]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
journald: don't recalculate the ACL mask
[thirdparty/systemd.git] / src / journal / journald-server.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/signalfd.h>
23 #include <sys/ioctl.h>
24 #include <linux/sockios.h>
25 #include <sys/statvfs.h>
26 #include <sys/mman.h>
27 #include <sys/timerfd.h>
28
29 #include <libudev.h>
30 #include <systemd/sd-journal.h>
31 #include <systemd/sd-messages.h>
32 #include <systemd/sd-daemon.h>
33
34 #include "fileio.h"
35 #include "mkdir.h"
36 #include "hashmap.h"
37 #include "journal-file.h"
38 #include "socket-util.h"
39 #include "cgroup-util.h"
40 #include "list.h"
41 #include "virt.h"
42 #include "missing.h"
43 #include "conf-parser.h"
44 #include "journal-internal.h"
45 #include "journal-vacuum.h"
46 #include "journal-authenticate.h"
47 #include "journald-server.h"
48 #include "journald-rate-limit.h"
49 #include "journald-kmsg.h"
50 #include "journald-syslog.h"
51 #include "journald-stream.h"
52 #include "journald-console.h"
53 #include "journald-native.h"
54
55 #ifdef HAVE_ACL
56 #include <sys/acl.h>
57 #include <acl/libacl.h>
58 #include "acl-util.h"
59 #endif
60
61 #ifdef HAVE_SELINUX
62 #include <selinux/selinux.h>
63 #endif
64
65 #define USER_JOURNALS_MAX 1024
66
67 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
68 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
69 #define DEFAULT_RATE_LIMIT_BURST 200
70
71 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72
73 static const char* const storage_table[] = {
74 [STORAGE_AUTO] = "auto",
75 [STORAGE_VOLATILE] = "volatile",
76 [STORAGE_PERSISTENT] = "persistent",
77 [STORAGE_NONE] = "none"
78 };
79
80 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
82
83 static const char* const split_mode_table[] = {
84 [SPLIT_NONE] = "none",
85 [SPLIT_UID] = "uid",
86 [SPLIT_LOGIN] = "login"
87 };
88
89 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
90 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
91
92 static uint64_t available_space(Server *s) {
93 char ids[33];
94 _cleanup_free_ char *p = NULL;
95 const char *f;
96 sd_id128_t machine;
97 struct statvfs ss;
98 uint64_t sum = 0, avail = 0, ss_avail = 0;
99 int r;
100 _cleanup_closedir_ DIR *d = NULL;
101 usec_t ts;
102 JournalMetrics *m;
103
104 ts = now(CLOCK_MONOTONIC);
105
106 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
107 return s->cached_available_space;
108
109 r = sd_id128_get_machine(&machine);
110 if (r < 0)
111 return 0;
112
113 if (s->system_journal) {
114 f = "/var/log/journal/";
115 m = &s->system_metrics;
116 } else {
117 f = "/run/log/journal/";
118 m = &s->runtime_metrics;
119 }
120
121 assert(m);
122
123 p = strappend(f, sd_id128_to_string(machine, ids));
124 if (!p)
125 return 0;
126
127 d = opendir(p);
128 if (!d)
129 return 0;
130
131 if (fstatvfs(dirfd(d), &ss) < 0)
132 return 0;
133
134 for (;;) {
135 struct stat st;
136 struct dirent *de;
137 union dirent_storage buf;
138
139 r = readdir_r(d, &buf.de, &de);
140 if (r != 0)
141 break;
142
143 if (!de)
144 break;
145
146 if (!endswith(de->d_name, ".journal") &&
147 !endswith(de->d_name, ".journal~"))
148 continue;
149
150 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
151 continue;
152
153 if (!S_ISREG(st.st_mode))
154 continue;
155
156 sum += (uint64_t) st.st_blocks * 512UL;
157 }
158
159 avail = sum >= m->max_use ? 0 : m->max_use - sum;
160
161 ss_avail = ss.f_bsize * ss.f_bavail;
162
163 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
164
165 if (ss_avail < avail)
166 avail = ss_avail;
167
168 s->cached_available_space = avail;
169 s->cached_available_space_timestamp = ts;
170
171 return avail;
172 }
173
174 static void server_read_file_gid(Server *s) {
175 const char *g = "systemd-journal";
176 int r;
177
178 assert(s);
179
180 if (s->file_gid_valid)
181 return;
182
183 r = get_group_creds(&g, &s->file_gid);
184 if (r < 0)
185 log_warning("Failed to resolve '%s' group: %s", g, strerror(-r));
186
187 /* if we couldn't read the gid, then it will be 0, but that's
188 * fine and we shouldn't try to resolve the group again, so
189 * let's just pretend it worked right-away. */
190 s->file_gid_valid = true;
191 }
192
193 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
194 int r;
195 #ifdef HAVE_ACL
196 acl_t acl;
197 acl_entry_t entry;
198 acl_permset_t permset;
199 #endif
200
201 assert(f);
202
203 server_read_file_gid(s);
204
205 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
206 if (r < 0)
207 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
208
209 #ifdef HAVE_ACL
210 if (uid <= 0)
211 return;
212
213 acl = acl_get_fd(f->fd);
214 if (!acl) {
215 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
216 return;
217 }
218
219 r = acl_find_uid(acl, uid, &entry);
220 if (r <= 0) {
221
222 if (acl_create_entry(&acl, &entry) < 0 ||
223 acl_set_tag_type(entry, ACL_USER) < 0 ||
224 acl_set_qualifier(entry, &uid) < 0) {
