]> git.ipfire.org Git - thirdparty/systemd.git/blame - src/journal/journald-server.c
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
nspawn: introduce the new /machine/ tree in the cgroup tree and move containers there
[thirdparty/systemd.git] / src / journal / journald-server.c
CommitLineData
d025f1e4
ZJS		 1/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3/***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20***/
21
22#include <sys/signalfd.h>
23#include <sys/ioctl.h>
24#include <linux/sockios.h>
25#include <sys/statvfs.h>
26#include <sys/mman.h>
26687bf8 27#include <sys/timerfd.h>
d025f1e4
ZJS		 28
29#include <libudev.h>
30#include <systemd/sd-journal.h>
31#include <systemd/sd-messages.h>
32#include <systemd/sd-daemon.h>
33
34#ifdef HAVE_LOGIND
35#include <systemd/sd-login.h>
36#endif
37
a5c32cff 38#include "fileio.h"
d025f1e4
ZJS		 39#include "mkdir.h"
40#include "hashmap.h"
41#include "journal-file.h"
42#include "socket-util.h"
43#include "cgroup-util.h"
44#include "list.h"
45#include "virt.h"
46#include "missing.h"
47#include "conf-parser.h"
48#include "journal-internal.h"
49#include "journal-vacuum.h"
50#include "journal-authenticate.h"
51#include "journald-server.h"
52#include "journald-rate-limit.h"
53#include "journald-kmsg.h"
54#include "journald-syslog.h"
55#include "journald-stream.h"
56#include "journald-console.h"
57#include "journald-native.h"
58
59#ifdef HAVE_ACL
60#include <sys/acl.h>
61#include <acl/libacl.h>
62#include "acl-util.h"
63#endif
64
65#ifdef HAVE_SELINUX
66#include <selinux/selinux.h>
67#endif
68
69#define USER_JOURNALS_MAX 1024
70
26687bf8 71#define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
d025f1e4
ZJS		 72#define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
73#define DEFAULT_RATE_LIMIT_BURST 200
74
75#define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
76
77static const char* const storage_table[] = {
78 [STORAGE_AUTO] = "auto",
79 [STORAGE_VOLATILE] = "volatile",
80 [STORAGE_PERSISTENT] = "persistent",
81 [STORAGE_NONE] = "none"
82};
83
84DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
85DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
86
87static const char* const split_mode_table[] = {
88 [SPLIT_NONE] = "none",
89 [SPLIT_UID] = "uid",
90 [SPLIT_LOGIN] = "login"
91};
92
93DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
94DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
95
96static uint64_t available_space(Server *s) {
db91ea32
ZJS		 97 char ids[33];
98 char _cleanup_free_ *p = NULL;
d025f1e4
ZJS		 99 const char *f;
100 sd_id128_t machine;
101 struct statvfs ss;
102 uint64_t sum = 0, avail = 0, ss_avail = 0;
103 int r;
db91ea32 104 DIR _cleanup_closedir_ *d = NULL;
d025f1e4
ZJS		 105 usec_t ts;
106 JournalMetrics *m;
107
108 ts = now(CLOCK_MONOTONIC);
109
110 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
111 return s->cached_available_space;
112
113 r = sd_id128_get_machine(&machine);
114 if (r < 0)
115 return 0;
116
117 if (s->system_journal) {
118 f = "/var/log/journal/";
119 m = &s->system_metrics;
120 } else {
121 f = "/run/log/journal/";
122 m = &s->runtime_metrics;
123 }
124
125 assert(m);
126
127 p = strappend(f, sd_id128_to_string(machine, ids));
128 if (!p)
129 return 0;
130
131 d = opendir(p);
d025f1e4
ZJS		 132 if (!d)
133 return 0;
134
135 if (fstatvfs(dirfd(d), &ss) < 0)
db91ea32 136 return 0;
d025f1e4
ZJS		 137
138 for (;;) {
139 struct stat st;
140 struct dirent *de;
141 union dirent_storage buf;
142
143 r = readdir_r(d, &buf.de, &de);
144 if (r != 0)
145 break;
146
147 if (!de)
148 break;
149
150 if (!endswith(de->d_name, ".journal") &&
151 !endswith(de->d_name, ".journal~"))
152 continue;
153
154 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
155 continue;
156
157 if (!S_ISREG(st.st_mode))
158 continue;
159
160 sum += (uint64_t) st.st_blocks * 512UL;
161 }
162
163 avail = sum >= m->max_use ? 0 : m->max_use - sum;
164
165 ss_avail = ss.f_bsize * ss.f_bavail;
166
167 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
168
169 if (ss_avail < avail)
170 avail = ss_avail;
171
172 s->cached_available_space = avail;
173 s->cached_available_space_timestamp = ts;
174
d025f1e4
ZJS		 175 return avail;
176}
177
178static void server_read_file_gid(Server *s) {
a24c64f0 179 const char *g = "systemd-journal";
d025f1e4
ZJS		 180 int r;
181
182 assert(s);
183
184 if (s->file_gid_valid)
185 return;
186
a24c64f0 187 r = get_group_creds(&g, &s->file_gid);
d025f1e4 188 if (r < 0)
a24c64f0 189 log_warning("Failed to resolve '%s' group: %s", g, strerror(-r));
d025f1e4
ZJS		 190
191 /* if we couldn't read the gid, then it will be 0, but that's
192 * fine and we shouldn't try to resolve the group again, so
193 * let's just pretend it worked right-away. */
194 s->file_gid_valid = true;
195}
196
197void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
198 int r;
199#ifdef HAVE_ACL
200 acl_t acl;
201 acl_entry_t entry;
202 acl_permset_t permset;
203#endif
204
205 assert(f);
206
207 server_read_file_gid(s);
208
209 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
210 if (r < 0)
211 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
212
213#ifdef HAVE_ACL
214 if (uid <= 0)
215 return;
216
217 acl = acl_get_fd(f->fd);
218 if (!acl) {
219 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
220 return;
221 }
222
223 r = acl_find_uid(acl, uid, &entry);
224 if (r <= 0) {
225
226 if (acl_create_entry(&acl, &entry) < 0 ||
