1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <linux/sockios.h>
24 #include <selinux/selinux.h>
26 #include <sys/ioctl.h>
28 #include <sys/signalfd.h>
29 #include <sys/statvfs.h>
32 #include "sd-daemon.h"
33 #include "sd-journal.h"
34 #include "sd-messages.h"
37 #include "cgroup-util.h"
38 #include "conf-parser.h"
39 #include "formats-util.h"
41 #include "hostname-util.h"
44 #include "process-util.h"
46 #include "selinux-util.h"
47 #include "signal-util.h"
48 #include "socket-util.h"
49 #include "journal-authenticate.h"
50 #include "journal-file.h"
51 #include "journal-internal.h"
52 #include "journal-vacuum.h"
53 #include "journald-audit.h"
54 #include "journald-kmsg.h"
55 #include "journald-native.h"
56 #include "journald-rate-limit.h"
57 #include "journald-server.h"
58 #include "journald-stream.h"
59 #include "journald-syslog.h"
61 #define USER_JOURNALS_MAX 1024
63 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
64 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
65 #define DEFAULT_RATE_LIMIT_BURST 1000
66 #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
68 #define RECHECK_SPACE_USEC (30*USEC_PER_SEC)
70 static int determine_space_for(
72 JournalMetrics
*metrics
,
80 uint64_t sum
= 0, ss_avail
, avail
;
81 _cleanup_closedir_
DIR *d
= NULL
;
92 ts
= now(CLOCK_MONOTONIC
);
94 if (!verbose
&& s
->cached_space_timestamp
+ RECHECK_SPACE_USEC
> ts
) {
97 *available
= s
->cached_space_available
;
99 *limit
= s
->cached_space_limit
;
104 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
107 return log_full_errno(errno
== ENOENT
? LOG_DEBUG
: LOG_ERR
, errno
, "Failed to open %s: %m", p
);
109 if (fstatvfs(dirfd(d
), &ss
) < 0)
110 return log_error_errno(errno
, "Failed to fstatvfs(%s): %m", p
);
112 FOREACH_DIRENT_ALL(de
, d
, break) {
115 if (!endswith(de
->d_name
, ".journal") &&
116 !endswith(de
->d_name
, ".journal~"))
119 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0) {
120 log_debug_errno(errno
, "Failed to stat %s/%s, ignoring: %m", p
, de
->d_name
);
124 if (!S_ISREG(st
.st_mode
))
127 sum
+= (uint64_t) st
.st_blocks
* 512UL;
130 /* If request, then let's bump the min_use limit to the
131 * current usage on disk. We do this when starting up and
132 * first opening the journal files. This way sudden spikes in
133 * disk usage will not cause journald to vacuum files without
134 * bounds. Note that this means that only a restart of
135 * journald will make it reset this value. */
138 metrics
->min_use
= MAX(metrics
->min_use
, sum
);
140 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
141 avail
= LESS_BY(ss_avail
, metrics
->keep_free
);
143 s
->cached_space_limit
= MIN(MAX(sum
+ avail
, metrics
->min_use
), metrics
->max_use
);
144 s
->cached_space_available
= LESS_BY(s
->cached_space_limit
, sum
);
145 s
->cached_space_timestamp
= ts
;
148 char fb1
[FORMAT_BYTES_MAX
], fb2
[FORMAT_BYTES_MAX
], fb3
[FORMAT_BYTES_MAX
],
149 fb4
[FORMAT_BYTES_MAX
], fb5
[FORMAT_BYTES_MAX
], fb6
[FORMAT_BYTES_MAX
];
151 server_driver_message(s
, SD_MESSAGE_JOURNAL_USAGE
,
152 "%s (%s) is currently using %s.\n"
153 "Maximum allowed usage is set to %s.\n"
154 "Leaving at least %s free (of currently available %s of space).\n"
155 "Enforced usage limit is thus %s, of which %s are still available.",
157 format_bytes(fb1
, sizeof(fb1
), sum
),
158 format_bytes(fb2
, sizeof(fb2
), metrics
->max_use
),
159 format_bytes(fb3
, sizeof(fb3
), metrics
->keep_free
),
160 format_bytes(fb4
, sizeof(fb4
), ss_avail
),
161 format_bytes(fb5
, sizeof(fb5
), s
->cached_space_limit
),
162 format_bytes(fb6
, sizeof(fb6
), s
->cached_space_available
));
166 *available
= s
->cached_space_available
;
168 *limit
= s
->cached_space_limit
;
173 static int determine_space(Server
*s
, bool verbose
, bool patch_min_use
, uint64_t *available
, uint64_t *limit
) {
174 JournalMetrics
*metrics
;
175 const char *path
, *name
;
179 if (s
->system_journal
) {
180 path
= "/var/log/journal/";
181 metrics
= &s
->system_metrics
;
182 name
= "System journal";
184 path
= "/run/log/journal/";
185 metrics
= &s
->runtime_metrics
;
186 name
= "Runtime journal";
189 return determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, available
, limit
);
192 void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
195 _cleanup_(acl_freep
) acl_t acl
= NULL
;
197 acl_permset_t permset
;
202 r
= fchmod(f
->fd
, 0640);
204 log_warning_errno(errno
, "Failed to fix access mode on %s, ignoring: %m", f
->path
);
207 if (uid
<= SYSTEM_UID_MAX
)
210 acl
= acl_get_fd(f
->fd
);
212 log_warning_errno(errno
, "Failed to read ACL on %s, ignoring: %m", f
->path
);
216 r
= acl_find_uid(acl
, uid
, &entry
);
219 if (acl_create_entry(&acl
, &entry
) < 0 ||
220 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
221 acl_set_qualifier(entry
, &uid
) < 0) {
222 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
