1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_PRIORITY,
81 STDOUT_STREAM_LEVEL_PREFIX,
82 STDOUT_STREAM_FORWARD_TO_SYSLOG,
83 STDOUT_STREAM_FORWARD_TO_KMSG,
84 STDOUT_STREAM_FORWARD_TO_CONSOLE,
90 StdoutStreamState state;
96 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static int server_flush_to_var(Server *s);
114 static uint64_t available_space(Server *s) {
119 uint64_t sum = 0, avail = 0, ss_avail = 0;
125 ts = now(CLOCK_MONOTONIC);
127 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
128 return s->cached_available_space;
130 r = sd_id128_get_machine(&machine);
134 if (s->system_journal) {
135 f = "/var/log/journal/";
136 m = &s->system_metrics;
138 f = "/run/log/journal/";
139 m = &s->runtime_metrics;
144 p = strappend(f, sd_id128_to_string(machine, ids));
154 if (fstatvfs(dirfd(d), &ss) < 0)
159 struct dirent buf, *de;
161 r = readdir_r(d, &buf, &de);
168 if (!endswith(de->d_name, ".journal") &&
169 !endswith(de->d_name, ".journal~"))
172 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
175 if (!S_ISREG(st.st_mode))
178 sum += (uint64_t) st.st_blocks * 512UL;
181 avail = sum >= m->max_use ? 0 : m->max_use - sum;
183 ss_avail = ss.f_bsize * ss.f_bavail;
185 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
187 if (ss_avail < avail)
190 s->cached_available_space = avail;
191 s->cached_available_space_timestamp = ts;
199 static void server_read_file_gid(Server *s) {
200 const char *adm = "adm";
205 if (s->file_gid_valid)
208 r = get_group_creds(&adm, &s->file_gid);
210 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
212 /* if we couldn't read the gid, then it will be 0, but that's
213 * fine and we shouldn't try to resolve the group again, so
214 * let's just pretend it worked right-away. */
215 s->file_gid_valid = true;
218 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
223 acl_permset_t permset;
228 server_read_file_gid(s);
230 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
232 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
238 acl = acl_get_fd(f->fd);
240 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
244 r = acl_find_uid(acl, uid, &entry);
247 if (acl_create_entry(&acl, &entry) < 0 ||
248 acl_set_tag_type(entry, ACL_USER) < 0 ||
249 acl_set_qualifier(entry, &uid) < 0) {
250 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
255 if (acl_get_permset(entry, &permset) < 0 ||
256 acl_add_perm(permset, ACL_READ) < 0 ||
257 acl_calc_mask(&acl) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
262 if (acl_set_fd(f->fd, acl) < 0)
263 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
270 static JournalFile* find_journal(Server *s, uid_t uid) {
279 /* We split up user logs only on /var, not on /run. If the
280 * runtime file is open, we write to it exclusively, in order
281 * to guarantee proper order as soon as we flush /run to
282 * /var and close the runtime file. */
284 if (s->runtime_journal)
285 return s->runtime_journal;
288 return s->system_journal;
290 r = sd_id128_get_machine(&machine);
292 return s->system_journal;
294 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
298 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
299 return s->system_journal;
301 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
302 /* Too many open? Then let's close one */
303 f = hashmap_steal_first(s->user_journals);
305 journal_file_close(f);
308 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
312 return s->system_journal;
314 server_fix_perms(s, f, uid);
316 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
318 journal_file_close(f);
319 return s->system_journal;
325 static void server_rotate(Server *s) {
331 log_info("Rotating...");
333 if (s->runtime_journal) {
334 r = journal_file_rotate(&s->runtime_journal);
336 if (s->runtime_journal)
337 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
339 log_error("Failed to create new runtime journal: %s", strerror(-r));
341 server_fix_perms(s, s->runtime_journal, 0);
344 if (s->system_journal) {
345 r = journal_file_rotate(&s->system_journal);
347 if (s->system_journal)
348 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
350 log_error("Failed to create new system journal: %s", strerror(-r));
353 server_fix_perms(s, s->system_journal, 0);
356 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
357 r = journal_file_rotate(&f);
360 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
362 log_error("Failed to create user journal: %s", strerror(-r));
364 hashmap_replace(s->user_journals, k, f);
365 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
370 static void server_vacuum(Server *s) {
376 log_info("Vacuuming...");
378 r = sd_id128_get_machine(&machine);
380 log_error("Failed to get machine ID: %s", strerror(-r));
384 sd_id128_to_string(machine, ids);
386 if (s->system_journal) {
387 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
388 log_error("Out of memory.");
392 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
393 if (r < 0 && r != -ENOENT)
394 log_error("Failed to vacuum %s: %s", p, strerror(-r));
399 if (s->runtime_journal) {
400 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
401 log_error("Out of memory.");
405 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
406 if (r < 0 && r != -ENOENT)
407 log_error("Failed to vacuum %s: %s", p, strerror(-r));
411 s->cached_available_space_timestamp = 0;
414 static char *shortened_cgroup_path(pid_t pid) {
416 char *process_path, *init_path, *path;
420 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
424 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
430 if (endswith(init_path, "/system"))
431 init_path[strlen(init_path) - 7] = 0;
432 else if (streq(init_path, "/"))
435 if (startswith(process_path, init_path)) {
438 p = strdup(process_path + strlen(init_path));
456 static void dispatch_message_real(
458 struct iovec *iovec, unsigned n, unsigned m,
461 const char *label, size_t label_len) {
