]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
src/basic: rename audit.[ch] → audit-util.[ch] and capability.[ch] → capability-util...
[thirdparty/systemd.git] / src / journal / journald-server.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #ifdef HAVE_SELINUX
23 #include <selinux/selinux.h>
24 #endif
25 #include <sys/ioctl.h>
26 #include <sys/mman.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
30
31 #include "libudev.h"
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
35
36 #include "acl-util.h"
37 #include "audit-util.h"
38 #include "cgroup-util.h"
39 #include "conf-parser.h"
40 #include "dirent-util.h"
41 #include "extract-word.h"
42 #include "fd-util.h"
43 #include "formats-util.h"
44 #include "fs-util.h"
45 #include "hashmap.h"
46 #include "hostname-util.h"
47 #include "journal-authenticate.h"
48 #include "journal-file.h"
49 #include "journal-internal.h"
50 #include "journal-vacuum.h"
51 #include "journald-audit.h"
52 #include "journald-kmsg.h"
53 #include "journald-native.h"
54 #include "journald-rate-limit.h"
55 #include "journald-server.h"
56 #include "journald-stream.h"
57 #include "journald-syslog.h"
58 #include "missing.h"
59 #include "mkdir.h"
60 #include "parse-util.h"
61 #include "process-util.h"
62 #include "rm-rf.h"
63 #include "selinux-util.h"
64 #include "signal-util.h"
65 #include "socket-util.h"
66 #include "string-table.h"
67 #include "string-util.h"
68
69 #define USER_JOURNALS_MAX 1024
70
71 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
72 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
73 #define DEFAULT_RATE_LIMIT_BURST 1000
74 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
75
76 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
77
78 static int determine_space_for(
79 Server *s,
80 JournalMetrics *metrics,
81 const char *path,
82 const char *name,
83 bool verbose,
84 bool patch_min_use,
85 uint64_t *available,
86 uint64_t *limit) {
87
88 uint64_t sum = 0, ss_avail, avail;
89 _cleanup_closedir_ DIR *d = NULL;
90 struct dirent *de;
91 struct statvfs ss;
92 const char *p;
93 usec_t ts;
94
95 assert(s);
96 assert(metrics);
97 assert(path);
98 assert(name);
99
100 ts = now(CLOCK_MONOTONIC);
101
102 if (!verbose && s->cached_space_timestamp + RECHECK_SPACE_USEC > ts) {
103
104 if (available)
105 *available = s->cached_space_available;
106 if (limit)
107 *limit = s->cached_space_limit;
108
109 return 0;
110 }
111
112 p = strjoina(path, SERVER_MACHINE_ID(s));
113 d = opendir(p);
114 if (!d)
115 return log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_ERR, errno, "Failed to open %s: %m", p);
116
117 if (fstatvfs(dirfd(d), &ss) < 0)
118 return log_error_errno(errno, "Failed to fstatvfs(%s): %m", p);
119
120 FOREACH_DIRENT_ALL(de, d, break) {
121 struct stat st;
122
123 if (!endswith(de->d_name, ".journal") &&
124 !endswith(de->d_name, ".journal~"))
125 continue;
126
127 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
128 log_debug_errno(errno, "Failed to stat %s/%s, ignoring: %m", p, de->d_name);
129 continue;
130 }
131
132 if (!S_ISREG(st.st_mode))
133 continue;
134
135 sum += (uint64_t) st.st_blocks * 512UL;
136 }
137
138 /* If request, then let's bump the min_use limit to the
139 * current usage on disk. We do this when starting up and
140 * first opening the journal files. This way sudden spikes in
141 * disk usage will not cause journald to vacuum files without
142 * bounds. Note that this means that only a restart of
143 * journald will make it reset this value. */
144
145 if (patch_min_use)
146 metrics->min_use = MAX(metrics->min_use, sum);
147
148 ss_avail = ss.f_bsize * ss.f_bavail;
149 avail = LESS_BY(ss_avail, metrics->keep_free);
150
151 s->cached_space_limit = MIN(MAX(sum + avail, metrics->min_use), metrics->max_use);
152 s->cached_space_available = LESS_BY(s->cached_space_limit, sum);
153 s->cached_space_timestamp = ts;
154
155 if (verbose) {
156 char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
157 fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX], fb6[FORMAT_BYTES_MAX];
158
159 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
160 "%s (%s) is currently using %s.\n"
161 "Maximum allowed usage is set to %s.\n"
162 "Leaving at least %s free (of currently available %s of space).\n"
163 "Enforced usage limit is thus %s, of which %s are still available.",
164 name, path,
165 format_bytes(fb1, sizeof(fb1), sum),
166 format_bytes(fb2, sizeof(fb2), metrics->max_use),
167 format_bytes(fb3, sizeof(fb3), metrics->keep_free),
168 format_bytes(fb4, sizeof(fb4), ss_avail),
169 format_bytes(fb5, sizeof(fb5), s->cached_space_limit),
170 format_bytes(fb6, sizeof(fb6), s->cached_space_available));
171 }
172
173 if (available)
174 *available = s->cached_space_available;
175 if (limit)
176 *limit = s->cached_space_limit;
177
178 return 1;
179 }
180
181 static int determine_space(Server *s, bool verbose, bool patch_min_use, uint64_t *available, uint64_t *limit) {
182 JournalMetrics *metrics;
183 const char *path, *name;
184
185 assert(s);
186
187 if (s->system_journal) {
188 path = "/var/log/journal/";
189 metrics = &s->system_metrics;
190 name = "System journal";
191 } else {
192 path = "/run/log/journal/";
193 metrics = &s->runtime_metrics;
194 name = "Runtime journal";
195 }
196
197 return determine_space_for(s, metrics, path, name, verbose, patch_min_use, available, limit);
198 }
199
200 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
201 int r;
202 #ifdef HAVE_ACL
203 _cleanup_(acl_freep) acl_t acl = NULL;
204 acl_entry_t entry;
205 acl_permset_t permset;
206 #endif
207
208 assert(f);
209
210 r = fchmod(f->fd, 0640);
211 if (r < 0)
212 log_warning_errno(errno, "Failed to fix access mode on %s, ignoring: %m", f->path);
213
214 #ifdef HAVE_ACL
215 if (uid <= SYSTEM_UID_MAX)
216 return;