227 /* We do not recalculate the mask unconditionally here,
228 * so that the fchmod() mask above stays intact. */
229 if (acl_get_permset(entry
, &permset
) < 0 ||
230 acl_add_perm(permset
, ACL_READ
) < 0 ||
231 calc_acl_mask_if_needed(&acl
) < 0) {
232 log_warning_errno(errno
, "Failed to patch ACL on %s, ignoring: %m", f
->path
);
236 if (acl_set_fd(f
->fd
, acl
) < 0)
237 log_warning_errno(errno
, "Failed to set ACL on %s, ignoring: %m", f
->path
);
242 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
243 _cleanup_free_
char *p
= NULL
;
250 /* We split up user logs only on /var, not on /run. If the
251 * runtime file is open, we write to it exclusively, in order
252 * to guarantee proper order as soon as we flush /run to
253 * /var and close the runtime file. */
255 if (s
->runtime_journal
)
256 return s
->runtime_journal
;
258 if (uid
<= SYSTEM_UID_MAX
)
259 return s
->system_journal
;
261 r
= sd_id128_get_machine(&machine
);
263 return s
->system_journal
;
265 f
= ordered_hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
269 if (asprintf(&p
, "/var/log/journal/" SD_ID128_FORMAT_STR
"/user-"UID_FMT
".journal",
270 SD_ID128_FORMAT_VAL(machine
), uid
) < 0)
271 return s
->system_journal
;
273 while (ordered_hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
274 /* Too many open? Then let's close one */
275 f
= ordered_hashmap_steal_first(s
->user_journals
);
277 journal_file_close(f
);
280 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &f
);
282 return s
->system_journal
;
284 server_fix_perms(s
, f
, uid
);
286 r
= ordered_hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
288 journal_file_close(f
);
289 return s
->system_journal
;
295 static int do_rotate(
308 r
= journal_file_rotate(f
, s
->compress
, seal
);
311 log_error_errno(r
, "Failed to rotate %s: %m", (*f
)->path
);
313 log_error_errno(r
, "Failed to create new %s journal: %m", name
);
315 server_fix_perms(s
, *f
, uid
);
320 void server_rotate(Server
*s
) {
326 log_debug("Rotating...");
328 (void) do_rotate(s
, &s
->runtime_journal
, "runtime", false, 0);
329 (void) do_rotate(s
, &s
->system_journal
, "system", s
->seal
, 0);
331 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
332 r
= do_rotate(s
, &f
, "user", s
->seal
, PTR_TO_UINT32(k
));
334 ordered_hashmap_replace(s
->user_journals
, k
, f
);
336 /* Old file has been closed and deallocated */
337 ordered_hashmap_remove(s
->user_journals
, k
);
341 void server_sync(Server
*s
) {
347 if (s
->system_journal
) {
348 r
= journal_file_set_offline(s
->system_journal
);
350 log_warning_errno(r
, "Failed to sync system journal, ignoring: %m");
353 ORDERED_HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
354 r
= journal_file_set_offline(f
);
356 log_warning_errno(r
, "Failed to sync user journal, ignoring: %m");
359 if (s
->sync_event_source
) {
360 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_OFF
);
362 log_error_errno(r
, "Failed to disable sync timer source: %m");
365 s
->sync_scheduled
= false;
368 static void do_vacuum(
371 JournalMetrics
*metrics
,
375 bool patch_min_use
) {
389 p
= strjoina(path
, SERVER_MACHINE_ID(s
));
391 limit
= metrics
->max_use
;
392 (void) determine_space_for(s
, metrics
, path
, name
, verbose
, patch_min_use
, NULL
, &limit
);
394 r
= journal_directory_vacuum(p
, limit
, metrics
->n_max_files
, s
->max_retention_usec
, &s
->oldest_file_usec
, verbose
);
395 if (r
< 0 && r
!= -ENOENT
)
396 log_warning_errno(r
, "Failed to vacuum %s, ignoring: %m", p
);
399 int server_vacuum(Server
*s
, bool verbose
, bool patch_min_use
) {
402 log_debug("Vacuuming...");
404 s
->oldest_file_usec
= 0;
406 do_vacuum(s
, s
->system_journal
, &s
->system_metrics
, "/var/log/journal/", "System journal", verbose
, patch_min_use
);
407 do_vacuum(s
, s
->runtime_journal
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", verbose
, patch_min_use
);
409 s
->cached_space_limit
= 0;
410 s
->cached_space_available
= 0;
411 s
->cached_space_timestamp
= 0;
416 static void server_cache_machine_id(Server
*s
) {
422 r
= sd_id128_get_machine(&id
);
426 sd_id128_to_string(id
, stpcpy(s
->machine_id_field
, "_MACHINE_ID="));
429 static void server_cache_boot_id(Server
*s
) {
435 r
= sd_id128_get_boot(&id
);
439 sd_id128_to_string(id
, stpcpy(s
->boot_id_field
, "_BOOT_ID="));
442 static void server_cache_hostname(Server
*s
) {
443 _cleanup_free_
char *t
= NULL
;
448 t
= gethostname_malloc();
452 x
= strappend("_HOSTNAME=", t
);
456 free(s
->hostname_field
);
457 s
->hostname_field
= x
;
460 static bool shall_try_append_again(JournalFile
*f
, int r
) {
462 /* -E2BIG Hit configured limit
464 -EDQUOT Quota limit hit
466 -EIO I/O error of some kind (mmap)
467 -EHOSTDOWN Other machine
468 -EBUSY Unclean shutdown
469 -EPROTONOSUPPORT Unsupported feature
472 -ESHUTDOWN Already archived
