1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_UNIT_ID,
81 STDOUT_STREAM_PRIORITY,
82 STDOUT_STREAM_LEVEL_PREFIX,
83 STDOUT_STREAM_FORWARD_TO_SYSLOG,
84 STDOUT_STREAM_FORWARD_TO_KMSG,
85 STDOUT_STREAM_FORWARD_TO_CONSOLE,
91 StdoutStreamState state;
97 security_context_t security_context;
104 bool forward_to_syslog:1;
105 bool forward_to_kmsg:1;
106 bool forward_to_console:1;
108 char buffer[LINE_MAX+1];
111 LIST_FIELDS(StdoutStream, stdout_stream);
114 static int server_flush_to_var(Server *s);
116 static uint64_t available_space(Server *s) {
121 uint64_t sum = 0, avail = 0, ss_avail = 0;
127 ts = now(CLOCK_MONOTONIC);
129 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
130 return s->cached_available_space;
132 r = sd_id128_get_machine(&machine);
136 if (s->system_journal) {
137 f = "/var/log/journal/";
138 m = &s->system_metrics;
140 f = "/run/log/journal/";
141 m = &s->runtime_metrics;
146 p = strappend(f, sd_id128_to_string(machine, ids));
156 if (fstatvfs(dirfd(d), &ss) < 0)
161 struct dirent buf, *de;
163 r = readdir_r(d, &buf, &de);
170 if (!endswith(de->d_name, ".journal") &&
171 !endswith(de->d_name, ".journal~"))
174 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
177 if (!S_ISREG(st.st_mode))
180 sum += (uint64_t) st.st_blocks * 512UL;
183 avail = sum >= m->max_use ? 0 : m->max_use - sum;
185 ss_avail = ss.f_bsize * ss.f_bavail;
187 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
189 if (ss_avail < avail)
192 s->cached_available_space = avail;
193 s->cached_available_space_timestamp = ts;
201 static void server_read_file_gid(Server *s) {
202 const char *adm = "adm";
207 if (s->file_gid_valid)
210 r = get_group_creds(&adm, &s->file_gid);
212 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
214 /* if we couldn't read the gid, then it will be 0, but that's
215 * fine and we shouldn't try to resolve the group again, so
216 * let's just pretend it worked right-away. */
217 s->file_gid_valid = true;
220 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
225 acl_permset_t permset;
230 server_read_file_gid(s);
232 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
234 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
240 acl = acl_get_fd(f->fd);
242 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
246 r = acl_find_uid(acl, uid, &entry);
249 if (acl_create_entry(&acl, &entry) < 0 ||
250 acl_set_tag_type(entry, ACL_USER) < 0 ||
251 acl_set_qualifier(entry, &uid) < 0) {
252 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
257 if (acl_get_permset(entry, &permset) < 0 ||
258 acl_add_perm(permset, ACL_READ) < 0 ||
259 acl_calc_mask(&acl) < 0) {
260 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
264 if (acl_set_fd(f->fd, acl) < 0)
265 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
272 static JournalFile* find_journal(Server *s, uid_t uid) {
281 /* We split up user logs only on /var, not on /run. If the
282 * runtime file is open, we write to it exclusively, in order
283 * to guarantee proper order as soon as we flush /run to
284 * /var and close the runtime file. */
286 if (s->runtime_journal)
287 return s->runtime_journal;
290 return s->system_journal;
292 r = sd_id128_get_machine(&machine);
294 return s->system_journal;
296 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
300 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
301 return s->system_journal;
303 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
304 /* Too many open? Then let's close one */
305 f = hashmap_steal_first(s->user_journals);
307 journal_file_close(f);
310 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
314 return s->system_journal;
316 server_fix_perms(s, f, uid);
318 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
320 journal_file_close(f);
321 return s->system_journal;
327 static void server_rotate(Server *s) {
333 log_info("Rotating...");
335 if (s->runtime_journal) {
336 r = journal_file_rotate(&s->runtime_journal);
338 if (s->runtime_journal)
339 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
341 log_error("Failed to create new runtime journal: %s", strerror(-r));
343 server_fix_perms(s, s->runtime_journal, 0);
346 if (s->system_journal) {
347 r = journal_file_rotate(&s->system_journal);
349 if (s->system_journal)
350 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
352 log_error("Failed to create new system journal: %s", strerror(-r));
355 server_fix_perms(s, s->system_journal, 0);
358 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
359 r = journal_file_rotate(&f);
362 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
364 log_error("Failed to create user journal: %s", strerror(-r));
366 hashmap_replace(s->user_journals, k, f);
367 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
372 static void server_vacuum(Server *s) {
378 log_info("Vacuuming...");
380 r = sd_id128_get_machine(&machine);
382 log_error("Failed to get machine ID: %s", strerror(-r));
386 sd_id128_to_string(machine, ids);
388 if (s->system_journal) {
389 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
390 log_error("Out of memory.");
394 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
395 if (r < 0 && r != -ENOENT)
396 log_error("Failed to vacuum %s: %s", p, strerror(-r));
401 if (s->runtime_journal) {
402 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
403 log_error("Out of memory.");
407 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
408 if (r < 0 && r != -ENOENT)
409 log_error("Failed to vacuum %s: %s", p, strerror(-r));
413 s->cached_available_space_timestamp = 0;
416 static char *shortened_cgroup_path(pid_t pid) {
418 char *process_path, *init_path, *path;
422 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
426 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
432 if (endswith(init_path, "/system"))
433 init_path[strlen(init_path) - 7] = 0;
434 else if (streq(init_path, "/"))
437 if (startswith(process_path, init_path)) {
440 p = strdup(process_path + strlen(init_path));