217
218 acl = acl_get_fd(f->fd);
219 if (!acl) {
220 log_warning_errno(errno, "Failed to read ACL on %s, ignoring: %m", f->path);
221 return;
222 }
223
224 r = acl_find_uid(acl, uid, &entry);
225 if (r <= 0) {
226
227 if (acl_create_entry(&acl, &entry) < 0 ||
228 acl_set_tag_type(entry, ACL_USER) < 0 ||
229 acl_set_qualifier(entry, &uid) < 0) {
230 log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
231 return;
232 }
233 }
234
235 /* We do not recalculate the mask unconditionally here,
236 * so that the fchmod() mask above stays intact. */
237 if (acl_get_permset(entry, &permset) < 0 ||
238 acl_add_perm(permset, ACL_READ) < 0 ||
239 calc_acl_mask_if_needed(&acl) < 0) {
240 log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
241 return;
242 }
243
244 if (acl_set_fd(f->fd, acl) < 0)
245 log_warning_errno(errno, "Failed to set ACL on %s, ignoring: %m", f->path);
246
247 #endif
248 }
249
250 static JournalFile* find_journal(Server *s, uid_t uid) {
251 _cleanup_free_ char *p = NULL;
252 int r;
253 JournalFile *f;
254 sd_id128_t machine;
255
256 assert(s);
257
258 /* We split up user logs only on /var, not on /run. If the
259 * runtime file is open, we write to it exclusively, in order
260 * to guarantee proper order as soon as we flush /run to
261 * /var and close the runtime file. */
262
263 if (s->runtime_journal)
264 return s->runtime_journal;
265
266 if (uid <= SYSTEM_UID_MAX)
267 return s->system_journal;
268
269 r = sd_id128_get_machine(&machine);
270 if (r < 0)
271 return s->system_journal;
272
273 f = ordered_hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
274 if (f)
275 return f;
276
277 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-"UID_FMT".journal",
278 SD_ID128_FORMAT_VAL(machine), uid) < 0)
279 return s->system_journal;
280
281 while (ordered_hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
282 /* Too many open? Then let's close one */
283 f = ordered_hashmap_steal_first(s->user_journals);
284 assert(f);
285 journal_file_close(f);
286 }
287
288 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
289 if (r < 0)
290 return s->system_journal;
291
292 server_fix_perms(s, f, uid);
293
294 r = ordered_hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
295 if (r < 0) {
296 journal_file_close(f);
297 return s->system_journal;
298 }
299
300 return f;
301 }
302
303 static int do_rotate(
304 Server *s,
305 JournalFile **f,
306 const char* name,
307 bool seal,
308 uint32_t uid) {
309
310 int r;
311 assert(s);
312
313 if (!*f)
314 return -EINVAL;
315
316 r = journal_file_rotate(f, s->compress, seal);
317 if (r < 0)
318 if (*f)
319 log_error_errno(r, "Failed to rotate %s: %m", (*f)->path);
320 else
321 log_error_errno(r, "Failed to create new %s journal: %m", name);
322 else
323 server_fix_perms(s, *f, uid);
324
325 return r;
326 }
327
328 void server_rotate(Server *s) {
329 JournalFile *f;
330 void *k;
331 Iterator i;
332 int r;
333
334 log_debug("Rotating...");
335
336 (void) do_rotate(s, &s->runtime_journal, "runtime", false, 0);
337 (void) do_rotate(s, &s->system_journal, "system", s->seal, 0);
338
339 ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
340 r = do_rotate(s, &f, "user", s->seal, PTR_TO_UINT32(k));
341 if (r >= 0)
342 ordered_hashmap_replace(s->user_journals, k, f);
343 else if (!f)
344 /* Old file has been closed and deallocated */
345 ordered_hashmap_remove(s->user_journals, k);
346 }
347 }
348
349 void server_sync(Server *s) {
350 JournalFile *f;
351 void *k;
352 Iterator i;
353 int r;
354
355 if (s->system_journal) {
356 r = journal_file_set_offline(s->system_journal);
357 if (r < 0)
358 log_warning_errno(r, "Failed to sync system journal, ignoring: %m");
359 }
360
361 ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
362 r = journal_file_set_offline(f);
363 if (r < 0)
364 log_warning_errno(r, "Failed to sync user journal, ignoring: %m");
365 }
366
367 if (s->sync_event_source) {
368 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
369 if (r < 0)
370 log_error_errno(r, "Failed to disable sync timer source: %m");
371 }
372
373 s->sync_scheduled = false;
374 }
375
376 static void do_vacuum(
377 Server *s,
378 JournalFile *f,
379 JournalMetrics *metrics,
380 const char *path,
381 const char *name,
382 bool verbose,
383 bool patch_min_use) {
384
385 const char *p;
386 uint64_t limit;
387 int r;
388
389 assert(s);
390 assert(metrics);
391 assert(path);
392 assert(name);
393
394 if (!f)
395 return;
396
397 p = strjoina(path, SERVER_MACHINE_ID(s));
398
399 limit = metrics->max_use;
400 (void) determine_space_for(s, metrics, path, name, verbose, patch_min_use, NULL, &limit);
401
402 r = journal_directory_vacuum(p, limit, metrics->n_max_files, s->max_retention_usec, &s->oldest_file_usec, verbose);
403 if (r < 0 && r != -ENOENT)
404 log_warning_errno(r, "Failed to vacuum %s, ignoring: %m", p);
405 }
406
407 int server_vacuum(Server *s, bool verbose, bool patch_min_use) {
408 assert(s);
409
410 log_debug("Vacuuming...");
411
412 s->oldest_file_usec = 0;
413
414 do_vacuum(s, s->system_journal, &s->system_metrics, "/var/log/journal/", "System journal", verbose, patch_min_use);
415 do_vacuum(s, s->runtime_journal, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", verbose, patch_min_use);
416
417 s->cached_space_limit = 0;
418 s->cached_space_available = 0;
419 s->cached_space_timestamp = 0;
420
421 return 0;
422 }
423
424 static void server_cache_machine_id(Server *s) {
425 sd_id128_t id;
426 int r;
427
428 assert(s);
429
430 r = sd_id128_get_machine(&id);
431 if (r < 0)
432 return;
433
434 sd_id128_to_string(id, stpcpy(s->machine_id_field, "_MACHINE_ID="));
435 }
436
437 static void server_cache_boot_id(Server *s) {
438 sd_id128_t id;
439 int r;
440
441 assert(s);
442
443 r = sd_id128_get_boot(&id);
444 if (r < 0)
445 return;