463 char *pid = NULL, *uid = NULL, *gid = NULL,
464 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
465 *comm = NULL, *cmdline = NULL, *hostname = NULL,
466 *audit_session = NULL, *audit_loginuid = NULL,
467 *exe = NULL, *cgroup = NULL, *session = NULL,
468 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
474 uid_t loginuid = 0, realuid = 0;
476 bool vacuumed = false;
481 assert(n + N_IOVEC_META_FIELDS <= m);
489 realuid = ucred->uid;
491 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
492 IOVEC_SET_STRING(iovec[n++], pid);
494 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
495 IOVEC_SET_STRING(iovec[n++], uid);
497 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
498 IOVEC_SET_STRING(iovec[n++], gid);
500 r = get_process_comm(ucred->pid, &t);
502 comm = strappend("_COMM=", t);
506 IOVEC_SET_STRING(iovec[n++], comm);
509 r = get_process_exe(ucred->pid, &t);
511 exe = strappend("_EXE=", t);
515 IOVEC_SET_STRING(iovec[n++], exe);
518 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
520 cmdline = strappend("_CMDLINE=", t);
524 IOVEC_SET_STRING(iovec[n++], cmdline);
527 r = audit_session_from_pid(ucred->pid, &audit);
529 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
530 IOVEC_SET_STRING(iovec[n++], audit_session);
532 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
534 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
535 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
537 t = shortened_cgroup_path(ucred->pid);
539 cgroup = strappend("_SYSTEMD_CGROUP=", t);
543 IOVEC_SET_STRING(iovec[n++], cgroup);
547 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
548 session = strappend("_SYSTEMD_SESSION=", t);
552 IOVEC_SET_STRING(iovec[n++], session);
555 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
556 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
557 IOVEC_SET_STRING(iovec[n++], owner_uid);
560 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
561 unit = strappend("_SYSTEMD_UNIT=", t);
565 IOVEC_SET_STRING(iovec[n++], unit);
570 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
571 if (selinux_context) {
572 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
573 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
574 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
575 IOVEC_SET_STRING(iovec[n++], selinux_context);
578 security_context_t con;
580 if (getpidcon(ucred->pid, &con) >= 0) {
581 selinux_context = strappend("_SELINUX_CONTEXT=", con);
583 IOVEC_SET_STRING(iovec[n++], selinux_context);
592 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
593 (unsigned long long) timeval_load(tv)) >= 0)
594 IOVEC_SET_STRING(iovec[n++], source_time);
597 /* Note that strictly speaking storing the boot id here is
598 * redundant since the entry includes this in-line
599 * anyway. However, we need this indexed, too. */
600 r = sd_id128_get_boot(&id);
602 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
603 IOVEC_SET_STRING(iovec[n++], boot_id);
605 r = sd_id128_get_machine(&id);
607 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
608 IOVEC_SET_STRING(iovec[n++], machine_id);
610 t = gethostname_malloc();
612 hostname = strappend("_HOSTNAME=", t);
615 IOVEC_SET_STRING(iovec[n++], hostname);
620 server_flush_to_var(s);
623 f = find_journal(s, realuid == 0 ? 0 : loginuid);
625 log_warning("Dropping message, as we can't find a place to store the data.");
627 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
629 if ((r == -E2BIG || /* hit limit */
630 r == -EFBIG || /* hit fs limit */
631 r == -EDQUOT || /* quota hit */
632 r == -ENOSPC || /* disk full */
633 r == -EBADMSG || /* corrupted */
634 r == -ENODATA || /* truncated */
635 r == -EHOSTDOWN || /* other machine */
636 r == -EPROTONOSUPPORT) && /* unsupported feature */
640 log_info("Allocation limit reached, rotating.");
642 log_warning("Journal file corrupted, rotating.");
648 log_info("Retrying write.");
653 log_error("Failed to write entry, ignoring: %s", strerror(-r));
667 free(audit_loginuid);
672 free(selinux_context);
675 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
676 char mid[11 + 32 + 1];
677 char buffer[16 + LINE_MAX + 1];
678 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
686 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
687 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
689 memcpy(buffer, "MESSAGE=", 8);
690 va_start(ap, format);
691 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
693 char_array_0(buffer);
694 IOVEC_SET_STRING(iovec[n++], buffer);
696 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
698 IOVEC_SET_STRING(iovec[n++], mid);
701 ucred.pid = getpid();
702 ucred.uid = getuid();
703 ucred.gid = getgid();
705 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0);
708 static void dispatch_message(Server *s,
709 struct iovec *iovec, unsigned n, unsigned m,
712 const char *label, size_t label_len,
715 char *path = NULL, *c;
718 assert(iovec || n == 0);
723 if (LOG_PRI(priority) > s->max_level_store)
729 path = shortened_cgroup_path(ucred->pid);
733 /* example: /user/lennart/3/foobar
734 * /system/dbus.service/foobar
736 * So let's cut of everything past the third /, since that is
737 * wher user directories start */
739 c = strchr(path, '/');
741 c = strchr(c+1, '/');
743 c = strchr(c+1, '/');
749 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
756 /* Write a suppression message if we suppressed something */
758 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
763 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len);
766 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
767 struct msghdr msghdr;
768 struct cmsghdr *cmsg;
770 struct cmsghdr cmsghdr;
771 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
773 union sockaddr_union sa;
780 msghdr.msg_iov = (struct iovec*) iovec;
781 msghdr.msg_iovlen = n_iovec;
784 sa.un.sun_family = AF_UNIX;
785 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
786 msghdr.msg_name = &sa;
