]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journalctl.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
udev: add helper udev_device_new_from_stat_rdev()
[thirdparty/systemd.git] / src / journal / journalctl.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2011 Lennart Poettering
6 ***/
7
8 #include <errno.h>
9 #include <fcntl.h>
10 #include <fnmatch.h>
11 #include <getopt.h>
12 #include <linux/fs.h>
13 #include <locale.h>
14 #include <poll.h>
15 #include <signal.h>
16 #include <stddef.h>
17 #include <stdio.h>
18 #include <stdlib.h>
19 #include <string.h>
20 #include <sys/inotify.h>
21 #include <sys/stat.h>
22 #include <unistd.h>
23
24 #if HAVE_PCRE2
25 # define PCRE2_CODE_UNIT_WIDTH 8
26 # include <pcre2.h>
27 #endif
28
29 #include "sd-bus.h"
30 #include "sd-journal.h"
31
32 #include "acl-util.h"
33 #include "alloc-util.h"
34 #include "bus-error.h"
35 #include "bus-util.h"
36 #include "catalog.h"
37 #include "chattr-util.h"
38 #include "fd-util.h"
39 #include "fileio.h"
40 #include "fs-util.h"
41 #include "fsprg.h"
42 #include "glob-util.h"
43 #include "hostname-util.h"
44 #include "io-util.h"
45 #include "journal-def.h"
46 #include "journal-internal.h"
47 #include "journal-qrcode.h"
48 #include "journal-util.h"
49 #include "journal-vacuum.h"
50 #include "journal-verify.h"
51 #include "locale-util.h"
52 #include "log.h"
53 #include "logs-show.h"
54 #include "mkdir.h"
55 #include "pager.h"
56 #include "parse-util.h"
57 #include "path-util.h"
58 #include "rlimit-util.h"
59 #include "set.h"
60 #include "sigbus.h"
61 #include "string-table.h"
62 #include "strv.h"
63 #include "syslog-util.h"
64 #include "terminal-util.h"
65 #include "udev-util.h"
66 #include "udev.h"
67 #include "unit-name.h"
68 #include "user-util.h"
69
70 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
71
72 #define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */
73
74 #if HAVE_PCRE2
75 DEFINE_TRIVIAL_CLEANUP_FUNC(pcre2_match_data*, pcre2_match_data_free);
76 DEFINE_TRIVIAL_CLEANUP_FUNC(pcre2_code*, pcre2_code_free);
77
78 static int pattern_compile(const char *pattern, unsigned flags, pcre2_code **out) {
79 int errorcode, r;
80 PCRE2_SIZE erroroffset;
81 pcre2_code *p;
82
83 p = pcre2_compile((PCRE2_SPTR8) pattern,
84 PCRE2_ZERO_TERMINATED, flags, &errorcode, &erroroffset, NULL);
85 if (!p) {
86 unsigned char buf[LINE_MAX];
87
88 r = pcre2_get_error_message(errorcode, buf, sizeof buf);
89
90 log_error("Bad pattern \"%s\": %s",
91 pattern,
92 r < 0 ? "unknown error" : (char*) buf);
93 return -EINVAL;
94 }
95
96 *out = p;
97 return 0;
98 }
99
100 #endif
101
102 enum {
103 /* Special values for arg_lines */
104 ARG_LINES_DEFAULT = -2,
105 ARG_LINES_ALL = -1,
106 };
107
108 static OutputMode arg_output = OUTPUT_SHORT;
109 static bool arg_utc = false;
110 static bool arg_pager_end = false;
111 static bool arg_follow = false;
112 static bool arg_full = true;
113 static bool arg_all = false;
114 static bool arg_no_pager = false;
115 static int arg_lines = ARG_LINES_DEFAULT;
116 static bool arg_no_tail = false;
117 static bool arg_quiet = false;
118 static bool arg_merge = false;
119 static bool arg_boot = false;
120 static sd_id128_t arg_boot_id = {};
121 static int arg_boot_offset = 0;
122 static bool arg_dmesg = false;
123 static bool arg_no_hostname = false;
124 static const char *arg_cursor = NULL;
125 static const char *arg_after_cursor = NULL;
126 static bool arg_show_cursor = false;
127 static const char *arg_directory = NULL;
128 static char **arg_file = NULL;
129 static bool arg_file_stdin = false;
130 static int arg_priorities = 0xFF;
131 static char *arg_verify_key = NULL;
132 #if HAVE_GCRYPT
133 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
134 static bool arg_force = false;
135 #endif
136 static usec_t arg_since, arg_until;
137 static bool arg_since_set = false, arg_until_set = false;
138 static char **arg_syslog_identifier = NULL;
139 static char **arg_system_units = NULL;
140 static char **arg_user_units = NULL;
141 static const char *arg_field = NULL;
142 static bool arg_catalog = false;
143 static bool arg_reverse = false;
144 static int arg_journal_type = 0;
145 static char *arg_root = NULL;
146 static const char *arg_machine = NULL;
147 static uint64_t arg_vacuum_size = 0;
148 static uint64_t arg_vacuum_n_files = 0;
149 static usec_t arg_vacuum_time = 0;
150 static char **arg_output_fields = NULL;
151
152 #if HAVE_PCRE2
153 static const char *arg_pattern = NULL;
154 static pcre2_code *arg_compiled_pattern = NULL;
155 static int arg_case_sensitive = -1; /* -1 means be smart */
156 #endif
157
158 static enum {
159 ACTION_SHOW,
160 ACTION_NEW_ID128,
161 ACTION_PRINT_HEADER,
162 ACTION_SETUP_KEYS,
163 ACTION_VERIFY,
164 ACTION_DISK_USAGE,
165 ACTION_LIST_CATALOG,
166 ACTION_DUMP_CATALOG,
167 ACTION_UPDATE_CATALOG,
168 ACTION_LIST_BOOTS,
169 ACTION_FLUSH,
170 ACTION_SYNC,
171 ACTION_ROTATE,
172 ACTION_VACUUM,
173 ACTION_LIST_FIELDS,
174 ACTION_LIST_FIELD_NAMES,
175 } arg_action = ACTION_SHOW;
176
177 typedef struct BootId {
178 sd_id128_t id;
179 uint64_t first;
180 uint64_t last;
181 LIST_FIELDS(struct BootId, boot_list);
182 } BootId;
183
184 static int add_matches_for_device(sd_journal *j, const char *devpath) {
185 _cleanup_(udev_unrefp) struct udev *udev = NULL;
186 _cleanup_(udev_device_unrefp) struct udev_device *device = NULL;
187 struct udev_device *d = NULL;
188 struct stat st;
189 int r;
190
191 assert(j);
192 assert(devpath);
193
194 if (!path_startswith(devpath, "/dev/")) {
195 log_error("Devpath does not start with /dev/");
196 return -EINVAL;
197 }
198
199 udev = udev_new();
200 if (!udev)
201 return log_oom();
202
203 if (stat(devpath, &st) < 0)
204 return log_error_errno(errno, "Couldn't stat file: %m");
205
206 r = udev_device_new_from_stat_rdev(udev, &st, &device);
207 if (r < 0)
208 return log_error_errno(r, "Failed to get udev device from devnum %u:%u: %m", major(st.st_rdev), minor(st.st_rdev));
209
210 while (d) {
211 _cleanup_free_ char *match = NULL;
212 const char *subsys, *sysname, *devnode;
213
214 subsys = udev_device_get_subsystem(d);
215 if (!subsys) {
216 d = udev_device_get_parent(d);
217 continue;
218 }
219
220 sysname = udev_device_get_sysname(d);
221 if (!sysname) {
222 d = udev_device_get_parent(d);
223 continue;
224 }
225
226 match = strjoin("_KERNEL_DEVICE=+", subsys, ":", sysname);
227 if (!match)
228 return log_oom();
229
230 r = sd_journal_add_match(j, match, 0);
231 if (r < 0)
232 return log_error_errno(r, "Failed to add match: %m");
233
234 devnode = udev_device_get_devnode(d);
235 if (devnode) {
236 _cleanup_free_ char *match1 = NULL;
237
238 r = stat(devnode, &st);
239 if (r < 0)
240 return log_error_errno(r, "Failed to stat() device node \"%s\": %m", devnode);
241
242 r = asprintf(&match1, "_KERNEL_DEVICE=%c%u:%u", S_ISBLK(st.st_mode) ? 'b' : 'c', major(st.st_rdev), minor(st.st_rdev));
243 if (r < 0)
244 return log_oom();
245
246 r = sd_journal_add_match(j, match1, 0);
247 if (r < 0)
248 return log_error_errno(r, "Failed to add match: %m");
249 }
250
251 d = udev_device_get_parent(d);
252 }
253
254 r = add_match_this_boot(j, arg_machine);
255 if (r < 0)
256 return log_error_errno(r, "Failed to add match for the current boot: %m");
257
258 return 0;
259 }
260
261 static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
262
263 if (arg_utc)
264 return format_timestamp_utc(buf, l, t);
265
266 return format_timestamp(buf, l, t);
267 }
268
269 static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
270 sd_id128_t id = SD_ID128_NULL;
271 int off = 0, r;
272
273 if (strlen(x) >= 32) {
274 char *t;
275
276 t = strndupa(x, 32);
277 r = sd_id128_from_string(t, &id);
278 if (r >= 0)
279 x += 32;
280
281 if (!IN_SET(*x, 0, '-', '+'))
282 return -EINVAL;
283
284 if (*x != 0) {
285 r = safe_atoi(x, &off);
286 if (r < 0)
287 return r;
288 }
289 } else {
290 r = safe_atoi(x, &off);
291 if (r < 0)
292 return r;
293 }
294
295 if (boot_id)
296 *boot_id = id;
297
298 if (offset)
299 *offset = off;
300
301 return 0;
302 }
303
304 static void help(void) {
305
306 (void) pager_open(arg_no_pager, arg_pager_end);
307
308 printf("%s [OPTIONS...] [MATCHES...]\n\n"
309 "Query the journal.\n\n"
310 "Options:\n"
311 " --system Show the system journal\n"
312 " --user Show the user journal for the current user\n"
313 " -M --machine=CONTAINER Operate on local container\n"
314 " -S --since=DATE Show entries not older than the specified date\n"
315 " -U --until=DATE Show entries not newer than the specified date\n"
316 " -c --cursor=CURSOR Show entries starting at the specified cursor\n"
317 " --after-cursor=CURSOR Show entries after the specified cursor\n"
318 " --show-cursor Print the cursor after all the entries\n"
319 " -b --boot[=ID] Show current boot or the specified boot\n"
320 " --list-boots Show terse information about recorded boots\n"
321 " -k --dmesg Show kernel message log from the current boot\n"
322 " -u --unit=UNIT Show logs from the specified unit\n"
323 " --user-unit=UNIT Show logs from the specified user unit\n"
324 " -t --identifier=STRING Show entries with the specified syslog identifier\n"
325 " -p --priority=RANGE Show entries with the specified priority\n"
326 " -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n"
327 " --case-sensitive[=BOOL] Force case sensitive or insenstive matching\n"
328 " -e --pager-end Immediately jump to the end in the pager\n"
329 " -f --follow Follow the journal\n"
330 " -n --lines[=INTEGER] Number of journal entries to show\n"
331 " --no-tail Show all lines, even in follow mode\n"
332 " -r --reverse Show the newest entries first\n"
333 " -o --output=STRING Change journal output mode (short, short-precise,\n"
334 " short-iso, short-iso-precise, short-full,\n"
335 " short-monotonic, short-unix, verbose, export,\n"
