1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
34 #include <sys/ioctl.h>
42 #include <systemd/sd-journal.h>
45 #include "logs-show.h"
47 #include "path-util.h"
51 #include "logs-show.h"
53 #include "journal-internal.h"
54 #include "journal-def.h"
55 #include "journal-verify.h"
56 #include "journal-authenticate.h"
57 #include "journal-qrcode.h"
59 #include "unit-name.h"
62 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
64 static OutputMode arg_output = OUTPUT_SHORT;
65 static bool arg_pager_end = false;
66 static bool arg_follow = false;
67 static bool arg_full = true;
68 static bool arg_all = false;
69 static bool arg_no_pager = false;
70 static int arg_lines = -1;
71 static bool arg_no_tail = false;
72 static bool arg_quiet = false;
73 static bool arg_merge = false;
74 static bool arg_boot = false;
75 static char *arg_boot_descriptor = NULL;
76 static bool arg_dmesg = false;
77 static const char *arg_cursor = NULL;
78 static const char *arg_after_cursor = NULL;
79 static bool arg_show_cursor = false;
80 static const char *arg_directory = NULL;
81 static char **arg_file = NULL;
82 static int arg_priorities = 0xFF;
83 static const char *arg_verify_key = NULL;
85 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
86 static bool arg_force = false;
88 static usec_t arg_since, arg_until;
89 static bool arg_since_set = false, arg_until_set = false;
90 static char **arg_system_units = NULL;
91 static char **arg_user_units = NULL;
92 static const char *arg_field = NULL;
93 static bool arg_catalog = false;
94 static bool arg_reverse = false;
95 static int arg_journal_type = 0;
96 static const char *arg_root = NULL;
107 ACTION_UPDATE_CATALOG,
109 } arg_action = ACTION_SHOW;
111 typedef struct boot_id_t {
117 static int help(void) {
119 printf("%s [OPTIONS...] [MATCHES...]\n\n"
120 "Query the journal.\n\n"
122 " --system Show only the system journal\n"
123 " --user Show only the user journal for current user\n"
124 " --since=DATE Start showing entries newer or of the specified date\n"
125 " --until=DATE Stop showing entries older or of the specified date\n"
126 " -c --cursor=CURSOR Start showing entries from specified cursor\n"
127 " --after-cursor=CURSOR Start showing entries from specified cursor\n"
128 " --show-cursor Print the cursor after all the entries\n"
129 " -b --boot[=ID] Show data only from ID or current boot if unspecified\n"
130 " --list-boots Show terse information about recorded boots\n"
131 " -k --dmesg Show kernel message log from current boot\n"
132 " -u --unit=UNIT Show data only from the specified unit\n"
133 " --user-unit=UNIT Show data only from the specified user session unit\n"
134 " -p --priority=RANGE Show only messages within the specified priority range\n"
135 " -e --pager-end Immediately jump to end of the journal in the pager\n"
136 " -f --follow Follow journal\n"
137 " -n --lines[=INTEGER] Number of journal entries to show\n"
138 " --no-tail Show all lines, even in follow mode\n"
139 " -r --reverse Show the newest entries first\n"
140 " -o --output=STRING Change journal output mode (short, short-iso,\n"
141 " short-precise, short-monotonic, verbose,\n"
142 " export, json, json-pretty, json-sse, cat)\n"
143 " -x --catalog Add message explanations where available\n"
144 " --no-full Ellipsize fields\n"
145 " -a --all Show all fields, including long and unprintable\n"
146 " -q --quiet Don't show privilege warning\n"
147 " --no-pager Do not pipe output into a pager\n"
148 " -m --merge Show entries from all available journals\n"
149 " -D --directory=PATH Show journal files from directory\n"
150 " --file=PATH Show journal file\n"
151 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
153 " --interval=TIME Time interval for changing the FSS sealing key\n"
154 " --verify-key=KEY Specify FSS verification key\n"
155 " --force Force overriding new FSS key pair with --setup-keys\n"
