]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/journal/journald-server.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
journald: port to sd-event and enable watchdog support
[thirdparty/systemd.git] / src / journal / journald-server.c
CommitLineData
d025f1e4
ZJS		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
22#include <sys/signalfd.h>
23#include <sys/ioctl.h>
24#include <linux/sockios.h>
25#include <sys/statvfs.h>
26#include <sys/mman.h>
26687bf8 27#include <sys/timerfd.h>
d025f1e4
ZJS		 28
29#include <libudev.h>
d025f1e4 30
74df0fca
LP		 31#include "sd-journal.h"
32#include "sd-messages.h"
33#include "sd-daemon.h"
a5c32cff 34#include "fileio.h"
d025f1e4
ZJS		 35#include "mkdir.h"
36#include "hashmap.h"
37#include "journal-file.h"
38#include "socket-util.h"
39#include "cgroup-util.h"
40#include "list.h"
d025f1e4
ZJS		 41#include "missing.h"
42#include "conf-parser.h"
74df0fca 43#include "selinux-util.h"
d025f1e4
ZJS		 44#include "journal-internal.h"
45#include "journal-vacuum.h"
46#include "journal-authenticate.h"
d025f1e4
ZJS		 47#include "journald-rate-limit.h"
48#include "journald-kmsg.h"
49#include "journald-syslog.h"
50#include "journald-stream.h"
51#include "journald-console.h"
52#include "journald-native.h"
74df0fca 53#include "journald-server.h"
d025f1e4
ZJS		 54
55#ifdef HAVE_ACL
56#include <sys/acl.h>
57#include <acl/libacl.h>
58#include "acl-util.h"
59#endif
60
61#ifdef HAVE_SELINUX
62#include <selinux/selinux.h>
63#endif
64
65#define USER_JOURNALS_MAX 1024
66
26687bf8 67#define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
7f1ad696
LP		 68#define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
69#define DEFAULT_RATE_LIMIT_BURST 1000
d025f1e4
ZJS		 70
71#define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72
73static const char* const storage_table[] = {
74 [STORAGE_AUTO] = "auto",
75 [STORAGE_VOLATILE] = "volatile",
76 [STORAGE_PERSISTENT] = "persistent",
77 [STORAGE_NONE] = "none"
78};
79
80DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
81DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
82
83static const char* const split_mode_table[] = {
84 [SPLIT_NONE] = "none",
85 [SPLIT_UID] = "uid",
86 [SPLIT_LOGIN] = "login"
87};
88
89DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
90DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
91
670b110c 92static uint64_t available_space(Server *s, bool verbose) {
db91ea32 93 char ids[33];
7fd1b19b 94 _cleanup_free_ char *p = NULL;
d025f1e4
ZJS		 95 sd_id128_t machine;
96 struct statvfs ss;
670b110c 97 uint64_t sum = 0, ss_avail = 0, avail = 0;
d025f1e4 98 int r;
7fd1b19b 99 _cleanup_closedir_ DIR *d = NULL;
d025f1e4 100 usec_t ts;
670b110c 101 const char *f;
d025f1e4
ZJS		 102 JournalMetrics *m;
103
104 ts = now(CLOCK_MONOTONIC);
105
670b110c
ZJS		 106 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts
107 && !verbose)
d025f1e4
ZJS		 108 return s->cached_available_space;
109
110 r = sd_id128_get_machine(&machine);
111 if (r < 0)
112 return 0;
113
114 if (s->system_journal) {
115 f = "/var/log/journal/";
116 m = &s->system_metrics;
117 } else {
118 f = "/run/log/journal/";
119 m = &s->runtime_metrics;
120 }
121
122 assert(m);
123
124 p = strappend(f, sd_id128_to_string(machine, ids));
125 if (!p)
126 return 0;
127
128 d = opendir(p);
d025f1e4
ZJS		 129 if (!d)
130 return 0;
131
132 if (fstatvfs(dirfd(d), &ss) < 0)
db91ea32 133 return 0;
d025f1e4
ZJS		 134
135 for (;;) {
136 struct stat st;
137 struct dirent *de;
138 union dirent_storage buf;
139
140 r = readdir_r(d, &buf.de, &de);
141 if (r != 0)
142 break;
143
144 if (!de)
145 break;
146
147 if (!endswith(de->d_name, ".journal") &&
148 !endswith(de->d_name, ".journal~"))
149 continue;
150
151 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
152 continue;
153
154 if (!S_ISREG(st.st_mode))
155 continue;
156
157 sum += (uint64_t) st.st_blocks * 512UL;
158 }
159
d025f1e4 160 ss_avail = ss.f_bsize * ss.f_bavail;
670b110c 161 avail = ss_avail > m->keep_free ? ss_avail - m->keep_free : 0;
d025f1e4 162
670b110c 163 s->cached_available_space = MIN(m->max_use, avail) > sum ? MIN(m->max_use, avail) - sum : 0;
d025f1e4
ZJS		 164 s->cached_available_space_timestamp = ts;
165
670b110c
ZJS		 166 if (verbose) {
167 char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
168 fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX];
169
170 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
171 "%s journal is using %s (max %s, leaving %s of free %s, current limit %s).",
172 s->system_journal ? "Permanent" : "Runtime",
173 format_bytes(fb1, sizeof(fb1), sum),
174 format_bytes(fb2, sizeof(fb2), m->max_use),
175 format_bytes(fb3, sizeof(fb3), m->keep_free),
176 format_bytes(fb4, sizeof(fb4), ss_avail),
177 format_bytes(fb5, sizeof(fb5), MIN(m->max_use, avail)));
178 }
179
180 return s->cached_available_space;
d025f1e4
ZJS		 181}
182
d025f1e4
ZJS		 183void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
184 int r;
185#ifdef HAVE_ACL
186 acl_t acl;
187 acl_entry_t entry;
188 acl_permset_t permset;
189#endif
190
191 assert(f);
192
4608af43 193 r = fchmod(f->fd, 0640);
d025f1e4 194 if (r < 0)
4608af43 195 log_warning("Failed to fix access mode on %s, ignoring: %s", f->path, strerror(-r));
d025f1e4
ZJS		 196
197#ifdef HAVE_ACL
198 if (uid <= 0)
199 return;
200
201 acl = acl_get_fd(f->fd);
202 if (!acl) {
203 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
204 return;
205 }
206
207 r = acl_find_uid(acl, uid, &entry);
208 if (r <= 0) {
209
210 if (acl_create_entry(&acl, &entry) < 0 ||
211 acl_set_tag_type(entry, ACL_USER) < 0 ||
