]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-syslog.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tree-wide: drop license boilerplate
[thirdparty/systemd.git] / src / journal / journald-syslog.c
1 /* SPDX-License-Identifier: LGPL-2.1+ */
2 /***
3 This file is part of systemd.
4
5 Copyright 2011 Lennart Poettering
6 ***/
7
8 #include <stddef.h>
9 #include <sys/epoll.h>
10 #include <unistd.h>
11
12 #include "sd-messages.h"
13
14 #include "alloc-util.h"
15 #include "fd-util.h"
16 #include "format-util.h"
17 #include "io-util.h"
18 #include "journald-console.h"
19 #include "journald-kmsg.h"
20 #include "journald-server.h"
21 #include "journald-syslog.h"
22 #include "journald-wall.h"
23 #include "process-util.h"
24 #include "selinux-util.h"
25 #include "socket-util.h"
26 #include "stdio-util.h"
27 #include "string-util.h"
28 #include "syslog-util.h"
29
30 /* Warn once every 30s if we missed syslog message */
31 #define WARN_FORWARD_SYSLOG_MISSED_USEC (30 * USEC_PER_SEC)
32
33 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, const struct ucred *ucred, const struct timeval *tv) {
34
35 static const union sockaddr_union sa = {
36 .un.sun_family = AF_UNIX,
37 .un.sun_path = "/run/systemd/journal/syslog",
38 };
39 struct msghdr msghdr = {
40 .msg_iov = (struct iovec *) iovec,
41 .msg_iovlen = n_iovec,
42 .msg_name = (struct sockaddr*) &sa.sa,
43 .msg_namelen = SOCKADDR_UN_LEN(sa.un),
44 };
45 struct cmsghdr *cmsg;
46 union {
47 struct cmsghdr cmsghdr;
48 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
49 } control;
50
51 assert(s);
52 assert(iovec);
53 assert(n_iovec > 0);
54
55 if (ucred) {
56 zero(control);
57 msghdr.msg_control = &control;
58 msghdr.msg_controllen = sizeof(control);
59
60 cmsg = CMSG_FIRSTHDR(&msghdr);
61 cmsg->cmsg_level = SOL_SOCKET;
62 cmsg->cmsg_type = SCM_CREDENTIALS;
63 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
64 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
65 msghdr.msg_controllen = cmsg->cmsg_len;
66 }
67
68 /* Forward the syslog message we received via /dev/log to
69 * /run/systemd/syslog. Unfortunately we currently can't set
70 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
71
72 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
73 return;
74
75 /* The socket is full? I guess the syslog implementation is
76 * too slow, and we shouldn't wait for that... */
77 if (errno == EAGAIN) {
78 s->n_forward_syslog_missed++;
79 return;
80 }
81
82 if (ucred && IN_SET(errno, ESRCH, EPERM)) {
83 struct ucred u;
84
85 /* Hmm, presumably the sender process vanished
86 * by now, or we don't have CAP_SYS_AMDIN, so
87 * let's fix it as good as we can, and retry */
88
89 u = *ucred;
90 u.pid = getpid_cached();
91 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
92
93 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
94 return;
95
96 if (errno == EAGAIN) {
97 s->n_forward_syslog_missed++;
98 return;
99 }
100 }
101
102 if (errno != ENOENT)
103 log_debug_errno(errno, "Failed to forward syslog message: %m");
104 }
105
106 static void forward_syslog_raw(Server *s, int priority, const char *buffer, const struct ucred *ucred, const struct timeval *tv) {
107 struct iovec iovec;
108
109 assert(s);
110 assert(buffer);
111
112 if (LOG_PRI(priority) > s->max_level_syslog)
113 return;
114
115 iovec = IOVEC_MAKE_STRING(buffer);
116 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
117 }
118
119 void server_forward_syslog(Server *s, int priority, const char *identifier, const char *message, const struct ucred *ucred, const struct timeval *tv) {
120 struct iovec iovec[5];
121 char header_priority[DECIMAL_STR_MAX(priority) + 3], header_time[64],
122 header_pid[STRLEN("[]: ") + DECIMAL_STR_MAX(pid_t) + 1];
123 int n = 0;
124 time_t t;
125 struct tm *tm;
126 _cleanup_free_ char *ident_buf = NULL;
127
128 assert(s);
129 assert(priority >= 0);