227 acl_set_tag_type(entry, ACL_USER) < 0 ||
228 acl_set_qualifier(entry, &uid) < 0) {
229 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
230 goto finish;
231 }
232 }
233
234 if (acl_get_permset(entry, &permset) < 0 ||
235 acl_add_perm(permset, ACL_READ) < 0 ||
236 acl_calc_mask(&acl) < 0) {
237 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
238 goto finish;
239 }
240
241 if (acl_set_fd(f->fd, acl) < 0)
242 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
243
244finish:
245 acl_free(acl);
246#endif
247}
248
249static JournalFile* find_journal(Server *s, uid_t uid) {
250 char *p;
251 int r;
252 JournalFile *f;
253 sd_id128_t machine;
254
255 assert(s);
256
257 /* We split up user logs only on /var, not on /run. If the
258 * runtime file is open, we write to it exclusively, in order
259 * to guarantee proper order as soon as we flush /run to
260 * /var and close the runtime file. */
261
262 if (s->runtime_journal)
263 return s->runtime_journal;
264
265 if (uid <= 0)
266 return s->system_journal;
267
268 r = sd_id128_get_machine(&machine);
269 if (r < 0)
270 return s->system_journal;
271
272 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
273 if (f)
274 return f;
275
276 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
277 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
278 return s->system_journal;
279
280 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
281 /* Too many open? Then let's close one */
282 f = hashmap_steal_first(s->user_journals);
283 assert(f);
284 journal_file_close(f);
285 }
286
287 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f);
288 free(p);
289
290 if (r < 0)
291 return s->system_journal;
292
293 server_fix_perms(s, f, uid);
294
295 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
296 if (r < 0) {
297 journal_file_close(f);
298 return s->system_journal;
299 }
300
301 return f;
302}
303
304void server_rotate(Server *s) {
305 JournalFile *f;
306 void *k;
307 Iterator i;
308 int r;
309
310 log_debug("Rotating...");
311
312 if (s->runtime_journal) {
313 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
314 if (r < 0)
315 if (s->runtime_journal)
316 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
317 else
318 log_error("Failed to create new runtime journal: %s", strerror(-r));
319 else
320 server_fix_perms(s, s->runtime_journal, 0);
321 }
322
323 if (s->system_journal) {
324 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
325 if (r < 0)
326 if (s->system_journal)
327 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
328 else
329 log_error("Failed to create new system journal: %s", strerror(-r));
330
331 else
332 server_fix_perms(s, s->system_journal, 0);
333 }
334
335 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
336 r = journal_file_rotate(&f, s->compress, s->seal);
337 if (r < 0)
7d73c134 338 if (f)
d025f1e4
ZJS		 339 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
340 else
341 log_error("Failed to create user journal: %s", strerror(-r));
342 else {
343 hashmap_replace(s->user_journals, k, f);
344 server_fix_perms(s, f, PTR_TO_UINT32(k));
345 }
346 }
347}
348
26687bf8
OS		 349void server_sync(Server *s) {
350 JournalFile *f;
351 void *k;
352 Iterator i;
353 int r;
354
355 static const struct itimerspec sync_timer_disable = {};
356
357 if (s->system_journal) {
358 r = journal_file_set_offline(s->system_journal);
359 if (r < 0)
360 log_error("Failed to sync system journal: %s", strerror(-r));
361 }
362
363 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
364 r = journal_file_set_offline(f);
365 if (r < 0)
366 log_error("Failed to sync user journal: %s", strerror(-r));
367 }
368
369 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_disable, NULL);
370 if (r < 0)
371 log_error("Failed to disable max timer: %m");
372
373 s->sync_scheduled = false;
374}
375
d025f1e4
ZJS		 376void server_vacuum(Server *s) {
377 char *p;
378 char ids[33];
379 sd_id128_t machine;
380 int r;
381
382 log_debug("Vacuuming...");
383
384 s->oldest_file_usec = 0;
385
386 r = sd_id128_get_machine(&machine);
387 if (r < 0) {
388 log_error("Failed to get machine ID: %s", strerror(-r));
389 return;
390 }
391
392 sd_id128_to_string(machine, ids);
393
394 if (s->system_journal) {
395 p = strappend("/var/log/journal/", ids);
396 if (!p) {
397 log_oom();
398 return;
399 }
400
401 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
402 if (r < 0 && r != -ENOENT)
403 log_error("Failed to vacuum %s: %s", p, strerror(-r));
404 free(p);
405 }
406
407 if (s->runtime_journal) {
408 p = strappend("/run/log/journal/", ids);
409 if (!p) {
410 log_oom();
411 return;
412 }
413
414 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
415 if (r < 0 && r != -ENOENT)
416 log_error("Failed to vacuum %s: %s", p, strerror(-r));
417 free(p);
418 }
419
420 s->cached_available_space_timestamp = 0;
421}
422
d025f1e4
ZJS		 423bool shall_try_append_again(JournalFile *f, int r) {
424
425 /* -E2BIG Hit configured limit
426 -EFBIG Hit fs limit
427 -EDQUOT Quota limit hit
428 -ENOSPC Disk full
429 -EHOSTDOWN Other machine
430 -EBUSY Unclean shutdown
431 -EPROTONOSUPPORT Unsupported feature
432 -EBADMSG Corrupted
433 -ENODATA Truncated
434 -ESHUTDOWN Already archived */
435
436 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
437 log_debug("%s: Allocation limit reached, rotating.", f->path);
438 else if (r == -EHOSTDOWN)
439 log_info("%s: Journal file from other machine, rotating.", f->path);
440 else if (r == -EBUSY)
