1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-login.h>
35 #include <systemd/sd-messages.h>
36 #include <systemd/sd-daemon.h>
40 #include "journal-file.h"
41 #include "socket-util.h"
42 #include "cgroup-util.h"
44 #include "journal-rate-limit.h"
45 #include "journal-internal.h"
46 #include "conf-parser.h"
53 #include <acl/libacl.h>
58 #include <selinux/selinux.h>
61 #define USER_JOURNALS_MAX 1024
62 #define STDOUT_STREAMS_MAX 4096
64 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
65 #define DEFAULT_RATE_LIMIT_BURST 200
67 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
69 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
71 #define N_IOVEC_META_FIELDS 17
73 #define ENTRY_SIZE_MAX (1024*1024*32)
75 typedef enum StdoutStreamState {
76 STDOUT_STREAM_IDENTIFIER,
77 STDOUT_STREAM_PRIORITY,
78 STDOUT_STREAM_LEVEL_PREFIX,
79 STDOUT_STREAM_FORWARD_TO_SYSLOG,
80 STDOUT_STREAM_FORWARD_TO_KMSG,
81 STDOUT_STREAM_FORWARD_TO_CONSOLE,
87 StdoutStreamState state;
93 security_context_t security_context;
99 bool forward_to_syslog:1;
100 bool forward_to_kmsg:1;
101 bool forward_to_console:1;
103 char buffer[LINE_MAX+1];
106 LIST_FIELDS(StdoutStream, stdout_stream);
109 static int server_flush_to_var(Server *s);
111 static uint64_t available_space(Server *s) {
116 uint64_t sum = 0, avail = 0, ss_avail = 0;
122 ts = now(CLOCK_MONOTONIC);
124 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
125 return s->cached_available_space;
127 r = sd_id128_get_machine(&machine);
131 if (s->system_journal) {
132 f = "/var/log/journal/";
133 m = &s->system_metrics;
135 f = "/run/log/journal/";
136 m = &s->runtime_metrics;
141 p = strappend(f, sd_id128_to_string(machine, ids));
151 if (fstatvfs(dirfd(d), &ss) < 0)
156 struct dirent buf, *de;
158 r = readdir_r(d, &buf, &de);
165 if (!endswith(de->d_name, ".journal") &&
166 !endswith(de->d_name, ".journal~"))
169 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
172 if (!S_ISREG(st.st_mode))
175 sum += (uint64_t) st.st_blocks * 512UL;
178 avail = sum >= m->max_use ? 0 : m->max_use - sum;
180 ss_avail = ss.f_bsize * ss.f_bavail;
182 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
184 if (ss_avail < avail)
187 s->cached_available_space = avail;
188 s->cached_available_space_timestamp = ts;
196 static void server_read_file_gid(Server *s) {
197 const char *adm = "adm";
202 if (s->file_gid_valid)
205 r = get_group_creds(&adm, &s->file_gid);
207 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
209 /* if we couldn't read the gid, then it will be 0, but that's
210 * fine and we shouldn't try to resolve the group again, so
211 * let's just pretend it worked right-away. */
212 s->file_gid_valid = true;
215 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
220 acl_permset_t permset;
225 server_read_file_gid(s);
227 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
229 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
235 acl = acl_get_fd(f->fd);
237 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
241 r = acl_find_uid(acl, uid, &entry);
244 if (acl_create_entry(&acl, &entry) < 0 ||
245 acl_set_tag_type(entry, ACL_USER) < 0 ||
246 acl_set_qualifier(entry, &uid) < 0) {
247 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
252 if (acl_get_permset(entry, &permset) < 0 ||
253 acl_add_perm(permset, ACL_READ) < 0 ||
254 acl_calc_mask(&acl) < 0) {
255 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
259 if (acl_set_fd(f->fd, acl) < 0)
260 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
267 static JournalFile* find_journal(Server *s, uid_t uid) {
276 /* We split up user logs only on /var, not on /run. If the
277 * runtime file is open, we write to it exclusively, in order
278 * to guarantee proper order as soon as we flush /run to
279 * /var and close the runtime file. */
281 if (s->runtime_journal)
282 return s->runtime_journal;
285 return s->system_journal;
287 r = sd_id128_get_machine(&machine);
289 return s->system_journal;
291 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
295 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
296 return s->system_journal;
298 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
299 /* Too many open? Then let's close one */
300 f = hashmap_steal_first(s->user_journals);
302 journal_file_close(f);
305 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
309 return s->system_journal;
311 server_fix_perms(s, f, uid);
313 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
315 journal_file_close(f);
316 return s->system_journal;
322 static void server_rotate(Server *s) {
328 log_info("Rotating...");
330 if (s->runtime_journal) {
331 r = journal_file_rotate(&s->runtime_journal);
333 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
335 server_fix_perms(s, s->runtime_journal, 0);
338 if (s->system_journal) {
339 r = journal_file_rotate(&s->system_journal);
341 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
343 server_fix_perms(s, s->system_journal, 0);
346 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
347 r = journal_file_rotate(&f);
349 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
351 hashmap_replace(s->user_journals, k, f);
352 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
357 static void server_vacuum(Server *s) {
363 log_info("Vacuuming...");
365 r = sd_id128_get_machine(&machine);
367 log_error("Failed to get machine ID: %s", strerror(-r));
371 sd_id128_to_string(machine, ids);
373 if (s->system_journal) {
374 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
375 log_error("Out of memory.");
379 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
380 if (r < 0 && r != -ENOENT)
381 log_error("Failed to vacuum %s: %s", p, strerror(-r));
386 if (s->runtime_journal) {
387 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
388 log_error("Out of memory.");
392 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
393 if (r < 0 && r != -ENOENT)
