]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-server.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Merge pull request #1681 from ssahani/journal
[thirdparty/systemd.git] / src / journal / journald-server.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4 This file is part of systemd.
5
6 Copyright 2011 Lennart Poettering
7
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
12
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
17
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #ifdef HAVE_SELINUX
23 #include <selinux/selinux.h>
24 #endif
25 #include <sys/ioctl.h>
26 #include <sys/mman.h>
27 #include <sys/signalfd.h>
28 #include <sys/statvfs.h>
29 #include <linux/sockios.h>
30
31 #include "libudev.h"
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
35
36 #include "acl-util.h"
37 #include "cgroup-util.h"
38 #include "conf-parser.h"
39 #include "fd-util.h"
40 #include "formats-util.h"
41 #include "hashmap.h"
42 #include "hostname-util.h"
43 #include "journal-authenticate.h"
44 #include "journal-file.h"
45 #include "journal-internal.h"
46 #include "journal-vacuum.h"
47 #include "journald-audit.h"
48 #include "journald-kmsg.h"
49 #include "journald-native.h"
50 #include "journald-rate-limit.h"
51 #include "journald-server.h"
52 #include "journald-stream.h"
53 #include "journald-syslog.h"
54 #include "missing.h"
55 #include "mkdir.h"
56 #include "process-util.h"
57 #include "rm-rf.h"
58 #include "selinux-util.h"
59 #include "signal-util.h"
60 #include "socket-util.h"
61 #include "string-util.h"
62
63 #define USER_JOURNALS_MAX 1024
64
65 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
66 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
67 #define DEFAULT_RATE_LIMIT_BURST 1000
68 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
69
70 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
71
72 static int determine_space_for(
73 Server *s,
74 JournalMetrics *metrics,
75 const char *path,
76 const char *name,
77 bool verbose,
78 bool patch_min_use,
79 uint64_t *available,
80 uint64_t *limit) {
81
82 uint64_t sum = 0, ss_avail, avail;
83 _cleanup_closedir_ DIR *d = NULL;
84 struct dirent *de;
85 struct statvfs ss;
86 const char *p;
87 usec_t ts;
88
89 assert(s);
90 assert(metrics);
91 assert(path);
92 assert(name);
93
94 ts = now(CLOCK_MONOTONIC);
95
96 if (!verbose && s->cached_space_timestamp + RECHECK_SPACE_USEC > ts) {
97
98 if (available)
99 *available = s->cached_space_available;
100 if (limit)
101 *limit = s->cached_space_limit;
102
103 return 0;
104 }
105
106 p = strjoina(path, SERVER_MACHINE_ID(s));
107 d = opendir(p);
108 if (!d)
109 return log_full_errno(errno == ENOENT ? LOG_DEBUG : LOG_ERR, errno, "Failed to open %s: %m", p);
110
111 if (fstatvfs(dirfd(d), &ss) < 0)
112 return log_error_errno(errno, "Failed to fstatvfs(%s): %m", p);
113
114 FOREACH_DIRENT_ALL(de, d, break) {
115 struct stat st;
116
117 if (!endswith(de->d_name, ".journal") &&
118 !endswith(de->d_name, ".journal~"))
119 continue;
120
121 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0) {
122 log_debug_errno(errno, "Failed to stat %s/%s, ignoring: %m", p, de->d_name);
123 continue;
124 }
125
126 if (!S_ISREG(st.st_mode))
127 continue;
128
129 sum += (uint64_t) st.st_blocks * 512UL;
130 }
131
132 /* If request, then let's bump the min_use limit to the
133 * current usage on disk. We do this when starting up and
134 * first opening the journal files. This way sudden spikes in
135 * disk usage will not cause journald to vacuum files without
136 * bounds. Note that this means that only a restart of
137 * journald will make it reset this value. */
138
139 if (patch_min_use)
140 metrics->min_use = MAX(metrics->min_use, sum);
141
142 ss_avail = ss.f_bsize * ss.f_bavail;
143 avail = LESS_BY(ss_avail, metrics->keep_free);
144
145 s->cached_space_limit = MIN(MAX(sum + avail, metrics->min_use), metrics->max_use);
146 s->cached_space_available = LESS_BY(s->cached_space_limit, sum);
147 s->cached_space_timestamp = ts;
148
149 if (verbose) {
150 char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
151 fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX], fb6[FORMAT_BYTES_MAX];
152
153 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
154 "%s (%s) is currently using %s.\n"
155 "Maximum allowed usage is set to %s.\n"
156 "Leaving at least %s free (of currently available %s of space).\n"
157 "Enforced usage limit is thus %s, of which %s are still available.",
158 name, path,
159 format_bytes(fb1, sizeof(fb1), sum),
160 format_bytes(fb2, sizeof(fb2), metrics->max_use),
161 format_bytes(fb3, sizeof(fb3), metrics->keep_free),
162 format_bytes(fb4, sizeof(fb4), ss_avail),
163 format_bytes(fb5, sizeof(fb5), s->cached_space_limit),
164 format_bytes(fb6, sizeof(fb6), s->cached_space_available));
165 }
166
167 if (available)
168 *available = s->cached_space_available;
169 if (limit)
170 *limit = s->cached_space_limit;
171
172 return 1;
173 }
174
175 static int determine_space(Server *s, bool verbose, bool patch_min_use, uint64_t *available, uint64_t *limit) {
176 JournalMetrics *metrics;
177 const char *path, *name;
178
179 assert(s);
180
181 if (s->system_journal) {
182 path = "/var/log/journal/";
183 metrics = &s->system_metrics;
184 name = "System journal";
185 } else {
186 path = "/run/log/journal/";
187 metrics = &s->runtime_metrics;
188 name = "Runtime journal";
189 }
190
191 return determine_space_for(s, metrics, path, name, verbose, patch_min_use, available, limit);
192 }
193
194 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
195 int r;
196 #ifdef HAVE_ACL
197 _cleanup_(acl_freep) acl_t acl = NULL;
198 acl_entry_t entry;
199 acl_permset_t permset;
200 #endif
201
202 assert(f);
203
204 r = fchmod(f->fd, 0640);
205 if (r < 0)
206 log_warning_errno(errno, "Failed to fix access mode on %s, ignoring: %m", f->path);