473 -EIDRM Journal file has been deleted */
475 if (r
== -E2BIG
|| r
== -EFBIG
|| r
== -EDQUOT
|| r
== -ENOSPC
)
476 log_debug("%s: Allocation limit reached, rotating.", f
->path
);
477 else if (r
== -EHOSTDOWN
)
478 log_info("%s: Journal file from other machine, rotating.", f
->path
);
479 else if (r
== -EBUSY
)
480 log_info("%s: Unclean shutdown, rotating.", f
->path
);
481 else if (r
== -EPROTONOSUPPORT
)
482 log_info("%s: Unsupported feature, rotating.", f
->path
);
483 else if (r
== -EBADMSG
|| r
== -ENODATA
|| r
== ESHUTDOWN
)
484 log_warning("%s: Journal file corrupted, rotating.", f
->path
);
486 log_warning("%s: IO error, rotating.", f
->path
);
487 else if (r
== -EIDRM
)
488 log_warning("%s: Journal file has been deleted, rotating.", f
->path
);
495 static void write_to_journal(Server
*s
, uid_t uid
, struct iovec
*iovec
, unsigned n
, int priority
) {
497 bool vacuumed
= false;
504 f
= find_journal(s
, uid
);
508 if (journal_file_rotate_suggested(f
, s
->max_file_usec
)) {
509 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f
->path
);
511 server_vacuum(s
, false, false);
514 f
= find_journal(s
, uid
);
519 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
521 server_schedule_sync(s
, priority
);
525 if (vacuumed
|| !shall_try_append_again(f
, r
)) {
526 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
531 server_vacuum(s
, false, false);
533 f
= find_journal(s
, uid
);
537 log_debug("Retrying write.");
538 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
540 log_error_errno(r
, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n
, IOVEC_TOTAL_SIZE(iovec
, n
));
542 server_schedule_sync(s
, priority
);
545 static void dispatch_message_real(
547 struct iovec
*iovec
, unsigned n
, unsigned m
,
548 const struct ucred
*ucred
,
549 const struct timeval
*tv
,
550 const char *label
, size_t label_len
,
555 char pid
[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t
)],
556 uid
[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t
)],
557 gid
[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t
)],
558 owner_uid
[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)],
559 source_time
[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t
)],
560 o_uid
[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t
)],
561 o_gid
[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t
)],
562 o_owner_uid
[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t
)];
568 uid_t realuid
= 0, owner
= 0, journal_uid
;
569 bool owner_valid
= false;
571 char audit_session
[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
572 audit_loginuid
[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)],
573 o_audit_session
[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
574 o_audit_loginuid
[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t
)];
583 assert(n
+ N_IOVEC_META_FIELDS
+ (object_pid
? N_IOVEC_OBJECT_FIELDS
: 0) <= m
);
586 realuid
= ucred
->uid
;
588 sprintf(pid
, "_PID="PID_FMT
, ucred
->pid
);
589 IOVEC_SET_STRING(iovec
[n
++], pid
);
591 sprintf(uid
, "_UID="UID_FMT
, ucred
->uid
);
592 IOVEC_SET_STRING(iovec
[n
++], uid
);
594 sprintf(gid
, "_GID="GID_FMT
, ucred
->gid
);
595 IOVEC_SET_STRING(iovec
[n
++], gid
);
597 r
= get_process_comm(ucred
->pid
, &t
);
599 x
= strjoina("_COMM=", t
);
601 IOVEC_SET_STRING(iovec
[n
++], x
);
604 r
= get_process_exe(ucred
->pid
, &t
);
606 x
= strjoina("_EXE=", t
);
608 IOVEC_SET_STRING(iovec
[n
++], x
);
611 r
= get_process_cmdline(ucred
->pid
, 0, false, &t
);
613 x
= strjoina("_CMDLINE=", t
);
615 IOVEC_SET_STRING(iovec
[n
++], x
);
618 r
= get_process_capeff(ucred
->pid
, &t
);
620 x
= strjoina("_CAP_EFFECTIVE=", t
);
622 IOVEC_SET_STRING(iovec
[n
++], x
);
626 r
= audit_session_from_pid(ucred
->pid
, &audit
);
628 sprintf(audit_session
, "_AUDIT_SESSION=%"PRIu32
, audit
);
629 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
632 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
634 sprintf(audit_loginuid
, "_AUDIT_LOGINUID="UID_FMT
, loginuid
);
635 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
639 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &c
);
641 char *session
= NULL
;
643 x
= strjoina("_SYSTEMD_CGROUP=", c
);
644 IOVEC_SET_STRING(iovec
[n
++], x
);
646 r
= cg_path_get_session(c
, &t
);
648 session
= strjoina("_SYSTEMD_SESSION=", t
);
650 IOVEC_SET_STRING(iovec
[n
++], session
);
653 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
656 sprintf(owner_uid
, "_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
657 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
660 if (cg_path_get_unit(c
, &t
) >= 0) {
661 x
= strjoina("_SYSTEMD_UNIT=", t
);
663 IOVEC_SET_STRING(iovec
[n
++], x
);
664 } else if (unit_id
&& !session
) {
665 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
666 IOVEC_SET_STRING(iovec
[n
++], x
);
