]> git.ipfire.org Git - thirdparty/systemd.git/blob - src/journal/journald-syslog.c
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
build-sys: use #if Y instead of #ifdef Y everywhere
[thirdparty/systemd.git] / src / journal / journald-syslog.c
1 /***
2 This file is part of systemd.
3
4 Copyright 2011 Lennart Poettering
5
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
10
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
15
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
18 ***/
19
20 #include <stddef.h>
21 #include <sys/epoll.h>
22 #include <unistd.h>
23
24 #include "sd-messages.h"
25
26 #include "alloc-util.h"
27 #include "fd-util.h"
28 #include "format-util.h"
29 #include "io-util.h"
30 #include "journald-console.h"
31 #include "journald-kmsg.h"
32 #include "journald-server.h"
33 #include "journald-syslog.h"
34 #include "journald-wall.h"
35 #include "process-util.h"
36 #include "selinux-util.h"
37 #include "socket-util.h"
38 #include "stdio-util.h"
39 #include "string-util.h"
40 #include "syslog-util.h"
41
42 /* Warn once every 30s if we missed syslog message */
43 #define WARN_FORWARD_SYSLOG_MISSED_USEC (30 * USEC_PER_SEC)
44
45 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, const struct ucred *ucred, const struct timeval *tv) {
46
47 static const union sockaddr_union sa = {
48 .un.sun_family = AF_UNIX,
49 .un.sun_path = "/run/systemd/journal/syslog",
50 };
51 struct msghdr msghdr = {
52 .msg_iov = (struct iovec *) iovec,
53 .msg_iovlen = n_iovec,
54 .msg_name = (struct sockaddr*) &sa.sa,
55 .msg_namelen = SOCKADDR_UN_LEN(sa.un),
56 };
57 struct cmsghdr *cmsg;
58 union {
59 struct cmsghdr cmsghdr;
60 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
61 } control;
62
63 assert(s);
64 assert(iovec);
65 assert(n_iovec > 0);
66
67 if (ucred) {
68 zero(control);
69 msghdr.msg_control = &control;
70 msghdr.msg_controllen = sizeof(control);
71
72 cmsg = CMSG_FIRSTHDR(&msghdr);
73 cmsg->cmsg_level = SOL_SOCKET;
74 cmsg->cmsg_type = SCM_CREDENTIALS;
75 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
76 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
77 msghdr.msg_controllen = cmsg->cmsg_len;
78 }
79
80 /* Forward the syslog message we received via /dev/log to
81 * /run/systemd/syslog. Unfortunately we currently can't set
82 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
83
84 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
85 return;
86
87 /* The socket is full? I guess the syslog implementation is
88 * too slow, and we shouldn't wait for that... */
89 if (errno == EAGAIN) {
90 s->n_forward_syslog_missed++;
91 return;
92 }
93
94 if (ucred && IN_SET(errno, ESRCH, EPERM)) {
95 struct ucred u;
96
97 /* Hmm, presumably the sender process vanished
98 * by now, or we don't have CAP_SYS_AMDIN, so
99 * let's fix it as good as we can, and retry */
100
101 u = *ucred;
102 u.pid = getpid_cached();
103 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
104
105 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
106 return;
107
108 if (errno == EAGAIN) {
109 s->n_forward_syslog_missed++;
110 return;
111 }
112 }
113
114 if (errno != ENOENT)
115 log_debug_errno(errno, "Failed to forward syslog message: %m");
116 }
117
118 static void forward_syslog_raw(Server *s, int priority, const char *buffer, const struct ucred *ucred, const struct timeval *tv) {
119 struct iovec iovec;
120
121 assert(s);
122 assert(buffer);
123
124 if (LOG_PRI(priority) > s->max_level_syslog)
125 return;
126
127 iovec = IOVEC_MAKE_STRING(buffer);
128 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
129 }
130
131 void server_forward_syslog(Server *s, int priority, const char *identifier, const char *message, const struct ucred *ucred, const struct timeval *tv) {
132 struct iovec iovec[5];
133 char header_priority[DECIMAL_STR_MAX(priority) + 3], header_time[64],