207
208 #ifdef HAVE_ACL
209 if (uid <= SYSTEM_UID_MAX)
210 return;
211
212 acl = acl_get_fd(f->fd);
213 if (!acl) {
214 log_warning_errno(errno, "Failed to read ACL on %s, ignoring: %m", f->path);
215 return;
216 }
217
218 r = acl_find_uid(acl, uid, &entry);
219 if (r <= 0) {
220
221 if (acl_create_entry(&acl, &entry) < 0 ||
222 acl_set_tag_type(entry, ACL_USER) < 0 ||
223 acl_set_qualifier(entry, &uid) < 0) {
224 log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
225 return;
226 }
227 }
228
229 /* We do not recalculate the mask unconditionally here,
230 * so that the fchmod() mask above stays intact. */
231 if (acl_get_permset(entry, &permset) < 0 ||
232 acl_add_perm(permset, ACL_READ) < 0 ||
233 calc_acl_mask_if_needed(&acl) < 0) {
234 log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
235 return;
236 }
237
238 if (acl_set_fd(f->fd, acl) < 0)
239 log_warning_errno(errno, "Failed to set ACL on %s, ignoring: %m", f->path);
240
241 #endif
242 }
243
244 static JournalFile* find_journal(Server *s, uid_t uid) {
245 _cleanup_free_ char *p = NULL;
246 int r;
247 JournalFile *f;
248 sd_id128_t machine;
249
250 assert(s);
251
252 /* We split up user logs only on /var, not on /run. If the
253 * runtime file is open, we write to it exclusively, in order
254 * to guarantee proper order as soon as we flush /run to
255 * /var and close the runtime file. */
256
257 if (s->runtime_journal)
258 return s->runtime_journal;
259
260 if (uid <= SYSTEM_UID_MAX)
261 return s->system_journal;
262
263 r = sd_id128_get_machine(&machine);
264 if (r < 0)
265 return s->system_journal;
266
267 f = ordered_hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
268 if (f)
269 return f;
270
271 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-"UID_FMT".journal",
272 SD_ID128_FORMAT_VAL(machine), uid) < 0)
273 return s->system_journal;
274
275 while (ordered_hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
276 /* Too many open? Then let's close one */
277 f = ordered_hashmap_steal_first(s->user_journals);
278 assert(f);
279 journal_file_close(f);
280 }
281
282 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
283 if (r < 0)
284 return s->system_journal;
285
286 server_fix_perms(s, f, uid);
287
288 r = ordered_hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
289 if (r < 0) {
290 journal_file_close(f);
291 return s->system_journal;
292 }
293
294 return f;
295 }
296
297 static int do_rotate(
298 Server *s,
299 JournalFile **f,
300 const char* name,
301 bool seal,
302 uint32_t uid) {
303
304 int r;
305 assert(s);
306
307 if (!*f)
308 return -EINVAL;
309
310 r = journal_file_rotate(f, s->compress, seal);
311 if (r < 0)
312 if (*f)
313 log_error_errno(r, "Failed to rotate %s: %m", (*f)->path);
314 else
315 log_error_errno(r, "Failed to create new %s journal: %m", name);
316 else
317 server_fix_perms(s, *f, uid);
318
319 return r;
320 }
321
322 void server_rotate(Server *s) {
323 JournalFile *f;
324 void *k;
325 Iterator i;
326 int r;
327
328 log_debug("Rotating...");
329
330 (void) do_rotate(s, &s->runtime_journal, "runtime", false, 0);
331 (void) do_rotate(s, &s->system_journal, "system", s->seal, 0);
332
333 ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
334 r = do_rotate(s, &f, "user", s->seal, PTR_TO_UINT32(k));
335 if (r >= 0)
336 ordered_hashmap_replace(s->user_journals, k, f);
337 else if (!f)
338 /* Old file has been closed and deallocated */
339 ordered_hashmap_remove(s->user_journals, k);
340 }
341 }
342
343 void server_sync(Server *s) {
344 JournalFile *f;
345 void *k;
346 Iterator i;
347 int r;
348
349 if (s->system_journal) {
350 r = journal_file_set_offline(s->system_journal);
351 if (r < 0)
352 log_warning_errno(r, "Failed to sync system journal, ignoring: %m");
353 }
354
355 ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
356 r = journal_file_set_offline(f);
357 if (r < 0)
358 log_warning_errno(r, "Failed to sync user journal, ignoring: %m");
359 }
360
361 if (s->sync_event_source) {
362 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
363 if (r < 0)
364 log_error_errno(r, "Failed to disable sync timer source: %m");
365 }
366
367 s->sync_scheduled = false;
368 }
369
370 static void do_vacuum(
371 Server *s,
372 JournalFile *f,
373 JournalMetrics *metrics,
374 const char *path,
375 const char *name,
376 bool verbose,
377 bool patch_min_use) {
378
379 const char *p;
380 uint64_t limit;
381 int r;
382
383 assert(s);
384 assert(metrics);
385 assert(path);
386 assert(name);
387
388 if (!f)
389 return;
390
391 p = strjoina(path, SERVER_MACHINE_ID(s));
392
393 limit = metrics->max_use;
394 (void) determine_space_for(s, metrics, path, name, verbose, patch_min_use, NULL, &limit);
395
396 r = journal_directory_vacuum(p, limit, metrics->n_max_files, s->max_retention_usec, &s->oldest_file_usec, verbose);
397 if (r < 0 && r != -ENOENT)
398 log_warning_errno(r, "Failed to vacuum %s, ignoring: %m", p);
399 }
400
401 int server_vacuum(Server *s, bool verbose, bool patch_min_use) {
402 assert(s);
403
404 log_debug("Vacuuming...");
405
406 s->oldest_file_usec = 0;
407
408 do_vacuum(s, s->system_journal, &s->system_metrics, "/var/log/journal/", "System journal", verbose, patch_min_use);
409 do_vacuum(s, s->runtime_journal, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", verbose, patch_min_use);
410
411 s->cached_space_limit = 0;
412 s->cached_space_available = 0;
413 s->cached_space_timestamp = 0;
414
415 return 0;
416 }
417
418 static void server_cache_machine_id(Server *s) {
419 sd_id128_t id;
420 int r;
421
422 assert(s);
423
424 r = sd_id128_get_machine(&id);
425 if (r < 0)
426 return;
427
428 sd_id128_to_string(id, stpcpy(s->machine_id_field, "_MACHINE_ID="));
429 }
430
431 static void server_cache_boot_id(Server *s) {
432 sd_id128_t id;
