1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
482 f = find_journal(s, uid);
488 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
493 (r != -E2BIG && /* hit limit */
494 r != -EFBIG && /* hit fs limit */
495 r != -EDQUOT && /* quota hit */
496 r != -ENOSPC && /* disk full */
497 r != -EBADMSG && /* corrupted */
498 r != -ENODATA && /* truncated */
499 r != -EHOSTDOWN && /* other machine */
500 r != -EPROTONOSUPPORT && /* unsupported feature */
501 r != -EBUSY && /* unclean shutdown */
502 r != -ESHUTDOWN /* already archived */)) {
503 log_error("Failed to write entry, ignoring: %s", strerror(-r));
507 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
508 log_info("Allocation limit reached, rotating.");
509 else if (r == -EHOSTDOWN)
510 log_info("Journal file from other machine, rotating.");
511 else if (r == -EBUSY)
512 log_info("Unlcean shutdown, rotating.");
514 log_warning("Journal file corrupted, rotating.");
520 f = find_journal(s, uid);
524 log_info("Retrying write.");
528 static void dispatch_message_real(
530 struct iovec *iovec, unsigned n, unsigned m,
533 const char *label, size_t label_len,
534 const char *unit_id) {
536 char *pid = NULL, *uid = NULL, *gid = NULL,
537 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
538 *comm = NULL, *cmdline = NULL, *hostname = NULL,
539 *audit_session = NULL, *audit_loginuid = NULL,
540 *exe = NULL, *cgroup = NULL, *session = NULL,
541 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
547 uid_t loginuid = 0, realuid = 0;
552 assert(n + N_IOVEC_META_FIELDS <= m);
560 realuid = ucred->uid;
562 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
563 IOVEC_SET_STRING(iovec[n++], pid);
565 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
566 IOVEC_SET_STRING(iovec[n++], uid);
568 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
569 IOVEC_SET_STRING(iovec[n++], gid);
571 r = get_process_comm(ucred->pid, &t);
573 comm = strappend("_COMM=", t);
577 IOVEC_SET_STRING(iovec[n++], comm);
580 r = get_process_exe(ucred->pid, &t);
582 exe = strappend("_EXE=", t);
586 IOVEC_SET_STRING(iovec[n++], exe);
589 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
591 cmdline = strappend("_CMDLINE=", t);
595 IOVEC_SET_STRING(iovec[n++], cmdline);
598 r = audit_session_from_pid(ucred->pid, &audit);
600 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
601 IOVEC_SET_STRING(iovec[n++], audit_session);
603 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
605 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
606 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
608 t = shortened_cgroup_path(ucred->pid);
610 cgroup = strappend("_SYSTEMD_CGROUP=", t);
614 IOVEC_SET_STRING(iovec[n++], cgroup);
618 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
619 session = strappend("_SYSTEMD_SESSION=", t);
623 IOVEC_SET_STRING(iovec[n++], session);
626 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
627 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
628 IOVEC_SET_STRING(iovec[n++], owner_uid);
631 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
632 unit = strappend("_SYSTEMD_UNIT=", t);
635 unit = strappend("_SYSTEMD_UNIT=", unit_id);
638 IOVEC_SET_STRING(iovec[n++], unit);
642 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
643 if (selinux_context) {
644 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
645 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
646 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
647 IOVEC_SET_STRING(iovec[n++], selinux_context);
650 security_context_t con;
652 if (getpidcon(ucred->pid, &con) >= 0) {
653 selinux_context = strappend("_SELINUX_CONTEXT=", con);
655 IOVEC_SET_STRING(iovec[n++], selinux_context);
664 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
665 (unsigned long long) timeval_load(tv)) >= 0)
666 IOVEC_SET_STRING(iovec[n++], source_time);
669 /* Note that strictly speaking storing the boot id here is
670 * redundant since the entry includes this in-line
671 * anyway. However, we need this indexed, too. */
672 r = sd_id128_get_boot(&id);
674 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
675 IOVEC_SET_STRING(iovec[n++], boot_id);
677 r = sd_id128_get_machine(&id);
679 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
680 IOVEC_SET_STRING(iovec[n++], machine_id);
682 t = gethostname_malloc();
684 hostname = strappend("_HOSTNAME=", t);
687 IOVEC_SET_STRING(iovec[n++], hostname);
692 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
705 free(audit_loginuid);
710 free(selinux_context);
713 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
714 char mid[11 + 32 + 1];
715 char buffer[16 + LINE_MAX + 1];
716 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
724 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
725 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
727 memcpy(buffer, "MESSAGE=", 8);
728 va_start(ap, format);
729 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
731 char_array_0(buffer);
732 IOVEC_SET_STRING(iovec[n++], buffer);
734 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
736 IOVEC_SET_STRING(iovec[n++], mid);
739 ucred.pid = getpid();
740 ucred.uid = getuid();
741 ucred.gid = getgid();
743 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