212 acl_set_qualifier(entry, &uid) < 0) {
213 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
214 goto finish;
215 }
216 }
217
23ad4dd8
JAS		 218 /* We do not recalculate the mask unconditionally here,
219 * so that the fchmod() mask above stays intact. */
d025f1e4 220 if (acl_get_permset(entry, &permset) < 0 ||
23ad4dd8
JAS		 221 acl_add_perm(permset, ACL_READ) < 0 ||
222 calc_acl_mask_if_needed(&acl) < 0) {
d025f1e4
ZJS		 223 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
224 goto finish;
225 }
226
227 if (acl_set_fd(f->fd, acl) < 0)
228 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
229
230finish:
231 acl_free(acl);
232#endif
233}
234
235static JournalFile* find_journal(Server *s, uid_t uid) {
ed375beb 236 _cleanup_free_ char *p = NULL;
d025f1e4
ZJS		 237 int r;
238 JournalFile *f;
239 sd_id128_t machine;
240
241 assert(s);
242
243 /* We split up user logs only on /var, not on /run. If the
244 * runtime file is open, we write to it exclusively, in order
245 * to guarantee proper order as soon as we flush /run to
246 * /var and close the runtime file. */
247
248 if (s->runtime_journal)
249 return s->runtime_journal;
250
251 if (uid <= 0)
252 return s->system_journal;
253
254 r = sd_id128_get_machine(&machine);
255 if (r < 0)
256 return s->system_journal;
257
258 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
259 if (f)
260 return f;
261
262 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
263 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
264 return s->system_journal;
265
266 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
267 /* Too many open? Then let's close one */
268 f = hashmap_steal_first(s->user_journals);
269 assert(f);
270 journal_file_close(f);
271 }
272
cbd67177 273 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
d025f1e4
ZJS		 274 if (r < 0)
275 return s->system_journal;
276
277 server_fix_perms(s, f, uid);
278
279 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
280 if (r < 0) {
281 journal_file_close(f);
282 return s->system_journal;
283 }
284
285 return f;
286}
287
288void server_rotate(Server *s) {
289 JournalFile *f;
290 void *k;
291 Iterator i;
292 int r;
293
294 log_debug("Rotating...");
295
296 if (s->runtime_journal) {
297 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
298 if (r < 0)
299 if (s->runtime_journal)
300 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
301 else
302 log_error("Failed to create new runtime journal: %s", strerror(-r));
303 else
304 server_fix_perms(s, s->runtime_journal, 0);
305 }
306
307 if (s->system_journal) {
308 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
309 if (r < 0)
310 if (s->system_journal)
311 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
312 else
313 log_error("Failed to create new system journal: %s", strerror(-r));
314
315 else
316 server_fix_perms(s, s->system_journal, 0);
317 }
318
319 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
320 r = journal_file_rotate(&f, s->compress, s->seal);
321 if (r < 0)
7d73c134 322 if (f)
d025f1e4 323 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
2b98f75a 324 else {
d025f1e4 325 log_error("Failed to create user journal: %s", strerror(-r));
2b98f75a
ZJS		 326 hashmap_remove(s->user_journals, k);
327 }
d025f1e4
ZJS		 328 else {
329 hashmap_replace(s->user_journals, k, f);
330 server_fix_perms(s, f, PTR_TO_UINT32(k));
331 }
332 }
333}
334
26687bf8
OS		 335void server_sync(Server *s) {
336 JournalFile *f;
337 void *k;
338 Iterator i;
339 int r;
340
26687bf8
OS		 341 if (s->system_journal) {
342 r = journal_file_set_offline(s->system_journal);
343 if (r < 0)
344 log_error("Failed to sync system journal: %s", strerror(-r));
345 }
346
347 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
348 r = journal_file_set_offline(f);
349 if (r < 0)
350 log_error("Failed to sync user journal: %s", strerror(-r));
351 }
352
f9a810be
LP		 353 if (s->sync_event_source) {
354 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
355 if (r < 0)
356 log_error("Failed to disable sync timer source: %s", strerror(-r));
357 }
26687bf8
OS		 358
359 s->sync_scheduled = false;
360}
361
d025f1e4 362void server_vacuum(Server *s) {
d025f1e4
ZJS		 363 char ids[33];
364 sd_id128_t machine;
365 int r;
366
367 log_debug("Vacuuming...");
368
369 s->oldest_file_usec = 0;
370
371 r = sd_id128_get_machine(&machine);
372 if (r < 0) {
373 log_error("Failed to get machine ID: %s", strerror(-r));
374 return;
375 }
376
377 sd_id128_to_string(machine, ids);
378
379 if (s->system_journal) {
ed375beb 380 char *p = strappenda("/var/log/journal/", ids);
d025f1e4
ZJS		 381
382 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
383 if (r < 0 && r != -ENOENT)
384 log_error("Failed to vacuum %s: %s", p, strerror(-r));
d025f1e4
ZJS		 385 }
386
387 if (s->runtime_journal) {
ed375beb 388 char *p = strappenda("/run/log/journal/", ids);
d025f1e4
ZJS		 389
390 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
391 if (r < 0 && r != -ENOENT)
392 log_error("Failed to vacuum %s: %s", p, strerror(-r));
d025f1e4
ZJS		 393 }
394
395 s->cached_available_space_timestamp = 0;
396}
397
d025f1e4
ZJS		 398bool shall_try_append_again(JournalFile *f, int r) {
399
400 /* -E2BIG Hit configured limit
401 -EFBIG Hit fs limit
402 -EDQUOT Quota limit hit
403 -ENOSPC Disk full
404 -EHOSTDOWN Other machine
405 -EBUSY Unclean shutdown
406 -EPROTONOSUPPORT Unsupported feature
407 -EBADMSG Corrupted
408 -ENODATA Truncated
409 -ESHUTDOWN Already archived */
410
411 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
412 log_debug("%s: Allocation limit reached, rotating.", f->path);
413 else if (r == -EHOSTDOWN)