433 int r;
434
435 assert(s);
436
437 r = sd_id128_get_boot(&id);
438 if (r < 0)
439 return;
440
441 sd_id128_to_string(id, stpcpy(s->boot_id_field, "_BOOT_ID="));
442 }
443
444 static void server_cache_hostname(Server *s) {
445 _cleanup_free_ char *t = NULL;
446 char *x;
447
448 assert(s);
449
450 t = gethostname_malloc();
451 if (!t)
452 return;
453
454 x = strappend("_HOSTNAME=", t);
455 if (!x)
456 return;
457
458 free(s->hostname_field);
459 s->hostname_field = x;
460 }
461
462 static bool shall_try_append_again(JournalFile *f, int r) {
463
464 /* -E2BIG Hit configured limit
465 -EFBIG Hit fs limit
466 -EDQUOT Quota limit hit
467 -ENOSPC Disk full
468 -EIO I/O error of some kind (mmap)
469 -EHOSTDOWN Other machine
470 -EBUSY Unclean shutdown
471 -EPROTONOSUPPORT Unsupported feature
472 -EBADMSG Corrupted
473 -ENODATA Truncated
474 -ESHUTDOWN Already archived
475 -EIDRM Journal file has been deleted */
476
477 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
478 log_debug("%s: Allocation limit reached, rotating.", f->path);
479 else if (r == -EHOSTDOWN)
480 log_info("%s: Journal file from other machine, rotating.", f->path);
481 else if (r == -EBUSY)
482 log_info("%s: Unclean shutdown, rotating.", f->path);
483 else if (r == -EPROTONOSUPPORT)
484 log_info("%s: Unsupported feature, rotating.", f->path);
485 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
486 log_warning("%s: Journal file corrupted, rotating.", f->path);
487 else if (r == -EIO)
488 log_warning("%s: IO error, rotating.", f->path);
489 else if (r == -EIDRM)
490 log_warning("%s: Journal file has been deleted, rotating.", f->path);
491 else
492 return false;
493
494 return true;
495 }
496
497 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
498 JournalFile *f;
499 bool vacuumed = false;
500 int r;
501
502 assert(s);
503 assert(iovec);
504 assert(n > 0);
505
506 f = find_journal(s, uid);
507 if (!f)
508 return;
509
510 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
511 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
512 server_rotate(s);
513 server_vacuum(s, false, false);
514 vacuumed = true;
515
516 f = find_journal(s, uid);
517 if (!f)
518 return;
519 }
520
521 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
522 if (r >= 0) {
523 server_schedule_sync(s, priority);
524 return;
525 }
526
527 if (vacuumed || !shall_try_append_again(f, r)) {
528 log_error_errno(r, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
529 return;
530 }
531
532 server_rotate(s);
533 server_vacuum(s, false, false);
534
535 f = find_journal(s, uid);
536 if (!f)
537 return;
538
539 log_debug("Retrying write.");
540 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
541 if (r < 0)
542 log_error_errno(r, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
543 else
544 server_schedule_sync(s, priority);
545 }
546
547 static void dispatch_message_real(
548 Server *s,
549 struct iovec *iovec, unsigned n, unsigned m,
550 const struct ucred *ucred,
551 const struct timeval *tv,
552 const char *label, size_t label_len,
553 const char *unit_id,
554 int priority,
555 pid_t object_pid) {
556
557 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
558 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
559 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
560 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
561 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
562 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
563 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
564 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
565 uid_t object_uid;
566 gid_t object_gid;
567 char *x;
568 int r;
569 char *t, *c;
570 uid_t realuid = 0, owner = 0, journal_uid;
571 bool owner_valid = false;
572 #ifdef HAVE_AUDIT
573 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
574 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
575 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
576 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
577
578 uint32_t audit;
579 uid_t loginuid;
580 #endif
581
582 assert(s);
583 assert(iovec);
584 assert(n > 0);
585 assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
586
587 if (ucred) {
588 realuid = ucred->uid;
589
590 sprintf(pid, "_PID="PID_FMT, ucred->pid);
591 IOVEC_SET_STRING(iovec[n++], pid);
592
593 sprintf(uid, "_UID="UID_FMT, ucred->uid);
594 IOVEC_SET_STRING(iovec[n++], uid);
595
596 sprintf(gid, "_GID="GID_FMT, ucred->gid);
597 IOVEC_SET_STRING(iovec[n++], gid);
598
599 r = get_process_comm(ucred->pid, &t);
600 if (r >= 0) {
601 x = strjoina("_COMM=", t);
602 free(t);
603 IOVEC_SET_STRING(iovec[n++], x);
604 }
605
606 r = get_process_exe(ucred->pid, &t);
607 if (r >= 0) {
608 x = strjoina("_EXE=", t);
609 free(t);
610 IOVEC_SET_STRING(iovec[n++], x);
611 }
612
613 r = get_process_cmdline(ucred->pid, 0, false, &t);
614 if (r >= 0) {
615 x = strjoina("_CMDLINE=", t);
616 free(t);
617 IOVEC_SET_STRING(iovec[n++], x);
618 }
619
620 r = get_process_capeff(ucred->pid, &t);
621 if (r >= 0) {
622 x = strjoina("_CAP_EFFECTIVE=", t);
623 free(t);
624 IOVEC_SET_STRING(iovec[n++], x);
625 }
626
627 #ifdef HAVE_AUDIT
628 r = audit_session_from_pid(ucred->pid, &audit);
629 if (r >= 0) {
630 sprintf(audit_session, "_AUDIT_SESSION=%"PRIu32, audit);
631 IOVEC_SET_STRING(iovec[n++], audit_session);
632 }
633
634 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
635 if (r >= 0) {
636 sprintf(audit_loginuid, "_AUDIT_LOGINUID="UID_FMT, loginuid);
637 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
638 }
639 #endif
640
641 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &c);
642 if (r >= 0) {
643 char *session = NULL;
644
645 x = strjoina("_SYSTEMD_CGROUP=", c);
646 IOVEC_SET_STRING(iovec[n++], x);
647
648 r = cg_path_get_session(c, &t);
649 if (r >= 0) {
