1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <selinux/selinux.h>
25 #include <sys/ioctl.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "audit-util.h"
38 #include "cgroup-util.h"
39 #include "conf-parser.h"
40 #include "dirent-util.h"
41 #include "extract-word.h"
43 #include "formats-util.h"
46 #include "hostname-util.h"
47 #include "journal-authenticate.h"
48 #include "journal-file.h"
49 #include "journal-internal.h"
50 #include "journal-vacuum.h"
51 #include "journald-audit.h"
52 #include "journald-kmsg.h"
53 #include "journald-native.h"
54 #include "journald-rate-limit.h"
55 #include "journald-server.h"
56 #include "journald-stream.h"
57 #include "journald-syslog.h"
60 #include "parse-util.h"
61 #include "process-util.h"
63 #include "selinux-util.h"
64 #include "signal-util.h"
65 #include "socket-util.h"
66 #include "string-table.h"
67 #include "string-util.h"
69 #define USER_JOURNALS_MAX 1024
71 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
72 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
73 #define DEFAULT_RATE_LIMIT_BURST 1000
74 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
76 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
78 static int determine_space_for(
80 JournalMetrics
*metrics
,
88 uint64_t sum
= 0, ss_avail
, avail
;
89 _cleanup_closedir_
DIR *d
= NULL
;
100 ts
= now(CLOCK_MONOTONIC
);
102 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
105 *available
= s
->cached_space_available
;
107 *limit
= s
->cached_space_limit
;
112 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
115 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
117 if (fstatvfs(dirfd(d
), &ss
) < 0)
118 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
120 FOREACH_DIRENT_ALL(de
, d
, break) {
123 if (!endswith(de
->d_name
, ".journal") &&
124 !endswith(de
->d_name
, ".journal~"))
127 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
128 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
132 if (!S_ISREG(st
.st_mode
))
135 sum
+= (uint64_t) st
.st_blocks
* 512UL;
138 /* If request, then let's bump the min_use limit to the
139 * current usage on disk. We do this when starting up and
140 * first opening the journal files. This way sudden spikes in
141 * disk usage will not cause journald to vacuum files without
142 * bounds. Note that this means that only a restart of
143 * journald will make it reset this value. */
146 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
148 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
149 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
151 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
152 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
153 s
->cached_space_timestamp
= ts
;
156 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
157 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
159 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
160 "%s (%s) is currently using %s.\n"
161 "Maximum allowed usage is set to %s.\n"
162 "Leaving at least %s free (of currently available %s of space).\n"
163 "Enforced usage limit is thus %s, of which %s are still available.",
165 format_bytes(fb1
, sizeof(fb1
), sum
),
166 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
167 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
168 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
169 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
170 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
174 *available
= s
->cached_space_available
;
176 *limit
= s
->cached_space_limit
;
181 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
182 JournalMetrics
*metrics
;
183 const char *path
, *name
;
187 if (s
->system_journal
) {
188 path
= "/var/log/journal/";
189 metrics
= &s
->system_metrics
;
190 name
= "System journal";
192 path
= "/run/log/journal/";
193 metrics
= &s
->runtime_metrics
;
194 name
= "Runtime journal";
197 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
200 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
203 _cleanup_(acl_freep
) acl_t acl
= NULL
;
205 acl_permset_t permset
;
210 r
= fchmod(f
->fd
, 0640);
212 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
215 if (uid
<= SYSTEM_UID_MAX
)
218 acl
= acl_get_fd(f
->fd
);
220 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
224 r
= acl_find_uid(acl
, uid
, &entry
);
227 if (acl_create_entry(&acl
, &entry
) < 0 ||
228 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
229 acl_set_qualifier(entry
, &uid
) < 0) {
230 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
235 /* We do not recalculate the mask unconditionally here,
236 * so that the fchmod() mask above stays intact. */
237 if (acl_get_permset(entry
, &permset
) < 0 ||
238 acl_add_perm(permset
, ACL_READ
) < 0 ||
239 calc_acl_mask_if_needed(&acl
) < 0) {
240 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
244 if (acl_set_fd(f
->fd
, acl
) < 0)
245 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
250 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
251 _cleanup_free_
char *p
= NULL
;
