chiark / gitweb /
sysctl: move property handling to shared/
[elogind.git] / src / journal / journalctl.c
1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2
3 /***
4   This file is part of systemd.
5
6   Copyright 2011 Lennart Poettering
7
8   systemd is free software; you can redistribute it and/or modify it
9   under the terms of the GNU Lesser General Public License as published by
10   the Free Software Foundation; either version 2.1 of the License, or
11   (at your option) any later version.
12
13   systemd is distributed in the hope that it will be useful, but
14   WITHOUT ANY WARRANTY; without even the implied warranty of
15   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16   Lesser General Public License for more details.
17
18   You should have received a copy of the GNU Lesser General Public License
19   along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 ***/
21
22 #include <locale.h>
23 #include <fcntl.h>
24 #include <fnmatch.h>
25 #include <errno.h>
26 #include <stddef.h>
27 #include <string.h>
28 #include <stdio.h>
29 #include <unistd.h>
30 #include <stdlib.h>
31 #include <getopt.h>
32 #include <signal.h>
33 #include <poll.h>
34 #include <sys/stat.h>
35 #include <sys/inotify.h>
36 #include <linux/fs.h>
37
38 #include "sd-journal.h"
39 #include "sd-bus.h"
40
41 #include "log.h"
42 #include "logs-show.h"
43 #include "util.h"
44 #include "acl-util.h"
45 #include "path-util.h"
46 #include "fileio.h"
47 #include "build.h"
48 #include "pager.h"
49 #include "strv.h"
50 #include "set.h"
51 #include "sigbus.h"
52 #include "journal-internal.h"
53 #include "journal-def.h"
54 #include "journal-verify.h"
55 #include "journal-qrcode.h"
56 #include "journal-vacuum.h"
57 #include "fsprg.h"
58 #include "unit-name.h"
59 #include "catalog.h"
60 #include "mkdir.h"
61 #include "bus-util.h"
62 #include "bus-error.h"
63
64 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
65
66 enum {
67         /* Special values for arg_lines */
68         ARG_LINES_DEFAULT = -2,
69         ARG_LINES_ALL = -1,
70 };
71
72 static OutputMode arg_output = OUTPUT_SHORT;
73 static bool arg_utc = false;
74 static bool arg_pager_end = false;
75 static bool arg_follow = false;
76 static bool arg_full = true;
77 static bool arg_all = false;
78 static bool arg_no_pager = false;
79 static int arg_lines = ARG_LINES_DEFAULT;
80 static bool arg_no_tail = false;
81 static bool arg_quiet = false;
82 static bool arg_merge = false;
83 static bool arg_boot = false;
84 static sd_id128_t arg_boot_id = {};
85 static int arg_boot_offset = 0;
86 static bool arg_dmesg = false;
87 static const char *arg_cursor = NULL;
88 static const char *arg_after_cursor = NULL;
89 static bool arg_show_cursor = false;
90 static const char *arg_directory = NULL;
91 static char **arg_file = NULL;
92 static int arg_priorities = 0xFF;
93 static const char *arg_verify_key = NULL;
94 #ifdef HAVE_GCRYPT
95 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
96 static bool arg_force = false;
97 #endif
98 static usec_t arg_since, arg_until;
99 static bool arg_since_set = false, arg_until_set = false;
100 static char **arg_syslog_identifier = NULL;
101 static char **arg_system_units = NULL;
102 static char **arg_user_units = NULL;
103 static const char *arg_field = NULL;
104 static bool arg_catalog = false;
105 static bool arg_reverse = false;
106 static int arg_journal_type = 0;
107 static const char *arg_root = NULL;
108 static const char *arg_machine = NULL;
109 static off_t arg_vacuum_size = (off_t) -1;
110 static usec_t arg_vacuum_time = USEC_INFINITY;
111
112 static enum {
113         ACTION_SHOW,
114         ACTION_NEW_ID128,
115         ACTION_PRINT_HEADER,
116         ACTION_SETUP_KEYS,
117         ACTION_VERIFY,
118         ACTION_DISK_USAGE,
119         ACTION_LIST_CATALOG,
120         ACTION_DUMP_CATALOG,
121         ACTION_UPDATE_CATALOG,
122         ACTION_LIST_BOOTS,
123         ACTION_FLUSH,
124         ACTION_VACUUM,
125 } arg_action = ACTION_SHOW;
126
127 typedef struct boot_id_t {
128         sd_id128_t id;
129         uint64_t first;
130         uint64_t last;
131 } boot_id_t;
132
133 static void pager_open_if_enabled(void) {
134
135         if (arg_no_pager)
136                 return;
137
138         pager_open(arg_pager_end);
139 }
140
141 static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
142
143         if (arg_utc)
144                 return format_timestamp_utc(buf, l, t);
145
146         return format_timestamp(buf, l, t);
147 }
148
149 static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
150         sd_id128_t id = SD_ID128_NULL;
151         int off = 0, r;
152
153         if (strlen(x) >= 32) {
154                 char *t;
155
156                 t = strndupa(x, 32);
157                 r = sd_id128_from_string(t, &id);
158                 if (r >= 0)
159                         x += 32;
160
161                 if (*x != '-' && *x != '+' && *x != 0)
162                         return -EINVAL;
163
164                 if (*x != 0) {
165                         r = safe_atoi(x, &off);
166                         if (r < 0)
167                                 return r;
168                 }
169         } else {
170                 r = safe_atoi(x, &off);
171                 if (r < 0)
172                         return r;
173         }
174
175         if (boot_id)
176                 *boot_id = id;
177
178         if (offset)
179                 *offset = off;
180
181         return 0;
182 }
183
184 static void help(void) {
185
186         pager_open_if_enabled();
187
188         printf("%s [OPTIONS...] [MATCHES...]\n\n"
189                "Query the journal.\n\n"
190                "Flags:\n"
191                "     --system              Show the system journal\n"
192                "     --user                Show the user journal for the current user\n"
193                "  -M --machine=CONTAINER   Operate on local container\n"
194                "     --since=DATE          Show entries not older than the specified date\n"
195                "     --until=DATE          Show entries not newer than the specified date\n"
196                "  -c --cursor=CURSOR       Show entries starting at the specified cursor\n"
197                "     --after-cursor=CURSOR Show entries after the specified cursor\n"
198                "     --show-cursor         Print the cursor after all the entries\n"
199                "  -b --boot[=ID]           Show current boot or the specified boot\n"
200                "     --list-boots          Show terse information about recorded boots\n"
201                "  -k --dmesg               Show kernel message log from the current boot\n"
202                "  -u --unit=UNIT           Show logs from the specified unit\n"
203                "     --user-unit=UNIT      Show logs from the specified user unit\n"
204                "  -t --identifier=STRING   Show entries with the specified syslog identifier\n"
205                "  -p --priority=RANGE      Show entries with the specified priority\n"
206                "  -e --pager-end           Immediately jump to the end in the pager\n"
207                "  -f --follow              Follow the journal\n"
208                "  -n --lines[=INTEGER]     Number of journal entries to show\n"
209                "     --no-tail             Show all lines, even in follow mode\n"
210                "  -r --reverse             Show the newest entries first\n"
211                "  -o --output=STRING       Change journal output mode (short, short-iso,\n"
212                "                                   short-precise, short-monotonic, verbose,\n"
213                "                                   export, json, json-pretty, json-sse, cat)\n"
214                "     --utc                 Express time in Coordinated Universal Time (UTC)\n"
215                "  -x --catalog             Add message explanations where available\n"
216                "     --no-full             Ellipsize fields\n"
217                "  -a --all                 Show all fields, including long and unprintable\n"
218                "  -q --quiet               Do not show privilege warning\n"
219                "     --no-pager            Do not pipe output into a pager\n"
220                "  -m --merge               Show entries from all available journals\n"
221                "  -D --directory=PATH      Show journal files from directory\n"
222                "     --file=PATH           Show journal file\n"
223                "     --root=ROOT           Operate on catalog files underneath the root ROOT\n"
224 #ifdef HAVE_GCRYPT
225                "     --interval=TIME       Time interval for changing the FSS sealing key\n"
226                "     --verify-key=KEY      Specify FSS verification key\n"
227                "     --force               Override of the FSS key pair with --setup-keys\n"
228 #endif
229                "\nCommands:\n"
230                "  -h --help                Show this help text\n"
231                "     --version             Show package version\n"
232                "  -F --field=FIELD         List all values that a specified field takes\n"
233                "     --new-id128           Generate a new 128-bit ID\n"
234                "     --disk-usage          Show total disk usage of all journal files\n"
235                "     --vacuum-size=BYTES   Reduce disk usage below specified size\n"
236                "     --vacuum-time=TIME    Remove journal files older than specified date\n"
237                "     --flush               Flush all journal data from /run into /var\n"
238                "     --header              Show journal header information\n"
239                "     --list-catalog        Show all message IDs in the catalog\n"
240                "     --dump-catalog        Show entries in the message catalog\n"
241                "     --update-catalog      Update the message catalog database\n"
242 #ifdef HAVE_GCRYPT
243                "     --setup-keys          Generate a new FSS key pair\n"
244                "     --verify              Verify journal file consistency\n"
245 #endif
246                , program_invocation_short_name);
247 }
248
249 static int parse_argv(int argc, char *argv[]) {
250
251         enum {
252                 ARG_VERSION = 0x100,
253                 ARG_NO_PAGER,
254                 ARG_NO_FULL,
255                 ARG_NO_TAIL,
256                 ARG_NEW_ID128,
257                 ARG_LIST_BOOTS,
258                 ARG_USER,
259                 ARG_SYSTEM,
260                 ARG_ROOT,
261                 ARG_HEADER,
262                 ARG_SETUP_KEYS,
263                 ARG_FILE,
264                 ARG_INTERVAL,
265                 ARG_VERIFY,
266                 ARG_VERIFY_KEY,
267                 ARG_DISK_USAGE,
268                 ARG_SINCE,
269                 ARG_UNTIL,
270                 ARG_AFTER_CURSOR,
271                 ARG_SHOW_CURSOR,
272                 ARG_USER_UNIT,
273                 ARG_LIST_CATALOG,
274                 ARG_DUMP_CATALOG,
275                 ARG_UPDATE_CATALOG,
276                 ARG_FORCE,
277                 ARG_UTC,
278                 ARG_FLUSH,
279                 ARG_VACUUM_SIZE,
280                 ARG_VACUUM_TIME,
281         };
282
283         static const struct option options[] = {