669 if (cg_path_get_user_unit(c
, &t
) >= 0) {
670 x
= strjoina("_SYSTEMD_USER_UNIT=", t
);
672 IOVEC_SET_STRING(iovec
[n
++], x
);
673 } else if (unit_id
&& session
) {
674 x
= strjoina("_SYSTEMD_USER_UNIT=", unit_id
);
675 IOVEC_SET_STRING(iovec
[n
++], x
);
678 if (cg_path_get_slice(c
, &t
) >= 0) {
679 x
= strjoina("_SYSTEMD_SLICE=", t
);
681 IOVEC_SET_STRING(iovec
[n
++], x
);
685 } else if (unit_id
) {
686 x
= strjoina("_SYSTEMD_UNIT=", unit_id
);
687 IOVEC_SET_STRING(iovec
[n
++], x
);
691 if (mac_selinux_use()) {
693 x
= alloca(strlen("_SELINUX_CONTEXT=") + label_len
+ 1);
695 *((char*) mempcpy(stpcpy(x
, "_SELINUX_CONTEXT="), label
, label_len
)) = 0;
696 IOVEC_SET_STRING(iovec
[n
++], x
);
698 security_context_t con
;
700 if (getpidcon(ucred
->pid
, &con
) >= 0) {
701 x
= strjoina("_SELINUX_CONTEXT=", con
);
704 IOVEC_SET_STRING(iovec
[n
++], x
);
713 r
= get_process_uid(object_pid
, &object_uid
);
715 sprintf(o_uid
, "OBJECT_UID="UID_FMT
, object_uid
);
716 IOVEC_SET_STRING(iovec
[n
++], o_uid
);
719 r
= get_process_gid(object_pid
, &object_gid
);
721 sprintf(o_gid
, "OBJECT_GID="GID_FMT
, object_gid
);
722 IOVEC_SET_STRING(iovec
[n
++], o_gid
);
725 r
= get_process_comm(object_pid
, &t
);
727 x
= strjoina("OBJECT_COMM=", t
);
729 IOVEC_SET_STRING(iovec
[n
++], x
);
732 r
= get_process_exe(object_pid
, &t
);
734 x
= strjoina("OBJECT_EXE=", t
);
736 IOVEC_SET_STRING(iovec
[n
++], x
);
739 r
= get_process_cmdline(object_pid
, 0, false, &t
);
741 x
= strjoina("OBJECT_CMDLINE=", t
);
743 IOVEC_SET_STRING(iovec
[n
++], x
);
747 r
= audit_session_from_pid(object_pid
, &audit
);
749 sprintf(o_audit_session
, "OBJECT_AUDIT_SESSION=%"PRIu32
, audit
);
750 IOVEC_SET_STRING(iovec
[n
++], o_audit_session
);
753 r
= audit_loginuid_from_pid(object_pid
, &loginuid
);
755 sprintf(o_audit_loginuid
, "OBJECT_AUDIT_LOGINUID="UID_FMT
, loginuid
);
756 IOVEC_SET_STRING(iovec
[n
++], o_audit_loginuid
);
760 r
= cg_pid_get_path_shifted(object_pid
, s
->cgroup_root
, &c
);
762 x
= strjoina("OBJECT_SYSTEMD_CGROUP=", c
);
763 IOVEC_SET_STRING(iovec
[n
++], x
);
765 r
= cg_path_get_session(c
, &t
);
767 x
= strjoina("OBJECT_SYSTEMD_SESSION=", t
);
769 IOVEC_SET_STRING(iovec
[n
++], x
);
772 if (cg_path_get_owner_uid(c
, &owner
) >= 0) {
773 sprintf(o_owner_uid
, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT
, owner
);
774 IOVEC_SET_STRING(iovec
[n
++], o_owner_uid
);
777 if (cg_path_get_unit(c
, &t
) >= 0) {
778 x
= strjoina("OBJECT_SYSTEMD_UNIT=", t
);
780 IOVEC_SET_STRING(iovec
[n
++], x
);
783 if (cg_path_get_user_unit(c
, &t
) >= 0) {
784 x
= strjoina("OBJECT_SYSTEMD_USER_UNIT=", t
);
786 IOVEC_SET_STRING(iovec
[n
++], x
);
795 sprintf(source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv
));
796 IOVEC_SET_STRING(iovec
[n
++], source_time
);
799 /* Note that strictly speaking storing the boot id here is
800 * redundant since the entry includes this in-line
801 * anyway. However, we need this indexed, too. */
802 if (!isempty(s
->boot_id_field
))
803 IOVEC_SET_STRING(iovec
[n
++], s
->boot_id_field
);
805 if (!isempty(s
->machine_id_field
))
806 IOVEC_SET_STRING(iovec
[n
++], s
->machine_id_field
);
808 if (!isempty(s
->hostname_field
))
809 IOVEC_SET_STRING(iovec
[n
++], s
->hostname_field
);
813 if (s
->split_mode
== SPLIT_UID
&& realuid
> 0)
814 /* Split up strictly by any UID */
815 journal_uid
= realuid
;
816 else if (s
->split_mode
== SPLIT_LOGIN
&& realuid
> 0 && owner_valid
&& owner
> 0)
817 /* Split up by login UIDs. We do this only if the
818 * realuid is not root, in order not to accidentally
819 * leak privileged information to the user that is
820 * logged by a privileged process that is part of an
821 * unprivileged session. */
826 write_to_journal(s
, journal_uid
, iovec
, n
, priority
);
829 void server_driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
830 char mid
[11 + 32 + 1];
831 char buffer
[16 + LINE_MAX
+ 1];
832 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
835 struct ucred ucred
= {};
840 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_FACILITY=3");
841 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=systemd-journald");
843 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=6");
844 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
846 memcpy(buffer
, "MESSAGE=", 8);
847 va_start(ap
, format
);
848 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
850 IOVEC_SET_STRING(iovec
[n
++], buffer
);
852 if (!sd_id128_equal(message_id
, SD_ID128_NULL
)) {
853 snprintf(mid
, sizeof(mid
), LOG_MESSAGE_ID(message_id
));
854 IOVEC_SET_STRING(iovec
[n
++], mid
);
857 ucred
.pid
= getpid();
858 ucred
.uid
= getuid();
859 ucred
.gid
= getgid();
861 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0, NULL
, LOG_INFO
, 0);
864 void server_dispatch_message(
866 struct iovec
*iovec
, unsigned n
, unsigned m