225 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
226 goto finish;
227 }
228 }
229
230 /* We do not recalculate the mask here, so that the fchmod() mask above stays intact. */
231 if (acl_get_permset(entry, &permset) < 0 ||
232 acl_add_perm(permset, ACL_READ) < 0) {
233 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
234 goto finish;
235 }
236
237 if (acl_set_fd(f->fd, acl) < 0)
238 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
239
240 finish:
241 acl_free(acl);
242 #endif
243 }
244
245 static JournalFile* find_journal(Server *s, uid_t uid) {
246 char *p;
247 int r;
248 JournalFile *f;
249 sd_id128_t machine;
250
251 assert(s);
252
253 /* We split up user logs only on /var, not on /run. If the
254 * runtime file is open, we write to it exclusively, in order
255 * to guarantee proper order as soon as we flush /run to
256 * /var and close the runtime file. */
257
258 if (s->runtime_journal)
259 return s->runtime_journal;
260
261 if (uid <= 0)
262 return s->system_journal;
263
264 r = sd_id128_get_machine(&machine);
265 if (r < 0)
266 return s->system_journal;
267
268 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
269 if (f)
270 return f;
271
272 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
273 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
274 return s->system_journal;
275
276 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
277 /* Too many open? Then let's close one */
278 f = hashmap_steal_first(s->user_journals);
279 assert(f);
280 journal_file_close(f);
281 }
282
283 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f);
284 free(p);
285
286 if (r < 0)
287 return s->system_journal;
288
289 server_fix_perms(s, f, uid);
290
291 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
292 if (r < 0) {
293 journal_file_close(f);
294 return s->system_journal;
295 }
296
297 return f;
298 }
299
300 void server_rotate(Server *s) {
301 JournalFile *f;
302 void *k;
303 Iterator i;
304 int r;
305
306 log_debug("Rotating...");
307
308 if (s->runtime_journal) {
309 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
310 if (r < 0)
311 if (s->runtime_journal)
312 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
313 else
314 log_error("Failed to create new runtime journal: %s", strerror(-r));
315 else
316 server_fix_perms(s, s->runtime_journal, 0);
317 }
318
319 if (s->system_journal) {
320 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
321 if (r < 0)
322 if (s->system_journal)
323 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
324 else
325 log_error("Failed to create new system journal: %s", strerror(-r));
326
327 else
328 server_fix_perms(s, s->system_journal, 0);
329 }
330
331 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
332 r = journal_file_rotate(&f, s->compress, s->seal);
333 if (r < 0)
334 if (f)
335 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
336 else
337 log_error("Failed to create user journal: %s", strerror(-r));
338 else {
339 hashmap_replace(s->user_journals, k, f);
340 server_fix_perms(s, f, PTR_TO_UINT32(k));
341 }
342 }
343 }
344
345 void server_sync(Server *s) {
346 JournalFile *f;
347 void *k;
348 Iterator i;
349 int r;
350
351 static const struct itimerspec sync_timer_disable = {};
352
353 if (s->system_journal) {
354 r = journal_file_set_offline(s->system_journal);
355 if (r < 0)
356 log_error("Failed to sync system journal: %s", strerror(-r));
357 }
358
359 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
360 r = journal_file_set_offline(f);
361 if (r < 0)
362 log_error("Failed to sync user journal: %s", strerror(-r));
363 }
364
365 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_disable, NULL);
366 if (r < 0)
367 log_error("Failed to disable max timer: %m");
368
369 s->sync_scheduled = false;
370 }
371
372 void server_vacuum(Server *s) {
373 char *p;
374 char ids[33];
375 sd_id128_t machine;
376 int r;
377
378 log_debug("Vacuuming...");
379
380 s->oldest_file_usec = 0;
381
382 r = sd_id128_get_machine(&machine);
383 if (r < 0) {
384 log_error("Failed to get machine ID: %s", strerror(-r));
385 return;
386 }
387
388 sd_id128_to_string(machine, ids);
389
390 if (s->system_journal) {
391 p = strappend("/var/log/journal/", ids);
392 if (!p) {
393 log_oom();
394 return;
395 }
396
397 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
398 if (r < 0 && r != -ENOENT)
399 log_error("Failed to vacuum %s: %s", p, strerror(-r));
400 free(p);
401 }
402
403 if (s->runtime_journal) {
404 p = strappend("/run/log/journal/", ids);
405 if (!p) {
406 log_oom();
407 return;
408 }
409
410 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
411 if (r < 0 && r != -ENOENT)
412 log_error("Failed to vacuum %s: %s", p, strerror(-r));
413 free(p);
414 }
415
416 s->cached_available_space_timestamp = 0;
417 }
418
419 bool shall_try_append_again(JournalFile *f, int r) {
420
421 /* -E2BIG Hit configured limit
422 -EFBIG Hit fs limit
423 -EDQUOT Quota limit hit
424 -ENOSPC Disk full
425 -EHOSTDOWN Other machine
