]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
journal: remove build warning when SELinux is disabled
[thirdparty/systemd.git] / src / journal / journald-server.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/signalfd.h>
23 #include <sys/ioctl.h>
24 #include <linux/sockios.h>
25 #include <sys/statvfs.h>
26 #include <sys/mman.h>
27 #include <sys/timerfd.h>
28
29 #include <libudev.h>
30 #include <systemd/sd-journal.h>
31 #include <systemd/sd-messages.h>
32 #include <systemd/sd-daemon.h>
33
34 #include "fileio.h"
35 #include "mkdir.h"
36 #include "hashmap.h"
37 #include "journal-file.h"
38 #include "socket-util.h"
39 #include "cgroup-util.h"
40 #include "list.h"
41 #include "virt.h"
42 #include "missing.h"
43 #include "conf-parser.h"
44 #include "journal-internal.h"
45 #include "journal-vacuum.h"
46 #include "journal-authenticate.h"
47 #include "journald-server.h"
48 #include "journald-rate-limit.h"
49 #include "journald-kmsg.h"
50 #include "journald-syslog.h"
51 #include "journald-stream.h"
52 #include "journald-console.h"
53 #include "journald-native.h"
54
55 #ifdef HAVE_ACL
56 #include <sys/acl.h>
57 #include <acl/libacl.h>
58 #include "acl-util.h"
59 #endif
60
61 #ifdef HAVE_SELINUX
62 #include <selinux/selinux.h>
63 #endif
64
65 #define USER_JOURNALS_MAX 1024
66
67 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
68 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
69 #define DEFAULT_RATE_LIMIT_BURST 200
70
71 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72
73 static const char* const storage_table[] = {
74 [STORAGE_AUTO] = "auto",
75 [STORAGE_VOLATILE] = "volatile",
76 [STORAGE_PERSISTENT] = "persistent",
77 [STORAGE_NONE] = "none"
78 };
79
80 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
82
83 static const char* const split_mode_table[] = {
84 [SPLIT_NONE] = "none",
85 [SPLIT_UID] = "uid",
86 [SPLIT_LOGIN] = "login"
87 };
88
89 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
90 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
91
92 static uint64_t available_space(Server *s) {
93 char ids[33];
94 _cleanup_free_ char *p = NULL;
95 const char *f;
96 sd_id128_t machine;
97 struct statvfs ss;
98 uint64_t sum = 0, avail = 0, ss_avail = 0;
99 int r;
100 _cleanup_closedir_ DIR *d = NULL;
101 usec_t ts;
102 JournalMetrics *m;
103
104 ts = now(CLOCK_MONOTONIC);
105
106 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
107 return s->cached_available_space;
108
109 r = sd_id128_get_machine(&machine);
110 if (r < 0)
111 return 0;
112
113 if (s->system_journal) {
114 f = "/var/log/journal/";
115 m = &s->system_metrics;
116 } else {
117 f = "/run/log/journal/";
118 m = &s->runtime_metrics;
119 }
120
121 assert(m);
122
123 p = strappend(f, sd_id128_to_string(machine, ids));
124 if (!p)
125 return 0;
126
127 d = opendir(p);
128 if (!d)
129 return 0;
130
131 if (fstatvfs(dirfd(d), &ss) < 0)
132 return 0;
133
134 for (;;) {
135 struct stat st;
136 struct dirent *de;
137 union dirent_storage buf;
138
139 r = readdir_r(d, &buf.de, &de);
140 if (r != 0)
141 break;
142
143 if (!de)
144 break;
145
146 if (!endswith(de->d_name, ".journal") &&
147 !endswith(de->d_name, ".journal~"))
148 continue;
149
150 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
151 continue;
152
153 if (!S_ISREG(st.st_mode))
154 continue;
155
156 sum += (uint64_t) st.st_blocks * 512UL;
157 }
158
159 avail = sum >= m->max_use ? 0 : m->max_use - sum;
160
161 ss_avail = ss.f_bsize * ss.f_bavail;
162
163 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
164
165 if (ss_avail < avail)
166 avail = ss_avail;
167
168 s->cached_available_space = avail;
169 s->cached_available_space_timestamp = ts;
170
171 return avail;
172 }
173
174 static void server_read_file_gid(Server *s) {
175 const char *g = "systemd-journal";
176 int r;
177
178 assert(s);
179
180 if (s->file_gid_valid)
181 return;
182
183 r = get_group_creds(&g, &s->file_gid);
184 if (r < 0)
185 log_warning("Failed to resolve '%s' group: %s", g, strerror(-r));
186
187 /* if we couldn't read the gid, then it will be 0, but that's
188 * fine and we shouldn't try to resolve the group again, so
189 * let's just pretend it worked right-away. */
190 s->file_gid_valid = true;
191 }
192
193 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
194 int r;
195 #ifdef HAVE_ACL
196 acl_t acl;
197 acl_entry_t entry;
198 acl_permset_t permset;
199 #endif
200
201 assert(f);
202
203 server_read_file_gid(s);
204
205 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
206 if (r < 0)
207 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
208
209 #ifdef HAVE_ACL
210 if (uid <= 0)
211 return;
212
213 acl = acl_get_fd(f->fd);
214 if (!acl) {
215 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
216 return;
217 }
218
219 r = acl_find_uid(acl, uid, &entry);
220 if (r <= 0) {
221
222 if (acl_create_entry(&acl, &entry) < 0 ||
223 acl_set_tag_type(entry, ACL_USER) < 0 ||
224 acl_set_qualifier(entry, &uid) < 0) {
