]>
git.ipfire.org Git - thirdparty/systemd.git/blob - src/shared/journal-util.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
3 Copyright © 2013 Zbigniew Jędrzejewski-Szmek
9 #include "journal-internal.h"
10 #include "journal-util.h"
13 #include "user-util.h"
15 static int access_check_var_log_journal(sd_journal
*j
, bool want_other_users
) {
17 _cleanup_strv_free_
char **g
= NULL
;
24 /* If we are root, we should have access, don't warn. */
28 /* If we are in the 'systemd-journal' group, we should have
30 r
= in_group("systemd-journal");
32 return log_error_errno(r
, "Failed to check if we are in the 'systemd-journal' group: %m");
37 if (laccess("/run/log/journal", F_OK
) >= 0)
38 dir
= "/run/log/journal";
40 dir
= "/var/log/journal";
42 /* If we are in any of the groups listed in the journal ACLs,
43 * then all is good, too. Let's enumerate all groups from the
44 * default ACL of the directory, which generally should allow
45 * access to most journal files too. */
46 r
= acl_search_groups(dir
, &g
);
48 return log_error_errno(r
, "Failed to search journal ACL: %m");
52 /* Print a pretty list, if there were ACLs set. */
53 if (!strv_isempty(g
)) {
54 _cleanup_free_
char *s
= NULL
;
56 /* Thre are groups in the ACL, let's list them */
57 r
= strv_extend(&g
, "systemd-journal");
64 s
= strv_join(g
, "', '");
68 log_notice("Hint: You are currently not seeing messages from %s.\n"
69 " Users in groups '%s' can see all messages.\n"
70 " Pass -q to turn off this notice.",
71 want_other_users
? "other users and the system" : "the system",
77 /* If no ACLs were found, print a short version of the message. */
78 log_notice("Hint: You are currently not seeing messages from %s.\n"
79 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
80 " turn off this notice.",
81 want_other_users
? "other users and the system" : "the system");
86 int journal_access_check_and_warn(sd_journal
*j
, bool quiet
, bool want_other_users
) {
94 if (hashmap_isempty(j
->errors
)) {
95 if (ordered_hashmap_isempty(j
->files
) && !quiet
)
96 log_notice("No journal files were found.");
101 if (hashmap_contains(j
->errors
, INT_TO_PTR(-EACCES
))) {
103 (void) access_check_var_log_journal(j
, want_other_users
);
105 if (ordered_hashmap_isempty(j
->files
))
106 r
= log_error_errno(EACCES
, "No journal files were opened due to insufficient permissions.");
109 HASHMAP_FOREACH_KEY(path
, code
, j
->errors
, it
) {
112 err
= abs(PTR_TO_INT(code
));
119 log_warning_errno(err
, "Journal file %s is truncated, ignoring file.", path
);
122 case EPROTONOSUPPORT
:
123 log_warning_errno(err
, "Journal file %1$s uses an unsupported feature, ignoring file.\n"
124 "Use SYSTEMD_LOG_LEVEL=debug journalctl --file=%1$s to see the details.",
129 log_warning_errno(err
, "Journal file %s corrupted, ignoring file.", path
);
133 log_warning_errno(err
, "An error was encountered while opening journal file or directory %s, ignoring file: %m", path
);
141 bool journal_field_valid(const char *p
, size_t l
, bool allow_protected
) {
144 /* We kinda enforce POSIX syntax recommendations for
145 environment variables here, but make a couple of additional
148 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
150 if (l
== (size_t) -1)
153 /* No empty field names */
157 /* Don't allow names longer than 64 chars */
161 /* Variables starting with an underscore are protected */
162 if (!allow_protected
&& p
[0] == '_')
165 /* Don't allow digits as first character */
166 if (p
[0] >= '0' && p
[0] <= '9')
169 /* Only allow A-Z0-9 and '_' */
170 for (a
= p
; a
< p
+ l
; a
++)
171 if ((*a
< 'A' || *a
> 'Z') &&
172 (*a
< '0' || *a
> '9') &&
projects / thirdparty / systemd.git / blob