426 -EBUSY Unclean shutdown
427 -EPROTONOSUPPORT Unsupported feature
428 -EBADMSG Corrupted
429 -ENODATA Truncated
430 -ESHUTDOWN Already archived */
431
432 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
433 log_debug("%s: Allocation limit reached, rotating.", f->path);
434 else if (r == -EHOSTDOWN)
435 log_info("%s: Journal file from other machine, rotating.", f->path);
436 else if (r == -EBUSY)
437 log_info("%s: Unclean shutdown, rotating.", f->path);
438 else if (r == -EPROTONOSUPPORT)
439 log_info("%s: Unsupported feature, rotating.", f->path);
440 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
441 log_warning("%s: Journal file corrupted, rotating.", f->path);
442 else
443 return false;
444
445 return true;
446 }
447
448 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
449 JournalFile *f;
450 bool vacuumed = false;
451 int r;
452
453 assert(s);
454 assert(iovec);
455 assert(n > 0);
456
457 f = find_journal(s, uid);
458 if (!f)
459 return;
460
461 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
462 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
463 server_rotate(s);
464 server_vacuum(s);
465 vacuumed = true;
466
467 f = find_journal(s, uid);
468 if (!f)
469 return;
470 }
471
472 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
473 if (r >= 0) {
474 server_schedule_sync(s);
475 return;
476 }
477
478 if (vacuumed || !shall_try_append_again(f, r)) {
479 log_error("Failed to write entry, ignoring: %s", strerror(-r));
480 return;
481 }
482
483 server_rotate(s);
484 server_vacuum(s);
485
486 f = find_journal(s, uid);
487 if (!f)
488 return;
489
490 log_debug("Retrying write.");
491 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
492 if (r < 0)
493 log_error("Failed to write entry, ignoring: %s", strerror(-r));
494 }
495
496 static void dispatch_message_real(
497 Server *s,
498 struct iovec *iovec, unsigned n, unsigned m,
499 struct ucred *ucred,
500 struct timeval *tv,
501 const char *label, size_t label_len,
502 const char *unit_id) {
503
504 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
505 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
506 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
507 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
508 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
509 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
510 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=";
511 char *comm, *exe, *cmdline, *cgroup, *session, *unit, *hostname;
512 sd_id128_t id;
513 int r;
514 char *t, *c;
515 uid_t realuid = 0, owner = 0, journal_uid;
516 bool owner_valid = false;
517 #ifdef HAVE_AUDIT
518 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
519 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
520
521 uint32_t audit;
522 uid_t loginuid;
523 #endif
524
525 assert(s);
526 assert(iovec);
527 assert(n > 0);
528 assert(n + N_IOVEC_META_FIELDS <= m);
529
530 if (ucred) {
531 realuid = ucred->uid;
532
533 sprintf(pid, "_PID=%lu", (unsigned long) ucred->pid);
534 IOVEC_SET_STRING(iovec[n++], pid);
535
536 sprintf(uid, "_UID=%lu", (unsigned long) ucred->uid);
537 IOVEC_SET_STRING(iovec[n++], uid);
538
539 sprintf(gid, "_GID=%lu", (unsigned long) ucred->gid);
540 IOVEC_SET_STRING(iovec[n++], gid);
541
542 r = get_process_comm(ucred->pid, &t);
543 if (r >= 0) {
544 comm = strappenda("_COMM=", t);
545 free(t);
546 IOVEC_SET_STRING(iovec[n++], comm);
547 }
548
549 r = get_process_exe(ucred->pid, &t);
550 if (r >= 0) {
551 exe = strappenda("_EXE=", t);
552 free(t);
553 IOVEC_SET_STRING(iovec[n++], exe);
554 }
555
556 r = get_process_cmdline(ucred->pid, 0, false, &t);
557 if (r >= 0) {
558 cmdline = strappenda("_CMDLINE=", t);
559 free(t);
560 IOVEC_SET_STRING(iovec[n++], cmdline);
561 }
562
563 #ifdef HAVE_AUDIT
564 r = audit_session_from_pid(ucred->pid, &audit);
565 if (r >= 0) {
566 sprintf(audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit);
567 IOVEC_SET_STRING(iovec[n++], audit_session);
568 }
569
570 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
571 if (r >= 0) {
572 sprintf(audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
573 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
574 }
575 #endif
576
577 r = cg_pid_get_path_shifted(ucred->pid, NULL, &c);
578 if (r >= 0) {
579 cgroup = strappenda("_SYSTEMD_CGROUP=", c);
580 IOVEC_SET_STRING(iovec[n++], cgroup);
581
582 r = cg_path_get_session(c, &t);
583 if (r >= 0) {
584 session = strappenda("_SYSTEMD_SESSION=", t);
585 free(t);
586 IOVEC_SET_STRING(iovec[n++], session);
587 }
588
589 if (cg_path_get_owner_uid(c, &owner) >= 0) {
590 owner_valid = true;
591
592 sprintf(owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
593 IOVEC_SET_STRING(iovec[n++], owner_uid);
594 }
595
596 if (cg_path_get_unit(c, &t) >= 0) {
597 unit = strappenda("_SYSTEMD_UNIT=", t);
598 free(t);
599 } else if (cg_path_get_user_unit(c, &t) >= 0) {
600 unit = strappenda("_SYSTEMD_USER_UNIT=", t);
601 free(t);
602 } else if (unit_id) {