446
447 sd_id128_to_string(id, stpcpy(s->boot_id_field, "_BOOT_ID="));
448 }
449
450 static void server_cache_hostname(Server *s) {
451 _cleanup_free_ char *t = NULL;
452 char *x;
453
454 assert(s);
455
456 t = gethostname_malloc();
457 if (!t)
458 return;
459
460 x = strappend("_HOSTNAME=", t);
461 if (!x)
462 return;
463
464 free(s->hostname_field);
465 s->hostname_field = x;
466 }
467
468 static bool shall_try_append_again(JournalFile *f, int r) {
469
470 /* -E2BIG Hit configured limit
471 -EFBIG Hit fs limit
472 -EDQUOT Quota limit hit
473 -ENOSPC Disk full
474 -EIO I/O error of some kind (mmap)
475 -EHOSTDOWN Other machine
476 -EBUSY Unclean shutdown
477 -EPROTONOSUPPORT Unsupported feature
478 -EBADMSG Corrupted
479 -ENODATA Truncated
480 -ESHUTDOWN Already archived
481 -EIDRM Journal file has been deleted */
482
483 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
484 log_debug("%s: Allocation limit reached, rotating.", f->path);
485 else if (r == -EHOSTDOWN)
486 log_info("%s: Journal file from other machine, rotating.", f->path);
487 else if (r == -EBUSY)
488 log_info("%s: Unclean shutdown, rotating.", f->path);
489 else if (r == -EPROTONOSUPPORT)
490 log_info("%s: Unsupported feature, rotating.", f->path);
491 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
492 log_warning("%s: Journal file corrupted, rotating.", f->path);
493 else if (r == -EIO)
494 log_warning("%s: IO error, rotating.", f->path);
495 else if (r == -EIDRM)
496 log_warning("%s: Journal file has been deleted, rotating.", f->path);
497 else
498 return false;
499
500 return true;
501 }
502
503 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
504 JournalFile *f;
505 bool vacuumed = false;
506 int r;
507
508 assert(s);
509 assert(iovec);
510 assert(n > 0);
511
512 f = find_journal(s, uid);
513 if (!f)
514 return;
515
516 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
517 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
518 server_rotate(s);
519 server_vacuum(s, false, false);
520 vacuumed = true;
521
522 f = find_journal(s, uid);
523 if (!f)
524 return;
525 }
526
527 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
528 if (r >= 0) {
529 server_schedule_sync(s, priority);
530 return;
531 }
532
533 if (vacuumed || !shall_try_append_again(f, r)) {
534 log_error_errno(r, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
535 return;
536 }
537
538 server_rotate(s);
539 server_vacuum(s, false, false);
540
541 f = find_journal(s, uid);
542 if (!f)
543 return;
544
545 log_debug("Retrying write.");
546 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
547 if (r < 0)
548 log_error_errno(r, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
549 else
550 server_schedule_sync(s, priority);
551 }
552
553 static void dispatch_message_real(
554 Server *s,
555 struct iovec *iovec, unsigned n, unsigned m,
556 const struct ucred *ucred,
557 const struct timeval *tv,
558 const char *label, size_t label_len,
559 const char *unit_id,
560 int priority,
561 pid_t object_pid) {
562
563 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
564 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
565 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
566 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
567 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
568 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
569 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
570 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
571 uid_t object_uid;
572 gid_t object_gid;
573 char *x;
574 int r;
575 char *t, *c;
576 uid_t realuid = 0, owner = 0, journal_uid;
577 bool owner_valid = false;
578 #ifdef HAVE_AUDIT
579 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
580 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
581 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
582 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
583
584 uint32_t audit;
585 uid_t loginuid;
586 #endif
587
588 assert(s);
589 assert(iovec);
590 assert(n > 0);
591 assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
592
593 if (ucred) {
594 realuid = ucred->uid;
595
596 sprintf(pid, "_PID="PID_FMT, ucred->pid);
597 IOVEC_SET_STRING(iovec[n++], pid);
598
599 sprintf(uid, "_UID="UID_FMT, ucred->uid);
600 IOVEC_SET_STRING(iovec[n++], uid);
601
602 sprintf(gid, "_GID="GID_FMT, ucred->gid);
603 IOVEC_SET_STRING(iovec[n++], gid);
604
605 r = get_process_comm(ucred->pid, &t);
606 if (r >= 0) {
607 x = strjoina("_COMM=", t);
608 free(t);
609 IOVEC_SET_STRING(iovec[n++], x);
610 }
611
612 r = get_process_exe(ucred->pid, &t);
613 if (r >= 0) {
614 x = strjoina("_EXE=", t);
615 free(t);
616 IOVEC_SET_STRING(iovec[n++], x);
617 }
618
619 r = get_process_cmdline(ucred->pid, 0, false, &t);
620 if (r >= 0) {
621 x = strjoina("_CMDLINE=", t);
622 free(t);
623 IOVEC_SET_STRING(iovec[n++], x);
624 }
625
626 r = get_process_capeff(ucred->pid, &t);
627 if (r >= 0) {
628 x = strjoina("_CAP_EFFECTIVE=", t);
629 free(t);
630 IOVEC_SET_STRING(iovec[n++], x);
631 }
632
633 #ifdef HAVE_AUDIT
634 r = audit_session_from_pid(ucred->pid, &audit);
635 if (r >= 0) {
636 sprintf(audit_session, "_AUDIT_SESSION=%"PRIu32, audit);
637 IOVEC_SET_STRING(iovec[n++], audit_session);
638 }
639
640 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
641 if (r >= 0) {
642 sprintf(audit_loginuid, "_AUDIT_LOGINUID="UID_FMT, loginuid);
643 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
644 }
645 #endif
646
647 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &c);
648 if (r >= 0) {
649 char *session = NULL;
650
651 x = strjoina("_SYSTEMD_CGROUP=", c);
652 IOVEC_SET_STRING(iovec[n++], x);
653
654 r = cg_path_get_session(c, &t);
655 if (r >= 0) {
656 session = strjoina("_SYSTEMD_SESSION=", t);
657 free(t);
658 IOVEC_SET_STRING(iovec[n++], session);