158 " -h --help Show this help\n"
159 " --version Show package version\n"
160 " --new-id128 Generate a new 128 Bit ID\n"
161 " --header Show journal header information\n"
162 " --disk-usage Show total disk usage\n"
163 " -F --field=FIELD List all values a certain field takes\n"
164 " --list-catalog Show message IDs of all entries in the message catalog\n"
165 " --dump-catalog Show entries in the message catalog\n"
166 " --update-catalog Update the message catalog database\n"
168 " --setup-keys Generate new FSS key pair\n"
169 " --verify Verify journal file consistency\n"
171 , program_invocation_short_name);
176 static int parse_argv(int argc, char *argv[]) {
206 static const struct option options[] = {
207 { "help", no_argument, NULL, 'h' },
208 { "version" , no_argument, NULL, ARG_VERSION },
209 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
210 { "pager-end", no_argument, NULL, 'e' },
211 { "follow", no_argument, NULL, 'f' },
212 { "force", no_argument, NULL, ARG_FORCE },
213 { "output", required_argument, NULL, 'o' },
214 { "all", no_argument, NULL, 'a' },
215 { "full", no_argument, NULL, 'l' },
216 { "no-full", no_argument, NULL, ARG_NO_FULL },
217 { "lines", optional_argument, NULL, 'n' },
218 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
219 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
220 { "quiet", no_argument, NULL, 'q' },
221 { "merge", no_argument, NULL, 'm' },
222 { "boot", optional_argument, NULL, 'b' },
223 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
224 { "this-boot", optional_argument, NULL, 'b' }, /* deprecated */
225 { "dmesg", no_argument, NULL, 'k' },
226 { "system", no_argument, NULL, ARG_SYSTEM },
227 { "user", no_argument, NULL, ARG_USER },
228 { "directory", required_argument, NULL, 'D' },
229 { "file", required_argument, NULL, ARG_FILE },
230 { "root", required_argument, NULL, ARG_ROOT },
231 { "header", no_argument, NULL, ARG_HEADER },
232 { "priority", required_argument, NULL, 'p' },
233 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
234 { "interval", required_argument, NULL, ARG_INTERVAL },
235 { "verify", no_argument, NULL, ARG_VERIFY },
236 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
237 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
238 { "cursor", required_argument, NULL, 'c' },
239 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
240 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
241 { "since", required_argument, NULL, ARG_SINCE },
242 { "until", required_argument, NULL, ARG_UNTIL },
243 { "unit", required_argument, NULL, 'u' },
244 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
245 { "field", required_argument, NULL, 'F' },
246 { "catalog", no_argument, NULL, 'x' },
247 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
248 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
249 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
250 { "reverse", no_argument, NULL, 'r' },
259 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:u:F:xr", options, NULL)) >= 0) {
268 puts(PACKAGE_STRING);
269 puts(SYSTEMD_FEATURES);
277 arg_pager_end = true;
289 arg_output = output_mode_from_string(optarg);
290 if (arg_output < 0) {
291 log_error("Unknown output format '%s'.", optarg);
295 if (arg_output == OUTPUT_EXPORT ||
296 arg_output == OUTPUT_JSON ||
297 arg_output == OUTPUT_JSON_PRETTY ||
298 arg_output == OUTPUT_JSON_SSE ||
299 arg_output == OUTPUT_CAT)
318 r = safe_atoi(optarg, &arg_lines);
319 if (r < 0 || arg_lines < 0) {
320 log_error("Failed to parse lines '%s'", optarg);
326 /* Hmm, no argument? Maybe the next
327 * word on the command line is
328 * supposed to be the argument? Let's
329 * see if there is one, and is
330 * parsable as a positive
334 safe_atoi(argv[optind], &n) >= 0 &&
350 arg_action = ACTION_NEW_ID128;
365 arg_boot_descriptor = optarg;