258 /* We split up user logs only on /var, not on /run. If the
259 * runtime file is open, we write to it exclusively, in order
260 * to guarantee proper order as soon as we flush /run to
261 * /var and close the runtime file. */
263 if (s
->runtime_journal
)
264 return s
->runtime_journal
;
266 if (uid
<= SYSTEM_UID_MAX
)
267 return s
->system_journal
;
269 r
= sd_id128_get_machine(&machine
);
271 return s
->system_journal
;
273 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
277 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
278 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
279 return s
->system_journal
;
281 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
282 /* Too many open? Then let's close one */
283 f
= ordered_hashmap_steal_first(s
->user_journals
);
285 journal_file_close(f
);
288 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
290 return s
->system_journal
;
292 server_fix_perms(s
, f
, uid
);
294 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
296 journal_file_close(f
);
297 return s
->system_journal
;
303 static int do_rotate(
316 r
= journal_file_rotate(f
, s
->compress
, seal
);
319 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
321 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
323 server_fix_perms(s
, *f
, uid
);
328 void server_rotate(Server
*s
) {
334 log_debug("Rotating...");
336 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
337 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
339 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
340 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
342 ordered_hashmap_replace(s
->user_journals
, k
, f
);
344 /* Old file has been closed and deallocated */
345 ordered_hashmap_remove(s
->user_journals
, k
);
349 void server_sync(Server
*s
) {
355 if (s
->system_journal
) {
356 r
= journal_file_set_offline(s
->system_journal
);
358 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
361 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
362 r
= journal_file_set_offline(f
);
364 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
367 if (s
->sync_event_source
) {
368 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
370 log_error_errno(r
, "Failed to disable sync timer source: %m");
373 s
->sync_scheduled
= false;
376 static void do_vacuum(
379 JournalMetrics
*metrics
,
383 bool patch_min_use
) {
397 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
399 limit
= metrics
->max_use
;
400 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
402 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
403 if (r
< 0 && r
!= -ENOENT
)
404 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
407 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
410 log_debug("Vacuuming...");
412 s
->oldest_file_usec
= 0;
414 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
415 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
417 s
->cached_space_limit
= 0;
418 s
->cached_space_available
= 0;
419 s
->cached_space_timestamp
= 0;
424 static void server_cache_machine_id(Server
*s
) {
430 r
= sd_id128_get_machine(&id
);
434 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
437 static void server_cache_boot_id(Server
*s
) {
443 r
= sd_id128_get_boot(&id
);
447 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
450 static void server_cache_hostname(Server
*s
) {
451 _cleanup_free_
char *t
= NULL
;
456 t
= gethostname_malloc();
460 x
= strappend("_HOSTNAME=", t
);
464 free(s
->hostname_field
);
465 s
->hostname_field
= x
;
468 static bool shall_try_append_again(JournalFile
*f
, int r
) {
470 /* -E2BIG Hit configured limit
472 -EDQUOT Quota limit hit
474 -EIO I/O error of some kind (mmap)
475 -EHOSTDOWN Other machine
476 -EBUSY Unclean shutdown
477 -EPROTONOSUPPORT Unsupported feature
480 -ESHUTDOWN Already archived
481 -EIDRM Journal file has been deleted */
483 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
484 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
485 else if (r
== -EHOSTDOWN
)
486 log_info("%s: Journal file from other machine, rotating.", f
->path
);
487 else if (r
== -EBUSY
)
488 log_info("%s: Unclean shutdown, rotating.", f
->path
);
489 else if (r
== -EPROTONOSUPPORT
)
490 log_info("%s: Unsupported feature, rotating.", f
->path
);
491 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
492 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
494 log_warning("%s: IO error, rotating.", f
->path
);
495 else if (r
== -EIDRM
)
496 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
503 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
505 bool vacuumed
= false;
512 f
= find_journal(s
, uid
);
516 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
517 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
519 server_vacuum(s
, false, false);
522 f
= find_journal(s
, uid
);
527 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
529 server_schedule_sync(s
, priority
);
533 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
534 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
539 server_vacuum(s
, false, false);