659 }
660
661 if (cg_path_get_owner_uid(c, &owner) >= 0) {
662 owner_valid = true;
663
664 sprintf(owner_uid, "_SYSTEMD_OWNER_UID="UID_FMT, owner);
665 IOVEC_SET_STRING(iovec[n++], owner_uid);
666 }
667
668 if (cg_path_get_unit(c, &t) >= 0) {
669 x = strjoina("_SYSTEMD_UNIT=", t);
670 free(t);
671 IOVEC_SET_STRING(iovec[n++], x);
672 } else if (unit_id && !session) {
673 x = strjoina("_SYSTEMD_UNIT=", unit_id);
674 IOVEC_SET_STRING(iovec[n++], x);
675 }
676
677 if (cg_path_get_user_unit(c, &t) >= 0) {
678 x = strjoina("_SYSTEMD_USER_UNIT=", t);
679 free(t);
680 IOVEC_SET_STRING(iovec[n++], x);
681 } else if (unit_id && session) {
682 x = strjoina("_SYSTEMD_USER_UNIT=", unit_id);
683 IOVEC_SET_STRING(iovec[n++], x);
684 }
685
686 if (cg_path_get_slice(c, &t) >= 0) {
687 x = strjoina("_SYSTEMD_SLICE=", t);
688 free(t);
689 IOVEC_SET_STRING(iovec[n++], x);
690 }
691
692 free(c);
693 } else if (unit_id) {
694 x = strjoina("_SYSTEMD_UNIT=", unit_id);
695 IOVEC_SET_STRING(iovec[n++], x);
696 }
697
698 #ifdef HAVE_SELINUX
699 if (mac_selinux_use()) {
700 if (label) {
701 x = alloca(strlen("_SELINUX_CONTEXT=") + label_len + 1);
702
703 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
704 IOVEC_SET_STRING(iovec[n++], x);
705 } else {
706 security_context_t con;
707
708 if (getpidcon(ucred->pid, &con) >= 0) {
709 x = strjoina("_SELINUX_CONTEXT=", con);
710
711 freecon(con);
712 IOVEC_SET_STRING(iovec[n++], x);
713 }
714 }
715 }
716 #endif
717 }
718 assert(n <= m);
719
720 if (object_pid) {
721 r = get_process_uid(object_pid, &object_uid);
722 if (r >= 0) {
723 sprintf(o_uid, "OBJECT_UID="UID_FMT, object_uid);
724 IOVEC_SET_STRING(iovec[n++], o_uid);
725 }
726
727 r = get_process_gid(object_pid, &object_gid);
728 if (r >= 0) {
729 sprintf(o_gid, "OBJECT_GID="GID_FMT, object_gid);
730 IOVEC_SET_STRING(iovec[n++], o_gid);
731 }
732
733 r = get_process_comm(object_pid, &t);
734 if (r >= 0) {
735 x = strjoina("OBJECT_COMM=", t);
736 free(t);
737 IOVEC_SET_STRING(iovec[n++], x);
738 }
739
740 r = get_process_exe(object_pid, &t);
741 if (r >= 0) {
742 x = strjoina("OBJECT_EXE=", t);
743 free(t);
744 IOVEC_SET_STRING(iovec[n++], x);
745 }
746
747 r = get_process_cmdline(object_pid, 0, false, &t);
748 if (r >= 0) {
749 x = strjoina("OBJECT_CMDLINE=", t);
750 free(t);
751 IOVEC_SET_STRING(iovec[n++], x);
752 }
753
754 #ifdef HAVE_AUDIT
755 r = audit_session_from_pid(object_pid, &audit);
756 if (r >= 0) {
757 sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%"PRIu32, audit);
758 IOVEC_SET_STRING(iovec[n++], o_audit_session);
759 }
760
761 r = audit_loginuid_from_pid(object_pid, &loginuid);
762 if (r >= 0) {
763 sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID="UID_FMT, loginuid);
764 IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
765 }
766 #endif
767
768 r = cg_pid_get_path_shifted(object_pid, s->cgroup_root, &c);
769 if (r >= 0) {
770 x = strjoina("OBJECT_SYSTEMD_CGROUP=", c);
771 IOVEC_SET_STRING(iovec[n++], x);
772
773 r = cg_path_get_session(c, &t);
774 if (r >= 0) {
775 x = strjoina("OBJECT_SYSTEMD_SESSION=", t);
776 free(t);
777 IOVEC_SET_STRING(iovec[n++], x);
778 }
779
780 if (cg_path_get_owner_uid(c, &owner) >= 0) {
781 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT, owner);
782 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
783 }
784
785 if (cg_path_get_unit(c, &t) >= 0) {
786 x = strjoina("OBJECT_SYSTEMD_UNIT=", t);
787 free(t);
788 IOVEC_SET_STRING(iovec[n++], x);
789 }
790
791 if (cg_path_get_user_unit(c, &t) >= 0) {
792 x = strjoina("OBJECT_SYSTEMD_USER_UNIT=", t);
793 free(t);
794 IOVEC_SET_STRING(iovec[n++], x);
795 }
796
797 free(c);
798 }
799 }
800 assert(n <= m);
801
802 if (tv) {
803 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
804 IOVEC_SET_STRING(iovec[n++], source_time);
805 }
806
807 /* Note that strictly speaking storing the boot id here is
808 * redundant since the entry includes this in-line
809 * anyway. However, we need this indexed, too. */
810 if (!isempty(s->boot_id_field))
811 IOVEC_SET_STRING(iovec[n++], s->boot_id_field);
812
813 if (!isempty(s->machine_id_field))
814 IOVEC_SET_STRING(iovec[n++], s->machine_id_field);
815
816 if (!isempty(s->hostname_field))
817 IOVEC_SET_STRING(iovec[n++], s->hostname_field);
818
819 assert(n <= m);
820
821 if (s->split_mode == SPLIT_UID && realuid > 0)
822 /* Split up strictly by any UID */
823 journal_uid = realuid;
824 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
825 /* Split up by login UIDs. We do this only if the
826 * realuid is not root, in order not to accidentally
827 * leak privileged information to the user that is
828 * logged by a privileged process that is part of an
829 * unprivileged session. */
830 journal_uid = owner;
831 else
832 journal_uid = 0;
833
834 write_to_journal(s, journal_uid, iovec, n, priority);
835 }
836
837 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
838 char mid[11 + 32 + 1];
839 char buffer[16 + LINE_MAX + 1];
840 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
841 int n = 0;
842 va_list ap;
843 struct ucred ucred = {};
844
845 assert(s);
846 assert(format);
847
848 IOVEC_SET_STRING(iovec[n++], "SYSLOG_FACILITY=3");
849 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=systemd-journald");
850
851 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
852 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
853
854 memcpy(buffer, "MESSAGE=", 8);
855 va_start(ap, format);
856 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
857 va_end(ap);
858 IOVEC_SET_STRING(iovec[n++], buffer);
859
860 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
861 snprintf(mid, sizeof(mid), LOG_MESSAGE_ID(message_id));
862 IOVEC_SET_STRING(iovec[n++], mid);
863 }
864
865 ucred.pid = getpid();
866 ucred.uid = getuid();