603 if (session)
604 unit = strappenda("_SYSTEMD_USER_UNIT=", unit_id);
605 else
606 unit = strappenda("_SYSTEMD_UNIT=", unit_id);
607 } else
608 unit = NULL;
609
610 if (unit)
611 IOVEC_SET_STRING(iovec[n++], unit);
612
613 free(c);
614 }
615
616 #ifdef HAVE_SELINUX
617 if (label) {
618 char *selinux_context = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
619
620 *((char*) mempcpy(stpcpy(selinux_context, "_SELINUX_CONTEXT="), label, label_len)) = 0;
621 IOVEC_SET_STRING(iovec[n++], selinux_context);
622 } else {
623 security_context_t con;
624
625 if (getpidcon(ucred->pid, &con) >= 0) {
626 char *selinux_context = strappenda("_SELINUX_CONTEXT=", con);
627
628 freecon(con);
629 IOVEC_SET_STRING(iovec[n++], selinux_context);
630 }
631 }
632 #endif
633 }
634
635 if (tv) {
636 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
637 IOVEC_SET_STRING(iovec[n++], source_time);
638 }
639
640 /* Note that strictly speaking storing the boot id here is
641 * redundant since the entry includes this in-line
642 * anyway. However, we need this indexed, too. */
643 r = sd_id128_get_boot(&id);
644 if (r >= 0) {
645 sd_id128_to_string(id, boot_id + sizeof("_BOOT_ID=") - 1);
646 IOVEC_SET_STRING(iovec[n++], boot_id);
647 }
648
649 r = sd_id128_get_machine(&id);
650 if (r >= 0) {
651 sd_id128_to_string(id, machine_id + sizeof("_MACHINE_ID=") - 1);
652 IOVEC_SET_STRING(iovec[n++], machine_id);
653 }
654
655 t = gethostname_malloc();
656 if (t) {
657 hostname = strappenda("_HOSTNAME=", t);
658 free(t);
659 IOVEC_SET_STRING(iovec[n++], hostname);
660 }
661
662 assert(n <= m);
663
664 if (s->split_mode == SPLIT_UID && realuid > 0)
665 /* Split up strictly by any UID */
666 journal_uid = realuid;
667 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
668 /* Split up by login UIDs, this avoids creation of
669 * individual journals for system UIDs. We do this
670 * only if the realuid is not root, in order not to
671 * accidentally leak privileged information to the
672 * user that is logged by a privileged process that is
673 * part of an unprivileged session.*/
674 journal_uid = owner;
675 else
676 journal_uid = 0;
677
678 write_to_journal(s, journal_uid, iovec, n);
679 }
680
681 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
682 char mid[11 + 32 + 1];
683 char buffer[16 + LINE_MAX + 1];
684 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
685 int n = 0;
686 va_list ap;
687 struct ucred ucred = {};
688
689 assert(s);
690 assert(format);
691
692 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
693 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
694
695 memcpy(buffer, "MESSAGE=", 8);
696 va_start(ap, format);
697 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
698 va_end(ap);
699 char_array_0(buffer);
700 IOVEC_SET_STRING(iovec[n++], buffer);
701
702 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
703 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
704 char_array_0(mid);
705 IOVEC_SET_STRING(iovec[n++], mid);
706 }
707
708 ucred.pid = getpid();
709 ucred.uid = getuid();
710 ucred.gid = getgid();
711
712 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
713 }
714
715 void server_dispatch_message(
716 Server *s,
717 struct iovec *iovec, unsigned n, unsigned m,
718 struct ucred *ucred,
719 struct timeval *tv,
720 const char *label, size_t label_len,
721 const char *unit_id,
722 int priority) {
723
724 int rl, r;
725 _cleanup_free_ char *path = NULL;
726 char *c;
727
728 assert(s);
729 assert(iovec || n == 0);
730
731 if (n == 0)
732 return;
733
734 if (LOG_PRI(priority) > s->max_level_store)
735 return;
736
737 if (!ucred)
738 goto finish;
739
740 r = cg_pid_get_path_shifted(ucred->pid, NULL, &path);
741 if (r < 0)
742 goto finish;
743
744 /* example: /user/lennart/3/foobar
745 * /system/dbus.service/foobar
746 *
747 * So let's cut of everything past the third /, since that is
748 * where user directories start */
749
750 c = strchr(path, '/');
751 if (c) {
752 c = strchr(c+1, '/');
753 if (c) {
754 c = strchr(c+1, '/');
755 if (c)
756 *c = 0;
757 }
758 }
759
760 rl = journal_rate_limit_test(s->rate_limit, path,
761 priority & LOG_PRIMASK, available_space(s));
762
763 if (rl == 0)
764 return;
765
766 /* Write a suppression message if we suppressed something */
767 if (rl > 1)
768 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
769 "Suppressed %u messages from %s", rl - 1, path);
770
771 finish:
772 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
773 }
774
775
776 static int system_journal_open(Server *s) {
777 int r;
778 char *fn;
779 sd_id128_t machine;
780 char ids[33];
781
782 r = sd_id128_get_machine(&machine);
783 if (r < 0)
784 return r;
785
786 sd_id128_to_string(machine, ids);
787
788 if (!s->system_journal &&
789 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
790 access("/run/systemd/journal/flushed", F_OK) >= 0) {
791
792 /* If in auto mode: first try to create the machine
793 * path, but not the prefix.
