1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_UNIT_ID,
81 STDOUT_STREAM_PRIORITY,
82 STDOUT_STREAM_LEVEL_PREFIX,
83 STDOUT_STREAM_FORWARD_TO_SYSLOG,
84 STDOUT_STREAM_FORWARD_TO_KMSG,
85 STDOUT_STREAM_FORWARD_TO_CONSOLE,
91 StdoutStreamState state;
97 security_context_t security_context;
104 bool forward_to_syslog:1;
105 bool forward_to_kmsg:1;
106 bool forward_to_console:1;
108 char buffer[LINE_MAX+1];
111 LIST_FIELDS(StdoutStream, stdout_stream);
114 static const char* const storage_table[] = {
115 [STORAGE_AUTO] = "auto",
116 [STORAGE_VOLATILE] = "volatile",
117 [STORAGE_PERMANENT] = "permanent",
118 [STORAGE_NONE] = "none"
121 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
122 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
124 static int server_flush_to_var(Server *s);
126 static uint64_t available_space(Server *s) {
131 uint64_t sum = 0, avail = 0, ss_avail = 0;
137 ts = now(CLOCK_MONOTONIC);
139 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
140 return s->cached_available_space;
142 r = sd_id128_get_machine(&machine);
146 if (s->system_journal) {
147 f = "/var/log/journal/";
148 m = &s->system_metrics;
150 f = "/run/log/journal/";
151 m = &s->runtime_metrics;
156 p = strappend(f, sd_id128_to_string(machine, ids));
166 if (fstatvfs(dirfd(d), &ss) < 0)
171 struct dirent buf, *de;
173 r = readdir_r(d, &buf, &de);
180 if (!endswith(de->d_name, ".journal") &&
181 !endswith(de->d_name, ".journal~"))
184 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
187 if (!S_ISREG(st.st_mode))
190 sum += (uint64_t) st.st_blocks * 512UL;
193 avail = sum >= m->max_use ? 0 : m->max_use - sum;
195 ss_avail = ss.f_bsize * ss.f_bavail;
197 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
199 if (ss_avail < avail)
202 s->cached_available_space = avail;
203 s->cached_available_space_timestamp = ts;
211 static void server_read_file_gid(Server *s) {
212 const char *adm = "adm";
217 if (s->file_gid_valid)
220 r = get_group_creds(&adm, &s->file_gid);
222 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
224 /* if we couldn't read the gid, then it will be 0, but that's
225 * fine and we shouldn't try to resolve the group again, so
226 * let's just pretend it worked right-away. */
227 s->file_gid_valid = true;
230 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
235 acl_permset_t permset;
240 server_read_file_gid(s);
242 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
244 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
250 acl = acl_get_fd(f->fd);
252 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
256 r = acl_find_uid(acl, uid, &entry);
259 if (acl_create_entry(&acl, &entry) < 0 ||
260 acl_set_tag_type(entry, ACL_USER) < 0 ||
261 acl_set_qualifier(entry, &uid) < 0) {
262 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
267 if (acl_get_permset(entry, &permset) < 0 ||
268 acl_add_perm(permset, ACL_READ) < 0 ||
269 acl_calc_mask(&acl) < 0) {
270 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
274 if (acl_set_fd(f->fd, acl) < 0)
275 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
282 static JournalFile* find_journal(Server *s, uid_t uid) {
291 /* We split up user logs only on /var, not on /run. If the
292 * runtime file is open, we write to it exclusively, in order
293 * to guarantee proper order as soon as we flush /run to
294 * /var and close the runtime file. */
296 if (s->runtime_journal)
297 return s->runtime_journal;
300 return s->system_journal;
302 r = sd_id128_get_machine(&machine);
304 return s->system_journal;
306 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
310 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
311 return s->system_journal;
313 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
314 /* Too many open? Then let's close one */
315 f = hashmap_steal_first(s->user_journals);
317 journal_file_close(f);
320 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
324 return s->system_journal;
326 server_fix_perms(s, f, uid);
328 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
330 journal_file_close(f);
331 return s->system_journal;
337 static void server_rotate(Server *s) {
343 log_info("Rotating...");
345 if (s->runtime_journal) {
346 r = journal_file_rotate(&s->runtime_journal);
348 if (s->runtime_journal)
349 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
351 log_error("Failed to create new runtime journal: %s", strerror(-r));
353 server_fix_perms(s, s->runtime_journal, 0);
356 if (s->system_journal) {
357 r = journal_file_rotate(&s->system_journal);
359 if (s->system_journal)
360 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
362 log_error("Failed to create new system journal: %s", strerror(-r));
365 server_fix_perms(s, s->system_journal, 0);
368 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
369 r = journal_file_rotate(&f);
372 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
374 log_error("Failed to create user journal: %s", strerror(-r));
376 hashmap_replace(s->user_journals, k, f);
377 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
382 static void server_vacuum(Server *s) {
388 log_info("Vacuuming...");
390 r = sd_id128_get_machine(&machine);
392 log_error("Failed to get machine ID: %s", strerror(-r));
396 sd_id128_to_string(machine, ids);
398 if (s->system_journal) {
399 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
400 log_error("Out of memory.");
404 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
405 if (r < 0 && r != -ENOENT)
406 log_error("Failed to vacuum %s: %s", p, strerror(-r));
410 if (s->runtime_journal) {
411 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
412 log_error("Out of memory.");
416 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
417 if (r < 0 && r != -ENOENT)
418 log_error("Failed to vacuum %s: %s", p, strerror(-r));
422 s->cached_available_space_timestamp = 0;
425 static char *shortened_cgroup_path(pid_t pid) {
427 char *process_path, *init_path, *path;
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
435 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
441 if (endswith(init_path, "/system"))
442 init_path[strlen(init_path) - 7] = 0;
443 else if (streq(init_path, "/"))
446 if (startswith(process_path, init_path)) {
449 p = strdup(process_path + strlen(init_path));
467 static void dispatch_message_real(
469 struct iovec *iovec, unsigned n, unsigned m,
472 const char *label, size_t label_len,
