[thirdparty/systemd.git] / src / journal / journald-syslog.c

/***
  This file is part of systemd.

  Copyright 2011 Lennart Poettering

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/

#include <stddef.h>
#include <sys/epoll.h>
#include <unistd.h>

#include "sd-messages.h"

#include "alloc-util.h"
#include "fd-util.h"
#include "format-util.h"
#include "io-util.h"
#include "journald-console.h"
#include "journald-kmsg.h"
#include "journald-server.h"
#include "journald-syslog.h"
#include "journald-wall.h"
#include "process-util.h"
#include "selinux-util.h"
#include "socket-util.h"
#include "stdio-util.h"
#include "string-util.h"
#include "syslog-util.h"

/* Warn once every 30s if we missed syslog message */
#define WARN_FORWARD_SYSLOG_MISSED_USEC (30 * USEC_PER_SEC)

static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, const struct ucred *ucred, const struct timeval *tv) {

        static const union sockaddr_union sa = {
                .un.sun_family = AF_UNIX,
                .un.sun_path = "/run/systemd/journal/syslog",
        };
        struct msghdr msghdr = {
                .msg_iov = (struct iovec *) iovec,
                .msg_iovlen = n_iovec,
                .msg_name = (struct sockaddr*) &sa.sa,
                .msg_namelen = SOCKADDR_UN_LEN(sa.un),
        };
        struct cmsghdr *cmsg;
        union {
                struct cmsghdr cmsghdr;
                uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
        } control;

        assert(s);
        assert(iovec);
        assert(n_iovec > 0);

        if (ucred) {
                zero(control);
                msghdr.msg_control = &control;
                msghdr.msg_controllen = sizeof(control);

                cmsg = CMSG_FIRSTHDR(&msghdr);
                cmsg->cmsg_level = SOL_SOCKET;
                cmsg->cmsg_type = SCM_CREDENTIALS;
                cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
                memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
                msghdr.msg_controllen = cmsg->cmsg_len;
        }

        /* Forward the syslog message we received via /dev/log to
         * /run/systemd/syslog. Unfortunately we currently can't set
         * the SO_TIMESTAMP auxiliary data, and hence we don't. */

        if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
                return;

        /* The socket is full? I guess the syslog implementation is
         * too slow, and we shouldn't wait for that... */
        if (errno == EAGAIN) {
                s->n_forward_syslog_missed++;
                return;
        }

        if (ucred && IN_SET(errno, ESRCH, EPERM)) {
                struct ucred u;

                /* Hmm, presumably the sender process vanished
                 * by now, or we don't have CAP_SYS_AMDIN, so
                 * let's fix it as good as we can, and retry */

                u = *ucred;
                u.pid = getpid_cached();
                memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));

                if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
                        return;

                if (errno == EAGAIN) {
                        s->n_forward_syslog_missed++;
                        return;
                }
        }

        if (errno != ENOENT)
                log_debug_errno(errno, "Failed to forward syslog message: %m");
}

static void forward_syslog_raw(Server *s, int priority, const char *buffer, const struct ucred *ucred, const struct timeval *tv) {
        struct iovec iovec;

        assert(s);
        assert(buffer);

        if (LOG_PRI(priority) > s->max_level_syslog)
                return;

        iovec = IOVEC_MAKE_STRING(buffer);
        forward_syslog_iovec(s, &iovec, 1, ucred, tv);
}

void server_forward_syslog(Server *s, int priority, const char *identifier, const char *message, const struct ucred *ucred, const struct timeval *tv) {
        struct iovec iovec[5];
        char header_priority[DECIMAL_STR_MAX(priority) + 3], header_time[64],
             header_pid[sizeof("[]: ")-1 + DECIMAL_STR_MAX(pid_t) + 1];
        int n = 0;
        time_t t;
        struct tm *tm;
        _cleanup_free_ char *ident_buf = NULL;

        assert(s);
        assert(priority >= 0);
        assert(priority <= 999);
        assert(message);

        if (LOG_PRI(priority) > s->max_level_syslog)
                return;

        /* First: priority field */
        xsprintf(header_priority, "<%i>", priority);
        iovec[n++] = IOVEC_MAKE_STRING(header_priority);

        /* Second: timestamp */
        t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
        tm = localtime(&t);
        if (!tm)
                return;
        if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
                return;
        iovec[n++] = IOVEC_MAKE_STRING(header_time);