394 log_error("Failed to vacuum %s: %s", p, strerror(-r));
398 s->cached_available_space_timestamp = 0;
401 static char *shortened_cgroup_path(pid_t pid) {
403 char *process_path, *init_path, *path;
407 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
411 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
417 if (endswith(init_path, "/system"))
418 init_path[strlen(init_path) - 7] = 0;
419 else if (streq(init_path, "/"))
422 if (startswith(process_path, init_path)) {
425 p = strdup(process_path + strlen(init_path));
443 static void dispatch_message_real(
445 struct iovec *iovec, unsigned n, unsigned m,
448 const char *label, size_t label_len) {
450 char *pid = NULL, *uid = NULL, *gid = NULL,
451 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
452 *comm = NULL, *cmdline = NULL, *hostname = NULL,
453 *audit_session = NULL, *audit_loginuid = NULL,
454 *exe = NULL, *cgroup = NULL, *session = NULL,
455 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
461 uid_t loginuid = 0, realuid = 0;
463 bool vacuumed = false;
468 assert(n + N_IOVEC_META_FIELDS <= m);
474 realuid = ucred->uid;
476 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
477 IOVEC_SET_STRING(iovec[n++], pid);
479 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
480 IOVEC_SET_STRING(iovec[n++], uid);
482 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
483 IOVEC_SET_STRING(iovec[n++], gid);
485 r = get_process_comm(ucred->pid, &t);
487 comm = strappend("_COMM=", t);
491 IOVEC_SET_STRING(iovec[n++], comm);
494 r = get_process_exe(ucred->pid, &t);
496 exe = strappend("_EXE=", t);
500 IOVEC_SET_STRING(iovec[n++], exe);
503 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
505 cmdline = strappend("_CMDLINE=", t);
509 IOVEC_SET_STRING(iovec[n++], cmdline);
512 r = audit_session_from_pid(ucred->pid, &audit);
514 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
515 IOVEC_SET_STRING(iovec[n++], audit_session);
517 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
519 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
520 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
522 t = shortened_cgroup_path(ucred->pid);
524 cgroup = strappend("_SYSTEMD_CGROUP=", t);
528 IOVEC_SET_STRING(iovec[n++], cgroup);
531 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
532 session = strappend("_SYSTEMD_SESSION=", t);
536 IOVEC_SET_STRING(iovec[n++], session);
539 if (sd_pid_get_unit(ucred->pid, &t) >= 0) {
540 unit = strappend("_SYSTEMD_UNIT=", t);
544 IOVEC_SET_STRING(iovec[n++], unit);
547 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
548 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
549 IOVEC_SET_STRING(iovec[n++], owner_uid);
553 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
554 if (selinux_context) {
555 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
556 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
557 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
558 IOVEC_SET_STRING(iovec[n++], selinux_context);
561 security_context_t con;
563 if (getpidcon(ucred->pid, &con) >= 0) {
564 selinux_context = strappend("_SELINUX_CONTEXT=", con);
566 IOVEC_SET_STRING(iovec[n++], selinux_context);
575 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
576 (unsigned long long) timeval_load(tv)) >= 0)
577 IOVEC_SET_STRING(iovec[n++], source_time);
580 /* Note that strictly speaking storing the boot id here is
581 * redundant since the entry includes this in-line
582 * anyway. However, we need this indexed, too. */
583 r = sd_id128_get_boot(&id);
585 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
586 IOVEC_SET_STRING(iovec[n++], boot_id);
588 r = sd_id128_get_machine(&id);
590 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
591 IOVEC_SET_STRING(iovec[n++], machine_id);
593 t = gethostname_malloc();
595 hostname = strappend("_HOSTNAME=", t);
598 IOVEC_SET_STRING(iovec[n++], hostname);
603 server_flush_to_var(s);
606 f = find_journal(s, realuid == 0 ? 0 : loginuid);
608 log_warning("Dropping message, as we can't find a place to store the data.");
610 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
612 if ((r == -E2BIG || /* hit limit */
613 r == -EFBIG || /* hit fs limit */
614 r == -EDQUOT || /* quota hit */
615 r == -ENOSPC || /* disk full */
616 r == -EBADMSG || /* corrupted */
617 r == -ENODATA || /* truncated */
618 r == -EHOSTDOWN || /* other machine */
619 r == -EPROTONOSUPPORT) && /* unsupported feature */
623 log_info("Allocation limit reached, rotating.");
625 log_warning("Journal file corrupted, rotating.");
631 log_info("Retrying write.");
636 log_error("Failed to write entry, ignoring: %s", strerror(-r));
650 free(audit_loginuid);
655 free(selinux_context);
658 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
659 char mid[11 + 32 + 1];
660 char buffer[16 + LINE_MAX + 1];
661 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
669 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
670 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
672 memcpy(buffer, "MESSAGE=", 8);
673 va_start(ap, format);
674 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
676 char_array_0(buffer);
677 IOVEC_SET_STRING(iovec[n++], buffer);
679 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
681 IOVEC_SET_STRING(iovec[n++], mid);
684 ucred.pid = getpid();
685 ucred.uid = getuid();
686 ucred.gid = getgid();
688 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0);
691 static void dispatch_message(Server *s,
692 struct iovec *iovec, unsigned n, unsigned m,
695 const char *label, size_t label_len,
698 char *path = NULL, *c;
701 assert(iovec || n == 0);
709 path = shortened_cgroup_path(ucred->pid);
713 /* example: /user/lennart/3/foobar
714 * /system/dbus.service/foobar
716 * So let's cut of everything past the third /, since that is
717 * wher user directories start */
719 c = strchr(path, '/');
721 c = strchr(c+1, '/');
723 c = strchr(c+1, '/');
729 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