867 ucred.gid = getgid();
868
869 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
870 }
871
872 void server_dispatch_message(
873 Server *s,
874 struct iovec *iovec, unsigned n, unsigned m,
875 const struct ucred *ucred,
876 const struct timeval *tv,
877 const char *label, size_t label_len,
878 const char *unit_id,
879 int priority,
880 pid_t object_pid) {
881
882 int rl, r;
883 _cleanup_free_ char *path = NULL;
884 uint64_t available = 0;
885 char *c;
886
887 assert(s);
888 assert(iovec || n == 0);
889
890 if (n == 0)
891 return;
892
893 if (LOG_PRI(priority) > s->max_level_store)
894 return;
895
896 /* Stop early in case the information will not be stored
897 * in a journal. */
898 if (s->storage == STORAGE_NONE)
899 return;
900
901 if (!ucred)
902 goto finish;
903
904 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &path);
905 if (r < 0)
906 goto finish;
907
908 /* example: /user/lennart/3/foobar
909 * /system/dbus.service/foobar
910 *
911 * So let's cut of everything past the third /, since that is
912 * where user directories start */
913
914 c = strchr(path, '/');
915 if (c) {
916 c = strchr(c+1, '/');
917 if (c) {
918 c = strchr(c+1, '/');
919 if (c)
920 *c = 0;
921 }
922 }
923
924 (void) determine_space(s, false, false, &available, NULL);
925 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available);
926 if (rl == 0)
927 return;
928
929 /* Write a suppression message if we suppressed something */
930 if (rl > 1)
931 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
932 "Suppressed %u messages from %s", rl - 1, path);
933
934 finish:
935 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
936 }
937
938
939 static int system_journal_open(Server *s, bool flush_requested) {
940 const char *fn;
941 int r = 0;
942
943 if (!s->system_journal &&
944 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
945 (flush_requested
946 || access("/run/systemd/journal/flushed", F_OK) >= 0)) {
947
948 /* If in auto mode: first try to create the machine
949 * path, but not the prefix.
950 *
951 * If in persistent mode: create /var/log/journal and
952 * the machine path */
953
954 if (s->storage == STORAGE_PERSISTENT)
955 (void) mkdir_p("/var/log/journal/", 0755);
956
957 fn = strjoina("/var/log/journal/", SERVER_MACHINE_ID(s));
958 (void) mkdir(fn, 0755);
959
960 fn = strjoina(fn, "/system.journal");
961 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
962 if (r >= 0) {
963 server_fix_perms(s, s->system_journal, 0);
964 (void) determine_space_for(s, &s->system_metrics, "/var/log/journal/", "System journal", true, true, NULL, NULL);
965 } else if (r < 0) {
966 if (r != -ENOENT && r != -EROFS)
967 log_warning_errno(r, "Failed to open system journal: %m");
968
969 r = 0;
970 }
971 }
972
973 if (!s->runtime_journal &&
974 (s->storage != STORAGE_NONE)) {
975
976 fn = strjoina("/run/log/journal/", SERVER_MACHINE_ID(s), "/system.journal");
977
978 if (s->system_journal) {
979
980 /* Try to open the runtime journal, but only
981 * if it already exists, so that we can flush
982 * it into the system journal */
983
984 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
985 if (r < 0) {
986 if (r != -ENOENT)
987 log_warning_errno(r, "Failed to open runtime journal: %m");
988
989 r = 0;
990 }
991
992 } else {
993
994 /* OK, we really need the runtime journal, so create
995 * it if necessary. */
996
997 (void) mkdir("/run/log", 0755);
998 (void) mkdir("/run/log/journal", 0755);
999 (void) mkdir_parents(fn, 0750);
1000
1001 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
1002 if (r < 0)
1003 return log_error_errno(r, "Failed to open runtime journal: %m");
1004 }
1005
1006 if (s->runtime_journal) {
1007 server_fix_perms(s, s->runtime_journal, 0);
1008 (void) determine_space_for(s, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", true, true, NULL, NULL);
1009 }
1010 }
1011
1012 return r;
1013 }
1014
1015 int server_flush_to_var(Server *s) {
1016 sd_id128_t machine;
1017 sd_journal *j = NULL;
1018 char ts[FORMAT_TIMESPAN_MAX];
1019 usec_t start;
1020 unsigned n = 0;
1021 int r;
1022
1023 assert(s);
1024
1025 if (s->storage != STORAGE_AUTO &&
1026 s->storage != STORAGE_PERSISTENT)
1027 return 0;
1028
1029 if (!s->runtime_journal)
1030 return 0;
1031
1032 (void) system_journal_open(s, true);
1033
1034 if (!s->system_journal)
1035 return 0;
1036
1037 log_debug("Flushing to /var...");
1038
1039 start = now(CLOCK_MONOTONIC);
1040
1041 r = sd_id128_get_machine(&machine);
1042 if (r < 0)
1043 return r;
1044
1045 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1046 if (r < 0)
1047 return log_error_errno(r, "Failed to read runtime journal: %m");
1048
1049 sd_journal_set_data_threshold(j, 0);
1050
1051 SD_JOURNAL_FOREACH(j) {
1052 Object *o = NULL;
1053 JournalFile *f;
1054
1055 f = j->current_file;
1056 assert(f && f->current_offset > 0);
1057
1058 n++;
1059
1060 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1061 if (r < 0) {
1062 log_error_errno(r, "Can't read entry: %m");
1063 goto finish;
1064 }
1065
1066 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1067 if (r >= 0)
1068 continue;
1069
1070 if (!shall_try_append_again(s->system_journal, r)) {
1071 log_error_errno(r, "Can't write entry: %m");
1072 goto finish;
1073 }
1074
1075 server_rotate(s);
1076 server_vacuum(s, false, false);
1077
1078 if (!s->system_journal) {
1079 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1080 r = -EIO;
1081 goto finish;
1082 }
1083
1084 log_debug("Retrying write.");
1085 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1086 if (r < 0) {
1087 log_error_errno(r, "Can't write entry: %m");
1088 goto finish;
1089 }
1090 }
1091
1092 r = 0;
1093
1094 finish:
1095 journal_file_post_change(s->system_journal);
1096
1097 s->runtime_journal = journal_file_close(s->runtime_journal);
