1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
36 #include <sys/ioctl.h>
37 #include <sys/inotify.h>
45 #include "sd-journal.h"
49 #include "logs-show.h"
51 #include "path-util.h"
57 #include "journal-internal.h"
58 #include "journal-def.h"
59 #include "journal-verify.h"
60 #include "journal-authenticate.h"
61 #include "journal-qrcode.h"
63 #include "unit-name.h"
67 #include "bus-error.h"
69 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
72 /* Special values for arg_lines */
73 ARG_LINES_DEFAULT = -2,
77 static OutputMode arg_output = OUTPUT_SHORT;
78 static bool arg_utc = false;
79 static bool arg_pager_end = false;
80 static bool arg_follow = false;
81 static bool arg_full = true;
82 static bool arg_all = false;
83 static bool arg_no_pager = false;
84 static int arg_lines = ARG_LINES_DEFAULT;
85 static bool arg_no_tail = false;
86 static bool arg_quiet = false;
87 static bool arg_merge = false;
88 static bool arg_boot = false;
89 static sd_id128_t arg_boot_id = {};
90 static int arg_boot_offset = 0;
91 static bool arg_dmesg = false;
92 static const char *arg_cursor = NULL;
93 static const char *arg_after_cursor = NULL;
94 static bool arg_show_cursor = false;
95 static const char *arg_directory = NULL;
96 static char **arg_file = NULL;
97 static int arg_priorities = 0xFF;
98 static const char *arg_verify_key = NULL;
100 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
101 static bool arg_force = false;
103 static usec_t arg_since, arg_until;
104 static bool arg_since_set = false, arg_until_set = false;
105 static char **arg_syslog_identifier = NULL;
106 static char **arg_system_units = NULL;
107 static char **arg_user_units = NULL;
108 static const char *arg_field = NULL;
109 static bool arg_catalog = false;
110 static bool arg_reverse = false;
111 static int arg_journal_type = 0;
112 static const char *arg_root = NULL;
113 static const char *arg_machine = NULL;
124 ACTION_UPDATE_CATALOG,
127 } arg_action = ACTION_SHOW;
129 typedef struct boot_id_t {
135 static void pager_open_if_enabled(void) {
140 pager_open(arg_pager_end);
143 static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
146 return format_timestamp_utc(buf, l, t);
148 return format_timestamp(buf, l, t);
151 static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
152 sd_id128_t id = SD_ID128_NULL;
155 if (strlen(x) >= 32) {
159 r = sd_id128_from_string(t, &id);
163 if (*x != '-' && *x != '+' && *x != 0)
167 r = safe_atoi(x, &off);
172 r = safe_atoi(x, &off);
186 static void help(void) {
188 pager_open_if_enabled();
190 printf("%s [OPTIONS...] [MATCHES...]\n\n"
191 "Query the journal.\n\n"
193 " --system Show the system journal\n"
194 " --user Show the user journal for the current user\n"
195 " -M --machine=CONTAINER Operate on local container\n"
196 " --since=DATE Start showing entries on or newer than the specified date\n"
197 " --until=DATE Stop showing entries on or older than the specified date\n"
198 " -c --cursor=CURSOR Start showing entries from the specified cursor\n"
199 " --after-cursor=CURSOR Start showing entries from after the specified cursor\n"
200 " --show-cursor Print the cursor after all the entries\n"
201 " -b --boot[=ID] Show data only from ID or, if unspecified, the current boot\n"
202 " --list-boots Show terse information about recorded boots\n"
203 " -k --dmesg Show kernel message log from the current boot\n"
204 " -u --unit=UNIT Show data only from the specified unit\n"
205 " --user-unit=UNIT Show data only from the specified user session unit\n"
206 " -t --identifier=STRING Show only messages with the specified syslog identifier\n"
207 " -p --priority=RANGE Show only messages within the specified priority range\n"
208 " -e --pager-end Immediately jump to end of the journal in the pager\n"
209 " -f --follow Follow the journal\n"
210 " -n --lines[=INTEGER] Number of journal entries to show\n"