        /* Third: identifier and PID */
        if (ucred) {
                if (!identifier) {
                        get_process_comm(ucred->pid, &ident_buf);
                        identifier = ident_buf;
                }

                xsprintf(header_pid, "["PID_FMT"]: ", ucred->pid);

                if (identifier)
                        iovec[n++] = IOVEC_MAKE_STRING(identifier);

                iovec[n++] = IOVEC_MAKE_STRING(header_pid);
        } else if (identifier) {
                iovec[n++] = IOVEC_MAKE_STRING(identifier);
                iovec[n++] = IOVEC_MAKE_STRING(": ");
        }

        /* Fourth: message */
        iovec[n++] = IOVEC_MAKE_STRING(message);

        forward_syslog_iovec(s, iovec, n, ucred, tv);
}

int syslog_fixup_facility(int priority) {

        if ((priority & LOG_FACMASK) == 0)
                return (priority & LOG_PRIMASK) | LOG_USER;

        return priority;
}

size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) {
        const char *p;
        char *t;
        size_t l, e;

        assert(buf);
        assert(identifier);
        assert(pid);

        p = *buf;

        p += strspn(p, WHITESPACE);
        l = strcspn(p, WHITESPACE);

        if (l <= 0 ||
            p[l-1] != ':')
                return 0;

        e = l;
        l--;

        if (p[l-1] == ']') {
                size_t k = l-1;

                for (;;) {

                        if (p[k] == '[') {
                                t = strndup(p+k+1, l-k-2);
                                if (t)
                                        *pid = t;

                                l = k;
                                break;
                        }

                        if (k == 0)
                                break;

                        k--;
                }
        }

        t = strndup(p, l);
        if (t)
                *identifier = t;

        if (strchr(WHITESPACE, p[e]))
                e++;
        *buf = p + e;
        return e;
}

static void syslog_skip_date(char **buf) {
        enum {
                LETTER,
                SPACE,
                NUMBER,
                SPACE_OR_NUMBER,
                COLON
        } sequence[] = {
                LETTER, LETTER, LETTER,
                SPACE,
                SPACE_OR_NUMBER, NUMBER,
                SPACE,
                SPACE_OR_NUMBER, NUMBER,
                COLON,
                SPACE_OR_NUMBER, NUMBER,
                COLON,
                SPACE_OR_NUMBER, NUMBER,
                SPACE
        };

        char *p;
        unsigned i;

        assert(buf);
        assert(*buf);

        p = *buf;

        for (i = 0; i < ELEMENTSOF(sequence); i++, p++) {

                if (!*p)
                        return;

                switch (sequence[i]) {

                case SPACE:
                        if (*p != ' ')
                                return;
                        break;

                case SPACE_OR_NUMBER:
                        if (*p == ' ')
                                break;

                        /* fall through */

                case NUMBER:
                        if (*p < '0' || *p > '9')
                                return;

                        break;

                case LETTER:
                        if (!(*p >= 'A' && *p <= 'Z') &&
                            !(*p >= 'a' && *p <= 'z'))
                                return;

                        break;

                case COLON:
                        if (*p != ':')
                                return;
                        break;

                }
        }

        *buf = p;
}

void server_process_syslog_message(
                Server *s,
                const char *buf,
                const struct ucred *ucred,
                const struct timeval *tv,
                const char *label,
                size_t label_len) {

        char syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
             syslog_facility[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
        const char *message = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
        _cleanup_free_ char *identifier = NULL, *pid = NULL;
        struct iovec iovec[N_IOVEC_META_FIELDS + 6];
        int priority = LOG_USER | LOG_INFO, r;
        ClientContext *context = NULL;
        const char *orig;
        unsigned n = 0;

        assert(s);
        assert(buf);

        orig = buf;
        syslog_parse_priority(&buf, &priority, true);

        if (s->forward_to_syslog)
                forward_syslog_raw(s, priority, orig, ucred, tv);

        syslog_skip_date((char**) &buf);
        syslog_parse_identifier(&buf, &identifier, &pid);

        if (s->forward_to_kmsg)
                server_forward_kmsg(s, priority, identifier, buf, ucred);

        if (s->forward_to_console)
                server_forward_console(s, priority, identifier, buf, ucred);

