1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <selinux/selinux.h>
25 #include <sys/ioctl.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "alloc-util.h"
38 #include "audit-util.h"
39 #include "cgroup-util.h"
40 #include "conf-parser.h"
41 #include "dirent-util.h"
42 #include "extract-word.h"
44 #include "formats-util.h"
47 #include "hostname-util.h"
49 #include "journal-authenticate.h"
50 #include "journal-file.h"
51 #include "journal-internal.h"
52 #include "journal-vacuum.h"
53 #include "journald-audit.h"
54 #include "journald-kmsg.h"
55 #include "journald-native.h"
56 #include "journald-rate-limit.h"
57 #include "journald-server.h"
58 #include "journald-stream.h"
59 #include "journald-syslog.h"
62 #include "parse-util.h"
63 #include "proc-cmdline.h"
64 #include "process-util.h"
66 #include "selinux-util.h"
67 #include "signal-util.h"
68 #include "socket-util.h"
69 #include "string-table.h"
70 #include "string-util.h"
72 #define USER_JOURNALS_MAX 1024
74 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
75 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
76 #define DEFAULT_RATE_LIMIT_BURST 1000
77 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
79 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
81 #define NOTIFY_SNDBUF_SIZE (8*1024*1024)
83 static int determine_space_for(
85 JournalMetrics
*metrics
,
93 uint64_t sum
= 0, ss_avail
, avail
;
94 _cleanup_closedir_
DIR *d
= NULL
;
105 ts
= now(CLOCK_MONOTONIC
);
107 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
110 *available
= s
->cached_space_available
;
112 *limit
= s
->cached_space_limit
;
117 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
120 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
122 if (fstatvfs(dirfd(d
), &ss
) < 0)
123 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
125 FOREACH_DIRENT_ALL(de
, d
, break) {
128 if (!endswith(de
->d_name
, ".journal") &&
129 !endswith(de
->d_name
, ".journal~"))
132 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
133 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
137 if (!S_ISREG(st
.st_mode
))
140 sum
+= (uint64_t) st
.st_blocks
* 512UL;
143 /* If request, then let's bump the min_use limit to the
144 * current usage on disk. We do this when starting up and
145 * first opening the journal files. This way sudden spikes in
146 * disk usage will not cause journald to vacuum files without
147 * bounds. Note that this means that only a restart of
148 * journald will make it reset this value. */
151 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
153 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
154 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
156 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
157 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
158 s
->cached_space_timestamp
= ts
;
161 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
162 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
164 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
165 "%s (%s) is currently using %s.\n"
166 "Maximum allowed usage is set to %s.\n"
167 "Leaving at least %s free (of currently available %s of space).\n"
168 "Enforced usage limit is thus %s, of which %s are still available.",
170 format_bytes(fb1
, sizeof(fb1
), sum
),
171 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
172 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
173 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
174 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
175 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
179 *available
= s
->cached_space_available
;
181 *limit
= s
->cached_space_limit
;
186 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
187 JournalMetrics
*metrics
;
188 const char *path
, *name
;
192 if (s
->system_journal
) {
193 path
= "/var/log/journal/";
194 metrics
= &s
->system_metrics
;
195 name
= "System journal";
197 path
= "/run/log/journal/";
198 metrics
= &s
->runtime_metrics
;
199 name
= "Runtime journal";
202 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
205 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
208 _cleanup_(acl_freep
) acl_t acl
= NULL
;
210 acl_permset_t permset
;
215 r
= fchmod(f
->fd
, 0640);
217 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
220 if (uid
<= SYSTEM_UID_MAX
)
223 acl
= acl_get_fd(f
->fd
);
225 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
229 r
= acl_find_uid(acl
, uid
, &entry
);
232 if (acl_create_entry(&acl
, &entry
) < 0 ||
233 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
234 acl_set_qualifier(entry
, &uid
) < 0) {
235 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
240 /* We do not recalculate the mask unconditionally here,
241 * so that the fchmod() mask above stays intact. */
242 if (acl_get_permset(entry
, &permset
) < 0 ||
243 acl_add_perm(permset
, ACL_READ
) < 0 ||
244 calc_acl_mask_if_needed(&acl
) < 0) {
245 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
249 if (acl_set_fd(f
->fd
, acl
) < 0)
250 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
255 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
256 _cleanup_free_
char *p
= NULL
;
263 /* We split up user logs only on /var, not on /run. If the
264 * runtime file is open, we write to it exclusively, in order
265 * to guarantee proper order as soon as we flush /run to
266 * /var and close the runtime file. */
268 if (s
->runtime_journal
)
269 return s
->runtime_journal
;
271 if (uid
<= SYSTEM_UID_MAX
)
272 return s
->system_journal
;
274 r
= sd_id128_get_machine(&machine