441 log_info("%s: Unclean shutdown, rotating.", f->path);
442 else if (r == -EPROTONOSUPPORT)
443 log_info("%s: Unsupported feature, rotating.", f->path);
444 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
445 log_warning("%s: Journal file corrupted, rotating.", f->path);
446 else
447 return false;
448
449 return true;
450}
451
452static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
453 JournalFile *f;
454 bool vacuumed = false;
455 int r;
456
457 assert(s);
458 assert(iovec);
459 assert(n > 0);
460
461 f = find_journal(s, uid);
462 if (!f)
463 return;
464
465 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
466 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
467 server_rotate(s);
468 server_vacuum(s);
469 vacuumed = true;
470
471 f = find_journal(s, uid);
472 if (!f)
473 return;
474 }
475
476 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
26687bf8
OS		 477 if (r >= 0) {
478 server_schedule_sync(s);
d025f1e4 479 return;
26687bf8 480 }
d025f1e4
ZJS		 481
482 if (vacuumed || !shall_try_append_again(f, r)) {
483 log_error("Failed to write entry, ignoring: %s", strerror(-r));
484 return;
485 }
486
487 server_rotate(s);
488 server_vacuum(s);
489
490 f = find_journal(s, uid);
491 if (!f)
492 return;
493
494 log_debug("Retrying write.");
495 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
496 if (r < 0)
497 log_error("Failed to write entry, ignoring: %s", strerror(-r));
498}
499
500static void dispatch_message_real(
501 Server *s,
502 struct iovec *iovec, unsigned n, unsigned m,
503 struct ucred *ucred,
504 struct timeval *tv,
505 const char *label, size_t label_len,
506 const char *unit_id) {
507
c2457105
HHPF		 508 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(ucred->pid)],
509 uid[sizeof("_UID=") + DECIMAL_STR_MAX(ucred->uid)],
a5693989 510 gid[sizeof("_GID=") + DECIMAL_STR_MAX(ucred->gid)],
d3789917 511 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
adb435bb
LP		 512 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
513 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=";
c2457105 514
adb435bb 515 char _cleanup_free_ *comm = NULL, *cmdline = NULL, *hostname = NULL,
d025f1e4
ZJS		 516 *exe = NULL, *cgroup = NULL, *session = NULL,
517 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
518
71205118
LP		 519#ifdef HAVE_AUDIT
520 char _cleanup_free_ *audit_session = NULL, *audit_loginuid = NULL;
521#endif
522
d025f1e4
ZJS		 523 sd_id128_t id;
524 int r;
525 char *t;
82499507
LP		 526 uid_t realuid = 0, owner = 0, journal_uid;
527 bool owner_valid = false;
d025f1e4
ZJS		 528
529 assert(s);
530 assert(iovec);
531 assert(n > 0);
532 assert(n + N_IOVEC_META_FIELDS <= m);
533
534 if (ucred) {
0a20e3c1 535#ifdef HAVE_AUDIT
d025f1e4 536 uint32_t audit;
82499507 537 uid_t loginuid;
0a20e3c1 538#endif
d025f1e4
ZJS		 539
540 realuid = ucred->uid;
541
c2457105
HHPF		 542 snprintf(pid, sizeof(pid) - 1, "_PID=%lu", (unsigned long) ucred->pid);
543 char_array_0(pid);
544 IOVEC_SET_STRING(iovec[n++], pid);
d025f1e4 545
c2457105
HHPF		 546 snprintf(uid, sizeof(uid) - 1, "_UID=%lu", (unsigned long) ucred->uid);
547 char_array_0(uid);
548 IOVEC_SET_STRING(iovec[n++], uid);
d025f1e4 549
c2457105
HHPF		 550 snprintf(gid, sizeof(gid) - 1, "_GID=%lu", (unsigned long) ucred->gid);
551 char_array_0(gid);
552 IOVEC_SET_STRING(iovec[n++], gid);
d025f1e4
ZJS		 553
554 r = get_process_comm(ucred->pid, &t);
555 if (r >= 0) {
556 comm = strappend("_COMM=", t);
557 free(t);
558
559 if (comm)
560 IOVEC_SET_STRING(iovec[n++], comm);
561 }
562
563 r = get_process_exe(ucred->pid, &t);
564 if (r >= 0) {
565 exe = strappend("_EXE=", t);
566 free(t);
567
568 if (exe)
569 IOVEC_SET_STRING(iovec[n++], exe);
570 }
571
9bdbc2e2 572 r = get_process_cmdline(ucred->pid, 0, false, &t);
d025f1e4
ZJS		 573 if (r >= 0) {
574 cmdline = strappend("_CMDLINE=", t);
575 free(t);
576
577 if (cmdline)
578 IOVEC_SET_STRING(iovec[n++], cmdline);
579 }
580
0a20e3c1 581#ifdef HAVE_AUDIT
d025f1e4
ZJS		 582 r = audit_session_from_pid(ucred->pid, &audit);
583 if (r >= 0)
584 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
585 IOVEC_SET_STRING(iovec[n++], audit_session);
586
587 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
82499507 588 if (r >= 0)
d025f1e4
ZJS		 589 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
590 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
0a20e3c1 591#endif
d025f1e4 592
7027ff61
LP		 593 r = cg_pid_get_path(NULL, ucred->pid, &t);
594 if (r >= 0) {
d025f1e4
ZJS		 595 cgroup = strappend("_SYSTEMD_CGROUP=", t);
596 free(t);
597
598 if (cgroup)
599 IOVEC_SET_STRING(iovec[n++], cgroup);
600 }
601
602#ifdef HAVE_LOGIND
7027ff61
LP		 603 r = cg_pid_get_session(ucred->pid, &t);
604 if (r >= 0) {
d025f1e4
ZJS		 605 session = strappend("_SYSTEMD_SESSION=", t);
606 free(t);
607
608 if (session)
609 IOVEC_SET_STRING(iovec[n++], session);
610 }
611
83d7d83b 612 if (sd_pid_get_owner_uid(ucred->pid, &owner) >= 0) {
8a0889df 613 owner_valid = true;
d025f1e4
ZJS		 614 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
615 IOVEC_SET_STRING(iovec[n++], owner_uid);
8a0889df 616 }
d025f1e4
ZJS		 617#endif
618
619 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
620 unit = strappend("_SYSTEMD_UNIT=", t);
621 free(t);
ef1673d1
MT		 622 } else if (cg_pid_get_user_unit(ucred->pid, &t) >= 0) {
623 unit = strappend("_SYSTEMD_USER_UNIT=", t);
624 free(t);
625 } else if (unit_id) {
626 if (session)
627 unit = strappend("_SYSTEMD_USER_UNIT=", unit_id);