284                 { "help",           no_argument,       NULL, 'h'                },
285                 { "version" ,       no_argument,       NULL, ARG_VERSION        },
286                 { "no-pager",       no_argument,       NULL, ARG_NO_PAGER       },
287                 { "pager-end",      no_argument,       NULL, 'e'                },
288                 { "follow",         no_argument,       NULL, 'f'                },
289                 { "force",          no_argument,       NULL, ARG_FORCE          },
290                 { "output",         required_argument, NULL, 'o'                },
291                 { "all",            no_argument,       NULL, 'a'                },
292                 { "full",           no_argument,       NULL, 'l'                },
293                 { "no-full",        no_argument,       NULL, ARG_NO_FULL        },
294                 { "lines",          optional_argument, NULL, 'n'                },
295                 { "no-tail",        no_argument,       NULL, ARG_NO_TAIL        },
296                 { "new-id128",      no_argument,       NULL, ARG_NEW_ID128      },
297                 { "quiet",          no_argument,       NULL, 'q'                },
298                 { "merge",          no_argument,       NULL, 'm'                },
299                 { "boot",           optional_argument, NULL, 'b'                },
300                 { "list-boots",     no_argument,       NULL, ARG_LIST_BOOTS     },
301                 { "this-boot",      optional_argument, NULL, 'b'                }, /* deprecated */
302                 { "dmesg",          no_argument,       NULL, 'k'                },
303                 { "system",         no_argument,       NULL, ARG_SYSTEM         },
304                 { "user",           no_argument,       NULL, ARG_USER           },
305                 { "directory",      required_argument, NULL, 'D'                },
306                 { "file",           required_argument, NULL, ARG_FILE           },
307                 { "root",           required_argument, NULL, ARG_ROOT           },
308                 { "header",         no_argument,       NULL, ARG_HEADER         },
309                 { "identifier",     required_argument, NULL, 't'                },
310                 { "priority",       required_argument, NULL, 'p'                },
311                 { "setup-keys",     no_argument,       NULL, ARG_SETUP_KEYS     },
312                 { "interval",       required_argument, NULL, ARG_INTERVAL       },
313                 { "verify",         no_argument,       NULL, ARG_VERIFY         },
314                 { "verify-key",     required_argument, NULL, ARG_VERIFY_KEY     },
315                 { "disk-usage",     no_argument,       NULL, ARG_DISK_USAGE     },
316                 { "cursor",         required_argument, NULL, 'c'                },
317                 { "after-cursor",   required_argument, NULL, ARG_AFTER_CURSOR   },
318                 { "show-cursor",    no_argument,       NULL, ARG_SHOW_CURSOR    },
319                 { "since",          required_argument, NULL, ARG_SINCE          },
320                 { "until",          required_argument, NULL, ARG_UNTIL          },
321                 { "unit",           required_argument, NULL, 'u'                },
322                 { "user-unit",      required_argument, NULL, ARG_USER_UNIT      },
323                 { "field",          required_argument, NULL, 'F'                },
324                 { "catalog",        no_argument,       NULL, 'x'                },
325                 { "list-catalog",   no_argument,       NULL, ARG_LIST_CATALOG   },
326                 { "dump-catalog",   no_argument,       NULL, ARG_DUMP_CATALOG   },
327                 { "update-catalog", no_argument,       NULL, ARG_UPDATE_CATALOG },
328                 { "reverse",        no_argument,       NULL, 'r'                },
329                 { "machine",        required_argument, NULL, 'M'                },
330                 { "utc",            no_argument,       NULL, ARG_UTC            },
331                 { "flush",          no_argument,       NULL, ARG_FLUSH          },
332                 { "vacuum-size",    required_argument, NULL, ARG_VACUUM_SIZE    },
333                 { "vacuum-time",    required_argument, NULL, ARG_VACUUM_TIME    },
334                 {}
335         };
336
337         int c, r;
338
339         assert(argc >= 0);
340         assert(argv);
341
342         while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:t:u:F:xrM:", options, NULL)) >= 0)
343
344                 switch (c) {
345
346                 case 'h':
347                         help();
348                         return 0;
349
350                 case ARG_VERSION:
351                         puts(PACKAGE_STRING);
352                         puts(SYSTEMD_FEATURES);
353                         return 0;
354
355                 case ARG_NO_PAGER:
356                         arg_no_pager = true;
357                         break;
358
359                 case 'e':
360                         arg_pager_end = true;
361
362                         if (arg_lines == ARG_LINES_DEFAULT)
363                                 arg_lines = 1000;
364
365                         break;
366
367                 case 'f':
368                         arg_follow = true;
369                         break;
370
371                 case 'o':
372                         arg_output = output_mode_from_string(optarg);
373                         if (arg_output < 0) {
374                                 log_error("Unknown output format '%s'.", optarg);
375                                 return -EINVAL;
376                         }
377
378                         if (arg_output == OUTPUT_EXPORT ||
379                             arg_output == OUTPUT_JSON ||
380                             arg_output == OUTPUT_JSON_PRETTY ||
381                             arg_output == OUTPUT_JSON_SSE ||
382                             arg_output == OUTPUT_CAT)
383                                 arg_quiet = true;
384
385                         break;
386
387                 case 'l':
388                         arg_full = true;
389                         break;
390
391                 case ARG_NO_FULL:
392                         arg_full = false;
393                         break;
394
395                 case 'a':
396                         arg_all = true;
397                         break;
398
399                 case 'n':
400                         if (optarg) {
401                                 if (streq(optarg, "all"))
402                                         arg_lines = ARG_LINES_ALL;
403                                 else {
404                                         r = safe_atoi(optarg, &arg_lines);
405                                         if (r < 0 || arg_lines < 0) {
406                                                 log_error("Failed to parse lines '%s'", optarg);
407                                                 return -EINVAL;
408                                         }
409                                 }
410                         } else {
411                                 arg_lines = 10;
412
413                                 /* Hmm, no argument? Maybe the next
414                                  * word on the command line is
415                                  * supposed to be the argument? Let's
416                                  * see if there is one, and is
417                                  * parsable. */
418                                 if (optind < argc) {
419                                         int n;
420                                         if (streq(argv[optind], "all")) {
421                                                 arg_lines = ARG_LINES_ALL;
422                                                 optind++;
423                                         } else if (safe_atoi(argv[optind], &n) >= 0 && n >= 0) {
424                                                 arg_lines = n;
425                                                 optind++;
426                                         }
427                                 }
428                         }
429
430                         break;
431
432                 case ARG_NO_TAIL:
433                         arg_no_tail = true;
434                         break;
435
436                 case ARG_NEW_ID128:
437                         arg_action = ACTION_NEW_ID128;
438                         break;
439
440                 case 'q':
441                         arg_quiet = true;
442                         break;
443
444                 case 'm':
445                         arg_merge = true;
446                         break;
447
448                 case 'b':
449                         arg_boot = true;
450
451                         if (optarg) {
452                                 r =  parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
453                                 if (r < 0) {
454                                         log_error("Failed to parse boot descriptor '%s'", optarg);
455                                         return -EINVAL;
456                                 }
457                         } else {
458
459                                 /* Hmm, no argument? Maybe the next
460                                  * word on the command line is
461                                  * supposed to be the argument? Let's
462                                  * see if there is one and is parsable
463                                  * as a boot descriptor... */
464
465                                 if (optind < argc &&
466                                     parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
467                                         optind++;
468                         }
469
470                         break;
471
472                 case ARG_LIST_BOOTS:
473                         arg_action = ACTION_LIST_BOOTS;
474                         break;
475
476                 case 'k':
477                         arg_boot = arg_dmesg = true;
478                         break;
479
480                 case ARG_SYSTEM:
481                         arg_journal_type |= SD_JOURNAL_SYSTEM;
482                         break;
483
484                 case ARG_USER:
485                         arg_journal_type |= SD_JOURNAL_CURRENT_USER;
486                         break;
487
488                 case 'M':
489                         arg_machine = optarg;
490                         break;
491
492                 case 'D':
493                         arg_directory = optarg;
494                         break;
495
496                 case ARG_FILE:
497                         r = glob_extend(&arg_file, optarg);
498                         if (r < 0)
499                                 return log_error_errno(r, "Failed to add paths: %m");
500                         break;
501
502                 case ARG_ROOT:
503                         arg_root = optarg;
504                         break;
505
506                 case 'c':
507                         arg_cursor = optarg;
508                         break;
509
510                 case ARG_AFTER_CURSOR:
511                         arg_after_cursor = optarg;
