1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
35 #include <sys/ioctl.h>
43 #include <systemd/sd-journal.h>
46 #include "logs-show.h"
48 #include "path-util.h"
54 #include "journal-internal.h"
55 #include "journal-def.h"
56 #include "journal-verify.h"
57 #include "journal-authenticate.h"
58 #include "journal-qrcode.h"
60 #include "unit-name.h"
63 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
65 static OutputMode arg_output = OUTPUT_SHORT;
66 static bool arg_pager_end = false;
67 static bool arg_follow = false;
68 static bool arg_full = true;
69 static bool arg_all = false;
70 static bool arg_no_pager = false;
71 static int arg_lines = -1;
72 static bool arg_no_tail = false;
73 static bool arg_quiet = false;
74 static bool arg_merge = false;
75 static bool arg_boot = false;
76 static sd_id128_t arg_boot_id = {};
77 static int arg_boot_offset = 0;
78 static bool arg_dmesg = false;
79 static const char *arg_cursor = NULL;
80 static const char *arg_after_cursor = NULL;
81 static bool arg_show_cursor = false;
82 static const char *arg_directory = NULL;
83 static char **arg_file = NULL;
84 static int arg_priorities = 0xFF;
85 static const char *arg_verify_key = NULL;
87 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
88 static bool arg_force = false;
90 static usec_t arg_since, arg_until;
91 static bool arg_since_set = false, arg_until_set = false;
92 static char **arg_system_units = NULL;
93 static char **arg_user_units = NULL;
94 static const char *arg_field = NULL;
95 static bool arg_catalog = false;
96 static bool arg_reverse = false;
97 static int arg_journal_type = 0;
98 static const char *arg_root = NULL;
99 static const char *arg_machine = NULL;
110 ACTION_UPDATE_CATALOG,
112 } arg_action = ACTION_SHOW;
114 typedef struct boot_id_t {
120 static void pager_open_if_enabled(void) {
125 pager_open(arg_pager_end);
128 static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
129 sd_id128_t id = SD_ID128_NULL;
132 if (strlen(x) >= 32) {
136 r = sd_id128_from_string(t, &id);
140 if (*x != '-' && *x != '+' && *x != 0)
144 r = safe_atoi(x, &off);
149 r = safe_atoi(x, &off);
163 static int help(void) {
165 pager_open_if_enabled();
167 printf("%s [OPTIONS...] [MATCHES...]\n\n"
168 "Query the journal.\n\n"
170 " --system Show only the system journal\n"
171 " --user Show only the user journal for the current user\n"
172 " -M --machine=CONTAINER Operate on local container\n"
173 " --since=DATE Start showing entries on or newer than the specified date\n"
174 " --until=DATE Stop showing entries on or older than the specified date\n"
175 " -c --cursor=CURSOR Start showing entries from the specified cursor\n"
176 " --after-cursor=CURSOR Start showing entries from after the specified cursor\n"
177 " --show-cursor Print the cursor after all the entries\n"
178 " -b --boot[=ID] Show data only from ID or, if unspecified, the current boot\n"
179 " --list-boots Show terse information about recorded boots\n"
180 " -k --dmesg Show kernel message log from the current boot\n"
181 " -u --unit=UNIT Show data only from the specified unit\n"
182 " --user-unit=UNIT Show data only from the specified user session unit\n"
183 " -p --priority=RANGE Show only messages within the specified priority range\n"
184 " -e --pager-end Immediately jump to end of the journal in the pager\n"
185 " -f --follow Follow the journal\n"
186 " -n --lines[=INTEGER] Number of journal entries to show\n"
187 " --no-tail Show all lines, even in follow mode\n"
188 " -r --reverse Show the newest entries first\n"
189 " -o --output=STRING Change journal output mode (short, short-iso,\n"
190 " short-precise, short-monotonic, verbose,\n"
191 " export, json, json-pretty, json-sse, cat)\n"
192 " -x --catalog Add message explanations where available\n"
193 " --no-full Ellipsize fields\n"
194 " -a --all Show all fields, including long and unprintable\n"
195 " -q --quiet Do not show privilege warning\n"
196 " --no-pager Do not pipe output into a pager\n"
197 " -m --merge Show entries from all available journals\n"
198 " -D --directory=PATH Show journal files from directory\n"
199 " --file=PATH Show journal file\n"