787 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
791 msghdr.msg_control = &control;
792 msghdr.msg_controllen = sizeof(control);
794 cmsg = CMSG_FIRSTHDR(&msghdr);
795 cmsg->cmsg_level = SOL_SOCKET;
796 cmsg->cmsg_type = SCM_CREDENTIALS;
797 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
798 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
799 msghdr.msg_controllen = cmsg->cmsg_len;
802 /* Forward the syslog message we received via /dev/log to
803 * /run/systemd/syslog. Unfortunately we currently can't set
804 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
806 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
809 /* The socket is full? I guess the syslog implementation is
810 * too slow, and we shouldn't wait for that... */
814 if (ucred && errno == ESRCH) {
817 /* Hmm, presumably the sender process vanished
818 * by now, so let's fix it as good as we
823 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
825 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
832 log_debug("Failed to forward syslog message: %m");
835 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
841 if (LOG_PRI(priority) > s->max_level_syslog)
844 IOVEC_SET_STRING(iovec, buffer);
845 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
848 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
849 struct iovec iovec[5];
850 char header_priority[6], header_time[64], header_pid[16];
854 char *ident_buf = NULL;
857 assert(priority >= 0);
858 assert(priority <= 999);
861 if (LOG_PRI(priority) > s->max_level_syslog)
864 /* First: priority field */
865 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
866 char_array_0(header_priority);
867 IOVEC_SET_STRING(iovec[n++], header_priority);
869 /* Second: timestamp */
870 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
874 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
876 IOVEC_SET_STRING(iovec[n++], header_time);
878 /* Third: identifier and PID */
881 get_process_comm(ucred->pid, &ident_buf);
882 identifier = ident_buf;
885 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
886 char_array_0(header_pid);
889 IOVEC_SET_STRING(iovec[n++], identifier);
891 IOVEC_SET_STRING(iovec[n++], header_pid);
892 } else if (identifier) {
893 IOVEC_SET_STRING(iovec[n++], identifier);
894 IOVEC_SET_STRING(iovec[n++], ": ");
897 /* Fourth: message */
898 IOVEC_SET_STRING(iovec[n++], message);
900 forward_syslog_iovec(s, iovec, n, ucred, tv);
905 static int fixup_priority(int priority) {
907 if ((priority & LOG_FACMASK) == 0)
908 return (priority & LOG_PRIMASK) | LOG_USER;
913 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
914 struct iovec iovec[5];
915 char header_priority[6], header_pid[16];
917 char *ident_buf = NULL;
921 assert(priority >= 0);
922 assert(priority <= 999);
925 if (LOG_PRI(priority) > s->max_level_kmsg)
928 /* Never allow messages with kernel facility to be written to
929 * kmsg, regardless where the data comes from. */
930 priority = fixup_priority(priority);
932 /* First: priority field */
933 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
934 char_array_0(header_priority);
935 IOVEC_SET_STRING(iovec[n++], header_priority);
937 /* Second: identifier and PID */
940 get_process_comm(ucred->pid, &ident_buf);
941 identifier = ident_buf;
944 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
945 char_array_0(header_pid);
948 IOVEC_SET_STRING(iovec[n++], identifier);
950 IOVEC_SET_STRING(iovec[n++], header_pid);
951 } else if (identifier) {
952 IOVEC_SET_STRING(iovec[n++], identifier);
953 IOVEC_SET_STRING(iovec[n++], ": ");
956 /* Fourth: message */
957 IOVEC_SET_STRING(iovec[n++], message);
958 IOVEC_SET_STRING(iovec[n++], "\n");
960 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
962 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
966 if (writev(fd, iovec, n) < 0)
967 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
969 close_nointr_nofail(fd);
975 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
976 struct iovec iovec[4];
979 char *ident_buf = NULL;
985 if (LOG_PRI(priority) > s->max_level_console)
988 /* First: identifier and PID */
991 get_process_comm(ucred->pid, &ident_buf);
992 identifier = ident_buf;
995 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
996 char_array_0(header_pid);
999 IOVEC_SET_STRING(iovec[n++], identifier);
1001 IOVEC_SET_STRING(iovec[n++], header_pid);
1002 } else if (identifier) {
1003 IOVEC_SET_STRING(iovec[n++], identifier);
1004 IOVEC_SET_STRING(iovec[n++], ": ");
1007 /* Third: message */
1008 IOVEC_SET_STRING(iovec[n++], message);
1009 IOVEC_SET_STRING(iovec[n++], "\n");
1011 tty = s->tty_path ? s->tty_path : "/dev/console";
1013 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1015 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1019 if (writev(fd, iovec, n) < 0)
1020 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1022 close_nointr_nofail(fd);
1028 static void read_identifier(const char **buf, char **identifier, char **pid) {
1039 p += strspn(p, WHITESPACE);
1040 l = strcspn(p, WHITESPACE);
1049 if (p[l-1] == ']') {
1055 t = strndup(p+k+1, l-k-2);
1075 *buf += strspn(*buf, WHITESPACE);
1078 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1079 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1080 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1082 int priority = LOG_USER | LOG_INFO;
1083 char *identifier = NULL, *pid = NULL;
1090 parse_syslog_priority((char**) &buf, &priority);
1092 if (s->forward_to_syslog)
1093 forward_syslog_raw(s, priority, orig, ucred, tv);
1095 skip_syslog_date((char**) &buf);
1096 read_identifier(&buf, &identifier, &pid);
1098 if (s->forward_to_kmsg)
1099 forward_kmsg(s, priority, identifier, buf, ucred);
1101 if (s->forward_to_console)
1102 forward_console(s, priority, identifier, buf, ucred);
1104 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1106 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1107 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1109 if (priority & LOG_FACMASK)