336 " json, json-pretty, json-sse, cat, with-unit)\n"
337 " --output-fields=LIST Select fields to print in verbose/export/json modes\n"
338 " --utc Express time in Coordinated Universal Time (UTC)\n"
339 " -x --catalog Add message explanations where available\n"
340 " --no-full Ellipsize fields\n"
341 " -a --all Show all fields, including long and unprintable\n"
342 " -q --quiet Do not show info messages and privilege warning\n"
343 " --no-pager Do not pipe output into a pager\n"
344 " --no-hostname Suppress output of hostname field\n"
345 " -m --merge Show entries from all available journals\n"
346 " -D --directory=PATH Show journal files from directory\n"
347 " --file=PATH Show journal file\n"
348 " --root=ROOT Operate on files below a root directory\n"
349 #if HAVE_GCRYPT
350 " --interval=TIME Time interval for changing the FSS sealing key\n"
351 " --verify-key=KEY Specify FSS verification key\n"
352 " --force Override of the FSS key pair with --setup-keys\n"
353 #endif
354 "\nCommands:\n"
355 " -h --help Show this help text\n"
356 " --version Show package version\n"
357 " -N --fields List all field names currently used\n"
358 " -F --field=FIELD List all values that a specified field takes\n"
359 " --disk-usage Show total disk usage of all journal files\n"
360 " --vacuum-size=BYTES Reduce disk usage below specified size\n"
361 " --vacuum-files=INT Leave only the specified number of journal files\n"
362 " --vacuum-time=TIME Remove journal files older than specified time\n"
363 " --verify Verify journal file consistency\n"
364 " --sync Synchronize unwritten journal messages to disk\n"
365 " --flush Flush all journal data from /run into /var\n"
366 " --rotate Request immediate rotation of the journal files\n"
367 " --header Show journal header information\n"
368 " --list-catalog Show all message IDs in the catalog\n"
369 " --dump-catalog Show entries in the message catalog\n"
370 " --update-catalog Update the message catalog database\n"
371 " --new-id128 Generate a new 128-bit ID\n"
372 #if HAVE_GCRYPT
373 " --setup-keys Generate a new FSS key pair\n"
374 #endif
375 , program_invocation_short_name);
376 }
377
378 static int parse_argv(int argc, char *argv[]) {
379
380 enum {
381 ARG_VERSION = 0x100,
382 ARG_NO_PAGER,
383 ARG_NO_FULL,
384 ARG_NO_TAIL,
385 ARG_NEW_ID128,
386 ARG_THIS_BOOT,
387 ARG_LIST_BOOTS,
388 ARG_USER,
389 ARG_SYSTEM,
390 ARG_ROOT,
391 ARG_HEADER,
392 ARG_SETUP_KEYS,
393 ARG_FILE,
394 ARG_INTERVAL,
395 ARG_VERIFY,
396 ARG_VERIFY_KEY,
397 ARG_DISK_USAGE,
398 ARG_AFTER_CURSOR,
399 ARG_SHOW_CURSOR,
400 ARG_USER_UNIT,
401 ARG_LIST_CATALOG,
402 ARG_DUMP_CATALOG,
403 ARG_UPDATE_CATALOG,
404 ARG_FORCE,
405 ARG_CASE_SENSITIVE,
406 ARG_UTC,
407 ARG_SYNC,
408 ARG_FLUSH,
409 ARG_ROTATE,
410 ARG_VACUUM_SIZE,
411 ARG_VACUUM_FILES,
412 ARG_VACUUM_TIME,
413 ARG_NO_HOSTNAME,
414 ARG_OUTPUT_FIELDS,
415 };
416
417 static const struct option options[] = {
418 { "help", no_argument, NULL, 'h' },
419 { "version" , no_argument, NULL, ARG_VERSION },
420 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
421 { "pager-end", no_argument, NULL, 'e' },
422 { "follow", no_argument, NULL, 'f' },
423 { "force", no_argument, NULL, ARG_FORCE },
424 { "output", required_argument, NULL, 'o' },
425 { "all", no_argument, NULL, 'a' },
426 { "full", no_argument, NULL, 'l' },
427 { "no-full", no_argument, NULL, ARG_NO_FULL },
428 { "lines", optional_argument, NULL, 'n' },
429 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
430 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
431 { "quiet", no_argument, NULL, 'q' },
432 { "merge", no_argument, NULL, 'm' },
433 { "this-boot", no_argument, NULL, ARG_THIS_BOOT }, /* deprecated */
434 { "boot", optional_argument, NULL, 'b' },
435 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
436 { "dmesg", no_argument, NULL, 'k' },
437 { "system", no_argument, NULL, ARG_SYSTEM },
438 { "user", no_argument, NULL, ARG_USER },
439 { "directory", required_argument, NULL, 'D' },
440 { "file", required_argument, NULL, ARG_FILE },
441 { "root", required_argument, NULL, ARG_ROOT },
442 { "header", no_argument, NULL, ARG_HEADER },
443 { "identifier", required_argument, NULL, 't' },
444 { "priority", required_argument, NULL, 'p' },
445 { "grep", required_argument, NULL, 'g' },
446 { "case-sensitive", optional_argument, NULL, ARG_CASE_SENSITIVE },
447 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
448 { "interval", required_argument, NULL, ARG_INTERVAL },
449 { "verify", no_argument, NULL, ARG_VERIFY },
450 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
451 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
452 { "cursor", required_argument, NULL, 'c' },
453 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
454 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
455 { "since", required_argument, NULL, 'S' },
456 { "until", required_argument, NULL, 'U' },
457 { "unit", required_argument, NULL, 'u' },
458 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
459 { "field", required_argument, NULL, 'F' },
460 { "fields", no_argument, NULL, 'N' },
461 { "catalog", no_argument, NULL, 'x' },
462 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
463 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
464 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
465 { "reverse", no_argument, NULL, 'r' },
466 { "machine", required_argument, NULL, 'M' },
467 { "utc", no_argument, NULL, ARG_UTC },
468 { "flush", no_argument, NULL, ARG_FLUSH },
469 { "sync", no_argument, NULL, ARG_SYNC },
470 { "rotate", no_argument, NULL, ARG_ROTATE },
471 { "vacuum-size", required_argument, NULL, ARG_VACUUM_SIZE },
472 { "vacuum-files", required_argument, NULL, ARG_VACUUM_FILES },
473 { "vacuum-time", required_argument, NULL, ARG_VACUUM_TIME },
474 { "no-hostname", no_argument, NULL, ARG_NO_HOSTNAME },
475 { "output-fields", required_argument, NULL, ARG_OUTPUT_FIELDS },
476 {}
477 };
478
479 int c, r;
480
481 assert(argc >= 0);
482 assert(argv);
483
484 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:u:NF:xrM:", options, NULL)) >= 0)
485
486 switch (c) {
487
488 case 'h':
489 help();
490 return 0;
491
492 case ARG_VERSION:
493 return version();
494
495 case ARG_NO_PAGER:
496 arg_no_pager = true;
497 break;
498
499 case 'e':
500 arg_pager_end = true;
501
502 if (arg_lines == ARG_LINES_DEFAULT)
503 arg_lines = 1000;
504
505 break;
506
507 case 'f':
508 arg_follow = true;
509 break;
510
511 case 'o':
512 if (streq(optarg, "help")) {
513 DUMP_STRING_TABLE(output_mode, OutputMode, _OUTPUT_MODE_MAX);
514 return 0;
515 }
516
517 arg_output = output_mode_from_string(optarg);
518 if (arg_output < 0) {
519 log_error("Unknown output format '%s'.", optarg);
520 return -EINVAL;
521 }
522
523 if (IN_SET(arg_output, OUTPUT_EXPORT, OUTPUT_JSON, OUTPUT_JSON_PRETTY, OUTPUT_JSON_SSE, OUTPUT_CAT))
524 arg_quiet = true;
525
526 break;
527
528 case 'l':
529 arg_full = true;
530 break;
531
532 case ARG_NO_FULL:
533 arg_full = false;
534 break;
535
536 case 'a':
537 arg_all = true;
538 break;
539
540 case 'n':
541 if (optarg) {
542 if (streq(optarg, "all"))
543 arg_lines = ARG_LINES_ALL;
544 else {
545 r = safe_atoi(optarg, &arg_lines);
546 if (r < 0 || arg_lines < 0) {
547 log_error("Failed to parse lines '%s'", optarg);
548 return -EINVAL;
549 }
550 }
551 } else {
552 arg_lines = 10;
553
554 /* Hmm, no argument? Maybe the next
555 * word on the command line is
556 * supposed to be the argument? Let's
557 * see if there is one, and is
558 * parsable. */
559 if (optind < argc) {
560 int n;
561 if (streq(argv[optind], "all")) {
562 arg_lines = ARG_LINES_ALL;
563 optind++;
564 } else if (safe_atoi(argv[optind], &n) >= 0 && n >= 0) {
565 arg_lines = n;
566 optind++;
567 }
568 }
569 }
570
571 break;
572
573 case ARG_NO_TAIL:
574 arg_no_tail = true;
575 break;
576
577 case ARG_NEW_ID128:
578 arg_action = ACTION_NEW_ID128;
579 break;
580
581 case 'q':
582 arg_quiet = true;
583 break;
584
585 case 'm':
586 arg_merge = true;
587 break;
588
589 case ARG_THIS_BOOT:
590 arg_boot = true;
591 break;
592
593 case 'b':
594 arg_boot = true;
595
596 if (optarg) {
597 r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
598 if (r < 0) {
599 log_error("Failed to parse boot descriptor '%s'", optarg);
600 return -EINVAL;
601 }
602 } else {
603
604 /* Hmm, no argument? Maybe the next
605 * word on the command line is
606 * supposed to be the argument? Let's
607 * see if there is one and is parsable
608 * as a boot descriptor... */
609
610 if (optind < argc &&
611 parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
612 optind++;
613 }
614
615 break;
616
617 case ARG_LIST_BOOTS:
618 arg_action = ACTION_LIST_BOOTS;
619 break;
620
621 case 'k':
622 arg_boot = arg_dmesg = true;
623 break;
624
625 case ARG_SYSTEM:
626 arg_journal_type |= SD_JOURNAL_SYSTEM;
627 break;
628
629 case ARG_USER:
630 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
631 break;
632
633 case 'M':
634 arg_machine = optarg;
635 break;
636
637 case 'D':
638 arg_directory = optarg;
639 break;
640
641 case ARG_FILE:
642 if (streq(optarg, "-"))
643 /* An undocumented feature: we can read journal files from STDIN. We don't document
644 * this though, since after all we only support this for mmap-able, seekable files, and
645 * not for example pipes which are probably the primary usecase for reading things from
646 * STDIN. To avoid confusion we hence don't document this feature. */
647 arg_file_stdin = true;
648 else {
649 r = glob_extend(&arg_file, optarg);
650 if (r < 0)
651 return log_error_errno(r, "Failed to add paths: %m");
652 }
653 break;
654
655 case ARG_ROOT:
656 r = parse_path_argument_and_warn(optarg, true, &arg_root);
657 if (r < 0)
658 return r;
659 break;
660
661 case 'c':
662 arg_cursor = optarg;
663 break;
664
665 case ARG_AFTER_CURSOR:
666 arg_after_cursor = optarg;
667 break;
668
669 case ARG_SHOW_CURSOR:
670 arg_show_cursor = true;
671 break;
672
673 case ARG_HEADER:
674 arg_action = ACTION_PRINT_HEADER;
675 break;
676
677 case ARG_VERIFY:
678 arg_action = ACTION_VERIFY;
679 break;
680
681 case ARG_DISK_USAGE:
682 arg_action = ACTION_DISK_USAGE;
683 break;
684
685 case ARG_VACUUM_SIZE:
686 r = parse_size(optarg, 1024, &arg_vacuum_size);
687 if (r < 0) {
688 log_error("Failed to parse vacuum size: %s", optarg);
689 return r;
690 }
691
692 arg_action = ACTION_VACUUM;
693 break;
694
695 case ARG_VACUUM_FILES:
696 r = safe_atou64(optarg, &arg_vacuum_n_files);
697 if (r < 0) {
698 log_error("Failed to parse vacuum files: %s", optarg);
699 return r;
700 }
701
702 arg_action = ACTION_VACUUM;
703 break;
704
705 case ARG_VACUUM_TIME:
706 r = parse_sec(optarg, &arg_vacuum_time);
707 if (r < 0) {
708 log_error("Failed to parse vacuum time: %s", optarg);
709 return r;
710 }
711
712 arg_action = ACTION_VACUUM;
713 break;
714
715 #if HAVE_GCRYPT
716 case ARG_FORCE:
717 arg_force = true;
718 break;
719
720 case ARG_SETUP_KEYS:
721 arg_action = ACTION_SETUP_KEYS;
722 break;
723
724 case ARG_VERIFY_KEY:
725 arg_action = ACTION_VERIFY;
726 r = free_and_strdup(&arg_verify_key, optarg);
727 if (r < 0)
728 return r;
729 /* Use memset not string_erase so this doesn't look confusing
730 * in ps or htop output. */
731 memset(optarg, 'x', strlen(optarg));
732
733 arg_merge = false;
734 break;
735
736 case ARG_INTERVAL:
737 r = parse_sec(optarg, &arg_interval);
738 if (r < 0 || arg_interval <= 0) {
739 log_error("Failed to parse sealing key change interval: %s", optarg);
740 return -EINVAL;
741 }
742 break;
743 #else
744 case ARG_SETUP_KEYS:
745 case ARG_VERIFY_KEY:
746 case ARG_INTERVAL:
747 case ARG_FORCE:
748 log_error("Forward-secure sealing not available.");
749 return -EOPNOTSUPP;
750 #endif
751
752 case 'p': {
753 const char *dots;
754
755 dots = strstr(optarg, "..");
756 if (dots) {
757 char *a;
758 int from, to, i;
759
760 /* a range */
761 a = strndup(optarg, dots - optarg);
762 if (!a)
763 return log_oom();
764
765 from = log_level_from_string(a);
766 to = log_level_from_string(dots + 2);
767 free(a);
768
769 if (from < 0 || to < 0) {
770 log_error("Failed to parse log level range %s", optarg);
771 return -EINVAL;
772 }
773
774 arg_priorities = 0;
775
776 if (from < to) {
777 for (i = from; i <= to; i++)
778 arg_priorities |= 1 << i;
779 } else {
780 for (i = to; i <= from; i++)
781 arg_priorities |= 1 << i;
782 }
783
784 } else {
785 int p, i;
786
787 p = log_level_from_string(optarg);
788 if (p < 0) {
789 log_error("Unknown log level %s", optarg);
790 return -EINVAL;
791 }
792
793 arg_priorities = 0;
794
795 for (i = 0; i <= p; i++)
796 arg_priorities |= 1 << i;
797 }
798
799 break;
800 }
801
802 #if HAVE_PCRE2
803 case 'g':
804 arg_pattern = optarg;
805 break;
806
807 case ARG_CASE_SENSITIVE:
808 if (optarg) {
809 r = parse_boolean(optarg);
810 if (r < 0)
811 return log_error_errno(r, "Bad --case-sensitive= argument \"%s\": %m", optarg);
812 arg_case_sensitive = r;
813 } else
814 arg_case_sensitive = true;
815
816 break;
817 #else
818 case 'g':
819 case ARG_CASE_SENSITIVE:
820 return log_error("Compiled without pattern matching support");
821 #endif
822
823 case 'S':
824 r = parse_timestamp(optarg, &arg_since);
825 if (r < 0) {
826 log_error("Failed to parse timestamp: %s", optarg);
827 return -EINVAL;
828 }
829 arg_since_set = true;
830 break;
831
832 case 'U':
833 r = parse_timestamp(optarg, &arg_until);
834 if (r < 0) {
835 log_error("Failed to parse timestamp: %s", optarg);
836 return -EINVAL;
837 }
838 arg_until_set = true;
839 break;
840
841 case 't':
842 r = strv_extend(&arg_syslog_identifier, optarg);
843 if (r < 0)
844 return log_oom();
845 break;
846
847 case 'u':
848 r = strv_extend(&arg_system_units, optarg);
849 if (r < 0)
850 return log_oom();
851 break;
852
853 case ARG_USER_UNIT:
854 r = strv_extend(&arg_user_units, optarg);
855 if (r < 0)
856 return log_oom();
857 break;
858
859 case 'F':
860 arg_action = ACTION_LIST_FIELDS;
861 arg_field = optarg;
862 break;
863
864 case 'N':
865 arg_action = ACTION_LIST_FIELD_NAMES;
866 break;
867
868 case ARG_NO_HOSTNAME:
869 arg_no_hostname = true;
870 break;
871
872 case 'x':
873 arg_catalog = true;
874 break;
875
876 case ARG_LIST_CATALOG:
877 arg_action = ACTION_LIST_CATALOG;
878 break;
879
880 case ARG_DUMP_CATALOG:
881 arg_action = ACTION_DUMP_CATALOG;
882 break;
883
884 case ARG_UPDATE_CATALOG:
885 arg_action = ACTION_UPDATE_CATALOG;
886 break;
887
888 case 'r':
889 arg_reverse = true;
890 break;
891
892 case ARG_UTC:
893 arg_utc = true;
894 break;
895
896 case ARG_FLUSH:
897 arg_action = ACTION_FLUSH;
898 break;
899
900 case ARG_ROTATE:
901 arg_action = ACTION_ROTATE;
902 break;
903
904 case ARG_SYNC:
905 arg_action = ACTION_SYNC;
906 break;
907
908 case ARG_OUTPUT_FIELDS: {
909 _cleanup_strv_free_ char **v = NULL;
910
911 v = strv_split(optarg, ",");
912 if (!v)
913 return log_oom();
914
915 if (!arg_output_fields)
916 arg_output_fields = TAKE_PTR(v);
917 else {
918 r = strv_extend_strv(&arg_output_fields, v, true);
919 if (r < 0)
920 return log_oom();
921 }
922 break;
923 }
924
925 case '?':
926 return -EINVAL;
927
928 default:
929 assert_not_reached("Unhandled option");
930 }
931
932 if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT)
933 arg_lines = 10;
934
935 if (!!arg_directory + !!arg_file + !!arg_machine + !!arg_root > 1) {
936 log_error("Please specify at most one of -D/--directory=, --file=, -M/--machine=, --root.");
937 return -EINVAL;
938 }
939
940 if (arg_since_set && arg_until_set && arg_since > arg_until) {
941 log_error("--since= must be before --until=.");
942 return -EINVAL;
943 }
944
945 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
946 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
947 return -EINVAL;
948 }
949
950 if (arg_follow && arg_reverse) {
951 log_error("Please specify either --reverse= or --follow=, not both.");
952 return -EINVAL;
953 }
954
955 if (!IN_SET(arg_action, ACTION_SHOW, ACTION_DUMP_CATALOG, ACTION_LIST_CATALOG) && optind < argc) {
956 log_error("Extraneous arguments starting with '%s'", argv[optind]);
957 return -EINVAL;
958 }
959
960 if ((arg_boot || arg_action == ACTION_LIST_BOOTS) && arg_merge) {
961 log_error("Using --boot or --list-boots with --merge is not supported.");
962 return -EINVAL;
963 }
964
965 if (!strv_isempty(arg_system_units) && arg_journal_type == SD_JOURNAL_CURRENT_USER) {
966 /* Specifying --user and --unit= at the same time makes no sense (as the former excludes the user
967 * journal, but the latter excludes the system journal, thus resulting in empty output). Let's be nice
968 * to users, and automatically turn --unit= into --user-unit= if combined with --user. */
969 r = strv_extend_strv(&arg_user_units, arg_system_units, true);
970 if (r < 0)
971 return r;
972
973 arg_system_units = strv_free(arg_system_units);
974 }
975
976 #if HAVE_PCRE2
977 if (arg_pattern) {
978 unsigned flags;
979
980 if (arg_case_sensitive >= 0)
981 flags = !arg_case_sensitive * PCRE2_CASELESS;
982 else {
983 _cleanup_(pcre2_match_data_freep) pcre2_match_data *md = NULL;
984 bool has_case;
985 _cleanup_(pcre2_code_freep) pcre2_code *cs = NULL;
986
987 md = pcre2_match_data_create(1, NULL);
988 if (!md)
989 return log_oom();
990
991 r = pattern_compile("[[:upper:]]", 0, &cs);
992 if (r < 0)
993 return r;
994
995 r = pcre2_match(cs, (PCRE2_SPTR8) arg_pattern, PCRE2_ZERO_TERMINATED, 0, 0, md, NULL);
996 has_case = r >= 0;
997
998 flags = !has_case * PCRE2_CASELESS;
999 }
1000
1001 log_debug("Doing case %s matching based on %s",
1002 flags & PCRE2_CASELESS ? "insensitive" : "sensitive",
1003 arg_case_sensitive >= 0 ? "request" : "pattern casing");
1004
1005 r = pattern_compile(arg_pattern, flags, &arg_compiled_pattern);
1006 if (r < 0)
1007 return r;
1008 }
1009 #endif
1010
1011 return 1;
1012 }
1013
1014 static int generate_new_id128(void) {
1015 sd_id128_t id;
1016 int r;
1017 unsigned i;
1018
1019 r = sd_id128_randomize(&id);
1020 if (r < 0)
1021 return log_error_errno(r, "Failed to generate ID: %m");
1022
1023 printf("As string:\n"
1024 SD_ID128_FORMAT_STR "\n\n"
1025 "As UUID:\n"
1026 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
1027 "As man:sd-id128(3) macro:\n"
1028 "#define MESSAGE_XYZ SD_ID128_MAKE(",
1029 SD_ID128_FORMAT_VAL(id),
1030 SD_ID128_FORMAT_VAL(id));
1031 for (i = 0; i < 16; i++)
1032 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
1033 fputs(")\n\n", stdout);
1034
1035 printf("As Python constant:\n"
1036 ">>> import uuid\n"
1037 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
1038 SD_ID128_FORMAT_VAL(id));
1039
1040 return 0;
1041 }
1042
1043 static int add_matches(sd_journal *j, char **args) {
1044 char **i;
1045 bool have_term = false;
1046
1047 assert(j);
1048
1049 STRV_FOREACH(i, args) {
1050 int r;
1051
1052 if (streq(*i, "+")) {
1053 if (!have_term)
1054 break;
1055 r = sd_journal_add_disjunction(j);
1056 have_term = false;
1057
1058 } else if (path_is_absolute(*i)) {
1059 _cleanup_free_ char *p = NULL, *t = NULL, *t2 = NULL, *interpreter = NULL;
1060 struct stat st;
1061
1062 r = chase_symlinks(*i, NULL, CHASE_TRAIL_SLASH, &p);
1063 if (r < 0)
1064 return log_error_errno(r, "Couldn't canonicalize path: %m");
1065
1066 if (lstat(p, &st) < 0)
1067 return log_error_errno(errno, "Couldn't stat file: %m");
1068
1069 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
1070 if (executable_is_script(p, &interpreter) > 0) {
1071 _cleanup_free_ char *comm;
1072
1073 comm = strndup(basename(p), 15);
1074 if (!comm)
1075 return log_oom();
1076
1077 t = strappend("_COMM=", comm);
1078 if (!t)
1079 return log_oom();
1080
1081 /* Append _EXE only if the interpreter is not a link.
