1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 #include <selinux/selinux.h>
25 #include <sys/ioctl.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "cgroup-util.h"
38 #include "conf-parser.h"
40 #include "formats-util.h"
42 #include "hostname-util.h"
43 #include "journal-authenticate.h"
44 #include "journal-file.h"
45 #include "journal-internal.h"
46 #include "journal-vacuum.h"
47 #include "journald-audit.h"
48 #include "journald-kmsg.h"
49 #include "journald-native.h"
50 #include "journald-rate-limit.h"
51 #include "journald-server.h"
52 #include "journald-stream.h"
53 #include "journald-syslog.h"
56 #include "process-util.h"
58 #include "selinux-util.h"
59 #include "signal-util.h"
60 #include "socket-util.h"
61 #include "string-util.h"
63 #define USER_JOURNALS_MAX 1024
65 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
66 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
67 #define DEFAULT_RATE_LIMIT_BURST 1000
68 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
70 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
72 static int determine_space_for(
74 JournalMetrics
*metrics
,
82 uint64_t sum
= 0, ss_avail
, avail
;
83 _cleanup_closedir_
DIR *d
= NULL
;
94 ts
= now(CLOCK_MONOTONIC
);
96 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
99 *available
= s
->cached_space_available
;
101 *limit
= s
->cached_space_limit
;
106 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
109 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
111 if (fstatvfs(dirfd(d
), &ss
) < 0)
112 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
114 FOREACH_DIRENT_ALL(de
, d
, break) {
117 if (!endswith(de
->d_name
, ".journal") &&
118 !endswith(de
->d_name
, ".journal~"))
121 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
122 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
126 if (!S_ISREG(st
.st_mode
))
129 sum
+= (uint64_t) st
.st_blocks
* 512UL;
132 /* If request, then let's bump the min_use limit to the
133 * current usage on disk. We do this when starting up and
134 * first opening the journal files. This way sudden spikes in
135 * disk usage will not cause journald to vacuum files without
136 * bounds. Note that this means that only a restart of
137 * journald will make it reset this value. */
140 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
142 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
143 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
145 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
146 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
147 s
->cached_space_timestamp
= ts
;
150 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
151 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
153 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
154 "%s (%s) is currently using %s.\n"
155 "Maximum allowed usage is set to %s.\n"
156 "Leaving at least %s free (of currently available %s of space).\n"
157 "Enforced usage limit is thus %s, of which %s are still available.",
159 format_bytes(fb1
, sizeof(fb1
), sum
),
160 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
161 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
162 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
163 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
164 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
168 *available
= s
->cached_space_available
;
170 *limit
= s
->cached_space_limit
;
175 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
176 JournalMetrics
*metrics
;
177 const char *path
, *name
;
181 if (s
->system_journal
) {
182 path
= "/var/log/journal/";
183 metrics
= &s
->system_metrics
;
184 name
= "System journal";
186 path
= "/run/log/journal/";
187 metrics
= &s
->runtime_metrics
;
188 name
= "Runtime journal";
191 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
194 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
197 _cleanup_(acl_freep
) acl_t acl
= NULL
;
199 acl_permset_t permset
;
204 r
= fchmod(f
->fd
, 0640);
206 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
209 if (uid
<= SYSTEM_UID_MAX
)
212 acl
= acl_get_fd(f
->fd
);
214 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
218 r
= acl_find_uid(acl
, uid
, &entry
);
221 if (acl_create_entry(&acl
, &entry
) < 0 ||
222 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
223 acl_set_qualifier(entry
, &uid
) < 0) {
224 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
229 /* We do not recalculate the mask unconditionally here,
230 * so that the fchmod() mask above stays intact. */
231 if (acl_get_permset(entry
, &permset
) < 0 ||
232 acl_add_perm(permset
, ACL_READ
) < 0 ||
233 calc_acl_mask_if_needed(&acl
) < 0) {
234 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
238 if (acl_set_fd(f
->fd
, acl
) < 0)
239 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
244 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
245 _cleanup_free_
char *p
= NULL
;
252 /* We split up user logs only on /var, not on /run. If the
253 * runtime file is open, we write to it exclusively, in order