200 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
202 " --interval=TIME Time interval for changing the FSS sealing key\n"
203 " --verify-key=KEY Specify FSS verification key\n"
204 " --force Force overriding of the FSS key pair with --setup-keys\n"
207 " -h --help Show this help text\n"
208 " --version Show package version\n"
209 " --new-id128 Generate a new 128-bit ID\n"
210 " --header Show journal header information\n"
211 " --disk-usage Show total disk usage of all journal files\n"
212 " -F --field=FIELD List all values that a specified field takes\n"
213 " --list-catalog Show message IDs of all entries in the message catalog\n"
214 " --dump-catalog Show entries in the message catalog\n"
215 " --update-catalog Update the message catalog database\n"
217 " --setup-keys Generate a new FSS key pair\n"
218 " --verify Verify journal file consistency\n"
220 , program_invocation_short_name);
225 static int parse_argv(int argc, char *argv[]) {
255 static const struct option options[] = {
256 { "help", no_argument, NULL, 'h' },
257 { "version" , no_argument, NULL, ARG_VERSION },
258 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
259 { "pager-end", no_argument, NULL, 'e' },
260 { "follow", no_argument, NULL, 'f' },
261 { "force", no_argument, NULL, ARG_FORCE },
262 { "output", required_argument, NULL, 'o' },
263 { "all", no_argument, NULL, 'a' },
264 { "full", no_argument, NULL, 'l' },
265 { "no-full", no_argument, NULL, ARG_NO_FULL },
266 { "lines", optional_argument, NULL, 'n' },
267 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
268 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
269 { "quiet", no_argument, NULL, 'q' },
270 { "merge", no_argument, NULL, 'm' },
271 { "boot", optional_argument, NULL, 'b' },
272 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
273 { "this-boot", optional_argument, NULL, 'b' }, /* deprecated */
274 { "dmesg", no_argument, NULL, 'k' },
275 { "system", no_argument, NULL, ARG_SYSTEM },
276 { "user", no_argument, NULL, ARG_USER },
277 { "directory", required_argument, NULL, 'D' },
278 { "file", required_argument, NULL, ARG_FILE },
279 { "root", required_argument, NULL, ARG_ROOT },
280 { "header", no_argument, NULL, ARG_HEADER },
281 { "priority", required_argument, NULL, 'p' },
282 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
283 { "interval", required_argument, NULL, ARG_INTERVAL },
284 { "verify", no_argument, NULL, ARG_VERIFY },
285 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
286 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
287 { "cursor", required_argument, NULL, 'c' },
288 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
289 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
290 { "since", required_argument, NULL, ARG_SINCE },
291 { "until", required_argument, NULL, ARG_UNTIL },
292 { "unit", required_argument, NULL, 'u' },
293 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
294 { "field", required_argument, NULL, 'F' },
295 { "catalog", no_argument, NULL, 'x' },
296 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
297 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
298 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
299 { "reverse", no_argument, NULL, 'r' },
300 { "machine", required_argument, NULL, 'M' },
309 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:u:F:xrM:", options, NULL)) >= 0) {
317 puts(PACKAGE_STRING);
318 puts(SYSTEMD_FEATURES);
326 arg_pager_end = true;
338 arg_output = output_mode_from_string(optarg);
339 if (arg_output < 0) {
340 log_error("Unknown output format '%s'.", optarg);
344 if (arg_output == OUTPUT_EXPORT ||
345 arg_output == OUTPUT_JSON ||
346 arg_output == OUTPUT_JSON_PRETTY ||
347 arg_output == OUTPUT_JSON_SSE ||
348 arg_output == OUTPUT_CAT)
367 r = safe_atoi(optarg, &arg_lines);
368 if (r < 0 || arg_lines < 0) {
369 log_error("Failed to parse lines '%s'", optarg);
375 /* Hmm, no argument? Maybe the next
376 * word on the command line is
377 * supposed to be the argument? Let's
378 * see if there is one, and is
379 * parsable as a positive
383 safe_atoi(argv[optind], &n) >= 0 &&
399 arg_action = ACTION_NEW_ID128;
414 r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