1082 Otherwise, it might be outdated often. */
1083 if (lstat(interpreter, &st) == 0 && !S_ISLNK(st.st_mode)) {
1084 t2 = strappend("_EXE=", interpreter);
1085 if (!t2)
1086 return log_oom();
1087 }
1088 } else {
1089 t = strappend("_EXE=", p);
1090 if (!t)
1091 return log_oom();
1092 }
1093
1094 r = sd_journal_add_match(j, t, 0);
1095
1096 if (r >=0 && t2)
1097 r = sd_journal_add_match(j, t2, 0);
1098
1099 } else if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) {
1100 r = add_matches_for_device(j, p);
1101 if (r < 0)
1102 return r;
1103 } else {
1104 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
1105 return -EINVAL;
1106 }
1107
1108 have_term = true;
1109 } else {
1110 r = sd_journal_add_match(j, *i, 0);
1111 have_term = true;
1112 }
1113
1114 if (r < 0)
1115 return log_error_errno(r, "Failed to add match '%s': %m", *i);
1116 }
1117
1118 if (!strv_isempty(args) && !have_term) {
1119 log_error("\"+\" can only be used between terms");
1120 return -EINVAL;
1121 }
1122
1123 return 0;
1124 }
1125
1126 static void boot_id_free_all(BootId *l) {
1127
1128 while (l) {
1129 BootId *i = l;
1130 LIST_REMOVE(boot_list, l, i);
1131 free(i);
1132 }
1133 }
1134
1135 static int discover_next_boot(sd_journal *j,
1136 sd_id128_t previous_boot_id,
1137 bool advance_older,
1138 BootId **ret) {
1139
1140 _cleanup_free_ BootId *next_boot = NULL;
1141 char match[9+32+1] = "_BOOT_ID=";
1142 sd_id128_t boot_id;
1143 int r;
1144
1145 assert(j);
1146 assert(ret);
1147
1148 /* We expect the journal to be on the last position of a boot
1149 * (in relation to the direction we are going), so that the next
1150 * invocation of sd_journal_next/previous will be from a different
1151 * boot. We then collect any information we desire and then jump
1152 * to the last location of the new boot by using a _BOOT_ID match
1153 * coming from the other journal direction. */
1154
1155 /* Make sure we aren't restricted by any _BOOT_ID matches, so that
1156 * we can actually advance to a *different* boot. */
1157 sd_journal_flush_matches(j);
1158
1159 do {
1160 if (advance_older)
1161 r = sd_journal_previous(j);
1162 else
1163 r = sd_journal_next(j);
1164 if (r < 0)
1165 return r;
1166 else if (r == 0)
1167 return 0; /* End of journal, yay. */
1168
1169 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1170 if (r < 0)
1171 return r;
1172
1173 /* We iterate through this in a loop, until the boot ID differs from the previous one. Note that
1174 * normally, this will only require a single iteration, as we seeked to the last entry of the previous
1175 * boot entry already. However, it might happen that the per-journal-field entry arrays are less
1176 * complete than the main entry array, and hence might reference an entry that's not actually the last
1177 * one of the boot ID as last one. Let's hence use the per-field array is initial seek position to
1178 * speed things up, but let's not trust that it is complete, and hence, manually advance as
1179 * necessary. */
1180
1181 } while (sd_id128_equal(boot_id, previous_boot_id));
1182
1183 next_boot = new0(BootId, 1);
1184 if (!next_boot)
1185 return -ENOMEM;
1186
1187 next_boot->id = boot_id;
1188
1189 r = sd_journal_get_realtime_usec(j, &next_boot->first);
1190 if (r < 0)
1191 return r;
1192
1193 /* Now seek to the last occurrence of this boot ID. */
1194 sd_id128_to_string(next_boot->id, match + 9);
1195 r = sd_journal_add_match(j, match, sizeof(match) - 1);
1196 if (r < 0)
1197 return r;
1198
1199 if (advance_older)
1200 r = sd_journal_seek_head(j);
1201 else
1202 r = sd_journal_seek_tail(j);
1203 if (r < 0)
1204 return r;
1205
1206 if (advance_older)
1207 r = sd_journal_next(j);
1208 else
1209 r = sd_journal_previous(j);
1210 if (r < 0)
1211 return r;
1212 else if (r == 0) {
1213 log_debug("Whoopsie! We found a boot ID but can't read its last entry.");
1214 return -ENODATA; /* This shouldn't happen. We just came from this very boot ID. */
1215 }
1216
1217 r = sd_journal_get_realtime_usec(j, &next_boot->last);
1218 if (r < 0)
1219 return r;
1220
1221 *ret = TAKE_PTR(next_boot);
1222
1223 return 0;
1224 }
1225
1226 static int get_boots(
1227 sd_journal *j,
1228 BootId **boots,
1229 sd_id128_t *boot_id,
1230 int offset) {
1231
1232 bool skip_once;
1233 int r, count = 0;
1234 BootId *head = NULL, *tail = NULL, *id;
1235 const bool advance_older = boot_id && offset <= 0;
1236 sd_id128_t previous_boot_id;
1237
1238 assert(j);
1239
1240 /* Adjust for the asymmetry that offset 0 is
1241 * the last (and current) boot, while 1 is considered the
1242 * (chronological) first boot in the journal. */
1243 skip_once = boot_id && sd_id128_is_null(*boot_id) && offset <= 0;
1244
1245 /* Advance to the earliest/latest occurrence of our reference
1246 * boot ID (taking our lookup direction into account), so that
1247 * discover_next_boot() can do its job.
1248 * If no reference is given, the journal head/tail will do,
1249 * they're "virtual" boots after all. */
1250 if (boot_id && !sd_id128_is_null(*boot_id)) {
1251 char match[9+32+1] = "_BOOT_ID=";
1252
1253 sd_journal_flush_matches(j);
1254
1255 sd_id128_to_string(*boot_id, match + 9);
1256 r = sd_journal_add_match(j, match, sizeof(match) - 1);
1257 if (r < 0)
1258 return r;
1259
1260 if (advance_older)
1261 r = sd_journal_seek_head(j); /* seek to oldest */
1262 else
1263 r = sd_journal_seek_tail(j); /* seek to newest */
1264 if (r < 0)
1265 return r;
1266
1267 if (advance_older)
1268 r = sd_journal_next(j); /* read the oldest entry */
1269 else
1270 r = sd_journal_previous(j); /* read the most recently added entry */
1271 if (r < 0)
1272 return r;
1273 else if (r == 0)
1274 goto finish;
1275 else if (offset == 0) {
1276 count = 1;
1277 goto finish;
1278 }
1279
1280 /* At this point the read pointer is positioned at the oldest/newest occurence of the reference boot
1281 * ID. After flushing the matches, one more invocation of _previous()/_next() will hence place us at
1282 * the following entry, which must then have an older/newer boot ID */
1283 } else {
1284
1285 if (advance_older)
1286 r = sd_journal_seek_tail(j); /* seek to newest */
1287 else
1288 r = sd_journal_seek_head(j); /* seek to oldest */
1289 if (r < 0)
1290 return r;
1291
1292 /* No sd_journal_next()/_previous() here.