1098
1099 if (r >= 0)
1100 (void) rm_rf("/run/log/journal", REMOVE_ROOT);
1101
1102 sd_journal_close(j);
1103
1104 server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
1105
1106 return r;
1107 }
1108
1109 int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1110 Server *s = userdata;
1111 struct ucred *ucred = NULL;
1112 struct timeval *tv = NULL;
1113 struct cmsghdr *cmsg;
1114 char *label = NULL;
1115 size_t label_len = 0, m;
1116 struct iovec iovec;
1117 ssize_t n;
1118 int *fds = NULL, v = 0;
1119 unsigned n_fds = 0;
1120
1121 union {
1122 struct cmsghdr cmsghdr;
1123
1124 /* We use NAME_MAX space for the SELinux label
1125 * here. The kernel currently enforces no
1126 * limit, but according to suggestions from
1127 * the SELinux people this will change and it
1128 * will probably be identical to NAME_MAX. For
1129 * now we use that, but this should be updated
1130 * one day when the final limit is known. */
1131 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1132 CMSG_SPACE(sizeof(struct timeval)) +
1133 CMSG_SPACE(sizeof(int)) + /* fd */
1134 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1135 } control = {};
1136
1137 union sockaddr_union sa = {};
1138
1139 struct msghdr msghdr = {
1140 .msg_iov = &iovec,
1141 .msg_iovlen = 1,
1142 .msg_control = &control,
1143 .msg_controllen = sizeof(control),
1144 .msg_name = &sa,
1145 .msg_namelen = sizeof(sa),
1146 };
1147
1148 assert(s);
1149 assert(fd == s->native_fd || fd == s->syslog_fd || fd == s->audit_fd);
1150
1151 if (revents != EPOLLIN) {
1152 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1153 return -EIO;
1154 }
1155
1156 /* Try to get the right size, if we can. (Not all
1157 * sockets support SIOCINQ, hence we just try, but
1158 * don't rely on it. */
1159 (void) ioctl(fd, SIOCINQ, &v);
1160
1161 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1162 m = PAGE_ALIGN(MAX3((size_t) v + 1,
1163 (size_t) LINE_MAX,
1164 ALIGN(sizeof(struct nlmsghdr)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH)) + 1);
1165
1166 if (!GREEDY_REALLOC(s->buffer, s->buffer_size, m))
1167 return log_oom();
1168
1169 iovec.iov_base = s->buffer;
1170 iovec.iov_len = s->buffer_size - 1; /* Leave room for trailing NUL we add later */
1171
1172 n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1173 if (n < 0) {
1174 if (errno == EINTR || errno == EAGAIN)
1175 return 0;
1176
1177 return log_error_errno(errno, "recvmsg() failed: %m");
1178 }
1179
1180 CMSG_FOREACH(cmsg, &msghdr) {
1181
1182 if (cmsg->cmsg_level == SOL_SOCKET &&
1183 cmsg->cmsg_type == SCM_CREDENTIALS &&
1184 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1185 ucred = (struct ucred*) CMSG_DATA(cmsg);
1186 else if (cmsg->cmsg_level == SOL_SOCKET &&
1187 cmsg->cmsg_type == SCM_SECURITY) {
1188 label = (char*) CMSG_DATA(cmsg);
1189 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1190 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1191 cmsg->cmsg_type == SO_TIMESTAMP &&
1192 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1193 tv = (struct timeval*) CMSG_DATA(cmsg);
1194 else if (cmsg->cmsg_level == SOL_SOCKET &&
1195 cmsg->cmsg_type == SCM_RIGHTS) {
1196 fds = (int*) CMSG_DATA(cmsg);
1197 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1198 }
1199 }
1200
1201 /* And a trailing NUL, just in case */
1202 s->buffer[n] = 0;
1203
1204 if (fd == s->syslog_fd) {
1205 if (n > 0 && n_fds == 0)
1206 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1207 else if (n_fds > 0)
1208 log_warning("Got file descriptors via syslog socket. Ignoring.");
1209
1210 } else if (fd == s->native_fd) {
1211 if (n > 0 && n_fds == 0)
1212 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1213 else if (n == 0 && n_fds == 1)
1214 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1215 else if (n_fds > 0)
1216 log_warning("Got too many file descriptors via native socket. Ignoring.");
1217
1218 } else {
1219 assert(fd == s->audit_fd);
1220
1221 if (n > 0 && n_fds == 0)
1222 server_process_audit_message(s, s->buffer, n, ucred, &sa, msghdr.msg_namelen);
1223 else if (n_fds > 0)
1224 log_warning("Got file descriptors via audit socket. Ignoring.");
1225 }
1226
1227 close_many(fds, n_fds);
1228 return 0;
1229 }
1230
1231 static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1232 Server *s = userdata;
1233
1234 assert(s);
1235
1236 log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
1237
1238 server_flush_to_var(s);
1239 server_sync(s);
1240 server_vacuum(s, false, false);
1241
1242 (void) touch("/run/systemd/journal/flushed");
1243
1244 return 0;
1245 }
1246
1247 static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1248 Server *s = userdata;
1249
1250 assert(s);
1251
1252 log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
1253 server_rotate(s);
1254 server_vacuum(s, true, true);
1255
1256 return 0;
1257 }
1258
1259 static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1260 Server *s = userdata;
1261
1262 assert(s);
1263
1264 log_received_signal(LOG_INFO, si);
1265
1266 sd_event_exit(s->event, 0);
1267 return 0;
1268 }
1269
1270 static int setup_signals(Server *s) {
1271 int r;
1272
1273 assert(s);
1274
1275 assert(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1) >= 0);
1276
1277 r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s);
1278 if (r < 0)
1279 return r;
1280
1281 r = sd_event_add_signal(s->event, &s->sigusr2_event_source, SIGUSR2, dispatch_sigusr2, s);
1282 if (r < 0)
1283 return r;
1284
1285 r = sd_event_add_signal(s->event, &s->sigterm_event_source, SIGTERM, dispatch_sigterm, s);
1286 if (r < 0)
1287 return r;
1288
1289 r = sd_event_add_signal(s->event, &s->sigint_event_source, SIGINT, dispatch_sigterm, s);
1290 if (r < 0)
1291 return r;
1292
1293 return 0;
1294 }
1295
1296 static int server_parse_proc_cmdline(Server *s) {