254 * to guarantee proper order as soon as we flush /run to
255 * /var and close the runtime file. */
257 if (s
->runtime_journal
)
258 return s
->runtime_journal
;
260 if (uid
<= SYSTEM_UID_MAX
)
261 return s
->system_journal
;
263 r
= sd_id128_get_machine(&machine
);
265 return s
->system_journal
;
267 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
271 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
272 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
273 return s
->system_journal
;
275 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
276 /* Too many open? Then let's close one */
277 f
= ordered_hashmap_steal_first(s
->user_journals
);
279 journal_file_close(f
);
282 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
284 return s
->system_journal
;
286 server_fix_perms(s
, f
, uid
);
288 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
290 journal_file_close(f
);
291 return s
->system_journal
;
297 static int do_rotate(
310 r
= journal_file_rotate(f
, s
->compress
, seal
);
313 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
315 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
317 server_fix_perms(s
, *f
, uid
);
322 void server_rotate(Server
*s
) {
328 log_debug("Rotating...");
330 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
331 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
333 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
334 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
336 ordered_hashmap_replace(s
->user_journals
, k
, f
);
338 /* Old file has been closed and deallocated */
339 ordered_hashmap_remove(s
->user_journals
, k
);
343 void server_sync(Server
*s
) {
349 if (s
->system_journal
) {
350 r
= journal_file_set_offline(s
->system_journal
);
352 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
355 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
356 r
= journal_file_set_offline(f
);
358 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
361 if (s
->sync_event_source
) {
362 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
364 log_error_errno(r
, "Failed to disable sync timer source: %m");
367 s
->sync_scheduled
= false;
370 static void do_vacuum(
373 JournalMetrics
*metrics
,
377 bool patch_min_use
) {
391 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
393 limit
= metrics
->max_use
;
394 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
396 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
397 if (r
< 0 && r
!= -ENOENT
)
398 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
401 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
404 log_debug("Vacuuming...");
406 s
->oldest_file_usec
= 0;
408 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
409 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
411 s
->cached_space_limit
= 0;
412 s
->cached_space_available
= 0;
413 s
->cached_space_timestamp
= 0;
418 static void server_cache_machine_id(Server
*s
) {
424 r
= sd_id128_get_machine(&id
);
428 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
431 static void server_cache_boot_id(Server
*s
) {
437 r
= sd_id128_get_boot(&id
);
441 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
444 static void server_cache_hostname(Server
*s
) {
445 _cleanup_free_
char *t
= NULL
;
450 t
= gethostname_malloc();
454 x
= strappend("_HOSTNAME=", t
);
458 free(s
->hostname_field
);
459 s
->hostname_field
= x
;
462 static bool shall_try_append_again(JournalFile
*f
, int r
) {
464 /* -E2BIG Hit configured limit
466 -EDQUOT Quota limit hit
468 -EIO I/O error of some kind (mmap)
469 -EHOSTDOWN Other machine
470 -EBUSY Unclean shutdown
471 -EPROTONOSUPPORT Unsupported feature
474 -ESHUTDOWN Already archived
475 -EIDRM Journal file has been deleted */
477 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
478 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
479 else if (r
== -EHOSTDOWN
)
480 log_info("%s: Journal file from other machine, rotating.", f
->path
);
481 else if (r
== -EBUSY
)
482 log_info("%s: Unclean shutdown, rotating.", f
->path
);
483 else if (r
== -EPROTONOSUPPORT
)
484 log_info("%s: Unsupported feature, rotating.", f
->path
);
485 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
486 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
488 log_warning("%s: IO error, rotating.", f
->path
);
489 else if (r
== -EIDRM
)
490 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
497 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
499 bool vacuumed
= false;
506 f
= find_journal(s
, uid
);
510 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
511 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
513 server_vacuum(s
, false, false);
516 f
= find_journal(s
, uid
);
521 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
523 server_schedule_sync(s
, priority
);
527 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
528 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
533 server_vacuum(s
, false, false);
535 f
= find_journal(s
, uid
);
539 log_debug("Retrying write.");