736 /* Write a suppression message if we suppressed something */
738 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
743 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len);
746 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
747 struct msghdr msghdr;
748 struct cmsghdr *cmsg;
750 struct cmsghdr cmsghdr;
751 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
753 union sockaddr_union sa;
760 msghdr.msg_iov = (struct iovec*) iovec;
761 msghdr.msg_iovlen = n_iovec;
764 sa.un.sun_family = AF_UNIX;
765 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
766 msghdr.msg_name = &sa;
767 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
771 msghdr.msg_control = &control;
772 msghdr.msg_controllen = sizeof(control);
774 cmsg = CMSG_FIRSTHDR(&msghdr);
775 cmsg->cmsg_level = SOL_SOCKET;
776 cmsg->cmsg_type = SCM_CREDENTIALS;
777 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
778 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
779 msghdr.msg_controllen = cmsg->cmsg_len;
782 /* Forward the syslog message we received via /dev/log to
783 * /run/systemd/syslog. Unfortunately we currently can't set
784 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
786 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
789 /* The socket is full? I guess the syslog implementation is
790 * too slow, and we shouldn't wait for that... */
794 if (ucred && errno == ESRCH) {
797 /* Hmm, presumably the sender process vanished
798 * by now, so let's fix it as good as we
803 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
805 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
812 log_debug("Failed to forward syslog message: %m");
815 static void forward_syslog_raw(Server *s, const char *buffer, struct ucred *ucred, struct timeval *tv) {
821 IOVEC_SET_STRING(iovec, buffer);
822 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
825 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
826 struct iovec iovec[5];
827 char header_priority[6], header_time[64], header_pid[16];
831 char *ident_buf = NULL;
834 assert(priority >= 0);
835 assert(priority <= 999);
838 /* First: priority field */
839 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
840 char_array_0(header_priority);
841 IOVEC_SET_STRING(iovec[n++], header_priority);
843 /* Second: timestamp */
844 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
848 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
850 IOVEC_SET_STRING(iovec[n++], header_time);
852 /* Third: identifier and PID */
855 get_process_comm(ucred->pid, &ident_buf);
856 identifier = ident_buf;
859 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
860 char_array_0(header_pid);
863 IOVEC_SET_STRING(iovec[n++], identifier);
865 IOVEC_SET_STRING(iovec[n++], header_pid);
866 } else if (identifier) {
867 IOVEC_SET_STRING(iovec[n++], identifier);
868 IOVEC_SET_STRING(iovec[n++], ": ");
871 /* Fourth: message */
872 IOVEC_SET_STRING(iovec[n++], message);
874 forward_syslog_iovec(s, iovec, n, ucred, tv);
879 static int fixup_priority(int priority) {
881 if ((priority & LOG_FACMASK) == 0)
882 return (priority & LOG_PRIMASK) | LOG_USER;
887 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
888 struct iovec iovec[5];
889 char header_priority[6], header_pid[16];
891 char *ident_buf = NULL;
895 assert(priority >= 0);
896 assert(priority <= 999);
899 /* Never allow messages with kernel facility to be written to
900 * kmsg, regardless where the data comes from. */
901 priority = fixup_priority(priority);
903 /* First: priority field */
904 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
905 char_array_0(header_priority);
906 IOVEC_SET_STRING(iovec[n++], header_priority);
908 /* Second: identifier and PID */
911 get_process_comm(ucred->pid, &ident_buf);
912 identifier = ident_buf;
915 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
916 char_array_0(header_pid);
919 IOVEC_SET_STRING(iovec[n++], identifier);
921 IOVEC_SET_STRING(iovec[n++], header_pid);
922 } else if (identifier) {
923 IOVEC_SET_STRING(iovec[n++], identifier);
924 IOVEC_SET_STRING(iovec[n++], ": ");
927 /* Fourth: message */
928 IOVEC_SET_STRING(iovec[n++], message);
929 IOVEC_SET_STRING(iovec[n++], "\n");
931 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
933 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
937 if (writev(fd, iovec, n) < 0)
938 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
940 close_nointr_nofail(fd);
946 static void forward_console(Server *s, const char *identifier, const char *message, struct ucred *ucred) {
947 struct iovec iovec[4];
950 char *ident_buf = NULL;
955 /* First: identifier and PID */
958 get_process_comm(ucred->pid, &ident_buf);
959 identifier = ident_buf;
962 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
963 char_array_0(header_pid);
966 IOVEC_SET_STRING(iovec[n++], identifier);
968 IOVEC_SET_STRING(iovec[n++], header_pid);
969 } else if (identifier) {
970 IOVEC_SET_STRING(iovec[n++], identifier);
971 IOVEC_SET_STRING(iovec[n++], ": ");
975 IOVEC_SET_STRING(iovec[n++], message);
976 IOVEC_SET_STRING(iovec[n++], "\n");
978 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
980 log_debug("Failed to open /dev/console for logging: %s", strerror(errno));
984 if (writev(fd, iovec, n) < 0)
985 log_debug("Failed to write to /dev/console for logging: %s", strerror(errno));
987 close_nointr_nofail(fd);
993 static void read_identifier(const char **buf, char **identifier, char **pid) {
1004 p += strspn(p, WHITESPACE);
1005 l = strcspn(p, WHITESPACE);
1014 if (p[l-1] == ']') {
1020 t = strndup(p+k+1, l-k-2);
1040 *buf += strspn(*buf, WHITESPACE);
1043 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1044 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1045 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1047 int priority = LOG_USER | LOG_INFO;
1048 char *identifier = NULL, *pid = NULL;
1053 if (s->forward_to_syslog)
1054 forward_syslog_raw(s, buf, ucred, tv);