746 static void dispatch_message(Server *s,
747 struct iovec *iovec, unsigned n, unsigned m,
750 const char *label, size_t label_len,
754 char *path = NULL, *c;
757 assert(iovec || n == 0);
762 if (LOG_PRI(priority) > s->max_level_store)
768 path = shortened_cgroup_path(ucred->pid);
772 /* example: /user/lennart/3/foobar
773 * /system/dbus.service/foobar
775 * So let's cut of everything past the third /, since that is
776 * wher user directories start */
778 c = strchr(path, '/');
780 c = strchr(c+1, '/');
782 c = strchr(c+1, '/');
788 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
795 /* Write a suppression message if we suppressed something */
797 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
802 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
805 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
806 struct msghdr msghdr;
807 struct cmsghdr *cmsg;
809 struct cmsghdr cmsghdr;
810 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
812 union sockaddr_union sa;
819 msghdr.msg_iov = (struct iovec*) iovec;
820 msghdr.msg_iovlen = n_iovec;
823 sa.un.sun_family = AF_UNIX;
824 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
825 msghdr.msg_name = &sa;
826 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
830 msghdr.msg_control = &control;
831 msghdr.msg_controllen = sizeof(control);
833 cmsg = CMSG_FIRSTHDR(&msghdr);
834 cmsg->cmsg_level = SOL_SOCKET;
835 cmsg->cmsg_type = SCM_CREDENTIALS;
836 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
837 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
838 msghdr.msg_controllen = cmsg->cmsg_len;
841 /* Forward the syslog message we received via /dev/log to
842 * /run/systemd/syslog. Unfortunately we currently can't set
843 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
845 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
848 /* The socket is full? I guess the syslog implementation is
849 * too slow, and we shouldn't wait for that... */
853 if (ucred && errno == ESRCH) {
856 /* Hmm, presumably the sender process vanished
857 * by now, so let's fix it as good as we
862 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
864 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
872 log_debug("Failed to forward syslog message: %m");
875 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
881 if (LOG_PRI(priority) > s->max_level_syslog)
884 IOVEC_SET_STRING(iovec, buffer);
885 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
888 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
889 struct iovec iovec[5];
890 char header_priority[6], header_time[64], header_pid[16];
894 char *ident_buf = NULL;
897 assert(priority >= 0);
898 assert(priority <= 999);
901 if (LOG_PRI(priority) > s->max_level_syslog)
904 /* First: priority field */
905 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
906 char_array_0(header_priority);
907 IOVEC_SET_STRING(iovec[n++], header_priority);
909 /* Second: timestamp */
910 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
914 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
916 IOVEC_SET_STRING(iovec[n++], header_time);
918 /* Third: identifier and PID */
921 get_process_comm(ucred->pid, &ident_buf);
922 identifier = ident_buf;
925 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
926 char_array_0(header_pid);
929 IOVEC_SET_STRING(iovec[n++], identifier);
931 IOVEC_SET_STRING(iovec[n++], header_pid);
932 } else if (identifier) {
933 IOVEC_SET_STRING(iovec[n++], identifier);
934 IOVEC_SET_STRING(iovec[n++], ": ");
937 /* Fourth: message */
938 IOVEC_SET_STRING(iovec[n++], message);
940 forward_syslog_iovec(s, iovec, n, ucred, tv);
945 static int fixup_priority(int priority) {
947 if ((priority & LOG_FACMASK) == 0)
948 return (priority & LOG_PRIMASK) | LOG_USER;
953 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
954 struct iovec iovec[5];
955 char header_priority[6], header_pid[16];
957 char *ident_buf = NULL;
961 assert(priority >= 0);
962 assert(priority <= 999);
965 if (LOG_PRI(priority) > s->max_level_kmsg)
968 /* Never allow messages with kernel facility to be written to
969 * kmsg, regardless where the data comes from. */
970 priority = fixup_priority(priority);
972 /* First: priority field */
973 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
974 char_array_0(header_priority);
975 IOVEC_SET_STRING(iovec[n++], header_priority);
977 /* Second: identifier and PID */
980 get_process_comm(ucred->pid, &ident_buf);
981 identifier = ident_buf;
984 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
985 char_array_0(header_pid);
988 IOVEC_SET_STRING(iovec[n++], identifier);
990 IOVEC_SET_STRING(iovec[n++], header_pid);
991 } else if (identifier) {
992 IOVEC_SET_STRING(iovec[n++], identifier);
993 IOVEC_SET_STRING(iovec[n++], ": ");
996 /* Fourth: message */
997 IOVEC_SET_STRING(iovec[n++], message);
998 IOVEC_SET_STRING(iovec[n++], "\n");
1000 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
1002 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
1006 if (writev(fd, iovec, n) < 0)
1007 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1009 close_nointr_nofail(fd);
1015 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1016 struct iovec iovec[4];
1017 char header_pid[16];