628 else
629 unit = strappend("_SYSTEMD_UNIT=", unit_id);
630 }
d025f1e4
ZJS		 631
632 if (unit)
633 IOVEC_SET_STRING(iovec[n++], unit);
634
635#ifdef HAVE_SELINUX
636 if (label) {
637 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
638 if (selinux_context) {
fc7b7e2e 639 *((char*) mempcpy(stpcpy(selinux_context, "_SELINUX_CONTEXT="), label, label_len)) = 0;
d025f1e4
ZJS		 640 IOVEC_SET_STRING(iovec[n++], selinux_context);
641 }
642 } else {
643 security_context_t con;
644
645 if (getpidcon(ucred->pid, &con) >= 0) {
646 selinux_context = strappend("_SELINUX_CONTEXT=", con);
647 if (selinux_context)
648 IOVEC_SET_STRING(iovec[n++], selinux_context);
d025f1e4
ZJS		 649 freecon(con);
650 }
651 }
652#endif
653 }
654
655 if (tv) {
a5693989
LP		 656 snprintf(source_time, sizeof(source_time) - 1, "_SOURCE_REALTIME_TIMESTAMP=%llu",
657 (unsigned long long) timeval_load(tv));
658 char_array_0(source_time);
659 IOVEC_SET_STRING(iovec[n++], source_time);
d025f1e4
ZJS		 660 }
661
662 /* Note that strictly speaking storing the boot id here is
663 * redundant since the entry includes this in-line
664 * anyway. However, we need this indexed, too. */
665 r = sd_id128_get_boot(&id);
adb435bb
LP		 666 if (r >= 0) {
667 sd_id128_to_string(id, boot_id + sizeof("_BOOT_ID=") - 1);
668 IOVEC_SET_STRING(iovec[n++], boot_id);
669 }
d025f1e4
ZJS		 670
671 r = sd_id128_get_machine(&id);
adb435bb 672 if (r >= 0) {
d3789917 673 sd_id128_to_string(id, machine_id + sizeof("_MACHINE_ID=") - 1);
adb435bb
LP		 674 IOVEC_SET_STRING(iovec[n++], machine_id);
675 }
d025f1e4
ZJS		 676
677 t = gethostname_malloc();
678 if (t) {
679 hostname = strappend("_HOSTNAME=", t);
680 free(t);
681 if (hostname)
682 IOVEC_SET_STRING(iovec[n++], hostname);
683 }
684
685 assert(n <= m);
686
da499392 687 if (s->split_mode == SPLIT_UID && realuid > 0)
40adcda8 688 /* Split up strictly by any UID */
759c945a 689 journal_uid = realuid;
82499507 690 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
40adcda8
LP		 691 /* Split up by login UIDs, this avoids creation of
692 * individual journals for system UIDs. We do this
693 * only if the realuid is not root, in order not to
82499507
LP		 694 * accidentally leak privileged information to the
695 * user that is logged by a privileged process that is
696 * part of an unprivileged session.*/
8a0889df 697 journal_uid = owner;
da499392
KS		 698 else
699 journal_uid = 0;
759c945a
CW		 700
701 write_to_journal(s, journal_uid, iovec, n);
d025f1e4
ZJS		 702}
703
704void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
705 char mid[11 + 32 + 1];
706 char buffer[16 + LINE_MAX + 1];
707 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
708 int n = 0;
709 va_list ap;
b92bea5d 710 struct ucred ucred = {};
d025f1e4
ZJS		 711
712 assert(s);
713 assert(format);
714
715 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
716 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
717
718 memcpy(buffer, "MESSAGE=", 8);
719 va_start(ap, format);
720 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
721 va_end(ap);
722 char_array_0(buffer);
723 IOVEC_SET_STRING(iovec[n++], buffer);
724
725 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
726 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
727 char_array_0(mid);
728 IOVEC_SET_STRING(iovec[n++], mid);
729 }
730
d025f1e4
ZJS		 731 ucred.pid = getpid();
732 ucred.uid = getuid();
733 ucred.gid = getgid();
734
735 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
736}
737
738void server_dispatch_message(
739 Server *s,
740 struct iovec *iovec, unsigned n, unsigned m,
741 struct ucred *ucred,
742 struct timeval *tv,
743 const char *label, size_t label_len,
744 const char *unit_id,
745 int priority) {
746
7027ff61 747 int rl, r;
db91ea32
ZJS		 748 char _cleanup_free_ *path = NULL;
749 char *c;
d025f1e4
ZJS		 750
751 assert(s);
752 assert(iovec || n == 0);
753
754 if (n == 0)
755 return;
756
757 if (LOG_PRI(priority) > s->max_level_store)
758 return;
759
760 if (!ucred)
761 goto finish;
762
7027ff61
LP		 763 r = cg_pid_get_path_shifted(ucred->pid, NULL, &path);
764 if (r < 0)
d025f1e4
ZJS		 765 goto finish;
766
767 /* example: /user/lennart/3/foobar
768 * /system/dbus.service/foobar
769 *
770 * So let's cut of everything past the third /, since that is
771 * where user directories start */
772
773 c = strchr(path, '/');
774 if (c) {
775 c = strchr(c+1, '/');
776 if (c) {
777 c = strchr(c+1, '/');
778 if (c)
779 *c = 0;
780 }
781 }
782
db91ea32
ZJS		 783 rl = journal_rate_limit_test(s->rate_limit, path,
784 priority & LOG_PRIMASK, available_space(s));
d025f1e4 785
db91ea32 786 if (rl == 0)
d025f1e4 787 return;
d025f1e4
ZJS		 788
789 /* Write a suppression message if we suppressed something */
790 if (rl > 1)
db91ea32
ZJS		 791 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
792 "Suppressed %u messages from %s", rl - 1, path);
d025f1e4
ZJS		 793
794finish:
795 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
796}
797
798
799static int system_journal_open(Server *s) {
800 int r;
801 char *fn;
802 sd_id128_t machine;
803 char ids[33];
804
805 r = sd_id128_get_machine(&machine);
806 if (r < 0)
807 return r;
808
809 sd_id128_to_string(machine, ids);
810
811 if (!s->system_journal &&
812 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
813 access("/run/systemd/journal/flushed", F_OK) >= 0) {
814
815 /* If in auto mode: first try to create the machine
816 * path, but not the prefix.