366 else if (optind < argc) {
369 if (argv[optind][0] != '-' ||
370 safe_atoi(argv[optind], &boot) >= 0) {
371 arg_boot_descriptor = argv[optind];
379 arg_action = ACTION_LIST_BOOTS;
383 arg_boot = arg_dmesg = true;
387 arg_journal_type |= SD_JOURNAL_SYSTEM;
391 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
395 arg_directory = optarg;
399 r = glob_extend(&arg_file, optarg);
401 log_error("Failed to add paths: %s", strerror(-r));
414 case ARG_AFTER_CURSOR:
415 arg_after_cursor = optarg;
418 case ARG_SHOW_CURSOR:
419 arg_show_cursor = true;
423 arg_action = ACTION_PRINT_HEADER;
427 arg_action = ACTION_VERIFY;
431 arg_action = ACTION_DISK_USAGE;
440 arg_action = ACTION_SETUP_KEYS;
445 arg_action = ACTION_VERIFY;
446 arg_verify_key = optarg;
451 r = parse_sec(optarg, &arg_interval);
452 if (r < 0 || arg_interval <= 0) {
453 log_error("Failed to parse sealing key change interval: %s", optarg);
462 log_error("Forward-secure sealing not available.");
469 dots = strstr(optarg, "..");
475 a = strndup(optarg, dots - optarg);
479 from = log_level_from_string(a);
480 to = log_level_from_string(dots + 2);
483 if (from < 0 || to < 0) {
484 log_error("Failed to parse log level range %s", optarg);
491 for (i = from; i <= to; i++)
492 arg_priorities |= 1 << i;
494 for (i = to; i <= from; i++)
495 arg_priorities |= 1 << i;
501 p = log_level_from_string(optarg);
503 log_error("Unknown log level %s", optarg);
509 for (i = 0; i <= p; i++)
510 arg_priorities |= 1 << i;
517 r = parse_timestamp(optarg, &arg_since);
519 log_error("Failed to parse timestamp: %s", optarg);
522 arg_since_set = true;
526 r = parse_timestamp(optarg, &arg_until);
528 log_error("Failed to parse timestamp: %s", optarg);
531 arg_until_set = true;
535 r = strv_extend(&arg_system_units, optarg);
541 r = strv_extend(&arg_user_units, optarg);
557 case ARG_LIST_CATALOG:
558 arg_action = ACTION_LIST_CATALOG;
561 case ARG_DUMP_CATALOG:
562 arg_action = ACTION_DUMP_CATALOG;
565 case ARG_UPDATE_CATALOG:
566 arg_action = ACTION_UPDATE_CATALOG;
574 log_error("Unknown option code %c", c);
579 if (arg_follow && !arg_no_tail && arg_lines < 0)
582 if (arg_directory && arg_file) {
583 log_error("Please specify either -D/--directory= or --file=, not both.");
587 if (arg_since_set && arg_until_set && arg_since > arg_until) {
588 log_error("--since= must be before --until=.");
592 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
593 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
597 if (arg_follow && arg_reverse) {
598 log_error("Please specify either --reverse= or --follow=, not both.");
605 static int generate_new_id128(void) {
610 r = sd_id128_randomize(&id);
612 log_error("Failed to generate ID: %s", strerror(-r));
616 printf("As string:\n"
617 SD_ID128_FORMAT_STR "\n\n"
619 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
621 "#define MESSAGE_XYZ SD_ID128_MAKE(",
622 SD_ID128_FORMAT_VAL(id),
623 SD_ID128_FORMAT_VAL(id));
624 for (i = 0; i < 16; i++)
625 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
626 fputs(")\n\n", stdout);
628 printf("As Python constant:\n"
630 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
631 SD_ID128_FORMAT_VAL(id));
636 static int add_matches(sd_journal *j, char **args) {
641 STRV_FOREACH(i, args) {
645 r = sd_journal_add_disjunction(j);
646 else if (path_is_absolute(*i)) {
647 _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
649 _cleanup_free_ char *interpreter = NULL;
652 p = canonicalize_file_name(*i);
655 if (stat(path, &st) < 0) {
656 log_error("Couldn't stat file: %m");
660 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
661 if (executable_is_script(path, &interpreter) > 0) {
662 _cleanup_free_ char *comm;
664 comm = strndup(path_get_file_name(path), 15);
668 t = strappend("_COMM=", comm);
670 /* Append _EXE only if the interpreter is not a link.
