1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
35 #include <sys/inotify.h>
38 #include "sd-journal.h"
42 #include "logs-show.h"
45 #include "path-util.h"
52 #include "journal-internal.h"
53 #include "journal-def.h"
54 #include "journal-verify.h"
55 #include "journal-qrcode.h"
56 #include "journal-vacuum.h"
58 #include "unit-name.h"
62 #include "bus-error.h"
63 #include "terminal-util.h"
64 #include "hostname-util.h"
66 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
69 /* Special values for arg_lines */
70 ARG_LINES_DEFAULT
= -2,
74 static OutputMode arg_output
= OUTPUT_SHORT
;
75 static bool arg_utc
= false;
76 static bool arg_pager_end
= false;
77 static bool arg_follow
= false;
78 static bool arg_full
= true;
79 static bool arg_all
= false;
80 static bool arg_no_pager
= false;
81 static int arg_lines
= ARG_LINES_DEFAULT
;
82 static bool arg_no_tail
= false;
83 static bool arg_quiet
= false;
84 static bool arg_merge
= false;
85 static bool arg_boot
= false;
86 static sd_id128_t arg_boot_id
= {};
87 static int arg_boot_offset
= 0;
88 static bool arg_dmesg
= false;
89 static const char *arg_cursor
= NULL
;
90 static const char *arg_after_cursor
= NULL
;
91 static bool arg_show_cursor
= false;
92 static const char *arg_directory
= NULL
;
93 static char **arg_file
= NULL
;
94 static int arg_priorities
= 0xFF;
95 static const char *arg_verify_key
= NULL
;
97 static usec_t arg_interval
= DEFAULT_FSS_INTERVAL_USEC
;
98 static bool arg_force
= false;
100 static usec_t arg_since
, arg_until
;
101 static bool arg_since_set
= false, arg_until_set
= false;
102 static char **arg_syslog_identifier
= NULL
;
103 static char **arg_system_units
= NULL
;
104 static char **arg_user_units
= NULL
;
105 static const char *arg_field
= NULL
;
106 static bool arg_catalog
= false;
107 static bool arg_reverse
= false;
108 static int arg_journal_type
= 0;
109 static const char *arg_root
= NULL
;
110 static const char *arg_machine
= NULL
;
111 static off_t arg_vacuum_size
= (off_t
) -1;
112 static usec_t arg_vacuum_time
= USEC_INFINITY
;
123 ACTION_UPDATE_CATALOG
,
127 } arg_action
= ACTION_SHOW
;
129 typedef struct boot_id_t
{
133 LIST_FIELDS(struct boot_id_t
, boot_list
);
136 static void pager_open_if_enabled(void) {
141 pager_open(arg_pager_end
);
144 static char *format_timestamp_maybe_utc(char *buf
, size_t l
, usec_t t
) {
147 return format_timestamp_utc(buf
, l
, t
);
149 return format_timestamp(buf
, l
, t
);
152 static int parse_boot_descriptor(const char *x
, sd_id128_t
*boot_id
, int *offset
) {
153 sd_id128_t id
= SD_ID128_NULL
;
156 if (strlen(x
) >= 32) {
160 r
= sd_id128_from_string(t
, &id
);
164 if (*x
!= '-' && *x
!= '+' && *x
!= 0)
168 r
= safe_atoi(x
, &off
);
173 r
= safe_atoi(x
, &off
);
187 static void help(void) {
189 pager_open_if_enabled();
191 printf("%s [OPTIONS...] [MATCHES...]\n\n"
192 "Query the journal.\n\n"
194 " --system Show the system journal\n"
195 " --user Show the user journal for the current user\n"
196 " -M --machine=CONTAINER Operate on local container\n"
197 " --since=DATE Show entries not older than the specified date\n"
198 " --until=DATE Show entries not newer than the specified date\n"
199 " -c --cursor=CURSOR Show entries starting at the specified cursor\n"
200 " --after-cursor=CURSOR Show entries after the specified cursor\n"
201 " --show-cursor Print the cursor after all the entries\n"
202 " -b --boot[=ID] Show current boot or the specified boot\n"
203 " --list-boots Show terse information about recorded boots\n"
204 " -k --dmesg Show kernel message log from the current boot\n"
205 " -u --unit=UNIT Show logs from the specified unit\n"
206 " --user-unit=UNIT Show logs from the specified user unit\n"
207 " -t --identifier=STRING Show entries with the specified syslog identifier\n"
208 " -p --priority=RANGE Show entries with the specified priority\n"
209 " -e --pager-end Immediately jump to the end in the pager\n"
210 " -f --follow Follow the journal\n"
211 " -n --lines[=INTEGER] Number of journal entries to show\n"
212 " --no-tail Show all lines, even in follow mode\n"
213 " -r --reverse Show the newest entries first\n"
214 " -o --output=STRING Change journal output mode (short, short-iso,\n"
215 " short-precise, short-monotonic, verbose,\n"
216 " export, json, json-pretty, json-sse, cat)\n"
217 " --utc Express time in Coordinated Universal Time (UTC)\n"
218 " -x --catalog Add message explanations where available\n"
219 " --no-full Ellipsize fields\n"
220 " -a --all Show all fields, including long and unprintable\n"
221 " -q --quiet Do not show privilege warning\n"
222 " --no-pager Do not pipe output into a pager\n"
223 " -m --merge Show entries from all available journals\n"
224 " -D --directory=PATH Show journal files from directory\n"
225 " --file=PATH Show journal file\n"
226 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
228 " --interval=TIME Time interval for changing the FSS sealing key\n"