540 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
542 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
544 server_schedule_sync(s
, priority
);
547 static void dispatch_message_real(
549 struct iovec
*iovec
, unsigned n
, unsigned m
,
550 const struct ucred
*ucred
,
551 const struct timeval
*tv
,
552 const char *label
, size_t label_len
,
557 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
558 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
559 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
560 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
561 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
562 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
563 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
564 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
570 uid_t realuid
= 0, owner
= 0, journal_uid
;
571 bool owner_valid
= false;
573 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
574 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
575 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
576 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
585 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
588 realuid
= ucred
->uid
;
590 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
591 IOVEC_SET_STRING(iovec
[n
++], pid
);
593 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
594 IOVEC_SET_STRING(iovec
[n
++], uid
);
596 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
597 IOVEC_SET_STRING(iovec
[n
++], gid
);
599 r
= get_process_comm(ucred
->pid
, &t
);
601 x
= strjoina("_COMM=", t
);
603 IOVEC_SET_STRING(iovec
[n
++], x
);
606 r
= get_process_exe(ucred
->pid
, &t
);
608 x
= strjoina("_EXE=", t
);
610 IOVEC_SET_STRING(iovec
[n
++], x
);
613 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
615 x
= strjoina("_CMDLINE=", t
);
617 IOVEC_SET_STRING(iovec
[n
++], x
);
620 r
= get_process_capeff(ucred
->pid
, &t
);
622 x
= strjoina("_CAP_EFFECTIVE=", t
);
624 IOVEC_SET_STRING(iovec
[n
++], x
);
628 r
= audit_session_from_pid(ucred
->pid
, &audit
);
630 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
631 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
634 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
636 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
637 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
641 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
643 char *session
= NULL
;
645 x
= strjoina("_SYSTEMD_CGROUP=", c
);
646 IOVEC_SET_STRING(iovec
[n
++], x
);
648 r
= cg_path_get_session(c
, &t
);
650 session
= strjoina("_SYSTEMD_SESSION=", t
);
652 IOVEC_SET_STRING(iovec
[n
++], session
);
655 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
658 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
659 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
662 if (cg_path_get_unit(c
, &t
) >= 0) {
663 x
= strjoina("_SYSTEMD_UNIT=", t
);
665 IOVEC_SET_STRING(iovec
[n
++], x
);
666 } else if (unit_id
&& !session
) {
667 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
668 IOVEC_SET_STRING(iovec
[n
++], x
);
671 if (cg_path_get_user_unit(c
, &t
) >= 0) {
672 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
674 IOVEC_SET_STRING(iovec
[n
++], x
);
675 } else if (unit_id
&& session
) {
676 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
677 IOVEC_SET_STRING(iovec
[n
++], x
);
680 if (cg_path_get_slice(c
, &t
) >= 0) {
681 x
= strjoina("_SYSTEMD_SLICE=", t
);
683 IOVEC_SET_STRING(iovec
[n
++], x
);
687 } else if (unit_id
) {
688 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
689 IOVEC_SET_STRING(iovec
[n
++], x
);
693 if (mac_selinux_use()) {
695 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
697 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
698 IOVEC_SET_STRING(iovec
[n
++], x
);
700 security_context_t con
;
702 if (getpidcon(ucred
->pid
, &con
) >= 0) {
703 x
= strjoina("_SELINUX_CONTEXT=", con
);
706 IOVEC_SET_STRING(iovec
[n
++], x
);
715 r
= get_process_uid(object_pid
, &object_uid
);
717 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
718 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
721 r
= get_process_gid(object_pid
, &object_gid
);
723 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
724 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
727 r
= get_process_comm(object_pid
, &t
);
729 x
= strjoina("OBJECT_COMM=", t
);
731 IOVEC_SET_STRING(iovec
[n
++], x
);
734 r
= get_process_exe(object_pid
, &t
);
736 x
= strjoina("OBJECT_EXE=", t
);
738 IOVEC_SET_STRING(iovec
[n
++], x
);
741 r
= get_process_cmdline(object_pid
, 0, false, &t
);
743 x
= strjoina("OBJECT_CMDLINE=", t
);
745 IOVEC_SET_STRING(iovec
[n
++], x
);
749 r
= audit_session_from_pid(object_pid
, &audit
);
751 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
752 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
755 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
757 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
758 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
762 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
764 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
765 IOVEC_SET_STRING(iovec
[n
++], x
);
767 r
= cg_path_get_session(c
, &t
);
769 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
771 IOVEC_SET_STRING(iovec
[n
++], x
);
774 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
775 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
776 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
779 if (cg_path_get_unit(c
, &t
) >= 0) {
780 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
782 IOVEC_SET_STRING(iovec
[n
++], x
);
785 if (cg_path_get_user_unit(c
, &t
) >= 0) {
786 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
788 IOVEC_SET_STRING(iovec
[n
++], x
);
797 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
798 IOVEC_SET_STRING(iovec
[n
++], source_time
);
801 /* Note that strictly speaking storing the boot id here is
802 * redundant since the entry includes this in-line
803 * anyway. However, we need this indexed, too. */
804 if (!isempty(s
->boot_id_field
))
805 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
807 if (!isempty(s
->machine_id_field
))
808 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
810 if (!isempty(s
->hostname_field
))
811 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
815 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
816 /* Split up strictly by any UID */
817 journal_uid
= realuid
;
818 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
819 /* Split up by login UIDs. We do this only if the
820 * realuid is not root, in order not to accidentally
821 * leak privileged information to the user that is
822 * logged by a privileged process that is part of an
823 * unprivileged session. */
828 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
831 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
832 char mid
[11 + 32 + 1];
833 char buffer
[16 + LINE_MAX
+ 1];
834 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
837 struct ucred ucred
= {};
842 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
843 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
845 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
846 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
848 memcpy(buffer
, "MESSAGE=", 8);
849 va_start(ap
, format
);
850 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
852 IOVEC_SET_STRING(iovec
[n
++], buffer
);
854 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
855 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
856 IOVEC_SET_STRING(iovec
[n
++], mid
);
859 ucred
.pid
= getpid();
860 ucred
.uid
= getuid();
861 ucred
.gid
= getgid();
863 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
866 void server_dispatch_message(
868 struct iovec
*iovec
, unsigned n
, unsigned m
,
869 const struct ucred
*ucred
,
870 const struct timeval
*tv
,
871 const char *label
, size_t label_len
,
877 _cleanup_free_
char *path
= NULL
;
878 uint64_t available
= 0;
882 assert(iovec
|| n
== 0);
887 if (LOG_PRI(priority
) > s
->max_level_store
)
890 /* Stop early in case the information will not be stored
892 if (s
->storage
== STORAGE_NONE
)
898 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
902 /* example: /user/lennart/3/foobar
903 * /system/dbus.service/foobar
905 * So let's cut of everything past the third /, since that is
906 * where user directories start */
908 c
= strchr(path
, '/');
910 c
= strchr(c
+1, '/');
912 c
= strchr(c
+1, '/');
918 (void) determine_space(s
, false, false, &available
, NULL
);
919 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
923 /* Write a suppression message if we suppressed something */
925 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
926 "Suppressed %u messages from %s", rl
- 1, path
);
929 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
933 static int system_journal_open(Server
*s
, bool flush_requested
) {
937 if (!s
->system_journal
&&
938 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
940 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
942 /* If in auto mode: first try to create the machine
943 * path, but not the prefix.
945 * If in persistent mode: create /var/log/journal and
946 * the machine path */
948 if (s
->storage
== STORAGE_PERSISTENT
)
949 (void) mkdir_p("/var/log/journal/", 0755);
951 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
952 (void) mkdir(fn
, 0755);
954 fn
= strjoina(fn
, "/system.journal");
955 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
957 server_fix_perms(s
, s
->system_journal
, 0);
958 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
960 if (r
!= -ENOENT
&& r
!= -EROFS
)
961 log_warning_errno(r
, "Failed to open system journal: %m");
967 if (!s
->runtime_journal
&&
968 (s
->storage
!= STORAGE_NONE
)) {
970 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
972 if (s
->system_journal
) {
974 /* Try to open the runtime journal, but only
975 * if it already exists, so that we can flush
976 * it into the system journal */
978 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
981 log_warning_errno(r
, "Failed to open runtime journal: %m");
988 /* OK, we really need the runtime journal, so create
989 * it if necessary. */
991 (void) mkdir("/run/log", 0755);
992 (void) mkdir("/run/log/journal", 0755);
993 (void) mkdir_parents(fn
, 0750);
995 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
997 return log_error_errno(r
, "Failed to open runtime journal: %m");
1000 if (s
->runtime_journal
) {
1001 server_fix_perms(s
, s
->runtime_journal
, 0);
1002 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1009 int server_flush_to_var(Server
*s
) {
1011 sd_journal
*j
= NULL
;
1012 char ts
[FORMAT_TIMESPAN_MAX
];
1019 if (s
->storage
!= STORAGE_AUTO
&&
1020 s
->storage
!= STORAGE_PERSISTENT
)
1023 if (!s
->runtime_journal
)
1026 (void) system_journal_open(s
, true);
1028 if (!s
->system_journal
)
1031 log_debug("Flushing to /var...");
1033 start
= now(CLOCK_MONOTONIC
);
1035 r
= sd_id128_get_machine(&machine
);
1039 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1041 return log_error_errno(r
, "Failed to read runtime journal: %m");
1043 sd_journal_set_data_threshold(j
, 0);
1045 SD_JOURNAL_FOREACH(j
) {
1049 f
= j
->current_file
;
1050 assert(f
&& f
->current_offset
> 0);
1054 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1056 log_error_errno(r
, "Can't read entry: %m");
1060 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1064 if (!shall_try_append_again(s
->system_journal
, r
)) {
1065 log_error_errno(r
, "Can't write entry: %m");
1070 server_vacuum(s
, false, false);
1072 if (!s
->system_journal
) {
1073 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1078 log_debug("Retrying write.");
1079 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1081 log_error_errno(r
, "Can't write entry: %m");
1089 journal_file_post_change(s
->system_journal
);
1091 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1094 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1096 sd_journal_close(j
);
1098 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1103 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1104 Server
*s
= userdata
;
1105 struct ucred
*ucred
= NULL
;
1106 struct timeval
*tv
= NULL
;
1107 struct cmsghdr
*cmsg
;
1109 size_t label_len
= 0, m
;
1112 int *fds
= NULL
, v
= 0;
1116 struct cmsghdr cmsghdr
;
1118 /* We use NAME_MAX space for the SELinux label
1119 * here. The kernel currently enforces no
1120 * limit, but according to suggestions from
1121 * the SELinux people this will change and it
1122 * will probably be identical to NAME_MAX. For
1123 * now we use that, but this should be updated
1124 * one day when the final limit is known. */
1125 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1126 CMSG_SPACE(sizeof(struct timeval
)) +
1127 CMSG_SPACE(sizeof(int)) + /* fd */
1128 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1131 union sockaddr_union sa
= {};
1133 struct msghdr msghdr
= {
1136 .msg_control
= &control
,
1137 .msg_controllen
= sizeof(control
),
1139 .msg_namelen
= sizeof(sa
),
1143 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1145 if (revents
!= EPOLLIN
) {
1146 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1150 /* Try to get the right size, if we can. (Not all
1151 * sockets support SIOCINQ, hence we just try, but
1152 * don't rely on it. */
1153 (void) ioctl(fd
, SIOCINQ
, &v
);
1155 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1156 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1158 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1160 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1163 iovec
.iov_base
= s
->buffer
;
1164 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1166 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1168 if (errno
== EINTR
|| errno
== EAGAIN
)
1171 return log_error_errno(errno
, "recvmsg() failed: %m");
1174 CMSG_FOREACH(cmsg
, &msghdr
) {
1176 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1177 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1178 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1179 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1180 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1181 cmsg
->cmsg_type
== SCM_SECURITY
) {
1182 label
= (char*) CMSG_DATA(cmsg
);
1183 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1184 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1185 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1186 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1187 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1188 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1189 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1190 fds
= (int*) CMSG_DATA(cmsg
);
1191 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1195 /* And a trailing NUL, just in case */
1198 if (fd
== s
->syslog_fd
) {
1199 if (n
> 0 && n_fds
== 0)
1200 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1202 log_warning("Got file descriptors via syslog socket. Ignoring.");
1204 } else if (fd
== s
->native_fd
) {
1205 if (n
> 0 && n_fds
== 0)
1206 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1207 else if (n
== 0 && n_fds
== 1)
1208 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1210 log_warning("Got too many file descriptors via native socket. Ignoring.");
1213 assert(fd
== s
->audit_fd
);
1215 if (n
> 0 && n_fds
== 0)
1216 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1218 log_warning("Got file descriptors via audit socket. Ignoring.");
1221 close_many(fds
, n_fds
);
1225 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1226 Server
*s
= userdata
;
1230 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1232 server_flush_to_var(s
);
1234 server_vacuum(s
, false, false);
1236 (void) touch("/run/systemd/journal/flushed");
1241 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1242 Server
*s
= userdata
;
1246 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1248 server_vacuum(s
, true, true);
1253 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1254 Server
*s
= userdata
;
1258 log_received_signal(LOG_INFO
, si
);
1260 sd_event_exit(s
->event
, 0);
1264 static int setup_signals(Server
*s
) {
1269 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1271 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1275 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1279 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1283 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1290 static int server_parse_proc_cmdline(Server
*s
) {
1291 _cleanup_free_
char *line
= NULL
;
1295 r
= proc_cmdline(&line
);
1297 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1303 _cleanup_free_
char *word
;
1305 r
= extract_first_word(&p
, &word
, NULL
, 0);
1307 return log_error_errno(r
, "Failed to parse journald syntax \"%s\": %m", line
);
1312 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1313 r
= parse_boolean(word
+ 35);
1315 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1317 s
->forward_to_syslog
= r
;
1318 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1319 r
= parse_boolean(word
+ 33);
1321 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1323 s
->forward_to_kmsg
= r
;
1324 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1325 r
= parse_boolean(word
+ 36);
1327 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1329 s
->forward_to_console
= r
;
1330 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1331 r
= parse_boolean(word
+ 33);
1333 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1335 s
->forward_to_wall
= r
;
1336 } else if (startswith(word
, "systemd.journald"))
1337 log_warning("Invalid systemd.journald parameter. Ignoring.");
1340 /* do not warn about state here, since probably systemd already did */
1344 static int server_parse_config_file(Server
*s
) {
1347 return config_parse_many("/etc/systemd/journald.conf",
1348 CONF_DIRS_NULSTR("systemd/journald.conf"),
1350 config_item_perf_lookup
, journald_gperf_lookup
,
1354 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1355 Server
*s
= userdata
;
1363 int server_schedule_sync(Server
*s
, int priority
) {
1368 if (priority
<= LOG_CRIT
) {
1369 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1374 if (s
->sync_scheduled
)
1377 if (s
->sync_interval_usec
> 0) {
1380 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1384 when
+= s
->sync_interval_usec
;
1386 if (!s
->sync_event_source
) {
1387 r
= sd_event_add_time(
1389 &s
->sync_event_source
,
1392 server_dispatch_sync
, s
);
1396 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1398 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1402 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1407 s
->sync_scheduled
= true;
1413 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1414 Server
*s
= userdata
;
1418 server_cache_hostname(s
);
1422 static int server_open_hostname(Server
*s
) {
1427 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1428 if (s
->hostname_fd
< 0)
1429 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1431 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1433 /* kernels prior to 3.2 don't support polling this file. Ignore
1436 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1437 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1441 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1444 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1446 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1451 int server_init(Server
*s
) {
1452 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1459 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1463 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1464 s
->sync_scheduled
= false;
1466 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1467 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1469 s
->forward_to_wall
= true;
1471 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1473 s
->max_level_store
= LOG_DEBUG
;
1474 s
->max_level_syslog
= LOG_DEBUG
;
1475 s
->max_level_kmsg
= LOG_NOTICE
;
1476 s
->max_level_console
= LOG_INFO
;
1477 s
->max_level_wall
= LOG_EMERG
;
1479 journal_reset_metrics(&s
->system_metrics
);