416 log_error("Failed to parse boot descriptor '%s'", optarg);
421 /* Hmm, no argument? Maybe the next
422 * word on the command line is
423 * supposed to be the argument? Let's
424 * see if there is one and is parsable
425 * as a boot descriptor... */
428 parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
435 arg_action = ACTION_LIST_BOOTS;
439 arg_boot = arg_dmesg = true;
443 arg_journal_type |= SD_JOURNAL_SYSTEM;
447 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
451 arg_machine = optarg;
455 arg_directory = optarg;
459 r = glob_extend(&arg_file, optarg);
461 log_error("Failed to add paths: %s", strerror(-r));
474 case ARG_AFTER_CURSOR:
475 arg_after_cursor = optarg;
478 case ARG_SHOW_CURSOR:
479 arg_show_cursor = true;
483 arg_action = ACTION_PRINT_HEADER;
487 arg_action = ACTION_VERIFY;
491 arg_action = ACTION_DISK_USAGE;
500 arg_action = ACTION_SETUP_KEYS;
505 arg_action = ACTION_VERIFY;
506 arg_verify_key = optarg;
511 r = parse_sec(optarg, &arg_interval);
512 if (r < 0 || arg_interval <= 0) {
513 log_error("Failed to parse sealing key change interval: %s", optarg);
522 log_error("Forward-secure sealing not available.");
529 dots = strstr(optarg, "..");
535 a = strndup(optarg, dots - optarg);
539 from = log_level_from_string(a);
540 to = log_level_from_string(dots + 2);
543 if (from < 0 || to < 0) {
544 log_error("Failed to parse log level range %s", optarg);
551 for (i = from; i <= to; i++)
552 arg_priorities |= 1 << i;
554 for (i = to; i <= from; i++)
555 arg_priorities |= 1 << i;
561 p = log_level_from_string(optarg);
563 log_error("Unknown log level %s", optarg);
569 for (i = 0; i <= p; i++)
570 arg_priorities |= 1 << i;
577 r = parse_timestamp(optarg, &arg_since);
579 log_error("Failed to parse timestamp: %s", optarg);
582 arg_since_set = true;
586 r = parse_timestamp(optarg, &arg_until);
588 log_error("Failed to parse timestamp: %s", optarg);
591 arg_until_set = true;
595 r = strv_extend(&arg_system_units, optarg);
601 r = strv_extend(&arg_user_units, optarg);
614 case ARG_LIST_CATALOG:
615 arg_action = ACTION_LIST_CATALOG;
618 case ARG_DUMP_CATALOG:
619 arg_action = ACTION_DUMP_CATALOG;
622 case ARG_UPDATE_CATALOG:
623 arg_action = ACTION_UPDATE_CATALOG;
634 assert_not_reached("Unhandled option");
638 if (arg_follow && !arg_no_tail && arg_lines < 0)
641 if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
642 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
646 if (arg_since_set && arg_until_set && arg_since > arg_until) {
647 log_error("--since= must be before --until=.");
651 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
652 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
656 if (arg_follow && arg_reverse) {
657 log_error("Please specify either --reverse= or --follow=, not both.");
661 if (arg_action != ACTION_SHOW && optind < argc) {
662 log_error("Extraneous arguments starting with '%s'", argv[optind]);
669 static int generate_new_id128(void) {
674 r = sd_id128_randomize(&id);
676 log_error("Failed to generate ID: %s", strerror(-r));
680 printf("As string:\n"
681 SD_ID128_FORMAT_STR "\n\n"
683 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
685 "#define MESSAGE_XYZ SD_ID128_MAKE(",
686 SD_ID128_FORMAT_VAL(id),
687 SD_ID128_FORMAT_VAL(id));
688 for (i = 0; i < 16; i++)
689 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
690 fputs(")\n\n", stdout);
692 printf("As Python constant:\n"
694 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
695 SD_ID128_FORMAT_VAL(id));
700 static int add_matches(sd_journal *j, char **args) {
705 STRV_FOREACH(i, args) {
709 r = sd_journal_add_disjunction(j);
710 else if (path_is_absolute(*i)) {
711 _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
713 _cleanup_free_ char *interpreter = NULL;
716 p = canonicalize_file_name(*i);
719 if (stat(path, &st) < 0) {
720 log_error("Couldn't stat file: %m");
724 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
725 if (executable_is_script(path, &interpreter) > 0) {
726 _cleanup_free_ char *comm;
728 comm = strndup(basename(path), 15);
732 t = strappend("_COMM=", comm);
734 /* Append _EXE only if the interpreter is not a link.
