1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/signalfd.h>
23 #include <sys/ioctl.h>
24 #include <linux/sockios.h>
25 #include <sys/statvfs.h>
29 #include <selinux/selinux.h>
34 #include "sd-journal.h"
35 #include "sd-messages.h"
36 #include "sd-daemon.h"
40 #include "journal-file.h"
41 #include "socket-util.h"
42 #include "cgroup-util.h"
44 #include "conf-parser.h"
45 #include "selinux-util.h"
47 #include "formats-util.h"
48 #include "process-util.h"
49 #include "hostname-util.h"
50 #include "signal-util.h"
51 #include "journal-internal.h"
52 #include "journal-vacuum.h"
53 #include "journal-authenticate.h"
54 #include "journald-rate-limit.h"
55 #include "journald-kmsg.h"
56 #include "journald-syslog.h"
57 #include "journald-stream.h"
58 #include "journald-native.h"
59 #include "journald-audit.h"
60 #include "journald-server.h"
62 #define USER_JOURNALS_MAX 1024
64 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
65 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
66 #define DEFAULT_RATE_LIMIT_BURST 1000
67 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
69 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
71 static const char* const storage_table
[_STORAGE_MAX
] = {
72 [STORAGE_AUTO
] = "auto",
73 [STORAGE_VOLATILE
] = "volatile",
74 [STORAGE_PERSISTENT
] = "persistent",
75 [STORAGE_NONE
] = "none"
78 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
79 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
81 static const char* const split_mode_table
[_SPLIT_MAX
] = {
82 [SPLIT_LOGIN
] = "login",
84 [SPLIT_NONE
] = "none",
87 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
88 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");
90 static uint64_t available_space(Server
*s
, bool verbose
) {
92 _cleanup_free_
char *p
= NULL
;
95 uint64_t sum
= 0, ss_avail
= 0, avail
= 0;
97 _cleanup_closedir_
DIR *d
= NULL
;
102 ts
= now(CLOCK_MONOTONIC
);
104 if (s
->cached_available_space_timestamp
+ RECHECK_AVAILABLE_SPACE_USEC
> ts
106 return s
->cached_available_space
;
108 r
= sd_id128_get_machine(&machine
);
112 if (s
->system_journal
) {
113 f
= "/var/log/journal/";
114 m
= &s
->system_metrics
;
116 f
= "/run/log/journal/";
117 m
= &s
->runtime_metrics
;
122 p
= strappend(f
, sd_id128_to_string(machine
, ids
));
130 if (fstatvfs(dirfd(d
), &ss
) < 0)
139 if (!de
&& errno
!= 0)
145 if (!endswith(de
->d_name
, ".journal") &&
146 !endswith(de
->d_name
, ".journal~"))
149 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0)
152 if (!S_ISREG(st
.st_mode
))
155 sum
+= (uint64_t) st
.st_blocks
* 512UL;
158 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
160 /* If we reached a high mark, we will always allow this much
161 * again, unless usage goes above max_use. This watermark
162 * value is cached so that we don't give up space on pressure,
163 * but hover below the maximum usage. */
168 avail
= LESS_BY(ss_avail
, m
->keep_free
);
170 s
->cached_available_space
= LESS_BY(MIN(m
->max_use
, avail
), sum
);
171 s
->cached_available_space_timestamp
= ts
;
174 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
175 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
];
177 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
178 "%s is currently using %s.\n"
179 "Maximum allowed usage is set to %s.\n"
180 "Leaving at least %s free (of currently available %s of space).\n"
181 "Enforced usage limit is thus %s.",
182 s
->system_journal
? "Permanent journal (/var/log/journal/)" : "Runtime journal (/run/log/journal/)",
183 format_bytes(fb1
, sizeof(fb1
), sum
),
184 format_bytes(fb2
, sizeof(fb2
), m
->max_use
),
185 format_bytes(fb3
, sizeof(fb3
), m
->keep_free
),
186 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
187 format_bytes(fb5
, sizeof(fb5
), s
->cached_available_space
+ sum
));
190 return s
->cached_available_space
;
193 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
198 acl_permset_t permset
;
203 r
= fchmod(f
->fd
, 0640);
205 log_warning_errno(r
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
208 if (uid
<= SYSTEM_UID_MAX
)
211 acl
= acl_get_fd(f
->fd
);
213 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
217 r
= acl_find_uid(acl
, uid
, &entry
);
220 if (acl_create_entry(&acl
, &entry
) < 0 ||
221 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
222 acl_set_qualifier(entry
, &uid
) < 0) {
223 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
228 /* We do not recalculate the mask unconditionally here,
229 * so that the fchmod() mask above stays intact. */
230 if (acl_get_permset(entry
, &permset
) < 0 ||
231 acl_add_perm(permset
, ACL_READ
) < 0 ||
232 calc_acl_mask_if_needed(&acl
) < 0) {
233 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
237 if (acl_set_fd(f
->fd
, acl
) < 0)
238 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