);
276 return s
->system_journal
;
278 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
282 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
283 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
284 return s
->system_journal
;
286 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
287 /* Too many open? Then let's close one */
288 f
= ordered_hashmap_steal_first(s
->user_journals
);
290 journal_file_close(f
);
293 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
295 return s
->system_journal
;
297 server_fix_perms(s
, f
, uid
);
299 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
301 journal_file_close(f
);
302 return s
->system_journal
;
308 static int do_rotate(
321 r
= journal_file_rotate(f
, s
->compress
, seal
);
324 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
326 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
328 server_fix_perms(s
, *f
, uid
);
333 void server_rotate(Server
*s
) {
339 log_debug("Rotating...");
341 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
342 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
344 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
345 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
347 ordered_hashmap_replace(s
->user_journals
, k
, f
);
349 /* Old file has been closed and deallocated */
350 ordered_hashmap_remove(s
->user_journals
, k
);
354 void server_sync(Server
*s
) {
360 if (s
->system_journal
) {
361 r
= journal_file_set_offline(s
->system_journal
);
363 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
366 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
367 r
= journal_file_set_offline(f
);
369 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
372 if (s
->sync_event_source
) {
373 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
375 log_error_errno(r
, "Failed to disable sync timer source: %m");
378 s
->sync_scheduled
= false;
381 static void do_vacuum(
384 JournalMetrics
*metrics
,
388 bool patch_min_use
) {
402 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
404 limit
= metrics
->max_use
;
405 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
407 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
408 if (r
< 0 && r
!= -ENOENT
)
409 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
412 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
415 log_debug("Vacuuming...");
417 s
->oldest_file_usec
= 0;
419 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
420 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
422 s
->cached_space_limit
= 0;
423 s
->cached_space_available
= 0;
424 s
->cached_space_timestamp
= 0;
429 static void server_cache_machine_id(Server
*s
) {
435 r
= sd_id128_get_machine(&id
);
439 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
442 static void server_cache_boot_id(Server
*s
) {
448 r
= sd_id128_get_boot(&id
);
452 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
455 static void server_cache_hostname(Server
*s
) {
456 _cleanup_free_
char *t
= NULL
;
461 t
= gethostname_malloc();
465 x
= strappend("_HOSTNAME=", t
);
469 free(s
->hostname_field
);
470 s
->hostname_field
= x
;
473 static bool shall_try_append_again(JournalFile
*f
, int r
) {
475 /* -E2BIG Hit configured limit
477 -EDQUOT Quota limit hit
479 -EIO I/O error of some kind (mmap)
480 -EHOSTDOWN Other machine
481 -EBUSY Unclean shutdown
482 -EPROTONOSUPPORT Unsupported feature
485 -ESHUTDOWN Already archived
486 -EIDRM Journal file has been deleted */
488 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
489 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
490 else if (r
== -EHOSTDOWN
)
491 log_info("%s: Journal file from other machine, rotating.", f
->path
);
492 else if (r
== -EBUSY
)
493 log_info("%s: Unclean shutdown, rotating.", f
->path
);
494 else if (r
== -EPROTONOSUPPORT
)
495 log_info("%s: Unsupported feature, rotating.", f
->path
);
496 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
497 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
499 log_warning("%s: IO error, rotating.", f
->path
);
500 else if (r
== -EIDRM
)
501 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
508 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
510 bool vacuumed
= false;
517 f
= find_journal(s
, uid
);
521 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
522 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
524 server_vacuum(s
, false, false);
527 f
= find_journal(s
, uid
);
532 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
534 server_schedule_sync(s
, priority
);
538 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
539 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
544 server_vacuum(s
, false, false);
546 f
= find_journal(s
, uid
);
550 log_debug("Retrying write.");
551 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
553 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
555 server_schedule_sync(s
, priority
);
558 static void dispatch_message_real(
560 struct iovec
*iovec
, unsigned n
, unsigned m
,
561 const struct ucred
*ucred
,
562 const struct timeval
*tv
,
563 const char *label
, size_t label_len
,
568 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
569 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
570 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
571 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
572 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
573 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
574 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