,
867 const struct ucred
*ucred
,
868 const struct timeval
*tv
,
869 const char *label
, size_t label_len
,
875 _cleanup_free_
char *path
= NULL
;
876 uint64_t available
= 0;
880 assert(iovec
|| n
== 0);
885 if (LOG_PRI(priority
) > s
->max_level_store
)
888 /* Stop early in case the information will not be stored
890 if (s
->storage
== STORAGE_NONE
)
896 r
= cg_pid_get_path_shifted(ucred
->pid
, s
->cgroup_root
, &path
);
900 /* example: /user/lennart/3/foobar
901 * /system/dbus.service/foobar
903 * So let's cut of everything past the third /, since that is
904 * where user directories start */
906 c
= strchr(path
, '/');
908 c
= strchr(c
+1, '/');
910 c
= strchr(c
+1, '/');
916 (void) determine_space(s
, false, false, &available
, NULL
);
917 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available
);
921 /* Write a suppression message if we suppressed something */
923 server_driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
,
924 "Suppressed %u messages from %s", rl
- 1, path
);
927 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, unit_id
, priority
, object_pid
);
931 static int system_journal_open(Server
*s
, bool flush_requested
) {
935 if (!s
->system_journal
&&
936 (s
->storage
== STORAGE_PERSISTENT
|| s
->storage
== STORAGE_AUTO
) &&
938 || access("/run/systemd/journal/flushed", F_OK
) >= 0)) {
940 /* If in auto mode: first try to create the machine
941 * path, but not the prefix.
943 * If in persistent mode: create /var/log/journal and
944 * the machine path */
946 if (s
->storage
== STORAGE_PERSISTENT
)
947 (void) mkdir_p("/var/log/journal/", 0755);
949 fn
= strjoina("/var/log/journal/", SERVER_MACHINE_ID(s
));
950 (void) mkdir(fn
, 0755);
952 fn
= strjoina(fn
, "/system.journal");
953 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, s
->seal
, &s
->system_metrics
, s
->mmap
, NULL
, &s
->system_journal
);
955 server_fix_perms(s
, s
->system_journal
, 0);
956 (void) determine_space_for(s
, &s
->system_metrics
, "/var/log/journal/", "System journal", true, true, NULL
, NULL
);
958 if (r
!= -ENOENT
&& r
!= -EROFS
)
959 log_warning_errno(r
, "Failed to open system journal: %m");
965 if (!s
->runtime_journal
&&
966 (s
->storage
!= STORAGE_NONE
)) {
968 fn
= strjoina("/run/log/journal/", SERVER_MACHINE_ID(s
), "/system.journal");
970 if (s
->system_journal
) {
972 /* Try to open the runtime journal, but only
973 * if it already exists, so that we can flush
974 * it into the system journal */
976 r
= journal_file_open(fn
, O_RDWR
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
979 log_warning_errno(r
, "Failed to open runtime journal: %m");
986 /* OK, we really need the runtime journal, so create
987 * it if necessary. */
989 (void) mkdir("/run/log", 0755);
990 (void) mkdir("/run/log/journal", 0755);
991 (void) mkdir_parents(fn
, 0750);
993 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, s
->compress
, false, &s
->runtime_metrics
, s
->mmap
, NULL
, &s
->runtime_journal
);
995 return log_error_errno(r
, "Failed to open runtime journal: %m");
998 if (s
->runtime_journal
) {
999 server_fix_perms(s
, s
->runtime_journal
, 0);
1000 (void) determine_space_for(s
, &s
->runtime_metrics
, "/run/log/journal/", "Runtime journal", true, true, NULL
, NULL
);
1007 int server_flush_to_var(Server
*s
) {
1009 sd_journal
*j
= NULL
;
1010 char ts
[FORMAT_TIMESPAN_MAX
];
1017 if (s
->storage
!= STORAGE_AUTO
&&
1018 s
->storage
!= STORAGE_PERSISTENT
)
1021 if (!s
->runtime_journal
)
1024 (void) system_journal_open(s
, true);
1026 if (!s
->system_journal
)
1029 log_debug("Flushing to /var...");
1031 start
= now(CLOCK_MONOTONIC
);
1033 r
= sd_id128_get_machine(&machine
);
1037 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1039 return log_error_errno(r
, "Failed to read runtime journal: %m");
1041 sd_journal_set_data_threshold(j
, 0);
1043 SD_JOURNAL_FOREACH(j
) {
1047 f
= j
->current_file
;
1048 assert(f
&& f
->current_offset
> 0);
1052 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1054 log_error_errno(r
, "Can't read entry: %m");
1058 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1062 if (!shall_try_append_again(s
->system_journal
, r
)) {
1063 log_error_errno(r
, "Can't write entry: %m");
1068 server_vacuum(s
, false, false);
1070 if (!s
->system_journal
) {
1071 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1076 log_debug("Retrying write.");
1077 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
1079 log_error_errno(r
, "Can't write entry: %m");
1087 journal_file_post_change(s
->system_journal
);
1089 s
->runtime_journal
= journal_file_close(s
->runtime_journal
);
1092 (void) rm_rf("/run/log/journal", REMOVE_ROOT
);
1094 sd_journal_close(j
);
1096 server_driver_message(s
, SD_ID128_NULL
, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts
, sizeof(ts
), now(CLOCK_MONOTONIC
) - start
, 0), n