245 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
246 _cleanup_free_
char *p
= NULL
;
253 /* We split up user logs only on /var, not on /run. If the
254 * runtime file is open, we write to it exclusively, in order
255 * to guarantee proper order as soon as we flush /run to
256 * /var and close the runtime file. */
258 if (s
->runtime_journal
)
259 return s
->runtime_journal
;
261 if (uid
<= SYSTEM_UID_MAX
)
262 return s
->system_journal
;
264 r
= sd_id128_get_machine(&machine
);
266 return s
->system_journal
;
268 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
272 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
273 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
274 return s
->system_journal
;
276 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
277 /* Too many open? Then let's close one */
278 f
= ordered_hashmap_steal_first(s
->user_journals
);
280 journal_file_close(f
);
283 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
285 return s
->system_journal
;
287 server_fix_perms(s
, f
, uid
);
289 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
291 journal_file_close(f
);
292 return s
->system_journal
;
298 static int do_rotate(
311 r
= journal_file_rotate(f
, s
->compress
, seal
);
314 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
316 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
318 server_fix_perms(s
, *f
, uid
);
323 void server_rotate(Server
*s
) {
329 log_debug("Rotating...");
331 do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
332 do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
334 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
335 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
337 ordered_hashmap_replace(s
->user_journals
, k
, f
);
339 /* Old file has been closed and deallocated */
340 ordered_hashmap_remove(s
->user_journals
, k
);
344 void server_sync(Server
*s
) {
350 if (s
->system_journal
) {
351 r
= journal_file_set_offline(s
->system_journal
);
353 log_error_errno(r
, "Failed to sync system journal: %m");
356 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
357 r
= journal_file_set_offline(f
);
359 log_error_errno(r
, "Failed to sync user journal: %m");
362 if (s
->sync_event_source
) {
363 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
365 log_error_errno(r
, "Failed to disable sync timer source: %m");
368 s
->sync_scheduled
= false;
371 static void do_vacuum(
376 JournalMetrics
*metrics
) {
384 p
= strjoina(path
, id
);
385 r
= journal_directory_vacuum(p
, metrics
->max_use
, s
->max_retention_usec
, &s
->oldest_file_usec
, false);
386 if (r
< 0 && r
!= -ENOENT
)
387 log_error_errno(r
, "Failed to vacuum %s: %m", p
);
390 void server_vacuum(Server
*s
) {
395 log_debug("Vacuuming...");
397 s
->oldest_file_usec
= 0;
399 r
= sd_id128_get_machine(&machine
);
401 log_error_errno(r
, "Failed to get machine ID: %m");
404 sd_id128_to_string(machine
, ids
);
406 do_vacuum(s
, ids
, s
->system_journal
, "/var/log/journal/", &s
->system_metrics
);
407 do_vacuum(s
, ids
, s
->runtime_journal
, "/run/log/journal/", &s
->runtime_metrics
);
409 s
->cached_available_space_timestamp
= 0;
412 static void server_cache_machine_id(Server
*s
) {
418 r
= sd_id128_get_machine(&id
);
422 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
425 static void server_cache_boot_id(Server
*s
) {
431 r
= sd_id128_get_boot(&id
);
435 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
438 static void server_cache_hostname(Server
*s
) {
439 _cleanup_free_
char *t
= NULL
;
444 t
= gethostname_malloc();
448 x
= strappend("_HOSTNAME=", t
);
452 free(s
->hostname_field
);
453 s
->hostname_field
= x
;
456 static bool shall_try_append_again(JournalFile
*f
, int r
) {
458 /* -E2BIG Hit configured limit
460 -EDQUOT Quota limit hit
462 -EIO I/O error of some kind (mmap)
463 -EHOSTDOWN Other machine
464 -EBUSY Unclean shutdown
465 -EPROTONOSUPPORT Unsupported feature
468 -ESHUTDOWN Already archived
469 -EIDRM Journal file has been deleted */
471 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
472 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
473 else if (r
== -EHOSTDOWN
)
474 log_info("%s: Journal file from other machine, rotating.", f
->path
);
475 else if (r
== -EBUSY
)
476 log_info("%s: Unclean shutdown, rotating.", f
->path
);
477 else if (r
== -EPROTONOSUPPORT
)
478 log_info("%s: Unsupported feature, rotating.", f
->path
);
479 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
480 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
482 log_warning("%s: IO error, rotating.", f
->path
);
483 else if (r
== -EIDRM
)
484 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
491 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
493 bool vacuumed
= false;
500 f
= find_journal(s
, uid
);
504 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