1110 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1111 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1114 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1115 if (syslog_identifier)
1116 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1120 syslog_pid = strappend("SYSLOG_PID=", pid);
1122 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1125 message = strappend("MESSAGE=", buf);
1127 IOVEC_SET_STRING(iovec[n++], message);
1129 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, priority);
1134 free(syslog_priority);
1135 free(syslog_facility);
1136 free(syslog_identifier);
1139 static bool valid_user_field(const char *p, size_t l) {
1142 /* We kinda enforce POSIX syntax recommendations for
1143 environment variables here, but make a couple of additional
1146 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1148 /* No empty field names */
1152 /* Don't allow names longer than 64 chars */
1156 /* Variables starting with an underscore are protected */
1160 /* Don't allow digits as first character */
1161 if (p[0] >= '0' && p[0] <= '9')
1164 /* Only allow A-Z0-9 and '_' */
1165 for (a = p; a < p + l; a++)
1166 if (!((*a >= 'A' && *a <= 'Z') ||
1167 (*a >= '0' && *a <= '9') ||
1174 static void process_native_message(
1176 const void *buffer, size_t buffer_size,
1177 struct ucred *ucred,
1179 const char *label, size_t label_len) {
1181 struct iovec *iovec = NULL;
1182 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1185 int priority = LOG_INFO;
1186 char *identifier = NULL, *message = NULL;
1189 assert(buffer || buffer_size == 0);
1192 remaining = buffer_size;
1194 while (remaining > 0) {
1197 e = memchr(p, '\n', remaining);
1200 /* Trailing noise, let's ignore it, and flush what we collected */
1201 log_debug("Received message with trailing noise, ignoring.");
1206 /* Entry separator */
1207 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1209 priority = LOG_INFO;
1216 if (*p == '.' || *p == '#') {
1217 /* Ignore control commands for now, and
1219 remaining -= (e - p) + 1;
1224 /* A property follows */
1226 if (n+N_IOVEC_META_FIELDS >= m) {
1230 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1231 c = realloc(iovec, u * sizeof(struct iovec));
1233 log_error("Out of memory");
1241 q = memchr(p, '=', e - p);
1243 if (valid_user_field(p, q - p)) {
1248 /* If the field name starts with an
1249 * underscore, skip the variable,
1250 * since that indidates a trusted
1252 iovec[n].iov_base = (char*) p;
1253 iovec[n].iov_len = l;
1256 /* We need to determine the priority
1257 * of this entry for the rate limiting
1260 memcmp(p, "PRIORITY=", 9) == 0 &&
1261 p[9] >= '0' && p[9] <= '9')
1262 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1265 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1266 p[16] >= '0' && p[16] <= '9')
1267 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1270 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1271 p[16] >= '0' && p[16] <= '9' &&
1272 p[17] >= '0' && p[17] <= '9')
1273 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1276 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1279 t = strndup(p + 18, l - 18);
1284 } else if (l >= 8 &&
1285 memcmp(p, "MESSAGE=", 8) == 0) {
1288 t = strndup(p + 8, l - 8);
1296 remaining -= (e - p) + 1;
1304 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1305 log_debug("Failed to parse message, ignoring.");
1309 memcpy(&l_le, e + 1, sizeof(uint64_t));
1312 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1313 e[1+sizeof(uint64_t)+l] != '\n') {
1314 log_debug("Failed to parse message, ignoring.");
1318 k = malloc((e - p) + 1 + l);
1320 log_error("Out of memory");
1324 memcpy(k, p, e - p);
1326 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1328 if (valid_user_field(p, e - p)) {
1329 iovec[n].iov_base = k;
1330 iovec[n].iov_len = (e - p) + 1 + l;
1335 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1336 p = e + 1 + sizeof(uint64_t) + l + 1;
1344 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1347 if (s->forward_to_syslog)
1348 forward_syslog(s, priority, identifier, message, ucred, tv);
1350 if (s->forward_to_kmsg)
1351 forward_kmsg(s, priority, identifier, message, ucred);
1353 if (s->forward_to_console)
1354 forward_console(s, priority, identifier, message, ucred);
1357 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1360 for (j = 0; j < n; j++) {
1364 if (iovec[j].iov_base < buffer ||
1365 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1366 free(iovec[j].iov_base);
1374 static void process_native_file(
1377 struct ucred *ucred,
1379 const char *label, size_t label_len) {
1388 /* Data is in the passed file, since it didn't fit in a
1389 * datagram. We can't map the file here, since clients might
1390 * then truncate it and trigger a SIGBUS for us. So let's
1391 * stupidly read it */
1393 if (fstat(fd, &st) < 0) {
1394 log_error("Failed to stat passed file, ignoring: %m");
1398 if (!S_ISREG(st.st_mode)) {
1399 log_error("File passed is not regular. Ignoring.");
1403 if (st.st_size <= 0)
1406 if (st.st_size > ENTRY_SIZE_MAX) {
1407 log_error("File passed too large. Ignoring.");
1411 p = malloc(st.st_size);
1413 log_error("Out of memory");
1417 n = pread(fd, p, st.st_size, 0);
1419 log_error("Failed to read file, ignoring: %s", strerror(-n));
1421 process_native_message(s, p, n, ucred, tv, label, label_len);
1426 static int stdout_stream_log(StdoutStream *s, const char *p) {
1427 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1428 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1432 size_t label_len = 0;
1440 priority = s->priority;
1442 if (s->level_prefix)
1443 parse_syslog_priority((char**) &p, &priority);
1445 if (s->forward_to_syslog || s->server->forward_to_syslog)