1056 parse_syslog_priority((char**) &buf, &priority);
1057 skip_syslog_date((char**) &buf);
1058 read_identifier(&buf, &identifier, &pid);
1060 if (s->forward_to_kmsg)
1061 forward_kmsg(s, priority, identifier, buf, ucred);
1063 if (s->forward_to_console)
1064 forward_console(s, identifier, buf, ucred);
1066 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1068 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1069 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1071 if (priority & LOG_FACMASK)
1072 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1073 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1076 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1077 if (syslog_identifier)
1078 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1082 syslog_pid = strappend("SYSLOG_PID=", pid);
1084 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1087 message = strappend("MESSAGE=", buf);
1089 IOVEC_SET_STRING(iovec[n++], message);
1091 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, priority);
1096 free(syslog_priority);
1097 free(syslog_facility);
1098 free(syslog_identifier);
1101 static bool valid_user_field(const char *p, size_t l) {
1104 /* We kinda enforce POSIX syntax recommendations for
1105 environment variables here, but make a couple of additional
1108 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1110 /* No empty field names */
1114 /* Don't allow names longer than 64 chars */
1118 /* Variables starting with an underscore are protected */
1122 /* Don't allow digits as first character */
1123 if (p[0] >= '0' && p[0] <= '9')
1126 /* Only allow A-Z0-9 and '_' */
1127 for (a = p; a < p + l; a++)
1128 if (!((*a >= 'A' && *a <= 'Z') ||
1129 (*a >= '0' && *a <= '9') ||
1136 static void process_native_message(
1138 const void *buffer, size_t buffer_size,
1139 struct ucred *ucred,
1141 const char *label, size_t label_len) {
1143 struct iovec *iovec = NULL;
1144 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1147 int priority = LOG_INFO;
1148 char *identifier = NULL, *message = NULL;
1151 assert(buffer || buffer_size == 0);
1154 remaining = buffer_size;
1156 while (remaining > 0) {
1159 e = memchr(p, '\n', remaining);
1162 /* Trailing noise, let's ignore it, and flush what we collected */
1163 log_debug("Received message with trailing noise, ignoring.");
1168 /* Entry separator */
1169 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1171 priority = LOG_INFO;
1178 if (*p == '.' || *p == '#') {
1179 /* Ignore control commands for now, and
1181 remaining -= (e - p) + 1;
1186 /* A property follows */
1188 if (n+N_IOVEC_META_FIELDS >= m) {
1192 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1193 c = realloc(iovec, u * sizeof(struct iovec));
1195 log_error("Out of memory");
1203 q = memchr(p, '=', e - p);
1205 if (valid_user_field(p, q - p)) {
1210 /* If the field name starts with an
1211 * underscore, skip the variable,
1212 * since that indidates a trusted
1214 iovec[n].iov_base = (char*) p;
1215 iovec[n].iov_len = l;
1218 /* We need to determine the priority
1219 * of this entry for the rate limiting
1222 memcmp(p, "PRIORITY=", 9) == 0 &&
1223 p[9] >= '0' && p[9] <= '9')
1224 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1227 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1228 p[16] >= '0' && p[16] <= '9')
1229 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1232 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1233 p[16] >= '0' && p[16] <= '9' &&
1234 p[17] >= '0' && p[17] <= '9')
1235 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1238 memcmp(p, "SYSLOG_IDENTIFIER=", 11) == 0) {
1241 t = strndup(p + 11, l - 11);
1246 } else if (l >= 8 &&
1247 memcmp(p, "MESSAGE=", 8) == 0) {
1250 t = strndup(p + 8, l - 8);
1258 remaining -= (e - p) + 1;
1266 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1267 log_debug("Failed to parse message, ignoring.");
1271 memcpy(&l_le, e + 1, sizeof(uint64_t));
1274 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1275 e[1+sizeof(uint64_t)+l] != '\n') {
1276 log_debug("Failed to parse message, ignoring.");
1280 k = malloc((e - p) + 1 + l);
1282 log_error("Out of memory");
1286 memcpy(k, p, e - p);
1288 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1290 if (valid_user_field(p, e - p)) {
1291 iovec[n].iov_base = k;
1292 iovec[n].iov_len = (e - p) + 1 + l;
1297 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1298 p = e + 1 + sizeof(uint64_t) + l + 1;
1306 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1309 if (s->forward_to_syslog)
1310 forward_syslog(s, priority, identifier, message, ucred, tv);
1312 if (s->forward_to_kmsg)
1313 forward_kmsg(s, priority, identifier, message, ucred);
1315 if (s->forward_to_console)
1316 forward_console(s, identifier, message, ucred);
1319 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1322 for (j = 0; j < n; j++) {
1326 if (iovec[j].iov_base < buffer ||
1327 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1328 free(iovec[j].iov_base);
1336 static void process_native_file(
1339 struct ucred *ucred,
1341 const char *label, size_t label_len) {
1350 /* Data is in the passed file, since it didn't fit in a
1351 * datagram. We can't map the file here, since clients might
1352 * then truncate it and trigger a SIGBUS for us. So let's
1353 * stupidly read it */
1355 if (fstat(fd, &st) < 0) {
1356 log_error("Failed to stat passed file, ignoring: %m");
1360 if (!S_ISREG(st.st_mode)) {
1361 log_error("File passed is not regular. Ignoring.");
1365 if (st.st_size <= 0)
1368 if (st.st_size > ENTRY_SIZE_MAX) {
1369 log_error("File passed too large. Ignoring.");
1373 p = malloc(st.st_size);
1375 log_error("Out of memory");
1379 n = pread(fd, p, st.st_size, 0);
1381 log_error("Failed to read file, ignoring: %s", strerror(-n));
1383 process_native_message(s, p, n, ucred, tv, label, label_len);
1388 static int stdout_stream_log(StdoutStream *s, const char *p) {