505 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
510 f
= find_journal(s
, uid
);
515 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
517 server_schedule_sync(s
, priority
);
521 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
522 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
529 f
= find_journal(s
, uid
);
533 log_debug("Retrying write.");
534 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
536 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
538 server_schedule_sync(s
, priority
);
541 static void dispatch_message_real(
543 struct iovec
*iovec
, unsigned n
, unsigned m
,
544 const struct ucred
*ucred
,
545 const struct timeval
*tv
,
546 const char *label
, size_t label_len
,
551 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
552 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
553 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
554 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
555 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
556 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
557 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
558 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
564 uid_t realuid
= 0, owner
= 0, journal_uid
;
565 bool owner_valid
= false;
567 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
568 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
569 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
570 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
579 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
582 realuid
= ucred
->uid
;
584 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
585 IOVEC_SET_STRING(iovec
[n
++], pid
);
587 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
588 IOVEC_SET_STRING(iovec
[n
++], uid
);
590 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
591 IOVEC_SET_STRING(iovec
[n
++], gid
);
593 r
= get_process_comm(ucred
->pid
, &t
);
595 x
= strjoina("_COMM=", t
);
597 IOVEC_SET_STRING(iovec
[n
++], x
);
600 r
= get_process_exe(ucred
->pid
, &t
);
602 x
= strjoina("_EXE=", t
);
604 IOVEC_SET_STRING(iovec
[n
++], x
);
607 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
609 x
= strjoina("_CMDLINE=", t
);
611 IOVEC_SET_STRING(iovec
[n
++], x
);
614 r
= get_process_capeff(ucred
->pid
, &t
);
616 x
= strjoina("_CAP_EFFECTIVE=", t
);
618 IOVEC_SET_STRING(iovec
[n
++], x
);
622 r
= audit_session_from_pid(ucred
->pid
, &audit
);
624 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
625 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
628 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
630 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
631 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
635 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
637 char *session
= NULL
;
639 x
= strjoina("_SYSTEMD_CGROUP=", c
);
640 IOVEC_SET_STRING(iovec
[n
++], x
);
642 r
= cg_path_get_session(c
, &t
);
644 session
= strjoina("_SYSTEMD_SESSION=", t
);
646 IOVEC_SET_STRING(iovec
[n
++], session
);
649 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
652 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
653 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
656 if (cg_path_get_unit(c
, &t
) >= 0) {
657 x
= strjoina("_SYSTEMD_UNIT=", t
);
659 IOVEC_SET_STRING(iovec
[n
++], x
);
660 } else if (unit_id
&& !session
) {
661 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
662 IOVEC_SET_STRING(iovec
[n
++], x
);
665 if (cg_path_get_user_unit(c
, &t
) >= 0) {
666 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
668 IOVEC_SET_STRING(iovec
[n
++], x
);
669 } else if (unit_id
&& session
) {
670 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
671 IOVEC_SET_STRING(iovec
[n
++], x
);
674 if (cg_path_get_slice(c
, &t
) >= 0) {
675 x
= strjoina("_SYSTEMD_SLICE=", t
);
677 IOVEC_SET_STRING(iovec
[n
++], x
);
681 } else if (unit_id
) {
682 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
683 IOVEC_SET_STRING(iovec
[n
++], x
);
687 if (mac_selinux_use()) {
689 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
691 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
692 IOVEC_SET_STRING(iovec
[n
++], x
);
694 security_context_t con
;
696 if (getpidcon(ucred
->pid
, &con
) >= 0) {
697 x
= strjoina("_SELINUX_CONTEXT=", con
);
700 IOVEC_SET_STRING(iovec
[n
++], x
);
709 r
= get_process_uid(object_pid
, &object_uid
);
711 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
712 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
715 r
= get_process_gid(object_pid
, &object_gid
);
717 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
718 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
721 r
= get_process_comm(object_pid
, &t
);
723 x
= strjoina("OBJECT_COMM=", t
);
725 IOVEC_SET_STRING(iovec
[n
++], x
);
728 r
= get_process_exe(object_pid