1293 *
1294 * At this point the read pointer is positioned after the newest/before the oldest entry in the whole
1295 * journal. The next invocation of _previous()/_next() will hence position us at the newest/oldest
1296 * entry we have. */
1297 }
1298
1299 previous_boot_id = SD_ID128_NULL;
1300 for (;;) {
1301 _cleanup_free_ BootId *current = NULL;
1302
1303 r = discover_next_boot(j, previous_boot_id, advance_older, &current);
1304 if (r < 0) {
1305 boot_id_free_all(head);
1306 return r;
1307 }
1308
1309 if (!current)
1310 break;
1311
1312 previous_boot_id = current->id;
1313
1314 if (boot_id) {
1315 if (!skip_once)
1316 offset += advance_older ? 1 : -1;
1317 skip_once = false;
1318
1319 if (offset == 0) {
1320 count = 1;
1321 *boot_id = current->id;
1322 break;
1323 }
1324 } else {
1325 LIST_FOREACH(boot_list, id, head) {
1326 if (sd_id128_equal(id->id, current->id)) {
1327 /* boot id already stored, something wrong with the journal files */
1328 /* exiting as otherwise this problem would cause forever loop */
1329 goto finish;
1330 }
1331 }
1332 LIST_INSERT_AFTER(boot_list, head, tail, current);
1333 tail = TAKE_PTR(current);
1334 count++;
1335 }
1336 }
1337
1338 finish:
1339 if (boots)
1340 *boots = head;
1341
1342 sd_journal_flush_matches(j);
1343
1344 return count;
1345 }
1346
1347 static int list_boots(sd_journal *j) {
1348 int w, i, count;
1349 BootId *id, *all_ids;
1350
1351 assert(j);
1352
1353 count = get_boots(j, &all_ids, NULL, 0);
1354 if (count < 0)
1355 return log_error_errno(count, "Failed to determine boots: %m");
1356 if (count == 0)
1357 return count;
1358
1359 (void) pager_open(arg_no_pager, arg_pager_end);
1360
1361 /* numbers are one less, but we need an extra char for the sign */
1362 w = DECIMAL_STR_WIDTH(count - 1) + 1;
1363
1364 i = 0;
1365 LIST_FOREACH(boot_list, id, all_ids) {
1366 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
1367
1368 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
1369 w, i - count + 1,
1370 SD_ID128_FORMAT_VAL(id->id),
1371 format_timestamp_maybe_utc(a, sizeof(a), id->first),
1372 format_timestamp_maybe_utc(b, sizeof(b), id->last));
1373 i++;
1374 }
1375
1376 boot_id_free_all(all_ids);
1377
1378 return 0;
1379 }
1380
1381 static int add_boot(sd_journal *j) {
1382 char match[9+32+1] = "_BOOT_ID=";
1383 sd_id128_t boot_id;
1384 int r;
1385
1386 assert(j);
1387
1388 if (!arg_boot)
1389 return 0;
1390
1391 /* Take a shortcut and use the current boot_id, which we can do very quickly.
1392 * We can do this only when we logs are coming from the current machine,
1393 * so take the slow path if log location is specified. */
1394 if (arg_boot_offset == 0 && sd_id128_is_null(arg_boot_id) &&
1395 !arg_directory && !arg_file && !arg_root)
1396
1397 return add_match_this_boot(j, arg_machine);
1398
1399 boot_id = arg_boot_id;
1400 r = get_boots(j, NULL, &boot_id, arg_boot_offset);
1401 assert(r <= 1);
1402 if (r <= 0) {
1403 const char *reason = (r == 0) ? "No such boot ID in journal" : strerror(-r);
1404
1405 if (sd_id128_is_null(arg_boot_id))
1406 log_error("Data from the specified boot (%+i) is not available: %s",
1407 arg_boot_offset, reason);
1408 else
1409 log_error("Data from the specified boot ("SD_ID128_FORMAT_STR") is not available: %s",
1410 SD_ID128_FORMAT_VAL(arg_boot_id), reason);
1411
1412 return r == 0 ? -ENODATA : r;
1413 }
1414
1415 sd_id128_to_string(boot_id, match + 9);
1416
1417 r = sd_journal_add_match(j, match, sizeof(match) - 1);
1418 if (r < 0)
1419 return log_error_errno(r, "Failed to add match: %m");
1420
1421 r = sd_journal_add_conjunction(j);
1422 if (r < 0)
1423 return log_error_errno(r, "Failed to add conjunction: %m");
1424
1425 return 0;
1426 }
1427
1428 static int add_dmesg(sd_journal *j) {
1429 int r;
1430 assert(j);
1431
1432 if (!arg_dmesg)
1433 return 0;
1434
1435 r = sd_journal_add_match(j, "_TRANSPORT=kernel",
1436 STRLEN("_TRANSPORT=kernel"));
1437 if (r < 0)
1438 return log_error_errno(r, "Failed to add match: %m");
1439
1440 r = sd_journal_add_conjunction(j);
1441 if (r < 0)
1442 return log_error_errno(r, "Failed to add conjunction: %m");
1443
1444 return 0;
1445 }
1446
1447 static int get_possible_units(
1448 sd_journal *j,
1449 const char *fields,
1450 char **patterns,
1451 Set **units) {
1452
1453 _cleanup_set_free_free_ Set *found;
1454 const char *field;
1455 int r;
1456
1457 found = set_new(&string_hash_ops);
1458 if (!found)
1459 return -ENOMEM;
1460
1461 NULSTR_FOREACH(field, fields) {
1462 const void *data;
1463 size_t size;
1464
1465 r = sd_journal_query_unique(j, field);
1466 if (r < 0)
1467 return r;
1468
1469 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1470 char **pattern, *eq;
1471 size_t prefix;
1472 _cleanup_free_ char *u = NULL;
1473
1474 eq = memchr(data, '=', size);
1475 if (eq)
1476 prefix = eq - (char*) data + 1;
1477 else
1478 prefix = 0;
1479
1480 u = strndup((char*) data + prefix, size - prefix);
1481 if (!u)
1482 return -ENOMEM;
1483
1484 STRV_FOREACH(pattern, patterns)
1485 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1486 log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1487
1488 r = set_consume(found, u);
1489 u = NULL;
1490 if (r < 0 && r != -EEXIST)
1491 return r;
1492
1493 break;
1494 }
1495 }
1496 }
1497
1498 *units = TAKE_PTR(found);
1499
1500 return 0;
1501 }
1502
1503 /* This list is supposed to return the superset of unit names
1504 * possibly matched by rules added with add_matches_for_unit... */
1505 #define SYSTEM_UNITS \
1506 "_SYSTEMD_UNIT\0" \
1507 "COREDUMP_UNIT\0" \
1508 "UNIT\0" \
1509 "OBJECT_SYSTEMD_UNIT\0" \
1510 "_SYSTEMD_SLICE\0"
1511
1512 /* ... and add_matches_for_user_unit */
1513 #define USER_UNITS \
1514 "_SYSTEMD_USER_UNIT\0" \
1515 "USER_UNIT\0" \
1516 "COREDUMP_USER_UNIT\0" \
1517 "OBJECT_SYSTEMD_USER_UNIT\0"
1518
1519 static int add_units(sd_journal *j) {
1520 _cleanup_strv_free_ char **patterns = NULL;
1521 int r, count = 0;
1522 char **i;
1523
1524 assert(j);
1525
1526 STRV_FOREACH(i, arg_system_units) {
1527 _cleanup_free_ char *u = NULL;
1528
1529 r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
1530 if (r < 0)
1531 return r;
1532
1533 if (string_is_glob(u)) {
1534 r = strv_push(&patterns, u);
1535 if (r < 0)
1536 return r;
1537 u = NULL;
1538 } else {
1539 r = add_matches_for_unit(j, u);
1540 if (r < 0)
1541 return r;
1542 r = sd_journal_add_disjunction(j);
1543 if (r < 0)
1544 return r;
1545 count++;
1546 }
1547 }
1548
1549 if (!strv_isempty(patterns)) {
1550 _cleanup_set_free_free_ Set *units = NULL;
1551 Iterator it;
1552 char *u;
1553
1554 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
1555 if (r < 0)
1556 return r;
1557
1558 SET_FOREACH(u, units, it) {
1559 r = add_matches_for_unit(j, u);
1560 if (r < 0)
1561 return r;
1562 r = sd_journal_add_disjunction(j);
1563 if (r < 0)
1564 return r;
1565 count++;
1566 }
1567 }
1568
1569 patterns = strv_free(patterns);
1570
1571 STRV_FOREACH(i, arg_user_units) {
1572 _cleanup_free_ char *u = NULL;
1573
1574 r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
1575 if (r < 0)
1576 return r;
1577
1578 if (string_is_glob(u)) {
1579 r = strv_push(&patterns, u);
1580 if (r < 0)
1581 return r;
1582 u = NULL;
1583 } else {
1584 r = add_matches_for_user_unit(j, u, getuid());
1585 if (r < 0)
1586 return r;
1587 r = sd_journal_add_disjunction(j);
1588 if (r < 0)
1589 return r;
1590 count++;
1591 }
1592 }
1593
1594 if (!strv_isempty(patterns)) {
1595 _cleanup_set_free_free_ Set *units = NULL;
1596 Iterator it;
1597 char *u;
1598
1599 r = get_possible_units(j, USER_UNITS, patterns, &units);
1600 if (r < 0)
1601 return r;
1602
1603 SET_FOREACH(u, units, it) {
1604 r = add_matches_for_user_unit(j, u, getuid());
1605 if (r < 0)
1606 return r;
1607 r = sd_journal_add_disjunction(j);
1608 if (r < 0)
1609 return r;
1610 count++;
1611 }
1612 }
1613
1614 /* Complain if the user request matches but nothing whatsoever was
1615 * found, since otherwise everything would be matched. */
1616 if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1617 return -ENODATA;
1618
1619 r = sd_journal_add_conjunction(j);
1620 if (r < 0)
1621 return r;
1622
1623 return 0;
1624 }
1625
1626 static int add_priorities(sd_journal *j) {
1627 char match[] = "PRIORITY=0";
1628 int i, r;
1629 assert(j);
1630
1631 if (arg_priorities == 0xFF)
1632 return 0;
1633
1634 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1635 if (arg_priorities & (1 << i)) {
1636 match[sizeof(match)-2] = '0' + i;
1637
1638 r = sd_journal_add_match(j, match, strlen(match));
1639 if (r < 0)
1640 return log_error_errno(r, "Failed to add match: %m");
1641 }
1642
1643 r = sd_journal_add_conjunction(j);
1644 if (r < 0)
1645 return log_error_errno(r, "Failed to add conjunction: %m");
1646
1647 return 0;
1648 }
1649
1650 static int add_syslog_identifier(sd_journal *j) {
1651 int r;
1652 char **i;
1653
1654 assert(j);
1655
1656 STRV_FOREACH(i, arg_syslog_identifier) {
1657 char *u;
1658
1659 u = strjoina("SYSLOG_IDENTIFIER=", *i);
1660 r = sd_journal_add_match(j, u, 0);
1661 if (r < 0)
1662 return r;
1663 r = sd_journal_add_disjunction(j);
1664 if (r < 0)
1665 return r;
1666 }
1667
1668 r = sd_journal_add_conjunction(j);
1669 if (r < 0)
1670 return r;
1671
1672 return 0;
1673 }