458 static void dispatch_message_real(
460 struct iovec *iovec, unsigned n, unsigned m,
463 const char *label, size_t label_len,
464 const char *unit_id) {
466 char *pid = NULL, *uid = NULL, *gid = NULL,
467 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
468 *comm = NULL, *cmdline = NULL, *hostname = NULL,
469 *audit_session = NULL, *audit_loginuid = NULL,
470 *exe = NULL, *cgroup = NULL, *session = NULL,
471 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
477 uid_t loginuid = 0, realuid = 0;
479 bool vacuumed = false;
484 assert(n + N_IOVEC_META_FIELDS <= m);
492 realuid = ucred->uid;
494 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
495 IOVEC_SET_STRING(iovec[n++], pid);
497 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
498 IOVEC_SET_STRING(iovec[n++], uid);
500 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
501 IOVEC_SET_STRING(iovec[n++], gid);
503 r = get_process_comm(ucred->pid, &t);
505 comm = strappend("_COMM=", t);
509 IOVEC_SET_STRING(iovec[n++], comm);
512 r = get_process_exe(ucred->pid, &t);
514 exe = strappend("_EXE=", t);
518 IOVEC_SET_STRING(iovec[n++], exe);
521 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
523 cmdline = strappend("_CMDLINE=", t);
527 IOVEC_SET_STRING(iovec[n++], cmdline);
530 r = audit_session_from_pid(ucred->pid, &audit);
532 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
533 IOVEC_SET_STRING(iovec[n++], audit_session);
535 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
537 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
538 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
540 t = shortened_cgroup_path(ucred->pid);
542 cgroup = strappend("_SYSTEMD_CGROUP=", t);
546 IOVEC_SET_STRING(iovec[n++], cgroup);
550 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
551 session = strappend("_SYSTEMD_SESSION=", t);
555 IOVEC_SET_STRING(iovec[n++], session);
558 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
559 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
560 IOVEC_SET_STRING(iovec[n++], owner_uid);
563 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
564 unit = strappend("_SYSTEMD_UNIT=", t);
567 unit = strappend("_SYSTEMD_UNIT=", unit_id);
570 IOVEC_SET_STRING(iovec[n++], unit);
574 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
575 if (selinux_context) {
576 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
577 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
578 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
579 IOVEC_SET_STRING(iovec[n++], selinux_context);
582 security_context_t con;
584 if (getpidcon(ucred->pid, &con) >= 0) {
585 selinux_context = strappend("_SELINUX_CONTEXT=", con);
587 IOVEC_SET_STRING(iovec[n++], selinux_context);
596 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
597 (unsigned long long) timeval_load(tv)) >= 0)
598 IOVEC_SET_STRING(iovec[n++], source_time);
601 /* Note that strictly speaking storing the boot id here is
602 * redundant since the entry includes this in-line
603 * anyway. However, we need this indexed, too. */
604 r = sd_id128_get_boot(&id);
606 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
607 IOVEC_SET_STRING(iovec[n++], boot_id);
609 r = sd_id128_get_machine(&id);
611 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
612 IOVEC_SET_STRING(iovec[n++], machine_id);
614 t = gethostname_malloc();
616 hostname = strappend("_HOSTNAME=", t);
619 IOVEC_SET_STRING(iovec[n++], hostname);
624 server_flush_to_var(s);
627 f = find_journal(s, realuid == 0 ? 0 : loginuid);
629 log_warning("Dropping message, as we can't find a place to store the data.");
631 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
633 if ((r == -E2BIG || /* hit limit */
634 r == -EFBIG || /* hit fs limit */
635 r == -EDQUOT || /* quota hit */
636 r == -ENOSPC || /* disk full */
637 r == -EBADMSG || /* corrupted */
638 r == -ENODATA || /* truncated */
639 r == -EHOSTDOWN || /* other machine */
640 r == -EPROTONOSUPPORT) && /* unsupported feature */
644 log_info("Allocation limit reached, rotating.");
646 log_warning("Journal file corrupted, rotating.");
652 log_info("Retrying write.");
657 log_error("Failed to write entry, ignoring: %s", strerror(-r));
671 free(audit_loginuid);
676 free(selinux_context);
679 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
680 char mid[11 + 32 + 1];
681 char buffer[16 + LINE_MAX + 1];
682 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
690 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
691 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
693 memcpy(buffer, "MESSAGE=", 8);
694 va_start(ap, format);
695 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
697 char_array_0(buffer);
698 IOVEC_SET_STRING(iovec[n++], buffer);
700 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
702 IOVEC_SET_STRING(iovec[n++], mid);
705 ucred.pid = getpid();
706 ucred.uid = getuid();
707 ucred.gid = getgid();
709 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
712 static void dispatch_message(Server *s,
713 struct iovec *iovec, unsigned n, unsigned m,
716 const char *label, size_t label_len,
720 char *path = NULL, *c;
723 assert(iovec || n == 0);
728 if (LOG_PRI(priority) > s->max_level_store)
734 path = shortened_cgroup_path(ucred->pid);
738 /* example: /user/lennart/3/foobar
739 * /system/dbus.service/foobar
741 * So let's cut of everything past the third /, since that is
742 * wher user directories start */
744 c = strchr(path, '/');
746 c = strchr(c+1, '/');
748 c = strchr(c+1, '/');
754 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
761 /* Write a suppression message if we suppressed something */
763 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
768 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
771 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
772 struct msghdr msghdr;
773 struct cmsghdr *cmsg;
775 struct cmsghdr cmsghdr;
776 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
778 union sockaddr_union sa;
785 msghdr.msg_iov = (struct iovec*) iovec;