130 assert(priority <= 999);
131 assert(message);
132
133 if (LOG_PRI(priority) > s->max_level_syslog)
134 return;
135
136 /* First: priority field */
137 xsprintf(header_priority, "<%i>", priority);
138 iovec[n++] = IOVEC_MAKE_STRING(header_priority);
139
140 /* Second: timestamp */
141 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
142 tm = localtime(&t);
143 if (!tm)
144 return;
145 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
146 return;
147 iovec[n++] = IOVEC_MAKE_STRING(header_time);
148
149 /* Third: identifier and PID */
150 if (ucred) {
151 if (!identifier) {
152 get_process_comm(ucred->pid, &ident_buf);
153 identifier = ident_buf;
154 }
155
156 xsprintf(header_pid, "["PID_FMT"]: ", ucred->pid);
157
158 if (identifier)
159 iovec[n++] = IOVEC_MAKE_STRING(identifier);
160
161 iovec[n++] = IOVEC_MAKE_STRING(header_pid);
162 } else if (identifier) {
163 iovec[n++] = IOVEC_MAKE_STRING(identifier);
164 iovec[n++] = IOVEC_MAKE_STRING(": ");
165 }
166
167 /* Fourth: message */
168 iovec[n++] = IOVEC_MAKE_STRING(message);
169
170 forward_syslog_iovec(s, iovec, n, ucred, tv);
171 }
172
173 int syslog_fixup_facility(int priority) {
174
175 if ((priority & LOG_FACMASK) == 0)
176 return (priority & LOG_PRIMASK) | LOG_USER;
177
178 return priority;
179 }
180
181 size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) {
182 const char *p;
183 char *t;
184 size_t l, e;
185
186 assert(buf);
187 assert(identifier);
188 assert(pid);
189
190 p = *buf;
191
192 p += strspn(p, WHITESPACE);
193 l = strcspn(p, WHITESPACE);
194
195 if (l <= 0 ||
196 p[l-1] != ':')
197 return 0;
198
199 e = l;
200 l--;
201
202 if (p[l-1] == ']') {
203 size_t k = l-1;
204
205 for (;;) {
206
207 if (p[k] == '[') {
208 t = strndup(p+k+1, l-k-2);
209 if (t)
210 *pid = t;
211
212 l = k;
213 break;
214 }
215
216 if (k == 0)
217 break;
218
219 k--;
220 }
221 }
222
223 t = strndup(p, l);
224 if (t)
225 *identifier = t;
226
227 if (strchr(WHITESPACE, p[e]))
228 e++;
229 *buf = p + e;
230 return e;
231 }
232
233 static void syslog_skip_date(char **buf) {
234 enum {
235 LETTER,
236 SPACE,
237 NUMBER,
238 SPACE_OR_NUMBER,
239 COLON
240 } sequence[] = {
241 LETTER, LETTER, LETTER,
242 SPACE,
243 SPACE_OR_NUMBER, NUMBER,
244 SPACE,
245 SPACE_OR_NUMBER, NUMBER,
246 COLON,
247 SPACE_OR_NUMBER, NUMBER,
248 COLON,
249 SPACE_OR_NUMBER, NUMBER,
250 SPACE
251 };
252
253 char *p;
254 unsigned i;
255
256 assert(buf);
257 assert(*buf);
258
259 p = *buf;
260
261 for (i = 0; i < ELEMENTSOF(sequence); i++, p++) {
262
263 if (!*p)
264 return;
265
266 switch (sequence[i]) {
267
268 case SPACE:
269 if (*p != ' ')
270 return;
271 break;
272
273 case SPACE_OR_NUMBER:
274 if (*p == ' ')
275 break;
276
277 _fallthrough_;
278 case NUMBER:
279 if (*p < '0' || *p > '9')
280 return;
281
282 break;
283
284 case LETTER:
285 if (!(*p >= 'A' && *p <= 'Z') &&
286 !(*p >= 'a' && *p <= 'z'))
287 return;
288
289 break;
290
291 case COLON:
292 if (*p != ':')
293 return;
294 break;
295
296 }
297 }
298
299 *buf = p;
300 }
301
302 void server_process_syslog_message(
303 Server *s,
304 const char *buf,
305 const struct ucred *ucred,
306 const struct timeval *tv,
307 const char *label,
308 size_t label_len) {
309
310 char syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
311 syslog_facility[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
312 const char *message = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
313 _cleanup_free_ char *identifier = NULL, *pid = NULL;
314 int priority = LOG_USER | LOG_INFO, r;
315 ClientContext *context = NULL;
316 struct iovec *iovec;
317 const char *orig;
318 size_t n = 0, m;
319
320 assert(s);
321 assert(buf);
322
323 if (ucred && pid_is_valid(ucred->pid)) {
324 r = client_context_get(s, ucred->pid, ucred, label, label_len, NULL, &context);
325 if (r < 0)