211 " --no-tail Show all lines, even in follow mode\n"
212 " -r --reverse Show the newest entries first\n"
213 " -o --output=STRING Change journal output mode (short, short-iso,\n"
214 " short-precise, short-monotonic, verbose,\n"
215 " export, json, json-pretty, json-sse, cat)\n"
216 " --utc Express time in Coordinated Universal Time (UTC)\n"
217 " -x --catalog Add message explanations where available\n"
218 " --no-full Ellipsize fields\n"
219 " -a --all Show all fields, including long and unprintable\n"
220 " -q --quiet Do not show privilege warning\n"
221 " --no-pager Do not pipe output into a pager\n"
222 " -m --merge Show entries from all available journals\n"
223 " -D --directory=PATH Show journal files from directory\n"
224 " --file=PATH Show journal file\n"
225 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
227 " --interval=TIME Time interval for changing the FSS sealing key\n"
228 " --verify-key=KEY Specify FSS verification key\n"
229 " --force Force overriding of the FSS key pair with --setup-keys\n"
232 " -h --help Show this help text\n"
233 " --version Show package version\n"
234 " --new-id128 Generate a new 128-bit ID\n"
235 " --header Show journal header information\n"
236 " --disk-usage Show total disk usage of all journal files\n"
237 " -F --field=FIELD List all values that a specified field takes\n"
238 " --list-catalog Show message IDs of all entries in the message catalog\n"
239 " --dump-catalog Show entries in the message catalog\n"
240 " --update-catalog Update the message catalog database\n"
241 " --flush Flush all journal data from /run into /var\n"
243 " --setup-keys Generate a new FSS key pair\n"
244 " --verify Verify journal file consistency\n"
246 , program_invocation_short_name);
249 static int parse_argv(int argc, char *argv[]) {
281 static const struct option options[] = {
282 { "help", no_argument, NULL, 'h' },
283 { "version" , no_argument, NULL, ARG_VERSION },
284 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
285 { "pager-end", no_argument, NULL, 'e' },
286 { "follow", no_argument, NULL, 'f' },
287 { "force", no_argument, NULL, ARG_FORCE },
288 { "output", required_argument, NULL, 'o' },
289 { "all", no_argument, NULL, 'a' },
290 { "full", no_argument, NULL, 'l' },
291 { "no-full", no_argument, NULL, ARG_NO_FULL },
292 { "lines", optional_argument, NULL, 'n' },
293 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
294 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
295 { "quiet", no_argument, NULL, 'q' },
296 { "merge", no_argument, NULL, 'm' },
297 { "boot", optional_argument, NULL, 'b' },
298 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
299 { "this-boot", optional_argument, NULL, 'b' }, /* deprecated */
300 { "dmesg", no_argument, NULL, 'k' },
301 { "system", no_argument, NULL, ARG_SYSTEM },
302 { "user", no_argument, NULL, ARG_USER },
303 { "directory", required_argument, NULL, 'D' },
304 { "file", required_argument, NULL, ARG_FILE },
305 { "root", required_argument, NULL, ARG_ROOT },
306 { "header", no_argument, NULL, ARG_HEADER },
307 { "identifier", required_argument, NULL, 't' },
308 { "priority", required_argument, NULL, 'p' },
309 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
310 { "interval", required_argument, NULL, ARG_INTERVAL },
311 { "verify", no_argument, NULL, ARG_VERIFY },
312 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
313 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
314 { "cursor", required_argument, NULL, 'c' },
315 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
316 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
317 { "since", required_argument, NULL, ARG_SINCE },
318 { "until", required_argument, NULL, ARG_UNTIL },
319 { "unit", required_argument, NULL, 'u' },
320 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