794 *
795 * If in persistent mode: create /var/log/journal and
796 * the machine path */
797
798 if (s->storage == STORAGE_PERSISTENT)
799 (void) mkdir("/var/log/journal/", 0755);
800
801 fn = strappend("/var/log/journal/", ids);
802 if (!fn)
803 return -ENOMEM;
804
805 (void) mkdir(fn, 0755);
806 free(fn);
807
808 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
809 if (!fn)
810 return -ENOMEM;
811
812 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
813 free(fn);
814
815 if (r >= 0) {
816 char fb[FORMAT_BYTES_MAX];
817
818 server_fix_perms(s, s->system_journal, 0);
819 server_driver_message(s, SD_ID128_NULL, "Allowing system journal files to grow to %s.",
820 format_bytes(fb, sizeof(fb), s->system_metrics.max_use));
821
822 } else if (r < 0) {
823
824 if (r != -ENOENT && r != -EROFS)
825 log_warning("Failed to open system journal: %s", strerror(-r));
826
827 r = 0;
828 }
829 }
830
831 if (!s->runtime_journal &&
832 (s->storage != STORAGE_NONE)) {
833
834 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
835 if (!fn)
836 return -ENOMEM;
837
838 if (s->system_journal) {
839
840 /* Try to open the runtime journal, but only
841 * if it already exists, so that we can flush
842 * it into the system journal */
843
844 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
845 free(fn);
846
847 if (r < 0) {
848 if (r != -ENOENT)
849 log_warning("Failed to open runtime journal: %s", strerror(-r));
850
851 r = 0;
852 }
853
854 } else {
855
856 /* OK, we really need the runtime journal, so create
857 * it if necessary. */
858
859 (void) mkdir_parents(fn, 0755);
860 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
861 free(fn);
862
863 if (r < 0) {
864 log_error("Failed to open runtime journal: %s", strerror(-r));
865 return r;
866 }
867 }
868
869 if (s->runtime_journal) {
870 char fb[FORMAT_BYTES_MAX];
871
872 server_fix_perms(s, s->runtime_journal, 0);
873 server_driver_message(s, SD_ID128_NULL, "Allowing runtime journal files to grow to %s.",
874 format_bytes(fb, sizeof(fb), s->runtime_metrics.max_use));
875 }
876 }
877
878 return r;
879 }
880
881 int server_flush_to_var(Server *s) {
882 int r;
883 sd_id128_t machine;
884 sd_journal *j = NULL;
885
886 assert(s);
887
888 if (s->storage != STORAGE_AUTO &&
889 s->storage != STORAGE_PERSISTENT)
890 return 0;
891
892 if (!s->runtime_journal)
893 return 0;
894
895 system_journal_open(s);
896
897 if (!s->system_journal)
898 return 0;
899
900 log_debug("Flushing to /var...");
901
902 r = sd_id128_get_machine(&machine);
903 if (r < 0) {
904 log_error("Failed to get machine id: %s", strerror(-r));
905 return r;
906 }
907
908 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
909 if (r < 0) {
910 log_error("Failed to read runtime journal: %s", strerror(-r));
911 return r;
912 }
913
914 sd_journal_set_data_threshold(j, 0);
915
916 SD_JOURNAL_FOREACH(j) {
917 Object *o = NULL;
918 JournalFile *f;
919
920 f = j->current_file;
921 assert(f && f->current_offset > 0);
922
923 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
924 if (r < 0) {
925 log_error("Can't read entry: %s", strerror(-r));
926 goto finish;
927 }
928
929 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
930 if (r >= 0)
931 continue;
932
933 if (!shall_try_append_again(s->system_journal, r)) {
934 log_error("Can't write entry: %s", strerror(-r));
935 goto finish;
936 }
937
938 server_rotate(s);
939 server_vacuum(s);
940
941 if (!s->system_journal) {
942 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
943 r = -EIO;
944 goto finish;
945 }
946
947 log_debug("Retrying write.");
948 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
949 if (r < 0) {
950 log_error("Can't write entry: %s", strerror(-r));
951 goto finish;
952 }
953 }
954
955 finish:
956 journal_file_post_change(s->system_journal);
957
958 journal_file_close(s->runtime_journal);
959 s->runtime_journal = NULL;
960
961 if (r >= 0)
962 rm_rf("/run/log/journal", false, true, false);
963
964 sd_journal_close(j);
965
966 return r;
967 }
968
969 int process_event(Server *s, struct epoll_event *ev) {
970 assert(s);
971 assert(ev);
972
973 if (ev->data.fd == s->signal_fd) {
974 struct signalfd_siginfo sfsi;
975 ssize_t n;
976
977 if (ev->events != EPOLLIN) {
978 log_error("Got invalid event from epoll.");
979 return -EIO;
980 }
981
982 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
983 if (n != sizeof(sfsi)) {
984
985 if (n >= 0)
986 return -EIO;
987
988 if (errno == EINTR || errno == EAGAIN)
989 return 1;
990
991 return -errno;
992 }
993
994 if (sfsi.ssi_signo == SIGUSR1) {
995 touch("/run/systemd/journal/flushed");
996 server_flush_to_var(s);
997 server_sync(s);
998 return 1;