1019 char *ident_buf = NULL;
1025 if (LOG_PRI(priority) > s->max_level_console)
1028 /* First: identifier and PID */
1031 get_process_comm(ucred->pid, &ident_buf);
1032 identifier = ident_buf;
1035 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1036 char_array_0(header_pid);
1039 IOVEC_SET_STRING(iovec[n++], identifier);
1041 IOVEC_SET_STRING(iovec[n++], header_pid);
1042 } else if (identifier) {
1043 IOVEC_SET_STRING(iovec[n++], identifier);
1044 IOVEC_SET_STRING(iovec[n++], ": ");
1047 /* Third: message */
1048 IOVEC_SET_STRING(iovec[n++], message);
1049 IOVEC_SET_STRING(iovec[n++], "\n");
1051 tty = s->tty_path ? s->tty_path : "/dev/console";
1053 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1055 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1059 if (writev(fd, iovec, n) < 0)
1060 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1062 close_nointr_nofail(fd);
1068 static void read_identifier(const char **buf, char **identifier, char **pid) {
1079 p += strspn(p, WHITESPACE);
1080 l = strcspn(p, WHITESPACE);
1089 if (p[l-1] == ']') {
1095 t = strndup(p+k+1, l-k-2);
1115 *buf += strspn(*buf, WHITESPACE);
1118 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1119 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1120 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1122 int priority = LOG_USER | LOG_INFO;
1123 char *identifier = NULL, *pid = NULL;
1130 parse_syslog_priority((char**) &buf, &priority);
1132 if (s->forward_to_syslog)
1133 forward_syslog_raw(s, priority, orig, ucred, tv);
1135 skip_syslog_date((char**) &buf);
1136 read_identifier(&buf, &identifier, &pid);
1138 if (s->forward_to_kmsg)
1139 forward_kmsg(s, priority, identifier, buf, ucred);
1141 if (s->forward_to_console)
1142 forward_console(s, priority, identifier, buf, ucred);
1144 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1146 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1147 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1149 if (priority & LOG_FACMASK)
1150 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1151 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1154 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1155 if (syslog_identifier)
1156 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1160 syslog_pid = strappend("SYSLOG_PID=", pid);
1162 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1165 message = strappend("MESSAGE=", buf);
1167 IOVEC_SET_STRING(iovec[n++], message);
1169 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1174 free(syslog_priority);
1175 free(syslog_facility);
1176 free(syslog_identifier);
1179 static bool valid_user_field(const char *p, size_t l) {
1182 /* We kinda enforce POSIX syntax recommendations for
1183 environment variables here, but make a couple of additional
1186 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1188 /* No empty field names */
1192 /* Don't allow names longer than 64 chars */
1196 /* Variables starting with an underscore are protected */
1200 /* Don't allow digits as first character */
1201 if (p[0] >= '0' && p[0] <= '9')
1204 /* Only allow A-Z0-9 and '_' */
1205 for (a = p; a < p + l; a++)
1206 if (!((*a >= 'A' && *a <= 'Z') ||
1207 (*a >= '0' && *a <= '9') ||
1214 static void process_native_message(
1216 const void *buffer, size_t buffer_size,
1217 struct ucred *ucred,
1219 const char *label, size_t label_len) {
1221 struct iovec *iovec = NULL;
1222 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1225 int priority = LOG_INFO;
1226 char *identifier = NULL, *message = NULL;
1229 assert(buffer || buffer_size == 0);
1232 remaining = buffer_size;
1234 while (remaining > 0) {
1237 e = memchr(p, '\n', remaining);
1240 /* Trailing noise, let's ignore it, and flush what we collected */
1241 log_debug("Received message with trailing noise, ignoring.");
1246 /* Entry separator */
1247 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1249 priority = LOG_INFO;
1256 if (*p == '.' || *p == '#') {
1257 /* Ignore control commands for now, and
1259 remaining -= (e - p) + 1;
1264 /* A property follows */
1266 if (n+N_IOVEC_META_FIELDS >= m) {
1270 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1271 c = realloc(iovec, u * sizeof(struct iovec));
1273 log_error("Out of memory");
1281 q = memchr(p, '=', e - p);
1283 if (valid_user_field(p, q - p)) {
1288 /* If the field name starts with an
1289 * underscore, skip the variable,
1290 * since that indidates a trusted
1292 iovec[n].iov_base = (char*) p;
1293 iovec[n].iov_len = l;
1296 /* We need to determine the priority
1297 * of this entry for the rate limiting
1300 memcmp(p, "PRIORITY=", 9) == 0 &&
1301 p[9] >= '0' && p[9] <= '9')
1302 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1305 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1306 p[16] >= '0' && p[16] <= '9')
1307 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1310 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1311 p[16] >= '0' && p[16] <= '9' &&
1312 p[17] >= '0' && p[17] <= '9')
1313 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1316 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1319 t = strndup(p + 18, l - 18);
1324 } else if (l >= 8 &&
1325 memcmp(p, "MESSAGE=", 8) == 0) {
1328 t = strndup(p + 8, l - 8);