735 Otherwise, it might be outdated often. */
736 if (lstat(interpreter, &st) == 0 &&
737 !S_ISLNK(st.st_mode)) {
738 t2 = strappend("_EXE=", interpreter);
743 t = strappend("_EXE=", path);
744 } else if (S_ISCHR(st.st_mode))
745 asprintf(&t, "_KERNEL_DEVICE=c%u:%u", major(st.st_rdev), minor(st.st_rdev));
746 else if (S_ISBLK(st.st_mode))
747 asprintf(&t, "_KERNEL_DEVICE=b%u:%u", major(st.st_rdev), minor(st.st_rdev));
749 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
756 r = sd_journal_add_match(j, t, 0);
758 r = sd_journal_add_match(j, t2, 0);
760 r = sd_journal_add_match(j, *i, 0);
763 log_error("Failed to add match '%s': %s", *i, strerror(-r));
771 static int boot_id_cmp(const void *a, const void *b) {
774 _a = ((const boot_id_t *)a)->first;
775 _b = ((const boot_id_t *)b)->first;
777 return _a < _b ? -1 : (_a > _b ? 1 : 0);
780 static int list_boots(sd_journal *j) {
783 unsigned int count = 0;
785 size_t length, allocated = 0;
787 _cleanup_free_ boot_id_t *all_ids = NULL;
789 r = sd_journal_query_unique(j, "_BOOT_ID");
793 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
794 if (length < strlen("_BOOT_ID="))
797 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
800 id = &all_ids[count];
802 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
806 r = sd_journal_add_match(j, data, length);
810 r = sd_journal_seek_head(j);
814 r = sd_journal_next(j);
820 r = sd_journal_get_realtime_usec(j, &id->first);
824 r = sd_journal_seek_tail(j);
828 r = sd_journal_previous(j);
834 r = sd_journal_get_realtime_usec(j, &id->last);
840 sd_journal_flush_matches(j);
843 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
845 /* numbers are one less, but we need an extra char for the sign */
846 w = DECIMAL_STR_WIDTH(count - 1) + 1;
848 for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
849 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
851 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
853 SD_ID128_FORMAT_VAL(id->id),
854 format_timestamp(a, sizeof(a), id->first),
855 format_timestamp(b, sizeof(b), id->last));
861 static int get_relative_boot_id(sd_journal *j, sd_id128_t *boot_id, int relative) {
864 unsigned int count = 0;
865 size_t length, allocated = 0;
866 boot_id_t ref_boot_id = {SD_ID128_NULL}, *id;
867 _cleanup_free_ boot_id_t *all_ids = NULL;
872 r = sd_journal_query_unique(j, "_BOOT_ID");
876 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
877 if (length < strlen("_BOOT_ID="))
880 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
883 id = &all_ids[count];
885 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
889 r = sd_journal_add_match(j, data, length);
893 r = sd_journal_seek_head(j);
897 r = sd_journal_next(j);
903 r = sd_journal_get_realtime_usec(j, &id->first);
907 if (sd_id128_equal(id->id, *boot_id))
912 sd_journal_flush_matches(j);
915 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
917 if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
918 if (relative > (int) count || relative <= -(int)count)
919 return -EADDRNOTAVAIL;
921 *boot_id = all_ids[(relative <= 0)*count + relative - 1].id;
923 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
926 relative <= 0 ? (id - all_ids) + relative < 0 :
927 (id - all_ids) + relative >= (int) count)
928 return -EADDRNOTAVAIL;
930 *boot_id = (id + relative)->id;
936 static int add_boot(sd_journal *j) {
937 char match[9+32+1] = "_BOOT_ID=";
945 if (arg_boot_offset == 0 && sd_id128_equal(arg_boot_id, SD_ID128_NULL))
946 return add_match_this_boot(j, arg_machine);
948 r = get_relative_boot_id(j, &arg_boot_id, arg_boot_offset);
950 if (sd_id128_equal(arg_boot_id, SD_ID128_NULL))
951 log_error("Failed to look up boot %+i: %s", arg_boot_offset, strerror(-r));
953 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+i: %s",
954 SD_ID128_FORMAT_VAL(arg_boot_id), arg_boot_offset, strerror(-r));
958 sd_id128_to_string(arg_boot_id, match + 9);
960 r = sd_journal_add_match(j, match, sizeof(match) - 1);
962 log_error("Failed to add match: %s", strerror(-r));
966 r = sd_journal_add_conjunction(j);
973 static int add_dmesg(sd_journal *j) {
980 r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