999 }
1000
1001 if (sfsi.ssi_signo == SIGUSR2) {
1002 server_rotate(s);
1003 server_vacuum(s);
1004 return 1;
1005 }
1006
1007 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1008
1009 return 0;
1010
1011 } else if (ev->data.fd == s->sync_timer_fd) {
1012 int r;
1013 uint64_t t;
1014
1015 log_debug("Got sync request from epoll.");
1016
1017 r = read(ev->data.fd, (void *)&t, sizeof(t));
1018 if (r < 0)
1019 return 0;
1020
1021 server_sync(s);
1022 return 1;
1023
1024 } else if (ev->data.fd == s->dev_kmsg_fd) {
1025 int r;
1026
1027 if (ev->events != EPOLLIN) {
1028 log_error("Got invalid event from epoll.");
1029 return -EIO;
1030 }
1031
1032 r = server_read_dev_kmsg(s);
1033 if (r < 0)
1034 return r;
1035
1036 return 1;
1037
1038 } else if (ev->data.fd == s->native_fd ||
1039 ev->data.fd == s->syslog_fd) {
1040
1041 if (ev->events != EPOLLIN) {
1042 log_error("Got invalid event from epoll.");
1043 return -EIO;
1044 }
1045
1046 for (;;) {
1047 struct msghdr msghdr;
1048 struct iovec iovec;
1049 struct ucred *ucred = NULL;
1050 struct timeval *tv = NULL;
1051 struct cmsghdr *cmsg;
1052 char *label = NULL;
1053 size_t label_len = 0;
1054 union {
1055 struct cmsghdr cmsghdr;
1056
1057 /* We use NAME_MAX space for the
1058 * SELinux label here. The kernel
1059 * currently enforces no limit, but
1060 * according to suggestions from the
1061 * SELinux people this will change and
1062 * it will probably be identical to
1063 * NAME_MAX. For now we use that, but
1064 * this should be updated one day when
1065 * the final limit is known.*/
1066 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1067 CMSG_SPACE(sizeof(struct timeval)) +
1068 CMSG_SPACE(sizeof(int)) + /* fd */
1069 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1070 } control;
1071 ssize_t n;
1072 int v;
1073 int *fds = NULL;
1074 unsigned n_fds = 0;
1075
1076 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1077 log_error("SIOCINQ failed: %m");
1078 return -errno;
1079 }
1080
1081 if (s->buffer_size < (size_t) v) {
1082 void *b;
1083 size_t l;
1084
1085 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1086 b = realloc(s->buffer, l+1);
1087
1088 if (!b) {
1089 log_error("Couldn't increase buffer.");
1090 return -ENOMEM;
1091 }
1092
1093 s->buffer_size = l;
1094 s->buffer = b;
1095 }
1096
1097 zero(iovec);
1098 iovec.iov_base = s->buffer;
1099 iovec.iov_len = s->buffer_size;
1100
1101 zero(control);
1102 zero(msghdr);
1103 msghdr.msg_iov = &iovec;
1104 msghdr.msg_iovlen = 1;
1105 msghdr.msg_control = &control;
1106 msghdr.msg_controllen = sizeof(control);
1107
1108 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1109 if (n < 0) {
1110
1111 if (errno == EINTR || errno == EAGAIN)
1112 return 1;
1113
1114 log_error("recvmsg() failed: %m");
1115 return -errno;
1116 }
1117
1118 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1119
1120 if (cmsg->cmsg_level == SOL_SOCKET &&
1121 cmsg->cmsg_type == SCM_CREDENTIALS &&
1122 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1123 ucred = (struct ucred*) CMSG_DATA(cmsg);
1124 else if (cmsg->cmsg_level == SOL_SOCKET &&
1125 cmsg->cmsg_type == SCM_SECURITY) {
1126 label = (char*) CMSG_DATA(cmsg);
1127 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1128 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1129 cmsg->cmsg_type == SO_TIMESTAMP &&
1130 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1131 tv = (struct timeval*) CMSG_DATA(cmsg);
1132 else if (cmsg->cmsg_level == SOL_SOCKET &&
1133 cmsg->cmsg_type == SCM_RIGHTS) {
1134 fds = (int*) CMSG_DATA(cmsg);
1135 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1136 }
1137 }
1138
1139 if (ev->data.fd == s->syslog_fd) {
1140 char *e;
1141
1142 if (n > 0 && n_fds == 0) {
1143 e = memchr(s->buffer, '\n', n);
1144 if (e)
1145 *e = 0;
1146 else
1147 s->buffer[n] = 0;
1148
1149 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1150 } else if (n_fds > 0)
1151 log_warning("Got file descriptors via syslog socket. Ignoring.");
1152
1153 } else {
1154 if (n > 0 && n_fds == 0)
1155 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1156 else if (n == 0 && n_fds == 1)
1157 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1158 else if (n_fds > 0)
1159 log_warning("Got too many file descriptors via native socket. Ignoring.");
1160 }
1161
1162 close_many(fds, n_fds);
1163 }
1164
1165 return 1;
1166
1167 } else if (ev->data.fd == s->stdout_fd) {
1168
1169 if (ev->events != EPOLLIN) {
1170 log_error("Got invalid event from epoll.");
1171 return -EIO;
1172 }
1173
1174 stdout_stream_new(s);
1175 return 1;
1176
1177 } else {
1178 StdoutStream *stream;
1179
