]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/journal/journald-server.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
systemctl: new verb 'list-sockets'
[thirdparty/systemd.git] / src / journal / journald-server.c
CommitLineData
d025f1e4
ZJS		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
22#include <sys/signalfd.h>
23#include <sys/ioctl.h>
24#include <linux/sockios.h>
25#include <sys/statvfs.h>
26#include <sys/mman.h>
26687bf8 27#include <sys/timerfd.h>
d025f1e4
ZJS		 28
29#include <libudev.h>
30#include <systemd/sd-journal.h>
31#include <systemd/sd-messages.h>
32#include <systemd/sd-daemon.h>
33
34#ifdef HAVE_LOGIND
35#include <systemd/sd-login.h>
36#endif
37
a5c32cff 38#include "fileio.h"
d025f1e4
ZJS		 39#include "mkdir.h"
40#include "hashmap.h"
41#include "journal-file.h"
42#include "socket-util.h"
43#include "cgroup-util.h"
44#include "list.h"
45#include "virt.h"
46#include "missing.h"
47#include "conf-parser.h"
48#include "journal-internal.h"
49#include "journal-vacuum.h"
50#include "journal-authenticate.h"
51#include "journald-server.h"
52#include "journald-rate-limit.h"
53#include "journald-kmsg.h"
54#include "journald-syslog.h"
55#include "journald-stream.h"
56#include "journald-console.h"
57#include "journald-native.h"
58
59#ifdef HAVE_ACL
60#include <sys/acl.h>
61#include <acl/libacl.h>
62#include "acl-util.h"
63#endif
64
65#ifdef HAVE_SELINUX
66#include <selinux/selinux.h>
67#endif
68
69#define USER_JOURNALS_MAX 1024
70
26687bf8 71#define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
d025f1e4
ZJS		 72#define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
73#define DEFAULT_RATE_LIMIT_BURST 200
74
75#define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
76
77static const char* const storage_table[] = {
78 [STORAGE_AUTO] = "auto",
79 [STORAGE_VOLATILE] = "volatile",
80 [STORAGE_PERSISTENT] = "persistent",
81 [STORAGE_NONE] = "none"
82};
83
84DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
85DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
86
87static const char* const split_mode_table[] = {
88 [SPLIT_NONE] = "none",
89 [SPLIT_UID] = "uid",
90 [SPLIT_LOGIN] = "login"
91};
92
93DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
94DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
95
96static uint64_t available_space(Server *s) {
db91ea32
ZJS		 97 char ids[33];
98 char _cleanup_free_ *p = NULL;
d025f1e4
ZJS		 99 const char *f;
100 sd_id128_t machine;
101 struct statvfs ss;
102 uint64_t sum = 0, avail = 0, ss_avail = 0;
103 int r;
db91ea32 104 DIR _cleanup_closedir_ *d = NULL;
d025f1e4
ZJS		 105 usec_t ts;
106 JournalMetrics *m;
107
108 ts = now(CLOCK_MONOTONIC);
109
110 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
111 return s->cached_available_space;
112
113 r = sd_id128_get_machine(&machine);
114 if (r < 0)
115 return 0;
116
117 if (s->system_journal) {
118 f = "/var/log/journal/";
119 m = &s->system_metrics;
120 } else {
121 f = "/run/log/journal/";
122 m = &s->runtime_metrics;
123 }
124
125 assert(m);
126
127 p = strappend(f, sd_id128_to_string(machine, ids));
128 if (!p)
129 return 0;
130
131 d = opendir(p);
d025f1e4
ZJS		 132 if (!d)
133 return 0;
134
135 if (fstatvfs(dirfd(d), &ss) < 0)
db91ea32 136 return 0;
d025f1e4
ZJS		 137
138 for (;;) {
139 struct stat st;
140 struct dirent *de;
141 union dirent_storage buf;
142
143 r = readdir_r(d, &buf.de, &de);
144 if (r != 0)
145 break;
146
147 if (!de)
148 break;
149
150 if (!endswith(de->d_name, ".journal") &&
151 !endswith(de->d_name, ".journal~"))
152 continue;
153
154 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
155 continue;
156
157 if (!S_ISREG(st.st_mode))
158 continue;
159
160 sum += (uint64_t) st.st_blocks * 512UL;
161 }
162
163 avail = sum >= m->max_use ? 0 : m->max_use - sum;
164
165 ss_avail = ss.f_bsize * ss.f_bavail;
166
167 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
168
169 if (ss_avail < avail)
170 avail = ss_avail;
171
172 s->cached_available_space = avail;
173 s->cached_available_space_timestamp = ts;
174
d025f1e4
ZJS		 175 return avail;
176}
177
178static void server_read_file_gid(Server *s) {
a24c64f0 179 const char *g = "systemd-journal";
d025f1e4
ZJS		 180 int r;
181
182 assert(s);
183
184 if (s->file_gid_valid)
185 return;
186
a24c64f0 187 r = get_group_creds(&g, &s->file_gid);
d025f1e4 188 if (r < 0)
a24c64f0 189 log_warning("Failed to resolve '%s' group: %s", g, strerror(-r));
d025f1e4
ZJS		 190
191 /* if we couldn't read the gid, then it will be 0, but that's
192 * fine and we shouldn't try to resolve the group again, so
193 * let's just pretend it worked right-away. */
194 s->file_gid_valid = true;
195}
196
197void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
198 int r;
199#ifdef HAVE_ACL
200 acl_t acl;
201 acl_entry_t entry;
202 acl_permset_t permset;
203#endif
204
205 assert(f);
206
207 server_read_file_gid(s);
208
209 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
210 if (r < 0)
211 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
212
213#ifdef HAVE_ACL
214 if (uid <= 0)
215 return;
216
217 acl = acl_get_fd(f->fd);
218 if (!acl) {
219 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
220 return;
221 }
222
223 r = acl_find_uid(acl, uid, &entry);
224 if (r <= 0) {
225
226 if (acl_create_entry(&acl, &entry) < 0 ||
227 acl_set_tag_type(entry, ACL_USER) < 0 ||
228 acl_set_qualifier(entry, &uid) < 0) {
229 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
230 goto finish;
231 }
232 }
233
234 if (acl_get_permset(entry, &permset) < 0 ||
235 acl_add_perm(permset, ACL_READ) < 0 ||