512                         break;
513
514                 case ARG_SHOW_CURSOR:
515                         arg_show_cursor = true;
516                         break;
517
518                 case ARG_HEADER:
519                         arg_action = ACTION_PRINT_HEADER;
520                         break;
521
522                 case ARG_VERIFY:
523                         arg_action = ACTION_VERIFY;
524                         break;
525
526                 case ARG_DISK_USAGE:
527                         arg_action = ACTION_DISK_USAGE;
528                         break;
529
530                 case ARG_VACUUM_SIZE:
531                         r = parse_size(optarg, 1024, &arg_vacuum_size);
532                         if (r < 0) {
533                                 log_error("Failed to parse vacuum size: %s", optarg);
534                                 return r;
535                         }
536
537                         arg_action = ACTION_VACUUM;
538                         break;
539
540                 case ARG_VACUUM_TIME:
541                         r = parse_sec(optarg, &arg_vacuum_time);
542                         if (r < 0) {
543                                 log_error("Failed to parse vacuum time: %s", optarg);
544                                 return r;
545                         }
546
547                         arg_action = ACTION_VACUUM;
548                         break;
549
550 #ifdef HAVE_GCRYPT
551                 case ARG_FORCE:
552                         arg_force = true;
553                         break;
554
555                 case ARG_SETUP_KEYS:
556                         arg_action = ACTION_SETUP_KEYS;
557                         break;
558
559
560                 case ARG_VERIFY_KEY:
561                         arg_action = ACTION_VERIFY;
562                         arg_verify_key = optarg;
563                         arg_merge = false;
564                         break;
565
566                 case ARG_INTERVAL:
567                         r = parse_sec(optarg, &arg_interval);
568                         if (r < 0 || arg_interval <= 0) {
569                                 log_error("Failed to parse sealing key change interval: %s", optarg);
570                                 return -EINVAL;
571                         }
572                         break;
573 #else
574                 case ARG_SETUP_KEYS:
575                 case ARG_VERIFY_KEY:
576                 case ARG_INTERVAL:
577                 case ARG_FORCE:
578                         log_error("Forward-secure sealing not available.");
579                         return -ENOTSUP;
580 #endif
581
582                 case 'p': {
583                         const char *dots;
584
585                         dots = strstr(optarg, "..");
586                         if (dots) {
587                                 char *a;
588                                 int from, to, i;
589
590                                 /* a range */
591                                 a = strndup(optarg, dots - optarg);
592                                 if (!a)
593                                         return log_oom();
594
595                                 from = log_level_from_string(a);
596                                 to = log_level_from_string(dots + 2);
597                                 free(a);
598
599                                 if (from < 0 || to < 0) {
600                                         log_error("Failed to parse log level range %s", optarg);
601                                         return -EINVAL;
602                                 }
603
604                                 arg_priorities = 0;
605
606                                 if (from < to) {
607                                         for (i = from; i <= to; i++)
608                                                 arg_priorities |= 1 << i;
609                                 } else {
610                                         for (i = to; i <= from; i++)
611                                                 arg_priorities |= 1 << i;
612                                 }
613
614                         } else {
615                                 int p, i;
616
617                                 p = log_level_from_string(optarg);
618                                 if (p < 0) {
619                                         log_error("Unknown log level %s", optarg);
620                                         return -EINVAL;
621                                 }
622
623                                 arg_priorities = 0;
624
625                                 for (i = 0; i <= p; i++)
626                                         arg_priorities |= 1 << i;
627                         }
628
629                         break;
630                 }
631
632                 case ARG_SINCE:
633                         r = parse_timestamp(optarg, &arg_since);
634                         if (r < 0) {
635                                 log_error("Failed to parse timestamp: %s", optarg);
636                                 return -EINVAL;
637                         }
638                         arg_since_set = true;
639                         break;
640
641                 case ARG_UNTIL:
642                         r = parse_timestamp(optarg, &arg_until);
643                         if (r < 0) {
644                                 log_error("Failed to parse timestamp: %s", optarg);
645                                 return -EINVAL;
646                         }
647                         arg_until_set = true;
648                         break;
649
650                 case 't':
651                         r = strv_extend(&arg_syslog_identifier, optarg);
652                         if (r < 0)
653                                 return log_oom();
654                         break;
655
656                 case 'u':
657                         r = strv_extend(&arg_system_units, optarg);
658                         if (r < 0)
659                                 return log_oom();
660                         break;
661
662                 case ARG_USER_UNIT:
663                         r = strv_extend(&arg_user_units, optarg);
664                         if (r < 0)
665                                 return log_oom();
666                         break;
667
668                 case 'F':
669                         arg_field = optarg;
670                         break;
671
672                 case 'x':
673                         arg_catalog = true;
674                         break;
675
676                 case ARG_LIST_CATALOG:
677                         arg_action = ACTION_LIST_CATALOG;
678                         break;
679
680                 case ARG_DUMP_CATALOG:
681                         arg_action = ACTION_DUMP_CATALOG;
682                         break;
683
684                 case ARG_UPDATE_CATALOG:
685                         arg_action = ACTION_UPDATE_CATALOG;
686                         break;
687
688                 case 'r':
689                         arg_reverse = true;
690                         break;
691
692                 case ARG_UTC:
693                         arg_utc = true;
694                         break;
695
696                 case ARG_FLUSH:
697                         arg_action = ACTION_FLUSH;
698                         break;
699
700                 case '?':
701                         return -EINVAL;
702
703                 default:
704                         assert_not_reached("Unhandled option");
705                 }
706
707         if (arg_follow && !arg_no_tail && !arg_since && arg_lines == ARG_LINES_DEFAULT)
708                 arg_lines = 10;
709
710         if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
711                 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
712                 return -EINVAL;
713         }
714
715         if (arg_since_set && arg_until_set && arg_since > arg_until) {
716                 log_error("--since= must be before --until=.");
717                 return -EINVAL;
718         }
719
720         if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
721                 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
722                 return -EINVAL;
723         }
724
725         if (arg_follow && arg_reverse) {
726                 log_error("Please specify either --reverse= or --follow=, not both.");
727                 return -EINVAL;
728         }
729
730         if (arg_action != ACTION_SHOW && optind < argc) {
731                 log_error("Extraneous arguments starting with '%s'", argv[optind]);
732                 return -EINVAL;
733         }
734
735         return 1;
736 }
737
738 static int generate_new_id128(void) {
739         sd_id128_t id;
740         int r;
741         unsigned i;
742
743         r = sd_id128_randomize(&id);
744         if (r < 0)
745                 return log_error_errno(r, "Failed to generate ID: %m");
746
747         printf("As string:\n"
748                SD_ID128_FORMAT_STR "\n\n"
749                "As UUID:\n"
750                "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
751                "As macro:\n"
752                "#define MESSAGE_XYZ SD_ID128_MAKE(",
753                SD_ID128_FORMAT_VAL(id),
754                SD_ID128_FORMAT_VAL(id));
755         for (i = 0; i < 16; i++)
756                 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
757         fputs(")\n\n", stdout);
758
759         printf("As Python constant:\n"
760                ">>> import uuid\n"
761                ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
762                SD_ID128_FORMAT_VAL(id));
763
764         return 0;
765 }
766
767 static int add_matches(sd_journal *j, char **args) {
768         char **i;
769         bool have_term = false;
770
771         assert(j);
772
773         STRV_FOREACH(i, args) {
774                 int r;
775
776                 if (streq(*i, "+")) {
777                         if (!have_term)
778                                 break;
779                         r = sd_journal_add_disjunction(j);
780                         have_term = false;
781
782                 } else if (path_is_absolute(*i)) {
783                         _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
784                         const char *path;
785                         _cleanup_free_ char *interpreter = NULL;
786                         struct stat st;
787
788                         p = canonicalize_file_name(*i);
789                         path = p ? p : *i;
790
791                         if (stat(path, &st) < 0)
792                                 return log_error_errno(errno, "Couldn't stat file: %m");
793
794                         if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
795                                 if (executable_is_script(path, &interpreter) > 0) {
796                                         _cleanup_free_ char *comm;
797
798                                         comm = strndup(basename(path), 15);
799                                         if (!comm)
800                                                 return log_oom();
801
802                                         t = strappend("_COMM=", comm);
803
804                                         /* Append _EXE only if the interpreter is not a link.