1389 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1390 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1394 size_t label_len = 0;
1402 priority = s->priority;
1404 if (s->level_prefix)
1405 parse_syslog_priority((char**) &p, &priority);
1407 if (s->forward_to_syslog || s->server->forward_to_syslog)
1408 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1410 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1411 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1413 if (s->forward_to_console || s->server->forward_to_console)
1414 forward_console(s->server, s->identifier, p, &s->ucred);
1416 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1418 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1419 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1421 if (priority & LOG_FACMASK)
1422 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1423 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1425 if (s->identifier) {
1426 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1427 if (syslog_identifier)
1428 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1431 message = strappend("MESSAGE=", p);
1433 IOVEC_SET_STRING(iovec[n++], message);
1436 if (s->security_context) {
1437 label = (char*) s->security_context;
1438 label_len = strlen((char*) s->security_context);
1442 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, priority);
1445 free(syslog_priority);
1446 free(syslog_facility);
1447 free(syslog_identifier);
1452 static int stdout_stream_line(StdoutStream *s, char *p) {
1462 case STDOUT_STREAM_IDENTIFIER:
1464 s->identifier = NULL;
1466 s->identifier = strdup(p);
1467 if (!s->identifier) {
1468 log_error("Out of memory");
1473 s->state = STDOUT_STREAM_PRIORITY;
1476 case STDOUT_STREAM_PRIORITY:
1477 r = safe_atoi(p, &s->priority);
1478 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1479 log_warning("Failed to parse log priority line.");
1483 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1486 case STDOUT_STREAM_LEVEL_PREFIX:
1487 r = parse_boolean(p);
1489 log_warning("Failed to parse level prefix line.");
1493 s->level_prefix = !!r;
1494 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1497 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1498 r = parse_boolean(p);
1500 log_warning("Failed to parse forward to syslog line.");
1504 s->forward_to_syslog = !!r;
1505 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1508 case STDOUT_STREAM_FORWARD_TO_KMSG:
1509 r = parse_boolean(p);
1511 log_warning("Failed to parse copy to kmsg line.");
1515 s->forward_to_kmsg = !!r;
1516 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1519 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1520 r = parse_boolean(p);
1522 log_warning("Failed to parse copy to console line.");
1526 s->forward_to_console = !!r;
1527 s->state = STDOUT_STREAM_RUNNING;
1530 case STDOUT_STREAM_RUNNING:
1531 return stdout_stream_log(s, p);
1534 assert_not_reached("Unknown stream state");
1537 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1545 remaining = s->length;
1550 end = memchr(p, '\n', remaining);
1553 else if (remaining >= sizeof(s->buffer) - 1) {
1554 end = p + sizeof(s->buffer) - 1;
1561 r = stdout_stream_line(s, p);
1569 if (force_flush && remaining > 0) {
1571 r = stdout_stream_line(s, p);
1579 if (p > s->buffer) {
1580 memmove(s->buffer, p, remaining);
1581 s->length = remaining;
1587 static int stdout_stream_process(StdoutStream *s) {
1593 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1596 if (errno == EAGAIN)
1599 log_warning("Failed to read from stream: %m");
1604 r = stdout_stream_scan(s, true);
1612 r = stdout_stream_scan(s, false);
1620 static void stdout_stream_free(StdoutStream *s) {
1624 assert(s->server->n_stdout_streams > 0);
1625 s->server->n_stdout_streams --;
1626 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1631 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1633 close_nointr_nofail(s->fd);
1637 if (s->security_context)
1638 freecon(s->security_context);
1641 free(s->identifier);
1645 static int stdout_stream_new(Server *s) {
1646 StdoutStream *stream;
1649 struct epoll_event ev;
1653 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1655 if (errno == EAGAIN)
1658 log_error("Failed to accept stdout connection: %m");
1662 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1663 log_warning("Too many stdout streams, refusing connection.");
1664 close_nointr_nofail(fd);
1668 stream = new0(StdoutStream, 1);
1670 log_error("Out of memory.");
1671 close_nointr_nofail(fd);
1677 len = sizeof(stream->ucred);
1678 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1679 log_error("Failed to determine peer credentials: %m");
1685 if (getpeercon(fd, &stream->security_context) < 0)
1686 log_error("Failed to determine peer security context.");
1689 if (shutdown(fd, SHUT_WR) < 0) {
1690 log_error("Failed to shutdown writing side of socket: %m");
1696 ev.data.ptr = stream;
1697 ev.events = EPOLLIN;
1698 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1699 log_error("Failed to add stream to event loop: %m");
1705 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1706 s->n_stdout_streams ++;
1711 stdout_stream_free(stream);
1715 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1726 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1731 for (i = 1; i <= 5; i++) {
1737 k = undecchar(p[i]);
1744 for (i = 7; i <= 12; i++) {
1747 k = undecchar(p[i]);
1756 *_p += strspn(*_p, WHITESPACE);
1761 static void proc_kmsg_line(Server *s, const char *p) {
1762 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1763 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1764 int priority = LOG_KERN | LOG_INFO;
1767 char *identifier = NULL, *pid = NULL;
1775 parse_syslog_priority((char **) &p, &priority);
1777 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1780 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1781 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1782 (unsigned long long) usec) >= 0)