786 msghdr.msg_iovlen = n_iovec;
789 sa.un.sun_family = AF_UNIX;
790 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
791 msghdr.msg_name = &sa;
792 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
796 msghdr.msg_control = &control;
797 msghdr.msg_controllen = sizeof(control);
799 cmsg = CMSG_FIRSTHDR(&msghdr);
800 cmsg->cmsg_level = SOL_SOCKET;
801 cmsg->cmsg_type = SCM_CREDENTIALS;
802 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
803 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
804 msghdr.msg_controllen = cmsg->cmsg_len;
807 /* Forward the syslog message we received via /dev/log to
808 * /run/systemd/syslog. Unfortunately we currently can't set
809 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
811 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
814 /* The socket is full? I guess the syslog implementation is
815 * too slow, and we shouldn't wait for that... */
819 if (ucred && errno == ESRCH) {
822 /* Hmm, presumably the sender process vanished
823 * by now, so let's fix it as good as we
828 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
830 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
837 log_debug("Failed to forward syslog message: %m");
840 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
846 if (LOG_PRI(priority) > s->max_level_syslog)
849 IOVEC_SET_STRING(iovec, buffer);
850 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
853 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
854 struct iovec iovec[5];
855 char header_priority[6], header_time[64], header_pid[16];
859 char *ident_buf = NULL;
862 assert(priority >= 0);
863 assert(priority <= 999);
866 if (LOG_PRI(priority) > s->max_level_syslog)
869 /* First: priority field */
870 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
871 char_array_0(header_priority);
872 IOVEC_SET_STRING(iovec[n++], header_priority);
874 /* Second: timestamp */
875 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
879 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
881 IOVEC_SET_STRING(iovec[n++], header_time);
883 /* Third: identifier and PID */
886 get_process_comm(ucred->pid, &ident_buf);
887 identifier = ident_buf;
890 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
891 char_array_0(header_pid);
894 IOVEC_SET_STRING(iovec[n++], identifier);
896 IOVEC_SET_STRING(iovec[n++], header_pid);
897 } else if (identifier) {
898 IOVEC_SET_STRING(iovec[n++], identifier);
899 IOVEC_SET_STRING(iovec[n++], ": ");
902 /* Fourth: message */
903 IOVEC_SET_STRING(iovec[n++], message);
905 forward_syslog_iovec(s, iovec, n, ucred, tv);
910 static int fixup_priority(int priority) {
912 if ((priority & LOG_FACMASK) == 0)
913 return (priority & LOG_PRIMASK) | LOG_USER;
918 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
919 struct iovec iovec[5];
920 char header_priority[6], header_pid[16];
922 char *ident_buf = NULL;
926 assert(priority >= 0);
927 assert(priority <= 999);
930 if (LOG_PRI(priority) > s->max_level_kmsg)
933 /* Never allow messages with kernel facility to be written to
934 * kmsg, regardless where the data comes from. */
935 priority = fixup_priority(priority);
937 /* First: priority field */
938 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
939 char_array_0(header_priority);
940 IOVEC_SET_STRING(iovec[n++], header_priority);
942 /* Second: identifier and PID */
945 get_process_comm(ucred->pid, &ident_buf);
946 identifier = ident_buf;
949 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
950 char_array_0(header_pid);
953 IOVEC_SET_STRING(iovec[n++], identifier);
955 IOVEC_SET_STRING(iovec[n++], header_pid);
956 } else if (identifier) {
957 IOVEC_SET_STRING(iovec[n++], identifier);
958 IOVEC_SET_STRING(iovec[n++], ": ");
961 /* Fourth: message */
962 IOVEC_SET_STRING(iovec[n++], message);
963 IOVEC_SET_STRING(iovec[n++], "\n");
965 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
967 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
971 if (writev(fd, iovec, n) < 0)
972 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
974 close_nointr_nofail(fd);
980 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
981 struct iovec iovec[4];
984 char *ident_buf = NULL;
990 if (LOG_PRI(priority) > s->max_level_console)
993 /* First: identifier and PID */
996 get_process_comm(ucred->pid, &ident_buf);
997 identifier = ident_buf;
1000 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1001 char_array_0(header_pid);
1004 IOVEC_SET_STRING(iovec[n++], identifier);
1006 IOVEC_SET_STRING(iovec[n++], header_pid);
1007 } else if (identifier) {
1008 IOVEC_SET_STRING(iovec[n++], identifier);
1009 IOVEC_SET_STRING(iovec[n++], ": ");
1012 /* Third: message */
1013 IOVEC_SET_STRING(iovec[n++], message);
1014 IOVEC_SET_STRING(iovec[n++], "\n");
1016 tty = s->tty_path ? s->tty_path : "/dev/console";
1018 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1020 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1024 if (writev(fd, iovec, n) < 0)
1025 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1027 close_nointr_nofail(fd);
1033 static void read_identifier(const char **buf, char **identifier, char **pid) {
1044 p += strspn(p, WHITESPACE);
1045 l = strcspn(p, WHITESPACE);
1054 if (p[l-1] == ']') {
1060 t = strndup(p+k+1, l-k-2);
1080 *buf += strspn(*buf, WHITESPACE);
1083 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1084 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1085 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1087 int priority = LOG_USER | LOG_INFO;
1088 char *identifier = NULL, *pid = NULL;
1095 parse_syslog_priority((char**) &buf, &priority);
1097 if (s->forward_to_syslog)
1098 forward_syslog_raw(s, priority, orig, ucred, tv);
1100 skip_syslog_date((char**) &buf);
1101 read_identifier(&buf, &identifier, &pid);
1103 if (s->forward_to_kmsg)
1104 forward_kmsg(s, priority, identifier, buf, ucred);
1106 if (s->forward_to_console)
1107 forward_console(s, priority, identifier, buf, ucred);
