]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
journald: port to sd-event and enable watchdog support
[thirdparty/systemd.git] / src / journal / journald-server.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <sys/signalfd.h>
23 #include <sys/ioctl.h>
24 #include <linux/sockios.h>
25 #include <sys/statvfs.h>
26 #include <sys/mman.h>
27 #include <sys/timerfd.h>
28
29 #include <libudev.h>
30
31 #include "sd-journal.h"
32 #include "sd-messages.h"
33 #include "sd-daemon.h"
34 #include "fileio.h"
35 #include "mkdir.h"
36 #include "hashmap.h"
37 #include "journal-file.h"
38 #include "socket-util.h"
39 #include "cgroup-util.h"
40 #include "list.h"
41 #include "missing.h"
42 #include "conf-parser.h"
43 #include "selinux-util.h"
44 #include "journal-internal.h"
45 #include "journal-vacuum.h"
46 #include "journal-authenticate.h"
47 #include "journald-rate-limit.h"
48 #include "journald-kmsg.h"
49 #include "journald-syslog.h"
50 #include "journald-stream.h"
51 #include "journald-console.h"
52 #include "journald-native.h"
53 #include "journald-server.h"
54
55 #ifdef HAVE_ACL
56 #include <sys/acl.h>
57 #include <acl/libacl.h>
58 #include "acl-util.h"
59 #endif
60
61 #ifdef HAVE_SELINUX
62 #include <selinux/selinux.h>
63 #endif
64
65 #define USER_JOURNALS_MAX 1024
66
67 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
68 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
69 #define DEFAULT_RATE_LIMIT_BURST 1000
70
71 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72
73 static const char* const storage_table[] = {
74 [STORAGE_AUTO] = "auto",
75 [STORAGE_VOLATILE] = "volatile",
76 [STORAGE_PERSISTENT] = "persistent",
77 [STORAGE_NONE] = "none"
78 };
79
80 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
82
83 static const char* const split_mode_table[] = {
84 [SPLIT_NONE] = "none",
85 [SPLIT_UID] = "uid",
86 [SPLIT_LOGIN] = "login"
87 };
88
89 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
90 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
91
92 static uint64_t available_space(Server *s, bool verbose) {
93 char ids[33];
94 _cleanup_free_ char *p = NULL;
95 sd_id128_t machine;
96 struct statvfs ss;
97 uint64_t sum = 0, ss_avail = 0, avail = 0;
98 int r;
99 _cleanup_closedir_ DIR *d = NULL;
100 usec_t ts;
101 const char *f;
102 JournalMetrics *m;
103
104 ts = now(CLOCK_MONOTONIC);
105
106 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts
107 && !verbose)
108 return s->cached_available_space;
109
110 r = sd_id128_get_machine(&machine);
111 if (r < 0)
112 return 0;
113
114 if (s->system_journal) {
115 f = "/var/log/journal/";
116 m = &s->system_metrics;
117 } else {
118 f = "/run/log/journal/";
119 m = &s->runtime_metrics;
120 }
121
122 assert(m);
123
124 p = strappend(f, sd_id128_to_string(machine, ids));
125 if (!p)
126 return 0;
127
128 d = opendir(p);
129 if (!d)
130 return 0;
131
132 if (fstatvfs(dirfd(d), &ss) < 0)
133 return 0;
134
135 for (;;) {
136 struct stat st;
137 struct dirent *de;
138 union dirent_storage buf;
139
140 r = readdir_r(d, &buf.de, &de);
141 if (r != 0)
142 break;
143
144 if (!de)
145 break;
146
147 if (!endswith(de->d_name, ".journal") &&
148 !endswith(de->d_name, ".journal~"))
149 continue;
150
151 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
152 continue;
153
154 if (!S_ISREG(st.st_mode))
155 continue;
156
157 sum += (uint64_t) st.st_blocks * 512UL;
158 }
159
160 ss_avail = ss.f_bsize * ss.f_bavail;
161 avail = ss_avail > m->keep_free ? ss_avail - m->keep_free : 0;
162
163 s->cached_available_space = MIN(m->max_use, avail) > sum ? MIN(m->max_use, avail) - sum : 0;
164 s->cached_available_space_timestamp = ts;
165
166 if (verbose) {
167 char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
168 fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX];
169
170 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
171 "%s journal is using %s (max %s, leaving %s of free %s, current limit %s).",
172 s->system_journal ? "Permanent" : "Runtime",
173 format_bytes(fb1, sizeof(fb1), sum),
174 format_bytes(fb2, sizeof(fb2), m->max_use),
175 format_bytes(fb3, sizeof(fb3), m->keep_free),
176 format_bytes(fb4, sizeof(fb4), ss_avail),
177 format_bytes(fb5, sizeof(fb5), MIN(m->max_use, avail)));
178 }
179
180 return s->cached_available_space;
181 }
182
183 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
184 int r;
185 #ifdef HAVE_ACL
186 acl_t acl;
187 acl_entry_t entry;
188 acl_permset_t permset;
189 #endif
190
191 assert(f);
192
193 r = fchmod(f->fd, 0640);
194 if (r < 0)
195 log_warning("Failed to fix access mode on %s, ignoring: %s", f->path, strerror(-r));
196
197 #ifdef HAVE_ACL
198 if (uid <= 0)
199 return;
200
201 acl = acl_get_fd(f->fd);
202 if (!acl) {
203 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
204 return;
205 }
206
207 r = acl_find_uid(acl, uid, &entry);
208 if (r <= 0) {
209
210 if (acl_create_entry(&acl, &entry) < 0 ||
211 acl_set_tag_type(entry, ACL_USER) < 0 ||
212 acl_set_qualifier(entry, &uid) < 0) {
213 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