1180 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1181 log_error("Got invalid event from epoll.");
1182 return -EIO;
1183 }
1184
1185 /* If it is none of the well-known fds, it must be an
1186 * stdout stream fd. Note that this is a bit ugly here
1187 * (since we rely that none of the well-known fds
1188 * could be interpreted as pointer), but nonetheless
1189 * safe, since the well-known fds would never get an
1190 * fd > 4096, i.e. beyond the first memory page */
1191
1192 stream = ev->data.ptr;
1193
1194 if (stdout_stream_process(stream) <= 0)
1195 stdout_stream_free(stream);
1196
1197 return 1;
1198 }
1199
1200 log_error("Unknown event.");
1201 return 0;
1202 }
1203
1204 static int open_signalfd(Server *s) {
1205 sigset_t mask;
1206 struct epoll_event ev;
1207
1208 assert(s);
1209
1210 assert_se(sigemptyset(&mask) == 0);
1211 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1212 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1213
1214 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1215 if (s->signal_fd < 0) {
1216 log_error("signalfd(): %m");
1217 return -errno;
1218 }
1219
1220 zero(ev);
1221 ev.events = EPOLLIN;
1222 ev.data.fd = s->signal_fd;
1223
1224 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1225 log_error("epoll_ctl(): %m");
1226 return -errno;
1227 }
1228
1229 return 0;
1230 }
1231
1232 static int server_parse_proc_cmdline(Server *s) {
1233 _cleanup_free_ char *line = NULL;
1234 char *w, *state;
1235 int r;
1236 size_t l;
1237
1238 if (detect_container(NULL) > 0)
1239 return 0;
1240
1241 r = read_one_line_file("/proc/cmdline", &line);
1242 if (r < 0) {
1243 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1244 return 0;
1245 }
1246
1247 FOREACH_WORD_QUOTED(w, l, line, state) {
1248 _cleanup_free_ char *word;
1249
1250 word = strndup(w, l);
1251 if (!word)
1252 return -ENOMEM;
1253
1254 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1255 r = parse_boolean(word + 35);
1256 if (r < 0)
1257 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1258 else
1259 s->forward_to_syslog = r;
1260 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1261 r = parse_boolean(word + 33);
1262 if (r < 0)
1263 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1264 else
1265 s->forward_to_kmsg = r;
1266 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1267 r = parse_boolean(word + 36);
1268 if (r < 0)
1269 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1270 else
1271 s->forward_to_console = r;
1272 } else if (startswith(word, "systemd.journald"))
1273 log_warning("Invalid systemd.journald parameter. Ignoring.");
1274 }
1275
1276 return 0;
1277 }
1278
1279 static int server_parse_config_file(Server *s) {
1280 static const char fn[] = "/etc/systemd/journald.conf";
1281 _cleanup_fclose_ FILE *f = NULL;
1282 int r;
1283
1284 assert(s);
1285
1286 f = fopen(fn, "re");
1287 if (!f) {
1288 if (errno == ENOENT)
1289 return 0;
1290
1291 log_warning("Failed to open configuration file %s: %m", fn);
1292 return -errno;
1293 }
1294
1295 r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
1296 (void*) journald_gperf_lookup, false, false, s);
1297 if (r < 0)
1298 log_warning("Failed to parse configuration file: %s", strerror(-r));
1299
1300 return r;
1301 }
1302
1303 static int server_open_sync_timer(Server *s) {
1304 int r;
1305 struct epoll_event ev;
1306
1307 assert(s);
1308
1309 s->sync_timer_fd = timerfd_create(CLOCK_MONOTONIC, TFD_CLOEXEC);
1310 if (s->sync_timer_fd < 0)
1311 return -errno;
1312
1313 zero(ev);
1314 ev.events = EPOLLIN;
1315 ev.data.fd = s->sync_timer_fd;
1316
1317 r = epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->sync_timer_fd, &ev);
1318 if (r < 0) {
1319 log_error("Failed to add idle timer fd to epoll object: %m");
1320 return -errno;
1321 }
1322
1323 return 0;
1324 }
1325
1326 int server_schedule_sync(Server *s) {
1327 int r;
1328
1329 assert(s);
1330
1331 if (s->sync_scheduled)
1332 return 0;
1333
1334 if (s->sync_interval_usec) {
1335 struct itimerspec sync_timer_enable = {
1336 .it_value.tv_sec = s->sync_interval_usec / USEC_PER_SEC,
1337 .it_value.tv_nsec = s->sync_interval_usec % MSEC_PER_SEC,
1338 };
1339
1340 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_enable, NULL);
1341 if (r < 0)
1342 return -errno;
1343 }
1344
1345 s->sync_scheduled = true;
1346
1347 return 0;
1348 }
1349
1350 int server_init(Server *s) {
1351 int n, r, fd;
1352
1353 assert(s);
1354
1355 zero(*s);
1356 s->sync_timer_fd = s->syslog_fd = s->native_fd = s->stdout_fd =
1357 s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1;
1358 s->compress = true;
1359 s->seal = true;
1360
1361 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1362 s->sync_scheduled = false;