1109 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1111 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1112 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1114 if (priority & LOG_FACMASK)
1115 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1116 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1119 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1120 if (syslog_identifier)
1121 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1125 syslog_pid = strappend("SYSLOG_PID=", pid);
1127 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1130 message = strappend("MESSAGE=", buf);
1132 IOVEC_SET_STRING(iovec[n++], message);
1134 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1139 free(syslog_priority);
1140 free(syslog_facility);
1141 free(syslog_identifier);
1144 static bool valid_user_field(const char *p, size_t l) {
1147 /* We kinda enforce POSIX syntax recommendations for
1148 environment variables here, but make a couple of additional
1151 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1153 /* No empty field names */
1157 /* Don't allow names longer than 64 chars */
1161 /* Variables starting with an underscore are protected */
1165 /* Don't allow digits as first character */
1166 if (p[0] >= '0' && p[0] <= '9')
1169 /* Only allow A-Z0-9 and '_' */
1170 for (a = p; a < p + l; a++)
1171 if (!((*a >= 'A' && *a <= 'Z') ||
1172 (*a >= '0' && *a <= '9') ||
1179 static void process_native_message(
1181 const void *buffer, size_t buffer_size,
1182 struct ucred *ucred,
1184 const char *label, size_t label_len) {
1186 struct iovec *iovec = NULL;
1187 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1190 int priority = LOG_INFO;
1191 char *identifier = NULL, *message = NULL;
1194 assert(buffer || buffer_size == 0);
1197 remaining = buffer_size;
1199 while (remaining > 0) {
1202 e = memchr(p, '\n', remaining);
1205 /* Trailing noise, let's ignore it, and flush what we collected */
1206 log_debug("Received message with trailing noise, ignoring.");
1211 /* Entry separator */
1212 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1214 priority = LOG_INFO;
1221 if (*p == '.' || *p == '#') {
1222 /* Ignore control commands for now, and
1224 remaining -= (e - p) + 1;
1229 /* A property follows */
1231 if (n+N_IOVEC_META_FIELDS >= m) {
1235 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1236 c = realloc(iovec, u * sizeof(struct iovec));
1238 log_error("Out of memory");
1246 q = memchr(p, '=', e - p);
1248 if (valid_user_field(p, q - p)) {
1253 /* If the field name starts with an
1254 * underscore, skip the variable,
1255 * since that indidates a trusted
1257 iovec[n].iov_base = (char*) p;
1258 iovec[n].iov_len = l;
1261 /* We need to determine the priority
1262 * of this entry for the rate limiting
1265 memcmp(p, "PRIORITY=", 9) == 0 &&
1266 p[9] >= '0' && p[9] <= '9')
1267 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1270 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1271 p[16] >= '0' && p[16] <= '9')
1272 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1275 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1276 p[16] >= '0' && p[16] <= '9' &&
1277 p[17] >= '0' && p[17] <= '9')
1278 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1281 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1284 t = strndup(p + 18, l - 18);
1289 } else if (l >= 8 &&
1290 memcmp(p, "MESSAGE=", 8) == 0) {
1293 t = strndup(p + 8, l - 8);
1301 remaining -= (e - p) + 1;
1309 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1310 log_debug("Failed to parse message, ignoring.");
1314 memcpy(&l_le, e + 1, sizeof(uint64_t));
1317 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1318 e[1+sizeof(uint64_t)+l] != '\n') {
1319 log_debug("Failed to parse message, ignoring.");
1323 k = malloc((e - p) + 1 + l);
1325 log_error("Out of memory");
1329 memcpy(k, p, e - p);
1331 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1333 if (valid_user_field(p, e - p)) {
1334 iovec[n].iov_base = k;
1335 iovec[n].iov_len = (e - p) + 1 + l;
1340 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1341 p = e + 1 + sizeof(uint64_t) + l + 1;
1349 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1352 if (s->forward_to_syslog)
1353 forward_syslog(s, priority, identifier, message, ucred, tv);
1355 if (s->forward_to_kmsg)
1356 forward_kmsg(s, priority, identifier, message, ucred);
1358 if (s->forward_to_console)
1359 forward_console(s, priority, identifier, message, ucred);
1362 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1365 for (j = 0; j < n; j++) {
1369 if (iovec[j].iov_base < buffer ||
1370 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1371 free(iovec[j].iov_base);
1379 static void process_native_file(
1382 struct ucred *ucred,
1384 const char *label, size_t label_len) {
1393 /* Data is in the passed file, since it didn't fit in a
1394 * datagram. We can't map the file here, since clients might
1395 * then truncate it and trigger a SIGBUS for us. So let's
1396 * stupidly read it */
1398 if (fstat(fd, &st) < 0) {
1399 log_error("Failed to stat passed file, ignoring: %m");
1403 if (!S_ISREG(st.st_mode)) {
1404 log_error("File passed is not regular. Ignoring.");
1408 if (st.st_size <= 0)
1411 if (st.st_size > ENTRY_SIZE_MAX) {
1412 log_error("File passed too large. Ignoring.");
1416 p = malloc(st.st_size);
1418 log_error("Out of memory");
1422 n = pread(fd, p, st.st_size, 0);
1424 log_error("Failed to read file, ignoring: %s", strerror(-n));
1426 process_native_message(s, p, n, ucred, tv, label, label_len);
1431 static int stdout_stream_log(StdoutStream *s, const char *p) {
1432 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1433 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1437 size_t label_len = 0;
1445 priority = s->priority;
1447 if (s->level_prefix)
1448 parse_syslog_priority((char**) &p, &priority);
1450 if (s->forward_to_syslog || s->server->forward_to_syslog)