, &t
);
730 x
= strjoina("OBJECT_EXE=", t
);
732 IOVEC_SET_STRING(iovec
[n
++], x
);
735 r
= get_process_cmdline(object_pid
, 0, false, &t
);
737 x
= strjoina("OBJECT_CMDLINE=", t
);
739 IOVEC_SET_STRING(iovec
[n
++], x
);
743 r
= audit_session_from_pid(object_pid
, &audit
);
745 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
746 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
749 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
751 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
752 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
756 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
758 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
759 IOVEC_SET_STRING(iovec
[n
++], x
);
761 r
= cg_path_get_session(c
, &t
);
763 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
765 IOVEC_SET_STRING(iovec
[n
++], x
);
768 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
769 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
770 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
773 if (cg_path_get_unit(c
, &t
) >= 0) {
774 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
776 IOVEC_SET_STRING(iovec
[n
++], x
);
779 if (cg_path_get_user_unit(c
, &t
) >= 0) {
780 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
782 IOVEC_SET_STRING(iovec
[n
++], x
);
791 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
792 IOVEC_SET_STRING(iovec
[n
++], source_time
);
795 /* Note that strictly speaking storing the boot id here is
796 * redundant since the entry includes this in-line
797 * anyway. However, we need this indexed, too. */
798 if (!isempty(s
->boot_id_field
))
799 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
801 if (!isempty(s
->machine_id_field
))
802 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
804 if (!isempty(s
->hostname_field
))
805 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
809 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
810 /* Split up strictly by any UID */
811 journal_uid
= realuid
;
812 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
813 /* Split up by login UIDs. We do this only if the
814 * realuid is not root, in order not to accidentally
815 * leak privileged information to the user that is
816 * logged by a privileged process that is part of an
817 * unprivileged session. */
822 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
825 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
826 char mid
[11 + 32 + 1];
827 char buffer
[16 + LINE_MAX
+ 1];
828 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
831 struct ucred ucred
= {};
836 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
837 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
839 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
840 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
842 memcpy(buffer
, "MESSAGE=", 8);
843 va_start(ap
, format
);
844 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
846 IOVEC_SET_STRING(iovec
[n
++], buffer
);
848 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
849 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
850 IOVEC_SET_STRING(iovec
[n
++], mid
);
853 ucred
.pid
= getpid();
854 ucred
.uid
= getuid();
855 ucred
.gid
= getgid();
857 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
860 void server_dispatch_message(
862 struct iovec
*iovec
, unsigned n
, unsigned m
,
863 const struct ucred
*ucred
,
864 const struct timeval
*tv
,
865 const char *label
, size_t label_len
,
871 _cleanup_free_
char *path
= NULL
;
875 assert(iovec
|| n
== 0);
880 if (LOG_PRI(priority
) > s
->max_level_store
)
883 /* Stop early in case the information will not be stored
885 if (s
->storage
== STORAGE_NONE
)
891 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
895 /* example: /user/lennart/3/foobar
896 * /system/dbus.service/foobar
898 * So let's cut of everything past the third /, since that is
899 * where user directories start */
901 c
= strchr(path
, '/');
903 c
= strchr(c
+1, '/');
905 c
= strchr(c
+1, '/');
911 rl
= journal_rate_limit_test(s
->rate_limit
, path
,
912 priority
& LOG_PRIMASK
, available_space(s
, false));
917 /* Write a suppression message if we suppressed something */
919 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
920 "Suppressed %u messages from %s", rl
- 1, path
);
923 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
927 static int system_journal_open(Server
*s
, bool flush_requested
) {
933 r
= sd_id128_get_machine(&machine
);
935 return log_error_errno(r
, "Failed to get machine id: %m");
937 sd_id128_to_string(machine
, ids
);
939 if (!s
->system_journal
&&
940 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
942 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
944 /* If in auto mode: first try to create the machine
945 * path, but not the prefix.