982 log_error("Failed to add match: %s", strerror(-r));
986 r = sd_journal_add_conjunction(j);
993 static int get_possible_units(sd_journal *j,
997 _cleanup_set_free_free_ Set *found;
1001 found = set_new(string_hash_func, string_compare_func);
1005 NULSTR_FOREACH(field, fields) {
1009 r = sd_journal_query_unique(j, field);
1013 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1014 char **pattern, *eq;
1016 _cleanup_free_ char *u = NULL;
1018 eq = memchr(data, '=', size);
1020 prefix = eq - (char*) data + 1;
1024 u = strndup((char*) data + prefix, size - prefix);
1028 STRV_FOREACH(pattern, patterns)
1029 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1030 log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1032 r = set_consume(found, u);
1034 if (r < 0 && r != -EEXIST)
1047 /* This list is supposed to return the superset of unit names
1048 * possibly matched by rules added with add_matches_for_unit... */
1049 #define SYSTEM_UNITS \
1053 "OBJECT_SYSTEMD_UNIT\0" \
1056 /* ... and add_matches_for_user_unit */
1057 #define USER_UNITS \
1058 "_SYSTEMD_USER_UNIT\0" \
1060 "COREDUMP_USER_UNIT\0" \
1061 "OBJECT_SYSTEMD_USER_UNIT\0"
1063 static int add_units(sd_journal *j) {
1064 _cleanup_strv_free_ char **patterns = NULL;
1070 STRV_FOREACH(i, arg_system_units) {
1071 _cleanup_free_ char *u = NULL;
1073 u = unit_name_mangle(*i, MANGLE_GLOB);
1077 if (string_is_glob(u)) {
1078 r = strv_push(&patterns, u);
1083 r = add_matches_for_unit(j, u);
1086 r = sd_journal_add_disjunction(j);
1093 if (!strv_isempty(patterns)) {
1094 _cleanup_set_free_free_ Set *units = NULL;
1098 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
1102 SET_FOREACH(u, units, it) {
1103 r = add_matches_for_unit(j, u);
1106 r = sd_journal_add_disjunction(j);
1113 strv_free(patterns);
1116 STRV_FOREACH(i, arg_user_units) {
1117 _cleanup_free_ char *u = NULL;
1119 u = unit_name_mangle(*i, MANGLE_GLOB);
1123 if (string_is_glob(u)) {
1124 r = strv_push(&patterns, u);
1129 r = add_matches_for_user_unit(j, u, getuid());
1132 r = sd_journal_add_disjunction(j);
1139 if (!strv_isempty(patterns)) {
1140 _cleanup_set_free_free_ Set *units = NULL;
1144 r = get_possible_units(j, USER_UNITS, patterns, &units);
1148 SET_FOREACH(u, units, it) {
1149 r = add_matches_for_user_unit(j, u, getuid());
1152 r = sd_journal_add_disjunction(j);
1159 /* Complain if the user request matches but nothing whatsoever was
1160 * found, since otherwise everything would be matched. */
1161 if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1164 r = sd_journal_add_conjunction(j);
1171 static int add_priorities(sd_journal *j) {
1172 char match[] = "PRIORITY=0";
1176 if (arg_priorities == 0xFF)
1179 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1180 if (arg_priorities & (1 << i)) {
1181 match[sizeof(match)-2] = '0' + i;
1183 r = sd_journal_add_match(j, match, strlen(match));
1185 log_error("Failed to add match: %s", strerror(-r));
1190 r = sd_journal_add_conjunction(j);
1197 static int setup_keys(void) {
1199 size_t mpk_size, seed_size, state_size, i;
1200 uint8_t *mpk, *seed, *state;
1202 int fd = -1, r, attr = 0;
1203 sd_id128_t machine, boot;
1204 char *p = NULL, *k = NULL;
1209 r = stat("/var/log/journal", &st);
1210 if (r < 0 && errno != ENOENT && errno != ENOTDIR) {
1211 log_error("stat(\"%s\") failed: %m", "/var/log/journal");
1215 if (r < 0 || !S_ISDIR(st.st_mode)) {
1216 log_error("%s is not a directory, must be using persistent logging for FSS.",
1217 "/var/log/journal");
1218 return r < 0 ? -errno : -ENOTDIR;
1221 r = sd_id128_get_machine(&machine);
1223 log_error("Failed to get machine ID: %s", strerror(-r));
1227 r = sd_id128_get_boot(&boot);
1229 log_error("Failed to get boot ID: %s", strerror(-r));
1233 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1234 SD_ID128_FORMAT_VAL(machine)) < 0)
1237 if (access(p, F_OK) >= 0) {
1241 log_error("unlink(\"%s\") failed: %m", p);
1246 log_error("Sealing key file %s exists already. (--force to recreate)", p);
1252 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1253 SD_ID128_FORMAT_VAL(machine)) < 0) {
1258 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1259 mpk = alloca(mpk_size);