225 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
226 goto finish;
227 }
228 }
229
230 if (acl_get_permset(entry, &permset) < 0 ||
231 acl_add_perm(permset, ACL_READ) < 0 ||
232 acl_calc_mask(&acl) < 0) {
233 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
234 goto finish;
235 }
236
237 if (acl_set_fd(f->fd, acl) < 0)
238 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
239
240 finish:
241 acl_free(acl);
242 #endif
243 }
244
245 static JournalFile* find_journal(Server *s, uid_t uid) {
246 char *p;
247 int r;
248 JournalFile *f;
249 sd_id128_t machine;
250
251 assert(s);
252
253 /* We split up user logs only on /var, not on /run. If the
254 * runtime file is open, we write to it exclusively, in order
255 * to guarantee proper order as soon as we flush /run to
256 * /var and close the runtime file. */
257
258 if (s->runtime_journal)
259 return s->runtime_journal;
260
261 if (uid <= 0)
262 return s->system_journal;
263
264 r = sd_id128_get_machine(&machine);
265 if (r < 0)
266 return s->system_journal;
267
268 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
269 if (f)
270 return f;
271
272 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
273 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
274 return s->system_journal;
275
276 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
277 /* Too many open? Then let's close one */
278 f = hashmap_steal_first(s->user_journals);
279 assert(f);
280 journal_file_close(f);
281 }
282
283 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f);
284 free(p);
285
286 if (r < 0)
287 return s->system_journal;
288
289 server_fix_perms(s, f, uid);
290
291 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
292 if (r < 0) {
293 journal_file_close(f);
294 return s->system_journal;
295 }
296
297 return f;
298 }
299
300 void server_rotate(Server *s) {
301 JournalFile *f;
302 void *k;
303 Iterator i;
304 int r;
305
306 log_debug("Rotating...");
307
308 if (s->runtime_journal) {
309 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
310 if (r < 0)
311 if (s->runtime_journal)
312 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
313 else
314 log_error("Failed to create new runtime journal: %s", strerror(-r));
315 else
316 server_fix_perms(s, s->runtime_journal, 0);
317 }
318
319 if (s->system_journal) {
320 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
321 if (r < 0)
322 if (s->system_journal)
323 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
324 else
325 log_error("Failed to create new system journal: %s", strerror(-r));
326
327 else
328 server_fix_perms(s, s->system_journal, 0);
329 }
330
331 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
332 r = journal_file_rotate(&f, s->compress, s->seal);
333 if (r < 0)
334 if (f)
335 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
336 else
337 log_error("Failed to create user journal: %s", strerror(-r));
338 else {
339 hashmap_replace(s->user_journals, k, f);
340 server_fix_perms(s, f, PTR_TO_UINT32(k));
341 }
342 }
343 }
344
345 void server_sync(Server *s) {
346 JournalFile *f;
347 void *k;
348 Iterator i;
349 int r;
350
351 static const struct itimerspec sync_timer_disable = {};
352
353 if (s->system_journal) {
354 r = journal_file_set_offline(s->system_journal);
355 if (r < 0)
356 log_error("Failed to sync system journal: %s", strerror(-r));
357 }
358
359 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
360 r = journal_file_set_offline(f);
361 if (r < 0)
362 log_error("Failed to sync user journal: %s", strerror(-r));
363 }
364
365 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_disable, NULL);
366 if (r < 0)
367 log_error("Failed to disable max timer: %m");
368
369 s->sync_scheduled = false;
370 }
371
372 void server_vacuum(Server *s) {
373 char *p;
374 char ids[33];
375 sd_id128_t machine;
376 int r;
377
378 log_debug("Vacuuming...");
379
380 s->oldest_file_usec = 0;
381
382 r = sd_id128_get_machine(&machine);
383 if (r < 0) {
384 log_error("Failed to get machine ID: %s", strerror(-r));
385 return;
386 }
387
388 sd_id128_to_string(machine, ids);
389
390 if (s->system_journal) {
391 p = strappend("/var/log/journal/", ids);
392 if (!p) {
393 log_oom();
394 return;
395 }
396
397 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
398 if (r < 0 && r != -ENOENT)
399 log_error("Failed to vacuum %s: %s", p, strerror(-r));
400 free(p);
401 }
402
403 if (s->runtime_journal) {
404 p = strappend("/run/log/journal/", ids);
405 if (!p) {
406 log_oom();
407 return;
408 }
409
410 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
411 if (r < 0 && r != -ENOENT)
412 log_error("Failed to vacuum %s: %s", p, strerror(-r));
413 free(p);
414 }
415
416 s->cached_available_space_timestamp = 0;
417 }
418
419 bool shall_try_append_again(JournalFile *f, int r) {
420
421 /* -E2BIG Hit configured limit
422 -EFBIG Hit fs limit
423 -EDQUOT Quota limit hit
424 -ENOSPC Disk full
425 -EHOSTDOWN Other machine
426 -EBUSY Unclean shutdown
