_SYSTEM
},
320 { "user", no_argument
, NULL
, ARG_USER
},
321 { "directory", required_argument
, NULL
, 'D' },
322 { "file", required_argument
, NULL
, ARG_FILE
},
323 { "root", required_argument
, NULL
, ARG_ROOT
},
324 { "header", no_argument
, NULL
, ARG_HEADER
},
325 { "identifier", required_argument
, NULL
, 't' },
326 { "priority", required_argument
, NULL
, 'p' },
327 { "setup-keys", no_argument
, NULL
, ARG_SETUP_KEYS
},
328 { "interval", required_argument
, NULL
, ARG_INTERVAL
},
329 { "verify", no_argument
, NULL
, ARG_VERIFY
},
330 { "verify-key", required_argument
, NULL
, ARG_VERIFY_KEY
},
331 { "disk-usage", no_argument
, NULL
, ARG_DISK_USAGE
},
332 { "cursor", required_argument
, NULL
, 'c' },
333 { "after-cursor", required_argument
, NULL
, ARG_AFTER_CURSOR
},
334 { "show-cursor", no_argument
, NULL
, ARG_SHOW_CURSOR
},
335 { "since", required_argument
, NULL
, 'S' },
336 { "until", required_argument
, NULL
, 'U' },
337 { "unit", required_argument
, NULL
, 'u' },
338 { "user-unit", required_argument
, NULL
, ARG_USER_UNIT
},
339 { "field", required_argument
, NULL
, 'F' },
340 { "catalog", no_argument
, NULL
, 'x' },
341 { "list-catalog", no_argument
, NULL
, ARG_LIST_CATALOG
},
342 { "dump-catalog", no_argument
, NULL
, ARG_DUMP_CATALOG
},
343 { "update-catalog", no_argument
, NULL
, ARG_UPDATE_CATALOG
},
344 { "reverse", no_argument
, NULL
, 'r' },
345 { "machine", required_argument
, NULL
, 'M' },
346 { "utc", no_argument
, NULL
, ARG_UTC
},
347 { "flush", no_argument
, NULL
, ARG_FLUSH
},
348 { "rotate", no_argument
, NULL
, ARG_ROTATE
},
349 { "vacuum-size", required_argument
, NULL
, ARG_VACUUM_SIZE
},
350 { "vacuum-files", required_argument
, NULL
, ARG_VACUUM_FILES
},
351 { "vacuum-time", required_argument
, NULL
, ARG_VACUUM_TIME
},
360 while ((c
= getopt_long(argc
, argv
, "hefo:aln::qmb::kD:p:c:S:U:t:u:F:xrM:", options
, NULL
)) >= 0)
376 arg_pager_end
= true;
378 if (arg_lines
== ARG_LINES_DEFAULT
)
388 arg_output
= output_mode_from_string(optarg
);
389 if (arg_output
< 0) {
390 log_error("Unknown output format '%s'.", optarg
);
394 if (arg_output
== OUTPUT_EXPORT
||
395 arg_output
== OUTPUT_JSON
||
396 arg_output
== OUTPUT_JSON_PRETTY
||
397 arg_output
== OUTPUT_JSON_SSE
||
398 arg_output
== OUTPUT_CAT
)
417 if (streq(optarg
, "all"))
418 arg_lines
= ARG_LINES_ALL
;
420 r
= safe_atoi(optarg
, &arg_lines
);
421 if (r
< 0 || arg_lines
< 0) {
422 log_error("Failed to parse lines '%s'", optarg
);
429 /* Hmm, no argument? Maybe the next
430 * word on the command line is
431 * supposed to be the argument? Let's
432 * see if there is one, and is
436 if (streq(argv
[optind
], "all")) {
437 arg_lines
= ARG_LINES_ALL
;
439 } else if (safe_atoi(argv
[optind
], &n
) >= 0 && n
>= 0) {
453 arg_action
= ACTION_NEW_ID128
;
468 r
= parse_boot_descriptor(optarg
, &arg_boot_id
, &arg_boot_offset
);
470 log_error("Failed to parse boot descriptor '%s'", optarg
);
475 /* Hmm, no argument? Maybe the next
476 * word on the command line is
477 * supposed to be the argument? Let's
478 * see if there is one and is parsable
479 * as a boot descriptor... */
482 parse_boot_descriptor(argv
[optind
], &arg_boot_id
, &arg_boot_offset
) >= 0)
489 arg_action
= ACTION_LIST_BOOTS
;
493 arg_boot
= arg_dmesg
= true;
497 arg_journal_type
|= SD_JOURNAL_SYSTEM
;
501 arg_journal_type
|= SD_JOURNAL_CURRENT_USER
;
505 arg_machine
= optarg
;
509 arg_directory
= optarg
;
513 r
= glob_extend(&arg_file
, optarg
);
515 return log_error_errno(r
, "Failed to add paths: %m");
519 r
= parse_path_argument_and_warn(optarg
, true, &arg_root
);
528 case ARG_AFTER_CURSOR
:
529 arg_after_cursor
= optarg
;
532 case ARG_SHOW_CURSOR
:
533 arg_show_cursor
= true;
537 arg_action
= ACTION_PRINT_HEADER
;
541 arg_action
= ACTION_VERIFY
;
545 arg_action
= ACTION_DISK_USAGE
;
548 case ARG_VACUUM_SIZE
:
549 r
= parse_size(optarg
, 1024, &arg_vacuum_size
);
551 log_error("Failed to parse vacuum size: %s", optarg
);
555 arg_action
= ACTION_VACUUM
;
558 case ARG_VACUUM_FILES
:
559 r
= safe_atou64(optarg
, &arg_vacuum_n_files
);
561 log_error("Failed to parse vacuum files: %s", optarg
