1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <selinux/selinux.h>
25 #include <sys/ioctl.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "cgroup-util.h"
38 #include "conf-parser.h"
39 #include "extract-word.h"
41 #include "formats-util.h"
43 #include "hostname-util.h"
44 #include "journal-authenticate.h"
45 #include "journal-file.h"
46 #include "journal-internal.h"
47 #include "journal-vacuum.h"
48 #include "journald-audit.h"
49 #include "journald-kmsg.h"
50 #include "journald-native.h"
51 #include "journald-rate-limit.h"
52 #include "journald-server.h"
53 #include "journald-stream.h"
54 #include "journald-syslog.h"
57 #include "parse-util.h"
58 #include "process-util.h"
60 #include "selinux-util.h"
61 #include "signal-util.h"
62 #include "socket-util.h"
63 #include "string-util.h"
65 #define USER_JOURNALS_MAX 1024
67 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
68 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
69 #define DEFAULT_RATE_LIMIT_BURST 1000
70 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
72 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
74 static int determine_space_for(
76 JournalMetrics
*metrics
,
84 uint64_t sum
= 0, ss_avail
, avail
;
85 _cleanup_closedir_
DIR *d
= NULL
;
96 ts
= now(CLOCK_MONOTONIC
);
98 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
101 *available
= s
->cached_space_available
;
103 *limit
= s
->cached_space_limit
;
108 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
111 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
113 if (fstatvfs(dirfd(d
), &ss
) < 0)
114 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
116 FOREACH_DIRENT_ALL(de
, d
, break) {
119 if (!endswith(de
->d_name
, ".journal") &&
120 !endswith(de
->d_name
, ".journal~"))
123 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
124 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
128 if (!S_ISREG(st
.st_mode
))
131 sum
+= (uint64_t) st
.st_blocks
* 512UL;
134 /* If request, then let's bump the min_use limit to the
135 * current usage on disk. We do this when starting up and
136 * first opening the journal files. This way sudden spikes in
137 * disk usage will not cause journald to vacuum files without
138 * bounds. Note that this means that only a restart of
139 * journald will make it reset this value. */
142 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
144 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
145 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
147 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
148 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
149 s
->cached_space_timestamp
= ts
;
152 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
153 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
155 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
156 "%s (%s) is currently using %s.\n"
157 "Maximum allowed usage is set to %s.\n"
158 "Leaving at least %s free (of currently available %s of space).\n"
159 "Enforced usage limit is thus %s, of which %s are still available.",
161 format_bytes(fb1
, sizeof(fb1
), sum
),
162 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
163 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
164 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
165 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
166 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
170 *available
= s
->cached_space_available
;
172 *limit
= s
->cached_space_limit
;
177 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
178 JournalMetrics
*metrics
;
179 const char *path
, *name
;
183 if (s
->system_journal
) {
184 path
= "/var/log/journal/";
185 metrics
= &s
->system_metrics
;
186 name
= "System journal";
188 path
= "/run/log/journal/";
189 metrics
= &s
->runtime_metrics
;
190 name
= "Runtime journal";
193 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
196 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
199 _cleanup_(acl_freep
) acl_t acl
= NULL
;
201 acl_permset_t permset
;
206 r
= fchmod(f
->fd
, 0640);
208 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
211 if (uid
<= SYSTEM_UID_MAX
)
214 acl
= acl_get_fd(f
->fd
);
216 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
220 r
= acl_find_uid(acl
, uid
, &entry
);
223 if (acl_create_entry(&acl
, &entry
) < 0 ||
224 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
225 acl_set_qualifier(entry
, &uid
) < 0) {
226 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
231 /* We do not recalculate the mask unconditionally here,
232 * so that the fchmod() mask above stays intact. */
233 if (acl_get_permset(entry
, &permset
) < 0 ||
234 acl_add_perm(permset
, ACL_READ
) < 0 ||
235 calc_acl_mask_if_needed(&acl
) < 0) {
236 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
240 if (acl_set_fd(f
->fd
, acl
) < 0)
241 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
246 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
247 _cleanup_free_
char *p
= NULL
;
254 /* We split up user logs only on /var, not on /run. If the