1783 IOVEC_SET_STRING(iovec[n++], source_time);
1786 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1788 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1789 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1791 if ((priority & LOG_FACMASK) == LOG_KERN) {
1793 if (s->forward_to_syslog)
1794 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1796 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1798 read_identifier(&p, &identifier, &pid);
1800 if (s->forward_to_syslog)
1801 forward_syslog(s, priority, identifier, p, NULL, NULL);
1804 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1805 if (syslog_identifier)
1806 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1810 syslog_pid = strappend("SYSLOG_PID=", pid);
1812 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1815 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1816 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1819 message = strappend("MESSAGE=", p);
1821 IOVEC_SET_STRING(iovec[n++], message);
1823 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
1826 free(syslog_priority);
1827 free(syslog_identifier);
1829 free(syslog_facility);
1835 static void proc_kmsg_scan(Server *s) {
1841 p = s->proc_kmsg_buffer;
1842 remaining = s->proc_kmsg_length;
1847 end = memchr(p, '\n', remaining);
1850 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1851 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1858 proc_kmsg_line(s, p);
1864 if (p > s->proc_kmsg_buffer) {
1865 memmove(s->proc_kmsg_buffer, p, remaining);
1866 s->proc_kmsg_length = remaining;
1870 static int system_journal_open(Server *s) {
1876 r = sd_id128_get_machine(&machine);
1880 sd_id128_to_string(machine, ids);
1882 if (!s->system_journal) {
1884 /* First try to create the machine path, but not the prefix */
1885 fn = strappend("/var/log/journal/", ids);
1888 (void) mkdir(fn, 0755);
1891 /* The create the system journal file */
1892 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1896 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1900 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1902 s->system_journal->metrics = s->system_metrics;
1903 s->system_journal->compress = s->compress;
1905 server_fix_perms(s, s->system_journal, 0);
1908 if (r != -ENOENT && r != -EROFS)
1909 log_warning("Failed to open system journal: %s", strerror(-r));
1915 if (!s->runtime_journal) {
1917 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1921 if (s->system_journal) {
1923 /* Try to open the runtime journal, but only
1924 * if it already exists, so that we can flush
1925 * it into the system journal */
1927 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
1932 log_warning("Failed to open runtime journal: %s", strerror(-r));
1939 /* OK, we really need the runtime journal, so create
1940 * it if necessary. */
1942 (void) mkdir_parents(fn, 0755);
1943 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
1947 log_error("Failed to open runtime journal: %s", strerror(-r));
1952 if (s->runtime_journal) {
1953 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
1955 s->runtime_journal->metrics = s->runtime_metrics;
1956 s->runtime_journal->compress = s->compress;
1958 server_fix_perms(s, s->runtime_journal, 0);
1965 static int server_flush_to_var(Server *s) {
1966 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
1975 if (!s->runtime_journal)
1978 ts = now(CLOCK_MONOTONIC);
1979 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
1982 s->var_available_timestamp = ts;
1984 system_journal_open(s);
1986 if (!s->system_journal)
1989 log_info("Flushing to /var...");
1991 r = sd_id128_get_machine(&machine);
1993 log_error("Failed to get machine id: %s", strerror(-r));
1997 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1999 log_error("Failed to read runtime journal: %s", strerror(-r));
2003 SD_JOURNAL_FOREACH(j) {
2006 f = j->current_file;
2007 assert(f && f->current_offset > 0);
2009 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2011 log_error("Can't read entry: %s", strerror(-r));
2015 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2017 log_info("Allocation limit reached.");
2019 journal_file_post_change(s->system_journal);
2023 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2027 log_error("Can't write entry: %s", strerror(-r));
2033 journal_file_post_change(s->system_journal);
2035 journal_file_close(s->runtime_journal);
2036 s->runtime_journal = NULL;
2039 sd_id128_to_string(machine, path + 17);
2040 rm_rf(path, false, true, false);
2046 static int server_read_proc_kmsg(Server *s) {
2049 assert(s->proc_kmsg_fd >= 0);
2051 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2054 if (errno == EAGAIN || errno == EINTR)
2057 log_error("Failed to read from kernel: %m");
2061 s->proc_kmsg_length += l;
2067 static int server_flush_proc_kmsg(Server *s) {
2072 if (s->proc_kmsg_fd < 0)
2075 log_info("Flushing /proc/kmsg...");
2078 r = server_read_proc_kmsg(s);
2089 static int process_event(Server *s, struct epoll_event *ev) {
2092 if (ev->data.fd == s->signal_fd) {
2093 struct signalfd_siginfo sfsi;
2096 if (ev->events != EPOLLIN) {
2097 log_info("Got invalid event from epoll.");
2101 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2102 if (n != sizeof(sfsi)) {
2107 if (errno == EINTR || errno == EAGAIN)
2113 if (sfsi.ssi_signo == SIGUSR1) {
2114 server_flush_to_var(s);
2118 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2121 } else if (ev->data.fd == s->proc_kmsg_fd) {
2124 if (ev->events != EPOLLIN) {
2125 log_info("Got invalid event from epoll.");
2129 r = server_read_proc_kmsg(s);
2135 } else if (ev->data.fd == s->native_fd ||
2136 ev->data.fd == s->syslog_fd) {
2138 if (ev->events != EPOLLIN) {
2139 log_info("Got invalid event from epoll.");
2144 struct msghdr msghdr;
2146 struct ucred *ucred = NULL;
2147 struct timeval *tv = NULL;
2148 struct cmsghdr *cmsg;
2150 size_t label_len = 0;
2152 struct cmsghdr cmsghdr;