214 goto finish;
215 }
216 }
217
218 /* We do not recalculate the mask unconditionally here,
219 * so that the fchmod() mask above stays intact. */
220 if (acl_get_permset(entry, &permset) < 0 ||
221 acl_add_perm(permset, ACL_READ) < 0 ||
222 calc_acl_mask_if_needed(&acl) < 0) {
223 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
224 goto finish;
225 }
226
227 if (acl_set_fd(f->fd, acl) < 0)
228 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
229
230 finish:
231 acl_free(acl);
232 #endif
233 }
234
235 static JournalFile* find_journal(Server *s, uid_t uid) {
236 _cleanup_free_ char *p = NULL;
237 int r;
238 JournalFile *f;
239 sd_id128_t machine;
240
241 assert(s);
242
243 /* We split up user logs only on /var, not on /run. If the
244 * runtime file is open, we write to it exclusively, in order
245 * to guarantee proper order as soon as we flush /run to
246 * /var and close the runtime file. */
247
248 if (s->runtime_journal)
249 return s->runtime_journal;
250
251 if (uid <= 0)
252 return s->system_journal;
253
254 r = sd_id128_get_machine(&machine);
255 if (r < 0)
256 return s->system_journal;
257
258 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
259 if (f)
260 return f;
261
262 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
263 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
264 return s->system_journal;
265
266 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
267 /* Too many open? Then let's close one */
268 f = hashmap_steal_first(s->user_journals);
269 assert(f);
270 journal_file_close(f);
271 }
272
273 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
274 if (r < 0)
275 return s->system_journal;
276
277 server_fix_perms(s, f, uid);
278
279 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
280 if (r < 0) {
281 journal_file_close(f);
282 return s->system_journal;
283 }
284
285 return f;
286 }
287
288 void server_rotate(Server *s) {
289 JournalFile *f;
290 void *k;
291 Iterator i;
292 int r;
293
294 log_debug("Rotating...");
295
296 if (s->runtime_journal) {
297 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
298 if (r < 0)
299 if (s->runtime_journal)
300 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
301 else
302 log_error("Failed to create new runtime journal: %s", strerror(-r));
303 else
304 server_fix_perms(s, s->runtime_journal, 0);
305 }
306
307 if (s->system_journal) {
308 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
309 if (r < 0)
310 if (s->system_journal)
311 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
312 else
313 log_error("Failed to create new system journal: %s", strerror(-r));
314
315 else
316 server_fix_perms(s, s->system_journal, 0);
317 }
318
319 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
320 r = journal_file_rotate(&f, s->compress, s->seal);
321 if (r < 0)
322 if (f)
323 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
324 else {
325 log_error("Failed to create user journal: %s", strerror(-r));
326 hashmap_remove(s->user_journals, k);
327 }
328 else {
329 hashmap_replace(s->user_journals, k, f);
330 server_fix_perms(s, f, PTR_TO_UINT32(k));
331 }
332 }
333 }
334
335 void server_sync(Server *s) {
336 JournalFile *f;
337 void *k;
338 Iterator i;
339 int r;
340
341 if (s->system_journal) {
342 r = journal_file_set_offline(s->system_journal);
343 if (r < 0)
344 log_error("Failed to sync system journal: %s", strerror(-r));
345 }
346
347 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
348 r = journal_file_set_offline(f);
349 if (r < 0)
350 log_error("Failed to sync user journal: %s", strerror(-r));
351 }
352
353 if (s->sync_event_source) {
354 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
355 if (r < 0)
356 log_error("Failed to disable sync timer source: %s", strerror(-r));
357 }
358
359 s->sync_scheduled = false;
360 }
361
362 void server_vacuum(Server *s) {
363 char ids[33];
364 sd_id128_t machine;
365 int r;
366
367 log_debug("Vacuuming...");
368
369 s->oldest_file_usec = 0;
370
371 r = sd_id128_get_machine(&machine);
372 if (r < 0) {
373 log_error("Failed to get machine ID: %s", strerror(-r));
374 return;
375 }
376
377 sd_id128_to_string(machine, ids);
378
379 if (s->system_journal) {
380 char *p = strappenda("/var/log/journal/", ids);
381
382 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
383 if (r < 0 && r != -ENOENT)
384 log_error("Failed to vacuum %s: %s", p, strerror(-r));
385 }
386
387 if (s->runtime_journal) {
388 char *p = strappenda("/run/log/journal/", ids);
389
390 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
391 if (r < 0 && r != -ENOENT)
392 log_error("Failed to vacuum %s: %s", p, strerror(-r));
393 }
394
395 s->cached_available_space_timestamp = 0;
396 }
397
398 bool shall_try_append_again(JournalFile *f, int r) {
399
400 /* -E2BIG Hit configured limit
401 -EFBIG Hit fs limit
402 -EDQUOT Quota limit hit
403 -ENOSPC Disk full
404 -EHOSTDOWN Other machine
405 -EBUSY Unclean shutdown
406 -EPROTONOSUPPORT Unsupported feature
407 -EBADMSG Corrupted
