1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <selinux/selinux.h>
25 #include <sys/ioctl.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "alloc-util.h"
38 #include "audit-util.h"
39 #include "cgroup-util.h"
40 #include "conf-parser.h"
41 #include "dirent-util.h"
42 #include "extract-word.h"
44 #include "formats-util.h"
47 #include "hostname-util.h"
49 #include "journal-authenticate.h"
50 #include "journal-file.h"
51 #include "journal-internal.h"
52 #include "journal-vacuum.h"
53 #include "journald-audit.h"
54 #include "journald-kmsg.h"
55 #include "journald-native.h"
56 #include "journald-rate-limit.h"
57 #include "journald-server.h"
58 #include "journald-stream.h"
59 #include "journald-syslog.h"
62 #include "parse-util.h"
63 #include "proc-cmdline.h"
64 #include "process-util.h"
66 #include "selinux-util.h"
67 #include "signal-util.h"
68 #include "socket-util.h"
69 #include "string-table.h"
70 #include "string-util.h"
72 #define USER_JOURNALS_MAX 1024
74 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
75 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
76 #define DEFAULT_RATE_LIMIT_BURST 1000
77 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
79 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
81 static int determine_space_for(
83 JournalMetrics
*metrics
,
91 uint64_t sum
= 0, ss_avail
, avail
;
92 _cleanup_closedir_
DIR *d
= NULL
;
103 ts
= now(CLOCK_MONOTONIC
);
105 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
108 *available
= s
->cached_space_available
;
110 *limit
= s
->cached_space_limit
;
115 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
118 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
120 if (fstatvfs(dirfd(d
), &ss
) < 0)
121 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
123 FOREACH_DIRENT_ALL(de
, d
, break) {
126 if (!endswith(de
->d_name
, ".journal") &&
127 !endswith(de
->d_name
, ".journal~"))
130 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
131 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
135 if (!S_ISREG(st
.st_mode
))
138 sum
+= (uint64_t) st
.st_blocks
* 512UL;
141 /* If request, then let's bump the min_use limit to the
142 * current usage on disk. We do this when starting up and
143 * first opening the journal files. This way sudden spikes in
144 * disk usage will not cause journald to vacuum files without
145 * bounds. Note that this means that only a restart of
146 * journald will make it reset this value. */
149 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
151 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
152 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
154 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
155 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
156 s
->cached_space_timestamp
= ts
;
159 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
160 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
162 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
163 "%s (%s) is currently using %s.\n"
164 "Maximum allowed usage is set to %s.\n"
165 "Leaving at least %s free (of currently available %s of space).\n"
166 "Enforced usage limit is thus %s, of which %s are still available.",
168 format_bytes(fb1
, sizeof(fb1
), sum
),
169 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
170 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
171 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
172 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
173 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
177 *available
= s
->cached_space_available
;
179 *limit
= s
->cached_space_limit
;
184 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
185 JournalMetrics
*metrics
;
186 const char *path
, *name
;
190 if (s
->system_journal
) {
191 path
= "/var/log/journal/";
192 metrics
= &s
->system_metrics
;
193 name
= "System journal";
195 path
= "/run/log/journal/";
196 metrics
= &s
->runtime_metrics
;
197 name
= "Runtime journal";
200 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
203 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
206 _cleanup_(acl_freep
) acl_t acl
= NULL
;
208 acl_permset_t permset
;
213 r
= fchmod(f
->fd
, 0640);
215 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
218 if (uid
<= SYSTEM_UID_MAX
)
221 acl
= acl_get_fd(f
->fd
);
223 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
227 r
= acl_find_uid(acl
, uid
, &entry
);
230 if (acl_create_entry(&acl
, &entry
) < 0 ||
231 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
232 acl_set_qualifier(entry
, &uid
) < 0) {
233 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
238 /* We do not recalculate the mask unconditionally here,
239 * so that the fchmod() mask above stays intact. */
240 if (acl_get_permset(entry
, &permset
) < 0 ||
241 acl_add_perm(permset
, ACL_READ
) < 0 ||
242 calc_acl_mask_if_needed(&acl
) < 0) {
243 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
247 if (acl_set_fd(f
->fd
, acl
) < 0)
248 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
253 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