473 const char *unit_id) {
475 char *pid = NULL, *uid = NULL, *gid = NULL,
476 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
477 *comm = NULL, *cmdline = NULL, *hostname = NULL,
478 *audit_session = NULL, *audit_loginuid = NULL,
479 *exe = NULL, *cgroup = NULL, *session = NULL,
480 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
486 uid_t loginuid = 0, realuid = 0;
488 bool vacuumed = false;
493 assert(n + N_IOVEC_META_FIELDS <= m);
501 realuid = ucred->uid;
503 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
504 IOVEC_SET_STRING(iovec[n++], pid);
506 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
507 IOVEC_SET_STRING(iovec[n++], uid);
509 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
510 IOVEC_SET_STRING(iovec[n++], gid);
512 r = get_process_comm(ucred->pid, &t);
514 comm = strappend("_COMM=", t);
518 IOVEC_SET_STRING(iovec[n++], comm);
521 r = get_process_exe(ucred->pid, &t);
523 exe = strappend("_EXE=", t);
527 IOVEC_SET_STRING(iovec[n++], exe);
530 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
532 cmdline = strappend("_CMDLINE=", t);
536 IOVEC_SET_STRING(iovec[n++], cmdline);
539 r = audit_session_from_pid(ucred->pid, &audit);
541 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
542 IOVEC_SET_STRING(iovec[n++], audit_session);
544 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
546 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
547 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
549 t = shortened_cgroup_path(ucred->pid);
551 cgroup = strappend("_SYSTEMD_CGROUP=", t);
555 IOVEC_SET_STRING(iovec[n++], cgroup);
559 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
560 session = strappend("_SYSTEMD_SESSION=", t);
564 IOVEC_SET_STRING(iovec[n++], session);
567 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
568 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
569 IOVEC_SET_STRING(iovec[n++], owner_uid);
572 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
573 unit = strappend("_SYSTEMD_UNIT=", t);
576 unit = strappend("_SYSTEMD_UNIT=", unit_id);
579 IOVEC_SET_STRING(iovec[n++], unit);
583 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
584 if (selinux_context) {
585 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
586 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
587 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
588 IOVEC_SET_STRING(iovec[n++], selinux_context);
591 security_context_t con;
593 if (getpidcon(ucred->pid, &con) >= 0) {
594 selinux_context = strappend("_SELINUX_CONTEXT=", con);
596 IOVEC_SET_STRING(iovec[n++], selinux_context);
605 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
606 (unsigned long long) timeval_load(tv)) >= 0)
607 IOVEC_SET_STRING(iovec[n++], source_time);
610 /* Note that strictly speaking storing the boot id here is
611 * redundant since the entry includes this in-line
612 * anyway. However, we need this indexed, too. */
613 r = sd_id128_get_boot(&id);
615 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
616 IOVEC_SET_STRING(iovec[n++], boot_id);
618 r = sd_id128_get_machine(&id);
620 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
621 IOVEC_SET_STRING(iovec[n++], machine_id);
623 t = gethostname_malloc();
625 hostname = strappend("_HOSTNAME=", t);
628 IOVEC_SET_STRING(iovec[n++], hostname);
633 server_flush_to_var(s);
636 f = find_journal(s, realuid == 0 ? 0 : loginuid);
638 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
640 if ((r == -E2BIG || /* hit limit */
641 r == -EFBIG || /* hit fs limit */
642 r == -EDQUOT || /* quota hit */
643 r == -ENOSPC || /* disk full */
644 r == -EBADMSG || /* corrupted */
645 r == -ENODATA || /* truncated */
646 r == -EHOSTDOWN || /* other machine */
647 r == -EPROTONOSUPPORT) && /* unsupported feature */
651 log_info("Allocation limit reached, rotating.");
653 log_warning("Journal file corrupted, rotating.");
659 log_info("Retrying write.");
664 log_error("Failed to write entry, ignoring: %s", strerror(-r));
678 free(audit_loginuid);
683 free(selinux_context);
686 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
687 char mid[11 + 32 + 1];
688 char buffer[16 + LINE_MAX + 1];
689 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
697 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
698 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
700 memcpy(buffer, "MESSAGE=", 8);
701 va_start(ap, format);
702 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
704 char_array_0(buffer);
705 IOVEC_SET_STRING(iovec[n++], buffer);
707 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
709 IOVEC_SET_STRING(iovec[n++], mid);
712 ucred.pid = getpid();
713 ucred.uid = getuid();
714 ucred.gid = getgid();
716 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
719 static void dispatch_message(Server *s,
720 struct iovec *iovec, unsigned n, unsigned m,
723 const char *label, size_t label_len,
727 char *path = NULL, *c;
730 assert(iovec || n == 0);
735 if (LOG_PRI(priority) > s->max_level_store)
741 path = shortened_cgroup_path(ucred->pid);
745 /* example: /user/lennart/3/foobar
746 * /system/dbus.service/foobar
748 * So let's cut of everything past the third /, since that is
749 * wher user directories start */
751 c = strchr(path, '/');
753 c = strchr(c+1, '/');
755 c = strchr(c+1, '/');
761 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
768 /* Write a suppression message if we suppressed something */
770 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
775 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
778 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
779 struct msghdr msghdr;
780 struct cmsghdr *cmsg;
782 struct cmsghdr cmsghdr;
783 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
785 union sockaddr_union sa;
792 msghdr.msg_iov = (struct iovec*) iovec;
793 msghdr.msg_iovlen = n_iovec;
796 sa.un.sun_family = AF_UNIX;
797 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
798 msghdr.msg_name = &sa;
799 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
803 msghdr.msg_control = &control;
804 msghdr.msg_controllen = sizeof(control);
806 cmsg = CMSG_FIRSTHDR(&msghdr);
807 cmsg->cmsg_level = SOL_SOCKET;
808 cmsg->cmsg_type = SCM_CREDENTIALS;
809 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
810 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
811 msghdr.msg_controllen = cmsg->cmsg_len;
814 /* Forward the syslog message we received via /dev/log to