427 -EPROTONOSUPPORT Unsupported feature
428 -EBADMSG Corrupted
429 -ENODATA Truncated
430 -ESHUTDOWN Already archived */
431
432 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
433 log_debug("%s: Allocation limit reached, rotating.", f->path);
434 else if (r == -EHOSTDOWN)
435 log_info("%s: Journal file from other machine, rotating.", f->path);
436 else if (r == -EBUSY)
437 log_info("%s: Unclean shutdown, rotating.", f->path);
438 else if (r == -EPROTONOSUPPORT)
439 log_info("%s: Unsupported feature, rotating.", f->path);
440 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
441 log_warning("%s: Journal file corrupted, rotating.", f->path);
442 else
443 return false;
444
445 return true;
446 }
447
448 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
449 JournalFile *f;
450 bool vacuumed = false;
451 int r;
452
453 assert(s);
454 assert(iovec);
455 assert(n > 0);
456
457 f = find_journal(s, uid);
458 if (!f)
459 return;
460
461 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
462 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
463 server_rotate(s);
464 server_vacuum(s);
465 vacuumed = true;
466
467 f = find_journal(s, uid);
468 if (!f)
469 return;
470 }
471
472 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
473 if (r >= 0) {
474 server_schedule_sync(s);
475 return;
476 }
477
478 if (vacuumed || !shall_try_append_again(f, r)) {
479 log_error("Failed to write entry, ignoring: %s", strerror(-r));
480 return;
481 }
482
483 server_rotate(s);
484 server_vacuum(s);
485
486 f = find_journal(s, uid);
487 if (!f)
488 return;
489
490 log_debug("Retrying write.");
491 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
492 if (r < 0)
493 log_error("Failed to write entry, ignoring: %s", strerror(-r));
494 }
495
496 static void dispatch_message_real(
497 Server *s,
498 struct iovec *iovec, unsigned n, unsigned m,
499 struct ucred *ucred,
500 struct timeval *tv,
501 const char *label, size_t label_len,
502 const char *unit_id) {
503
504 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
505 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
506 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
507 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
508 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
509 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
510 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=";
511 char *comm, *exe, *cmdline, *cgroup, *session, *unit, *hostname;
512 sd_id128_t id;
513 int r;
514 char *t, *c;
515 uid_t realuid = 0, owner = 0, journal_uid;
516 bool owner_valid = false;
517 #ifdef HAVE_AUDIT
518 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
519 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
520
521 uint32_t audit;
522 uid_t loginuid;
523 #endif
524
525 assert(s);
526 assert(iovec);
527 assert(n > 0);
528 assert(n + N_IOVEC_META_FIELDS <= m);
529
530 if (ucred) {
531 realuid = ucred->uid;
532
533 sprintf(pid, "_PID=%lu", (unsigned long) ucred->pid);
534 IOVEC_SET_STRING(iovec[n++], pid);
535
536 sprintf(uid, "_UID=%lu", (unsigned long) ucred->uid);
537 IOVEC_SET_STRING(iovec[n++], uid);
538
539 sprintf(gid, "_GID=%lu", (unsigned long) ucred->gid);
540 IOVEC_SET_STRING(iovec[n++], gid);
541
542 r = get_process_comm(ucred->pid, &t);
543 if (r >= 0) {
544 comm = strappenda("_COMM=", t);
545 free(t);
546 IOVEC_SET_STRING(iovec[n++], comm);
547 }
548
549 r = get_process_exe(ucred->pid, &t);
550 if (r >= 0) {
551 exe = strappenda("_EXE=", t);
552 free(t);
553 IOVEC_SET_STRING(iovec[n++], exe);
554 }
555
556 r = get_process_cmdline(ucred->pid, 0, false, &t);
557 if (r >= 0) {
558 cmdline = strappenda("_CMDLINE=", t);
559 free(t);
560 IOVEC_SET_STRING(iovec[n++], cmdline);
561 }
562
563 #ifdef HAVE_AUDIT
564 r = audit_session_from_pid(ucred->pid, &audit);
565 if (r >= 0) {
566 sprintf(audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit);
567 IOVEC_SET_STRING(iovec[n++], audit_session);
568 }
569
570 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
571 if (r >= 0) {
572 sprintf(audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
573 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
574 }
575 #endif
576
577 r = cg_pid_get_path_shifted(ucred->pid, NULL, &c);
578 if (r >= 0) {
579 cgroup = strappenda("_SYSTEMD_CGROUP=", c);
580 IOVEC_SET_STRING(iovec[n++], cgroup);
581
582 r = cg_path_get_session(c, &t);
583 if (r >= 0) {
584 session = strappenda("_SYSTEMD_SESSION=", t);
585 free(t);
586 IOVEC_SET_STRING(iovec[n++], session);
587 }
588
589 if (cg_path_get_owner_uid(c, &owner) >= 0) {
590 owner_valid = true;
591
592 sprintf(owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
593 IOVEC_SET_STRING(iovec[n++], owner_uid);
594 }
595
596 if (cg_path_get_unit(c, &t) >= 0) {
597 unit = strappenda("_SYSTEMD_UNIT=", t);
598 free(t);
599 } else if (cg_path_get_user_unit(c, &t) >= 0) {
600 unit = strappenda("_SYSTEMD_USER_UNIT=", t);
601 free(t);
602 } else if (unit_id) {