575 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
581 uid_t realuid
= 0, owner
= 0, journal_uid
;
582 bool owner_valid
= false;
584 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
585 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
586 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
587 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
596 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
599 realuid
= ucred
->uid
;
601 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
602 IOVEC_SET_STRING(iovec
[n
++], pid
);
604 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
605 IOVEC_SET_STRING(iovec
[n
++], uid
);
607 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
608 IOVEC_SET_STRING(iovec
[n
++], gid
);
610 r
= get_process_comm(ucred
->pid
, &t
);
612 x
= strjoina("_COMM=", t
);
614 IOVEC_SET_STRING(iovec
[n
++], x
);
617 r
= get_process_exe(ucred
->pid
, &t
);
619 x
= strjoina("_EXE=", t
);
621 IOVEC_SET_STRING(iovec
[n
++], x
);
624 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
626 x
= strjoina("_CMDLINE=", t
);
628 IOVEC_SET_STRING(iovec
[n
++], x
);
631 r
= get_process_capeff(ucred
->pid
, &t
);
633 x
= strjoina("_CAP_EFFECTIVE=", t
);
635 IOVEC_SET_STRING(iovec
[n
++], x
);
639 r
= audit_session_from_pid(ucred
->pid
, &audit
);
641 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
642 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
645 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
647 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
648 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
652 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
654 char *session
= NULL
;
656 x
= strjoina("_SYSTEMD_CGROUP=", c
);
657 IOVEC_SET_STRING(iovec
[n
++], x
);
659 r
= cg_path_get_session(c
, &t
);
661 session
= strjoina("_SYSTEMD_SESSION=", t
);
663 IOVEC_SET_STRING(iovec
[n
++], session
);
666 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
669 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
670 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
673 if (cg_path_get_unit(c
, &t
) >= 0) {
674 x
= strjoina("_SYSTEMD_UNIT=", t
);
676 IOVEC_SET_STRING(iovec
[n
++], x
);
677 } else if (unit_id
&& !session
) {
678 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
679 IOVEC_SET_STRING(iovec
[n
++], x
);
682 if (cg_path_get_user_unit(c
, &t
) >= 0) {
683 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
685 IOVEC_SET_STRING(iovec
[n
++], x
);
686 } else if (unit_id
&& session
) {
687 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
688 IOVEC_SET_STRING(iovec
[n
++], x
);
691 if (cg_path_get_slice(c
, &t
) >= 0) {
692 x
= strjoina("_SYSTEMD_SLICE=", t
);
694 IOVEC_SET_STRING(iovec
[n
++], x
);
698 } else if (unit_id
) {
699 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
700 IOVEC_SET_STRING(iovec
[n
++], x
);
704 if (mac_selinux_use()) {
706 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
708 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
709 IOVEC_SET_STRING(iovec
[n
++], x
);
711 security_context_t con
;
713 if (getpidcon(ucred
->pid
, &con
) >= 0) {
714 x
= strjoina("_SELINUX_CONTEXT=", con
);
717 IOVEC_SET_STRING(iovec
[n
++], x
);
726 r
= get_process_uid(object_pid
, &object_uid
);
728 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
729 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
732 r
= get_process_gid(object_pid
, &object_gid
);
734 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
735 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
738 r
= get_process_comm(object_pid
, &t
);
740 x
= strjoina("OBJECT_COMM=", t
);
742 IOVEC_SET_STRING(iovec
[n
++], x
);
745 r
= get_process_exe(object_pid
, &t
);
747 x
= strjoina("OBJECT_EXE=", t
);
749 IOVEC_SET_STRING(iovec
[n
++], x
);
752 r
= get_process_cmdline(object_pid
, 0, false, &t
);
754 x
= strjoina("OBJECT_CMDLINE=", t
);
756 IOVEC_SET_STRING(iovec
[n
++], x
);
760 r
= audit_session_from_pid(object_pid
, &audit
);
762 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
763 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
766 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
768 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
769 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
773 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
775 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
776 IOVEC_SET_STRING(iovec
[n
++], x
);
778 r
= cg_path_get_session(c
, &t
);
780 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
782 IOVEC_SET_STRING(iovec
[n
++], x
);
785 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
786 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
787 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
790 if (cg_path_get_unit(c
, &t
) >= 0) {
791 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
793 IOVEC_SET_STRING(iovec
[n
++], x
);
796 if (cg_path_get_user_unit(c
, &t
) >= 0) {
797 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
799 IOVEC_SET_STRING(iovec
[n
++], x
);
808 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
809 IOVEC_SET_STRING(iovec
[n
++], source_time
);
812 /* Note that strictly speaking storing the boot id here is
813 * redundant since the entry includes this in-line
814 * anyway. However, we need this indexed, too. */
815 if (!isempty(s
->boot_id_field
))
816 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
818 if (!isempty(s
->machine_id_field
))
819 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
821 if (!isempty(s
->hostname_field
))
822 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