650 session = strjoina("_SYSTEMD_SESSION=", t);
651 free(t);
652 IOVEC_SET_STRING(iovec[n++], session);
653 }
654
655 if (cg_path_get_owner_uid(c, &owner) >= 0) {
656 owner_valid = true;
657
658 sprintf(owner_uid, "_SYSTEMD_OWNER_UID="UID_FMT, owner);
659 IOVEC_SET_STRING(iovec[n++], owner_uid);
660 }
661
662 if (cg_path_get_unit(c, &t) >= 0) {
663 x = strjoina("_SYSTEMD_UNIT=", t);
664 free(t);
665 IOVEC_SET_STRING(iovec[n++], x);
666 } else if (unit_id && !session) {
667 x = strjoina("_SYSTEMD_UNIT=", unit_id);
668 IOVEC_SET_STRING(iovec[n++], x);
669 }
670
671 if (cg_path_get_user_unit(c, &t) >= 0) {
672 x = strjoina("_SYSTEMD_USER_UNIT=", t);
673 free(t);
674 IOVEC_SET_STRING(iovec[n++], x);
675 } else if (unit_id && session) {
676 x = strjoina("_SYSTEMD_USER_UNIT=", unit_id);
677 IOVEC_SET_STRING(iovec[n++], x);
678 }
679
680 if (cg_path_get_slice(c, &t) >= 0) {
681 x = strjoina("_SYSTEMD_SLICE=", t);
682 free(t);
683 IOVEC_SET_STRING(iovec[n++], x);
684 }
685
686 free(c);
687 } else if (unit_id) {
688 x = strjoina("_SYSTEMD_UNIT=", unit_id);
689 IOVEC_SET_STRING(iovec[n++], x);
690 }
691
692 #ifdef HAVE_SELINUX
693 if (mac_selinux_use()) {
694 if (label) {
695 x = alloca(strlen("_SELINUX_CONTEXT=") + label_len + 1);
696
697 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
698 IOVEC_SET_STRING(iovec[n++], x);
699 } else {
700 security_context_t con;
701
702 if (getpidcon(ucred->pid, &con) >= 0) {
703 x = strjoina("_SELINUX_CONTEXT=", con);
704
705 freecon(con);
706 IOVEC_SET_STRING(iovec[n++], x);
707 }
708 }
709 }
710 #endif
711 }
712 assert(n <= m);
713
714 if (object_pid) {
715 r = get_process_uid(object_pid, &object_uid);
716 if (r >= 0) {
717 sprintf(o_uid, "OBJECT_UID="UID_FMT, object_uid);
718 IOVEC_SET_STRING(iovec[n++], o_uid);
719 }
720
721 r = get_process_gid(object_pid, &object_gid);
722 if (r >= 0) {
723 sprintf(o_gid, "OBJECT_GID="GID_FMT, object_gid);
724 IOVEC_SET_STRING(iovec[n++], o_gid);
725 }
726
727 r = get_process_comm(object_pid, &t);
728 if (r >= 0) {
729 x = strjoina("OBJECT_COMM=", t);
730 free(t);
731 IOVEC_SET_STRING(iovec[n++], x);
732 }
733
734 r = get_process_exe(object_pid, &t);
735 if (r >= 0) {
736 x = strjoina("OBJECT_EXE=", t);
737 free(t);
738 IOVEC_SET_STRING(iovec[n++], x);
739 }
740
741 r = get_process_cmdline(object_pid, 0, false, &t);
742 if (r >= 0) {
743 x = strjoina("OBJECT_CMDLINE=", t);
744 free(t);
745 IOVEC_SET_STRING(iovec[n++], x);
746 }
747
748 #ifdef HAVE_AUDIT
749 r = audit_session_from_pid(object_pid, &audit);
750 if (r >= 0) {
751 sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%"PRIu32, audit);
752 IOVEC_SET_STRING(iovec[n++], o_audit_session);
753 }
754
755 r = audit_loginuid_from_pid(object_pid, &loginuid);
756 if (r >= 0) {
757 sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID="UID_FMT, loginuid);
758 IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
759 }
760 #endif
761
762 r = cg_pid_get_path_shifted(object_pid, s->cgroup_root, &c);
763 if (r >= 0) {
764 x = strjoina("OBJECT_SYSTEMD_CGROUP=", c);
765 IOVEC_SET_STRING(iovec[n++], x);
766
767 r = cg_path_get_session(c, &t);
768 if (r >= 0) {
769 x = strjoina("OBJECT_SYSTEMD_SESSION=", t);
770 free(t);
771 IOVEC_SET_STRING(iovec[n++], x);
772 }
773
774 if (cg_path_get_owner_uid(c, &owner) >= 0) {
775 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT, owner);
776 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
777 }
778
779 if (cg_path_get_unit(c, &t) >= 0) {
780 x = strjoina("OBJECT_SYSTEMD_UNIT=", t);
781 free(t);
782 IOVEC_SET_STRING(iovec[n++], x);
783 }
784
785 if (cg_path_get_user_unit(c, &t) >= 0) {
786 x = strjoina("OBJECT_SYSTEMD_USER_UNIT=", t);
787 free(t);
788 IOVEC_SET_STRING(iovec[n++], x);
789 }
790
791 free(c);
792 }
793 }
794 assert(n <= m);
795
796 if (tv) {
797 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
798 IOVEC_SET_STRING(iovec[n++], source_time);
799 }
800
801 /* Note that strictly speaking storing the boot id here is
802 * redundant since the entry includes this in-line
803 * anyway. However, we need this indexed, too. */
804 if (!isempty(s->boot_id_field))
805 IOVEC_SET_STRING(iovec[n++], s->boot_id_field);
806
807 if (!isempty(s->machine_id_field))
808 IOVEC_SET_STRING(iovec[n++], s->machine_id_field);
809
810 if (!isempty(s->hostname_field))
811 IOVEC_SET_STRING(iovec[n++], s->hostname_field);
812
813 assert(n <= m);
814
815 if (s->split_mode == SPLIT_UID && realuid > 0)
816 /* Split up strictly by any UID */
817 journal_uid = realuid;
818 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
819 /* Split up by login UIDs. We do this only if the
820 * realuid is not root, in order not to accidentally
821 * leak privileged information to the user that is
822 * logged by a privileged process that is part of an
823 * unprivileged session. */
824 journal_uid = owner;
825 else
826 journal_uid = 0;
827
828 write_to_journal(s, journal_uid, iovec, n, priority);
829 }
830
831 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
832 char mid[11 + 32 + 1];
833 char buffer[16 + LINE_MAX + 1];
834 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
835 int n = 0;
836 va_list ap;
837 struct ucred ucred = {};
838
839 assert(s);
840 assert(format);
841
842 IOVEC_SET_STRING(iovec[n++], "SYSLOG_FACILITY=3");
843 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=systemd-journald");
844
845 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
846 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
847
848 memcpy(buffer, "MESSAGE=", 8);
849 va_start(ap, format);
850 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
851 va_end(ap);
852 IOVEC_SET_STRING(iovec[n++], buffer);
853
854 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
855 snprintf(mid, sizeof(mid), LOG_MESSAGE_ID(message_id));
856 IOVEC_SET_STRING(iovec[n++], mid);