671 Otherwise it might be outdated often. */
672 if (lstat(interpreter, &st) == 0 &&
673 !S_ISLNK(st.st_mode)) {
674 t2 = strappend("_EXE=", interpreter);
679 t = strappend("_EXE=", path);
680 } else if (S_ISCHR(st.st_mode))
681 asprintf(&t, "_KERNEL_DEVICE=c%u:%u", major(st.st_rdev), minor(st.st_rdev));
682 else if (S_ISBLK(st.st_mode))
683 asprintf(&t, "_KERNEL_DEVICE=b%u:%u", major(st.st_rdev), minor(st.st_rdev));
685 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
692 r = sd_journal_add_match(j, t, 0);
694 r = sd_journal_add_match(j, t2, 0);
696 r = sd_journal_add_match(j, *i, 0);
699 log_error("Failed to add match '%s': %s", *i, strerror(-r));
707 static int boot_id_cmp(const void *a, const void *b) {
710 _a = ((const boot_id_t *)a)->first;
711 _b = ((const boot_id_t *)b)->first;
713 return _a < _b ? -1 : (_a > _b ? 1 : 0);
716 static int list_boots(sd_journal *j) {
719 unsigned int count = 0;
721 size_t length, allocated = 0;
723 _cleanup_free_ boot_id_t *all_ids = NULL;
725 r = sd_journal_query_unique(j, "_BOOT_ID");
729 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
730 if (length < strlen("_BOOT_ID="))
733 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
736 id = &all_ids[count];
738 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
742 r = sd_journal_add_match(j, data, length);
746 r = sd_journal_seek_head(j);
750 r = sd_journal_next(j);
756 r = sd_journal_get_realtime_usec(j, &id->first);
760 r = sd_journal_seek_tail(j);
764 r = sd_journal_previous(j);
770 r = sd_journal_get_realtime_usec(j, &id->last);
776 sd_journal_flush_matches(j);
779 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
781 /* numbers are one less, but we need an extra char for the sign */
782 w = DECIMAL_STR_WIDTH(count - 1) + 1;
784 for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
785 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
787 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
789 SD_ID128_FORMAT_VAL(id->id),
790 format_timestamp(a, sizeof(a), id->first),
791 format_timestamp(b, sizeof(b), id->last));
797 static int get_relative_boot_id(sd_journal *j, sd_id128_t *boot_id, int relative) {
800 unsigned int count = 0;
801 size_t length, allocated = 0;
802 boot_id_t ref_boot_id = {SD_ID128_NULL}, *id;
803 _cleanup_free_ boot_id_t *all_ids = NULL;
808 if (relative == 0 && !sd_id128_equal(*boot_id, SD_ID128_NULL))
811 r = sd_journal_query_unique(j, "_BOOT_ID");
815 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
816 if (length < strlen("_BOOT_ID="))
819 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
822 id = &all_ids[count];
824 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
828 r = sd_journal_add_match(j, data, length);
832 r = sd_journal_seek_head(j);
836 r = sd_journal_next(j);
842 r = sd_journal_get_realtime_usec(j, &id->first);
846 if (sd_id128_equal(id->id, *boot_id))
851 sd_journal_flush_matches(j);
854 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
856 if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
857 if (relative > (int) count || relative <= -(int)count)
858 return -EADDRNOTAVAIL;
860 *boot_id = all_ids[(relative <= 0)*count + relative - 1].id;
862 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
865 relative <= 0 ? (id - all_ids) + relative < 0 :
866 (id - all_ids) + relative >= (int) count)
867 return -EADDRNOTAVAIL;
869 *boot_id = (id + relative)->id;
875 static int add_boot(sd_journal *j) {
876 char match[9+32+1] = "_BOOT_ID=";
878 sd_id128_t boot_id = SD_ID128_NULL;
886 if (!arg_boot_descriptor)
887 return add_match_this_boot(j);
889 if (strlen(arg_boot_descriptor) >= 32) {
890 char tmp = arg_boot_descriptor[32];
891 arg_boot_descriptor[32] = '\0';
892 r = sd_id128_from_string(arg_boot_descriptor, &boot_id);
893 arg_boot_descriptor[32] = tmp;