1446 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1448 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1449 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1451 if (s->forward_to_console || s->server->forward_to_console)
1452 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1454 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1456 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1457 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1459 if (priority & LOG_FACMASK)
1460 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1461 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1463 if (s->identifier) {
1464 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1465 if (syslog_identifier)
1466 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1469 message = strappend("MESSAGE=", p);
1471 IOVEC_SET_STRING(iovec[n++], message);
1474 if (s->security_context) {
1475 label = (char*) s->security_context;
1476 label_len = strlen((char*) s->security_context);
1480 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, priority);
1483 free(syslog_priority);
1484 free(syslog_facility);
1485 free(syslog_identifier);
1490 static int stdout_stream_line(StdoutStream *s, char *p) {
1500 case STDOUT_STREAM_IDENTIFIER:
1502 s->identifier = NULL;
1504 s->identifier = strdup(p);
1505 if (!s->identifier) {
1506 log_error("Out of memory");
1511 s->state = STDOUT_STREAM_PRIORITY;
1514 case STDOUT_STREAM_PRIORITY:
1515 r = safe_atoi(p, &s->priority);
1516 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1517 log_warning("Failed to parse log priority line.");
1521 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1524 case STDOUT_STREAM_LEVEL_PREFIX:
1525 r = parse_boolean(p);
1527 log_warning("Failed to parse level prefix line.");
1531 s->level_prefix = !!r;
1532 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1535 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1536 r = parse_boolean(p);
1538 log_warning("Failed to parse forward to syslog line.");
1542 s->forward_to_syslog = !!r;
1543 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1546 case STDOUT_STREAM_FORWARD_TO_KMSG:
1547 r = parse_boolean(p);
1549 log_warning("Failed to parse copy to kmsg line.");
1553 s->forward_to_kmsg = !!r;
1554 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1557 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1558 r = parse_boolean(p);
1560 log_warning("Failed to parse copy to console line.");
1564 s->forward_to_console = !!r;
1565 s->state = STDOUT_STREAM_RUNNING;
1568 case STDOUT_STREAM_RUNNING:
1569 return stdout_stream_log(s, p);
1572 assert_not_reached("Unknown stream state");
1575 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1583 remaining = s->length;
1588 end = memchr(p, '\n', remaining);
1591 else if (remaining >= sizeof(s->buffer) - 1) {
1592 end = p + sizeof(s->buffer) - 1;
1599 r = stdout_stream_line(s, p);
1607 if (force_flush && remaining > 0) {
1609 r = stdout_stream_line(s, p);
1617 if (p > s->buffer) {
1618 memmove(s->buffer, p, remaining);
1619 s->length = remaining;
1625 static int stdout_stream_process(StdoutStream *s) {
1631 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1634 if (errno == EAGAIN)
1637 log_warning("Failed to read from stream: %m");
1642 r = stdout_stream_scan(s, true);
1650 r = stdout_stream_scan(s, false);
1658 static void stdout_stream_free(StdoutStream *s) {
1662 assert(s->server->n_stdout_streams > 0);
1663 s->server->n_stdout_streams --;
1664 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1669 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1671 close_nointr_nofail(s->fd);
1675 if (s->security_context)
1676 freecon(s->security_context);
1679 free(s->identifier);
1683 static int stdout_stream_new(Server *s) {
1684 StdoutStream *stream;
1687 struct epoll_event ev;
1691 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1693 if (errno == EAGAIN)
1696 log_error("Failed to accept stdout connection: %m");
1700 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1701 log_warning("Too many stdout streams, refusing connection.");
1702 close_nointr_nofail(fd);
1706 stream = new0(StdoutStream, 1);
1708 log_error("Out of memory.");
1709 close_nointr_nofail(fd);
1715 len = sizeof(stream->ucred);
1716 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1717 log_error("Failed to determine peer credentials: %m");
1723 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1724 log_error("Failed to determine peer security context: %m");
1727 if (shutdown(fd, SHUT_WR) < 0) {
1728 log_error("Failed to shutdown writing side of socket: %m");
1734 ev.data.ptr = stream;
1735 ev.events = EPOLLIN;
1736 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1737 log_error("Failed to add stream to event loop: %m");
1743 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1744 s->n_stdout_streams ++;
1749 stdout_stream_free(stream);
1753 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1764 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1769 for (i = 1; i <= 5; i++) {
1775 k = undecchar(p[i]);
1782 for (i = 7; i <= 12; i++) {
1785 k = undecchar(p[i]);
1794 *_p += strspn(*_p, WHITESPACE);
1799 static bool is_us(const char *pid) {
1804 if (parse_pid(pid, &t) < 0)
1807 return t == getpid();
1810 static void proc_kmsg_line(Server *s, const char *p) {
1811 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1812 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1813 int priority = LOG_KERN | LOG_INFO;
1816 char *identifier = NULL, *pid = NULL;
1824 parse_syslog_priority((char **) &p, &priority);
1826 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1829 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1830 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1831 (unsigned long long) usec) >= 0)
1832 IOVEC_SET_STRING(iovec[n++], source_time);
1835 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1837 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1838 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1840 if ((priority & LOG_FACMASK) == LOG_KERN) {