815 * /run/systemd/syslog. Unfortunately we currently can't set
816 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
818 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
821 /* The socket is full? I guess the syslog implementation is
822 * too slow, and we shouldn't wait for that... */
826 if (ucred && errno == ESRCH) {
829 /* Hmm, presumably the sender process vanished
830 * by now, so let's fix it as good as we
835 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
837 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
844 log_debug("Failed to forward syslog message: %m");
847 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
853 if (LOG_PRI(priority) > s->max_level_syslog)
856 IOVEC_SET_STRING(iovec, buffer);
857 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
860 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
861 struct iovec iovec[5];
862 char header_priority[6], header_time[64], header_pid[16];
866 char *ident_buf = NULL;
869 assert(priority >= 0);
870 assert(priority <= 999);
873 if (LOG_PRI(priority) > s->max_level_syslog)
876 /* First: priority field */
877 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
878 char_array_0(header_priority);
879 IOVEC_SET_STRING(iovec[n++], header_priority);
881 /* Second: timestamp */
882 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
886 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
888 IOVEC_SET_STRING(iovec[n++], header_time);
890 /* Third: identifier and PID */
893 get_process_comm(ucred->pid, &ident_buf);
894 identifier = ident_buf;
897 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
898 char_array_0(header_pid);
901 IOVEC_SET_STRING(iovec[n++], identifier);
903 IOVEC_SET_STRING(iovec[n++], header_pid);
904 } else if (identifier) {
905 IOVEC_SET_STRING(iovec[n++], identifier);
906 IOVEC_SET_STRING(iovec[n++], ": ");
909 /* Fourth: message */
910 IOVEC_SET_STRING(iovec[n++], message);
912 forward_syslog_iovec(s, iovec, n, ucred, tv);
917 static int fixup_priority(int priority) {
919 if ((priority & LOG_FACMASK) == 0)
920 return (priority & LOG_PRIMASK) | LOG_USER;
925 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
926 struct iovec iovec[5];
927 char header_priority[6], header_pid[16];
929 char *ident_buf = NULL;
933 assert(priority >= 0);
934 assert(priority <= 999);
937 if (LOG_PRI(priority) > s->max_level_kmsg)
940 /* Never allow messages with kernel facility to be written to
941 * kmsg, regardless where the data comes from. */
942 priority = fixup_priority(priority);
944 /* First: priority field */
945 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
946 char_array_0(header_priority);
947 IOVEC_SET_STRING(iovec[n++], header_priority);
949 /* Second: identifier and PID */
952 get_process_comm(ucred->pid, &ident_buf);
953 identifier = ident_buf;
956 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
957 char_array_0(header_pid);
960 IOVEC_SET_STRING(iovec[n++], identifier);
962 IOVEC_SET_STRING(iovec[n++], header_pid);
963 } else if (identifier) {
964 IOVEC_SET_STRING(iovec[n++], identifier);
965 IOVEC_SET_STRING(iovec[n++], ": ");
968 /* Fourth: message */
969 IOVEC_SET_STRING(iovec[n++], message);
970 IOVEC_SET_STRING(iovec[n++], "\n");
972 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
974 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
978 if (writev(fd, iovec, n) < 0)
979 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
981 close_nointr_nofail(fd);
987 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
988 struct iovec iovec[4];
991 char *ident_buf = NULL;
997 if (LOG_PRI(priority) > s->max_level_console)
1000 /* First: identifier and PID */
1003 get_process_comm(ucred->pid, &ident_buf);
1004 identifier = ident_buf;
1007 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1008 char_array_0(header_pid);
1011 IOVEC_SET_STRING(iovec[n++], identifier);
1013 IOVEC_SET_STRING(iovec[n++], header_pid);
1014 } else if (identifier) {
1015 IOVEC_SET_STRING(iovec[n++], identifier);
1016 IOVEC_SET_STRING(iovec[n++], ": ");
1019 /* Third: message */
1020 IOVEC_SET_STRING(iovec[n++], message);
1021 IOVEC_SET_STRING(iovec[n++], "\n");
1023 tty = s->tty_path ? s->tty_path : "/dev/console";
1025 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1027 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1031 if (writev(fd, iovec, n) < 0)
1032 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1034 close_nointr_nofail(fd);
1040 static void read_identifier(const char **buf, char **identifier, char **pid) {
1051 p += strspn(p, WHITESPACE);
1052 l = strcspn(p, WHITESPACE);
1061 if (p[l-1] == ']') {
1067 t = strndup(p+k+1, l-k-2);
1087 *buf += strspn(*buf, WHITESPACE);
1090 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1091 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1092 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1094 int priority = LOG_USER | LOG_INFO;
1095 char *identifier = NULL, *pid = NULL;
1102 parse_syslog_priority((char**) &buf, &priority);
1104 if (s->forward_to_syslog)
1105 forward_syslog_raw(s, priority, orig, ucred, tv);
1107 skip_syslog_date((char**) &buf);
1108 read_identifier(&buf, &identifier, &pid);
1110 if (s->forward_to_kmsg)
1111 forward_kmsg(s, priority, identifier, buf, ucred);
1113 if (s->forward_to_console)
1114 forward_console(s, priority, identifier, buf, ucred);
1116 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1118 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1119 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1121 if (priority & LOG_FACMASK)
1122 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1123 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1126 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1127 if (syslog_identifier)
1128 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1132 syslog_pid = strappend("SYSLOG_PID=", pid);
1134 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1137 message = strappend("MESSAGE=", buf);
1139 IOVEC_SET_STRING(iovec[n++], message);
1141 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1146 free(syslog_priority);
1147 free(syslog_facility);
1148 free(syslog_identifier);
1151 static bool valid_user_field(const char *p, size_t l) {
1154 /* We kinda enforce POSIX syntax recommendations for
1155 environment variables here, but make a couple of additional
1158 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1160 /* No empty field names */