541 f
= find_journal(s
, uid
);
545 log_debug("Retrying write.");
546 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
548 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
550 server_schedule_sync(s
, priority
);
553 static void dispatch_message_real(
555 struct iovec
*iovec
, unsigned n
, unsigned m
,
556 const struct ucred
*ucred
,
557 const struct timeval
*tv
,
558 const char *label
, size_t label_len
,
563 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
564 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
565 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
566 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
567 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
568 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
569 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
570 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
576 uid_t realuid
= 0, owner
= 0, journal_uid
;
577 bool owner_valid
= false;
579 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
580 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
581 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
582 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
591 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
594 realuid
= ucred
->uid
;
596 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
597 IOVEC_SET_STRING(iovec
[n
++], pid
);
599 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
600 IOVEC_SET_STRING(iovec
[n
++], uid
);
602 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
603 IOVEC_SET_STRING(iovec
[n
++], gid
);
605 r
= get_process_comm(ucred
->pid
, &t
);
607 x
= strjoina("_COMM=", t
);
609 IOVEC_SET_STRING(iovec
[n
++], x
);
612 r
= get_process_exe(ucred
->pid
, &t
);
614 x
= strjoina("_EXE=", t
);
616 IOVEC_SET_STRING(iovec
[n
++], x
);
619 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
621 x
= strjoina("_CMDLINE=", t
);
623 IOVEC_SET_STRING(iovec
[n
++], x
);
626 r
= get_process_capeff(ucred
->pid
, &t
);
628 x
= strjoina("_CAP_EFFECTIVE=", t
);
630 IOVEC_SET_STRING(iovec
[n
++], x
);
634 r
= audit_session_from_pid(ucred
->pid
, &audit
);
636 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
637 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
640 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
642 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
643 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
647 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
649 char *session
= NULL
;
651 x
= strjoina("_SYSTEMD_CGROUP=", c
);
652 IOVEC_SET_STRING(iovec
[n
++], x
);
654 r
= cg_path_get_session(c
, &t
);
656 session
= strjoina("_SYSTEMD_SESSION=", t
);
658 IOVEC_SET_STRING(iovec
[n
++], session
);
661 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
664 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
665 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
668 if (cg_path_get_unit(c
, &t
) >= 0) {
669 x
= strjoina("_SYSTEMD_UNIT=", t
);
671 IOVEC_SET_STRING(iovec
[n
++], x
);
672 } else if (unit_id
&& !session
) {
673 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
674 IOVEC_SET_STRING(iovec
[n
++], x
);
677 if (cg_path_get_user_unit(c
, &t
) >= 0) {
678 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
680 IOVEC_SET_STRING(iovec
[n
++], x
);
681 } else if (unit_id
&& session
) {
682 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
683 IOVEC_SET_STRING(iovec
[n
++], x
);
686 if (cg_path_get_slice(c
, &t
) >= 0) {
687 x
= strjoina("_SYSTEMD_SLICE=", t
);
689 IOVEC_SET_STRING(iovec
[n
++], x
);
693 } else if (unit_id
) {
694 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
695 IOVEC_SET_STRING(iovec
[n
++], x
);
699 if (mac_selinux_use()) {
701 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
703 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
704 IOVEC_SET_STRING(iovec
[n
++], x
);
706 security_context_t con
;
708 if (getpidcon(ucred
->pid
, &con
) >= 0) {
709 x
= strjoina("_SELINUX_CONTEXT=", con
);
712 IOVEC_SET_STRING(iovec
[n
++], x
);
721 r
= get_process_uid(object_pid
, &object_uid
);
723 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
724 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
727 r
= get_process_gid(object_pid
, &object_gid
);
729 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
730 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
733 r
= get_process_comm(object_pid
, &t
);
735 x
= strjoina("OBJECT_COMM=", t
);
737 IOVEC_SET_STRING(iovec
[n
++], x
);
740 r
= get_process_exe(object_pid
, &t
);
742 x
= strjoina("OBJECT_EXE=", t
);
744 IOVEC_SET_STRING(iovec
[n
++], x
);
747 r
= get_process_cmdline(object_pid
, 0, false, &t
);
749 x
= strjoina("OBJECT_CMDLINE=", t
);
751 IOVEC_SET_STRING(iovec
[n
++], x
);
755 r
= audit_session_from_pid(object_pid
, &audit
);
757 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
758 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
761 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
763 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
764 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