1451 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1453 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1454 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1456 if (s->forward_to_console || s->server->forward_to_console)
1457 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1459 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1461 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1462 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1464 if (priority & LOG_FACMASK)
1465 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1466 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1468 if (s->identifier) {
1469 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1470 if (syslog_identifier)
1471 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1474 message = strappend("MESSAGE=", p);
1476 IOVEC_SET_STRING(iovec[n++], message);
1479 if (s->security_context) {
1480 label = (char*) s->security_context;
1481 label_len = strlen((char*) s->security_context);
1485 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1488 free(syslog_priority);
1489 free(syslog_facility);
1490 free(syslog_identifier);
1495 static int stdout_stream_line(StdoutStream *s, char *p) {
1505 case STDOUT_STREAM_IDENTIFIER:
1507 s->identifier = NULL;
1509 s->identifier = strdup(p);
1510 if (!s->identifier) {
1511 log_error("Out of memory");
1516 s->state = STDOUT_STREAM_UNIT_ID;
1519 case STDOUT_STREAM_UNIT_ID:
1520 if (s->ucred.uid == 0) {
1524 s->unit_id = strdup(p);
1526 log_error("Out of memory");
1532 s->state = STDOUT_STREAM_PRIORITY;
1535 case STDOUT_STREAM_PRIORITY:
1536 r = safe_atoi(p, &s->priority);
1537 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1538 log_warning("Failed to parse log priority line.");
1542 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1545 case STDOUT_STREAM_LEVEL_PREFIX:
1546 r = parse_boolean(p);
1548 log_warning("Failed to parse level prefix line.");
1552 s->level_prefix = !!r;
1553 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1556 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1557 r = parse_boolean(p);
1559 log_warning("Failed to parse forward to syslog line.");
1563 s->forward_to_syslog = !!r;
1564 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1567 case STDOUT_STREAM_FORWARD_TO_KMSG:
1568 r = parse_boolean(p);
1570 log_warning("Failed to parse copy to kmsg line.");
1574 s->forward_to_kmsg = !!r;
1575 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1578 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1579 r = parse_boolean(p);
1581 log_warning("Failed to parse copy to console line.");
1585 s->forward_to_console = !!r;
1586 s->state = STDOUT_STREAM_RUNNING;
1589 case STDOUT_STREAM_RUNNING:
1590 return stdout_stream_log(s, p);
1593 assert_not_reached("Unknown stream state");
1596 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1604 remaining = s->length;
1609 end = memchr(p, '\n', remaining);
1612 else if (remaining >= sizeof(s->buffer) - 1) {
1613 end = p + sizeof(s->buffer) - 1;
1620 r = stdout_stream_line(s, p);
1628 if (force_flush && remaining > 0) {
1630 r = stdout_stream_line(s, p);
1638 if (p > s->buffer) {
1639 memmove(s->buffer, p, remaining);
1640 s->length = remaining;
1646 static int stdout_stream_process(StdoutStream *s) {
1652 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1655 if (errno == EAGAIN)
1658 log_warning("Failed to read from stream: %m");
1663 r = stdout_stream_scan(s, true);
1671 r = stdout_stream_scan(s, false);
1679 static void stdout_stream_free(StdoutStream *s) {
1683 assert(s->server->n_stdout_streams > 0);
1684 s->server->n_stdout_streams --;
1685 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1690 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1692 close_nointr_nofail(s->fd);
1696 if (s->security_context)
1697 freecon(s->security_context);
1700 free(s->identifier);
1704 static int stdout_stream_new(Server *s) {
1705 StdoutStream *stream;
1708 struct epoll_event ev;
1712 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1714 if (errno == EAGAIN)
1717 log_error("Failed to accept stdout connection: %m");
1721 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1722 log_warning("Too many stdout streams, refusing connection.");
1723 close_nointr_nofail(fd);
1727 stream = new0(StdoutStream, 1);
1729 log_error("Out of memory.");
1730 close_nointr_nofail(fd);
1736 len = sizeof(stream->ucred);
1737 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1738 log_error("Failed to determine peer credentials: %m");
1744 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1745 log_error("Failed to determine peer security context: %m");
1748 if (shutdown(fd, SHUT_WR) < 0) {
1749 log_error("Failed to shutdown writing side of socket: %m");
1755 ev.data.ptr = stream;
1756 ev.events = EPOLLIN;
1757 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1758 log_error("Failed to add stream to event loop: %m");
1764 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1765 s->n_stdout_streams ++;
1770 stdout_stream_free(stream);
1774 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1785 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1790 for (i = 1; i <= 5; i++) {
1796 k = undecchar(p[i]);
1803 for (i = 7; i <= 12; i++) {
1806 k = undecchar(p[i]);
1815 *_p += strspn(*_p, WHITESPACE);
1820 static bool is_us(const char *pid) {
1825 if (parse_pid(pid, &t) < 0)
1828 return t == getpid();
1831 static void proc_kmsg_line(Server *s, const char *p) {
1832 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1833 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1834 int priority = LOG_KERN | LOG_INFO;
1837 char *identifier = NULL, *pid = NULL;
1845 parse_syslog_priority((char **) &p, &priority);
1847 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1850 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1851 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1852 (unsigned long long) usec) >= 0)
1853 IOVEC_SET_STRING(iovec[n++], source_time);
1856 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1858 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1859 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1861 if ((priority & LOG_FACMASK) == LOG_KERN) {