255 * runtime file is open, we write to it exclusively, in order
256 * to guarantee proper order as soon as we flush /run to
257 * /var and close the runtime file. */
259 if (s
->runtime_journal
)
260 return s
->runtime_journal
;
262 if (uid
<= SYSTEM_UID_MAX
)
263 return s
->system_journal
;
265 r
= sd_id128_get_machine(&machine
);
267 return s
->system_journal
;
269 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
273 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
274 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
275 return s
->system_journal
;
277 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
278 /* Too many open? Then let's close one */
279 f
= ordered_hashmap_steal_first(s
->user_journals
);
281 journal_file_close(f
);
284 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
286 return s
->system_journal
;
288 server_fix_perms(s
, f
, uid
);
290 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
292 journal_file_close(f
);
293 return s
->system_journal
;
299 static int do_rotate(
312 r
= journal_file_rotate(f
, s
->compress
, seal
);
315 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
317 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
319 server_fix_perms(s
, *f
, uid
);
324 void server_rotate(Server
*s
) {
330 log_debug("Rotating...");
332 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
333 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
335 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
336 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
338 ordered_hashmap_replace(s
->user_journals
, k
, f
);
340 /* Old file has been closed and deallocated */
341 ordered_hashmap_remove(s
->user_journals
, k
);
345 void server_sync(Server
*s
) {
351 if (s
->system_journal
) {
352 r
= journal_file_set_offline(s
->system_journal
);
354 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
357 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
358 r
= journal_file_set_offline(f
);
360 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
363 if (s
->sync_event_source
) {
364 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
366 log_error_errno(r
, "Failed to disable sync timer source: %m");
369 s
->sync_scheduled
= false;
372 static void do_vacuum(
375 JournalMetrics
*metrics
,
379 bool patch_min_use
) {
393 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
395 limit
= metrics
->max_use
;
396 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
398 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
399 if (r
< 0 && r
!= -ENOENT
)
400 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
403 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
406 log_debug("Vacuuming...");
408 s
->oldest_file_usec
= 0;
410 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
411 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
413 s
->cached_space_limit
= 0;
414 s
->cached_space_available
= 0;
415 s
->cached_space_timestamp
= 0;
420 static void server_cache_machine_id(Server
*s
) {
426 r
= sd_id128_get_machine(&id
);
430 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
433 static void server_cache_boot_id(Server
*s
) {
439 r
= sd_id128_get_boot(&id
);
443 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
446 static void server_cache_hostname(Server
*s
) {
447 _cleanup_free_
char *t
= NULL
;
452 t
= gethostname_malloc();
456 x
= strappend("_HOSTNAME=", t
);
460 free(s
->hostname_field
);
461 s
->hostname_field
= x
;
464 static bool shall_try_append_again(JournalFile
*f
, int r
) {
466 /* -E2BIG Hit configured limit
468 -EDQUOT Quota limit hit
470 -EIO I/O error of some kind (mmap)
471 -EHOSTDOWN Other machine
472 -EBUSY Unclean shutdown
473 -EPROTONOSUPPORT Unsupported feature
476 -ESHUTDOWN Already archived
477 -EIDRM Journal file has been deleted */
479 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
480 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
481 else if (r
== -EHOSTDOWN
)
482 log_info("%s: Journal file from other machine, rotating.", f
->path
);
483 else if (r
== -EBUSY
)
484 log_info("%s: Unclean shutdown, rotating.", f
->path
);
485 else if (r
== -EPROTONOSUPPORT
)
486 log_info("%s: Unsupported feature, rotating.", f
->path
);
487 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
488 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
490 log_warning("%s: IO error, rotating.", f
->path
);
491 else if (r
== -EIDRM
)
492 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
499 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
501 bool vacuumed
= false;
508 f
= find_journal(s
, uid
);
512 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
513 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
515 server_vacuum(s
, false, false);
518 f
= find_journal(s
, uid
);
523 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
525 server_schedule_sync(s
, priority
);
529 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
530 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
535 server_vacuum(s
, false, false);
537 f
= find_journal(s
, uid
);
541 log_debug("Retrying write.");