826 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
827 /* Split up strictly by any UID */
828 journal_uid
= realuid
;
829 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
830 /* Split up by login UIDs. We do this only if the
831 * realuid is not root, in order not to accidentally
832 * leak privileged information to the user that is
833 * logged by a privileged process that is part of an
834 * unprivileged session. */
839 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
842 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
843 char mid
[11 + 32 + 1];
844 char buffer
[16 + LINE_MAX
+ 1];
845 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
848 struct ucred ucred
= {};
853 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
854 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
856 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
857 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
859 memcpy(buffer
, "MESSAGE=", 8);
860 va_start(ap
, format
);
861 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
863 IOVEC_SET_STRING(iovec
[n
++], buffer
);
865 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
866 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
867 IOVEC_SET_STRING(iovec
[n
++], mid
);
870 ucred
.pid
= getpid();
871 ucred
.uid
= getuid();
872 ucred
.gid
= getgid();
874 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
877 void server_dispatch_message(
879 struct iovec
*iovec
, unsigned n
, unsigned m
,
880 const struct ucred
*ucred
,
881 const struct timeval
*tv
,
882 const char *label
, size_t label_len
,
888 _cleanup_free_
char *path
= NULL
;
889 uint64_t available
= 0;
893 assert(iovec
|| n
== 0);
898 if (LOG_PRI(priority
) > s
->max_level_store
)
901 /* Stop early in case the information will not be stored
903 if (s
->storage
== STORAGE_NONE
)
909 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
913 /* example: /user/lennart/3/foobar
914 * /system/dbus.service/foobar
916 * So let's cut of everything past the third /, since that is
917 * where user directories start */
919 c
= strchr(path
, '/');
921 c
= strchr(c
+1, '/');
923 c
= strchr(c
+1, '/');
929 (void) determine_space(s
, false, false, &available
, NULL
);
930 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
934 /* Write a suppression message if we suppressed something */
936 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
937 "Suppressed %u messages from %s", rl
- 1, path
);
940 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
944 static int system_journal_open(Server
*s
, bool flush_requested
) {
948 if (!s
->system_journal
&&
949 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
951 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
953 /* If in auto mode: first try to create the machine
954 * path, but not the prefix.
956 * If in persistent mode: create /var/log/journal and
957 * the machine path */
959 if (s
->storage
== STORAGE_PERSISTENT
)
960 (void) mkdir_p("/var/log/journal/", 0755);
962 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
963 (void) mkdir(fn
, 0755);
965 fn
= strjoina(fn
, "/system.journal");
966 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
968 server_fix_perms(s
, s
->system_journal
, 0);
969 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
971 if (r
!= -ENOENT
&& r
!= -EROFS
)
972 log_warning_errno(r
, "Failed to open system journal: %m");
978 if (!s
->runtime_journal
&&
979 (s
->storage
!= STORAGE_NONE
)) {
981 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
983 if (s
->system_journal
) {
985 /* Try to open the runtime journal, but only
986 * if it already exists, so that we can flush
987 * it into the system journal */
989 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
992 log_warning_errno(r
, "Failed to open runtime journal: %m");
999 /* OK, we really need the runtime journal, so create
1000 * it if necessary. */
1002 (void) mkdir("/run/log", 0755);
1003 (void) mkdir("/run/log/journal", 0755);
1004 (void) mkdir_parents(fn
, 0750);
1006 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
1008 return log_error_errno(r
, "Failed to open runtime journal: %m");
1011 if (s
->runtime_journal
) {
1012 server_fix_perms(s
, s
->runtime_journal
, 0);
1013 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1020 int server_flush_to_var(Server
*s
) {
1022 sd_journal
*j
= NULL
;
1023 char ts
[FORMAT_TIMESPAN_MAX
];
1030 if (s
->storage
!= STORAGE_AUTO
&&
1031 s
->storage
!= STORAGE_PERSISTENT
)
1034 if (!s
->runtime_journal
)
1037 (void) system_journal_open(s
, true);
1039 if (!s
->system_journal
)
1042 log_debug("Flushing to /var...");
1044 start
= now(CLOCK_MONOTONIC
);
1046 r
= sd_id128_get_machine(&machine
);
1050 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1052 return log_error_errno(r
, "Failed to read runtime journal: %m");
1054 sd_journal_set_data_threshold(j
, 0);
1056 SD_JOURNAL_FOREACH(j
) {
1060 f
= j
->current_file
;
1061 assert(f
&& f
->current_offset
> 0);
1065 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1067 log_error_errno(r
, "Can't read entry: %m");
1071 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1075 if (!shall_try_append_again(s
->system_journal
, r
)) {
1076 log_error_errno(r
, "Can't write entry: %m");
1081 server_vacuum(s
, false, false);
1083 if (!s
->system_journal
) {
1084 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1089 log_debug("Retrying write.");
1090 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1092 log_error_errno(r
, "Can't write entry: %m");