1863 if (s->forward_to_syslog)
1864 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1866 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1868 read_identifier(&p, &identifier, &pid);
1870 /* Avoid any messages we generated ourselves via
1871 * log_info() and friends. */
1872 if (pid && is_us(pid))
1875 if (s->forward_to_syslog)
1876 forward_syslog(s, priority, identifier, p, NULL, NULL);
1879 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1880 if (syslog_identifier)
1881 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1885 syslog_pid = strappend("SYSLOG_PID=", pid);
1887 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1890 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1891 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1894 message = strappend("MESSAGE=", p);
1896 IOVEC_SET_STRING(iovec[n++], message);
1898 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1902 free(syslog_priority);
1903 free(syslog_identifier);
1905 free(syslog_facility);
1911 static void proc_kmsg_scan(Server *s) {
1917 p = s->proc_kmsg_buffer;
1918 remaining = s->proc_kmsg_length;
1923 end = memchr(p, '\n', remaining);
1926 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1927 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1934 proc_kmsg_line(s, p);
1940 if (p > s->proc_kmsg_buffer) {
1941 memmove(s->proc_kmsg_buffer, p, remaining);
1942 s->proc_kmsg_length = remaining;
1946 static int system_journal_open(Server *s) {
1952 r = sd_id128_get_machine(&machine);
1956 sd_id128_to_string(machine, ids);
1958 if (!s->system_journal) {
1960 /* First try to create the machine path, but not the prefix */
1961 fn = strappend("/var/log/journal/", ids);
1964 (void) mkdir(fn, 0755);
1967 /* The create the system journal file */
1968 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1972 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1976 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1978 s->system_journal->metrics = s->system_metrics;
1979 s->system_journal->compress = s->compress;
1981 server_fix_perms(s, s->system_journal, 0);
1984 if (r != -ENOENT && r != -EROFS)
1985 log_warning("Failed to open system journal: %s", strerror(-r));
1991 if (!s->runtime_journal) {
1993 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1997 if (s->system_journal) {
1999 /* Try to open the runtime journal, but only
2000 * if it already exists, so that we can flush
2001 * it into the system journal */
2003 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
2008 log_warning("Failed to open runtime journal: %s", strerror(-r));
2015 /* OK, we really need the runtime journal, so create
2016 * it if necessary. */
2018 (void) mkdir_parents_label(fn, 0755);
2019 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2023 log_error("Failed to open runtime journal: %s", strerror(-r));
2028 if (s->runtime_journal) {
2029 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2031 s->runtime_journal->metrics = s->runtime_metrics;
2032 s->runtime_journal->compress = s->compress;
2034 server_fix_perms(s, s->runtime_journal, 0);
2041 static int server_flush_to_var(Server *s) {
2042 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2051 if (!s->runtime_journal)
2054 ts = now(CLOCK_MONOTONIC);
2055 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2058 s->var_available_timestamp = ts;
2060 system_journal_open(s);
2062 if (!s->system_journal)
2065 log_info("Flushing to /var...");
2067 r = sd_id128_get_machine(&machine);
2069 log_error("Failed to get machine id: %s", strerror(-r));
2073 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2075 log_error("Failed to read runtime journal: %s", strerror(-r));
2079 SD_JOURNAL_FOREACH(j) {
2082 f = j->current_file;
2083 assert(f && f->current_offset > 0);
2085 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2087 log_error("Can't read entry: %s", strerror(-r));
2091 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2093 log_info("Allocation limit reached.");
2095 journal_file_post_change(s->system_journal);
2099 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2103 log_error("Can't write entry: %s", strerror(-r));
2109 journal_file_post_change(s->system_journal);
2111 journal_file_close(s->runtime_journal);
2112 s->runtime_journal = NULL;
2115 sd_id128_to_string(machine, path + 17);
2116 rm_rf(path, false, true, false);
2122 static int server_read_proc_kmsg(Server *s) {
2125 assert(s->proc_kmsg_fd >= 0);
2127 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2130 if (errno == EAGAIN || errno == EINTR)
2133 log_error("Failed to read from kernel: %m");
2137 s->proc_kmsg_length += l;
2143 static int server_flush_proc_kmsg(Server *s) {
2148 if (s->proc_kmsg_fd < 0)
2151 log_info("Flushing /proc/kmsg...");
2154 r = server_read_proc_kmsg(s);
2165 static int process_event(Server *s, struct epoll_event *ev) {
2169 if (ev->data.fd == s->signal_fd) {
2170 struct signalfd_siginfo sfsi;
2173 if (ev->events != EPOLLIN) {
2174 log_info("Got invalid event from epoll.");
2178 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2179 if (n != sizeof(sfsi)) {
2184 if (errno == EINTR || errno == EAGAIN)
2190 if (sfsi.ssi_signo == SIGUSR1) {
2191 server_flush_to_var(s);
2195 if (sfsi.ssi_signo == SIGUSR2) {
2201 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2204 } else if (ev->data.fd == s->proc_kmsg_fd) {
2207 if (ev->events != EPOLLIN) {
2208 log_info("Got invalid event from epoll.");
2212 r = server_read_proc_kmsg(s);
2218 } else if (ev->data.fd == s->native_fd ||
2219 ev->data.fd == s->syslog_fd) {
2221 if (ev->events != EPOLLIN) {
2222 log_info("Got invalid event from epoll.");
2227 struct msghdr msghdr;
2229 struct ucred *ucred = NULL;
2230 struct timeval *tv = NULL;
2231 struct cmsghdr *cmsg;
2233 size_t label_len = 0;
2235 struct cmsghdr cmsghdr;
2237 /* We use NAME_MAX space for the
2238 * SELinux label here. The kernel