896 log_error("Failed to parse boot ID '%.32s': %s",
897 arg_boot_descriptor, strerror(-r));
901 offset = arg_boot_descriptor + 32;
903 if (*offset && *offset != '-' && *offset != '+') {
904 log_error("Relative boot ID offset must start with a '+' or a '-', found '%s' ", offset);
908 offset = arg_boot_descriptor;
911 r = safe_atoi(offset, &relative);
913 log_error("Failed to parse relative boot ID number '%s'", offset);
918 r = get_relative_boot_id(j, &boot_id, relative);
920 if (sd_id128_equal(boot_id, SD_ID128_NULL))
921 log_error("Failed to look up boot %+d: %s", relative, strerror(-r));
923 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+d: %s",
924 SD_ID128_FORMAT_VAL(boot_id), relative, strerror(-r));
928 sd_id128_to_string(boot_id, match + 9);
930 r = sd_journal_add_match(j, match, sizeof(match) - 1);
932 log_error("Failed to add match: %s", strerror(-r));
936 r = sd_journal_add_conjunction(j);
943 static int add_dmesg(sd_journal *j) {
950 r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
952 log_error("Failed to add match: %s", strerror(-r));
956 r = sd_journal_add_conjunction(j);
963 static int add_units(sd_journal *j) {
964 _cleanup_free_ char *u = NULL;
970 STRV_FOREACH(i, arg_system_units) {
971 u = unit_name_mangle(*i);
974 r = add_matches_for_unit(j, u);
977 r = sd_journal_add_disjunction(j);
982 STRV_FOREACH(i, arg_user_units) {
983 u = unit_name_mangle(*i);
987 r = add_matches_for_user_unit(j, u, getuid());
991 r = sd_journal_add_disjunction(j);
997 r = sd_journal_add_conjunction(j);
1004 static int add_priorities(sd_journal *j) {
1005 char match[] = "PRIORITY=0";
1009 if (arg_priorities == 0xFF)
1012 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1013 if (arg_priorities & (1 << i)) {
1014 match[sizeof(match)-2] = '0' + i;
1016 r = sd_journal_add_match(j, match, strlen(match));
1018 log_error("Failed to add match: %s", strerror(-r));
1023 r = sd_journal_add_conjunction(j);
1030 static int setup_keys(void) {
1032 size_t mpk_size, seed_size, state_size, i;
1033 uint8_t *mpk, *seed, *state;
1035 int fd = -1, r, attr = 0;
1036 sd_id128_t machine, boot;
1037 char *p = NULL, *k = NULL;
1042 r = stat("/var/log/journal", &st);
1043 if (r < 0 && errno != ENOENT && errno != ENOTDIR) {
1044 log_error("stat(\"%s\") failed: %m", "/var/log/journal");
1048 if (r < 0 || !S_ISDIR(st.st_mode)) {
1049 log_error("%s is not a directory, must be using persistent logging for FSS.",
1050 "/var/log/journal");
1051 return r < 0 ? -errno : -ENOTDIR;
1054 r = sd_id128_get_machine(&machine);
1056 log_error("Failed to get machine ID: %s", strerror(-r));
1060 r = sd_id128_get_boot(&boot);
1062 log_error("Failed to get boot ID: %s", strerror(-r));
1066 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1067 SD_ID128_FORMAT_VAL(machine)) < 0)
1070 if (access(p, F_OK) >= 0) {
1074 log_error("unlink(\"%s\") failed: %m", p);
1079 log_error("Sealing key file %s exists already. (--force to recreate)", p);
1085 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1086 SD_ID128_FORMAT_VAL(machine)) < 0) {
1091 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1092 mpk = alloca(mpk_size);
1094 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1095 seed = alloca(seed_size);
1097 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1098 state = alloca(state_size);
1100 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1102 log_error("Failed to open /dev/random: %m");
1107 log_info("Generating seed...");
1108 l = loop_read(fd, seed, seed_size, true);
1109 if (l < 0 || (size_t) l != seed_size) {
1110 log_error("Failed to read random seed: %s", strerror(EIO));
1115 log_info("Generating key pair...");
1116 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1118 log_info("Generating sealing key...");
1119 FSPRG_GenState0(state, mpk, seed, seed_size);