1164 /* Don't allow names longer than 64 chars */
1168 /* Variables starting with an underscore are protected */
1172 /* Don't allow digits as first character */
1173 if (p[0] >= '0' && p[0] <= '9')
1176 /* Only allow A-Z0-9 and '_' */
1177 for (a = p; a < p + l; a++)
1178 if (!((*a >= 'A' && *a <= 'Z') ||
1179 (*a >= '0' && *a <= '9') ||
1186 static void process_native_message(
1188 const void *buffer, size_t buffer_size,
1189 struct ucred *ucred,
1191 const char *label, size_t label_len) {
1193 struct iovec *iovec = NULL;
1194 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1197 int priority = LOG_INFO;
1198 char *identifier = NULL, *message = NULL;
1201 assert(buffer || buffer_size == 0);
1204 remaining = buffer_size;
1206 while (remaining > 0) {
1209 e = memchr(p, '\n', remaining);
1212 /* Trailing noise, let's ignore it, and flush what we collected */
1213 log_debug("Received message with trailing noise, ignoring.");
1218 /* Entry separator */
1219 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1221 priority = LOG_INFO;
1228 if (*p == '.' || *p == '#') {
1229 /* Ignore control commands for now, and
1231 remaining -= (e - p) + 1;
1236 /* A property follows */
1238 if (n+N_IOVEC_META_FIELDS >= m) {
1242 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1243 c = realloc(iovec, u * sizeof(struct iovec));
1245 log_error("Out of memory");
1253 q = memchr(p, '=', e - p);
1255 if (valid_user_field(p, q - p)) {
1260 /* If the field name starts with an
1261 * underscore, skip the variable,
1262 * since that indidates a trusted
1264 iovec[n].iov_base = (char*) p;
1265 iovec[n].iov_len = l;
1268 /* We need to determine the priority
1269 * of this entry for the rate limiting
1272 memcmp(p, "PRIORITY=", 9) == 0 &&
1273 p[9] >= '0' && p[9] <= '9')
1274 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1277 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1278 p[16] >= '0' && p[16] <= '9')
1279 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1282 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1283 p[16] >= '0' && p[16] <= '9' &&
1284 p[17] >= '0' && p[17] <= '9')
1285 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1288 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1291 t = strndup(p + 18, l - 18);
1296 } else if (l >= 8 &&
1297 memcmp(p, "MESSAGE=", 8) == 0) {
1300 t = strndup(p + 8, l - 8);
1308 remaining -= (e - p) + 1;
1316 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1317 log_debug("Failed to parse message, ignoring.");
1321 memcpy(&l_le, e + 1, sizeof(uint64_t));
1324 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1325 e[1+sizeof(uint64_t)+l] != '\n') {
1326 log_debug("Failed to parse message, ignoring.");
1330 k = malloc((e - p) + 1 + l);
1332 log_error("Out of memory");
1336 memcpy(k, p, e - p);
1338 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1340 if (valid_user_field(p, e - p)) {
1341 iovec[n].iov_base = k;
1342 iovec[n].iov_len = (e - p) + 1 + l;
1347 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1348 p = e + 1 + sizeof(uint64_t) + l + 1;
1356 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1359 if (s->forward_to_syslog)
1360 forward_syslog(s, priority, identifier, message, ucred, tv);
1362 if (s->forward_to_kmsg)
1363 forward_kmsg(s, priority, identifier, message, ucred);
1365 if (s->forward_to_console)
1366 forward_console(s, priority, identifier, message, ucred);
1369 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1372 for (j = 0; j < n; j++) {
1376 if (iovec[j].iov_base < buffer ||
1377 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1378 free(iovec[j].iov_base);
1386 static void process_native_file(
1389 struct ucred *ucred,
1391 const char *label, size_t label_len) {
1400 /* Data is in the passed file, since it didn't fit in a
1401 * datagram. We can't map the file here, since clients might
1402 * then truncate it and trigger a SIGBUS for us. So let's
1403 * stupidly read it */
1405 if (fstat(fd, &st) < 0) {
1406 log_error("Failed to stat passed file, ignoring: %m");
1410 if (!S_ISREG(st.st_mode)) {
1411 log_error("File passed is not regular. Ignoring.");
1415 if (st.st_size <= 0)
1418 if (st.st_size > ENTRY_SIZE_MAX) {
1419 log_error("File passed too large. Ignoring.");
1423 p = malloc(st.st_size);
1425 log_error("Out of memory");
1429 n = pread(fd, p, st.st_size, 0);
1431 log_error("Failed to read file, ignoring: %s", strerror(-n));
1433 process_native_message(s, p, n, ucred, tv, label, label_len);
1438 static int stdout_stream_log(StdoutStream *s, const char *p) {
1439 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1440 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1444 size_t label_len = 0;
1452 priority = s->priority;
1454 if (s->level_prefix)
1455 parse_syslog_priority((char**) &p, &priority);
1457 if (s->forward_to_syslog || s->server->forward_to_syslog)
1458 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1460 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1461 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1463 if (s->forward_to_console || s->server->forward_to_console)
1464 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1466 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1468 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1469 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1471 if (priority & LOG_FACMASK)
1472 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1473 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1475 if (s->identifier) {
1476 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1477 if (syslog_identifier)
1478 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1481 message = strappend("MESSAGE=", p);
1483 IOVEC_SET_STRING(iovec[n++], message);
1486 if (s->security_context) {
1487 label = (char*) s->security_context;
1488 label_len = strlen((char*) s->security_context);
1492 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1495 free(syslog_priority);
1496 free(syslog_facility);
1497 free(syslog_identifier);
1502 static int stdout_stream_line(StdoutStream *s, char *p) {
1512 case STDOUT_STREAM_IDENTIFIER:
1514 s->identifier = NULL;
1516 s->identifier = strdup(p);
1517 if (!s->identifier) {
1518 log_error("Out of memory");
1523 s->state = STDOUT_STREAM_UNIT_ID;
1526 case STDOUT_STREAM_UNIT_ID:
1527 if (s->ucred.uid == 0) {
1531 s->unit_id = strdup(p);
1533 log_error("Out of memory");
