2 This file is part of systemd.
4 Copyright 2011 Lennart Poettering
6 systemd is free software; you can redistribute it and/or modify it
7 under the terms of the GNU Lesser General Public License as published by
8 the Free Software Foundation; either version 2.1 of the License, or
9 (at your option) any later version.
11 systemd is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 Lesser General Public License for more details.
16 You should have received a copy of the GNU Lesser General Public License
17 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21 #include <sys/epoll.h>
24 #include "sd-messages.h"
26 #include "alloc-util.h"
28 #include "format-util.h"
30 #include "journald-console.h"
31 #include "journald-kmsg.h"
32 #include "journald-server.h"
33 #include "journald-syslog.h"
34 #include "journald-wall.h"
35 #include "process-util.h"
36 #include "selinux-util.h"
37 #include "socket-util.h"
38 #include "stdio-util.h"
39 #include "string-util.h"
40 #include "syslog-util.h"
42 /* Warn once every 30s if we missed syslog message */
43 #define WARN_FORWARD_SYSLOG_MISSED_USEC (30 * USEC_PER_SEC)
45 static void forward_syslog_iovec(Server
*s
, const struct iovec
*iovec
, unsigned n_iovec
, const struct ucred
*ucred
, const struct timeval
*tv
) {
47 static const union sockaddr_union sa
= {
48 .un
.sun_family
= AF_UNIX
,
49 .un
.sun_path
= "/run/systemd/journal/syslog",
51 struct msghdr msghdr
= {
52 .msg_iov
= (struct iovec
*) iovec
,
53 .msg_iovlen
= n_iovec
,
54 .msg_name
= (struct sockaddr
*) &sa
.sa
,
55 .msg_namelen
= SOCKADDR_UN_LEN(sa
.un
),
59 struct cmsghdr cmsghdr
;
60 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
))];
69 msghdr
.msg_control
= &control
;
70 msghdr
.msg_controllen
= sizeof(control
);
72 cmsg
= CMSG_FIRSTHDR(&msghdr
);
73 cmsg
->cmsg_level
= SOL_SOCKET
;
74 cmsg
->cmsg_type
= SCM_CREDENTIALS
;
75 cmsg
->cmsg_len
= CMSG_LEN(sizeof(struct ucred
));
76 memcpy(CMSG_DATA(cmsg
), ucred
, sizeof(struct ucred
));
77 msghdr
.msg_controllen
= cmsg
->cmsg_len
;
80 /* Forward the syslog message we received via /dev/log to
81 * /run/systemd/syslog. Unfortunately we currently can't set
82 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
84 if (sendmsg(s
->syslog_fd
, &msghdr
, MSG_NOSIGNAL
) >= 0)
87 /* The socket is full? I guess the syslog implementation is
88 * too slow, and we shouldn't wait for that... */
89 if (errno
== EAGAIN
) {
90 s
->n_forward_syslog_missed
++;
94 if (ucred
&& IN_SET(errno
, ESRCH
, EPERM
)) {
97 /* Hmm, presumably the sender process vanished
98 * by now, or we don't have CAP_SYS_AMDIN, so
99 * let's fix it as good as we can, and retry */
102 u
.pid
= getpid_cached();
103 memcpy(CMSG_DATA(cmsg
), &u
, sizeof(struct ucred
));
105 if (sendmsg(s
->syslog_fd
, &msghdr
, MSG_NOSIGNAL
) >= 0)
108 if (errno
== EAGAIN
) {
109 s
->n_forward_syslog_missed
++;
115 log_debug_errno(errno
, "Failed to forward syslog message: %m");
118 static void forward_syslog_raw(Server
*s
, int priority
, const char *buffer
, const struct ucred
*ucred
, const struct timeval
*tv
) {
124 if (LOG_PRI(priority
) > s
->max_level_syslog
)
127 iovec
= IOVEC_MAKE_STRING(buffer