1100 journal_file_post_change(s
->system_journal
);
1102 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1105 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1107 sd_journal_close(j
);
1109 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1114 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1115 Server
*s
= userdata
;
1116 struct ucred
*ucred
= NULL
;
1117 struct timeval
*tv
= NULL
;
1118 struct cmsghdr
*cmsg
;
1120 size_t label_len
= 0, m
;
1123 int *fds
= NULL
, v
= 0;
1127 struct cmsghdr cmsghdr
;
1129 /* We use NAME_MAX space for the SELinux label
1130 * here. The kernel currently enforces no
1131 * limit, but according to suggestions from
1132 * the SELinux people this will change and it
1133 * will probably be identical to NAME_MAX. For
1134 * now we use that, but this should be updated
1135 * one day when the final limit is known. */
1136 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1137 CMSG_SPACE(sizeof(struct timeval
)) +
1138 CMSG_SPACE(sizeof(int)) + /* fd */
1139 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1142 union sockaddr_union sa
= {};
1144 struct msghdr msghdr
= {
1147 .msg_control
= &control
,
1148 .msg_controllen
= sizeof(control
),
1150 .msg_namelen
= sizeof(sa
),
1154 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1156 if (revents
!= EPOLLIN
) {
1157 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1161 /* Try to get the right size, if we can. (Not all
1162 * sockets support SIOCINQ, hence we just try, but
1163 * don't rely on it. */
1164 (void) ioctl(fd
, SIOCINQ
, &v
);
1166 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1167 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1169 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1171 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1174 iovec
.iov_base
= s
->buffer
;
1175 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1177 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1179 if (errno
== EINTR
|| errno
== EAGAIN
)
1182 return log_error_errno(errno
, "recvmsg() failed: %m");
1185 CMSG_FOREACH(cmsg
, &msghdr
) {
1187 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1188 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1189 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1190 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1191 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1192 cmsg
->cmsg_type
== SCM_SECURITY
) {
1193 label
= (char*) CMSG_DATA(cmsg
);
1194 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1195 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1196 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1197 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1198 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1199 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1200 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1201 fds
= (int*) CMSG_DATA(cmsg
);
1202 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1206 /* And a trailing NUL, just in case */
1209 if (fd
== s
->syslog_fd
) {
1210 if (n
> 0 && n_fds
== 0)
1211 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1213 log_warning("Got file descriptors via syslog socket. Ignoring.");
1215 } else if (fd
== s
->native_fd
) {
1216 if (n
> 0 && n_fds
== 0)
1217 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1218 else if (n
== 0 && n_fds
== 1)
1219 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1221 log_warning("Got too many file descriptors via native socket. Ignoring.");
1224 assert(fd
== s
->audit_fd
);
1226 if (n
> 0 && n_fds
== 0)
1227 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1229 log_warning("Got file descriptors via audit socket. Ignoring.");
1232 close_many(fds
, n_fds
);
1236 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1237 Server
*s
= userdata
;
1241 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1243 server_flush_to_var(s
);
1245 server_vacuum(s
, false, false);
1247 (void) touch("/run/systemd/journal/flushed");
1252 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1253 Server
*s
= userdata
;
1257 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1259 server_vacuum(s
, true, true);
1264 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1265 Server
*s
= userdata
;
1269 log_received_signal(LOG_INFO
, si
);
1271 sd_event_exit(s
->event
, 0);
1275 static int setup_signals(Server
*s
) {
1280 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1282 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1286 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1290 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1294 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1301 static int server_parse_proc_cmdline(Server
*s
) {
1302 _cleanup_free_
char *line
= NULL
;
1306 r
= proc_cmdline(&line
);
1308 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1314 _cleanup_free_
char *word
;
1316 r
= extract_first_word(&p
, &word
, NULL
, 0);
1318 return log_error_errno(r
, "Failed to parse journald syntax \"%s\": %m", line
);
1323 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1324 r
= parse_boolean(word
+ 35);
1326 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1328 s
->forward_to_syslog
= r
;
1329 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1330 r
= parse_boolean(word
+ 33);
1332 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1334 s
->forward_to_kmsg
= r
;
1335 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1336 r
= parse_boolean(word
+ 36);
1338 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1340 s