1261 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1262 seed = alloca(seed_size);
1264 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1265 state = alloca(state_size);
1267 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1269 log_error("Failed to open /dev/random: %m");
1274 log_info("Generating seed...");
1275 l = loop_read(fd, seed, seed_size, true);
1276 if (l < 0 || (size_t) l != seed_size) {
1277 log_error("Failed to read random seed: %s", strerror(EIO));
1282 log_info("Generating key pair...");
1283 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1285 log_info("Generating sealing key...");
1286 FSPRG_GenState0(state, mpk, seed, seed_size);
1288 assert(arg_interval > 0);
1290 n = now(CLOCK_REALTIME);
1294 fd = mkostemp_safe(k, O_WRONLY|O_CLOEXEC);
1296 log_error("Failed to open %s: %m", k);
1301 /* Enable secure remove, exclusion from dump, synchronous
1302 * writing and in-place updating */
1303 if (ioctl(fd, FS_IOC_GETFLAGS, &attr) < 0)
1304 log_warning("FS_IOC_GETFLAGS failed: %m");
1306 attr |= FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL;
1308 if (ioctl(fd, FS_IOC_SETFLAGS, &attr) < 0)
1309 log_warning("FS_IOC_SETFLAGS failed: %m");
1312 memcpy(h.signature, "KSHHRHLP", 8);
1313 h.machine_id = machine;
1315 h.header_size = htole64(sizeof(h));
1316 h.start_usec = htole64(n * arg_interval);
1317 h.interval_usec = htole64(arg_interval);
1318 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1319 h.fsprg_state_size = htole64(state_size);
1321 l = loop_write(fd, &h, sizeof(h), false);
1322 if (l < 0 || (size_t) l != sizeof(h)) {
1323 log_error("Failed to write header: %s", strerror(EIO));
1328 l = loop_write(fd, state, state_size, false);
1329 if (l < 0 || (size_t) l != state_size) {
1330 log_error("Failed to write state: %s", strerror(EIO));
1335 if (link(k, p) < 0) {
1336 log_error("Failed to link file: %m");
1344 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1345 "the following local file. This key file is automatically updated when the\n"
1346 "sealing key is advanced. It should not be used on multiple hosts.\n"
1350 "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1351 "at a safe location and should not be saved locally on disk.\n"
1352 "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1355 for (i = 0; i < seed_size; i++) {
1356 if (i > 0 && i % 3 == 0)
1358 printf("%02x", ((uint8_t*) seed)[i]);
1361 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1364 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1367 ANSI_HIGHLIGHT_OFF "\n"
1368 "The sealing key is automatically changed every %s.\n",
1369 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1371 hn = gethostname_malloc();
1374 hostname_cleanup(hn, false);
1375 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1377 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1379 #ifdef HAVE_QRENCODE
1380 /* If this is not an UTF-8 system don't print any QR codes */
1381 if (is_locale_utf8()) {
1382 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1383 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1403 log_error("Forward-secure sealing not available.");
1408 static int verify(sd_journal *j) {
1415 log_show_color(true);
1417 HASHMAP_FOREACH(f, j->files, i) {
1419 usec_t first, validated, last;
1422 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1423 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1426 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1428 /* If the key was invalid give up right-away. */
1431 log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1434 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1435 log_info("PASS: %s", f->path);
1437 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1438 if (validated > 0) {
1439 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1440 format_timestamp(a, sizeof(a), first),
1441 format_timestamp(b, sizeof(b), validated),
1442 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1443 } else if (last > 0)
1444 log_info("=> No sealing yet, %s of entries not sealed.",
1445 format_timespan(c, sizeof(c), last - first, 0));
1447 log_info("=> No sealing yet, no entries in file.");