1842 if (s->forward_to_syslog)
1843 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1845 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1847 read_identifier(&p, &identifier, &pid);
1849 /* Avoid any messages we generated ourselves via
1850 * log_info() and friends. */
1851 if (pid && is_us(pid))
1854 if (s->forward_to_syslog)
1855 forward_syslog(s, priority, identifier, p, NULL, NULL);
1858 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1859 if (syslog_identifier)
1860 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1864 syslog_pid = strappend("SYSLOG_PID=", pid);
1866 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1869 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1870 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1873 message = strappend("MESSAGE=", p);
1875 IOVEC_SET_STRING(iovec[n++], message);
1877 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
1881 free(syslog_priority);
1882 free(syslog_identifier);
1884 free(syslog_facility);
1890 static void proc_kmsg_scan(Server *s) {
1896 p = s->proc_kmsg_buffer;
1897 remaining = s->proc_kmsg_length;
1902 end = memchr(p, '\n', remaining);
1905 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1906 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1913 proc_kmsg_line(s, p);
1919 if (p > s->proc_kmsg_buffer) {
1920 memmove(s->proc_kmsg_buffer, p, remaining);
1921 s->proc_kmsg_length = remaining;
1925 static int system_journal_open(Server *s) {
1931 r = sd_id128_get_machine(&machine);
1935 sd_id128_to_string(machine, ids);
1937 if (!s->system_journal) {
1939 /* First try to create the machine path, but not the prefix */
1940 fn = strappend("/var/log/journal/", ids);
1943 (void) mkdir(fn, 0755);
1946 /* The create the system journal file */
1947 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1951 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1955 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1957 s->system_journal->metrics = s->system_metrics;
1958 s->system_journal->compress = s->compress;
1960 server_fix_perms(s, s->system_journal, 0);
1963 if (r != -ENOENT && r != -EROFS)
1964 log_warning("Failed to open system journal: %s", strerror(-r));
1970 if (!s->runtime_journal) {
1972 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1976 if (s->system_journal) {
1978 /* Try to open the runtime journal, but only
1979 * if it already exists, so that we can flush
1980 * it into the system journal */
1982 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
1987 log_warning("Failed to open runtime journal: %s", strerror(-r));
1994 /* OK, we really need the runtime journal, so create
1995 * it if necessary. */
1997 (void) mkdir_parents_label(fn, 0755);
1998 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2002 log_error("Failed to open runtime journal: %s", strerror(-r));
2007 if (s->runtime_journal) {
2008 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2010 s->runtime_journal->metrics = s->runtime_metrics;
2011 s->runtime_journal->compress = s->compress;
2013 server_fix_perms(s, s->runtime_journal, 0);
2020 static int server_flush_to_var(Server *s) {
2021 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2030 if (!s->runtime_journal)
2033 ts = now(CLOCK_MONOTONIC);
2034 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2037 s->var_available_timestamp = ts;
2039 system_journal_open(s);
2041 if (!s->system_journal)
2044 log_info("Flushing to /var...");
2046 r = sd_id128_get_machine(&machine);
2048 log_error("Failed to get machine id: %s", strerror(-r));
2052 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2054 log_error("Failed to read runtime journal: %s", strerror(-r));
2058 SD_JOURNAL_FOREACH(j) {
2061 f = j->current_file;
2062 assert(f && f->current_offset > 0);
2064 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2066 log_error("Can't read entry: %s", strerror(-r));
2070 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2072 log_info("Allocation limit reached.");
2074 journal_file_post_change(s->system_journal);
2078 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2082 log_error("Can't write entry: %s", strerror(-r));
2088 journal_file_post_change(s->system_journal);
2090 journal_file_close(s->runtime_journal);
2091 s->runtime_journal = NULL;
2094 sd_id128_to_string(machine, path + 17);
2095 rm_rf(path, false, true, false);
2101 static int server_read_proc_kmsg(Server *s) {
2104 assert(s->proc_kmsg_fd >= 0);
2106 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2109 if (errno == EAGAIN || errno == EINTR)
2112 log_error("Failed to read from kernel: %m");
2116 s->proc_kmsg_length += l;
2122 static int server_flush_proc_kmsg(Server *s) {
2127 if (s->proc_kmsg_fd < 0)
2130 log_info("Flushing /proc/kmsg...");
2133 r = server_read_proc_kmsg(s);
2144 static int process_event(Server *s, struct epoll_event *ev) {
2147 if (ev->data.fd == s->signal_fd) {
2148 struct signalfd_siginfo sfsi;
2151 if (ev->events != EPOLLIN) {
2152 log_info("Got invalid event from epoll.");
2156 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2157 if (n != sizeof(sfsi)) {
2162 if (errno == EINTR || errno == EAGAIN)
2168 if (sfsi.ssi_signo == SIGUSR1) {
2169 server_flush_to_var(s);
2173 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2176 } else if (ev->data.fd == s->proc_kmsg_fd) {
2179 if (ev->events != EPOLLIN) {
2180 log_info("Got invalid event from epoll.");
2184 r = server_read_proc_kmsg(s);
2190 } else if (ev->data.fd == s->native_fd ||
2191 ev->data.fd == s->syslog_fd) {
2193 if (ev->events != EPOLLIN) {
2194 log_info("Got invalid event from epoll.");
2199 struct msghdr msghdr;
2201 struct ucred *ucred = NULL;
2202 struct timeval *tv = NULL;
2203 struct cmsghdr *cmsg;
2205 size_t label_len = 0;
2207 struct cmsghdr cmsghdr;
2209 /* We use NAME_MAX space for the
2210 * SELinux label here. The kernel
2211 * currently enforces no limit, but
2212 * according to suggestions from the