817 *
818 * If in persistent mode: create /var/log/journal and
819 * the machine path */
820
821 if (s->storage == STORAGE_PERSISTENT)
822 (void) mkdir("/var/log/journal/", 0755);
823
824 fn = strappend("/var/log/journal/", ids);
825 if (!fn)
826 return -ENOMEM;
827
828 (void) mkdir(fn, 0755);
829 free(fn);
830
831 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
832 if (!fn)
833 return -ENOMEM;
834
835 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
836 free(fn);
837
838 if (r >= 0) {
839 char fb[FORMAT_BYTES_MAX];
840
841 server_fix_perms(s, s->system_journal, 0);
842 server_driver_message(s, SD_ID128_NULL, "Allowing system journal files to grow to %s.",
843 format_bytes(fb, sizeof(fb), s->system_metrics.max_use));
844
845 } else if (r < 0) {
846
847 if (r != -ENOENT && r != -EROFS)
848 log_warning("Failed to open system journal: %s", strerror(-r));
849
850 r = 0;
851 }
852 }
853
854 if (!s->runtime_journal &&
855 (s->storage != STORAGE_NONE)) {
856
857 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
858 if (!fn)
859 return -ENOMEM;
860
861 if (s->system_journal) {
862
863 /* Try to open the runtime journal, but only
864 * if it already exists, so that we can flush
865 * it into the system journal */
866
867 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
868 free(fn);
869
870 if (r < 0) {
871 if (r != -ENOENT)
872 log_warning("Failed to open runtime journal: %s", strerror(-r));
873
874 r = 0;
875 }
876
877 } else {
878
879 /* OK, we really need the runtime journal, so create
880 * it if necessary. */
881
882 (void) mkdir_parents(fn, 0755);
883 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
884 free(fn);
885
886 if (r < 0) {
887 log_error("Failed to open runtime journal: %s", strerror(-r));
888 return r;
889 }
890 }
891
892 if (s->runtime_journal) {
893 char fb[FORMAT_BYTES_MAX];
894
895 server_fix_perms(s, s->runtime_journal, 0);
896 server_driver_message(s, SD_ID128_NULL, "Allowing runtime journal files to grow to %s.",
897 format_bytes(fb, sizeof(fb), s->runtime_metrics.max_use));
898 }
899 }
900
901 return r;
902}
903
904int server_flush_to_var(Server *s) {
905 int r;
906 sd_id128_t machine;
907 sd_journal *j = NULL;
908
909 assert(s);
910
911 if (s->storage != STORAGE_AUTO &&
912 s->storage != STORAGE_PERSISTENT)
913 return 0;
914
915 if (!s->runtime_journal)
916 return 0;
917
918 system_journal_open(s);
919
920 if (!s->system_journal)
921 return 0;
922
923 log_debug("Flushing to /var...");
924
925 r = sd_id128_get_machine(&machine);
926 if (r < 0) {
927 log_error("Failed to get machine id: %s", strerror(-r));
928 return r;
929 }
930
931 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
932 if (r < 0) {
933 log_error("Failed to read runtime journal: %s", strerror(-r));
934 return r;
935 }
936
93b73b06
LP		 937 sd_journal_set_data_threshold(j, 0);
938
d025f1e4
ZJS		 939 SD_JOURNAL_FOREACH(j) {
940 Object *o = NULL;
941 JournalFile *f;
942
943 f = j->current_file;
944 assert(f && f->current_offset > 0);
945
946 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
947 if (r < 0) {
948 log_error("Can't read entry: %s", strerror(-r));
949 goto finish;
950 }
951
952 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
953 if (r >= 0)
954 continue;
955
956 if (!shall_try_append_again(s->system_journal, r)) {
957 log_error("Can't write entry: %s", strerror(-r));
958 goto finish;
959 }
960
961 server_rotate(s);
962 server_vacuum(s);
963
964 log_debug("Retrying write.");
965 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
966 if (r < 0) {
967 log_error("Can't write entry: %s", strerror(-r));
968 goto finish;
969 }
970 }
971
972finish:
973 journal_file_post_change(s->system_journal);
974
975 journal_file_close(s->runtime_journal);
976 s->runtime_journal = NULL;
977
978 if (r >= 0)
979 rm_rf("/run/log/journal", false, true, false);
980
763c7aa2 981 sd_journal_close(j);
d025f1e4
ZJS		 982
983 return r;
984}
985
986int process_event(Server *s, struct epoll_event *ev) {
987 assert(s);
988 assert(ev);
989
990 if (ev->data.fd == s->signal_fd) {
991 struct signalfd_siginfo sfsi;
992 ssize_t n;
993
994 if (ev->events != EPOLLIN) {
995 log_error("Got invalid event from epoll.");
996 return -EIO;
997 }
998
999 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
1000 if (n != sizeof(sfsi)) {
1001
1002 if (n >= 0)
1003 return -EIO;
1004
1005 if (errno == EINTR || errno == EAGAIN)
1006 return 1;
1007
1008 return -errno;
1009 }
1010
d025f1e4
ZJS		 1011 if (sfsi.ssi_signo == SIGUSR1) {
1012 touch("/run/systemd/journal/flushed");
1013 server_flush_to_var(s);
26687bf8 1014 server_sync(s);
d025f1e4
ZJS		 1015 return 1;
1016 }
1017
1018 if (sfsi.ssi_signo == SIGUSR2) {
1019 server_rotate(s);
1020 server_vacuum(s);
1021 return 1;
1022 }
1023
26687bf8