1456 static int access_check_var_log_journal(sd_journal *j) {
1457 _cleanup_strv_free_ char **g = NULL;
1463 have_access = in_group("systemd-journal") > 0;
1466 /* Let's enumerate all groups from the default ACL of
1467 * the directory, which generally should allow access
1468 * to most journal files too */
1469 r = search_acl_groups(&g, "/var/log/journal/", &have_access);
1476 if (strv_isempty(g))
1477 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1478 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1479 " turn off this notice.");
1481 _cleanup_free_ char *s = NULL;
1483 r = strv_extend(&g, "systemd-journal");
1490 s = strv_join(g, "', '");
1494 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1495 " Users in the groups '%s' can see all messages.\n"
1496 " Pass -q to turn off this notice.", s);
1504 static int access_check(sd_journal *j) {
1511 if (set_isempty(j->errors)) {
1512 if (hashmap_isempty(j->files))
1513 log_notice("No journal files were found.");
1517 if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1519 /* If /var/log/journal doesn't even exist,
1520 * unprivileged users have no access at all */
1521 if (access("/var/log/journal", F_OK) < 0 &&
1523 in_group("systemd-journal") <= 0) {
1524 log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
1525 "enabled. Users in the 'systemd-journal' group may always access messages.");
1529 /* If /var/log/journal exists, try to pring a nice
1530 notice if the user lacks access to it */
1531 if (!arg_quiet && geteuid() != 0) {
1532 r = access_check_var_log_journal(j);
1537 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1538 log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1539 "group may access messages.");
1544 if (hashmap_isempty(j->files)) {
1545 log_error("No journal files were opened due to insufficient permissions.");
1550 SET_FOREACH(code, j->errors, it) {
1553 err = -PTR_TO_INT(code);
1557 log_warning("Error was encountered while opening journal files: %s",
1564 int main(int argc, char *argv[]) {
1566 _cleanup_journal_close_ sd_journal *j = NULL;
1567 bool need_seek = false;
1568 sd_id128_t previous_boot_id;
1569 bool previous_boot_id_valid = false, first_line = true;
1571 bool ellipsized = false;
1573 setlocale(LC_ALL, "");
1574 log_parse_environment();
1577 r = parse_argv(argc, argv);
1581 signal(SIGWINCH, columns_lines_cache_reset);
1583 if (arg_action == ACTION_NEW_ID128) {
1584 r = generate_new_id128();
1588 if (arg_action == ACTION_SETUP_KEYS) {
1593 if (arg_action == ACTION_UPDATE_CATALOG ||
1594 arg_action == ACTION_LIST_CATALOG ||
1595 arg_action == ACTION_DUMP_CATALOG) {
1597 const char* database = CATALOG_DATABASE;
1598 _cleanup_free_ char *copy = NULL;
1600 copy = strjoin(arg_root, "/", CATALOG_DATABASE, NULL);
1605 path_kill_slashes(copy);
1609 if (arg_action == ACTION_UPDATE_CATALOG) {
1610 r = catalog_update(database, arg_root, catalog_file_dirs);
1612 log_error("Failed to list catalog: %s", strerror(-r));
1614 bool oneline = arg_action == ACTION_LIST_CATALOG;
1617 r = catalog_list_items(stdout, database,
1618 oneline, argv + optind);
1620 r = catalog_list(stdout, database, oneline);
1622 log_error("Failed to list catalog: %s", strerror(-r));
1629 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1631 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1632 else if (arg_machine)
1633 r = sd_journal_open_container(&j, arg_machine, 0);
1635 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1637 log_error("Failed to open %s: %s",
1638 arg_directory ? arg_directory : arg_file ? "files" : "journal",
1640 return EXIT_FAILURE;
1643 r = access_check(j);
1645 return EXIT_FAILURE;
1647 if (arg_action == ACTION_VERIFY) {
1652 if (arg_action == ACTION_PRINT_HEADER) {
1653 journal_print_header(j);
1654 return EXIT_SUCCESS;
1657 if (arg_action == ACTION_DISK_USAGE) {
1659 char sbytes[FORMAT_BYTES_MAX];
1661 r = sd_journal_get_usage(j, &bytes);
1663 return EXIT_FAILURE;
1665 printf("Journals take up %s on disk.\n",
1666 format_bytes(sbytes, sizeof(sbytes), bytes));
1667 return EXIT_SUCCESS;
1670 if (arg_action == ACTION_LIST_BOOTS) {
1675 /* add_boot() must be called first!