2213 * SELinux people this will change and
2214 * it will probably be identical to
2215 * NAME_MAX. For now we use that, but
2216 * this should be updated one day when
2217 * the final limit is known.*/
2218 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2219 CMSG_SPACE(sizeof(struct timeval)) +
2220 CMSG_SPACE(sizeof(int)) + /* fd */
2221 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2228 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2229 log_error("SIOCINQ failed: %m");
2233 if (s->buffer_size < (size_t) v) {
2237 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2238 b = realloc(s->buffer, l+1);
2241 log_error("Couldn't increase buffer.");
2250 iovec.iov_base = s->buffer;
2251 iovec.iov_len = s->buffer_size;
2255 msghdr.msg_iov = &iovec;
2256 msghdr.msg_iovlen = 1;
2257 msghdr.msg_control = &control;
2258 msghdr.msg_controllen = sizeof(control);
2260 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2263 if (errno == EINTR || errno == EAGAIN)
2266 log_error("recvmsg() failed: %m");
2270 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2272 if (cmsg->cmsg_level == SOL_SOCKET &&
2273 cmsg->cmsg_type == SCM_CREDENTIALS &&
2274 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2275 ucred = (struct ucred*) CMSG_DATA(cmsg);
2276 else if (cmsg->cmsg_level == SOL_SOCKET &&
2277 cmsg->cmsg_type == SCM_SECURITY) {
2278 label = (char*) CMSG_DATA(cmsg);
2279 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2280 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2281 cmsg->cmsg_type == SO_TIMESTAMP &&
2282 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2283 tv = (struct timeval*) CMSG_DATA(cmsg);
2284 else if (cmsg->cmsg_level == SOL_SOCKET &&
2285 cmsg->cmsg_type == SCM_RIGHTS) {
2286 fds = (int*) CMSG_DATA(cmsg);
2287 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2291 if (ev->data.fd == s->syslog_fd) {
2294 if (n > 0 && n_fds == 0) {
2295 e = memchr(s->buffer, '\n', n);
2301 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2302 } else if (n_fds > 0)
2303 log_warning("Got file descriptors via syslog socket. Ignoring.");
2306 if (n > 0 && n_fds == 0)
2307 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2308 else if (n == 0 && n_fds == 1)
2309 process_native_file(s, fds[0], ucred, tv, label, label_len);
2311 log_warning("Got too many file descriptors via native socket. Ignoring.");
2314 close_many(fds, n_fds);
2319 } else if (ev->data.fd == s->stdout_fd) {
2321 if (ev->events != EPOLLIN) {
2322 log_info("Got invalid event from epoll.");
2326 stdout_stream_new(s);
2330 StdoutStream *stream;
2332 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2333 log_info("Got invalid event from epoll.");
2337 /* If it is none of the well-known fds, it must be an
2338 * stdout stream fd. Note that this is a bit ugly here
2339 * (since we rely that none of the well-known fds
2340 * could be interpreted as pointer), but nonetheless
2341 * safe, since the well-known fds would never get an
2342 * fd > 4096, i.e. beyond the first memory page */
2344 stream = ev->data.ptr;
2346 if (stdout_stream_process(stream) <= 0)
2347 stdout_stream_free(stream);
2352 log_error("Unknown event.");
2356 static int open_syslog_socket(Server *s) {
2357 union sockaddr_union sa;
2359 struct epoll_event ev;
2363 if (s->syslog_fd < 0) {
2365 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2366 if (s->syslog_fd < 0) {
2367 log_error("socket() failed: %m");
2372 sa.un.sun_family = AF_UNIX;
2373 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2375 unlink(sa.un.sun_path);
2377 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2379 log_error("bind() failed: %m");
2383 chmod(sa.un.sun_path, 0666);
2385 fd_nonblock(s->syslog_fd, 1);
2388 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2390 log_error("SO_PASSCRED failed: %m");
2396 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2398 log_warning("SO_PASSSEC failed: %m");
2402 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2404 log_error("SO_TIMESTAMP failed: %m");
2409 ev.events = EPOLLIN;
2410 ev.data.fd = s->syslog_fd;
2411 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2412 log_error("Failed to add syslog server fd to epoll object: %m");
2419 static int open_native_socket(Server*s) {
2420 union sockaddr_union sa;
2422 struct epoll_event ev;
2426 if (s->native_fd < 0) {
2428 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2429 if (s->native_fd < 0) {
2430 log_error("socket() failed: %m");
2435 sa.un.sun_family = AF_UNIX;
2436 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2438 unlink(sa.un.sun_path);
2440 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2442 log_error("bind() failed: %m");
2446 chmod(sa.un.sun_path, 0666);
2448 fd_nonblock(s->native_fd, 1);
2451 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2453 log_error("SO_PASSCRED failed: %m");
2459 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2461 log_warning("SO_PASSSEC failed: %m");
2465 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2467 log_error("SO_TIMESTAMP failed: %m");
2472 ev.events = EPOLLIN;
2473 ev.data.fd = s->native_fd;
2474 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2475 log_error("Failed to add native server fd to epoll object: %m");
2482 static int open_stdout_socket(Server *s) {
2483 union sockaddr_union sa;
2485 struct epoll_event ev;
2489 if (s->stdout_fd < 0) {
2491 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2492 if (s->stdout_fd < 0) {
2493 log_error("socket() failed: %m");
2498 sa.un.sun_family = AF_UNIX;
2499 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2501 unlink(sa.un.sun_path);
2503 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2505 log_error("bind() failed: %m");
2509 chmod(sa.un.sun_path, 0666);
2511 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2512 log_error("liste() failed: %m");
2516 fd_nonblock(s->stdout_fd, 1);
2519 ev.events = EPOLLIN;
2520 ev.data.fd = s->stdout_fd;