542 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
544 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
546 server_schedule_sync(s
, priority
);
549 static void dispatch_message_real(
551 struct iovec
*iovec
, unsigned n
, unsigned m
,
552 const struct ucred
*ucred
,
553 const struct timeval
*tv
,
554 const char *label
, size_t label_len
,
559 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
560 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
561 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
562 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
563 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
564 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
565 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
566 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
572 uid_t realuid
= 0, owner
= 0, journal_uid
;
573 bool owner_valid
= false;
575 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
576 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
577 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
578 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
587 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
590 realuid
= ucred
->uid
;
592 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
593 IOVEC_SET_STRING(iovec
[n
++], pid
);
595 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
596 IOVEC_SET_STRING(iovec
[n
++], uid
);
598 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
599 IOVEC_SET_STRING(iovec
[n
++], gid
);
601 r
= get_process_comm(ucred
->pid
, &t
);
603 x
= strjoina("_COMM=", t
);
605 IOVEC_SET_STRING(iovec
[n
++], x
);
608 r
= get_process_exe(ucred
->pid
, &t
);
610 x
= strjoina("_EXE=", t
);
612 IOVEC_SET_STRING(iovec
[n
++], x
);
615 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
617 x
= strjoina("_CMDLINE=", t
);
619 IOVEC_SET_STRING(iovec
[n
++], x
);
622 r
= get_process_capeff(ucred
->pid
, &t
);
624 x
= strjoina("_CAP_EFFECTIVE=", t
);
626 IOVEC_SET_STRING(iovec
[n
++], x
);
630 r
= audit_session_from_pid(ucred
->pid
, &audit
);
632 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
633 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
636 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
638 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
639 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
643 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
645 char *session
= NULL
;
647 x
= strjoina("_SYSTEMD_CGROUP=", c
);
648 IOVEC_SET_STRING(iovec
[n
++], x
);
650 r
= cg_path_get_session(c
, &t
);
652 session
= strjoina("_SYSTEMD_SESSION=", t
);
654 IOVEC_SET_STRING(iovec
[n
++], session
);
657 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
660 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
661 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
664 if (cg_path_get_unit(c
, &t
) >= 0) {
665 x
= strjoina("_SYSTEMD_UNIT=", t
);
667 IOVEC_SET_STRING(iovec
[n
++], x
);
668 } else if (unit_id
&& !session
) {
669 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
670 IOVEC_SET_STRING(iovec
[n
++], x
);
673 if (cg_path_get_user_unit(c
, &t
) >= 0) {
674 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
676 IOVEC_SET_STRING(iovec
[n
++], x
);
677 } else if (unit_id
&& session
) {
678 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
679 IOVEC_SET_STRING(iovec
[n
++], x
);
682 if (cg_path_get_slice(c
, &t
) >= 0) {
683 x
= strjoina("_SYSTEMD_SLICE=", t
);
685 IOVEC_SET_STRING(iovec
[n
++], x
);
689 } else if (unit_id
) {
690 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
691 IOVEC_SET_STRING(iovec
[n
++], x
);
695 if (mac_selinux_use()) {
697 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
699 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
700 IOVEC_SET_STRING(iovec
[n
++], x
);
702 security_context_t con
;
704 if (getpidcon(ucred
->pid
, &con
) >= 0) {
705 x
= strjoina("_SELINUX_CONTEXT=", con
);
708 IOVEC_SET_STRING(iovec
[n
++], x
);
717 r
= get_process_uid(object_pid
, &object_uid
);
719 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
720 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
723 r
= get_process_gid(object_pid
, &object_gid
);
725 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
726 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
729 r
= get_process_comm(object_pid
, &t
);
731 x
= strjoina("OBJECT_COMM=", t
);
733 IOVEC_SET_STRING(iovec
[n
++], x
);
736 r
= get_process_exe(object_pid
, &t
);
738 x
= strjoina("OBJECT_EXE=", t
);
740 IOVEC_SET_STRING(iovec
[n
++], x
);
743 r
= get_process_cmdline(object_pid
, 0, false, &t
);
745 x
= strjoina("OBJECT_CMDLINE=", t
);
747 IOVEC_SET_STRING(iovec
[n
++], x
);
751 r
= audit_session_from_pid(object_pid
, &audit
);
753 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
754 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
757 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
759 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
760 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