        if (s->forward_to_wall)
                server_forward_wall(s, priority, identifier, buf, ucred);

        iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog");

        xsprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK);
        iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);

        if (priority & LOG_FACMASK) {
                xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
                iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
        }

        if (identifier) {
                syslog_identifier = strjoina("SYSLOG_IDENTIFIER=", identifier);
                iovec[n++] = IOVEC_MAKE_STRING(syslog_identifier);
        }

        if (pid) {
                syslog_pid = strjoina("SYSLOG_PID=", pid);
                iovec[n++] = IOVEC_MAKE_STRING(syslog_pid);
        }

        message = strjoina("MESSAGE=", buf);
        if (message)
                iovec[n++] = IOVEC_MAKE_STRING(message);

        if (ucred && pid_is_valid(ucred->pid)) {
                r = client_context_get(s, ucred->pid, ucred, label, label_len, NULL, &context);
                if (r < 0)
                        log_warning_errno(r, "Failed to retrieve credentials for PID " PID_FMT ", ignoring: %m", ucred->pid);
        }

        server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), context, tv, priority, 0);
}

int server_open_syslog_socket(Server *s) {

        static const union sockaddr_union sa = {
                .un.sun_family = AF_UNIX,
                .un.sun_path = "/run/systemd/journal/dev-log",
        };
        static const int one = 1;
        int r;

        assert(s);

        if (s->syslog_fd < 0) {
                s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
                if (s->syslog_fd < 0)
                        return log_error_errno(errno, "socket() failed: %m");

                (void) unlink(sa.un.sun_path);

                r = bind(s->syslog_fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
                if (r < 0)
                        return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);

                (void) chmod(sa.un.sun_path, 0666);
        } else
                fd_nonblock(s->syslog_fd, 1);

        r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
        if (r < 0)
                return log_error_errno(errno, "SO_PASSCRED failed: %m");

#if HAVE_SELINUX
        if (mac_selinux_use()) {
                r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
                if (r < 0)
                        log_warning_errno(errno, "SO_PASSSEC failed: %m");
        }
#endif

        r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
        if (r < 0)
                return log_error_errno(errno, "SO_TIMESTAMP failed: %m");

        r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, server_process_datagram, s);
        if (r < 0)
                return log_error_errno(r, "Failed to add syslog server fd to event loop: %m");

        r = sd_event_source_set_priority(s->syslog_event_source, SD_EVENT_PRIORITY_NORMAL+5);
        if (r < 0)
                return log_error_errno(r, "Failed to adjust syslog event source priority: %m");

        return 0;
}

void server_maybe_warn_forward_syslog_missed(Server *s) {
        usec_t n;

        assert(s);

        if (s->n_forward_syslog_missed <= 0)
                return;

        n = now(CLOCK_MONOTONIC);
        if (s->last_warn_forward_syslog_missed + WARN_FORWARD_SYSLOG_MISSED_USEC > n)
                return;

        server_driver_message(s,
                              "MESSAGE_ID=" SD_MESSAGE_FORWARD_SYSLOG_MISSED_STR,
                              LOG_MESSAGE("Forwarding to syslog missed %u messages.",
                                          s->n_forward_syslog_missed),
                              NULL);