229 " --verify-key=KEY Specify FSS verification key\n"
230 " --force Override of the FSS key pair with --setup-keys\n"
233 " -h --help Show this help text\n"
234 " --version Show package version\n"
235 " -F --field=FIELD List all values that a specified field takes\n"
236 " --new-id128 Generate a new 128-bit ID\n"
237 " --disk-usage Show total disk usage of all journal files\n"
238 " --vacuum-size=BYTES Reduce disk usage below specified size\n"
239 " --vacuum-time=TIME Remove journal files older than specified date\n"
240 " --flush Flush all journal data from /run into /var\n"
241 " --header Show journal header information\n"
242 " --list-catalog Show all message IDs in the catalog\n"
243 " --dump-catalog Show entries in the message catalog\n"
244 " --update-catalog Update the message catalog database\n"
246 " --setup-keys Generate a new FSS key pair\n"
247 " --verify Verify journal file consistency\n"
249 , program_invocation_short_name
);
252 static int parse_argv(int argc
, char *argv
[]) {
286 static const struct option options
[] = {
287 { "help", no_argument
, NULL
, 'h' },
288 { "version" , no_argument
, NULL
, ARG_VERSION
},
289 { "no-pager", no_argument
, NULL
, ARG_NO_PAGER
},
290 { "pager-end", no_argument
, NULL
, 'e' },
291 { "follow", no_argument
, NULL
, 'f' },
292 { "force", no_argument
, NULL
, ARG_FORCE
},
293 { "output", required_argument
, NULL
, 'o' },
294 { "all", no_argument
, NULL
, 'a' },
295 { "full", no_argument
, NULL
, 'l' },
296 { "no-full", no_argument
, NULL
, ARG_NO_FULL
},
297 { "lines", optional_argument
, NULL
, 'n' },
298 { "no-tail", no_argument
, NULL
, ARG_NO_TAIL
},
299 { "new-id128", no_argument
, NULL
, ARG_NEW_ID128
},
300 { "quiet", no_argument
, NULL
, 'q' },
301 { "merge", no_argument
, NULL
, 'm' },
302 { "boot", optional_argument
, NULL
, 'b' },
303 { "list-boots", no_argument
, NULL
, ARG_LIST_BOOTS
},
304 { "this-boot", optional_argument
, NULL
, 'b' }, /* deprecated */
305 { "dmesg", no_argument
, NULL
, 'k' },
306 { "system", no_argument
, NULL
, ARG_SYSTEM
},
307 { "user", no_argument
, NULL
, ARG_USER
},
308 { "directory", required_argument
, NULL
, 'D' },
309 { "file", required_argument
, NULL
, ARG_FILE
},
310 { "root", required_argument
, NULL
, ARG_ROOT
},
311 { "header", no_argument
, NULL
, ARG_HEADER
},
312 { "identifier", required_argument
, NULL
, 't' },
313 { "priority", required_argument
, NULL
, 'p' },
314 { "setup-keys", no_argument
, NULL
, ARG_SETUP_KEYS
},
315 { "interval", required_argument
, NULL
, ARG_INTERVAL
},
316 { "verify", no_argument
, NULL
, ARG_VERIFY
},
317 { "verify-key", required_argument
, NULL
, ARG_VERIFY_KEY
},
318 { "disk-usage", no_argument
, NULL
, ARG_DISK_USAGE
},
319 { "cursor", required_argument
, NULL
, 'c' },
320 { "after-cursor", required_argument
, NULL
, ARG_AFTER_CURSOR
},
321 { "show-cursor", no_argument
, NULL
, ARG_SHOW_CURSOR
},
322 { "since", required_argument
, NULL
, ARG_SINCE
},
323 { "until", required_argument
, NULL
, ARG_UNTIL
},
324 { "unit", required_argument
, NULL
, 'u' },
325 { "user-unit", required_argument
, NULL
, ARG_USER_UNIT
},
326 { "field", required_argument
, NULL
, 'F' },
327 { "catalog", no_argument
, NULL
, 'x' },
328 { "list-catalog", no_argument
, NULL
, ARG_LIST_CATALOG
},
329 { "dump-catalog", no_argument
, NULL
, ARG_DUMP_CATALOG
},
330 { "update-catalog", no_argument
, NULL
, ARG_UPDATE_CATALOG
},
331 { "reverse", no_argument
, NULL
, 'r' },
332 { "machine", required_argument
, NULL
, 'M' },
333 { "utc", no_argument
, NULL
, ARG_UTC
},
334 { "flush", no_argument
, NULL
, ARG_FLUSH
},
335 { "vacuum-size", required_argument
, NULL
, ARG_VACUUM_SIZE
},
336 { "vacuum-time", required_argument
, NULL
, ARG_VACUUM_TIME
},
345 while ((c
= getopt_long(argc
, argv
, "hefo:aln::qmb::kD:p:c:t:u:F:xrM:", options
, NULL
)) >= 0)
354 puts(PACKAGE_STRING
);
355 puts(SYSTEMD_FEATURES
);
363 arg_pager_end
= true;
365 if (arg_lines
== ARG_LINES_DEFAULT
)
375 arg_output
= output_mode_from_string(optarg
);
376 if (arg_output
< 0) {
377 log_error("Unknown output format '%s'.", optarg
);
381 if (arg_output
== OUTPUT_EXPORT
||
382 arg_output
== OUTPUT_JSON
||
383 arg_output
== OUTPUT_JSON_PRETTY
||
384 arg_output
== OUTPUT_JSON_SSE
||
385 arg_output
== OUTPUT_CAT
)
404 if (streq(optarg
, "all"))
405 arg_lines
= ARG_LINES_ALL
;
407 r
= safe_atoi(optarg
, &arg_lines
);
408 if (r
< 0 || arg_lines
< 0) {
409 log_error("Failed to parse lines '%s'", optarg
);
416 /* Hmm, no argument? Maybe the next
417 * word on the command line is
418 * supposed to be the argument? Let's
419 * see if there is one, and is
423 if (streq(argv
[optind
], "all")) {
424 arg_lines
= ARG_LINES_ALL
;
426 } else if (safe_atoi(argv
[optind
], &n
) >= 0 && n
>= 0) {
440 arg_action
= ACTION_NEW_ID128
;
455 r
= parse_boot_descriptor(optarg
, &arg_boot_id
, &arg_boot_offset
);
457 log_error("Failed to parse boot descriptor '%s'", optarg
);