236 acl_calc_mask(&acl) < 0) {
237 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
238 goto finish;
239 }
240
241 if (acl_set_fd(f->fd, acl) < 0)
242 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
243
244finish:
245 acl_free(acl);
246#endif
247}
248
249static JournalFile* find_journal(Server *s, uid_t uid) {
250 char *p;
251 int r;
252 JournalFile *f;
253 sd_id128_t machine;
254
255 assert(s);
256
257 /* We split up user logs only on /var, not on /run. If the
258 * runtime file is open, we write to it exclusively, in order
259 * to guarantee proper order as soon as we flush /run to
260 * /var and close the runtime file. */
261
262 if (s->runtime_journal)
263 return s->runtime_journal;
264
265 if (uid <= 0)
266 return s->system_journal;
267
268 r = sd_id128_get_machine(&machine);
269 if (r < 0)
270 return s->system_journal;
271
272 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
273 if (f)
274 return f;
275
276 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
277 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
278 return s->system_journal;
279
280 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
281 /* Too many open? Then let's close one */
282 f = hashmap_steal_first(s->user_journals);
283 assert(f);
284 journal_file_close(f);
285 }
286
287 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f);
288 free(p);
289
290 if (r < 0)
291 return s->system_journal;
292
293 server_fix_perms(s, f, uid);
294
295 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
296 if (r < 0) {
297 journal_file_close(f);
298 return s->system_journal;
299 }
300
301 return f;
302}
303
304void server_rotate(Server *s) {
305 JournalFile *f;
306 void *k;
307 Iterator i;
308 int r;
309
310 log_debug("Rotating...");
311
312 if (s->runtime_journal) {
313 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
314 if (r < 0)
315 if (s->runtime_journal)
316 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
317 else
318 log_error("Failed to create new runtime journal: %s", strerror(-r));
319 else
320 server_fix_perms(s, s->runtime_journal, 0);
321 }
322
323 if (s->system_journal) {
324 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
325 if (r < 0)
326 if (s->system_journal)
327 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
328 else
329 log_error("Failed to create new system journal: %s", strerror(-r));
330
331 else
332 server_fix_perms(s, s->system_journal, 0);
333 }
334
335 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
336 r = journal_file_rotate(&f, s->compress, s->seal);
337 if (r < 0)
7d73c134 338 if (f)
d025f1e4
ZJS		 339 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
340 else
341 log_error("Failed to create user journal: %s", strerror(-r));
342 else {
343 hashmap_replace(s->user_journals, k, f);
344 server_fix_perms(s, f, PTR_TO_UINT32(k));
345 }
346 }
347}
348
26687bf8
OS		 349void server_sync(Server *s) {
350 JournalFile *f;
351 void *k;
352 Iterator i;
353 int r;
354
355 static const struct itimerspec sync_timer_disable = {};
356
357 if (s->system_journal) {
358 r = journal_file_set_offline(s->system_journal);
359 if (r < 0)
360 log_error("Failed to sync system journal: %s", strerror(-r));
361 }
362
363 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
364 r = journal_file_set_offline(f);
365 if (r < 0)
366 log_error("Failed to sync user journal: %s", strerror(-r));
367 }
368
369 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_disable, NULL);
370 if (r < 0)
371 log_error("Failed to disable max timer: %m");
372
373 s->sync_scheduled = false;
374}
375
d025f1e4
ZJS		 376void server_vacuum(Server *s) {
377 char *p;
378 char ids[33];
379 sd_id128_t machine;
380 int r;
381
382 log_debug("Vacuuming...");
383
384 s->oldest_file_usec = 0;
385
386 r = sd_id128_get_machine(&machine);
387 if (r < 0) {
388 log_error("Failed to get machine ID: %s", strerror(-r));
389 return;
390 }
391
392 sd_id128_to_string(machine, ids);
393
394 if (s->system_journal) {
395 p = strappend("/var/log/journal/", ids);
396 if (!p) {
397 log_oom();
398 return;
399 }
400
401 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
402 if (r < 0 && r != -ENOENT)
403 log_error("Failed to vacuum %s: %s", p, strerror(-r));
404 free(p);
405 }
406
407 if (s->runtime_journal) {
408 p = strappend("/run/log/journal/", ids);
409 if (!p) {
410 log_oom();
411 return;
412 }
413
414 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
415 if (r < 0 && r != -ENOENT)
416 log_error("Failed to vacuum %s: %s", p, strerror(-r));
417 free(p);
418 }
419
420 s->cached_available_space_timestamp = 0;
421}
422
423static char *shortened_cgroup_path(pid_t pid) {
424 int r;
db91ea32
ZJS		 425 char _cleanup_free_ *process_path = NULL, *init_path = NULL;
426 char *path;
d025f1e4
ZJS		 427
428 assert(pid > 0);
429
430 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 if (r < 0)
432 return NULL;
433
434 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
db91ea32 435 if (r < 0)
d025f1e4 436 return NULL;
d025f1e4
ZJS		 437
438 if (endswith(init_path, "/system"))
439 init_path[strlen(init_path) - 7] = 0;
440 else if (streq(init_path, "/"))
441 init_path[0] = 0;
442
443 if (startswith(process_path, init_path)) {
db91ea32 444 path = strdup(process_path + strlen(init_path));
d025f1e4
ZJS		 445 } else {
446 path = process_path;
447 process_path = NULL;
448 }
449
d025f1e4
ZJS		 450 return path;
451}
452
453bool shall_try_append_again(JournalFile *f, int r) {
454
455 /* -E2BIG Hit configured limit
456 -EFBIG Hit fs limit
457 -EDQUOT Quota limit hit
458 -ENOSPC Disk full
459 -EHOSTDOWN Other machine
460 -EBUSY Unclean shutdown