134 header_pid[sizeof("[]: ")-1 + DECIMAL_STR_MAX(pid_t) + 1];
135 int n = 0;
136 time_t t;
137 struct tm *tm;
138 _cleanup_free_ char *ident_buf = NULL;
139
140 assert(s);
141 assert(priority >= 0);
142 assert(priority <= 999);
143 assert(message);
144
145 if (LOG_PRI(priority) > s->max_level_syslog)
146 return;
147
148 /* First: priority field */
149 xsprintf(header_priority, "<%i>", priority);
150 iovec[n++] = IOVEC_MAKE_STRING(header_priority);
151
152 /* Second: timestamp */
153 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
154 tm = localtime(&t);
155 if (!tm)
156 return;
157 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
158 return;
159 iovec[n++] = IOVEC_MAKE_STRING(header_time);
160
161 /* Third: identifier and PID */
162 if (ucred) {
163 if (!identifier) {
164 get_process_comm(ucred->pid, &ident_buf);
165 identifier = ident_buf;
166 }
167
168 xsprintf(header_pid, "["PID_FMT"]: ", ucred->pid);
169
170 if (identifier)
171 iovec[n++] = IOVEC_MAKE_STRING(identifier);
172
173 iovec[n++] = IOVEC_MAKE_STRING(header_pid);
174 } else if (identifier) {
175 iovec[n++] = IOVEC_MAKE_STRING(identifier);
176 iovec[n++] = IOVEC_MAKE_STRING(": ");
177 }
178
179 /* Fourth: message */
180 iovec[n++] = IOVEC_MAKE_STRING(message);
181
182 forward_syslog_iovec(s, iovec, n, ucred, tv);
183 }
184
185 int syslog_fixup_facility(int priority) {
186
187 if ((priority & LOG_FACMASK) == 0)
188 return (priority & LOG_PRIMASK) | LOG_USER;
189
190 return priority;
191 }
192
193 size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) {
194 const char *p;
195 char *t;
196 size_t l, e;
197
198 assert(buf);
199 assert(identifier);
200 assert(pid);
201
202 p = *buf;
203
204 p += strspn(p, WHITESPACE);
205 l = strcspn(p, WHITESPACE);
206
207 if (l <= 0 ||
208 p[l-1] != ':')
209 return 0;
210
211 e = l;
212 l--;
213
214 if (p[l-1] == ']') {
215 size_t k = l-1;
216
217 for (;;) {
218
219 if (p[k] == '[') {
220 t = strndup(p+k+1, l-k-2);
221 if (t)
222 *pid = t;
223
224 l = k;
225 break;
226 }
227
228 if (k == 0)
229 break;
230
231 k--;
232 }
233 }
234
235 t = strndup(p, l);
236 if (t)
237 *identifier = t;
238
239 if (strchr(WHITESPACE, p[e]))
240 e++;
241 *buf = p + e;
242 return e;
243 }
244
245 static void syslog_skip_date(char **buf) {
246 enum {
247 LETTER,
248 SPACE,
249 NUMBER,
250 SPACE_OR_NUMBER,
251 COLON
252 } sequence[] = {
253 LETTER, LETTER, LETTER,
254 SPACE,
255 SPACE_OR_NUMBER, NUMBER,
256 SPACE,
257 SPACE_OR_NUMBER, NUMBER,
258 COLON,
259 SPACE_OR_NUMBER, NUMBER,
260 COLON,
261 SPACE_OR_NUMBER, NUMBER,
262 SPACE
263 };
264
265 char *p;
266 unsigned i;
267
268 assert(buf);
269 assert(*buf);
270
271 p = *buf;
272
273 for (i = 0; i < ELEMENTSOF(sequence); i++, p++) {
274
275 if (!*p)
276 return;
277
278 switch (sequence[i]) {
279
280 case SPACE:
281 if (*p != ' ')
282 return;
283 break;
284
285 case SPACE_OR_NUMBER:
286 if (*p == ' ')
287 break;
288
289 /* fall through */
290
291 case NUMBER:
292 if (*p < '0' || *p > '9')
293 return;
294
295 break;
296
297 case LETTER:
298 if (!(*p >= 'A' && *p <= 'Z') &&
299 !(*p >= 'a' && *p <= 'z'))
300 return;
301
302 break;
303
304 case COLON:
305 if (*p != ':')
306 return;
307 break;
308
309 }
310 }
311
312 *buf = p;
313 }
314
315 void server_process_syslog_message(
316 Server *s,
317 const char *buf,
318 const struct ucred *ucred,
319 const struct timeval *tv,
320 const char *label,
321 size_t label_len) {
322
323 char syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
324 syslog_facility[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
325 const char *message = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
326 _cleanup_free_ char *identifier = NULL, *pid = NULL;
327 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
328 int priority = LOG_USER | LOG_INFO, r;
329 ClientContext *context = NULL;
330 const char *orig;
331 unsigned n = 0;
332
333 assert(s);
