1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <selinux/selinux.h>
25 #include <sys/ioctl.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "cgroup-util.h"
38 #include "conf-parser.h"
39 #include "formats-util.h"
41 #include "hostname-util.h"
42 #include "journal-authenticate.h"
43 #include "journal-file.h"
44 #include "journal-internal.h"
45 #include "journal-vacuum.h"
46 #include "journald-audit.h"
47 #include "journald-kmsg.h"
48 #include "journald-native.h"
49 #include "journald-rate-limit.h"
50 #include "journald-stream.h"
51 #include "journald-syslog.h"
54 #include "process-util.h"
56 #include "selinux-util.h"
57 #include "signal-util.h"
58 #include "socket-util.h"
59 #include "string-util.h"
60 #include "journald-server.h"
62 #define USER_JOURNALS_MAX 1024
64 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
65 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
66 #define DEFAULT_RATE_LIMIT_BURST 1000
67 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
69 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
71 static int determine_space_for(
73 JournalMetrics
*metrics
,
81 uint64_t sum
= 0, ss_avail
, avail
;
82 _cleanup_closedir_
DIR *d
= NULL
;
93 ts
= now(CLOCK_MONOTONIC
);
95 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
98 *available
= s
->cached_space_available
;
100 *limit
= s
->cached_space_limit
;
105 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
108 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
110 if (fstatvfs(dirfd(d
), &ss
) < 0)
111 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
113 FOREACH_DIRENT_ALL(de
, d
, break) {
116 if (!endswith(de
->d_name
, ".journal") &&
117 !endswith(de
->d_name
, ".journal~"))
120 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
121 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
125 if (!S_ISREG(st
.st_mode
))
128 sum
+= (uint64_t) st
.st_blocks
* 512UL;
131 /* If request, then let's bump the min_use limit to the
132 * current usage on disk. We do this when starting up and
133 * first opening the journal files. This way sudden spikes in
134 * disk usage will not cause journald to vacuum files without
135 * bounds. Note that this means that only a restart of
136 * journald will make it reset this value. */
139 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
141 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
142 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
144 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
145 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
146 s
->cached_space_timestamp
= ts
;
149 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
150 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
152 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
153 "%s (%s) is currently using %s.\n"
154 "Maximum allowed usage is set to %s.\n"
155 "Leaving at least %s free (of currently available %s of space).\n"
156 "Enforced usage limit is thus %s, of which %s are still available.",
158 format_bytes(fb1
, sizeof(fb1
), sum
),
159 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
160 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
161 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
162 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
163 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
167 *available
= s
->cached_space_available
;
169 *limit
= s
->cached_space_limit
;
174 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
175 JournalMetrics
*metrics
;
176 const char *path
, *name
;
180 if (s
->system_journal
) {
181 path
= "/var/log/journal/";
182 metrics
= &s
->system_metrics
;
183 name
= "System journal";
185 path
= "/run/log/journal/";
186 metrics
= &s
->runtime_metrics
;
187 name
= "Runtime journal";
190 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
193 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
196 _cleanup_(acl_freep
) acl_t acl
= NULL
;
198 acl_permset_t permset
;
203 r
= fchmod(f
->fd
, 0640);
205 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
208 if (uid
<= SYSTEM_UID_MAX
)
211 acl
= acl_get_fd(f
->fd
);
213 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
217 r
= acl_find_uid(acl
, uid
, &entry
);
220 if (acl_create_entry(&acl
, &entry
) < 0 ||
221 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
222 acl_set_qualifier(entry
, &uid
) < 0) {
223 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
228 /* We do not recalculate the mask unconditionally here,
229 * so that the fchmod() mask above stays intact. */
230 if (acl_get_permset(entry
, &permset
) < 0 ||
231 acl_add_perm(permset
, ACL_READ
) < 0 ||
232 calc_acl_mask_if_needed(&acl
) < 0) {
233 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
237 if (acl_set_fd(f
->fd
, acl
) < 0)
238 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
243 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
244 _cleanup_free_
char *p
= NULL
;
251 /* We split up user logs only on /var, not on /run. If the
252 * runtime file is open, we write to it exclusively, in order