254 _cleanup_free_
char *p
= NULL
;
261 /* We split up user logs only on /var, not on /run. If the
262 * runtime file is open, we write to it exclusively, in order
263 * to guarantee proper order as soon as we flush /run to
264 * /var and close the runtime file. */
266 if (s
->runtime_journal
)
267 return s
->runtime_journal
;
269 if (uid
<= SYSTEM_UID_MAX
)
270 return s
->system_journal
;
272 r
= sd_id128_get_machine(&machine
);
274 return s
->system_journal
;
276 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
280 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
281 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
282 return s
->system_journal
;
284 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
285 /* Too many open? Then let's close one */
286 f
= ordered_hashmap_steal_first(s
->user_journals
);
288 journal_file_close(f
);
291 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
293 return s
->system_journal
;
295 server_fix_perms(s
, f
, uid
);
297 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
299 journal_file_close(f
);
300 return s
->system_journal
;
306 static int do_rotate(
319 r
= journal_file_rotate(f
, s
->compress
, seal
);
322 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
324 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
326 server_fix_perms(s
, *f
, uid
);
331 void server_rotate(Server
*s
) {
337 log_debug("Rotating...");
339 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
340 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
342 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
343 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
345 ordered_hashmap_replace(s
->user_journals
, k
, f
);
347 /* Old file has been closed and deallocated */
348 ordered_hashmap_remove(s
->user_journals
, k
);
352 void server_sync(Server
*s
) {
358 if (s
->system_journal
) {
359 r
= journal_file_set_offline(s
->system_journal
);
361 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
364 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
365 r
= journal_file_set_offline(f
);
367 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
370 if (s
->sync_event_source
) {
371 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
373 log_error_errno(r
, "Failed to disable sync timer source: %m");
376 s
->sync_scheduled
= false;
379 static void do_vacuum(
382 JournalMetrics
*metrics
,
386 bool patch_min_use
) {
400 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
402 limit
= metrics
->max_use
;
403 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
405 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
406 if (r
< 0 && r
!= -ENOENT
)
407 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
410 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
413 log_debug("Vacuuming...");
415 s
->oldest_file_usec
= 0;
417 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
418 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
420 s
->cached_space_limit
= 0;
421 s
->cached_space_available
= 0;
422 s
->cached_space_timestamp
= 0;
427 static void server_cache_machine_id(Server
*s
) {
433 r
= sd_id128_get_machine(&id
);
437 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
440 static void server_cache_boot_id(Server
*s
) {
446 r
= sd_id128_get_boot(&id
);
450 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
453 static void server_cache_hostname(Server
*s
) {
454 _cleanup_free_
char *t
= NULL
;
459 t
= gethostname_malloc();
463 x
= strappend("_HOSTNAME=", t
);
467 free(s
->hostname_field
);
468 s
->hostname_field
= x
;
471 static bool shall_try_append_again(JournalFile
*f
, int r
) {
473 /* -E2BIG Hit configured limit
475 -EDQUOT Quota limit hit
477 -EIO I/O error of some kind (mmap)
478 -EHOSTDOWN Other machine
479 -EBUSY Unclean shutdown
480 -EPROTONOSUPPORT Unsupported feature
483 -ESHUTDOWN Already archived
484 -EIDRM Journal file has been deleted */
486 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
487 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
488 else if (r
== -EHOSTDOWN
)
489 log_info("%s: Journal file from other machine, rotating.", f
->path
);
490 else if (r
== -EBUSY
)
491 log_info("%s: Unclean shutdown, rotating.", f
->path
);
492 else if (r
== -EPROTONOSUPPORT
)
493 log_info("%s: Unsupported feature, rotating.", f
->path
);
494 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
495 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
497 log_warning("%s: IO error, rotating.", f
->path
);
498 else if (r
== -EIDRM
)
499 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
506 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
508 bool vacuumed
= false;
515 f
= find_journal(s
, uid
);
519 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
520 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
522 server_vacuum(s
, false, false);
525 f
= find_journal(s
, uid
);
530 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
532 server_schedule_sync(s
, priority
);
536 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
537 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