947 * If in persistent mode: create /var/log/journal and
948 * the machine path */
950 if (s
->storage
== STORAGE_PERSISTENT
)
951 (void) mkdir_p("/var/log/journal/", 0755);
953 fn
= strjoina("/var/log/journal/", ids
);
954 (void) mkdir(fn
, 0755);
956 fn
= strjoina(fn
, "/system.journal");
957 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
960 server_fix_perms(s
, s
->system_journal
, 0);
962 if (r
!= -ENOENT
&& r
!= -EROFS
)
963 log_warning_errno(r
, "Failed to open system journal: %m");
969 if (!s
->runtime_journal
&&
970 (s
->storage
!= STORAGE_NONE
)) {
972 fn
= strjoin("/run/log/journal/", ids
, "/system.journal", NULL
);
976 if (s
->system_journal
) {
978 /* Try to open the runtime journal, but only
979 * if it already exists, so that we can flush
980 * it into the system journal */
982 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
987 log_warning_errno(r
, "Failed to open runtime journal: %m");
994 /* OK, we really need the runtime journal, so create
995 * it if necessary. */
997 (void) mkdir("/run/log", 0755);
998 (void) mkdir("/run/log/journal", 0755);
999 (void) mkdir_parents(fn
, 0750);
1001 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
1005 return log_error_errno(r
, "Failed to open runtime journal: %m");
1008 if (s
->runtime_journal
)
1009 server_fix_perms(s
, s
->runtime_journal
, 0);
1012 available_space(s
, true);
1017 int server_flush_to_var(Server
*s
) {
1019 sd_journal
*j
= NULL
;
1020 char ts
[FORMAT_TIMESPAN_MAX
];
1027 if (s
->storage
!= STORAGE_AUTO
&&
1028 s
->storage
!= STORAGE_PERSISTENT
)
1031 if (!s
->runtime_journal
)
1034 system_journal_open(s
, true);
1036 if (!s
->system_journal
)
1039 log_debug("Flushing to /var...");
1041 start
= now(CLOCK_MONOTONIC
);
1043 r
= sd_id128_get_machine(&machine
);
1047 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1049 return log_error_errno(r
, "Failed to read runtime journal: %m");
1051 sd_journal_set_data_threshold(j
, 0);
1053 SD_JOURNAL_FOREACH(j
) {
1057 f
= j
->current_file
;
1058 assert(f
&& f
->current_offset
> 0);
1062 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1064 log_error_errno(r
, "Can't read entry: %m");
1068 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1072 if (!shall_try_append_again(s
->system_journal
, r
)) {
1073 log_error_errno(r
, "Can't write entry: %m");
1080 if (!s
->system_journal
) {
1081 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1086 log_debug("Retrying write.");
1087 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1089 log_error_errno(r
, "Can't write entry: %m");
1095 journal_file_post_change(s
->system_journal
);
1097 journal_file_close(s
->runtime_journal
);
1098 s
->runtime_journal
= NULL
;
1101 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1103 sd_journal_close(j
);
1105 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1110 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1111 Server
*s
= userdata
;
1112 struct ucred
*ucred
= NULL
;
1113 struct timeval
*tv
= NULL
;
1114 struct cmsghdr
*cmsg
;
1116 size_t label_len
= 0, m
;
1119 int *fds
= NULL
, v
= 0;
1123 struct cmsghdr cmsghdr
;
1125 /* We use NAME_MAX space for the SELinux label
1126 * here. The kernel currently enforces no
1127 * limit, but according to suggestions from
1128 * the SELinux people this will change and it
1129 * will probably be identical to NAME_MAX. For
1130 * now we use that, but this should be updated
1131 * one day when the final limit is known. */
1132 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1133 CMSG_SPACE(sizeof(struct timeval
)) +
1134 CMSG_SPACE(sizeof(int)) + /* fd */
1135 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1138 union sockaddr_union sa
= {};
1140 struct msghdr msghdr
= {
1143 .msg_control
= &control
,
1144 .msg_controllen
= sizeof(control
),
1146 .msg_namelen
= sizeof(sa
),
1150 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1152 if (revents
!= EPOLLIN
) {
1153 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1157 /* Try to get the right size, if we can. (Not all
1158 * sockets support SIOCINQ, hence we just try, but
1159 * don't rely on it. */
1160 (void) ioctl(fd
, SIOCINQ
, &v
);
1162 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1163 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1165 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1167 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1170 iovec
.iov_base
= s
->buffer
;
1171 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1173 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1175 if (errno
== EINTR
|| errno
== EAGAIN
)
1178 return log_error_errno(errno
, "recvmsg() failed: %m");
1181 CMSG_FOREACH(cmsg
, &msghdr
) {
1183 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1184 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1185 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1186 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1187 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1188 cmsg