OS		 1024 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1025
d025f1e4
ZJS		 1026 return 0;
1027
26687bf8
OS		 1028 } else if (ev->data.fd == s->sync_timer_fd) {
1029 int r;
1030 uint64_t t;
1031
1032 log_debug("Got sync request from epoll.");
1033
1034 r = read(ev->data.fd, (void *)&t, sizeof(t));
1035 if (r < 0)
1036 return 0;
1037
1038 server_sync(s);
1039 return 1;
1040
d025f1e4
ZJS		 1041 } else if (ev->data.fd == s->dev_kmsg_fd) {
1042 int r;
1043
1044 if (ev->events != EPOLLIN) {
1045 log_error("Got invalid event from epoll.");
1046 return -EIO;
1047 }
1048
1049 r = server_read_dev_kmsg(s);
1050 if (r < 0)
1051 return r;
1052
1053 return 1;
1054
1055 } else if (ev->data.fd == s->native_fd ||
1056 ev->data.fd == s->syslog_fd) {
1057
1058 if (ev->events != EPOLLIN) {
1059 log_error("Got invalid event from epoll.");
1060 return -EIO;
1061 }
1062
1063 for (;;) {
1064 struct msghdr msghdr;
1065 struct iovec iovec;
1066 struct ucred *ucred = NULL;
1067 struct timeval *tv = NULL;
1068 struct cmsghdr *cmsg;
1069 char *label = NULL;
1070 size_t label_len = 0;
1071 union {
1072 struct cmsghdr cmsghdr;
1073
1074 /* We use NAME_MAX space for the
1075 * SELinux label here. The kernel
1076 * currently enforces no limit, but
1077 * according to suggestions from the
1078 * SELinux people this will change and
1079 * it will probably be identical to
1080 * NAME_MAX. For now we use that, but
1081 * this should be updated one day when
1082 * the final limit is known.*/
1083 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1084 CMSG_SPACE(sizeof(struct timeval)) +
1085 CMSG_SPACE(sizeof(int)) + /* fd */
1086 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1087 } control;
1088 ssize_t n;
1089 int v;
1090 int *fds = NULL;
1091 unsigned n_fds = 0;
1092
1093 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1094 log_error("SIOCINQ failed: %m");
1095 return -errno;
1096 }
1097
1098 if (s->buffer_size < (size_t) v) {
1099 void *b;
1100 size_t l;
1101
1102 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1103 b = realloc(s->buffer, l+1);
1104
1105 if (!b) {
1106 log_error("Couldn't increase buffer.");
1107 return -ENOMEM;
1108 }
1109
1110 s->buffer_size = l;
1111 s->buffer = b;
1112 }
1113
1114 zero(iovec);
1115 iovec.iov_base = s->buffer;
1116 iovec.iov_len = s->buffer_size;
1117
1118 zero(control);
1119 zero(msghdr);
1120 msghdr.msg_iov = &iovec;
1121 msghdr.msg_iovlen = 1;
1122 msghdr.msg_control = &control;
1123 msghdr.msg_controllen = sizeof(control);
1124
1125 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1126 if (n < 0) {
1127
1128 if (errno == EINTR || errno == EAGAIN)
1129 return 1;
1130
1131 log_error("recvmsg() failed: %m");
1132 return -errno;
1133 }
1134
1135 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1136
1137 if (cmsg->cmsg_level == SOL_SOCKET &&
1138 cmsg->cmsg_type == SCM_CREDENTIALS &&
1139 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1140 ucred = (struct ucred*) CMSG_DATA(cmsg);
1141 else if (cmsg->cmsg_level == SOL_SOCKET &&
1142 cmsg->cmsg_type == SCM_SECURITY) {
1143 label = (char*) CMSG_DATA(cmsg);
1144 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1145 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1146 cmsg->cmsg_type == SO_TIMESTAMP &&
1147 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1148 tv = (struct timeval*) CMSG_DATA(cmsg);
1149 else if (cmsg->cmsg_level == SOL_SOCKET &&
1150 cmsg->cmsg_type == SCM_RIGHTS) {
1151 fds = (int*) CMSG_DATA(cmsg);
1152 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1153 }
1154 }
1155
1156 if (ev->data.fd == s->syslog_fd) {
1157 char *e;
1158
1159 if (n > 0 && n_fds == 0) {
1160 e = memchr(s->buffer, '\n', n);
1161 if (e)
1162 *e = 0;
1163 else
1164 s->buffer[n] = 0;
1165
1166 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1167 } else if (n_fds > 0)
1168 log_warning("Got file descriptors via syslog socket. Ignoring.");
1169
1170 } else {
1171 if (n > 0 && n_fds == 0)
1172 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1173 else if (n == 0 && n_fds == 1)
1174 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1175 else if (n_fds > 0)
1176 log_warning("Got too many file descriptors via native socket. Ignoring.");
1177 }
1178
1179 close_many(fds, n_fds);
1180 }
1181
1182 return 1;
1183
1184 } else if (ev->data.fd == s->stdout_fd) {
1185
1186 if (ev->events != EPOLLIN) {
1187 log_error("Got invalid event from epoll.");
1188 return -EIO;
1189 }
1190
1191 stdout_stream_new(s);
1192 return 1;
1193
1194 } else {
1195 StdoutStream *stream;
1196
1197 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1198 log_error("Got invalid event from epoll.");
1199 return -EIO;
1200 }
1201
1202 /* If it is none of the well-known fds, it must be an
1203 * stdout stream fd. Note that this is a bit ugly here