603 if (session)
604 unit = strappenda("_SYSTEMD_USER_UNIT=", unit_id);
605 else
606 unit = strappenda("_SYSTEMD_UNIT=", unit_id);
607 } else
608 unit = NULL;
609
610 if (unit)
611 IOVEC_SET_STRING(iovec[n++], unit);
612
613 free(c);
614 }
615
616 #ifdef HAVE_SELINUX
617 if (label) {
618 char *selinux_context = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
619
620 *((char*) mempcpy(stpcpy(selinux_context, "_SELINUX_CONTEXT="), label, label_len)) = 0;
621 IOVEC_SET_STRING(iovec[n++], selinux_context);
622 } else {
623 security_context_t con;
624
625 if (getpidcon(ucred->pid, &con) >= 0) {
626 char *selinux_context = strappenda("_SELINUX_CONTEXT=", con);
627
628 freecon(con);
629 IOVEC_SET_STRING(iovec[n++], selinux_context);
630 }
631 }
632 #endif
633 }
634
635 if (tv) {
636 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
637 IOVEC_SET_STRING(iovec[n++], source_time);
638 }
639
640 /* Note that strictly speaking storing the boot id here is
641 * redundant since the entry includes this in-line
642 * anyway. However, we need this indexed, too. */
643 r = sd_id128_get_boot(&id);
644 if (r >= 0) {
645 sd_id128_to_string(id, boot_id + sizeof("_BOOT_ID=") - 1);
646 IOVEC_SET_STRING(iovec[n++], boot_id);
647 }
648
649 r = sd_id128_get_machine(&id);
650 if (r >= 0) {
651 sd_id128_to_string(id, machine_id + sizeof("_MACHINE_ID=") - 1);
652 IOVEC_SET_STRING(iovec[n++], machine_id);
653 }
654
655 t = gethostname_malloc();
656 if (t) {
657 hostname = strappenda("_HOSTNAME=", t);
658 free(t);
659 IOVEC_SET_STRING(iovec[n++], hostname);
660 }
661
662 assert(n <= m);
663
664 if (s->split_mode == SPLIT_UID && realuid > 0)
665 /* Split up strictly by any UID */
666 journal_uid = realuid;
667 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
668 /* Split up by login UIDs, this avoids creation of
669 * individual journals for system UIDs. We do this
670 * only if the realuid is not root, in order not to
671 * accidentally leak privileged information to the
672 * user that is logged by a privileged process that is
673 * part of an unprivileged session.*/
674 journal_uid = owner;
675 else
676 journal_uid = 0;
677
678 write_to_journal(s, journal_uid, iovec, n);
679 }
680
681 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
682 char mid[11 + 32 + 1];
683 char buffer[16 + LINE_MAX + 1];
684 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
685 int n = 0;
686 va_list ap;
687 struct ucred ucred = {};
688
689 assert(s);
690 assert(format);
691
692 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
693 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
694
695 memcpy(buffer, "MESSAGE=", 8);
696 va_start(ap, format);
697 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
698 va_end(ap);
699 char_array_0(buffer);
700 IOVEC_SET_STRING(iovec[n++], buffer);
701
702 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
703 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
704 char_array_0(mid);
705 IOVEC_SET_STRING(iovec[n++], mid);
706 }
707
708 ucred.pid = getpid();
709 ucred.uid = getuid();
710 ucred.gid = getgid();
711
712 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
713 }
714
715 void server_dispatch_message(
716 Server *s,
717 struct iovec *iovec, unsigned n, unsigned m,
718 struct ucred *ucred,
719 struct timeval *tv,
720 const char *label, size_t label_len,
721 const char *unit_id,
722 int priority) {
723
724 int rl, r;
725 _cleanup_free_ char *path = NULL;
726 char *c;
727
728 assert(s);
729 assert(iovec || n == 0);
730
731 if (n == 0)
732 return;
733
734 if (LOG_PRI(priority) > s->max_level_store)
735 return;
736
737 if (!ucred)
738 goto finish;
739
740 r = cg_pid_get_path_shifted(ucred->pid, NULL, &path);
741 if (r < 0)
742 goto finish;
743
744 /* example: /user/lennart/3/foobar
745 * /system/dbus.service/foobar
746 *
747 * So let's cut of everything past the third /, since that is
748 * where user directories start */
749
750 c = strchr(path, '/');
751 if (c) {
752 c = strchr(c+1, '/');
753 if (c) {
754 c = strchr(c+1, '/');
755 if (c)
756 *c = 0;
757 }
758 }
759
760 rl = journal_rate_limit_test(s->rate_limit, path,
761 priority & LOG_PRIMASK, available_space(s));
762
763 if (rl == 0)
764 return;
765
766 /* Write a suppression message if we suppressed something */
767 if (rl > 1)
768 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
769 "Suppressed %u messages from %s", rl - 1, path);
770
771 finish:
772 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
773 }
774
775
776 static int system_journal_open(Server *s) {
777 int r;
778 char *fn;
779 sd_id128_t machine;
780 char ids[33];
781
782 r = sd_id128_get_machine(&machine);
783 if (r < 0)
784 return r;
785
786 sd_id128_to_string(machine, ids);
787
788 if (!s->system_journal &&
789 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
790 access("/run/systemd/journal/flushed", F_OK) >= 0) {
791
792 /* If in auto mode: first try to create the machine
793 * path, but not the prefix.
