]>
Commit | Line | Data |
---|---|---|
87d2c1ff LP |
1 | /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/ |
2 | ||
3 | /*** | |
4 | This file is part of systemd. | |
5 | ||
6 | Copyright 2011 Lennart Poettering | |
7 | ||
8 | systemd is free software; you can redistribute it and/or modify it | |
5430f7f2 LP |
9 | under the terms of the GNU Lesser General Public License as published by |
10 | the Free Software Foundation; either version 2.1 of the License, or | |
87d2c1ff LP |
11 | (at your option) any later version. |
12 | ||
13 | systemd is distributed in the hope that it will be useful, but | |
14 | WITHOUT ANY WARRANTY; without even the implied warranty of | |
15 | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
5430f7f2 | 16 | Lesser General Public License for more details. |
87d2c1ff | 17 | |
5430f7f2 | 18 | You should have received a copy of the GNU Lesser General Public License |
87d2c1ff LP |
19 | along with systemd; If not, see <http://www.gnu.org/licenses/>. |
20 | ***/ | |
21 | ||
22 | #include <sys/epoll.h> | |
23 | #include <sys/socket.h> | |
24 | #include <errno.h> | |
25 | #include <sys/signalfd.h> | |
26 | #include <unistd.h> | |
27 | #include <fcntl.h> | |
7f3e6257 LP |
28 | #include <stddef.h> |
29 | #include <sys/ioctl.h> | |
30 | #include <linux/sockios.h> | |
6e409ce1 | 31 | #include <sys/statvfs.h> |
cee5e9a7 | 32 | #include <sys/mman.h> |
87d2c1ff | 33 | |
bdfb9e7f | 34 | #include <libudev.h> |
81527be1 | 35 | #include <systemd/sd-journal.h> |
81527be1 LP |
36 | #include <systemd/sd-messages.h> |
37 | #include <systemd/sd-daemon.h> | |
38 | ||
ba1261bc LP |
39 | #ifdef HAVE_LOGIND |
40 | #include <systemd/sd-login.h> | |
41 | #endif | |
42 | ||
49e942b2 | 43 | #include "mkdir.h" |
87d2c1ff | 44 | #include "hashmap.h" |
cec736d2 | 45 | #include "journal-file.h" |
87d2c1ff | 46 | #include "socket-util.h" |
69e5d42d | 47 | #include "cgroup-util.h" |
fe652127 | 48 | #include "list.h" |
35e2e347 LP |
49 | #include "virt.h" |
50 | #include "missing.h" | |
51 | #include "conf-parser.h" | |
6e409ce1 | 52 | #include "journal-rate-limit.h" |
cf244689 | 53 | #include "journal-internal.h" |
0284adc6 | 54 | #include "journal-vacuum.h" |
89fef990 | 55 | #include "journal-authenticate.h" |
e6960940 | 56 | #include "journald.h" |
ef63833d | 57 | #include "journald-kmsg.h" |
35e2e347 | 58 | #include "journald-syslog.h" |
87d2c1ff | 59 | |
e6520a0f LP |
60 | #ifdef HAVE_ACL |
61 | #include <sys/acl.h> | |
62 | #include <acl/libacl.h> | |
79c07722 | 63 | #include "acl-util.h" |
e6520a0f LP |
64 | #endif |
65 | ||
8a0f04e6 LP |
66 | #ifdef HAVE_SELINUX |
67 | #include <selinux/selinux.h> | |
68 | #endif | |
69 | ||
cab8ac60 | 70 | #define USER_JOURNALS_MAX 1024 |
fe652127 LP |
71 | #define STDOUT_STREAMS_MAX 4096 |
72 | ||
de97b26a LP |
73 | #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC) |
74 | #define DEFAULT_RATE_LIMIT_BURST 200 | |
75 | ||
9cfb57c9 LP |
76 | #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC) |
77 | ||
0dad12c1 LP |
78 | #define ENTRY_SIZE_MAX (1024*1024*32) |
79 | ||
fe652127 | 80 | typedef enum StdoutStreamState { |
4cd9a9d9 | 81 | STDOUT_STREAM_IDENTIFIER, |
62bca2c6 | 82 | STDOUT_STREAM_UNIT_ID, |
fe652127 | 83 | STDOUT_STREAM_PRIORITY, |
258cdffc | 84 | STDOUT_STREAM_LEVEL_PREFIX, |
224f2ee2 LP |
85 | STDOUT_STREAM_FORWARD_TO_SYSLOG, |
86 | STDOUT_STREAM_FORWARD_TO_KMSG, | |
87 | STDOUT_STREAM_FORWARD_TO_CONSOLE, | |
fe652127 LP |
88 | STDOUT_STREAM_RUNNING |
89 | } StdoutStreamState; | |
90 | ||
91 | struct StdoutStream { | |
92 | Server *server; | |
93 | StdoutStreamState state; | |
94 | ||
95 | int fd; | |
96 | ||
97 | struct ucred ucred; | |
7f2c63cb LP |
98 | #ifdef HAVE_SELINUX |
99 | security_context_t security_context; | |
100 | #endif | |
fe652127 | 101 | |
4cd9a9d9 | 102 | char *identifier; |
62bca2c6 | 103 | char *unit_id; |
fe652127 | 104 | int priority; |
258cdffc | 105 | bool level_prefix:1; |
224f2ee2 LP |
106 | bool forward_to_syslog:1; |
107 | bool forward_to_kmsg:1; | |
108 | bool forward_to_console:1; | |
fe652127 LP |
109 | |
110 | char buffer[LINE_MAX+1]; | |
111 | size_t length; | |
112 | ||
113 | LIST_FIELDS(StdoutStream, stdout_stream); | |
114 | }; | |
115 | ||
e156d769 LP |
116 | static const char* const storage_table[] = { |
117 | [STORAGE_AUTO] = "auto", | |
118 | [STORAGE_VOLATILE] = "volatile", | |
205c4d1d | 119 | [STORAGE_PERSISTENT] = "persistent", |
e156d769 LP |
120 | [STORAGE_NONE] = "none" |
121 | }; | |
122 | ||
123 | DEFINE_STRING_TABLE_LOOKUP(storage, Storage); | |
124 | DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting"); | |
125 | ||
6e409ce1 | 126 | static uint64_t available_space(Server *s) { |
babfc091 | 127 | char ids[33], *p; |
6e409ce1 | 128 | const char *f; |
babfc091 | 129 | sd_id128_t machine; |
6e409ce1 LP |
130 | struct statvfs ss; |
131 | uint64_t sum = 0, avail = 0, ss_avail = 0; | |
132 | int r; | |
133 | DIR *d; | |
babfc091 LP |
134 | usec_t ts; |
135 | JournalMetrics *m; | |
136 | ||
137 | ts = now(CLOCK_MONOTONIC); | |
9cfb57c9 LP |
138 | |
139 | if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts) | |
140 | return s->cached_available_space; | |
6e409ce1 LP |
141 | |
142 | r = sd_id128_get_machine(&machine); | |
143 | if (r < 0) | |
144 | return 0; | |
145 | ||
babfc091 | 146 | if (s->system_journal) { |
6e409ce1 | 147 | f = "/var/log/journal/"; |
babfc091 LP |
148 | m = &s->system_metrics; |
149 | } else { | |
6e409ce1 | 150 | f = "/run/log/journal/"; |
babfc091 LP |
151 | m = &s->runtime_metrics; |
152 | } | |
153 | ||
154 | assert(m); | |
6e409ce1 LP |
155 | |
156 | p = strappend(f, sd_id128_to_string(machine, ids)); | |
157 | if (!p) | |
158 | return 0; | |
159 | ||
160 | d = opendir(p); | |
161 | free(p); | |
162 | ||
163 | if (!d) | |
164 | return 0; | |
165 | ||
166 | if (fstatvfs(dirfd(d), &ss) < 0) | |
167 | goto finish; | |
168 | ||
169 | for (;;) { | |
170 | struct stat st; | |
171 | struct dirent buf, *de; | |
6e409ce1 | 172 | |
34a35ece LP |
173 | r = readdir_r(d, &buf, &de); |
174 | if (r != 0) | |
175 | break; | |
6e409ce1 LP |
176 | |
177 | if (!de) | |
178 | break; | |
179 | ||
c0421793 LP |
180 | if (!endswith(de->d_name, ".journal") && |
181 | !endswith(de->d_name, ".journal~")) | |
6e409ce1 LP |
182 | continue; |
183 | ||
184 | if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) | |
185 | continue; | |
186 | ||
a3a52c0f LP |
187 | if (!S_ISREG(st.st_mode)) |
188 | continue; | |
189 | ||
190 | sum += (uint64_t) st.st_blocks * 512UL; | |
6e409ce1 LP |
191 | } |
192 | ||
babfc091 | 193 | avail = sum >= m->max_use ? 0 : m->max_use - sum; |
6e409ce1 LP |
194 | |
195 | ss_avail = ss.f_bsize * ss.f_bavail; | |
196 | ||
babfc091 | 197 | ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free; |
6e409ce1 LP |
198 | |
199 | if (ss_avail < avail) | |
200 | avail = ss_avail; | |
201 | ||
9cfb57c9 LP |
202 | s->cached_available_space = avail; |
203 | s->cached_available_space_timestamp = ts; | |
204 | ||
6e409ce1 LP |
205 | finish: |
206 | closedir(d); | |
207 | ||
208 | return avail; | |
209 | } | |
210 | ||
5e41cfec LP |
211 | static void server_read_file_gid(Server *s) { |
212 | const char *adm = "adm"; | |
213 | int r; | |
214 | ||
215 | assert(s); | |
216 | ||
217 | if (s->file_gid_valid) | |
218 | return; | |
219 | ||
220 | r = get_group_creds(&adm, &s->file_gid); | |
221 | if (r < 0) | |
222 | log_warning("Failed to resolve 'adm' group: %s", strerror(-r)); | |
223 | ||
224 | /* if we couldn't read the gid, then it will be 0, but that's | |
225 | * fine and we shouldn't try to resolve the group again, so | |
226 | * let's just pretend it worked right-away. */ | |
227 | s->file_gid_valid = true; | |
228 | } | |
229 | ||
230 | static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) { | |
e6520a0f LP |
231 | int r; |
232 | #ifdef HAVE_ACL | |
f4b47811 LP |
233 | acl_t acl; |
234 | acl_entry_t entry; | |
235 | acl_permset_t permset; | |
e6520a0f | 236 | #endif |
f4b47811 LP |
237 | |
238 | assert(f); | |
239 | ||
5e41cfec LP |
240 | server_read_file_gid(s); |
241 | ||
242 | r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid); | |
f4b47811 LP |
243 | if (r < 0) |
244 | log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r)); | |
245 | ||
e6520a0f | 246 | #ifdef HAVE_ACL |
f4b47811 LP |
247 | if (uid <= 0) |
248 | return; | |
249 | ||
250 | acl = acl_get_fd(f->fd); | |
251 | if (!acl) { | |
252 | log_warning("Failed to read ACL on %s, ignoring: %m", f->path); | |
253 | return; | |
254 | } | |
255 | ||
256 | r = acl_find_uid(acl, uid, &entry); | |
257 | if (r <= 0) { | |
258 | ||
259 | if (acl_create_entry(&acl, &entry) < 0 || | |
260 | acl_set_tag_type(entry, ACL_USER) < 0 || | |
261 | acl_set_qualifier(entry, &uid) < 0) { | |
262 | log_warning("Failed to patch ACL on %s, ignoring: %m", f->path); | |
263 | goto finish; | |
264 | } | |
265 | } | |
266 | ||
267 | if (acl_get_permset(entry, &permset) < 0 || | |
268 | acl_add_perm(permset, ACL_READ) < 0 || | |
269 | acl_calc_mask(&acl) < 0) { | |
270 | log_warning("Failed to patch ACL on %s, ignoring: %m", f->path); | |
271 | goto finish; | |
272 | } | |
273 | ||
274 | if (acl_set_fd(f->fd, acl) < 0) | |
275 | log_warning("Failed to set ACL on %s, ignoring: %m", f->path); | |
276 | ||
277 | finish: | |
278 | acl_free(acl); | |
e6520a0f | 279 | #endif |
f4b47811 LP |
280 | } |
281 | ||
282 | static JournalFile* find_journal(Server *s, uid_t uid) { | |
283 | char *p; | |
284 | int r; | |
285 | JournalFile *f; | |
3fbf9cbb | 286 | sd_id128_t machine; |
f4b47811 LP |
287 | |
288 | assert(s); | |
289 | ||
cf244689 LP |
290 | /* We split up user logs only on /var, not on /run. If the |
291 | * runtime file is open, we write to it exclusively, in order | |
292 | * to guarantee proper order as soon as we flush /run to | |
293 | * /var and close the runtime file. */ | |
294 | ||
295 | if (s->runtime_journal) | |