2239 * currently enforces no limit, but
2240 * according to suggestions from the
2241 * SELinux people this will change and
2242 * it will probably be identical to
2243 * NAME_MAX. For now we use that, but
2244 * this should be updated one day when
2245 * the final limit is known.*/
2246 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2247 CMSG_SPACE(sizeof(struct timeval)) +
2248 CMSG_SPACE(sizeof(int)) + /* fd */
2249 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2256 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2257 log_error("SIOCINQ failed: %m");
2261 if (s->buffer_size < (size_t) v) {
2265 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2266 b = realloc(s->buffer, l+1);
2269 log_error("Couldn't increase buffer.");
2278 iovec.iov_base = s->buffer;
2279 iovec.iov_len = s->buffer_size;
2283 msghdr.msg_iov = &iovec;
2284 msghdr.msg_iovlen = 1;
2285 msghdr.msg_control = &control;
2286 msghdr.msg_controllen = sizeof(control);
2288 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2291 if (errno == EINTR || errno == EAGAIN)
2294 log_error("recvmsg() failed: %m");
2298 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2300 if (cmsg->cmsg_level == SOL_SOCKET &&
2301 cmsg->cmsg_type == SCM_CREDENTIALS &&
2302 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2303 ucred = (struct ucred*) CMSG_DATA(cmsg);
2304 else if (cmsg->cmsg_level == SOL_SOCKET &&
2305 cmsg->cmsg_type == SCM_SECURITY) {
2306 label = (char*) CMSG_DATA(cmsg);
2307 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2308 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2309 cmsg->cmsg_type == SO_TIMESTAMP &&
2310 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2311 tv = (struct timeval*) CMSG_DATA(cmsg);
2312 else if (cmsg->cmsg_level == SOL_SOCKET &&
2313 cmsg->cmsg_type == SCM_RIGHTS) {
2314 fds = (int*) CMSG_DATA(cmsg);
2315 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2319 if (ev->data.fd == s->syslog_fd) {
2322 if (n > 0 && n_fds == 0) {
2323 e = memchr(s->buffer, '\n', n);
2329 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2330 } else if (n_fds > 0)
2331 log_warning("Got file descriptors via syslog socket. Ignoring.");
2334 if (n > 0 && n_fds == 0)
2335 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2336 else if (n == 0 && n_fds == 1)
2337 process_native_file(s, fds[0], ucred, tv, label, label_len);
2339 log_warning("Got too many file descriptors via native socket. Ignoring.");
2342 close_many(fds, n_fds);
2347 } else if (ev->data.fd == s->stdout_fd) {
2349 if (ev->events != EPOLLIN) {
2350 log_info("Got invalid event from epoll.");
2354 stdout_stream_new(s);
2358 StdoutStream *stream;
2360 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2361 log_info("Got invalid event from epoll.");
2365 /* If it is none of the well-known fds, it must be an
2366 * stdout stream fd. Note that this is a bit ugly here
2367 * (since we rely that none of the well-known fds
2368 * could be interpreted as pointer), but nonetheless
2369 * safe, since the well-known fds would never get an
2370 * fd > 4096, i.e. beyond the first memory page */
2372 stream = ev->data.ptr;
2374 if (stdout_stream_process(stream) <= 0)
2375 stdout_stream_free(stream);
2380 log_error("Unknown event.");
2384 static int open_syslog_socket(Server *s) {
2385 union sockaddr_union sa;
2387 struct epoll_event ev;
2391 if (s->syslog_fd < 0) {
2393 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2394 if (s->syslog_fd < 0) {
2395 log_error("socket() failed: %m");
2400 sa.un.sun_family = AF_UNIX;
2401 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2403 unlink(sa.un.sun_path);
2405 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2407 log_error("bind() failed: %m");
2411 chmod(sa.un.sun_path, 0666);
2413 fd_nonblock(s->syslog_fd, 1);
2416 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2418 log_error("SO_PASSCRED failed: %m");
2424 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2426 log_warning("SO_PASSSEC failed: %m");
2430 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2432 log_error("SO_TIMESTAMP failed: %m");
2437 ev.events = EPOLLIN;
2438 ev.data.fd = s->syslog_fd;
2439 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2440 log_error("Failed to add syslog server fd to epoll object: %m");
2447 static int open_native_socket(Server*s) {
2448 union sockaddr_union sa;
2450 struct epoll_event ev;
2454 if (s->native_fd < 0) {
2456 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2457 if (s->native_fd < 0) {
2458 log_error("socket() failed: %m");
2463 sa.un.sun_family = AF_UNIX;
2464 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2466 unlink(sa.un.sun_path);
2468 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2470 log_error("bind() failed: %m");
2474 chmod(sa.un.sun_path, 0666);
2476 fd_nonblock(s->native_fd, 1);
2479 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2481 log_error("SO_PASSCRED failed: %m");
2487 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2489 log_warning("SO_PASSSEC failed: %m");
2493 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2495 log_error("SO_TIMESTAMP failed: %m");
2500 ev.events = EPOLLIN;
2501 ev.data.fd = s->native_fd;
2502 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2503 log_error("Failed to add native server fd to epoll object: %m");
2510 static int open_stdout_socket(Server *s) {
2511 union sockaddr_union sa;
2513 struct epoll_event ev;
2517 if (s->stdout_fd < 0) {
2519 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2520 if (s->stdout_fd < 0) {
2521 log_error("socket() failed: %m");
2526 sa.un.sun_family = AF_UNIX;
2527 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2529 unlink(sa.un.sun_path);
2531 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2533 log_error("bind() failed: %m");
2537 chmod(sa.un.sun_path, 0666);
2539 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2540 log_error("liste() failed: %m");
2544 fd_nonblock(s->stdout_fd, 1);
2547 ev.events = EPOLLIN;
2548 ev.data.fd = s->stdout_fd;