1363
1364 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1365 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1366
1367 s->forward_to_syslog = true;
1368
1369 s->max_level_store = LOG_DEBUG;
1370 s->max_level_syslog = LOG_DEBUG;
1371 s->max_level_kmsg = LOG_NOTICE;
1372 s->max_level_console = LOG_INFO;
1373
1374 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1375 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1376
1377 server_parse_config_file(s);
1378 server_parse_proc_cmdline(s);
1379 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1380 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1381 (long long unsigned) s->rate_limit_interval,
1382 s->rate_limit_burst);
1383 s->rate_limit_interval = s->rate_limit_burst = 0;
1384 }
1385
1386 mkdir_p("/run/systemd/journal", 0755);
1387
1388 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1389 if (!s->user_journals)
1390 return log_oom();
1391
1392 s->mmap = mmap_cache_new();
1393 if (!s->mmap)
1394 return log_oom();
1395
1396 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1397 if (s->epoll_fd < 0) {
1398 log_error("Failed to create epoll object: %m");
1399 return -errno;
1400 }
1401
1402 n = sd_listen_fds(true);
1403 if (n < 0) {
1404 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1405 return n;
1406 }
1407
1408 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1409
1410 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1411
1412 if (s->native_fd >= 0) {
1413 log_error("Too many native sockets passed.");
1414 return -EINVAL;
1415 }
1416
1417 s->native_fd = fd;
1418
1419 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1420
1421 if (s->stdout_fd >= 0) {
1422 log_error("Too many stdout sockets passed.");
1423 return -EINVAL;
1424 }
1425
1426 s->stdout_fd = fd;
1427
1428 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1429
1430 if (s->syslog_fd >= 0) {
1431 log_error("Too many /dev/log sockets passed.");
1432 return -EINVAL;
1433 }
1434
1435 s->syslog_fd = fd;
1436
1437 } else {
1438 log_error("Unknown socket passed.");
1439 return -EINVAL;
1440 }
1441 }
1442
1443 r = server_open_syslog_socket(s);
1444 if (r < 0)
1445 return r;
1446
1447 r = server_open_native_socket(s);
1448 if (r < 0)
1449 return r;
1450
1451 r = server_open_stdout_socket(s);
1452 if (r < 0)
1453 return r;
1454
1455 r = server_open_dev_kmsg(s);
1456 if (r < 0)
1457 return r;
1458
1459 r = server_open_kernel_seqnum(s);
1460 if (r < 0)
1461 return r;
1462
1463 r = server_open_sync_timer(s);
1464 if (r < 0)
1465 return r;
1466
1467 r = open_signalfd(s);
1468 if (r < 0)
1469 return r;
1470
1471 s->udev = udev_new();
1472 if (!s->udev)
1473 return -ENOMEM;
1474
1475 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval,
1476 s->rate_limit_burst);
1477 if (!s->rate_limit)
1478 return -ENOMEM;
1479
1480 r = system_journal_open(s);
1481 if (r < 0)
1482 return r;
1483
1484 return 0;
1485 }
1486
1487 void server_maybe_append_tags(Server *s) {
1488 #ifdef HAVE_GCRYPT
1489 JournalFile *f;
1490 Iterator i;
1491 usec_t n;
1492
1493 n = now(CLOCK_REALTIME);
1494
1495 if (s->system_journal)
1496 journal_file_maybe_append_tag(s->system_journal, n);
1497
1498 HASHMAP_FOREACH(f, s->user_journals, i)
1499 journal_file_maybe_append_tag(f, n);
1500 #endif
1501 }
1502
1503 void server_done(Server *s) {
1504 JournalFile *f;
1505 assert(s);
1506
1507 while (s->stdout_streams)
1508 stdout_stream_free(s->stdout_streams);
1509
1510 if (s->system_journal)
1511 journal_file_close(s->system_journal);
1512
1513 if (s->runtime_journal)
1514 journal_file_close(s->runtime_journal);
1515
1516 while ((f = hashmap_steal_first(s->user_journals)))
1517 journal_file_close(f);
1518
1519 hashmap_free(s->user_journals);
1520
1521 if (s->epoll_fd >= 0)
1522 close_nointr_nofail(s->epoll_fd);
1523
1524 if (s->signal_fd >= 0)
1525 close_nointr_nofail(s->signal_fd);
1526
1527 if (s->syslog_fd >= 0)
1528 close_nointr_nofail(s->syslog_fd);
1529
1530 if (s->native_fd >= 0)
1531 close_nointr_nofail(s->native_fd);
1532
1533 if (s->stdout_fd >= 0)
1534 close_nointr_nofail(s->stdout_fd);
1535
1536 if (s->dev_kmsg_fd >= 0)
1537 close_nointr_nofail(s->dev_kmsg_fd);
1538
1539 if (s->sync_timer_fd >= 0)
1540 close_nointr_nofail(s->sync_timer_fd);
1541
1542 if (s->rate_limit)
1543 journal_rate_limit_free(s->rate_limit);
1544
1545 if (s->kernel_seqnum)
1546 munmap(s->kernel_seqnum, sizeof(uint64_t));
1547
1548 free(s->buffer);
1549 free(s->tty_path);
1550
1551 if (s->mmap)
1552 mmap_cache_unref(s->mmap);
1553
1554 if (s->udev)
1555 udev_unref(s->udev);
1556 }
Unnamed repository; edit this file 'description' to name the repository.