1297 _cleanup_free_ char *line = NULL;
1298 const char *p;
1299 int r;
1300
1301 r = proc_cmdline(&line);
1302 if (r < 0) {
1303 log_warning_errno(r, "Failed to read /proc/cmdline, ignoring: %m");
1304 return 0;
1305 }
1306
1307 p = line;
1308 for(;;) {
1309 _cleanup_free_ char *word;
1310
1311 r = extract_first_word(&p, &word, NULL, 0);
1312 if (r < 0)
1313 return log_error_errno(r, "Failed to parse journald syntax \"%s\": %m", line);
1314
1315 if (r == 0)
1316 break;
1317
1318 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1319 r = parse_boolean(word + 35);
1320 if (r < 0)
1321 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1322 else
1323 s->forward_to_syslog = r;
1324 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1325 r = parse_boolean(word + 33);
1326 if (r < 0)
1327 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1328 else
1329 s->forward_to_kmsg = r;
1330 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1331 r = parse_boolean(word + 36);
1332 if (r < 0)
1333 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1334 else
1335 s->forward_to_console = r;
1336 } else if (startswith(word, "systemd.journald.forward_to_wall=")) {
1337 r = parse_boolean(word + 33);
1338 if (r < 0)
1339 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word + 33);
1340 else
1341 s->forward_to_wall = r;
1342 } else if (startswith(word, "systemd.journald"))
1343 log_warning("Invalid systemd.journald parameter. Ignoring.");
1344 }
1345
1346 /* do not warn about state here, since probably systemd already did */
1347 return 0;
1348 }
1349
1350 static int server_parse_config_file(Server *s) {
1351 assert(s);
1352
1353 return config_parse_many("/etc/systemd/journald.conf",
1354 CONF_DIRS_NULSTR("systemd/journald.conf"),
1355 "Journal\0",
1356 config_item_perf_lookup, journald_gperf_lookup,
1357 false, s);
1358 }
1359
1360 static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1361 Server *s = userdata;
1362
1363 assert(s);
1364
1365 server_sync(s);
1366 return 0;
1367 }
1368
1369 int server_schedule_sync(Server *s, int priority) {
1370 int r;
1371
1372 assert(s);
1373
1374 if (priority <= LOG_CRIT) {
1375 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1376 server_sync(s);
1377 return 0;
1378 }
1379
1380 if (s->sync_scheduled)
1381 return 0;
1382
1383 if (s->sync_interval_usec > 0) {
1384 usec_t when;
1385
1386 r = sd_event_now(s->event, CLOCK_MONOTONIC, &when);
1387 if (r < 0)
1388 return r;
1389
1390 when += s->sync_interval_usec;
1391
1392 if (!s->sync_event_source) {
1393 r = sd_event_add_time(
1394 s->event,
1395 &s->sync_event_source,
1396 CLOCK_MONOTONIC,
1397 when, 0,
1398 server_dispatch_sync, s);
1399 if (r < 0)
1400 return r;
1401
1402 r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1403 } else {
1404 r = sd_event_source_set_time(s->sync_event_source, when);
1405 if (r < 0)
1406 return r;
1407
1408 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1409 }
1410 if (r < 0)
1411 return r;
1412
1413 s->sync_scheduled = true;
1414 }
1415
1416 return 0;
1417 }
1418
1419 static int dispatch_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1420 Server *s = userdata;
1421
1422 assert(s);
1423
1424 server_cache_hostname(s);
1425 return 0;
1426 }
1427
1428 static int server_open_hostname(Server *s) {
1429 int r;
1430
1431 assert(s);
1432
1433 s->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
1434 if (s->hostname_fd < 0)
1435 return log_error_errno(errno, "Failed to open /proc/sys/kernel/hostname: %m");
1436
1437 r = sd_event_add_io(s->event, &s->hostname_event_source, s->hostname_fd, 0, dispatch_hostname_change, s);
1438 if (r < 0) {
1439 /* kernels prior to 3.2 don't support polling this file. Ignore
1440 * the failure. */
1441 if (r == -EPERM) {
1442 log_warning_errno(r, "Failed to register hostname fd in event loop, ignoring: %m");
1443 s->hostname_fd = safe_close(s->hostname_fd);
1444 return 0;
1445 }
1446
1447 return log_error_errno(r, "Failed to register hostname fd in event loop: %m");
1448 }
1449
1450 r = sd_event_source_set_priority(s->hostname_event_source, SD_EVENT_PRIORITY_IMPORTANT-10);
1451 if (r < 0)
1452 return log_error_errno(r, "Failed to adjust priority of host name event source: %m");
1453
1454 return 0;
1455 }
1456
1457 int server_init(Server *s) {
1458 _cleanup_fdset_free_ FDSet *fds = NULL;
1459 int n, r, fd;
1460 bool no_sockets;
1461
1462 assert(s);
1463
1464 zero(*s);
1465 s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = s->audit_fd = s->hostname_fd = -1;
1466 s->compress = true;
1467 s->seal = true;
1468
1469 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1470 s->sync_scheduled = false;
1471
1472 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1473 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1474
1475 s->forward_to_wall = true;
1476
1477 s->max_file_usec = DEFAULT_MAX_FILE_USEC;
1478
1479 s->max_level_store = LOG_DEBUG;
1480 s->max_level_syslog = LOG_DEBUG;
1481 s->max_level_kmsg = LOG_NOTICE;
1482 s->max_level_console = LOG_INFO;
1483 s->max_level_wall = LOG_EMERG;
1484
1485 journal_reset_metrics(&s->system_metrics);
1486 journal_reset_metrics(&s->runtime_metrics);
1487
1488 server_parse_config_file(s);
1489 server_parse_proc_cmdline(s);
1490
1491 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1492 log_debug("Setting both rate limit interval and burst from "USEC_FMT",%u to 0,0",
1493 s->rate_limit_interval, s->rate_limit_burst);
1494 s->rate_limit_interval = s->rate_limit_burst = 0;
1495 }
1496
1497 (void) mkdir_p("/run/systemd/journal", 0755);
1498
1499 s->user_journals = ordered_hashmap_new(NULL);
1500 if (!s->user_journals)
1501 return log_oom();
1502
1503 s->mmap = mmap_cache_new();
1504 if (!s->mmap)
1505 return log_oom();
1506
1507 r = sd_event_default(&s->event);