);
1101 int server_process_datagram(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1102 Server
*s
= userdata
;
1103 struct ucred
*ucred
= NULL
;
1104 struct timeval
*tv
= NULL
;
1105 struct cmsghdr
*cmsg
;
1107 size_t label_len
= 0, m
;
1110 int *fds
= NULL
, v
= 0;
1114 struct cmsghdr cmsghdr
;
1116 /* We use NAME_MAX space for the SELinux label
1117 * here. The kernel currently enforces no
1118 * limit, but according to suggestions from
1119 * the SELinux people this will change and it
1120 * will probably be identical to NAME_MAX. For
1121 * now we use that, but this should be updated
1122 * one day when the final limit is known. */
1123 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
1124 CMSG_SPACE(sizeof(struct timeval
)) +
1125 CMSG_SPACE(sizeof(int)) + /* fd */
1126 CMSG_SPACE(NAME_MAX
)]; /* selinux label */
1129 union sockaddr_union sa
= {};
1131 struct msghdr msghdr
= {
1134 .msg_control
= &control
,
1135 .msg_controllen
= sizeof(control
),
1137 .msg_namelen
= sizeof(sa
),
1141 assert(fd
== s
->native_fd
|| fd
== s
->syslog_fd
|| fd
== s
->audit_fd
);
1143 if (revents
!= EPOLLIN
) {
1144 log_error("Got invalid event from epoll for datagram fd: %"PRIx32
, revents
);
1148 /* Try to get the right size, if we can. (Not all
1149 * sockets support SIOCINQ, hence we just try, but
1150 * don't rely on it. */
1151 (void) ioctl(fd
, SIOCINQ
, &v
);
1153 /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1154 m
= PAGE_ALIGN(MAX3((size_t) v
+ 1,
1156 ALIGN(sizeof(struct nlmsghdr
)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH
)) + 1);
1158 if (!GREEDY_REALLOC(s
->buffer
, s
->buffer_size
, m
))
1161 iovec
.iov_base
= s
->buffer
;
1162 iovec
.iov_len
= s
->buffer_size
- 1; /* Leave room for trailing NUL we add later */
1164 n
= recvmsg(fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
1166 if (errno
== EINTR
|| errno
== EAGAIN
)
1169 return log_error_errno(errno
, "recvmsg() failed: %m");
1172 CMSG_FOREACH(cmsg
, &msghdr
) {
1174 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1175 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
1176 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
1177 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
1178 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1179 cmsg
->cmsg_type
== SCM_SECURITY
) {
1180 label
= (char*) CMSG_DATA(cmsg
);
1181 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
1182 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1183 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
1184 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
1185 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
1186 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
1187 cmsg
->cmsg_type
== SCM_RIGHTS
) {
1188 fds
= (int*) CMSG_DATA(cmsg
);
1189 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
1193 /* And a trailing NUL, just in case */
1196 if (fd
== s
->syslog_fd
) {
1197 if (n
> 0 && n_fds
== 0)
1198 server_process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
1200 log_warning("Got file descriptors via syslog socket. Ignoring.");
1202 } else if (fd
== s
->native_fd
) {
1203 if (n
> 0 && n_fds
== 0)
1204 server_process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
1205 else if (n
== 0 && n_fds
== 1)
1206 server_process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
1208 log_warning("Got too many file descriptors via native socket. Ignoring.");
1211 assert(fd
== s
->audit_fd
);
1213 if (n
> 0 && n_fds
== 0)
1214 server_process_audit_message(s
, s
->buffer
, n
, ucred
, &sa
, msghdr
.msg_namelen
);
1216 log_warning("Got file descriptors via audit socket. Ignoring.");
1219 close_many(fds
, n_fds
);
1223 static int dispatch_sigusr1(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1224 Server
*s
= userdata
;
1228 log_info("Received request to flush runtime journal from PID %"PRIu32
, si
->ssi_pid
);
1230 server_flush_to_var(s
);
1232 server_vacuum(s
, false, false);
1234 (void) touch("/run/systemd/journal/flushed");
1239 static int dispatch_sigusr2(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1240 Server
*s
= userdata
;
1244 log_info("Received request to rotate journal from PID %"PRIu32
, si
->ssi_pid
);
1246 server_vacuum(s
, true, true);
1251 static int dispatch_sigterm(sd_event_source
*es
, const struct signalfd_siginfo
*si
, void *userdata
) {
1252 Server
*s
= userdata
;
1256 log_received_signal(LOG_INFO
, si
);
1258 sd_event_exit(s
->event
, 0);
1262 static int setup_signals(Server
*s
) {
1267 assert(sigprocmask_many(SIG_SETMASK
, NULL
, SIGINT
, SIGTERM
, SIGUSR1
, SIGUSR2
, -1) >= 0);
1269 r
= sd_event_add_signal(s
->event
, &s
->sigusr1_event_source
, SIGUSR1
, dispatch_sigusr1
, s
);
1273 r
= sd_event_add_signal(s
->event
, &s
->sigusr2_event_source
, SIGUSR2
, dispatch_sigusr2
, s
);
1277 r
= sd_event_add_signal(s