->cmsg_type
== SCM_SECURITY
) {
1189 label
= (char*) CMSG_DATA(cmsg
);
1190 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1191 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1192 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1193 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1194 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1195 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1196 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1197 fds
= (int*) CMSG_DATA(cmsg
);
1198 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1202 /* And a trailing NUL, just in case */
1205 if (fd
== s
->syslog_fd
) {
1206 if (n
> 0 && n_fds
== 0)
1207 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1209 log_warning("Got file descriptors via syslog socket. Ignoring.");
1211 } else if (fd
== s
->native_fd
) {
1212 if (n
> 0 && n_fds
== 0)
1213 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1214 else if (n
== 0 && n_fds
== 1)
1215 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1217 log_warning("Got too many file descriptors via native socket. Ignoring.");
1220 assert(fd
== s
->audit_fd
);
1222 if (n
> 0 && n_fds
== 0)
1223 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1225 log_warning("Got file descriptors via audit socket. Ignoring.");
1228 close_many(fds
, n_fds
);
1232 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1233 Server
*s
= userdata
;
1237 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1239 server_flush_to_var(s
);
1243 touch("/run/systemd/journal/flushed");
1248 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1249 Server
*s
= userdata
;
1253 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1260 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1261 Server
*s
= userdata
;
1265 log_received_signal(LOG_INFO
, si
);
1267 sd_event_exit(s
->event
, 0);
1271 static int setup_signals(Server
*s
) {
1276 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1278 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1282 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1286 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1290 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1297 static int server_parse_proc_cmdline(Server
*s
) {
1298 _cleanup_free_
char *line
= NULL
;
1299 const char *w
, *state
;
1303 r
= proc_cmdline(&line
);
1305 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1309 FOREACH_WORD_QUOTED(w
, l
, line
, state
) {
1310 _cleanup_free_
char *word
;
1312 word
= strndup(w
, l
);
1316 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1317 r
= parse_boolean(word
+ 35);
1319 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1321 s
->forward_to_syslog
= r
;
1322 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1323 r
= parse_boolean(word
+ 33);
1325 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1327 s
->forward_to_kmsg
= r
;
1328 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1329 r
= parse_boolean(word
+ 36);
1331 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1333 s
->forward_to_console
= r
;
1334 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1335 r
= parse_boolean(word
+ 33);
1337 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1339 s
->forward_to_wall
= r
;
1340 } else if (startswith(word
, "systemd.journald"))
1341 log_warning("Invalid systemd.journald parameter. Ignoring.");
1343 /* do not warn about state here, since probably systemd already did */
1348 static int server_parse_config_file(Server
*s
) {
1351 return config_parse_many("/etc/systemd/journald.conf",
1352 CONF_DIRS_NULSTR("systemd/journald.conf"),
1354 config_item_perf_lookup
, journald_gperf_lookup
,
1358 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1359 Server
*s
= userdata
;
1367 int server_schedule_sync(Server
*s
, int priority
) {
1372 if (priority
<= LOG_CRIT
) {
1373 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1378 if (s
->sync_scheduled
)
1381 if (s
->sync_interval_usec
> 0) {
1384 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1388 when
+= s
->sync_interval_usec
;
1390 if (!s
->sync_event_source
) {
1391 r
= sd_event_add_time(
1393 &s
->sync_event_source
,
1396 server_dispatch_sync
, s
);
1400 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1402 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1406 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1411 s
->sync_scheduled
= true;
1417 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1418 Server
*s
= userdata
;
1422 server_cache_hostname(s
);
1426 static int server_open_hostname(Server
*s
) {
1431 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1432 if (s
->hostname_fd
< 0)
1433 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1435 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1437 /* kernels prior to 3.2 don't support polling this file. Ignore