414 log_info("%s: Journal file from other machine, rotating.", f->path);
415 else if (r == -EBUSY)
416 log_info("%s: Unclean shutdown, rotating.", f->path);
417 else if (r == -EPROTONOSUPPORT)
418 log_info("%s: Unsupported feature, rotating.", f->path);
419 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
420 log_warning("%s: Journal file corrupted, rotating.", f->path);
421 else
422 return false;
423
424 return true;
425}
426
d07f7b9e 427static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
d025f1e4
ZJS		 428 JournalFile *f;
429 bool vacuumed = false;
430 int r;
431
432 assert(s);
433 assert(iovec);
434 assert(n > 0);
435
436 f = find_journal(s, uid);
437 if (!f)
438 return;
439
440 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
441 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
442 server_rotate(s);
443 server_vacuum(s);
444 vacuumed = true;
445
446 f = find_journal(s, uid);
447 if (!f)
448 return;
449 }
450
451 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
26687bf8 452 if (r >= 0) {
d07f7b9e 453 server_schedule_sync(s, priority);
d025f1e4 454 return;
26687bf8 455 }
d025f1e4
ZJS		 456
457 if (vacuumed || !shall_try_append_again(f, r)) {
e40ec7ae
ZJS		 458 size_t size = 0;
459 unsigned i;
460 for (i = 0; i < n; i++)
461 size += iovec[i].iov_len;
462
463 log_error("Failed to write entry (%d items, %zu bytes), ignoring: %s", n, size, strerror(-r));
d025f1e4
ZJS		 464 return;
465 }
466
467 server_rotate(s);
468 server_vacuum(s);
469
470 f = find_journal(s, uid);
471 if (!f)
472 return;
473
474 log_debug("Retrying write.");
475 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
e40ec7ae
ZJS		 476 if (r < 0) {
477 size_t size = 0;
478 unsigned i;
479 for (i = 0; i < n; i++)
480 size += iovec[i].iov_len;
481
482 log_error("Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %s", n, size, strerror(-r));
d07f7b9e
LP		 483 } else
484 server_schedule_sync(s, priority);
d025f1e4
ZJS		 485}
486
487static void dispatch_message_real(
488 Server *s,
489 struct iovec *iovec, unsigned n, unsigned m,
490 struct ucred *ucred,
491 struct timeval *tv,
492 const char *label, size_t label_len,
968f3196 493 const char *unit_id,
d07f7b9e 494 int priority,
968f3196 495 pid_t object_pid) {
d025f1e4 496
968f3196 497 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
ae018d9b
LP		 498 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
499 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
500 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
d3789917 501 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
adb435bb 502 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
968f3196
ZJS		 503 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=",
504 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
505 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
506 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
507 uid_t object_uid;
508 gid_t object_gid;
968f3196 509 char *x;
d025f1e4
ZJS		 510 sd_id128_t id;
511 int r;
ae018d9b 512 char *t, *c;
82499507
LP		 513 uid_t realuid = 0, owner = 0, journal_uid;
514 bool owner_valid = false;
ae018d9b 515#ifdef HAVE_AUDIT
968f3196
ZJS		 516 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
517 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
518 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
519 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
ae018d9b
LP		 520
521 uint32_t audit;
522 uid_t loginuid;
523#endif
d025f1e4
ZJS		 524
525 assert(s);
526 assert(iovec);
527 assert(n > 0);
968f3196 528 assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
d025f1e4
ZJS		 529
530 if (ucred) {
d025f1e4
ZJS		 531 realuid = ucred->uid;
532
ae018d9b 533 sprintf(pid, "_PID=%lu", (unsigned long) ucred->pid);
c2457105 534 IOVEC_SET_STRING(iovec[n++], pid);
d025f1e4 535
ae018d9b 536 sprintf(uid, "_UID=%lu", (unsigned long) ucred->uid);
c2457105 537 IOVEC_SET_STRING(iovec[n++], uid);
d025f1e4 538
ae018d9b 539 sprintf(gid, "_GID=%lu", (unsigned long) ucred->gid);
c2457105 540 IOVEC_SET_STRING(iovec[n++], gid);
d025f1e4
ZJS		 541
542 r = get_process_comm(ucred->pid, &t);
543 if (r >= 0) {
968f3196 544 x = strappenda("_COMM=", t);
d025f1e4 545 free(t);
968f3196 546 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 547 }
548
549 r = get_process_exe(ucred->pid, &t);
550 if (r >= 0) {
968f3196 551 x = strappenda("_EXE=", t);
d025f1e4 552 free(t);
968f3196 553 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 554 }
555
9bdbc2e2 556 r = get_process_cmdline(ucred->pid, 0, false, &t);
d025f1e4 557 if (r >= 0) {
968f3196 558 x = strappenda("_CMDLINE=", t);
d025f1e4 559 free(t);
3a832116
SL		 560 IOVEC_SET_STRING(iovec[n++], x);
561 }
562
563 r = get_process_capeff(ucred->pid, &t);
564 if (r >= 0) {
565 x = strappenda("_CAP_EFFECTIVE=", t);
566 free(t);
968f3196 567 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 568 }
569
0a20e3c1 570#ifdef HAVE_AUDIT
d025f1e4 571 r = audit_session_from_pid(ucred->pid, &audit);
ae018d9b
LP		 572 if (r >= 0) {
573 sprintf(audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit);
574 IOVEC_SET_STRING(iovec[n++], audit_session);
575 }
d025f1e4
ZJS		 576
577 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
7027ff61 578 if (r >= 0) {
ae018d9b
LP		 579 sprintf(audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
580 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
d025f1e4 581 }
ae018d9b 582#endif
d025f1e4 583
ae018d9b 584 r = cg_pid_get_path_shifted(ucred->pid, NULL, &c);
7027ff61 585 if (r >= 0) {
968f3196
ZJS		 586 char *session = NULL;
587
588 x = strappenda("_SYSTEMD_CGROUP=", c);