326 log_warning_errno(r, "Failed to retrieve credentials for PID " PID_FMT ", ignoring: %m", ucred->pid);
327 }
328
329 orig = buf;
330 syslog_parse_priority(&buf, &priority, true);
331
332 if (!client_context_test_priority(context, priority))
333 return;
334
335 if (s->forward_to_syslog)
336 forward_syslog_raw(s, priority, orig, ucred, tv);
337
338 syslog_skip_date((char**) &buf);
339 syslog_parse_identifier(&buf, &identifier, &pid);
340
341 if (s->forward_to_kmsg)
342 server_forward_kmsg(s, priority, identifier, buf, ucred);
343
344 if (s->forward_to_console)
345 server_forward_console(s, priority, identifier, buf, ucred);
346
347 if (s->forward_to_wall)
348 server_forward_wall(s, priority, identifier, buf, ucred);
349
350 m = N_IOVEC_META_FIELDS + 6 + client_context_extra_fields_n_iovec(context);
351 iovec = newa(struct iovec, m);
352
353 iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog");
354
355 xsprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK);
356 iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
357
358 if (priority & LOG_FACMASK) {
359 xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
360 iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
361 }
362
363 if (identifier) {
364 syslog_identifier = strjoina("SYSLOG_IDENTIFIER=", identifier);
365 iovec[n++] = IOVEC_MAKE_STRING(syslog_identifier);
366 }
367
368 if (pid) {
369 syslog_pid = strjoina("SYSLOG_PID=", pid);
370 iovec[n++] = IOVEC_MAKE_STRING(syslog_pid);
371 }
372
373 message = strjoina("MESSAGE=", buf);
374 if (message)
375 iovec[n++] = IOVEC_MAKE_STRING(message);
376
377 server_dispatch_message(s, iovec, n, m, context, tv, priority, 0);
378 }
379
380 int server_open_syslog_socket(Server *s) {
381
382 static const union sockaddr_union sa = {
383 .un.sun_family = AF_UNIX,
384 .un.sun_path = "/run/systemd/journal/dev-log",
385 };
386 static const int one = 1;
387 int r;
388
389 assert(s);
390
391 if (s->syslog_fd < 0) {
392 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
393 if (s->syslog_fd < 0)
394 return log_error_errno(errno, "socket() failed: %m");
395
396 (void) unlink(sa.un.sun_path);
397
398 r = bind(s->syslog_fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
399 if (r < 0)
400 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
401
402 (void) chmod(sa.un.sun_path, 0666);
403 } else
404 fd_nonblock(s->syslog_fd, 1);
405
406 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
407 if (r < 0)
408 return log_error_errno(errno, "SO_PASSCRED failed: %m");
409
410 #if HAVE_SELINUX
411 if (mac_selinux_use()) {
412 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
413 if (r < 0)
414 log_warning_errno(errno, "SO_PASSSEC failed: %m");
415 }
416 #endif
417
418 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
419 if (r < 0)
420 return log_error_errno(errno, "SO_TIMESTAMP failed: %m");
421
422 r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, server_process_datagram, s);
423 if (r < 0)
424 return log_error_errno(r, "Failed to add syslog server fd to event loop: %m");
425
426 r = sd_event_source_set_priority(s->syslog_event_source, SD_EVENT_PRIORITY_NORMAL+5);
427 if (r < 0)
428 return log_error_errno(r, "Failed to adjust syslog event source priority: %m");
429
430 return 0;
431 }
432
433 void server_maybe_warn_forward_syslog_missed(Server *s) {
434 usec_t n;
435
436 assert(s);
437
438 if (s->n_forward_syslog_missed <= 0)
439 return;
440
441 n = now(CLOCK_MONOTONIC);
442 if (s->last_warn_forward_syslog_missed + WARN_FORWARD_SYSLOG_MISSED_USEC > n)
443 return;
444
445 server_driver_message(s, 0,
446 "MESSAGE_ID=" SD_MESSAGE_FORWARD_SYSLOG_MISSED_STR,
447 LOG_MESSAGE("Forwarding to syslog missed %u messages.",
448 s->n_forward_syslog_missed),
449 NULL);
450
451 s->n_forward_syslog_missed = 0;
452 s->last_warn_forward_syslog_missed = n;
453 }
Unnamed repository; edit this file 'description' to name the repository.