f4b47811 LP |
296 | return s->runtime_journal; |
297 | ||
298 | if (uid <= 0) | |
299 | return s->system_journal; | |
300 | ||
3fbf9cbb LP |
301 | r = sd_id128_get_machine(&machine); |
302 | if (r < 0) | |
303 | return s->system_journal; | |
304 | ||
f4b47811 LP |
305 | f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid)); |
306 | if (f) | |
307 | return f; | |
308 | ||
7560fffc LP |
309 | if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal", |
310 | SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0) | |
f4b47811 LP |
311 | return s->system_journal; |
312 | ||
cab8ac60 LP |
313 | while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) { |
314 | /* Too many open? Then let's close one */ | |
315 | f = hashmap_steal_first(s->user_journals); | |
316 | assert(f); | |
317 | journal_file_close(f); | |
318 | } | |
319 | ||
eb53b74f | 320 | r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f); |
f4b47811 LP |
321 | free(p); |
322 | ||
323 | if (r < 0) | |
324 | return s->system_journal; | |
325 | ||
5e41cfec | 326 | server_fix_perms(s, f, uid); |
f4b47811 LP |
327 | |
328 | r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f); | |
329 | if (r < 0) { | |
330 | journal_file_close(f); | |
331 | return s->system_journal; | |
332 | } | |
333 | ||
334 | return f; | |
335 | } | |
336 | ||
b1a0ab71 LP |
337 | static void server_rotate(Server *s) { |
338 | JournalFile *f; | |
bc85bfee | 339 | void *k; |
b1a0ab71 | 340 | Iterator i; |
bc85bfee | 341 | int r; |
bc85bfee LP |
342 | |
343 | log_info("Rotating..."); | |
344 | ||
345 | if (s->runtime_journal) { | |
7560fffc | 346 | r = journal_file_rotate(&s->runtime_journal, s->compress, false); |
bc85bfee | 347 | if (r < 0) |
499fb215 SS |
348 | if (s->runtime_journal) |
349 | log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r)); | |
350 | else | |
351 | log_error("Failed to create new runtime journal: %s", strerror(-r)); | |
5e62067d LP |
352 | else |
353 | server_fix_perms(s, s->runtime_journal, 0); | |
bc85bfee LP |
354 | } |
355 | ||
356 | if (s->system_journal) { | |
eb53b74f | 357 | r = journal_file_rotate(&s->system_journal, s->compress, s->seal); |
bc85bfee | 358 | if (r < 0) |
499fb215 SS |
359 | if (s->system_journal) |
360 | log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r)); | |
361 | else | |
362 | log_error("Failed to create new system journal: %s", strerror(-r)); | |
363 | ||
5e62067d LP |
364 | else |
365 | server_fix_perms(s, s->system_journal, 0); | |
bc85bfee LP |
366 | } |
367 | ||
368 | HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) { | |
eb53b74f | 369 | r = journal_file_rotate(&f, s->compress, s->seal); |
bc85bfee | 370 | if (r < 0) |
499fb215 SS |
371 | if (f->path) |
372 | log_error("Failed to rotate %s: %s", f->path, strerror(-r)); | |
373 | else | |
374 | log_error("Failed to create user journal: %s", strerror(-r)); | |
5e62067d | 375 | else { |
bc85bfee | 376 | hashmap_replace(s->user_journals, k, f); |
5e62067d LP |
377 | server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k)); |
378 | } | |
bc85bfee | 379 | } |
b1a0ab71 LP |
380 | } |
381 | ||
382 | static void server_vacuum(Server *s) { | |
383 | char *p; | |
384 | char ids[33]; | |
385 | sd_id128_t machine; | |
386 | int r; | |
bc85bfee LP |
387 | |
388 | log_info("Vacuuming..."); | |
389 | ||
390 | r = sd_id128_get_machine(&machine); | |
391 | if (r < 0) { | |
392 | log_error("Failed to get machine ID: %s", strerror(-r)); | |
393 | return; | |
394 | } | |
395 | ||
babfc091 | 396 | sd_id128_to_string(machine, ids); |
bc85bfee | 397 | |
babfc091 LP |
398 | if (s->system_journal) { |
399 | if (asprintf(&p, "/var/log/journal/%s", ids) < 0) { | |
0d0f0c50 | 400 | log_oom(); |
babfc091 LP |
401 | return; |
402 | } | |
bc85bfee | 403 | |
babfc091 LP |
404 | r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free); |
405 | if (r < 0 && r != -ENOENT) | |
406 | log_error("Failed to vacuum %s: %s", p, strerror(-r)); | |
407 | free(p); | |
bc85bfee LP |
408 | } |
409 | ||
babfc091 LP |
410 | if (s->runtime_journal) { |
411 | if (asprintf(&p, "/run/log/journal/%s", ids) < 0) { | |
0d0f0c50 | 412 | log_oom(); |
babfc091 LP |
413 | return; |
414 | } | |
415 | ||
416 | r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free); | |
417 | if (r < 0 && r != -ENOENT) | |
418 | log_error("Failed to vacuum %s: %s", p, strerror(-r)); | |
419 | free(p); | |
420 | } | |
9cfb57c9 LP |
421 | |
422 | s->cached_available_space_timestamp = 0; | |
bc85bfee LP |
423 | } |
424 | ||
6e409ce1 LP |
425 | static char *shortened_cgroup_path(pid_t pid) { |
426 | int r; | |
427 | char *process_path, *init_path, *path; | |
428 | ||
429 | assert(pid > 0); | |
430 | ||
431 | r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path); | |
432 | if (r < 0) | |
433 | return NULL; | |
434 | ||
435 | r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path); | |
436 | if (r < 0) { | |
437 | free(process_path); | |
438 | return NULL; | |
439 | } | |
440 | ||
bad75c27 LP |
441 | if (endswith(init_path, "/system")) |
442 | init_path[strlen(init_path) - 7] = 0; | |
443 | else if (streq(init_path, "/")) | |
6e409ce1 LP |
444 | init_path[0] = 0; |
445 | ||
783d2675 LP |
446 | if (startswith(process_path, init_path)) { |
447 | char *p; | |
448 | ||
449 | p = strdup(process_path + strlen(init_path)); | |
450 | if (!p) { | |
451 | free(process_path); | |
452 | free(init_path); | |
453 | return NULL; | |
454 | } | |
455 | path = p; | |
456 | } else { | |
6e409ce1 | 457 | path = process_path; |
783d2675 LP |
458 | process_path = NULL; |
459 | } | |
6e409ce1 | 460 | |
783d2675 | 461 | free(process_path); |
6e409ce1 LP |
462 | free(init_path); |
463 | ||
464 | return path; | |
465 | } | |
466 | ||
dca6219e LP |
467 | static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) { |
468 | JournalFile *f; | |
469 | bool vacuumed = false; | |
470 | int r; | |
471 | ||
472 | assert(s); | |
473 | assert(iovec); | |
474 | assert(n > 0); | |
475 | ||
476 | f = find_journal(s, uid); | |
477 | if (!f) | |
478 | return; | |
479 | ||
480 | if (journal_file_rotate_suggested(f)) { | |
481 | log_info("Journal header limits reached or header out-of-date, rotating."); | |
482 | server_rotate(s); | |
483 | server_vacuum(s); | |
484 | vacuumed = true; | |
c2a623d8 LP |
485 | |
486 | f = find_journal(s, uid); | |
487 | if (!f) | |
488 | return; | |
dca6219e LP |
489 | } |
490 | ||
491 | for (;;) { | |
492 | r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL); | |
493 | if (r >= 0) | |
494 | return; | |
495 | ||
496 | if (vacuumed || | |
497 | (r != -E2BIG && /* hit limit */ | |
498 | r != -EFBIG && /* hit fs limit */ | |
499 | r != -EDQUOT && /* quota hit */ | |
500 | r != -ENOSPC && /* disk full */ | |
501 | r != -EBADMSG && /* corrupted */ | |
502 | r != -ENODATA && /* truncated */ | |
503 | r != -EHOSTDOWN && /* other machine */ | |
71fa6f00 LP |
504 | r != -EPROTONOSUPPORT && /* unsupported feature */ |
505 | r != -EBUSY && /* unclean shutdown */ | |
506 | r != -ESHUTDOWN /* already archived */)) { | |
dca6219e LP |
507 | log_error("Failed to write entry, ignoring: %s", strerror(-r)); |
508 | return; | |
509 | } | |
510 | ||
511 | if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC) | |
512 | log_info("Allocation limit reached, rotating."); | |
513 | else if (r == -EHOSTDOWN) | |
514 | log_info("Journal file from other machine, rotating."); | |
71fa6f00 LP |
515 | else if (r == -EBUSY) |
516 | log_info("Unlcean shutdown, rotating."); | |
dca6219e LP |
517 | else |
518 | log_warning("Journal file corrupted, rotating."); | |
519 | ||
520 | server_rotate(s); | |
521 | server_vacuum(s); | |
522 | vacuumed = true; | |
523 | ||
32fca2d5 LP |
524 | f = find_journal(s, uid); |
525 | if (!f) | |
526 | return; | |
527 | ||
dca6219e LP |
528 | log_info("Retrying write."); |
529 | } | |
530 | } | |
531 | ||
7f2c63cb LP |
532 | static void dispatch_message_real( |
533 | Server *s, | |
534 | struct iovec *iovec, unsigned n, unsigned m, | |
535 | struct ucred *ucred, | |
536 | struct timeval *tv, | |
8b38f3cc LP |
537 | const char *label, size_t label_len, |
538 | const char *unit_id) { | |
6e409ce1 | 539 | |
7f3e6257 | 540 | char *pid = NULL, *uid = NULL, *gid = NULL, |
87d2c1ff LP |
541 | *source_time = NULL, *boot_id = NULL, *machine_id = NULL, |
542 | *comm = NULL, *cmdline = NULL, *hostname = NULL, | |
543 | *audit_session = NULL, *audit_loginuid = NULL, | |
85d83bf4 | 544 | *exe = NULL, *cgroup = NULL, *session = NULL, |
8a0f04e6 | 545 | *owner_uid = NULL, *unit = NULL, *selinux_context = NULL; |
7f3e6257 | 546 | |
87d2c1ff LP |
547 | char idbuf[33]; |
548 | sd_id128_t id; | |
549 | int r; | |
550 | char *t; | |
de190aef | 551 | uid_t loginuid = 0, realuid = 0; |
87d2c1ff | 552 | |
7f3e6257 | 553 | assert(s); |
6e409ce1 LP |
554 | assert(iovec); |
555 | assert(n > 0); | |
224f2ee2 | 556 | assert(n + N_IOVEC_META_FIELDS <= m); |
87d2c1ff LP |
557 | |
558 | if (ucred) { | |
85d83bf4 | 559 | uint32_t audit; |
ba1261bc | 560 | #ifdef HAVE_LOGIND |
85d83bf4 | 561 | uid_t owner; |
ba1261bc | 562 | #endif |
87d2c1ff | 563 | |
de190aef LP |
564 | realuid = ucred->uid; |
565 | ||
566 | if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0) | |
87d2c1ff LP |
567 | IOVEC_SET_STRING(iovec[n++], pid); |
568 | ||
de190aef | 569 | if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0) |
87d2c1ff LP |
570 | IOVEC_SET_STRING(iovec[n++], uid); |
571 | ||
de190aef | 572 | if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0) |
87d2c1ff LP |
573 | IOVEC_SET_STRING(iovec[n++], gid); |
574 | ||
575 | r = get_process_comm(ucred->pid, &t); | |
576 | if (r >= 0) { | |
de190aef | 577 | comm = strappend("_COMM=", t); |
85d83bf4 LP |
578 | free(t); |
579 | ||
87d2c1ff LP |
580 | if (comm) |
581 | IOVEC_SET_STRING(iovec[n++], comm); | |
87d2c1ff LP |
582 | } |
583 | ||