1121 assert(arg_interval > 0);
1123 n = now(CLOCK_REALTIME);
1126 close_nointr_nofail(fd);
1127 fd = mkostemp(k, O_WRONLY|O_CLOEXEC|O_NOCTTY);
1129 log_error("Failed to open %s: %m", k);
1134 /* Enable secure remove, exclusion from dump, synchronous
1135 * writing and in-place updating */
1136 if (ioctl(fd, FS_IOC_GETFLAGS, &attr) < 0)
1137 log_warning("FS_IOC_GETFLAGS failed: %m");
1139 attr |= FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL;
1141 if (ioctl(fd, FS_IOC_SETFLAGS, &attr) < 0)
1142 log_warning("FS_IOC_SETFLAGS failed: %m");
1145 memcpy(h.signature, "KSHHRHLP", 8);
1146 h.machine_id = machine;
1148 h.header_size = htole64(sizeof(h));
1149 h.start_usec = htole64(n * arg_interval);
1150 h.interval_usec = htole64(arg_interval);
1151 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1152 h.fsprg_state_size = htole64(state_size);
1154 l = loop_write(fd, &h, sizeof(h), false);
1155 if (l < 0 || (size_t) l != sizeof(h)) {
1156 log_error("Failed to write header: %s", strerror(EIO));
1161 l = loop_write(fd, state, state_size, false);
1162 if (l < 0 || (size_t) l != state_size) {
1163 log_error("Failed to write state: %s", strerror(EIO));
1168 if (link(k, p) < 0) {
1169 log_error("Failed to link file: %m");
1177 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1178 "the following local file. This key file is automatically updated when the\n"
1179 "sealing key is advanced. It should not be used on multiple hosts.\n"
1183 "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1184 "at a safe location and should not be saved locally on disk.\n"
1185 "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1188 for (i = 0; i < seed_size; i++) {
1189 if (i > 0 && i % 3 == 0)
1191 printf("%02x", ((uint8_t*) seed)[i]);
1194 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1197 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1200 ANSI_HIGHLIGHT_OFF "\n"
1201 "The sealing key is automatically changed every %s.\n",
1202 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1204 hn = gethostname_malloc();
1207 hostname_cleanup(hn, false);
1208 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1210 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1212 #ifdef HAVE_QRENCODE
1213 /* If this is not an UTF-8 system don't print any QR codes */
1214 if (is_locale_utf8()) {
1215 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1216 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1226 close_nointr_nofail(fd);
1237 log_error("Forward-secure sealing not available.");
1242 static int verify(sd_journal *j) {
1249 log_show_color(true);
1251 HASHMAP_FOREACH(f, j->files, i) {
1253 usec_t first, validated, last;
1256 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1257 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1260 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1262 /* If the key was invalid give up right-away. */
1265 log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1268 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1269 log_info("PASS: %s", f->path);
1271 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1272 if (validated > 0) {
1273 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1274 format_timestamp(a, sizeof(a), first),
1275 format_timestamp(b, sizeof(b), validated),
1276 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1277 } else if (last > 0)
1278 log_info("=> No sealing yet, %s of entries not sealed.",
1279 format_timespan(c, sizeof(c), last - first, 0));
1281 log_info("=> No sealing yet, no entries in file.");
1290 static int access_check_var_log_journal(sd_journal *j) {
1291 _cleanup_strv_free_ char **g = NULL;
1297 have_access = in_group("systemd-journal") > 0;
1300 /* Let's enumerate all groups from the default ACL of
1301 * the directory, which generally should allow access