->event
, &s
->sigterm_event_source
, SIGTERM
, dispatch_sigterm
, s
);
1281 r
= sd_event_add_signal(s
->event
, &s
->sigint_event_source
, SIGINT
, dispatch_sigterm
, s
);
1288 static int server_parse_proc_cmdline(Server
*s
) {
1289 _cleanup_free_
char *line
= NULL
;
1290 const char *w
, *state
;
1294 r
= proc_cmdline(&line
);
1296 log_warning_errno(r
, "Failed to read /proc/cmdline, ignoring: %m");
1300 FOREACH_WORD_QUOTED(w
, l
, line
, state
) {
1301 _cleanup_free_
char *word
;
1303 word
= strndup(w
, l
);
1307 if (startswith(word
, "systemd.journald.forward_to_syslog=")) {
1308 r
= parse_boolean(word
+ 35);
1310 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
1312 s
->forward_to_syslog
= r
;
1313 } else if (startswith(word
, "systemd.journald.forward_to_kmsg=")) {
1314 r
= parse_boolean(word
+ 33);
1316 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
1318 s
->forward_to_kmsg
= r
;
1319 } else if (startswith(word
, "systemd.journald.forward_to_console=")) {
1320 r
= parse_boolean(word
+ 36);
1322 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
1324 s
->forward_to_console
= r
;
1325 } else if (startswith(word
, "systemd.journald.forward_to_wall=")) {
1326 r
= parse_boolean(word
+ 33);
1328 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word
+ 33);
1330 s
->forward_to_wall
= r
;
1331 } else if (startswith(word
, "systemd.journald"))
1332 log_warning("Invalid systemd.journald parameter. Ignoring.");
1335 /* do not warn about state here, since probably systemd already did */
1339 static int server_parse_config_file(Server
*s
) {
1342 return config_parse_many("/etc/systemd/journald.conf",
1343 CONF_DIRS_NULSTR("systemd/journald.conf"),
1345 config_item_perf_lookup
, journald_gperf_lookup
,
1349 static int server_dispatch_sync(sd_event_source
*es
, usec_t t
, void *userdata
) {
1350 Server
*s
= userdata
;
1358 int server_schedule_sync(Server
*s
, int priority
) {
1363 if (priority
<= LOG_CRIT
) {
1364 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1369 if (s
->sync_scheduled
)
1372 if (s
->sync_interval_usec
> 0) {
1375 r
= sd_event_now(s
->event
, CLOCK_MONOTONIC
, &when
);
1379 when
+= s
->sync_interval_usec
;
1381 if (!s
->sync_event_source
) {
1382 r
= sd_event_add_time(
1384 &s
->sync_event_source
,
1387 server_dispatch_sync
, s
);
1391 r
= sd_event_source_set_priority(s
->sync_event_source
, SD_EVENT_PRIORITY_IMPORTANT
);
1393 r
= sd_event_source_set_time(s
->sync_event_source
, when
);
1397 r
= sd_event_source_set_enabled(s
->sync_event_source
, SD_EVENT_ONESHOT
);
1402 s
->sync_scheduled
= true;
1408 static int dispatch_hostname_change(sd_event_source
*es
, int fd
, uint32_t revents
, void *userdata
) {
1409 Server
*s
= userdata
;
1413 server_cache_hostname(s
);
1417 static int server_open_hostname(Server
*s
) {
1422 s
->hostname_fd
= open("/proc/sys/kernel/hostname", O_RDONLY
|O_CLOEXEC
|O_NDELAY
|O_NOCTTY
);
1423 if (s
->hostname_fd
< 0)
1424 return log_error_errno(errno
, "Failed to open /proc/sys/kernel/hostname: %m");
1426 r
= sd_event_add_io(s
->event
, &s
->hostname_event_source
, s
->hostname_fd
, 0, dispatch_hostname_change
, s
);
1428 /* kernels prior to 3.2 don't support polling this file. Ignore
1431 log_warning_errno(r
, "Failed to register hostname fd in event loop, ignoring: %m");
1432 s
->hostname_fd
= safe_close(s
->hostname_fd
);
1436 return log_error_errno(r
, "Failed to register hostname fd in event loop: %m");
1439 r
= sd_event_source_set_priority(s
->hostname_event_source
, SD_EVENT_PRIORITY_IMPORTANT
-10);
1441 return log_error_errno(r
, "Failed to adjust priority of host name event source: %m");
1446 int server_init(Server
*s
) {
1447 _cleanup_fdset_free_ FDSet
*fds
= NULL
;
1454 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->dev_kmsg_fd
= s
->audit_fd
= s
->hostname_fd
= -1;
1458 s
->sync_interval_usec
= DEFAULT_SYNC_INTERVAL_USEC
;
1459 s
->sync_scheduled
= false;
1461 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
1462 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
1464 s
->forward_to_wall
= true;
1466 s
->max_file_usec
= DEFAULT_MAX_FILE_USEC
;
1468 s
->max_level_store
= LOG_DEBUG
;
1469 s
->max_level_syslog
= LOG_DEBUG
;
1470 s
->max_level_kmsg
= LOG_NOTICE
;
1471 s
->max_level_console
= LOG_INFO
;
1472 s
->max_level_wall
= LOG_EMERG
;
1474 journal_reset_metrics(&s
->system_metrics
);
1475 journal_reset_metrics(&s
->runtime_metrics
);
1477 server_parse_config_file(s
);
1478 server_parse_proc_cmdline(s
);
1480 if (!!s
->rate_limit_interval
^ !!s
->rate_limit_burst
) {
1481 log_debug("Setting both rate limit interval and burst from "USEC_FMT
",%u to 0,0",
1482 s
->rate_limit_interval
, s
->rate_limit_burst
);
1483 s
->rate_limit_interval
= s
->rate_limit_burst
= 0;
1486 (void) mkdir_p("/run/systemd/journal", 0755);
1488 s
->user_journals
= ordered_hashmap_new(NULL