542 server_vacuum(s
, false, false);
544 f
= find_journal(s
, uid
);
548 log_debug("Retrying write.");
549 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
551 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
553 server_schedule_sync(s
, priority
);
556 static void dispatch_message_real(
558 struct iovec
*iovec
, unsigned n
, unsigned m
,
559 const struct ucred
*ucred
,
560 const struct timeval
*tv
,
561 const char *label
, size_t label_len
,
566 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
567 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
568 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
569 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
570 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
571 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
572 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
573 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
579 uid_t realuid
= 0, owner
= 0, journal_uid
;
580 bool owner_valid
= false;
582 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
583 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
584 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
585 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
594 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
597 realuid
= ucred
->uid
;
599 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
600 IOVEC_SET_STRING(iovec
[n
++], pid
);
602 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
603 IOVEC_SET_STRING(iovec
[n
++], uid
);
605 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
606 IOVEC_SET_STRING(iovec
[n
++], gid
);
608 r
= get_process_comm(ucred
->pid
, &t
);
610 x
= strjoina("_COMM=", t
);
612 IOVEC_SET_STRING(iovec
[n
++], x
);
615 r
= get_process_exe(ucred
->pid
, &t
);
617 x
= strjoina("_EXE=", t
);
619 IOVEC_SET_STRING(iovec
[n
++], x
);
622 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
624 x
= strjoina("_CMDLINE=", t
);
626 IOVEC_SET_STRING(iovec
[n
++], x
);
629 r
= get_process_capeff(ucred
->pid
, &t
);
631 x
= strjoina("_CAP_EFFECTIVE=", t
);
633 IOVEC_SET_STRING(iovec
[n
++], x
);
637 r
= audit_session_from_pid(ucred
->pid
, &audit
);
639 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
640 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
643 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
645 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
646 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
650 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
652 char *session
= NULL
;
654 x
= strjoina("_SYSTEMD_CGROUP=", c
);
655 IOVEC_SET_STRING(iovec
[n
++], x
);
657 r
= cg_path_get_session(c
, &t
);
659 session
= strjoina("_SYSTEMD_SESSION=", t
);
661 IOVEC_SET_STRING(iovec
[n
++], session
);
664 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
667 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
668 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
671 if (cg_path_get_unit(c
, &t
) >= 0) {
672 x
= strjoina("_SYSTEMD_UNIT=", t
);
674 IOVEC_SET_STRING(iovec
[n
++], x
);
675 } else if (unit_id
&& !session
) {
676 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
677 IOVEC_SET_STRING(iovec
[n
++], x
);
680 if (cg_path_get_user_unit(c
, &t
) >= 0) {
681 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
683 IOVEC_SET_STRING(iovec
[n
++], x
);
684 } else if (unit_id
&& session
) {
685 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
686 IOVEC_SET_STRING(iovec
[n
++], x
);
689 if (cg_path_get_slice(c
, &t
) >= 0) {
690 x
= strjoina("_SYSTEMD_SLICE=", t
);
692 IOVEC_SET_STRING(iovec
[n
++], x
);
696 } else if (unit_id
) {
697 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
698 IOVEC_SET_STRING(iovec
[n
++], x
);
702 if (mac_selinux_use()) {
704 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
706 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
707 IOVEC_SET_STRING(iovec
[n
++], x
);
709 security_context_t con
;
711 if (getpidcon(ucred
->pid
, &con
) >= 0) {
712 x
= strjoina("_SELINUX_CONTEXT=", con
);
715 IOVEC_SET_STRING(iovec
[n
++], x
);
724 r
= get_process_uid(object_pid
, &object_uid
);
726 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
727 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
730 r
= get_process_gid(object_pid
, &object_gid
);
732 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
733 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
736 r
= get_process_comm(object_pid
, &t
);
738 x
= strjoina("OBJECT_COMM=", t
);
740 IOVEC_SET_STRING(iovec
[n
++], x
);
743 r
= get_process_exe(object_pid
, &t
);
745 x
= strjoina("OBJECT_EXE=", t
);
747 IOVEC_SET_STRING(iovec
[n
++], x
);
750 r
= get_process_cmdline(object_pid
, 0, false, &t
);
752 x
= strjoina("OBJECT_CMDLINE=", t
);
754 IOVEC_SET_STRING(iovec
[n
++], x
);
758 r
= audit_session_from_pid(object_pid
, &audit
);
760 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
761 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
764 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
766 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
767 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
771 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
773 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
774 IOVEC_SET_STRING(iovec
[n
++], x
);
776 r
= cg_path_get_session(c
, &t
);
778 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
780 IOVEC_SET_STRING(iovec
[n
++], x
);
783 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
784 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
785 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
788 if (cg_path_get_unit(c
, &t
) >= 0) {
789 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
791 IOVEC_SET_STRING(iovec
[n
++], x
);
794 if (cg_path_get_user_unit(c
, &t
) >= 0) {
795 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
797 IOVEC_SET_STRING(iovec
[n
++], x
);
806 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
807 IOVEC_SET_STRING(iovec
[n
++], source_time
);
810 /* Note that strictly speaking storing the boot id here is
811 * redundant since the entry includes this in-line
812 * anyway. However, we need this indexed, too. */
813 if (!isempty(s
->boot_id_field
))
814 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
816 if (!isempty(s
->machine_id_field
))
817 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
819 if (!isempty(s
->hostname_field
))
820 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
824 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
825 /* Split up strictly by any UID */
826 journal_uid
= realuid
;
827 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
828 /* Split up by login UIDs. We do this only if the
829 * realuid is not root, in order not to accidentally
830 * leak privileged information to the user that is
831 * logged by a privileged process that is part of an
832 * unprivileged session. */
837 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
840 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
841 char mid
[11 + 32 + 1];
842 char buffer
[16 + LINE_MAX
+ 1];
843 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
846 struct ucred ucred
= {};
851 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
852 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
854 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
855 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
857 memcpy(buffer
, "MESSAGE=", 8);
858 va_start(ap
, format
);
859 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
861 IOVEC_SET_STRING(iovec
[n
++], buffer
);
863 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
864 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
865 IOVEC_SET_STRING(iovec
[n
++], mid
);
868 ucred
.pid
= getpid();
869 ucred
.uid
= getuid();
870 ucred
.gid
= getgid();
872 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
875 void server_dispatch_message(
877 struct iovec
*iovec
, unsigned n
, unsigned m
,
878 const struct ucred
*ucred
,
879 const struct timeval
*tv
,
880 const char *label
, size_t label_len
,
886 _cleanup_free_
char *path
= NULL
;
887 uint64_t available
= 0;
891 assert(iovec
|| n
== 0);
896 if (LOG_PRI(priority
) > s
->max_level_store
)
899 /* Stop early in case the information will not be stored
901 if (s
->storage
== STORAGE_NONE
)
907 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
911 /* example: /user/lennart/3/foobar
912 * /system/dbus.service/foobar
914 * So let's cut of everything past the third /, since that is
915 * where user directories start */
917 c
= strchr(path
, '/');
919 c
= strchr(c
+1, '/');
921 c
= strchr(c
+1, '/');
927 (void) determine_space(s
, false, false, &available
, NULL
);
928 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
932 /* Write a suppression message if we suppressed something */
934 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
935 "Suppressed %u messages from %s", rl
- 1, path
);
938 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
942 static int system_journal_open(Server
*s
, bool flush_requested
) {
946 if (!s
->system_journal
&&
947 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
949 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
951 /* If in auto mode: first try to create the machine
952 * path, but not the prefix.
954 * If in persistent mode: create /var/log/journal and
955 * the machine path */
957 if (s
->storage
== STORAGE_PERSISTENT
)
958 (void) mkdir_p("/var/log/journal/", 0755);
960 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
961 (void) mkdir(fn
, 0755);
963 fn
= strjoina(fn
, "/system.journal");
964 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
966 server_fix_perms(s
, s
->system_journal
, 0);
967 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
969 if (r
!= -ENOENT
&& r
!= -EROFS
)
970 log_warning_errno(r
, "Failed to open system journal: %m");
976 if (!s
->runtime_journal
&&
977 (s
->storage
!= STORAGE_NONE
)) {
979 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
981 if (s
->system_journal
) {
983 /* Try to open the runtime journal, but only
984 * if it already exists, so that we can flush
985 * it into the system journal */
987 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
990 log_warning_errno(r
, "Failed to open runtime journal: %m");
997 /* OK, we really need the runtime journal, so create
998 * it if necessary. */
1000 (void) mkdir("/run/log", 0755);
1001 (void) mkdir("/run/log/journal", 0755);
1002 (void) mkdir_parents(fn
, 0750);
1004 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
1006 return log_error_errno(r
, "Failed to open runtime journal: %m");
1009 if (s
->runtime_journal
) {
1010 server_fix_perms(s
, s
->runtime_journal
, 0);
1011 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1018 int server_flush_to_var(Server
*s
) {
1020 sd_journal
*j
= NULL
;
1021 char ts
[FORMAT_TIMESPAN_MAX
];
1028 if (s
->storage
!= STORAGE_AUTO
&&
1029 s
->storage
!= STORAGE_PERSISTENT
)
1032 if (!s
->runtime_journal
)
1035 (void) system_journal_open(s
, true);
1037 if (!s
->system_journal
)
1040 log_debug("Flushing to /var...");
1042 start
= now(CLOCK_MONOTONIC
);
1044 r
= sd_id128_get_machine(&machine
);
1048 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1050 return log_error_errno(r
, "Failed to read runtime journal: %m");
1052 sd_journal_set_data_threshold(j
, 0);
1054 SD_JOURNAL_FOREACH(j
) {
1058 f
= j
->current_file
;
1059 assert(f
&& f
->current_offset
> 0);
1063 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1065 log_error_errno(r
, "Can't read entry: %m");
1069 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1073 if (!shall_try_append_again(s
->system_journal
, r
)) {
1074 log_error_errno(r
, "Can't write entry: %m");
1079 server_vacuum(s
, false, false);
1081 if (!s
->system_journal
) {
1082 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1087 log_debug("Retrying write.");
1088 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1090 log_error_errno(r
, "Can't write entry: %m");
1098 journal_file_post_change(s
->system_journal
);
1100 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1103 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1105 sd_journal_close(j
);
1107 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1112 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1113 Server
*s
= userdata
;
1114 struct ucred
*ucred
= NULL
;
1115 struct timeval
*tv
= NULL
;
1116 struct cmsghdr
*cmsg
;
1118 size_t label_len
= 0, m
;
1121 int *fds
= NULL
, v
= 0;
1125 struct cmsghdr cmsghdr
;
1127 /* We use NAME_MAX space for the SELinux label
1128 * here. The kernel currently enforces no
1129 * limit, but according to suggestions from
1130 * the SELinux people this will change and it
1131 * will probably be identical to NAME_MAX. For
1132 * now we use that, but this should be updated
1133 * one day when the final limit is known. */
1134 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1135 CMSG_SPACE(sizeof(struct timeval
)) +
1136 CMSG_SPACE(sizeof(int)) + /* fd */
1137 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1140 union sockaddr_union sa
= {};
1142 struct msghdr msghdr
= {
1145 .msg_control
= &control
,
1146 .msg_controllen
= sizeof(control
),
1148 .msg_namelen
= sizeof(sa
),
1152 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1154 if (revents
!= EPOLLIN
) {
1155 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1159 /* Try to get the right size, if we can. (Not all
1160 * sockets support SIOCINQ, hence we just try, but
1161 * don't rely on it. */
1162 (void) ioctl(fd
, SIOCINQ
, &v
);
1164 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1165 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1167 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1169 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1172 iovec
.iov_base
= s
->buffer
;
1173 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1175 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1177 if (errno
== EINTR
|| errno
== EAGAIN
)
1180 return log_error_errno(errno
, "recvmsg() failed: %m");
1183 CMSG_FOREACH(cmsg
, &msghdr
) {
1185 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1186 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1187 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1188 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1189 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1190 cmsg
->cmsg_type
== SCM_SECURITY
) {
1191 label
= (char*) CMSG_DATA(cmsg
);
1192 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1193 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1194 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1195 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1196 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1197 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1198 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1199 fds
= (int*) CMSG_DATA(cmsg
);
1200 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1204 /* And a trailing NUL, just in case */
1207 if (fd
== s
->syslog_fd
) {
1208 if (n
> 0 && n_fds
== 0)
1209 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1211 log_warning("Got file descriptors via syslog socket. Ignoring.");
1213 } else if (fd
== s
->native_fd
) {
1214 if (n
> 0 && n_fds
== 0)
1215 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1216 else if (n
== 0 && n_fds
== 1)
1217 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1219 log_warning("Got too many file descriptors via native socket. Ignoring.");
1222 assert(fd
== s
->audit_fd
);
1224 if (n
> 0 && n_fds
== 0)
1225 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1227 log_warning("Got file descriptors via audit socket. Ignoring.");
1230 close_many(fds
, n_fds
);
1234 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1235 Server
*s
= userdata
;
1239 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1241 server_flush_to_var(s
);
1243 server_vacuum(s
, false, false);
1245 (void) touch("/run/systemd/journal/flushed");
1250 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1251 Server
*s
= userdata
;
1255 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1257 server_vacuum(s
, true, true);
1262 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1263 Server
*s
= userdata
;
1267 log_received_signal(LOG_INFO
, si
);
1269 sd_event_exit(s
->event
, 0);
1273 static int setup_signals(Server
*s
) {
1278 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1280 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1284 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1288 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1292 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1299 static int server_parse_proc_cmdline(Server
*s
) {
1300 _cleanup_free_
char *line
= NULL
;
1304 r
= proc_cmdline(&line
);
1306 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1312 _cleanup_free_
char *word
;
1314 r
= extract_first_word(&p
, &word
, NULL
, 0);
1316 return log_error_errno(r
, "Failed to parse journald syntax \"%s\": %m", line
);
1321 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1322 r
= parse_boolean(word
+ 35);
1324 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1326 s
->forward_to_syslog
= r
;
1327 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1328 r
= parse_boolean(word
+ 33);
1330 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1332 s
->forward_to_kmsg
= r
;
1333 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1334 r
= parse_boolean(word
+ 36);
1336 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1338 s
->forward_to_console
= r
;
1339 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1340 r
= parse_boolean(word
+ 33);
1342 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1344 s
->forward_to_wall
= r
;
1345 } else if (startswith(word
, "systemd.journald"))
1346 log_warning("Invalid systemd.journald parameter. Ignoring.");
1349 /* do not warn about state here, since probably systemd already did */
1353 static int server_parse_config_file(Server
*s
) {
1356 return config_parse_many("/etc/systemd/journald.conf",
1357 CONF_DIRS_NULSTR("systemd/journald.conf"),
1359 config_item_perf_lookup
, journald_gperf_lookup
,
1363 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1364 Server
*s
= userdata
;
1372 int server_schedule_sync(Server
*s
, int priority
) {
1377 if (priority
<= LOG_CRIT
) {
1378 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1383 if (s
->sync_scheduled
)
1386 if (s
->sync_interval_usec
> 0) {
1389 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1393 when
+= s
->sync_interval_usec
;
1395 if (!s
->sync_event_source
) {
1396 r
= sd_event_add_time(
1398 &s
->sync_event_source
,
1401 server_dispatch_sync
, s
);
1405 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1407 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1411 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1416 s
->sync_scheduled
= true;
1422 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1423 Server
*s
= userdata
;
1427 server_cache_hostname(s
);
1431 static int server_open_hostname(Server
*s
) {
1436 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1437 if (s
->hostname_fd
< 0)
1438 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1440 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1442 /* kernels prior to 3.2 don't support polling this file. Ignore
1445 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1446 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1450 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1453 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1455 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1460 int server_init(Server
*s
) {
1461 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1468 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1472 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1473 s
->sync_scheduled
= false;
1475 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1476 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1478 s
->forward_to_wall
= true;
1480 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1482 s
->max_level_store
= LOG_DEBUG
;
1483 s
->max_level_syslog
= LOG_DEBUG
;
1484 s
->max_level_kmsg
= LOG_NOTICE
;
1485 s
->max_level_console
= LOG_INFO
;
1486 s
->max_level_wall
= LOG_EMERG
;
1488 journal_reset_metrics(&s
->system_metrics
);
1489 journal_reset_metrics(&s
->runtime_metrics
);
1491 server_parse_config_file(s
);
1492 server_parse_proc_cmdline(s
);
1494 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1495 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1496 s
->rate_limit_interval
, s
->rate_limit_burst
);
1497 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1500 (void) mkdir_p("/run/systemd/journal", 0755);
1502 s
->user_journals
= ordered_hashmap_new(NULL
);
1503 if (!s
->user_journals
)
1506 s
->mmap
= mmap_cache_new();
1510 r
= sd_event_default(&s
->event
);
1512 return log_error_errno(r
, "Failed to create event loop: %m");
1514 sd_event_set_watchdog(s
->event
, true);
1516 n
= sd_listen_fds(true);
1518 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1520 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1522 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1524 if (s
->native_fd
>= 0) {
1525 log_error("Too many native sockets passed.");
1531 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1533 if (s
->stdout_fd
>= 0) {
1534 log_error("Too many stdout sockets passed.");
1540 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1541 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1543 if (s
->syslog_fd
>= 0) {
1544 log_error("Too many /dev/log sockets passed.");
1550 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1552 if (s
->audit_fd
>= 0) {
1553 log_error("Too many audit sockets passed.");
1567 r
= fdset_put(fds
, fd
);
1573 /* Try to restore streams, but don't bother if this fails */
1574 (void) server_restore_streams(s
, fds
);
1576 if (fdset_size(fds
) > 0) {
1577 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1578 fds
= fdset_free(fds
);
1581 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1583 /* always open stdout, syslog, native, and kmsg sockets */
1585 /* systemd-journald.socket: /run/systemd/journal/stdout */
1586 r
= server_open_stdout_socket(s
);
1590 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1591 r
= server_open_syslog_socket(s
);
1595 /* systemd-journald.socket: /run/systemd/journal/socket */
1596 r
= server_open_native_socket(s
);
1601 r
= server_open_dev_kmsg(s
);
1605 /* Unless we got *some* sockets and not audit, open audit socket */
1606 if (s
->audit_fd
>= 0 || no_sockets
) {
1607 r
= server_open_audit(s
);
1612 r
= server_open_kernel_seqnum(s
);
1616 r
= server_open_hostname(s
);
1620 r
= setup_signals(s
);
1624 s
->udev
= udev_new();
1628 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1632 r
= cg_get_root_path(&s
->cgroup_root
);
1636 server_cache_hostname(s
);
1637 server_cache_boot_id(s
);
1638 server_cache_machine_id(s
);
1640 return system_journal_open(s
, false);
1643 void server_maybe_append_tags(Server
*s
) {
1649 n
= now(CLOCK_REALTIME
);
1651 if (s
->system_journal
)
1652 journal_file_maybe_append_tag(s
->system_journal
, n
);
1654 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1655 journal_file_maybe_append_tag(f
, n
);
1659 void server_done(Server
*s
) {
1663 while (s
->stdout_streams
)
1664 stdout_stream_free(s
->stdout_streams
);
1666 if (s
->system_journal
)
1667 journal_file_close(s
->system_journal
);
1669 if (s
->runtime_journal
)
1670 journal_file_close(s
->runtime_journal
);
1672 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1673 journal_file_close(f
);
1675 ordered_hashmap_free(s
->user_journals
);
1677 sd_event_source_unref(s
->syslog_event_source
);
1678 sd_event_source_unref(s
->native_event_source
);
1679 sd_event_source_unref(s
->stdout_event_source
);
1680 sd_event_source_unref(s
->dev_kmsg_event_source
);
1681 sd_event_source_unref(s
->audit_event_source
);
1682 sd_event_source_unref(s
->sync_event_source
);
1683 sd_event_source_unref(s
->sigusr1_event_source
);
1684 sd_event_source_unref(s
->sigusr2_event_source
);
1685 sd_event_source_unref(s
->sigterm_event_source
);
1686 sd_event_source_unref(s
->sigint_event_source
);
1687 sd_event_source_unref(s
->hostname_event_source
);
1688 sd_event_unref(s
->event
);
1690 safe_close(s
->syslog_fd
);
1691 safe_close(s
->native_fd
);
1692 safe_close(s
->stdout_fd
);
1693 safe_close(s
->dev_kmsg_fd
);
1694 safe_close(s
->audit_fd
);
1695 safe_close(s
->hostname_fd
);
1698 journal_rate_limit_free(s
->rate_limit
);
1700 if (s
->kernel_seqnum
)
1701 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1705 free(s
->cgroup_root
);
1706 free(s
->hostname_field
);
1709 mmap_cache_unref(s
->mmap
);
1711 udev_unref(s
->udev
);
1714 static const char* const storage_table
[_STORAGE_MAX
] = {
1715 [STORAGE_AUTO
] = "auto",
1716 [STORAGE_VOLATILE
] = "volatile",
1717 [STORAGE_PERSISTENT
] = "persistent",
1718 [STORAGE_NONE
] = "none"
1721 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1722 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1724 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1725 [SPLIT_LOGIN
] = "login",
1726 [SPLIT_UID
] = "uid",
1727 [SPLIT_NONE
] = "none",
1730 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1731 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");