);
128 forward_syslog_iovec(s
, &iovec
, 1, ucred
, tv
);
131 void server_forward_syslog(Server
*s
, int priority
, const char *identifier
, const char *message
, const struct ucred
*ucred
, const struct timeval
*tv
) {
132 struct iovec iovec
[5];
133 char header_priority
[DECIMAL_STR_MAX(priority
) + 3], header_time
[64],
134 header_pid
[sizeof("[]: ")-1 + DECIMAL_STR_MAX(pid_t
) + 1];
138 _cleanup_free_
char *ident_buf
= NULL
;
141 assert(priority
>= 0);
142 assert(priority
<= 999);
145 if (LOG_PRI(priority
) > s
->max_level_syslog
)
148 /* First: priority field */
149 xsprintf(header_priority
, "<%i>", priority
);
150 iovec
[n
++] = IOVEC_MAKE_STRING(header_priority
);
152 /* Second: timestamp */
153 t
= tv
? tv
->tv_sec
: ((time_t) (now(CLOCK_REALTIME
) / USEC_PER_SEC
));
157 if (strftime(header_time
, sizeof(header_time
), "%h %e %T ", tm
) <= 0)
159 iovec
[n
++] = IOVEC_MAKE_STRING(header_time
);
161 /* Third: identifier and PID */
164 get_process_comm(ucred
->pid
, &ident_buf
);
165 identifier
= ident_buf
;
168 xsprintf(header_pid
, "["PID_FMT
"]: ", ucred
->pid
);
171 iovec
[n
++] = IOVEC_MAKE_STRING(identifier
);
173 iovec
[n
++] = IOVEC_MAKE_STRING(header_pid
);
174 } else if (identifier
) {
175 iovec
[n
++] = IOVEC_MAKE_STRING(identifier
);
176 iovec
[n
++] = IOVEC_MAKE_STRING(": ");
179 /* Fourth: message */
180 iovec
[n
++] = IOVEC_MAKE_STRING(message
);
182 forward_syslog_iovec(s
, iovec
, n
, ucred
, tv
);
185 int syslog_fixup_facility(int priority
) {
187 if ((priority
& LOG_FACMASK
) == 0)
188 return (priority
& LOG_PRIMASK
) | LOG_USER
;
193 size_t syslog_parse_identifier(const char **buf
, char **identifier
, char **pid
) {
204 p
+= strspn(p
, WHITESPACE
);
205 l
= strcspn(p
, WHITESPACE
);
220 t
= strndup(p
+k
+1, l
-k
-2);
239 if (strchr(WHITESPACE
, p
[e
]))
245 static void syslog_skip_date(char **buf
) {
253 LETTER
, LETTER
, LETTER
,
255 SPACE_OR_NUMBER
, NUMBER
,
257 SPACE_OR_NUMBER
, NUMBER
,
259 SPACE_OR_NUMBER
, NUMBER
,
261 SPACE_OR_NUMBER
, NUMBER
,
273 for (i
= 0; i
< ELEMENTSOF(sequence
); i
++, p
++) {
278 switch (sequence
[i
]) {
285 case SPACE_OR_NUMBER
:
292 if (*p
< '0' || *p
> '9')
298 if (!(*p
>= 'A' && *p
<= 'Z') &&
299 !(*p
>= 'a' && *p
<= 'z'))
315 void server_process_syslog_message(
318 const struct ucred
*ucred
,
319 const struct timeval
*tv
,
323 char syslog_priority
[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
324 syslog_facility
[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
325 const char *message
= NULL
, *syslog_identifier
= NULL
, *syslog_pid
= NULL
;
326 _cleanup_free_
char *identifier
= NULL
, *pid
= NULL
;
327 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
328 int priority
= LOG_USER
| LOG_INFO
, r
;
329 ClientContext
*context
= NULL
;
337 syslog_parse_priority(&buf
, &priority
, true);
339 if (s
->forward_to_syslog
)
340 forward_syslog_raw(s
, priority
, orig
, ucred
, tv
);
342 syslog_skip_date((char**) &buf
);
343 syslog_parse_identifier(&buf
, &identifier
, &pid
);
345 if (s
->forward_to_kmsg
)
346 server_forward_kmsg(s
, priority
, identifier
, buf
, ucred
);
348 if (s
->forward_to_console
)