1508 if (r < 0)
1509 return log_error_errno(r, "Failed to create event loop: %m");
1510
1511 sd_event_set_watchdog(s->event, true);
1512
1513 n = sd_listen_fds(true);
1514 if (n < 0)
1515 return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
1516
1517 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1518
1519 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1520
1521 if (s->native_fd >= 0) {
1522 log_error("Too many native sockets passed.");
1523 return -EINVAL;
1524 }
1525
1526 s->native_fd = fd;
1527
1528 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1529
1530 if (s->stdout_fd >= 0) {
1531 log_error("Too many stdout sockets passed.");
1532 return -EINVAL;
1533 }
1534
1535 s->stdout_fd = fd;
1536
1537 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 ||
1538 sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1539
1540 if (s->syslog_fd >= 0) {
1541 log_error("Too many /dev/log sockets passed.");
1542 return -EINVAL;
1543 }
1544
1545 s->syslog_fd = fd;
1546
1547 } else if (sd_is_socket(fd, AF_NETLINK, SOCK_RAW, -1) > 0) {
1548
1549 if (s->audit_fd >= 0) {
1550 log_error("Too many audit sockets passed.");
1551 return -EINVAL;
1552 }
1553
1554 s->audit_fd = fd;
1555
1556 } else {
1557
1558 if (!fds) {
1559 fds = fdset_new();
1560 if (!fds)
1561 return log_oom();
1562 }
1563
1564 r = fdset_put(fds, fd);
1565 if (r < 0)
1566 return log_oom();
1567 }
1568 }
1569
1570 /* Try to restore streams, but don't bother if this fails */
1571 (void) server_restore_streams(s, fds);
1572
1573 if (fdset_size(fds) > 0) {
1574 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
1575 fds = fdset_free(fds);
1576 }
1577
1578 no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0;
1579
1580 /* always open stdout, syslog, native, and kmsg sockets */
1581
1582 /* systemd-journald.socket: /run/systemd/journal/stdout */
1583 r = server_open_stdout_socket(s);
1584 if (r < 0)
1585 return r;
1586
1587 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1588 r = server_open_syslog_socket(s);
1589 if (r < 0)
1590 return r;
1591
1592 /* systemd-journald.socket: /run/systemd/journal/socket */
1593 r = server_open_native_socket(s);
1594 if (r < 0)
1595 return r;
1596
1597 /* /dev/ksmg */
1598 r = server_open_dev_kmsg(s);
1599 if (r < 0)
1600 return r;
1601
1602 /* Unless we got *some* sockets and not audit, open audit socket */
1603 if (s->audit_fd >= 0 || no_sockets) {
1604 r = server_open_audit(s);
1605 if (r < 0)
1606 return r;
1607 }
1608
1609 r = server_open_kernel_seqnum(s);
1610 if (r < 0)
1611 return r;
1612
1613 r = server_open_hostname(s);
1614 if (r < 0)
1615 return r;
1616
1617 r = setup_signals(s);
1618 if (r < 0)
1619 return r;
1620
1621 s->udev = udev_new();
1622 if (!s->udev)
1623 return -ENOMEM;
1624
1625 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
1626 if (!s->rate_limit)
1627 return -ENOMEM;
1628
1629 r = cg_get_root_path(&s->cgroup_root);
1630 if (r < 0)
1631 return r;
1632
1633 server_cache_hostname(s);
1634 server_cache_boot_id(s);
1635 server_cache_machine_id(s);
1636
1637 return system_journal_open(s, false);
1638 }
1639
1640 void server_maybe_append_tags(Server *s) {
1641 #ifdef HAVE_GCRYPT
1642 JournalFile *f;
1643 Iterator i;
1644 usec_t n;
1645
1646 n = now(CLOCK_REALTIME);
1647
1648 if (s->system_journal)
1649 journal_file_maybe_append_tag(s->system_journal, n);
1650
1651 ORDERED_HASHMAP_FOREACH(f, s->user_journals, i)
1652 journal_file_maybe_append_tag(f, n);
1653 #endif
1654 }
1655
1656 void server_done(Server *s) {
1657 JournalFile *f;
1658 assert(s);
1659
1660 while (s->stdout_streams)
1661 stdout_stream_free(s->stdout_streams);
1662
1663 if (s->system_journal)
1664 journal_file_close(s->system_journal);
1665
1666 if (s->runtime_journal)
1667 journal_file_close(s->runtime_journal);
1668
1669 while ((f = ordered_hashmap_steal_first(s->user_journals)))
1670 journal_file_close(f);
1671
1672 ordered_hashmap_free(s->user_journals);
1673
1674 sd_event_source_unref(s->syslog_event_source);
1675 sd_event_source_unref(s->native_event_source);
1676 sd_event_source_unref(s->stdout_event_source);
1677 sd_event_source_unref(s->dev_kmsg_event_source);
1678 sd_event_source_unref(s->audit_event_source);
1679 sd_event_source_unref(s->sync_event_source);
1680 sd_event_source_unref(s->sigusr1_event_source);
1681 sd_event_source_unref(s->sigusr2_event_source);
1682 sd_event_source_unref(s->sigterm_event_source);
1683 sd_event_source_unref(s->sigint_event_source);
1684 sd_event_source_unref(s->hostname_event_source);
1685 sd_event_unref(s->event);
1686
1687 safe_close(s->syslog_fd);
1688 safe_close(s->native_fd);
1689 safe_close(s->stdout_fd);
1690 safe_close(s->dev_kmsg_fd);
1691 safe_close(s->audit_fd);
1692 safe_close(s->hostname_fd);
1693
1694 if (s->rate_limit)
1695 journal_rate_limit_free(s->rate_limit);
1696
1697 if (s->kernel_seqnum)
1698 munmap(s->kernel_seqnum, sizeof(uint64_t));
1699
1700 free(s->buffer);
1701 free(s->tty_path);
1702 free(s->cgroup_root);
1703 free(s->hostname_field);
1704
1705 if (s->mmap)
1706 mmap_cache_unref(s->mmap);
1707
1708 udev_unref(s->udev);
1709 }
1710
1711 static const char* const storage_table[_STORAGE_MAX] = {
1712 [STORAGE_AUTO] = "auto",
1713 [STORAGE_VOLATILE] = "volatile",
1714 [STORAGE_PERSISTENT] = "persistent",
1715 [STORAGE_NONE] = "none"
1716 };
1717
1718 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
1719 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
1720
1721 static const char* const split_mode_table[_SPLIT_MAX] = {
1722 [SPLIT_LOGIN] = "login",
1723 [SPLIT_UID] = "uid",
1724 [SPLIT_NONE] = "none",
1725 };
1726
1727 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
1728 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
Unnamed repository; edit this file 'description' to name the repository.