764 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
766 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
767 IOVEC_SET_STRING(iovec
[n
++], x
);
769 r
= cg_path_get_session(c
, &t
);
771 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
773 IOVEC_SET_STRING(iovec
[n
++], x
);
776 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
777 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
778 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
781 if (cg_path_get_unit(c
, &t
) >= 0) {
782 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
784 IOVEC_SET_STRING(iovec
[n
++], x
);
787 if (cg_path_get_user_unit(c
, &t
) >= 0) {
788 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
790 IOVEC_SET_STRING(iovec
[n
++], x
);
799 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
800 IOVEC_SET_STRING(iovec
[n
++], source_time
);
803 /* Note that strictly speaking storing the boot id here is
804 * redundant since the entry includes this in-line
805 * anyway. However, we need this indexed, too. */
806 if (!isempty(s
->boot_id_field
))
807 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
809 if (!isempty(s
->machine_id_field
))
810 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
812 if (!isempty(s
->hostname_field
))
813 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
817 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
818 /* Split up strictly by any UID */
819 journal_uid
= realuid
;
820 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
821 /* Split up by login UIDs. We do this only if the
822 * realuid is not root, in order not to accidentally
823 * leak privileged information to the user that is
824 * logged by a privileged process that is part of an
825 * unprivileged session. */
830 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
833 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
834 char mid
[11 + 32 + 1];
835 char buffer
[16 + LINE_MAX
+ 1];
836 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
839 struct ucred ucred
= {};
844 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
845 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
847 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
848 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
850 memcpy(buffer
, "MESSAGE=", 8);
851 va_start(ap
, format
);
852 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
854 IOVEC_SET_STRING(iovec
[n
++], buffer
);
856 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
857 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
858 IOVEC_SET_STRING(iovec
[n
++], mid
);
861 ucred
.pid
= getpid();
862 ucred
.uid
= getuid();
863 ucred
.gid
= getgid();
865 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
868 void server_dispatch_message(
870 struct iovec
*iovec
, unsigned n
, unsigned m
,
871 const struct ucred
*ucred
,
872 const struct timeval
*tv
,
873 const char *label
, size_t label_len
,
879 _cleanup_free_
char *path
= NULL
;
880 uint64_t available
= 0;
884 assert(iovec
|| n
== 0);
889 if (LOG_PRI(priority
) > s
->max_level_store
)
892 /* Stop early in case the information will not be stored
894 if (s
->storage
== STORAGE_NONE
)
900 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
904 /* example: /user/lennart/3/foobar
905 * /system/dbus.service/foobar
907 * So let's cut of everything past the third /, since that is
908 * where user directories start */
910 c
= strchr(path
, '/');
912 c
= strchr(c
+1, '/');
914 c
= strchr(c
+1, '/');
920 (void) determine_space(s
, false, false, &available
, NULL
);
921 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
925 /* Write a suppression message if we suppressed something */
927 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
928 "Suppressed %u messages from %s", rl
- 1, path
);
931 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
935 static int system_journal_open(Server
*s
, bool flush_requested
) {
939 if (!s
->system_journal
&&
940 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
942 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
944 /* If in auto mode: first try to create the machine
945 * path, but not the prefix.
947 * If in persistent mode: create /var/log/journal and
948 * the machine path */
950 if (s
->storage
== STORAGE_PERSISTENT
)
951 (void) mkdir_p("/var/log/journal/", 0755);
953 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
954 (void) mkdir(fn
, 0755);
956 fn
= strjoina(fn
, "/system.journal");
957 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
959 server_fix_perms(s
, s
->system_journal
, 0);
960 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
962 if (r
!= -ENOENT
&& r
!= -EROFS
)
963 log_warning_errno(r
, "Failed to open system journal: %m");
969 if (!s
->runtime_journal
&&
970 (s
->storage
!= STORAGE_NONE
)) {
972 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
974 if (s
->system_journal
) {
976 /* Try to open the runtime journal, but only
977 * if it already exists, so that we can flush
978 * it into the system journal */
980 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