462 /* Hmm, no argument? Maybe the next
463 * word on the command line is
464 * supposed to be the argument? Let's
465 * see if there is one and is parsable
466 * as a boot descriptor... */
469 parse_boot_descriptor(argv
[optind
], &arg_boot_id
, &arg_boot_offset
) >= 0)
476 arg_action
= ACTION_LIST_BOOTS
;
480 arg_boot
= arg_dmesg
= true;
484 arg_journal_type
|= SD_JOURNAL_SYSTEM
;
488 arg_journal_type
|= SD_JOURNAL_CURRENT_USER
;
492 arg_machine
= optarg
;
496 arg_directory
= optarg
;
500 r
= glob_extend(&arg_file
, optarg
);
502 return log_error_errno(r
, "Failed to add paths: %m");
513 case ARG_AFTER_CURSOR
:
514 arg_after_cursor
= optarg
;
517 case ARG_SHOW_CURSOR
:
518 arg_show_cursor
= true;
522 arg_action
= ACTION_PRINT_HEADER
;
526 arg_action
= ACTION_VERIFY
;
530 arg_action
= ACTION_DISK_USAGE
;
533 case ARG_VACUUM_SIZE
:
534 r
= parse_size(optarg
, 1024, &arg_vacuum_size
);
536 log_error("Failed to parse vacuum size: %s", optarg
);
540 arg_action
= ACTION_VACUUM
;
543 case ARG_VACUUM_TIME
:
544 r
= parse_sec(optarg
, &arg_vacuum_time
);
546 log_error("Failed to parse vacuum time: %s", optarg
);
550 arg_action
= ACTION_VACUUM
;
559 arg_action
= ACTION_SETUP_KEYS
;
564 arg_action
= ACTION_VERIFY
;
565 arg_verify_key
= optarg
;
570 r
= parse_sec(optarg
, &arg_interval
);
571 if (r
< 0 || arg_interval
<= 0) {
572 log_error("Failed to parse sealing key change interval: %s", optarg
);
581 log_error("Forward-secure sealing not available.");
588 dots
= strstr(optarg
, "..");
594 a
= strndup(optarg
, dots
- optarg
);
598 from
= log_level_from_string(a
);
599 to
= log_level_from_string(dots
+ 2);
602 if (from
< 0 || to
< 0) {
603 log_error("Failed to parse log level range %s", optarg
);
610 for (i
= from
; i
<= to
; i
++)
611 arg_priorities
|= 1 << i
;
613 for (i
= to
; i
<= from
; i
++)
614 arg_priorities
|= 1 << i
;
620 p
= log_level_from_string(optarg
);
622 log_error("Unknown log level %s", optarg
);
628 for (i
= 0; i
<= p
; i
++)
629 arg_priorities
|= 1 << i
;
636 r
= parse_timestamp(optarg
, &arg_since
);
638 log_error("Failed to parse timestamp: %s", optarg
);
641 arg_since_set
= true;
645 r
= parse_timestamp(optarg
, &arg_until
);
647 log_error("Failed to parse timestamp: %s", optarg
);
650 arg_until_set
= true;
654 r
= strv_extend(&arg_syslog_identifier
, optarg
);
660 r
= strv_extend(&arg_system_units
, optarg
);
666 r
= strv_extend(&arg_user_units
, optarg
);
679 case ARG_LIST_CATALOG
:
680 arg_action
= ACTION_LIST_CATALOG
;
683 case ARG_DUMP_CATALOG
:
684 arg_action
= ACTION_DUMP_CATALOG
;
687 case ARG_UPDATE_CATALOG
:
688 arg_action
= ACTION_UPDATE_CATALOG
;
700 arg_action
= ACTION_FLUSH
;
707 assert_not_reached("Unhandled option");
710 if (arg_follow
&& !arg_no_tail
&& !arg_since
&& arg_lines
== ARG_LINES_DEFAULT
)
713 if (!!arg_directory
+ !!arg_file
+ !!arg_machine
> 1) {
714 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
718 if (arg_since_set
&& arg_until_set
&& arg_since
> arg_until
) {
719 log_error("--since= must be before --until=.");
723 if (!!arg_cursor
+ !!arg_after_cursor
+ !!arg_since_set
> 1) {
724 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
728 if (arg_follow
&& arg_reverse
) {
729 log_error("Please specify either --reverse= or --follow=, not both.");
733 if (arg_action
!= ACTION_SHOW
&& optind
< argc
) {
734 log_error("Extraneous arguments starting with '%s'", argv
[optind
]);
738 if ((arg_boot
|| arg_action
== ACTION_LIST_BOOTS
) && (arg_file
|| arg_directory
|| arg_merge
)) {
739 log_error("Using --boot or --list-boots with --file, --directory or --merge is not supported.");
746 static int generate_new_id128(void) {
751 r
= sd_id128_randomize(&id
);
753 return log_error_errno(r
, "Failed to generate ID: %m");
755 printf("As string:\n"
756 SD_ID128_FORMAT_STR
"\n\n"
758 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
760 "#define MESSAGE_XYZ SD_ID128_MAKE(",
761 SD_ID128_FORMAT_VAL(id
),
762 SD_ID128_FORMAT_VAL(id
));
763 for (i
= 0; i
< 16; i
++)
764 printf("%02x%s", id
.bytes
[i
], i
!= 15 ? "," : "");
765 fputs(")\n\n", stdout
);
767 printf("As Python constant:\n"
769 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR
"')\n",
770 SD_ID128_FORMAT_VAL(id
));
775 static int add_matches(sd_journal
*j
, char **args
) {
777 bool have_term
= false;
781 STRV_FOREACH(i
, args
) {
784 if (streq(*i
, "+")) {
787 r
= sd_journal_add_disjunction(j
);
790 } else if (path_is_absolute(*i
)) {
791 _cleanup_free_
char *p
, *t
= NULL
, *t2
= NULL
;
793 _cleanup_free_
char *interpreter
= NULL
;
796 p
= canonicalize_file_name(*i
);
799 if (stat(path
, &st
) < 0)
800 return log_error_errno(errno
, "Couldn't stat file: %m");
802 if (S_ISREG(st
.st_mode
) && (0111 & st
.st_mode
)) {
803 if (executable_is_script(path
, &interpreter
) > 0) {
804 _cleanup_free_
char *comm
;
806 comm
= strndup(basename(path
), 15);
810 t
= strappend("_COMM=", comm
);
812 /* Append _EXE only if the interpreter is not a link.