589 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4 590
ae018d9b
LP		 591 r = cg_path_get_session(c, &t);
592 if (r >= 0) {
593 session = strappenda("_SYSTEMD_SESSION=", t);
594 free(t);
d025f1e4 595 IOVEC_SET_STRING(iovec[n++], session);
ae018d9b
LP		 596 }
597
598 if (cg_path_get_owner_uid(c, &owner) >= 0) {
599 owner_valid = true;
d025f1e4 600
ae018d9b 601 sprintf(owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
d025f1e4 602 IOVEC_SET_STRING(iovec[n++], owner_uid);
ae018d9b 603 }
d025f1e4 604
ae018d9b 605 if (cg_path_get_unit(c, &t) >= 0) {
968f3196 606 x = strappenda("_SYSTEMD_UNIT=", t);
ae018d9b 607 free(t);
19cace37
LP		 608 IOVEC_SET_STRING(iovec[n++], x);
609 } else if (unit_id && !session) {
610 x = strappenda("_SYSTEMD_UNIT=", unit_id);
611 IOVEC_SET_STRING(iovec[n++], x);
612 }
613
614 if (cg_path_get_user_unit(c, &t) >= 0) {
968f3196 615 x = strappenda("_SYSTEMD_USER_UNIT=", t);
ae018d9b 616 free(t);
968f3196 617 IOVEC_SET_STRING(iovec[n++], x);
19cace37
LP		 618 } else if (unit_id && session) {
619 x = strappenda("_SYSTEMD_USER_UNIT=", unit_id);
620 IOVEC_SET_STRING(iovec[n++], x);
621 }
ae018d9b 622
0a244b8e
LP		 623 if (cg_path_get_slice(c, &t) >= 0) {
624 x = strappenda("_SYSTEMD_SLICE=", t);
625 free(t);
626 IOVEC_SET_STRING(iovec[n++], x);
627 }
628
ae018d9b 629 free(c);
2d43b190
DM		 630 } else if (unit_id) {
631 x = strappenda("_SYSTEMD_UNIT=", unit_id);
632 IOVEC_SET_STRING(iovec[n++], x);
ef1673d1 633 }
d025f1e4 634
d025f1e4 635#ifdef HAVE_SELINUX
d682b3a7
LP		 636 if (use_selinux()) {
637 if (label) {
638 x = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
ae018d9b 639
d682b3a7
LP		 640 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
641 IOVEC_SET_STRING(iovec[n++], x);
642 } else {
643 security_context_t con;
d025f1e4 644
d682b3a7
LP		 645 if (getpidcon(ucred->pid, &con) >= 0) {
646 x = strappenda("_SELINUX_CONTEXT=", con);
e7ff4e7f 647
d682b3a7
LP		 648 freecon(con);
649 IOVEC_SET_STRING(iovec[n++], x);
650 }
d025f1e4
ZJS		 651 }
652 }
653#endif
654 }
968f3196
ZJS		 655 assert(n <= m);
656
657 if (object_pid) {
658 r = get_process_uid(object_pid, &object_uid);
659 if (r >= 0) {
660 sprintf(o_uid, "OBJECT_UID=%lu", (unsigned long) object_uid);
661 IOVEC_SET_STRING(iovec[n++], o_uid);
662 }
663
664 r = get_process_gid(object_pid, &object_gid);
665 if (r >= 0) {
666 sprintf(o_gid, "OBJECT_GID=%lu", (unsigned long) object_gid);
667 IOVEC_SET_STRING(iovec[n++], o_gid);
668 }
669
670 r = get_process_comm(object_pid, &t);
671 if (r >= 0) {
672 x = strappenda("OBJECT_COMM=", t);
673 free(t);
674 IOVEC_SET_STRING(iovec[n++], x);
675 }
676
677 r = get_process_exe(object_pid, &t);
678 if (r >= 0) {
679 x = strappenda("OBJECT_EXE=", t);
680 free(t);
681 IOVEC_SET_STRING(iovec[n++], x);
682 }
683
684 r = get_process_cmdline(object_pid, 0, false, &t);
685 if (r >= 0) {
686 x = strappenda("OBJECT_CMDLINE=", t);
687 free(t);
688 IOVEC_SET_STRING(iovec[n++], x);
689 }
690
691#ifdef HAVE_AUDIT
692 r = audit_session_from_pid(object_pid, &audit);
693 if (r >= 0) {
694 sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%lu", (unsigned long) audit);
695 IOVEC_SET_STRING(iovec[n++], o_audit_session);
696 }
697
698 r = audit_loginuid_from_pid(object_pid, &loginuid);
699 if (r >= 0) {
700 sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
701 IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
702 }
703#endif
704
705 r = cg_pid_get_path_shifted(object_pid, NULL, &c);
706 if (r >= 0) {
707 x = strappenda("OBJECT_SYSTEMD_CGROUP=", c);
708 IOVEC_SET_STRING(iovec[n++], x);
709
710 r = cg_path_get_session(c, &t);
711 if (r >= 0) {
712 x = strappenda("OBJECT_SYSTEMD_SESSION=", t);
713 free(t);
714 IOVEC_SET_STRING(iovec[n++], x);
715 }
716
717 if (cg_path_get_owner_uid(c, &owner) >= 0) {
718 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
719 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
720 }
721
722 if (cg_path_get_unit(c, &t) >= 0) {
723 x = strappenda("OBJECT_SYSTEMD_UNIT=", t);
724 free(t);
19cace37
LP		 725 IOVEC_SET_STRING(iovec[n++], x);
726 }
727
728 if (cg_path_get_user_unit(c, &t) >= 0) {
968f3196
ZJS		 729 x = strappenda("OBJECT_SYSTEMD_USER_UNIT=", t);
730 free(t);
968f3196 731 IOVEC_SET_STRING(iovec[n++], x);
19cace37 732 }
968f3196
ZJS		 733
734 free(c);
735 }
736 }
737 assert(n <= m);
d025f1e4
ZJS		 738
739 if (tv) {
ae018d9b 740 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
a5693989 741 IOVEC_SET_STRING(iovec[n++], source_time);
d025f1e4
ZJS		 742 }
743
744 /* Note that strictly speaking storing the boot id here is
745 * redundant since the entry includes this in-line
746 * anyway. However, we need this indexed, too. */
747 r = sd_id128_get_boot(&id);
adb435bb 748 if (r >= 0) {
968f3196 749 sd_id128_to_string(id, boot_id + strlen("_BOOT_ID="));
adb435bb
LP		 750 IOVEC_SET_STRING(iovec[n++], boot_id);
751 }
d025f1e4
ZJS		 752
753 r = sd_id128_get_machine(&id);
adb435bb 754 if (r >= 0) {
968f3196 755 sd_id128_to_string(id, machine_id + strlen("_MACHINE_ID="));
adb435bb
LP		 756 IOVEC_SET_STRING(iovec[n++], machine_id);
757 }
d025f1e4
ZJS		 758
759 t = gethostname_malloc();
760 if (t) {
968f3196 761 x = strappenda("_HOSTNAME=", t);
d025f1e4 762 free(t);
968f3196 763 IOVEC_SET_STRING(iovec[n++], x);
d025f1e4
ZJS		 764 }
765
766 assert(n <= m);
767
da499392 768 if (s->split_mode == SPLIT_UID && realuid > 0)
40adcda8 769 /* Split up strictly by any UID */
759c945a 770 journal_uid = realuid;
82499507 771 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
40adcda8
LP		 772 /* Split up by login UIDs, this avoids creation of