805                                            Otherwise, it might be outdated often. */
806                                         if (lstat(interpreter, &st) == 0 &&
807                                             !S_ISLNK(st.st_mode)) {
808                                                 t2 = strappend("_EXE=", interpreter);
809                                                 if (!t2)
810                                                         return log_oom();
811                                         }
812                                 } else
813                                         t = strappend("_EXE=", path);
814                         } else if (S_ISCHR(st.st_mode)) {
815                                 if (asprintf(&t, "_KERNEL_DEVICE=c%u:%u",
816                                              major(st.st_rdev),
817                                              minor(st.st_rdev)) < 0)
818                                         return -ENOMEM;
819                         } else if (S_ISBLK(st.st_mode)) {
820                                 if (asprintf(&t, "_KERNEL_DEVICE=b%u:%u",
821                                              major(st.st_rdev),
822                                              minor(st.st_rdev)) < 0)
823                                         return -ENOMEM;
824                         } else {
825                                 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
826                                 return -EINVAL;
827                         }
828
829                         if (!t)
830                                 return log_oom();
831
832                         r = sd_journal_add_match(j, t, 0);
833                         if (t2)
834                                 r = sd_journal_add_match(j, t2, 0);
835                         have_term = true;
836
837                 } else {
838                         r = sd_journal_add_match(j, *i, 0);
839                         have_term = true;
840                 }
841
842                 if (r < 0)
843                         return log_error_errno(r, "Failed to add match '%s': %m", *i);
844         }
845
846         if (!strv_isempty(args) && !have_term) {
847                 log_error("\"+\" can only be used between terms");
848                 return -EINVAL;
849         }
850
851         return 0;
852 }
853
854 static int boot_id_cmp(const void *a, const void *b) {
855         uint64_t _a, _b;
856
857         _a = ((const boot_id_t *)a)->first;
858         _b = ((const boot_id_t *)b)->first;
859
860         return _a < _b ? -1 : (_a > _b ? 1 : 0);
861 }
862
863 static int get_boots(sd_journal *j,
864                      boot_id_t **boots,
865                      unsigned int *count,
866                      boot_id_t *query_ref_boot) {
867         int r;
868         const void *data;
869         size_t length, allocated = 0;
870
871         assert(j);
872         assert(boots);
873         assert(count);
874
875         r = sd_journal_query_unique(j, "_BOOT_ID");
876         if (r < 0)
877                 return r;
878
879         *count = 0;
880         SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
881                 boot_id_t *id;
882
883                 assert(startswith(data, "_BOOT_ID="));
884
885                 if (!GREEDY_REALLOC(*boots, allocated, *count + 1))
886                         return log_oom();
887
888                 id = *boots + *count;
889
890                 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
891                 if (r < 0)
892                         continue;
893
894                 r = sd_journal_add_match(j, data, length);
895                 if (r < 0)
896                         return r;
897
898                 r = sd_journal_seek_head(j);
899                 if (r < 0)
900                         return r;
901
902                 r = sd_journal_next(j);
903                 if (r < 0)
904                         return r;
905                 else if (r == 0)
906                         goto flush;
907
908                 r = sd_journal_get_realtime_usec(j, &id->first);
909                 if (r < 0)
910                         return r;
911
912                 if (query_ref_boot) {
913                         id->last = 0;
914                         if (sd_id128_equal(id->id, query_ref_boot->id))
915                                 *query_ref_boot = *id;
916                 } else {
917                         r = sd_journal_seek_tail(j);
918                         if (r < 0)
919                                 return r;
920
921                         r = sd_journal_previous(j);
922                         if (r < 0)
923                                 return r;
924                         else if (r == 0)
925                                 goto flush;
926
927                         r = sd_journal_get_realtime_usec(j, &id->last);
928                         if (r < 0)
929                                 return r;
930                 }
931
932                 (*count)++;
933         flush:
934                 sd_journal_flush_matches(j);
935         }
936
937         qsort_safe(*boots, *count, sizeof(boot_id_t), boot_id_cmp);
938         return 0;
939 }
940
941 static int list_boots(sd_journal *j) {
942         int r, w, i;
943         unsigned int count;
944         boot_id_t *id;
945         _cleanup_free_ boot_id_t *all_ids = NULL;
946
947         assert(j);
948
949         r = get_boots(j, &all_ids, &count, NULL);
950         if (r < 0)
951                 return r;
952
953         pager_open_if_enabled();
954
955         /* numbers are one less, but we need an extra char for the sign */
956         w = DECIMAL_STR_WIDTH(count - 1) + 1;
957
958         for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
959                 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
960
961                 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
962                        w, i - count + 1,
963                        SD_ID128_FORMAT_VAL(id->id),
964                        format_timestamp_maybe_utc(a, sizeof(a), id->first),
965                        format_timestamp_maybe_utc(b, sizeof(b), id->last));
966         }
967
968         return 0;
969 }
970
971 static int get_boot_id_by_offset(sd_journal *j, sd_id128_t *boot_id, int offset) {
972         int r;
973         unsigned int count;
974         boot_id_t ref_boot_id = {}, *id;
975         _cleanup_free_ boot_id_t *all_ids = NULL;
976
977         assert(j);
978         assert(boot_id);
979
980         ref_boot_id.id = *boot_id;
981         r = get_boots(j, &all_ids, &count, &ref_boot_id);
982         if (r < 0)
983                 return r;
984
985         if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
986                 if (offset > (int) count || offset <= -(int)count)
987                         return -EADDRNOTAVAIL;
988
989                 *boot_id = all_ids[(offset <= 0)*count + offset - 1].id;
990         } else {
991                 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
992
993                 if (!id ||
994                     offset <= 0 ? (id - all_ids) + offset < 0 :
995                                     (id - all_ids) + offset >= (int) count)
996                         return -EADDRNOTAVAIL;
997
998                 *boot_id = (id + offset)->id;
999         }
1000
1001         return 0;
1002 }
1003
1004 static int add_boot(sd_journal *j) {
1005         char match[9+32+1] = "_BOOT_ID=";
1006         int r;
1007
1008         assert(j);
1009
1010         if (!arg_boot)
1011                 return 0;
1012
1013         if (arg_boot_offset == 0 && sd_id128_equal(arg_boot_id, SD_ID128_NULL))
1014                 return add_match_this_boot(j, arg_machine);
1015
1016         r = get_boot_id_by_offset(j, &arg_boot_id, arg_boot_offset);
1017         if (r < 0) {
1018                 if (sd_id128_equal(arg_boot_id, SD_ID128_NULL))
1019                         log_error_errno(r, "Failed to look up boot %+i: %m", arg_boot_offset);
1020                 else
1021                         log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+i: %s",
1022                                   SD_ID128_FORMAT_VAL(arg_boot_id), arg_boot_offset, strerror(-r));
1023                 return r;
1024         }
1025
1026         sd_id128_to_string(arg_boot_id, match + 9);
1027
1028         r = sd_journal_add_match(j, match, sizeof(match) - 1);
1029         if (r < 0)
1030                 return log_error_errno(r, "Failed to add match: %m");
1031
1032         r = sd_journal_add_conjunction(j);
1033         if (r < 0)
1034                 return r;
1035
1036         return 0;
1037 }
1038
1039 static int add_dmesg(sd_journal *j) {
1040         int r;
1041         assert(j);
1042
1043         if (!arg_dmesg)
1044                 return 0;
1045
1046         r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
1047         if (r < 0)
1048                 return log_error_errno(r, "Failed to add match: %m");
1049
1050         r = sd_journal_add_conjunction(j);
1051         if (r < 0)
1052                 return r;
1053
1054         return 0;
1055 }
1056
1057 static int get_possible_units(sd_journal *j,
1058                               const char *fields,
1059                               char **patterns,
1060                               Set **units) {
1061         _cleanup_set_free_free_ Set *found;
1062         const char *field;
1063         int r;
1064
1065         found = set_new(&string_hash_ops);
1066         if (!found)
1067                 return log_oom();
1068
1069         NULSTR_FOREACH(field, fields) {
1070                 const void *data;
1071                 size_t size;