1674
1675 static int setup_keys(void) {
1676 #if HAVE_GCRYPT
1677 size_t mpk_size, seed_size, state_size, i;
1678 uint8_t *mpk, *seed, *state;
1679 int fd = -1, r;
1680 sd_id128_t machine, boot;
1681 char *p = NULL, *k = NULL;
1682 struct FSSHeader h;
1683 uint64_t n;
1684 struct stat st;
1685
1686 r = stat("/var/log/journal", &st);
1687 if (r < 0 && !IN_SET(errno, ENOENT, ENOTDIR))
1688 return log_error_errno(errno, "stat(\"%s\") failed: %m", "/var/log/journal");
1689
1690 if (r < 0 || !S_ISDIR(st.st_mode)) {
1691 log_error("%s is not a directory, must be using persistent logging for FSS.",
1692 "/var/log/journal");
1693 return r < 0 ? -errno : -ENOTDIR;
1694 }
1695
1696 r = sd_id128_get_machine(&machine);
1697 if (r < 0)
1698 return log_error_errno(r, "Failed to get machine ID: %m");
1699
1700 r = sd_id128_get_boot(&boot);
1701 if (r < 0)
1702 return log_error_errno(r, "Failed to get boot ID: %m");
1703
1704 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1705 SD_ID128_FORMAT_VAL(machine)) < 0)
1706 return log_oom();
1707
1708 if (arg_force) {
1709 r = unlink(p);
1710 if (r < 0 && errno != ENOENT) {
1711 r = log_error_errno(errno, "unlink(\"%s\") failed: %m", p);
1712 goto finish;
1713 }
1714 } else if (access(p, F_OK) >= 0) {
1715 log_error("Sealing key file %s exists already. Use --force to recreate.", p);
1716 r = -EEXIST;
1717 goto finish;
1718 }
1719
1720 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1721 SD_ID128_FORMAT_VAL(machine)) < 0) {
1722 r = log_oom();
1723 goto finish;
1724 }
1725
1726 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1727 mpk = alloca(mpk_size);
1728
1729 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1730 seed = alloca(seed_size);
1731
1732 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1733 state = alloca(state_size);
1734
1735 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1736 if (fd < 0) {
1737 r = log_error_errno(errno, "Failed to open /dev/random: %m");
1738 goto finish;
1739 }
1740
1741 log_info("Generating seed...");
1742 r = loop_read_exact(fd, seed, seed_size, true);
1743 if (r < 0) {
1744 log_error_errno(r, "Failed to read random seed: %m");
1745 goto finish;
1746 }
1747
1748 log_info("Generating key pair...");
1749 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1750
1751 log_info("Generating sealing key...");
1752 FSPRG_GenState0(state, mpk, seed, seed_size);
1753
1754 assert(arg_interval > 0);
1755
1756 n = now(CLOCK_REALTIME);
1757 n /= arg_interval;
1758
1759 safe_close(fd);
1760 fd = mkostemp_safe(k);
1761 if (fd < 0) {
1762 r = log_error_errno(fd, "Failed to open %s: %m", k);
1763 goto finish;
1764 }
1765
1766 /* Enable secure remove, exclusion from dump, synchronous
1767 * writing and in-place updating */
1768 r = chattr_fd(fd, FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL, FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL);
1769 if (r < 0)
1770 log_warning_errno(r, "Failed to set file attributes: %m");
1771
1772 zero(h);
1773 memcpy(h.signature, "KSHHRHLP", 8);
1774 h.machine_id = machine;
1775 h.boot_id = boot;
1776 h.header_size = htole64(sizeof(h));
1777 h.start_usec = htole64(n * arg_interval);
1778 h.interval_usec = htole64(arg_interval);
1779 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1780 h.fsprg_state_size = htole64(state_size);
1781
1782 r = loop_write(fd, &h, sizeof(h), false);
1783 if (r < 0) {
1784 log_error_errno(r, "Failed to write header: %m");
1785 goto finish;
1786 }
1787
1788 r = loop_write(fd, state, state_size, false);
1789 if (r < 0) {
1790 log_error_errno(r, "Failed to write state: %m");
1791 goto finish;
1792 }
1793
1794 if (link(k, p) < 0) {
1795 r = log_error_errno(errno, "Failed to link file: %m");
1796 goto finish;
1797 }
1798
1799 if (on_tty()) {
1800 fprintf(stderr,
1801 "\n"
1802 "The new key pair has been generated. The %ssecret sealing key%s has been written to\n"
1803 "the following local file. This key file is automatically updated when the\n"
1804 "sealing key is advanced. It should not be used on multiple hosts.\n"
1805 "\n"
1806 "\t%s\n"
1807 "\n"
1808 "Please write down the following %ssecret verification key%s. It should be stored\n"
1809 "at a safe location and should not be saved locally on disk.\n"
1810 "\n\t%s",
1811 ansi_highlight(), ansi_normal(),
1812 p,
1813 ansi_highlight(), ansi_normal(),
1814 ansi_highlight_red());
1815 fflush(stderr);
1816 }
1817 for (i = 0; i < seed_size; i++) {
1818 if (i > 0 && i % 3 == 0)
1819 putchar('-');
1820 printf("%02x", ((uint8_t*) seed)[i]);
1821 }
1822
1823 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1824
1825 if (on_tty()) {
1826 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1827
1828 fprintf(stderr,
1829 "%s\n"
1830 "The sealing key is automatically changed every %s.\n",
1831 ansi_normal(),
1832 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1833
1834 hn = gethostname_malloc();
1835
1836 if (hn) {
1837 hostname_cleanup(hn);
1838 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1839 } else
1840 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1841
1842 #if HAVE_QRENCODE
1843 /* If this is not an UTF-8 system don't print any QR codes */
1844 if (is_locale_utf8()) {
1845 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1846 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1847 }
1848 #endif
1849 free(hn);
1850 }
1851
1852 r = 0;
1853
1854 finish:
1855 safe_close(fd);
1856
1857 if (k) {
1858 unlink(k);
1859 free(k);
1860 }
1861
1862 free(p);
1863
1864 return r;
1865 #else
1866 log_error("Forward-secure sealing not available.");
1867 return -EOPNOTSUPP;
1868 #endif
1869 }
1870
1871 static int verify(sd_journal *j) {
1872 int r = 0;
1873 Iterator i;
1874 JournalFile *f;
1875
1876 assert(j);
1877
1878 log_show_color(true);
1879
1880 ORDERED_HASHMAP_FOREACH(f, j->files, i) {
1881 int k;
1882 usec_t first = 0, validated = 0, last = 0;
1883
1884 #if HAVE_GCRYPT
1885 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1886 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1887 #endif
1888
1889 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1890 if (k == -EINVAL) {
1891 /* If the key was invalid give up right-away. */
1892 return k;
1893 } else if (k < 0) {
1894 log_warning_errno(k, "FAIL: %s (%m)", f->path);
1895 r = k;
1896 } else {
1897 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1898 log_info("PASS: %s", f->path);
1899
1900 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1901 if (validated > 0) {
1902 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1903 format_timestamp_maybe_utc(a, sizeof(a), first),
1904 format_timestamp_maybe_utc(b, sizeof(b), validated),
1905 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1906 } else if (last > 0)
1907 log_info("=> No sealing yet, %s of entries not sealed.",
1908 format_timespan(c, sizeof(c), last - first, 0));
1909 else
1910 log_info("=> No sealing yet, no entries in file.");
1911 }
1912 }
1913 }
1914
1915 return r;
1916 }
1917
1918 static int flush_to_var(void) {
1919 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
1920 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1921 _cleanup_close_ int watch_fd = -1;
1922 int r;
1923
1924 if (arg_machine) {
1925 log_error("--flush is not supported in conjunction with --machine=.");
1926 return -EOPNOTSUPP;
1927 }
1928
1929 /* Quick exit */
1930 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1931 return 0;
1932
1933 /* OK, let's actually do the full logic, send SIGUSR1 to the
1934 * daemon and set up inotify to wait for the flushed file to appear */
1935 r = bus_connect_system_systemd(&bus);
1936 if (r < 0)
1937 return log_error_errno(r, "Failed to get D-Bus connection: %m");
1938
1939 r = sd_bus_call_method(
1940 bus,
1941 "org.freedesktop.systemd1",
1942 "/org/freedesktop/systemd1",
1943 "org.freedesktop.systemd1.Manager",
1944 "KillUnit",
1945 &error,
1946 NULL,
1947 "ssi", "systemd-journald.service", "main", SIGUSR1);
1948 if (r < 0)
1949 return log_error_errno(r, "Failed to kill journal service: %s", bus_error_message(&error, r));
1950
1951 mkdir_p("/run/systemd/journal", 0755);
1952
1953 watch_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
1954 if (watch_fd < 0)
1955 return log_error_errno(errno, "Failed to create inotify watch: %m");
1956
1957 r = inotify_add_watch(watch_fd, "/run/systemd/journal", IN_CREATE|IN_DONT_FOLLOW|IN_ONLYDIR);
1958 if (r < 0)
1959 return log_error_errno(errno, "Failed to watch journal directory: %m");
1960
1961 for (;;) {
1962 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1963 break;
1964
1965 if (errno != ENOENT)
1966 return log_error_errno(errno, "Failed to check for existence of /run/systemd/journal/flushed: %m");
1967
1968 r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY);
1969 if (r < 0)
1970 return log_error_errno(r, "Failed to wait for event: %m");
1971
1972 r = flush_fd(watch_fd);
1973 if (r < 0)
1974 return log_error_errno(r, "Failed to flush inotify events: %m");
1975 }
1976
1977 return 0;
1978 }
1979
1980 static int send_signal_and_wait(int sig, const char *watch_path) {
1981 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
1982 _cleanup_close_ int watch_fd = -1;
1983 usec_t start;
1984 int r;
1985