1539 s->state = STDOUT_STREAM_PRIORITY;
1542 case STDOUT_STREAM_PRIORITY:
1543 r = safe_atoi(p, &s->priority);
1544 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1545 log_warning("Failed to parse log priority line.");
1549 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1552 case STDOUT_STREAM_LEVEL_PREFIX:
1553 r = parse_boolean(p);
1555 log_warning("Failed to parse level prefix line.");
1559 s->level_prefix = !!r;
1560 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1563 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1564 r = parse_boolean(p);
1566 log_warning("Failed to parse forward to syslog line.");
1570 s->forward_to_syslog = !!r;
1571 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1574 case STDOUT_STREAM_FORWARD_TO_KMSG:
1575 r = parse_boolean(p);
1577 log_warning("Failed to parse copy to kmsg line.");
1581 s->forward_to_kmsg = !!r;
1582 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1585 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1586 r = parse_boolean(p);
1588 log_warning("Failed to parse copy to console line.");
1592 s->forward_to_console = !!r;
1593 s->state = STDOUT_STREAM_RUNNING;
1596 case STDOUT_STREAM_RUNNING:
1597 return stdout_stream_log(s, p);
1600 assert_not_reached("Unknown stream state");
1603 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1611 remaining = s->length;
1616 end = memchr(p, '\n', remaining);
1619 else if (remaining >= sizeof(s->buffer) - 1) {
1620 end = p + sizeof(s->buffer) - 1;
1627 r = stdout_stream_line(s, p);
1635 if (force_flush && remaining > 0) {
1637 r = stdout_stream_line(s, p);
1645 if (p > s->buffer) {
1646 memmove(s->buffer, p, remaining);
1647 s->length = remaining;
1653 static int stdout_stream_process(StdoutStream *s) {
1659 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1662 if (errno == EAGAIN)
1665 log_warning("Failed to read from stream: %m");
1670 r = stdout_stream_scan(s, true);
1678 r = stdout_stream_scan(s, false);
1686 static void stdout_stream_free(StdoutStream *s) {
1690 assert(s->server->n_stdout_streams > 0);
1691 s->server->n_stdout_streams --;
1692 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1697 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1699 close_nointr_nofail(s->fd);
1703 if (s->security_context)
1704 freecon(s->security_context);
1707 free(s->identifier);
1711 static int stdout_stream_new(Server *s) {
1712 StdoutStream *stream;
1715 struct epoll_event ev;
1719 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1721 if (errno == EAGAIN)
1724 log_error("Failed to accept stdout connection: %m");
1728 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1729 log_warning("Too many stdout streams, refusing connection.");
1730 close_nointr_nofail(fd);
1734 stream = new0(StdoutStream, 1);
1736 log_error("Out of memory.");
1737 close_nointr_nofail(fd);
1743 len = sizeof(stream->ucred);
1744 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1745 log_error("Failed to determine peer credentials: %m");
1751 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1752 log_error("Failed to determine peer security context: %m");
1755 if (shutdown(fd, SHUT_WR) < 0) {
1756 log_error("Failed to shutdown writing side of socket: %m");
1762 ev.data.ptr = stream;
1763 ev.events = EPOLLIN;
1764 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1765 log_error("Failed to add stream to event loop: %m");
1771 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1772 s->n_stdout_streams ++;
1777 stdout_stream_free(stream);
1781 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1792 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1797 for (i = 1; i <= 5; i++) {
1803 k = undecchar(p[i]);
1810 for (i = 7; i <= 12; i++) {
1813 k = undecchar(p[i]);
1822 *_p += strspn(*_p, WHITESPACE);
1827 static bool is_us(const char *pid) {
1832 if (parse_pid(pid, &t) < 0)
1835 return t == getpid();
1838 static void proc_kmsg_line(Server *s, const char *p) {
1839 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1840 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1841 int priority = LOG_KERN | LOG_INFO;
1844 char *identifier = NULL, *pid = NULL;
1852 parse_syslog_priority((char **) &p, &priority);
1854 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1857 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1858 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1859 (unsigned long long) usec) >= 0)
1860 IOVEC_SET_STRING(iovec[n++], source_time);
1863 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1865 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1866 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1868 if ((priority & LOG_FACMASK) == LOG_KERN) {
1870 if (s->forward_to_syslog)
1871 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1873 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1875 read_identifier(&p, &identifier, &pid);
1877 /* Avoid any messages we generated ourselves via
1878 * log_info() and friends. */
1879 if (pid && is_us(pid))
1882 if (s->forward_to_syslog)
1883 forward_syslog(s, priority, identifier, p, NULL, NULL);
1886 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1887 if (syslog_identifier)
1888 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1892 syslog_pid = strappend("SYSLOG_PID=", pid);
1894 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1897 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1898 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1901 message = strappend("MESSAGE=", p);
1903 IOVEC_SET_STRING(iovec[n++], message);
1905 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1909 free(syslog_priority);
1910 free(syslog_identifier);
1912 free(syslog_facility);
1918 static void proc_kmsg_scan(Server *s) {
1924 p = s->proc_kmsg_buffer;
1925 remaining = s->proc_kmsg_length;
1930 end = memchr(p, '\n', remaining);
1933 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1934 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1941 proc_kmsg_line(s, p);
1947 if (p > s->proc_kmsg_buffer) {
1948 memmove(s->proc_kmsg_buffer, p, remaining);
1949 s->proc_kmsg_length = remaining;
1953 static int system_journal_open(Server *s) {
1959 r = sd_id128_get_machine(&machine);
1963 sd_id128_to_string(machine, ids);
1965 if (!s->system_journal &&
1966 (s->storage == STORAGE_PERMANENT ||
1967 s->storage == STORAGE_AUTO)) {
1969 /* If in auto mode: first try to create the machine
1970 * path, but not the prefix.
