journal-file: refuse writing to journal files where the header size is different...

We keep adding fields to the header, and it's fine reading files with
different header sizes, as we check via the size if the fields we need
are included. However, let's be stricter when writing journal files than
when reading, and insist that the header structure in the file actually
matches our expectations. Refuse otherwise, so that a new file is
created after rotation that then matches our expectations.

This makes sure that mismatch in header size is treated exactly as
unknown "compatible" flags, which is our other mechanism to allow
extending the journal file format in a non-breaking way.

diff --git a/src/libsystemd/sd-journal/journal-file.c b/src/libsystemd/sd-journal/journal-file.c
index eae8d538fdc7279ff502e9e6e7f499941229e8ce..ca12fc1190916ba2f264a893f34452937f8a1177 100644 (file)
--- a/src/libsystemd/sd-journal/journal-file.c
+++ b/src/libsystemd/sd-journal/journal-file.c
@@ -483,6 +483,11 @@ static int journal_file_verify_header(JournalFile *f) {
         if (header_size < HEADER_SIZE_MIN)
                 return -EBADMSG;
 
+        /* When open for writing we refuse to open files with a mismatch of the header size, i.e. writing to
+         * files implementing older or new header structures. */
+        if (journal_file_writable(f) && header_size != sizeof(Header))
+                return -EPROTONOSUPPORT;
+
         if (JOURNAL_HEADER_SEALED(f->header) && !JOURNAL_HEADER_CONTAINS(f->header, n_entry_arrays))
                 return -EBADMSG;