813 Otherwise, it might be outdated often. */
814 if (lstat(interpreter
, &st
) == 0 &&
815 !S_ISLNK(st
.st_mode
)) {
816 t2
= strappend("_EXE=", interpreter
);
821 t
= strappend("_EXE=", path
);
822 } else if (S_ISCHR(st
.st_mode
)) {
823 if (asprintf(&t
, "_KERNEL_DEVICE=c%u:%u",
825 minor(st
.st_rdev
)) < 0)
827 } else if (S_ISBLK(st
.st_mode
)) {
828 if (asprintf(&t
, "_KERNEL_DEVICE=b%u:%u",
830 minor(st
.st_rdev
)) < 0)
833 log_error("File is neither a device node, nor regular file, nor executable: %s", *i
);
840 r
= sd_journal_add_match(j
, t
, 0);
842 r
= sd_journal_add_match(j
, t2
, 0);
846 r
= sd_journal_add_match(j
, *i
, 0);
851 return log_error_errno(r
, "Failed to add match '%s': %m", *i
);
854 if (!strv_isempty(args
) && !have_term
) {
855 log_error("\"+\" can only be used between terms");
862 static int discover_next_boot(sd_journal
*j
,
865 bool read_realtime
) {
867 char match
[9+32+1] = "_BOOT_ID=";
868 _cleanup_free_ boot_id_t
*next_boot
= NULL
;
873 /* We expect the journal to be on the last position of a boot
874 * (in relation to the direction we are going), so that the next
875 * invocation of sd_journal_next/previous will be from a different
876 * boot. We then collect any information we desire and then jump
877 * to the last location of the new boot by using a _BOOT_ID match
878 * coming from the other journal direction. */
880 /* Make sure we aren't restricted by any _BOOT_ID matches, so that
881 * we can actually advance to a *different* boot. */
882 sd_journal_flush_matches(j
);
885 r
= sd_journal_previous(j
);
887 r
= sd_journal_next(j
);
891 return 0; /* End of journal, yay. */
893 next_boot
= new0(boot_id_t
, 1);
897 r
= sd_journal_get_monotonic_usec(j
, NULL
, &next_boot
->id
);
902 r
= sd_journal_get_realtime_usec(j
, &next_boot
->first
);
907 /* Now seek to the last occurrence of this boot ID. */
908 sd_id128_to_string(next_boot
->id
, match
+ 9);
909 r
= sd_journal_add_match(j
, match
, sizeof(match
) - 1);
914 r
= sd_journal_seek_head(j
);
916 r
= sd_journal_seek_tail(j
);
921 r
= sd_journal_next(j
);
923 r
= sd_journal_previous(j
);
927 return -ENODATA
; /* This shouldn't happen. We just came from this very boot ID. */
930 r
= sd_journal_get_realtime_usec(j
, &next_boot
->last
);
940 static int get_boots(sd_journal
*j
,
942 boot_id_t
*query_ref_boot
,
943 int ref_boot_offset
) {
946 boot_id_t
*head
= NULL
, *tail
= NULL
;
947 const bool advance_older
= query_ref_boot
&& ref_boot_offset
<= 0;
951 /* Adjust for the asymmetry that offset 0 is
952 * the last (and current) boot, while 1 is considered the
953 * (chronological) first boot in the journal. */
954 skip_once
= query_ref_boot
&& sd_id128_is_null(query_ref_boot
->id
) && ref_boot_offset
< 0;
956 /* Advance to the earliest/latest occurrence of our reference
957 * boot ID (taking our lookup direction into account), so that
958 * discover_next_boot() can do its job.
959 * If no reference is given, the journal head/tail will do,
960 * they're "virtual" boots after all. */
961 if (query_ref_boot
&& !sd_id128_is_null(query_ref_boot
->id
)) {
962 char match
[9+32+1] = "_BOOT_ID=";
964 sd_journal_flush_matches(j
);
966 sd_id128_to_string(query_ref_boot
->id
, match
+ 9);
967 r
= sd_journal_add_match(j
, match
, sizeof(match
) - 1);
972 r
= sd_journal_seek_head(j
);
974 r
= sd_journal_seek_tail(j
);
979 r
= sd_journal_next(j
);
981 r
= sd_journal_previous(j
);
986 else if (ref_boot_offset
== 0) {
992 r
= sd_journal_seek_tail(j
);
994 r
= sd_journal_seek_head(j
);
998 /* No sd_journal_next/previous here. */
1002 _cleanup_free_ boot_id_t
*current
= NULL
;
1004 r
= discover_next_boot(j
, ¤t
, advance_older
, !query_ref_boot
);
1006 boot_id_t
*id
, *id_next
;
1007 LIST_FOREACH_SAFE(boot_list
, id
, id_next
, head
)
1015 if (query_ref_boot
) {
1017 ref_boot_offset
+= advance_older
? 1 : -1;
1020 if (ref_boot_offset
== 0) {
1022 query_ref_boot
->id
= current
->id
;
1026 LIST_INSERT_AFTER(boot_list
, head
, tail
, current
);
1037 sd_journal_flush_matches(j
);
1042 static int list_boots(sd_journal
*j
) {
1044 boot_id_t
*id
, *id_next
, *all_ids
;
1048 count
= get_boots(j
, &all_ids
, NULL
, 0);
1052 pager_open_if_enabled();
1054 /* numbers are one less, but we need an extra char for the sign */
1055 w
= DECIMAL_STR_WIDTH(count
- 1) + 1;
1058 LIST_FOREACH_SAFE(boot_list
, id
, id_next
, all_ids
) {
1059 char a
[FORMAT_TIMESTAMP_MAX
], b
[FORMAT_TIMESTAMP_MAX
];
1061 printf("% *i " SD_ID128_FORMAT_STR
" %s—%s\n",
1063 SD_ID128_FORMAT_VAL(id
->id
),
1064 format_timestamp_maybe_utc(a
, sizeof(a
), id
->first
),
1065 format_timestamp_maybe_utc(b
, sizeof(b
), id
->last
));
1073 static int add_boot(sd_journal
*j
) {
1074 char match
[9+32+1] = "_BOOT_ID=";
1076 boot_id_t ref_boot_id
= {};
1083 if (arg_boot_offset
== 0 && sd_id128_equal(arg_boot_id
, SD_ID128_NULL
))
1084 return add_match_this_boot(j
, arg_machine
);
1086 ref_boot_id
.id
= arg_boot_id
;
1087 r
= get_boots(j
, NULL
, &ref_boot_id
, arg_boot_offset
);
1090 const char *reason
= (r
== 0) ? "No such boot ID in journal" : strerror(-r
);
1092 if (sd_id128_is_null(arg_boot_id
))
1093 log_error("Failed to look up boot %+i: %s", arg_boot_offset
, reason
);
1095 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR
"%+i: %s",
1096 SD_ID128_FORMAT_VAL(arg_boot_id
), arg_boot_offset
, reason
);
1098 return r
== 0 ? -ENODATA
: r
;
1101 sd_id128_to_string(ref_boot_id
.id
, match
+ 9);
1103 r
= sd_journal_add_match(j
, match
, sizeof(match
) - 1);
1105 return log_error_errno(r
, "Failed to add match: %m");
1107 r
= sd_journal_add_conjunction(j
);
1114 static int add_dmesg(sd_journal
*j
) {
1121 r
= sd_journal_add_match(j
, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
1123 return log_error_errno(r
, "Failed to add match: %m");
1125 r
= sd_journal_add_conjunction(j
);
1132 static int get_possible_units(sd_journal
*j
,
1136 _cleanup_set_free_free_ Set
*found
;
1140 found
= set_new(&string_hash_ops
);
1144 NULSTR_FOREACH(field
, fields
) {
1148 r
= sd_journal_query_unique(j
, field
);
1152 SD_JOURNAL_FOREACH_UNIQUE(j
, data
, size
) {
1153 char **pattern
, *eq
;
1155 _cleanup_free_
char *u
= NULL
;
1157 eq
= memchr(data
, '=', size
);
1159 prefix
= eq
- (char*) data
+ 1;
1163 u
= strndup((char*) data
+ prefix
, size
- prefix
);
1167 STRV_FOREACH(pattern
, patterns
)
1168 if (fnmatch(*pattern
, u
, FNM_NOESCAPE
) == 0) {
1169 log_debug("Matched %s with pattern %s=%s", u
, field
, *pattern
);
1171 r
= set_consume(found
, u
);
1173 if (r
< 0 && r
!= -EEXIST
)
1186 /* This list is supposed to return the superset of unit names
1187 * possibly matched by rules added with add_matches_for_unit... */
1188 #define SYSTEM_UNITS \
1192 "OBJECT_SYSTEMD_UNIT\0" \
1195 /* ... and add_matches_for_user_unit */
1196 #define USER_UNITS \
1197 "_SYSTEMD_USER_UNIT\0" \
1199 "COREDUMP_USER_UNIT\0" \
1200 "OBJECT_SYSTEMD_USER_UNIT\0"
1202 static int add_units(sd_journal
*j
) {
1203 _cleanup_strv_free_
char **patterns
= NULL
;
1209 STRV_FOREACH(i
, arg_system_units
) {
1210 _cleanup_free_
char *u
= NULL
;
1212 r
= unit_name_mangle(*i
, UNIT_NAME_GLOB
, &u
);
1216 if (string_is_glob(u
)) {
1217 r
= strv_push(&patterns
, u
);
1222 r
= add_matches_for_unit(j
, u
);
1225 r
= sd_journal_add_disjunction(j
);
1232 if (!strv_isempty(patterns
)) {
1233 _cleanup_set_free_free_ Set
*units
= NULL
;
1237 r
= get_possible_units(j
, SYSTEM_UNITS
, patterns
, &units
);
1241 SET_FOREACH(u
, units
, it
) {
1242 r
= add_matches_for_unit(j
, u
);
1245 r
= sd_journal_add_disjunction(j
);
1252 strv_free(patterns
);
1255 STRV_FOREACH(i
, arg_user_units
) {
1256 _cleanup_free_
char *u
= NULL
;
1258 r
= unit_name_mangle(*i
, UNIT_NAME_GLOB
, &u
);
1262 if (string_is_glob(u
)) {
1263 r
= strv_push(&patterns
, u
);
1268 r
= add_matches_for_user_unit(j
, u
, getuid());
1271 r
= sd_journal_add_disjunction(j
);
1278 if (!strv_isempty(patterns
)) {
1279 _cleanup_set_free_free_ Set
*units
= NULL
;
1283 r
= get_possible_units(j
, USER_UNITS
, patterns
, &units
);
1287 SET_FOREACH(u
, units
, it
) {
1288 r
= add_matches_for_user_unit(j
, u
, getuid());
1291 r
= sd_journal_add_disjunction(j
);
1298 /* Complain if the user request matches but nothing whatsoever was
1299 * found, since otherwise everything would be matched. */
1300 if (!(strv_isempty(arg_system_units
) && strv_isempty(arg_user_units
)) && count
== 0)
1303 r
= sd_journal_add_conjunction(j
);
1310 static int add_priorities(sd_journal
*j
) {
1311 char match
[] = "PRIORITY=0";
1315 if (arg_priorities
== 0xFF)
1318 for (i
= LOG_EMERG
; i
<= LOG_DEBUG
; i
++)
1319 if (arg_priorities
& (1 << i
)) {
1320 match
[sizeof(match
)-2] = '0' + i
;
1322 r
= sd_journal_add_match(j
, match
, strlen(match
));
1324 return log_error_errno(r
, "Failed to add match: %m");
1327 r
= sd_journal_add_conjunction(j
);
1335 static int add_syslog_identifier(sd_journal
*j
) {
1341 STRV_FOREACH(i
, arg_syslog_identifier
) {
1344 u
= strjoina("SYSLOG_IDENTIFIER=", *i
);
1345 r
= sd_journal_add_match(j
, u
, 0);
1348 r
= sd_journal_add_disjunction(j
);
1353 r
= sd_journal_add_conjunction(j
);
1360 static int setup_keys(void) {
1362 size_t mpk_size
, seed_size
, state_size
, i
;
1363 uint8_t *mpk
, *seed
, *state
;
1365 sd_id128_t machine
, boot
;
1366 char *p
= NULL
, *k
= NULL
;
1371 r
= stat("/var/log/journal", &st
);
1372 if (r
< 0 && errno
!= ENOENT
&& errno
!= ENOTDIR
)
1373 return log_error_errno(errno
, "stat(\"%s\") failed: %m", "/var/log/journal");
1375 if (r
< 0 || !S_ISDIR(st
.st_mode
)) {
1376 log_error("%s is not a directory, must be using persistent logging for FSS.",
1377 "/var/log/journal");
1378 return r
< 0 ? -errno
: -ENOTDIR
;
1381 r
= sd_id128_get_machine(&machine
);
1383 return log_error_errno(r
, "Failed to get machine ID: %m");
1385 r
= sd_id128_get_boot(&boot
);
1387 return log_error_errno(r
, "Failed to get boot ID: %m");
1389 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/fss",
1390 SD_ID128_FORMAT_VAL(machine
)) < 0)
1395 if (r
< 0 && errno
!= ENOENT
) {
1396 r
= log_error_errno(errno
, "unlink(\"%s\") failed: %m", p
);
1399 } else if (access(p
, F_OK
) >= 0) {
1400 log_error("Sealing key file %s exists already. Use --force to recreate.", p
);
1405 if (asprintf(&k
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/fss.tmp.XXXXXX",
1406 SD_ID128_FORMAT_VAL(machine
)) < 0) {
1411 mpk_size
= FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR
);
1412 mpk
= alloca(mpk_size
);
1414 seed_size
= FSPRG_RECOMMENDED_SEEDLEN
;
1415 seed
= alloca(seed_size
);
1417 state_size
= FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR
);
1418 state
= alloca(state_size
);
1420 fd
= open("/dev/random", O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
1422 log_error_errno(errno
, "Failed to open /dev/random: %m");
1427 log_info("Generating seed...");
1428 r
= loop_read_exact(fd
, seed
, seed_size
, true);
1430 log_error_errno(r
, "Failed to read random seed: %m");
1434 log_info("Generating key pair...");
1435 FSPRG_GenMK(NULL
, mpk
, seed
, seed_size
, FSPRG_RECOMMENDED_SECPAR
);
1437 log_info("Generating sealing key...");
1438 FSPRG_GenState0(state
, mpk
, seed
, seed_size
);
1440 assert(arg_interval
> 0);
1442 n
= now(CLOCK_REALTIME
);
1446 fd
= mkostemp_safe(k
, O_WRONLY
|O_CLOEXEC
);
1448 log_error_errno(errno
, "Failed to open %s: %m", k
);
1453 /* Enable secure remove, exclusion from dump, synchronous
1454 * writing and in-place updating */
1455 r
= chattr_fd(fd
, FS_SECRM_FL
|FS_NODUMP_FL
|FS_SYNC_FL
|FS_NOCOW_FL
, FS_SECRM_FL
|FS_NODUMP_FL
|FS_SYNC_FL
|FS_NOCOW_FL
);
1457 log_warning_errno(errno
, "Failed to set file attributes: %m");
1460 memcpy(h
.signature
, "KSHHRHLP", 8);
1461 h
.machine_id
= machine
;
1463 h
.header_size
= htole64(sizeof(h
));
1464 h
.start_usec
= htole64(n
* arg_interval
);
1465 h
.interval_usec
= htole64(arg_interval
);
1466 h
.fsprg_secpar
= htole16(FSPRG_RECOMMENDED_SECPAR
);
1467 h
.fsprg_state_size
= htole64(state_size
);
1469 r
= loop_write(fd
, &h
, sizeof(h
), false);
1471 log_error_errno(r
, "Failed to write header: %m");
1475 r
= loop_write(fd
, state
, state_size
, false);
1477 log_error_errno(r
, "Failed to write state: %m");
1481 if (link(k
, p
) < 0) {
1482 log_error_errno(errno
, "Failed to link file: %m");
1490 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON
"secret sealing key" ANSI_HIGHLIGHT_OFF
" has been written to\n"
1491 "the following local file. This key file is automatically updated when the\n"
1492 "sealing key is advanced. It should not be used on multiple hosts.\n"
1496 "Please write down the following " ANSI_HIGHLIGHT_ON
"secret verification key" ANSI_HIGHLIGHT_OFF
". It should be stored\n"
1497 "at a safe location and should not be saved locally on disk.\n"
1498 "\n\t" ANSI_HIGHLIGHT_RED_ON
, p
);
1501 for (i
= 0; i
< seed_size
; i
++) {
1502 if (i
> 0 && i
% 3 == 0)
1504 printf("%02x", ((uint8_t*) seed
)[i
]);
1507 printf("/%llx-%llx\n", (unsigned long long) n
, (unsigned long long) arg_interval
);
1510 char tsb
[FORMAT_TIMESPAN_MAX
], *hn
;
1513 ANSI_HIGHLIGHT_OFF
"\n"
1514 "The sealing key is automatically changed every %s.\n",
1515 format_timespan(tsb
, sizeof(tsb
), arg_interval
, 0));
1517 hn
= gethostname_malloc();
1520 hostname_cleanup(hn
, false);
1521 fprintf(stderr
, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR
".\n", hn
, SD_ID128_FORMAT_VAL(machine
));
1523 fprintf(stderr
, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR
".\n", SD_ID128_FORMAT_VAL(machine
));
1525 #ifdef HAVE_QRENCODE
1526 /* If this is not an UTF-8 system don't print any QR codes */
1527 if (is_locale_utf8()) {
1528 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr
);
1529 print_qr_code(stderr
, seed
, seed_size
, n
, arg_interval
, hn
, machine
);
1549 log_error("Forward-secure sealing not available.");
1554 static int verify(sd_journal
*j
) {
1561 log_show_color(true);
1563 ORDERED_HASHMAP_FOREACH(f
, j
->files
, i
) {
1565 usec_t first
= 0, validated
= 0, last
= 0;
1568 if (!arg_verify_key
&& JOURNAL_HEADER_SEALED(f
->header
))
1569 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f
->path
);
1572 k
= journal_file_verify(f
, arg_verify_key
, &first
, &validated
, &last
, true);
1574 /* If the key was invalid give up right-away. */
1577 log_warning("FAIL: %s (%s)", f
->path
, strerror(-k
));
1580 char a
[FORMAT_TIMESTAMP_MAX
], b
[FORMAT_TIMESTAMP_MAX
], c
[FORMAT_TIMESPAN_MAX
];
1581 log_info("PASS: %s", f
->path
);
1583 if (arg_verify_key
&& JOURNAL_HEADER_SEALED(f
->header
)) {
1584 if (validated
> 0) {
1585 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1586 format_timestamp_maybe_utc(a
, sizeof(a
), first
),
1587 format_timestamp_maybe_utc(b
, sizeof(b
), validated
),
1588 format_timespan(c
, sizeof(c
), last
> validated
? last
- validated
: 0, 0));
1589 } else if (last
> 0)
1590 log_info("=> No sealing yet, %s of entries not sealed.",
1591 format_timespan(c
, sizeof(c
), last
- first
, 0));
1593 log_info("=> No sealing yet, no entries in file.");
1601 static int access_check_var_log_journal(sd_journal
*j
) {
1603 _cleanup_strv_free_
char **g
= NULL
;
1613 /* If we are root, we should have access, don't warn. */
1617 /* If we are in the 'systemd-journal' group, we should have
1619 r
= in_group("systemd-journal");
1621 return log_error_errno(r
, "Failed to check if we are in the 'systemd-journal' group: %m");
1626 if (laccess("/run/log/journal", F_OK
) >= 0)
1627 dir
= "/run/log/journal";
1629 dir
= "/var/log/journal";
1631 /* If we are in any of the groups listed in the journal ACLs,
1632 * then all is good, too. Let's enumerate all groups from the
1633 * default ACL of the directory, which generally should allow
1634 * access to most journal files too. */
1635 r
= acl_search_groups(dir
, &g
);
1637 return log_error_errno(r
, "Failed to search journal ACL: %m");
1641 /* Print a pretty list, if there were ACLs set. */
1642 if (!strv_isempty(g
)) {
1643 _cleanup_free_
char *s
= NULL
;
1645 /* Thre are groups in the ACL, let's list them */
1646 r
= strv_extend(&g
, "systemd-journal");
1653 s
= strv_join(g
, "', '");
1657 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1658 " Users in groups '%s' can see all messages.\n"
1659 " Pass -q to turn off this notice.", s
);
1664 /* If no ACLs were found, print a short version of the message. */
1665 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1666 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1667 " turn off this notice.");
1672 static int access_check(sd_journal
*j
) {
1679 if (set_isempty(j
->errors
)) {
1680 if (ordered_hashmap_isempty(j
->files
))
1681 log_notice("No journal files were found.");
1686 if (set_contains(j
->errors
, INT_TO_PTR(-EACCES
))) {
1687 (void) access_check_var_log_journal(j
);
1689 if (ordered_hashmap_isempty(j
->files
))
1690 r
= log_error_errno(EACCES
, "No journal files were opened due to insufficient permissions.");
1693 SET_FOREACH(code
, j
->errors
, it
) {
1696 err
= -PTR_TO_INT(code
);
1702 log_warning_errno(err
, "Error was encountered while opening journal files: %m");
1710 static int flush_to_var(void) {
1711 _cleanup_bus_error_free_ sd_bus_error error
= SD_BUS_ERROR_NULL
;
1712 _cleanup_bus_close_unref_ sd_bus
*bus
= NULL
;
1713 _cleanup_close_
int watch_fd
= -1;
1717 if (access("/run/systemd/journal/flushed", F_OK
) >= 0)
1720 /* OK, let's actually do the full logic, send SIGUSR1 to the
1721 * daemon and set up inotify to wait for the flushed file to appear */
1722 r
= bus_open_system_systemd(&bus
);
1724 return log_error_errno(r
, "Failed to get D-Bus connection: %m");
1726 r
= sd_bus_call_method(
1728 "org.freedesktop.systemd1",
1729 "/org/freedesktop/systemd1",
1730 "org.freedesktop.systemd1.Manager",
1734 "ssi", "systemd-journald.service", "main", SIGUSR1
);
1736 log_error("Failed to kill journal service: %s", bus_error_message(&error
, r
));
1740 mkdir_p("/run/systemd/journal", 0755);
1742 watch_fd
= inotify_init1(IN_NONBLOCK
|IN_CLOEXEC
);
1744 return log_error_errno(errno
, "Failed to create inotify watch: %m");
1746 r
= inotify_add_watch(watch_fd
, "/run/systemd/journal", IN_CREATE
|IN_DONT_FOLLOW
|IN_ONLYDIR
);
1748 return log_error_errno(errno
, "Failed to watch journal directory: %m");
1751 if (access("/run/systemd/journal/flushed", F_OK
) >= 0)
1754 if (errno
!= ENOENT
)
1755 return log_error_errno(errno
, "Failed to check for existence of /run/systemd/journal/flushed: %m");
1757 r
= fd_wait_for_event(watch_fd
, POLLIN
, USEC_INFINITY
);
1759 return log_error_errno(r
, "Failed to wait for event: %m");
1761 r
= flush_fd(watch_fd
);
1763 return log_error_errno(r
, "Failed to flush inotify events: %m");
1769 int main(int argc
, char *argv
[]) {
1771 _cleanup_journal_close_ sd_journal
*j
= NULL
;
1772 bool need_seek
= false;
1773 sd_id128_t previous_boot_id
;
1774 bool previous_boot_id_valid
= false, first_line
= true;
1776 bool ellipsized
= false;
1778 setlocale(LC_ALL
, "");
1779 log_parse_environment();
1782 r
= parse_argv(argc
, argv
);
1786 signal(SIGWINCH
, columns_lines_cache_reset
);
1789 /* Increase max number of open files to 16K if we can, we
1790 * might needs this when browsing journal files, which might
1791 * be split up into many files. */
1792 setrlimit_closest(RLIMIT_NOFILE
, &RLIMIT_MAKE_CONST(16384));
1794 if (arg_action
== ACTION_NEW_ID128
) {
1795 r
= generate_new_id128();
1799 if (arg_action
== ACTION_FLUSH
) {
1804 if (arg_action
== ACTION_SETUP_KEYS
) {
1809 if (arg_action
== ACTION_UPDATE_CATALOG
||
1810 arg_action
== ACTION_LIST_CATALOG
||
1811 arg_action
== ACTION_DUMP_CATALOG
) {
1813 _cleanup_free_
char *database
;
1815 database
= path_join(arg_root
, CATALOG_DATABASE
, NULL
);
1821 if (arg_action
== ACTION_UPDATE_CATALOG
) {
1822 r
= catalog_update(database
, arg_root
, catalog_file_dirs
);
1824 log_error_errno(r
, "Failed to list catalog: %m");
1826 bool oneline
= arg_action
== ACTION_LIST_CATALOG
;
1829 r
= catalog_list_items(stdout
, database
,
1830 oneline
, argv
+ optind
);
1832 r
= catalog_list(stdout
, database
, oneline
);
1834 log_error_errno(r
, "Failed to list catalog: %m");
1841 r
= sd_journal_open_directory(&j
, arg_directory
, arg_journal_type
);
1843 r
= sd_journal_open_files(&j
, (const char**) arg_file
, 0);
1844 else if (arg_machine
)
1845 r
= sd_journal_open_container(&j
, arg_machine
, 0);
1847 r
= sd_journal_open(&j
, !arg_merge
*SD_JOURNAL_LOCAL_ONLY
+ arg_journal_type
);
1849 log_error_errno(r
, "Failed to open %s: %m",
1850 arg_directory
? arg_directory
: arg_file
? "files" : "journal");
1854 r
= access_check(j
);
1858 if (arg_action
== ACTION_VERIFY
) {
1863 if (arg_action
== ACTION_PRINT_HEADER
) {
1864 journal_print_header(j
);
1869 if (arg_action
== ACTION_DISK_USAGE
) {
1871 char sbytes
[FORMAT_BYTES_MAX
];
1873 r
= sd_journal_get_usage(j
, &bytes
);
1877 printf("Archived and active journals take up %s on disk.\n",
1878 format_bytes(sbytes
, sizeof(sbytes
), bytes
));
1882 if (arg_action
== ACTION_VACUUM
) {
1886 HASHMAP_FOREACH(d
, j
->directories_by_path
, i
) {
1892 q
= journal_directory_vacuum(d
->path
, arg_vacuum_size
, arg_vacuum_time
, NULL
, true);
1894 log_error_errno(q
, "Failed to vacuum: %m");
1902 if (arg_action
== ACTION_LIST_BOOTS
) {
1907 /* add_boot() must be called first!
1908 * It may need to seek the journal to find parent boot IDs. */
1918 arg_system_units
= strv_free(arg_system_units
);
1919 arg_user_units
= strv_free(arg_user_units
);
1921 log_error_errno(r
, "Failed to add filter for units: %m");
1925 r
= add_syslog_identifier(j
);
1927 log_error_errno(r
, "Failed to add filter for syslog identifiers: %m");
1931 r
= add_priorities(j
);
1933 log_error_errno(r
, "Failed to add filter for priorities: %m");
1937 r
= add_matches(j
, argv
+ optind
);
1939 log_error_errno(r
, "Failed to add filters: %m");
1943 if (_unlikely_(log_get_max_level() >= LOG_DEBUG
)) {
1944 _cleanup_free_
char *filter
;
1946 filter
= journal_make_match_string(j
);
1947 log_debug("Journal filter: %s", filter
);
1954 r
= sd_journal_set_data_threshold(j
, 0);
1956 log_error("Failed to unset data size threshold");
1960 r
= sd_journal_query_unique(j
, arg_field
);
1962 log_error_errno(r
, "Failed to query unique data objects: %m");
1966 SD_JOURNAL_FOREACH_UNIQUE(j
, data
, size
) {
1969 if (arg_lines
>= 0 && n_shown
>= arg_lines
)
1972 eq
= memchr(data
, '=', size
);
1974 printf("%.*s\n", (int) (size
- ((const uint8_t*) eq
- (const uint8_t*) data
+ 1)), (const char*) eq
+ 1);
1976 printf("%.*s\n", (int) size
, (const char*) data
);
1985 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1987 r
= sd_journal_get_fd(j
);
1992 if (arg_cursor
|| arg_after_cursor
) {
1993 r
= sd_journal_seek_cursor(j
, arg_cursor
?: arg_after_cursor
);
1995 log_error_errno(r
, "Failed to seek to cursor: %m");
2000 r
= sd_journal_next_skip(j
, 1 + !!arg_after_cursor
);
2002 r
= sd_journal_previous_skip(j
, 1 + !!arg_after_cursor
);
2004 if (arg_after_cursor
&& r
< 2) {
2005 /* We couldn't find the next entry after the cursor. */
2012 } else if (arg_since_set
&& !arg_reverse
) {
2013 r
= sd_journal_seek_realtime_usec(j
, arg_since
);
2015 log_error_errno(r
, "Failed to seek to date: %m");
2018 r
= sd_journal_next(j
);
2020 } else if (arg_until_set
&& arg_reverse
) {
2021 r
= sd_journal_seek_realtime_usec(j
, arg_until
);
2023 log_error_errno(r
, "Failed to seek to date: %m");
2026 r
= sd_journal_previous(j
);
2028 } else if (arg_lines
>= 0) {
2029 r
= sd_journal_seek_tail(j
);
2031 log_error_errno(r
, "Failed to seek to tail: %m");
2035 r
= sd_journal_previous_skip(j
, arg_lines
);
2037 } else if (arg_reverse
) {
2038 r
= sd_journal_seek_tail(j
);
2040 log_error_errno(r
, "Failed to seek to tail: %m");
2044 r
= sd_journal_previous(j
);
2047 r
= sd_journal_seek_head(j
);
2049 log_error_errno(r
, "Failed to seek to head: %m");
2053 r
= sd_journal_next(j
);
2057 log_error_errno(r
, "Failed to iterate through journal: %m");
2062 pager_open_if_enabled();
2066 char start_buf
[FORMAT_TIMESTAMP_MAX
], end_buf
[FORMAT_TIMESTAMP_MAX
];
2068 r
= sd_journal_get_cutoff_realtime_usec(j
, &start
, &end
);
2070 log_error_errno(r
, "Failed to get cutoff: %m");
2076 printf("-- Logs begin at %s. --\n",
2077 format_timestamp_maybe_utc(start_buf
, sizeof(start_buf
), start
));
2079 printf("-- Logs begin at %s, end at %s. --\n",
2080 format_timestamp_maybe_utc(start_buf
, sizeof(start_buf
), start
),
2081 format_timestamp_maybe_utc(end_buf
, sizeof(end_buf
), end
));
2086 while (arg_lines
< 0 || n_shown
< arg_lines
|| (arg_follow
&& !first_line
)) {
2091 r
= sd_journal_next(j
);
2093 r
= sd_journal_previous(j
);
2095 log_error_errno(r
, "Failed to iterate through journal: %m");
2102 if (arg_until_set
&& !arg_reverse
) {
2105 r
= sd_journal_get_realtime_usec(j
, &usec
);
2107 log_error_errno(r
, "Failed to determine timestamp: %m");
2110 if (usec
> arg_until
)
2114 if (arg_since_set
&& arg_reverse
) {
2117 r
= sd_journal_get_realtime_usec(j
, &usec
);
2119 log_error_errno(r
, "Failed to determine timestamp: %m");
2122 if (usec
< arg_since
)
2126 if (!arg_merge
&& !arg_quiet
) {
2129 r
= sd_journal_get_monotonic_usec(j
, NULL
, &boot_id
);
2131 if (previous_boot_id_valid
&&
2132 !sd_id128_equal(boot_id
, previous_boot_id
))
2133 printf("%s-- Reboot --%s\n",
2134 ansi_highlight(), ansi_highlight_off());
2136 previous_boot_id
= boot_id
;
2137 previous_boot_id_valid
= true;
2142 arg_all
* OUTPUT_SHOW_ALL
|
2143 arg_full
* OUTPUT_FULL_WIDTH
|
2144 on_tty() * OUTPUT_COLOR
|
2145 arg_catalog
* OUTPUT_CATALOG
|
2146 arg_utc
* OUTPUT_UTC
;
2148 r
= output_journal(stdout
, j
, arg_output
, 0, flags
, &ellipsized
);
2150 if (r
== -EADDRNOTAVAIL
)
2152 else if (r
< 0 || ferror(stdout
))
2159 if (arg_show_cursor
) {
2160 _cleanup_free_
char *cursor
= NULL
;
2162 r
= sd_journal_get_cursor(j
, &cursor
);
2163 if (r
< 0 && r
!= -EADDRNOTAVAIL
)
2164 log_error_errno(r
, "Failed to get cursor: %m");
2166 printf("-- cursor: %s\n", cursor
);
2172 r
= sd_journal_wait(j
, (uint64_t) -1);
2174 log_error_errno(r
, "Couldn't wait for journal event: %m");
2184 strv_free(arg_file
);
2186 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;