        s->n_forward_syslog_missed = 0;
        s->last_warn_forward_syslog_missed = n;
}
Commit	Line	Data
35e2e347 LP	1	/***
	2	This file is part of systemd.
	3
	4	Copyright 2011 Lennart Poettering
	5
	6	systemd is free software; you can redistribute it and/or modify it
	7	under the terms of the GNU Lesser General Public License as published by
	8	the Free Software Foundation; either version 2.1 of the License, or
	9	(at your option) any later version.
	10
	11	systemd is distributed in the hope that it will be useful, but
	12	WITHOUT ANY WARRANTY; without even the implied warranty of
	13	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
	14	Lesser General Public License for more details.
	15
	16	You should have received a copy of the GNU Lesser General Public License
	17	along with systemd; If not, see <http://www.gnu.org/licenses/>.
	18	***/
	19
4871690d	20	#include <stddef.h>
35e2e347	21	#include <sys/epoll.h>
07630cea	22	#include <unistd.h>
35e2e347	23
07630cea LP	24	#include "sd-messages.h"
07630cea LP	25
b5efdb8a	26	#include "alloc-util.h"
3ffd4af2	27	#include "fd-util.h"
f97b34a6	28	#include "format-util.h"
afc5dbf3	29	#include "io-util.h"
3b7124a8	30	#include "journald-console.h"
07630cea LP	31	#include "journald-kmsg.h"
07630cea LP	32	#include "journald-server.h"
3ffd4af2	33	#include "journald-syslog.h"
40b71e89	34	#include "journald-wall.h"
0b452006	35	#include "process-util.h"
07630cea LP	36	#include "selinux-util.h"
07630cea LP	37	#include "socket-util.h"
15a5e950	38	#include "stdio-util.h"
07630cea	39	#include "string-util.h"
7ccbd1ae	40	#include "syslog-util.h"
35e2e347	41
178cc770 LP	42	/* Warn once every 30s if we missed syslog message */
	43	#define WARN_FORWARD_SYSLOG_MISSED_USEC (30 * USEC_PER_SEC)
	44
3b3154df	45	static void forward_syslog_iovec(Server s, const struct iovec iovec, unsigned n_iovec, const struct ucred ucred, const struct timeval tv) {
b92bea5d	46
46b13157	47	static const union sockaddr_union sa = {
b92bea5d ZJS	48	.un.sun_family = AF_UNIX,
	49	.un.sun_path = "/run/systemd/journal/syslog",
	50	};
	51	struct msghdr msghdr = {
	52	.msg_iov = (struct iovec *) iovec,
	53	.msg_iovlen = n_iovec,
46b13157	54	.msg_name = (struct sockaddr*) &sa.sa,
fc2fffe7	55	.msg_namelen = SOCKADDR_UN_LEN(sa.un),
b92bea5d	56	};
35e2e347 LP	57	struct cmsghdr *cmsg;
	58	union {
	59	struct cmsghdr cmsghdr;
	60	uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
	61	} control;
35e2e347 LP	62
	63	assert(s);
	64	assert(iovec);
	65	assert(n_iovec > 0);
	66
35e2e347 LP	67	if (ucred) {
	68	zero(control);
	69	msghdr.msg_control = &control;
	70	msghdr.msg_controllen = sizeof(control);
	71
	72	cmsg = CMSG_FIRSTHDR(&msghdr);
	73	cmsg->cmsg_level = SOL_SOCKET;
	74	cmsg->cmsg_type = SCM_CREDENTIALS;
	75	cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
	76	memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
	77	msghdr.msg_controllen = cmsg->cmsg_len;
	78	}
	79
	80	/* Forward the syslog message we received via /dev/log to
	81	* /run/systemd/syslog. Unfortunately we currently can't set
	82	* the SO_TIMESTAMP auxiliary data, and hence we don't. */
	83
	84	if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
	85	return;
	86
	87	/* The socket is full? I guess the syslog implementation is
	88	* too slow, and we shouldn't wait for that... */
178cc770 LP	89	if (errno == EAGAIN) {
178cc770 LP	90	s->n_forward_syslog_missed++;
35e2e347	91	return;
178cc770	92	}
35e2e347	93
3742095b	94	if (ucred && IN_SET(errno, ESRCH, EPERM)) {
35e2e347 LP	95	struct ucred u;
	96