857 }
858
859 ucred.pid = getpid();
860 ucred.uid = getuid();
861 ucred.gid = getgid();
862
863 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
864 }
865
866 void server_dispatch_message(
867 Server *s,
868 struct iovec *iovec, unsigned n, unsigned m,
869 const struct ucred *ucred,
870 const struct timeval *tv,
871 const char *label, size_t label_len,
872 const char *unit_id,
873 int priority,
874 pid_t object_pid) {
875
876 int rl, r;
877 _cleanup_free_ char *path = NULL;
878 uint64_t available = 0;
879 char *c;
880
881 assert(s);
882 assert(iovec || n == 0);
883
884 if (n == 0)
885 return;
886
887 if (LOG_PRI(priority) > s->max_level_store)
888 return;
889
890 /* Stop early in case the information will not be stored
891 * in a journal. */
892 if (s->storage == STORAGE_NONE)
893 return;
894
895 if (!ucred)
896 goto finish;
897
898 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &path);
899 if (r < 0)
900 goto finish;
901
902 /* example: /user/lennart/3/foobar
903 * /system/dbus.service/foobar
904 *
905 * So let's cut of everything past the third /, since that is
906 * where user directories start */
907
908 c = strchr(path, '/');
909 if (c) {
910 c = strchr(c+1, '/');
911 if (c) {
912 c = strchr(c+1, '/');
913 if (c)
914 *c = 0;
915 }
916 }
917
918 (void) determine_space(s, false, false, &available, NULL);
919 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available);
920 if (rl == 0)
921 return;
922
923 /* Write a suppression message if we suppressed something */
924 if (rl > 1)
925 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
926 "Suppressed %u messages from %s", rl - 1, path);
927
928 finish:
929 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
930 }
931
932
933 static int system_journal_open(Server *s, bool flush_requested) {
934 const char *fn;
935 int r = 0;
936
937 if (!s->system_journal &&
938 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
939 (flush_requested
940 || access("/run/systemd/journal/flushed", F_OK) >= 0)) {
941
942 /* If in auto mode: first try to create the machine
943 * path, but not the prefix.
944 *
945 * If in persistent mode: create /var/log/journal and
946 * the machine path */
947
948 if (s->storage == STORAGE_PERSISTENT)
949 (void) mkdir_p("/var/log/journal/", 0755);
950
951 fn = strjoina("/var/log/journal/", SERVER_MACHINE_ID(s));
952 (void) mkdir(fn, 0755);
953
954 fn = strjoina(fn, "/system.journal");
955 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
956 if (r >= 0) {
957 server_fix_perms(s, s->system_journal, 0);
958 (void) determine_space_for(s, &s->system_metrics, "/var/log/journal/", "System journal", true, true, NULL, NULL);
959 } else if (r < 0) {
960 if (r != -ENOENT && r != -EROFS)
961 log_warning_errno(r, "Failed to open system journal: %m");
962
963 r = 0;
964 }
965 }
966
967 if (!s->runtime_journal &&
968 (s->storage != STORAGE_NONE)) {
969
970 fn = strjoina("/run/log/journal/", SERVER_MACHINE_ID(s), "/system.journal");
971
972 if (s->system_journal) {
973
974 /* Try to open the runtime journal, but only
975 * if it already exists, so that we can flush
976 * it into the system journal */
977
978 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
979 if (r < 0) {
980 if (r != -ENOENT)
981 log_warning_errno(r, "Failed to open runtime journal: %m");
982
983 r = 0;
984 }
985
986 } else {
987
988 /* OK, we really need the runtime journal, so create
989 * it if necessary. */
990
991 (void) mkdir("/run/log", 0755);
992 (void) mkdir("/run/log/journal", 0755);
993 (void) mkdir_parents(fn, 0750);
994
995 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
996 if (r < 0)
997 return log_error_errno(r, "Failed to open runtime journal: %m");
998 }
999
1000 if (s->runtime_journal) {
1001 server_fix_perms(s, s->runtime_journal, 0);
1002 (void) determine_space_for(s, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", true, true, NULL, NULL);
1003 }
1004 }
1005
1006 return r;
1007 }
1008
1009 int server_flush_to_var(Server *s) {
1010 sd_id128_t machine;
1011 sd_journal *j = NULL;
1012 char ts[FORMAT_TIMESPAN_MAX];
1013 usec_t start;
1014 unsigned n = 0;
1015 int r;
1016
1017 assert(s);
1018
1019 if (s->storage != STORAGE_AUTO &&
1020 s->storage != STORAGE_PERSISTENT)
1021 return 0;
1022
1023 if (!s->runtime_journal)
1024 return 0;
1025
1026 (void) system_journal_open(s, true);
1027
1028 if (!s->system_journal)
1029 return 0;
1030
1031 log_debug("Flushing to /var...");
1032
1033 start = now(CLOCK_MONOTONIC);
1034
1035 r = sd_id128_get_machine(&machine);
1036 if (r < 0)
1037 return r;
1038
1039 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1040 if (r < 0)
1041 return log_error_errno(r, "Failed to read runtime journal: %m");
1042
1043 sd_journal_set_data_threshold(j, 0);
1044
1045 SD_JOURNAL_FOREACH(j) {
1046 Object *o = NULL;
1047 JournalFile *f;
1048
1049 f = j->current_file;
1050 assert(f && f->current_offset > 0);
1051
1052 n++;
1053
1054 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1055 if (r < 0) {
1056 log_error_errno(r, "Can't read entry: %m");
1057 goto finish;
1058 }
1059
1060 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1061 if (r >= 0)
1062 continue;
1063
1064 if (!shall_try_append_again(s->system_journal, r)) {
1065 log_error_errno(r, "Can't write entry: %m");
1066 goto finish;
1067 }
1068
1069 server_rotate(s);
1070 server_vacuum(s, false, false);
1071
1072 if (!s->system_journal) {
1073 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1074 r = -EIO;
1075 goto finish;
1076 }
1077
1078 log_debug("Retrying write.");
1079 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1080 if (r < 0) {
1081 log_error_errno(r, "Can't write entry: %m");
1082 goto finish;
1083 }
1084 }
1085
1086 r = 0;
1087
1088 finish:
1089 journal_file_post_change(s->system_journal);
1090
1091 s->runtime_journal = journal_file_close(s->runtime_journal);
1092
1093 if (r >= 0)
1094 (void) rm_rf("/run/log/journal", REMOVE_ROOT);
1095
1096 sd_journal_close(j);
1097
1098 server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
1099
1100 return r;
1101 }
1102
1103 int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1104 Server *s = userdata;
1105 struct ucred *ucred = NULL;
1106 struct timeval *tv = NULL;
1107 struct cmsghdr *cmsg;
1108 char *label = NULL;
1109 size_t label_len = 0, m;
1110 struct iovec iovec;
1111 ssize_t n;
1112 int *fds = NULL, v = 0;
1113 unsigned n_fds = 0;
1114
1115 union {
1116 struct cmsghdr cmsghdr;
1117
1118 /* We use NAME_MAX space for the SELinux label
1119 * here. The kernel currently enforces no
1120 * limit, but according to suggestions from
1121 * the SELinux people this will change and it
1122 * will probably be identical to NAME_MAX. For
1123 * now we use that, but this should be updated
1124 * one day when the final limit is known. */
1125 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1126 CMSG_SPACE(sizeof(struct timeval)) +
1127 CMSG_SPACE(sizeof(int)) + /* fd */
1128 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1129 } control = {};
1130
1131 union sockaddr_union sa = {};
1132
1133 struct msghdr msghdr = {
1134 .msg_iov = &iovec,
1135 .msg_iovlen = 1,
1136 .msg_control = &control,
1137 .msg_controllen = sizeof(control),
1138 .msg_name = &sa,
1139 .msg_namelen = sizeof(sa),
1140 };
1141
1142 assert(s);
1143 assert(fd == s->native_fd || fd == s->syslog_fd || fd == s->audit_fd);
1144
1145 if (revents != EPOLLIN) {
1146 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1147 return -EIO;
1148 }
1149
1150 /* Try to get the right size, if we can. (Not all
1151 * sockets support SIOCINQ, hence we just try, but
1152 * don't rely on it. */
1153 (void) ioctl(fd, SIOCINQ, &v);
1154
1155 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1156 m = PAGE_ALIGN(MAX3((size_t) v + 1,
1157 (size_t) LINE_MAX,
1158 ALIGN(sizeof(struct nlmsghdr)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH)) + 1);
1159
1160 if (!GREEDY_REALLOC(s->buffer, s->buffer_size, m))
1161 return log_oom();
1162
1163 iovec.iov_base = s->buffer;
1164 iovec.iov_len = s->buffer_size - 1; /* Leave room for trailing NUL we add later */
1165
1166 n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1167 if (n < 0) {
1168 if (errno == EINTR || errno == EAGAIN)
1169 return 0;
1170
1171 return log_error_errno(errno, "recvmsg() failed: %m");
1172 }
1173
1174 CMSG_FOREACH(cmsg, &msghdr) {
1175
1176 if (cmsg->cmsg_level == SOL_SOCKET &&
1177 cmsg->cmsg_type == SCM_CREDENTIALS &&
1178 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1179 ucred = (struct ucred*) CMSG_DATA(cmsg);
1180 else if (cmsg->cmsg_level == SOL_SOCKET &&
1181 cmsg->cmsg_type == SCM_SECURITY) {
1182 label = (char*) CMSG_DATA(cmsg);
1183 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1184 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1185 cmsg->cmsg_type == SO_TIMESTAMP &&
1186 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1187 tv = (struct timeval*) CMSG_DATA(cmsg);
1188 else if (cmsg->cmsg_level == SOL_SOCKET &&
1189 cmsg->cmsg_type == SCM_RIGHTS) {
1190 fds = (int*) CMSG_DATA(cmsg);
1191 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1192 }
1193 }
1194
1195 /* And a trailing NUL, just in case */
1196 s->buffer[n] = 0;
1197
1198 if (fd == s->syslog_fd) {
1199 if (n > 0 && n_fds == 0)
1200 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1201 else if (n_fds > 0)
1202 log_warning("Got file descriptors via syslog socket. Ignoring.");
1203
1204 } else if (fd == s->native_fd) {
1205 if (n > 0 && n_fds == 0)
1206 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1207 else if (n == 0 && n_fds == 1)
1208 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1209 else if (n_fds > 0)
1210 log_warning("Got too many file descriptors via native socket. Ignoring.");
1211
1212 } else {
1213 assert(fd == s->audit_fd);
1214
1215 if (n > 0 && n_fds == 0)
1216 server_process_audit_message(s, s->buffer, n, ucred, &sa, msghdr.msg_namelen);
1217 else if (n_fds > 0)
1218 log_warning("Got file descriptors via audit socket. Ignoring.");
1219 }
1220
1221 close_many(fds, n_fds);
1222 return 0;
1223 }
1224
1225 static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1226 Server *s = userdata;
1227
1228 assert(s);
1229
1230 log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
1231
1232 server_flush_to_var(s);
1233 server_sync(s);
1234 server_vacuum(s, false, false);
1235
1236 (void) touch("/run/systemd/journal/flushed");
1237
1238 return 0;
1239 }
1240
1241 static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1242 Server *s = userdata;
1243
1244 assert(s);
1245
1246 log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
1247 server_rotate(s);
1248 server_vacuum(s, true, true);
1249
1250 return 0;
1251 }
1252
1253 static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1254 Server *s = userdata;
1255
1256 assert(s);
1257
1258 log_received_signal(LOG_INFO, si);
1259
1260 sd_event_exit(s->event, 0);
1261 return 0;
1262 }
1263
1264 static int setup_signals(Server *s) {
1265 int r;
1266
1267 assert(s);
1268
1269 assert(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1) >= 0);
1270
1271 r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s);
1272 if (r < 0)
1273 return r;
1274
1275 r = sd_event_add_signal(s->event, &s->sigusr2_event_source, SIGUSR2, dispatch_sigusr2, s);
1276 if (r < 0)
1277 return r;
1278
1279 r = sd_event_add_signal(s->event, &s->sigterm_event_source, SIGTERM, dispatch_sigterm, s);
1280 if (r < 0)
1281 return r;
1282
1283 r = sd_event_add_signal(s->event, &s->sigint_event_source, SIGINT, dispatch_sigterm, s);
1284 if (r < 0)
1285 return r;
1286
1287 return 0;
1288 }
1289
1290 static int server_parse_proc_cmdline(Server *s) {
1291 _cleanup_free_ char *line = NULL;
1292 const char *p;
1293 int r;
1294
1295 r = proc_cmdline(&line);
1296 if (r < 0) {
1297 log_warning_errno(r, "Failed to read /proc/cmdline, ignoring: %m");
1298 return 0;
1299 }
1300
1301 p = line;
1302 for(;;) {
1303 _cleanup_free_ char *word;
1304
1305 r = extract_first_word(&p, &word, NULL, 0);
1306 if (r < 0)
1307 return log_error_errno(r, "Failed to parse journald syntax \"%s\": %m", line);
1308
1309 if (r == 0)
1310 break;
1311
1312 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1313 r = parse_boolean(word + 35);
1314 if (r < 0)
1315 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1316 else
1317 s->forward_to_syslog = r;
1318 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1319 r = parse_boolean(word + 33);
1320 if (r < 0)
1321 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1322 else
1323 s->forward_to_kmsg = r;
1324 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1325 r = parse_boolean(word + 36);
1326 if (r < 0)
1327 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1328 else
1329 s->forward_to_console = r;
1330 } else if (startswith(word, "systemd.journald.forward_to_wall=")) {
1331 r = parse_boolean(word + 33);
1332 if (r < 0)
1333 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word + 33);
1334 else
1335 s->forward_to_wall = r;
1336 } else if (startswith(word, "systemd.journald"))
1337 log_warning("Invalid systemd.journald parameter. Ignoring.");
1338 }
1339
1340 /* do not warn about state here, since probably systemd already did */
1341 return 0;
1342 }
1343
1344 static int server_parse_config_file(Server *s) {
1345 assert(s);
1346
1347 return config_parse_many("/etc/systemd/journald.conf",
1348 CONF_DIRS_NULSTR("systemd/journald.conf"),
1349 "Journal\0",
1350 config_item_perf_lookup, journald_gperf_lookup,
1351 false, s);
1352 }
1353
1354 static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1355 Server *s = userdata;
1356
1357 assert(s);
1358
1359 server_sync(s);
1360 return 0;
1361 }
1362
1363 int server_schedule_sync(Server *s, int priority) {
1364 int r;
1365
1366 assert(s);
1367
1368 if (priority <= LOG_CRIT) {
1369 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1370 server_sync(s);
1371 return 0;
1372 }
1373
1374 if (s->sync_scheduled)
1375 return 0;
1376
1377 if (s->sync_interval_usec > 0) {
1378 usec_t when;
1379
1380 r = sd_event_now(s->event, CLOCK_MONOTONIC, &when);
1381 if (r < 0)
1382 return r;
1383
1384 when += s->sync_interval_usec;
1385
1386 if (!s->sync_event_source) {
1387 r = sd_event_add_time(
1388 s->event,
1389 &s->sync_event_source,
1390 CLOCK_MONOTONIC,
1391 when, 0,
1392 server_dispatch_sync, s);
1393 if (r < 0)
1394 return r;
1395
1396 r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1397 } else {
1398 r = sd_event_source_set_time(s->sync_event_source, when);
1399 if (r < 0)
1400 return r;
1401
1402 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1403 }
1404 if (r < 0)
1405 return r;
1406
1407 s->sync_scheduled = true;
1408 }
1409
1410 return 0;
1411 }
1412
1413 static int dispatch_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1414 Server *s = userdata;
1415
1416 assert(s);
1417
1418 server_cache_hostname(s);
1419 return 0;
1420 }
1421
1422 static int server_open_hostname(Server *s) {
1423 int r;
1424
1425 assert(s);
1426
1427 s->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
1428 if (s->hostname_fd < 0)
1429 return log_error_errno(errno, "Failed to open /proc/sys/kernel/hostname: %m");
1430
1431 r = sd_event_add_io(s->event, &s->hostname_event_source, s->hostname_fd, 0, dispatch_hostname_change, s);
1432 if (r < 0) {
1433 /* kernels prior to 3.2 don't support polling this file. Ignore
1434 * the failure. */
1435 if (r == -EPERM) {
1436 log_warning_errno(r, "Failed to register hostname fd in event loop, ignoring: %m");
1437 s->hostname_fd = safe_close(s->hostname_fd);
1438 return 0;
1439 }
1440
1441 return log_error_errno(r, "Failed to register hostname fd in event loop: %m");
1442 }
1443
1444 r = sd_event_source_set_priority(s->hostname_event_source, SD_EVENT_PRIORITY_IMPORTANT-10);
1445 if (r < 0)
1446 return log_error_errno(r, "Failed to adjust priority of host name event source: %m");
1447
1448 return 0;
1449 }
1450
1451 int server_init(Server *s) {
1452 _cleanup_fdset_free_ FDSet *fds = NULL;
1453 int n, r, fd;
1454 bool no_sockets;
1455
1456 assert(s);
1457
1458 zero(*s);
1459 s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = s->audit_fd = s->hostname_fd = -1;
1460 s->compress = true;
1461 s->seal = true;
1462
1463 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1464 s->sync_scheduled = false;
1465
1466 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1467 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1468
1469 s->forward_to_wall = true;
1470
1471 s->max_file_usec = DEFAULT_MAX_FILE_USEC;
1472
1473 s->max_level_store = LOG_DEBUG;
1474 s->max_level_syslog = LOG_DEBUG;
1475 s->max_level_kmsg = LOG_NOTICE;
1476 s->max_level_console = LOG_INFO;
1477 s->max_level_wall = LOG_EMERG;
1478
1479 journal_reset_metrics(&s->system_metrics);
1480 journal_reset_metrics(&s->runtime_metrics);
1481
1482 server_parse_config_file(s);
1483 server_parse_proc_cmdline(s);
1484
1485 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1486 log_debug("Setting both rate limit interval and burst from "USEC_FMT",%u to 0,0",
1487 s->rate_limit_interval, s->rate_limit_burst);
1488 s->rate_limit_interval = s->rate_limit_burst = 0;
1489 }
1490
1491 (void) mkdir_p("/run/systemd/journal", 0755);
1492
1493 s->user_journals = ordered_hashmap_new(NULL);
1494 if (!s->user_journals)
1495 return log_oom();
1496
1497 s->mmap = mmap_cache_new();
1498 if (!s->mmap)
1499 return log_oom();
1500
1501 r = sd_event_default(&s->event);