1302 * to most journal files too */
1303 r = search_acl_groups(&g, "/var/log/journal/", &have_access);
1310 if (strv_isempty(g))
1311 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1312 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1313 " turn off this notice.");
1315 _cleanup_free_ char *s = NULL;
1317 r = strv_extend(&g, "systemd-journal");
1324 s = strv_join(g, "', '");
1328 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1329 " Users in the groups '%s' can see all messages.\n"
1330 " Pass -q to turn off this notice.", s);
1338 static int access_check(sd_journal *j) {
1345 if (set_isempty(j->errors)) {
1346 if (hashmap_isempty(j->files))
1347 log_notice("No journal files were found.");
1351 if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1353 /* If /var/log/journal doesn't even exist,
1354 * unprivileged users have no access at all */
1355 if (access("/var/log/journal", F_OK) < 0 &&
1357 in_group("systemd-journal") <= 0) {
1358 log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
1359 "enabled. Users in the 'systemd-journal' group may always access messages.");
1363 /* If /var/log/journal exists, try to pring a nice
1364 notice if the user lacks access to it */
1365 if (!arg_quiet && geteuid() != 0) {
1366 r = access_check_var_log_journal(j);
1371 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1372 log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1373 "group may access messages.");
1378 if (hashmap_isempty(j->files)) {
1379 log_error("No journal files were opened due to insufficient permissions.");
1384 SET_FOREACH(code, j->errors, it) {
1387 err = -PTR_TO_INT(code);
1391 log_warning("Error was encountered while opening journal files: %s",
1398 int main(int argc, char *argv[]) {
1400 _cleanup_journal_close_ sd_journal *j = NULL;
1401 bool need_seek = false;
1402 sd_id128_t previous_boot_id;
1403 bool previous_boot_id_valid = false, first_line = true;
1405 bool ellipsized = false;
1407 setlocale(LC_ALL, "");
1408 log_parse_environment();
1411 r = parse_argv(argc, argv);
1415 signal(SIGWINCH, columns_lines_cache_reset);
1417 if (arg_action == ACTION_NEW_ID128) {
1418 r = generate_new_id128();
1422 if (arg_action == ACTION_SETUP_KEYS) {
1427 if (arg_action == ACTION_UPDATE_CATALOG ||
1428 arg_action == ACTION_LIST_CATALOG ||
1429 arg_action == ACTION_DUMP_CATALOG) {
1431 const char* database = CATALOG_DATABASE;
1432 _cleanup_free_ char *copy = NULL;
1434 copy = strjoin(arg_root, "/", CATALOG_DATABASE, NULL);
1439 path_kill_slashes(copy);
1443 if (arg_action == ACTION_UPDATE_CATALOG) {
1444 r = catalog_update(database, arg_root, catalog_file_dirs);
1446 log_error("Failed to list catalog: %s", strerror(-r));
1448 bool oneline = arg_action == ACTION_LIST_CATALOG;
1451 r = catalog_list_items(stdout, database,
1452 oneline, argv + optind);
1454 r = catalog_list(stdout, database, oneline);
1456 log_error("Failed to list catalog: %s", strerror(-r));
1463 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1465 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1467 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1469 log_error("Failed to open %s: %s",
1470 arg_directory ? arg_directory : arg_file ? "files" : "journal",
1472 return EXIT_FAILURE;
1475 r = access_check(j);
1477 return EXIT_FAILURE;
1479 if (arg_action == ACTION_VERIFY) {
1484 if (arg_action == ACTION_PRINT_HEADER) {
1485 journal_print_header(j);
1486 return EXIT_SUCCESS;
1489 if (arg_action == ACTION_DISK_USAGE) {
1491 char sbytes[FORMAT_BYTES_MAX];
1493 r = sd_journal_get_usage(j, &bytes);
1495 return EXIT_FAILURE;
1497 printf("Journals take up %s on disk.\n",
1498 format_bytes(sbytes, sizeof(sbytes), bytes));
1499 return EXIT_SUCCESS;
1502 if (arg_action == ACTION_LIST_BOOTS) {
1507 /* add_boot() must be called first!