1204 * (since we rely that none of the well-known fds
1205 * could be interpreted as pointer), but nonetheless
1206 * safe, since the well-known fds would never get an
1207 * fd > 4096, i.e. beyond the first memory page */
1208
1209 stream = ev->data.ptr;
1210
1211 if (stdout_stream_process(stream) <= 0)
1212 stdout_stream_free(stream);
1213
1214 return 1;
1215 }
1216
1217 log_error("Unknown event.");
1218 return 0;
1219}
1220
1221static int open_signalfd(Server *s) {
1222 sigset_t mask;
1223 struct epoll_event ev;
1224
1225 assert(s);
1226
1227 assert_se(sigemptyset(&mask) == 0);
1228 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1229 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1230
1231 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1232 if (s->signal_fd < 0) {
1233 log_error("signalfd(): %m");
1234 return -errno;
1235 }
1236
1237 zero(ev);
1238 ev.events = EPOLLIN;
1239 ev.data.fd = s->signal_fd;
1240
1241 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1242 log_error("epoll_ctl(): %m");
1243 return -errno;
1244 }
1245
1246 return 0;
1247}
1248
1249static int server_parse_proc_cmdline(Server *s) {
db91ea32
ZJS		 1250 char _cleanup_free_ *line = NULL;
1251 char *w, *state;
d025f1e4
ZJS		 1252 int r;
1253 size_t l;
1254
1255 if (detect_container(NULL) > 0)
1256 return 0;
1257
1258 r = read_one_line_file("/proc/cmdline", &line);
1259 if (r < 0) {
1260 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1261 return 0;
1262 }
1263
1264 FOREACH_WORD_QUOTED(w, l, line, state) {
db91ea32 1265 char _cleanup_free_ *word;
d025f1e4
ZJS		 1266
1267 word = strndup(w, l);
db91ea32
ZJS		 1268 if (!word)
1269 return -ENOMEM;
d025f1e4
ZJS		 1270
1271 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1272 r = parse_boolean(word + 35);
1273 if (r < 0)
1274 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1275 else
1276 s->forward_to_syslog = r;
1277 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1278 r = parse_boolean(word + 33);
1279 if (r < 0)
1280 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1281 else
1282 s->forward_to_kmsg = r;
1283 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1284 r = parse_boolean(word + 36);
1285 if (r < 0)
1286 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1287 else
1288 s->forward_to_console = r;
1289 } else if (startswith(word, "systemd.journald"))
1290 log_warning("Invalid systemd.journald parameter. Ignoring.");
d025f1e4
ZJS		 1291 }
1292
db91ea32 1293 return 0;
d025f1e4
ZJS		 1294}
1295
1296static int server_parse_config_file(Server *s) {
db91ea32
ZJS		 1297 static const char *fn = "/etc/systemd/journald.conf";
1298 FILE _cleanup_fclose_ *f = NULL;
d025f1e4
ZJS		 1299 int r;
1300
1301 assert(s);
1302
d025f1e4
ZJS		 1303 f = fopen(fn, "re");
1304 if (!f) {
1305 if (errno == ENOENT)
1306 return 0;
1307
1308 log_warning("Failed to open configuration file %s: %m", fn);
1309 return -errno;
1310 }
1311
db91ea32
ZJS		 1312 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup,
1313 (void*) journald_gperf_lookup, false, s);
d025f1e4
ZJS		 1314 if (r < 0)
1315 log_warning("Failed to parse configuration file: %s", strerror(-r));
1316
d025f1e4
ZJS		 1317 return r;
1318}
1319
26687bf8
OS		 1320static int server_open_sync_timer(Server *s) {
1321 int r;
1322 struct epoll_event ev;
1323
1324 assert(s);
1325
1326 s->sync_timer_fd = timerfd_create(CLOCK_MONOTONIC, TFD_CLOEXEC);
1327 if (s->sync_timer_fd < 0)
1328 return -errno;
1329
1330 zero(ev);
1331 ev.events = EPOLLIN;
1332 ev.data.fd = s->sync_timer_fd;
1333
1334 r = epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->sync_timer_fd, &ev);
1335 if (r < 0) {
1336 log_error("Failed to add idle timer fd to epoll object: %m");
1337 return -errno;
1338 }
1339
1340 return 0;
1341}
1342
1343int server_schedule_sync(Server *s) {
1344 int r;
1345
26687bf8
OS		 1346 assert(s);
1347
1348 if (s->sync_scheduled)
1349 return 0;
1350
1351 if (s->sync_interval_usec) {
b92bea5d
ZJS		 1352 struct itimerspec sync_timer_enable = {
1353 .it_value.tv_sec = s->sync_interval_usec / USEC_PER_SEC,
1354 .it_value.tv_nsec = s->sync_interval_usec % MSEC_PER_SEC,
1355 };
26687bf8
OS		 1356
1357 r = timerfd_settime(s->sync_timer_fd, 0, &sync_timer_enable, NULL);
1358 if (r < 0)
1359 return -errno;
1360 }
1361
1362 s->sync_scheduled = true;
1363
1364 return 0;
1365}
1366
d025f1e4
ZJS		 1367int server_init(Server *s) {
1368 int n, r, fd;
1369
1370 assert(s);
1371
1372 zero(*s);
26687bf8
OS		 1373 s->sync_timer_fd = s->syslog_fd = s->native_fd = s->stdout_fd =
1374 s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1;
d025f1e4
ZJS		 1375 s->compress = true;
1376 s->seal = true;
1377
26687bf8
OS		 1378 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1379 s->sync_scheduled = false;