1986 if (arg_machine) {
1987 log_error("--sync and --rotate are not supported in conjunction with --machine=.");
1988 return -EOPNOTSUPP;
1989 }
1990
1991 start = now(CLOCK_MONOTONIC);
1992
1993 /* This call sends the specified signal to journald, and waits
1994 * for acknowledgment by watching the mtime of the specified
1995 * flag file. This is used to trigger syncing or rotation and
1996 * then wait for the operation to complete. */
1997
1998 for (;;) {
1999 usec_t tstamp;
2000
2001 /* See if a sync happened by now. */
2002 r = read_timestamp_file(watch_path, &tstamp);
2003 if (r < 0 && r != -ENOENT)
2004 return log_error_errno(errno, "Failed to read %s: %m", watch_path);
2005 if (r >= 0 && tstamp >= start)
2006 return 0;
2007
2008 /* Let's ask for a sync, but only once. */
2009 if (!bus) {
2010 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2011
2012 r = bus_connect_system_systemd(&bus);
2013 if (r < 0)
2014 return log_error_errno(r, "Failed to get D-Bus connection: %m");
2015
2016 r = sd_bus_call_method(
2017 bus,
2018 "org.freedesktop.systemd1",
2019 "/org/freedesktop/systemd1",
2020 "org.freedesktop.systemd1.Manager",
2021 "KillUnit",
2022 &error,
2023 NULL,
2024 "ssi", "systemd-journald.service", "main", sig);
2025 if (r < 0)
2026 return log_error_errno(r, "Failed to kill journal service: %s", bus_error_message(&error, r));
2027
2028 continue;
2029 }
2030
2031 /* Let's install the inotify watch, if we didn't do that yet. */
2032 if (watch_fd < 0) {
2033
2034 mkdir_p("/run/systemd/journal", 0755);
2035
2036 watch_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
2037 if (watch_fd < 0)
2038 return log_error_errno(errno, "Failed to create inotify watch: %m");
2039
2040 r = inotify_add_watch(watch_fd, "/run/systemd/journal", IN_MOVED_TO|IN_DONT_FOLLOW|IN_ONLYDIR);
2041 if (r < 0)
2042 return log_error_errno(errno, "Failed to watch journal directory: %m");
2043
2044 /* Recheck the flag file immediately, so that we don't miss any event since the last check. */
2045 continue;
2046 }
2047
2048 /* OK, all preparatory steps done, let's wait until
2049 * inotify reports an event. */
2050
2051 r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY);
2052 if (r < 0)
2053 return log_error_errno(r, "Failed to wait for event: %m");
2054
2055 r = flush_fd(watch_fd);
2056 if (r < 0)
2057 return log_error_errno(r, "Failed to flush inotify events: %m");
2058 }
2059
2060 return 0;
2061 }
2062
2063 static int rotate(void) {
2064 return send_signal_and_wait(SIGUSR2, "/run/systemd/journal/rotated");
2065 }
2066
2067 static int sync_journal(void) {
2068 return send_signal_and_wait(SIGRTMIN+1, "/run/systemd/journal/synced");
2069 }
2070
2071 int main(int argc, char *argv[]) {
2072 int r;
2073 _cleanup_(sd_journal_closep) sd_journal *j = NULL;
2074 bool need_seek = false;
2075 sd_id128_t previous_boot_id;
2076 bool previous_boot_id_valid = false, first_line = true;
2077 int n_shown = 0;
2078 bool ellipsized = false;
2079
2080 setlocale(LC_ALL, "");
2081 log_parse_environment();
2082 log_open();
2083
2084 r = parse_argv(argc, argv);
2085 if (r <= 0)
2086 goto finish;
2087
2088 signal(SIGWINCH, columns_lines_cache_reset);
2089 sigbus_install();
2090
2091 /* Increase max number of open files to 16K if we can, we
2092 * might needs this when browsing journal files, which might
2093 * be split up into many files. */
2094 setrlimit_closest(RLIMIT_NOFILE, &RLIMIT_MAKE_CONST(16384));
2095
2096 switch (arg_action) {
2097
2098 case ACTION_NEW_ID128:
2099 r = generate_new_id128();
2100 goto finish;
2101
2102 case ACTION_SETUP_KEYS:
2103 r = setup_keys();
2104 goto finish;
2105
2106 case ACTION_LIST_CATALOG:
2107 case ACTION_DUMP_CATALOG:
2108 case ACTION_UPDATE_CATALOG: {
2109 _cleanup_free_ char *database;
2110
2111 database = path_join(arg_root, CATALOG_DATABASE, NULL);
2112 if (!database) {
2113 r = log_oom();
2114 goto finish;
2115 }
2116
2117 if (arg_action == ACTION_UPDATE_CATALOG) {
2118 r = catalog_update(database, arg_root, catalog_file_dirs);
2119 if (r < 0)
2120 log_error_errno(r, "Failed to list catalog: %m");
2121 } else {
2122 bool oneline = arg_action == ACTION_LIST_CATALOG;
2123
2124 (void) pager_open(arg_no_pager, arg_pager_end);
2125
2126 if (optind < argc)
2127 r = catalog_list_items(stdout, database, oneline, argv + optind);
2128 else
2129 r = catalog_list(stdout, database, oneline);
2130 if (r < 0)
2131 log_error_errno(r, "Failed to list catalog: %m");
2132 }
2133
2134 goto finish;
2135 }
2136
2137 case ACTION_FLUSH:
2138 r = flush_to_var();
2139 goto finish;
2140
2141 case ACTION_SYNC:
2142 r = sync_journal();
2143 goto finish;
2144
2145 case ACTION_ROTATE:
2146 r = rotate();
2147 goto finish;
2148
2149 case ACTION_SHOW:
2150 case ACTION_PRINT_HEADER:
2151 case ACTION_VERIFY:
2152 case ACTION_DISK_USAGE:
2153 case ACTION_LIST_BOOTS:
2154 case ACTION_VACUUM:
2155 case ACTION_LIST_FIELDS:
2156 case ACTION_LIST_FIELD_NAMES:
2157 /* These ones require access to the journal files, continue below. */
2158 break;
2159
2160 default:
2161 assert_not_reached("Unknown action");
2162 }
2163
2164 if (arg_directory)
2165 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
2166 else if (arg_root)
2167 r = sd_journal_open_directory(&j, arg_root, arg_journal_type | SD_JOURNAL_OS_ROOT);
2168 else if (arg_file_stdin) {
2169 int ifd = STDIN_FILENO;
2170 r = sd_journal_open_files_fd(&j, &ifd, 1, 0);
2171 } else if (arg_file)
2172 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
2173 else if (arg_machine) {
2174 _cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
2175 _cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
2176 _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
2177 int fd;
2178
2179 if (geteuid() != 0) {
2180 /* The file descriptor returned by OpenMachineRootDirectory() will be owned by users/groups of
2181 * the container, thus we need root privileges to override them. */
2182 log_error("Using the --machine= switch requires root privileges.");
2183 r = -EPERM;
2184 goto finish;
2185 }
2186
2187 r = sd_bus_open_system(&bus);
2188 if (r < 0) {
2189 log_error_errno(r, "Failed to open system bus: %m");
2190 goto finish;
2191 }
2192
2193 r = sd_bus_call_method(
2194 bus,
2195 "org.freedesktop.machine1",
2196 "/org/freedesktop/machine1",
2197 "org.freedesktop.machine1.Manager",
2198 "OpenMachineRootDirectory",
2199 &error,
2200 &reply,
2201 "s", arg_machine);
2202 if (r < 0) {
2203 log_error_errno(r, "Failed to open root directory: %s", bus_error_message(&error, r));
2204 goto finish;
2205 }
2206
2207 r = sd_bus_message_read(reply, "h", &fd);
2208 if (r < 0) {
2209 bus_log_parse_error(r);
2210 goto finish;
2211 }
2212
2213 fd = fcntl(fd, F_DUPFD_CLOEXEC, 3);
2214 if (fd < 0) {
2215 r = log_error_errno(errno, "Failed to duplicate file descriptor: %m");
2216 goto finish;
2217 }
2218
2219 r = sd_journal_open_directory_fd(&j, fd, SD_JOURNAL_OS_ROOT);
2220 if (r < 0)
2221 safe_close(fd);
2222 } else
2223 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
2224 if (r < 0) {
2225 log_error_errno(r, "Failed to open %s: %m", arg_directory ?: arg_file ? "files" : "journal");
2226 goto finish;
2227 }
2228
2229 r = journal_access_check_and_warn(j, arg_quiet,
2230 !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units));
2231 if (r < 0)
2232 goto finish;
2233
2234 switch (arg_action) {
2235
2236 case ACTION_NEW_ID128:
2237 case ACTION_SETUP_KEYS:
2238 case ACTION_LIST_CATALOG:
2239 case ACTION_DUMP_CATALOG:
2240 case ACTION_UPDATE_CATALOG:
2241 case ACTION_FLUSH:
2242 case ACTION_SYNC:
2243 case ACTION_ROTATE:
2244 assert_not_reached("Unexpected action.");
2245
2246 case ACTION_PRINT_HEADER:
2247 journal_print_header(j);
2248 r = 0;
2249 goto finish;
2250
2251 case ACTION_VERIFY:
2252 r = verify(j);
2253 goto finish;
2254
2255 case ACTION_DISK_USAGE: {
2256 uint64_t bytes = 0;
2257 char sbytes[FORMAT_BYTES_MAX];
2258
2259 r = sd_journal_get_usage(j, &bytes);
2260 if (r < 0)
2261 goto finish;
2262
2263 printf("Archived and active journals take up %s in the file system.\n",
2264 format_bytes(sbytes, sizeof(sbytes), bytes));
2265 goto finish;
2266 }
2267
2268 case ACTION_LIST_BOOTS:
2269 r = list_boots(j);
2270 goto finish;
2271
2272 case ACTION_VACUUM: {
2273 Directory *d;
2274 Iterator i;
2275
2276 HASHMAP_FOREACH(d, j->directories_by_path, i) {
2277 int q;
2278
2279 if (d->is_root)
2280 continue;
2281
2282 q = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet);
2283 if (q < 0) {
2284 log_error_errno(q, "Failed to vacuum %s: %m", d->path);
2285 r = q;
2286 }
2287 }
2288
2289 goto finish;
2290 }
2291
2292 case ACTION_LIST_FIELD_NAMES: {
2293 const char *field;
2294
2295 SD_JOURNAL_FOREACH_FIELD(j, field) {
2296 printf("%s\n", field);
2297 n_shown++;
2298 }
2299
2300 r = 0;
2301 goto finish;
2302 }
2303
2304 case ACTION_SHOW:
2305 case ACTION_LIST_FIELDS:
2306 break;
2307
2308 default:
2309 assert_not_reached("Unknown action");
2310 }
2311
2312 if (arg_boot_offset != 0 &&
2313 sd_journal_has_runtime_files(j) > 0 &&
2314 sd_journal_has_persistent_files(j) == 0) {
2315 log_info("Specifying boot ID or boot offset has no effect, no persistent journal was found.");
2316 r = 0;
2317 goto finish;
2318 }
2319 /* add_boot() must be called first!