584 | r = get_process_exe(ucred->pid, &t); | |
585 | if (r >= 0) { | |
de190aef | 586 | exe = strappend("_EXE=", t); |
85d83bf4 LP |
587 | free(t); |
588 | ||
5c3759bf | 589 | if (exe) |
87d2c1ff | 590 | IOVEC_SET_STRING(iovec[n++], exe); |
87d2c1ff LP |
591 | } |
592 | ||
593 | r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t); | |
594 | if (r >= 0) { | |
de190aef | 595 | cmdline = strappend("_CMDLINE=", t); |
85d83bf4 LP |
596 | free(t); |
597 | ||
87d2c1ff LP |
598 | if (cmdline) |
599 | IOVEC_SET_STRING(iovec[n++], cmdline); | |
87d2c1ff LP |
600 | } |
601 | ||
85d83bf4 | 602 | r = audit_session_from_pid(ucred->pid, &audit); |
87d2c1ff | 603 | if (r >= 0) |
85d83bf4 | 604 | if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0) |
87d2c1ff LP |
605 | IOVEC_SET_STRING(iovec[n++], audit_session); |
606 | ||
607 | r = audit_loginuid_from_pid(ucred->pid, &loginuid); | |
608 | if (r >= 0) | |
de190aef | 609 | if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0) |
87d2c1ff | 610 | IOVEC_SET_STRING(iovec[n++], audit_loginuid); |
69e5d42d | 611 | |
85d83bf4 LP |
612 | t = shortened_cgroup_path(ucred->pid); |
613 | if (t) { | |
614 | cgroup = strappend("_SYSTEMD_CGROUP=", t); | |
615 | free(t); | |
616 | ||
69e5d42d LP |
617 | if (cgroup) |
618 | IOVEC_SET_STRING(iovec[n++], cgroup); | |
85d83bf4 LP |
619 | } |
620 | ||
ba1261bc | 621 | #ifdef HAVE_LOGIND |
85d83bf4 LP |
622 | if (sd_pid_get_session(ucred->pid, &t) >= 0) { |
623 | session = strappend("_SYSTEMD_SESSION=", t); | |
624 | free(t); | |
625 | ||
626 | if (session) | |
627 | IOVEC_SET_STRING(iovec[n++], session); | |
628 | } | |
6e409ce1 | 629 | |
ba1261bc LP |
630 | if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0) |
631 | if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0) | |
632 | IOVEC_SET_STRING(iovec[n++], owner_uid); | |
633 | #endif | |
634 | ||
635 | if (cg_pid_get_unit(ucred->pid, &t) >= 0) { | |
94fb446e | 636 | unit = strappend("_SYSTEMD_UNIT=", t); |
85d83bf4 | 637 | free(t); |
62bca2c6 ED |
638 | } else if (unit_id) |
639 | unit = strappend("_SYSTEMD_UNIT=", unit_id); | |
85d83bf4 | 640 | |
62bca2c6 ED |
641 | if (unit) |
642 | IOVEC_SET_STRING(iovec[n++], unit); | |
85d83bf4 | 643 | |
8a0f04e6 | 644 | #ifdef HAVE_SELINUX |
7f2c63cb LP |
645 | if (label) { |
646 | selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len); | |
647 | if (selinux_context) { | |
648 | memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1); | |
649 | memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len); | |
650 | selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0; | |
8a0f04e6 | 651 | IOVEC_SET_STRING(iovec[n++], selinux_context); |
7f2c63cb LP |
652 | } |
653 | } else { | |
654 | security_context_t con; | |
655 | ||
656 | if (getpidcon(ucred->pid, &con) >= 0) { | |
657 | selinux_context = strappend("_SELINUX_CONTEXT=", con); | |
658 | if (selinux_context) | |
659 | IOVEC_SET_STRING(iovec[n++], selinux_context); | |
8a0f04e6 | 660 | |
7f2c63cb LP |
661 | freecon(con); |
662 | } | |
8a0f04e6 LP |
663 | } |
664 | #endif | |
87d2c1ff LP |
665 | } |
666 | ||
667 | if (tv) { | |
de190aef | 668 | if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", |
87d2c1ff LP |
669 | (unsigned long long) timeval_load(tv)) >= 0) |
670 | IOVEC_SET_STRING(iovec[n++], source_time); | |
671 | } | |
672 | ||
ed49ef3f LP |
673 | /* Note that strictly speaking storing the boot id here is |
674 | * redundant since the entry includes this in-line | |
675 | * anyway. However, we need this indexed, too. */ | |
87d2c1ff LP |
676 | r = sd_id128_get_boot(&id); |
677 | if (r >= 0) | |
de190aef | 678 | if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0) |
87d2c1ff LP |
679 | IOVEC_SET_STRING(iovec[n++], boot_id); |
680 | ||
681 | r = sd_id128_get_machine(&id); | |
682 | if (r >= 0) | |
de190aef | 683 | if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0) |
87d2c1ff LP |
684 | IOVEC_SET_STRING(iovec[n++], machine_id); |
685 | ||
686 | t = gethostname_malloc(); | |
687 | if (t) { | |
de190aef | 688 | hostname = strappend("_HOSTNAME=", t); |
85d83bf4 | 689 | free(t); |
87d2c1ff LP |
690 | if (hostname) |
691 | IOVEC_SET_STRING(iovec[n++], hostname); | |
87d2c1ff LP |
692 | } |
693 | ||
7f3e6257 LP |
694 | assert(n <= m); |
695 | ||
dca6219e | 696 | write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n); |
87d2c1ff | 697 | |
87d2c1ff LP |
698 | free(pid); |
699 | free(uid); | |
700 | free(gid); | |
701 | free(comm); | |
69e5d42d | 702 | free(exe); |
87d2c1ff LP |
703 | free(cmdline); |
704 | free(source_time); | |
705 | free(boot_id); | |
706 | free(machine_id); | |
707 | free(hostname); | |
708 | free(audit_session); | |
709 | free(audit_loginuid); | |
7f3e6257 | 710 | free(cgroup); |
85d83bf4 LP |
711 | free(session); |
712 | free(owner_uid); | |
94fb446e | 713 | free(unit); |
8a0f04e6 | 714 | free(selinux_context); |
7f3e6257 LP |
715 | } |
716 | ||
ef63833d | 717 | void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) { |
224f2ee2 LP |
718 | char mid[11 + 32 + 1]; |
719 | char buffer[16 + LINE_MAX + 1]; | |
33eb8abf | 720 | struct iovec iovec[N_IOVEC_META_FIELDS + 4]; |
224f2ee2 LP |
721 | int n = 0; |
722 | va_list ap; | |
723 | struct ucred ucred; | |
724 | ||
725 | assert(s); | |
726 | assert(format); | |
727 | ||
c51742d0 | 728 | IOVEC_SET_STRING(iovec[n++], "PRIORITY=6"); |
33eb8abf | 729 | IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver"); |
224f2ee2 LP |
730 | |
731 | memcpy(buffer, "MESSAGE=", 8); | |
732 | va_start(ap, format); | |
733 | vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap); | |
734 | va_end(ap); | |
735 | char_array_0(buffer); | |
736 | IOVEC_SET_STRING(iovec[n++], buffer); | |
737 | ||
738 | snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id)); | |
739 | char_array_0(mid); | |
740 | IOVEC_SET_STRING(iovec[n++], mid); | |
741 | ||
742 | zero(ucred); | |
743 | ucred.pid = getpid(); | |
744 | ucred.uid = getuid(); | |
745 | ucred.gid = getgid(); | |
746 | ||
62bca2c6 | 747 | dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL); |
224f2ee2 LP |
748 | } |
749 | ||
ef63833d LP |
750 | void server_dispatch_message( |
751 | Server *s, | |
752 | struct iovec *iovec, unsigned n, unsigned m, | |
753 | struct ucred *ucred, | |
754 | struct timeval *tv, | |
755 | const char *label, size_t label_len, | |
756 | const char *unit_id, | |
757 | int priority) { | |
758 | ||
6e409ce1 | 759 | int rl; |
783d2675 | 760 | char *path = NULL, *c; |
6e409ce1 LP |
761 | |
762 | assert(s); | |
763 | assert(iovec || n == 0); | |
764 | ||
765 | if (n == 0) | |
766 | return; | |
767 | ||
213ba152 LP |
768 | if (LOG_PRI(priority) > s->max_level_store) |
769 | return; | |
770 | ||
6e409ce1 LP |
771 | if (!ucred) |
772 | goto finish; | |
773 | ||
774 | path = shortened_cgroup_path(ucred->pid); | |
775 | if (!path) | |
776 | goto finish; | |
777 | ||
778 | /* example: /user/lennart/3/foobar | |
779 | * /system/dbus.service/foobar | |
780 | * | |
781 | * So let's cut of everything past the third /, since that is | |
782 | * wher user directories start */ | |
783 | ||
784 | c = strchr(path, '/'); | |
785 | if (c) { | |
786 | c = strchr(c+1, '/'); | |
787 | if (c) { | |
788 | c = strchr(c+1, '/'); | |
789 | if (c) | |
790 | *c = 0; | |
791 | } | |
792 | } | |
793 | ||
224f2ee2 | 794 | rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s)); |
6e409ce1 LP |
795 | |
796 | if (rl == 0) { | |
797 | free(path); | |
798 | return; | |
799 | } | |
800 | ||
224f2ee2 LP |
801 | /* Write a suppression message if we suppressed something */ |
802 | if (rl > 1) | |
ef63833d | 803 | server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path); |
224f2ee2 LP |
804 | |
805 | free(path); | |
806 | ||
807 | finish: | |
62bca2c6 | 808 | dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id); |
224f2ee2 LP |
809 | } |
810 | ||
35e2e347 | 811 | void server_forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) { |
224f2ee2 LP |
812 | struct iovec iovec[4]; |
813 | char header_pid[16]; | |
814 | int n = 0, fd; | |
4cd9a9d9 | 815 | char *ident_buf = NULL; |
0d9243f0 | 816 | const char *tty; |
224f2ee2 LP |
817 | |
818 | assert(s); | |
819 | assert(message); | |
820 | ||
213ba152 LP |
821 | if (LOG_PRI(priority) > s->max_level_console) |
822 | return; | |
823 | ||
4cd9a9d9 | 824 | /* First: identifier and PID */ |
224f2ee2 | 825 | if (ucred) { |
4cd9a9d9 LP |
826 | if (!identifier) { |
827 | get_process_comm(ucred->pid, &ident_buf); | |
828 | identifier = ident_buf; | |
224f2ee2 LP |
829 | } |
830 | ||
831 | snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid); | |
832 | char_array_0(header_pid); | |
833 | ||
4cd9a9d9 LP |
834 | if (identifier) |
835 | IOVEC_SET_STRING(iovec[n++], identifier); | |
224f2ee2 LP |
836 | |
837 | IOVEC_SET_STRING(iovec[n++], header_pid); | |
4cd9a9d9 LP |
838 | } else if (identifier) { |
839 | IOVEC_SET_STRING(iovec[n++], identifier); | |
224f2ee2 LP |
840 | IOVEC_SET_STRING(iovec[n++], ": "); |
841 | } | |
842 | ||
843 | /* Third: message */ | |
844 | IOVEC_SET_STRING(iovec[n++], message); | |
845 | IOVEC_SET_STRING(iovec[n++], "\n"); | |
846 | ||
0d9243f0 LP |
847 | tty = s->tty_path ? s->tty_path : "/dev/console"; |
848 | ||
849 | fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC); | |
224f2ee2 | 850 | if (fd < 0) { |
0d9243f0 | 851 | log_debug("Failed to open %s for logging: %s", tty, strerror(errno)); |
224f2ee2 LP |
852 | goto finish; |
853 | } | |
854 | ||
855 | if (writev(fd, iovec, n) < 0) | |
0d9243f0 | 856 | log_debug("Failed to write to %s for logging: %s", tty, strerror(errno)); |
224f2ee2 LP |
857 | |
858 | close_nointr_nofail(fd); | |
859 | ||
860 | finish: | |
4cd9a9d9 | 861 | free(ident_buf); |
224f2ee2 LP |
862 | } |
863 | ||
224f2ee2 | 864 | |
7f3e6257 | 865 | |
6ad1d1c3 LP |
866 | static bool valid_user_field(const char *p, size_t l) { |
867 | const char *a; | |
868 | ||
869 | /* We kinda enforce POSIX syntax recommendations for | |
870 | environment variables here, but make a couple of additional | |
871 | requirements. | |
872 | ||
873 | http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */ | |
874 | ||
875 | /* No empty field names */ | |
876 | if (l <= 0) | |
877 | return false; | |
878 | ||
879 | /* Don't allow names longer than 64 chars */ | |
880 | if (l > 64) | |
881 | return false; | |
882 | ||
883 | /* Variables starting with an underscore are protected */ | |
884 | if (p[0] == '_') | |
885 | return false; | |
886 | ||
887 | /* Don't allow digits as first character */ | |
888 | if (p[0] >= '0' && p[0] <= '9') | |
889 | return false; | |
890 | ||
891 | /* Only allow A-Z0-9 and '_' */ | |
892 | for (a = p; a < p + l; a++) | |
893 | if (!((*a >= 'A' && *a <= 'Z') || | |
894 | (*a >= '0' && *a <= '9') || | |
895 | *a == '_')) | |
896 | return false; | |
897 | ||
898 | return true; | |
899 | } | |
900 | ||
7f2c63cb LP |
901 | static void process_native_message( |
902 | Server *s, | |
903 | const void *buffer, size_t buffer_size, | |
904 | struct ucred *ucred, | |
905 | struct timeval *tv, | |
906 | const char *label, size_t label_len) { | |
907 | ||
7f3e6257 | 908 | struct iovec *iovec = NULL; |
33eb8abf | 909 | unsigned n = 0, m = 0, j, tn = (unsigned) -1; |
7f3e6257 LP |
910 | const char *p; |
911 | size_t remaining; | |
6e409ce1 | 912 | int priority = LOG_INFO; |
4cd9a9d9 | 913 | char *identifier = NULL, *message = NULL; |
7f3e6257 LP |
914 | |
915 | assert(s); | |
7ea07dcd | 916 | assert(buffer || buffer_size == 0); |
7f3e6257 LP |
917 | |
918 | p = buffer; | |
919 | remaining = buffer_size; | |
920 | ||
921 | while (remaining > 0) { | |
922 | const char *e, *q; | |
923 | ||
924 | e = memchr(p, '\n', remaining); | |
925 | ||
926 | if (!e) { | |
927 | /* Trailing noise, let's ignore it, and flush what we collected */ | |
928 | log_debug("Received message with trailing noise, ignoring."); | |
929 | break; | |
930 | } | |
931 | ||
932 | if (e == p) { | |
933 | /* Entry separator */ | |
ef63833d | 934 | server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority); |
7f3e6257 | 935 | n = 0; |
6e409ce1 | 936 | priority = LOG_INFO; |
7f3e6257 LP |
937 | |
938 | p++; | |
939 | remaining--; | |
940 | continue; | |
941 | } | |
942 | ||
6ad1d1c3 LP |
943 | if (*p == '.' || *p == '#') { |
944 | /* Ignore control commands for now, and | |
945 | * comments too. */ | |
7f3e6257 LP |
946 | remaining -= (e - p) + 1; |
947 | p = e + 1; | |
948 | continue; | |
949 | } | |
950 | ||
951 | /* A property follows */ | |
952 | ||
224f2ee2 | 953 | if (n+N_IOVEC_META_FIELDS >= m) { |
7f3e6257 LP |
954 | struct iovec *c; |
955 | unsigned u; | |
956 | ||
33eb8abf | 957 | u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U); |
7f3e6257 LP |
958 | c = realloc(iovec, u * sizeof(struct iovec)); |
959 | if (!c) { | |
0d0f0c50 | 960 | log_oom(); |
7f3e6257 LP |
961 | break; |
962 | } | |
963 | ||
964 | iovec = c; | |
965 | m = u; | |
966 | } | |
967 | ||
968 | q = memchr(p, '=', e - p); | |
969 | if (q) { | |
6ad1d1c3 | 970 | if (valid_user_field(p, q - p)) { |
224f2ee2 LP |
971 | size_t l; |
972 | ||
973 | l = e - p; | |
974 | ||
2b0ba69b LP |
975 | /* If the field name starts with an |
976 | * underscore, skip the variable, | |
977 | * since that indidates a trusted | |
978 | * field */ | |
979 | iovec[n].iov_base = (char*) p; | |
224f2ee2 | 980 | iovec[n].iov_len = l; |
2b0ba69b | 981 | n++; |
6e409ce1 LP |
982 | |
983 | /* We need to determine the priority | |
984 | * of this entry for the rate limiting | |
985 | * logic */ | |
224f2ee2 LP |
986 | if (l == 10 && |
987 | memcmp(p, "PRIORITY=", 9) == 0 && | |
988 | p[9] >= '0' && p[9] <= '9') | |
989 | priority = (priority & LOG_FACMASK) | (p[9] - '0'); | |
990 | ||
991 | else if (l == 17 && | |
992 | memcmp(p, "SYSLOG_FACILITY=", 16) == 0 && | |
993 | p[16] >= '0' && p[16] <= '9') | |
994 | priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3); | |
995 | ||
996 | else if (l == 18 && | |
997 | memcmp(p, "SYSLOG_FACILITY=", 16) == 0 && | |
998 | p[16] >= '0' && p[16] <= '9' && | |
999 | p[17] >= '0' && p[17] <= '9') | |
1000 | priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3); | |
1001 | ||
401cc72d | 1002 | else if (l >= 19 && |
fca1b90a | 1003 | memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) { |
224f2ee2 LP |
1004 | char *t; |
1005 | ||
fca1b90a | 1006 | t = strndup(p + 18, l - 18); |
224f2ee2 | 1007 | if (t) { |
4cd9a9d9 LP |
1008 | free(identifier); |
1009 | identifier = t; | |
224f2ee2 LP |
1010 | } |
1011 | } else if (l >= 8 && | |
1012 | memcmp(p, "MESSAGE=", 8) == 0) { | |
1013 | char *t; | |
1014 | ||
1015 | t = strndup(p + 8, l - 8); | |
1016 | if (t) { | |
1017 | free(message); | |
1018 | message = t; | |
1019 | } | |
1020 | } | |
2b0ba69b | 1021 | } |
7f3e6257 LP |
1022 | |
1023 | remaining -= (e - p) + 1; | |
1024 | p = e + 1; | |
1025 | continue; | |
1026 | } else { | |
4fd052ae | 1027 | le64_t l_le; |
7f3e6257 LP |
1028 | uint64_t l; |
1029 | char *k; | |
1030 | ||
1031 | if (remaining < e - p + 1 + sizeof(uint64_t) + 1) { | |
1032 | log_debug("Failed to parse message, ignoring."); | |
1033 | break; | |
1034 | } | |
1035 | ||
4fd052ae FC |
1036 | memcpy(&l_le, e + 1, sizeof(uint64_t)); |
1037 | l = le64toh(l_le); | |
7f3e6257 LP |
1038 | |
1039 | if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 || | |
1040 | e[1+sizeof(uint64_t)+l] != '\n') { | |
1041 | log_debug("Failed to parse message, ignoring."); | |
1042 | break; | |
1043 | } | |
1044 | ||
1045 | k = malloc((e - p) + 1 + l); | |
1046 | if (!k) { | |
0d0f0c50 | 1047 | log_oom(); |
7f3e6257 LP |
1048 | break; |
1049 | } | |
1050 | ||
1051 | memcpy(k, p, e - p); | |
1052 | k[e - p] = '='; | |
1053 | memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l); | |
1054 | ||
6ad1d1c3 | 1055 | if (valid_user_field(p, e - p)) { |
2b0ba69b LP |
1056 | iovec[n].iov_base = k; |
1057 | iovec[n].iov_len = (e - p) + 1 + l; | |
1058 | n++; | |
1059 | } else | |
1060 | free(k); | |
7f3e6257 LP |
1061 | |
1062 | remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1; | |
1063 | p = e + 1 + sizeof(uint64_t) + l + 1; | |
1064 | } | |
1065 | } | |
1066 | ||
33eb8abf LP |
1067 | if (n <= 0) |
1068 | goto finish; | |
1069 | ||
1070 | tn = n++; | |
1071 | IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal"); | |
1072 | ||
224f2ee2 LP |
1073 | if (message) { |
1074 | if (s->forward_to_syslog) | |
35e2e347 | 1075 | server_forward_syslog(s, priority, identifier, message, ucred, tv); |
224f2ee2 LP |
1076 | |
1077 | if (s->forward_to_kmsg) | |
ef63833d | 1078 | server_forward_kmsg(s, priority, identifier, message, ucred); |
224f2ee2 LP |
1079 | |
1080 | if (s->forward_to_console) | |
35e2e347 | 1081 | server_forward_console(s, priority, identifier, message, ucred); |
224f2ee2 LP |
1082 | } |
1083 | ||
ef63833d | 1084 | server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority); |
7f3e6257 | 1085 | |
33eb8abf LP |
1086 | finish: |
1087 | for (j = 0; j < n; j++) { | |
1088 | if (j == tn) | |
1089 | continue; | |
1090 | ||
7f3e6257 LP |
1091 | if (iovec[j].iov_base < buffer || |
1092 | (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size) | |
1093 | free(iovec[j].iov_base); | |
33eb8abf | 1094 | } |
224f2ee2 | 1095 | |
071fd8c2 | 1096 | free(iovec); |
4cd9a9d9 | 1097 | free(identifier); |
224f2ee2 | 1098 | free(message); |
87d2c1ff LP |
1099 | } |
1100 | ||
7f2c63cb LP |
1101 | static void process_native_file( |
1102 | Server *s, | |
1103 | int fd, | |
1104 | struct ucred *ucred, | |
1105 | struct timeval *tv, | |
1106 | const char *label, size_t label_len) { | |
1107 | ||
0dad12c1 LP |
1108 | struct stat st; |
1109 | void *p; | |
1110 | ssize_t n; | |
1111 | ||
1112 | assert(s); | |
1113 | assert(fd >= 0); | |
1114 | ||
1115 | /* Data is in the passed file, since it didn't fit in a | |
1116 | * datagram. We can't map the file here, since clients might | |
1117 | * then truncate it and trigger a SIGBUS for us. So let's | |
1118 | * stupidly read it */ | |
1119 | ||
1120 | if (fstat(fd, &st) < 0) { | |
1121 | log_error("Failed to stat passed file, ignoring: %m"); | |
1122 | return; | |
1123 | } | |
1124 | ||
1125 | if (!S_ISREG(st.st_mode)) { | |
1126 | log_error("File passed is not regular. Ignoring."); | |
1127 | return; | |
1128 | } | |
1129 | ||
1130 | if (st.st_size <= 0) | |
1131 | return; | |
1132 | ||
1133 | if (st.st_size > ENTRY_SIZE_MAX) { | |
1134 | log_error("File passed too large. Ignoring."); | |
1135 | return; | |
1136 | } | |
1137 | ||
1138 | p = malloc(st.st_size); | |
1139 | if (!p) { | |
0d0f0c50 | 1140 | log_oom(); |
0dad12c1 LP |
1141 | return; |
1142 | } | |
1143 | ||
1144 | n = pread(fd, p, st.st_size, 0); | |
1145 | if (n < 0) | |
1146 | log_error("Failed to read file, ignoring: %s", strerror(-n)); | |
1147 | else if (n > 0) | |
7f2c63cb | 1148 | process_native_message(s, p, n, ucred, tv, label, label_len); |
0dad12c1 LP |
1149 | |
1150 | free(p); | |
1151 | } | |
1152 | ||
224f2ee2 | 1153 | static int stdout_stream_log(StdoutStream *s, const char *p) { |
33eb8abf | 1154 | struct iovec iovec[N_IOVEC_META_FIELDS + 5]; |
4cd9a9d9 | 1155 | char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL; |
fe652127 | 1156 | unsigned n = 0; |
fe652127 | 1157 | int priority; |
7f2c63cb LP |
1158 | char *label = NULL; |
1159 | size_t label_len = 0; | |
fe652127 | 1160 | |
87d2c1ff | 1161 | assert(s); |
fe652127 LP |
1162 | assert(p); |
1163 | ||
0dad12c1 LP |
1164 | if (isempty(p)) |
1165 | return 0; | |
1166 | ||
fe652127 LP |
1167 | priority = s->priority; |
1168 | ||
258cdffc | 1169 | if (s->level_prefix) |
ef63833d | 1170 | syslog_parse_priority((char**) &p, &priority); |
fe652127 | 1171 | |
224f2ee2 | 1172 | if (s->forward_to_syslog || s->server->forward_to_syslog) |
35e2e347 | 1173 | server_forward_syslog(s->server, syslog_fixup_facility(priority), s->identifier, p, &s->ucred, NULL); |
fe652127 | 1174 | |
224f2ee2 | 1175 | if (s->forward_to_kmsg || s->server->forward_to_kmsg) |
ef63833d | 1176 | server_forward_kmsg(s->server, priority, s->identifier, p, &s->ucred); |
fe652127 | 1177 | |
224f2ee2 | 1178 | if (s->forward_to_console || s->server->forward_to_console) |
35e2e347 | 1179 | server_forward_console(s->server, priority, s->identifier, p, &s->ucred); |
224f2ee2 | 1180 | |
33eb8abf LP |
1181 | IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout"); |
1182 | ||
224f2ee2 | 1183 | if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0) |
fe652127 LP |
1184 | IOVEC_SET_STRING(iovec[n++], syslog_priority); |
1185 | ||
224f2ee2 LP |
1186 | if (priority & LOG_FACMASK) |
1187 | if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0) | |
1188 | IOVEC_SET_STRING(iovec[n++], syslog_facility); | |
fe652127 | 1189 | |
4cd9a9d9 LP |
1190 | if (s->identifier) { |
1191 | syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier); | |
1192 | if (syslog_identifier) | |
1193 | IOVEC_SET_STRING(iovec[n++], syslog_identifier); | |
87d2c1ff LP |
1194 | } |
1195 | ||
224f2ee2 LP |
1196 | message = strappend("MESSAGE=", p); |
1197 | if (message) | |
1198 | IOVEC_SET_STRING(iovec[n++], message); | |
fe652127 | 1199 | |
7f2c63cb LP |
1200 | #ifdef HAVE_SELINUX |
1201 | if (s->security_context) { | |
1202 | label = (char*) s->security_context; | |
1203 | label_len = strlen((char*) s->security_context); | |
1204 | } | |
1205 | #endif | |
1206 | ||
ef63833d | 1207 | server_dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority); |
fe652127 LP |
1208 | |
1209 | free(message); | |
1210 | free(syslog_priority); | |
224f2ee2 | 1211 | free(syslog_facility); |
4cd9a9d9 | 1212 | free(syslog_identifier); |
fe652127 LP |
1213 | |
1214 | return 0; | |
1215 | } | |
1216 | ||
224f2ee2 LP |
1217 | static int stdout_stream_line(StdoutStream *s, char *p) { |
1218 | int r; | |
1219 | ||
fe652127 LP |
1220 | assert(s); |
1221 | assert(p); | |
1222 | ||
224f2ee2 | 1223 | p = strstrip(p); |
fe652127 LP |
1224 | |
1225 | switch (s->state) { | |
1226 | ||
4cd9a9d9 | 1227 | case STDOUT_STREAM_IDENTIFIER: |
4c7de074 LP |
1228 | if (isempty(p)) |
1229 | s->identifier = NULL; | |
1230 | else { | |
1231 | s->identifier = strdup(p); | |
0d0f0c50 SL |
1232 | if (!s->identifier) |
1233 | return log_oom(); | |
fe652127 LP |
1234 | } |
1235 | ||
62bca2c6 ED |
1236 | s->state = STDOUT_STREAM_UNIT_ID; |
1237 | return 0; | |
1238 | ||
1239 | case STDOUT_STREAM_UNIT_ID: | |
1240 | if (s->ucred.uid == 0) { | |
1241 | if (isempty(p)) | |
1242 | s->unit_id = NULL; | |
1243 | else { | |
1244 | s->unit_id = strdup(p); | |
0d0f0c50 SL |
1245 | if (!s->unit_id) |
1246 | return log_oom(); | |
62bca2c6 ED |
1247 | } |
1248 | } | |
1249 | ||
fe652127 LP |
1250 | s->state = STDOUT_STREAM_PRIORITY; |
1251 | return 0; | |
1252 | ||
1253 | case STDOUT_STREAM_PRIORITY: | |
224f2ee2 LP |
1254 | r = safe_atoi(p, &s->priority); |
1255 | if (r < 0 || s->priority <= 0 || s->priority >= 999) { | |
fe652127 LP |
1256 | log_warning("Failed to parse log priority line."); |
1257 | return -EINVAL; | |
1258 | } | |
1259 | ||
258cdffc | 1260 | s->state = STDOUT_STREAM_LEVEL_PREFIX; |
fe652127 LP |
1261 | return 0; |
1262 | ||
258cdffc | 1263 | case STDOUT_STREAM_LEVEL_PREFIX: |
224f2ee2 LP |
1264 | r = parse_boolean(p); |
1265 | if (r < 0) { | |
258cdffc | 1266 | log_warning("Failed to parse level prefix line."); |
fe652127 LP |
1267 | return -EINVAL; |
1268 | } | |
1269 | ||
258cdffc | 1270 | s->level_prefix = !!r; |
224f2ee2 | 1271 | s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG; |
fe652127 LP |
1272 | return 0; |
1273 | ||
224f2ee2 LP |
1274 | case STDOUT_STREAM_FORWARD_TO_SYSLOG: |
1275 | r = parse_boolean(p); | |
1276 | if (r < 0) { | |
1277 | log_warning("Failed to parse forward to syslog line."); | |
fe652127 LP |
1278 | return -EINVAL; |
1279 | } | |
1280 | ||
224f2ee2 LP |
1281 | s->forward_to_syslog = !!r; |
1282 | s->state = STDOUT_STREAM_FORWARD_TO_KMSG; | |
1283 | return 0; | |
1284 | ||
1285 | case STDOUT_STREAM_FORWARD_TO_KMSG: | |
1286 | r = parse_boolean(p); | |
1287 | if (r < 0) { | |
1288 | log_warning("Failed to parse copy to kmsg line."); | |
1289 | return -EINVAL; | |
1290 | } | |
1291 | ||
1292 | s->forward_to_kmsg = !!r; | |
1293 | s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE; | |
1294 | return 0; | |
1295 | ||
1296 | case STDOUT_STREAM_FORWARD_TO_CONSOLE: | |
1297 | r = parse_boolean(p); | |
1298 | if (r < 0) { | |
1299 | log_warning("Failed to parse copy to console line."); | |
1300 | return -EINVAL; | |
1301 | } | |
1302 | ||
1303 | s->forward_to_console = !!r; | |
fe652127 LP |
1304 | s->state = STDOUT_STREAM_RUNNING; |
1305 | return 0; | |
1306 | ||
1307 | case STDOUT_STREAM_RUNNING: | |
224f2ee2 | 1308 | return stdout_stream_log(s, p); |
fe652127 LP |
1309 | } |
1310 | ||
1311 | assert_not_reached("Unknown stream state"); | |
1312 | } | |
1313 | ||
1314 | static int stdout_stream_scan(StdoutStream *s, bool force_flush) { | |
1315 | char *p; | |
1316 | size_t remaining; | |
1317 | int r; | |
1318 | ||
1319 | assert(s); | |
1320 | ||
1321 | p = s->buffer; | |
1322 | remaining = s->length; | |
1323 | for (;;) { | |
1324 | char *end; | |
1325 | size_t skip; | |
1326 | ||
1327 | end = memchr(p, '\n', remaining); | |
224f2ee2 | 1328 | if (end) |
fe652127 | 1329 | skip = end - p + 1; |
224f2ee2 LP |
1330 | else if (remaining >= sizeof(s->buffer) - 1) { |
1331 | end = p + sizeof(s->buffer) - 1; | |
6c1e6b98 | 1332 | skip = remaining; |
224f2ee2 LP |
1333 | } else |
1334 | break; | |
1335 | ||
1336 | *end = 0; | |
fe652127 | 1337 | |
224f2ee2 | 1338 | r = stdout_stream_line(s, p); |
fe652127 LP |
1339 | if (r < 0) |
1340 | return r; | |
1341 | ||
1342 | remaining -= skip; | |
1343 | p += skip; | |
1344 | } | |
1345 | ||
1346 | if (force_flush && remaining > 0) { | |
224f2ee2 LP |
1347 | p[remaining] = 0; |
1348 | r = stdout_stream_line(s, p); | |
fe652127 LP |
1349 | if (r < 0) |
1350 | return r; | |
1351 | ||
1352 | p += remaining; | |
1353 | remaining = 0; | |
1354 | } | |
1355 | ||
1356 | if (p > s->buffer) { | |
1357 | memmove(s->buffer, p, remaining); | |
1358 | s->length = remaining; | |
1359 | } | |
1360 | ||
1361 | return 0; | |
1362 | } | |
1363 | ||
1364 | static int stdout_stream_process(StdoutStream *s) { | |
1365 | ssize_t l; | |
1366 | int r; | |
1367 | ||
1368 | assert(s); | |
1369 | ||
1370 | l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length); | |
1371 | if (l < 0) { | |
1372 | ||
1373 | if (errno == EAGAIN) | |
1374 | return 0; | |
1375 | ||
1376 | log_warning("Failed to read from stream: %m"); | |
1377 | return -errno; | |
1378 | } | |
1379 | ||
1380 | if (l == 0) { | |
1381 | r = stdout_stream_scan(s, true); | |
1382 | if (r < 0) | |
1383 | return r; | |
1384 | ||
1385 | return 0; | |
1386 | } | |
1387 | ||
1388 | s->length += l; | |
1389 | r = stdout_stream_scan(s, false); | |
1390 | if (r < 0) | |
1391 | return r; | |
1392 | ||
1393 | return 1; | |
1394 | ||
1395 | } | |
1396 | ||
1397 | static void stdout_stream_free(StdoutStream *s) { | |
1398 | assert(s); | |
1399 | ||
1400 | if (s->server) { | |
1401 | assert(s->server->n_stdout_streams > 0); | |
1402 | s->server->n_stdout_streams --; | |
1403 | LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s); | |
1404 | } | |
1405 | ||
1406 | if (s->fd >= 0) { | |
1407 | if (s->server) | |
1408 | epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL); | |
1409 | ||
1410 | close_nointr_nofail(s->fd); | |
1411 | } | |
1412 | ||
7f2c63cb LP |
1413 | #ifdef HAVE_SELINUX |
1414 | if (s->security_context) | |
1415 | freecon(s->security_context); | |
1416 | #endif | |
1417 | ||
4cd9a9d9 | 1418 | free(s->identifier); |
fe652127 LP |
1419 | free(s); |
1420 | } | |
1421 | ||
1422 | static int stdout_stream_new(Server *s) { | |
1423 | StdoutStream *stream; | |
1424 | int fd, r; | |
1425 | socklen_t len; | |
1426 | struct epoll_event ev; | |
1427 | ||
1428 | assert(s); | |
1429 | ||
1430 | fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC); | |
1431 | if (fd < 0) { | |
1432 | if (errno == EAGAIN) | |
1433 | return 0; | |
1434 | ||
1435 | log_error("Failed to accept stdout connection: %m"); | |
1436 | return -errno; | |
1437 | } | |
1438 | ||
1439 | if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) { | |
1440 | log_warning("Too many stdout streams, refusing connection."); | |
1441 | close_nointr_nofail(fd); | |
1442 | return 0; | |
1443 | } | |
1444 | ||
1445 | stream = new0(StdoutStream, 1); | |
1446 | if (!stream) { | |
fe652127 | 1447 | close_nointr_nofail(fd); |
0d0f0c50 | 1448 | return log_oom(); |
fe652127 LP |
1449 | } |
1450 | ||
1451 | stream->fd = fd; | |
1452 | ||
1453 | len = sizeof(stream->ucred); | |
1454 | if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) { | |
1455 | log_error("Failed to determine peer credentials: %m"); | |
1456 | r = -errno; | |
1457 | goto fail; | |
1458 | } | |
1459 | ||
7f2c63cb | 1460 | #ifdef HAVE_SELINUX |
1afd5be4 LP |
1461 | if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT) |
1462 | log_error("Failed to determine peer security context: %m"); | |
7f2c63cb LP |
1463 | #endif |
1464 | ||
fe652127 LP |
1465 | if (shutdown(fd, SHUT_WR) < 0) { |
1466 | log_error("Failed to shutdown writing side of socket: %m"); | |
1467 | r = -errno; | |
1468 | goto fail; | |
1469 | } | |
1470 | ||
1471 | zero(ev); | |
1472 | ev.data.ptr = stream; | |
1473 | ev.events = EPOLLIN; | |
1474 | if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) { | |
1475 | log_error("Failed to add stream to event loop: %m"); | |
1476 | r = -errno; | |
1477 | goto fail; | |
1478 | } | |
1479 | ||
1480 | stream->server = s; | |
1481 | LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream); | |
1482 | s->n_stdout_streams ++; | |
1483 | ||
1484 | return 0; | |
1485 | ||
1486 | fail: | |
1487 | stdout_stream_free(stream); | |
1488 | return r; | |
1489 | } | |
1490 | ||
cf244689 LP |
1491 | static int system_journal_open(Server *s) { |
1492 | int r; | |
1493 | char *fn; | |
1494 | sd_id128_t machine; | |
1495 | char ids[33]; | |
1496 | ||
1497 | r = sd_id128_get_machine(&machine); | |
1498 | if (r < 0) | |
1499 | return r; | |
1500 | ||
1501 | sd_id128_to_string(machine, ids); | |
1502 | ||
e156d769 | 1503 | if (!s->system_journal && |
b8156be0 LP |
1504 | (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) && |
1505 | access("/run/systemd/journal/flushed", F_OK) >= 0) { | |
e156d769 LP |
1506 | |
1507 | /* If in auto mode: first try to create the machine | |
1508 | * path, but not the prefix. | |
1509 | * | |
205c4d1d | 1510 | * If in persistent mode: create /var/log/journal and |
e156d769 LP |
1511 | * the machine path */ |
1512 | ||
b8156be0 | 1513 | if (s->storage == STORAGE_PERSISTENT) |
e156d769 | 1514 | (void) mkdir("/var/log/journal/", 0755); |
cf244689 | 1515 | |
cf244689 LP |
1516 | fn = strappend("/var/log/journal/", ids); |
1517 | if (!fn) | |
1518 | return -ENOMEM; | |
e156d769 | 1519 | |
cf244689 LP |
1520 | (void) mkdir(fn, 0755); |
1521 | free(fn); | |
1522 | ||
b7def684 | 1523 | fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL); |
cf244689 LP |
1524 | if (!fn) |
1525 | return -ENOMEM; | |
1526 | ||
eb53b74f | 1527 | r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal); |
cf244689 LP |
1528 | free(fn); |
1529 | ||
7560fffc | 1530 | if (r >= 0) |
5e41cfec | 1531 | server_fix_perms(s, s->system_journal, 0); |
7560fffc | 1532 | else if (r < 0) { |
cf244689 | 1533 | |
adf7d506 LP |
1534 | if (r != -ENOENT && r != -EROFS) |
1535 | log_warning("Failed to open system journal: %s", strerror(-r)); | |
1536 | ||
1537 | r = 0; | |
cf244689 LP |
1538 | } |
1539 | } | |
1540 | ||
e156d769 LP |
1541 | if (!s->runtime_journal && |
1542 | (s->storage != STORAGE_NONE)) { | |
cf244689 | 1543 | |
b7def684 | 1544 | fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL); |
cf244689 LP |
1545 | if (!fn) |
1546 | return -ENOMEM; | |
1547 | ||
1548 | if (s->system_journal) { | |
1549 | ||
1550 | /* Try to open the runtime journal, but only | |
1551 | * if it already exists, so that we can flush | |
1552 | * it into the system journal */ | |
1553 | ||
16e9f408 | 1554 | r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal); |
cf244689 LP |
1555 | free(fn); |
1556 | ||
1557 | if (r < 0) { | |
adf7d506 LP |
1558 | if (r != -ENOENT) |
1559 | log_warning("Failed to open runtime journal: %s", strerror(-r)); | |
cf244689 | 1560 | |
adf7d506 | 1561 | r = 0; |
cf244689 LP |
1562 | } |
1563 | ||
1564 | } else { | |
1565 | ||
1566 | /* OK, we really need the runtime journal, so create | |
1567 | * it if necessary. */ | |
1568 | ||
b8156be0 | 1569 | (void) mkdir_parents(fn, 0755); |
16e9f408 | 1570 | r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal); |
cf244689 LP |
1571 | free(fn); |
1572 | ||
1573 | if (r < 0) { | |
1574 | log_error("Failed to open runtime journal: %s", strerror(-r)); | |
1575 | return r; | |
1576 | } | |
1577 | } | |
1578 | ||
7560fffc | 1579 | if (s->runtime_journal) |
5e41cfec | 1580 | server_fix_perms(s, s->runtime_journal, 0); |
cf244689 LP |
1581 | } |
1582 | ||
1583 | return r; | |
1584 | } | |
1585 | ||
1586 | static int server_flush_to_var(Server *s) { | |
cf244689 LP |
1587 | Object *o = NULL; |
1588 | int r; | |
1589 | sd_id128_t machine; | |
1590 | sd_journal *j; | |
1591 | ||
1592 | assert(s); | |
1593 | ||
e156d769 | 1594 | if (s->storage != STORAGE_AUTO && |
205c4d1d | 1595 | s->storage != STORAGE_PERSISTENT) |
e156d769 LP |
1596 | return 0; |
1597 | ||
54a7b863 LP |
1598 | if (!s->runtime_journal) |
1599 | return 0; | |
1600 | ||
cf244689 LP |
1601 | system_journal_open(s); |
1602 | ||
54a7b863 | 1603 | if (!s->system_journal) |
cf244689 LP |
1604 | return 0; |
1605 | ||
6c1e6b98 LP |
1606 | log_info("Flushing to /var..."); |
1607 | ||
cf244689 LP |
1608 | r = sd_id128_get_machine(&machine); |
1609 | if (r < 0) { | |
1610 | log_error("Failed to get machine id: %s", strerror(-r)); | |
1611 | return r; | |
1612 | } | |
1613 | ||
1614 | r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY); | |
1615 | if (r < 0) { | |
1616 | log_error("Failed to read runtime journal: %s", strerror(-r)); | |
1617 | return r; | |
1618 | } | |
1619 | ||
1620 | SD_JOURNAL_FOREACH(j) { | |
1621 | JournalFile *f; | |
1622 | ||
1623 | f = j->current_file; | |
1624 | assert(f && f->current_offset > 0); | |
1625 | ||
1626 | r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o); | |
1627 | if (r < 0) { | |
1628 | log_error("Can't read entry: %s", strerror(-r)); | |
1629 | goto finish; | |
1630 | } | |
1631 | ||
1632 | r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL); | |
1633 | if (r == -E2BIG) { | |
1634 | log_info("Allocation limit reached."); | |
1635 | ||
1636 | journal_file_post_change(s->system_journal); | |
b1a0ab71 | 1637 | server_rotate(s); |
cf244689 LP |
1638 | server_vacuum(s); |
1639 | ||
1640 | r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL); | |
1641 | } | |
1642 | ||
1643 | if (r < 0) { | |
1644 | log_error("Can't write entry: %s", strerror(-r)); | |
1645 | goto finish; | |
1646 | } | |
1647 | } | |
1648 | ||
1649 | finish: | |
1650 | journal_file_post_change(s->system_journal); | |
1651 | ||
1652 | journal_file_close(s->runtime_journal); | |
1653 | s->runtime_journal = NULL; | |
1654 | ||
4a299a7a LP |
1655 | if (r >= 0) |
1656 | rm_rf("/run/log/journal", false, true, false); | |
cf244689 LP |
1657 | |
1658 | return r; | |
1659 | } | |
1660 | ||
fe652127 LP |
1661 | static int process_event(Server *s, struct epoll_event *ev) { |
1662 | assert(s); | |
ba6b3039 | 1663 | assert(ev); |
fe652127 | 1664 | |
87d2c1ff LP |
1665 | if (ev->data.fd == s->signal_fd) { |
1666 | struct signalfd_siginfo sfsi; | |
1667 | ssize_t n; | |
1668 | ||
fe652127 LP |
1669 | if (ev->events != EPOLLIN) { |
1670 | log_info("Got invalid event from epoll."); | |
1671 | return -EIO; | |
1672 | } | |
1673 | ||
87d2c1ff LP |
1674 | n = read(s->signal_fd, &sfsi, sizeof(sfsi)); |
1675 | if (n != sizeof(sfsi)) { | |
1676 | ||
1677 | if (n >= 0) | |
1678 | return -EIO; | |
1679 | ||
1680 | if (errno == EINTR || errno == EAGAIN) | |
6c1e6b98 | 1681 | return 1; |
87d2c1ff LP |
1682 | |
1683 | return -errno; | |
1684 | } | |
1685 | ||
3146a302 LP |
1686 | log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo)); |
1687 | ||
cf244689 | 1688 | if (sfsi.ssi_signo == SIGUSR1) { |
b8156be0 | 1689 | touch("/run/systemd/journal/flushed"); |
cf244689 | 1690 | server_flush_to_var(s); |
ba6b3039 LP |
1691 | return 1; |
1692 | } | |
1693 | ||
1694 | if (sfsi.ssi_signo == SIGUSR2) { | |
1695 | server_rotate(s); | |
1696 | server_vacuum(s); | |
1697 | return 1; | |
cf244689 LP |
1698 | } |
1699 | ||
87d2c1ff LP |
1700 | return 0; |
1701 | ||
51abe64c | 1702 | } else if (ev->data.fd == s->dev_kmsg_fd) { |
6c1e6b98 LP |
1703 | int r; |
1704 | ||
1705 | if (ev->events != EPOLLIN) { | |
1706 | log_info("Got invalid event from epoll."); | |
1707 | return -EIO; | |
1708 | } | |
1709 | ||
51abe64c | 1710 | r = server_read_dev_kmsg(s); |
6c1e6b98 LP |
1711 | if (r < 0) |
1712 | return r; | |
1713 | ||
1714 | return 1; | |
1715 | ||
fe652127 LP |
1716 | } else if (ev->data.fd == s->native_fd || |
1717 | ev->data.fd == s->syslog_fd) { | |
1718 | ||
1719 | if (ev->events != EPOLLIN) { | |
1720 | log_info("Got invalid event from epoll."); | |
1721 | return -EIO; | |
1722 | } | |
cec736d2 | 1723 | |
87d2c1ff | 1724 | for (;;) { |
87d2c1ff LP |
1725 | struct msghdr msghdr; |
1726 | struct iovec iovec; | |
1727 | struct ucred *ucred = NULL; | |
1728 | struct timeval *tv = NULL; | |
1729 | struct cmsghdr *cmsg; | |
7f2c63cb LP |
1730 | char *label = NULL; |
1731 | size_t label_len = 0; | |
87d2c1ff LP |
1732 | union { |
1733 | struct cmsghdr cmsghdr; | |
7264278f LP |
1734 | |
1735 | /* We use NAME_MAX space for the | |
1736 | * SELinux label here. The kernel | |
1737 | * currently enforces no limit, but | |
1738 | * according to suggestions from the | |
1739 | * SELinux people this will change and | |
1740 | * it will probably be identical to | |
1741 | * NAME_MAX. For now we use that, but | |
1742 | * this should be updated one day when | |
1743 | * the final limit is known.*/ | |
87d2c1ff | 1744 | uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) + |
0dad12c1 | 1745 | CMSG_SPACE(sizeof(struct timeval)) + |
7264278f LP |
1746 | CMSG_SPACE(sizeof(int)) + /* fd */ |
1747 | CMSG_SPACE(NAME_MAX)]; /* selinux label */ | |
87d2c1ff LP |
1748 | } control; |
1749 | ssize_t n; | |
7f3e6257 | 1750 | int v; |
0dad12c1 LP |
1751 | int *fds = NULL; |
1752 | unsigned n_fds = 0; | |
7f3e6257 LP |
1753 | |
1754 | if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) { | |
1755 | log_error("SIOCINQ failed: %m"); | |
1756 | return -errno; | |
1757 | } | |
1758 | ||
7f3e6257 LP |
1759 | if (s->buffer_size < (size_t) v) { |
1760 | void *b; | |
1761 | size_t l; | |
1762 | ||
1763 | l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2); | |
1764 | b = realloc(s->buffer, l+1); | |
1765 | ||
1766 | if (!b) { | |
1767 | log_error("Couldn't increase buffer."); | |
1768 | return -ENOMEM; | |
1769 | } | |
1770 | ||
1771 | s->buffer_size = l; | |
1772 | s->buffer = b; | |
1773 | } | |
87d2c1ff LP |
1774 | |
1775 | zero(iovec); | |
7f3e6257 LP |
1776 | iovec.iov_base = s->buffer; |
1777 | iovec.iov_len = s->buffer_size; | |
87d2c1ff LP |
1778 | |
1779 | zero(control); | |
1780 | zero(msghdr); | |
1781 | msghdr.msg_iov = &iovec; | |
1782 | msghdr.msg_iovlen = 1; | |
1783 | msghdr.msg_control = &control; | |
1784 | msghdr.msg_controllen = sizeof(control); | |
1785 | ||
0dad12c1 | 1786 | n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC); |
87d2c1ff LP |
1787 | if (n < 0) { |
1788 | ||
1789 | if (errno == EINTR || errno == EAGAIN) | |
1790 | return 1; | |
1791 | ||
1792 | log_error("recvmsg() failed: %m"); | |
1793 | return -errno; | |
1794 | } | |
1795 | ||
1796 | for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) { | |
1797 | ||
1798 | if (cmsg->cmsg_level == SOL_SOCKET && | |
1799 | cmsg->cmsg_type == SCM_CREDENTIALS && | |
1800 | cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred))) | |
1801 | ucred = (struct ucred*) CMSG_DATA(cmsg); | |
1802 | else if (cmsg->cmsg_level == SOL_SOCKET && | |
7f2c63cb LP |
1803 | cmsg->cmsg_type == SCM_SECURITY) { |
1804 | label = (char*) CMSG_DATA(cmsg); | |
1805 | label_len = cmsg->cmsg_len - CMSG_LEN(0); | |
1806 | } else if (cmsg->cmsg_level == SOL_SOCKET && | |
87d2c1ff LP |
1807 | cmsg->cmsg_type == SO_TIMESTAMP && |
1808 | cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval))) | |
1809 | tv = (struct timeval*) CMSG_DATA(cmsg); | |
0dad12c1 LP |
1810 | else if (cmsg->cmsg_level == SOL_SOCKET && |
1811 | cmsg->cmsg_type == SCM_RIGHTS) { | |
1812 | fds = (int*) CMSG_DATA(cmsg); | |
1813 | n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int); | |
1814 | } | |
87d2c1ff LP |
1815 | } |
1816 | ||
7f3e6257 LP |
1817 | if (ev->data.fd == s->syslog_fd) { |
1818 | char *e; | |
1819 | ||
0dad12c1 LP |
1820 | if (n > 0 && n_fds == 0) { |
1821 | e = memchr(s->buffer, '\n', n); | |
1822 | if (e) | |
1823 | *e = 0; | |
1824 | else | |
1825 | s->buffer[n] = 0; | |
1826 | ||
35e2e347 | 1827 | server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len); |
0dad12c1 LP |
1828 | } else if (n_fds > 0) |
1829 | log_warning("Got file descriptors via syslog socket. Ignoring."); | |
1830 | ||
1831 | } else { | |
1832 | if (n > 0 && n_fds == 0) | |
7f2c63cb | 1833 | process_native_message(s, s->buffer, n, ucred, tv, label, label_len); |
0dad12c1 | 1834 | else if (n == 0 && n_fds == 1) |
7f2c63cb | 1835 | process_native_file(s, fds[0], ucred, tv, label, label_len); |
0dad12c1 LP |
1836 | else if (n_fds > 0) |
1837 | log_warning("Got too many file descriptors via native socket. Ignoring."); | |
1838 | } | |
87d2c1ff | 1839 | |
0dad12c1 | 1840 | close_many(fds, n_fds); |
87d2c1ff | 1841 | } |
cec736d2 LP |
1842 | |
1843 | return 1; | |
fe652127 LP |
1844 | |
1845 | } else if (ev->data.fd == s->stdout_fd) { | |
1846 | ||
1847 | if (ev->events != EPOLLIN) { | |
1848 | log_info("Got invalid event from epoll."); | |
1849 | return -EIO; | |
1850 | } | |
1851 | ||
1852 | stdout_stream_new(s); | |
1853 | return 1; | |
1854 | ||
1855 | } else { | |
1856 | StdoutStream *stream; | |
1857 | ||
1858 | if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) { | |
1859 | log_info("Got invalid event from epoll."); | |
1860 | return -EIO; | |
1861 | } | |
1862 | ||
1863 | /* If it is none of the well-known fds, it must be an | |
1864 | * stdout stream fd. Note that this is a bit ugly here | |
1865 | * (since we rely that none of the well-known fds | |
1866 | * could be interpreted as pointer), but nonetheless | |
1867 | * safe, since the well-known fds would never get an | |
1868 | * fd > 4096, i.e. beyond the first memory page */ | |
1869 | ||
1870 | stream = ev->data.ptr; | |
1871 | ||
1872 | if (stdout_stream_process(stream) <= 0) | |
1873 | stdout_stream_free(stream); | |
1874 | ||
1875 | return 1; | |
87d2c1ff LP |
1876 | } |
1877 | ||
cec736d2 LP |
1878 | log_error("Unknown event."); |
1879 | return 0; | |
87d2c1ff LP |
1880 | } |
1881 | ||
87d2c1ff | 1882 | |
7f3e6257 LP |
1883 | static int open_native_socket(Server*s) { |
1884 | union sockaddr_union sa; | |
1885 | int one, r; | |
fe652127 | 1886 | struct epoll_event ev; |
7f3e6257 LP |
1887 | |
1888 | assert(s); | |
1889 | ||
1890 | if (s->native_fd < 0) { | |
1891 | ||
6c1e6b98 | 1892 | s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); |
7f3e6257 | 1893 | if (s->native_fd < 0) { |
87d2c1ff LP |
1894 | log_error("socket() failed: %m"); |
1895 | return -errno; | |
1896 | } | |
1897 | ||
1898 | zero(sa); | |
1899 | sa.un.sun_family = AF_UNIX; | |
259d2e76 | 1900 | strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path)); |
87d2c1ff LP |
1901 | |
1902 | unlink(sa.un.sun_path); | |
1903 | ||
7f3e6257 | 1904 | r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path)); |
87d2c1ff LP |
1905 | if (r < 0) { |
1906 | log_error("bind() failed: %m"); | |
1907 | return -errno; | |
1908 | } | |
1909 | ||
1910 | chmod(sa.un.sun_path, 0666); | |
632117b7 LP |
1911 | } else |
1912 | fd_nonblock(s->native_fd, 1); | |
87d2c1ff LP |
1913 | |
1914 | one = 1; | |
7f3e6257 | 1915 | r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one)); |
87d2c1ff LP |
1916 | if (r < 0) { |
1917 | log_error("SO_PASSCRED failed: %m"); | |
1918 | return -errno; | |
1919 | } | |
1920 | ||
67aa4551 | 1921 | #ifdef HAVE_SELINUX |
54ecda32 LP |
1922 | one = 1; |
1923 | r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one)); | |
1924 | if (r < 0) | |
1925 | log_warning("SO_PASSSEC failed: %m"); | |
67aa4551 | 1926 | #endif |
54ecda32 | 1927 | |
87d2c1ff | 1928 | one = 1; |
7f3e6257 | 1929 | r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one)); |
87d2c1ff LP |
1930 | if (r < 0) { |
1931 | log_error("SO_TIMESTAMP failed: %m"); | |
1932 | return -errno; | |
1933 | } | |
1934 | ||
fe652127 LP |
1935 | zero(ev); |
1936 | ev.events = EPOLLIN; | |
1937 | ev.data.fd = s->native_fd; | |
1938 | if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) { | |
1939 | log_error("Failed to add native server fd to epoll object: %m"); | |
1940 | return -errno; | |
1941 | } | |
1942 | ||
7f3e6257 LP |
1943 | return 0; |
1944 | } | |
1945 | ||
fe652127 LP |
1946 | static int open_stdout_socket(Server *s) { |
1947 | union sockaddr_union sa; | |
1948 | int r; | |
7f3e6257 | 1949 | struct epoll_event ev; |
fe652127 LP |
1950 | |
1951 | assert(s); | |
1952 | ||
1953 | if (s->stdout_fd < 0) { | |
1954 | ||
6c1e6b98 | 1955 | s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0); |
fe652127 LP |
1956 | if (s->stdout_fd < 0) { |
1957 | log_error("socket() failed: %m"); | |
1958 | return -errno; | |
1959 | } | |
1960 | ||
1961 | zero(sa); | |
1962 | sa.un.sun_family = AF_UNIX; | |
259d2e76 | 1963 | strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path)); |
fe652127 LP |
1964 | |
1965 | unlink(sa.un.sun_path); | |
1966 | ||
1967 | r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path)); | |
1968 | if (r < 0) { | |
1969 | log_error("bind() failed: %m"); | |
1970 | return -errno; | |
1971 | } | |
1972 | ||
1973 | chmod(sa.un.sun_path, 0666); | |
1974 | ||
1975 | if (listen(s->stdout_fd, SOMAXCONN) < 0) { | |
1976 | log_error("liste() failed: %m"); | |
1977 | return -errno; | |
1978 | } | |
632117b7 LP |
1979 | } else |
1980 | fd_nonblock(s->stdout_fd, 1); | |
fe652127 LP |
1981 | |
1982 | zero(ev); | |
1983 | ev.events = EPOLLIN; | |
1984 | ev.data.fd = s->stdout_fd; | |
1985 | if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) { | |
1986 | log_error("Failed to add stdout server fd to epoll object: %m"); | |
1987 | return -errno; | |
1988 | } | |
1989 | ||
1990 | return 0; | |
1991 | } | |
1992 | ||
1993 | static int open_signalfd(Server *s) { | |
7f3e6257 | 1994 | sigset_t mask; |
fe652127 LP |
1995 | struct epoll_event ev; |
1996 | ||
1997 | assert(s); | |
1998 | ||
1999 | assert_se(sigemptyset(&mask) == 0); | |
ba6b3039 | 2000 | sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1); |
fe652127 LP |
2001 | assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0); |
2002 | ||
2003 | s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC); | |
2004 | if (s->signal_fd < 0) { | |
2005 | log_error("signalfd(): %m"); | |
2006 | return -errno; | |
2007 | } | |
2008 | ||
2009 | zero(ev); | |
2010 | ev.events = EPOLLIN; | |
2011 | ev.data.fd = s->signal_fd; | |
2012 | ||
2013 | if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) { | |
2014 | log_error("epoll_ctl(): %m"); | |
2015 | return -errno; | |
2016 | } | |
2017 | ||
2018 | return 0; | |
2019 | } | |
2020 | ||
effb1102 LP |
2021 | static int server_parse_proc_cmdline(Server *s) { |
2022 | char *line, *w, *state; | |
2023 | int r; | |
2024 | size_t l; | |
2025 | ||
2026 | if (detect_container(NULL) > 0) | |
2027 | return 0; | |
2028 | ||
2029 | r = read_one_line_file("/proc/cmdline", &line); | |
2030 | if (r < 0) { | |
2031 | log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r)); | |
2032 | return 0; | |
2033 | } | |
2034 | ||
2035 | FOREACH_WORD_QUOTED(w, l, line, state) { | |
2036 | char *word; | |
2037 | ||
2038 | word = strndup(w, l); | |
2039 | if (!word) { | |
2040 | r = -ENOMEM; | |
2041 | goto finish; | |
2042 | } | |
2043 | ||
c66e7bc7 | 2044 | if (startswith(word, "systemd.journald.forward_to_syslog=")) { |
effb1102 LP |
2045 | r = parse_boolean(word + 35); |
2046 | if (r < 0) | |
2047 | log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35); | |
2048 | else | |
2049 | s->forward_to_syslog = r; | |
c66e7bc7 | 2050 | } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) { |
effb1102 LP |
2051 | r = parse_boolean(word + 33); |
2052 | if (r < 0) | |
2053 | log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33); | |
2054 | else | |
2055 | s->forward_to_kmsg = r; | |
c66e7bc7 | 2056 | } else if (startswith(word, "systemd.journald.forward_to_console=")) { |
effb1102 LP |
2057 | r = parse_boolean(word + 36); |
2058 | if (r < 0) | |
2059 | log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36); | |
2060 | else | |
2061 | s->forward_to_console = r; | |
66a78c2b LP |
2062 | } else if (startswith(word, "systemd.journald")) |
2063 | log_warning("Invalid systemd.journald parameter. Ignoring."); | |
effb1102 LP |
2064 | |
2065 | free(word); | |
2066 | } | |
2067 | ||
2068 | r = 0; | |
2069 | ||
2070 | finish: | |
2071 | free(line); | |
2072 | return r; | |
2073 | } | |
2074 | ||
e6960940 LP |
2075 | static int server_parse_config_file(Server *s) { |
2076 | FILE *f; | |
2077 | const char *fn; | |
2078 | int r; | |
2079 | ||
2080 | assert(s); | |
2081 | ||
18b754d3 | 2082 | fn = "/etc/systemd/journald.conf"; |
e6960940 LP |
2083 | f = fopen(fn, "re"); |
2084 | if (!f) { | |
2085 | if (errno == ENOENT) | |
2086 | return 0; | |
2087 | ||
2088 | log_warning("Failed to open configuration file %s: %m", fn); | |
2089 | return -errno; | |
2090 | } | |
2091 | ||
2092 | r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s); | |
2093 | if (r < 0) | |
2094 | log_warning("Failed to parse configuration file: %s", strerror(-r)); | |
2095 | ||
2096 | fclose(f); | |
2097 | ||
2098 | return r; | |
2099 | } | |
2100 | ||
fe652127 LP |
2101 | static int server_init(Server *s) { |
2102 | int n, r, fd; | |
7f3e6257 LP |
2103 | |
2104 | assert(s); | |
2105 | ||
2106 | zero(*s); | |
51abe64c | 2107 | s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1; |
807e17f0 | 2108 | s->compress = true; |
eb53b74f | 2109 | s->seal = true; |
7f3e6257 | 2110 | |
e6960940 LP |
2111 | s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL; |
2112 | s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST; | |
2113 | ||
224f2ee2 LP |
2114 | s->forward_to_syslog = true; |
2115 | ||
213ba152 LP |
2116 | s->max_level_store = LOG_DEBUG; |
2117 | s->max_level_syslog = LOG_DEBUG; | |
2118 | s->max_level_kmsg = LOG_NOTICE; | |
2119 | s->max_level_console = LOG_INFO; | |
2120 | ||
babfc091 LP |
2121 | memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics)); |
2122 | memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics)); | |
2123 | ||
e6960940 | 2124 | server_parse_config_file(s); |
effb1102 | 2125 | server_parse_proc_cmdline(s); |
e6960940 | 2126 | |
cee5e9a7 LP |
2127 | mkdir_p("/run/systemd/journal", 0755); |
2128 | ||
fe652127 | 2129 | s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func); |
0d0f0c50 SL |
2130 | if (!s->user_journals) |
2131 | return log_oom(); | |
fe652127 | 2132 | |
84168d80 | 2133 | s->mmap = mmap_cache_new(); |
16e9f408 LP |
2134 | if (!s->mmap) |
2135 | return log_oom(); | |
2136 | ||
7f3e6257 LP |
2137 | s->epoll_fd = epoll_create1(EPOLL_CLOEXEC); |
2138 | if (s->epoll_fd < 0) { | |
2139 | log_error("Failed to create epoll object: %m"); | |
2140 | return -errno; | |
2141 | } | |
2142 | ||
2143 | n = sd_listen_fds(true); | |
2144 | if (n < 0) { | |
2145 | log_error("Failed to read listening file descriptors from environment: %s", strerror(-n)); | |
2146 | return n; | |
2147 | } | |
2148 | ||
2149 | for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) { | |
2150 | ||
259d2e76 | 2151 | if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) { |
7f3e6257 | 2152 | |
fe652127 LP |
2153 | if (s->native_fd >= 0) { |
2154 | log_error("Too many native sockets passed."); | |
7f3e6257 LP |
2155 | return -EINVAL; |
2156 | } | |
2157 | ||
fe652127 | 2158 | s->native_fd = fd; |
7f3e6257 | 2159 | |
259d2e76 | 2160 | } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) { |
7f3e6257 | 2161 | |
fe652127 LP |
2162 | if (s->stdout_fd >= 0) { |
2163 | log_error("Too many stdout sockets passed."); | |
7f3e6257 LP |
2164 | return -EINVAL; |
2165 | } | |
2166 | ||
fe652127 LP |
2167 | s->stdout_fd = fd; |
2168 | ||
2169 | } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) { | |
2170 | ||
2171 | if (s->syslog_fd >= 0) { | |
2172 | log_error("Too many /dev/log sockets passed."); | |
2173 | return -EINVAL; | |
2174 | } | |
2175 | ||
2176 | s->syslog_fd = fd; | |
2177 | ||
7f3e6257 LP |
2178 | } else { |
2179 | log_error("Unknown socket passed."); | |
2180 | return -EINVAL; | |
2181 | } | |
2182 | } | |
2183 | ||
35e2e347 | 2184 | r = server_open_syslog_socket(s); |
7f3e6257 LP |
2185 | if (r < 0) |
2186 | return r; | |
2187 | ||
7f3e6257 LP |
2188 | r = open_native_socket(s); |
2189 | if (r < 0) | |
2190 | return r; | |
2191 | ||
fe652127 LP |
2192 | r = open_stdout_socket(s); |
2193 | if (r < 0) | |
2194 | return r; | |
87d2c1ff | 2195 | |
ef63833d | 2196 | r = server_open_dev_kmsg(s); |
6c1e6b98 LP |
2197 | if (r < 0) |
2198 | return r; | |
2199 | ||
ef63833d | 2200 | r = server_open_kernel_seqnum(s); |
cee5e9a7 LP |
2201 | if (r < 0) |
2202 | return r; | |
2203 | ||
fe652127 LP |
2204 | r = open_signalfd(s); |
2205 | if (r < 0) | |
2206 | return r; | |
87d2c1ff | 2207 | |
bdfb9e7f LP |
2208 | s->udev = udev_new(); |
2209 | if (!s->udev) | |
2210 | return -ENOMEM; | |
2211 | ||
e6960940 | 2212 | s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst); |
6e409ce1 LP |
2213 | if (!s->rate_limit) |
2214 | return -ENOMEM; | |
2215 | ||
9447a7f1 LP |
2216 | r = system_journal_open(s); |
2217 | if (r < 0) | |
2218 | return r; | |
2219 | ||
87d2c1ff LP |
2220 | return 0; |
2221 | } | |
2222 | ||
671e021c LP |
2223 | static void maybe_append_tags(Server *s) { |
2224 | #ifdef HAVE_GCRYPT | |
2225 | JournalFile *f; | |
2226 | Iterator i; | |
2227 | usec_t n; | |
2228 | ||
2229 | n = now(CLOCK_REALTIME); | |
2230 | ||
2231 | if (s->system_journal) | |
2232 | journal_file_maybe_append_tag(s->system_journal, n); | |
2233 | ||
2234 | HASHMAP_FOREACH(f, s->user_journals, i) | |
2235 | journal_file_maybe_append_tag(f, n); | |
2236 | #endif | |
2237 | } | |
2238 | ||
87d2c1ff LP |
2239 | static void server_done(Server *s) { |
2240 | JournalFile *f; | |
2241 | assert(s); | |
2242 | ||
fe652127 LP |
2243 | while (s->stdout_streams) |
2244 | stdout_stream_free(s->stdout_streams); | |
2245 | ||
87d2c1ff LP |
2246 | if (s->system_journal) |
2247 | journal_file_close(s->system_journal); | |
2248 | ||
f4b47811 LP |
2249 | if (s->runtime_journal) |
2250 | journal_file_close(s->runtime_journal); | |
2251 | ||
87d2c1ff LP |
2252 | while ((f = hashmap_steal_first(s->user_journals))) |
2253 | journal_file_close(f); | |
2254 | ||
2255 | hashmap_free(s->user_journals); | |
2256 | ||
2257 | if (s->epoll_fd >= 0) | |
2258 | close_nointr_nofail(s->epoll_fd); | |
2259 | ||
2260 | if (s->signal_fd >= 0) | |
2261 | close_nointr_nofail(s->signal_fd); | |
2262 | ||
2263 | if (s->syslog_fd >= 0) | |
2264 | close_nointr_nofail(s->syslog_fd); | |
7f3e6257 LP |
2265 | |
2266 | if (s->native_fd >= 0) | |
2267 | close_nointr_nofail(s->native_fd); | |
fe652127 LP |
2268 | |
2269 | if (s->stdout_fd >= 0) | |
2270 | close_nointr_nofail(s->stdout_fd); | |
6e409ce1 | 2271 | |
51abe64c LP |
2272 | if (s->dev_kmsg_fd >= 0) |
2273 | close_nointr_nofail(s->dev_kmsg_fd); | |
6c1e6b98 | 2274 | |
6e409ce1 LP |
2275 | if (s->rate_limit) |
2276 | journal_rate_limit_free(s->rate_limit); | |
783d2675 | 2277 | |
cee5e9a7 LP |
2278 | if (s->kernel_seqnum) |
2279 | munmap(s->kernel_seqnum, sizeof(uint64_t)); | |
2280 | ||
783d2675 | 2281 | free(s->buffer); |
0d9243f0 | 2282 | free(s->tty_path); |
16e9f408 LP |
2283 | |
2284 | if (s->mmap) | |
2285 | mmap_cache_unref(s->mmap); | |
bdfb9e7f LP |
2286 | |
2287 | if (s->udev) | |
2288 | udev_unref(s->udev); | |
87d2c1ff LP |
2289 | } |
2290 | ||
2291 | int main(int argc, char *argv[]) { | |
2292 | Server server; | |
2293 | int r; | |
2294 | ||
2295 | /* if (getppid() != 1) { */ | |
2296 | /* log_error("This program should be invoked by init only."); */ | |
2297 | /* return EXIT_FAILURE; */ | |
2298 | /* } */ | |
2299 | ||
2300 | if (argc > 1) { | |
2301 | log_error("This program does not take arguments."); | |
2302 | return EXIT_FAILURE; | |
2303 | } | |
2304 | ||
a6903061 | 2305 | log_set_target(LOG_TARGET_SAFE); |
3eff4208 | 2306 | log_set_facility(LOG_SYSLOG); |
f65425cb | 2307 | log_set_max_level(LOG_DEBUG); |
87d2c1ff LP |
2308 | log_parse_environment(); |
2309 | log_open(); | |
2310 | ||
2311 | umask(0022); | |
2312 | ||
2313 | r = server_init(&server); | |
2314 | if (r < 0) | |
2315 | goto finish; | |
2316 | ||
e6960940 LP |
2317 | server_vacuum(&server); |
2318 | server_flush_to_var(&server); | |
51abe64c | 2319 | server_flush_dev_kmsg(&server); |
e6960940 | 2320 | |
87d2c1ff | 2321 | log_debug("systemd-journald running as pid %lu", (unsigned long) getpid()); |
ef63833d | 2322 | server_driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started"); |
87d2c1ff LP |
2323 | |
2324 | sd_notify(false, | |
2325 | "READY=1\n" | |
fe652127 | 2326 | "STATUS=Processing requests..."); |
50f20cfd | 2327 | |
87d2c1ff LP |
2328 | for (;;) { |
2329 | struct epoll_event event; | |
89fef990 | 2330 | int t; |
87d2c1ff | 2331 | |
89fef990 LP |
2332 | #ifdef HAVE_GCRYPT |
2333 | usec_t u; | |
2334 | ||
2335 | if (server.system_journal && | |
2336 | journal_file_next_evolve_usec(server.system_journal, &u)) { | |
2337 | usec_t n; | |
2338 | ||
671e021c | 2339 | n = now(CLOCK_REALTIME); |
89fef990 LP |
2340 | |
2341 | if (n >= u) | |
2342 | t = 0; | |
2343 | else | |
2344 | t = (int) ((u - n + USEC_PER_MSEC - 1) / USEC_PER_MSEC); | |
2345 | } else | |
2346 | #endif | |
2347 | t = -1; | |
2348 | ||
2349 | r = epoll_wait(server.epoll_fd, &event, 1, t); | |
87d2c1ff LP |
2350 | if (r < 0) { |
2351 | ||
2352 | if (errno == EINTR) | |
2353 | continue; | |
2354 | ||
2355 | log_error("epoll_wait() failed: %m"); | |
2356 | r = -errno; | |
2357 | goto finish; | |
89fef990 | 2358 | } |
87d2c1ff | 2359 | |
89fef990 LP |
2360 | if (r > 0) { |
2361 | r = process_event(&server, &event); | |
2362 | if (r < 0) | |
2363 | goto finish; | |
2364 | else if (r == 0) | |
2365 | break; | |
2366 | } | |
2367 | ||
671e021c | 2368 | maybe_append_tags(&server); |
87d2c1ff LP |
2369 | } |
2370 | ||
fe652127 | 2371 | log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid()); |
ef63833d | 2372 | server_driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped"); |
fe652127 | 2373 | |
87d2c1ff LP |
2374 | finish: |
2375 | sd_notify(false, | |
2376 | "STATUS=Shutting down..."); | |
2377 | ||
2378 | server_done(&server); | |
2379 | ||
2380 | return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; | |
2381 | } |