349 server_forward_console(s
, priority
, identifier
, buf
, ucred
);
351 if (s
->forward_to_wall
)
352 server_forward_wall(s
, priority
, identifier
, buf
, ucred
);
354 iovec
[n
++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog");
356 xsprintf(syslog_priority
, "PRIORITY=%i", priority
& LOG_PRIMASK
);
357 iovec
[n
++] = IOVEC_MAKE_STRING(syslog_priority
);
359 if (priority
& LOG_FACMASK
) {
360 xsprintf(syslog_facility
, "SYSLOG_FACILITY=%i", LOG_FAC(priority
));
361 iovec
[n
++] = IOVEC_MAKE_STRING(syslog_facility
);
365 syslog_identifier
= strjoina("SYSLOG_IDENTIFIER=", identifier
);
366 iovec
[n
++] = IOVEC_MAKE_STRING(syslog_identifier
);
370 syslog_pid
= strjoina("SYSLOG_PID=", pid
);
371 iovec
[n
++] = IOVEC_MAKE_STRING(syslog_pid
);
374 message
= strjoina("MESSAGE=", buf
);
376 iovec
[n
++] = IOVEC_MAKE_STRING(message
);
378 if (ucred
&& pid_is_valid(ucred
->pid
)) {
379 r
= client_context_get(s
, ucred
->pid
, ucred
, label
, label_len
, NULL
, &context
);
381 log_warning_errno(r
, "Failed to retrieve credentials for PID " PID_FMT
", ignoring: %m", ucred
->pid
);
384 server_dispatch_message(s
, iovec
, n
, ELEMENTSOF(iovec
), context
, tv
, priority
, 0);
387 int server_open_syslog_socket(Server
*s
) {
389 static const union sockaddr_union sa
= {
390 .un
.sun_family
= AF_UNIX
,
391 .un
.sun_path
= "/run/systemd/journal/dev-log",
393 static const int one
= 1;
398 if (s
->syslog_fd
< 0) {
399 s
->syslog_fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
400 if (s
->syslog_fd
< 0)
401 return log_error_errno(errno
, "socket() failed: %m");
403 (void) unlink(sa
.un
.sun_path
);
405 r
= bind(s
->syslog_fd
, &sa
.sa
, SOCKADDR_UN_LEN(sa
.un
));
407 return log_error_errno(errno
, "bind(%s) failed: %m", sa
.un
.sun_path
);
409 (void) chmod(sa
.un
.sun_path
, 0666);
411 fd_nonblock(s
->syslog_fd
, 1);
413 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
));
415 return log_error_errno(errno
, "SO_PASSCRED failed: %m");
418 if (mac_selinux_use()) {
419 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_PASSSEC
, &one
, sizeof(one
));
421 log_warning_errno(errno
, "SO_PASSSEC failed: %m");
425 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_TIMESTAMP
, &one
, sizeof(one
));
427 return log_error_errno(errno
, "SO_TIMESTAMP failed: %m");
429 r
= sd_event_add_io(s
->event
, &s
->syslog_event_source
, s
->syslog_fd
, EPOLLIN
, server_process_datagram
, s
);
431 return log_error_errno(r
, "Failed to add syslog server fd to event loop: %m");
433 r
= sd_event_source_set_priority(s
->syslog_event_source
, SD_EVENT_PRIORITY_NORMAL
+5);
435 return log_error_errno(r
, "Failed to adjust syslog event source priority: %m");
440 void server_maybe_warn_forward_syslog_missed(Server
*s
) {
445 if (s
->n_forward_syslog_missed
<= 0)
448 n
= now(CLOCK_MONOTONIC
);
449 if (s
->last_warn_forward_syslog_missed
+ WARN_FORWARD_SYSLOG_MISSED_USEC
> n
)
452 server_driver_message(s
,
453 "MESSAGE_ID=" SD_MESSAGE_FORWARD_SYSLOG_MISSED_STR
,
454 LOG_MESSAGE("Forwarding to syslog missed %u messages.",
455 s
->n_forward_syslog_missed
),
458 s
->n_forward_syslog_missed
= 0;
459 s
->last_warn_forward_syslog_missed
= n
;