253 * to guarantee proper order as soon as we flush /run to
254 * /var and close the runtime file. */
256 if (s
->runtime_journal
)
257 return s
->runtime_journal
;
259 if (uid
<= SYSTEM_UID_MAX
)
260 return s
->system_journal
;
262 r
= sd_id128_get_machine(&machine
);
264 return s
->system_journal
;
266 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
270 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
271 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
272 return s
->system_journal
;
274 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
275 /* Too many open? Then let's close one */
276 f
= ordered_hashmap_steal_first(s
->user_journals
);
278 journal_file_close(f
);
281 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
283 return s
->system_journal
;
285 server_fix_perms(s
, f
, uid
);
287 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
289 journal_file_close(f
);
290 return s
->system_journal
;
296 static int do_rotate(
309 r
= journal_file_rotate(f
, s
->compress
, seal
);
312 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
314 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
316 server_fix_perms(s
, *f
, uid
);
321 void server_rotate(Server
*s
) {
327 log_debug("Rotating...");
329 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
330 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
332 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
333 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
335 ordered_hashmap_replace(s
->user_journals
, k
, f
);
337 /* Old file has been closed and deallocated */
338 ordered_hashmap_remove(s
->user_journals
, k
);
342 void server_sync(Server
*s
) {
348 if (s
->system_journal
) {
349 r
= journal_file_set_offline(s
->system_journal
);
351 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
354 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
355 r
= journal_file_set_offline(f
);
357 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
360 if (s
->sync_event_source
) {
361 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
363 log_error_errno(r
, "Failed to disable sync timer source: %m");
366 s
->sync_scheduled
= false;
369 static void do_vacuum(
372 JournalMetrics
*metrics
,
376 bool patch_min_use
) {
390 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
392 limit
= metrics
->max_use
;
393 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
395 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
396 if (r
< 0 && r
!= -ENOENT
)
397 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
400 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
403 log_debug("Vacuuming...");
405 s
->oldest_file_usec
= 0;
407 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
408 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
410 s
->cached_space_limit
= 0;
411 s
->cached_space_available
= 0;
412 s
->cached_space_timestamp
= 0;
417 static void server_cache_machine_id(Server
*s
) {
423 r
= sd_id128_get_machine(&id
);
427 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
430 static void server_cache_boot_id(Server
*s
) {
436 r
= sd_id128_get_boot(&id
);
440 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
443 static void server_cache_hostname(Server
*s
) {
444 _cleanup_free_
char *t
= NULL
;
449 t
= gethostname_malloc();
453 x
= strappend("_HOSTNAME=", t
);
457 free(s
->hostname_field
);
458 s
->hostname_field
= x
;
461 static bool shall_try_append_again(JournalFile
*f
, int r
) {
463 /* -E2BIG Hit configured limit
465 -EDQUOT Quota limit hit
467 -EIO I/O error of some kind (mmap)
468 -EHOSTDOWN Other machine
469 -EBUSY Unclean shutdown
470 -EPROTONOSUPPORT Unsupported feature
473 -ESHUTDOWN Already archived
474 -EIDRM Journal file has been deleted */
476 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
477 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
478 else if (r
== -EHOSTDOWN
)
479 log_info("%s: Journal file from other machine, rotating.", f
->path
);
480 else if (r
== -EBUSY
)
481 log_info("%s: Unclean shutdown, rotating.", f
->path
);
482 else if (r
== -EPROTONOSUPPORT
)
483 log_info("%s: Unsupported feature, rotating.", f
->path
);
484 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
485 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
487 log_warning("%s: IO error, rotating.", f
->path
);
488 else if (r
== -EIDRM
)
489 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
496 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
498 bool vacuumed
= false;
505 f
= find_journal(s
, uid
);
509 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
510 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
512 server_vacuum(s
, false, false);
515 f
= find_journal(s
, uid
);
520 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
522 server_schedule_sync(s
, priority
);
526 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
527 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
532 server_vacuum(s
, false, false);
534 f
= find_journal(s
, uid
);
538 log_debug("Retrying write.");