);
565 arg_action
= ACTION_VACUUM
;
568 case ARG_VACUUM_TIME
:
569 r
= parse_sec(optarg
, &arg_vacuum_time
);
571 log_error("Failed to parse vacuum time: %s", optarg
);
575 arg_action
= ACTION_VACUUM
;
584 arg_action
= ACTION_SETUP_KEYS
;
589 arg_action
= ACTION_VERIFY
;
590 arg_verify_key
= optarg
;
595 r
= parse_sec(optarg
, &arg_interval
);
596 if (r
< 0 || arg_interval
<= 0) {
597 log_error("Failed to parse sealing key change interval: %s", optarg
);
606 log_error("Forward-secure sealing not available.");
613 dots
= strstr(optarg
, "..");
619 a
= strndup(optarg
, dots
- optarg
);
623 from
= log_level_from_string(a
);
624 to
= log_level_from_string(dots
+ 2);
627 if (from
< 0 || to
< 0) {
628 log_error("Failed to parse log level range %s", optarg
);
635 for (i
= from
; i
<= to
; i
++)
636 arg_priorities
|= 1 << i
;
638 for (i
= to
; i
<= from
; i
++)
639 arg_priorities
|= 1 << i
;
645 p
= log_level_from_string(optarg
);
647 log_error("Unknown log level %s", optarg
);
653 for (i
= 0; i
<= p
; i
++)
654 arg_priorities
|= 1 << i
;
661 r
= parse_timestamp(optarg
, &arg_since
);
663 log_error("Failed to parse timestamp: %s", optarg
);
666 arg_since_set
= true;
670 r
= parse_timestamp(optarg
, &arg_until
);
672 log_error("Failed to parse timestamp: %s", optarg
);
675 arg_until_set
= true;
679 r
= strv_extend(&arg_syslog_identifier
, optarg
);
685 r
= strv_extend(&arg_system_units
, optarg
);
691 r
= strv_extend(&arg_user_units
, optarg
);
704 case ARG_LIST_CATALOG
:
705 arg_action
= ACTION_LIST_CATALOG
;
708 case ARG_DUMP_CATALOG
:
709 arg_action
= ACTION_DUMP_CATALOG
;
712 case ARG_UPDATE_CATALOG
:
713 arg_action
= ACTION_UPDATE_CATALOG
;
725 arg_action
= ACTION_FLUSH
;
729 arg_action
= ACTION_ROTATE
;
736 assert_not_reached("Unhandled option");
739 if (arg_follow
&& !arg_no_tail
&& !arg_since
&& arg_lines
== ARG_LINES_DEFAULT
)
742 if (!!arg_directory
+ !!arg_file
+ !!arg_machine
> 1) {
743 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
747 if (arg_since_set
&& arg_until_set
&& arg_since
> arg_until
) {
748 log_error("--since= must be before --until=.");
752 if (!!arg_cursor
+ !!arg_after_cursor
+ !!arg_since_set
> 1) {
753 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
757 if (arg_follow
&& arg_reverse
) {
758 log_error("Please specify either --reverse= or --follow=, not both.");
762 if (!IN_SET(arg_action
, ACTION_SHOW
, ACTION_DUMP_CATALOG
, ACTION_LIST_CATALOG
) && optind
< argc
) {
763 log_error("Extraneous arguments starting with '%s'", argv
[optind
]);
767 if ((arg_boot
|| arg_action
== ACTION_LIST_BOOTS
) && (arg_file
|| arg_directory
|| arg_merge
)) {
768 log_error("Using --boot or --list-boots with --file, --directory or --merge is not supported.");
775 static int generate_new_id128(void) {
780 r
= sd_id128_randomize(&id
);
782 return log_error_errno(r
, "Failed to generate ID: %m");
784 printf("As string:\n"
785 SD_ID128_FORMAT_STR
"\n\n"
787 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
789 "#define MESSAGE_XYZ SD_ID128_MAKE(",
790 SD_ID128_FORMAT_VAL(id
),
791 SD_ID128_FORMAT_VAL(id
));
792 for (i
= 0; i
< 16; i
++)
793 printf("%02x%s", id
.bytes
[i
], i
!= 15 ? "," : "");
794 fputs(")\n\n", stdout
);
796 printf("As Python constant:\n"
798 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR
"')\n",
799 SD_ID128_FORMAT_VAL(id
));
804 static int add_matches(sd_journal
*j
, char **args
) {
806 bool have_term
= false;
810 STRV_FOREACH(i
, args
) {
813 if (streq(*i
, "+")) {
816 r
= sd_journal_add_disjunction(j
);
819 } else if (path_is_absolute(*i
)) {
820 _cleanup_free_
char *p
, *t
= NULL
, *t2
= NULL
;
822 _cleanup_free_
char *interpreter
= NULL
;
825 p
= canonicalize_file_name(*i
);
828 if (lstat(path
, &st
) < 0)
829 return log_error_errno(errno
, "Couldn't stat file: %m");
831 if (S_ISREG(st
.st_mode
) && (0111 & st
.st_mode
)) {
832 if (executable_is_script(path
, &interpreter
) > 0) {
833 _cleanup_free_
char *comm
;
835 comm
= strndup(basename(path
), 15);
839 t
= strappend("_COMM=", comm
);
841 /* Append _EXE only if the interpreter is not a link.