1440 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1441 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1445 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1448 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1450 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1455 int server_init(Server
*s
) {
1456 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1462 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1466 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1467 s
->sync_scheduled
= false;
1469 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1470 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1472 s
->forward_to_wall
= true;
1474 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1476 s
->max_level_store
= LOG_DEBUG
;
1477 s
->max_level_syslog
= LOG_DEBUG
;
1478 s
->max_level_kmsg
= LOG_NOTICE
;
1479 s
->max_level_console
= LOG_INFO
;
1480 s
->max_level_wall
= LOG_EMERG
;
1482 memset(&s
->system_metrics
, 0xFF, sizeof(s
->system_metrics
));
1483 memset(&s
->runtime_metrics
, 0xFF, sizeof(s
->runtime_metrics
));
1485 server_parse_config_file(s
);
1486 server_parse_proc_cmdline(s
);
1487 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1488 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1489 s
->rate_limit_interval
, s
->rate_limit_burst
);
1490 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1493 mkdir_p("/run/systemd/journal", 0755);
1495 s
->user_journals
= ordered_hashmap_new(NULL
);
1496 if (!s
->user_journals
)
1499 s
->mmap
= mmap_cache_new();
1503 r
= sd_event_default(&s
->event
);
1505 return log_error_errno(r
, "Failed to create event loop: %m");
1507 sd_event_set_watchdog(s
->event
, true);
1509 n
= sd_listen_fds(true);
1511 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1513 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1515 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1517 if (s
->native_fd
>= 0) {
1518 log_error("Too many native sockets passed.");
1524 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1526 if (s
->stdout_fd
>= 0) {
1527 log_error("Too many stdout sockets passed.");
1533 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1534 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1536 if (s
->syslog_fd
>= 0) {
1537 log_error("Too many /dev/log sockets passed.");
1543 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1545 if (s
->audit_fd
>= 0) {
1546 log_error("Too many audit sockets passed.");
1560 r
= fdset_put(fds
, fd
);
1566 r
= server_open_stdout_socket(s
, fds
);
1570 if (fdset_size(fds
) > 0) {
1571 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1572 fds
= fdset_free(fds
);
1575 r
= server_open_syslog_socket(s
);
1579 r
= server_open_native_socket(s
);
1583 r
= server_open_dev_kmsg(s
);
1587 r
= server_open_audit(s
);
1591 r
= server_open_kernel_seqnum(s
);
1595 r
= server_open_hostname(s
);
1599 r
= setup_signals(s
);
1603 s
->udev
= udev_new();
1607 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1611 r
= cg_get_root_path(&s
->cgroup_root
);
1615 server_cache_hostname(s
);
1616 server_cache_boot_id(s
);
1617 server_cache_machine_id(s
);
1619 r
= system_journal_open(s
, false);
1626 void server_maybe_append_tags(Server
*s
) {
1632 n
= now(CLOCK_REALTIME
);
1634 if (s
->system_journal
)
1635 journal_file_maybe_append_tag(s
->system_journal
, n
);
1637 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1638 journal_file_maybe_append_tag(f
, n
);
1642 void server_done(Server
*s
) {
1646 while (s
->stdout_streams
)
1647 stdout_stream_free(s
->stdout_streams
);
1649 if (s
->system_journal
)
1650 journal_file_close(s
->system_journal
);
1652 if (s
->runtime_journal
)
1653 journal_file_close(s
->runtime_journal
);
1655 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1656 journal_file_close(f
);
1658 ordered_hashmap_free(s
->user_journals
);
1660 sd_event_source_unref(s
->syslog_event_source
);
1661 sd_event_source_unref(s
->native_event_source
);
1662 sd_event_source_unref(s
->stdout_event_source
);
1663 sd_event_source_unref(s
->dev_kmsg_event_source
);
1664 sd_event_source_unref(s
->audit_event_source
);
1665 sd_event_source_unref(s
->sync_event_source
);
1666 sd_event_source_unref(s
->sigusr1_event_source
);
1667 sd_event_source_unref(s
->sigusr2_event_source
);
1668 sd_event_source_unref(s
->sigterm_event_source
);
1669 sd_event_source_unref(s
->sigint_event_source
);
1670 sd_event_source_unref(s
->hostname_event_source
);
1671 sd_event_unref(s
->event
);
1673 safe_close(s
->syslog_fd
);
1674 safe_close(s
->native_fd
);
1675 safe_close(s
->stdout_fd
);
1676 safe_close(s
->dev_kmsg_fd
);
1677 safe_close(s
->audit_fd
);
1678 safe_close(s
->hostname_fd
);
1681 journal_rate_limit_free(s
->rate_limit
);
1683 if (s
->kernel_seqnum
)
1684 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1688 free(s
->cgroup_root
);
1689 free(s
->hostname_field
);
1692 mmap_cache_unref(s
->mmap
);
1694 udev_unref(s
->udev
);