773 * individual journals for system UIDs. We do this
774 * only if the realuid is not root, in order not to
82499507
LP		 775 * accidentally leak privileged information to the
776 * user that is logged by a privileged process that is
777 * part of an unprivileged session.*/
8a0889df 778 journal_uid = owner;
da499392
KS		 779 else
780 journal_uid = 0;
759c945a 781
d07f7b9e 782 write_to_journal(s, journal_uid, iovec, n, priority);
d025f1e4
ZJS		 783}
784
785void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
786 char mid[11 + 32 + 1];
787 char buffer[16 + LINE_MAX + 1];
788 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
789 int n = 0;
790 va_list ap;
b92bea5d 791 struct ucred ucred = {};
d025f1e4
ZJS		 792
793 assert(s);
794 assert(format);
795
796 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
797 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
798
799 memcpy(buffer, "MESSAGE=", 8);
800 va_start(ap, format);
801 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
802 va_end(ap);
803 char_array_0(buffer);
804 IOVEC_SET_STRING(iovec[n++], buffer);
805
806 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
807 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
808 char_array_0(mid);
809 IOVEC_SET_STRING(iovec[n++], mid);
810 }
811
d025f1e4
ZJS		 812 ucred.pid = getpid();
813 ucred.uid = getuid();
814 ucred.gid = getgid();
815
d07f7b9e 816 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
d025f1e4
ZJS		 817}
818
819void server_dispatch_message(
820 Server *s,
821 struct iovec *iovec, unsigned n, unsigned m,
822 struct ucred *ucred,
823 struct timeval *tv,
824 const char *label, size_t label_len,
825 const char *unit_id,
968f3196
ZJS		 826 int priority,
827 pid_t object_pid) {
d025f1e4 828
7027ff61 829 int rl, r;
7fd1b19b 830 _cleanup_free_ char *path = NULL;
db91ea32 831 char *c;
d025f1e4
ZJS		 832
833 assert(s);
834 assert(iovec || n == 0);
835
836 if (n == 0)
837 return;
838
839 if (LOG_PRI(priority) > s->max_level_store)
840 return;
841
2f5df74a
HHPF		 842 /* Stop early in case the information will not be stored
843 * in a journal. */
844 if (s->storage == STORAGE_NONE)
845 return;
846
d025f1e4
ZJS		 847 if (!ucred)
848 goto finish;
849
7027ff61
LP		 850 r = cg_pid_get_path_shifted(ucred->pid, NULL, &path);
851 if (r < 0)
d025f1e4
ZJS		 852 goto finish;
853
854 /* example: /user/lennart/3/foobar
855 * /system/dbus.service/foobar
856 *
857 * So let's cut of everything past the third /, since that is
858 * where user directories start */
859
860 c = strchr(path, '/');
861 if (c) {
862 c = strchr(c+1, '/');
863 if (c) {
864 c = strchr(c+1, '/');
865 if (c)
866 *c = 0;
867 }
868 }
869
db91ea32 870 rl = journal_rate_limit_test(s->rate_limit, path,
670b110c 871 priority & LOG_PRIMASK, available_space(s, false));
d025f1e4 872
db91ea32 873 if (rl == 0)
d025f1e4 874 return;
d025f1e4
ZJS		 875
876 /* Write a suppression message if we suppressed something */
877 if (rl > 1)
db91ea32
ZJS		 878 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
879 "Suppressed %u messages from %s", rl - 1, path);
d025f1e4
ZJS		 880
881finish:
d07f7b9e 882 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
d025f1e4
ZJS		 883}
884
885
886static int system_journal_open(Server *s) {
887 int r;
888 char *fn;
889 sd_id128_t machine;
890 char ids[33];
891
892 r = sd_id128_get_machine(&machine);
00a16861
OB		 893 if (r < 0) {
894 log_error("Failed to get machine id: %s", strerror(-r));
d025f1e4 895 return r;
00a16861 896 }
d025f1e4
ZJS		 897
898 sd_id128_to_string(machine, ids);
899
900 if (!s->system_journal &&
901 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
902 access("/run/systemd/journal/flushed", F_OK) >= 0) {
903
904 /* If in auto mode: first try to create the machine
905 * path, but not the prefix.
906 *
907 * If in persistent mode: create /var/log/journal and
908 * the machine path */
909
910 if (s->storage == STORAGE_PERSISTENT)
911 (void) mkdir("/var/log/journal/", 0755);
912
e40ec7ae 913 fn = strappenda("/var/log/journal/", ids);
d025f1e4 914 (void) mkdir(fn, 0755);
d025f1e4 915
e40ec7ae 916 fn = strappenda(fn, "/system.journal");
d025f1e4 917 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
d025f1e4 918
670b110c 919 if (r >= 0)
d025f1e4 920 server_fix_perms(s, s->system_journal, 0);
433dd100
LN		 921 else if (r < 0) {
922 if (r != -ENOENT && r != -EROFS)
923 log_warning("Failed to open system journal: %s", strerror(-r));
e40ec7ae 924
433dd100
LN		 925 r = 0;
926 }
d025f1e4
ZJS		 927 }
928
929 if (!s->runtime_journal &&
930 (s->storage != STORAGE_NONE)) {
931
932 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
933 if (!fn)
934 return -ENOMEM;
935
936 if (s->system_journal) {
937
938 /* Try to open the runtime journal, but only
939 * if it already exists, so that we can flush
940 * it into the system journal */
941
942 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
943 free(fn);
944
945 if (r < 0) {
946 if (r != -ENOENT)
947 log_warning("Failed to open runtime journal: %s", strerror(-r));
948
949 r = 0;
950 }
951
952 } else {
953
954 /* OK, we really need the runtime journal, so create
955 * it if necessary. */
956
957 (void) mkdir_parents(fn, 0755);
958 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
959 free(fn);
960
961 if (r < 0) {
962 log_error("Failed to open runtime journal: %s", strerror(-r));
963 return r;
964 }
965 }
966
670b110c 967 if (s->runtime_journal)
d025f1e4 968 server_fix_perms(s, s->runtime_journal, 0);
d025f1e4
ZJS		 969 }
970
670b110c
ZJS		 971 available_space(s, true);
972
d025f1e4
ZJS		 973 return r;
974}
975
976int server_flush_to_var(Server *s) {
d025f1e4
ZJS		 977 sd_id128_t machine;
978 sd_journal *j = NULL;
fbb63411
LP		 979 char ts[FORMAT_TIMESPAN_MAX];
980 usec_t start;
981 unsigned n = 0;
982 int r;
d025f1e4
ZJS		 983
984 assert(s);
985
986 if (s->storage != STORAGE_AUTO &&
987 s->storage != STORAGE_PERSISTENT)
988 return 0;
989
990 if (!s->runtime_journal)
991 return 0;
992
993 system_journal_open(s);
994
995 if (!s->system_journal)
996 return 0;
997
998 log_debug("Flushing to /var...");
999
fbb63411
LP		 1000 start = now(CLOCK_MONOTONIC);
1001
d025f1e4 1002 r = sd_id128_get_machine(&machine);
00a16861 1003 if (r < 0)
d025f1e4 1004 return r;
d025f1e4
ZJS		 1005
1006 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1007 if (r < 0) {
1008 log_error("Failed to read runtime journal: %s", strerror(-r));
1009 return r;
1010 }
1011
93b73b06
LP		 1012 sd_journal_set_data_threshold(j, 0);
1013
d025f1e4
ZJS		 1014 SD_JOURNAL_FOREACH(j) {
1015 Object *o = NULL;
1016 JournalFile *f;
1017
1018 f = j->current_file;
1019 assert(f && f->current_offset > 0);
1020
fbb63411
LP		 1021 n++;
1022
d025f1e4
ZJS		 1023 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1024 if (r < 0) {
1025 log_error("Can't read entry: %s", strerror(-r));
1026 goto finish;
1027 }
1028
1029 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1030 if (r >= 0)
1031 continue;
1032
1033 if (!shall_try_append_again(s->system_journal, r)) {
1034 log_error("Can't write entry: %s", strerror(-r));
1035 goto finish;
1036 }
1037
1038 server_rotate(s);
1039 server_vacuum(s);
1040
253f59df
LP		 1041 if (!s->system_journal) {
1042 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1043 r = -EIO;
1044 goto finish;
1045 }
1046
d025f1e4
ZJS		 1047 log_debug("Retrying write.");
1048 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1049 if (r < 0) {
1050 log_error("Can't write entry: %s", strerror(-r));
1051 goto finish;
1052 }
1053 }
1054
1055finish:
1056 journal_file_post_change(s->system_journal);
1057
1058 journal_file_close(s->runtime_journal);
1059 s->runtime_journal = NULL;
1060
1061 if (r >= 0)
1062 rm_rf("/run/log/journal", false, true, false);
1063
763c7aa2 1064 sd_journal_close(j);
d025f1e4 1065
fbb63411
LP		 1066 server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
1067
d025f1e4
ZJS		 1068 return r;
1069}
1070
f9a810be
LP		 1071int process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1072 Server *s = userdata;
1073
d025f1e4 1074 assert(s);
f9a810be
LP		 1075 assert(fd == s->native_fd || fd == s->syslog_fd);
1076
1077 if (revents != EPOLLIN) {
1078 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1079 return -EIO;
1080 }
1081
1082 for (;;) {
1083 struct ucred *ucred = NULL;
1084 struct timeval *tv = NULL;
1085 struct cmsghdr *cmsg;
1086 char *label = NULL;
1087 size_t label_len = 0;
1088 struct iovec iovec;
1089
1090 union {
1091 struct cmsghdr cmsghdr;
1092
1093 /* We use NAME_MAX space for the
1094 * SELinux label here. The kernel
1095 * currently enforces no limit, but
1096 * according to suggestions from the
1097 * SELinux people this will change and
1098 * it will probably be identical to
1099 * NAME_MAX. For now we use that, but
1100 * this should be updated one day when
1101 * the final limit is known.*/
1102 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1103 CMSG_SPACE(sizeof(struct timeval)) +
1104 CMSG_SPACE(sizeof(int)) + /* fd */
1105 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1106 } control = {};
1107 struct msghdr msghdr = {
1108 .msg_iov = &iovec,
1109 .msg_iovlen = 1,
1110 .msg_control = &control,
1111 .msg_controllen = sizeof(control),
1112 };
d025f1e4 1113
d025f1e4 1114 ssize_t n;
f9a810be
LP		 1115 int v;
1116 int *fds = NULL;
1117 unsigned n_fds = 0;
d025f1e4 1118
f9a810be
LP		 1119 if (ioctl(fd, SIOCINQ, &v) < 0) {
1120 log_error("SIOCINQ failed: %m");
1121 return -errno;
d025f1e4
ZJS		 1122 }
1123
f9a810be
LP		 1124 if (!GREEDY_REALLOC(s->buffer, s->buffer_size, LINE_MAX + (size_t) v))
1125 return log_oom();
d025f1e4 1126
f9a810be
LP		 1127 iovec.iov_base = s->buffer;
1128 iovec.iov_len = s->buffer_size;
d025f1e4 1129
f9a810be
LP		 1130 n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1131 if (n < 0) {
d025f1e4 1132 if (errno == EINTR || errno == EAGAIN)
f9a810be 1133 return 0;
d025f1e4 1134
f9a810be 1135 log_error("recvmsg() failed: %m");
d025f1e4
ZJS		 1136 return -errno;
1137 }
1138
f9a810be
LP		 1139 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1140
1141 if (cmsg->cmsg_level == SOL_SOCKET &&
1142 cmsg->cmsg_type == SCM_CREDENTIALS &&
1143 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1144 ucred = (struct ucred*) CMSG_DATA(cmsg);
1145 else if (cmsg->cmsg_level == SOL_SOCKET &&
1146 cmsg->cmsg_type == SCM_SECURITY) {
1147 label = (char*) CMSG_DATA(cmsg);
1148 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1149 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1150 cmsg->cmsg_type == SO_TIMESTAMP &&
1151 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1152 tv = (struct timeval*) CMSG_DATA(cmsg);
1153 else if (cmsg->cmsg_level == SOL_SOCKET &&
1154 cmsg->cmsg_type == SCM_RIGHTS) {
1155 fds = (int*) CMSG_DATA(cmsg);
1156 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1157 }
d025f1e4
ZJS		 1158 }
1159
f9a810be
LP		 1160 if (fd == s->syslog_fd) {
1161 if (n > 0 && n_fds == 0) {
1162 s->buffer[n] = 0;
1163 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1164 } else if (n_fds > 0)
1165 log_warning("Got file descriptors via syslog socket. Ignoring.");
d025f1e4 1166
f9a810be
LP		 1167 } else {
1168 if (n > 0 && n_fds == 0)
1169 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1170 else if (n == 0 && n_fds == 1)
1171 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1172 else if (n_fds > 0)
1173 log_warning("Got too many file descriptors via native socket. Ignoring.");
d025f1e4
ZJS		 1174 }
1175
f9a810be
LP		 1176 close_many(fds, n_fds);
1177 }
d025f1e4 1178
f9a810be
LP		 1179 return 0;
1180}
d025f1e4 1181
f9a810be
LP		 1182static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1183 Server *s = userdata;
d025f1e4 1184
f9a810be 1185 assert(s);
d025f1e4 1186
f9a810be 1187 log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
d025f1e4 1188
f9a810be
LP		 1189 touch("/run/systemd/journal/flushed");
1190 server_flush_to_var(s);
1191 server_sync(s);
d025f1e4 1192
f9a810be
LP		 1193 return 0;
1194}
d025f1e4 1195
f9a810be
LP		 1196static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1197 Server *s = userdata;
d025f1e4 1198
f9a810be 1199 assert(s);
d025f1e4 1200
f9a810be
LP		 1201 log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
1202 server_rotate(s);
1203 server_vacuum(s);
d025f1e4 1204
f9a810be
LP		 1205 return 0;
1206}
d025f1e4 1207
f9a810be
LP		 1208static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1209 Server *s = userdata;
d025f1e4 1210
f9a810be 1211 assert(s);
d025f1e4 1212
f9a810be 1213 log_info("Received SIG%s", signal_to_string(si->ssi_signo));
d025f1e4 1214
f9a810be 1215 sd_event_request_quit(s->event);
d025f1e4
ZJS		 1216 return 0;
1217}
1218
f9a810be 1219static int setup_signals(Server *s) {
d025f1e4 1220 sigset_t mask;
f9a810be 1221 int r;
d025f1e4
ZJS		 1222
1223 assert(s);
1224
1225 assert_se(sigemptyset(&mask) == 0);
1226 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1227 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1228
f9a810be
LP		 1229 r = sd_event_add_signal(s->event, SIGUSR1, dispatch_sigusr1, s, &s->sigusr1_event_source);
1230 if (r < 0)
1231 return r;
1232
1233 r = sd_event_add_signal(s->event, SIGUSR2, dispatch_sigusr2, s, &s->sigusr2_event_source);
1234 if (r < 0)
1235 return r;
d025f1e4 1236
f9a810be
LP		 1237 r = sd_event_add_signal(s->event, SIGTERM, dispatch_sigterm, s, &s->sigterm_event_source);
1238 if (r < 0)
1239 return r;
d025f1e4 1240
f9a810be
LP		 1241 r = sd_event_add_signal(s->event, SIGINT, dispatch_sigterm, s, &s->sigint_event_source);
1242 if (r < 0)
1243 return r;
d025f1e4
ZJS		 1244
1245 return 0;
1246}
1247
1248static int server_parse_proc_cmdline(Server *s) {
7fd1b19b 1249 _cleanup_free_ char *line = NULL;
db91ea32 1250 char *w, *state;
d025f1e4 1251 size_t l;
74df0fca 1252 int r;
d025f1e4 1253
74df0fca
LP		 1254 r = proc_cmdline(&line);
1255 if (r < 0)
d025f1e4 1256 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
74df0fca 1257 if (r <= 0)
d025f1e4 1258 return 0;
d025f1e4
ZJS		 1259
1260 FOREACH_WORD_QUOTED(w, l, line, state) {
7fd1b19b 1261 _cleanup_free_ char *word;
d025f1e4
ZJS		 1262
1263 word = strndup(w, l);
db91ea32
ZJS		 1264 if (!word)
1265 return -ENOMEM;
d025f1e4
ZJS		 1266
1267 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1268 r = parse_boolean(word + 35);
1269 if (r < 0)
1270 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1271 else
1272 s->forward_to_syslog = r;
1273 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1274 r = parse_boolean(word + 33);
1275 if (r < 0)
1276 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1277 else
1278 s->forward_to_kmsg = r;
1279 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1280 r = parse_boolean(word + 36);
1281 if (r < 0)
1282 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1283 else
1284 s->forward_to_console = r;
1285 } else if (startswith(word, "systemd.journald"))
1286 log_warning("Invalid systemd.journald parameter. Ignoring.");
d025f1e4
ZJS		 1287 }
1288
db91ea32 1289 return 0;
d025f1e4
ZJS		 1290}
1291
1292static int server_parse_config_file(Server *s) {
db5c0122 1293 static const char fn[] = "/etc/systemd/journald.conf";
7fd1b19b 1294 _cleanup_fclose_ FILE *f = NULL;
d025f1e4
ZJS		 1295 int r;
1296
1297 assert(s);
1298
d025f1e4
ZJS		 1299 f = fopen(fn, "re");
1300 if (!f) {
1301 if (errno == ENOENT)
1302 return 0;
1303
1304 log_warning("Failed to open configuration file %s: %m", fn);
1305 return -errno;
1306 }
1307
e8e581bf 1308 r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
db5c0122 1309 (void*) journald_gperf_lookup, false, false, s);
d025f1e4
ZJS		 1310 if (r < 0)
1311 log_warning("Failed to parse configuration file: %s", strerror(-r));
1312
d025f1e4
ZJS		 1313 return r;
1314}
1315
f9a810be
LP		 1316static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1317 Server *s = userdata;
26687bf8
OS		 1318
1319 assert(s);
1320
f9a810be 1321 server_sync(s);
26687bf8
OS		 1322 return 0;
1323}
1324
d07f7b9e 1325int server_schedule_sync(Server *s, int priority) {
26687bf8
OS		 1326 int r;
1327
26687bf8
OS		 1328 assert(s);
1329
d07f7b9e
LP		 1330 if (priority <= LOG_CRIT) {
1331 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1332 server_sync(s);
1333 return 0;
1334 }
1335
26687bf8
OS		 1336 if (s->sync_scheduled)
1337 return 0;
1338
f9a810be
LP		 1339 if (s->sync_interval_usec > 0) {
1340 usec_t when;
ca267016 1341
f9a810be
LP		 1342 r = sd_event_get_now_monotonic(s->event, &when);
1343 if (r < 0)
1344 return r;
26687bf8 1345
f9a810be
LP		 1346 when += s->sync_interval_usec;
1347
1348 if (!s->sync_event_source) {
1349 r = sd_event_add_monotonic(s->event, when, 0, server_dispatch_sync, s, &s->sync_event_source);
1350 if (r < 0)
1351 return r;
1352
1353 r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1354 } else {
1355 r = sd_event_source_set_time(s->sync_event_source, when);
1356 if (r < 0)
1357 return r;
1358
1359 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1360 }
26687bf8 1361 if (r < 0)
f9a810be 1362 return r;
26687bf8 1363
f9a810be
LP		 1364 s->sync_scheduled = true;
1365 }
26687bf8
OS		 1366
1367 return 0;
1368}
1369
d025f1e4
ZJS		 1370int server_init(Server *s) {
1371 int n, r, fd;
1372
1373 assert(s);
1374
1375 zero(*s);
f9a810be 1376 s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = -1;
d025f1e4
ZJS		 1377 s->compress = true;
1378 s->seal = true;
1379
26687bf8
OS		 1380 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1381 s->sync_scheduled = false;
1382
d025f1e4
ZJS		 1383 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1384 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1385
1386 s->forward_to_syslog = true;
1387
1388 s->max_level_store = LOG_DEBUG;
1389 s->max_level_syslog = LOG_DEBUG;
1390 s->max_level_kmsg = LOG_NOTICE;
1391 s->max_level_console = LOG_INFO;
1392
1393 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1394 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1395
1396 server_parse_config_file(s);
1397 server_parse_proc_cmdline(s);
d288f79f
ZJS		 1398 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1399 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1400 (long long unsigned) s->rate_limit_interval,
1401 s->rate_limit_burst);
1402 s->rate_limit_interval = s->rate_limit_burst = 0;
1403 }
d025f1e4
ZJS		 1404
1405 mkdir_p("/run/systemd/journal", 0755);
1406
1407 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1408 if (!s->user_journals)
1409 return log_oom();
1410
1411 s->mmap = mmap_cache_new();
1412 if (!s->mmap)
1413 return log_oom();
1414
f9a810be
LP		 1415 r = sd_event_default(&s->event);
1416 if (r < 0) {
1417 log_error("Failed to create event loop: %s", strerror(-r));
1418 return r;
d025f1e4
ZJS		 1419 }
1420
f9a810be
LP		 1421 sd_event_set_watchdog(s->event, true);
1422
d025f1e4
ZJS		 1423 n = sd_listen_fds(true);
1424 if (n < 0) {
1425 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1426 return n;
1427 }
1428
1429 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1430
1431 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1432
1433 if (s->native_fd >= 0) {
1434 log_error("Too many native sockets passed.");
1435 return -EINVAL;
1436 }
1437
1438 s->native_fd = fd;
1439
1440 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1441
1442 if (s->stdout_fd >= 0) {
1443 log_error("Too many stdout sockets passed.");
1444 return -EINVAL;
1445 }
1446
1447 s->stdout_fd = fd;
1448
1449 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1450
1451 if (s->syslog_fd >= 0) {
1452 log_error("Too many /dev/log sockets passed.");
1453 return -EINVAL;
1454 }
1455
1456 s->syslog_fd = fd;
1457
1458 } else {
1459 log_error("Unknown socket passed.");
1460 return -EINVAL;
1461 }
1462 }
1463
1464 r = server_open_syslog_socket(s);
1465 if (r < 0)
1466 return r;
1467
1468 r = server_open_native_socket(s);
1469 if (r < 0)
1470 return r;
1471
1472 r = server_open_stdout_socket(s);
1473 if (r < 0)
1474 return r;
1475
1476 r = server_open_dev_kmsg(s);
1477 if (r < 0)
1478 return r;
1479
1480 r = server_open_kernel_seqnum(s);
1481 if (r < 0)
1482 return r;
1483
f9a810be 1484 r = setup_signals(s);
d025f1e4
ZJS		 1485 if (r < 0)
1486 return r;
1487
1488 s->udev = udev_new();
1489 if (!s->udev)
1490 return -ENOMEM;
1491
f9a810be 1492 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
d025f1e4
ZJS		 1493 if (!s->rate_limit)
1494 return -ENOMEM;
1495
1496 r = system_journal_open(s);
1497 if (r < 0)
1498 return r;
1499
1500 return 0;
1501}
1502
1503void server_maybe_append_tags(Server *s) {
1504#ifdef HAVE_GCRYPT
1505 JournalFile *f;
1506 Iterator i;
1507 usec_t n;
1508
1509 n = now(CLOCK_REALTIME);
1510
1511 if (s->system_journal)
1512 journal_file_maybe_append_tag(s->system_journal, n);
1513
1514 HASHMAP_FOREACH(f, s->user_journals, i)
1515 journal_file_maybe_append_tag(f, n);
1516#endif
1517}
1518
1519void server_done(Server *s) {
1520 JournalFile *f;
1521 assert(s);
1522
1523 while (s->stdout_streams)
1524 stdout_stream_free(s->stdout_streams);
1525
1526 if (s->system_journal)
1527 journal_file_close(s->system_journal);
1528
1529 if (s->runtime_journal)
1530 journal_file_close(s->runtime_journal);
1531
1532 while ((f = hashmap_steal_first(s->user_journals)))
1533 journal_file_close(f);
1534
1535 hashmap_free(s->user_journals);
1536
f9a810be
LP		 1537 sd_event_source_unref(s->syslog_event_source);
1538 sd_event_source_unref(s->native_event_source);
1539 sd_event_source_unref(s->stdout_event_source);
1540 sd_event_source_unref(s->dev_kmsg_event_source);
1541 sd_event_source_unref(s->sync_event_source);
1542 sd_event_source_unref(s->sigusr1_event_source);
1543 sd_event_source_unref(s->sigusr2_event_source);
1544 sd_event_source_unref(s->sigterm_event_source);
1545 sd_event_source_unref(s->sigint_event_source);
1546 sd_event_unref(s->event);
d025f1e4
ZJS		 1547
1548 if (s->syslog_fd >= 0)
1549 close_nointr_nofail(s->syslog_fd);
1550
1551 if (s->native_fd >= 0)
1552 close_nointr_nofail(s->native_fd);
1553
1554 if (s->stdout_fd >= 0)
1555 close_nointr_nofail(s->stdout_fd);
1556
1557 if (s->dev_kmsg_fd >= 0)
1558 close_nointr_nofail(s->dev_kmsg_fd);
1559
1560 if (s->rate_limit)
1561 journal_rate_limit_free(s->rate_limit);
1562
1563 if (s->kernel_seqnum)
1564 munmap(s->kernel_seqnum, sizeof(uint64_t));
1565
1566 free(s->buffer);
1567 free(s->tty_path);
1568
1569 if (s->mmap)
1570 mmap_cache_unref(s->mmap);
1571
1572 if (s->udev)
1573 udev_unref(s->udev);
1574}
Unnamed repository; edit this file 'description' to name the repository.