1676 * It may need to seek the journal to find parent boot IDs. */
1679 return EXIT_FAILURE;
1683 return EXIT_FAILURE;
1686 strv_free(arg_system_units);
1687 strv_free(arg_user_units);
1690 log_error("Failed to add filter for units: %s", strerror(-r));
1691 return EXIT_FAILURE;
1694 r = add_priorities(j);
1696 log_error("Failed to add filter for priorities: %s", strerror(-r));
1697 return EXIT_FAILURE;
1700 r = add_matches(j, argv + optind);
1702 log_error("Failed to add filters: %s", strerror(-r));
1703 return EXIT_FAILURE;
1706 if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) {
1707 _cleanup_free_ char *filter;
1709 filter = journal_make_match_string(j);
1710 log_debug("Journal filter: %s", filter);
1717 r = sd_journal_set_data_threshold(j, 0);
1719 log_error("Failed to unset data size threshold");
1720 return EXIT_FAILURE;
1723 r = sd_journal_query_unique(j, arg_field);
1725 log_error("Failed to query unique data objects: %s", strerror(-r));
1726 return EXIT_FAILURE;
1729 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1732 if (arg_lines >= 0 && n_shown >= arg_lines)
1735 eq = memchr(data, '=', size);
1737 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1739 printf("%.*s\n", (int) size, (const char*) data);
1744 return EXIT_SUCCESS;
1747 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1749 r = sd_journal_get_fd(j);
1751 return EXIT_FAILURE;
1754 if (arg_cursor || arg_after_cursor) {
1755 r = sd_journal_seek_cursor(j, arg_cursor ? arg_cursor : arg_after_cursor);
1757 log_error("Failed to seek to cursor: %s", strerror(-r));
1758 return EXIT_FAILURE;
1761 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1763 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1765 if (arg_after_cursor && r < 2 && !arg_follow)
1766 /* We couldn't find the next entry after the cursor. */
1769 } else if (arg_since_set && !arg_reverse) {
1770 r = sd_journal_seek_realtime_usec(j, arg_since);
1772 log_error("Failed to seek to date: %s", strerror(-r));
1773 return EXIT_FAILURE;
1775 r = sd_journal_next(j);
1777 } else if (arg_until_set && arg_reverse) {
1778 r = sd_journal_seek_realtime_usec(j, arg_until);
1780 log_error("Failed to seek to date: %s", strerror(-r));
1781 return EXIT_FAILURE;
1783 r = sd_journal_previous(j);
1785 } else if (arg_lines >= 0) {
1786 r = sd_journal_seek_tail(j);
1788 log_error("Failed to seek to tail: %s", strerror(-r));
1789 return EXIT_FAILURE;
1792 r = sd_journal_previous_skip(j, arg_lines);
1794 } else if (arg_reverse) {
1795 r = sd_journal_seek_tail(j);
1797 log_error("Failed to seek to tail: %s", strerror(-r));
1798 return EXIT_FAILURE;
1801 r = sd_journal_previous(j);
1804 r = sd_journal_seek_head(j);
1806 log_error("Failed to seek to head: %s", strerror(-r));
1807 return EXIT_FAILURE;
1810 r = sd_journal_next(j);
1814 log_error("Failed to iterate through journal: %s", strerror(-r));
1815 return EXIT_FAILURE;
1819 pager_open_if_enabled();
1823 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1825 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1827 log_error("Failed to get cutoff: %s", strerror(-r));
1833 printf("-- Logs begin at %s. --\n",
1834 format_timestamp(start_buf, sizeof(start_buf), start));
1836 printf("-- Logs begin at %s, end at %s. --\n",
1837 format_timestamp(start_buf, sizeof(start_buf), start),
1838 format_timestamp(end_buf, sizeof(end_buf), end));
1843 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
1848 r = sd_journal_next(j);
1850 r = sd_journal_previous(j);
1852 log_error("Failed to iterate through journal: %s", strerror(-r));
1859 if (arg_until_set && !arg_reverse) {
1862 r = sd_journal_get_realtime_usec(j, &usec);
1864 log_error("Failed to determine timestamp: %s", strerror(-r));
1867 if (usec > arg_until)
1871 if (arg_since_set && arg_reverse) {
1874 r = sd_journal_get_realtime_usec(j, &usec);
1876 log_error("Failed to determine timestamp: %s", strerror(-r));
1879 if (usec < arg_since)
1886 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1888 if (previous_boot_id_valid &&
1889 !sd_id128_equal(boot_id, previous_boot_id))
1890 printf("%s-- Reboot --%s\n",
1891 ansi_highlight(), ansi_highlight_off());
1893 previous_boot_id = boot_id;
1894 previous_boot_id_valid = true;
1899 arg_all * OUTPUT_SHOW_ALL |
1900 arg_full * OUTPUT_FULL_WIDTH |
1901 on_tty() * OUTPUT_COLOR |
1902 arg_catalog * OUTPUT_CATALOG;
1904 r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
1906 if (r == -EADDRNOTAVAIL)
1908 else if (r < 0 || ferror(stdout))
1915 if (arg_show_cursor) {
1916 _cleanup_free_ char *cursor = NULL;
1918 r = sd_journal_get_cursor(j, &cursor);
1919 if (r < 0 && r != -EADDRNOTAVAIL)
1920 log_error("Failed to get cursor: %s", strerror(-r));
1922 printf("-- cursor: %s\n", cursor);
1928 r = sd_journal_wait(j, (uint64_t) -1);
1930 log_error("Couldn't wait for journal event: %s", strerror(-r));
1940 strv_free(arg_file);
1942 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob