1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
34 #include <systemd/sd-journal.h>
35 #include <systemd/sd-login.h>
36 #include <systemd/sd-messages.h>
37 #include <systemd/sd-daemon.h>
40 #include "journal-file.h"
41 #include "socket-util.h"
42 #include "cgroup-util.h"
44 #include "journal-rate-limit.h"
45 #include "journal-internal.h"
46 #include "conf-parser.h"
53 #include <acl/libacl.h>
58 #include <selinux/selinux.h>
61 #define USER_JOURNALS_MAX 1024
62 #define STDOUT_STREAMS_MAX 4096
64 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
65 #define DEFAULT_RATE_LIMIT_BURST 200
67 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
69 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
71 #define N_IOVEC_META_FIELDS 17
73 #define ENTRY_SIZE_MAX (1024*1024*32)
75 typedef enum StdoutStreamState
{
76 STDOUT_STREAM_IDENTIFIER
,
77 STDOUT_STREAM_PRIORITY
,
78 STDOUT_STREAM_LEVEL_PREFIX
,
79 STDOUT_STREAM_FORWARD_TO_SYSLOG
,
80 STDOUT_STREAM_FORWARD_TO_KMSG
,
81 STDOUT_STREAM_FORWARD_TO_CONSOLE
,
87 StdoutStreamState state
;
93 security_context_t security_context
;
99 bool forward_to_syslog
:1;
100 bool forward_to_kmsg
:1;
101 bool forward_to_console
:1;
103 char buffer
[LINE_MAX
+1];
106 LIST_FIELDS(StdoutStream
, stdout_stream
);
109 static int server_flush_to_var(Server
*s
);
111 static uint64_t available_space(Server
*s
) {
116 uint64_t sum
= 0, avail
= 0, ss_avail
= 0;
122 ts
= now(CLOCK_MONOTONIC
);
124 if (s
->cached_available_space_timestamp
+ RECHECK_AVAILABLE_SPACE_USEC
> ts
)
125 return s
->cached_available_space
;
127 r
= sd_id128_get_machine(&machine
);
131 if (s
->system_journal
) {
132 f
= "/var/log/journal/";
133 m
= &s
->system_metrics
;
135 f
= "/run/log/journal/";
136 m
= &s
->runtime_metrics
;
141 p
= strappend(f
, sd_id128_to_string(machine
, ids
));
151 if (fstatvfs(dirfd(d
), &ss
) < 0)
156 struct dirent buf
, *de
;
159 k
= readdir_r(d
, &buf
, &de
);
168 if (!dirent_is_file_with_suffix(de
, ".journal"))
171 if (fstatat(dirfd(d
), de
->d_name
, &st
, AT_SYMLINK_NOFOLLOW
) < 0)
174 sum
+= (uint64_t) st
.st_blocks
* (uint64_t) st
.st_blksize
;
177 avail
= sum
>= m
->max_use
? 0 : m
->max_use
- sum
;
179 ss_avail
= ss
.f_bsize
* ss
.f_bavail
;
181 ss_avail
= ss_avail
< m
->keep_free
? 0 : ss_avail
- m
->keep_free
;
183 if (ss_avail
< avail
)
186 s
->cached_available_space
= avail
;
187 s
->cached_available_space_timestamp
= ts
;
195 static void server_read_file_gid(Server
*s
) {
196 const char *adm
= "adm";
201 if (s
->file_gid_valid
)
204 r
= get_group_creds(&adm
, &s
->file_gid
);
206 log_warning("Failed to resolve 'adm' group: %s", strerror(-r
));
208 /* if we couldn't read the gid, then it will be 0, but that's
209 * fine and we shouldn't try to resolve the group again, so
210 * let's just pretend it worked right-away. */
211 s
->file_gid_valid
= true;
214 static void server_fix_perms(Server
*s
, JournalFile
*f
, uid_t uid
) {
219 acl_permset_t permset
;
224 server_read_file_gid(s
);
226 r
= fchmod_and_fchown(f
->fd
, 0640, 0, s
->file_gid
);
228 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f
->path
, strerror(-r
));
234 acl
= acl_get_fd(f
->fd
);
236 log_warning("Failed to read ACL on %s, ignoring: %m", f
->path
);
240 r
= acl_find_uid(acl
, uid
, &entry
);
243 if (acl_create_entry(&acl
, &entry
) < 0 ||
244 acl_set_tag_type(entry
, ACL_USER
) < 0 ||
245 acl_set_qualifier(entry
, &uid
) < 0) {
246 log_warning("Failed to patch ACL on %s, ignoring: %m", f
->path
);
251 if (acl_get_permset(entry
, &permset
) < 0 ||
252 acl_add_perm(permset
, ACL_READ
) < 0 ||
253 acl_calc_mask(&acl
) < 0) {
254 log_warning("Failed to patch ACL on %s, ignoring: %m", f
->path
);
258 if (acl_set_fd(f
->fd
, acl
) < 0)
259 log_warning("Failed to set ACL on %s, ignoring: %m", f
->path
);
266 static JournalFile
* find_journal(Server
*s
, uid_t uid
) {
275 /* We split up user logs only on /var, not on /run. If the
276 * runtime file is open, we write to it exclusively, in order
277 * to guarantee proper order as soon as we flush /run to
278 * /var and close the runtime file. */
280 if (s
->runtime_journal
)
281 return s
->runtime_journal
;
284 return s
->system_journal
;
286 r
= sd_id128_get_machine(&machine
);
288 return s
->system_journal
;
290 f
= hashmap_get(s
->user_journals
, UINT32_TO_PTR(uid
));
294 if (asprintf(&p
, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine
, ids
), (unsigned long) uid
) < 0)
295 return s
->system_journal
;
297 while (hashmap_size(s
->user_journals
) >= USER_JOURNALS_MAX
) {
298 /* Too many open? Then let's close one */
299 f
= hashmap_steal_first(s
->user_journals
);
301 journal_file_close(f
);
304 r
= journal_file_open_reliably(p
, O_RDWR
|O_CREAT
, 0640, s
->system_journal
, &f
);
308 return s
->system_journal
;
310 server_fix_perms(s
, f
, uid
);
311 f
->metrics
= s
->system_metrics
;
312 f
->compress
= s
->compress
;
314 r
= hashmap_put(s
->user_journals
, UINT32_TO_PTR(uid
), f
);
316 journal_file_close(f
);
317 return s
->system_journal
;
323 static void server_rotate(Server
*s
) {
329 log_info("Rotating...");
331 if (s
->runtime_journal
) {
332 r
= journal_file_rotate(&s
->runtime_journal
);
334 log_error("Failed to rotate %s: %s", s
->runtime_journal
->path
, strerror(-r
));
337 if (s
->system_journal
) {
338 r
= journal_file_rotate(&s
->system_journal
);
340 log_error("Failed to rotate %s: %s", s
->system_journal
->path
, strerror(-r
));
343 HASHMAP_FOREACH_KEY(f
, k
, s
->user_journals
, i
) {
344 r
= journal_file_rotate(&f
);
346 log_error("Failed to rotate %s: %s", f
->path
, strerror(-r
));
348 hashmap_replace(s
->user_journals
, k
, f
);
352 static void server_vacuum(Server
*s
) {
358 log_info("Vacuuming...");
360 r
= sd_id128_get_machine(&machine
);
362 log_error("Failed to get machine ID: %s", strerror(-r
));
366 sd_id128_to_string(machine
, ids
);
368 if (s
->system_journal
) {
369 if (asprintf(&p
, "/var/log/journal/%s", ids
) < 0) {
370 log_error("Out of memory.");
374 r
= journal_directory_vacuum(p
, s
->system_metrics
.max_use
, s
->system_metrics
.keep_free
);
375 if (r
< 0 && r
!= -ENOENT
)
376 log_error("Failed to vacuum %s: %s", p
, strerror(-r
));
381 if (s
->runtime_journal
) {
382 if (asprintf(&p
, "/run/log/journal/%s", ids
) < 0) {
383 log_error("Out of memory.");
387 r
= journal_directory_vacuum(p
, s
->runtime_metrics
.max_use
, s
->runtime_metrics
.keep_free
);
388 if (r
< 0 && r
!= -ENOENT
)
389 log_error("Failed to vacuum %s: %s", p
, strerror(-r
));
393 s
->cached_available_space_timestamp
= 0;
396 static char *shortened_cgroup_path(pid_t pid
) {
398 char *process_path
, *init_path
, *path
;
402 r
= cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER
, pid
, &process_path
);
406 r
= cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER
, 1, &init_path
);
412 if (endswith(init_path
, "/system"))
413 init_path
[strlen(init_path
) - 7] = 0;
414 else if (streq(init_path
, "/"))
417 if (startswith(process_path
, init_path
)) {
420 p
= strdup(process_path
+ strlen(init_path
));
438 static void dispatch_message_real(
440 struct iovec
*iovec
, unsigned n
, unsigned m
,
443 const char *label
, size_t label_len
) {
445 char *pid
= NULL
, *uid
= NULL
, *gid
= NULL
,
446 *source_time
= NULL
, *boot_id
= NULL
, *machine_id
= NULL
,
447 *comm
= NULL
, *cmdline
= NULL
, *hostname
= NULL
,
448 *audit_session
= NULL
, *audit_loginuid
= NULL
,
449 *exe
= NULL
, *cgroup
= NULL
, *session
= NULL
,
450 *owner_uid
= NULL
, *unit
= NULL
, *selinux_context
= NULL
;
456 uid_t loginuid
= 0, realuid
= 0;
458 bool vacuumed
= false;
463 assert(n
+ N_IOVEC_META_FIELDS
<= m
);
469 realuid
= ucred
->uid
;
471 if (asprintf(&pid
, "_PID=%lu", (unsigned long) ucred
->pid
) >= 0)
472 IOVEC_SET_STRING(iovec
[n
++], pid
);
474 if (asprintf(&uid
, "_UID=%lu", (unsigned long) ucred
->uid
) >= 0)
475 IOVEC_SET_STRING(iovec
[n
++], uid
);
477 if (asprintf(&gid
, "_GID=%lu", (unsigned long) ucred
->gid
) >= 0)
478 IOVEC_SET_STRING(iovec
[n
++], gid
);
480 r
= get_process_comm(ucred
->pid
, &t
);
482 comm
= strappend("_COMM=", t
);
486 IOVEC_SET_STRING(iovec
[n
++], comm
);
489 r
= get_process_exe(ucred
->pid
, &t
);
491 exe
= strappend("_EXE=", t
);
495 IOVEC_SET_STRING(iovec
[n
++], exe
);
498 r
= get_process_cmdline(ucred
->pid
, LINE_MAX
, false, &t
);
500 cmdline
= strappend("_CMDLINE=", t
);
504 IOVEC_SET_STRING(iovec
[n
++], cmdline
);
507 r
= audit_session_from_pid(ucred
->pid
, &audit
);
509 if (asprintf(&audit_session
, "_AUDIT_SESSION=%lu", (unsigned long) audit
) >= 0)
510 IOVEC_SET_STRING(iovec
[n
++], audit_session
);
512 r
= audit_loginuid_from_pid(ucred
->pid
, &loginuid
);
514 if (asprintf(&audit_loginuid
, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid
) >= 0)
515 IOVEC_SET_STRING(iovec
[n
++], audit_loginuid
);
517 t
= shortened_cgroup_path(ucred
->pid
);
519 cgroup
= strappend("_SYSTEMD_CGROUP=", t
);
523 IOVEC_SET_STRING(iovec
[n
++], cgroup
);
526 if (sd_pid_get_session(ucred
->pid
, &t
) >= 0) {
527 session
= strappend("_SYSTEMD_SESSION=", t
);
531 IOVEC_SET_STRING(iovec
[n
++], session
);
534 if (sd_pid_get_unit(ucred
->pid
, &t
) >= 0) {
535 unit
= strappend("_SYSTEMD_UNIT=", t
);
539 IOVEC_SET_STRING(iovec
[n
++], unit
);
542 if (sd_pid_get_owner_uid(ucred
->uid
, &owner
) >= 0)
543 if (asprintf(&owner_uid
, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner
) >= 0)
544 IOVEC_SET_STRING(iovec
[n
++], owner_uid
);
548 selinux_context
= malloc(sizeof("_SELINUX_CONTEXT=") + label_len
);
549 if (selinux_context
) {
550 memcpy(selinux_context
, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
551 memcpy(selinux_context
+sizeof("_SELINUX_CONTEXT=")-1, label
, label_len
);
552 selinux_context
[sizeof("_SELINUX_CONTEXT=")-1+label_len
] = 0;
553 IOVEC_SET_STRING(iovec
[n
++], selinux_context
);
556 security_context_t con
;
558 if (getpidcon(ucred
->pid
, &con
) >= 0) {
559 selinux_context
= strappend("_SELINUX_CONTEXT=", con
);
561 IOVEC_SET_STRING(iovec
[n
++], selinux_context
);
570 if (asprintf(&source_time
, "_SOURCE_REALTIME_TIMESTAMP=%llu",
571 (unsigned long long) timeval_load(tv
)) >= 0)
572 IOVEC_SET_STRING(iovec
[n
++], source_time
);
575 /* Note that strictly speaking storing the boot id here is
576 * redundant since the entry includes this in-line
577 * anyway. However, we need this indexed, too. */
578 r
= sd_id128_get_boot(&id
);
580 if (asprintf(&boot_id
, "_BOOT_ID=%s", sd_id128_to_string(id
, idbuf
)) >= 0)
581 IOVEC_SET_STRING(iovec
[n
++], boot_id
);
583 r
= sd_id128_get_machine(&id
);
585 if (asprintf(&machine_id
, "_MACHINE_ID=%s", sd_id128_to_string(id
, idbuf
)) >= 0)
586 IOVEC_SET_STRING(iovec
[n
++], machine_id
);
588 t
= gethostname_malloc();
590 hostname
= strappend("_HOSTNAME=", t
);
593 IOVEC_SET_STRING(iovec
[n
++], hostname
);
598 server_flush_to_var(s
);
601 f
= find_journal(s
, realuid
== 0 ? 0 : loginuid
);
603 log_warning("Dropping message, as we can't find a place to store the data.");
605 r
= journal_file_append_entry(f
, NULL
, iovec
, n
, &s
->seqnum
, NULL
, NULL
);
607 if ((r
== -EBADMSG
|| r
== -E2BIG
) && !vacuumed
) {
610 log_info("Allocation limit reached, rotating.");
612 log_warning("Journal file corrupted, rotating.");
618 log_info("Retrying write.");
623 log_error("Failed to write entry, ignoring: %s", strerror(-r
));
637 free(audit_loginuid
);
642 free(selinux_context
);
645 static void driver_message(Server
*s
, sd_id128_t message_id
, const char *format
, ...) {
646 char mid
[11 + 32 + 1];
647 char buffer
[16 + LINE_MAX
+ 1];
648 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 4];
656 IOVEC_SET_STRING(iovec
[n
++], "PRIORITY=5");
657 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=driver");
659 memcpy(buffer
, "MESSAGE=", 8);
660 va_start(ap
, format
);
661 vsnprintf(buffer
+ 8, sizeof(buffer
) - 8, format
, ap
);
663 char_array_0(buffer
);
664 IOVEC_SET_STRING(iovec
[n
++], buffer
);
666 snprintf(mid
, sizeof(mid
), "MESSAGE_ID=" SD_ID128_FORMAT_STR
, SD_ID128_FORMAT_VAL(message_id
));
668 IOVEC_SET_STRING(iovec
[n
++], mid
);
671 ucred
.pid
= getpid();
672 ucred
.uid
= getuid();
673 ucred
.gid
= getgid();
675 dispatch_message_real(s
, iovec
, n
, ELEMENTSOF(iovec
), &ucred
, NULL
, NULL
, 0);
678 static void dispatch_message(Server
*s
,
679 struct iovec
*iovec
, unsigned n
, unsigned m
,
682 const char *label
, size_t label_len
,
685 char *path
= NULL
, *c
;
688 assert(iovec
|| n
== 0);
696 path
= shortened_cgroup_path(ucred
->pid
);
700 /* example: /user/lennart/3/foobar
701 * /system/dbus.service/foobar
703 * So let's cut of everything past the third /, since that is
704 * wher user directories start */
706 c
= strchr(path
, '/');
708 c
= strchr(c
+1, '/');
710 c
= strchr(c
+1, '/');
716 rl
= journal_rate_limit_test(s
->rate_limit
, path
, priority
& LOG_PRIMASK
, available_space(s
));
723 /* Write a suppression message if we suppressed something */
725 driver_message(s
, SD_MESSAGE_JOURNAL_DROPPED
, "Suppressed %u messages from %s", rl
- 1, path
);
730 dispatch_message_real(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
);
733 static void forward_syslog_iovec(Server
*s
, const struct iovec
*iovec
, unsigned n_iovec
, struct ucred
*ucred
, struct timeval
*tv
) {
734 struct msghdr msghdr
;
735 struct cmsghdr
*cmsg
;
737 struct cmsghdr cmsghdr
;
738 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
))];
740 union sockaddr_union sa
;
747 msghdr
.msg_iov
= (struct iovec
*) iovec
;
748 msghdr
.msg_iovlen
= n_iovec
;
751 sa
.un
.sun_family
= AF_UNIX
;
752 strncpy(sa
.un
.sun_path
, "/run/systemd/journal/syslog", sizeof(sa
.un
.sun_path
));
753 msghdr
.msg_name
= &sa
;
754 msghdr
.msg_namelen
= offsetof(union sockaddr_union
, un
.sun_path
) + strlen(sa
.un
.sun_path
);
758 msghdr
.msg_control
= &control
;
759 msghdr
.msg_controllen
= sizeof(control
);
761 cmsg
= CMSG_FIRSTHDR(&msghdr
);
762 cmsg
->cmsg_level
= SOL_SOCKET
;
763 cmsg
->cmsg_type
= SCM_CREDENTIALS
;
764 cmsg
->cmsg_len
= CMSG_LEN(sizeof(struct ucred
));
765 memcpy(CMSG_DATA(cmsg
), ucred
, sizeof(struct ucred
));
766 msghdr
.msg_controllen
= cmsg
->cmsg_len
;
769 /* Forward the syslog message we received via /dev/log to
770 * /run/systemd/syslog. Unfortunately we currently can't set
771 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
773 if (sendmsg(s
->syslog_fd
, &msghdr
, MSG_NOSIGNAL
) >= 0)
776 /* The socket is full? I guess the syslog implementation is
777 * too slow, and we shouldn't wait for that... */
781 if (ucred
&& errno
== ESRCH
) {
784 /* Hmm, presumably the sender process vanished
785 * by now, so let's fix it as good as we
790 memcpy(CMSG_DATA(cmsg
), &u
, sizeof(struct ucred
));
792 if (sendmsg(s
->syslog_fd
, &msghdr
, MSG_NOSIGNAL
) >= 0)
799 log_debug("Failed to forward syslog message: %m");
802 static void forward_syslog_raw(Server
*s
, const char *buffer
, struct ucred
*ucred
, struct timeval
*tv
) {
808 IOVEC_SET_STRING(iovec
, buffer
);
809 forward_syslog_iovec(s
, &iovec
, 1, ucred
, tv
);
812 static void forward_syslog(Server
*s
, int priority
, const char *identifier
, const char *message
, struct ucred
*ucred
, struct timeval
*tv
) {
813 struct iovec iovec
[5];
814 char header_priority
[6], header_time
[64], header_pid
[16];
818 char *ident_buf
= NULL
;
821 assert(priority
>= 0);
822 assert(priority
<= 999);
825 /* First: priority field */
826 snprintf(header_priority
, sizeof(header_priority
), "<%i>", priority
);
827 char_array_0(header_priority
);
828 IOVEC_SET_STRING(iovec
[n
++], header_priority
);
830 /* Second: timestamp */
831 t
= tv
? tv
->tv_sec
: ((time_t) (now(CLOCK_REALTIME
) / USEC_PER_SEC
));
835 if (strftime(header_time
, sizeof(header_time
), "%h %e %T ", tm
) <= 0)
837 IOVEC_SET_STRING(iovec
[n
++], header_time
);
839 /* Third: identifier and PID */
842 get_process_comm(ucred
->pid
, &ident_buf
);
843 identifier
= ident_buf
;
846 snprintf(header_pid
, sizeof(header_pid
), "[%lu]: ", (unsigned long) ucred
->pid
);
847 char_array_0(header_pid
);
850 IOVEC_SET_STRING(iovec
[n
++], identifier
);
852 IOVEC_SET_STRING(iovec
[n
++], header_pid
);
853 } else if (identifier
) {
854 IOVEC_SET_STRING(iovec
[n
++], identifier
);
855 IOVEC_SET_STRING(iovec
[n
++], ": ");
858 /* Fourth: message */
859 IOVEC_SET_STRING(iovec
[n
++], message
);
861 forward_syslog_iovec(s
, iovec
, n
, ucred
, tv
);
866 static int fixup_priority(int priority
) {
868 if ((priority
& LOG_FACMASK
) == 0)
869 return (priority
& LOG_PRIMASK
) | LOG_USER
;
874 static void forward_kmsg(Server
*s
, int priority
, const char *identifier
, const char *message
, struct ucred
*ucred
) {
875 struct iovec iovec
[5];
876 char header_priority
[6], header_pid
[16];
878 char *ident_buf
= NULL
;
882 assert(priority
>= 0);
883 assert(priority
<= 999);
886 /* Never allow messages with kernel facility to be written to
887 * kmsg, regardless where the data comes from. */
888 priority
= fixup_priority(priority
);
890 /* First: priority field */
891 snprintf(header_priority
, sizeof(header_priority
), "<%i>", priority
);
892 char_array_0(header_priority
);
893 IOVEC_SET_STRING(iovec
[n
++], header_priority
);
895 /* Second: identifier and PID */
898 get_process_comm(ucred
->pid
, &ident_buf
);
899 identifier
= ident_buf
;
902 snprintf(header_pid
, sizeof(header_pid
), "[%lu]: ", (unsigned long) ucred
->pid
);
903 char_array_0(header_pid
);
906 IOVEC_SET_STRING(iovec
[n
++], identifier
);
908 IOVEC_SET_STRING(iovec
[n
++], header_pid
);
909 } else if (identifier
) {
910 IOVEC_SET_STRING(iovec
[n
++], identifier
);
911 IOVEC_SET_STRING(iovec
[n
++], ": ");
914 /* Fourth: message */
915 IOVEC_SET_STRING(iovec
[n
++], message
);
916 IOVEC_SET_STRING(iovec
[n
++], "\n");
918 fd
= open("/dev/kmsg", O_WRONLY
|O_NOCTTY
|O_CLOEXEC
);
920 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno
));
924 if (writev(fd
, iovec
, n
) < 0)
925 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno
));
927 close_nointr_nofail(fd
);
933 static void forward_console(Server
*s
, const char *identifier
, const char *message
, struct ucred
*ucred
) {
934 struct iovec iovec
[4];
937 char *ident_buf
= NULL
;
942 /* First: identifier and PID */
945 get_process_comm(ucred
->pid
, &ident_buf
);
946 identifier
= ident_buf
;
949 snprintf(header_pid
, sizeof(header_pid
), "[%lu]: ", (unsigned long) ucred
->pid
);
950 char_array_0(header_pid
);
953 IOVEC_SET_STRING(iovec
[n
++], identifier
);
955 IOVEC_SET_STRING(iovec
[n
++], header_pid
);
956 } else if (identifier
) {
957 IOVEC_SET_STRING(iovec
[n
++], identifier
);
958 IOVEC_SET_STRING(iovec
[n
++], ": ");
962 IOVEC_SET_STRING(iovec
[n
++], message
);
963 IOVEC_SET_STRING(iovec
[n
++], "\n");
965 fd
= open_terminal("/dev/console", O_WRONLY
|O_NOCTTY
|O_CLOEXEC
);
967 log_debug("Failed to open /dev/console for logging: %s", strerror(errno
));
971 if (writev(fd
, iovec
, n
) < 0)
972 log_debug("Failed to write to /dev/console for logging: %s", strerror(errno
));
974 close_nointr_nofail(fd
);
980 static void read_identifier(const char **buf
, char **identifier
, char **pid
) {
991 p
+= strspn(p
, WHITESPACE
);
992 l
= strcspn(p
, WHITESPACE
);
1001 if (p
[l
-1] == ']') {
1007 t
= strndup(p
+k
+1, l
-k
-2);
1027 *buf
+= strspn(*buf
, WHITESPACE
);
1030 static void process_syslog_message(Server
*s
, const char *buf
, struct ucred
*ucred
, struct timeval
*tv
, const char *label
, size_t label_len
) {
1031 char *message
= NULL
, *syslog_priority
= NULL
, *syslog_facility
= NULL
, *syslog_identifier
= NULL
, *syslog_pid
= NULL
;
1032 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 6];
1034 int priority
= LOG_USER
| LOG_INFO
;
1035 char *identifier
= NULL
, *pid
= NULL
;
1040 if (s
->forward_to_syslog
)
1041 forward_syslog_raw(s
, buf
, ucred
, tv
);
1043 parse_syslog_priority((char**) &buf
, &priority
);
1044 skip_syslog_date((char**) &buf
);
1045 read_identifier(&buf
, &identifier
, &pid
);
1047 if (s
->forward_to_kmsg
)
1048 forward_kmsg(s
, priority
, identifier
, buf
, ucred
);
1050 if (s
->forward_to_console
)
1051 forward_console(s
, identifier
, buf
, ucred
);
1053 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=syslog");
1055 if (asprintf(&syslog_priority
, "PRIORITY=%i", priority
& LOG_PRIMASK
) >= 0)
1056 IOVEC_SET_STRING(iovec
[n
++], syslog_priority
);
1058 if (priority
& LOG_FACMASK
)
1059 if (asprintf(&syslog_facility
, "SYSLOG_FACILITY=%i", LOG_FAC(priority
)) >= 0)
1060 IOVEC_SET_STRING(iovec
[n
++], syslog_facility
);
1063 syslog_identifier
= strappend("SYSLOG_IDENTIFIER=", identifier
);
1064 if (syslog_identifier
)
1065 IOVEC_SET_STRING(iovec
[n
++], syslog_identifier
);
1069 syslog_pid
= strappend("SYSLOG_PID=", pid
);
1071 IOVEC_SET_STRING(iovec
[n
++], syslog_pid
);
1074 message
= strappend("MESSAGE=", buf
);
1076 IOVEC_SET_STRING(iovec
[n
++], message
);
1078 dispatch_message(s
, iovec
, n
, ELEMENTSOF(iovec
), ucred
, tv
, label
, label_len
, priority
);
1083 free(syslog_priority
);
1084 free(syslog_facility
);
1085 free(syslog_identifier
);
1088 static bool valid_user_field(const char *p
, size_t l
) {
1091 /* We kinda enforce POSIX syntax recommendations for
1092 environment variables here, but make a couple of additional
1095 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1097 /* No empty field names */
1101 /* Don't allow names longer than 64 chars */
1105 /* Variables starting with an underscore are protected */
1109 /* Don't allow digits as first character */
1110 if (p
[0] >= '0' && p
[0] <= '9')
1113 /* Only allow A-Z0-9 and '_' */
1114 for (a
= p
; a
< p
+ l
; a
++)
1115 if (!((*a
>= 'A' && *a
<= 'Z') ||
1116 (*a
>= '0' && *a
<= '9') ||
1123 static void process_native_message(
1125 const void *buffer
, size_t buffer_size
,
1126 struct ucred
*ucred
,
1128 const char *label
, size_t label_len
) {
1130 struct iovec
*iovec
= NULL
;
1131 unsigned n
= 0, m
= 0, j
, tn
= (unsigned) -1;
1134 int priority
= LOG_INFO
;
1135 char *identifier
= NULL
, *message
= NULL
;
1138 assert(buffer
|| n
== 0);
1141 remaining
= buffer_size
;
1143 while (remaining
> 0) {
1146 e
= memchr(p
, '\n', remaining
);
1149 /* Trailing noise, let's ignore it, and flush what we collected */
1150 log_debug("Received message with trailing noise, ignoring.");
1155 /* Entry separator */
1156 dispatch_message(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, priority
);
1158 priority
= LOG_INFO
;
1165 if (*p
== '.' || *p
== '#') {
1166 /* Ignore control commands for now, and
1168 remaining
-= (e
- p
) + 1;
1173 /* A property follows */
1175 if (n
+N_IOVEC_META_FIELDS
>= m
) {
1179 u
= MAX((n
+N_IOVEC_META_FIELDS
+1) * 2U, 4U);
1180 c
= realloc(iovec
, u
* sizeof(struct iovec
));
1182 log_error("Out of memory");
1190 q
= memchr(p
, '=', e
- p
);
1192 if (valid_user_field(p
, q
- p
)) {
1197 /* If the field name starts with an
1198 * underscore, skip the variable,
1199 * since that indidates a trusted
1201 iovec
[n
].iov_base
= (char*) p
;
1202 iovec
[n
].iov_len
= l
;
1205 /* We need to determine the priority
1206 * of this entry for the rate limiting
1209 memcmp(p
, "PRIORITY=", 9) == 0 &&
1210 p
[9] >= '0' && p
[9] <= '9')
1211 priority
= (priority
& LOG_FACMASK
) | (p
[9] - '0');
1214 memcmp(p
, "SYSLOG_FACILITY=", 16) == 0 &&
1215 p
[16] >= '0' && p
[16] <= '9')
1216 priority
= (priority
& LOG_PRIMASK
) | ((p
[16] - '0') << 3);
1219 memcmp(p
, "SYSLOG_FACILITY=", 16) == 0 &&
1220 p
[16] >= '0' && p
[16] <= '9' &&
1221 p
[17] >= '0' && p
[17] <= '9')
1222 priority
= (priority
& LOG_PRIMASK
) | (((p
[16] - '0')*10 + (p
[17] - '0')) << 3);
1225 memcmp(p
, "SYSLOG_IDENTIFIER=", 11) == 0) {
1228 t
= strndup(p
+ 11, l
- 11);
1233 } else if (l
>= 8 &&
1234 memcmp(p
, "MESSAGE=", 8) == 0) {
1237 t
= strndup(p
+ 8, l
- 8);
1245 remaining
-= (e
- p
) + 1;
1252 if (remaining
< e
- p
+ 1 + sizeof(uint64_t) + 1) {
1253 log_debug("Failed to parse message, ignoring.");
1257 memcpy(&l
, e
+ 1, sizeof(uint64_t));
1260 if (remaining
< e
- p
+ 1 + sizeof(uint64_t) + l
+ 1 ||
1261 e
[1+sizeof(uint64_t)+l
] != '\n') {
1262 log_debug("Failed to parse message, ignoring.");
1266 k
= malloc((e
- p
) + 1 + l
);
1268 log_error("Out of memory");
1272 memcpy(k
, p
, e
- p
);
1274 memcpy(k
+ (e
- p
) + 1, e
+ 1 + sizeof(uint64_t), l
);
1276 if (valid_user_field(p
, e
- p
)) {
1277 iovec
[n
].iov_base
= k
;
1278 iovec
[n
].iov_len
= (e
- p
) + 1 + l
;
1283 remaining
-= (e
- p
) + 1 + sizeof(uint64_t) + l
+ 1;
1284 p
= e
+ 1 + sizeof(uint64_t) + l
+ 1;
1292 IOVEC_SET_STRING(iovec
[tn
], "_TRANSPORT=journal");
1295 if (s
->forward_to_syslog
)
1296 forward_syslog(s
, priority
, identifier
, message
, ucred
, tv
);
1298 if (s
->forward_to_kmsg
)
1299 forward_kmsg(s
, priority
, identifier
, message
, ucred
);
1301 if (s
->forward_to_console
)
1302 forward_console(s
, identifier
, message
, ucred
);
1305 dispatch_message(s
, iovec
, n
, m
, ucred
, tv
, label
, label_len
, priority
);
1308 for (j
= 0; j
< n
; j
++) {
1312 if (iovec
[j
].iov_base
< buffer
||
1313 (const uint8_t*) iovec
[j
].iov_base
>= (const uint8_t*) buffer
+ buffer_size
)
1314 free(iovec
[j
].iov_base
);
1322 static void process_native_file(
1325 struct ucred
*ucred
,
1327 const char *label
, size_t label_len
) {
1336 /* Data is in the passed file, since it didn't fit in a
1337 * datagram. We can't map the file here, since clients might
1338 * then truncate it and trigger a SIGBUS for us. So let's
1339 * stupidly read it */
1341 if (fstat(fd
, &st
) < 0) {
1342 log_error("Failed to stat passed file, ignoring: %m");
1346 if (!S_ISREG(st
.st_mode
)) {
1347 log_error("File passed is not regular. Ignoring.");
1351 if (st
.st_size
<= 0)
1354 if (st
.st_size
> ENTRY_SIZE_MAX
) {
1355 log_error("File passed too large. Ignoring.");
1359 p
= malloc(st
.st_size
);
1361 log_error("Out of memory");
1365 n
= pread(fd
, p
, st
.st_size
, 0);
1367 log_error("Failed to read file, ignoring: %s", strerror(-n
));
1369 process_native_message(s
, p
, n
, ucred
, tv
, label
, label_len
);
1374 static int stdout_stream_log(StdoutStream
*s
, const char *p
) {
1375 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 5];
1376 char *message
= NULL
, *syslog_priority
= NULL
, *syslog_facility
= NULL
, *syslog_identifier
= NULL
;
1380 size_t label_len
= 0;
1388 priority
= s
->priority
;
1390 if (s
->level_prefix
)
1391 parse_syslog_priority((char**) &p
, &priority
);
1393 if (s
->forward_to_syslog
|| s
->server
->forward_to_syslog
)
1394 forward_syslog(s
->server
, fixup_priority(priority
), s
->identifier
, p
, &s
->ucred
, NULL
);
1396 if (s
->forward_to_kmsg
|| s
->server
->forward_to_kmsg
)
1397 forward_kmsg(s
->server
, priority
, s
->identifier
, p
, &s
->ucred
);
1399 if (s
->forward_to_console
|| s
->server
->forward_to_console
)
1400 forward_console(s
->server
, s
->identifier
, p
, &s
->ucred
);
1402 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=stdout");
1404 if (asprintf(&syslog_priority
, "PRIORITY=%i", priority
& LOG_PRIMASK
) >= 0)
1405 IOVEC_SET_STRING(iovec
[n
++], syslog_priority
);
1407 if (priority
& LOG_FACMASK
)
1408 if (asprintf(&syslog_facility
, "SYSLOG_FACILITY=%i", LOG_FAC(priority
)) >= 0)
1409 IOVEC_SET_STRING(iovec
[n
++], syslog_facility
);
1411 if (s
->identifier
) {
1412 syslog_identifier
= strappend("SYSLOG_IDENTIFIER=", s
->identifier
);
1413 if (syslog_identifier
)
1414 IOVEC_SET_STRING(iovec
[n
++], syslog_identifier
);
1417 message
= strappend("MESSAGE=", p
);
1419 IOVEC_SET_STRING(iovec
[n
++], message
);
1422 if (s
->security_context
) {
1423 label
= (char*) s
->security_context
;
1424 label_len
= strlen((char*) s
->security_context
);
1428 dispatch_message(s
->server
, iovec
, n
, ELEMENTSOF(iovec
), &s
->ucred
, NULL
, label
, label_len
, priority
);
1431 free(syslog_priority
);
1432 free(syslog_facility
);
1433 free(syslog_identifier
);
1438 static int stdout_stream_line(StdoutStream
*s
, char *p
) {
1448 case STDOUT_STREAM_IDENTIFIER
:
1450 s
->identifier
= NULL
;
1452 s
->identifier
= strdup(p
);
1453 if (!s
->identifier
) {
1454 log_error("Out of memory");
1459 s
->state
= STDOUT_STREAM_PRIORITY
;
1462 case STDOUT_STREAM_PRIORITY
:
1463 r
= safe_atoi(p
, &s
->priority
);
1464 if (r
< 0 || s
->priority
<= 0 || s
->priority
>= 999) {
1465 log_warning("Failed to parse log priority line.");
1469 s
->state
= STDOUT_STREAM_LEVEL_PREFIX
;
1472 case STDOUT_STREAM_LEVEL_PREFIX
:
1473 r
= parse_boolean(p
);
1475 log_warning("Failed to parse level prefix line.");
1479 s
->level_prefix
= !!r
;
1480 s
->state
= STDOUT_STREAM_FORWARD_TO_SYSLOG
;
1483 case STDOUT_STREAM_FORWARD_TO_SYSLOG
:
1484 r
= parse_boolean(p
);
1486 log_warning("Failed to parse forward to syslog line.");
1490 s
->forward_to_syslog
= !!r
;
1491 s
->state
= STDOUT_STREAM_FORWARD_TO_KMSG
;
1494 case STDOUT_STREAM_FORWARD_TO_KMSG
:
1495 r
= parse_boolean(p
);
1497 log_warning("Failed to parse copy to kmsg line.");
1501 s
->forward_to_kmsg
= !!r
;
1502 s
->state
= STDOUT_STREAM_FORWARD_TO_CONSOLE
;
1505 case STDOUT_STREAM_FORWARD_TO_CONSOLE
:
1506 r
= parse_boolean(p
);
1508 log_warning("Failed to parse copy to console line.");
1512 s
->forward_to_console
= !!r
;
1513 s
->state
= STDOUT_STREAM_RUNNING
;
1516 case STDOUT_STREAM_RUNNING
:
1517 return stdout_stream_log(s
, p
);
1520 assert_not_reached("Unknown stream state");
1523 static int stdout_stream_scan(StdoutStream
*s
, bool force_flush
) {
1531 remaining
= s
->length
;
1536 end
= memchr(p
, '\n', remaining
);
1539 else if (remaining
>= sizeof(s
->buffer
) - 1) {
1540 end
= p
+ sizeof(s
->buffer
) - 1;
1547 r
= stdout_stream_line(s
, p
);
1555 if (force_flush
&& remaining
> 0) {
1557 r
= stdout_stream_line(s
, p
);
1565 if (p
> s
->buffer
) {
1566 memmove(s
->buffer
, p
, remaining
);
1567 s
->length
= remaining
;
1573 static int stdout_stream_process(StdoutStream
*s
) {
1579 l
= read(s
->fd
, s
->buffer
+s
->length
, sizeof(s
->buffer
)-1-s
->length
);
1582 if (errno
== EAGAIN
)
1585 log_warning("Failed to read from stream: %m");
1590 r
= stdout_stream_scan(s
, true);
1598 r
= stdout_stream_scan(s
, false);
1606 static void stdout_stream_free(StdoutStream
*s
) {
1610 assert(s
->server
->n_stdout_streams
> 0);
1611 s
->server
->n_stdout_streams
--;
1612 LIST_REMOVE(StdoutStream
, stdout_stream
, s
->server
->stdout_streams
, s
);
1617 epoll_ctl(s
->server
->epoll_fd
, EPOLL_CTL_DEL
, s
->fd
, NULL
);
1619 close_nointr_nofail(s
->fd
);
1623 if (s
->security_context
)
1624 freecon(s
->security_context
);
1627 free(s
->identifier
);
1631 static int stdout_stream_new(Server
*s
) {
1632 StdoutStream
*stream
;
1635 struct epoll_event ev
;
1639 fd
= accept4(s
->stdout_fd
, NULL
, NULL
, SOCK_NONBLOCK
|SOCK_CLOEXEC
);
1641 if (errno
== EAGAIN
)
1644 log_error("Failed to accept stdout connection: %m");
1648 if (s
->n_stdout_streams
>= STDOUT_STREAMS_MAX
) {
1649 log_warning("Too many stdout streams, refusing connection.");
1650 close_nointr_nofail(fd
);
1654 stream
= new0(StdoutStream
, 1);
1656 log_error("Out of memory.");
1657 close_nointr_nofail(fd
);
1663 len
= sizeof(stream
->ucred
);
1664 if (getsockopt(fd
, SOL_SOCKET
, SO_PEERCRED
, &stream
->ucred
, &len
) < 0) {
1665 log_error("Failed to determine peer credentials: %m");
1671 if (getpeercon(fd
, &stream
->security_context
) < 0)
1672 log_error("Failed to determine peer security context.");
1675 if (shutdown(fd
, SHUT_WR
) < 0) {
1676 log_error("Failed to shutdown writing side of socket: %m");
1682 ev
.data
.ptr
= stream
;
1683 ev
.events
= EPOLLIN
;
1684 if (epoll_ctl(s
->epoll_fd
, EPOLL_CTL_ADD
, fd
, &ev
) < 0) {
1685 log_error("Failed to add stream to event loop: %m");
1691 LIST_PREPEND(StdoutStream
, stdout_stream
, s
->stdout_streams
, stream
);
1692 s
->n_stdout_streams
++;
1697 stdout_stream_free(stream
);
1701 static int parse_kernel_timestamp(char **_p
, usec_t
*t
) {
1712 if (strlen(p
) < 14 || p
[0] != '[' || p
[13] != ']' || p
[6] != '.')
1717 for (i
= 1; i
<= 5; i
++) {
1723 k
= undecchar(p
[i
]);
1730 for (i
= 7; i
<= 12; i
++) {
1733 k
= undecchar(p
[i
]);
1742 *_p
+= strspn(*_p
, WHITESPACE
);
1747 static void proc_kmsg_line(Server
*s
, const char *p
) {
1748 struct iovec iovec
[N_IOVEC_META_FIELDS
+ 7];
1749 char *message
= NULL
, *syslog_priority
= NULL
, *syslog_pid
= NULL
, *syslog_facility
= NULL
, *syslog_identifier
= NULL
, *source_time
= NULL
;
1750 int priority
= LOG_KERN
| LOG_INFO
;
1753 char *identifier
= NULL
, *pid
= NULL
;
1761 parse_syslog_priority((char **) &p
, &priority
);
1763 if (s
->forward_to_kmsg
&& (priority
& LOG_FACMASK
) != LOG_KERN
)
1766 if (parse_kernel_timestamp((char **) &p
, &usec
) > 0) {
1767 if (asprintf(&source_time
, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1768 (unsigned long long) usec
) >= 0)
1769 IOVEC_SET_STRING(iovec
[n
++], source_time
);
1772 IOVEC_SET_STRING(iovec
[n
++], "_TRANSPORT=kernel");
1774 if (asprintf(&syslog_priority
, "PRIORITY=%i", priority
& LOG_PRIMASK
) >= 0)
1775 IOVEC_SET_STRING(iovec
[n
++], syslog_priority
);
1777 if ((priority
& LOG_FACMASK
) == LOG_KERN
) {
1779 if (s
->forward_to_syslog
)
1780 forward_syslog(s
, priority
, "kernel", p
, NULL
, NULL
);
1782 IOVEC_SET_STRING(iovec
[n
++], "SYSLOG_IDENTIFIER=kernel");
1784 read_identifier(&p
, &identifier
, &pid
);
1786 if (s
->forward_to_syslog
)
1787 forward_syslog(s
, priority
, identifier
, p
, NULL
, NULL
);
1790 syslog_identifier
= strappend("SYSLOG_IDENTIFIER=", identifier
);
1791 if (syslog_identifier
)
1792 IOVEC_SET_STRING(iovec
[n
++], syslog_identifier
);
1796 syslog_pid
= strappend("SYSLOG_PID=", pid
);
1798 IOVEC_SET_STRING(iovec
[n
++], syslog_pid
);
1801 if (asprintf(&syslog_facility
, "SYSLOG_FACILITY=%i", LOG_FAC(priority
)) >= 0)
1802 IOVEC_SET_STRING(iovec
[n
++], syslog_facility
);
1805 message
= strappend("MESSAGE=", p
);
1807 IOVEC_SET_STRING(iovec
[n
++], message
);
1809 dispatch_message(s
, iovec
, n
, ELEMENTSOF(iovec
), NULL
, NULL
, NULL
, 0, priority
);
1812 free(syslog_priority
);
1813 free(syslog_identifier
);
1815 free(syslog_facility
);
1821 static void proc_kmsg_scan(Server
*s
) {
1827 p
= s
->proc_kmsg_buffer
;
1828 remaining
= s
->proc_kmsg_length
;
1833 end
= memchr(p
, '\n', remaining
);
1836 else if (remaining
>= sizeof(s
->proc_kmsg_buffer
) - 1) {
1837 end
= p
+ sizeof(s
->proc_kmsg_buffer
) - 1;
1844 proc_kmsg_line(s
, p
);
1850 if (p
> s
->proc_kmsg_buffer
) {
1851 memmove(s
->proc_kmsg_buffer
, p
, remaining
);
1852 s
->proc_kmsg_length
= remaining
;
1856 static int system_journal_open(Server
*s
) {
1862 r
= sd_id128_get_machine(&machine
);
1866 sd_id128_to_string(machine
, ids
);
1868 if (!s
->system_journal
) {
1870 /* First try to create the machine path, but not the prefix */
1871 fn
= strappend("/var/log/journal/", ids
);
1874 (void) mkdir(fn
, 0755);
1877 /* The create the system journal file */
1878 fn
= join("/var/log/journal/", ids
, "/system.journal", NULL
);
1882 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, NULL
, &s
->system_journal
);
1886 journal_default_metrics(&s
->system_metrics
, s
->system_journal
->fd
);
1888 s
->system_journal
->metrics
= s
->system_metrics
;
1889 s
->system_journal
->compress
= s
->compress
;
1891 server_fix_perms(s
, s
->system_journal
, 0);
1894 if (r
!= -ENOENT
&& r
!= -EROFS
)
1895 log_warning("Failed to open system journal: %s", strerror(-r
));
1901 if (!s
->runtime_journal
) {
1903 fn
= join("/run/log/journal/", ids
, "/system.journal", NULL
);
1907 if (s
->system_journal
) {
1909 /* Try to open the runtime journal, but only
1910 * if it already exists, so that we can flush
1911 * it into the system journal */
1913 r
= journal_file_open_reliably(fn
, O_RDWR
, 0640, NULL
, &s
->runtime_journal
);
1918 log_warning("Failed to open runtime journal: %s", strerror(-r
));
1925 /* OK, we really need the runtime journal, so create
1926 * it if necessary. */
1928 (void) mkdir_parents(fn
, 0755);
1929 r
= journal_file_open_reliably(fn
, O_RDWR
|O_CREAT
, 0640, NULL
, &s
->runtime_journal
);
1933 log_error("Failed to open runtime journal: %s", strerror(-r
));
1938 if (s
->runtime_journal
) {
1939 journal_default_metrics(&s
->runtime_metrics
, s
->runtime_journal
->fd
);
1941 s
->runtime_journal
->metrics
= s
->runtime_metrics
;
1942 s
->runtime_journal
->compress
= s
->compress
;
1944 server_fix_perms(s
, s
->runtime_journal
, 0);
1951 static int server_flush_to_var(Server
*s
) {
1952 char path
[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
1961 if (!s
->runtime_journal
)
1964 ts
= now(CLOCK_MONOTONIC
);
1965 if (s
->var_available_timestamp
+ RECHECK_VAR_AVAILABLE_USEC
> ts
)
1968 s
->var_available_timestamp
= ts
;
1970 system_journal_open(s
);
1972 if (!s
->system_journal
)
1975 log_info("Flushing to /var...");
1977 r
= sd_id128_get_machine(&machine
);
1979 log_error("Failed to get machine id: %s", strerror(-r
));
1983 r
= sd_journal_open(&j
, SD_JOURNAL_RUNTIME_ONLY
);
1985 log_error("Failed to read runtime journal: %s", strerror(-r
));
1989 SD_JOURNAL_FOREACH(j
) {
1992 f
= j
->current_file
;
1993 assert(f
&& f
->current_offset
> 0);
1995 r
= journal_file_move_to_object(f
, OBJECT_ENTRY
, f
->current_offset
, &o
);
1997 log_error("Can't read entry: %s", strerror(-r
));
2001 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
2003 log_info("Allocation limit reached.");
2005 journal_file_post_change(s
->system_journal
);
2009 r
= journal_file_copy_entry(f
, s
->system_journal
, o
, f
->current_offset
, NULL
, NULL
, NULL
);
2013 log_error("Can't write entry: %s", strerror(-r
));
2019 journal_file_post_change(s
->system_journal
);
2021 journal_file_close(s
->runtime_journal
);
2022 s
->runtime_journal
= NULL
;
2025 sd_id128_to_string(machine
, path
+ 17);
2026 rm_rf(path
, false, true, false);
2032 static int server_read_proc_kmsg(Server
*s
) {
2035 assert(s
->proc_kmsg_fd
>= 0);
2037 l
= read(s
->proc_kmsg_fd
, s
->proc_kmsg_buffer
+ s
->proc_kmsg_length
, sizeof(s
->proc_kmsg_buffer
) - 1 - s
->proc_kmsg_length
);
2040 if (errno
== EAGAIN
|| errno
== EINTR
)
2043 log_error("Failed to read from kernel: %m");
2047 s
->proc_kmsg_length
+= l
;
2053 static int server_flush_proc_kmsg(Server
*s
) {
2058 if (s
->proc_kmsg_fd
< 0)
2061 log_info("Flushing /proc/kmsg...");
2064 r
= server_read_proc_kmsg(s
);
2075 static int process_event(Server
*s
, struct epoll_event
*ev
) {
2078 if (ev
->data
.fd
== s
->signal_fd
) {
2079 struct signalfd_siginfo sfsi
;
2082 if (ev
->events
!= EPOLLIN
) {
2083 log_info("Got invalid event from epoll.");
2087 n
= read(s
->signal_fd
, &sfsi
, sizeof(sfsi
));
2088 if (n
!= sizeof(sfsi
)) {
2093 if (errno
== EINTR
|| errno
== EAGAIN
)
2099 if (sfsi
.ssi_signo
== SIGUSR1
) {
2100 server_flush_to_var(s
);
2104 log_debug("Received SIG%s", signal_to_string(sfsi
.ssi_signo
));
2107 } else if (ev
->data
.fd
== s
->proc_kmsg_fd
) {
2110 if (ev
->events
!= EPOLLIN
) {
2111 log_info("Got invalid event from epoll.");
2115 r
= server_read_proc_kmsg(s
);
2121 } else if (ev
->data
.fd
== s
->native_fd
||
2122 ev
->data
.fd
== s
->syslog_fd
) {
2124 if (ev
->events
!= EPOLLIN
) {
2125 log_info("Got invalid event from epoll.");
2130 struct msghdr msghdr
;
2132 struct ucred
*ucred
= NULL
;
2133 struct timeval
*tv
= NULL
;
2134 struct cmsghdr
*cmsg
;
2136 size_t label_len
= 0;
2138 struct cmsghdr cmsghdr
;
2139 uint8_t buf
[CMSG_SPACE(sizeof(struct ucred
)) +
2140 CMSG_SPACE(sizeof(struct timeval
)) +
2141 CMSG_SPACE(sizeof(int)) +
2142 CMSG_SPACE(PAGE_SIZE
)]; /* selinux label */
2149 if (ioctl(ev
->data
.fd
, SIOCINQ
, &v
) < 0) {
2150 log_error("SIOCINQ failed: %m");
2154 if (s
->buffer_size
< (size_t) v
) {
2158 l
= MAX(LINE_MAX
+ (size_t) v
, s
->buffer_size
* 2);
2159 b
= realloc(s
->buffer
, l
+1);
2162 log_error("Couldn't increase buffer.");
2171 iovec
.iov_base
= s
->buffer
;
2172 iovec
.iov_len
= s
->buffer_size
;
2176 msghdr
.msg_iov
= &iovec
;
2177 msghdr
.msg_iovlen
= 1;
2178 msghdr
.msg_control
= &control
;
2179 msghdr
.msg_controllen
= sizeof(control
);
2181 n
= recvmsg(ev
->data
.fd
, &msghdr
, MSG_DONTWAIT
|MSG_CMSG_CLOEXEC
);
2184 if (errno
== EINTR
|| errno
== EAGAIN
)
2187 log_error("recvmsg() failed: %m");
2191 for (cmsg
= CMSG_FIRSTHDR(&msghdr
); cmsg
; cmsg
= CMSG_NXTHDR(&msghdr
, cmsg
)) {
2193 if (cmsg
->cmsg_level
== SOL_SOCKET
&&
2194 cmsg
->cmsg_type
== SCM_CREDENTIALS
&&
2195 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct ucred
)))
2196 ucred
= (struct ucred
*) CMSG_DATA(cmsg
);
2197 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
2198 cmsg
->cmsg_type
== SCM_SECURITY
) {
2199 label
= (char*) CMSG_DATA(cmsg
);
2200 label_len
= cmsg
->cmsg_len
- CMSG_LEN(0);
2201 } else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
2202 cmsg
->cmsg_type
== SO_TIMESTAMP
&&
2203 cmsg
->cmsg_len
== CMSG_LEN(sizeof(struct timeval
)))
2204 tv
= (struct timeval
*) CMSG_DATA(cmsg
);
2205 else if (cmsg
->cmsg_level
== SOL_SOCKET
&&
2206 cmsg
->cmsg_type
== SCM_RIGHTS
) {
2207 fds
= (int*) CMSG_DATA(cmsg
);
2208 n_fds
= (cmsg
->cmsg_len
- CMSG_LEN(0)) / sizeof(int);
2212 if (ev
->data
.fd
== s
->syslog_fd
) {
2215 if (n
> 0 && n_fds
== 0) {
2216 e
= memchr(s
->buffer
, '\n', n
);
2222 process_syslog_message(s
, strstrip(s
->buffer
), ucred
, tv
, label
, label_len
);
2223 } else if (n_fds
> 0)
2224 log_warning("Got file descriptors via syslog socket. Ignoring.");
2227 if (n
> 0 && n_fds
== 0)
2228 process_native_message(s
, s
->buffer
, n
, ucred
, tv
, label
, label_len
);
2229 else if (n
== 0 && n_fds
== 1)
2230 process_native_file(s
, fds
[0], ucred
, tv
, label
, label_len
);
2232 log_warning("Got too many file descriptors via native socket. Ignoring.");
2235 close_many(fds
, n_fds
);
2240 } else if (ev
->data
.fd
== s
->stdout_fd
) {
2242 if (ev
->events
!= EPOLLIN
) {
2243 log_info("Got invalid event from epoll.");
2247 stdout_stream_new(s
);
2251 StdoutStream
*stream
;
2253 if ((ev
->events
|EPOLLIN
|EPOLLHUP
) != (EPOLLIN
|EPOLLHUP
)) {
2254 log_info("Got invalid event from epoll.");
2258 /* If it is none of the well-known fds, it must be an
2259 * stdout stream fd. Note that this is a bit ugly here
2260 * (since we rely that none of the well-known fds
2261 * could be interpreted as pointer), but nonetheless
2262 * safe, since the well-known fds would never get an
2263 * fd > 4096, i.e. beyond the first memory page */
2265 stream
= ev
->data
.ptr
;
2267 if (stdout_stream_process(stream
) <= 0)
2268 stdout_stream_free(stream
);
2273 log_error("Unknown event.");
2277 static int open_syslog_socket(Server
*s
) {
2278 union sockaddr_union sa
;
2280 struct epoll_event ev
;
2284 if (s
->syslog_fd
< 0) {
2286 s
->syslog_fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
2287 if (s
->syslog_fd
< 0) {
2288 log_error("socket() failed: %m");
2293 sa
.un
.sun_family
= AF_UNIX
;
2294 strncpy(sa
.un
.sun_path
, "/dev/log", sizeof(sa
.un
.sun_path
));
2296 unlink(sa
.un
.sun_path
);
2298 r
= bind(s
->syslog_fd
, &sa
.sa
, offsetof(union sockaddr_union
, un
.sun_path
) + strlen(sa
.un
.sun_path
));
2300 log_error("bind() failed: %m");
2304 chmod(sa
.un
.sun_path
, 0666);
2306 fd_nonblock(s
->syslog_fd
, 1);
2309 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
));
2311 log_error("SO_PASSCRED failed: %m");
2317 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_PASSSEC
, &one
, sizeof(one
));
2319 log_warning("SO_PASSSEC failed: %m");
2323 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_TIMESTAMP
, &one
, sizeof(one
));
2325 log_error("SO_TIMESTAMP failed: %m");
2330 ev
.events
= EPOLLIN
;
2331 ev
.data
.fd
= s
->syslog_fd
;
2332 if (epoll_ctl(s
->epoll_fd
, EPOLL_CTL_ADD
, s
->syslog_fd
, &ev
) < 0) {
2333 log_error("Failed to add syslog server fd to epoll object: %m");
2340 static int open_native_socket(Server
*s
) {
2341 union sockaddr_union sa
;
2343 struct epoll_event ev
;
2347 if (s
->native_fd
< 0) {
2349 s
->native_fd
= socket(AF_UNIX
, SOCK_DGRAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
2350 if (s
->native_fd
< 0) {
2351 log_error("socket() failed: %m");
2356 sa
.un
.sun_family
= AF_UNIX
;
2357 strncpy(sa
.un
.sun_path
, "/run/systemd/journal/socket", sizeof(sa
.un
.sun_path
));
2359 unlink(sa
.un
.sun_path
);
2361 r
= bind(s
->native_fd
, &sa
.sa
, offsetof(union sockaddr_union
, un
.sun_path
) + strlen(sa
.un
.sun_path
));
2363 log_error("bind() failed: %m");
2367 chmod(sa
.un
.sun_path
, 0666);
2369 fd_nonblock(s
->native_fd
, 1);
2372 r
= setsockopt(s
->native_fd
, SOL_SOCKET
, SO_PASSCRED
, &one
, sizeof(one
));
2374 log_error("SO_PASSCRED failed: %m");
2380 r
= setsockopt(s
->syslog_fd
, SOL_SOCKET
, SO_PASSSEC
, &one
, sizeof(one
));
2382 log_warning("SO_PASSSEC failed: %m");
2386 r
= setsockopt(s
->native_fd
, SOL_SOCKET
, SO_TIMESTAMP
, &one
, sizeof(one
));
2388 log_error("SO_TIMESTAMP failed: %m");
2393 ev
.events
= EPOLLIN
;
2394 ev
.data
.fd
= s
->native_fd
;
2395 if (epoll_ctl(s
->epoll_fd
, EPOLL_CTL_ADD
, s
->native_fd
, &ev
) < 0) {
2396 log_error("Failed to add native server fd to epoll object: %m");
2403 static int open_stdout_socket(Server
*s
) {
2404 union sockaddr_union sa
;
2406 struct epoll_event ev
;
2410 if (s
->stdout_fd
< 0) {
2412 s
->stdout_fd
= socket(AF_UNIX
, SOCK_STREAM
|SOCK_CLOEXEC
|SOCK_NONBLOCK
, 0);
2413 if (s
->stdout_fd
< 0) {
2414 log_error("socket() failed: %m");
2419 sa
.un
.sun_family
= AF_UNIX
;
2420 strncpy(sa
.un
.sun_path
, "/run/systemd/journal/stdout", sizeof(sa
.un
.sun_path
));
2422 unlink(sa
.un
.sun_path
);
2424 r
= bind(s
->stdout_fd
, &sa
.sa
, offsetof(union sockaddr_union
, un
.sun_path
) + strlen(sa
.un
.sun_path
));
2426 log_error("bind() failed: %m");
2430 chmod(sa
.un
.sun_path
, 0666);
2432 if (listen(s
->stdout_fd
, SOMAXCONN
) < 0) {
2433 log_error("liste() failed: %m");
2437 fd_nonblock(s
->stdout_fd
, 1);
2440 ev
.events
= EPOLLIN
;
2441 ev
.data
.fd
= s
->stdout_fd
;
2442 if (epoll_ctl(s
->epoll_fd
, EPOLL_CTL_ADD
, s
->stdout_fd
, &ev
) < 0) {
2443 log_error("Failed to add stdout server fd to epoll object: %m");
2450 static int open_proc_kmsg(Server
*s
) {
2451 struct epoll_event ev
;
2455 if (!s
->import_proc_kmsg
)
2459 s
->proc_kmsg_fd
= open("/proc/kmsg", O_CLOEXEC
|O_NONBLOCK
|O_NOCTTY
);
2460 if (s
->proc_kmsg_fd
< 0) {
2461 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2466 ev
.events
= EPOLLIN
;
2467 ev
.data
.fd
= s
->proc_kmsg_fd
;
2468 if (epoll_ctl(s
->epoll_fd
, EPOLL_CTL_ADD
, s
->proc_kmsg_fd
, &ev
) < 0) {
2469 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2476 static int open_signalfd(Server
*s
) {
2478 struct epoll_event ev
;
2482 assert_se(sigemptyset(&mask
) == 0);
2483 sigset_add_many(&mask
, SIGINT
, SIGTERM
, SIGUSR1
, -1);
2484 assert_se(sigprocmask(SIG_SETMASK
, &mask
, NULL
) == 0);
2486 s
->signal_fd
= signalfd(-1, &mask
, SFD_NONBLOCK
|SFD_CLOEXEC
);
2487 if (s
->signal_fd
< 0) {
2488 log_error("signalfd(): %m");
2493 ev
.events
= EPOLLIN
;
2494 ev
.data
.fd
= s
->signal_fd
;
2496 if (epoll_ctl(s
->epoll_fd
, EPOLL_CTL_ADD
, s
->signal_fd
, &ev
) < 0) {
2497 log_error("epoll_ctl(): %m");
2504 static int server_parse_proc_cmdline(Server
*s
) {
2505 char *line
, *w
, *state
;
2509 if (detect_container(NULL
) > 0)
2512 r
= read_one_line_file("/proc/cmdline", &line
);
2514 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r
));
2518 FOREACH_WORD_QUOTED(w
, l
, line
, state
) {
2521 word
= strndup(w
, l
);
2527 if (startswith(word
, "systemd_journald.forward_to_syslog=")) {
2528 r
= parse_boolean(word
+ 35);
2530 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word
+ 35);
2532 s
->forward_to_syslog
= r
;
2533 } else if (startswith(word
, "systemd_journald.forward_to_kmsg=")) {
2534 r
= parse_boolean(word
+ 33);
2536 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word
+ 33);
2538 s
->forward_to_kmsg
= r
;
2539 } else if (startswith(word
, "systemd_journald.forward_to_console=")) {
2540 r
= parse_boolean(word
+ 36);
2542 log_warning("Failed to parse forward to console switch %s. Ignoring.", word
+ 36);
2544 s
->forward_to_console
= r
;
2557 static int server_parse_config_file(Server
*s
) {
2564 fn
= "/etc/systemd/systemd-journald.conf";
2565 f
= fopen(fn
, "re");
2567 if (errno
== ENOENT
)
2570 log_warning("Failed to open configuration file %s: %m", fn
);
2574 r
= config_parse(fn
, f
, "Journal\0", config_item_perf_lookup
, (void*) journald_gperf_lookup
, false, s
);
2576 log_warning("Failed to parse configuration file: %s", strerror(-r
));
2583 static int server_init(Server
*s
) {
2589 s
->syslog_fd
= s
->native_fd
= s
->stdout_fd
= s
->signal_fd
= s
->epoll_fd
= s
->proc_kmsg_fd
= -1;
2592 s
->rate_limit_interval
= DEFAULT_RATE_LIMIT_INTERVAL
;
2593 s
->rate_limit_burst
= DEFAULT_RATE_LIMIT_BURST
;
2595 s
->forward_to_syslog
= true;
2596 s
->import_proc_kmsg
= true;
2598 memset(&s
->system_metrics
, 0xFF, sizeof(s
->system_metrics
));
2599 memset(&s
->runtime_metrics
, 0xFF, sizeof(s
->runtime_metrics
));
2601 server_parse_config_file(s
);
2602 server_parse_proc_cmdline(s
);
2604 s
->user_journals
= hashmap_new(trivial_hash_func
, trivial_compare_func
);
2605 if (!s
->user_journals
) {
2606 log_error("Out of memory.");
2610 s
->epoll_fd
= epoll_create1(EPOLL_CLOEXEC
);
2611 if (s
->epoll_fd
< 0) {
2612 log_error("Failed to create epoll object: %m");
2616 n
= sd_listen_fds(true);
2618 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n
));
2622 for (fd
= SD_LISTEN_FDS_START
; fd
< SD_LISTEN_FDS_START
+ n
; fd
++) {
2624 if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/run/systemd/journal/socket", 0) > 0) {
2626 if (s
->native_fd
>= 0) {
2627 log_error("Too many native sockets passed.");
2633 } else if (sd_is_socket_unix(fd
, SOCK_STREAM
, 1, "/run/systemd/journal/stdout", 0) > 0) {
2635 if (s
->stdout_fd
>= 0) {
2636 log_error("Too many stdout sockets passed.");
2642 } else if (sd_is_socket_unix(fd
, SOCK_DGRAM
, -1, "/dev/log", 0) > 0) {
2644 if (s
->syslog_fd
>= 0) {
2645 log_error("Too many /dev/log sockets passed.");
2652 log_error("Unknown socket passed.");
2657 r
= open_syslog_socket(s
);
2661 r
= open_native_socket(s
);
2665 r
= open_stdout_socket(s
);
2669 r
= open_proc_kmsg(s
);
2673 r
= open_signalfd(s
);
2677 s
->rate_limit
= journal_rate_limit_new(s
->rate_limit_interval
, s
->rate_limit_burst
);
2681 r
= system_journal_open(s
);
2688 static void server_done(Server
*s
) {
2692 while (s
->stdout_streams
)
2693 stdout_stream_free(s
->stdout_streams
);
2695 if (s
->system_journal
)
2696 journal_file_close(s
->system_journal
);
2698 if (s
->runtime_journal
)
2699 journal_file_close(s
->runtime_journal
);
2701 while ((f
= hashmap_steal_first(s
->user_journals
)))
2702 journal_file_close(f
);
2704 hashmap_free(s
->user_journals
);
2706 if (s
->epoll_fd
>= 0)
2707 close_nointr_nofail(s
->epoll_fd
);
2709 if (s
->signal_fd
>= 0)
2710 close_nointr_nofail(s
->signal_fd
);
2712 if (s
->syslog_fd
>= 0)
2713 close_nointr_nofail(s
->syslog_fd
);
2715 if (s
->native_fd
>= 0)
2716 close_nointr_nofail(s
->native_fd
);
2718 if (s
->stdout_fd
>= 0)
2719 close_nointr_nofail(s
->stdout_fd
);
2721 if (s
->proc_kmsg_fd
>= 0)
2722 close_nointr_nofail(s
->proc_kmsg_fd
);
2725 journal_rate_limit_free(s
->rate_limit
);
2730 int main(int argc
, char *argv
[]) {
2734 /* if (getppid() != 1) { */
2735 /* log_error("This program should be invoked by init only."); */
2736 /* return EXIT_FAILURE; */
2740 log_error("This program does not take arguments.");
2741 return EXIT_FAILURE
;
2744 log_set_target(LOG_TARGET_CONSOLE
);
2745 log_parse_environment();
2750 r
= server_init(&server
);
2754 server_vacuum(&server
);
2755 server_flush_to_var(&server
);
2756 server_flush_proc_kmsg(&server
);
2758 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2759 driver_message(&server
, SD_MESSAGE_JOURNAL_START
, "Journal started");
2763 "STATUS=Processing requests...");
2766 struct epoll_event event
;
2768 r
= epoll_wait(server
.epoll_fd
, &event
, 1, -1);
2774 log_error("epoll_wait() failed: %m");
2780 r
= process_event(&server
, &event
);
2787 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2788 driver_message(&server
, SD_MESSAGE_JOURNAL_STOP
, "Journal stopped");
2792 "STATUS=Shutting down...");
2794 server_done(&server
);
2796 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;