768 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
770 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
771 IOVEC_SET_STRING(iovec
[n
++], x
);
773 r
= cg_path_get_session(c
, &t
);
775 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
777 IOVEC_SET_STRING(iovec
[n
++], x
);
780 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
781 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
782 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
785 if (cg_path_get_unit(c
, &t
) >= 0) {
786 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
788 IOVEC_SET_STRING(iovec
[n
++], x
);
791 if (cg_path_get_user_unit(c
, &t
) >= 0) {
792 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
794 IOVEC_SET_STRING(iovec
[n
++], x
);
803 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
804 IOVEC_SET_STRING(iovec
[n
++], source_time
);
807 /* Note that strictly speaking storing the boot id here is
808 * redundant since the entry includes this in-line
809 * anyway. However, we need this indexed, too. */
810 if (!isempty(s
->boot_id_field
))
811 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
813 if (!isempty(s
->machine_id_field
))
814 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
816 if (!isempty(s
->hostname_field
))
817 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
821 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
822 /* Split up strictly by any UID */
823 journal_uid
= realuid
;
824 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
825 /* Split up by login UIDs. We do this only if the
826 * realuid is not root, in order not to accidentally
827 * leak privileged information to the user that is
828 * logged by a privileged process that is part of an
829 * unprivileged session. */
834 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
837 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
838 char mid
[11 + 32 + 1];
839 char buffer
[16 + LINE_MAX
+ 1];
840 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
843 struct ucred ucred
= {};
848 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
849 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
851 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
852 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
854 memcpy(buffer
, "MESSAGE=", 8);
855 va_start(ap
, format
);
856 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
858 IOVEC_SET_STRING(iovec
[n
++], buffer
);
860 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
861 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
862 IOVEC_SET_STRING(iovec
[n
++], mid
);
865 ucred
.pid
= getpid();
866 ucred
.uid
= getuid();
867 ucred
.gid
= getgid();
869 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
872 void server_dispatch_message(
874 struct iovec
*iovec
, unsigned n
, unsigned m
,
875 const struct ucred
*ucred
,
876 const struct timeval
*tv
,
877 const char *label
, size_t label_len
,
883 _cleanup_free_
char *path
= NULL
;
884 uint64_t available
= 0;
888 assert(iovec
|| n
== 0);
893 if (LOG_PRI(priority
) > s
->max_level_store
)
896 /* Stop early in case the information will not be stored
898 if (s
->storage
== STORAGE_NONE
)
904 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
908 /* example: /user/lennart/3/foobar
909 * /system/dbus.service/foobar
911 * So let's cut of everything past the third /, since that is
912 * where user directories start */
914 c
= strchr(path
, '/');
916 c
= strchr(c
+1, '/');
918 c
= strchr(c
+1, '/');
924 (void) determine_space(s
, false, false, &available
, NULL
);
925 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
929 /* Write a suppression message if we suppressed something */
931 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
932 "Suppressed %u messages from %s", rl
- 1, path
);
935 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
939 static int system_journal_open(Server
*s
, bool flush_requested
) {
943 if (!s
->system_journal
&&
944 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
946 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
948 /* If in auto mode: first try to create the machine
949 * path, but not the prefix.
951 * If in persistent mode: create /var/log/journal and
952 * the machine path */
954 if (s
->storage
== STORAGE_PERSISTENT
)
955 (void) mkdir_p("/var/log/journal/", 0755);
957 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
958 (void) mkdir(fn
, 0755);
960 fn
= strjoina(fn
, "/system.journal");
961 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
963 server_fix_perms(s
, s
->system_journal
, 0);
964 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
966 if (r
!= -ENOENT
&& r
!= -EROFS
)
967 log_warning_errno(r
, "Failed to open system journal: %m");
973 if (!s
->runtime_journal
&&
974 (s
->storage
!= STORAGE_NONE
)) {
976 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
978 if (s
->system_journal
) {
980 /* Try to open the runtime journal, but only
981 * if it already exists, so that we can flush
982 * it into the system journal */