983 log_warning_errno(r
, "Failed to open runtime journal: %m");
990 /* OK, we really need the runtime journal, so create
991 * it if necessary. */
993 (void) mkdir("/run/log", 0755);
994 (void) mkdir("/run/log/journal", 0755);
995 (void) mkdir_parents(fn
, 0750);
997 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
999 return log_error_errno(r
, "Failed to open runtime journal: %m");
1002 if (s
->runtime_journal
) {
1003 server_fix_perms(s
, s
->runtime_journal
, 0);
1004 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1011 int server_flush_to_var(Server
*s
) {
1013 sd_journal
*j
= NULL
;
1014 char ts
[FORMAT_TIMESPAN_MAX
];
1021 if (s
->storage
!= STORAGE_AUTO
&&
1022 s
->storage
!= STORAGE_PERSISTENT
)
1025 if (!s
->runtime_journal
)
1028 (void) system_journal_open(s
, true);
1030 if (!s
->system_journal
)
1033 log_debug("Flushing to /var...");
1035 start
= now(CLOCK_MONOTONIC
);
1037 r
= sd_id128_get_machine(&machine
);
1041 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1043 return log_error_errno(r
, "Failed to read runtime journal: %m");
1045 sd_journal_set_data_threshold(j
, 0);
1047 SD_JOURNAL_FOREACH(j
) {
1051 f
= j
->current_file
;
1052 assert(f
&& f
->current_offset
> 0);
1056 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1058 log_error_errno(r
, "Can't read entry: %m");
1062 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1066 if (!shall_try_append_again(s
->system_journal
, r
)) {
1067 log_error_errno(r
, "Can't write entry: %m");
1072 server_vacuum(s
, false, false);
1074 if (!s
->system_journal
) {
1075 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1080 log_debug("Retrying write.");
1081 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1083 log_error_errno(r
, "Can't write entry: %m");
1091 journal_file_post_change(s
->system_journal
);
1093 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1096 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1098 sd_journal_close(j
);
1100 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1105 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1106 Server
*s
= userdata
;
1107 struct ucred
*ucred
= NULL
;
1108 struct timeval
*tv
= NULL
;
1109 struct cmsghdr
*cmsg
;
1111 size_t label_len
= 0, m
;
1114 int *fds
= NULL
, v
= 0;
1118 struct cmsghdr cmsghdr
;
1120 /* We use NAME_MAX space for the SELinux label
1121 * here. The kernel currently enforces no
1122 * limit, but according to suggestions from
1123 * the SELinux people this will change and it
1124 * will probably be identical to NAME_MAX. For
1125 * now we use that, but this should be updated
1126 * one day when the final limit is known. */
1127 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1128 CMSG_SPACE(sizeof(struct timeval
)) +
1129 CMSG_SPACE(sizeof(int)) + /* fd */
1130 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1133 union sockaddr_union sa
= {};
1135 struct msghdr msghdr
= {
1138 .msg_control
= &control
,
1139 .msg_controllen
= sizeof(control
),
1141 .msg_namelen
= sizeof(sa
),
1145 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1147 if (revents
!= EPOLLIN
) {
1148 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1152 /* Try to get the right size, if we can. (Not all
1153 * sockets support SIOCINQ, hence we just try, but
1154 * don't rely on it. */
1155 (void) ioctl(fd
, SIOCINQ
, &v
);
1157 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1158 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1160 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1162 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1165 iovec
.iov_base
= s
->buffer
;
1166 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1168 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1170 if (errno
== EINTR
|| errno
== EAGAIN
)
1173 return log_error_errno(errno
, "recvmsg() failed: %m");
1176 CMSG_FOREACH(cmsg
, &msghdr
) {
1178 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1179 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1180 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1181 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1182 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1183 cmsg
->cmsg_type
== SCM_SECURITY
) {
1184 label
= (char*) CMSG_DATA(cmsg
);
1185 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1186 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1187 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1188 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1189 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1190 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1191 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1192 fds
= (int*) CMSG_DATA(cmsg
);
1193 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1197 /* And a trailing NUL, just in case */
1200 if (fd
== s
->syslog_fd
) {
1201 if (n
> 0 && n_fds
== 0)
1202 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1204 log_warning("Got file descriptors via syslog socket. Ignoring.");
1206 } else if (fd
== s
->native_fd
) {
1207 if (n
> 0 && n_fds
== 0)