2154 /* We use NAME_MAX space for the
2155 * SELinux label here. The kernel
2156 * currently enforces no limit, but
2157 * according to suggestions from the
2158 * SELinux people this will change and
2159 * it will probably be identical to
2160 * NAME_MAX. For now we use that, but
2161 * this should be updated one day when
2162 * the final limit is known.*/
2163 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2164 CMSG_SPACE(sizeof(struct timeval)) +
2165 CMSG_SPACE(sizeof(int)) + /* fd */
2166 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2173 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2174 log_error("SIOCINQ failed: %m");
2178 if (s->buffer_size < (size_t) v) {
2182 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2183 b = realloc(s->buffer, l+1);
2186 log_error("Couldn't increase buffer.");
2195 iovec.iov_base = s->buffer;
2196 iovec.iov_len = s->buffer_size;
2200 msghdr.msg_iov = &iovec;
2201 msghdr.msg_iovlen = 1;
2202 msghdr.msg_control = &control;
2203 msghdr.msg_controllen = sizeof(control);
2205 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2208 if (errno == EINTR || errno == EAGAIN)
2211 log_error("recvmsg() failed: %m");
2215 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2217 if (cmsg->cmsg_level == SOL_SOCKET &&
2218 cmsg->cmsg_type == SCM_CREDENTIALS &&
2219 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2220 ucred = (struct ucred*) CMSG_DATA(cmsg);
2221 else if (cmsg->cmsg_level == SOL_SOCKET &&
2222 cmsg->cmsg_type == SCM_SECURITY) {
2223 label = (char*) CMSG_DATA(cmsg);
2224 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2225 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2226 cmsg->cmsg_type == SO_TIMESTAMP &&
2227 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2228 tv = (struct timeval*) CMSG_DATA(cmsg);
2229 else if (cmsg->cmsg_level == SOL_SOCKET &&
2230 cmsg->cmsg_type == SCM_RIGHTS) {
2231 fds = (int*) CMSG_DATA(cmsg);
2232 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2236 if (ev->data.fd == s->syslog_fd) {
2239 if (n > 0 && n_fds == 0) {
2240 e = memchr(s->buffer, '\n', n);
2246 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2247 } else if (n_fds > 0)
2248 log_warning("Got file descriptors via syslog socket. Ignoring.");
2251 if (n > 0 && n_fds == 0)
2252 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2253 else if (n == 0 && n_fds == 1)
2254 process_native_file(s, fds[0], ucred, tv, label, label_len);
2256 log_warning("Got too many file descriptors via native socket. Ignoring.");
2259 close_many(fds, n_fds);
2264 } else if (ev->data.fd == s->stdout_fd) {
2266 if (ev->events != EPOLLIN) {
2267 log_info("Got invalid event from epoll.");
2271 stdout_stream_new(s);
2275 StdoutStream *stream;
2277 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2278 log_info("Got invalid event from epoll.");
2282 /* If it is none of the well-known fds, it must be an
2283 * stdout stream fd. Note that this is a bit ugly here
2284 * (since we rely that none of the well-known fds
2285 * could be interpreted as pointer), but nonetheless
2286 * safe, since the well-known fds would never get an
2287 * fd > 4096, i.e. beyond the first memory page */
2289 stream = ev->data.ptr;
2291 if (stdout_stream_process(stream) <= 0)
2292 stdout_stream_free(stream);
2297 log_error("Unknown event.");
2301 static int open_syslog_socket(Server *s) {
2302 union sockaddr_union sa;
2304 struct epoll_event ev;
2308 if (s->syslog_fd < 0) {
2310 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2311 if (s->syslog_fd < 0) {
2312 log_error("socket() failed: %m");
2317 sa.un.sun_family = AF_UNIX;
2318 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2320 unlink(sa.un.sun_path);
2322 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2324 log_error("bind() failed: %m");
2328 chmod(sa.un.sun_path, 0666);
2330 fd_nonblock(s->syslog_fd, 1);
2333 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2335 log_error("SO_PASSCRED failed: %m");
2341 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2343 log_warning("SO_PASSSEC failed: %m");
2347 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2349 log_error("SO_TIMESTAMP failed: %m");
2354 ev.events = EPOLLIN;
2355 ev.data.fd = s->syslog_fd;
2356 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2357 log_error("Failed to add syslog server fd to epoll object: %m");
2364 static int open_native_socket(Server*s) {
2365 union sockaddr_union sa;
2367 struct epoll_event ev;
2371 if (s->native_fd < 0) {
2373 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2374 if (s->native_fd < 0) {
2375 log_error("socket() failed: %m");
2380 sa.un.sun_family = AF_UNIX;
2381 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2383 unlink(sa.un.sun_path);
2385 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2387 log_error("bind() failed: %m");
2391 chmod(sa.un.sun_path, 0666);
2393 fd_nonblock(s->native_fd, 1);
2396 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2398 log_error("SO_PASSCRED failed: %m");
2404 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2406 log_warning("SO_PASSSEC failed: %m");
2410 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2412 log_error("SO_TIMESTAMP failed: %m");
2417 ev.events = EPOLLIN;
2418 ev.data.fd = s->native_fd;
2419 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2420 log_error("Failed to add native server fd to epoll object: %m");
2427 static int open_stdout_socket(Server *s) {
2428 union sockaddr_union sa;
2430 struct epoll_event ev;
2434 if (s->stdout_fd < 0) {
2436 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2437 if (s->stdout_fd < 0) {
2438 log_error("socket() failed: %m");
2443 sa.un.sun_family = AF_UNIX;
2444 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2446 unlink(sa.un.sun_path);
2448 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2450 log_error("bind() failed: %m");
2454 chmod(sa.un.sun_path, 0666);