984 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
987 log_warning_errno(r
, "Failed to open runtime journal: %m");
994 /* OK, we really need the runtime journal, so create
995 * it if necessary. */
997 (void) mkdir("/run/log", 0755);
998 (void) mkdir("/run/log/journal", 0755);
999 (void) mkdir_parents(fn
, 0750);
1001 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
1003 return log_error_errno(r
, "Failed to open runtime journal: %m");
1006 if (s
->runtime_journal
) {
1007 server_fix_perms(s
, s
->runtime_journal
, 0);
1008 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1015 int server_flush_to_var(Server
*s
) {
1017 sd_journal
*j
= NULL
;
1018 char ts
[FORMAT_TIMESPAN_MAX
];
1025 if (s
->storage
!= STORAGE_AUTO
&&
1026 s
->storage
!= STORAGE_PERSISTENT
)
1029 if (!s
->runtime_journal
)
1032 (void) system_journal_open(s
, true);
1034 if (!s
->system_journal
)
1037 log_debug("Flushing to /var...");
1039 start
= now(CLOCK_MONOTONIC
);
1041 r
= sd_id128_get_machine(&machine
);
1045 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1047 return log_error_errno(r
, "Failed to read runtime journal: %m");
1049 sd_journal_set_data_threshold(j
, 0);
1051 SD_JOURNAL_FOREACH(j
) {
1055 f
= j
->current_file
;
1056 assert(f
&& f
->current_offset
> 0);
1060 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1062 log_error_errno(r
, "Can't read entry: %m");
1066 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1070 if (!shall_try_append_again(s
->system_journal
, r
)) {
1071 log_error_errno(r
, "Can't write entry: %m");
1076 server_vacuum(s
, false, false);
1078 if (!s
->system_journal
) {
1079 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1084 log_debug("Retrying write.");
1085 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1087 log_error_errno(r
, "Can't write entry: %m");
1095 journal_file_post_change(s
->system_journal
);
1097 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1100 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1102 sd_journal_close(j
);
1104 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1109 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1110 Server
*s
= userdata
;
1111 struct ucred
*ucred
= NULL
;
1112 struct timeval
*tv
= NULL
;
1113 struct cmsghdr
*cmsg
;
1115 size_t label_len
= 0, m
;
1118 int *fds
= NULL
, v
= 0;
1122 struct cmsghdr cmsghdr
;
1124 /* We use NAME_MAX space for the SELinux label
1125 * here. The kernel currently enforces no
1126 * limit, but according to suggestions from
1127 * the SELinux people this will change and it
1128 * will probably be identical to NAME_MAX. For
1129 * now we use that, but this should be updated
1130 * one day when the final limit is known. */
1131 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1132 CMSG_SPACE(sizeof(struct timeval
)) +
1133 CMSG_SPACE(sizeof(int)) + /* fd */
1134 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1137 union sockaddr_union sa
= {};
1139 struct msghdr msghdr
= {
1142 .msg_control
= &control
,
1143 .msg_controllen
= sizeof(control
),
1145 .msg_namelen
= sizeof(sa
),
1149 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1151 if (revents
!= EPOLLIN
) {
1152 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1156 /* Try to get the right size, if we can. (Not all
1157 * sockets support SIOCINQ, hence we just try, but
1158 * don't rely on it. */
1159 (void) ioctl(fd
, SIOCINQ
, &v
);
1161 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1162 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1164 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1166 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1169 iovec
.iov_base
= s
->buffer
;
1170 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1172 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1174 if (errno
== EINTR
|| errno
== EAGAIN
)
1177 return log_error_errno(errno
, "recvmsg() failed: %m");
1180 CMSG_FOREACH(cmsg
, &msghdr
) {
1182 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1183 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1184 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1185 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1186 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1187 cmsg
->cmsg_type
== SCM_SECURITY
) {
1188 label
= (char*) CMSG_DATA(cmsg
);
1189 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1190 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1191 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1192 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1193 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1194 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1195 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1196 fds
= (int*) CMSG_DATA(cmsg
);
1197 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1201 /* And a trailing NUL, just in case */
1204 if (fd
== s
->syslog_fd
) {
1205 if (n
> 0 && n_fds
== 0)
1206 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1208 log_warning("Got file descriptors via syslog socket. Ignoring.");
1210 } else if (fd
== s
->native_fd
) {
1211 if (n