	97	/* Hmm, presumably the sender process vanished
ccf23ad5 CS	98	* by now, or we don't have CAP_SYS_AMDIN, so
ccf23ad5 CS	99	* let's fix it as good as we can, and retry */
35e2e347 LP	100
35e2e347 LP	101	u = *ucred;
df0ff127	102	u.pid = getpid_cached();
35e2e347 LP	103	memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
	104
	105	if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
	106	return;
	107
178cc770 LP	108	if (errno == EAGAIN) {
178cc770 LP	109	s->n_forward_syslog_missed++;
35e2e347	110	return;
178cc770	111	}
35e2e347 LP	112	}
	113
	114	if (errno != ENOENT)
56f64d95	115	log_debug_errno(errno, "Failed to forward syslog message: %m");
35e2e347 LP	116	}
35e2e347 LP	117
3b3154df	118	static void forward_syslog_raw(Server s, int priority, const char buffer, const struct ucred ucred, const struct timeval tv) {
35e2e347 LP	119	struct iovec iovec;
	120
	121	assert(s);
	122	assert(buffer);
	123
	124	if (LOG_PRI(priority) > s->max_level_syslog)
	125	return;
	126
e6a7ec4b	127	iovec = IOVEC_MAKE_STRING(buffer);
35e2e347 LP	128	forward_syslog_iovec(s, &iovec, 1, ucred, tv);
	129	}
	130
3b3154df	131	void server_forward_syslog(Server s, int priority, const char identifier, const char message, const struct ucred ucred, const struct timeval *tv) {
35e2e347	132	struct iovec iovec[5];
3b97fcbd	133	char header_priority[DECIMAL_STR_MAX(priority) + 3], header_time[64],
5ffa8c81	134	header_pid[sizeof("[]: ")-1 + DECIMAL_STR_MAX(pid_t) + 1];
35e2e347 LP	135	int n = 0;
	136	time_t t;
	137	struct tm *tm;
e6a7ec4b	138	_cleanup_free_ char *ident_buf = NULL;
35e2e347 LP	139
	140	assert(s);
	141	assert(priority >= 0);
	142	assert(priority <= 999);
	143	assert(message);
	144
	145	if (LOG_PRI(priority) > s->max_level_syslog)
	146	return;
	147
	148	/* First: priority field */
5ffa8c81	149	xsprintf(header_priority, "<%i>", priority);
e6a7ec4b	150	iovec[n++] = IOVEC_MAKE_STRING(header_priority);
35e2e347 LP	151
	152	/* Second: timestamp */
	153	t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
	154	tm = localtime(&t);
	155	if (!tm)
	156	return;
	157	if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
	158	return;
e6a7ec4b	159	iovec[n++] = IOVEC_MAKE_STRING(header_time);
35e2e347 LP	160
	161	/* Third: identifier and PID */
	162	if (ucred) {
	163	if (!identifier) {
	164	get_process_comm(ucred->pid, &ident_buf);
	165	identifier = ident_buf;
	166	}
	167
5ffa8c81	168	xsprintf(header_pid, "["PID_FMT"]: ", ucred->pid);
35e2e347 LP	169
35e2e347 LP	170	if (identifier)
e6a7ec4b	171	iovec[n++] = IOVEC_MAKE_STRING(identifier);
35e2e347	172
e6a7ec4b	173	iovec[n++] = IOVEC_MAKE_STRING(header_pid);
35e2e347	174	} else if (identifier) {
e6a7ec4b LP	175	iovec[n++] = IOVEC_MAKE_STRING(identifier);
e6a7ec4b LP	176	iovec[n++] = IOVEC_MAKE_STRING(": ");
35e2e347 LP	177	}
	178
	179	/* Fourth: message */
e6a7ec4b	180	iovec[n++] = IOVEC_MAKE_STRING(message);
35e2e347 LP	181
35e2e347 LP	182	forward_syslog_iovec(s, iovec, n, ucred, tv);
35e2e347 LP	183	}
	184
	185	int syslog_fixup_facility(int priority) {
	186
	187	if ((priority & LOG_FACMASK) == 0)
	188	return (priority & LOG_PRIMASK) \| LOG_USER;
	189
	190	return priority;
	191	}
	192
e88baee8	193	size_t syslog_parse_identifier(const char buf, char identifier, char **pid) {
35e2e347 LP	194	const char *p;
	195	char *t;
	196	size_t l, e;
	197
	198	assert(buf);
	199	assert(identifier);
	200	assert(pid);
	201
	202	p = *buf;
	203
	204	p += strspn(p, WHITESPACE);
	205	l = strcspn(p, WHITESPACE);
	206
	207	if (l <= 0 \|\|
	208	p[l-1] != ':')
e88baee8	209	return 0;
