1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void dispatch_message_real(
465 struct iovec *iovec, unsigned n, unsigned m,
468 const char *label, size_t label_len,
469 const char *unit_id) {
471 char *pid = NULL, *uid = NULL, *gid = NULL,
472 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
473 *comm = NULL, *cmdline = NULL, *hostname = NULL,
474 *audit_session = NULL, *audit_loginuid = NULL,
475 *exe = NULL, *cgroup = NULL, *session = NULL,
476 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
482 uid_t loginuid = 0, realuid = 0;
484 bool vacuumed = false;
489 assert(n + N_IOVEC_META_FIELDS <= m);
497 realuid = ucred->uid;
499 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
500 IOVEC_SET_STRING(iovec[n++], pid);
502 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
503 IOVEC_SET_STRING(iovec[n++], uid);
505 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
506 IOVEC_SET_STRING(iovec[n++], gid);
508 r = get_process_comm(ucred->pid, &t);
510 comm = strappend("_COMM=", t);
514 IOVEC_SET_STRING(iovec[n++], comm);
517 r = get_process_exe(ucred->pid, &t);
519 exe = strappend("_EXE=", t);
523 IOVEC_SET_STRING(iovec[n++], exe);
526 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
528 cmdline = strappend("_CMDLINE=", t);
532 IOVEC_SET_STRING(iovec[n++], cmdline);
535 r = audit_session_from_pid(ucred->pid, &audit);
537 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
538 IOVEC_SET_STRING(iovec[n++], audit_session);
540 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
542 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
543 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
545 t = shortened_cgroup_path(ucred->pid);
547 cgroup = strappend("_SYSTEMD_CGROUP=", t);
551 IOVEC_SET_STRING(iovec[n++], cgroup);
555 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
556 session = strappend("_SYSTEMD_SESSION=", t);
560 IOVEC_SET_STRING(iovec[n++], session);
563 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
564 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
565 IOVEC_SET_STRING(iovec[n++], owner_uid);
568 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
569 unit = strappend("_SYSTEMD_UNIT=", t);
572 unit = strappend("_SYSTEMD_UNIT=", unit_id);
575 IOVEC_SET_STRING(iovec[n++], unit);
579 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
580 if (selinux_context) {
581 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
582 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
583 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
584 IOVEC_SET_STRING(iovec[n++], selinux_context);
587 security_context_t con;
589 if (getpidcon(ucred->pid, &con) >= 0) {
590 selinux_context = strappend("_SELINUX_CONTEXT=", con);
592 IOVEC_SET_STRING(iovec[n++], selinux_context);
601 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
602 (unsigned long long) timeval_load(tv)) >= 0)
603 IOVEC_SET_STRING(iovec[n++], source_time);
606 /* Note that strictly speaking storing the boot id here is
607 * redundant since the entry includes this in-line
608 * anyway. However, we need this indexed, too. */
609 r = sd_id128_get_boot(&id);
611 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
612 IOVEC_SET_STRING(iovec[n++], boot_id);
614 r = sd_id128_get_machine(&id);
616 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
617 IOVEC_SET_STRING(iovec[n++], machine_id);
619 t = gethostname_malloc();
621 hostname = strappend("_HOSTNAME=", t);
624 IOVEC_SET_STRING(iovec[n++], hostname);
630 f = find_journal(s, realuid == 0 ? 0 : loginuid);
632 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
634 if ((r == -E2BIG || /* hit limit */
635 r == -EFBIG || /* hit fs limit */
636 r == -EDQUOT || /* quota hit */
637 r == -ENOSPC || /* disk full */
638 r == -EBADMSG || /* corrupted */
639 r == -ENODATA || /* truncated */
640 r == -EHOSTDOWN || /* other machine */
641 r == -EPROTONOSUPPORT) && /* unsupported feature */
645 log_info("Allocation limit reached, rotating.");
647 log_warning("Journal file corrupted, rotating.");
653 log_info("Retrying write.");
658 log_error("Failed to write entry, ignoring: %s", strerror(-r));
672 free(audit_loginuid);
677 free(selinux_context);
680 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
681 char mid[11 + 32 + 1];
682 char buffer[16 + LINE_MAX + 1];
683 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
691 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
692 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
694 memcpy(buffer, "MESSAGE=", 8);
695 va_start(ap, format);
696 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
698 char_array_0(buffer);
699 IOVEC_SET_STRING(iovec[n++], buffer);
701 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
703 IOVEC_SET_STRING(iovec[n++], mid);
706 ucred.pid = getpid();
707 ucred.uid = getuid();
708 ucred.gid = getgid();
710 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
713 static void dispatch_message(Server *s,
714 struct iovec *iovec, unsigned n, unsigned m,
717 const char *label, size_t label_len,
721 char *path = NULL, *c;
724 assert(iovec || n == 0);
729 if (LOG_PRI(priority) > s->max_level_store)
735 path = shortened_cgroup_path(ucred->pid);
739 /* example: /user/lennart/3/foobar
740 * /system/dbus.service/foobar
742 * So let's cut of everything past the third /, since that is
743 * wher user directories start */
745 c = strchr(path, '/');
747 c = strchr(c+1, '/');
749 c = strchr(c+1, '/');
755 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
762 /* Write a suppression message if we suppressed something */
764 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
769 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
772 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
773 struct msghdr msghdr;
774 struct cmsghdr *cmsg;
776 struct cmsghdr cmsghdr;
777 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
779 union sockaddr_union sa;
786 msghdr.msg_iov = (struct iovec*) iovec;
787 msghdr.msg_iovlen = n_iovec;
790 sa.un.sun_family = AF_UNIX;
791 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
792 msghdr.msg_name = &sa;
793 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
797 msghdr.msg_control = &control;
798 msghdr.msg_controllen = sizeof(control);
800 cmsg = CMSG_FIRSTHDR(&msghdr);
801 cmsg->cmsg_level = SOL_SOCKET;
802 cmsg->cmsg_type = SCM_CREDENTIALS;
803 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
804 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
805 msghdr.msg_controllen = cmsg->cmsg_len;
808 /* Forward the syslog message we received via /dev/log to
809 * /run/systemd/syslog. Unfortunately we currently can't set
810 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
812 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
815 /* The socket is full? I guess the syslog implementation is
816 * too slow, and we shouldn't wait for that... */
820 if (ucred && errno == ESRCH) {
823 /* Hmm, presumably the sender process vanished
824 * by now, so let's fix it as good as we
829 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
831 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
838 log_debug("Failed to forward syslog message: %m");
841 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
847 if (LOG_PRI(priority) > s->max_level_syslog)
850 IOVEC_SET_STRING(iovec, buffer);
851 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
854 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
855 struct iovec iovec[5];
856 char header_priority[6], header_time[64], header_pid[16];
860 char *ident_buf = NULL;
863 assert(priority >= 0);
864 assert(priority <= 999);
867 if (LOG_PRI(priority) > s->max_level_syslog)
870 /* First: priority field */
871 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
872 char_array_0(header_priority);
873 IOVEC_SET_STRING(iovec[n++], header_priority);
875 /* Second: timestamp */
876 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
880 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
882 IOVEC_SET_STRING(iovec[n++], header_time);
884 /* Third: identifier and PID */
887 get_process_comm(ucred->pid, &ident_buf);
888 identifier = ident_buf;
891 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
892 char_array_0(header_pid);
895 IOVEC_SET_STRING(iovec[n++], identifier);
897 IOVEC_SET_STRING(iovec[n++], header_pid);
898 } else if (identifier) {
899 IOVEC_SET_STRING(iovec[n++], identifier);
900 IOVEC_SET_STRING(iovec[n++], ": ");
903 /* Fourth: message */
904 IOVEC_SET_STRING(iovec[n++], message);
906 forward_syslog_iovec(s, iovec, n, ucred, tv);
911 static int fixup_priority(int priority) {
913 if ((priority & LOG_FACMASK) == 0)
914 return (priority & LOG_PRIMASK) | LOG_USER;
919 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
920 struct iovec iovec[5];
921 char header_priority[6], header_pid[16];
923 char *ident_buf = NULL;
927 assert(priority >= 0);
928 assert(priority <= 999);
931 if (LOG_PRI(priority) > s->max_level_kmsg)
934 /* Never allow messages with kernel facility to be written to
935 * kmsg, regardless where the data comes from. */
936 priority = fixup_priority(priority);
938 /* First: priority field */
939 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
940 char_array_0(header_priority);
941 IOVEC_SET_STRING(iovec[n++], header_priority);
943 /* Second: identifier and PID */
946 get_process_comm(ucred->pid, &ident_buf);
947 identifier = ident_buf;
950 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
951 char_array_0(header_pid);
954 IOVEC_SET_STRING(iovec[n++], identifier);
956 IOVEC_SET_STRING(iovec[n++], header_pid);
957 } else if (identifier) {
958 IOVEC_SET_STRING(iovec[n++], identifier);
959 IOVEC_SET_STRING(iovec[n++], ": ");
962 /* Fourth: message */
963 IOVEC_SET_STRING(iovec[n++], message);
964 IOVEC_SET_STRING(iovec[n++], "\n");
966 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
968 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
972 if (writev(fd, iovec, n) < 0)
973 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
975 close_nointr_nofail(fd);
981 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
982 struct iovec iovec[4];
985 char *ident_buf = NULL;
991 if (LOG_PRI(priority) > s->max_level_console)
994 /* First: identifier and PID */
997 get_process_comm(ucred->pid, &ident_buf);
998 identifier = ident_buf;
1001 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1002 char_array_0(header_pid);
1005 IOVEC_SET_STRING(iovec[n++], identifier);
1007 IOVEC_SET_STRING(iovec[n++], header_pid);
1008 } else if (identifier) {
1009 IOVEC_SET_STRING(iovec[n++], identifier);
1010 IOVEC_SET_STRING(iovec[n++], ": ");
1013 /* Third: message */
1014 IOVEC_SET_STRING(iovec[n++], message);
1015 IOVEC_SET_STRING(iovec[n++], "\n");
1017 tty = s->tty_path ? s->tty_path : "/dev/console";
1019 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1021 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1025 if (writev(fd, iovec, n) < 0)
1026 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1028 close_nointr_nofail(fd);
1034 static void read_identifier(const char **buf, char **identifier, char **pid) {
1045 p += strspn(p, WHITESPACE);
1046 l = strcspn(p, WHITESPACE);
1055 if (p[l-1] == ']') {
1061 t = strndup(p+k+1, l-k-2);
1081 *buf += strspn(*buf, WHITESPACE);
1084 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1085 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1086 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1088 int priority = LOG_USER | LOG_INFO;
1089 char *identifier = NULL, *pid = NULL;
1096 parse_syslog_priority((char**) &buf, &priority);
1098 if (s->forward_to_syslog)
1099 forward_syslog_raw(s, priority, orig, ucred, tv);
1101 skip_syslog_date((char**) &buf);
1102 read_identifier(&buf, &identifier, &pid);
1104 if (s->forward_to_kmsg)
1105 forward_kmsg(s, priority, identifier, buf, ucred);
1107 if (s->forward_to_console)
1108 forward_console(s, priority, identifier, buf, ucred);
1110 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1112 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1113 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1115 if (priority & LOG_FACMASK)
1116 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1117 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1120 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1121 if (syslog_identifier)
1122 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1126 syslog_pid = strappend("SYSLOG_PID=", pid);
1128 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1131 message = strappend("MESSAGE=", buf);
1133 IOVEC_SET_STRING(iovec[n++], message);
1135 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1140 free(syslog_priority);
1141 free(syslog_facility);
1142 free(syslog_identifier);
1145 static bool valid_user_field(const char *p, size_t l) {
1148 /* We kinda enforce POSIX syntax recommendations for
1149 environment variables here, but make a couple of additional
1152 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1154 /* No empty field names */
1158 /* Don't allow names longer than 64 chars */
1162 /* Variables starting with an underscore are protected */
1166 /* Don't allow digits as first character */
1167 if (p[0] >= '0' && p[0] <= '9')
1170 /* Only allow A-Z0-9 and '_' */
1171 for (a = p; a < p + l; a++)
1172 if (!((*a >= 'A' && *a <= 'Z') ||
1173 (*a >= '0' && *a <= '9') ||
1180 static void process_native_message(
1182 const void *buffer, size_t buffer_size,
1183 struct ucred *ucred,
1185 const char *label, size_t label_len) {
1187 struct iovec *iovec = NULL;
1188 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1191 int priority = LOG_INFO;
1192 char *identifier = NULL, *message = NULL;
1195 assert(buffer || buffer_size == 0);
1198 remaining = buffer_size;
1200 while (remaining > 0) {
1203 e = memchr(p, '\n', remaining);
1206 /* Trailing noise, let's ignore it, and flush what we collected */
1207 log_debug("Received message with trailing noise, ignoring.");
1212 /* Entry separator */
1213 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1215 priority = LOG_INFO;
1222 if (*p == '.' || *p == '#') {
1223 /* Ignore control commands for now, and
1225 remaining -= (e - p) + 1;
1230 /* A property follows */
1232 if (n+N_IOVEC_META_FIELDS >= m) {
1236 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1237 c = realloc(iovec, u * sizeof(struct iovec));
1239 log_error("Out of memory");
1247 q = memchr(p, '=', e - p);
1249 if (valid_user_field(p, q - p)) {
1254 /* If the field name starts with an
1255 * underscore, skip the variable,
1256 * since that indidates a trusted
1258 iovec[n].iov_base = (char*) p;
1259 iovec[n].iov_len = l;
1262 /* We need to determine the priority
1263 * of this entry for the rate limiting
1266 memcmp(p, "PRIORITY=", 9) == 0 &&
1267 p[9] >= '0' && p[9] <= '9')
1268 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1271 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1272 p[16] >= '0' && p[16] <= '9')
1273 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1276 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1277 p[16] >= '0' && p[16] <= '9' &&
1278 p[17] >= '0' && p[17] <= '9')
1279 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1282 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1285 t = strndup(p + 18, l - 18);
1290 } else if (l >= 8 &&
1291 memcmp(p, "MESSAGE=", 8) == 0) {
1294 t = strndup(p + 8, l - 8);
1302 remaining -= (e - p) + 1;
1310 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1311 log_debug("Failed to parse message, ignoring.");
1315 memcpy(&l_le, e + 1, sizeof(uint64_t));
1318 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1319 e[1+sizeof(uint64_t)+l] != '\n') {
1320 log_debug("Failed to parse message, ignoring.");
1324 k = malloc((e - p) + 1 + l);
1326 log_error("Out of memory");
1330 memcpy(k, p, e - p);
1332 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1334 if (valid_user_field(p, e - p)) {
1335 iovec[n].iov_base = k;
1336 iovec[n].iov_len = (e - p) + 1 + l;
1341 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1342 p = e + 1 + sizeof(uint64_t) + l + 1;
1350 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1353 if (s->forward_to_syslog)
1354 forward_syslog(s, priority, identifier, message, ucred, tv);
1356 if (s->forward_to_kmsg)
1357 forward_kmsg(s, priority, identifier, message, ucred);
1359 if (s->forward_to_console)
1360 forward_console(s, priority, identifier, message, ucred);
1363 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1366 for (j = 0; j < n; j++) {
1370 if (iovec[j].iov_base < buffer ||
1371 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1372 free(iovec[j].iov_base);
1380 static void process_native_file(
1383 struct ucred *ucred,
1385 const char *label, size_t label_len) {
1394 /* Data is in the passed file, since it didn't fit in a
1395 * datagram. We can't map the file here, since clients might
1396 * then truncate it and trigger a SIGBUS for us. So let's
1397 * stupidly read it */
1399 if (fstat(fd, &st) < 0) {
1400 log_error("Failed to stat passed file, ignoring: %m");
1404 if (!S_ISREG(st.st_mode)) {
1405 log_error("File passed is not regular. Ignoring.");
1409 if (st.st_size <= 0)
1412 if (st.st_size > ENTRY_SIZE_MAX) {
1413 log_error("File passed too large. Ignoring.");
1417 p = malloc(st.st_size);
1419 log_error("Out of memory");
1423 n = pread(fd, p, st.st_size, 0);
1425 log_error("Failed to read file, ignoring: %s", strerror(-n));
1427 process_native_message(s, p, n, ucred, tv, label, label_len);
1432 static int stdout_stream_log(StdoutStream *s, const char *p) {
1433 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1434 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1438 size_t label_len = 0;
1446 priority = s->priority;
1448 if (s->level_prefix)
1449 parse_syslog_priority((char**) &p, &priority);
1451 if (s->forward_to_syslog || s->server->forward_to_syslog)
1452 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1454 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1455 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1457 if (s->forward_to_console || s->server->forward_to_console)
1458 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1460 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1462 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1463 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1465 if (priority & LOG_FACMASK)
1466 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1467 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1469 if (s->identifier) {
1470 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1471 if (syslog_identifier)
1472 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1475 message = strappend("MESSAGE=", p);
1477 IOVEC_SET_STRING(iovec[n++], message);
1480 if (s->security_context) {
1481 label = (char*) s->security_context;
1482 label_len = strlen((char*) s->security_context);
1486 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1489 free(syslog_priority);
1490 free(syslog_facility);
1491 free(syslog_identifier);
1496 static int stdout_stream_line(StdoutStream *s, char *p) {
1506 case STDOUT_STREAM_IDENTIFIER:
1508 s->identifier = NULL;
1510 s->identifier = strdup(p);
1511 if (!s->identifier) {
1512 log_error("Out of memory");
1517 s->state = STDOUT_STREAM_UNIT_ID;
1520 case STDOUT_STREAM_UNIT_ID:
1521 if (s->ucred.uid == 0) {
1525 s->unit_id = strdup(p);
1527 log_error("Out of memory");
1533 s->state = STDOUT_STREAM_PRIORITY;
1536 case STDOUT_STREAM_PRIORITY:
1537 r = safe_atoi(p, &s->priority);
1538 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1539 log_warning("Failed to parse log priority line.");
1543 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1546 case STDOUT_STREAM_LEVEL_PREFIX:
1547 r = parse_boolean(p);
1549 log_warning("Failed to parse level prefix line.");
1553 s->level_prefix = !!r;
1554 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1557 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1558 r = parse_boolean(p);
1560 log_warning("Failed to parse forward to syslog line.");
1564 s->forward_to_syslog = !!r;
1565 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1568 case STDOUT_STREAM_FORWARD_TO_KMSG:
1569 r = parse_boolean(p);
1571 log_warning("Failed to parse copy to kmsg line.");
1575 s->forward_to_kmsg = !!r;
1576 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1579 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1580 r = parse_boolean(p);
1582 log_warning("Failed to parse copy to console line.");
1586 s->forward_to_console = !!r;
1587 s->state = STDOUT_STREAM_RUNNING;
1590 case STDOUT_STREAM_RUNNING:
1591 return stdout_stream_log(s, p);
1594 assert_not_reached("Unknown stream state");
1597 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1605 remaining = s->length;
1610 end = memchr(p, '\n', remaining);
1613 else if (remaining >= sizeof(s->buffer) - 1) {
1614 end = p + sizeof(s->buffer) - 1;
1621 r = stdout_stream_line(s, p);
1629 if (force_flush && remaining > 0) {
1631 r = stdout_stream_line(s, p);
1639 if (p > s->buffer) {
1640 memmove(s->buffer, p, remaining);
1641 s->length = remaining;
1647 static int stdout_stream_process(StdoutStream *s) {
1653 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1656 if (errno == EAGAIN)
1659 log_warning("Failed to read from stream: %m");
1664 r = stdout_stream_scan(s, true);
1672 r = stdout_stream_scan(s, false);
1680 static void stdout_stream_free(StdoutStream *s) {
1684 assert(s->server->n_stdout_streams > 0);
1685 s->server->n_stdout_streams --;
1686 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1691 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1693 close_nointr_nofail(s->fd);
1697 if (s->security_context)
1698 freecon(s->security_context);
1701 free(s->identifier);
1705 static int stdout_stream_new(Server *s) {
1706 StdoutStream *stream;
1709 struct epoll_event ev;
1713 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1715 if (errno == EAGAIN)
1718 log_error("Failed to accept stdout connection: %m");
1722 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1723 log_warning("Too many stdout streams, refusing connection.");
1724 close_nointr_nofail(fd);
1728 stream = new0(StdoutStream, 1);
1730 log_error("Out of memory.");
1731 close_nointr_nofail(fd);
1737 len = sizeof(stream->ucred);
1738 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1739 log_error("Failed to determine peer credentials: %m");
1745 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1746 log_error("Failed to determine peer security context: %m");
1749 if (shutdown(fd, SHUT_WR) < 0) {
1750 log_error("Failed to shutdown writing side of socket: %m");
1756 ev.data.ptr = stream;
1757 ev.events = EPOLLIN;
1758 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1759 log_error("Failed to add stream to event loop: %m");
1765 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1766 s->n_stdout_streams ++;
1771 stdout_stream_free(stream);
1775 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1786 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1791 for (i = 1; i <= 5; i++) {
1797 k = undecchar(p[i]);
1804 for (i = 7; i <= 12; i++) {
1807 k = undecchar(p[i]);
1816 *_p += strspn(*_p, WHITESPACE);
1821 static bool is_us(const char *pid) {
1826 if (parse_pid(pid, &t) < 0)
1829 return t == getpid();
1832 static void proc_kmsg_line(Server *s, const char *p) {
1833 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1834 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1835 int priority = LOG_KERN | LOG_INFO;
1838 char *identifier = NULL, *pid = NULL;
1846 parse_syslog_priority((char **) &p, &priority);
1848 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1851 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1852 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1853 (unsigned long long) usec) >= 0)
1854 IOVEC_SET_STRING(iovec[n++], source_time);
1857 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1859 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1860 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1862 if ((priority & LOG_FACMASK) == LOG_KERN) {
1864 if (s->forward_to_syslog)
1865 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1867 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1869 read_identifier(&p, &identifier, &pid);
1871 /* Avoid any messages we generated ourselves via
1872 * log_info() and friends. */
1873 if (pid && is_us(pid))
1876 if (s->forward_to_syslog)
1877 forward_syslog(s, priority, identifier, p, NULL, NULL);
1880 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1881 if (syslog_identifier)
1882 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1886 syslog_pid = strappend("SYSLOG_PID=", pid);
1888 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1891 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1892 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1895 message = strappend("MESSAGE=", p);
1897 IOVEC_SET_STRING(iovec[n++], message);
1899 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1903 free(syslog_priority);
1904 free(syslog_identifier);
1906 free(syslog_facility);
1912 static void proc_kmsg_scan(Server *s) {
1918 p = s->proc_kmsg_buffer;
1919 remaining = s->proc_kmsg_length;
1924 end = memchr(p, '\n', remaining);
1927 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1928 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1935 proc_kmsg_line(s, p);
1941 if (p > s->proc_kmsg_buffer) {
1942 memmove(s->proc_kmsg_buffer, p, remaining);
1943 s->proc_kmsg_length = remaining;
1947 static int system_journal_open(Server *s) {
1953 r = sd_id128_get_machine(&machine);
1957 sd_id128_to_string(machine, ids);
1959 if (!s->system_journal &&
1960 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1961 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1963 /* If in auto mode: first try to create the machine
1964 * path, but not the prefix.
1966 * If in persistent mode: create /var/log/journal and
1967 * the machine path */
1969 if (s->storage == STORAGE_PERSISTENT)
1970 (void) mkdir("/var/log/journal/", 0755);
1972 fn = strappend("/var/log/journal/", ids);
1976 (void) mkdir(fn, 0755);
1979 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1983 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1987 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1989 s->system_journal->metrics = s->system_metrics;
1990 s->system_journal->compress = s->compress;
1992 server_fix_perms(s, s->system_journal, 0);
1995 if (r != -ENOENT && r != -EROFS)
1996 log_warning("Failed to open system journal: %s", strerror(-r));
2002 if (!s->runtime_journal &&
2003 (s->storage != STORAGE_NONE)) {
2005 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
2009 if (s->system_journal) {
2011 /* Try to open the runtime journal, but only
2012 * if it already exists, so that we can flush
2013 * it into the system journal */
2015 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
2020 log_warning("Failed to open runtime journal: %s", strerror(-r));
2027 /* OK, we really need the runtime journal, so create
2028 * it if necessary. */
2030 (void) mkdir_parents(fn, 0755);
2031 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2035 log_error("Failed to open runtime journal: %s", strerror(-r));
2040 if (s->runtime_journal) {
2041 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2043 s->runtime_journal->metrics = s->runtime_metrics;
2044 s->runtime_journal->compress = s->compress;
2046 server_fix_perms(s, s->runtime_journal, 0);
2053 static int server_flush_to_var(Server *s) {
2061 if (s->storage != STORAGE_AUTO &&
2062 s->storage != STORAGE_PERSISTENT)
2065 if (!s->runtime_journal)
2068 system_journal_open(s);
2070 if (!s->system_journal)
2073 log_info("Flushing to /var...");
2075 r = sd_id128_get_machine(&machine);
2077 log_error("Failed to get machine id: %s", strerror(-r));
2081 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2083 log_error("Failed to read runtime journal: %s", strerror(-r));
2087 SD_JOURNAL_FOREACH(j) {
2090 f = j->current_file;
2091 assert(f && f->current_offset > 0);
2093 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2095 log_error("Can't read entry: %s", strerror(-r));
2099 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2101 log_info("Allocation limit reached.");
2103 journal_file_post_change(s->system_journal);
2107 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2111 log_error("Can't write entry: %s", strerror(-r));
2117 journal_file_post_change(s->system_journal);
2119 journal_file_close(s->runtime_journal);
2120 s->runtime_journal = NULL;
2123 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2124 sd_id128_to_string(machine, path + 17);
2125 rm_rf(path, false, true, false);
2131 static int server_read_proc_kmsg(Server *s) {
2134 assert(s->proc_kmsg_fd >= 0);
2136 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2137 if (l == 0) /* the kernel is stupid and in some race
2138 * conditions returns 0 in the middle of the
2143 if (errno == EAGAIN || errno == EINTR)
2146 log_error("Failed to read from kernel: %m");
2150 s->proc_kmsg_length += l;
2156 static int server_flush_proc_kmsg(Server *s) {
2161 if (s->proc_kmsg_fd < 0)
2164 log_info("Flushing /proc/kmsg...");
2167 r = server_read_proc_kmsg(s);
2178 static int process_event(Server *s, struct epoll_event *ev) {
2182 if (ev->data.fd == s->signal_fd) {
2183 struct signalfd_siginfo sfsi;
2186 if (ev->events != EPOLLIN) {
2187 log_info("Got invalid event from epoll.");
2191 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2192 if (n != sizeof(sfsi)) {
2197 if (errno == EINTR || errno == EAGAIN)
2203 if (sfsi.ssi_signo == SIGUSR1) {
2204 touch("/run/systemd/journal/flushed");
2205 server_flush_to_var(s);
2209 if (sfsi.ssi_signo == SIGUSR2) {
2215 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2218 } else if (ev->data.fd == s->proc_kmsg_fd) {
2221 if (ev->events != EPOLLIN) {
2222 log_info("Got invalid event from epoll.");
2226 r = server_read_proc_kmsg(s);
2232 } else if (ev->data.fd == s->native_fd ||
2233 ev->data.fd == s->syslog_fd) {
2235 if (ev->events != EPOLLIN) {
2236 log_info("Got invalid event from epoll.");
2241 struct msghdr msghdr;
2243 struct ucred *ucred = NULL;
2244 struct timeval *tv = NULL;
2245 struct cmsghdr *cmsg;
2247 size_t label_len = 0;
2249 struct cmsghdr cmsghdr;
2251 /* We use NAME_MAX space for the
2252 * SELinux label here. The kernel
2253 * currently enforces no limit, but
2254 * according to suggestions from the
2255 * SELinux people this will change and
2256 * it will probably be identical to
2257 * NAME_MAX. For now we use that, but
2258 * this should be updated one day when
2259 * the final limit is known.*/
2260 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2261 CMSG_SPACE(sizeof(struct timeval)) +
2262 CMSG_SPACE(sizeof(int)) + /* fd */
2263 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2270 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2271 log_error("SIOCINQ failed: %m");
2275 if (s->buffer_size < (size_t) v) {
2279 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2280 b = realloc(s->buffer, l+1);
2283 log_error("Couldn't increase buffer.");
2292 iovec.iov_base = s->buffer;
2293 iovec.iov_len = s->buffer_size;
2297 msghdr.msg_iov = &iovec;
2298 msghdr.msg_iovlen = 1;
2299 msghdr.msg_control = &control;
2300 msghdr.msg_controllen = sizeof(control);
2302 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2305 if (errno == EINTR || errno == EAGAIN)
2308 log_error("recvmsg() failed: %m");
2312 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2314 if (cmsg->cmsg_level == SOL_SOCKET &&
2315 cmsg->cmsg_type == SCM_CREDENTIALS &&
2316 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2317 ucred = (struct ucred*) CMSG_DATA(cmsg);
2318 else if (cmsg->cmsg_level == SOL_SOCKET &&
2319 cmsg->cmsg_type == SCM_SECURITY) {
2320 label = (char*) CMSG_DATA(cmsg);
2321 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2322 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2323 cmsg->cmsg_type == SO_TIMESTAMP &&
2324 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2325 tv = (struct timeval*) CMSG_DATA(cmsg);
2326 else if (cmsg->cmsg_level == SOL_SOCKET &&
2327 cmsg->cmsg_type == SCM_RIGHTS) {
2328 fds = (int*) CMSG_DATA(cmsg);
2329 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2333 if (ev->data.fd == s->syslog_fd) {
2336 if (n > 0 && n_fds == 0) {
2337 e = memchr(s->buffer, '\n', n);
2343 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2344 } else if (n_fds > 0)
2345 log_warning("Got file descriptors via syslog socket. Ignoring.");
2348 if (n > 0 && n_fds == 0)
2349 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2350 else if (n == 0 && n_fds == 1)
2351 process_native_file(s, fds[0], ucred, tv, label, label_len);
2353 log_warning("Got too many file descriptors via native socket. Ignoring.");
2356 close_many(fds, n_fds);
2361 } else if (ev->data.fd == s->stdout_fd) {
2363 if (ev->events != EPOLLIN) {
2364 log_info("Got invalid event from epoll.");
2368 stdout_stream_new(s);
2372 StdoutStream *stream;
2374 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2375 log_info("Got invalid event from epoll.");
2379 /* If it is none of the well-known fds, it must be an
2380 * stdout stream fd. Note that this is a bit ugly here
2381 * (since we rely that none of the well-known fds
2382 * could be interpreted as pointer), but nonetheless
2383 * safe, since the well-known fds would never get an
2384 * fd > 4096, i.e. beyond the first memory page */
2386 stream = ev->data.ptr;
2388 if (stdout_stream_process(stream) <= 0)
2389 stdout_stream_free(stream);
2394 log_error("Unknown event.");
2398 static int open_syslog_socket(Server *s) {
2399 union sockaddr_union sa;
2401 struct epoll_event ev;
2405 if (s->syslog_fd < 0) {
2407 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2408 if (s->syslog_fd < 0) {
2409 log_error("socket() failed: %m");
2414 sa.un.sun_family = AF_UNIX;
2415 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2417 unlink(sa.un.sun_path);
2419 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2421 log_error("bind() failed: %m");
2425 chmod(sa.un.sun_path, 0666);
2427 fd_nonblock(s->syslog_fd, 1);
2430 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2432 log_error("SO_PASSCRED failed: %m");
2438 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2440 log_warning("SO_PASSSEC failed: %m");
2444 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2446 log_error("SO_TIMESTAMP failed: %m");
2451 ev.events = EPOLLIN;
2452 ev.data.fd = s->syslog_fd;
2453 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2454 log_error("Failed to add syslog server fd to epoll object: %m");
2461 static int open_native_socket(Server*s) {
2462 union sockaddr_union sa;
2464 struct epoll_event ev;
2468 if (s->native_fd < 0) {
2470 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2471 if (s->native_fd < 0) {
2472 log_error("socket() failed: %m");
2477 sa.un.sun_family = AF_UNIX;
2478 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2480 unlink(sa.un.sun_path);
2482 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2484 log_error("bind() failed: %m");
2488 chmod(sa.un.sun_path, 0666);
2490 fd_nonblock(s->native_fd, 1);
2493 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2495 log_error("SO_PASSCRED failed: %m");
2501 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2503 log_warning("SO_PASSSEC failed: %m");
2507 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2509 log_error("SO_TIMESTAMP failed: %m");
2514 ev.events = EPOLLIN;
2515 ev.data.fd = s->native_fd;
2516 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2517 log_error("Failed to add native server fd to epoll object: %m");
2524 static int open_stdout_socket(Server *s) {
2525 union sockaddr_union sa;
2527 struct epoll_event ev;
2531 if (s->stdout_fd < 0) {
2533 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2534 if (s->stdout_fd < 0) {
2535 log_error("socket() failed: %m");
2540 sa.un.sun_family = AF_UNIX;
2541 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2543 unlink(sa.un.sun_path);
2545 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2547 log_error("bind() failed: %m");
2551 chmod(sa.un.sun_path, 0666);
2553 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2554 log_error("liste() failed: %m");
2558 fd_nonblock(s->stdout_fd, 1);
2561 ev.events = EPOLLIN;
2562 ev.data.fd = s->stdout_fd;
2563 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2564 log_error("Failed to add stdout server fd to epoll object: %m");
2571 static int open_proc_kmsg(Server *s) {
2572 struct epoll_event ev;
2576 if (!s->import_proc_kmsg)
2579 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2580 if (s->proc_kmsg_fd < 0) {
2581 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2586 ev.events = EPOLLIN;
2587 ev.data.fd = s->proc_kmsg_fd;
2588 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2589 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2596 static int open_signalfd(Server *s) {
2598 struct epoll_event ev;
2602 assert_se(sigemptyset(&mask) == 0);
2603 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2604 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2606 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2607 if (s->signal_fd < 0) {
2608 log_error("signalfd(): %m");
2613 ev.events = EPOLLIN;
2614 ev.data.fd = s->signal_fd;
2616 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2617 log_error("epoll_ctl(): %m");
2624 static int server_parse_proc_cmdline(Server *s) {
2625 char *line, *w, *state;
2629 if (detect_container(NULL) > 0)
2632 r = read_one_line_file("/proc/cmdline", &line);
2634 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2638 FOREACH_WORD_QUOTED(w, l, line, state) {
2641 word = strndup(w, l);
2647 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2648 r = parse_boolean(word + 35);
2650 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2652 s->forward_to_syslog = r;
2653 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2654 r = parse_boolean(word + 33);
2656 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2658 s->forward_to_kmsg = r;
2659 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2660 r = parse_boolean(word + 36);
2662 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2664 s->forward_to_console = r;
2665 } else if (startswith(word, "systemd.journald"))
2666 log_warning("Invalid systemd.journald parameter. Ignoring.");
2678 static int server_parse_config_file(Server *s) {
2685 fn = "/etc/systemd/journald.conf";
2686 f = fopen(fn, "re");
2688 if (errno == ENOENT)
2691 log_warning("Failed to open configuration file %s: %m", fn);
2695 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2697 log_warning("Failed to parse configuration file: %s", strerror(-r));
2704 static int server_init(Server *s) {
2710 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2713 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2714 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2716 s->forward_to_syslog = true;
2718 s->max_level_store = LOG_DEBUG;
2719 s->max_level_syslog = LOG_DEBUG;
2720 s->max_level_kmsg = LOG_NOTICE;
2721 s->max_level_console = LOG_INFO;
2723 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2724 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2726 server_parse_config_file(s);
2727 server_parse_proc_cmdline(s);
2729 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2730 if (!s->user_journals) {
2731 log_error("Out of memory.");
2735 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2736 if (s->epoll_fd < 0) {
2737 log_error("Failed to create epoll object: %m");
2741 n = sd_listen_fds(true);
2743 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2747 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2749 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2751 if (s->native_fd >= 0) {
2752 log_error("Too many native sockets passed.");
2758 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2760 if (s->stdout_fd >= 0) {
2761 log_error("Too many stdout sockets passed.");
2767 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2769 if (s->syslog_fd >= 0) {
2770 log_error("Too many /dev/log sockets passed.");
2777 log_error("Unknown socket passed.");
2782 r = open_syslog_socket(s);
2786 r = open_native_socket(s);
2790 r = open_stdout_socket(s);
2794 r = open_proc_kmsg(s);
2798 r = open_signalfd(s);
2802 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2806 r = system_journal_open(s);
2813 static void server_done(Server *s) {
2817 while (s->stdout_streams)
2818 stdout_stream_free(s->stdout_streams);
2820 if (s->system_journal)
2821 journal_file_close(s->system_journal);
2823 if (s->runtime_journal)
2824 journal_file_close(s->runtime_journal);
2826 while ((f = hashmap_steal_first(s->user_journals)))
2827 journal_file_close(f);
2829 hashmap_free(s->user_journals);
2831 if (s->epoll_fd >= 0)
2832 close_nointr_nofail(s->epoll_fd);
2834 if (s->signal_fd >= 0)
2835 close_nointr_nofail(s->signal_fd);
2837 if (s->syslog_fd >= 0)
2838 close_nointr_nofail(s->syslog_fd);
2840 if (s->native_fd >= 0)
2841 close_nointr_nofail(s->native_fd);
2843 if (s->stdout_fd >= 0)
2844 close_nointr_nofail(s->stdout_fd);
2846 if (s->proc_kmsg_fd >= 0)
2847 close_nointr_nofail(s->proc_kmsg_fd);
2850 journal_rate_limit_free(s->rate_limit);
2856 int main(int argc, char *argv[]) {
2860 /* if (getppid() != 1) { */
2861 /* log_error("This program should be invoked by init only."); */
2862 /* return EXIT_FAILURE; */
2866 log_error("This program does not take arguments.");
2867 return EXIT_FAILURE;
2870 log_set_target(LOG_TARGET_SAFE);
2871 log_set_facility(LOG_SYSLOG);
2872 log_parse_environment();
2877 r = server_init(&server);
2881 server_vacuum(&server);
2882 server_flush_to_var(&server);
2883 server_flush_proc_kmsg(&server);
2885 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2886 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2890 "STATUS=Processing requests...");
2893 struct epoll_event event;
2895 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2901 log_error("epoll_wait() failed: %m");
2907 r = process_event(&server, &event);
2914 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2915 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2919 "STATUS=Shutting down...");
2921 server_done(&server);
2923 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;