842 Otherwise, it might be outdated often. */
843 if (lstat(interpreter
, &st
) == 0 &&
844 !S_ISLNK(st
.st_mode
)) {
845 t2
= strappend("_EXE=", interpreter
);
850 t
= strappend("_EXE=", path
);
851 } else if (S_ISCHR(st
.st_mode
))
852 (void) asprintf(&t
, "_KERNEL_DEVICE=c%u:%u", major(st
.st_rdev
), minor(st
.st_rdev
));
853 else if (S_ISBLK(st
.st_mode
))
854 (void) asprintf(&t
, "_KERNEL_DEVICE=b%u:%u", major(st
.st_rdev
), minor(st
.st_rdev
));
856 log_error("File is neither a device node, nor regular file, nor executable: %s", *i
);
863 r
= sd_journal_add_match(j
, t
, 0);
865 r
= sd_journal_add_match(j
, t2
, 0);
869 r
= sd_journal_add_match(j
, *i
, 0);
874 return log_error_errno(r
, "Failed to add match '%s': %m", *i
);
877 if (!strv_isempty(args
) && !have_term
) {
878 log_error("\"+\" can only be used between terms");
885 static void boot_id_free_all(BootId
*l
) {
889 LIST_REMOVE(boot_list
, l
, i
);
894 static int discover_next_boot(
898 bool read_realtime
) {
901 char match
[9+32+1] = "_BOOT_ID=";
902 _cleanup_free_ BootId
*next_boot
= NULL
;
907 /* We expect the journal to be on the last position of a boot
908 * (in relation to the direction we are going), so that the next
909 * invocation of sd_journal_next/previous will be from a different
910 * boot. We then collect any information we desire and then jump
911 * to the last location of the new boot by using a _BOOT_ID match
912 * coming from the other journal direction. */
914 /* Make sure we aren't restricted by any _BOOT_ID matches, so that
915 * we can actually advance to a *different* boot. */
916 sd_journal_flush_matches(j
);
919 r
= sd_journal_previous(j
);
921 r
= sd_journal_next(j
);
925 return 0; /* End of journal, yay. */
927 next_boot
= new0(BootId
, 1);
931 r
= sd_journal_get_monotonic_usec(j
, NULL
, &next_boot
->id
);
936 r
= sd_journal_get_realtime_usec(j
, &next_boot
->first
);
941 /* Now seek to the last occurrence of this boot ID. */
942 sd_id128_to_string(next_boot
->id
, match
+ 9);
943 r
= sd_journal_add_match(j
, match
, sizeof(match
) - 1);
948 r
= sd_journal_seek_head(j
);
950 r
= sd_journal_seek_tail(j
);
955 r
= sd_journal_next(j
);
957 r
= sd_journal_previous(j
);
961 return -ENODATA
; /* This shouldn't happen. We just came from this very boot ID. */
964 r
= sd_journal_get_realtime_usec(j
, &next_boot
->last
);
975 static int get_boots(
978 BootId
*query_ref_boot
,
979 int ref_boot_offset
) {
983 BootId
*head
= NULL
, *tail
= NULL
;
984 const bool advance_older
= query_ref_boot
&& ref_boot_offset
<= 0;
988 /* Adjust for the asymmetry that offset 0 is
989 * the last (and current) boot, while 1 is considered the
990 * (chronological) first boot in the journal. */
991 skip_once
= query_ref_boot
&& sd_id128_is_null(query_ref_boot
->id
) && ref_boot_offset
< 0;
993 /* Advance to the earliest/latest occurrence of our reference
994 * boot ID (taking our lookup direction into account), so that
995 * discover_next_boot() can do its job.
996 * If no reference is given, the journal head/tail will do,
997 * they're "virtual" boots after all. */
998 if (query_ref_boot
&& !sd_id128_is_null(query_ref_boot
->id
)) {
999 char match
[9+32+1] = "_BOOT_ID=";
1001 sd_journal_flush_matches(j
);
1003 sd_id128_to_string(query_ref_boot
->id
, match
+ 9);
1004 r
= sd_journal_add_match(j
, match
, sizeof(match
) - 1);
1009 r
= sd_journal_seek_head(j
);
1011 r
= sd_journal_seek_tail(j
);
1016 r
= sd_journal_next(j
);
1018 r
= sd_journal_previous(j
);
1023 else if (ref_boot_offset
== 0) {
1029 r
= sd_journal_seek_tail(j
);
1031 r
= sd_journal_seek_head(j
);
1035 /* No sd_journal_next/previous here. */
1039 _cleanup_free_ BootId
*current
= NULL
;
1041 r
= discover_next_boot(j
, ¤t
, advance_older
, !query_ref_boot
);
1043 boot_id_free_all(head
);
1050 if (query_ref_boot
) {
1052 ref_boot_offset
+= advance_older
? 1 : -1;
1055 if (ref_boot_offset
== 0) {
1057 query_ref_boot
->id
= current
->id
;
1061 LIST_INSERT_AFTER(boot_list
, head
, tail
, current
);
1072 sd_journal_flush_matches(j
);
1077 static int list_boots(sd_journal
*j
) {
1079 BootId
*id
, *all_ids
;
1083 count
= get_boots(j
, &all_ids
, NULL
, 0);
1085 return log_error_errno(count
, "Failed to determine boots: %m");
1089 pager_open_if_enabled();
1091 /* numbers are one less, but we need an extra char for the sign */
1092 w
= DECIMAL_STR_WIDTH(count
- 1) + 1;
1095 LIST_FOREACH(boot_list
, id
, all_ids
) {
1096 char a
[FORMAT_TIMESTAMP_MAX
], b
[FORMAT_TIMESTAMP_MAX
];
1098 printf("% *i " SD_ID128_FORMAT_STR
" %s—%s\n",
1100 SD_ID128_FORMAT_VAL(id
->id
),
1101 format_timestamp_maybe_utc(a
, sizeof(a
), id
->first
),
1102 format_timestamp_maybe_utc(b
, sizeof(b
), id
->last
));
1106 boot_id_free_all(all_ids
);
1111 static int add_boot(sd_journal
*j
) {
1112 char match
[9+32+1] = "_BOOT_ID=";
1114 BootId ref_boot_id
= {};
1121 if (arg_boot_offset
== 0 && sd_id128_equal(arg_boot_id
, SD_ID128_NULL
))
1122 return add_match_this_boot(j
, arg_machine
);
1124 ref_boot_id
.id
= arg_boot_id
;
1125 r
= get_boots(j
, NULL
, &ref_boot_id
, arg_boot_offset
);
1128 const char *reason
= (r
== 0) ? "No such boot ID in journal" : strerror(-r
);
1130 if (sd_id128_is_null(arg_boot_id
))
1131 log_error("Failed to look up boot %+i: %s", arg_boot_offset
, reason
);
1133 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR
"%+i: %s",
1134 SD_ID128_FORMAT_VAL(arg_boot_id
), arg_boot_offset
, reason
);
1136 return r
== 0 ? -ENODATA
: r
;
1139 sd_id128_to_string(ref_boot_id
.id
, match
+ 9);
1141 r
= sd_journal_add_match(j
, match
, sizeof(match
) - 1);
1143 return log_error_errno(r
, "Failed to add match: %m");
1145 r
= sd_journal_add_conjunction(j
);
1147 return log_error_errno(r
, "Failed to add conjunction: %m");
1152 static int add_dmesg(sd_journal
*j
) {
1159 r
= sd_journal_add_match(j
, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
1161 return log_error_errno(r
, "Failed to add match: %m");
1163 r
= sd_journal_add_conjunction(j
);
1165 return log_error_errno(r
, "Failed to add conjunction: %m");
1170 static int get_possible_units(
1176 _cleanup_set_free_free_ Set
*found
;
1180 found
= set_new(&string_hash_ops
);
1184 NULSTR_FOREACH(field
, fields
) {
1188 r
= sd_journal_query_unique(j
, field
);
1192 SD_JOURNAL_FOREACH_UNIQUE(j
, data
, size
) {
1193 char **pattern
, *eq
;
1195 _cleanup_free_
char *u
= NULL
;
1197 eq
= memchr(data
, '=', size
);
1199 prefix
= eq
- (char*) data
+ 1;
1203 u
= strndup((char*) data
+ prefix
, size
- prefix
);
1207 STRV_FOREACH(pattern
, patterns
)
1208 if (fnmatch(*pattern
, u
, FNM_NOESCAPE
) == 0) {
1209 log_debug("Matched %s with pattern %s=%s", u
, field
, *pattern
);
1211 r
= set_consume(found
, u
);
1213 if (r
< 0 && r
!= -EEXIST
)
1226 /* This list is supposed to return the superset of unit names
1227 * possibly matched by rules added with add_matches_for_unit... */
1228 #define SYSTEM_UNITS \
1232 "OBJECT_SYSTEMD_UNIT\0" \
1235 /* ... and add_matches_for_user_unit */
1236 #define USER_UNITS \
1237 "_SYSTEMD_USER_UNIT\0" \
1239 "COREDUMP_USER_UNIT\0" \
1240 "OBJECT_SYSTEMD_USER_UNIT\0"
1242 static int add_units(sd_journal
*j
) {
1243 _cleanup_strv_free_
char **patterns
= NULL
;
1249 STRV_FOREACH(i
, arg_system_units
) {
1250 _cleanup_free_
char *u
= NULL
;
1252 r
= unit_name_mangle(*i
, UNIT_NAME_GLOB
, &u
);
1256 if (string_is_glob(u
)) {
1257 r
= strv_push(&patterns
, u
);
1262 r
= add_matches_for_unit(j
, u
);
1265 r
= sd_journal_add_disjunction(j
);
1272 if (!strv_isempty(patterns
)) {
1273 _cleanup_set_free_free_ Set
*units
= NULL
;
1277 r
= get_possible_units(j
, SYSTEM_UNITS
, patterns
, &units
);
1281 SET_FOREACH(u
, units
, it
) {
1282 r
= add_matches_for_unit(j
, u
);
1285 r
= sd_journal_add_disjunction(j
);
1292 patterns
= strv_free(patterns
);
1294 STRV_FOREACH(i
, arg_user_units
) {
1295 _cleanup_free_
char *u
= NULL
;
1297 r
= unit_name_mangle(*i
, UNIT_NAME_GLOB
, &u
);
1301 if (string_is_glob(u
)) {
1302 r
= strv_push(&patterns
, u
);
1307 r
= add_matches_for_user_unit(j
, u
, getuid());
1310 r
= sd_journal_add_disjunction(j
);
1317 if (!strv_isempty(patterns
)) {
1318 _cleanup_set_free_free_ Set
*units
= NULL
;
1322 r
= get_possible_units(j
, USER_UNITS
, patterns
, &units
);
1326 SET_FOREACH(u
, units
, it
) {
1327 r
= add_matches_for_user_unit(j
, u
, getuid());
1330 r
= sd_journal_add_disjunction(j
);
1337 /* Complain if the user request matches but nothing whatsoever was
1338 * found, since otherwise everything would be matched. */
1339 if (!(strv_isempty(arg_system_units
) && strv_isempty(arg_user_units
)) && count
== 0)
1342 r
= sd_journal_add_conjunction(j
);
1349 static int add_priorities(sd_journal
*j
) {
1350 char match
[] = "PRIORITY=0";
1354 if (arg_priorities
== 0xFF)
1357 for (i
= LOG_EMERG
; i
<= LOG_DEBUG
; i
++)
1358 if (arg_priorities
& (1 << i
)) {
1359 match
[sizeof(match
)-2] = '0' + i
;
1361 r
= sd_journal_add_match(j
, match
, strlen(match
));
1363 return log_error_errno(r
, "Failed to add match: %m");
1366 r
= sd_journal_add_conjunction(j
);
1368 return log_error_errno(r
, "Failed to add conjunction: %m");
1374 static int add_syslog_identifier(sd_journal
*j
) {
1380 STRV_FOREACH(i
, arg_syslog_identifier
) {
1383 u
= strjoina("SYSLOG_IDENTIFIER=", *i
);
1384 r
= sd_journal_add_match(j
, u
, 0);
1387 r
= sd_journal_add_disjunction(j
);
1392 r
= sd_journal_add_conjunction(j
);
1399 static int setup_keys(void) {
1401 size_t mpk_size
, seed_size
, state_size
, i
;
1402 uint8_t *mpk
, *seed
, *state
;
1404 sd_id128_t machine
, boot
;
1405 char *p
= NULL
, *k
= NULL
;
1410 r
= stat("/var/log/journal", &st
);
1411 if (r
< 0 && errno
!= ENOENT
&& errno
!= ENOTDIR
)
1412 return log_error_errno(errno
, "stat(\"%s\") failed: %m", "/var/log/journal");
1414 if (r
< 0 || !S_ISDIR(st
.st_mode
)) {
1415 log_error("%s is not a directory, must be using persistent logging for FSS.",
1416 "/var/log/journal");
1417 return r
< 0 ? -errno
: -ENOTDIR
;
1420 r
= sd_id128_get_machine(&machine
);
1422 return log_error_errno(r
, "Failed to get machine ID: %m");
1424 r
= sd_id128_get_boot(&boot
);
1426 return log_error_errno(r
, "Failed to get boot ID: %m");
1428 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/fss",
1429 SD_ID128_FORMAT_VAL(machine
)) < 0)
1434 if (r
< 0 && errno
!= ENOENT
) {
1435 r
= log_error_errno(errno
, "unlink(\"%s\") failed: %m", p
);
1438 } else if (access(p
, F_OK
) >= 0) {
1439 log_error("Sealing key file %s exists already. Use --force to recreate.", p
);
1444 if (asprintf(&k
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/fss.tmp.XXXXXX",
1445 SD_ID128_FORMAT_VAL(machine
)) < 0) {
1450 mpk_size
= FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR
);
1451 mpk
= alloca(mpk_size
);
1453 seed_size
= FSPRG_RECOMMENDED_SEEDLEN
;
1454 seed
= alloca(seed_size
);
1456 state_size
= FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR
);
1457 state
= alloca(state_size
);
1459 fd
= open("/dev/random", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
1461 r
= log_error_errno(errno
, "Failed to open /dev/random: %m");
1465 log_info("Generating seed...");
1466 r
= loop_read_exact(fd
, seed
, seed_size
, true);
1468 log_error_errno(r
, "Failed to read random seed: %m");
1472 log_info("Generating key pair...");
1473 FSPRG_GenMK(NULL
, mpk
, seed
, seed_size
, FSPRG_RECOMMENDED_SECPAR
);
1475 log_info("Generating sealing key...");
1476 FSPRG_GenState0(state
, mpk
, seed
, seed_size
);
1478 assert(arg_interval
> 0);
1480 n
= now(CLOCK_REALTIME
);
1484 fd
= mkostemp_safe(k
, O_WRONLY
|O_CLOEXEC
);
1486 r
= log_error_errno(errno
, "Failed to open %s: %m", k
);
1490 /* Enable secure remove, exclusion from dump, synchronous
1491 * writing and in-place updating */
1492 r
= chattr_fd(fd
, FS_SECRM_FL
|FS_NODUMP_FL
|FS_SYNC_FL
|FS_NOCOW_FL
, FS_SECRM_FL
|FS_NODUMP_FL
|FS_SYNC_FL
|FS_NOCOW_FL
);
1494 log_warning_errno(errno
, "Failed to set file attributes: %m");
1497 memcpy(h
.signature
, "KSHHRHLP", 8);
1498 h
.machine_id
= machine
;
1500 h
.header_size
= htole64(sizeof(h
));
1501 h
.start_usec
= htole64(n
* arg_interval
);
1502 h
.interval_usec
= htole64(arg_interval
);
1503 h
.fsprg_secpar
= htole16(FSPRG_RECOMMENDED_SECPAR
);
1504 h
.fsprg_state_size
= htole64(state_size
);
1506 r
= loop_write(fd
, &h
, sizeof(h
), false);
1508 log_error_errno(r
, "Failed to write header: %m");
1512 r
= loop_write(fd
, state
, state_size
, false);
1514 log_error_errno(r
, "Failed to write state: %m");
1518 if (link(k
, p
) < 0) {
1519 r
= log_error_errno(errno
, "Failed to link file: %m");
1526 "The new key pair has been generated. The " ANSI_HIGHLIGHT
"secret sealing key" ANSI_NORMAL
" has been written to\n"
1527 "the following local file. This key file is automatically updated when the\n"
1528 "sealing key is advanced. It should not be used on multiple hosts.\n"
1532 "Please write down the following " ANSI_HIGHLIGHT
"secret verification key" ANSI_NORMAL
". It should be stored\n"
1533 "at a safe location and should not be saved locally on disk.\n"
1534 "\n\t" ANSI_HIGHLIGHT_RED
, p
);
1537 for (i
= 0; i
< seed_size
; i
++) {
1538 if (i
> 0 && i
% 3 == 0)
1540 printf("%02x", ((uint8_t*) seed
)[i
]);
1543 printf("/%llx-%llx\n", (unsigned long long) n
, (unsigned long long) arg_interval
);
1546 char tsb
[FORMAT_TIMESPAN_MAX
], *hn
;
1550 "The sealing key is automatically changed every %s.\n",
1551 format_timespan(tsb
, sizeof(tsb
), arg_interval
, 0));
1553 hn
= gethostname_malloc();
1556 hostname_cleanup(hn
);
1557 fprintf(stderr
, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR
".\n", hn
, SD_ID128_FORMAT_VAL(machine
));
1559 fprintf(stderr
, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR
".\n", SD_ID128_FORMAT_VAL(machine
));
1561 #ifdef HAVE_QRENCODE
1562 /* If this is not an UTF-8 system don't print any QR codes */
1563 if (is_locale_utf8()) {
1564 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr
);
1565 print_qr_code(stderr
, seed
, seed_size
, n
, arg_interval
, hn
, machine
);
1585 log_error("Forward-secure sealing not available.");
1590 static int verify(sd_journal
*j
) {
1597 log_show_color(true);
1599 ORDERED_HASHMAP_FOREACH(f
, j
->files
, i
) {
1601 usec_t first
= 0, validated
= 0, last
= 0;
1604 if (!arg_verify_key
&& JOURNAL_HEADER_SEALED(f
->header
))
1605 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f
->path
);
1608 k
= journal_file_verify(f
, arg_verify_key
, &first
, &validated
, &last
, true);
1610 /* If the key was invalid give up right-away. */
1613 log_warning_errno(k
, "FAIL: %s (%m)", f
->path
);
1616 char a
[FORMAT_TIMESTAMP_MAX
], b
[FORMAT_TIMESTAMP_MAX
], c
[FORMAT_TIMESPAN_MAX
];
1617 log_info("PASS: %s", f
->path
);
1619 if (arg_verify_key
&& JOURNAL_HEADER_SEALED(f
->header
)) {
1620 if (validated
> 0) {
1621 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1622 format_timestamp_maybe_utc(a
, sizeof(a
), first
),
1623 format_timestamp_maybe_utc(b
, sizeof(b
), validated
),
1624 format_timespan(c
, sizeof(c
), last
> validated
? last
- validated
: 0, 0));
1625 } else if (last
> 0)
1626 log_info("=> No sealing yet, %s of entries not sealed.",
1627 format_timespan(c
, sizeof(c
), last
- first
, 0));
1629 log_info("=> No sealing yet, no entries in file.");
1637 static int access_check_var_log_journal(sd_journal
*j
) {
1639 _cleanup_strv_free_
char **g
= NULL
;
1649 /* If we are root, we should have access, don't warn. */
1653 /* If we are in the 'systemd-journal' group, we should have
1655 r
= in_group("systemd-journal");
1657 return log_error_errno(r
, "Failed to check if we are in the 'systemd-journal' group: %m");
1662 if (laccess("/run/log/journal", F_OK
) >= 0)
1663 dir
= "/run/log/journal";
1665 dir
= "/var/log/journal";
1667 /* If we are in any of the groups listed in the journal ACLs,
1668 * then all is good, too. Let's enumerate all groups from the
1669 * default ACL of the directory, which generally should allow
1670 * access to most journal files too. */
1671 r
= acl_search_groups(dir
, &g
);
1673 return log_error_errno(r
, "Failed to search journal ACL: %m");
1677 /* Print a pretty list, if there were ACLs set. */
1678 if (!strv_isempty(g
)) {
1679 _cleanup_free_
char *s
= NULL
;
1681 /* Thre are groups in the ACL, let's list them */
1682 r
= strv_extend(&g
, "systemd-journal");
1689 s
= strv_join(g
, "', '");
1693 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1694 " Users in groups '%s' can see all messages.\n"
1695 " Pass -q to turn off this notice.", s
);
1700 /* If no ACLs were found, print a short version of the message. */
1701 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1702 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1703 " turn off this notice.");
1708 static int access_check(sd_journal
*j
) {
1716 if (hashmap_isempty(j
->errors
)) {
1717 if (ordered_hashmap_isempty(j
->files
))
1718 log_notice("No journal files were found.");
1723 if (hashmap_contains(j
->errors
, INT_TO_PTR(-EACCES
))) {
1724 (void) access_check_var_log_journal(j
);
1726 if (ordered_hashmap_isempty(j
->files
))
1727 r
= log_error_errno(EACCES
, "No journal files were opened due to insufficient permissions.");
1730 HASHMAP_FOREACH_KEY(path
, code
, j
->errors
, it
) {
1733 err
= abs(PTR_TO_INT(code
));
1740 log_warning_errno(err
, "Journal file %s is truncated, ignoring file.", path
);
1743 case EPROTONOSUPPORT
:
1744 log_warning_errno(err
, "Journal file %s uses an unsupported feature, ignoring file.", path
);
1748 log_warning_errno(err
, "Journal file %s corrupted, ignoring file.", path
);
1752 log_warning_errno(err
, "An error was encountered while opening journal file %s, ignoring file.", path
);
1760 static int flush_to_var(void) {
1761 _cleanup_bus_error_free_ sd_bus_error error
= SD_BUS_ERROR_NULL
;
1762 _cleanup_bus_flush_close_unref_ sd_bus
*bus
= NULL
;
1763 _cleanup_close_
int watch_fd
= -1;
1767 if (access("/run/systemd/journal/flushed", F_OK
) >= 0)
1770 /* OK, let's actually do the full logic, send SIGUSR1 to the
1771 * daemon and set up inotify to wait for the flushed file to appear */
1772 r
= bus_connect_system_systemd(&bus
);
1774 return log_error_errno(r
, "Failed to get D-Bus connection: %m");
1776 r
= sd_bus_call_method(
1778 "org.freedesktop.systemd1",
1779 "/org/freedesktop/systemd1",
1780 "org.freedesktop.systemd1.Manager",
1784 "ssi", "systemd-journald.service", "main", SIGUSR1
);
1786 log_error("Failed to kill journal service: %s", bus_error_message(&error
, r
));
1790 mkdir_p("/run/systemd/journal", 0755);
1792 watch_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
1794 return log_error_errno(errno
, "Failed to create inotify watch: %m");
1796 r
= inotify_add_watch(watch_fd
, "/run/systemd/journal", IN_CREATE
|IN_DONT_FOLLOW
|IN_ONLYDIR
);
1798 return log_error_errno(errno
, "Failed to watch journal directory: %m");
1801 if (access("/run/systemd/journal/flushed", F_OK
) >= 0)
1804 if (errno
!= ENOENT
)
1805 return log_error_errno(errno
, "Failed to check for existence of /run/systemd/journal/flushed: %m");
1807 r
= fd_wait_for_event(watch_fd
, POLLIN
, USEC_INFINITY
);
1809 return log_error_errno(r
, "Failed to wait for event: %m");
1811 r
= flush_fd(watch_fd
);
1813 return log_error_errno(r
, "Failed to flush inotify events: %m");
1819 static int rotate(void) {
1820 _cleanup_bus_error_free_ sd_bus_error error
= SD_BUS_ERROR_NULL
;
1821 _cleanup_bus_flush_close_unref_ sd_bus
*bus
= NULL
;
1824 r
= bus_connect_system_systemd(&bus
);
1826 return log_error_errno(r
, "Failed to get D-Bus connection: %m");
1828 r
= sd_bus_call_method(
1830 "org.freedesktop.systemd1",
1831 "/org/freedesktop/systemd1",
1832 "org.freedesktop.systemd1.Manager",
1836 "ssi", "systemd-journald.service", "main", SIGUSR2
);
1838 return log_error_errno(r
, "Failed to kill journal service: %s", bus_error_message(&error
, r
));
1843 int main(int argc
, char *argv
[]) {
1845 _cleanup_journal_close_ sd_journal
*j
= NULL
;
1846 bool need_seek
= false;
1847 sd_id128_t previous_boot_id
;
1848 bool previous_boot_id_valid
= false, first_line
= true;
1850 bool ellipsized
= false;
1852 setlocale(LC_ALL
, "");
1853 log_parse_environment();
1856 r
= parse_argv(argc
, argv
);
1860 signal(SIGWINCH
, columns_lines_cache_reset
);
1863 /* Increase max number of open files to 16K if we can, we
1864 * might needs this when browsing journal files, which might
1865 * be split up into many files. */
1866 setrlimit_closest(RLIMIT_NOFILE
, &RLIMIT_MAKE_CONST(16384));
1868 if (arg_action
== ACTION_NEW_ID128
) {
1869 r
= generate_new_id128();
1873 if (arg_action
== ACTION_FLUSH
) {
1878 if (arg_action
== ACTION_ROTATE
) {
1883 if (arg_action
== ACTION_SETUP_KEYS
) {
1888 if (arg_action
== ACTION_UPDATE_CATALOG
||
1889 arg_action
== ACTION_LIST_CATALOG
||
1890 arg_action
== ACTION_DUMP_CATALOG
) {
1892 _cleanup_free_
char *database
;
1894 database
= path_join(arg_root
, CATALOG_DATABASE
, NULL
);
1900 if (arg_action
== ACTION_UPDATE_CATALOG
) {
1901 r
= catalog_update(database
, arg_root
, catalog_file_dirs
);
1903 log_error_errno(r
, "Failed to list catalog: %m");
1905 bool oneline
= arg_action
== ACTION_LIST_CATALOG
;
1907 pager_open_if_enabled();
1909 r
= catalog_list_items(stdout
, database
,
1910 oneline
, argv
+ optind
);
1912 r
= catalog_list(stdout
, database
, oneline
);
1914 log_error_errno(r
, "Failed to list catalog: %m");
1921 r
= sd_journal_open_directory(&j
, arg_directory
, arg_journal_type
);
1923 r
= sd_journal_open_files(&j
, (const char**) arg_file
, 0);
1924 else if (arg_machine
)
1925 r
= sd_journal_open_container(&j
, arg_machine
, 0);
1927 r
= sd_journal_open(&j
, !arg_merge
*SD_JOURNAL_LOCAL_ONLY
+ arg_journal_type
);
1929 log_error_errno(r
, "Failed to open %s: %m",
1930 arg_directory
? arg_directory
: arg_file
? "files" : "journal");
1934 r
= access_check(j
);
1938 if (arg_action
== ACTION_VERIFY
) {
1943 if (arg_action
== ACTION_PRINT_HEADER
) {
1944 journal_print_header(j
);
1949 if (arg_action
== ACTION_DISK_USAGE
) {
1951 char sbytes
[FORMAT_BYTES_MAX
];
1953 r
= sd_journal_get_usage(j
, &bytes
);
1957 printf("Archived and active journals take up %s on disk.\n",
1958 format_bytes(sbytes
, sizeof(sbytes
), bytes
));
1962 if (arg_action
== ACTION_VACUUM
) {
1966 HASHMAP_FOREACH(d
, j
->directories_by_path
, i
) {
1972 q
= journal_directory_vacuum(d
->path
, arg_vacuum_size
, arg_vacuum_n_files
, arg_vacuum_time
, NULL
, true);
1974 log_error_errno(q
, "Failed to vacuum %s: %m", d
->path
);
1982 if (arg_action
== ACTION_LIST_BOOTS
) {
1987 /* add_boot() must be called first!
1988 * It may need to seek the journal to find parent boot IDs. */
1999 log_error_errno(r
, "Failed to add filter for units: %m");
2003 r
= add_syslog_identifier(j
);
2005 log_error_errno(r
, "Failed to add filter for syslog identifiers: %m");
2009 r
= add_priorities(j
);
2013 r
= add_matches(j
, argv
+ optind
);
2017 if (_unlikely_(log_get_max_level() >= LOG_DEBUG
)) {
2018 _cleanup_free_
char *filter
;
2020 filter
= journal_make_match_string(j
);
2024 log_debug("Journal filter: %s", filter
);
2031 r
= sd_journal_set_data_threshold(j
, 0);
2033 log_error_errno(r
, "Failed to unset data size threshold: %m");
2037 r
= sd_journal_query_unique(j
, arg_field
);
2039 log_error_errno(r
, "Failed to query unique data objects: %m");
2043 SD_JOURNAL_FOREACH_UNIQUE(j
, data
, size
) {
2046 if (arg_lines
>= 0 && n_shown
>= arg_lines
)
2049 eq
= memchr(data
, '=', size
);
2051 printf("%.*s\n", (int) (size
- ((const uint8_t*) eq
- (const uint8_t*) data
+ 1)), (const char*) eq
+ 1);
2053 printf("%.*s\n", (int) size
, (const char*) data
);
2062 /* Opening the fd now means the first sd_journal_wait() will actually wait */
2064 r
= sd_journal_get_fd(j
);
2066 log_error_errno(r
, "Failed to get journal fd: %m");
2071 if (arg_cursor
|| arg_after_cursor
) {
2072 r
= sd_journal_seek_cursor(j
, arg_cursor
?: arg_after_cursor
);
2074 log_error_errno(r
, "Failed to seek to cursor: %m");
2079 r
= sd_journal_next_skip(j
, 1 + !!arg_after_cursor
);
2081 r
= sd_journal_previous_skip(j
, 1 + !!arg_after_cursor
);
2083 if (arg_after_cursor
&& r
< 2) {
2084 /* We couldn't find the next entry after the cursor. */
2091 } else if (arg_since_set
&& !arg_reverse
) {
2092 r
= sd_journal_seek_realtime_usec(j
, arg_since
);
2094 log_error_errno(r
, "Failed to seek to date: %m");
2097 r
= sd_journal_next(j
);
2099 } else if (arg_until_set
&& arg_reverse
) {
2100 r
= sd_journal_seek_realtime_usec(j
, arg_until
);
2102 log_error_errno(r
, "Failed to seek to date: %m");
2105 r
= sd_journal_previous(j
);
2107 } else if (arg_lines
>= 0) {
2108 r
= sd_journal_seek_tail(j
);
2110 log_error_errno(r
, "Failed to seek to tail: %m");
2114 r
= sd_journal_previous_skip(j
, arg_lines
);
2116 } else if (arg_reverse
) {
2117 r
= sd_journal_seek_tail(j
);
2119 log_error_errno(r
, "Failed to seek to tail: %m");
2123 r
= sd_journal_previous(j
);
2126 r
= sd_journal_seek_head(j
);
2128 log_error_errno(r
, "Failed to seek to head: %m");
2132 r
= sd_journal_next(j
);
2136 log_error_errno(r
, "Failed to iterate through journal: %m");
2143 printf("-- No entries --\n");
2149 pager_open_if_enabled();
2153 char start_buf
[FORMAT_TIMESTAMP_MAX
], end_buf
[FORMAT_TIMESTAMP_MAX
];
2155 r
= sd_journal_get_cutoff_realtime_usec(j
, &start
, &end
);
2157 log_error_errno(r
, "Failed to get cutoff: %m");
2163 printf("-- Logs begin at %s. --\n",
2164 format_timestamp_maybe_utc(start_buf
, sizeof(start_buf
), start
));
2166 printf("-- Logs begin at %s, end at %s. --\n",
2167 format_timestamp_maybe_utc(start_buf
, sizeof(start_buf
), start
),
2168 format_timestamp_maybe_utc(end_buf
, sizeof(end_buf
), end
));
2173 while (arg_lines
< 0 || n_shown
< arg_lines
|| (arg_follow
&& !first_line
)) {
2178 r
= sd_journal_next(j
);
2180 r
= sd_journal_previous(j
);
2182 log_error_errno(r
, "Failed to iterate through journal: %m");
2189 if (arg_until_set
&& !arg_reverse
) {
2192 r
= sd_journal_get_realtime_usec(j
, &usec
);
2194 log_error_errno(r
, "Failed to determine timestamp: %m");
2197 if (usec
> arg_until
)
2201 if (arg_since_set
&& arg_reverse
) {
2204 r
= sd_journal_get_realtime_usec(j
, &usec
);
2206 log_error_errno(r
, "Failed to determine timestamp: %m");
2209 if (usec
< arg_since
)
2213 if (!arg_merge
&& !arg_quiet
) {
2216 r
= sd_journal_get_monotonic_usec(j
, NULL
, &boot_id
);
2218 if (previous_boot_id_valid
&&
2219 !sd_id128_equal(boot_id
, previous_boot_id
))
2220 printf("%s-- Reboot --%s\n",
2221 ansi_highlight(), ansi_normal());
2223 previous_boot_id
= boot_id
;
2224 previous_boot_id_valid
= true;
2229 arg_all
* OUTPUT_SHOW_ALL
|
2230 arg_full
* OUTPUT_FULL_WIDTH
|
2231 on_tty() * OUTPUT_COLOR
|
2232 arg_catalog
* OUTPUT_CATALOG
|
2233 arg_utc
* OUTPUT_UTC
;
2235 r
= output_journal(stdout
, j
, arg_output
, 0, flags
, &ellipsized
);
2237 if (r
== -EADDRNOTAVAIL
)
2239 else if (r
< 0 || ferror(stdout
))
2246 if (arg_show_cursor
) {
2247 _cleanup_free_
char *cursor
= NULL
;
2249 r
= sd_journal_get_cursor(j
, &cursor
);
2250 if (r
< 0 && r
!= -EADDRNOTAVAIL
)
2251 log_error_errno(r
, "Failed to get cursor: %m");
2253 printf("-- cursor: %s\n", cursor
);
2259 r
= sd_journal_wait(j
, (uint64_t) -1);
2261 log_error_errno(r
, "Couldn't wait for journal event: %m");
2271 strv_free(arg_file
);
2273 strv_free(arg_syslog_identifier
);
2274 strv_free(arg_system_units
);
2275 strv_free(arg_user_units
);
2279 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;