2320 * It may need to seek the journal to find parent boot IDs. */
2321 r = add_boot(j);
2322 if (r < 0)
2323 goto finish;
2324
2325 r = add_dmesg(j);
2326 if (r < 0)
2327 goto finish;
2328
2329 r = add_units(j);
2330 if (r < 0) {
2331 log_error_errno(r, "Failed to add filter for units: %m");
2332 goto finish;
2333 }
2334
2335 r = add_syslog_identifier(j);
2336 if (r < 0) {
2337 log_error_errno(r, "Failed to add filter for syslog identifiers: %m");
2338 goto finish;
2339 }
2340
2341 r = add_priorities(j);
2342 if (r < 0)
2343 goto finish;
2344
2345 r = add_matches(j, argv + optind);
2346 if (r < 0)
2347 goto finish;
2348
2349 if (DEBUG_LOGGING) {
2350 _cleanup_free_ char *filter;
2351
2352 filter = journal_make_match_string(j);
2353 if (!filter)
2354 return log_oom();
2355
2356 log_debug("Journal filter: %s", filter);
2357 }
2358
2359 if (arg_action == ACTION_LIST_FIELDS) {
2360 const void *data;
2361 size_t size;
2362
2363 assert(arg_field);
2364
2365 r = sd_journal_set_data_threshold(j, 0);
2366 if (r < 0) {
2367 log_error_errno(r, "Failed to unset data size threshold: %m");
2368 goto finish;
2369 }
2370
2371 r = sd_journal_query_unique(j, arg_field);
2372 if (r < 0) {
2373 log_error_errno(r, "Failed to query unique data objects: %m");
2374 goto finish;
2375 }
2376
2377 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
2378 const void *eq;
2379
2380 if (arg_lines >= 0 && n_shown >= arg_lines)
2381 break;
2382
2383 eq = memchr(data, '=', size);
2384 if (eq)
2385 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
2386 else
2387 printf("%.*s\n", (int) size, (const char*) data);
2388
2389 n_shown++;
2390 }
2391
2392 r = 0;
2393 goto finish;
2394 }
2395
2396 /* Opening the fd now means the first sd_journal_wait() will actually wait */
2397 if (arg_follow) {
2398 r = sd_journal_get_fd(j);
2399 if (r == -EMEDIUMTYPE) {
2400 log_error_errno(r, "The --follow switch is not supported in conjunction with reading from STDIN.");
2401 goto finish;
2402 }
2403 if (r < 0) {
2404 log_error_errno(r, "Failed to get journal fd: %m");
2405 goto finish;
2406 }
2407 }
2408
2409 if (arg_cursor || arg_after_cursor) {
2410 r = sd_journal_seek_cursor(j, arg_cursor ?: arg_after_cursor);
2411 if (r < 0) {
2412 log_error_errno(r, "Failed to seek to cursor: %m");
2413 goto finish;
2414 }
2415
2416 if (!arg_reverse)
2417 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
2418 else
2419 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
2420
2421 if (arg_after_cursor && r < 2) {
2422 /* We couldn't find the next entry after the cursor. */
2423 if (arg_follow)
2424 need_seek = true;
2425 else
2426 arg_lines = 0;
2427 }
2428
2429 } else if (arg_since_set && !arg_reverse) {
2430 r = sd_journal_seek_realtime_usec(j, arg_since);
2431 if (r < 0) {
2432 log_error_errno(r, "Failed to seek to date: %m");
2433 goto finish;
2434 }
2435 r = sd_journal_next(j);
2436
2437 } else if (arg_until_set && arg_reverse) {
2438 r = sd_journal_seek_realtime_usec(j, arg_until);
2439 if (r < 0) {
2440 log_error_errno(r, "Failed to seek to date: %m");
2441 goto finish;
2442 }
2443 r = sd_journal_previous(j);
2444
2445 } else if (arg_lines >= 0) {
2446 r = sd_journal_seek_tail(j);
2447 if (r < 0) {
2448 log_error_errno(r, "Failed to seek to tail: %m");
2449 goto finish;
2450 }
2451
2452 r = sd_journal_previous_skip(j, arg_lines);
2453
2454 } else if (arg_reverse) {
2455 r = sd_journal_seek_tail(j);
2456 if (r < 0) {
2457 log_error_errno(r, "Failed to seek to tail: %m");
2458 goto finish;
2459 }
2460
2461 r = sd_journal_previous(j);
2462
2463 } else {
2464 r = sd_journal_seek_head(j);
2465 if (r < 0) {
2466 log_error_errno(r, "Failed to seek to head: %m");
2467 goto finish;
2468 }
2469
2470 r = sd_journal_next(j);
2471 }
2472
2473 if (r < 0) {
2474 log_error_errno(r, "Failed to iterate through journal: %m");
2475 goto finish;
2476 }
2477 if (r == 0)
2478 need_seek = true;
2479
2480 if (!arg_follow)
2481 (void) pager_open(arg_no_pager, arg_pager_end);
2482
2483 if (!arg_quiet && (arg_lines != 0 || arg_follow)) {
2484 usec_t start, end;
2485 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
2486
2487 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
2488 if (r < 0) {
2489 log_error_errno(r, "Failed to get cutoff: %m");
2490 goto finish;
2491 }
2492
2493 if (r > 0) {
2494 if (arg_follow)
2495 printf("-- Logs begin at %s. --\n",
2496 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
2497 else
2498 printf("-- Logs begin at %s, end at %s. --\n",
2499 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
2500 format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
2501 }
2502 }
2503
2504 for (;;) {
2505 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
2506 int flags;
2507 size_t highlight[2] = {};
2508
2509 if (need_seek) {
2510 if (!arg_reverse)
2511 r = sd_journal_next(j);
2512 else
2513 r = sd_journal_previous(j);
2514 if (r < 0) {
2515 log_error_errno(r, "Failed to iterate through journal: %m");
2516 goto finish;
2517 }
2518 if (r == 0)
2519 break;
2520 }
2521
2522 if (arg_until_set && !arg_reverse) {
2523 usec_t usec;
2524
2525 r = sd_journal_get_realtime_usec(j, &usec);
2526 if (r < 0) {
2527 log_error_errno(r, "Failed to determine timestamp: %m");
2528 goto finish;
2529 }
2530 if (usec > arg_until)
2531 goto finish;
2532 }
2533
2534 if (arg_since_set && arg_reverse) {
2535 usec_t usec;
2536
2537 r = sd_journal_get_realtime_usec(j, &usec);
2538 if (r < 0) {
2539 log_error_errno(r, "Failed to determine timestamp: %m");
2540 goto finish;
2541 }
2542 if (usec < arg_since)
2543 goto finish;
2544 }
2545
2546 if (!arg_merge && !arg_quiet) {
2547 sd_id128_t boot_id;
2548
2549 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
2550 if (r >= 0) {
2551 if (previous_boot_id_valid &&
2552 !sd_id128_equal(boot_id, previous_boot_id))
2553 printf("%s-- Reboot --%s\n",
2554 ansi_highlight(), ansi_normal());
2555
2556 previous_boot_id = boot_id;
2557 previous_boot_id_valid = true;
2558 }
2559 }
2560
2561 #if HAVE_PCRE2
2562 if (arg_compiled_pattern) {
2563 _cleanup_(pcre2_match_data_freep) pcre2_match_data *md = NULL;
2564 const void *message;
2565 size_t len;
2566 PCRE2_SIZE *ovec;
2567
2568 md = pcre2_match_data_create(1, NULL);
2569 if (!md)
2570 return log_oom();
2571
2572 r = sd_journal_get_data(j, "MESSAGE", &message, &len);
2573 if (r < 0) {
2574 if (r == -ENOENT) {
2575 need_seek = true;
2576 continue;
2577 }
2578
2579 log_error_errno(r, "Failed to get MESSAGE field: %m");
2580 goto finish;
2581 }
2582
2583 assert_se(message = startswith(message, "MESSAGE="));
2584
2585 r = pcre2_match(arg_compiled_pattern,
2586 message,
2587 len - strlen("MESSAGE="),
2588 0, /* start at offset 0 in the subject */
2589 0, /* default options */
2590 md,
2591 NULL);
2592 if (r == PCRE2_ERROR_NOMATCH) {
2593 need_seek = true;
2594 continue;
2595 }
2596 if (r < 0) {
2597 unsigned char buf[LINE_MAX];
2598 int r2;
2599
2600 r2 = pcre2_get_error_message(r, buf, sizeof buf);
2601 log_error("Pattern matching failed: %s",
2602 r2 < 0 ? "unknown error" : (char*) buf);
2603 r = -EINVAL;
2604 goto finish;
2605 }
2606
2607 ovec = pcre2_get_ovector_pointer(md);
2608 highlight[0] = ovec[0];
2609 highlight[1] = ovec[1];
2610 }
2611 #endif
2612
2613 flags =
2614 arg_all * OUTPUT_SHOW_ALL |
2615 arg_full * OUTPUT_FULL_WIDTH |
2616 colors_enabled() * OUTPUT_COLOR |
2617 arg_catalog * OUTPUT_CATALOG |
2618 arg_utc * OUTPUT_UTC |
2619 arg_no_hostname * OUTPUT_NO_HOSTNAME;
2620
2621 r = show_journal_entry(stdout, j, arg_output, 0, flags,
2622 arg_output_fields, highlight, &ellipsized);
2623 need_seek = true;
2624 if (r == -EADDRNOTAVAIL)
2625 break;
2626 else if (r < 0 || ferror(stdout))
2627 goto finish;
2628
2629 n_shown++;
2630
2631 /* If journalctl take a long time to process messages, and during that time journal file
2632 * rotation occurs, a journalctl client will keep those rotated files open until it calls
2633 * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below
2634 * in the "following" case. By periodically calling sd_journal_process() during the processing
2635 * loop we shrink the window of time a client instance has open file descriptors for rotated
2636 * (deleted) journal files. */
2637 if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) {
2638 r = sd_journal_process(j);
2639 if (r < 0) {
2640 log_error_errno(r, "Failed to process inotify events: %m");
2641 goto finish;
2642 }
2643 }
2644 }
2645
2646 if (!arg_follow) {
2647 if (n_shown == 0 && !arg_quiet)
2648 printf("-- No entries --\n");
2649
2650 if (arg_show_cursor) {
2651 _cleanup_free_ char *cursor = NULL;
2652
2653 r = sd_journal_get_cursor(j, &cursor);
2654 if (r < 0 && r != -EADDRNOTAVAIL)
2655 log_error_errno(r, "Failed to get cursor: %m");
2656 else if (r >= 0)
2657 printf("-- cursor: %s\n", cursor);
2658 }
2659
2660 break;
2661 }
2662
2663 fflush(stdout);
2664 r = sd_journal_wait(j, (uint64_t) -1);
2665 if (r < 0) {
2666 log_error_errno(r, "Couldn't wait for journal event: %m");
2667 goto finish;
2668 }
2669
2670 first_line = false;
2671 }
2672
2673 finish:
2674 fflush(stdout);
2675 pager_close();
2676
2677 strv_free(arg_file);
2678
2679 strv_free(arg_syslog_identifier);
2680 strv_free(arg_system_units);
2681 strv_free(arg_user_units);
2682 strv_free(arg_output_fields);
2683
2684 free(arg_root);
2685 free(arg_verify_key);
2686
2687 #if HAVE_PCRE2
2688 if (arg_compiled_pattern)
2689 pcre2_code_free(arg_compiled_pattern);
2690 #endif
2691
2692 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
2693 }
Unnamed repository; edit this file 'description' to name the repository.