1072
1073                 r = sd_journal_query_unique(j, field);
1074                 if (r < 0)
1075                         return r;
1076
1077                 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1078                         char **pattern, *eq;
1079                         size_t prefix;
1080                         _cleanup_free_ char *u = NULL;
1081
1082                         eq = memchr(data, '=', size);
1083                         if (eq)
1084                                 prefix = eq - (char*) data + 1;
1085                         else
1086                                 prefix = 0;
1087
1088                         u = strndup((char*) data + prefix, size - prefix);
1089                         if (!u)
1090                                 return log_oom();
1091
1092                         STRV_FOREACH(pattern, patterns)
1093                                 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1094                                         log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1095
1096                                         r = set_consume(found, u);
1097                                         u = NULL;
1098                                         if (r < 0 && r != -EEXIST)
1099                                                 return r;
1100
1101                                         break;
1102                                 }
1103                 }
1104         }
1105
1106         *units = found;
1107         found = NULL;
1108         return 0;
1109 }
1110
1111 /* This list is supposed to return the superset of unit names
1112  * possibly matched by rules added with add_matches_for_unit... */
1113 #define SYSTEM_UNITS                 \
1114         "_SYSTEMD_UNIT\0"            \
1115         "COREDUMP_UNIT\0"            \
1116         "UNIT\0"                     \
1117         "OBJECT_SYSTEMD_UNIT\0"      \
1118         "_SYSTEMD_SLICE\0"
1119
1120 /* ... and add_matches_for_user_unit */
1121 #define USER_UNITS                   \
1122         "_SYSTEMD_USER_UNIT\0"       \
1123         "USER_UNIT\0"                \
1124         "COREDUMP_USER_UNIT\0"       \
1125         "OBJECT_SYSTEMD_USER_UNIT\0"
1126
1127 static int add_units(sd_journal *j) {
1128         _cleanup_strv_free_ char **patterns = NULL;
1129         int r, count = 0;
1130         char **i;
1131
1132         assert(j);
1133
1134         STRV_FOREACH(i, arg_system_units) {
1135                 _cleanup_free_ char *u = NULL;
1136
1137                 u = unit_name_mangle(*i, MANGLE_GLOB);
1138                 if (!u)
1139                         return log_oom();
1140
1141                 if (string_is_glob(u)) {
1142                         r = strv_push(&patterns, u);
1143                         if (r < 0)
1144                                 return r;
1145                         u = NULL;
1146                 } else {
1147                         r = add_matches_for_unit(j, u);
1148                         if (r < 0)
1149                                 return r;
1150                         r = sd_journal_add_disjunction(j);
1151                         if (r < 0)
1152                                 return r;
1153                         count ++;
1154                 }
1155         }
1156
1157         if (!strv_isempty(patterns)) {
1158                 _cleanup_set_free_free_ Set *units = NULL;
1159                 Iterator it;
1160                 char *u;
1161
1162                 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
1163                 if (r < 0)
1164                         return r;
1165
1166                 SET_FOREACH(u, units, it) {
1167                         r = add_matches_for_unit(j, u);
1168                         if (r < 0)
1169                                 return r;
1170                         r = sd_journal_add_disjunction(j);
1171                         if (r < 0)
1172                                 return r;
1173                         count ++;
1174                 }
1175         }
1176
1177         strv_free(patterns);
1178         patterns = NULL;
1179
1180         STRV_FOREACH(i, arg_user_units) {
1181                 _cleanup_free_ char *u = NULL;
1182
1183                 u = unit_name_mangle(*i, MANGLE_GLOB);
1184                 if (!u)
1185                         return log_oom();
1186
1187                 if (string_is_glob(u)) {
1188                         r = strv_push(&patterns, u);
1189                         if (r < 0)
1190                                 return r;
1191                         u = NULL;
1192                 } else {
1193                         r = add_matches_for_user_unit(j, u, getuid());
1194                         if (r < 0)
1195                                 return r;
1196                         r = sd_journal_add_disjunction(j);
1197                         if (r < 0)
1198                                 return r;
1199                         count ++;
1200                 }
1201         }
1202
1203         if (!strv_isempty(patterns)) {
1204                 _cleanup_set_free_free_ Set *units = NULL;
1205                 Iterator it;
1206                 char *u;
1207
1208                 r = get_possible_units(j, USER_UNITS, patterns, &units);
1209                 if (r < 0)
1210                         return r;
1211
1212                 SET_FOREACH(u, units, it) {
1213                         r = add_matches_for_user_unit(j, u, getuid());
1214                         if (r < 0)
1215                                 return r;
1216                         r = sd_journal_add_disjunction(j);
1217                         if (r < 0)
1218                                 return r;
1219                         count ++;
1220                 }
1221         }
1222
1223         /* Complain if the user request matches but nothing whatsoever was
1224          * found, since otherwise everything would be matched. */
1225         if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1226                 return -ENODATA;
1227
1228         r = sd_journal_add_conjunction(j);
1229         if (r < 0)
1230                 return r;
1231
1232         return 0;
1233 }
1234
1235 static int add_priorities(sd_journal *j) {
1236         char match[] = "PRIORITY=0";
1237         int i, r;
1238         assert(j);
1239
1240         if (arg_priorities == 0xFF)
1241                 return 0;
1242
1243         for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1244                 if (arg_priorities & (1 << i)) {
1245                         match[sizeof(match)-2] = '0' + i;
1246
1247                         r = sd_journal_add_match(j, match, strlen(match));
1248                         if (r < 0)
1249                                 return log_error_errno(r, "Failed to add match: %m");
1250                 }
1251
1252         r = sd_journal_add_conjunction(j);
1253         if (r < 0)
1254                 return r;
1255
1256         return 0;
1257 }
1258
1259
1260 static int add_syslog_identifier(sd_journal *j) {
1261         int r;
1262         char **i;
1263
1264         assert(j);
1265
1266         STRV_FOREACH(i, arg_syslog_identifier) {
1267                 char *u;
1268
1269                 u = strjoina("SYSLOG_IDENTIFIER=", *i);
1270                 r = sd_journal_add_match(j, u, 0);
1271                 if (r < 0)
1272                         return r;
1273                 r = sd_journal_add_disjunction(j);
1274                 if (r < 0)
1275                         return r;
1276         }
1277
1278         r = sd_journal_add_conjunction(j);
1279         if (r < 0)
1280                 return r;
1281
1282         return 0;
1283 }
1284
1285 static int setup_keys(void) {
1286 #ifdef HAVE_GCRYPT
1287         size_t mpk_size, seed_size, state_size, i;
1288         uint8_t *mpk, *seed, *state;
1289         int fd = -1, r;
1290         sd_id128_t machine, boot;
1291         char *p = NULL, *k = NULL;
1292         struct FSSHeader h;
1293         uint64_t n;
1294         struct stat st;
1295
1296         r = stat("/var/log/journal", &st);
1297         if (r < 0 && errno != ENOENT && errno != ENOTDIR)
1298                 return log_error_errno(errno, "stat(\"%s\") failed: %m", "/var/log/journal");
1299
1300         if (r < 0 || !S_ISDIR(st.st_mode)) {
1301                 log_error("%s is not a directory, must be using persistent logging for FSS.",
1302                           "/var/log/journal");
1303                 return r < 0 ? -errno : -ENOTDIR;
1304         }
1305
1306         r = sd_id128_get_machine(&machine);
1307         if (r < 0)
1308                 return log_error_errno(r, "Failed to get machine ID: %m");
1309
1310         r = sd_id128_get_boot(&boot);
1311         if (r < 0)
1312                 return log_error_errno(r, "Failed to get boot ID: %m");
1313
1314         if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1315                      SD_ID128_FORMAT_VAL(machine)) < 0)
1316                 return log_oom();
1317
1318         if (arg_force) {
1319                 r = unlink(p);
1320                 if (r < 0 && errno != ENOENT) {
1321                         r = log_error_errno(errno, "unlink(\"%s\") failed: %m", p);
1322                         goto finish;
1323                 }
1324         } else if (access(p, F_OK) >= 0) {
1325                 log_error("Sealing key file %s exists already. Use --force to recreate.", p);
1326                 r = -EEXIST;
1327                 goto finish;
1328         }
1329
1330         if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1331                      SD_ID128_FORMAT_VAL(machine)) < 0) {
1332                 r = log_oom();