35e2e347 LP	210
	211	e = l;
	212	l--;
	213
	214	if (p[l-1] == ']') {
	215	size_t k = l-1;
	216
	217	for (;;) {
	218
	219	if (p[k] == '[') {
	220	t = strndup(p+k+1, l-k-2);
	221	if (t)
	222	*pid = t;
	223
	224	l = k;
	225	break;
	226	}
	227
	228	if (k == 0)
	229	break;
	230
	231	k--;
	232	}
	233	}
	234
	235	t = strndup(p, l);
	236	if (t)
	237	*identifier = t;
	238
ec5ff444 FB	239	if (strchr(WHITESPACE, p[e]))
ec5ff444 FB	240	e++;
35e2e347	241	*buf = p + e;
e88baee8	242	return e;
35e2e347 LP	243	}
35e2e347 LP	244
5809560d LP	245	static void syslog_skip_date(char **buf) {
	246	enum {
	247	LETTER,
	248	SPACE,
	249	NUMBER,
	250	SPACE_OR_NUMBER,
	251	COLON
	252	} sequence[] = {
	253	LETTER, LETTER, LETTER,
	254	SPACE,
	255	SPACE_OR_NUMBER, NUMBER,
	256	SPACE,
	257	SPACE_OR_NUMBER, NUMBER,
	258	COLON,
	259	SPACE_OR_NUMBER, NUMBER,
	260	COLON,
	261	SPACE_OR_NUMBER, NUMBER,
	262	SPACE
	263	};
	264
	265	char *p;
	266	unsigned i;
	267
	268	assert(buf);
	269	assert(*buf);
	270
	271	p = *buf;
	272
	273	for (i = 0; i < ELEMENTSOF(sequence); i++, p++) {
	274
	275	if (!*p)
	276	return;
	277
	278	switch (sequence[i]) {
	279
	280	case SPACE:
	281	if (*p != ' ')
	282	return;
	283	break;
	284
	285	case SPACE_OR_NUMBER:
	286	if (*p == ' ')
	287	break;
	288
	289	/* fall through */
	290
	291	case NUMBER:
	292	if (p < '0' \|\| p > '9')
	293	return;
	294
	295	break;
	296
	297	case LETTER:
	298	if (!(p >= 'A' && p <= 'Z') &&
	299	!(p >= 'a' && p <= 'z'))
	300	return;
	301
	302	break;
	303
	304	case COLON:
	305	if (*p != ':')
	306	return;
	307	break;
	308
309	}
310	}
311
312	*buf = p;
313	}
314
35e2e347	315	void server_process_syslog_message(
23be5709 LP	316	Server *s,
	317	const char *buf,
	318	const struct ucred *ucred,
	319	const struct timeval *tv,
	320	const char *label,
	321	size_t label_len) {
35e2e347	322
8457f8d6	323	char syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
13f5402c	324	syslog_facility[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
8457f8d6	325	const char message = NULL, syslog_identifier = NULL, *syslog_pid = NULL;
8457f8d6	326	_cleanup_free_ char identifier = NULL, pid = NULL;
22e3a02b LP	327	struct iovec iovec[N_IOVEC_META_FIELDS + 6];
	328	int priority = LOG_USER \| LOG_INFO, r;
	329	ClientContext *context = NULL;
35e2e347	330	const char *orig;
22e3a02b	331	unsigned n = 0;
35e2e347 LP	332
	333	assert(s);
	334	assert(buf);
	335
	336	orig = buf;
e3bfb7be	337	syslog_parse_priority(&buf, &priority, true);
35e2e347 LP	338
	339	if (s->forward_to_syslog)
	340	forward_syslog_raw(s, priority, orig, ucred, tv);
	341
	342	syslog_skip_date((char**) &buf);
5809560d	343	syslog_parse_identifier(&buf, &identifier, &pid);
35e2e347 LP	344
	345	if (s->forward_to_kmsg)
	346	server_forward_kmsg(s, priority, identifier, buf, ucred);
	347
	348	if (s->forward_to_console)
	349	server_forward_console(s, priority, identifier, buf, ucred);
	350
40b71e89 ST	351	if (s->forward_to_wall)
	352	server_forward_wall(s, priority, identifier, buf, ucred);
	353
e6a7ec4b	354	iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog");
35e2e347	355
d054f0a4	356	xsprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK);
e6a7ec4b	357	iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
35e2e347	358
8457f8d6	359	if (priority & LOG_FACMASK) {
d054f0a4	360	xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
e6a7ec4b	361	iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
8457f8d6	362	}
35e2e347 LP	363
35e2e347 LP	364	if (identifier) {
63c372cb	365	syslog_identifier = strjoina("SYSLOG_IDENTIFIER=", identifier);