1508 * It may need to seek the journal to find parent boot IDs. */
1511 return EXIT_FAILURE;
1515 return EXIT_FAILURE;
1518 strv_free(arg_system_units);
1519 strv_free(arg_user_units);
1522 return EXIT_FAILURE;
1524 r = add_priorities(j);
1526 return EXIT_FAILURE;
1528 r = add_matches(j, argv + optind);
1530 return EXIT_FAILURE;
1532 if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) {
1533 _cleanup_free_ char *filter;
1535 filter = journal_make_match_string(j);
1536 log_debug("Journal filter: %s", filter);
1543 r = sd_journal_set_data_threshold(j, 0);
1545 log_error("Failed to unset data size threshold");
1546 return EXIT_FAILURE;
1549 r = sd_journal_query_unique(j, arg_field);
1551 log_error("Failed to query unique data objects: %s", strerror(-r));
1552 return EXIT_FAILURE;
1555 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1558 if (arg_lines >= 0 && n_shown >= arg_lines)
1561 eq = memchr(data, '=', size);
1563 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1565 printf("%.*s\n", (int) size, (const char*) data);
1570 return EXIT_SUCCESS;
1573 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1575 r = sd_journal_get_fd(j);
1577 return EXIT_FAILURE;
1580 if (arg_cursor || arg_after_cursor) {
1581 r = sd_journal_seek_cursor(j, arg_cursor ? arg_cursor : arg_after_cursor);
1583 log_error("Failed to seek to cursor: %s", strerror(-r));
1584 return EXIT_FAILURE;
1587 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1589 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1591 if (arg_after_cursor && r < 2 && !arg_follow)
1592 /* We couldn't find the next entry after the cursor. */
1595 } else if (arg_since_set && !arg_reverse) {
1596 r = sd_journal_seek_realtime_usec(j, arg_since);
1598 log_error("Failed to seek to date: %s", strerror(-r));
1599 return EXIT_FAILURE;
1601 r = sd_journal_next(j);
1603 } else if (arg_until_set && arg_reverse) {
1604 r = sd_journal_seek_realtime_usec(j, arg_until);
1606 log_error("Failed to seek to date: %s", strerror(-r));
1607 return EXIT_FAILURE;
1609 r = sd_journal_previous(j);
1611 } else if (arg_lines >= 0) {
1612 r = sd_journal_seek_tail(j);
1614 log_error("Failed to seek to tail: %s", strerror(-r));
1615 return EXIT_FAILURE;
1618 r = sd_journal_previous_skip(j, arg_lines);
1620 } else if (arg_reverse) {
1621 r = sd_journal_seek_tail(j);
1623 log_error("Failed to seek to tail: %s", strerror(-r));
1624 return EXIT_FAILURE;
1627 r = sd_journal_previous(j);
1630 r = sd_journal_seek_head(j);
1632 log_error("Failed to seek to head: %s", strerror(-r));
1633 return EXIT_FAILURE;
1636 r = sd_journal_next(j);
1640 log_error("Failed to iterate through journal: %s", strerror(-r));
1641 return EXIT_FAILURE;
1644 if (!arg_no_pager && !arg_follow)
1645 pager_open(arg_pager_end);
1649 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1651 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1653 log_error("Failed to get cutoff: %s", strerror(-r));
1659 printf("-- Logs begin at %s. --\n",
1660 format_timestamp(start_buf, sizeof(start_buf), start));
1662 printf("-- Logs begin at %s, end at %s. --\n",
1663 format_timestamp(start_buf, sizeof(start_buf), start),
1664 format_timestamp(end_buf, sizeof(end_buf), end));
1669 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
1674 r = sd_journal_next(j);
1676 r = sd_journal_previous(j);
1678 log_error("Failed to iterate through journal: %s", strerror(-r));
1685 if (arg_until_set && !arg_reverse) {
1688 r = sd_journal_get_realtime_usec(j, &usec);
1690 log_error("Failed to determine timestamp: %s", strerror(-r));
1693 if (usec > arg_until)
1697 if (arg_since_set && arg_reverse) {
1700 r = sd_journal_get_realtime_usec(j, &usec);
1702 log_error("Failed to determine timestamp: %s", strerror(-r));
1705 if (usec < arg_since)
1712 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1714 if (previous_boot_id_valid &&
1715 !sd_id128_equal(boot_id, previous_boot_id))
1716 printf("%s-- Reboot --%s\n",
1717 ansi_highlight(), ansi_highlight_off());
1719 previous_boot_id = boot_id;
1720 previous_boot_id_valid = true;
1725 arg_all * OUTPUT_SHOW_ALL |
1726 arg_full * OUTPUT_FULL_WIDTH |
1727 on_tty() * OUTPUT_COLOR |
1728 arg_catalog * OUTPUT_CATALOG;
1730 r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
1732 if (r == -EADDRNOTAVAIL)
1734 else if (r < 0 || ferror(stdout))
1741 if (arg_show_cursor) {
1742 _cleanup_free_ char *cursor = NULL;
1744 r = sd_journal_get_cursor(j, &cursor);
1745 if (r < 0 && r != -EADDRNOTAVAIL)
1746 log_error("Failed to get cursor: %s", strerror(-r));
1748 printf("-- cursor: %s\n", cursor);
1754 r = sd_journal_wait(j, (uint64_t) -1);
1756 log_error("Couldn't wait for journal event: %s", strerror(-r));
1766 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;