2521 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2522 log_error("Failed to add stdout server fd to epoll object: %m");
2529 static int open_proc_kmsg(Server *s) {
2530 struct epoll_event ev;
2534 if (!s->import_proc_kmsg)
2537 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2538 if (s->proc_kmsg_fd < 0) {
2539 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2544 ev.events = EPOLLIN;
2545 ev.data.fd = s->proc_kmsg_fd;
2546 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2547 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2554 static int open_signalfd(Server *s) {
2556 struct epoll_event ev;
2560 assert_se(sigemptyset(&mask) == 0);
2561 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, -1);
2562 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2564 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2565 if (s->signal_fd < 0) {
2566 log_error("signalfd(): %m");
2571 ev.events = EPOLLIN;
2572 ev.data.fd = s->signal_fd;
2574 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2575 log_error("epoll_ctl(): %m");
2582 static int server_parse_proc_cmdline(Server *s) {
2583 char *line, *w, *state;
2587 if (detect_container(NULL) > 0)
2590 r = read_one_line_file("/proc/cmdline", &line);
2592 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2596 FOREACH_WORD_QUOTED(w, l, line, state) {
2599 word = strndup(w, l);
2605 if (startswith(word, "systemd_journald.forward_to_syslog=")) {
2606 r = parse_boolean(word + 35);
2608 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2610 s->forward_to_syslog = r;
2611 } else if (startswith(word, "systemd_journald.forward_to_kmsg=")) {
2612 r = parse_boolean(word + 33);
2614 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2616 s->forward_to_kmsg = r;
2617 } else if (startswith(word, "systemd_journald.forward_to_console=")) {
2618 r = parse_boolean(word + 36);
2620 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2622 s->forward_to_console = r;
2635 static int server_parse_config_file(Server *s) {
2642 fn = "/etc/systemd/journald.conf";
2643 f = fopen(fn, "re");
2645 if (errno == ENOENT)
2648 log_warning("Failed to open configuration file %s: %m", fn);
2652 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2654 log_warning("Failed to parse configuration file: %s", strerror(-r));
2661 static int server_init(Server *s) {
2667 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2670 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2671 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2673 s->forward_to_syslog = true;
2674 s->import_proc_kmsg = true;
2676 s->max_level_store = LOG_DEBUG;
2677 s->max_level_syslog = LOG_DEBUG;
2678 s->max_level_kmsg = LOG_NOTICE;
2679 s->max_level_console = LOG_INFO;
2681 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2682 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2684 server_parse_config_file(s);
2685 server_parse_proc_cmdline(s);
2687 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2688 if (!s->user_journals) {
2689 log_error("Out of memory.");
2693 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2694 if (s->epoll_fd < 0) {
2695 log_error("Failed to create epoll object: %m");
2699 n = sd_listen_fds(true);
2701 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2705 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2707 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2709 if (s->native_fd >= 0) {
2710 log_error("Too many native sockets passed.");
2716 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2718 if (s->stdout_fd >= 0) {
2719 log_error("Too many stdout sockets passed.");
2725 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2727 if (s->syslog_fd >= 0) {
2728 log_error("Too many /dev/log sockets passed.");
2735 log_error("Unknown socket passed.");
2740 r = open_syslog_socket(s);
2744 r = open_native_socket(s);
2748 r = open_stdout_socket(s);
2752 r = open_proc_kmsg(s);
2756 r = open_signalfd(s);
2760 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2764 r = system_journal_open(s);
2771 static void server_done(Server *s) {
2775 while (s->stdout_streams)
2776 stdout_stream_free(s->stdout_streams);
2778 if (s->system_journal)
2779 journal_file_close(s->system_journal);
2781 if (s->runtime_journal)
2782 journal_file_close(s->runtime_journal);
2784 while ((f = hashmap_steal_first(s->user_journals)))
2785 journal_file_close(f);
2787 hashmap_free(s->user_journals);
2789 if (s->epoll_fd >= 0)
2790 close_nointr_nofail(s->epoll_fd);
2792 if (s->signal_fd >= 0)
2793 close_nointr_nofail(s->signal_fd);
2795 if (s->syslog_fd >= 0)
2796 close_nointr_nofail(s->syslog_fd);
2798 if (s->native_fd >= 0)
2799 close_nointr_nofail(s->native_fd);
2801 if (s->stdout_fd >= 0)
2802 close_nointr_nofail(s->stdout_fd);
2804 if (s->proc_kmsg_fd >= 0)
2805 close_nointr_nofail(s->proc_kmsg_fd);
2808 journal_rate_limit_free(s->rate_limit);
2814 int main(int argc, char *argv[]) {
2818 /* if (getppid() != 1) { */
2819 /* log_error("This program should be invoked by init only."); */
2820 /* return EXIT_FAILURE; */
2824 log_error("This program does not take arguments.");
2825 return EXIT_FAILURE;
2828 log_set_target(LOG_TARGET_SAFE);
2829 log_set_facility(LOG_SYSLOG);
2830 log_parse_environment();
2835 r = server_init(&server);
2839 server_vacuum(&server);
2840 server_flush_to_var(&server);
2841 server_flush_proc_kmsg(&server);
2843 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2844 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2848 "STATUS=Processing requests...");
2851 struct epoll_event event;
2853 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2859 log_error("epoll_wait() failed: %m");
2865 r = process_event(&server, &event);
2872 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2873 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2877 "STATUS=Shutting down...");
2879 server_done(&server);
2881 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;