);
1489 if (!s
->user_journals
)
1492 s
->mmap
= mmap_cache_new();
1496 r
= sd_event_default(&s
->event
);
1498 return log_error_errno(r
, "Failed to create event loop: %m");
1500 sd_event_set_watchdog(s
->event
, true);
1502 n
= sd_listen_fds(true);
1504 return log_error_errno(n
, "Failed to read listening file descriptors from environment: %m");
1506 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
1508 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
1510 if (s
->native_fd
>= 0) {
1511 log_error("Too many native sockets passed.");
1517 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
1519 if (s
->stdout_fd
>= 0) {
1520 log_error("Too many stdout sockets passed.");
1526 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0 ||
1527 sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1529 if (s
->syslog_fd
>= 0) {
1530 log_error("Too many /dev/log sockets passed.");
1536 } else if (sd_is_socket(fd
, AF_NETLINK
, SOCK_RAW
, -1) > 0) {
1538 if (s
->audit_fd
>= 0) {
1539 log_error("Too many audit sockets passed.");
1553 r
= fdset_put(fds
, fd
);
1559 /* Try to restore streams, but don't bother if this fails */
1560 (void) server_restore_streams(s
, fds
);
1562 if (fdset_size(fds
) > 0) {
1563 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds
));
1564 fds
= fdset_free(fds
);
1567 no_sockets
= s
->native_fd
< 0 && s
->stdout_fd
< 0 && s
->syslog_fd
< 0 && s
->audit_fd
< 0;
1569 /* always open stdout, syslog, native, and kmsg sockets */
1571 /* systemd-journald.socket: /run/systemd/journal/stdout */
1572 r
= server_open_stdout_socket(s
);
1576 /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */
1577 r
= server_open_syslog_socket(s
);
1581 /* systemd-journald.socket: /run/systemd/journal/socket */
1582 r
= server_open_native_socket(s
);
1587 r
= server_open_dev_kmsg(s
);
1591 /* Unless we got *some* sockets and not audit, open audit socket */
1592 if (s
->audit_fd
>= 0 || no_sockets
) {
1593 r
= server_open_audit(s
);
1598 r
= server_open_kernel_seqnum(s
);
1602 r
= server_open_hostname(s
);
1606 r
= setup_signals(s
);
1610 s
->udev
= udev_new();
1614 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
1618 r
= cg_get_root_path(&s
->cgroup_root
);
1622 server_cache_hostname(s
);
1623 server_cache_boot_id(s
);
1624 server_cache_machine_id(s
);
1626 return system_journal_open(s
, false);
1629 void server_maybe_append_tags(Server
*s
) {
1635 n
= now(CLOCK_REALTIME
);
1637 if (s
->system_journal
)
1638 journal_file_maybe_append_tag(s
->system_journal
, n
);
1640 ORDERED_HASHMAP_FOREACH(f
, s
->user_journals
, i
)
1641 journal_file_maybe_append_tag(f
, n
);
1645 void server_done(Server
*s
) {
1649 while (s
->stdout_streams
)
1650 stdout_stream_free(s
->stdout_streams
);
1652 if (s
->system_journal
)
1653 journal_file_close(s
->system_journal
);
1655 if (s
->runtime_journal
)
1656 journal_file_close(s
->runtime_journal
);
1658 while ((f
= ordered_hashmap_steal_first(s
->user_journals
)))
1659 journal_file_close(f
);
1661 ordered_hashmap_free(s
->user_journals
);
1663 sd_event_source_unref(s
->syslog_event_source
);
1664 sd_event_source_unref(s
->native_event_source
);
1665 sd_event_source_unref(s
->stdout_event_source
);
1666 sd_event_source_unref(s
->dev_kmsg_event_source
);
1667 sd_event_source_unref(s
->audit_event_source
);
1668 sd_event_source_unref(s
->sync_event_source
);
1669 sd_event_source_unref(s
->sigusr1_event_source
);
1670 sd_event_source_unref(s
->sigusr2_event_source
);
1671 sd_event_source_unref(s
->sigterm_event_source
);
1672 sd_event_source_unref(s
->sigint_event_source
);
1673 sd_event_source_unref(s
->hostname_event_source
);
1674 sd_event_unref(s
->event
);
1676 safe_close(s
->syslog_fd
);
1677 safe_close(s
->native_fd
);
1678 safe_close(s
->stdout_fd
);
1679 safe_close(s
->dev_kmsg_fd
);
1680 safe_close(s
->audit_fd
);
1681 safe_close(s
->hostname_fd
);
1684 journal_rate_limit_free(s
->rate_limit
);
1686 if (s
->kernel_seqnum
)
1687 munmap(s
->kernel_seqnum
, sizeof(uint64_t));
1691 free(s
->cgroup_root
);
1692 free(s
->hostname_field
);
1695 mmap_cache_unref(s
->mmap
);
1697 udev_unref(s
->udev
);
1700 static const char* const storage_table
[_STORAGE_MAX
] = {
1701 [STORAGE_AUTO
] = "auto",
1702 [STORAGE_VOLATILE
] = "volatile",
1703 [STORAGE_PERSISTENT
] = "persistent",
1704 [STORAGE_NONE
] = "none"
1707 DEFINE_STRING_TABLE_LOOKUP(storage
, Storage
);
1708 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage
, storage
, Storage
, "Failed to parse storage setting");
1710 static const char* const split_mode_table
[_SPLIT_MAX
] = {
1711 [SPLIT_LOGIN
] = "login",
1712 [SPLIT_UID
] = "uid",
1713 [SPLIT_NONE
] = "none",
1716 DEFINE_STRING_TABLE_LOOKUP(split_mode
, SplitMode
);
1717 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode
, split_mode
, SplitMode
, "Failed to parse split mode setting");