1972 * If in permanent mode: create /var/log/journal and
1973 * the machine path */
1975 if (s->storage & STORAGE_PERMANENT)
1976 (void) mkdir("/var/log/journal/", 0755);
1978 fn = strappend("/var/log/journal/", ids);
1982 (void) mkdir(fn, 0755);
1985 /* The create the system journal file */
1986 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1990 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1994 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1996 s->system_journal->metrics = s->system_metrics;
1997 s->system_journal->compress = s->compress;
1999 server_fix_perms(s, s->system_journal, 0);
2002 if (r != -ENOENT && r != -EROFS)
2003 log_warning("Failed to open system journal: %s", strerror(-r));
2009 if (!s->runtime_journal &&
2010 (s->storage != STORAGE_NONE)) {
2012 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
2016 if (s->system_journal) {
2018 /* Try to open the runtime journal, but only
2019 * if it already exists, so that we can flush
2020 * it into the system journal */
2022 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
2027 log_warning("Failed to open runtime journal: %s", strerror(-r));
2034 /* OK, we really need the runtime journal, so create
2035 * it if necessary. */
2037 (void) mkdir_parents_label(fn, 0755);
2038 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2042 log_error("Failed to open runtime journal: %s", strerror(-r));
2047 if (s->runtime_journal) {
2048 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2050 s->runtime_journal->metrics = s->runtime_metrics;
2051 s->runtime_journal->compress = s->compress;
2053 server_fix_perms(s, s->runtime_journal, 0);
2060 static int server_flush_to_var(Server *s) {
2061 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2070 if (s->storage != STORAGE_AUTO &&
2071 s->storage != STORAGE_PERMANENT)
2074 if (!s->runtime_journal)
2077 ts = now(CLOCK_MONOTONIC);
2078 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2081 s->var_available_timestamp = ts;
2083 system_journal_open(s);
2085 if (!s->system_journal)
2088 log_info("Flushing to /var...");
2090 r = sd_id128_get_machine(&machine);
2092 log_error("Failed to get machine id: %s", strerror(-r));
2096 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2098 log_error("Failed to read runtime journal: %s", strerror(-r));
2102 SD_JOURNAL_FOREACH(j) {
2105 f = j->current_file;
2106 assert(f && f->current_offset > 0);
2108 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2110 log_error("Can't read entry: %s", strerror(-r));
2114 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2116 log_info("Allocation limit reached.");
2118 journal_file_post_change(s->system_journal);
2122 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2126 log_error("Can't write entry: %s", strerror(-r));
2132 journal_file_post_change(s->system_journal);
2134 journal_file_close(s->runtime_journal);
2135 s->runtime_journal = NULL;
2138 sd_id128_to_string(machine, path + 17);
2139 rm_rf(path, false, true, false);
2145 static int server_read_proc_kmsg(Server *s) {
2148 assert(s->proc_kmsg_fd >= 0);
2150 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2151 if (l == 0) /* the kernel is stupid and in some race
2152 * conditions returns 0 in the middle of the
2157 if (errno == EAGAIN || errno == EINTR)
2160 log_error("Failed to read from kernel: %m");
2164 s->proc_kmsg_length += l;
2170 static int server_flush_proc_kmsg(Server *s) {
2175 if (s->proc_kmsg_fd < 0)
2178 log_info("Flushing /proc/kmsg...");
2181 r = server_read_proc_kmsg(s);
2192 static int process_event(Server *s, struct epoll_event *ev) {
2196 if (ev->data.fd == s->signal_fd) {
2197 struct signalfd_siginfo sfsi;
2200 if (ev->events != EPOLLIN) {
2201 log_info("Got invalid event from epoll.");
2205 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2206 if (n != sizeof(sfsi)) {
2211 if (errno == EINTR || errno == EAGAIN)
2217 if (sfsi.ssi_signo == SIGUSR1) {
2218 server_flush_to_var(s);
2222 if (sfsi.ssi_signo == SIGUSR2) {
2228 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2231 } else if (ev->data.fd == s->proc_kmsg_fd) {
2234 if (ev->events != EPOLLIN) {
2235 log_info("Got invalid event from epoll.");
2239 r = server_read_proc_kmsg(s);
2245 } else if (ev->data.fd == s->native_fd ||
2246 ev->data.fd == s->syslog_fd) {
2248 if (ev->events != EPOLLIN) {
2249 log_info("Got invalid event from epoll.");
2254 struct msghdr msghdr;
2256 struct ucred *ucred = NULL;
2257 struct timeval *tv = NULL;
2258 struct cmsghdr *cmsg;
2260 size_t label_len = 0;
2262 struct cmsghdr cmsghdr;
2264 /* We use NAME_MAX space for the
2265 * SELinux label here. The kernel
2266 * currently enforces no limit, but
2267 * according to suggestions from the
2268 * SELinux people this will change and
2269 * it will probably be identical to
2270 * NAME_MAX. For now we use that, but
2271 * this should be updated one day when
2272 * the final limit is known.*/
2273 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2274 CMSG_SPACE(sizeof(struct timeval)) +
2275 CMSG_SPACE(sizeof(int)) + /* fd */
2276 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2283 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2284 log_error("SIOCINQ failed: %m");
2288 if (s->buffer_size < (size_t) v) {
2292 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2293 b = realloc(s->buffer, l+1);
2296 log_error("Couldn't increase buffer.");
2305 iovec.iov_base = s->buffer;
2306 iovec.iov_len = s->buffer_size;
2310 msghdr.msg_iov = &iovec;
2311 msghdr.msg_iovlen = 1;
2312 msghdr.msg_control = &control;