461 -EPROTONOSUPPORT Unsupported feature
462 -EBADMSG Corrupted
463 -ENODATA Truncated
464 -ESHUTDOWN Already archived */
465
466 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
467 log_debug("%s: Allocation limit reached, rotating.", f->path);
468 else if (r == -EHOSTDOWN)
469 log_info("%s: Journal file from other machine, rotating.", f->path);
470 else if (r == -EBUSY)
471 log_info("%s: Unclean shutdown, rotating.", f->path);
472 else if (r == -EPROTONOSUPPORT)
473 log_info("%s: Unsupported feature, rotating.", f->path);
474 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
475 log_warning("%s: Journal file corrupted, rotating.", f->path);
476 else
477 return false;
478
479 return true;
480}
481
482static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
483 JournalFile *f;
484 bool vacuumed = false;
485 int r;
486
487 assert(s);
488 assert(iovec);
489 assert(n > 0);
490
491 f = find_journal(s, uid);
492 if (!f)
493 return;
494
495 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
496 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
497 server_rotate(s);
498 server_vacuum(s);
499 vacuumed = true;
500
501 f = find_journal(s, uid);
502 if (!f)
503 return;
504 }
505
506 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
26687bf8
OS		 507 if (r >= 0) {
508 server_schedule_sync(s);
d025f1e4 509 return;
26687bf8 510 }
d025f1e4
ZJS		 511
512 if (vacuumed || !shall_try_append_again(f, r)) {
513 log_error("Failed to write entry, ignoring: %s", strerror(-r));
514 return;
515 }
516
517 server_rotate(s);
518 server_vacuum(s);
519
520 f = find_journal(s, uid);
521 if (!f)
522 return;
523
524 log_debug("Retrying write.");
525 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
526 if (r < 0)
527 log_error("Failed to write entry, ignoring: %s", strerror(-r));
528}
529
530static void dispatch_message_real(
531 Server *s,
532 struct iovec *iovec, unsigned n, unsigned m,
533 struct ucred *ucred,
534 struct timeval *tv,
535 const char *label, size_t label_len,
536 const char *unit_id) {
537
c2457105
HHPF		 538 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(ucred->pid)],
539 uid[sizeof("_UID=") + DECIMAL_STR_MAX(ucred->uid)],
a5693989 540 gid[sizeof("_GID=") + DECIMAL_STR_MAX(ucred->gid)],
adb435bb
LP		 541 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=" + DECIMAL_STR_MAX(usec_t))],
542 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
543 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=";
c2457105 544
adb435bb 545 char _cleanup_free_ *comm = NULL, *cmdline = NULL, *hostname = NULL,
d025f1e4
ZJS		 546 *exe = NULL, *cgroup = NULL, *session = NULL,
547 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
548
71205118
LP		 549#ifdef HAVE_AUDIT
550 char _cleanup_free_ *audit_session = NULL, *audit_loginuid = NULL;
551#endif
552
d025f1e4
ZJS		 553 sd_id128_t id;
554 int r;
555 char *t;
82499507
LP		 556 uid_t realuid = 0, owner = 0, journal_uid;
557 bool owner_valid = false;
d025f1e4
ZJS		 558
559 assert(s);
560 assert(iovec);
561 assert(n > 0);
562 assert(n + N_IOVEC_META_FIELDS <= m);
563
564 if (ucred) {
0a20e3c1 565#ifdef HAVE_AUDIT
d025f1e4 566 uint32_t audit;
82499507 567 uid_t loginuid;
0a20e3c1 568#endif
d025f1e4
ZJS		 569
570 realuid = ucred->uid;
571
c2457105
HHPF		 572 snprintf(pid, sizeof(pid) - 1, "_PID=%lu", (unsigned long) ucred->pid);
573 char_array_0(pid);
574 IOVEC_SET_STRING(iovec[n++], pid);
d025f1e4 575
c2457105
HHPF		 576 snprintf(uid, sizeof(uid) - 1, "_UID=%lu", (unsigned long) ucred->uid);
577 char_array_0(uid);
578 IOVEC_SET_STRING(iovec[n++], uid);
d025f1e4 579
c2457105
HHPF		 580 snprintf(gid, sizeof(gid) - 1, "_GID=%lu", (unsigned long) ucred->gid);
581 char_array_0(gid);
582 IOVEC_SET_STRING(iovec[n++], gid);
d025f1e4
ZJS		 583
584 r = get_process_comm(ucred->pid, &t);
585 if (r >= 0) {
586 comm = strappend("_COMM=", t);
587 free(t);
588
589 if (comm)
590 IOVEC_SET_STRING(iovec[n++], comm);
591 }
592
593 r = get_process_exe(ucred->pid, &t);
594 if (r >= 0) {
595 exe = strappend("_EXE=", t);
596 free(t);
597
598 if (exe)
599 IOVEC_SET_STRING(iovec[n++], exe);
600 }
601
9bdbc2e2 602 r = get_process_cmdline(ucred->pid, 0, false, &t);
d025f1e4
ZJS		 603 if (r >= 0) {
604 cmdline = strappend("_CMDLINE=", t);
605 free(t);
606
607 if (cmdline)
608 IOVEC_SET_STRING(iovec[n++], cmdline);
609 }
610
0a20e3c1 611#ifdef HAVE_AUDIT
d025f1e4
ZJS		 612 r = audit_session_from_pid(ucred->pid, &audit);
613 if (r >= 0)
614 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
615 IOVEC_SET_STRING(iovec[n++], audit_session);
616
617 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
82499507 618 if (r >= 0)
d025f1e4
ZJS		 619 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
620 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
0a20e3c1 621#endif
d025f1e4
ZJS		 622
623 t = shortened_cgroup_path(ucred->pid);
624 if (t) {
625 cgroup = strappend("_SYSTEMD_CGROUP=", t);
626 free(t);
627
628 if (cgroup)
629 IOVEC_SET_STRING(iovec[n++], cgroup);
630 }
631
632#ifdef HAVE_LOGIND
633 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
634 session = strappend("_SYSTEMD_SESSION=", t);
635 free(t);
636
637 if (session)
638 IOVEC_SET_STRING(iovec[n++], session);
639 }
640
83d7d83b 641 if (sd_pid_get_owner_uid(ucred->pid, &owner) >= 0) {
8a0889df 642 owner_valid = true;
d025f1e4
ZJS		 643 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
644 IOVEC_SET_STRING(iovec[n++], owner_uid);
8a0889df 645 }
d025f1e4
ZJS		 646#endif
647
648 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
649 unit = strappend("_SYSTEMD_UNIT=", t);
650 free(t);
ef1673d1
MT		 651 } else if (cg_pid_get_user_unit(ucred->pid, &t) >= 0) {
652 unit = strappend("_SYSTEMD_USER_UNIT=", t);
653 free(t);
654 } else if (unit_id) {
655 if (session)
656 unit = strappend("_SYSTEMD_USER_UNIT=", unit_id);
657 else
658 unit = strappend("_SYSTEMD_UNIT=", unit_id);
659 }
d025f1e4
ZJS		 660
661 if (unit)
662 IOVEC_SET_STRING(iovec[n++], unit);
663
664#ifdef HAVE_SELINUX
665 if (label) {
666 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
667 if (selinux_context) {
fc7b7e2e 668 *((char*) mempcpy(stpcpy(selinux_context, "_SELINUX_CONTEXT="), label, label_len)) = 0;
d025f1e4
ZJS		 669 IOVEC_SET_STRING(iovec[n++], selinux_context);
670 }
671 } else {
672 security_context_t con;
673
674 if (getpidcon(ucred->pid, &con) >= 0) {
675 selinux_context = strappend("_SELINUX_CONTEXT=", con);
676 if (selinux_context)
677 IOVEC_SET_STRING(iovec[n++], selinux_context);
d025f1e4
ZJS		 678 freecon(con);
679 }
680 }
681#endif
682 }
683
684 if (tv) {
a5693989
LP		 685 snprintf(source_time, sizeof(source_time) - 1, "_SOURCE_REALTIME_TIMESTAMP=%llu",
686 (unsigned long long) timeval_load(tv));
687 char_array_0(source_time);
688 IOVEC_SET_STRING(iovec[n++], source_time);
d025f1e4
ZJS		 689 }
690
691 /* Note that strictly speaking storing the boot id here is
692 * redundant since the entry includes this in-line
693 * anyway. However, we need this indexed, too. */
694 r = sd_id128_get_boot(&id);
adb435bb
LP		 695 if (r >= 0) {
696 sd_id128_to_string(id, boot_id + sizeof("_BOOT_ID=") - 1);
697 IOVEC_SET_STRING(iovec[n++], boot_id);
698 }
d025f1e4
ZJS		 699
700 r = sd_id128_get_machine(&id);
adb435bb
LP		 701 if (r >= 0) {
702 sd_id128_to_string(id, machine_id + sizeof("_MACHINE_ID") - 1);
703 IOVEC_SET_STRING(iovec[n++], machine_id);
704 }
d025f1e4
ZJS		 705
706 t = gethostname_malloc();
707 if (t) {
708 hostname = strappend("_HOSTNAME=", t);
709 free(t);
710 if (hostname)
711 IOVEC_SET_STRING(iovec[n++], hostname);
712 }
713
714 assert(n <= m);
715
da499392 716 if (s->split_mode == SPLIT_UID && realuid > 0)
40adcda8 717 /* Split up strictly by any UID */
759c945a 718 journal_uid = realuid;
82499507 719 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
40adcda8
LP		 720 /* Split up by login UIDs, this avoids creation of
721 * individual journals for system UIDs. We do this
722 * only if the realuid is not root, in order not to
82499507
LP		 723 * accidentally leak privileged information to the
724 * user that is logged by a privileged process that is
725 * part of an unprivileged session.*/
8a0889df 726 journal_uid = owner;
da499392
KS		 727 else
728 journal_uid = 0;
759c945a
CW		 729
730 write_to_journal(s, journal_uid, iovec, n);
d025f1e4
ZJS		 731}
732
733void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
734 char mid[11 + 32 + 1];
735 char buffer[16 + LINE_MAX + 1];
736 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
737 int n = 0;
738 va_list ap;
b92bea5d 739 struct ucred ucred = {};
d025f1e4
ZJS		 740
741 assert(s);
742 assert(format);
743
744 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
745 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
746
747 memcpy(buffer, "MESSAGE=", 8);
748 va_start(ap, format);
749 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
750 va_end(ap);
751 char_array_0(buffer);
752 IOVEC_SET_STRING(iovec[n++], buffer);
753
754 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
755 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
756 char_array_0(mid);
757 IOVEC_SET_STRING(iovec[n++], mid);
758 }
759
d025f1e4
ZJS		 760 ucred.pid = getpid();
761 ucred.uid = getuid();
762 ucred.gid = getgid();
763
764 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
765}
766
767void server_dispatch_message(
768 Server *s,
769 struct iovec *iovec, unsigned n, unsigned m,
770 struct ucred *ucred,
771 struct timeval *tv,
772 const char *label, size_t label_len,
773 const char *unit_id,
774 int priority) {
775
776 int rl;
db91ea32
ZJS		 777 char _cleanup_free_ *path = NULL;
778 char *c;
d025f1e4
ZJS		 779
780 assert(s);
781 assert(iovec || n == 0);
782
783 if (n == 0)
784 return;
785
786 if (LOG_PRI(priority) > s->max_level_store)
787 return;
788
789 if (!ucred)
790 goto finish;
791
792 path = shortened_cgroup_path(ucred->pid);
793 if (!path)
794 goto finish;
795
796 /* example: /user/lennart/3/foobar
797 * /system/dbus.service/foobar
798 *
799 * So let's cut of everything past the third /, since that is
800 * where user directories start */
801
802 c = strchr(path, '/');
803 if (c) {
804 c = strchr(c+1, '/');
805 if (c) {
806 c = strchr(c+1, '/');
807 if (c)
808 *c = 0;
809 }
810 }
811
db91ea32
ZJS		 812 rl = journal_rate_limit_test(s->rate_limit, path,
813 priority & LOG_PRIMASK, available_space(s));
d025f1e4 814
db91ea32 815 if (rl == 0)
d025f1e4 816 return;
d025f1e4
ZJS		 817
818 /* Write a suppression message if we suppressed something */
819 if (rl > 1)
db91ea32
ZJS		 820 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
821 "Suppressed %u messages from %s", rl - 1, path);
d025f1e4
ZJS		 822
823finish:
824 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
825}
826
827
828static int system_journal_open(Server *s) {
829 int r;
830 char *fn;
831 sd_id128_t machine;
832 char ids[33];
833
834 r = sd_id128_get_machine(&machine);
835 if (r < 0)
836 return r;
837
838 sd_id128_to_string(machine, ids);
839
840 if (!s->system_journal &&
841 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
842 access("/run/systemd/journal/flushed", F_OK) >= 0) {
843
844 /* If in auto mode: first try to create the machine
845 * path, but not the prefix.
846 *
847 * If in persistent mode: create /var/log/journal and
848 * the machine path */
849
850 if (s->storage == STORAGE_PERSISTENT)
851 (void) mkdir("/var/log/journal/", 0755);
852
853 fn = strappend("/var/log/journal/", ids);
854 if (!fn)
855 return -ENOMEM;
856
857 (void) mkdir(fn, 0755);
858 free(fn);
859
860 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
861 if (!fn)
862 return -ENOMEM;
863
864 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
865 free(fn);
866
867 if (r >= 0) {
868 char fb[FORMAT_BYTES_MAX];
869
870 server_fix_perms(s, s->system_journal, 0);
871 server_driver_message(s, SD_ID128_NULL, "Allowing system journal files to grow to %s.",
872 format_bytes(fb, sizeof(fb), s->system_metrics.max_use));
873
874 } else if (r < 0) {
875
876 if (r != -ENOENT && r != -EROFS)
877 log_warning("Failed to open system journal: %s", strerror(-r));
878
879 r = 0;
880 }
881 }
882
883 if (!s->runtime_journal &&
884 (s->storage != STORAGE_NONE)) {
885
886 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
887 if (!fn)
888 return -ENOMEM;
889
890 if (s->system_journal) {
891
892 /* Try to open the runtime journal, but only
893 * if it already exists, so that we can flush
894 * it into the system journal */
895
896 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
897 free(fn);
898
899 if (r < 0) {
900 if (r != -ENOENT)
901 log_warning("Failed to open runtime journal: %s", strerror(-r));
902
903 r = 0;
904 }
905
906 } else {
907
908 /* OK, we really need the runtime journal, so create
909 * it if necessary. */
910
911 (void) mkdir_parents(fn, 0755);
912 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
913 free(fn);
914
915 if (r < 0) {
916 log_error("Failed to open runtime journal: %s", strerror(-r));
917 return r;
918 }
919 }
920
921 if (s->runtime_journal) {
922 char fb[FORMAT_BYTES_MAX];
923
924 server_fix_perms(s, s->runtime_journal, 0);
925 server_driver_message(s, SD_ID128_NULL, "Allowing runtime journal files to grow to %s.",
926 format_bytes(fb, sizeof(fb), s->runtime_metrics.max_use));
927 }
928 }
929
930 return r;
931}
932
933int server_flush_to_var(Server *s) {
934 int r;
935 sd_id128_t machine;
936 sd_journal *j = NULL;
937
938 assert(s);
939
940 if (s->storage != STORAGE_AUTO &&
941 s->storage != STORAGE_PERSISTENT)
942 return 0;
943
944 if (!s->runtime_journal)
945 return 0;
946
947 system_journal_open(s);
948
949 if (!s->system_journal)
950 return 0;
951
952 log_debug("Flushing to /var...");
953
954 r = sd_id128_get_machine(&machine);
955 if (r < 0) {
956 log_error("Failed to get machine id: %s", strerror(-r));
957 return r;
958 }
959
960 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
961 if (r < 0) {
962 log_error("Failed to read runtime journal: %s", strerror(-r));
963 return r;
964 }
965
93b73b06
LP		 966 sd_journal_set_data_threshold(j, 0);
967
d025f1e4
ZJS		 968 SD_JOURNAL_FOREACH(j) {
969 Object *o = NULL;
970 JournalFile *f;
971
972 f = j->current_file;
973 assert(f && f->current_offset > 0);
974
975 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
976 if (r < 0) {
977 log_error("Can't read entry: %s", strerror(-r));
978 goto finish;
979 }
980
981 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
982 if (r >= 0)
983 continue;
984
985 if (!shall_try_append_again(s->system_journal, r)) {
986 log_error("Can't write entry: %s", strerror(-r));
987 goto finish;
988 }
989
990 server_rotate(s);
991 server_vacuum(s);
992
993 log_debug("Retrying write.");
994 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
995 if (r < 0) {
996 log_error("Can't write entry: %s", strerror(-r));
997 goto finish;
998 }
999 }
1000
1001finish:
1002 journal_file_post_change(s->system_journal);
1003
1004 journal_file_close(s->runtime_journal);
1005 s->runtime_journal = NULL;
1006
1007 if (r >= 0)
1008 rm_rf("/run/log/journal", false, true, false);
1009
763c7aa2 1010 sd_journal_close(j);
d025f1e4
ZJS		 1011
1012 return r;
1013}
1014
1015int process_event(Server *s, struct epoll_event *ev) {
1016 assert(s);
1017 assert(ev);
1018
1019 if (ev->data.fd == s->signal_fd) {
1020 struct signalfd_siginfo sfsi;
1021 ssize_t n;
1022
1023 if (ev->events != EPOLLIN) {
1024 log_error("Got invalid event from epoll.");
1025 return -EIO;
1026 }
1027
1028 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
1029 if (n != sizeof(sfsi)) {
1030
1031 if (n >= 0)
1032 return -EIO;
1033
1034 if (errno == EINTR || errno == EAGAIN)
1035 return 1;
1036
1037 return -errno;
1038 }
1039
d025f1e4
ZJS		 1040 if (sfsi.ssi_signo == SIGUSR1) {
1041 touch("/run/systemd/journal/flushed");
1042 server_flush_to_var(s);
26687bf8 1043 server_sync(s);
d025f1e4
ZJS		 1044 return 1;
1045 }
1046
1047 if (sfsi.ssi_signo == SIGUSR2) {
1048 server_rotate(s);
1049 server_vacuum(s);
1050 return 1;
1051 }
1052
26687bf8
OS		 1053 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1054
d025f1e4
ZJS		 1055 return 0;
1056
26687bf8
OS		 1057 } else if (ev->data.fd == s->sync_timer_fd) {
1058 int r;
1059 uint64_t t;
1060
1061 log_debug("Got sync request from epoll.");
1062
1063 r = read(ev->data.fd, (void *)&t, sizeof(t));
1064 if (r < 0)
1065 return 0;
1066
1067 server_sync(s);
1068 return 1;
1069
d025f1e4
ZJS		 1070 } else if (ev->data.fd == s->dev_kmsg_fd) {
1071 int r;
1072
1073 if (ev->events != EPOLLIN) {
1074 log_error("Got invalid event from epoll.");
1075 return -EIO;
1076 }
1077
1078 r = server_read_dev_kmsg(s);
1079 if (r < 0)
1080 return r;
1081
1082 return 1;
1083
1084 } else if (ev->data.fd == s->native_fd ||
1085 ev->data.fd == s->syslog_fd) {
1086
1087 if (ev->events != EPOLLIN) {
1088 log_error("Got invalid event from epoll.");
1089 return -EIO;
1090 }
1091
1092 for (;;) {
1093 struct msghdr msghdr;
1094 struct iovec iovec;
1095 struct ucred *ucred = NULL;
1096 struct timeval *tv = NULL;
1097 struct cmsghdr *cmsg;
1098 char *label = NULL;
1099 size_t label_len = 0;
1100 union {
1101 struct cmsghdr cmsghdr;
1102
1103 /* We use NAME_MAX space for the
1104 * SELinux label here. The kernel
1105 * currently enforces no limit, but
1106 * according to suggestions from the
1107 * SELinux people this will change and
1108 * it will probably be identical to
1109 * NAME_MAX. For now we use that, but
1110 * this should be updated one day when
1111 * the final limit is known.*/
1112 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1113 CMSG_SPACE(sizeof(struct timeval)) +
1114 CMSG_SPACE(sizeof(int)) + /* fd */
1115 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1116 } control;
1117 ssize_t n;
1118 int v;
1119 int *fds = NULL;
1120 unsigned n_fds = 0;
1121
1122 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1123 log_error("SIOCINQ failed: %m");
1124 return -errno;
1125 }
1126
1127 if (s->buffer_size < (size_t) v) {
1128 void *b;
1129 size_t l;
1130
1131 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1132 b = realloc(s->buffer, l+1);
1133
1134 if (!b) {
1135 log_error("Couldn't increase buffer.");
1136 return -ENOMEM;
1137 }
1138
1139 s->buffer_size = l;
1140 s->buffer = b;
1141 }
1142
1143 zero(iovec);
1144 iovec.iov_base = s->buffer;
1145 iovec.iov_len = s->buffer_size;
1146
1147 zero(control);
1148 zero(msghdr);
1149 msghdr.msg_iov = &iovec;
1150 msghdr.msg_iovlen = 1;
1151 msghdr.msg_control = &control;
1152 msghdr.msg_controllen = sizeof(control);
1153
1154 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1155 if (n < 0) {
1156
1157 if (errno == EINTR || errno == EAGAIN)
1158 return 1;
1159
1160 log_error("recvmsg() failed: %m");
1161 return -errno;
1162 }
1163
1164 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1165
1166 if (cmsg->cmsg_level == SOL_SOCKET &&
1167 cmsg->cmsg_type == SCM_CREDENTIALS &&
1168 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1169 ucred = (struct ucred*) CMSG_DATA(cmsg);
1170 else if (cmsg->cmsg_level == SOL_SOCKET &&
1171 cmsg->cmsg_type == SCM_SECURITY) {
1172 label = (char*) CMSG_DATA(cmsg);
1173 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1174 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1175 cmsg->cmsg_type == SO_TIMESTAMP &&
1176 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1177 tv = (struct timeval*) CMSG_DATA(cmsg);
1178 else if (cmsg->cmsg_level == SOL_SOCKET &&
1179 cmsg->cmsg_type == SCM_RIGHTS) {
1180 fds = (int*) CMSG_DATA(cmsg);
1181 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1182 }
1183 }
1184
1185 if (ev->data.fd == s->syslog_fd) {
1186 char *e;
1187
1188 if (n > 0 && n_fds == 0) {
1189 e = memchr(s->buffer, '\n', n);
1190 if (e)
1191 *e = 0;
1192 else
1193 s->buffer[n] = 0;
1194
1195 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1196 } else if (n_fds > 0)
1197 log_warning("Got file descriptors via syslog socket. Ignoring.");
1198
1199 } else {
1200 if (n > 0 && n_fds == 0)
1201 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1202 else if (n == 0 && n_fds == 1)
1203 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1204 else if (n_fds > 0)
1205 log_warning("Got too many file descriptors via native socket. Ignoring.");
1206 }
1207
1208 close_many(fds, n_fds);
1209 }
1210
1211 return 1;
1212
1213 } else if (ev->data.fd == s->stdout_fd) {
1214
1215 if (ev->events != EPOLLIN) {
1216 log_error("Got invalid event from epoll.");
1217 return -EIO;
1218 }
1219
1220 stdout_stream_new(s);
1221 return 1;
1222
1223 } else {
1224 StdoutStream *stream;
1225
1226 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1227 log_error("Got invalid event from epoll.");
1228 return -EIO;
1229 }
1230
1231 /* If it is none of the well-known fds, it must be an
1232 * stdout stream fd. Note that this is a bit ugly here
1233 * (since we rely that none of the well-known fds
1234 * could be interpreted as pointer), but nonetheless
1235 * safe, since the well-known fds would never get an
1236 * fd > 4096, i.e. beyond the first memory page */
1237
1238 stream = ev->data.ptr;
1239
1240 if (stdout_stream_process(stream) <= 0)
1241 stdout_stream_free(stream);
1242
1243 return 1;
1244 }
1245
1246 log_error("Unknown event.");
1247 return 0;
1248}
1249
1250static int open_signalfd(Server *s) {
1251 sigset_t mask;
1252 struct epoll_event ev;
1253
1254 assert(s);
1255
1256 assert_se(sigemptyset(&mask) == 0);
1257 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1258 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1259
1260 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1261 if (s->signal_fd < 0) {
1262 log_error("signalfd(): %m");
1263 return -errno;
1264 }
1265
1266 zero(ev);
1267 ev.events = EPOLLIN;
1268 ev.data.fd = s->signal_fd;
1269
1270 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1271 log_error("epoll_ctl(): %m");
1272 return -errno;
1273 }
1274
1275 return 0;
1276}
1277
1278static int server_parse_proc_cmdline(Server *s) {
db91ea32
ZJS		 1279 char _cleanup_free_ *line = NULL;
1280 char *w, *state;
d025f1e4
ZJS		 1281 int r;
1282 size_t l;
1283
1284 if (detect_container(NULL) > 0)
1285 return 0;
1286
1287 r = read_one_line_file("/proc/cmdline", &line);
1288 if (r < 0) {
1289 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1290 return 0;
1291 }
1292
1293 FOREACH_WORD_QUOTED(w, l, line, state) {
db91ea32 1294 char _cleanup_free_ *word;
d025f1e4
ZJS		 1295
1296 word = strndup(w, l);
db91ea32
ZJS		 1297 if (!word)
1298 return -ENOMEM;
d025f1e4
ZJS		 1299
1300 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1301 r = parse_boolean(word + 35);
1302 if (r < 0)
1303 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1304 else
1305 s->forward_to_syslog = r;
1306 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1307 r = parse_boolean(word + 33);
1308 if (r < 0)
1309 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1310 else
1311 s->forward_to_kmsg = r;
1312 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1313 r = parse_boolean(word + 36);
1314 if (r < 0)
1315 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1316 else
1317 s->forward_to_console = r;
1318 } else if (startswith(word, "systemd.journald"))
1319 log_warning("Invalid systemd.journald parameter. Ignoring.");
d025f1e4
ZJS		 1320 }
1321
db91ea32 1322 return 0;
d025f1e4
ZJS		 1323}
1324
1325static int server_parse_config_file(Server *s) {
db91ea32
ZJS		 1326 static const char *fn = "/etc/systemd/journald.conf";
1327 FILE _cleanup_fclose_ *f = NULL;
d025f1e4
ZJS		 1328 int r;
1329
1330 assert(s);
1331
d025f1e4
ZJS		 1332 f = fopen(fn, "re");
1333 if (!f) {
1334 if (errno == ENOENT)
1335 return 0;
1336
1337 log_warning("Failed to open configuration file %s: %m", fn);
1338 return -errno;
1339 }
1340
db91ea32
ZJS		 1341 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup,
1342 (void*) journald_gperf_lookup, false, s);
d025f1e4
ZJS		 1343 if (r < 0)
1344 log_warning("Failed to parse configuration file: %s", strerror(-r));
1345
d025f1e4
ZJS		 1346 return r;
1347}
1348
26687bf8
OS		 1349static int server_open_sync_timer(Server *s) {
1350 int r;
1351 struct epoll_event ev;
1352
1353 assert(s);
1354
1355 s->sync_timer_fd = timerfd_create(CLOCK_MONOTONIC, TFD_CLOEXEC);
1356 if (s->sync_timer_fd < 0)
1357 return -errno;
1358
1359 zero(ev);
1360 ev.events = EPOLLIN;
1361 ev.data.fd = s->sync_timer_fd;
1362
1363 r = epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->sync_timer_fd, &ev);
1364 if (r < 0) {
1365 log_error("Failed to add idle timer fd to epoll object: %m");
1366 return -errno;
1367 }
1368
1369 return 0;
1370}
1371
1372int server_schedule_sync(Server *s) {
1373 int r;
1374
26687bf8
OS		 1375 assert(s);
1376
1377 if (s->sync_scheduled)
1378 return 0;
1379
1380 if (s->sync_interval_usec) {
b92bea5d
ZJS		 1381 struct itimerspec sync_timer_enable = {
1382 .it_value.tv_sec = s->sync_interval_usec / USEC_PER_SEC,
1383 .it_value.tv_nsec = s->sync_interval_usec % MSEC_PER_SEC,
1384 };
26687bf8
OS		 1385
1386 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_enable, NULL);
1387 if (r < 0)
1388 return -errno;
1389 }
1390
1391 s->sync_scheduled = true;
1392
1393 return 0;
1394}
1395
d025f1e4
ZJS		 1396int server_init(Server *s) {
1397 int n, r, fd;
1398
1399 assert(s);
1400
1401 zero(*s);
26687bf8
OS		 1402 s->sync_timer_fd = s->syslog_fd = s->native_fd = s->stdout_fd =
1403 s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1;
d025f1e4
ZJS		 1404 s->compress = true;
1405 s->seal = true;
1406
26687bf8
OS		 1407 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1408 s->sync_scheduled = false;
1409
d025f1e4
ZJS		 1410 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1411 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1412
1413 s->forward_to_syslog = true;
1414
1415 s->max_level_store = LOG_DEBUG;
1416 s->max_level_syslog = LOG_DEBUG;
1417 s->max_level_kmsg = LOG_NOTICE;
1418 s->max_level_console = LOG_INFO;
1419
1420 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1421 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1422
1423 server_parse_config_file(s);
1424 server_parse_proc_cmdline(s);
d288f79f
ZJS		 1425 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1426 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1427 (long long unsigned) s->rate_limit_interval,
1428 s->rate_limit_burst);
1429 s->rate_limit_interval = s->rate_limit_burst = 0;
1430 }
d025f1e4
ZJS		 1431
1432 mkdir_p("/run/systemd/journal", 0755);
1433
1434 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1435 if (!s->user_journals)
1436 return log_oom();
1437
1438 s->mmap = mmap_cache_new();
1439 if (!s->mmap)
1440 return log_oom();
1441
1442 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1443 if (s->epoll_fd < 0) {
1444 log_error("Failed to create epoll object: %m");
1445 return -errno;
1446 }
1447
1448 n = sd_listen_fds(true);
1449 if (n < 0) {
1450 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1451 return n;
1452 }
1453
1454 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1455
1456 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1457
1458 if (s->native_fd >= 0) {
1459 log_error("Too many native sockets passed.");
1460 return -EINVAL;
1461 }
1462
1463 s->native_fd = fd;
1464
1465 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1466
1467 if (s->stdout_fd >= 0) {
1468 log_error("Too many stdout sockets passed.");
1469 return -EINVAL;
1470 }
1471
1472 s->stdout_fd = fd;
1473
1474 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1475
1476 if (s->syslog_fd >= 0) {
1477 log_error("Too many /dev/log sockets passed.");
1478 return -EINVAL;
1479 }
1480
1481 s->syslog_fd = fd;
1482
1483 } else {
1484 log_error("Unknown socket passed.");
1485 return -EINVAL;
1486 }
1487 }
1488
1489 r = server_open_syslog_socket(s);
1490 if (r < 0)
1491 return r;
1492
1493 r = server_open_native_socket(s);
1494 if (r < 0)
1495 return r;
1496
1497 r = server_open_stdout_socket(s);
1498 if (r < 0)
1499 return r;
1500
1501 r = server_open_dev_kmsg(s);
1502 if (r < 0)
1503 return r;
1504
1505 r = server_open_kernel_seqnum(s);
1506 if (r < 0)
1507 return r;
1508
26687bf8
OS		 1509 r = server_open_sync_timer(s);
1510 if (r < 0)
1511 return r;
1512
d025f1e4
ZJS		 1513 r = open_signalfd(s);
1514 if (r < 0)
1515 return r;
1516
1517 s->udev = udev_new();
1518 if (!s->udev)
1519 return -ENOMEM;
1520
d288f79f
ZJS		 1521 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval,
1522 s->rate_limit_burst);
d025f1e4
ZJS		 1523 if (!s->rate_limit)
1524 return -ENOMEM;
1525
1526 r = system_journal_open(s);
1527 if (r < 0)
1528 return r;
1529
1530 return 0;
1531}
1532
1533void server_maybe_append_tags(Server *s) {
1534#ifdef HAVE_GCRYPT
1535 JournalFile *f;
1536 Iterator i;
1537 usec_t n;
1538
1539 n = now(CLOCK_REALTIME);
1540
1541 if (s->system_journal)
1542 journal_file_maybe_append_tag(s->system_journal, n);
1543
1544 HASHMAP_FOREACH(f, s->user_journals, i)
1545 journal_file_maybe_append_tag(f, n);
1546#endif
1547}
1548
1549void server_done(Server *s) {
1550 JournalFile *f;
1551 assert(s);
1552
1553 while (s->stdout_streams)
1554 stdout_stream_free(s->stdout_streams);
1555
1556 if (s->system_journal)
1557 journal_file_close(s->system_journal);
1558
1559 if (s->runtime_journal)
1560 journal_file_close(s->runtime_journal);
1561
1562 while ((f = hashmap_steal_first(s->user_journals)))
1563 journal_file_close(f);
1564
1565 hashmap_free(s->user_journals);
1566
1567 if (s->epoll_fd >= 0)
1568 close_nointr_nofail(s->epoll_fd);
1569
1570 if (s->signal_fd >= 0)
1571 close_nointr_nofail(s->signal_fd);
1572
1573 if (s->syslog_fd >= 0)
1574 close_nointr_nofail(s->syslog_fd);
1575
1576 if (s->native_fd >= 0)
1577 close_nointr_nofail(s->native_fd);
1578
1579 if (s->stdout_fd >= 0)
1580 close_nointr_nofail(s->stdout_fd);
1581
1582 if (s->dev_kmsg_fd >= 0)
1583 close_nointr_nofail(s->dev_kmsg_fd);
1584
26687bf8
OS		 1585 if (s->sync_timer_fd >= 0)
1586 close_nointr_nofail(s->sync_timer_fd);
1587
d025f1e4
ZJS		 1588 if (s->rate_limit)
1589 journal_rate_limit_free(s->rate_limit);
1590
1591 if (s->kernel_seqnum)
1592 munmap(s->kernel_seqnum, sizeof(uint64_t));
1593
1594 free(s->buffer);
1595 free(s->tty_path);
1596
1597 if (s->mmap)
1598 mmap_cache_unref(s->mmap);
1599
1600 if (s->udev)
1601 udev_unref(s->udev);
1602}
Unnamed repository; edit this file 'description' to name the repository.