e6a7ec4b	366	iovec[n++] = IOVEC_MAKE_STRING(syslog_identifier);
35e2e347 LP	367	}
	368
	369	if (pid) {
63c372cb	370	syslog_pid = strjoina("SYSLOG_PID=", pid);
e6a7ec4b	371	iovec[n++] = IOVEC_MAKE_STRING(syslog_pid);
35e2e347 LP	372	}
35e2e347 LP	373
63c372cb	374	message = strjoina("MESSAGE=", buf);
35e2e347	375	if (message)
e6a7ec4b	376	iovec[n++] = IOVEC_MAKE_STRING(message);
35e2e347	377
22e3a02b LP	378	if (ucred && pid_is_valid(ucred->pid)) {
	379	r = client_context_get(s, ucred->pid, ucred, label, label_len, NULL, &context);
	380	if (r < 0)
	381	log_warning_errno(r, "Failed to retrieve credentials for PID " PID_FMT ", ignoring: %m", ucred->pid);
	382	}
	383
	384	server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), context, tv, priority, 0);
35e2e347 LP	385	}
	386
	387	int server_open_syslog_socket(Server *s) {
fc2fffe7 LP	388
	389	static const union sockaddr_union sa = {
	390	.un.sun_family = AF_UNIX,
	391	.un.sun_path = "/run/systemd/journal/dev-log",
	392	};
3b3154df LP	393	static const int one = 1;
3b3154df LP	394	int r;
35e2e347 LP	395
	396	assert(s);
	397
	398	if (s->syslog_fd < 0) {
35e2e347	399	s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM\|SOCK_CLOEXEC\|SOCK_NONBLOCK, 0);
4a62c710 MS	400	if (s->syslog_fd < 0)
4a62c710 MS	401	return log_error_errno(errno, "socket() failed: %m");
35e2e347	402
fc2fffe7	403	(void) unlink(sa.un.sun_path);
35e2e347	404
fc2fffe7	405	r = bind(s->syslog_fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
4a62c710 MS	406	if (r < 0)
4a62c710 MS	407	return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
35e2e347	408
4a61c3e5	409	(void) chmod(sa.un.sun_path, 0666);
35e2e347 LP	410	} else
	411	fd_nonblock(s->syslog_fd, 1);
	412
35e2e347	413	r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
4a62c710 MS	414	if (r < 0)
4a62c710 MS	415	return log_error_errno(errno, "SO_PASSCRED failed: %m");
35e2e347	416
349cc4a5	417	#if HAVE_SELINUX
6d395665	418	if (mac_selinux_use()) {
d682b3a7 LP	419	r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
d682b3a7 LP	420	if (r < 0)
56f64d95	421	log_warning_errno(errno, "SO_PASSSEC failed: %m");
d682b3a7	422	}
35e2e347 LP	423	#endif
35e2e347 LP	424
35e2e347	425	r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
4a62c710 MS	426	if (r < 0)
4a62c710 MS	427	return log_error_errno(errno, "SO_TIMESTAMP failed: %m");
35e2e347	428
8531ae70	429	r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, server_process_datagram, s);
23bbb0de MS	430	if (r < 0)
23bbb0de MS	431	return log_error_errno(r, "Failed to add syslog server fd to event loop: %m");
35e2e347	432
48cef295 VC	433	r = sd_event_source_set_priority(s->syslog_event_source, SD_EVENT_PRIORITY_NORMAL+5);
	434	if (r < 0)
	435	return log_error_errno(r, "Failed to adjust syslog event source priority: %m");
	436
35e2e347 LP	437	return 0;
35e2e347 LP	438	}
178cc770 LP	439
	440	void server_maybe_warn_forward_syslog_missed(Server *s) {
	441	usec_t n;
fc2fffe7	442
178cc770 LP	443	assert(s);
	444
	445	if (s->n_forward_syslog_missed <= 0)
	446	return;
	447
	448	n = now(CLOCK_MONOTONIC);
	449	if (s->last_warn_forward_syslog_missed + WARN_FORWARD_SYSLOG_MISSED_USEC > n)
	450	return;
	451
2b044526 ZJS	452	server_driver_message(s,
2b044526 ZJS	453	"MESSAGE_ID=" SD_MESSAGE_FORWARD_SYSLOG_MISSED_STR,
8a03c9ef ZJS	454	LOG_MESSAGE("Forwarding to syslog missed %u messages.",
	455	s->n_forward_syslog_missed),
	456	NULL);
178cc770 LP	457
	458	s->n_forward_syslog_missed = 0;
	459	s->last_warn_forward_syslog_missed = n;
	460	}