1208 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1209 else if (n
== 0 && n_fds
== 1)
1210 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1212 log_warning("Got too many file descriptors via native socket. Ignoring.");
1215 assert(fd
== s
->audit_fd
);
1217 if (n
> 0 && n_fds
== 0)
1218 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1220 log_warning("Got file descriptors via audit socket. Ignoring.");
1223 close_many(fds
, n_fds
);
1227 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1228 Server
*s
= userdata
;
1232 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1234 server_flush_to_var(s
);
1236 server_vacuum(s
, false, false);
1238 (void) touch("/run/systemd/journal/flushed");
1243 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1244 Server
*s
= userdata
;
1248 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1250 server_vacuum(s
, true, true);
1255 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1256 Server
*s
= userdata
;
1260 log_received_signal(LOG_INFO
, si
);
1262 sd_event_exit(s
->event
, 0);
1266 static int setup_signals(Server
*s
) {
1271 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1273 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1277 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1281 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1285 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1292 static int server_parse_proc_cmdline(Server
*s
) {
1293 _cleanup_free_
char *line
= NULL
;
1297 r
= proc_cmdline(&line
);
1299 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1305 _cleanup_free_
char *word
;
1307 r
= extract_first_word(&p
, &word
, NULL
, 0);
1309 return log_error_errno(r
, "Failed to parse journald syntax \"%s\": %m", line
);
1314 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1315 r
= parse_boolean(word
+ 35);
1317 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1319 s
->forward_to_syslog
= r
;
1320 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1321 r
= parse_boolean(word
+ 33);
1323 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1325 s
->forward_to_kmsg
= r
;
1326 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1327 r
= parse_boolean(word
+ 36);
1329 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1331 s
->forward_to_console
= r
;
1332 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1333 r
= parse_boolean(word
+ 33);
1335 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1337 s
->forward_to_wall
= r
;
1338 } else if (startswith(word
, "systemd.journald"))
1339 log_warning("Invalid systemd.journald parameter. Ignoring.");
1342 /* do not warn about state here, since probably systemd already did */
1346 static int server_parse_config_file(Server
*s
) {
1349 return config_parse_many("/etc/systemd/journald.conf",
1350 CONF_DIRS_NULSTR("systemd/journald.conf"),
1352 config_item_perf_lookup
, journald_gperf_lookup
,
1356 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1357 Server
*s
= userdata
;
1365 int server_schedule_sync(Server
*s
, int priority
) {
1370 if (priority
<= LOG_CRIT
) {
1371 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1376 if (s
->sync_scheduled
)
1379 if (s
->sync_interval_usec
> 0) {
1382 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1386 when
+= s
->sync_interval_usec
;
1388 if (!s
->sync_event_source
) {
1389 r
= sd_event_add_time(
1391 &s
->sync_event_source
,
1394 server_dispatch_sync
, s
);
1398 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1400 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1404 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1409 s
->sync_scheduled
= true;
1415 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1416 Server
*s
= userdata
;
1420 server_cache_hostname(s
);
1424 static int server_open_hostname(Server
*s
) {
1429 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1430 if (s
->hostname_fd
< 0)
1431 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1433 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1435 /* kernels prior to 3.2 don't support polling this file. Ignore
1438 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1439 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1443 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1446 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1448 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1453 int server_init(Server
*s
) {
1454 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1461 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1465 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1466 s
->sync_scheduled
= false;
1468 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1469 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1471 s
->forward_to_wall
= true;
1473 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1475 s
->max_level_store
= LOG_DEBUG
;
1476 s
->max_level_syslog
= LOG_DEBUG
;
1477 s
->max_level_kmsg
= LOG_NOTICE
;
1478 s
->max_level_console
= LOG_INFO
;
1479 s
->max_level_wall
= LOG_EMERG
;
1481 journal_reset_metrics(&s
->system_metrics
);
1482 journal_reset_metrics(&s
->runtime_metrics
);
1484 server_parse_config_file(s
);
1485 server_parse_proc_cmdline(s
);
1487 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1488 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1489 s
->rate_limit_interval
, s
->rate_limit_burst
);
1490 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1493 (void) mkdir_p("/run/systemd/journal", 0755);
1495 s
->user_journals
= ordered_hashmap_new(NULL
);
1496 if (!s
->user_journals
)
1499 s
->mmap
= mmap_cache_new();
1503 r
= sd_event_default(&s
->event
);
1505 return log_error_errno(r
, "Failed to create event loop: %m");
1507 sd_event_set_watchdog(s
->event
, true);
1509 n
= sd_listen_fds(true);
1511 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1513 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1515 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1517 if (s
->native_fd
>= 0) {
1518 log_error("Too many native sockets passed.");
1524 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1526 if (s
->stdout_fd
>= 0) {
1527 log_error("Too many stdout sockets passed.");
1533 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1534 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1536 if (s
->syslog_fd
>= 0) {
1537 log_error("Too many /dev/log sockets passed.");
1543 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1545 if (s
->audit_fd
>= 0) {
1546 log_error("Too many audit sockets passed.");
1560 r
= fdset_put(fds
, fd
);
1566 /* Try to restore streams, but don't bother if this fails */
1567 (void) server_restore_streams(s
, fds
);
1569 if (fdset_size(fds
) > 0) {
1570 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1571 fds
= fdset_free(fds
);
1574 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1576 /* always open stdout, syslog, native, and kmsg sockets */
1578 /* systemd-journald.socket: /run/systemd/journal/stdout */
1579 r
= server_open_stdout_socket(s
);
1583 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1584 r
= server_open_syslog_socket(s
);
1588 /* systemd-journald.socket: /run/systemd/journal/socket */
1589 r
= server_open_native_socket(s
);
1594 r
= server_open_dev_kmsg(s
);
1598 /* Unless we got *some* sockets and not audit, open audit socket */
1599 if (s
->audit_fd
>= 0 || no_sockets
) {
1600 r
= server_open_audit(s
);
1605 r
= server_open_kernel_seqnum(s
);
1609 r
= server_open_hostname(s
);
1613 r
= setup_signals(s
);
1617 s
->udev
= udev_new();
1621 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1625 r
= cg_get_root_path(&s
->cgroup_root
);
1629 server_cache_hostname(s
);
1630 server_cache_boot_id(s
);
1631 server_cache_machine_id(s
);
1633 return system_journal_open(s
, false);
1636 void server_maybe_append_tags(Server
*s
) {
1642 n
= now(CLOCK_REALTIME
);
1644 if (s
->system_journal
)
1645 journal_file_maybe_append_tag(s
->system_journal
, n
);
1647 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1648 journal_file_maybe_append_tag(f
, n
);
1652 void server_done(Server
*s
) {
1656 while (s
->stdout_streams
)
1657 stdout_stream_free(s
->stdout_streams
);
1659 if (s
->system_journal
)
1660 journal_file_close(s
->system_journal
);
1662 if (s
->runtime_journal
)
1663 journal_file_close(s
->runtime_journal
);
1665 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1666 journal_file_close(f
);
1668 ordered_hashmap_free(s
->user_journals
);
1670 sd_event_source_unref(s
->syslog_event_source
);
1671 sd_event_source_unref(s
->native_event_source
);
1672 sd_event_source_unref(s
->stdout_event_source
);
1673 sd_event_source_unref(s
->dev_kmsg_event_source
);
1674 sd_event_source_unref(s
->audit_event_source
);
1675 sd_event_source_unref(s
->sync_event_source
);
1676 sd_event_source_unref(s
->sigusr1_event_source
);
1677 sd_event_source_unref(s
->sigusr2_event_source
);
1678 sd_event_source_unref(s
->sigterm_event_source
);
1679 sd_event_source_unref(s
->sigint_event_source
);
1680 sd_event_source_unref(s
->hostname_event_source
);
1681 sd_event_unref(s
->event
);
1683 safe_close(s
->syslog_fd
);
1684 safe_close(s
->native_fd
);
1685 safe_close(s
->stdout_fd
);
1686 safe_close(s
->dev_kmsg_fd
);
1687 safe_close(s
->audit_fd
);
1688 safe_close(s
->hostname_fd
);
1691 journal_rate_limit_free(s
->rate_limit
);
1693 if (s
->kernel_seqnum
)
1694 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1698 free(s
->cgroup_root
);
1699 free(s
->hostname_field
);
1702 mmap_cache_unref(s
->mmap
);
1704 udev_unref(s
->udev
);
1707 static const char* const storage_table
[_STORAGE_MAX
] = {
1708 [STORAGE_AUTO
] = "auto",
1709 [STORAGE_VOLATILE
] = "volatile",
1710 [STORAGE_PERSISTENT
] = "persistent",
1711 [STORAGE_NONE
] = "none"
1714 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1715 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1717 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1718 [SPLIT_LOGIN
] = "login",
1719 [SPLIT_UID
] = "uid",
1720 [SPLIT_NONE
] = "none",
1723 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1724 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");