1333                 goto finish;
1334         }
1335
1336         mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1337         mpk = alloca(mpk_size);
1338
1339         seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1340         seed = alloca(seed_size);
1341
1342         state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1343         state = alloca(state_size);
1344
1345         fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1346         if (fd < 0) {
1347                 log_error_errno(errno, "Failed to open /dev/random: %m");
1348                 r = -errno;
1349                 goto finish;
1350         }
1351
1352         log_info("Generating seed...");
1353         r = loop_read_exact(fd, seed, seed_size, true);
1354         if (r < 0) {
1355                 log_error_errno(r, "Failed to read random seed: %m");
1356                 goto finish;
1357         }
1358
1359         log_info("Generating key pair...");
1360         FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1361
1362         log_info("Generating sealing key...");
1363         FSPRG_GenState0(state, mpk, seed, seed_size);
1364
1365         assert(arg_interval > 0);
1366
1367         n = now(CLOCK_REALTIME);
1368         n /= arg_interval;
1369
1370         safe_close(fd);
1371         fd = mkostemp_safe(k, O_WRONLY|O_CLOEXEC);
1372         if (fd < 0) {
1373                 log_error_errno(errno, "Failed to open %s: %m", k);
1374                 r = -errno;
1375                 goto finish;
1376         }
1377
1378         /* Enable secure remove, exclusion from dump, synchronous
1379          * writing and in-place updating */
1380         r = chattr_fd(fd, true, FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL);
1381         if (r < 0)
1382                 log_warning_errno(errno, "Failed to set file attributes: %m");
1383
1384         zero(h);
1385         memcpy(h.signature, "KSHHRHLP", 8);
1386         h.machine_id = machine;
1387         h.boot_id = boot;
1388         h.header_size = htole64(sizeof(h));
1389         h.start_usec = htole64(n * arg_interval);
1390         h.interval_usec = htole64(arg_interval);
1391         h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1392         h.fsprg_state_size = htole64(state_size);
1393
1394         r = loop_write(fd, &h, sizeof(h), false);
1395         if (r < 0) {
1396                 log_error_errno(r, "Failed to write header: %m");
1397                 goto finish;
1398         }
1399
1400         r = loop_write(fd, state, state_size, false);
1401         if (r < 0) {
1402                 log_error_errno(r, "Failed to write state: %m");
1403                 goto finish;
1404         }
1405
1406         if (link(k, p) < 0) {
1407                 log_error_errno(errno, "Failed to link file: %m");
1408                 r = -errno;
1409                 goto finish;
1410         }
1411
1412         if (on_tty()) {
1413                 fprintf(stderr,
1414                         "\n"
1415                         "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1416                         "the following local file. This key file is automatically updated when the\n"
1417                         "sealing key is advanced. It should not be used on multiple hosts.\n"
1418                         "\n"
1419                         "\t%s\n"
1420                         "\n"
1421                         "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1422                         "at a safe location and should not be saved locally on disk.\n"
1423                         "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1424                 fflush(stderr);
1425         }
1426         for (i = 0; i < seed_size; i++) {
1427                 if (i > 0 && i % 3 == 0)
1428                         putchar('-');
1429                 printf("%02x", ((uint8_t*) seed)[i]);
1430         }
1431
1432         printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1433
1434         if (on_tty()) {
1435                 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1436
1437                 fprintf(stderr,
1438                         ANSI_HIGHLIGHT_OFF "\n"
1439                         "The sealing key is automatically changed every %s.\n",
1440                         format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1441
1442                 hn = gethostname_malloc();
1443
1444                 if (hn) {
1445                         hostname_cleanup(hn, false);
1446                         fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1447                 } else
1448                         fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1449
1450 #ifdef HAVE_QRENCODE
1451                 /* If this is not an UTF-8 system don't print any QR codes */
1452                 if (is_locale_utf8()) {
1453                         fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1454                         print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1455                 }
1456 #endif
1457                 free(hn);
1458         }
1459
1460         r = 0;
1461
1462 finish:
1463         safe_close(fd);
1464
1465         if (k) {
1466                 unlink(k);
1467                 free(k);
1468         }
1469
1470         free(p);
1471
1472         return r;
1473 #else
1474         log_error("Forward-secure sealing not available.");
1475         return -ENOTSUP;
1476 #endif
1477 }
1478
1479 static int verify(sd_journal *j) {
1480         int r = 0;
1481         Iterator i;
1482         JournalFile *f;
1483
1484         assert(j);
1485
1486         log_show_color(true);
1487
1488         ORDERED_HASHMAP_FOREACH(f, j->files, i) {
1489                 int k;
1490                 usec_t first, validated, last;
1491
1492 #ifdef HAVE_GCRYPT
1493                 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1494                         log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1495 #endif
1496
1497                 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1498                 if (k == -EINVAL) {
1499                         /* If the key was invalid give up right-away. */
1500                         return k;
1501                 } else if (k < 0) {
1502                         log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1503                         r = k;
1504                 } else {
1505                         char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1506                         log_info("PASS: %s", f->path);
1507
1508                         if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1509                                 if (validated > 0) {
1510                                         log_info("=> Validated from %s to %s, final %s entries not sealed.",
1511                                                  format_timestamp_maybe_utc(a, sizeof(a), first),
1512                                                  format_timestamp_maybe_utc(b, sizeof(b), validated),
1513                                                  format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1514                                 } else if (last > 0)
1515                                         log_info("=> No sealing yet, %s of entries not sealed.",
1516                                                  format_timespan(c, sizeof(c), last - first, 0));
1517                                 else
1518                                         log_info("=> No sealing yet, no entries in file.");
1519                         }
1520                 }
1521         }
1522
1523         return r;
1524 }
1525
1526 #ifdef HAVE_ACL
1527 static int access_check_var_log_journal(sd_journal *j) {
1528         _cleanup_strv_free_ char **g = NULL;
1529         bool have_access;
1530         int r;
1531
1532         assert(j);
1533
1534         have_access = in_group("systemd-journal") > 0;
1535
1536         if (!have_access) {
1537                 const char* dir;
1538
1539                 if (access("/run/log/journal", F_OK) >= 0)
1540                         dir = "/run/log/journal";
1541                 else
1542                         dir = "/var/log/journal";
1543
1544                 /* Let's enumerate all groups from the default ACL of
1545                  * the directory, which generally should allow access
1546                  * to most journal files too */
1547                 r = search_acl_groups(&g, dir, &have_access);
1548                 if (r < 0)
1549                         return r;
1550         }
1551
1552         if (!have_access) {
1553
1554                 if (strv_isempty(g))
1555                         log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1556                                    "      Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1557                                    "      turn off this notice.");
1558                 else {
1559                         _cleanup_free_ char *s = NULL;
1560
1561                         r = strv_extend(&g, "systemd-journal");
1562                         if (r < 0)
1563                                 return log_oom();
1564
1565                         strv_sort(g);
1566                         strv_uniq(g);
1567
1568                         s = strv_join(g, "', '");
1569                         if (!s)
1570                                 return log_oom();
1571
1572                         log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1573                                    "      Users in groups '%s' can see all messages.\n"
1574                                    "      Pass -q to turn off this notice.", s);