1380
d025f1e4
ZJS		 1381 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1382 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1383
1384 s->forward_to_syslog = true;
1385
1386 s->max_level_store = LOG_DEBUG;
1387 s->max_level_syslog = LOG_DEBUG;
1388 s->max_level_kmsg = LOG_NOTICE;
1389 s->max_level_console = LOG_INFO;
1390
1391 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1392 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1393
1394 server_parse_config_file(s);
1395 server_parse_proc_cmdline(s);
d288f79f
ZJS		 1396 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1397 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1398 (long long unsigned) s->rate_limit_interval,
1399 s->rate_limit_burst);
1400 s->rate_limit_interval = s->rate_limit_burst = 0;
1401 }
d025f1e4
ZJS		 1402
1403 mkdir_p("/run/systemd/journal", 0755);
1404
1405 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1406 if (!s->user_journals)
1407 return log_oom();
1408
1409 s->mmap = mmap_cache_new();
1410 if (!s->mmap)
1411 return log_oom();
1412
1413 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1414 if (s->epoll_fd < 0) {
1415 log_error("Failed to create epoll object: %m");
1416 return -errno;
1417 }
1418
1419 n = sd_listen_fds(true);
1420 if (n < 0) {
1421 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1422 return n;
1423 }
1424
1425 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1426
1427 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1428
1429 if (s->native_fd >= 0) {
1430 log_error("Too many native sockets passed.");
1431 return -EINVAL;
1432 }
1433
1434 s->native_fd = fd;
1435
1436 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1437
1438 if (s->stdout_fd >= 0) {
1439 log_error("Too many stdout sockets passed.");
1440 return -EINVAL;
1441 }
1442
1443 s->stdout_fd = fd;
1444
1445 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1446
1447 if (s->syslog_fd >= 0) {
1448 log_error("Too many /dev/log sockets passed.");
1449 return -EINVAL;
1450 }
1451
1452 s->syslog_fd = fd;
1453
1454 } else {
1455 log_error("Unknown socket passed.");
1456 return -EINVAL;
1457 }
1458 }
1459
1460 r = server_open_syslog_socket(s);
1461 if (r < 0)
1462 return r;
1463
1464 r = server_open_native_socket(s);
1465 if (r < 0)
1466 return r;
1467
1468 r = server_open_stdout_socket(s);
1469 if (r < 0)
1470 return r;
1471
1472 r = server_open_dev_kmsg(s);
1473 if (r < 0)
1474 return r;
1475
1476 r = server_open_kernel_seqnum(s);
1477 if (r < 0)
1478 return r;
1479
26687bf8
OS		 1480 r = server_open_sync_timer(s);
1481 if (r < 0)
1482 return r;
1483
d025f1e4
ZJS		 1484 r = open_signalfd(s);
1485 if (r < 0)
1486 return r;
1487
1488 s->udev = udev_new();
1489 if (!s->udev)
1490 return -ENOMEM;
1491
d288f79f
ZJS		 1492 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval,
1493 s->rate_limit_burst);
d025f1e4
ZJS		 1494 if (!s->rate_limit)
1495 return -ENOMEM;
1496
1497 r = system_journal_open(s);
1498 if (r < 0)
1499 return r;
1500
1501 return 0;
1502}
1503
1504void server_maybe_append_tags(Server *s) {
1505#ifdef HAVE_GCRYPT
1506 JournalFile *f;
1507 Iterator i;
1508 usec_t n;
1509
1510 n = now(CLOCK_REALTIME);
1511
1512 if (s->system_journal)
1513 journal_file_maybe_append_tag(s->system_journal, n);
1514
1515 HASHMAP_FOREACH(f, s->user_journals, i)
1516 journal_file_maybe_append_tag(f, n);
1517#endif
1518}
1519
1520void server_done(Server *s) {
1521 JournalFile *f;
1522 assert(s);
1523
1524 while (s->stdout_streams)
1525 stdout_stream_free(s->stdout_streams);
1526
1527 if (s->system_journal)
1528 journal_file_close(s->system_journal);
1529
1530 if (s->runtime_journal)
1531 journal_file_close(s->runtime_journal);
1532
1533 while ((f = hashmap_steal_first(s->user_journals)))
1534 journal_file_close(f);
1535
1536 hashmap_free(s->user_journals);
1537
1538 if (s->epoll_fd >= 0)
1539 close_nointr_nofail(s->epoll_fd);
1540
1541 if (s->signal_fd >= 0)
1542 close_nointr_nofail(s->signal_fd);
1543
1544 if (s->syslog_fd >= 0)
1545 close_nointr_nofail(s->syslog_fd);
1546
1547 if (s->native_fd >= 0)
1548 close_nointr_nofail(s->native_fd);
1549
1550 if (s->stdout_fd >= 0)
1551 close_nointr_nofail(s->stdout_fd);
1552
1553 if (s->dev_kmsg_fd >= 0)
1554 close_nointr_nofail(s->dev_kmsg_fd);
1555
26687bf8
OS		 1556 if (s->sync_timer_fd >= 0)
1557 close_nointr_nofail(s->sync_timer_fd);
1558
d025f1e4
ZJS		 1559 if (s->rate_limit)
1560 journal_rate_limit_free(s->rate_limit);
1561
1562 if (s->kernel_seqnum)
1563 munmap(s->kernel_seqnum, sizeof(uint64_t));
1564
1565 free(s->buffer);
1566 free(s->tty_path);
1567
1568 if (s->mmap)
1569 mmap_cache_unref(s->mmap);
1570
1571 if (s->udev)
1572 udev_unref(s->udev);
1573}
Unnamed repository; edit this file 'description' to name the repository.