794 *
795 * If in persistent mode: create /var/log/journal and
796 * the machine path */
797
798 if (s->storage == STORAGE_PERSISTENT)
799 (void) mkdir("/var/log/journal/", 0755);
800
801 fn = strappend("/var/log/journal/", ids);
802 if (!fn)
803 return -ENOMEM;
804
805 (void) mkdir(fn, 0755);
806 free(fn);
807
808 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
809 if (!fn)
810 return -ENOMEM;
811
812 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
813 free(fn);
814
815 if (r >= 0) {
816 char fb[FORMAT_BYTES_MAX];
817
818 server_fix_perms(s, s->system_journal, 0);
819 server_driver_message(s, SD_ID128_NULL, "Allowing system journal files to grow to %s.",
820 format_bytes(fb, sizeof(fb), s->system_metrics.max_use));
821
822 } else if (r < 0) {
823
824 if (r != -ENOENT && r != -EROFS)
825 log_warning("Failed to open system journal: %s", strerror(-r));
826
827 r = 0;
828 }
829 }
830
831 if (!s->runtime_journal &&
832 (s->storage != STORAGE_NONE)) {
833
834 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
835 if (!fn)
836 return -ENOMEM;
837
838 if (s->system_journal) {
839
840 /* Try to open the runtime journal, but only
841 * if it already exists, so that we can flush
842 * it into the system journal */
843
844 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
845 free(fn);
846
847 if (r < 0) {
848 if (r != -ENOENT)
849 log_warning("Failed to open runtime journal: %s", strerror(-r));
850
851 r = 0;
852 }
853
854 } else {
855
856 /* OK, we really need the runtime journal, so create
857 * it if necessary. */
858
859 (void) mkdir_parents(fn, 0755);
860 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
861 free(fn);
862
863 if (r < 0) {
864 log_error("Failed to open runtime journal: %s", strerror(-r));
865 return r;
866 }
867 }
868
869 if (s->runtime_journal) {
870 char fb[FORMAT_BYTES_MAX];
871
872 server_fix_perms(s, s->runtime_journal, 0);
873 server_driver_message(s, SD_ID128_NULL, "Allowing runtime journal files to grow to %s.",
874 format_bytes(fb, sizeof(fb), s->runtime_metrics.max_use));
875 }
876 }
877
878 return r;
879 }
880
881 int server_flush_to_var(Server *s) {
882 int r;
883 sd_id128_t machine;
884 sd_journal *j = NULL;
885
886 assert(s);
887
888 if (s->storage != STORAGE_AUTO &&
889 s->storage != STORAGE_PERSISTENT)
890 return 0;
891
892 if (!s->runtime_journal)
893 return 0;
894
895 system_journal_open(s);
896
897 if (!s->system_journal)
898 return 0;
899
900 log_debug("Flushing to /var...");
901
902 r = sd_id128_get_machine(&machine);
903 if (r < 0) {
904 log_error("Failed to get machine id: %s", strerror(-r));
905 return r;
906 }
907
908 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
909 if (r < 0) {
910 log_error("Failed to read runtime journal: %s", strerror(-r));
911 return r;
912 }
913
914 sd_journal_set_data_threshold(j, 0);
915
916 SD_JOURNAL_FOREACH(j) {
917 Object *o = NULL;
918 JournalFile *f;
919
920 f = j->current_file;
921 assert(f && f->current_offset > 0);
922
923 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
924 if (r < 0) {
925 log_error("Can't read entry: %s", strerror(-r));
926 goto finish;
927 }
928
929 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
930 if (r >= 0)
931 continue;
932
933 if (!shall_try_append_again(s->system_journal, r)) {
934 log_error("Can't write entry: %s", strerror(-r));
935 goto finish;
936 }
937
938 server_rotate(s);
939 server_vacuum(s);
940
941 log_debug("Retrying write.");
942 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
943 if (r < 0) {
944 log_error("Can't write entry: %s", strerror(-r));
945 goto finish;
946 }
947 }
948
949 finish:
950 journal_file_post_change(s->system_journal);
951
952 journal_file_close(s->runtime_journal);
953 s->runtime_journal = NULL;
954
955 if (r >= 0)
956 rm_rf("/run/log/journal", false, true, false);
957
958 sd_journal_close(j);
959
960 return r;
961 }
962
963 int process_event(Server *s, struct epoll_event *ev) {
964 assert(s);
965 assert(ev);
966
967 if (ev->data.fd == s->signal_fd) {
968 struct signalfd_siginfo sfsi;
969 ssize_t n;
970
971 if (ev->events != EPOLLIN) {
972 log_error("Got invalid event from epoll.");
973 return -EIO;
974 }
975
976 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
977 if (n != sizeof(sfsi)) {
978
979 if (n >= 0)
980 return -EIO;
981
982 if (errno == EINTR || errno == EAGAIN)
983 return 1;
984
985 return -errno;
986 }
987
988 if (sfsi.ssi_signo == SIGUSR1) {
989 touch("/run/systemd/journal/flushed");
990 server_flush_to_var(s);
991 server_sync(s);
992 return 1;
993 }
994
995 if (sfsi.ssi_signo == SIGUSR2) {
996 server_rotate(s);
997 server_vacuum(s);
998 return 1;
999 }
1000
1001 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1002
1003 return 0;
1004
1005 } else if (ev->data.fd == s->sync_timer_fd) {
1006 int r;
1007 uint64_t t;
1008
1009 log_debug("Got sync request from epoll.");
1010
1011 r = read(ev->data.fd, (void *)&t, sizeof(t));
1012 if (r < 0)
1013 return 0;
1014
1015 server_sync(s);
1016 return 1;
1017
1018 } else if (ev->data.fd == s->dev_kmsg_fd) {
1019 int r;
1020
1021 if (ev->events != EPOLLIN) {
1022 log_error("Got invalid event from epoll.");
1023 return -EIO;
1024 }
1025
1026 r = server_read_dev_kmsg(s);
1027 if (r < 0)
1028 return r;
1029
1030 return 1;
1031
1032 } else if (ev->data.fd == s->native_fd ||
1033 ev->data.fd == s->syslog_fd) {
1034
1035 if (ev->events != EPOLLIN) {
1036 log_error("Got invalid event from epoll.");
1037 return -EIO;
1038 }
1039
1040 for (;;) {
1041 struct msghdr msghdr;
1042 struct iovec iovec;
1043 struct ucred *ucred = NULL;
1044 struct timeval *tv = NULL;
1045 struct cmsghdr *cmsg;
1046 char *label = NULL;
1047 size_t label_len = 0;
1048 union {
1049 struct cmsghdr cmsghdr;
1050
1051 /* We use NAME_MAX space for the
1052 * SELinux label here. The kernel
1053 * currently enforces no limit, but
1054 * according to suggestions from the
1055 * SELinux people this will change and
1056 * it will probably be identical to
1057 * NAME_MAX. For now we use that, but
1058 * this should be updated one day when
1059 * the final limit is known.*/
1060 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1061 CMSG_SPACE(sizeof(struct timeval)) +
1062 CMSG_SPACE(sizeof(int)) + /* fd */
1063 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1064 } control;
1065 ssize_t n;
1066 int v;
1067 int *fds = NULL;
1068 unsigned n_fds = 0;
1069
1070 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1071 log_error("SIOCINQ failed: %m");
1072 return -errno;
1073 }
1074
1075 if (s->buffer_size < (size_t) v) {
1076 void *b;
1077 size_t l;
1078
1079 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1080 b = realloc(s->buffer, l+1);
1081
1082 if (!b) {
1083 log_error("Couldn't increase buffer.");
1084 return -ENOMEM;
1085 }
1086
1087 s->buffer_size = l;
1088 s->buffer = b;
1089 }
1090
1091 zero(iovec);
1092 iovec.iov_base = s->buffer;
1093 iovec.iov_len = s->buffer_size;
1094
1095 zero(control);
1096 zero(msghdr);
1097 msghdr.msg_iov = &iovec;
1098 msghdr.msg_iovlen = 1;
1099 msghdr.msg_control = &control;
1100 msghdr.msg_controllen = sizeof(control);
1101
1102 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1103 if (n < 0) {
1104
1105 if (errno == EINTR || errno == EAGAIN)
1106 return 1;
1107
1108 log_error("recvmsg() failed: %m");
1109 return -errno;
1110 }
1111
1112 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1113
1114 if (cmsg->cmsg_level == SOL_SOCKET &&
1115 cmsg->cmsg_type == SCM_CREDENTIALS &&
1116 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1117 ucred = (struct ucred*) CMSG_DATA(cmsg);
1118 else if (cmsg->cmsg_level == SOL_SOCKET &&
1119 cmsg->cmsg_type == SCM_SECURITY) {
1120 label = (char*) CMSG_DATA(cmsg);
1121 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1122 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1123 cmsg->cmsg_type == SO_TIMESTAMP &&
1124 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1125 tv = (struct timeval*) CMSG_DATA(cmsg);
1126 else if (cmsg->cmsg_level == SOL_SOCKET &&
1127 cmsg->cmsg_type == SCM_RIGHTS) {
1128 fds = (int*) CMSG_DATA(cmsg);
1129 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1130 }
1131 }
1132
1133 if (ev->data.fd == s->syslog_fd) {
1134 char *e;
1135
1136 if (n > 0 && n_fds == 0) {
1137 e = memchr(s->buffer, '\n', n);
1138 if (e)
1139 *e = 0;
1140 else
1141 s->buffer[n] = 0;
1142
1143 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1144 } else if (n_fds > 0)
1145 log_warning("Got file descriptors via syslog socket. Ignoring.");
1146
1147 } else {
1148 if (n > 0 && n_fds == 0)
1149 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1150 else if (n == 0 && n_fds == 1)
1151 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1152 else if (n_fds > 0)
1153 log_warning("Got too many file descriptors via native socket. Ignoring.");
1154 }
1155
1156 close_many(fds, n_fds);
1157 }
1158
1159 return 1;
1160
1161 } else if (ev->data.fd == s->stdout_fd) {
1162
1163 if (ev->events != EPOLLIN) {
1164 log_error("Got invalid event from epoll.");
1165 return -EIO;
1166 }
1167
1168 stdout_stream_new(s);
1169 return 1;
1170
1171 } else {
1172 StdoutStream *stream;
1173
1174 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1175 log_error("Got invalid event from epoll.");
1176 return -EIO;
1177 }
1178
1179 /* If it is none of the well-known fds, it must be an
1180 * stdout stream fd. Note that this is a bit ugly here
1181 * (since we rely that none of the well-known fds
1182 * could be interpreted as pointer), but nonetheless
1183 * safe, since the well-known fds would never get an
1184 * fd > 4096, i.e. beyond the first memory page */
1185
1186 stream = ev->data.ptr;
1187
1188 if (stdout_stream_process(stream) <= 0)
1189 stdout_stream_free(stream);
1190
1191 return 1;
1192 }
1193
1194 log_error("Unknown event.");
1195 return 0;
1196 }
1197
1198 static int open_signalfd(Server *s) {
1199 sigset_t mask;
1200 struct epoll_event ev;
1201
1202 assert(s);
1203
1204 assert_se(sigemptyset(&mask) == 0);
1205 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1206 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1207
1208 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1209 if (s->signal_fd < 0) {
1210 log_error("signalfd(): %m");
1211 return -errno;
1212 }
1213
1214 zero(ev);
1215 ev.events = EPOLLIN;
1216 ev.data.fd = s->signal_fd;
1217
1218 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1219 log_error("epoll_ctl(): %m");
1220 return -errno;
1221 }
1222
1223 return 0;
1224 }
1225
1226 static int server_parse_proc_cmdline(Server *s) {
1227 _cleanup_free_ char *line = NULL;
1228 char *w, *state;
1229 int r;
1230 size_t l;
1231
1232 if (detect_container(NULL) > 0)
1233 return 0;
1234
1235 r = read_one_line_file("/proc/cmdline", &line);
1236 if (r < 0) {
1237 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1238 return 0;
1239 }
1240
1241 FOREACH_WORD_QUOTED(w, l, line, state) {
1242 _cleanup_free_ char *word;
1243
1244 word = strndup(w, l);
1245 if (!word)
1246 return -ENOMEM;
1247
1248 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1249 r = parse_boolean(word + 35);
1250 if (r < 0)
1251 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1252 else
1253 s->forward_to_syslog = r;
1254 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1255 r = parse_boolean(word + 33);
1256 if (r < 0)
1257 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1258 else
1259 s->forward_to_kmsg = r;
1260 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1261 r = parse_boolean(word + 36);
1262 if (r < 0)
1263 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1264 else
1265 s->forward_to_console = r;
1266 } else if (startswith(word, "systemd.journald"))
1267 log_warning("Invalid systemd.journald parameter. Ignoring.");
1268 }
1269
1270 return 0;
1271 }
1272
1273 static int server_parse_config_file(Server *s) {
1274 static const char *fn = "/etc/systemd/journald.conf";
1275 _cleanup_fclose_ FILE *f = NULL;
1276 int r;
1277
1278 assert(s);
1279
1280 f = fopen(fn, "re");
1281 if (!f) {
1282 if (errno == ENOENT)
1283 return 0;
1284
1285 log_warning("Failed to open configuration file %s: %m", fn);
1286 return -errno;
1287 }
1288
1289 r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
1290 (void*) journald_gperf_lookup, false, s);
1291 if (r < 0)
1292 log_warning("Failed to parse configuration file: %s", strerror(-r));
1293
1294 return r;
1295 }
1296
1297 static int server_open_sync_timer(Server *s) {
1298 int r;
1299 struct epoll_event ev;
1300
1301 assert(s);
1302
1303 s->sync_timer_fd = timerfd_create(CLOCK_MONOTONIC, TFD_CLOEXEC);
1304 if (s->sync_timer_fd < 0)
1305 return -errno;
1306
1307 zero(ev);
1308 ev.events = EPOLLIN;
1309 ev.data.fd = s->sync_timer_fd;
1310
1311 r = epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->sync_timer_fd, &ev);
1312 if (r < 0) {
1313 log_error("Failed to add idle timer fd to epoll object: %m");
1314 return -errno;
1315 }
1316
1317 return 0;
1318 }
1319
1320 int server_schedule_sync(Server *s) {
1321 int r;
1322
1323 assert(s);
1324
1325 if (s->sync_scheduled)
1326 return 0;
1327
1328 if (s->sync_interval_usec) {
1329 struct itimerspec sync_timer_enable = {
1330 .it_value.tv_sec = s->sync_interval_usec / USEC_PER_SEC,
1331 .it_value.tv_nsec = s->sync_interval_usec % MSEC_PER_SEC,
1332 };
1333
1334 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_enable, NULL);
1335 if (r < 0)
1336 return -errno;
1337 }
1338
1339 s->sync_scheduled = true;
1340
1341 return 0;
1342 }
1343
1344 int server_init(Server *s) {
1345 int n, r, fd;
1346
1347 assert(s);
1348
1349 zero(*s);
1350 s->sync_timer_fd = s->syslog_fd = s->native_fd = s->stdout_fd =
1351 s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1;
1352 s->compress = true;
1353 s->seal = true;
1354
1355 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1356 s->sync_scheduled = false;
1357
1358 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1359 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1360
1361 s->forward_to_syslog = true;
1362
1363 s->max_level_store = LOG_DEBUG;
1364 s->max_level_syslog = LOG_DEBUG;
1365 s->max_level_kmsg = LOG_NOTICE;
1366 s->max_level_console = LOG_INFO;
1367
1368 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1369 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1370
1371 server_parse_config_file(s);
1372 server_parse_proc_cmdline(s);
1373 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1374 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1375 (long long unsigned) s->rate_limit_interval,
1376 s->rate_limit_burst);
1377 s->rate_limit_interval = s->rate_limit_burst = 0;
1378 }
1379
1380 mkdir_p("/run/systemd/journal", 0755);
1381
1382 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1383 if (!s->user_journals)
1384 return log_oom();
1385
1386 s->mmap = mmap_cache_new();
1387 if (!s->mmap)
1388 return log_oom();
1389
1390 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1391 if (s->epoll_fd < 0) {
1392 log_error("Failed to create epoll object: %m");
1393 return -errno;
1394 }
1395
1396 n = sd_listen_fds(true);
1397 if (n < 0) {
1398 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1399 return n;
1400 }
1401
1402 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1403
1404 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1405
1406 if (s->native_fd >= 0) {
1407 log_error("Too many native sockets passed.");
1408 return -EINVAL;
1409 }
1410
1411 s->native_fd = fd;
1412
1413 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1414
1415 if (s->stdout_fd >= 0) {
1416 log_error("Too many stdout sockets passed.");
1417 return -EINVAL;
1418 }
1419
1420 s->stdout_fd = fd;
1421
1422 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1423
1424 if (s->syslog_fd >= 0) {
1425 log_error("Too many /dev/log sockets passed.");
1426 return -EINVAL;
1427 }
1428
1429 s->syslog_fd = fd;
1430
1431 } else {
1432 log_error("Unknown socket passed.");
1433 return -EINVAL;
1434 }
1435 }
1436
1437 r = server_open_syslog_socket(s);
1438 if (r < 0)
1439 return r;
1440
1441 r = server_open_native_socket(s);
1442 if (r < 0)
1443 return r;
1444
1445 r = server_open_stdout_socket(s);
1446 if (r < 0)
1447 return r;
1448
1449 r = server_open_dev_kmsg(s);
1450 if (r < 0)
1451 return r;
1452
1453 r = server_open_kernel_seqnum(s);
1454 if (r < 0)
1455 return r;
1456
1457 r = server_open_sync_timer(s);
1458 if (r < 0)
1459 return r;
1460
1461 r = open_signalfd(s);
1462 if (r < 0)
1463 return r;
1464
1465 s->udev = udev_new();
1466 if (!s->udev)
1467 return -ENOMEM;
1468
1469 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval,
1470 s->rate_limit_burst);
1471 if (!s->rate_limit)
1472 return -ENOMEM;
1473
1474 r = system_journal_open(s);
1475 if (r < 0)
1476 return r;
1477
1478 return 0;
1479 }
1480
1481 void server_maybe_append_tags(Server *s) {
1482 #ifdef HAVE_GCRYPT
1483 JournalFile *f;
1484 Iterator i;
1485 usec_t n;
1486
1487 n = now(CLOCK_REALTIME);
1488
1489 if (s->system_journal)
1490 journal_file_maybe_append_tag(s->system_journal, n);
1491
1492 HASHMAP_FOREACH(f, s->user_journals, i)
1493 journal_file_maybe_append_tag(f, n);
1494 #endif
1495 }
1496
1497 void server_done(Server *s) {
1498 JournalFile *f;
1499 assert(s);
1500
1501 while (s->stdout_streams)
1502 stdout_stream_free(s->stdout_streams);
1503
1504 if (s->system_journal)
1505 journal_file_close(s->system_journal);
1506
1507 if (s->runtime_journal)
1508 journal_file_close(s->runtime_journal);
1509
1510 while ((f = hashmap_steal_first(s->user_journals)))
1511 journal_file_close(f);
1512
1513 hashmap_free(s->user_journals);
1514
1515 if (s->epoll_fd >= 0)
1516 close_nointr_nofail(s->epoll_fd);
1517
1518 if (s->signal_fd >= 0)
1519 close_nointr_nofail(s->signal_fd);
1520
1521 if (s->syslog_fd >= 0)
1522 close_nointr_nofail(s->syslog_fd);
1523
1524 if (s->native_fd >= 0)
1525 close_nointr_nofail(s->native_fd);
1526
1527 if (s->stdout_fd >= 0)
1528 close_nointr_nofail(s->stdout_fd);
1529
1530 if (s->dev_kmsg_fd >= 0)
1531 close_nointr_nofail(s->dev_kmsg_fd);
1532
1533 if (s->sync_timer_fd >= 0)
1534 close_nointr_nofail(s->sync_timer_fd);
1535
1536 if (s->rate_limit)
1537 journal_rate_limit_free(s->rate_limit);
1538
1539 if (s->kernel_seqnum)
1540 munmap(s->kernel_seqnum, sizeof(uint64_t));
1541
1542 free(s->buffer);
1543 free(s->tty_path);
1544
1545 if (s->mmap)
1546 mmap_cache_unref(s->mmap);
1547
1548 if (s->udev)
1549 udev_unref(s->udev);
1550 }
Unnamed repository; edit this file 'description' to name the repository.