1575                 }
1576         }
1577
1578         return 0;
1579 }
1580 #endif
1581
1582 static int access_check(sd_journal *j) {
1583         Iterator it;
1584         void *code;
1585         int r = 0;
1586
1587         assert(j);
1588
1589         if (set_isempty(j->errors)) {
1590                 if (ordered_hashmap_isempty(j->files))
1591                         log_notice("No journal files were found.");
1592                 return 0;
1593         }
1594
1595         if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1596 #ifdef HAVE_ACL
1597                 /* If /run/log/journal or /var/log/journal exist, try
1598                    to pring a nice notice if the user lacks access to it. */
1599                 if (!arg_quiet && geteuid() != 0) {
1600                         r = access_check_var_log_journal(j);
1601                         if (r < 0)
1602                                 return r;
1603                 }
1604 #else
1605                 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1606                         log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1607                                   "group may access messages.");
1608                         return -EACCES;
1609                 }
1610 #endif
1611
1612                 if (ordered_hashmap_isempty(j->files)) {
1613                         log_error("No journal files were opened due to insufficient permissions.");
1614                         r = -EACCES;
1615                 }
1616         }
1617
1618         SET_FOREACH(code, j->errors, it) {
1619                 int err;
1620
1621                 err = -PTR_TO_INT(code);
1622                 assert(err > 0);
1623
1624                 if (err != EACCES)
1625                         log_warning_errno(err, "Error was encountered while opening journal files: %m");
1626         }
1627
1628         return r;
1629 }
1630
1631 static int flush_to_var(void) {
1632         _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1633         _cleanup_bus_close_unref_ sd_bus *bus = NULL;
1634         _cleanup_close_ int watch_fd = -1;
1635         int r;
1636
1637         /* Quick exit */
1638         if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1639                 return 0;
1640
1641         /* OK, let's actually do the full logic, send SIGUSR1 to the
1642          * daemon and set up inotify to wait for the flushed file to appear */
1643         r = bus_open_system_systemd(&bus);
1644         if (r < 0)
1645                 return log_error_errno(r, "Failed to get D-Bus connection: %m");
1646
1647         r = sd_bus_call_method(
1648                         bus,
1649                         "org.freedesktop.systemd1",
1650                         "/org/freedesktop/systemd1",
1651                         "org.freedesktop.systemd1.Manager",
1652                         "KillUnit",
1653                         &error,
1654                         NULL,
1655                         "ssi", "systemd-journald.service", "main", SIGUSR1);
1656         if (r < 0) {
1657                 log_error("Failed to kill journal service: %s", bus_error_message(&error, r));
1658                 return r;
1659         }
1660
1661         mkdir_p("/run/systemd/journal", 0755);
1662
1663         watch_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
1664         if (watch_fd < 0)
1665                 return log_error_errno(errno, "Failed to create inotify watch: %m");
1666
1667         r = inotify_add_watch(watch_fd, "/run/systemd/journal", IN_CREATE|IN_DONT_FOLLOW|IN_ONLYDIR);
1668         if (r < 0)
1669                 return log_error_errno(errno, "Failed to watch journal directory: %m");
1670
1671         for (;;) {
1672                 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1673                         break;
1674
1675                 if (errno != ENOENT)
1676                         return log_error_errno(errno, "Failed to check for existence of /run/systemd/journal/flushed: %m");
1677
1678                 r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY);
1679                 if (r < 0)
1680                         return log_error_errno(r, "Failed to wait for event: %m");
1681
1682                 r = flush_fd(watch_fd);
1683                 if (r < 0)
1684                         return log_error_errno(r, "Failed to flush inotify events: %m");
1685         }
1686
1687         return 0;
1688 }
1689
1690 int main(int argc, char *argv[]) {
1691         int r;
1692         _cleanup_journal_close_ sd_journal *j = NULL;
1693         bool need_seek = false;
1694         sd_id128_t previous_boot_id;
1695         bool previous_boot_id_valid = false, first_line = true;
1696         int n_shown = 0;
1697         bool ellipsized = false;
1698
1699         setlocale(LC_ALL, "");
1700         log_parse_environment();
1701         log_open();
1702
1703         r = parse_argv(argc, argv);
1704         if (r <= 0)
1705                 goto finish;
1706
1707         signal(SIGWINCH, columns_lines_cache_reset);
1708         sigbus_install();
1709
1710         /* Increase max number of open files to 16K if we can, we
1711          * might needs this when browsing journal files, which might
1712          * be split up into many files. */
1713         setrlimit_closest(RLIMIT_NOFILE, &RLIMIT_MAKE_CONST(16384));
1714
1715         if (arg_action == ACTION_NEW_ID128) {
1716                 r = generate_new_id128();
1717                 goto finish;
1718         }
1719
1720         if (arg_action == ACTION_FLUSH) {
1721                 r = flush_to_var();
1722                 goto finish;
1723         }
1724
1725         if (arg_action == ACTION_SETUP_KEYS) {
1726                 r = setup_keys();
1727                 goto finish;
1728         }
1729
1730         if (arg_action == ACTION_UPDATE_CATALOG ||
1731             arg_action == ACTION_LIST_CATALOG ||
1732             arg_action == ACTION_DUMP_CATALOG) {
1733
1734                 _cleanup_free_ char *database;
1735
1736                 database = path_join(arg_root, CATALOG_DATABASE, NULL);
1737                 if (!database) {
1738                         r = log_oom();
1739                         goto finish;
1740                 }
1741
1742                 if (arg_action == ACTION_UPDATE_CATALOG) {
1743                         r = catalog_update(database, arg_root, catalog_file_dirs);
1744                         if (r < 0)
1745                                 log_error_errno(r, "Failed to list catalog: %m");
1746                 } else {
1747                         bool oneline = arg_action == ACTION_LIST_CATALOG;
1748
1749                         if (optind < argc)
1750                                 r = catalog_list_items(stdout, database,
1751                                                        oneline, argv + optind);
1752                         else
1753                                 r = catalog_list(stdout, database, oneline);
1754                         if (r < 0)
1755                                 log_error_errno(r, "Failed to list catalog: %m");
1756                 }
1757
1758                 goto finish;
1759         }
1760
1761         if (arg_directory)
1762                 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1763         else if (arg_file)
1764                 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1765         else if (arg_machine)
1766                 r = sd_journal_open_container(&j, arg_machine, 0);
1767         else
1768                 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1769         if (r < 0) {
1770                 log_error_errno(r, "Failed to open %s: %m",
1771                                 arg_directory ? arg_directory : arg_file ? "files" : "journal");
1772                 return EXIT_FAILURE;
1773         }
1774
1775         r = access_check(j);
1776         if (r < 0)
1777                 return EXIT_FAILURE;
1778
1779         if (arg_action == ACTION_VERIFY) {
1780                 r = verify(j);
1781                 goto finish;
1782         }
1783
1784         if (arg_action == ACTION_PRINT_HEADER) {
1785                 journal_print_header(j);
1786                 return EXIT_SUCCESS;
1787         }
1788
1789         if (arg_action == ACTION_DISK_USAGE) {
1790                 uint64_t bytes = 0;
1791                 char sbytes[FORMAT_BYTES_MAX];
1792
1793                 r = sd_journal_get_usage(j, &bytes);
1794                 if (r < 0)
1795                         return EXIT_FAILURE;
1796
1797                 printf("Archived and active journals take up %s on disk.\n",
1798                        format_bytes(sbytes, sizeof(sbytes), bytes));
1799                 return EXIT_SUCCESS;
1800         }
1801
1802         if (arg_action == ACTION_VACUUM) {
1803                 Directory *d;
1804                 Iterator i;
1805
1806                 HASHMAP_FOREACH(d, j->directories_by_path, i) {
1807                         int q;
1808
1809                         if (d->is_root)
1810                                 continue;
1811
1812                         q = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_time, NULL, true);
1813                         if (q < 0) {
1814                                 log_error_errno(q, "Failed to vacuum: %m");
1815                                 r = q;
1816                         }
1817                 }
1818
1819                 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
1820         }
1821
1822         if (arg_action == ACTION_LIST_BOOTS) {
1823                 r = list_boots(j);
1824                 goto finish;
1825         }
1826
1827         /* add_boot() must be called first!