> 0 && n_fds
== 0)
1212 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1213 else if (n
== 0 && n_fds
== 1)
1214 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1216 log_warning("Got too many file descriptors via native socket. Ignoring.");
1219 assert(fd
== s
->audit_fd
);
1221 if (n
> 0 && n_fds
== 0)
1222 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1224 log_warning("Got file descriptors via audit socket. Ignoring.");
1227 close_many(fds
, n_fds
);
1231 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1232 Server
*s
= userdata
;
1236 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1238 server_flush_to_var(s
);
1240 server_vacuum(s
, false, false);
1242 (void) touch("/run/systemd/journal/flushed");
1247 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1248 Server
*s
= userdata
;
1252 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1254 server_vacuum(s
, true, true);
1259 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1260 Server
*s
= userdata
;
1264 log_received_signal(LOG_INFO
, si
);
1266 sd_event_exit(s
->event
, 0);
1270 static int setup_signals(Server
*s
) {
1275 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1277 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1281 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1285 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1289 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1296 static int server_parse_proc_cmdline(Server
*s
) {
1297 _cleanup_free_
char *line
= NULL
;
1301 r
= proc_cmdline(&line
);
1303 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1309 _cleanup_free_
char *word
;
1311 r
= extract_first_word(&p
, &word
, NULL
, 0);
1313 return log_error_errno(r
, "Failed to parse journald syntax \"%s\": %m", line
);
1318 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1319 r
= parse_boolean(word
+ 35);
1321 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1323 s
->forward_to_syslog
= r
;
1324 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1325 r
= parse_boolean(word
+ 33);
1327 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1329 s
->forward_to_kmsg
= r
;
1330 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1331 r
= parse_boolean(word
+ 36);
1333 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1335 s
->forward_to_console
= r
;
1336 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1337 r
= parse_boolean(word
+ 33);
1339 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1341 s
->forward_to_wall
= r
;
1342 } else if (startswith(word
, "systemd.journald"))
1343 log_warning("Invalid systemd.journald parameter. Ignoring.");
1346 /* do not warn about state here, since probably systemd already did */
1350 static int server_parse_config_file(Server
*s
) {
1353 return config_parse_many("/etc/systemd/journald.conf",
1354 CONF_DIRS_NULSTR("systemd/journald.conf"),
1356 config_item_perf_lookup
, journald_gperf_lookup
,
1360 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1361 Server
*s
= userdata
;
1369 int server_schedule_sync(Server
*s
, int priority
) {
1374 if (priority
<= LOG_CRIT
) {
1375 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1380 if (s
->sync_scheduled
)
1383 if (s
->sync_interval_usec
> 0) {
1386 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1390 when
+= s
->sync_interval_usec
;
1392 if (!s
->sync_event_source
) {
1393 r
= sd_event_add_time(
1395 &s
->sync_event_source
,
1398 server_dispatch_sync
, s
);
1402 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1404 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1408 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1413 s
->sync_scheduled
= true;
1419 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1420 Server
*s
= userdata
;
1424 server_cache_hostname(s
);
1428 static int server_open_hostname(Server
*s
) {
1433 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1434 if (s
->hostname_fd
< 0)
1435 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1437 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1439 /* kernels prior to 3.2 don't support polling this file. Ignore
1442 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1443 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1447 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1450 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1452 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1457 int server_init(Server
*s
) {
1458 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1465 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1469 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1470 s
->sync_scheduled
= false;
1472 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1473 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1475 s
->forward_to_wall
= true;
1477 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1479 s
->max_level_store
= LOG_DEBUG
;
1480 s
->max_level_syslog
= LOG_DEBUG
;
1481 s
->max_level_kmsg
= LOG_NOTICE
;
1482 s
->max_level_console
= LOG_INFO
;
1483 s
->max_level_wall
= LOG_EMERG
;
1485 journal_reset_metrics(&s