2313 msghdr.msg_controllen = sizeof(control);
2315 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2318 if (errno == EINTR || errno == EAGAIN)
2321 log_error("recvmsg() failed: %m");
2325 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2327 if (cmsg->cmsg_level == SOL_SOCKET &&
2328 cmsg->cmsg_type == SCM_CREDENTIALS &&
2329 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2330 ucred = (struct ucred*) CMSG_DATA(cmsg);
2331 else if (cmsg->cmsg_level == SOL_SOCKET &&
2332 cmsg->cmsg_type == SCM_SECURITY) {
2333 label = (char*) CMSG_DATA(cmsg);
2334 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2335 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2336 cmsg->cmsg_type == SO_TIMESTAMP &&
2337 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2338 tv = (struct timeval*) CMSG_DATA(cmsg);
2339 else if (cmsg->cmsg_level == SOL_SOCKET &&
2340 cmsg->cmsg_type == SCM_RIGHTS) {
2341 fds = (int*) CMSG_DATA(cmsg);
2342 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2346 if (ev->data.fd == s->syslog_fd) {
2349 if (n > 0 && n_fds == 0) {
2350 e = memchr(s->buffer, '\n', n);
2356 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2357 } else if (n_fds > 0)
2358 log_warning("Got file descriptors via syslog socket. Ignoring.");
2361 if (n > 0 && n_fds == 0)
2362 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2363 else if (n == 0 && n_fds == 1)
2364 process_native_file(s, fds[0], ucred, tv, label, label_len);
2366 log_warning("Got too many file descriptors via native socket. Ignoring.");
2369 close_many(fds, n_fds);
2374 } else if (ev->data.fd == s->stdout_fd) {
2376 if (ev->events != EPOLLIN) {
2377 log_info("Got invalid event from epoll.");
2381 stdout_stream_new(s);
2385 StdoutStream *stream;
2387 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2388 log_info("Got invalid event from epoll.");
2392 /* If it is none of the well-known fds, it must be an
2393 * stdout stream fd. Note that this is a bit ugly here
2394 * (since we rely that none of the well-known fds
2395 * could be interpreted as pointer), but nonetheless
2396 * safe, since the well-known fds would never get an
2397 * fd > 4096, i.e. beyond the first memory page */
2399 stream = ev->data.ptr;
2401 if (stdout_stream_process(stream) <= 0)
2402 stdout_stream_free(stream);
2407 log_error("Unknown event.");
2411 static int open_syslog_socket(Server *s) {
2412 union sockaddr_union sa;
2414 struct epoll_event ev;
2418 if (s->syslog_fd < 0) {
2420 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2421 if (s->syslog_fd < 0) {
2422 log_error("socket() failed: %m");
2427 sa.un.sun_family = AF_UNIX;
2428 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2430 unlink(sa.un.sun_path);
2432 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2434 log_error("bind() failed: %m");
2438 chmod(sa.un.sun_path, 0666);
2440 fd_nonblock(s->syslog_fd, 1);
2443 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2445 log_error("SO_PASSCRED failed: %m");
2451 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2453 log_warning("SO_PASSSEC failed: %m");
2457 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2459 log_error("SO_TIMESTAMP failed: %m");
2464 ev.events = EPOLLIN;
2465 ev.data.fd = s->syslog_fd;
2466 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2467 log_error("Failed to add syslog server fd to epoll object: %m");
2474 static int open_native_socket(Server*s) {
2475 union sockaddr_union sa;
2477 struct epoll_event ev;
2481 if (s->native_fd < 0) {
2483 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2484 if (s->native_fd < 0) {
2485 log_error("socket() failed: %m");
2490 sa.un.sun_family = AF_UNIX;
2491 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2493 unlink(sa.un.sun_path);
2495 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2497 log_error("bind() failed: %m");
2501 chmod(sa.un.sun_path, 0666);
2503 fd_nonblock(s->native_fd, 1);
2506 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2508 log_error("SO_PASSCRED failed: %m");
2514 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2516 log_warning("SO_PASSSEC failed: %m");
2520 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2522 log_error("SO_TIMESTAMP failed: %m");
2527 ev.events = EPOLLIN;
2528 ev.data.fd = s->native_fd;
2529 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2530 log_error("Failed to add native server fd to epoll object: %m");
2537 static int open_stdout_socket(Server *s) {
2538 union sockaddr_union sa;
2540 struct epoll_event ev;
2544 if (s->stdout_fd < 0) {
2546 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2547 if (s->stdout_fd < 0) {
2548 log_error("socket() failed: %m");
2553 sa.un.sun_family = AF_UNIX;
2554 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2556 unlink(sa.un.sun_path);
2558 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2560 log_error("bind() failed: %m");
2564 chmod(sa.un.sun_path, 0666);
2566 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2567 log_error("liste() failed: %m");
2571 fd_nonblock(s->stdout_fd, 1);
2574 ev.events = EPOLLIN;
2575 ev.data.fd = s->stdout_fd;
2576 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2577 log_error("Failed to add stdout server fd to epoll object: %m");
2584 static int open_proc_kmsg(Server *s) {
2585 struct epoll_event ev;
2589 if (!s->import_proc_kmsg)
2592 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2593 if (s->proc_kmsg_fd < 0) {
2594 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2599 ev.events = EPOLLIN;
2600 ev.data.fd = s->proc_kmsg_fd;