2549 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2550 log_error("Failed to add stdout server fd to epoll object: %m");
2557 static int open_proc_kmsg(Server *s) {
2558 struct epoll_event ev;
2562 if (!s->import_proc_kmsg)
2565 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2566 if (s->proc_kmsg_fd < 0) {
2567 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2572 ev.events = EPOLLIN;
2573 ev.data.fd = s->proc_kmsg_fd;
2574 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2575 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2582 static int open_signalfd(Server *s) {
2584 struct epoll_event ev;
2588 assert_se(sigemptyset(&mask) == 0);
2589 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2590 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2592 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2593 if (s->signal_fd < 0) {
2594 log_error("signalfd(): %m");
2599 ev.events = EPOLLIN;
2600 ev.data.fd = s->signal_fd;
2602 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2603 log_error("epoll_ctl(): %m");
2610 static int server_parse_proc_cmdline(Server *s) {
2611 char *line, *w, *state;
2615 if (detect_container(NULL) > 0)
2618 r = read_one_line_file("/proc/cmdline", &line);
2620 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2624 FOREACH_WORD_QUOTED(w, l, line, state) {
2627 word = strndup(w, l);
2633 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2634 r = parse_boolean(word + 35);
2636 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2638 s->forward_to_syslog = r;
2639 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2640 r = parse_boolean(word + 33);
2642 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2644 s->forward_to_kmsg = r;
2645 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2646 r = parse_boolean(word + 36);
2648 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2650 s->forward_to_console = r;
2651 } else if (startswith(word, "systemd.journald"))
2652 log_warning("Invalid systemd.journald parameter. Ignoring.");
2664 static int server_parse_config_file(Server *s) {
2671 fn = "/etc/systemd/journald.conf";
2672 f = fopen(fn, "re");
2674 if (errno == ENOENT)
2677 log_warning("Failed to open configuration file %s: %m", fn);
2681 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2683 log_warning("Failed to parse configuration file: %s", strerror(-r));
2690 static int server_init(Server *s) {
2696 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2699 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2700 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2702 s->forward_to_syslog = true;
2703 s->import_proc_kmsg = true;
2705 s->max_level_store = LOG_DEBUG;
2706 s->max_level_syslog = LOG_DEBUG;
2707 s->max_level_kmsg = LOG_NOTICE;
2708 s->max_level_console = LOG_INFO;
2710 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2711 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2713 server_parse_config_file(s);
2714 server_parse_proc_cmdline(s);
2716 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2717 if (!s->user_journals) {
2718 log_error("Out of memory.");
2722 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2723 if (s->epoll_fd < 0) {
2724 log_error("Failed to create epoll object: %m");
2728 n = sd_listen_fds(true);
2730 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2734 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2736 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2738 if (s->native_fd >= 0) {
2739 log_error("Too many native sockets passed.");
2745 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2747 if (s->stdout_fd >= 0) {
2748 log_error("Too many stdout sockets passed.");
2754 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2756 if (s->syslog_fd >= 0) {
2757 log_error("Too many /dev/log sockets passed.");
2764 log_error("Unknown socket passed.");
2769 r = open_syslog_socket(s);
2773 r = open_native_socket(s);
2777 r = open_stdout_socket(s);
2781 r = open_proc_kmsg(s);
2785 r = open_signalfd(s);
2789 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2793 r = system_journal_open(s);
2800 static void server_done(Server *s) {
2804 while (s->stdout_streams)
2805 stdout_stream_free(s->stdout_streams);
2807 if (s->system_journal)
2808 journal_file_close(s->system_journal);
2810 if (s->runtime_journal)
2811 journal_file_close(s->runtime_journal);
2813 while ((f = hashmap_steal_first(s->user_journals)))
2814 journal_file_close(f);
2816 hashmap_free(s->user_journals);
2818 if (s->epoll_fd >= 0)
2819 close_nointr_nofail(s->epoll_fd);
2821 if (s->signal_fd >= 0)
2822 close_nointr_nofail(s->signal_fd);
2824 if (s->syslog_fd >= 0)
2825 close_nointr_nofail(s->syslog_fd);
2827 if (s->native_fd >= 0)
2828 close_nointr_nofail(s->native_fd);
2830 if (s->stdout_fd >= 0)
2831 close_nointr_nofail(s->stdout_fd);
2833 if (s->proc_kmsg_fd >= 0)
2834 close_nointr_nofail(s->proc_kmsg_fd);
2837 journal_rate_limit_free(s->rate_limit);
2843 int main(int argc, char *argv[]) {
2847 /* if (getppid() != 1) { */
2848 /* log_error("This program should be invoked by init only."); */
2849 /* return EXIT_FAILURE; */
2853 log_error("This program does not take arguments.");
2854 return EXIT_FAILURE;
2857 log_set_target(LOG_TARGET_SAFE);
2858 log_set_facility(LOG_SYSLOG);
2859 log_parse_environment();
2864 r = server_init(&server);
2868 server_vacuum(&server);
2869 server_flush_to_var(&server);
2870 server_flush_proc_kmsg(&server);
2872 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2873 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2877 "STATUS=Processing requests...");
2880 struct epoll_event event;
2882 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2888 log_error("epoll_wait() failed: %m");
2894 r = process_event(&server, &event);
2901 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2902 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2906 "STATUS=Shutting down...");
2908 server_done(&server);
2910 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;