->forward_to_console
= r
;
1341 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1342 r
= parse_boolean(word
+ 33);
1344 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1346 s
->forward_to_wall
= r
;
1347 } else if (startswith(word
, "systemd.journald"))
1348 log_warning("Invalid systemd.journald parameter. Ignoring.");
1351 /* do not warn about state here, since probably systemd already did */
1355 static int server_parse_config_file(Server
*s
) {
1358 return config_parse_many("/etc/systemd/journald.conf",
1359 CONF_DIRS_NULSTR("systemd/journald.conf"),
1361 config_item_perf_lookup
, journald_gperf_lookup
,
1365 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1366 Server
*s
= userdata
;
1374 int server_schedule_sync(Server
*s
, int priority
) {
1379 if (priority
<= LOG_CRIT
) {
1380 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1385 if (s
->sync_scheduled
)
1388 if (s
->sync_interval_usec
> 0) {
1391 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1395 when
+= s
->sync_interval_usec
;
1397 if (!s
->sync_event_source
) {
1398 r
= sd_event_add_time(
1400 &s
->sync_event_source
,
1403 server_dispatch_sync
, s
);
1407 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1409 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1413 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1418 s
->sync_scheduled
= true;
1424 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1425 Server
*s
= userdata
;
1429 server_cache_hostname(s
);
1433 static int server_open_hostname(Server
*s
) {
1438 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1439 if (s
->hostname_fd
< 0)
1440 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1442 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1444 /* kernels prior to 3.2 don't support polling this file. Ignore
1447 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1448 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1452 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1455 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1457 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1462 static int dispatch_notify_event(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1463 Server
*s
= userdata
;
1467 assert(s
->notify_event_source
== es
);
1468 assert(s
->notify_fd
== fd
);
1470 if (revents
!= EPOLLOUT
) {
1471 log_error("Invalid events on notify file descriptor.");
1475 /* The $NOTIFY_SOCKET is writable again, now send exactly one
1476 * message on it. Either it's the wtachdog event, the initial
1477 * READY=1 event or an stdout stream event. If there's nothing
1478 * to write anymore, turn our event source off. The next time
1479 * there's something to send it will be turned on again. */
1481 if (!s
->sent_notify_ready
) {
1482 static const char p
[] =
1484 "STATUS=Processing requests...";
1487 l
= send(s
->notify_fd
, p
, strlen(p
), MSG_DONTWAIT
);
1489 if (errno
== EAGAIN
)
1492 return log_error_errno(errno
, "Failed to send READY=1 notification message: %m");
1495 s
->sent_notify_ready
= true;
1496 log_debug("Sent READY=1 notification.");
1498 } else if (s
->send_watchdog
) {
1500 static const char p
[] =
1505 l
= send(s
->notify_fd
, p
, strlen(p
), MSG_DONTWAIT
);
1507 if (errno
== EAGAIN
)
1510 return log_error_errno(errno
, "Failed to send WATCHDOG=1 notification message: %m");
1513 s
->send_watchdog
= false;
1514 log_debug("Sent WATCHDOG=1 notification.");
1516 } else if (s
->stdout_streams_notify_queue
)
1517 /* Dispatch one stream notification event */
1518 stdout_stream_send_notify(s
->stdout_streams_notify_queue
);
1520 /* Leave us enabled if there's still more to to do. */
1521 if (s
->send_watchdog
|| s
->stdout_streams_notify_queue
)
1524 /* There was nothing to do anymore, let's turn ourselves off. */
1525 r
= sd_event_source_set_enabled(es
, SD_EVENT_OFF
);
1527 return log_error_errno(r
, "Failed to turn off notify event source: %m");
1532 static int dispatch_watchdog(sd_event_source
*es
, uint64_t usec
, void *userdata
) {
1533 Server
*s
= userdata
;
1538 s
->send_watchdog
= true;
1540 r
= sd_event_source_set_enabled(s
->notify_event_source
, SD_EVENT_ON
);
1542 log_warning_errno(r
, "Failed to turn on notify event source: %m");
1544 r
= sd_event_source_set_time(s
->watchdog_event_source
, usec
+ s
->watchdog_usec
/ 2);
1546 return log_error_errno(r
, "Failed to restart watchdog event source: %m");
1548 r
= sd_event_source_set_enabled(s
->watchdog_event_source
, SD_EVENT_ON
);
1550 return log_error_errno(r
, "Failed to enable watchdog event source: %m");
1555 static int server_connect_notify(Server
*s
) {
1556 union sockaddr_union sa
= {
1557 .un
.sun_family
= AF_UNIX
,
1563 assert(s
->notify_fd
< 0);
1564 assert(!s
->notify_event_source
);
1567 So here's the problem: we'd like to send notification
1568 messages to PID 1, but we cannot do that via sd_notify(),
1569 since that's synchronous, and we might end up blocking on
1570 it. Specifically: given that PID 1 might block on
1571 dbus-daemon during IPC, and dbus-daemon is logging to us,
1572 and might hence block on us, we might end up in a deadlock
1573 if we block on sending PID 1 notification messages -- by
1574 generating a full blocking circle. To avoid this, let's
1575 create a non-blocking socket, and connect it to the
1576 notification socket, and then wait for POLLOUT before we
1577 send anything. This should efficiently avoid any deadlocks,
1578 as we'll never block on PID 1, hence PID 1 can safely block
1579 on dbus-daemon which can safely block on us again.
1581 Don't think that this issue is real? It is, see:
1582 https://github.com/systemd/systemd/issues/1505
1585 e
= getenv("NOTIFY_SOCKET");
1589 if ((e
[0] != '@' && e
[0] != '/') || e
[1] == 0) {
1590 log_error("NOTIFY_SOCKET set to an invalid value: %s", e
);
1594 if (strlen(e
) > sizeof(sa
.un
.sun_path
)) {
1595 log_error("NOTIFY_SOCKET path too long: %s", e
);
1599 s
->notify_fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
1600 if (s
->notify_fd
< 0)
1601 return log_error_errno(errno
, "Failed to create notify socket: %m");
1603 (void) fd_inc_sndbuf(s
->notify_fd
, NOTIFY_SNDBUF_SIZE
);
1605 strncpy(sa
.un
.sun_path
, e
, sizeof(sa
.un
.sun_path
));
1606 if (sa
.un
.sun_path
[0] == '@')
1607 sa
.un
.sun_path
[0] = 0;
1609 r
= connect(s
->notify_fd
, &sa
.sa
, offsetof(struct sockaddr_un
, sun_path
) + strlen(e
));
1611 return log_error_errno(errno
, "Failed to connect to notify socket: %m");
1613 r
= sd_event_add_io(s
->event
, &s
->notify_event_source
, s
->notify_fd
, EPOLLOUT
, dispatch_notify_event
, s
);
1615 return log_error_errno(r
, "Failed to watch notification socket: %m");
1617 if (sd_watchdog_enabled(false, &s
->watchdog_usec
) > 0) {
1618 s
->send_watchdog
= true;
1620 r
= sd_event_add_time(s
->event
, &s
->watchdog_event_source
, CLOCK_MONOTONIC
, now(CLOCK_MONOTONIC
) + s
->watchdog_usec
/2, s
->watchdog_usec
*3/4, dispatch_watchdog
, s
);
1622 return log_error_errno(r
, "Failed to add watchdog time event: %m");
1625 /* This should fire pretty soon, which we'll use to send the
1631 int server_init(Server
*s
) {
1632 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1639 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= s
->notify_fd
= -1;
1643 s
->watchdog_usec
= USEC_INFINITY
;
1645 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1646 s
->sync_scheduled
= false;
1648 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1649 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1651 s
->forward_to_wall
= true;
1653 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1655 s
->max_level_store
= LOG_DEBUG
;
1656 s
->max_level_syslog
= LOG_DEBUG
;
1657 s
->max_level_kmsg
= LOG_NOTICE
;
1658 s
->max_level_console
= LOG_INFO
;
1659 s
->max_level_wall
= LOG_EMERG
;
1661 journal_reset_metrics(&s
->system_metrics
);
1662 journal_reset_metrics(&s
->runtime_metrics
);
1664 server_parse_config_file(s
);
1665 server_parse_proc_cmdline(s
);
1667 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1668 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1669 s
->rate_limit_interval
, s
->rate_limit_burst
);
1670 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1673 (void) mkdir_p("/run/systemd/journal", 0755);
1675 s
->user_journals
= ordered_hashmap_new(NULL
);
1676 if (!s
->user_journals
)
1679 s
->mmap
= mmap_cache_new();
1683 r
= sd_event_default(&s
->event
);
1685 return log_error_errno(r
, "Failed to create event loop: %m");
1687 n
= sd_listen_fds(true);
1689 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1691 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1693 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1695 if (s
->native_fd
>= 0) {
1696 log_error("Too many native sockets passed.");
1702 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1704 if (s
->stdout_fd
>= 0) {
1705 log_error("Too many stdout sockets passed.");
1711 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1712 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1714 if (s
->syslog_fd
>= 0) {
1715 log_error("Too many /dev/log sockets passed.");
1721 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1723 if (s
->audit_fd
>= 0) {
1724 log_error("Too many audit sockets passed.");
1738 r
= fdset_put(fds
, fd
);
1744 /* Try to restore streams, but don't bother if this fails */
1745 (void) server_restore_streams(s
, fds
);
1747 if (fdset_size(fds
) > 0) {
1748 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1749 fds
= fdset_free(fds
);
1752 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1754 /* always open stdout, syslog, native, and kmsg sockets */
1756 /* systemd-journald.socket: /run/systemd/journal/stdout */
1757 r
= server_open_stdout_socket(s
);
1761 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1762 r
= server_open_syslog_socket(s
);
1766 /* systemd-journald.socket: /run/systemd/journal/socket */
1767 r
= server_open_native_socket(s
);
1772 r
= server_open_dev_kmsg(s
);
1776 /* Unless we got *some* sockets and not audit, open audit socket */
1777 if (s
->audit_fd
>= 0 || no_sockets
) {
1778 r
= server_open_audit(s
);
1783 r
= server_open_kernel_seqnum(s
);
1787 r
= server_open_hostname(s
);
1791 r
= setup_signals(s
);
1795 s
->udev
= udev_new();
1799 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1803 r
= cg_get_root_path(&s
->cgroup_root
);
1807 server_cache_hostname(s
);
1808 server_cache_boot_id(s
);
1809 server_cache_machine_id(s
);
1811 (void) server_connect_notify(s
);
1813 return system_journal_open(s
, false);
1816 void server_maybe_append_tags(Server
*s
) {
1822 n
= now(CLOCK_REALTIME
);
1824 if (s
->system_journal
)
1825 journal_file_maybe_append_tag(s
->system_journal
, n
);
1827 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1828 journal_file_maybe_append_tag(f
, n
);
1832 void server_done(Server
*s
) {
1836 while (s
->stdout_streams
)
1837 stdout_stream_free(s
->stdout_streams
);
1839 if (s
->system_journal
)
1840 journal_file_close(s
->system_journal
);
1842 if (s
->runtime_journal
)
1843 journal_file_close(s
->runtime_journal
);
1845 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1846 journal_file_close(f
);
1848 ordered_hashmap_free(s
->user_journals
);
1850 sd_event_source_unref(s
->syslog_event_source
);
1851 sd_event_source_unref(s
->native_event_source
);
1852 sd_event_source_unref(s
->stdout_event_source
);
1853 sd_event_source_unref(s
->dev_kmsg_event_source
);
1854 sd_event_source_unref(s
->audit_event_source
);
1855 sd_event_source_unref(s
->sync_event_source
);
1856 sd_event_source_unref(s
->sigusr1_event_source
);
1857 sd_event_source_unref(s
->sigusr2_event_source
);
1858 sd_event_source_unref(s
->sigterm_event_source
);
1859 sd_event_source_unref(s
->sigint_event_source
);
1860 sd_event_source_unref(s
->hostname_event_source
);
1861 sd_event_source_unref(s
->notify_event_source
);
1862 sd_event_source_unref(s
->watchdog_event_source
);
1863 sd_event_unref(s
->event
);
1865 safe_close(s
->syslog_fd
);
1866 safe_close(s
->native_fd
);
1867 safe_close(s
->stdout_fd
);
1868 safe_close(s
->dev_kmsg_fd
);
1869 safe_close(s
->audit_fd
);
1870 safe_close(s
->hostname_fd
);
1871 safe_close(s
->notify_fd
);
1874 journal_rate_limit_free(s
->rate_limit
);
1876 if (s
->kernel_seqnum
)
1877 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1881 free(s
->cgroup_root
);
1882 free(s
->hostname_field
);
1885 mmap_cache_unref(s
->mmap
);
1887 udev_unref(s
->udev
);
1890 static const char* const storage_table
[_STORAGE_MAX
] = {
1891 [STORAGE_AUTO
] = "auto",
1892 [STORAGE_VOLATILE
] = "volatile",
1893 [STORAGE_PERSISTENT
] = "persistent",
1894 [STORAGE_NONE
] = "none"
1897 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1898 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1900 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1901 [SPLIT_LOGIN
] = "login",
1902 [SPLIT_UID
] = "uid",
1903 [SPLIT_NONE
] = "none",
1906 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1907 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");