2456 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2457 log_error("liste() failed: %m");
2461 fd_nonblock(s->stdout_fd, 1);
2464 ev.events = EPOLLIN;
2465 ev.data.fd = s->stdout_fd;
2466 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2467 log_error("Failed to add stdout server fd to epoll object: %m");
2474 static int open_proc_kmsg(Server *s) {
2475 struct epoll_event ev;
2479 if (!s->import_proc_kmsg)
2482 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2483 if (s->proc_kmsg_fd < 0) {
2484 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2489 ev.events = EPOLLIN;
2490 ev.data.fd = s->proc_kmsg_fd;
2491 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2492 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2499 static int open_signalfd(Server *s) {
2501 struct epoll_event ev;
2505 assert_se(sigemptyset(&mask) == 0);
2506 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, -1);
2507 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2509 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2510 if (s->signal_fd < 0) {
2511 log_error("signalfd(): %m");
2516 ev.events = EPOLLIN;
2517 ev.data.fd = s->signal_fd;
2519 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2520 log_error("epoll_ctl(): %m");
2527 static int server_parse_proc_cmdline(Server *s) {
2528 char *line, *w, *state;
2532 if (detect_container(NULL) > 0)
2535 r = read_one_line_file("/proc/cmdline", &line);
2537 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2541 FOREACH_WORD_QUOTED(w, l, line, state) {
2544 word = strndup(w, l);
2550 if (startswith(word, "systemd_journald.forward_to_syslog=")) {
2551 r = parse_boolean(word + 35);
2553 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2555 s->forward_to_syslog = r;
2556 } else if (startswith(word, "systemd_journald.forward_to_kmsg=")) {
2557 r = parse_boolean(word + 33);
2559 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2561 s->forward_to_kmsg = r;
2562 } else if (startswith(word, "systemd_journald.forward_to_console=")) {
2563 r = parse_boolean(word + 36);
2565 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2567 s->forward_to_console = r;
2580 static int server_parse_config_file(Server *s) {
2587 fn = "/etc/systemd/journald.conf";
2588 f = fopen(fn, "re");
2590 if (errno == ENOENT)
2593 log_warning("Failed to open configuration file %s: %m", fn);
2597 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2599 log_warning("Failed to parse configuration file: %s", strerror(-r));
2606 static int server_init(Server *s) {
2612 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2615 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2616 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2618 s->forward_to_syslog = true;
2619 s->import_proc_kmsg = true;
2621 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2622 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2624 server_parse_config_file(s);
2625 server_parse_proc_cmdline(s);
2627 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2628 if (!s->user_journals) {
2629 log_error("Out of memory.");
2633 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2634 if (s->epoll_fd < 0) {
2635 log_error("Failed to create epoll object: %m");
2639 n = sd_listen_fds(true);
2641 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2645 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2647 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2649 if (s->native_fd >= 0) {
2650 log_error("Too many native sockets passed.");
2656 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2658 if (s->stdout_fd >= 0) {
2659 log_error("Too many stdout sockets passed.");
2665 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2667 if (s->syslog_fd >= 0) {
2668 log_error("Too many /dev/log sockets passed.");
2675 log_error("Unknown socket passed.");
2680 r = open_syslog_socket(s);
2684 r = open_native_socket(s);
2688 r = open_stdout_socket(s);
2692 r = open_proc_kmsg(s);
2696 r = open_signalfd(s);
2700 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2704 r = system_journal_open(s);
2711 static void server_done(Server *s) {
2715 while (s->stdout_streams)
2716 stdout_stream_free(s->stdout_streams);
2718 if (s->system_journal)
2719 journal_file_close(s->system_journal);
2721 if (s->runtime_journal)
2722 journal_file_close(s->runtime_journal);
2724 while ((f = hashmap_steal_first(s->user_journals)))
2725 journal_file_close(f);
2727 hashmap_free(s->user_journals);
2729 if (s->epoll_fd >= 0)
2730 close_nointr_nofail(s->epoll_fd);
2732 if (s->signal_fd >= 0)
2733 close_nointr_nofail(s->signal_fd);
2735 if (s->syslog_fd >= 0)
2736 close_nointr_nofail(s->syslog_fd);
2738 if (s->native_fd >= 0)
2739 close_nointr_nofail(s->native_fd);
2741 if (s->stdout_fd >= 0)
2742 close_nointr_nofail(s->stdout_fd);
2744 if (s->proc_kmsg_fd >= 0)
2745 close_nointr_nofail(s->proc_kmsg_fd);
2748 journal_rate_limit_free(s->rate_limit);
2753 int main(int argc, char *argv[]) {
2757 /* if (getppid() != 1) { */
2758 /* log_error("This program should be invoked by init only."); */
2759 /* return EXIT_FAILURE; */
2763 log_error("This program does not take arguments.");
2764 return EXIT_FAILURE;
2767 log_set_target(LOG_TARGET_CONSOLE);
2768 log_set_facility(LOG_SYSLOG);
2769 log_parse_environment();
2774 r = server_init(&server);
2778 server_vacuum(&server);
2779 server_flush_to_var(&server);
2780 server_flush_proc_kmsg(&server);
2782 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2783 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2787 "STATUS=Processing requests...");
2790 struct epoll_event event;
2792 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2798 log_error("epoll_wait() failed: %m");
2804 r = process_event(&server, &event);
2811 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2812 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2816 "STATUS=Shutting down...");
2818 server_done(&server);
2820 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;