1502 if (r < 0)
1503 return log_error_errno(r, "Failed to create event loop: %m");
1504
1505 sd_event_set_watchdog(s->event, true);
1506
1507 n = sd_listen_fds(true);
1508 if (n < 0)
1509 return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
1510
1511 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1512
1513 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1514
1515 if (s->native_fd >= 0) {
1516 log_error("Too many native sockets passed.");
1517 return -EINVAL;
1518 }
1519
1520 s->native_fd = fd;
1521
1522 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1523
1524 if (s->stdout_fd >= 0) {
1525 log_error("Too many stdout sockets passed.");
1526 return -EINVAL;
1527 }
1528
1529 s->stdout_fd = fd;
1530
1531 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 ||
1532 sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1533
1534 if (s->syslog_fd >= 0) {
1535 log_error("Too many /dev/log sockets passed.");
1536 return -EINVAL;
1537 }
1538
1539 s->syslog_fd = fd;
1540
1541 } else if (sd_is_socket(fd, AF_NETLINK, SOCK_RAW, -1) > 0) {
1542
1543 if (s->audit_fd >= 0) {
1544 log_error("Too many audit sockets passed.");
1545 return -EINVAL;
1546 }
1547
1548 s->audit_fd = fd;
1549
1550 } else {
1551
1552 if (!fds) {
1553 fds = fdset_new();
1554 if (!fds)
1555 return log_oom();
1556 }
1557
1558 r = fdset_put(fds, fd);
1559 if (r < 0)
1560 return log_oom();
1561 }
1562 }
1563
1564 /* Try to restore streams, but don't bother if this fails */
1565 (void) server_restore_streams(s, fds);
1566
1567 if (fdset_size(fds) > 0) {
1568 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
1569 fds = fdset_free(fds);
1570 }
1571
1572 no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0;
1573
1574 /* always open stdout, syslog, native, and kmsg sockets */
1575
1576 /* systemd-journald.socket: /run/systemd/journal/stdout */
1577 r = server_open_stdout_socket(s);
1578 if (r < 0)
1579 return r;
1580
1581 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1582 r = server_open_syslog_socket(s);
1583 if (r < 0)
1584 return r;
1585
1586 /* systemd-journald.socket: /run/systemd/journal/socket */
1587 r = server_open_native_socket(s);
1588 if (r < 0)
1589 return r;
1590
1591 /* /dev/ksmg */
1592 r = server_open_dev_kmsg(s);
1593 if (r < 0)
1594 return r;
1595
1596 /* Unless we got *some* sockets and not audit, open audit socket */
1597 if (s->audit_fd >= 0 || no_sockets) {
1598 r = server_open_audit(s);
1599 if (r < 0)
1600 return r;
1601 }
1602
1603 r = server_open_kernel_seqnum(s);
1604 if (r < 0)
1605 return r;
1606
1607 r = server_open_hostname(s);
1608 if (r < 0)
1609 return r;
1610
1611 r = setup_signals(s);
1612 if (r < 0)
1613 return r;
1614
1615 s->udev = udev_new();
1616 if (!s->udev)
1617 return -ENOMEM;
1618
1619 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
1620 if (!s->rate_limit)
1621 return -ENOMEM;
1622
1623 r = cg_get_root_path(&s->cgroup_root);
1624 if (r < 0)
1625 return r;
1626
1627 server_cache_hostname(s);
1628 server_cache_boot_id(s);
1629 server_cache_machine_id(s);
1630
1631 return system_journal_open(s, false);
1632 }
1633
1634 void server_maybe_append_tags(Server *s) {
1635 #ifdef HAVE_GCRYPT
1636 JournalFile *f;
1637 Iterator i;
1638 usec_t n;
1639
1640 n = now(CLOCK_REALTIME);
1641
1642 if (s->system_journal)
1643 journal_file_maybe_append_tag(s->system_journal, n);
1644
1645 ORDERED_HASHMAP_FOREACH(f, s->user_journals, i)
1646 journal_file_maybe_append_tag(f, n);
1647 #endif
1648 }
1649
1650 void server_done(Server *s) {
1651 JournalFile *f;
1652 assert(s);
1653
1654 while (s->stdout_streams)
1655 stdout_stream_free(s->stdout_streams);
1656
1657 if (s->system_journal)
1658 journal_file_close(s->system_journal);
1659
1660 if (s->runtime_journal)
1661 journal_file_close(s->runtime_journal);
1662
1663 while ((f = ordered_hashmap_steal_first(s->user_journals)))
1664 journal_file_close(f);
1665
1666 ordered_hashmap_free(s->user_journals);
1667
1668 sd_event_source_unref(s->syslog_event_source);
1669 sd_event_source_unref(s->native_event_source);
1670 sd_event_source_unref(s->stdout_event_source);
1671 sd_event_source_unref(s->dev_kmsg_event_source);
1672 sd_event_source_unref(s->audit_event_source);
1673 sd_event_source_unref(s->sync_event_source);
1674 sd_event_source_unref(s->sigusr1_event_source);
1675 sd_event_source_unref(s->sigusr2_event_source);
1676 sd_event_source_unref(s->sigterm_event_source);
1677 sd_event_source_unref(s->sigint_event_source);
1678 sd_event_source_unref(s->hostname_event_source);
1679 sd_event_unref(s->event);
1680
1681 safe_close(s->syslog_fd);
1682 safe_close(s->native_fd);
1683 safe_close(s->stdout_fd);
1684 safe_close(s->dev_kmsg_fd);
1685 safe_close(s->audit_fd);
1686 safe_close(s->hostname_fd);
1687
1688 if (s->rate_limit)
1689 journal_rate_limit_free(s->rate_limit);
1690
1691 if (s->kernel_seqnum)
1692 munmap(s->kernel_seqnum, sizeof(uint64_t));
1693
1694 free(s->buffer);
1695 free(s->tty_path);
1696 free(s->cgroup_root);
1697 free(s->hostname_field);
1698
1699 if (s->mmap)
1700 mmap_cache_unref(s->mmap);
1701
1702 udev_unref(s->udev);
1703 }
1704
1705 static const char* const storage_table[_STORAGE_MAX] = {
1706 [STORAGE_AUTO] = "auto",
1707 [STORAGE_VOLATILE] = "volatile",
1708 [STORAGE_PERSISTENT] = "persistent",
1709 [STORAGE_NONE] = "none"
1710 };
1711
1712 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
1713 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
1714
1715 static const char* const split_mode_table[_SPLIT_MAX] = {
1716 [SPLIT_LOGIN] = "login",
1717 [SPLIT_UID] = "uid",
1718 [SPLIT_NONE] = "none",
1719 };
1720
1721 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
1722 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
Unnamed repository; edit this file 'description' to name the repository.