334 assert(buf);
335
336 orig = buf;
337 syslog_parse_priority(&buf, &priority, true);
338
339 if (s->forward_to_syslog)
340 forward_syslog_raw(s, priority, orig, ucred, tv);
341
342 syslog_skip_date((char**) &buf);
343 syslog_parse_identifier(&buf, &identifier, &pid);
344
345 if (s->forward_to_kmsg)
346 server_forward_kmsg(s, priority, identifier, buf, ucred);
347
348 if (s->forward_to_console)
349 server_forward_console(s, priority, identifier, buf, ucred);
350
351 if (s->forward_to_wall)
352 server_forward_wall(s, priority, identifier, buf, ucred);
353
354 iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog");
355
356 xsprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK);
357 iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
358
359 if (priority & LOG_FACMASK) {
360 xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
361 iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
362 }
363
364 if (identifier) {
365 syslog_identifier = strjoina("SYSLOG_IDENTIFIER=", identifier);
366 iovec[n++] = IOVEC_MAKE_STRING(syslog_identifier);
367 }
368
369 if (pid) {
370 syslog_pid = strjoina("SYSLOG_PID=", pid);
371 iovec[n++] = IOVEC_MAKE_STRING(syslog_pid);
372 }
373
374 message = strjoina("MESSAGE=", buf);
375 if (message)
376 iovec[n++] = IOVEC_MAKE_STRING(message);
377
378 if (ucred && pid_is_valid(ucred->pid)) {
379 r = client_context_get(s, ucred->pid, ucred, label, label_len, NULL, &context);
380 if (r < 0)
381 log_warning_errno(r, "Failed to retrieve credentials for PID " PID_FMT ", ignoring: %m", ucred->pid);
382 }
383
384 server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), context, tv, priority, 0);
385 }
386
387 int server_open_syslog_socket(Server *s) {
388
389 static const union sockaddr_union sa = {
390 .un.sun_family = AF_UNIX,
391 .un.sun_path = "/run/systemd/journal/dev-log",
392 };
393 static const int one = 1;
394 int r;
395
396 assert(s);
397
398 if (s->syslog_fd < 0) {
399 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
400 if (s->syslog_fd < 0)
401 return log_error_errno(errno, "socket() failed: %m");
402
403 (void) unlink(sa.un.sun_path);
404
405 r = bind(s->syslog_fd, &sa.sa, SOCKADDR_UN_LEN(sa.un));
406 if (r < 0)
407 return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
408
409 (void) chmod(sa.un.sun_path, 0666);
410 } else
411 fd_nonblock(s->syslog_fd, 1);
412
413 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
414 if (r < 0)
415 return log_error_errno(errno, "SO_PASSCRED failed: %m");
416
417 #if HAVE_SELINUX
418 if (mac_selinux_use()) {
419 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
420 if (r < 0)
421 log_warning_errno(errno, "SO_PASSSEC failed: %m");
422 }
423 #endif
424
425 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
426 if (r < 0)
427 return log_error_errno(errno, "SO_TIMESTAMP failed: %m");
428
429 r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, server_process_datagram, s);
430 if (r < 0)
431 return log_error_errno(r, "Failed to add syslog server fd to event loop: %m");
432
433 r = sd_event_source_set_priority(s->syslog_event_source, SD_EVENT_PRIORITY_NORMAL+5);
434 if (r < 0)
435 return log_error_errno(r, "Failed to adjust syslog event source priority: %m");
436
437 return 0;
438 }
439
440 void server_maybe_warn_forward_syslog_missed(Server *s) {
441 usec_t n;
442
443 assert(s);
444
445 if (s->n_forward_syslog_missed <= 0)
446 return;
447
448 n = now(CLOCK_MONOTONIC);
449 if (s->last_warn_forward_syslog_missed + WARN_FORWARD_SYSLOG_MISSED_USEC > n)
450 return;
451
452 server_driver_message(s,
453 "MESSAGE_ID=" SD_MESSAGE_FORWARD_SYSLOG_MISSED_STR,
454 LOG_MESSAGE("Forwarding to syslog missed %u messages.",
455 s->n_forward_syslog_missed),
456 NULL);
457
458 s->n_forward_syslog_missed = 0;
459 s->last_warn_forward_syslog_missed = n;
460 }
Unnamed repository; edit this file 'description' to name the repository.