1480 journal_reset_metrics(&s
->runtime_metrics
);
1482 server_parse_config_file(s
);
1483 server_parse_proc_cmdline(s
);
1485 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1486 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1487 s
->rate_limit_interval
, s
->rate_limit_burst
);
1488 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1491 (void) mkdir_p("/run/systemd/journal", 0755);
1493 s
->user_journals
= ordered_hashmap_new(NULL
);
1494 if (!s
->user_journals
)
1497 s
->mmap
= mmap_cache_new();
1501 r
= sd_event_default(&s
->event
);
1503 return log_error_errno(r
, "Failed to create event loop: %m");
1505 sd_event_set_watchdog(s
->event
, true);
1507 n
= sd_listen_fds(true);
1509 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1511 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1513 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1515 if (s
->native_fd
>= 0) {
1516 log_error("Too many native sockets passed.");
1522 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1524 if (s
->stdout_fd
>= 0) {
1525 log_error("Too many stdout sockets passed.");
1531 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1532 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1534 if (s
->syslog_fd
>= 0) {
1535 log_error("Too many /dev/log sockets passed.");
1541 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1543 if (s
->audit_fd
>= 0) {
1544 log_error("Too many audit sockets passed.");
1558 r
= fdset_put(fds
, fd
);
1564 /* Try to restore streams, but don't bother if this fails */
1565 (void) server_restore_streams(s
, fds
);
1567 if (fdset_size(fds
) > 0) {
1568 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1569 fds
= fdset_free(fds
);
1572 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1574 /* always open stdout, syslog, native, and kmsg sockets */
1576 /* systemd-journald.socket: /run/systemd/journal/stdout */
1577 r
= server_open_stdout_socket(s
);
1581 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1582 r
= server_open_syslog_socket(s
);
1586 /* systemd-journald.socket: /run/systemd/journal/socket */
1587 r
= server_open_native_socket(s
);
1592 r
= server_open_dev_kmsg(s
);
1596 /* Unless we got *some* sockets and not audit, open audit socket */
1597 if (s
->audit_fd
>= 0 || no_sockets
) {
1598 r
= server_open_audit(s
);
1603 r
= server_open_kernel_seqnum(s
);
1607 r
= server_open_hostname(s
);
1611 r
= setup_signals(s
);
1615 s
->udev
= udev_new();
1619 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1623 r
= cg_get_root_path(&s
->cgroup_root
);
1627 server_cache_hostname(s
);
1628 server_cache_boot_id(s
);
1629 server_cache_machine_id(s
);
1631 return system_journal_open(s
, false);
1634 void server_maybe_append_tags(Server
*s
) {
1640 n
= now(CLOCK_REALTIME
);
1642 if (s
->system_journal
)
1643 journal_file_maybe_append_tag(s
->system_journal
, n
);
1645 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1646 journal_file_maybe_append_tag(f
, n
);
1650 void server_done(Server
*s
) {
1654 while (s
->stdout_streams
)
1655 stdout_stream_free(s
->stdout_streams
);
1657 if (s
->system_journal
)
1658 journal_file_close(s
->system_journal
);
1660 if (s
->runtime_journal
)
1661 journal_file_close(s
->runtime_journal
);
1663 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1664 journal_file_close(f
);
1666 ordered_hashmap_free(s
->user_journals
);
1668 sd_event_source_unref(s
->syslog_event_source
);
1669 sd_event_source_unref(s
->native_event_source
);
1670 sd_event_source_unref(s
->stdout_event_source
);
1671 sd_event_source_unref(s
->dev_kmsg_event_source
);
1672 sd_event_source_unref(s
->audit_event_source
);
1673 sd_event_source_unref(s
->sync_event_source
);
1674 sd_event_source_unref(s
->sigusr1_event_source
);
1675 sd_event_source_unref(s
->sigusr2_event_source
);
1676 sd_event_source_unref(s
->sigterm_event_source
);
1677 sd_event_source_unref(s
->sigint_event_source
);
1678 sd_event_source_unref(s
->hostname_event_source
);
1679 sd_event_unref(s
->event
);
1681 safe_close(s
->syslog_fd
);
1682 safe_close(s
->native_fd
);
1683 safe_close(s
->stdout_fd
);
1684 safe_close(s
->dev_kmsg_fd
);
1685 safe_close(s
->audit_fd
);
1686 safe_close(s
->hostname_fd
);
1689 journal_rate_limit_free(s
->rate_limit
);
1691 if (s
->kernel_seqnum
)
1692 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1696 free(s
->cgroup_root
);
1697 free(s
->hostname_field
);
1700 mmap_cache_unref(s
->mmap
);
1702 udev_unref(s
->udev
);
1705 static const char* const storage_table
[_STORAGE_MAX
] = {
1706 [STORAGE_AUTO
] = "auto",
1707 [STORAGE_VOLATILE
] = "volatile",
1708 [STORAGE_PERSISTENT
] = "persistent",
1709 [STORAGE_NONE
] = "none"
1712 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1713 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1715 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1716 [SPLIT_LOGIN
] = "login",
1717 [SPLIT_UID
] = "uid",
1718 [SPLIT_NONE
] = "none",
1721 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1722 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");