1336 remaining -= (e - p) + 1;
1344 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1345 log_debug("Failed to parse message, ignoring.");
1349 memcpy(&l_le, e + 1, sizeof(uint64_t));
1352 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1353 e[1+sizeof(uint64_t)+l] != '\n') {
1354 log_debug("Failed to parse message, ignoring.");
1358 k = malloc((e - p) + 1 + l);
1360 log_error("Out of memory");
1364 memcpy(k, p, e - p);
1366 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1368 if (valid_user_field(p, e - p)) {
1369 iovec[n].iov_base = k;
1370 iovec[n].iov_len = (e - p) + 1 + l;
1375 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1376 p = e + 1 + sizeof(uint64_t) + l + 1;
1384 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1387 if (s->forward_to_syslog)
1388 forward_syslog(s, priority, identifier, message, ucred, tv);
1390 if (s->forward_to_kmsg)
1391 forward_kmsg(s, priority, identifier, message, ucred);
1393 if (s->forward_to_console)
1394 forward_console(s, priority, identifier, message, ucred);
1397 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1400 for (j = 0; j < n; j++) {
1404 if (iovec[j].iov_base < buffer ||
1405 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1406 free(iovec[j].iov_base);
1414 static void process_native_file(
1417 struct ucred *ucred,
1419 const char *label, size_t label_len) {
1428 /* Data is in the passed file, since it didn't fit in a
1429 * datagram. We can't map the file here, since clients might
1430 * then truncate it and trigger a SIGBUS for us. So let's
1431 * stupidly read it */
1433 if (fstat(fd, &st) < 0) {
1434 log_error("Failed to stat passed file, ignoring: %m");
1438 if (!S_ISREG(st.st_mode)) {
1439 log_error("File passed is not regular. Ignoring.");
1443 if (st.st_size <= 0)
1446 if (st.st_size > ENTRY_SIZE_MAX) {
1447 log_error("File passed too large. Ignoring.");
1451 p = malloc(st.st_size);
1453 log_error("Out of memory");
1457 n = pread(fd, p, st.st_size, 0);
1459 log_error("Failed to read file, ignoring: %s", strerror(-n));
1461 process_native_message(s, p, n, ucred, tv, label, label_len);
1466 static int stdout_stream_log(StdoutStream *s, const char *p) {
1467 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1468 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1472 size_t label_len = 0;
1480 priority = s->priority;
1482 if (s->level_prefix)
1483 parse_syslog_priority((char**) &p, &priority);
1485 if (s->forward_to_syslog || s->server->forward_to_syslog)
1486 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1488 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1489 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1491 if (s->forward_to_console || s->server->forward_to_console)
1492 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1494 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1496 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1497 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1499 if (priority & LOG_FACMASK)
1500 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1501 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1503 if (s->identifier) {
1504 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1505 if (syslog_identifier)
1506 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1509 message = strappend("MESSAGE=", p);
1511 IOVEC_SET_STRING(iovec[n++], message);
1514 if (s->security_context) {
1515 label = (char*) s->security_context;
1516 label_len = strlen((char*) s->security_context);
1520 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1523 free(syslog_priority);
1524 free(syslog_facility);
1525 free(syslog_identifier);
1530 static int stdout_stream_line(StdoutStream *s, char *p) {
1540 case STDOUT_STREAM_IDENTIFIER:
1542 s->identifier = NULL;
1544 s->identifier = strdup(p);
1545 if (!s->identifier) {
1546 log_error("Out of memory");
1551 s->state = STDOUT_STREAM_UNIT_ID;
1554 case STDOUT_STREAM_UNIT_ID:
1555 if (s->ucred.uid == 0) {
1559 s->unit_id = strdup(p);
1561 log_error("Out of memory");
1567 s->state = STDOUT_STREAM_PRIORITY;
1570 case STDOUT_STREAM_PRIORITY:
1571 r = safe_atoi(p, &s->priority);
1572 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1573 log_warning("Failed to parse log priority line.");
1577 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1580 case STDOUT_STREAM_LEVEL_PREFIX:
1581 r = parse_boolean(p);
1583 log_warning("Failed to parse level prefix line.");
1587 s->level_prefix = !!r;
1588 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1591 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1592 r = parse_boolean(p);
1594 log_warning("Failed to parse forward to syslog line.");
1598 s->forward_to_syslog = !!r;
1599 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1602 case STDOUT_STREAM_FORWARD_TO_KMSG:
1603 r = parse_boolean(p);
1605 log_warning("Failed to parse copy to kmsg line.");
1609 s->forward_to_kmsg = !!r;
1610 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1613 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1614 r = parse_boolean(p);
1616 log_warning("Failed to parse copy to console line.");
1620 s->forward_to_console = !!r;
1621 s->state = STDOUT_STREAM_RUNNING;
1624 case STDOUT_STREAM_RUNNING:
1625 return stdout_stream_log(s, p);
1628 assert_not_reached("Unknown stream state");
1631 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1639 remaining = s->length;
1644 end = memchr(p, '\n', remaining);
1647 else if (remaining >= sizeof(s->buffer) - 1) {
1648 end = p + sizeof(s->buffer) - 1;
1655 r = stdout_stream_line(s, p);
1663 if (force_flush && remaining > 0) {
1665 r = stdout_stream_line(s, p);
1673 if (p > s->buffer) {
1674 memmove(s->buffer, p, remaining);
1675 s->length = remaining;
1681 static int stdout_stream_process(StdoutStream *s) {
1687 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1690 if (errno == EAGAIN)
1693 log_warning("Failed to read from stream: %m");
1698 r = stdout_stream_scan(s, true);
1706 r = stdout_stream_scan(s, false);
1714 static void stdout_stream_free(StdoutStream *s) {
1718 assert(s->server->n_stdout_streams > 0);
1719 s->server->n_stdout_streams --;
1720 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1725 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1727 close_nointr_nofail(s->fd);
1731 if (s->security_context)
1732 freecon(s->security_context);
1735 free(s->identifier);
1739 static int stdout_stream_new(Server *s) {
1740 StdoutStream *stream;
1743 struct epoll_event ev;
1747 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1749 if (errno == EAGAIN)
1752 log_error("Failed to accept stdout connection: %m");
1756 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1757 log_warning("Too many stdout streams, refusing connection.");
1758 close_nointr_nofail(fd);
1762 stream = new0(StdoutStream, 1);
1764 log_error("Out of memory.");
1765 close_nointr_nofail(fd);
1771 len = sizeof(stream->ucred);
1772 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1773 log_error("Failed to determine peer credentials: %m");
1779 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1780 log_error("Failed to determine peer security context: %m");
1783 if (shutdown(fd, SHUT_WR) < 0) {
1784 log_error("Failed to shutdown writing side of socket: %m");
1790 ev.data.ptr = stream;
1791 ev.events = EPOLLIN;
1792 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1793 log_error("Failed to add stream to event loop: %m");
1799 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1800 s->n_stdout_streams ++;
1805 stdout_stream_free(stream);
1809 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1820 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1825 for (i = 1; i <= 5; i++) {
1831 k = undecchar(p[i]);
1838 for (i = 7; i <= 12; i++) {
1841 k = undecchar(p[i]);
1850 *_p += strspn(*_p, WHITESPACE);
1855 static bool is_us(const char *pid) {
1860 if (parse_pid(pid, &t) < 0)
1863 return t == getpid();
1866 static void proc_kmsg_line(Server *s, const char *p) {
1867 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1868 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1869 int priority = LOG_KERN | LOG_INFO;
1872 char *identifier = NULL, *pid = NULL;
1880 parse_syslog_priority((char **) &p, &priority);
1882 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1885 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1886 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1887 (unsigned long long) usec) >= 0)
1888 IOVEC_SET_STRING(iovec[n++], source_time);
1891 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1893 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1894 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1896 if ((priority & LOG_FACMASK) == LOG_KERN) {
1898 if (s->forward_to_syslog)
1899 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1901 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1903 read_identifier(&p, &identifier, &pid);
1905 /* Avoid any messages we generated ourselves via
1906 * log_info() and friends. */
1907 if (pid && is_us(pid))
1910 if (s->forward_to_syslog)
1911 forward_syslog(s, priority, identifier, p, NULL, NULL);
1914 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1915 if (syslog_identifier)
1916 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1920 syslog_pid = strappend("SYSLOG_PID=", pid);
1922 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1925 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1926 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1929 message = strappend("MESSAGE=", p);
1931 IOVEC_SET_STRING(iovec[n++], message);
1933 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1937 free(syslog_priority);
1938 free(syslog_identifier);
1940 free(syslog_facility);
1946 static void proc_kmsg_scan(Server *s) {
1952 p = s->proc_kmsg_buffer;
1953 remaining = s->proc_kmsg_length;
1958 end = memchr(p, '\n', remaining);
1961 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1962 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1969 proc_kmsg_line(s, p);
1975 if (p > s->proc_kmsg_buffer) {
1976 memmove(s->proc_kmsg_buffer, p, remaining);
1977 s->proc_kmsg_length = remaining;
1981 static int system_journal_open(Server *s) {
1987 r = sd_id128_get_machine(&machine);
1991 sd_id128_to_string(machine, ids);
1993 if (!s->system_journal &&
1994 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1995 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1997 /* If in auto mode: first try to create the machine
1998 * path, but not the prefix.
2000 * If in persistent mode: create /var/log/journal and
2001 * the machine path */
2003 if (s->storage == STORAGE_PERSISTENT)
2004 (void) mkdir("/var/log/journal/", 0755);
2006 fn = strappend("/var/log/journal/", ids);
2010 (void) mkdir(fn, 0755);
2013 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2017 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
2021 s->system_journal->compress = s->compress;
2023 server_fix_perms(s, s->system_journal, 0);
2026 if (r != -ENOENT && r != -EROFS)
2027 log_warning("Failed to open system journal: %s", strerror(-r));
2033 if (!s->runtime_journal &&
2034 (s->storage != STORAGE_NONE)) {
2036 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2040 if (s->system_journal) {
2042 /* Try to open the runtime journal, but only
2043 * if it already exists, so that we can flush
2044 * it into the system journal */
2046 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2051 log_warning("Failed to open runtime journal: %s", strerror(-r));
2058 /* OK, we really need the runtime journal, so create
2059 * it if necessary. */
2061 (void) mkdir_parents(fn, 0755);
2062 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2066 log_error("Failed to open runtime journal: %s", strerror(-r));
2071 if (s->runtime_journal) {
2072 s->runtime_journal->compress = s->compress;
2074 server_fix_perms(s, s->runtime_journal, 0);
2081 static int server_flush_to_var(Server *s) {
2089 if (s->storage != STORAGE_AUTO &&
2090 s->storage != STORAGE_PERSISTENT)
2093 if (!s->runtime_journal)
2096 system_journal_open(s);
2098 if (!s->system_journal)
2101 log_info("Flushing to /var...");
2103 r = sd_id128_get_machine(&machine);
2105 log_error("Failed to get machine id: %s", strerror(-r));
2109 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2111 log_error("Failed to read runtime journal: %s", strerror(-r));
2115 SD_JOURNAL_FOREACH(j) {
2118 f = j->current_file;
2119 assert(f && f->current_offset > 0);
2121 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2123 log_error("Can't read entry: %s", strerror(-r));
2127 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2129 log_info("Allocation limit reached.");
2131 journal_file_post_change(s->system_journal);
2135 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2139 log_error("Can't write entry: %s", strerror(-r));
2145 journal_file_post_change(s->system_journal);
2147 journal_file_close(s->runtime_journal);
2148 s->runtime_journal = NULL;
2151 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2152 sd_id128_to_string(machine, path + 17);
2153 rm_rf(path, false, true, false);
2159 static int server_read_proc_kmsg(Server *s) {
2162 assert(s->proc_kmsg_fd >= 0);
2164 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2165 if (l == 0) /* the kernel is stupid and in some race
2166 * conditions returns 0 in the middle of the
2171 if (errno == EAGAIN || errno == EINTR)
2174 log_error("Failed to read from kernel: %m");
2178 s->proc_kmsg_length += l;
2184 static int server_flush_proc_kmsg(Server *s) {
2189 if (s->proc_kmsg_fd < 0)
2192 log_info("Flushing /proc/kmsg...");
2195 r = server_read_proc_kmsg(s);
2206 static int process_event(Server *s, struct epoll_event *ev) {
2210 if (ev->data.fd == s->signal_fd) {
2211 struct signalfd_siginfo sfsi;
2214 if (ev->events != EPOLLIN) {
2215 log_info("Got invalid event from epoll.");
2219 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2220 if (n != sizeof(sfsi)) {
2225 if (errno == EINTR || errno == EAGAIN)
2231 if (sfsi.ssi_signo == SIGUSR1) {
2232 touch("/run/systemd/journal/flushed");
2233 server_flush_to_var(s);
2237 if (sfsi.ssi_signo == SIGUSR2) {
2243 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2246 } else if (ev->data.fd == s->proc_kmsg_fd) {
2249 if (ev->events != EPOLLIN) {
2250 log_info("Got invalid event from epoll.");
2254 r = server_read_proc_kmsg(s);
2260 } else if (ev->data.fd == s->native_fd ||
2261 ev->data.fd == s->syslog_fd) {
2263 if (ev->events != EPOLLIN) {
2264 log_info("Got invalid event from epoll.");
2269 struct msghdr msghdr;
2271 struct ucred *ucred = NULL;
2272 struct timeval *tv = NULL;
2273 struct cmsghdr *cmsg;
2275 size_t label_len = 0;
2277 struct cmsghdr cmsghdr;
2279 /* We use NAME_MAX space for the
2280 * SELinux label here. The kernel
2281 * currently enforces no limit, but
2282 * according to suggestions from the
2283 * SELinux people this will change and
2284 * it will probably be identical to
2285 * NAME_MAX. For now we use that, but
2286 * this should be updated one day when
2287 * the final limit is known.*/
2288 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2289 CMSG_SPACE(sizeof(struct timeval)) +
2290 CMSG_SPACE(sizeof(int)) + /* fd */
2291 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2298 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2299 log_error("SIOCINQ failed: %m");
2303 if (s->buffer_size < (size_t) v) {
2307 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2308 b = realloc(s->buffer, l+1);
2311 log_error("Couldn't increase buffer.");
2320 iovec.iov_base = s->buffer;
2321 iovec.iov_len = s->buffer_size;
2325 msghdr.msg_iov = &iovec;
2326 msghdr.msg_iovlen = 1;
2327 msghdr.msg_control = &control;
2328 msghdr.msg_controllen = sizeof(control);
2330 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2333 if (errno == EINTR || errno == EAGAIN)
2336 log_error("recvmsg() failed: %m");
2340 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2342 if (cmsg->cmsg_level == SOL_SOCKET &&
2343 cmsg->cmsg_type == SCM_CREDENTIALS &&
2344 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2345 ucred = (struct ucred*) CMSG_DATA(cmsg);
2346 else if (cmsg->cmsg_level == SOL_SOCKET &&
2347 cmsg->cmsg_type == SCM_SECURITY) {
2348 label = (char*) CMSG_DATA(cmsg);
2349 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2350 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2351 cmsg->cmsg_type == SO_TIMESTAMP &&
2352 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2353 tv = (struct timeval*) CMSG_DATA(cmsg);
2354 else if (cmsg->cmsg_level == SOL_SOCKET &&
2355 cmsg->cmsg_type == SCM_RIGHTS) {
2356 fds = (int*) CMSG_DATA(cmsg);
2357 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2361 if (ev->data.fd == s->syslog_fd) {
2364 if (n > 0 && n_fds == 0) {
2365 e = memchr(s->buffer, '\n', n);
2371 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2372 } else if (n_fds > 0)
2373 log_warning("Got file descriptors via syslog socket. Ignoring.");
2376 if (n > 0 && n_fds == 0)
2377 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2378 else if (n == 0 && n_fds == 1)
2379 process_native_file(s, fds[0], ucred, tv, label, label_len);
2381 log_warning("Got too many file descriptors via native socket. Ignoring.");
2384 close_many(fds, n_fds);
2389 } else if (ev->data.fd == s->stdout_fd) {
2391 if (ev->events != EPOLLIN) {
2392 log_info("Got invalid event from epoll.");
2396 stdout_stream_new(s);
2400 StdoutStream *stream;
2402 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2403 log_info("Got invalid event from epoll.");
2407 /* If it is none of the well-known fds, it must be an
2408 * stdout stream fd. Note that this is a bit ugly here
2409 * (since we rely that none of the well-known fds
2410 * could be interpreted as pointer), but nonetheless
2411 * safe, since the well-known fds would never get an
2412 * fd > 4096, i.e. beyond the first memory page */
2414 stream = ev->data.ptr;
2416 if (stdout_stream_process(stream) <= 0)
2417 stdout_stream_free(stream);
2422 log_error("Unknown event.");
2426 static int open_syslog_socket(Server *s) {
2427 union sockaddr_union sa;
2429 struct epoll_event ev;
2433 if (s->syslog_fd < 0) {
2435 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2436 if (s->syslog_fd < 0) {
2437 log_error("socket() failed: %m");
2442 sa.un.sun_family = AF_UNIX;
2443 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2445 unlink(sa.un.sun_path);
2447 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2449 log_error("bind() failed: %m");
2453 chmod(sa.un.sun_path, 0666);
2455 fd_nonblock(s->syslog_fd, 1);
2458 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2460 log_error("SO_PASSCRED failed: %m");
2466 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2468 log_warning("SO_PASSSEC failed: %m");
2472 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2474 log_error("SO_TIMESTAMP failed: %m");
2479 ev.events = EPOLLIN;
2480 ev.data.fd = s->syslog_fd;
2481 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2482 log_error("Failed to add syslog server fd to epoll object: %m");
2489 static int open_native_socket(Server*s) {
2490 union sockaddr_union sa;
2492 struct epoll_event ev;
2496 if (s->native_fd < 0) {
2498 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2499 if (s->native_fd < 0) {
2500 log_error("socket() failed: %m");
2505 sa.un.sun_family = AF_UNIX;
2506 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2508 unlink(sa.un.sun_path);
2510 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2512 log_error("bind() failed: %m");
2516 chmod(sa.un.sun_path, 0666);
2518 fd_nonblock(s->native_fd, 1);
2521 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2523 log_error("SO_PASSCRED failed: %m");
2529 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2531 log_warning("SO_PASSSEC failed: %m");
2535 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2537 log_error("SO_TIMESTAMP failed: %m");
2542 ev.events = EPOLLIN;
2543 ev.data.fd = s->native_fd;
2544 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2545 log_error("Failed to add native server fd to epoll object: %m");
2552 static int open_stdout_socket(Server *s) {
2553 union sockaddr_union sa;
2555 struct epoll_event ev;
2559 if (s->stdout_fd < 0) {
2561 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2562 if (s->stdout_fd < 0) {
2563 log_error("socket() failed: %m");
2568 sa.un.sun_family = AF_UNIX;
2569 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2571 unlink(sa.un.sun_path);
2573 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2575 log_error("bind() failed: %m");
2579 chmod(sa.un.sun_path, 0666);
2581 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2582 log_error("liste() failed: %m");
2586 fd_nonblock(s->stdout_fd, 1);
2589 ev.events = EPOLLIN;
2590 ev.data.fd = s->stdout_fd;
2591 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2592 log_error("Failed to add stdout server fd to epoll object: %m");
2599 static int open_proc_kmsg(Server *s) {
2600 struct epoll_event ev;
2604 if (!s->import_proc_kmsg)
2607 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2608 if (s->proc_kmsg_fd < 0) {
2609 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2614 ev.events = EPOLLIN;
2615 ev.data.fd = s->proc_kmsg_fd;
2616 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2617 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2624 static int open_signalfd(Server *s) {
2626 struct epoll_event ev;
2630 assert_se(sigemptyset(&mask) == 0);
2631 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2632 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2634 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2635 if (s->signal_fd < 0) {
2636 log_error("signalfd(): %m");
2641 ev.events = EPOLLIN;
2642 ev.data.fd = s->signal_fd;
2644 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2645 log_error("epoll_ctl(): %m");
2652 static int server_parse_proc_cmdline(Server *s) {
2653 char *line, *w, *state;
2657 if (detect_container(NULL) > 0)
2660 r = read_one_line_file("/proc/cmdline", &line);
2662 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2666 FOREACH_WORD_QUOTED(w, l, line, state) {
2669 word = strndup(w, l);
2675 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2676 r = parse_boolean(word + 35);
2678 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2680 s->forward_to_syslog = r;
2681 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2682 r = parse_boolean(word + 33);
2684 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2686 s->forward_to_kmsg = r;
2687 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2688 r = parse_boolean(word + 36);
2690 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2692 s->forward_to_console = r;
2693 } else if (startswith(word, "systemd.journald"))
2694 log_warning("Invalid systemd.journald parameter. Ignoring.");
2706 static int server_parse_config_file(Server *s) {
2713 fn = "/etc/systemd/journald.conf";
2714 f = fopen(fn, "re");
2716 if (errno == ENOENT)
2719 log_warning("Failed to open configuration file %s: %m", fn);
2723 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2725 log_warning("Failed to parse configuration file: %s", strerror(-r));
2732 static int server_init(Server *s) {
2738 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2741 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2742 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2744 s->forward_to_syslog = true;
2746 s->max_level_store = LOG_DEBUG;
2747 s->max_level_syslog = LOG_DEBUG;
2748 s->max_level_kmsg = LOG_NOTICE;
2749 s->max_level_console = LOG_INFO;
2751 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2752 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2754 server_parse_config_file(s);
2755 server_parse_proc_cmdline(s);
2757 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2758 if (!s->user_journals) {
2759 log_error("Out of memory.");
2763 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2764 if (s->epoll_fd < 0) {
2765 log_error("Failed to create epoll object: %m");
2769 n = sd_listen_fds(true);
2771 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2775 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2777 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2779 if (s->native_fd >= 0) {
2780 log_error("Too many native sockets passed.");
2786 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2788 if (s->stdout_fd >= 0) {
2789 log_error("Too many stdout sockets passed.");
2795 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2797 if (s->syslog_fd >= 0) {
2798 log_error("Too many /dev/log sockets passed.");
2805 log_error("Unknown socket passed.");
2810 r = open_syslog_socket(s);
2814 r = open_native_socket(s);
2818 r = open_stdout_socket(s);
2822 r = open_proc_kmsg(s);
2826 r = open_signalfd(s);
2830 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2834 r = system_journal_open(s);
2841 static void server_done(Server *s) {
2845 while (s->stdout_streams)
2846 stdout_stream_free(s->stdout_streams);
2848 if (s->system_journal)
2849 journal_file_close(s->system_journal);
2851 if (s->runtime_journal)
2852 journal_file_close(s->runtime_journal);
2854 while ((f = hashmap_steal_first(s->user_journals)))
2855 journal_file_close(f);
2857 hashmap_free(s->user_journals);
2859 if (s->epoll_fd >= 0)
2860 close_nointr_nofail(s->epoll_fd);
2862 if (s->signal_fd >= 0)
2863 close_nointr_nofail(s->signal_fd);
2865 if (s->syslog_fd >= 0)
2866 close_nointr_nofail(s->syslog_fd);
2868 if (s->native_fd >= 0)
2869 close_nointr_nofail(s->native_fd);
2871 if (s->stdout_fd >= 0)
2872 close_nointr_nofail(s->stdout_fd);
2874 if (s->proc_kmsg_fd >= 0)
2875 close_nointr_nofail(s->proc_kmsg_fd);
2878 journal_rate_limit_free(s->rate_limit);
2884 int main(int argc, char *argv[]) {
2888 /* if (getppid() != 1) { */
2889 /* log_error("This program should be invoked by init only."); */
2890 /* return EXIT_FAILURE; */
2894 log_error("This program does not take arguments.");
2895 return EXIT_FAILURE;
2898 log_set_target(LOG_TARGET_SAFE);
2899 log_set_facility(LOG_SYSLOG);
2900 log_parse_environment();
2905 r = server_init(&server);
2909 server_vacuum(&server);
2910 server_flush_to_var(&server);
2911 server_flush_proc_kmsg(&server);
2913 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2914 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2918 "STATUS=Processing requests...");
2921 struct epoll_event event;
2923 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2929 log_error("epoll_wait() failed: %m");
2935 r = process_event(&server, &event);
2942 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2943 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2947 "STATUS=Shutting down...");
2949 server_done(&server);
2951 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;