408 -ENODATA Truncated
409 -ESHUTDOWN Already archived */
410
411 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
412 log_debug("%s: Allocation limit reached, rotating.", f->path);
413 else if (r == -EHOSTDOWN)
414 log_info("%s: Journal file from other machine, rotating.", f->path);
415 else if (r == -EBUSY)
416 log_info("%s: Unclean shutdown, rotating.", f->path);
417 else if (r == -EPROTONOSUPPORT)
418 log_info("%s: Unsupported feature, rotating.", f->path);
419 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
420 log_warning("%s: Journal file corrupted, rotating.", f->path);
421 else
422 return false;
423
424 return true;
425 }
426
427 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
428 JournalFile *f;
429 bool vacuumed = false;
430 int r;
431
432 assert(s);
433 assert(iovec);
434 assert(n > 0);
435
436 f = find_journal(s, uid);
437 if (!f)
438 return;
439
440 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
441 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
442 server_rotate(s);
443 server_vacuum(s);
444 vacuumed = true;
445
446 f = find_journal(s, uid);
447 if (!f)
448 return;
449 }
450
451 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
452 if (r >= 0) {
453 server_schedule_sync(s, priority);
454 return;
455 }
456
457 if (vacuumed || !shall_try_append_again(f, r)) {
458 size_t size = 0;
459 unsigned i;
460 for (i = 0; i < n; i++)
461 size += iovec[i].iov_len;
462
463 log_error("Failed to write entry (%d items, %zu bytes), ignoring: %s", n, size, strerror(-r));
464 return;
465 }
466
467 server_rotate(s);
468 server_vacuum(s);
469
470 f = find_journal(s, uid);
471 if (!f)
472 return;
473
474 log_debug("Retrying write.");
475 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
476 if (r < 0) {
477 size_t size = 0;
478 unsigned i;
479 for (i = 0; i < n; i++)
480 size += iovec[i].iov_len;
481
482 log_error("Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %s", n, size, strerror(-r));
483 } else
484 server_schedule_sync(s, priority);
485 }
486
487 static void dispatch_message_real(
488 Server *s,
489 struct iovec *iovec, unsigned n, unsigned m,
490 struct ucred *ucred,
491 struct timeval *tv,
492 const char *label, size_t label_len,
493 const char *unit_id,
494 int priority,
495 pid_t object_pid) {
496
497 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
498 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
499 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
500 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
501 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
502 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
503 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=",
504 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
505 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
506 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
507 uid_t object_uid;
508 gid_t object_gid;
509 char *x;
510 sd_id128_t id;
511 int r;
512 char *t, *c;
513 uid_t realuid = 0, owner = 0, journal_uid;
514 bool owner_valid = false;
515 #ifdef HAVE_AUDIT
516 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
517 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
518 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
519 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
520
521 uint32_t audit;
522 uid_t loginuid;
523 #endif
524
525 assert(s);
526 assert(iovec);
527 assert(n > 0);
528 assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
529
530 if (ucred) {
531 realuid = ucred->uid;
532
533 sprintf(pid, "_PID=%lu", (unsigned long) ucred->pid);
534 IOVEC_SET_STRING(iovec[n++], pid);
535
536 sprintf(uid, "_UID=%lu", (unsigned long) ucred->uid);
537 IOVEC_SET_STRING(iovec[n++], uid);
538
539 sprintf(gid, "_GID=%lu", (unsigned long) ucred->gid);
540 IOVEC_SET_STRING(iovec[n++], gid);
541
542 r = get_process_comm(ucred->pid, &t);
543 if (r >= 0) {
544 x = strappenda("_COMM=", t);
545 free(t);
546 IOVEC_SET_STRING(iovec[n++], x);
547 }
548
549 r = get_process_exe(ucred->pid, &t);
550 if (r >= 0) {
551 x = strappenda("_EXE=", t);
552 free(t);
553 IOVEC_SET_STRING(iovec[n++], x);
554 }
555
556 r = get_process_cmdline(ucred->pid, 0, false, &t);
557 if (r >= 0) {
558 x = strappenda("_CMDLINE=", t);
559 free(t);
560 IOVEC_SET_STRING(iovec[n++], x);
561 }
562
563 r = get_process_capeff(ucred->pid, &t);
564 if (r >= 0) {
565 x = strappenda("_CAP_EFFECTIVE=", t);
566 free(t);
567 IOVEC_SET_STRING(iovec[n++], x);
568 }
569
570 #ifdef HAVE_AUDIT
571 r = audit_session_from_pid(ucred->pid, &audit);
572 if (r >= 0) {
573 sprintf(audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit);
574 IOVEC_SET_STRING(iovec[n++], audit_session);
575 }
576
577 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
578 if (r >= 0) {
579 sprintf(audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
580 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
581 }
582 #endif
583
584 r = cg_pid_get_path_shifted(ucred->pid, NULL, &c);
585 if (r >= 0) {
586 char *session = NULL;
587
588 x = strappenda("_SYSTEMD_CGROUP=", c);
589 IOVEC_SET_STRING(iovec[n++], x);
590
591 r = cg_path_get_session(c, &t);
592 if (r >= 0) {
593 session = strappenda("_SYSTEMD_SESSION=", t);
594 free(t);
595 IOVEC_SET_STRING(iovec[n++], session);
596 }
597
598 if (cg_path_get_owner_uid(c, &owner) >= 0) {
599 owner_valid = true;
600
601 sprintf(owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
602 IOVEC_SET_STRING(iovec[n++], owner_uid);
603 }
604
605 if (cg_path_get_unit(c, &t) >= 0) {
606 x = strappenda("_SYSTEMD_UNIT=", t);
607 free(t);
608 IOVEC_SET_STRING(iovec[n++], x);
609 } else if (unit_id && !session) {
610 x = strappenda("_SYSTEMD_UNIT=", unit_id);
611 IOVEC_SET_STRING(iovec[n++], x);
612 }
613
614 if (cg_path_get_user_unit(c, &t) >= 0) {
615 x = strappenda("_SYSTEMD_USER_UNIT=", t);
616 free(t);
617 IOVEC_SET_STRING(iovec[n++], x);
618 } else if (unit_id && session) {
619 x = strappenda("_SYSTEMD_USER_UNIT=", unit_id);
620 IOVEC_SET_STRING(iovec[n++], x);
621 }
622
623 if (cg_path_get_slice(c, &t) >= 0) {
624 x = strappenda("_SYSTEMD_SLICE=", t);
625 free(t);
626 IOVEC_SET_STRING(iovec[n++], x);
627 }
628
629 free(c);
630 } else if (unit_id) {
631 x = strappenda("_SYSTEMD_UNIT=", unit_id);
632 IOVEC_SET_STRING(iovec[n++], x);
633 }
634
635 #ifdef HAVE_SELINUX
636 if (use_selinux()) {
637 if (label) {
638 x = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
639
640 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
641 IOVEC_SET_STRING(iovec[n++], x);
642 } else {
643 security_context_t con;
644
645 if (getpidcon(ucred->pid, &con) >= 0) {
646 x = strappenda("_SELINUX_CONTEXT=", con);
647
648 freecon(con);
649 IOVEC_SET_STRING(iovec[n++], x);
650 }
651 }
652 }
653 #endif
654 }
655 assert(n <= m);
656
657 if (object_pid) {
658 r = get_process_uid(object_pid, &object_uid);
659 if (r >= 0) {
660 sprintf(o_uid, "OBJECT_UID=%lu", (unsigned long) object_uid);
661 IOVEC_SET_STRING(iovec[n++], o_uid);
662 }
663
664 r = get_process_gid(object_pid, &object_gid);
665 if (r >= 0) {
666 sprintf(o_gid, "OBJECT_GID=%lu", (unsigned long) object_gid);
667 IOVEC_SET_STRING(iovec[n++], o_gid);
668 }
669
670 r = get_process_comm(object_pid, &t);
671 if (r >= 0) {
672 x = strappenda("OBJECT_COMM=", t);
673 free(t);
674 IOVEC_SET_STRING(iovec[n++], x);
675 }
676
677 r = get_process_exe(object_pid, &t);
678 if (r >= 0) {
679 x = strappenda("OBJECT_EXE=", t);
680 free(t);
681 IOVEC_SET_STRING(iovec[n++], x);
682 }
683
684 r = get_process_cmdline(object_pid, 0, false, &t);
685 if (r >= 0) {
686 x = strappenda("OBJECT_CMDLINE=", t);
687 free(t);
688 IOVEC_SET_STRING(iovec[n++], x);
689 }
690
691 #ifdef HAVE_AUDIT
692 r = audit_session_from_pid(object_pid, &audit);
693 if (r >= 0) {
694 sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%lu", (unsigned long) audit);
695 IOVEC_SET_STRING(iovec[n++], o_audit_session);
696 }
697
698 r = audit_loginuid_from_pid(object_pid, &loginuid);
699 if (r >= 0) {
700 sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
701 IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
702 }
703 #endif
704
705 r = cg_pid_get_path_shifted(object_pid, NULL, &c);
706 if (r >= 0) {
707 x = strappenda("OBJECT_SYSTEMD_CGROUP=", c);
708 IOVEC_SET_STRING(iovec[n++], x);
709
710 r = cg_path_get_session(c, &t);
711 if (r >= 0) {
712 x = strappenda("OBJECT_SYSTEMD_SESSION=", t);
713 free(t);
714 IOVEC_SET_STRING(iovec[n++], x);
715 }
716
717 if (cg_path_get_owner_uid(c, &owner) >= 0) {
718 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
719 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
720 }
721
722 if (cg_path_get_unit(c, &t) >= 0) {
723 x = strappenda("OBJECT_SYSTEMD_UNIT=", t);
724 free(t);
725 IOVEC_SET_STRING(iovec[n++], x);
726 }
727
728 if (cg_path_get_user_unit(c, &t) >= 0) {
729 x = strappenda("OBJECT_SYSTEMD_USER_UNIT=", t);
730 free(t);
731 IOVEC_SET_STRING(iovec[n++], x);
732 }
733
734 free(c);
735 }
736 }
737 assert(n <= m);
738
739 if (tv) {
740 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
741 IOVEC_SET_STRING(iovec[n++], source_time);
742 }
743
744 /* Note that strictly speaking storing the boot id here is
745 * redundant since the entry includes this in-line
746 * anyway. However, we need this indexed, too. */
747 r = sd_id128_get_boot(&id);
748 if (r >= 0) {
749 sd_id128_to_string(id, boot_id + strlen("_BOOT_ID="));
750 IOVEC_SET_STRING(iovec[n++], boot_id);
751 }
752
753 r = sd_id128_get_machine(&id);
754 if (r >= 0) {
755 sd_id128_to_string(id, machine_id + strlen("_MACHINE_ID="));
756 IOVEC_SET_STRING(iovec[n++], machine_id);
757 }
758
759 t = gethostname_malloc();
760 if (t) {
761 x = strappenda("_HOSTNAME=", t);
762 free(t);
763 IOVEC_SET_STRING(iovec[n++], x);
764 }
765
766 assert(n <= m);
767
768 if (s->split_mode == SPLIT_UID && realuid > 0)
769 /* Split up strictly by any UID */
770 journal_uid = realuid;
771 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
772 /* Split up by login UIDs, this avoids creation of
773 * individual journals for system UIDs. We do this
774 * only if the realuid is not root, in order not to
775 * accidentally leak privileged information to the
776 * user that is logged by a privileged process that is
777 * part of an unprivileged session.*/
778 journal_uid = owner;
779 else
780 journal_uid = 0;
781
782 write_to_journal(s, journal_uid, iovec, n, priority);
783 }
784
785 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
786 char mid[11 + 32 + 1];
787 char buffer[16 + LINE_MAX + 1];
788 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
789 int n = 0;
790 va_list ap;
791 struct ucred ucred = {};
792
793 assert(s);
794 assert(format);
795
796 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
797 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
798
799 memcpy(buffer, "MESSAGE=", 8);
800 va_start(ap, format);
801 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
802 va_end(ap);
803 char_array_0(buffer);
804 IOVEC_SET_STRING(iovec[n++], buffer);
805
806 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
807 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
808 char_array_0(mid);
809 IOVEC_SET_STRING(iovec[n++], mid);
810 }
811
812 ucred.pid = getpid();
813 ucred.uid = getuid();
814 ucred.gid = getgid();
815
816 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
817 }
818
819 void server_dispatch_message(
820 Server *s,
821 struct iovec *iovec, unsigned n, unsigned m,
822 struct ucred *ucred,
823 struct timeval *tv,
824 const char *label, size_t label_len,
825 const char *unit_id,
826 int priority,
827 pid_t object_pid) {
828
829 int rl, r;
830 _cleanup_free_ char *path = NULL;
831 char *c;
832
833 assert(s);
834 assert(iovec || n == 0);
835
836 if (n == 0)
837 return;
838
839 if (LOG_PRI(priority) > s->max_level_store)
840 return;
841
842 /* Stop early in case the information will not be stored
843 * in a journal. */
844 if (s->storage == STORAGE_NONE)
845 return;
846
847 if (!ucred)
848 goto finish;
849
850 r = cg_pid_get_path_shifted(ucred->pid, NULL, &path);
851 if (r < 0)
852 goto finish;
853
854 /* example: /user/lennart/3/foobar
855 * /system/dbus.service/foobar
856 *
857 * So let's cut of everything past the third /, since that is
858 * where user directories start */
859
860 c = strchr(path, '/');
861 if (c) {
862 c = strchr(c+1, '/');
863 if (c) {
864 c = strchr(c+1, '/');
865 if (c)
866 *c = 0;
867 }
868 }
869
870 rl = journal_rate_limit_test(s->rate_limit, path,
871 priority & LOG_PRIMASK, available_space(s, false));
872
873 if (rl == 0)
874 return;
875
876 /* Write a suppression message if we suppressed something */
877 if (rl > 1)
878 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
879 "Suppressed %u messages from %s", rl - 1, path);
880
881 finish:
882 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
883 }
884
885
886 static int system_journal_open(Server *s) {
887 int r;
888 char *fn;
889 sd_id128_t machine;
890 char ids[33];
891
892 r = sd_id128_get_machine(&machine);
893 if (r < 0) {
894 log_error("Failed to get machine id: %s", strerror(-r));
895 return r;
896 }
897
898 sd_id128_to_string(machine, ids);
899
900 if (!s->system_journal &&
901 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
902 access("/run/systemd/journal/flushed", F_OK) >= 0) {
903
904 /* If in auto mode: first try to create the machine
905 * path, but not the prefix.
906 *
907 * If in persistent mode: create /var/log/journal and
908 * the machine path */
909
910 if (s->storage == STORAGE_PERSISTENT)
911 (void) mkdir("/var/log/journal/", 0755);
912
913 fn = strappenda("/var/log/journal/", ids);
914 (void) mkdir(fn, 0755);
915
916 fn = strappenda(fn, "/system.journal");
917 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
918
919 if (r >= 0)
920 server_fix_perms(s, s->system_journal, 0);
921 else if (r < 0) {
922 if (r != -ENOENT && r != -EROFS)
923 log_warning("Failed to open system journal: %s", strerror(-r));
924
925 r = 0;
926 }
927 }
928
929 if (!s->runtime_journal &&
930 (s->storage != STORAGE_NONE)) {
931
932 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
933 if (!fn)
934 return -ENOMEM;
935
936 if (s->system_journal) {
937
938 /* Try to open the runtime journal, but only
939 * if it already exists, so that we can flush
940 * it into the system journal */
941
942 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
943 free(fn);
944
945 if (r < 0) {
946 if (r != -ENOENT)
947 log_warning("Failed to open runtime journal: %s", strerror(-r));
948
949 r = 0;
950 }
951
952 } else {
953
954 /* OK, we really need the runtime journal, so create
955 * it if necessary. */
956
957 (void) mkdir_parents(fn, 0755);
958 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
959 free(fn);
960
961 if (r < 0) {
962 log_error("Failed to open runtime journal: %s", strerror(-r));
963 return r;
964 }
965 }
966
967 if (s->runtime_journal)
968 server_fix_perms(s, s->runtime_journal, 0);
969 }
970
971 available_space(s, true);
972
973 return r;
974 }
975
976 int server_flush_to_var(Server *s) {
977 sd_id128_t machine;
978 sd_journal *j = NULL;
979 char ts[FORMAT_TIMESPAN_MAX];
980 usec_t start;
981 unsigned n = 0;
982 int r;
983
984 assert(s);
985
986 if (s->storage != STORAGE_AUTO &&
987 s->storage != STORAGE_PERSISTENT)
988 return 0;
989
990 if (!s->runtime_journal)
991 return 0;
992
993 system_journal_open(s);
994
995 if (!s->system_journal)
996 return 0;
997
998 log_debug("Flushing to /var...");
999
1000 start = now(CLOCK_MONOTONIC);
1001
1002 r = sd_id128_get_machine(&machine);
1003 if (r < 0)
1004 return r;
1005
1006 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1007 if (r < 0) {
1008 log_error("Failed to read runtime journal: %s", strerror(-r));
1009 return r;
1010 }
1011
1012 sd_journal_set_data_threshold(j, 0);
1013
1014 SD_JOURNAL_FOREACH(j) {
1015 Object *o = NULL;
1016 JournalFile *f;
1017
1018 f = j->current_file;
1019 assert(f && f->current_offset > 0);
1020
1021 n++;
1022
1023 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1024 if (r < 0) {
1025 log_error("Can't read entry: %s", strerror(-r));
1026 goto finish;
1027 }
1028
1029 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1030 if (r >= 0)
1031 continue;
1032
1033 if (!shall_try_append_again(s->system_journal, r)) {
1034 log_error("Can't write entry: %s", strerror(-r));
1035 goto finish;
1036 }
1037
1038 server_rotate(s);
1039 server_vacuum(s);
1040
1041 if (!s->system_journal) {
1042 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1043 r = -EIO;
1044 goto finish;
1045 }
1046
1047 log_debug("Retrying write.");
1048 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1049 if (r < 0) {
1050 log_error("Can't write entry: %s", strerror(-r));
1051 goto finish;
1052 }
1053 }
1054
1055 finish:
1056 journal_file_post_change(s->system_journal);
1057
1058 journal_file_close(s->runtime_journal);
1059 s->runtime_journal = NULL;
1060
1061 if (r >= 0)
1062 rm_rf("/run/log/journal", false, true, false);
1063
1064 sd_journal_close(j);
1065
1066 server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
1067
1068 return r;
1069 }
1070
1071 int process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1072 Server *s = userdata;
1073
1074 assert(s);
1075 assert(fd == s->native_fd || fd == s->syslog_fd);
1076
1077 if (revents != EPOLLIN) {
1078 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1079 return -EIO;
1080 }
1081
1082 for (;;) {
1083 struct ucred *ucred = NULL;
1084 struct timeval *tv = NULL;
1085 struct cmsghdr *cmsg;
1086 char *label = NULL;
1087 size_t label_len = 0;
1088 struct iovec iovec;
1089
1090 union {
1091 struct cmsghdr cmsghdr;
1092
1093 /* We use NAME_MAX space for the
1094 * SELinux label here. The kernel
1095 * currently enforces no limit, but
1096 * according to suggestions from the
1097 * SELinux people this will change and
1098 * it will probably be identical to
1099 * NAME_MAX. For now we use that, but
1100 * this should be updated one day when
1101 * the final limit is known.*/
1102 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1103 CMSG_SPACE(sizeof(struct timeval)) +
1104 CMSG_SPACE(sizeof(int)) + /* fd */
1105 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1106 } control = {};
1107 struct msghdr msghdr = {
1108 .msg_iov = &iovec,
1109 .msg_iovlen = 1,
1110 .msg_control = &control,
1111 .msg_controllen = sizeof(control),
1112 };
1113
1114 ssize_t n;
1115 int v;
1116 int *fds = NULL;
1117 unsigned n_fds = 0;
1118
1119 if (ioctl(fd, SIOCINQ, &v) < 0) {
1120 log_error("SIOCINQ failed: %m");
1121 return -errno;
1122 }
1123
1124 if (!GREEDY_REALLOC(s->buffer, s->buffer_size, LINE_MAX + (size_t) v))
1125 return log_oom();
1126
1127 iovec.iov_base = s->buffer;
1128 iovec.iov_len = s->buffer_size;
1129
1130 n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1131 if (n < 0) {
1132 if (errno == EINTR || errno == EAGAIN)
1133 return 0;
1134
1135 log_error("recvmsg() failed: %m");
1136 return -errno;
1137 }
1138
1139 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1140
1141 if (cmsg->cmsg_level == SOL_SOCKET &&
1142 cmsg->cmsg_type == SCM_CREDENTIALS &&
1143 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1144 ucred = (struct ucred*) CMSG_DATA(cmsg);
1145 else if (cmsg->cmsg_level == SOL_SOCKET &&
1146 cmsg->cmsg_type == SCM_SECURITY) {
1147 label = (char*) CMSG_DATA(cmsg);
1148 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1149 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1150 cmsg->cmsg_type == SO_TIMESTAMP &&
1151 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1152 tv = (struct timeval*) CMSG_DATA(cmsg);
1153 else if (cmsg->cmsg_level == SOL_SOCKET &&
1154 cmsg->cmsg_type == SCM_RIGHTS) {
1155 fds = (int*) CMSG_DATA(cmsg);
1156 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1157 }
1158 }
1159
1160 if (fd == s->syslog_fd) {
1161 if (n > 0 && n_fds == 0) {
1162 s->buffer[n] = 0;
1163 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1164 } else if (n_fds > 0)
1165 log_warning("Got file descriptors via syslog socket. Ignoring.");
1166
1167 } else {
1168 if (n > 0 && n_fds == 0)
1169 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1170 else if (n == 0 && n_fds == 1)
1171 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1172 else if (n_fds > 0)
1173 log_warning("Got too many file descriptors via native socket. Ignoring.");
1174 }
1175
1176 close_many(fds, n_fds);
1177 }
1178
1179 return 0;
1180 }
1181
1182 static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1183 Server *s = userdata;
1184
1185 assert(s);
1186
1187 log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
1188
1189 touch("/run/systemd/journal/flushed");
1190 server_flush_to_var(s);
1191 server_sync(s);
1192
1193 return 0;
1194 }
1195
1196 static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1197 Server *s = userdata;
1198
1199 assert(s);
1200
1201 log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
1202 server_rotate(s);
1203 server_vacuum(s);
1204
1205 return 0;
1206 }
1207
1208 static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1209 Server *s = userdata;
1210
1211 assert(s);
1212
1213 log_info("Received SIG%s", signal_to_string(si->ssi_signo));
1214
1215 sd_event_request_quit(s->event);
1216 return 0;
1217 }
1218
1219 static int setup_signals(Server *s) {
1220 sigset_t mask;
1221 int r;
1222
1223 assert(s);
1224
1225 assert_se(sigemptyset(&mask) == 0);
1226 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1227 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1228
1229 r = sd_event_add_signal(s->event, SIGUSR1, dispatch_sigusr1, s, &s->sigusr1_event_source);
1230 if (r < 0)
1231 return r;
1232
1233 r = sd_event_add_signal(s->event, SIGUSR2, dispatch_sigusr2, s, &s->sigusr2_event_source);
1234 if (r < 0)
1235 return r;
1236
1237 r = sd_event_add_signal(s->event, SIGTERM, dispatch_sigterm, s, &s->sigterm_event_source);
1238 if (r < 0)
1239 return r;
1240
1241 r = sd_event_add_signal(s->event, SIGINT, dispatch_sigterm, s, &s->sigint_event_source);
1242 if (r < 0)
1243 return r;
1244
1245 return 0;
1246 }
1247
1248 static int server_parse_proc_cmdline(Server *s) {
1249 _cleanup_free_ char *line = NULL;
1250 char *w, *state;
1251 size_t l;
1252 int r;
1253
1254 r = proc_cmdline(&line);
1255 if (r < 0)
1256 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1257 if (r <= 0)
1258 return 0;
1259
1260 FOREACH_WORD_QUOTED(w, l, line, state) {
1261 _cleanup_free_ char *word;
1262
1263 word = strndup(w, l);
1264 if (!word)
1265 return -ENOMEM;
1266
1267 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1268 r = parse_boolean(word + 35);
1269 if (r < 0)
1270 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1271 else
1272 s->forward_to_syslog = r;
1273 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1274 r = parse_boolean(word + 33);
1275 if (r < 0)
1276 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1277 else
1278 s->forward_to_kmsg = r;
1279 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1280 r = parse_boolean(word + 36);
1281 if (r < 0)
1282 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1283 else
1284 s->forward_to_console = r;
1285 } else if (startswith(word, "systemd.journald"))
1286 log_warning("Invalid systemd.journald parameter. Ignoring.");
1287 }
1288
1289 return 0;
1290 }
1291
1292 static int server_parse_config_file(Server *s) {
1293 static const char fn[] = "/etc/systemd/journald.conf";
1294 _cleanup_fclose_ FILE *f = NULL;
1295 int r;
1296
1297 assert(s);
1298
1299 f = fopen(fn, "re");
1300 if (!f) {
1301 if (errno == ENOENT)
1302 return 0;
1303
1304 log_warning("Failed to open configuration file %s: %m", fn);
1305 return -errno;
1306 }
1307
1308 r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
1309 (void*) journald_gperf_lookup, false, false, s);
1310 if (r < 0)
1311 log_warning("Failed to parse configuration file: %s", strerror(-r));
1312
1313 return r;
1314 }
1315
1316 static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1317 Server *s = userdata;
1318
1319 assert(s);
1320
1321 server_sync(s);
1322 return 0;
1323 }
1324
1325 int server_schedule_sync(Server *s, int priority) {
1326 int r;
1327
1328 assert(s);
1329
1330 if (priority <= LOG_CRIT) {
1331 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1332 server_sync(s);
1333 return 0;
1334 }
1335
1336 if (s->sync_scheduled)
1337 return 0;
1338
1339 if (s->sync_interval_usec > 0) {
1340 usec_t when;
1341
1342 r = sd_event_get_now_monotonic(s->event, &when);
1343 if (r < 0)
1344 return r;
1345
1346 when += s->sync_interval_usec;
1347
1348 if (!s->sync_event_source) {
1349 r = sd_event_add_monotonic(s->event, when, 0, server_dispatch_sync, s, &s->sync_event_source);
1350 if (r < 0)
1351 return r;
1352
1353 r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1354 } else {
1355 r = sd_event_source_set_time(s->sync_event_source, when);
1356 if (r < 0)
1357 return r;
1358
1359 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1360 }
1361 if (r < 0)
1362 return r;
1363
1364 s->sync_scheduled = true;
1365 }
1366
1367 return 0;
1368 }
1369
1370 int server_init(Server *s) {
1371 int n, r, fd;
1372
1373 assert(s);
1374
1375 zero(*s);
1376 s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = -1;
1377 s->compress = true;
1378 s->seal = true;
1379
1380 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1381 s->sync_scheduled = false;
1382
1383 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1384 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1385
1386 s->forward_to_syslog = true;
1387
1388 s->max_level_store = LOG_DEBUG;
1389 s->max_level_syslog = LOG_DEBUG;
1390 s->max_level_kmsg = LOG_NOTICE;
1391 s->max_level_console = LOG_INFO;
1392
1393 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1394 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1395
1396 server_parse_config_file(s);
1397 server_parse_proc_cmdline(s);
1398 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1399 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1400 (long long unsigned) s->rate_limit_interval,
1401 s->rate_limit_burst);
1402 s->rate_limit_interval = s->rate_limit_burst = 0;
1403 }
1404
1405 mkdir_p("/run/systemd/journal", 0755);
1406
1407 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1408 if (!s->user_journals)
1409 return log_oom();
1410
1411 s->mmap = mmap_cache_new();
1412 if (!s->mmap)
1413 return log_oom();
1414
1415 r = sd_event_default(&s->event);
1416 if (r < 0) {
1417 log_error("Failed to create event loop: %s", strerror(-r));
1418 return r;
1419 }
1420
1421 sd_event_set_watchdog(s->event, true);
1422
1423 n = sd_listen_fds(true);
1424 if (n < 0) {
1425 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1426 return n;
1427 }
1428
1429 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1430
1431 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1432
1433 if (s->native_fd >= 0) {
1434 log_error("Too many native sockets passed.");
1435 return -EINVAL;
1436 }
1437
1438 s->native_fd = fd;
1439
1440 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1441
1442 if (s->stdout_fd >= 0) {
1443 log_error("Too many stdout sockets passed.");
1444 return -EINVAL;
1445 }
1446
1447 s->stdout_fd = fd;
1448
1449 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1450
1451 if (s->syslog_fd >= 0) {
1452 log_error("Too many /dev/log sockets passed.");
1453 return -EINVAL;
1454 }
1455
1456 s->syslog_fd = fd;
1457
1458 } else {
1459 log_error("Unknown socket passed.");
1460 return -EINVAL;
1461 }
1462 }
1463
1464 r = server_open_syslog_socket(s);
1465 if (r < 0)
1466 return r;
1467
1468 r = server_open_native_socket(s);
1469 if (r < 0)
1470 return r;
1471
1472 r = server_open_stdout_socket(s);
1473 if (r < 0)
1474 return r;
1475
1476 r = server_open_dev_kmsg(s);
1477 if (r < 0)
1478 return r;
1479
1480 r = server_open_kernel_seqnum(s);
1481 if (r < 0)
1482 return r;
1483
1484 r = setup_signals(s);
1485 if (r < 0)
1486 return r;
1487
1488 s->udev = udev_new();
1489 if (!s->udev)
1490 return -ENOMEM;
1491
1492 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
1493 if (!s->rate_limit)
1494 return -ENOMEM;
1495
1496 r = system_journal_open(s);
1497 if (r < 0)
1498 return r;
1499
1500 return 0;
1501 }
1502
1503 void server_maybe_append_tags(Server *s) {
1504 #ifdef HAVE_GCRYPT
1505 JournalFile *f;
1506 Iterator i;
1507 usec_t n;
1508
1509 n = now(CLOCK_REALTIME);
1510
1511 if (s->system_journal)
1512 journal_file_maybe_append_tag(s->system_journal, n);
1513
1514 HASHMAP_FOREACH(f, s->user_journals, i)
1515 journal_file_maybe_append_tag(f, n);
1516 #endif
1517 }
1518
1519 void server_done(Server *s) {
1520 JournalFile *f;
1521 assert(s);
1522
1523 while (s->stdout_streams)
1524 stdout_stream_free(s->stdout_streams);
1525
1526 if (s->system_journal)
1527 journal_file_close(s->system_journal);
1528
1529 if (s->runtime_journal)
1530 journal_file_close(s->runtime_journal);
1531
1532 while ((f = hashmap_steal_first(s->user_journals)))
1533 journal_file_close(f);
1534
1535 hashmap_free(s->user_journals);
1536
1537 sd_event_source_unref(s->syslog_event_source);
1538 sd_event_source_unref(s->native_event_source);
1539 sd_event_source_unref(s->stdout_event_source);
1540 sd_event_source_unref(s->dev_kmsg_event_source);
1541 sd_event_source_unref(s->sync_event_source);
1542 sd_event_source_unref(s->sigusr1_event_source);
1543 sd_event_source_unref(s->sigusr2_event_source);
1544 sd_event_source_unref(s->sigterm_event_source);
1545 sd_event_source_unref(s->sigint_event_source);
1546 sd_event_unref(s->event);
1547
1548 if (s->syslog_fd >= 0)
1549 close_nointr_nofail(s->syslog_fd);
1550
1551 if (s->native_fd >= 0)
1552 close_nointr_nofail(s->native_fd);
1553
1554 if (s->stdout_fd >= 0)
1555 close_nointr_nofail(s->stdout_fd);
1556
1557 if (s->dev_kmsg_fd >= 0)
1558 close_nointr_nofail(s->dev_kmsg_fd);
1559
1560 if (s->rate_limit)
1561 journal_rate_limit_free(s->rate_limit);
1562
1563 if (s->kernel_seqnum)
1564 munmap(s->kernel_seqnum, sizeof(uint64_t));
1565
1566 free(s->buffer);
1567 free(s->tty_path);
1568
1569 if (s->mmap)
1570 mmap_cache_unref(s->mmap);
1571
1572 if (s->udev)
1573 udev_unref(s->udev);
1574 }
Unnamed repository; edit this file 'description' to name the repository.