->system_metrics
);
1486 journal_reset_metrics(&s
->runtime_metrics
);
1488 server_parse_config_file(s
);
1489 server_parse_proc_cmdline(s
);
1491 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1492 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1493 s
->rate_limit_interval
, s
->rate_limit_burst
);
1494 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1497 (void) mkdir_p("/run/systemd/journal", 0755);
1499 s
->user_journals
= ordered_hashmap_new(NULL
);
1500 if (!s
->user_journals
)
1503 s
->mmap
= mmap_cache_new();
1507 r
= sd_event_default(&s
->event
);
1509 return log_error_errno(r
, "Failed to create event loop: %m");
1511 sd_event_set_watchdog(s
->event
, true);
1513 n
= sd_listen_fds(true);
1515 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1517 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1519 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1521 if (s
->native_fd
>= 0) {
1522 log_error("Too many native sockets passed.");
1528 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1530 if (s
->stdout_fd
>= 0) {
1531 log_error("Too many stdout sockets passed.");
1537 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1538 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1540 if (s
->syslog_fd
>= 0) {
1541 log_error("Too many /dev/log sockets passed.");
1547 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1549 if (s
->audit_fd
>= 0) {
1550 log_error("Too many audit sockets passed.");
1564 r
= fdset_put(fds
, fd
);
1570 /* Try to restore streams, but don't bother if this fails */
1571 (void) server_restore_streams(s
, fds
);
1573 if (fdset_size(fds
) > 0) {
1574 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1575 fds
= fdset_free(fds
);
1578 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1580 /* always open stdout, syslog, native, and kmsg sockets */
1582 /* systemd-journald.socket: /run/systemd/journal/stdout */
1583 r
= server_open_stdout_socket(s
);
1587 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1588 r
= server_open_syslog_socket(s
);
1592 /* systemd-journald.socket: /run/systemd/journal/socket */
1593 r
= server_open_native_socket(s
);
1598 r
= server_open_dev_kmsg(s
);
1602 /* Unless we got *some* sockets and not audit, open audit socket */
1603 if (s
->audit_fd
>= 0 || no_sockets
) {
1604 r
= server_open_audit(s
);
1609 r
= server_open_kernel_seqnum(s
);
1613 r
= server_open_hostname(s
);
1617 r
= setup_signals(s
);
1621 s
->udev
= udev_new();
1625 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1629 r
= cg_get_root_path(&s
->cgroup_root
);
1633 server_cache_hostname(s
);
1634 server_cache_boot_id(s
);
1635 server_cache_machine_id(s
);
1637 return system_journal_open(s
, false);
1640 void server_maybe_append_tags(Server
*s
) {
1646 n
= now(CLOCK_REALTIME
);
1648 if (s
->system_journal
)
1649 journal_file_maybe_append_tag(s
->system_journal
, n
);
1651 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1652 journal_file_maybe_append_tag(f
, n
);
1656 void server_done(Server
*s
) {
1660 while (s
->stdout_streams
)
1661 stdout_stream_free(s
->stdout_streams
);
1663 if (s
->system_journal
)
1664 journal_file_close(s
->system_journal
);
1666 if (s
->runtime_journal
)
1667 journal_file_close(s
->runtime_journal
);
1669 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1670 journal_file_close(f
);
1672 ordered_hashmap_free(s
->user_journals
);
1674 sd_event_source_unref(s
->syslog_event_source
);
1675 sd_event_source_unref(s
->native_event_source
);
1676 sd_event_source_unref(s
->stdout_event_source
);
1677 sd_event_source_unref(s
->dev_kmsg_event_source
);
1678 sd_event_source_unref(s
->audit_event_source
);
1679 sd_event_source_unref(s
->sync_event_source
);
1680 sd_event_source_unref(s
->sigusr1_event_source
);
1681 sd_event_source_unref(s
->sigusr2_event_source
);
1682 sd_event_source_unref(s
->sigterm_event_source
);
1683 sd_event_source_unref(s
->sigint_event_source
);
1684 sd_event_source_unref(s
->hostname_event_source
);
1685 sd_event_unref(s
->event
);
1687 safe_close(s
->syslog_fd
);
1688 safe_close(s
->native_fd
);
1689 safe_close(s
->stdout_fd
);
1690 safe_close(s
->dev_kmsg_fd
);
1691 safe_close(s
->audit_fd
);
1692 safe_close(s
->hostname_fd
);
1695 journal_rate_limit_free(s
->rate_limit
);
1697 if (s
->kernel_seqnum
)
1698 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1702 free(s
->cgroup_root
);
1703 free(s
->hostname_field
);
1706 mmap_cache_unref(s
->mmap
);
1708 udev_unref(s
->udev
);
1711 static const char* const storage_table
[_STORAGE_MAX
] = {
1712 [STORAGE_AUTO
] = "auto",
1713 [STORAGE_VOLATILE
] = "volatile",
1714 [STORAGE_PERSISTENT
] = "persistent",
1715 [STORAGE_NONE
] = "none"
1718 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1719 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1721 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1722 [SPLIT_LOGIN
] = "login",
1723 [SPLIT_UID
] = "uid",
1724 [SPLIT_NONE
] = "none",
1727 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1728 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");