1828          * It may need to seek the journal to find parent boot IDs. */
1829         r = add_boot(j);
1830         if (r < 0)
1831                 return EXIT_FAILURE;
1832
1833         r = add_dmesg(j);
1834         if (r < 0)
1835                 return EXIT_FAILURE;
1836
1837         r = add_units(j);
1838         strv_free(arg_system_units);
1839         strv_free(arg_user_units);
1840
1841         if (r < 0) {
1842                 log_error_errno(r, "Failed to add filter for units: %m");
1843                 return EXIT_FAILURE;
1844         }
1845
1846         r = add_syslog_identifier(j);
1847         if (r < 0) {
1848                 log_error_errno(r, "Failed to add filter for syslog identifiers: %m");
1849                 return EXIT_FAILURE;
1850         }
1851
1852         r = add_priorities(j);
1853         if (r < 0) {
1854                 log_error_errno(r, "Failed to add filter for priorities: %m");
1855                 return EXIT_FAILURE;
1856         }
1857
1858         r = add_matches(j, argv + optind);
1859         if (r < 0) {
1860                 log_error_errno(r, "Failed to add filters: %m");
1861                 return EXIT_FAILURE;
1862         }
1863
1864         if (_unlikely_(log_get_max_level() >= LOG_DEBUG)) {
1865                 _cleanup_free_ char *filter;
1866
1867                 filter = journal_make_match_string(j);
1868                 log_debug("Journal filter: %s", filter);
1869         }
1870
1871         if (arg_field) {
1872                 const void *data;
1873                 size_t size;
1874
1875                 r = sd_journal_set_data_threshold(j, 0);
1876                 if (r < 0) {
1877                         log_error("Failed to unset data size threshold");
1878                         return EXIT_FAILURE;
1879                 }
1880
1881                 r = sd_journal_query_unique(j, arg_field);
1882                 if (r < 0) {
1883                         log_error_errno(r, "Failed to query unique data objects: %m");
1884                         return EXIT_FAILURE;
1885                 }
1886
1887                 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1888                         const void *eq;
1889
1890                         if (arg_lines >= 0 && n_shown >= arg_lines)
1891                                 break;
1892
1893                         eq = memchr(data, '=', size);
1894                         if (eq)
1895                                 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1896                         else
1897                                 printf("%.*s\n", (int) size, (const char*) data);
1898
1899                         n_shown ++;
1900                 }
1901
1902                 return EXIT_SUCCESS;
1903         }
1904
1905         /* Opening the fd now means the first sd_journal_wait() will actually wait */
1906         if (arg_follow) {
1907                 r = sd_journal_get_fd(j);
1908                 if (r < 0)
1909                         return EXIT_FAILURE;
1910         }
1911
1912         if (arg_cursor || arg_after_cursor) {
1913                 r = sd_journal_seek_cursor(j, arg_cursor ?: arg_after_cursor);
1914                 if (r < 0) {
1915                         log_error_errno(r, "Failed to seek to cursor: %m");
1916                         return EXIT_FAILURE;
1917                 }
1918                 if (!arg_reverse)
1919                         r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1920                 else
1921                         r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1922
1923                 if (arg_after_cursor && r < 2) {
1924                         /* We couldn't find the next entry after the cursor. */
1925                         if (arg_follow)
1926                                 need_seek = true;
1927                         else
1928                                 arg_lines = 0;
1929                 }
1930
1931         } else if (arg_since_set && !arg_reverse) {
1932                 r = sd_journal_seek_realtime_usec(j, arg_since);
1933                 if (r < 0) {
1934                         log_error_errno(r, "Failed to seek to date: %m");
1935                         return EXIT_FAILURE;
1936                 }
1937                 r = sd_journal_next(j);
1938
1939         } else if (arg_until_set && arg_reverse) {
1940                 r = sd_journal_seek_realtime_usec(j, arg_until);
1941                 if (r < 0) {
1942                         log_error_errno(r, "Failed to seek to date: %m");
1943                         return EXIT_FAILURE;
1944                 }
1945                 r = sd_journal_previous(j);
1946
1947         } else if (arg_lines >= 0) {
1948                 r = sd_journal_seek_tail(j);
1949                 if (r < 0) {
1950                         log_error_errno(r, "Failed to seek to tail: %m");
1951                         return EXIT_FAILURE;
1952                 }
1953
1954                 r = sd_journal_previous_skip(j, arg_lines);
1955
1956         } else if (arg_reverse) {
1957                 r = sd_journal_seek_tail(j);
1958                 if (r < 0) {
1959                         log_error_errno(r, "Failed to seek to tail: %m");
1960                         return EXIT_FAILURE;
1961                 }
1962
1963                 r = sd_journal_previous(j);
1964
1965         } else {
1966                 r = sd_journal_seek_head(j);
1967                 if (r < 0) {
1968                         log_error_errno(r, "Failed to seek to head: %m");
1969                         return EXIT_FAILURE;
1970                 }
1971
1972                 r = sd_journal_next(j);
1973         }
1974
1975         if (r < 0) {
1976                 log_error_errno(r, "Failed to iterate through journal: %m");
1977                 return EXIT_FAILURE;
1978         }
1979
1980         if (!arg_follow)
1981                 pager_open_if_enabled();
1982
1983         if (!arg_quiet) {
1984                 usec_t start, end;
1985                 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1986
1987                 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1988                 if (r < 0) {
1989                         log_error_errno(r, "Failed to get cutoff: %m");
1990                         goto finish;
1991                 }
1992
1993                 if (r > 0) {
1994                         if (arg_follow)
1995                                 printf("-- Logs begin at %s. --\n",
1996                                        format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
1997                         else
1998                                 printf("-- Logs begin at %s, end at %s. --\n",
1999                                        format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
2000                                        format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
2001                 }
2002         }
2003
2004         for (;;) {
2005                 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
2006                         int flags;
2007
2008                         if (need_seek) {
2009                                 if (!arg_reverse)
2010                                         r = sd_journal_next(j);
2011                                 else
2012                                         r = sd_journal_previous(j);
2013                                 if (r < 0) {
2014                                         log_error_errno(r, "Failed to iterate through journal: %m");
2015                                         goto finish;
2016                                 }
2017                                 if (r == 0)
2018                                         break;
2019                         }
2020
2021                         if (arg_until_set && !arg_reverse) {
2022                                 usec_t usec;
2023
2024                                 r = sd_journal_get_realtime_usec(j, &usec);
2025                                 if (r < 0) {
2026                                         log_error_errno(r, "Failed to determine timestamp: %m");
2027                                         goto finish;
2028                                 }
2029                                 if (usec > arg_until)
2030                                         goto finish;
2031                         }
2032
2033                         if (arg_since_set && arg_reverse) {
2034                                 usec_t usec;
2035
2036                                 r = sd_journal_get_realtime_usec(j, &usec);
2037                                 if (r < 0) {
2038                                         log_error_errno(r, "Failed to determine timestamp: %m");
2039                                         goto finish;
2040                                 }
2041                                 if (usec < arg_since)
2042                                         goto finish;
2043                         }
2044
2045                         if (!arg_merge && !arg_quiet) {
2046                                 sd_id128_t boot_id;
2047
2048                                 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
2049                                 if (r >= 0) {
2050                                         if (previous_boot_id_valid &&
2051                                             !sd_id128_equal(boot_id, previous_boot_id))
2052                                                 printf("%s-- Reboot --%s\n",
2053                                                        ansi_highlight(), ansi_highlight_off());
2054
2055                                         previous_boot_id = boot_id;
2056                                         previous_boot_id_valid = true;
2057                                 }
2058                         }
2059
2060                         flags =
2061                                 arg_all * OUTPUT_SHOW_ALL |
2062                                 arg_full * OUTPUT_FULL_WIDTH |
2063                                 on_tty() * OUTPUT_COLOR |
2064                                 arg_catalog * OUTPUT_CATALOG |
2065                                 arg_utc * OUTPUT_UTC;
2066
2067                         r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
2068                         need_seek = true;
2069                         if (r == -EADDRNOTAVAIL)
2070                                 break;
2071                         else if (r < 0 || ferror(stdout))
2072                                 goto finish;
2073
2074                         n_shown++;
2075                 }
2076
2077                 if (!arg_follow) {
2078                         if (arg_show_cursor) {
2079                                 _cleanup_free_ char *cursor = NULL;
2080
2081                                 r = sd_journal_get_cursor(j, &cursor);
2082                                 if (r < 0 && r != -EADDRNOTAVAIL)
2083                                         log_error_errno(r, "Failed to get cursor: %m");
2084                                 else if (r >= 0)
2085                                         printf("-- cursor: %s\n", cursor);
2086                         }
2087
2088                         break;
2089                 }
2090
2091                 r = sd_journal_wait(j, (uint64_t) -1);
2092                 if (r < 0) {
2093                         log_error_errno(r, "Couldn't wait for journal event: %m");
2094                         goto finish;
2095                 }
2096
2097                 first_line = false;
2098         }
2099
2100 finish:
2101         pager_close();
2102
2103         strv_free(arg_file);
2104
2105         return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
2106 }