539 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
541 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
543 server_schedule_sync(s
, priority
);
546 static void dispatch_message_real(
548 struct iovec
*iovec
, unsigned n
, unsigned m
,
549 const struct ucred
*ucred
,
550 const struct timeval
*tv
,
551 const char *label
, size_t label_len
,
556 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
557 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
558 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
559 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
560 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
561 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
562 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
563 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
569 uid_t realuid
= 0, owner
= 0, journal_uid
;
570 bool owner_valid
= false;
572 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
573 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
574 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
575 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
584 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
587 realuid
= ucred
->uid
;
589 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
590 IOVEC_SET_STRING(iovec
[n
++], pid
);
592 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
593 IOVEC_SET_STRING(iovec
[n
++], uid
);
595 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
596 IOVEC_SET_STRING(iovec
[n
++], gid
);
598 r
= get_process_comm(ucred
->pid
, &t
);
600 x
= strjoina("_COMM=", t
);
602 IOVEC_SET_STRING(iovec
[n
++], x
);
605 r
= get_process_exe(ucred
->pid
, &t
);
607 x
= strjoina("_EXE=", t
);
609 IOVEC_SET_STRING(iovec
[n
++], x
);
612 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
614 x
= strjoina("_CMDLINE=", t
);
616 IOVEC_SET_STRING(iovec
[n
++], x
);
619 r
= get_process_capeff(ucred
->pid
, &t
);
621 x
= strjoina("_CAP_EFFECTIVE=", t
);
623 IOVEC_SET_STRING(iovec
[n
++], x
);
627 r
= audit_session_from_pid(ucred
->pid
, &audit
);
629 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
630 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
633 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
635 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
636 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
640 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
642 char *session
= NULL
;
644 x
= strjoina("_SYSTEMD_CGROUP=", c
);
645 IOVEC_SET_STRING(iovec
[n
++], x
);
647 r
= cg_path_get_session(c
, &t
);
649 session
= strjoina("_SYSTEMD_SESSION=", t
);
651 IOVEC_SET_STRING(iovec
[n
++], session
);
654 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
657 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
658 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
661 if (cg_path_get_unit(c
, &t
) >= 0) {
662 x
= strjoina("_SYSTEMD_UNIT=", t
);
664 IOVEC_SET_STRING(iovec
[n
++], x
);
665 } else if (unit_id
&& !session
) {
666 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
667 IOVEC_SET_STRING(iovec
[n
++], x
);
670 if (cg_path_get_user_unit(c
, &t
) >= 0) {
671 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
673 IOVEC_SET_STRING(iovec
[n
++], x
);
674 } else if (unit_id
&& session
) {
675 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
676 IOVEC_SET_STRING(iovec
[n
++], x
);
679 if (cg_path_get_slice(c
, &t
) >= 0) {
680 x
= strjoina("_SYSTEMD_SLICE=", t
);
682 IOVEC_SET_STRING(iovec
[n
++], x
);
686 } else if (unit_id
) {
687 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
688 IOVEC_SET_STRING(iovec
[n
++], x
);
692 if (mac_selinux_use()) {
694 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
696 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
697 IOVEC_SET_STRING(iovec
[n
++], x
);
699 security_context_t con
;
701 if (getpidcon(ucred
->pid
, &con
) >= 0) {
702 x
= strjoina("_SELINUX_CONTEXT=", con
);
705 IOVEC_SET_STRING(iovec
[n
++], x
);
714 r
= get_process_uid(object_pid
, &object_uid
);
716 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
717 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
720 r
= get_process_gid(object_pid
, &object_gid
);
722 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
723 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
726 r
= get_process_comm(object_pid
, &t
);
728 x
= strjoina("OBJECT_COMM=", t
);
730 IOVEC_SET_STRING(iovec
[n
++], x
);
733 r
= get_process_exe(object_pid
, &t
);
735 x
= strjoina("OBJECT_EXE=", t
);
737 IOVEC_SET_STRING(iovec
[n
++], x
);
740 r
= get_process_cmdline(object_pid
, 0, false, &t
);
742 x
= strjoina("OBJECT_CMDLINE=", t
);
744 IOVEC_SET_STRING(iovec
[n
++], x
);
748 r
= audit_session_from_pid(object_pid
, &audit
);
750 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
751 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
754 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
756 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
757 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
761 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
763 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
764 IOVEC_SET_STRING(iovec
[n
++], x
);
766 r
= cg_path_get_session(c
, &t
);
768 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
770 IOVEC_SET_STRING(iovec
[n
++], x
);
773 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
774 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
775 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
778 if (cg_path_get_unit(c
, &t
) >= 0) {
779 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
781 IOVEC_SET_STRING(iovec
[n
++], x
);
784 if (cg_path_get_user_unit(c
, &t
) >= 0) {
785 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
787 IOVEC_SET_STRING(iovec
[n
++], x
);
796 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
797 IOVEC_SET_STRING(iovec
[n
++], source_time
);
800 /* Note that strictly speaking storing the boot id here is
801 * redundant since the entry includes this in-line
802 * anyway. However, we need this indexed, too. */
803 if (!isempty(s
->boot_id_field
))
804 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
806 if (!isempty(s
->machine_id_field
))
807 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
809 if (!isempty(s
->hostname_field
))
810 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
814 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
815 /* Split up strictly by any UID */
816 journal_uid
= realuid
;
817 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
818 /* Split up by login UIDs. We do this only if the
819 * realuid is not root, in order not to accidentally
820 * leak privileged information to the user that is
821 * logged by a privileged process that is part of an
822 * unprivileged session. */
827 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
830 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
831 char mid
[11 + 32 + 1];
832 char buffer
[16 + LINE_MAX
+ 1];
833 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
836 struct ucred ucred
= {};
841 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
842 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
844 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
845 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
847 memcpy(buffer
, "MESSAGE=", 8);
848 va_start(ap
, format
);
849 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
851 IOVEC_SET_STRING(iovec
[n
++], buffer
);
853 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
854 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
855 IOVEC_SET_STRING(iovec
[n
++], mid
);
858 ucred
.pid
= getpid();
859 ucred
.uid
= getuid();
860 ucred
.gid
= getgid();
862 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
865 void server_dispatch_message(
867 struct iovec
*iovec
, unsigned n
, unsigned m
,
868 const struct ucred
*ucred
,
869 const struct timeval
*tv
,
870 const char *label
, size_t label_len
,
876 _cleanup_free_
char *path
= NULL
;
877 uint64_t available
= 0;
881 assert(iovec
|| n
== 0);
886 if (LOG_PRI(priority
) > s
->max_level_store
)
889 /* Stop early in case the information will not be stored
891 if (s
->storage
== STORAGE_NONE
)
897 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
901 /* example: /user/lennart/3/foobar
902 * /system/dbus.service/foobar
904 * So let's cut of everything past the third /, since that is
905 * where user directories start */
907 c
= strchr(path
, '/');
909 c
= strchr(c
+1, '/');
911 c
= strchr(c
+1, '/');
917 (void) determine_space(s
, false, false, &available
, NULL
);
918 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
922 /* Write a suppression message if we suppressed something */
924 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
925 "Suppressed %u messages from %s", rl
- 1, path
);
928 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
932 static int system_journal_open(Server
*s
, bool flush_requested
) {
936 if (!s
->system_journal
&&
937 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
939 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
941 /* If in auto mode: first try to create the machine
942 * path, but not the prefix.
944 * If in persistent mode: create /var/log/journal and
945 * the machine path */
947 if (s
->storage
== STORAGE_PERSISTENT
)
948 (void) mkdir_p("/var/log/journal/", 0755);
950 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
951 (void) mkdir(fn
, 0755);
953 fn
= strjoina(fn
, "/system.journal");
954 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
956 server_fix_perms(s
, s
->system_journal
, 0);
957 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
959 if (r
!= -ENOENT
&& r
!= -EROFS
)
960 log_warning_errno(r
, "Failed to open system journal: %m");
966 if (!s
->runtime_journal
&&
967 (s
->storage
!= STORAGE_NONE
)) {
969 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
971 if (s
->system_journal
) {
973 /* Try to open the runtime journal, but only
974 * if it already exists, so that we can flush
975 * it into the system journal */
977 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
980 log_warning_errno(r
, "Failed to open runtime journal: %m");
987 /* OK, we really need the runtime journal, so create
988 * it if necessary. */
990 (void) mkdir("/run/log", 0755);
991 (void) mkdir("/run/log/journal", 0755);
992 (void) mkdir_parents(fn
, 0750);
994 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
996 return log_error_errno(r
, "Failed to open runtime journal: %m");
999 if (s
->runtime_journal
) {
1000 server_fix_perms(s
, s
->runtime_journal
, 0);
1001 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1008 int server_flush_to_var(Server
*s
) {
1010 sd_journal
*j
= NULL
;
1011 char ts
[FORMAT_TIMESPAN_MAX
];
1018 if (s
->storage
!= STORAGE_AUTO
&&
1019 s
->storage
!= STORAGE_PERSISTENT
)
1022 if (!s
->runtime_journal
)
1025 (void) system_journal_open(s
, true);
1027 if (!s
->system_journal
)
1030 log_debug("Flushing to /var...");
1032 start
= now(CLOCK_MONOTONIC
);
1034 r
= sd_id128_get_machine(&machine
);
1038 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1040 return log_error_errno(r
, "Failed to read runtime journal: %m");
1042 sd_journal_set_data_threshold(j
, 0);
1044 SD_JOURNAL_FOREACH(j
) {
1048 f
= j
->current_file
;
1049 assert(f
&& f
->current_offset
> 0);
1053 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1055 log_error_errno(r
, "Can't read entry: %m");
1059 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1063 if (!shall_try_append_again(s
->system_journal
, r
)) {
1064 log_error_errno(r
, "Can't write entry: %m");
1069 server_vacuum(s
, false, false);
1071 if (!s
->system_journal
) {
1072 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1077 log_debug("Retrying write.");
1078 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1080 log_error_errno(r
, "Can't write entry: %m");
1088 journal_file_post_change(s
->system_journal
);
1090 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1093 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1095 sd_journal_close(j
);
1097 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1102 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1103 Server
*s
= userdata
;
1104 struct ucred
*ucred
= NULL
;
1105 struct timeval
*tv
= NULL
;
1106 struct cmsghdr
*cmsg
;
1108 size_t label_len
= 0, m
;
1111 int *fds
= NULL
, v
= 0;
1115 struct cmsghdr cmsghdr
;
1117 /* We use NAME_MAX space for the SELinux label
1118 * here. The kernel currently enforces no
1119 * limit, but according to suggestions from
1120 * the SELinux people this will change and it
1121 * will probably be identical to NAME_MAX. For
1122 * now we use that, but this should be updated
1123 * one day when the final limit is known. */
1124 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1125 CMSG_SPACE(sizeof(struct timeval
)) +
1126 CMSG_SPACE(sizeof(int)) + /* fd */
1127 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1130 union sockaddr_union sa
= {};
1132 struct msghdr msghdr
= {
1135 .msg_control
= &control
,
1136 .msg_controllen
= sizeof(control
),
1138 .msg_namelen
= sizeof(sa
),
1142 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1144 if (revents
!= EPOLLIN
) {
1145 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1149 /* Try to get the right size, if we can. (Not all
1150 * sockets support SIOCINQ, hence we just try, but
1151 * don't rely on it. */
1152 (void) ioctl(fd
, SIOCINQ
, &v
);
1154 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1155 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1157 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1159 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1162 iovec
.iov_base
= s
->buffer
;
1163 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1165 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1167 if (errno
== EINTR
|| errno
== EAGAIN
)
1170 return log_error_errno(errno
, "recvmsg() failed: %m");
1173 CMSG_FOREACH(cmsg
, &msghdr
) {
1175 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1176 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1177 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1178 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1179 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1180 cmsg
->cmsg_type
== SCM_SECURITY
) {
1181 label
= (char*) CMSG_DATA(cmsg
);
1182 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1183 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1184 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1185 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1186 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1187 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1188 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1189 fds
= (int*) CMSG_DATA(cmsg
);
1190 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1194 /* And a trailing NUL, just in case */
1197 if (fd
== s
->syslog_fd
) {
1198 if (n
> 0 && n_fds
== 0)
1199 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1201 log_warning("Got file descriptors via syslog socket. Ignoring.");
1203 } else if (fd
== s
->native_fd
) {
1204 if (n
> 0 && n_fds
== 0)
1205 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1206 else if (n
== 0 && n_fds
== 1)
1207 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1209 log_warning("Got too many file descriptors via native socket. Ignoring.");
1212 assert(fd
== s
->audit_fd
);
1214 if (n
> 0 && n_fds
== 0)
1215 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1217 log_warning("Got file descriptors via audit socket. Ignoring.");
1220 close_many(fds
, n_fds
);
1224 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1225 Server
*s
= userdata
;
1229 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1231 server_flush_to_var(s
);
1233 server_vacuum(s
, false, false);
1235 (void) touch("/run/systemd/journal/flushed");
1240 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1241 Server
*s
= userdata
;
1245 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1247 server_vacuum(s
, true, true);
1252 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1253 Server
*s
= userdata
;
1257 log_received_signal(LOG_INFO
, si
);
1259 sd_event_exit(s
->event
, 0);
1263 static int setup_signals(Server
*s
) {
1268 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1270 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1274 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1278 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1282 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1289 static int server_parse_proc_cmdline(Server
*s
) {
1290 _cleanup_free_
char *line
= NULL
;
1291 const char *w
, *state
;
1295 r
= proc_cmdline(&line
);
1297 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1301 FOREACH_WORD_QUOTED(w
, l
, line
, state
) {
1302 _cleanup_free_
char *word
;
1304 word
= strndup(w
, l
);
1308 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1309 r
= parse_boolean(word
+ 35);
1311 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1313 s
->forward_to_syslog
= r
;
1314 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1315 r
= parse_boolean(word
+ 33);
1317 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1319 s
->forward_to_kmsg
= r
;
1320 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1321 r
= parse_boolean(word
+ 36);
1323 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1325 s
->forward_to_console
= r
;
1326 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1327 r
= parse_boolean(word
+ 33);
1329 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1331 s
->forward_to_wall
= r
;
1332 } else if (startswith(word
, "systemd.journald"))
1333 log_warning("Invalid systemd.journald parameter. Ignoring.");
1336 /* do not warn about state here, since probably systemd already did */
1340 static int server_parse_config_file(Server
*s
) {
1343 return config_parse_many("/etc/systemd/journald.conf",
1344 CONF_DIRS_NULSTR("systemd/journald.conf"),
1346 config_item_perf_lookup
, journald_gperf_lookup
,
1350 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1351 Server
*s
= userdata
;
1359 int server_schedule_sync(Server
*s
, int priority
) {
1364 if (priority
<= LOG_CRIT
) {
1365 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1370 if (s
->sync_scheduled
)
1373 if (s
->sync_interval_usec
> 0) {
1376 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1380 when
+= s
->sync_interval_usec
;
1382 if (!s
->sync_event_source
) {
1383 r
= sd_event_add_time(
1385 &s
->sync_event_source
,
1388 server_dispatch_sync
, s
);
1392 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1394 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1398 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1403 s
->sync_scheduled
= true;
1409 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1410 Server
*s
= userdata
;
1414 server_cache_hostname(s
);
1418 static int server_open_hostname(Server
*s
) {
1423 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1424 if (s
->hostname_fd
< 0)
1425 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1427 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1429 /* kernels prior to 3.2 don't support polling this file. Ignore
1432 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1433 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1437 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1440 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1442 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1447 int server_init(Server
*s
) {
1448 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1455 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1459 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1460 s
->sync_scheduled
= false;
1462 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1463 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1465 s
->forward_to_wall
= true;
1467 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1469 s
->max_level_store
= LOG_DEBUG
;
1470 s
->max_level_syslog
= LOG_DEBUG
;
1471 s
->max_level_kmsg
= LOG_NOTICE
;
1472 s
->max_level_console
= LOG_INFO
;
1473 s
->max_level_wall
= LOG_EMERG
;
1475 journal_reset_metrics(&s
->system_metrics
);
1476 journal_reset_metrics(&s
->runtime_metrics
);
1478 server_parse_config_file(s
);
1479 server_parse_proc_cmdline(s
);
1481 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1482 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1483 s
->rate_limit_interval
, s
->rate_limit_burst
);
1484 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1487 (void) mkdir_p("/run/systemd/journal", 0755);
1489 s
->user_journals
= ordered_hashmap_new(NULL
);
1490 if (!s
->user_journals
)
1493 s
->mmap
= mmap_cache_new();
1497 r
= sd_event_default(&s
->event
);
1499 return log_error_errno(r
, "Failed to create event loop: %m");
1501 sd_event_set_watchdog(s
->event
, true);
1503 n
= sd_listen_fds(true);
1505 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1507 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1509 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1511 if (s
->native_fd
>= 0) {
1512 log_error("Too many native sockets passed.");
1518 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1520 if (s
->stdout_fd
>= 0) {
1521 log_error("Too many stdout sockets passed.");
1527 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1528 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1530 if (s
->syslog_fd
>= 0) {
1531 log_error("Too many /dev/log sockets passed.");
1537 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1539 if (s
->audit_fd
>= 0) {
1540 log_error("Too many audit sockets passed.");
1554 r
= fdset_put(fds
, fd
);
1560 /* Try to restore streams, but don't bother if this fails */
1561 (void) server_restore_streams(s
, fds
);
1563 if (fdset_size(fds
) > 0) {
1564 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1565 fds
= fdset_free(fds
);
1568 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1570 /* always open stdout, syslog, native, and kmsg sockets */
1572 /* systemd-journald.socket: /run/systemd/journal/stdout */
1573 r
= server_open_stdout_socket(s
);
1577 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1578 r
= server_open_syslog_socket(s
);
1582 /* systemd-journald.socket: /run/systemd/journal/socket */
1583 r
= server_open_native_socket(s
);
1588 r
= server_open_dev_kmsg(s
);
1592 /* Unless we got *some* sockets and not audit, open audit socket */
1593 if (s
->audit_fd
>= 0 || no_sockets
) {
1594 r
= server_open_audit(s
);
1599 r
= server_open_kernel_seqnum(s
);
1603 r
= server_open_hostname(s
);
1607 r
= setup_signals(s
);
1611 s
->udev
= udev_new();
1615 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1619 r
= cg_get_root_path(&s
->cgroup_root
);
1623 server_cache_hostname(s
);
1624 server_cache_boot_id(s
);
1625 server_cache_machine_id(s
);
1627 return system_journal_open(s
, false);
1630 void server_maybe_append_tags(Server
*s
) {
1636 n
= now(CLOCK_REALTIME
);
1638 if (s
->system_journal
)
1639 journal_file_maybe_append_tag(s
->system_journal
, n
);
1641 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1642 journal_file_maybe_append_tag(f
, n
);
1646 void server_done(Server
*s
) {
1650 while (s
->stdout_streams
)
1651 stdout_stream_free(s
->stdout_streams
);
1653 if (s
->system_journal
)
1654 journal_file_close(s
->system_journal
);
1656 if (s
->runtime_journal
)
1657 journal_file_close(s
->runtime_journal
);
1659 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1660 journal_file_close(f
);
1662 ordered_hashmap_free(s
->user_journals
);
1664 sd_event_source_unref(s
->syslog_event_source
);
1665 sd_event_source_unref(s
->native_event_source
);
1666 sd_event_source_unref(s
->stdout_event_source
);
1667 sd_event_source_unref(s
->dev_kmsg_event_source
);
1668 sd_event_source_unref(s
->audit_event_source
);
1669 sd_event_source_unref(s
->sync_event_source
);
1670 sd_event_source_unref(s
->sigusr1_event_source
);
1671 sd_event_source_unref(s
->sigusr2_event_source
);
1672 sd_event_source_unref(s
->sigterm_event_source
);
1673 sd_event_source_unref(s
->sigint_event_source
);
1674 sd_event_source_unref(s
->hostname_event_source
);
1675 sd_event_unref(s
->event
);
1677 safe_close(s
->syslog_fd
);
1678 safe_close(s
->native_fd
);
1679 safe_close(s
->stdout_fd
);
1680 safe_close(s
->dev_kmsg_fd
);
1681 safe_close(s
->audit_fd
);
1682 safe_close(s
->hostname_fd
);
1685 journal_rate_limit_free(s
->rate_limit
);
1687 if (s
->kernel_seqnum
)
1688 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1692 free(s
->cgroup_root
);
1693 free(s
->hostname_field
);
1696 mmap_cache_unref(s
->mmap
);
1698 udev_unref(s
->udev
);
1701 static const char* const storage_table
[_STORAGE_MAX
] = {
1702 [STORAGE_AUTO
] = "auto",
1703 [STORAGE_VOLATILE
] = "volatile",
1704 [STORAGE_PERSISTENT
] = "persistent",
1705 [STORAGE_NONE
] = "none"
1708 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1709 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1711 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1712 [SPLIT_LOGIN
] = "login",
1713 [SPLIT_UID
] = "uid",
1714 [SPLIT_NONE
] = "none",
1717 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1718 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");