2601 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2602 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2609 static int open_signalfd(Server *s) {
2611 struct epoll_event ev;
2615 assert_se(sigemptyset(&mask) == 0);
2616 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2617 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2619 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2620 if (s->signal_fd < 0) {
2621 log_error("signalfd(): %m");
2626 ev.events = EPOLLIN;
2627 ev.data.fd = s->signal_fd;
2629 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2630 log_error("epoll_ctl(): %m");
2637 static int server_parse_proc_cmdline(Server *s) {
2638 char *line, *w, *state;
2642 if (detect_container(NULL) > 0)
2645 r = read_one_line_file("/proc/cmdline", &line);
2647 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2651 FOREACH_WORD_QUOTED(w, l, line, state) {
2654 word = strndup(w, l);
2660 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2661 r = parse_boolean(word + 35);
2663 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2665 s->forward_to_syslog = r;
2666 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2667 r = parse_boolean(word + 33);
2669 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2671 s->forward_to_kmsg = r;
2672 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2673 r = parse_boolean(word + 36);
2675 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2677 s->forward_to_console = r;
2678 } else if (startswith(word, "systemd.journald"))
2679 log_warning("Invalid systemd.journald parameter. Ignoring.");
2691 static int server_parse_config_file(Server *s) {
2698 fn = "/etc/systemd/journald.conf";
2699 f = fopen(fn, "re");
2701 if (errno == ENOENT)
2704 log_warning("Failed to open configuration file %s: %m", fn);
2708 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2710 log_warning("Failed to parse configuration file: %s", strerror(-r));
2717 static int server_init(Server *s) {
2723 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2726 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2727 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2729 s->forward_to_syslog = true;
2730 s->import_proc_kmsg = true;
2732 s->max_level_store = LOG_DEBUG;
2733 s->max_level_syslog = LOG_DEBUG;
2734 s->max_level_kmsg = LOG_NOTICE;
2735 s->max_level_console = LOG_INFO;
2737 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2738 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2740 server_parse_config_file(s);
2741 server_parse_proc_cmdline(s);
2743 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2744 if (!s->user_journals) {
2745 log_error("Out of memory.");
2749 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2750 if (s->epoll_fd < 0) {
2751 log_error("Failed to create epoll object: %m");
2755 n = sd_listen_fds(true);
2757 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2761 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2763 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2765 if (s->native_fd >= 0) {
2766 log_error("Too many native sockets passed.");
2772 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2774 if (s->stdout_fd >= 0) {
2775 log_error("Too many stdout sockets passed.");
2781 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2783 if (s->syslog_fd >= 0) {
2784 log_error("Too many /dev/log sockets passed.");
2791 log_error("Unknown socket passed.");
2796 r = open_syslog_socket(s);
2800 r = open_native_socket(s);
2804 r = open_stdout_socket(s);
2808 r = open_proc_kmsg(s);
2812 r = open_signalfd(s);
2816 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2820 r = system_journal_open(s);
2827 static void server_done(Server *s) {
2831 while (s->stdout_streams)
2832 stdout_stream_free(s->stdout_streams);
2834 if (s->system_journal)
2835 journal_file_close(s->system_journal);
2837 if (s->runtime_journal)
2838 journal_file_close(s->runtime_journal);
2840 while ((f = hashmap_steal_first(s->user_journals)))
2841 journal_file_close(f);
2843 hashmap_free(s->user_journals);
2845 if (s->epoll_fd >= 0)
2846 close_nointr_nofail(s->epoll_fd);
2848 if (s->signal_fd >= 0)
2849 close_nointr_nofail(s->signal_fd);
2851 if (s->syslog_fd >= 0)
2852 close_nointr_nofail(s->syslog_fd);
2854 if (s->native_fd >= 0)
2855 close_nointr_nofail(s->native_fd);
2857 if (s->stdout_fd >= 0)
2858 close_nointr_nofail(s->stdout_fd);
2860 if (s->proc_kmsg_fd >= 0)
2861 close_nointr_nofail(s->proc_kmsg_fd);
2864 journal_rate_limit_free(s->rate_limit);
2870 int main(int argc, char *argv[]) {
2874 /* if (getppid() != 1) { */
2875 /* log_error("This program should be invoked by init only."); */
2876 /* return EXIT_FAILURE; */
2880 log_error("This program does not take arguments.");
2881 return EXIT_FAILURE;
2884 log_set_target(LOG_TARGET_SAFE);
2885 log_set_facility(LOG_SYSLOG);
2886 log_parse_environment();
2891 r = server_init(&server);
2895 server_vacuum(&server);
2896 server_flush_to_var(&server);
2897 server_flush_proc_kmsg(&server);
2899 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2900 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2904 "STATUS=Processing requests...");
2907 struct epoll_event event;
2909 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2915 log_error("epoll_wait() failed: %m");
2921 r = process_event(&server, &event);
2928 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2929 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2933 "STATUS=Shutting down...");
2935 server_done(&server);
2937 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;