]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/journal/journald.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
use "Out of memory." consistantly (or with "\n")
[thirdparty/systemd.git] / src / journal / journald.c
CommitLineData
87d2c1ff
LP		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
87d2c1ff
LP		 11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 16 Lesser General Public License for more details.
87d2c1ff 17
5430f7f2 18 You should have received a copy of the GNU Lesser General Public License
87d2c1ff
LP		 19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
22#include <sys/epoll.h>
23#include <sys/socket.h>
24#include <errno.h>
25#include <sys/signalfd.h>
26#include <unistd.h>
27#include <fcntl.h>
7f3e6257
LP		 28#include <stddef.h>
29#include <sys/ioctl.h>
30#include <linux/sockios.h>
6e409ce1 31#include <sys/statvfs.h>
87d2c1ff 32
81527be1 33#include <systemd/sd-journal.h>
81527be1
LP		 34#include <systemd/sd-messages.h>
35#include <systemd/sd-daemon.h>
36
ba1261bc
LP		 37#ifdef HAVE_LOGIND
38#include <systemd/sd-login.h>
39#endif
40
49e942b2 41#include "mkdir.h"
87d2c1ff 42#include "hashmap.h"
cec736d2 43#include "journal-file.h"
87d2c1ff 44#include "socket-util.h"
69e5d42d 45#include "cgroup-util.h"
fe652127 46#include "list.h"
6e409ce1 47#include "journal-rate-limit.h"
cf244689 48#include "journal-internal.h"
e6960940
LP		 49#include "conf-parser.h"
50#include "journald.h"
effb1102 51#include "virt.h"
7f2c63cb 52#include "missing.h"
87d2c1ff 53
e6520a0f
LP		 54#ifdef HAVE_ACL
55#include <sys/acl.h>
56#include <acl/libacl.h>
79c07722 57#include "acl-util.h"
e6520a0f
LP		 58#endif
59
8a0f04e6
LP		 60#ifdef HAVE_SELINUX
61#include <selinux/selinux.h>
62#endif
63
cab8ac60 64#define USER_JOURNALS_MAX 1024
fe652127
LP		 65#define STDOUT_STREAMS_MAX 4096
66
de97b26a
LP		 67#define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68#define DEFAULT_RATE_LIMIT_BURST 200
69
9cfb57c9
LP		 70#define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
71
8a0f04e6 72#define N_IOVEC_META_FIELDS 17
224f2ee2 73
0dad12c1
LP		 74#define ENTRY_SIZE_MAX (1024*1024*32)
75
fe652127 76typedef enum StdoutStreamState {
4cd9a9d9 77 STDOUT_STREAM_IDENTIFIER,
62bca2c6 78 STDOUT_STREAM_UNIT_ID,
fe652127 79 STDOUT_STREAM_PRIORITY,
258cdffc 80 STDOUT_STREAM_LEVEL_PREFIX,
224f2ee2
LP		 81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
fe652127
LP		 84 STDOUT_STREAM_RUNNING
85} StdoutStreamState;
86
87struct StdoutStream {
88 Server *server;
89 StdoutStreamState state;
90
91 int fd;
92
93 struct ucred ucred;
7f2c63cb
LP		 94#ifdef HAVE_SELINUX
95 security_context_t security_context;
96#endif
fe652127 97
4cd9a9d9 98 char *identifier;
62bca2c6 99 char *unit_id;
fe652127 100 int priority;
258cdffc 101 bool level_prefix:1;
224f2ee2
LP		 102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
fe652127
LP		 105
106 char buffer[LINE_MAX+1];
107 size_t length;
108
109 LIST_FIELDS(StdoutStream, stdout_stream);
110};
111
e156d769
LP		 112static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
205c4d1d 115 [STORAGE_PERSISTENT] = "persistent",
e156d769
LP		 116 [STORAGE_NONE] = "none"
117};
118
119DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
121
6e409ce1 122static uint64_t available_space(Server *s) {
babfc091 123 char ids[33], *p;
6e409ce1 124 const char *f;
babfc091 125 sd_id128_t machine;
6e409ce1
LP		 126 struct statvfs ss;
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
128 int r;
129 DIR *d;
babfc091
LP		 130 usec_t ts;
131 JournalMetrics *m;
132
133 ts = now(CLOCK_MONOTONIC);
9cfb57c9
LP		 134
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
6e409ce1
LP		 137
138 r = sd_id128_get_machine(&machine);
139 if (r < 0)
140 return 0;
141
babfc091 142 if (s->system_journal) {
6e409ce1 143 f = "/var/log/journal/";
babfc091
LP		 144 m = &s->system_metrics;
145 } else {
6e409ce1 146 f = "/run/log/journal/";
babfc091
LP		 147 m = &s->runtime_metrics;
148 }
149
150 assert(m);
6e409ce1
LP		 151
152 p = strappend(f, sd_id128_to_string(machine, ids));
153 if (!p)
154 return 0;
155
156 d = opendir(p);
157 free(p);
158
159 if (!d)
160 return 0;
161
162 if (fstatvfs(dirfd(d), &ss) < 0)
163 goto finish;
164
165 for (;;) {
166 struct stat st;
167 struct dirent buf, *de;
6e409ce1 168
34a35ece
LP		 169 r = readdir_r(d, &buf, &de);
170 if (r != 0)
171 break;
6e409ce1
LP		 172
173 if (!de)
174 break;
175
c0421793
LP		 176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
6e409ce1
LP		 178 continue;
179
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
181 continue;
182
a3a52c0f
LP		 183 if (!S_ISREG(st.st_mode))
184 continue;
185
186 sum += (uint64_t) st.st_blocks * 512UL;
6e409ce1
LP		 187 }
188
babfc091 189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
6e409ce1
LP		 190
191 ss_avail = ss.f_bsize * ss.f_bavail;
192
babfc091 193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
6e409ce1
LP		 194
195 if (ss_avail < avail)
196 avail = ss_avail;
197
9cfb57c9
LP		 198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
200
6e409ce1
LP		 201finish:
202 closedir(d);
203
204 return avail;
205}
206
5e41cfec
LP		 207static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
209 int r;
210
211 assert(s);
212
213 if (s->file_gid_valid)
214 return;
215
216 r = get_group_creds(&adm, &s->file_gid);
217 if (r < 0)
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
219
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
224}
225
226static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
e6520a0f
LP		 227 int r;
228#ifdef HAVE_ACL
f4b47811
LP		 229 acl_t acl;
230 acl_entry_t entry;
231 acl_permset_t permset;
e6520a0f 232#endif
f4b47811
LP		 233
234 assert(f);
235
5e41cfec
LP		 236 server_read_file_gid(s);
237
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
f4b47811
LP		 239 if (r < 0)
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
241
e6520a0f 242#ifdef HAVE_ACL
f4b47811
LP		 243 if (uid <= 0)
244 return;
245
246 acl = acl_get_fd(f->fd);
247 if (!acl) {
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
249 return;
250 }
251
252 r = acl_find_uid(acl, uid, &entry);
253 if (r <= 0) {
254
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
259 goto finish;
260 }
261 }
262
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
267 goto finish;
268 }
269
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
272
273finish:
274 acl_free(acl);
e6520a0f 275#endif
f4b47811
LP		 276}
277
278static JournalFile* find_journal(Server *s, uid_t uid) {
279 char *p;
280 int r;
281 JournalFile *f;
3fbf9cbb
LP		 282 char ids[33];
283 sd_id128_t machine;
f4b47811
LP		 284
285 assert(s);
286
cf244689
LP		 287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
291
292 if (s->runtime_journal)
f4b47811
LP		 293 return s->runtime_journal;
294
295 if (uid <= 0)
296 return s->system_journal;
297
3fbf9cbb
LP		 298 r = sd_id128_get_machine(&machine);
299 if (r < 0)
300 return s->system_journal;
301
f4b47811
LP		 302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
303 if (f)
304 return f;
305
3fbf9cbb 306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
f4b47811
LP		 307 return s->system_journal;
308
cab8ac60
LP		 309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
312 assert(f);
313 journal_file_close(f);
314 }
315
4a92baf3 316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
f4b47811
LP		 317 free(p);
318
319 if (r < 0)
320 return s->system_journal;
321
5e41cfec 322 server_fix_perms(s, f, uid);
f4b47811
LP		 323
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
325 if (r < 0) {
326 journal_file_close(f);
327 return s->system_journal;
328 }
329
330 return f;
331}
332
b1a0ab71
LP		 333static void server_rotate(Server *s) {
334 JournalFile *f;
bc85bfee 335 void *k;
b1a0ab71 336 Iterator i;
bc85bfee 337 int r;
bc85bfee
LP		 338
339 log_info("Rotating...");
340
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
343 if (r < 0)
499fb215
SS		 344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
346 else
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
5e62067d
LP		 348 else
349 server_fix_perms(s, s->runtime_journal, 0);
bc85bfee
LP		 350 }
351
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
354 if (r < 0)
499fb215
SS		 355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
357 else
358 log_error("Failed to create new system journal: %s", strerror(-r));
359
5e62067d
LP		 360 else
361 server_fix_perms(s, s->system_journal, 0);
bc85bfee
LP		 362 }
363
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
366 if (r < 0)
499fb215
SS		 367 if (f->path)
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
369 else
370 log_error("Failed to create user journal: %s", strerror(-r));
5e62067d 371 else {
bc85bfee 372 hashmap_replace(s->user_journals, k, f);
5e62067d
LP		 373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
374 }
bc85bfee 375 }
b1a0ab71
LP		 376}
377
378static void server_vacuum(Server *s) {
379 char *p;
380 char ids[33];
381 sd_id128_t machine;
382 int r;
bc85bfee
LP		 383
384 log_info("Vacuuming...");
385
386 r = sd_id128_get_machine(&machine);
387 if (r < 0) {
388 log_error("Failed to get machine ID: %s", strerror(-r));
389 return;
390 }
391
babfc091 392 sd_id128_to_string(machine, ids);
bc85bfee 393
babfc091
LP		 394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
397 return;
398 }
bc85bfee 399
babfc091
LP		 400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
403 free(p);
bc85bfee
LP		 404 }
405
babfc091
LP		 406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
409 return;
410 }
411
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
415 free(p);
416 }
9cfb57c9
LP		 417
418 s->cached_available_space_timestamp = 0;
bc85bfee
LP		 419}
420
6e409ce1
LP		 421static char *shortened_cgroup_path(pid_t pid) {
422 int r;
423 char *process_path, *init_path, *path;
424
425 assert(pid > 0);
426
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
428 if (r < 0)
429 return NULL;
430
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
432 if (r < 0) {
433 free(process_path);
434 return NULL;
435 }
436
bad75c27
LP		 437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
6e409ce1
LP		 440 init_path[0] = 0;
441
783d2675
LP		 442 if (startswith(process_path, init_path)) {
443 char *p;
444
445 p = strdup(process_path + strlen(init_path));
446 if (!p) {
447 free(process_path);
448 free(init_path);
449 return NULL;
450 }
451 path = p;
452 } else {
6e409ce1 453 path = process_path;
783d2675
LP		 454 process_path = NULL;
455 }
6e409ce1 456
783d2675 457 free(process_path);
6e409ce1
LP		 458 free(init_path);
459
460 return path;
461}
462
dca6219e
LP		 463static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
464 JournalFile *f;
465 bool vacuumed = false;
466 int r;
467
468 assert(s);
469 assert(iovec);
470 assert(n > 0);
471
472 f = find_journal(s, uid);
473 if (!f)
474 return;
475
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
478 server_rotate(s);
479 server_vacuum(s);
480 vacuumed = true;
c2a623d8
LP		 481
482 f = find_journal(s, uid);
483 if (!f)
484 return;
dca6219e
LP		 485 }
486
487 for (;;) {
488 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
489 if (r >= 0)
490 return;
491
492 if (vacuumed ||
493 (r != -E2BIG && /* hit limit */
494 r != -EFBIG && /* hit fs limit */
495 r != -EDQUOT && /* quota hit */
496 r != -ENOSPC && /* disk full */
497 r != -EBADMSG && /* corrupted */
498 r != -ENODATA && /* truncated */
499 r != -EHOSTDOWN && /* other machine */
71fa6f00
LP		 500 r != -EPROTONOSUPPORT && /* unsupported feature */
501 r != -EBUSY && /* unclean shutdown */
502 r != -ESHUTDOWN /* already archived */)) {
dca6219e
LP		 503 log_error("Failed to write entry, ignoring: %s", strerror(-r));
504 return;
505 }
506
507 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
508 log_info("Allocation limit reached, rotating.");
509 else if (r == -EHOSTDOWN)
510 log_info("Journal file from other machine, rotating.");
71fa6f00
LP		 511 else if (r == -EBUSY)
512 log_info("Unlcean shutdown, rotating.");
dca6219e
LP		 513 else
514 log_warning("Journal file corrupted, rotating.");
515
516 server_rotate(s);
517 server_vacuum(s);
518 vacuumed = true;
519
32fca2d5
LP		 520 f = find_journal(s, uid);
521 if (!f)
522 return;
523
dca6219e
LP		 524 log_info("Retrying write.");
525 }
526}
527
7f2c63cb
LP		 528static void dispatch_message_real(
529 Server *s,
530 struct iovec *iovec, unsigned n, unsigned m,
531 struct ucred *ucred,
532 struct timeval *tv,
8b38f3cc
LP		 533 const char *label, size_t label_len,
534 const char *unit_id) {
6e409ce1 535
7f3e6257 536 char *pid = NULL, *uid = NULL, *gid = NULL,
87d2c1ff
LP		 537 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
538 *comm = NULL, *cmdline = NULL, *hostname = NULL,
539 *audit_session = NULL, *audit_loginuid = NULL,
85d83bf4 540 *exe = NULL, *cgroup = NULL, *session = NULL,
8a0f04e6 541 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
7f3e6257 542
87d2c1ff
LP		 543 char idbuf[33];
544 sd_id128_t id;
545 int r;
546 char *t;
de190aef 547 uid_t loginuid = 0, realuid = 0;
87d2c1ff 548
7f3e6257 549 assert(s);
6e409ce1
LP		 550 assert(iovec);
551 assert(n > 0);
224f2ee2 552 assert(n + N_IOVEC_META_FIELDS <= m);
87d2c1ff
LP		 553
554 if (ucred) {
85d83bf4 555 uint32_t audit;
ba1261bc 556#ifdef HAVE_LOGIND
85d83bf4 557 uid_t owner;
ba1261bc 558#endif
87d2c1ff 559
de190aef
LP		 560 realuid = ucred->uid;
561
562 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
87d2c1ff
LP		 563 IOVEC_SET_STRING(iovec[n++], pid);
564
de190aef 565 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
87d2c1ff
LP		 566 IOVEC_SET_STRING(iovec[n++], uid);
567
de190aef 568 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
87d2c1ff
LP		 569 IOVEC_SET_STRING(iovec[n++], gid);
570
571 r = get_process_comm(ucred->pid, &t);
572 if (r >= 0) {
de190aef 573 comm = strappend("_COMM=", t);
85d83bf4
LP		 574 free(t);
575
87d2c1ff
LP		 576 if (comm)
577 IOVEC_SET_STRING(iovec[n++], comm);
87d2c1ff
LP		 578 }
579
580 r = get_process_exe(ucred->pid, &t);
581 if (r >= 0) {
de190aef 582 exe = strappend("_EXE=", t);
85d83bf4
LP		 583 free(t);
584
5c3759bf 585 if (exe)
87d2c1ff 586 IOVEC_SET_STRING(iovec[n++], exe);
87d2c1ff
LP		 587 }
588
589 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
590 if (r >= 0) {
de190aef 591 cmdline = strappend("_CMDLINE=", t);
85d83bf4
LP		 592 free(t);
593
87d2c1ff
LP		 594 if (cmdline)
595 IOVEC_SET_STRING(iovec[n++], cmdline);
87d2c1ff
LP		 596 }
597
85d83bf4 598 r = audit_session_from_pid(ucred->pid, &audit);
87d2c1ff 599 if (r >= 0)
85d83bf4 600 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
87d2c1ff
LP		 601 IOVEC_SET_STRING(iovec[n++], audit_session);
602
603 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
604 if (r >= 0)
de190aef 605 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
87d2c1ff 606 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
69e5d42d 607
85d83bf4
LP		 608 t = shortened_cgroup_path(ucred->pid);
609 if (t) {
610 cgroup = strappend("_SYSTEMD_CGROUP=", t);
611 free(t);
612
69e5d42d
LP		 613 if (cgroup)
614 IOVEC_SET_STRING(iovec[n++], cgroup);
85d83bf4
LP		 615 }
616
ba1261bc 617#ifdef HAVE_LOGIND
85d83bf4
LP		 618 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
619 session = strappend("_SYSTEMD_SESSION=", t);
620 free(t);
621
622 if (session)
623 IOVEC_SET_STRING(iovec[n++], session);
624 }
6e409ce1 625
ba1261bc
LP		 626 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
627 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
628 IOVEC_SET_STRING(iovec[n++], owner_uid);
629#endif
630
631 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
94fb446e 632 unit = strappend("_SYSTEMD_UNIT=", t);
85d83bf4 633 free(t);
62bca2c6
ED		 634 } else if (unit_id)
635 unit = strappend("_SYSTEMD_UNIT=", unit_id);
85d83bf4 636
62bca2c6
ED		 637 if (unit)
638 IOVEC_SET_STRING(iovec[n++], unit);
85d83bf4 639
8a0f04e6 640#ifdef HAVE_SELINUX
7f2c63cb
LP		 641 if (label) {
642 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
643 if (selinux_context) {
644 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
645 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
646 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
8a0f04e6 647 IOVEC_SET_STRING(iovec[n++], selinux_context);
7f2c63cb
LP		 648 }
649 } else {
650 security_context_t con;
651
652 if (getpidcon(ucred->pid, &con) >= 0) {
653 selinux_context = strappend("_SELINUX_CONTEXT=", con);
654 if (selinux_context)
655 IOVEC_SET_STRING(iovec[n++], selinux_context);
8a0f04e6 656
7f2c63cb
LP		 657 freecon(con);
658 }
8a0f04e6
LP		 659 }
660#endif
87d2c1ff
LP		 661 }
662
663 if (tv) {
de190aef 664 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
87d2c1ff
LP		 665 (unsigned long long) timeval_load(tv)) >= 0)
666 IOVEC_SET_STRING(iovec[n++], source_time);
667 }
668
ed49ef3f
LP		 669 /* Note that strictly speaking storing the boot id here is
670 * redundant since the entry includes this in-line
671 * anyway. However, we need this indexed, too. */
87d2c1ff
LP		 672 r = sd_id128_get_boot(&id);
673 if (r >= 0)
de190aef 674 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
87d2c1ff
LP		 675 IOVEC_SET_STRING(iovec[n++], boot_id);
676
677 r = sd_id128_get_machine(&id);
678 if (r >= 0)
de190aef 679 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
87d2c1ff
LP		 680 IOVEC_SET_STRING(iovec[n++], machine_id);
681
682 t = gethostname_malloc();
683 if (t) {
de190aef 684 hostname = strappend("_HOSTNAME=", t);
85d83bf4 685 free(t);
87d2c1ff
LP		 686 if (hostname)
687 IOVEC_SET_STRING(iovec[n++], hostname);
87d2c1ff
LP		 688 }
689
7f3e6257
LP		 690 assert(n <= m);
691
dca6219e 692 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
87d2c1ff 693
87d2c1ff
LP		 694 free(pid);
695 free(uid);
696 free(gid);
697 free(comm);
69e5d42d 698 free(exe);
87d2c1ff
LP		 699 free(cmdline);
700 free(source_time);
701 free(boot_id);
702 free(machine_id);
703 free(hostname);
704 free(audit_session);
705 free(audit_loginuid);
7f3e6257 706 free(cgroup);
85d83bf4
LP		 707 free(session);
708 free(owner_uid);
94fb446e 709 free(unit);
8a0f04e6 710 free(selinux_context);
7f3e6257
LP		 711}
712
224f2ee2
LP		 713static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
714 char mid[11 + 32 + 1];
715 char buffer[16 + LINE_MAX + 1];
33eb8abf 716 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
224f2ee2
LP		 717 int n = 0;
718 va_list ap;
719 struct ucred ucred;
720
721 assert(s);
722 assert(format);
723
724 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
33eb8abf 725 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
224f2ee2
LP		 726
727 memcpy(buffer, "MESSAGE=", 8);
728 va_start(ap, format);
729 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
730 va_end(ap);
731 char_array_0(buffer);
732 IOVEC_SET_STRING(iovec[n++], buffer);
733
734 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
735 char_array_0(mid);
736 IOVEC_SET_STRING(iovec[n++], mid);
737
738 zero(ucred);
739 ucred.pid = getpid();
740 ucred.uid = getuid();
741 ucred.gid = getgid();
742
62bca2c6 743 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
224f2ee2
LP		 744}
745
6e409ce1
LP		 746static void dispatch_message(Server *s,
747 struct iovec *iovec, unsigned n, unsigned m,
748 struct ucred *ucred,
749 struct timeval *tv,
7f2c63cb 750 const char *label, size_t label_len,
62bca2c6 751 const char *unit_id,
6e409ce1
LP		 752 int priority) {
753 int rl;
783d2675 754 char *path = NULL, *c;
6e409ce1
LP		 755
756 assert(s);
757 assert(iovec || n == 0);
758
759 if (n == 0)
760 return;
761
213ba152
LP		 762 if (LOG_PRI(priority) > s->max_level_store)
763 return;
764
6e409ce1
LP		 765 if (!ucred)
766 goto finish;
767
768 path = shortened_cgroup_path(ucred->pid);
769 if (!path)
770 goto finish;
771
772 /* example: /user/lennart/3/foobar
773 * /system/dbus.service/foobar
774 *
775 * So let's cut of everything past the third /, since that is
776 * wher user directories start */
777
778 c = strchr(path, '/');
779 if (c) {
780 c = strchr(c+1, '/');
781 if (c) {
782 c = strchr(c+1, '/');
783 if (c)
784 *c = 0;
785 }
786 }
787
224f2ee2 788 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
6e409ce1
LP		 789
790 if (rl == 0) {
791 free(path);
792 return;
793 }
794
224f2ee2
LP		 795 /* Write a suppression message if we suppressed something */
796 if (rl > 1)
797 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
798
799 free(path);
800
801finish:
62bca2c6 802 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
224f2ee2
LP		 803}
804
805static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
806 struct msghdr msghdr;
807 struct cmsghdr *cmsg;
808 union {
809 struct cmsghdr cmsghdr;
810 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
811 } control;
812 union sockaddr_union sa;
813
814 assert(s);
815 assert(iovec);
816 assert(n_iovec > 0);
817
818 zero(msghdr);
819 msghdr.msg_iov = (struct iovec*) iovec;
820 msghdr.msg_iovlen = n_iovec;
821
822 zero(sa);
823 sa.un.sun_family = AF_UNIX;
259d2e76 824 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
224f2ee2
LP		 825 msghdr.msg_name = &sa;
826 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
827
828 if (ucred) {
829 zero(control);
830 msghdr.msg_control = &control;
831 msghdr.msg_controllen = sizeof(control);
832
833 cmsg = CMSG_FIRSTHDR(&msghdr);
834 cmsg->cmsg_level = SOL_SOCKET;
835 cmsg->cmsg_type = SCM_CREDENTIALS;
836 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
837 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
838 msghdr.msg_controllen = cmsg->cmsg_len;
839 }
840
841 /* Forward the syslog message we received via /dev/log to
842 * /run/systemd/syslog. Unfortunately we currently can't set
843 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
6e409ce1 844
224f2ee2
LP		 845 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
846 return;
6e409ce1 847
7c8bbccd
LP		 848 /* The socket is full? I guess the syslog implementation is
849 * too slow, and we shouldn't wait for that... */
850 if (errno == EAGAIN)
851 return;
852
224f2ee2
LP		 853 if (ucred && errno == ESRCH) {
854 struct ucred u;
6e409ce1 855
224f2ee2
LP		 856 /* Hmm, presumably the sender process vanished
857 * by now, so let's fix it as good as we
858 * can, and retry */
6e409ce1 859
224f2ee2
LP		 860 u = *ucred;
861 u.pid = getpid();
862 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
863
864 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
865 return;
7c8bbccd
LP		 866
867 if (errno == EAGAIN)
868 return;
6e409ce1
LP		 869 }
870
4ca86bbc
LP		 871 if (errno != ENOENT)
872 log_debug("Failed to forward syslog message: %m");
224f2ee2
LP		 873}
874
213ba152 875static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
224f2ee2
LP		 876 struct iovec iovec;
877
878 assert(s);
879 assert(buffer);
880
213ba152
LP		 881 if (LOG_PRI(priority) > s->max_level_syslog)
882 return;
883
224f2ee2
LP		 884 IOVEC_SET_STRING(iovec, buffer);
885 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
886}
887
4cd9a9d9 888static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
224f2ee2
LP		 889 struct iovec iovec[5];
890 char header_priority[6], header_time[64], header_pid[16];
891 int n = 0;
892 time_t t;
893 struct tm *tm;
4cd9a9d9 894 char *ident_buf = NULL;
224f2ee2
LP		 895
896 assert(s);
897 assert(priority >= 0);
898 assert(priority <= 999);
899 assert(message);
900
213ba152
LP		 901 if (LOG_PRI(priority) > s->max_level_syslog)
902 return;
903
224f2ee2
LP		 904 /* First: priority field */
905 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
906 char_array_0(header_priority);
907 IOVEC_SET_STRING(iovec[n++], header_priority);
908
909 /* Second: timestamp */
910 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
911 tm = localtime(&t);
912 if (!tm)
913 return;
914 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
915 return;
916 IOVEC_SET_STRING(iovec[n++], header_time);
917
4cd9a9d9 918 /* Third: identifier and PID */
224f2ee2 919 if (ucred) {
4cd9a9d9
LP		 920 if (!identifier) {
921 get_process_comm(ucred->pid, &ident_buf);
922 identifier = ident_buf;
224f2ee2
LP		 923 }
924
925 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
926 char_array_0(header_pid);
927
4cd9a9d9
LP		 928 if (identifier)
929 IOVEC_SET_STRING(iovec[n++], identifier);
224f2ee2
LP		 930
931 IOVEC_SET_STRING(iovec[n++], header_pid);
4cd9a9d9
LP		 932 } else if (identifier) {
933 IOVEC_SET_STRING(iovec[n++], identifier);
224f2ee2
LP		 934 IOVEC_SET_STRING(iovec[n++], ": ");
935 }
936
937 /* Fourth: message */
938 IOVEC_SET_STRING(iovec[n++], message);
939
940 forward_syslog_iovec(s, iovec, n, ucred, tv);
941
4cd9a9d9 942 free(ident_buf);
224f2ee2
LP		 943}
944
945static int fixup_priority(int priority) {
946
947 if ((priority & LOG_FACMASK) == 0)
948 return (priority & LOG_PRIMASK) | LOG_USER;
949
950 return priority;
951}
952
4cd9a9d9 953static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
224f2ee2
LP		 954 struct iovec iovec[5];
955 char header_priority[6], header_pid[16];
956 int n = 0;
4cd9a9d9 957 char *ident_buf = NULL;
224f2ee2
LP		 958 int fd;
959
960 assert(s);
961 assert(priority >= 0);
962 assert(priority <= 999);
963 assert(message);
964
213ba152
LP		 965 if (LOG_PRI(priority) > s->max_level_kmsg)
966 return;
967
224f2ee2
LP		 968 /* Never allow messages with kernel facility to be written to
969 * kmsg, regardless where the data comes from. */
970 priority = fixup_priority(priority);
971
972 /* First: priority field */
973 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
974 char_array_0(header_priority);
975 IOVEC_SET_STRING(iovec[n++], header_priority);
976
4cd9a9d9 977 /* Second: identifier and PID */
224f2ee2 978 if (ucred) {
4cd9a9d9
LP		 979 if (!identifier) {
980 get_process_comm(ucred->pid, &ident_buf);
981 identifier = ident_buf;
224f2ee2
LP		 982 }
983
984 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
985 char_array_0(header_pid);
986
4cd9a9d9
LP		 987 if (identifier)
988 IOVEC_SET_STRING(iovec[n++], identifier);
224f2ee2
LP		 989
990 IOVEC_SET_STRING(iovec[n++], header_pid);
4cd9a9d9
LP		 991 } else if (identifier) {
992 IOVEC_SET_STRING(iovec[n++], identifier);
224f2ee2
LP		 993 IOVEC_SET_STRING(iovec[n++], ": ");
994 }
995
996 /* Fourth: message */
997 IOVEC_SET_STRING(iovec[n++], message);
998 IOVEC_SET_STRING(iovec[n++], "\n");
999
1000 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
1001 if (fd < 0) {
1002 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
1003 goto finish;
1004 }
1005
1006 if (writev(fd, iovec, n) < 0)
1007 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1008
1009 close_nointr_nofail(fd);
6e409ce1
LP		 1010
1011finish:
4cd9a9d9 1012 free(ident_buf);
224f2ee2
LP		 1013}
1014
213ba152 1015static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
224f2ee2
LP		 1016 struct iovec iovec[4];
1017 char header_pid[16];
1018 int n = 0, fd;
4cd9a9d9 1019 char *ident_buf = NULL;
0d9243f0 1020 const char *tty;
224f2ee2
LP		 1021
1022 assert(s);
1023 assert(message);
1024
213ba152
LP		 1025 if (LOG_PRI(priority) > s->max_level_console)
1026 return;
1027
4cd9a9d9 1028 /* First: identifier and PID */
224f2ee2 1029 if (ucred) {
4cd9a9d9
LP		 1030 if (!identifier) {
1031 get_process_comm(ucred->pid, &ident_buf);
1032 identifier = ident_buf;
224f2ee2
LP		 1033 }
1034
1035 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1036 char_array_0(header_pid);
1037
4cd9a9d9
LP		 1038 if (identifier)
1039 IOVEC_SET_STRING(iovec[n++], identifier);
224f2ee2
LP		 1040
1041 IOVEC_SET_STRING(iovec[n++], header_pid);
4cd9a9d9
LP		 1042 } else if (identifier) {
1043 IOVEC_SET_STRING(iovec[n++], identifier);
224f2ee2
LP		 1044 IOVEC_SET_STRING(iovec[n++], ": ");
1045 }
1046
1047 /* Third: message */
1048 IOVEC_SET_STRING(iovec[n++], message);
1049 IOVEC_SET_STRING(iovec[n++], "\n");
1050
0d9243f0
LP		 1051 tty = s->tty_path ? s->tty_path : "/dev/console";
1052
1053 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
224f2ee2 1054 if (fd < 0) {
0d9243f0 1055 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
224f2ee2
LP		 1056 goto finish;
1057 }
1058
1059 if (writev(fd, iovec, n) < 0)
0d9243f0 1060 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
224f2ee2
LP		 1061
1062 close_nointr_nofail(fd);
1063
1064finish:
4cd9a9d9 1065 free(ident_buf);
224f2ee2
LP		 1066}
1067
6c1e6b98 1068static void read_identifier(const char **buf, char **identifier, char **pid) {
224f2ee2
LP		 1069 const char *p;
1070 char *t;
1071 size_t l, e;
1072
1073 assert(buf);
4cd9a9d9 1074 assert(identifier);
6c1e6b98 1075 assert(pid);
224f2ee2
LP		 1076
1077 p = *buf;
1078
1079 p += strspn(p, WHITESPACE);
1080 l = strcspn(p, WHITESPACE);
1081
1082 if (l <= 0 ||
1083 p[l-1] != ':')
1084 return;
1085
1086 e = l;
1087 l--;
1088
1089 if (p[l-1] == ']') {
1090 size_t k = l-1;
1091
1092 for (;;) {
1093
1094 if (p[k] == '[') {
6c1e6b98
LP		 1095 t = strndup(p+k+1, l-k-2);
1096 if (t)
1097 *pid = t;
1098
224f2ee2
LP		 1099 l = k;
1100 break;
1101 }
1102
1103 if (k == 0)
1104 break;
1105
1106 k--;
1107 }
1108 }
1109
1110 t = strndup(p, l);
1111 if (t)
4cd9a9d9 1112 *identifier = t;
224f2ee2
LP		 1113
1114 *buf = p + e;
1115 *buf += strspn(*buf, WHITESPACE);
6e409ce1
LP		 1116}
1117
7f2c63cb 1118static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
6c1e6b98
LP		 1119 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1120 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
7f3e6257
LP		 1121 unsigned n = 0;
1122 int priority = LOG_USER | LOG_INFO;
6c1e6b98 1123 char *identifier = NULL, *pid = NULL;
213ba152 1124 const char *orig;
7f3e6257
LP		 1125
1126 assert(s);
1127 assert(buf);
1128
213ba152
LP		 1129 orig = buf;
1130 parse_syslog_priority((char**) &buf, &priority);
1131
224f2ee2 1132 if (s->forward_to_syslog)
213ba152 1133 forward_syslog_raw(s, priority, orig, ucred, tv);
224f2ee2 1134
7f3e6257 1135 skip_syslog_date((char**) &buf);
6c1e6b98 1136 read_identifier(&buf, &identifier, &pid);
224f2ee2
LP		 1137
1138 if (s->forward_to_kmsg)
4cd9a9d9 1139 forward_kmsg(s, priority, identifier, buf, ucred);
224f2ee2
LP		 1140
1141 if (s->forward_to_console)
213ba152 1142 forward_console(s, priority, identifier, buf, ucred);
7f3e6257 1143
33eb8abf
LP		 1144 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1145
7f3e6257
LP		 1146 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1147 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1148
224f2ee2
LP		 1149 if (priority & LOG_FACMASK)
1150 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1151 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1152
4cd9a9d9
LP		 1153 if (identifier) {
1154 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1155 if (syslog_identifier)
1156 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
224f2ee2 1157 }
7f3e6257 1158
6c1e6b98
LP		 1159 if (pid) {
1160 syslog_pid = strappend("SYSLOG_PID=", pid);
1161 if (syslog_pid)
1162 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1163 }
1164
7f3e6257
LP		 1165 message = strappend("MESSAGE=", buf);
1166 if (message)
1167 IOVEC_SET_STRING(iovec[n++], message);
1168
62bca2c6 1169 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
7f3e6257
LP		 1170
1171 free(message);
4cd9a9d9 1172 free(identifier);
6c1e6b98 1173 free(pid);
87d2c1ff 1174 free(syslog_priority);
224f2ee2 1175 free(syslog_facility);
4cd9a9d9 1176 free(syslog_identifier);
7f3e6257
LP		 1177}
1178
6ad1d1c3
LP		 1179static bool valid_user_field(const char *p, size_t l) {
1180 const char *a;
1181
1182 /* We kinda enforce POSIX syntax recommendations for
1183 environment variables here, but make a couple of additional
1184 requirements.
1185
1186 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1187
1188 /* No empty field names */
1189 if (l <= 0)
1190 return false;
1191
1192 /* Don't allow names longer than 64 chars */
1193 if (l > 64)
1194 return false;
1195
1196 /* Variables starting with an underscore are protected */
1197 if (p[0] == '_')
1198 return false;
1199
1200 /* Don't allow digits as first character */
1201 if (p[0] >= '0' && p[0] <= '9')
1202 return false;
1203
1204 /* Only allow A-Z0-9 and '_' */
1205 for (a = p; a < p + l; a++)
1206 if (!((*a >= 'A' && *a <= 'Z') ||
1207 (*a >= '0' && *a <= '9') ||
1208 *a == '_'))
1209 return false;
1210
1211 return true;
1212}
1213
7f2c63cb
LP		 1214static void process_native_message(
1215 Server *s,
1216 const void *buffer, size_t buffer_size,
1217 struct ucred *ucred,
1218 struct timeval *tv,
1219 const char *label, size_t label_len) {
1220
7f3e6257 1221 struct iovec *iovec = NULL;
33eb8abf 1222 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
7f3e6257
LP		 1223 const char *p;
1224 size_t remaining;
6e409ce1 1225 int priority = LOG_INFO;
4cd9a9d9 1226 char *identifier = NULL, *message = NULL;
7f3e6257
LP		 1227
1228 assert(s);
7ea07dcd 1229 assert(buffer || buffer_size == 0);
7f3e6257
LP		 1230
1231 p = buffer;
1232 remaining = buffer_size;
1233
1234 while (remaining > 0) {
1235 const char *e, *q;
1236
1237 e = memchr(p, '\n', remaining);
1238
1239 if (!e) {
1240 /* Trailing noise, let's ignore it, and flush what we collected */
1241 log_debug("Received message with trailing noise, ignoring.");
1242 break;
1243 }
1244
1245 if (e == p) {
1246 /* Entry separator */
62bca2c6 1247 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
7f3e6257 1248 n = 0;
6e409ce1 1249 priority = LOG_INFO;
7f3e6257
LP		 1250
1251 p++;
1252 remaining--;
1253 continue;
1254 }
1255
6ad1d1c3
LP		 1256 if (*p == '.' || *p == '#') {
1257 /* Ignore control commands for now, and
1258 * comments too. */
7f3e6257
LP		 1259 remaining -= (e - p) + 1;
1260 p = e + 1;
1261 continue;
1262 }
1263
1264 /* A property follows */
1265
224f2ee2 1266 if (n+N_IOVEC_META_FIELDS >= m) {
7f3e6257
LP		 1267 struct iovec *c;
1268 unsigned u;
1269
33eb8abf 1270 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
7f3e6257
LP		 1271 c = realloc(iovec, u * sizeof(struct iovec));
1272 if (!c) {
669241a0 1273 log_error("Out of memory.");
7f3e6257
LP		 1274 break;
1275 }
1276
1277 iovec = c;
1278 m = u;
1279 }
1280
1281 q = memchr(p, '=', e - p);
1282 if (q) {
6ad1d1c3 1283 if (valid_user_field(p, q - p)) {
224f2ee2
LP		 1284 size_t l;
1285
1286 l = e - p;
1287
2b0ba69b
LP		 1288 /* If the field name starts with an
1289 * underscore, skip the variable,
1290 * since that indidates a trusted
1291 * field */
1292 iovec[n].iov_base = (char*) p;
224f2ee2 1293 iovec[n].iov_len = l;
2b0ba69b 1294 n++;
6e409ce1
LP		 1295
1296 /* We need to determine the priority
1297 * of this entry for the rate limiting
1298 * logic */
224f2ee2
LP		 1299 if (l == 10 &&
1300 memcmp(p, "PRIORITY=", 9) == 0 &&
1301 p[9] >= '0' && p[9] <= '9')
1302 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1303
1304 else if (l == 17 &&
1305 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1306 p[16] >= '0' && p[16] <= '9')
1307 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1308
1309 else if (l == 18 &&
1310 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1311 p[16] >= '0' && p[16] <= '9' &&
1312 p[17] >= '0' && p[17] <= '9')
1313 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1314
401cc72d 1315 else if (l >= 19 &&
fca1b90a 1316 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
224f2ee2
LP		 1317 char *t;
1318
fca1b90a 1319 t = strndup(p + 18, l - 18);
224f2ee2 1320 if (t) {
4cd9a9d9
LP		 1321 free(identifier);
1322 identifier = t;
224f2ee2
LP		 1323 }
1324 } else if (l >= 8 &&
1325 memcmp(p, "MESSAGE=", 8) == 0) {
1326 char *t;
1327
1328 t = strndup(p + 8, l - 8);
1329 if (t) {
1330 free(message);
1331 message = t;
1332 }
1333 }
2b0ba69b 1334 }
7f3e6257
LP		 1335
1336 remaining -= (e - p) + 1;
1337 p = e + 1;
1338 continue;
1339 } else {
4fd052ae 1340 le64_t l_le;
7f3e6257
LP		 1341 uint64_t l;
1342 char *k;
1343
1344 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1345 log_debug("Failed to parse message, ignoring.");
1346 break;
1347 }
1348
4fd052ae
FC		 1349 memcpy(&l_le, e + 1, sizeof(uint64_t));
1350 l = le64toh(l_le);
7f3e6257
LP		 1351
1352 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1353 e[1+sizeof(uint64_t)+l] != '\n') {
1354 log_debug("Failed to parse message, ignoring.");
1355 break;
1356 }
1357
1358 k = malloc((e - p) + 1 + l);
1359 if (!k) {
669241a0 1360 log_error("Out of memory.");
7f3e6257
LP		 1361 break;
1362 }
1363
1364 memcpy(k, p, e - p);
1365 k[e - p] = '=';
1366 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1367
6ad1d1c3 1368 if (valid_user_field(p, e - p)) {
2b0ba69b
LP		 1369 iovec[n].iov_base = k;
1370 iovec[n].iov_len = (e - p) + 1 + l;
1371 n++;
1372 } else
1373 free(k);
7f3e6257
LP		 1374
1375 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1376 p = e + 1 + sizeof(uint64_t) + l + 1;
1377 }
1378 }
1379
33eb8abf
LP		 1380 if (n <= 0)
1381 goto finish;
1382
1383 tn = n++;
1384 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1385
224f2ee2
LP		 1386 if (message) {
1387 if (s->forward_to_syslog)
4cd9a9d9 1388 forward_syslog(s, priority, identifier, message, ucred, tv);
224f2ee2
LP		 1389
1390 if (s->forward_to_kmsg)
4cd9a9d9 1391 forward_kmsg(s, priority, identifier, message, ucred);
224f2ee2
LP		 1392
1393 if (s->forward_to_console)
213ba152 1394 forward_console(s, priority, identifier, message, ucred);
224f2ee2
LP		 1395 }
1396
62bca2c6 1397 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
7f3e6257 1398
33eb8abf
LP		 1399finish:
1400 for (j = 0; j < n; j++) {
1401 if (j == tn)
1402 continue;
1403
7f3e6257
LP		 1404 if (iovec[j].iov_base < buffer ||
1405 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1406 free(iovec[j].iov_base);
33eb8abf 1407 }
224f2ee2 1408
071fd8c2 1409 free(iovec);
4cd9a9d9 1410 free(identifier);
224f2ee2 1411 free(message);
87d2c1ff
LP		 1412}
1413
7f2c63cb
LP		 1414static void process_native_file(
1415 Server *s,
1416 int fd,
1417 struct ucred *ucred,
1418 struct timeval *tv,
1419 const char *label, size_t label_len) {
1420
0dad12c1
LP		 1421 struct stat st;
1422 void *p;
1423 ssize_t n;
1424
1425 assert(s);
1426 assert(fd >= 0);
1427
1428 /* Data is in the passed file, since it didn't fit in a
1429 * datagram. We can't map the file here, since clients might
1430 * then truncate it and trigger a SIGBUS for us. So let's
1431 * stupidly read it */
1432
1433 if (fstat(fd, &st) < 0) {
1434 log_error("Failed to stat passed file, ignoring: %m");
1435 return;
1436 }
1437
1438 if (!S_ISREG(st.st_mode)) {
1439 log_error("File passed is not regular. Ignoring.");
1440 return;
1441 }
1442
1443 if (st.st_size <= 0)
1444 return;
1445
1446 if (st.st_size > ENTRY_SIZE_MAX) {
1447 log_error("File passed too large. Ignoring.");
1448 return;
1449 }
1450
1451 p = malloc(st.st_size);
1452 if (!p) {
669241a0 1453 log_error("Out of memory.");
0dad12c1
LP		 1454 return;
1455 }
1456
1457 n = pread(fd, p, st.st_size, 0);
1458 if (n < 0)
1459 log_error("Failed to read file, ignoring: %s", strerror(-n));
1460 else if (n > 0)
7f2c63cb 1461 process_native_message(s, p, n, ucred, tv, label, label_len);
0dad12c1
LP		 1462
1463 free(p);
1464}
1465
224f2ee2 1466static int stdout_stream_log(StdoutStream *s, const char *p) {
33eb8abf 1467 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
4cd9a9d9 1468 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
fe652127 1469 unsigned n = 0;
fe652127 1470 int priority;
7f2c63cb
LP		 1471 char *label = NULL;
1472 size_t label_len = 0;
fe652127 1473
87d2c1ff 1474 assert(s);
fe652127
LP		 1475 assert(p);
1476
0dad12c1
LP		 1477 if (isempty(p))
1478 return 0;
1479
fe652127
LP		 1480 priority = s->priority;
1481
258cdffc 1482 if (s->level_prefix)
224f2ee2 1483 parse_syslog_priority((char**) &p, &priority);
fe652127 1484
224f2ee2 1485 if (s->forward_to_syslog || s->server->forward_to_syslog)
4cd9a9d9 1486 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
fe652127 1487
224f2ee2 1488 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
4cd9a9d9 1489 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
fe652127 1490
224f2ee2 1491 if (s->forward_to_console || s->server->forward_to_console)
213ba152 1492 forward_console(s->server, priority, s->identifier, p, &s->ucred);
224f2ee2 1493
33eb8abf
LP		 1494 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1495
224f2ee2 1496 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
fe652127
LP		 1497 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1498
224f2ee2
LP		 1499 if (priority & LOG_FACMASK)
1500 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1501 IOVEC_SET_STRING(iovec[n++], syslog_facility);
fe652127 1502
4cd9a9d9
LP		 1503 if (s->identifier) {
1504 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1505 if (syslog_identifier)
1506 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
87d2c1ff
LP		 1507 }
1508
224f2ee2
LP		 1509 message = strappend("MESSAGE=", p);
1510 if (message)
1511 IOVEC_SET_STRING(iovec[n++], message);
fe652127 1512
7f2c63cb
LP		 1513#ifdef HAVE_SELINUX
1514 if (s->security_context) {
1515 label = (char*) s->security_context;
1516 label_len = strlen((char*) s->security_context);
1517 }
1518#endif
1519
62bca2c6 1520 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
fe652127
LP		 1521
1522 free(message);
1523 free(syslog_priority);
224f2ee2 1524 free(syslog_facility);
4cd9a9d9 1525 free(syslog_identifier);
fe652127
LP		 1526
1527 return 0;
1528}
1529
224f2ee2
LP		 1530static int stdout_stream_line(StdoutStream *s, char *p) {
1531 int r;
1532
fe652127
LP		 1533 assert(s);
1534 assert(p);
1535
224f2ee2 1536 p = strstrip(p);
fe652127
LP		 1537
1538 switch (s->state) {
1539
4cd9a9d9 1540 case STDOUT_STREAM_IDENTIFIER:
4c7de074
LP		 1541 if (isempty(p))
1542 s->identifier = NULL;
1543 else {
1544 s->identifier = strdup(p);
1545 if (!s->identifier) {
669241a0 1546 log_error("Out of memory.");
4c7de074
LP		 1547 return -ENOMEM;
1548 }
fe652127
LP		 1549 }
1550
62bca2c6
ED		 1551 s->state = STDOUT_STREAM_UNIT_ID;
1552 return 0;
1553
1554 case STDOUT_STREAM_UNIT_ID:
1555 if (s->ucred.uid == 0) {
1556 if (isempty(p))
1557 s->unit_id = NULL;
1558 else {
1559 s->unit_id = strdup(p);
1560 if (!s->unit_id) {
669241a0 1561 log_error("Out of memory.");
62bca2c6
ED		 1562 return -ENOMEM;
1563 }
1564 }
1565 }
1566
fe652127
LP		 1567 s->state = STDOUT_STREAM_PRIORITY;
1568 return 0;
1569
1570 case STDOUT_STREAM_PRIORITY:
224f2ee2
LP		 1571 r = safe_atoi(p, &s->priority);
1572 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
fe652127
LP		 1573 log_warning("Failed to parse log priority line.");
1574 return -EINVAL;
1575 }
1576
258cdffc 1577 s->state = STDOUT_STREAM_LEVEL_PREFIX;
fe652127
LP		 1578 return 0;
1579
258cdffc 1580 case STDOUT_STREAM_LEVEL_PREFIX:
224f2ee2
LP		 1581 r = parse_boolean(p);
1582 if (r < 0) {
258cdffc 1583 log_warning("Failed to parse level prefix line.");
fe652127
LP		 1584 return -EINVAL;
1585 }
1586
258cdffc 1587 s->level_prefix = !!r;
224f2ee2 1588 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
fe652127
LP		 1589 return 0;
1590
224f2ee2
LP		 1591 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1592 r = parse_boolean(p);
1593 if (r < 0) {
1594 log_warning("Failed to parse forward to syslog line.");
fe652127
LP		 1595 return -EINVAL;
1596 }
1597
224f2ee2
LP		 1598 s->forward_to_syslog = !!r;
1599 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1600 return 0;
1601
1602 case STDOUT_STREAM_FORWARD_TO_KMSG:
1603 r = parse_boolean(p);
1604 if (r < 0) {
1605 log_warning("Failed to parse copy to kmsg line.");
1606 return -EINVAL;
1607 }
1608
1609 s->forward_to_kmsg = !!r;
1610 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1611 return 0;
1612
1613 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1614 r = parse_boolean(p);
1615 if (r < 0) {
1616 log_warning("Failed to parse copy to console line.");
1617 return -EINVAL;
1618 }
1619
1620 s->forward_to_console = !!r;
fe652127
LP		 1621 s->state = STDOUT_STREAM_RUNNING;
1622 return 0;
1623
1624 case STDOUT_STREAM_RUNNING:
224f2ee2 1625 return stdout_stream_log(s, p);
fe652127
LP		 1626 }
1627
1628 assert_not_reached("Unknown stream state");
1629}
1630
1631static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1632 char *p;
1633 size_t remaining;
1634 int r;
1635
1636 assert(s);
1637
1638 p = s->buffer;
1639 remaining = s->length;
1640 for (;;) {
1641 char *end;
1642 size_t skip;
1643
1644 end = memchr(p, '\n', remaining);
224f2ee2 1645 if (end)
fe652127 1646 skip = end - p + 1;
224f2ee2
LP		 1647 else if (remaining >= sizeof(s->buffer) - 1) {
1648 end = p + sizeof(s->buffer) - 1;
6c1e6b98 1649 skip = remaining;
224f2ee2
LP		 1650 } else
1651 break;
1652
1653 *end = 0;
fe652127 1654
224f2ee2 1655 r = stdout_stream_line(s, p);
fe652127
LP		 1656 if (r < 0)
1657 return r;
1658
1659 remaining -= skip;
1660 p += skip;
1661 }
1662
1663 if (force_flush && remaining > 0) {
224f2ee2
LP		 1664 p[remaining] = 0;
1665 r = stdout_stream_line(s, p);
fe652127
LP		 1666 if (r < 0)
1667 return r;
1668
1669 p += remaining;
1670 remaining = 0;
1671 }
1672
1673 if (p > s->buffer) {
1674 memmove(s->buffer, p, remaining);
1675 s->length = remaining;
1676 }
1677
1678 return 0;
1679}
1680
1681static int stdout_stream_process(StdoutStream *s) {
1682 ssize_t l;
1683 int r;
1684
1685 assert(s);
1686
1687 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1688 if (l < 0) {
1689
1690 if (errno == EAGAIN)
1691 return 0;
1692
1693 log_warning("Failed to read from stream: %m");
1694 return -errno;
1695 }
1696
1697 if (l == 0) {
1698 r = stdout_stream_scan(s, true);
1699 if (r < 0)
1700 return r;
1701
1702 return 0;
1703 }
1704
1705 s->length += l;
1706 r = stdout_stream_scan(s, false);
1707 if (r < 0)
1708 return r;
1709
1710 return 1;
1711
1712}
1713
1714static void stdout_stream_free(StdoutStream *s) {
1715 assert(s);
1716
1717 if (s->server) {
1718 assert(s->server->n_stdout_streams > 0);
1719 s->server->n_stdout_streams --;
1720 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1721 }
1722
1723 if (s->fd >= 0) {
1724 if (s->server)
1725 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1726
1727 close_nointr_nofail(s->fd);
1728 }
1729
7f2c63cb
LP		 1730#ifdef HAVE_SELINUX
1731 if (s->security_context)
1732 freecon(s->security_context);
1733#endif
1734
4cd9a9d9 1735 free(s->identifier);
fe652127
LP		 1736 free(s);
1737}
1738
1739static int stdout_stream_new(Server *s) {
1740 StdoutStream *stream;
1741 int fd, r;
1742 socklen_t len;
1743 struct epoll_event ev;
1744
1745 assert(s);
1746
1747 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1748 if (fd < 0) {
1749 if (errno == EAGAIN)
1750 return 0;
1751
1752 log_error("Failed to accept stdout connection: %m");
1753 return -errno;
1754 }
1755
1756 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1757 log_warning("Too many stdout streams, refusing connection.");
1758 close_nointr_nofail(fd);
1759 return 0;
1760 }
1761
1762 stream = new0(StdoutStream, 1);
1763 if (!stream) {
1764 log_error("Out of memory.");
1765 close_nointr_nofail(fd);
1766 return -ENOMEM;
1767 }
1768
1769 stream->fd = fd;
1770
1771 len = sizeof(stream->ucred);
1772 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1773 log_error("Failed to determine peer credentials: %m");
1774 r = -errno;
1775 goto fail;
1776 }
1777
7f2c63cb 1778#ifdef HAVE_SELINUX
1afd5be4
LP		 1779 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1780 log_error("Failed to determine peer security context: %m");
7f2c63cb
LP		 1781#endif
1782
fe652127
LP		 1783 if (shutdown(fd, SHUT_WR) < 0) {
1784 log_error("Failed to shutdown writing side of socket: %m");
1785 r = -errno;
1786 goto fail;
1787 }
1788
1789 zero(ev);
1790 ev.data.ptr = stream;
1791 ev.events = EPOLLIN;
1792 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1793 log_error("Failed to add stream to event loop: %m");
1794 r = -errno;
1795 goto fail;
1796 }
1797
1798 stream->server = s;
1799 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1800 s->n_stdout_streams ++;
1801
1802 return 0;
1803
1804fail:
1805 stdout_stream_free(stream);
1806 return r;
1807}
1808
6c1e6b98
LP		 1809static int parse_kernel_timestamp(char **_p, usec_t *t) {
1810 usec_t r;
1811 int k, i;
1812 char *p;
1813
1814 assert(_p);
1815 assert(*_p);
1816 assert(t);
1817
1818 p = *_p;
1819
1820 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1821 return 0;
1822
1823 r = 0;
1824
1825 for (i = 1; i <= 5; i++) {
1826 r *= 10;
1827
1828 if (p[i] == ' ')
1829 continue;
1830
1831 k = undecchar(p[i]);
1832 if (k < 0)
1833 return 0;
1834
1835 r += k;
1836 }
1837
1838 for (i = 7; i <= 12; i++) {
1839 r *= 10;
1840
1841 k = undecchar(p[i]);
1842 if (k < 0)
1843 return 0;
1844
1845 r += k;
1846 }
1847
1848 *t = r;
1849 *_p += 14;
1850 *_p += strspn(*_p, WHITESPACE);
1851
1852 return 1;
1853}
1854
6c3569e1
LP		 1855static bool is_us(const char *pid) {
1856 pid_t t;
1857
1858 assert(pid);
1859
1860 if (parse_pid(pid, &t) < 0)
1861 return false;
1862
1863 return t == getpid();
1864}
1865
6c1e6b98
LP		 1866static void proc_kmsg_line(Server *s, const char *p) {
1867 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1868 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1869 int priority = LOG_KERN | LOG_INFO;
1870 unsigned n = 0;
1871 usec_t usec;
1872 char *identifier = NULL, *pid = NULL;
1873
1874 assert(s);
1875 assert(p);
1876
0dad12c1
LP		 1877 if (isempty(p))
1878 return;
1879
6c1e6b98
LP		 1880 parse_syslog_priority((char **) &p, &priority);
1881
1882 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1883 return;
1884
1885 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1886 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1887 (unsigned long long) usec) >= 0)
1888 IOVEC_SET_STRING(iovec[n++], source_time);
1889 }
1890
1891 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1892
1893 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1894 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1895
1896 if ((priority & LOG_FACMASK) == LOG_KERN) {
1897
1898 if (s->forward_to_syslog)
1899 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1900
1901 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1902 } else {
1903 read_identifier(&p, &identifier, &pid);
1904
6c3569e1
LP		 1905 /* Avoid any messages we generated ourselves via
1906 * log_info() and friends. */
96ceff56 1907 if (pid && is_us(pid))
6c3569e1
LP		 1908 goto finish;
1909
6c1e6b98
LP		 1910 if (s->forward_to_syslog)
1911 forward_syslog(s, priority, identifier, p, NULL, NULL);
1912
1913 if (identifier) {
1914 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1915 if (syslog_identifier)
1916 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1917 }
1918
1919 if (pid) {
1920 syslog_pid = strappend("SYSLOG_PID=", pid);
1921 if (syslog_pid)
1922 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1923 }
1924
1925 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1926 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1927 }
1928
1929 message = strappend("MESSAGE=", p);
1930 if (message)
1931 IOVEC_SET_STRING(iovec[n++], message);
1932
62bca2c6 1933 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
6c1e6b98 1934
6c3569e1 1935finish:
6c1e6b98
LP		 1936 free(message);
1937 free(syslog_priority);
1938 free(syslog_identifier);
1939 free(syslog_pid);
1940 free(syslog_facility);
1941 free(source_time);
1942 free(identifier);
1943 free(pid);
1944}
1945
1946static void proc_kmsg_scan(Server *s) {
1947 char *p;
1948 size_t remaining;
1949
1950 assert(s);
1951
1952 p = s->proc_kmsg_buffer;
1953 remaining = s->proc_kmsg_length;
1954 for (;;) {
1955 char *end;
1956 size_t skip;
1957
1958 end = memchr(p, '\n', remaining);
1959 if (end)
1960 skip = end - p + 1;
1961 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1962 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1963 skip = remaining;
1964 } else
1965 break;
1966
1967 *end = 0;
1968
1969 proc_kmsg_line(s, p);
1970
1971 remaining -= skip;
1972 p += skip;
1973 }
1974
1975 if (p > s->proc_kmsg_buffer) {
1976 memmove(s->proc_kmsg_buffer, p, remaining);
1977 s->proc_kmsg_length = remaining;
1978 }
1979}
1980
cf244689
LP		 1981static int system_journal_open(Server *s) {
1982 int r;
1983 char *fn;
1984 sd_id128_t machine;
1985 char ids[33];
1986
1987 r = sd_id128_get_machine(&machine);
1988 if (r < 0)
1989 return r;
1990
1991 sd_id128_to_string(machine, ids);
1992
e156d769 1993 if (!s->system_journal &&
b8156be0
LP		 1994 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1995 access("/run/systemd/journal/flushed", F_OK) >= 0) {
e156d769
LP		 1996
1997 /* If in auto mode: first try to create the machine
1998 * path, but not the prefix.
1999 *
205c4d1d 2000 * If in persistent mode: create /var/log/journal and
e156d769
LP		 2001 * the machine path */
2002
b8156be0 2003 if (s->storage == STORAGE_PERSISTENT)
e156d769 2004 (void) mkdir("/var/log/journal/", 0755);
cf244689 2005
cf244689
LP		 2006 fn = strappend("/var/log/journal/", ids);
2007 if (!fn)
2008 return -ENOMEM;
e156d769 2009
cf244689
LP		 2010 (void) mkdir(fn, 0755);
2011 free(fn);
2012
b7def684 2013 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
cf244689
LP		 2014 if (!fn)
2015 return -ENOMEM;
2016
4a92baf3 2017 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
cf244689
LP		 2018 free(fn);
2019
2020 if (r >= 0) {
cf244689
LP		 2021 s->system_journal->compress = s->compress;
2022
5e41cfec 2023 server_fix_perms(s, s->system_journal, 0);
cf244689
LP		 2024 } else if (r < 0) {
2025
adf7d506
LP		 2026 if (r != -ENOENT && r != -EROFS)
2027 log_warning("Failed to open system journal: %s", strerror(-r));
2028
2029 r = 0;
cf244689
LP		 2030 }
2031 }
2032
e156d769
LP		 2033 if (!s->runtime_journal &&
2034 (s->storage != STORAGE_NONE)) {
cf244689 2035
b7def684 2036 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
cf244689
LP		 2037 if (!fn)
2038 return -ENOMEM;
2039
2040 if (s->system_journal) {
2041
2042 /* Try to open the runtime journal, but only
2043 * if it already exists, so that we can flush
2044 * it into the system journal */
2045
4a92baf3 2046 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
cf244689
LP		 2047 free(fn);
2048
2049 if (r < 0) {
adf7d506
LP		 2050 if (r != -ENOENT)
2051 log_warning("Failed to open runtime journal: %s", strerror(-r));
cf244689 2052
adf7d506 2053 r = 0;
cf244689
LP		 2054 }
2055
2056 } else {
2057
2058 /* OK, we really need the runtime journal, so create
2059 * it if necessary. */
2060
b8156be0 2061 (void) mkdir_parents(fn, 0755);
4a92baf3 2062 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
cf244689
LP		 2063 free(fn);
2064
2065 if (r < 0) {
2066 log_error("Failed to open runtime journal: %s", strerror(-r));
2067 return r;
2068 }
2069 }
2070
2071 if (s->runtime_journal) {
cf244689
LP		 2072 s->runtime_journal->compress = s->compress;
2073
5e41cfec 2074 server_fix_perms(s, s->runtime_journal, 0);
cf244689
LP		 2075 }
2076 }
2077
2078 return r;
2079}
2080
2081static int server_flush_to_var(Server *s) {
cf244689
LP		 2082 Object *o = NULL;
2083 int r;
2084 sd_id128_t machine;
2085 sd_journal *j;
2086
2087 assert(s);
2088
e156d769 2089 if (s->storage != STORAGE_AUTO &&
205c4d1d 2090 s->storage != STORAGE_PERSISTENT)
e156d769
LP		 2091 return 0;
2092
54a7b863
LP		 2093 if (!s->runtime_journal)
2094 return 0;
2095
cf244689
LP		 2096 system_journal_open(s);
2097
54a7b863 2098 if (!s->system_journal)
cf244689
LP		 2099 return 0;
2100
6c1e6b98
LP		 2101 log_info("Flushing to /var...");
2102
cf244689
LP		 2103 r = sd_id128_get_machine(&machine);
2104 if (r < 0) {
2105 log_error("Failed to get machine id: %s", strerror(-r));
2106 return r;
2107 }
2108
2109 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2110 if (r < 0) {
2111 log_error("Failed to read runtime journal: %s", strerror(-r));
2112 return r;
2113 }
2114
2115 SD_JOURNAL_FOREACH(j) {
2116 JournalFile *f;
2117
2118 f = j->current_file;
2119 assert(f && f->current_offset > 0);
2120
2121 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2122 if (r < 0) {
2123 log_error("Can't read entry: %s", strerror(-r));
2124 goto finish;
2125 }
2126
2127 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2128 if (r == -E2BIG) {
2129 log_info("Allocation limit reached.");
2130
2131 journal_file_post_change(s->system_journal);
b1a0ab71 2132 server_rotate(s);
cf244689
LP		 2133 server_vacuum(s);
2134
2135 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2136 }
2137
2138 if (r < 0) {
2139 log_error("Can't write entry: %s", strerror(-r));
2140 goto finish;
2141 }
2142 }
2143
2144finish:
2145 journal_file_post_change(s->system_journal);
2146
2147 journal_file_close(s->runtime_journal);
2148 s->runtime_journal = NULL;
2149
4a299a7a
LP		 2150 if (r >= 0)
2151 rm_rf("/run/log/journal", false, true, false);
cf244689
LP		 2152
2153 return r;
2154}
2155
6c1e6b98
LP		 2156static int server_read_proc_kmsg(Server *s) {
2157 ssize_t l;
2158 assert(s);
2159 assert(s->proc_kmsg_fd >= 0);
2160
2161 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
4c2ecfaf
LP		 2162 if (l == 0) /* the kernel is stupid and in some race
2163 * conditions returns 0 in the middle of the
2164 * stream. */
2165 return 0;
6c1e6b98
LP		 2166 if (l < 0) {
2167
2168 if (errno == EAGAIN || errno == EINTR)
2169 return 0;
2170
2171 log_error("Failed to read from kernel: %m");
2172 return -errno;
2173 }
2174
2175 s->proc_kmsg_length += l;
2176
2177 proc_kmsg_scan(s);
2178 return 1;
2179}
2180
2181static int server_flush_proc_kmsg(Server *s) {
2182 int r;
2183
2184 assert(s);
2185
2186 if (s->proc_kmsg_fd < 0)
2187 return 0;
2188
2189 log_info("Flushing /proc/kmsg...");
2190
2191 for (;;) {
2192 r = server_read_proc_kmsg(s);
2193 if (r < 0)
2194 return r;
2195
2196 if (r == 0)
2197 break;
2198 }
2199
2200 return 0;
2201}
2202
fe652127
LP		 2203static int process_event(Server *s, struct epoll_event *ev) {
2204 assert(s);
ba6b3039 2205 assert(ev);
fe652127 2206
87d2c1ff
LP		 2207 if (ev->data.fd == s->signal_fd) {
2208 struct signalfd_siginfo sfsi;
2209 ssize_t n;
2210
fe652127
LP		 2211 if (ev->events != EPOLLIN) {
2212 log_info("Got invalid event from epoll.");
2213 return -EIO;
2214 }
2215
87d2c1ff
LP		 2216 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2217 if (n != sizeof(sfsi)) {
2218
2219 if (n >= 0)
2220 return -EIO;
2221
2222 if (errno == EINTR || errno == EAGAIN)
6c1e6b98 2223 return 1;
87d2c1ff
LP		 2224
2225 return -errno;
2226 }
2227
3146a302
LP		 2228 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2229
cf244689 2230 if (sfsi.ssi_signo == SIGUSR1) {
b8156be0 2231 touch("/run/systemd/journal/flushed");
cf244689 2232 server_flush_to_var(s);
ba6b3039
LP		 2233 return 1;
2234 }
2235
2236 if (sfsi.ssi_signo == SIGUSR2) {
2237 server_rotate(s);
2238 server_vacuum(s);
2239 return 1;
cf244689
LP		 2240 }
2241
87d2c1ff
LP		 2242 return 0;
2243
6c1e6b98
LP		 2244 } else if (ev->data.fd == s->proc_kmsg_fd) {
2245 int r;
2246
2247 if (ev->events != EPOLLIN) {
2248 log_info("Got invalid event from epoll.");
2249 return -EIO;
2250 }
2251
2252 r = server_read_proc_kmsg(s);
2253 if (r < 0)
2254 return r;
2255
2256 return 1;
2257
fe652127
LP		 2258 } else if (ev->data.fd == s->native_fd ||
2259 ev->data.fd == s->syslog_fd) {
2260
2261 if (ev->events != EPOLLIN) {
2262 log_info("Got invalid event from epoll.");
2263 return -EIO;
2264 }
cec736d2 2265
87d2c1ff 2266 for (;;) {
87d2c1ff
LP		 2267 struct msghdr msghdr;
2268 struct iovec iovec;
2269 struct ucred *ucred = NULL;
2270 struct timeval *tv = NULL;
2271 struct cmsghdr *cmsg;
7f2c63cb
LP		 2272 char *label = NULL;
2273 size_t label_len = 0;
87d2c1ff
LP		 2274 union {
2275 struct cmsghdr cmsghdr;
7264278f
LP		 2276
2277 /* We use NAME_MAX space for the
2278 * SELinux label here. The kernel
2279 * currently enforces no limit, but
2280 * according to suggestions from the
2281 * SELinux people this will change and
2282 * it will probably be identical to
2283 * NAME_MAX. For now we use that, but
2284 * this should be updated one day when
2285 * the final limit is known.*/
87d2c1ff 2286 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
0dad12c1 2287 CMSG_SPACE(sizeof(struct timeval)) +
7264278f
LP		 2288 CMSG_SPACE(sizeof(int)) + /* fd */
2289 CMSG_SPACE(NAME_MAX)]; /* selinux label */
87d2c1ff
LP		 2290 } control;
2291 ssize_t n;
7f3e6257 2292 int v;
0dad12c1
LP		 2293 int *fds = NULL;
2294 unsigned n_fds = 0;
7f3e6257
LP		 2295
2296 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2297 log_error("SIOCINQ failed: %m");
2298 return -errno;
2299 }
2300
7f3e6257
LP		 2301 if (s->buffer_size < (size_t) v) {
2302 void *b;
2303 size_t l;
2304
2305 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2306 b = realloc(s->buffer, l+1);
2307
2308 if (!b) {
2309 log_error("Couldn't increase buffer.");
2310 return -ENOMEM;
2311 }
2312
2313 s->buffer_size = l;
2314 s->buffer = b;
2315 }
87d2c1ff
LP		 2316
2317 zero(iovec);
7f3e6257
LP		 2318 iovec.iov_base = s->buffer;
2319 iovec.iov_len = s->buffer_size;
87d2c1ff
LP		 2320
2321 zero(control);
2322 zero(msghdr);
2323 msghdr.msg_iov = &iovec;
2324 msghdr.msg_iovlen = 1;
2325 msghdr.msg_control = &control;
2326 msghdr.msg_controllen = sizeof(control);
2327
0dad12c1 2328 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
87d2c1ff
LP		 2329 if (n < 0) {
2330
2331 if (errno == EINTR || errno == EAGAIN)
2332 return 1;
2333
2334 log_error("recvmsg() failed: %m");
2335 return -errno;
2336 }
2337
2338 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2339
2340 if (cmsg->cmsg_level == SOL_SOCKET &&
2341 cmsg->cmsg_type == SCM_CREDENTIALS &&
2342 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2343 ucred = (struct ucred*) CMSG_DATA(cmsg);
2344 else if (cmsg->cmsg_level == SOL_SOCKET &&
7f2c63cb
LP		 2345 cmsg->cmsg_type == SCM_SECURITY) {
2346 label = (char*) CMSG_DATA(cmsg);
2347 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2348 } else if (cmsg->cmsg_level == SOL_SOCKET &&
87d2c1ff
LP		 2349 cmsg->cmsg_type == SO_TIMESTAMP &&
2350 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2351 tv = (struct timeval*) CMSG_DATA(cmsg);
0dad12c1
LP		 2352 else if (cmsg->cmsg_level == SOL_SOCKET &&
2353 cmsg->cmsg_type == SCM_RIGHTS) {
2354 fds = (int*) CMSG_DATA(cmsg);
2355 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2356 }
87d2c1ff
LP		 2357 }
2358
7f3e6257
LP		 2359 if (ev->data.fd == s->syslog_fd) {
2360 char *e;
2361
0dad12c1
LP		 2362 if (n > 0 && n_fds == 0) {
2363 e = memchr(s->buffer, '\n', n);
2364 if (e)
2365 *e = 0;
2366 else
2367 s->buffer[n] = 0;
2368
7f2c63cb 2369 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
0dad12c1
LP		 2370 } else if (n_fds > 0)
2371 log_warning("Got file descriptors via syslog socket. Ignoring.");
2372
2373 } else {
2374 if (n > 0 && n_fds == 0)
7f2c63cb 2375 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
0dad12c1 2376 else if (n == 0 && n_fds == 1)
7f2c63cb 2377 process_native_file(s, fds[0], ucred, tv, label, label_len);
0dad12c1
LP		 2378 else if (n_fds > 0)
2379 log_warning("Got too many file descriptors via native socket. Ignoring.");
2380 }
87d2c1ff 2381
0dad12c1 2382 close_many(fds, n_fds);
87d2c1ff 2383 }
cec736d2
LP		 2384
2385 return 1;
fe652127
LP		 2386
2387 } else if (ev->data.fd == s->stdout_fd) {
2388
2389 if (ev->events != EPOLLIN) {
2390 log_info("Got invalid event from epoll.");
2391 return -EIO;
2392 }
2393
2394 stdout_stream_new(s);
2395 return 1;
2396
2397 } else {
2398 StdoutStream *stream;
2399
2400 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2401 log_info("Got invalid event from epoll.");
2402 return -EIO;
2403 }
2404
2405 /* If it is none of the well-known fds, it must be an
2406 * stdout stream fd. Note that this is a bit ugly here
2407 * (since we rely that none of the well-known fds
2408 * could be interpreted as pointer), but nonetheless
2409 * safe, since the well-known fds would never get an
2410 * fd > 4096, i.e. beyond the first memory page */
2411
2412 stream = ev->data.ptr;
2413
2414 if (stdout_stream_process(stream) <= 0)
2415 stdout_stream_free(stream);
2416
2417 return 1;
87d2c1ff
LP		 2418 }
2419
cec736d2
LP		 2420 log_error("Unknown event.");
2421 return 0;
87d2c1ff
LP		 2422}
2423
7f3e6257
LP		 2424static int open_syslog_socket(Server *s) {
2425 union sockaddr_union sa;
2426 int one, r;
fe652127 2427 struct epoll_event ev;
87d2c1ff
LP		 2428
2429 assert(s);
2430
7f3e6257 2431 if (s->syslog_fd < 0) {
87d2c1ff 2432
6c1e6b98 2433 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
7f3e6257
LP		 2434 if (s->syslog_fd < 0) {
2435 log_error("socket() failed: %m");
2436 return -errno;
2437 }
2438
2439 zero(sa);
2440 sa.un.sun_family = AF_UNIX;
8b18eb67 2441 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
7f3e6257
LP		 2442
2443 unlink(sa.un.sun_path);
2444
2445 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2446 if (r < 0) {
2447 log_error("bind() failed: %m");
2448 return -errno;
2449 }
2450
2451 chmod(sa.un.sun_path, 0666);
632117b7
LP		 2452 } else
2453 fd_nonblock(s->syslog_fd, 1);
87d2c1ff 2454
7f3e6257
LP		 2455 one = 1;
2456 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2457 if (r < 0) {
2458 log_error("SO_PASSCRED failed: %m");
2459 return -errno;
87d2c1ff
LP		 2460 }
2461
6bc1ce40 2462#ifdef HAVE_SELINUX
54ecda32
LP		 2463 one = 1;
2464 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2465 if (r < 0)
2466 log_warning("SO_PASSSEC failed: %m");
67aa4551 2467#endif
54ecda32 2468
7f3e6257
LP		 2469 one = 1;
2470 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2471 if (r < 0) {
2472 log_error("SO_TIMESTAMP failed: %m");
2473 return -errno;
87d2c1ff
LP		 2474 }
2475
fe652127
LP		 2476 zero(ev);
2477 ev.events = EPOLLIN;
2478 ev.data.fd = s->syslog_fd;
2479 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2480 log_error("Failed to add syslog server fd to epoll object: %m");
2481 return -errno;
2482 }
2483
7f3e6257
LP		 2484 return 0;
2485}
87d2c1ff 2486
7f3e6257
LP		 2487static int open_native_socket(Server*s) {
2488 union sockaddr_union sa;
2489 int one, r;
fe652127 2490 struct epoll_event ev;
7f3e6257
LP		 2491
2492 assert(s);
2493
2494 if (s->native_fd < 0) {
2495
6c1e6b98 2496 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
7f3e6257 2497 if (s->native_fd < 0) {
87d2c1ff
LP		 2498 log_error("socket() failed: %m");
2499 return -errno;
2500 }
2501
2502 zero(sa);
2503 sa.un.sun_family = AF_UNIX;
259d2e76 2504 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
87d2c1ff
LP		 2505
2506 unlink(sa.un.sun_path);
2507
7f3e6257 2508 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
87d2c1ff
LP		 2509 if (r < 0) {
2510 log_error("bind() failed: %m");
2511 return -errno;
2512 }
2513
2514 chmod(sa.un.sun_path, 0666);
632117b7
LP		 2515 } else
2516 fd_nonblock(s->native_fd, 1);
87d2c1ff
LP		 2517
2518 one = 1;
7f3e6257 2519 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
87d2c1ff
LP		 2520 if (r < 0) {
2521 log_error("SO_PASSCRED failed: %m");
2522 return -errno;
2523 }
2524
67aa4551 2525#ifdef HAVE_SELINUX
54ecda32
LP		 2526 one = 1;
2527 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2528 if (r < 0)
2529 log_warning("SO_PASSSEC failed: %m");
67aa4551 2530#endif
54ecda32 2531
87d2c1ff 2532 one = 1;
7f3e6257 2533 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
87d2c1ff
LP		 2534 if (r < 0) {
2535 log_error("SO_TIMESTAMP failed: %m");
2536 return -errno;
2537 }
2538
fe652127
LP		 2539 zero(ev);
2540 ev.events = EPOLLIN;
2541 ev.data.fd = s->native_fd;
2542 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2543 log_error("Failed to add native server fd to epoll object: %m");
2544 return -errno;
2545 }
2546
7f3e6257
LP		 2547 return 0;
2548}
2549
fe652127
LP		 2550static int open_stdout_socket(Server *s) {
2551 union sockaddr_union sa;
2552 int r;
7f3e6257 2553 struct epoll_event ev;
fe652127
LP		 2554
2555 assert(s);
2556
2557 if (s->stdout_fd < 0) {
2558
6c1e6b98 2559 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
fe652127
LP		 2560 if (s->stdout_fd < 0) {
2561 log_error("socket() failed: %m");
2562 return -errno;
2563 }
2564
2565 zero(sa);
2566 sa.un.sun_family = AF_UNIX;
259d2e76 2567 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
fe652127
LP		 2568
2569 unlink(sa.un.sun_path);
2570
2571 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2572 if (r < 0) {
2573 log_error("bind() failed: %m");
2574 return -errno;
2575 }
2576
2577 chmod(sa.un.sun_path, 0666);
2578
2579 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2580 log_error("liste() failed: %m");
2581 return -errno;
2582 }
632117b7
LP		 2583 } else
2584 fd_nonblock(s->stdout_fd, 1);
fe652127
LP		 2585
2586 zero(ev);
2587 ev.events = EPOLLIN;
2588 ev.data.fd = s->stdout_fd;
2589 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2590 log_error("Failed to add stdout server fd to epoll object: %m");
2591 return -errno;
2592 }
2593
2594 return 0;
2595}
2596
6c1e6b98
LP		 2597static int open_proc_kmsg(Server *s) {
2598 struct epoll_event ev;
2599
2600 assert(s);
2601
2602 if (!s->import_proc_kmsg)
2603 return 0;
2604
2abf99ac 2605 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
6c1e6b98
LP		 2606 if (s->proc_kmsg_fd < 0) {
2607 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2608 return 0;
2609 }
2610
2611 zero(ev);
2612 ev.events = EPOLLIN;
2613 ev.data.fd = s->proc_kmsg_fd;
2614 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2615 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2616 return -errno;
2617 }
2618
2619 return 0;
2620}
2621
fe652127 2622static int open_signalfd(Server *s) {
7f3e6257 2623 sigset_t mask;
fe652127
LP		 2624 struct epoll_event ev;
2625
2626 assert(s);
2627
2628 assert_se(sigemptyset(&mask) == 0);
ba6b3039 2629 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
fe652127
LP		 2630 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2631
2632 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2633 if (s->signal_fd < 0) {
2634 log_error("signalfd(): %m");
2635 return -errno;
2636 }
2637
2638 zero(ev);
2639 ev.events = EPOLLIN;
2640 ev.data.fd = s->signal_fd;
2641
2642 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2643 log_error("epoll_ctl(): %m");
2644 return -errno;
2645 }
2646
2647 return 0;
2648}
2649
effb1102
LP		 2650static int server_parse_proc_cmdline(Server *s) {
2651 char *line, *w, *state;
2652 int r;
2653 size_t l;
2654
2655 if (detect_container(NULL) > 0)
2656 return 0;
2657
2658 r = read_one_line_file("/proc/cmdline", &line);
2659 if (r < 0) {
2660 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2661 return 0;
2662 }
2663
2664 FOREACH_WORD_QUOTED(w, l, line, state) {
2665 char *word;
2666
2667 word = strndup(w, l);
2668 if (!word) {
2669 r = -ENOMEM;
2670 goto finish;
2671 }
2672
c66e7bc7 2673 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
effb1102
LP		 2674 r = parse_boolean(word + 35);
2675 if (r < 0)
2676 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2677 else
2678 s->forward_to_syslog = r;
c66e7bc7 2679 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
effb1102
LP		 2680 r = parse_boolean(word + 33);
2681 if (r < 0)
2682 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2683 else
2684 s->forward_to_kmsg = r;
c66e7bc7 2685 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
effb1102
LP		 2686 r = parse_boolean(word + 36);
2687 if (r < 0)
2688 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2689 else
2690 s->forward_to_console = r;
66a78c2b
LP		 2691 } else if (startswith(word, "systemd.journald"))
2692 log_warning("Invalid systemd.journald parameter. Ignoring.");
effb1102
LP		 2693
2694 free(word);
2695 }
2696
2697 r = 0;
2698
2699finish:
2700 free(line);
2701 return r;
2702}
2703
e6960940
LP		 2704static int server_parse_config_file(Server *s) {
2705 FILE *f;
2706 const char *fn;
2707 int r;
2708
2709 assert(s);
2710
18b754d3 2711 fn = "/etc/systemd/journald.conf";
e6960940
LP		 2712 f = fopen(fn, "re");
2713 if (!f) {
2714 if (errno == ENOENT)
2715 return 0;
2716
2717 log_warning("Failed to open configuration file %s: %m", fn);
2718 return -errno;
2719 }
2720
2721 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2722 if (r < 0)
2723 log_warning("Failed to parse configuration file: %s", strerror(-r));
2724
2725 fclose(f);
2726
2727 return r;
2728}
2729
fe652127
LP		 2730static int server_init(Server *s) {
2731 int n, r, fd;
7f3e6257
LP		 2732
2733 assert(s);
2734
2735 zero(*s);
6c1e6b98 2736 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
807e17f0 2737 s->compress = true;
7f3e6257 2738
e6960940
LP		 2739 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2740 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2741
224f2ee2
LP		 2742 s->forward_to_syslog = true;
2743
213ba152
LP		 2744 s->max_level_store = LOG_DEBUG;
2745 s->max_level_syslog = LOG_DEBUG;
2746 s->max_level_kmsg = LOG_NOTICE;
2747 s->max_level_console = LOG_INFO;
2748
babfc091
LP		 2749 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2750 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2751
e6960940 2752 server_parse_config_file(s);
effb1102 2753 server_parse_proc_cmdline(s);
e6960940 2754
fe652127
LP		 2755 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2756 if (!s->user_journals) {
2757 log_error("Out of memory.");
2758 return -ENOMEM;
2759 }
2760
7f3e6257
LP		 2761 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2762 if (s->epoll_fd < 0) {
2763 log_error("Failed to create epoll object: %m");
2764 return -errno;
2765 }
2766
2767 n = sd_listen_fds(true);
2768 if (n < 0) {
2769 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2770 return n;
2771 }
2772
2773 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2774
259d2e76 2775 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
7f3e6257 2776
fe652127
LP		 2777 if (s->native_fd >= 0) {
2778 log_error("Too many native sockets passed.");
7f3e6257
LP		 2779 return -EINVAL;
2780 }
2781
fe652127 2782 s->native_fd = fd;
7f3e6257 2783
259d2e76 2784 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
7f3e6257 2785
fe652127
LP		 2786 if (s->stdout_fd >= 0) {
2787 log_error("Too many stdout sockets passed.");
7f3e6257
LP		 2788 return -EINVAL;
2789 }
2790
fe652127
LP		 2791 s->stdout_fd = fd;
2792
2793 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2794
2795 if (s->syslog_fd >= 0) {
2796 log_error("Too many /dev/log sockets passed.");
2797 return -EINVAL;
2798 }
2799
2800 s->syslog_fd = fd;
2801
7f3e6257
LP		 2802 } else {
2803 log_error("Unknown socket passed.");
2804 return -EINVAL;
2805 }
2806 }
2807
2808 r = open_syslog_socket(s);
2809 if (r < 0)
2810 return r;
2811
7f3e6257
LP		 2812 r = open_native_socket(s);
2813 if (r < 0)
2814 return r;
2815
fe652127
LP		 2816 r = open_stdout_socket(s);
2817 if (r < 0)
2818 return r;
87d2c1ff 2819
6c1e6b98
LP		 2820 r = open_proc_kmsg(s);
2821 if (r < 0)
2822 return r;
2823
fe652127
LP		 2824 r = open_signalfd(s);
2825 if (r < 0)
2826 return r;
87d2c1ff 2827
e6960940 2828 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
6e409ce1
LP		 2829 if (!s->rate_limit)
2830 return -ENOMEM;
2831
9447a7f1
LP		 2832 r = system_journal_open(s);
2833 if (r < 0)
2834 return r;
2835
87d2c1ff
LP		 2836 return 0;
2837}
2838
2839static void server_done(Server *s) {
2840 JournalFile *f;
2841 assert(s);
2842
fe652127
LP		 2843 while (s->stdout_streams)
2844 stdout_stream_free(s->stdout_streams);
2845
87d2c1ff
LP		 2846 if (s->system_journal)
2847 journal_file_close(s->system_journal);
2848
f4b47811
LP		 2849 if (s->runtime_journal)
2850 journal_file_close(s->runtime_journal);
2851
87d2c1ff
LP		 2852 while ((f = hashmap_steal_first(s->user_journals)))
2853 journal_file_close(f);
2854
2855 hashmap_free(s->user_journals);
2856
2857 if (s->epoll_fd >= 0)
2858 close_nointr_nofail(s->epoll_fd);
2859
2860 if (s->signal_fd >= 0)
2861 close_nointr_nofail(s->signal_fd);
2862
2863 if (s->syslog_fd >= 0)
2864 close_nointr_nofail(s->syslog_fd);
7f3e6257
LP		 2865
2866 if (s->native_fd >= 0)
2867 close_nointr_nofail(s->native_fd);
fe652127
LP		 2868
2869 if (s->stdout_fd >= 0)
2870 close_nointr_nofail(s->stdout_fd);
6e409ce1 2871
6c1e6b98
LP		 2872 if (s->proc_kmsg_fd >= 0)
2873 close_nointr_nofail(s->proc_kmsg_fd);
2874
6e409ce1
LP		 2875 if (s->rate_limit)
2876 journal_rate_limit_free(s->rate_limit);
783d2675
LP		 2877
2878 free(s->buffer);
0d9243f0 2879 free(s->tty_path);
87d2c1ff
LP		 2880}
2881
2882int main(int argc, char *argv[]) {
2883 Server server;
2884 int r;
2885
2886 /* if (getppid() != 1) { */
2887 /* log_error("This program should be invoked by init only."); */
2888 /* return EXIT_FAILURE; */
2889 /* } */
2890
2891 if (argc > 1) {
2892 log_error("This program does not take arguments.");
2893 return EXIT_FAILURE;
2894 }
2895
a6903061 2896 log_set_target(LOG_TARGET_SAFE);
3eff4208 2897 log_set_facility(LOG_SYSLOG);
87d2c1ff
LP		 2898 log_parse_environment();
2899 log_open();
2900
2901 umask(0022);
2902
2903 r = server_init(&server);
2904 if (r < 0)
2905 goto finish;
2906
e6960940
LP		 2907 server_vacuum(&server);
2908 server_flush_to_var(&server);
6c1e6b98 2909 server_flush_proc_kmsg(&server);
e6960940 2910
87d2c1ff 2911 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
224f2ee2 2912 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
87d2c1ff
LP		 2913
2914 sd_notify(false,
2915 "READY=1\n"
fe652127 2916 "STATUS=Processing requests...");
50f20cfd 2917
87d2c1ff
LP		 2918 for (;;) {
2919 struct epoll_event event;
2920
2921 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2922 if (r < 0) {
2923
2924 if (errno == EINTR)
2925 continue;
2926
2927 log_error("epoll_wait() failed: %m");
2928 r = -errno;
2929 goto finish;
2930 } else if (r == 0)
2931 break;
2932
2933 r = process_event(&server, &event);
2934 if (r < 0)
2935 goto finish;
2936 else if (r == 0)
2937 break;
2938 }
2939
fe652127 2940 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
224f2ee2 2941 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
fe652127 2942
87d2c1ff
LP		 2943finish:
2944 sd_notify(false,
2945 "STATUS=Shutting down...");
2946
2947 server_done(&server);
2948
2949 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
2950}
Unnamed repository; edit this file 'description' to name the repository.