321 { "field", required_argument, NULL, 'F' },
322 { "catalog", no_argument, NULL, 'x' },
323 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
324 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
325 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
326 { "reverse", no_argument, NULL, 'r' },
327 { "machine", required_argument, NULL, 'M' },
328 { "utc", no_argument, NULL, ARG_UTC },
329 { "flush", no_argument, NULL, ARG_FLUSH },
338 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:t:u:F:xrM:", options, NULL)) >= 0)
347 puts(PACKAGE_STRING);
348 puts(SYSTEMD_FEATURES);
356 arg_pager_end = true;
358 if (arg_lines == ARG_LINES_DEFAULT)
368 arg_output = output_mode_from_string(optarg);
369 if (arg_output < 0) {
370 log_error("Unknown output format '%s'.", optarg);
374 if (arg_output == OUTPUT_EXPORT ||
375 arg_output == OUTPUT_JSON ||
376 arg_output == OUTPUT_JSON_PRETTY ||
377 arg_output == OUTPUT_JSON_SSE ||
378 arg_output == OUTPUT_CAT)
397 if (streq(optarg, "all"))
398 arg_lines = ARG_LINES_ALL;
400 r = safe_atoi(optarg, &arg_lines);
401 if (r < 0 || arg_lines < 0) {
402 log_error("Failed to parse lines '%s'", optarg);
409 /* Hmm, no argument? Maybe the next
410 * word on the command line is
411 * supposed to be the argument? Let's
412 * see if there is one, and is
416 if (streq(argv[optind], "all")) {
417 arg_lines = ARG_LINES_ALL;
419 } else if (safe_atoi(argv[optind], &n) >= 0 && n >= 0) {
433 arg_action = ACTION_NEW_ID128;
448 r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
450 log_error("Failed to parse boot descriptor '%s'", optarg);
455 /* Hmm, no argument? Maybe the next
456 * word on the command line is
457 * supposed to be the argument? Let's
458 * see if there is one and is parsable
459 * as a boot descriptor... */
462 parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
469 arg_action = ACTION_LIST_BOOTS;
473 arg_boot = arg_dmesg = true;
477 arg_journal_type |= SD_JOURNAL_SYSTEM;
481 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
485 arg_machine = optarg;
489 arg_directory = optarg;
493 r = glob_extend(&arg_file, optarg);
495 log_error("Failed to add paths: %s", strerror(-r));
508 case ARG_AFTER_CURSOR:
509 arg_after_cursor = optarg;
512 case ARG_SHOW_CURSOR:
513 arg_show_cursor = true;
517 arg_action = ACTION_PRINT_HEADER;
521 arg_action = ACTION_VERIFY;
525 arg_action = ACTION_DISK_USAGE;
534 arg_action = ACTION_SETUP_KEYS;
539 arg_action = ACTION_VERIFY;
540 arg_verify_key = optarg;
545 r = parse_sec(optarg, &arg_interval);
546 if (r < 0 || arg_interval <= 0) {
547 log_error("Failed to parse sealing key change interval: %s", optarg);
556 log_error("Forward-secure sealing not available.");
563 dots = strstr(optarg, "..");
569 a = strndup(optarg, dots - optarg);
573 from = log_level_from_string(a);
574 to = log_level_from_string(dots + 2);
577 if (from < 0 || to < 0) {
578 log_error("Failed to parse log level range %s", optarg);
585 for (i = from; i <= to; i++)
586 arg_priorities |= 1 << i;
588 for (i = to; i <= from; i++)
589 arg_priorities |= 1 << i;
595 p = log_level_from_string(optarg);
597 log_error("Unknown log level %s", optarg);
603 for (i = 0; i <= p; i++)
604 arg_priorities |= 1 << i;
611 r = parse_timestamp(optarg, &arg_since);
613 log_error("Failed to parse timestamp: %s", optarg);
616 arg_since_set = true;
620 r = parse_timestamp(optarg, &arg_until);
622 log_error("Failed to parse timestamp: %s", optarg);
625 arg_until_set = true;
629 r = strv_extend(&arg_syslog_identifier, optarg);
635 r = strv_extend(&arg_system_units, optarg);
641 r = strv_extend(&arg_user_units, optarg);
654 case ARG_LIST_CATALOG:
655 arg_action = ACTION_LIST_CATALOG;
658 case ARG_DUMP_CATALOG:
659 arg_action = ACTION_DUMP_CATALOG;
662 case ARG_UPDATE_CATALOG:
663 arg_action = ACTION_UPDATE_CATALOG;
675 arg_action = ACTION_FLUSH;
682 assert_not_reached("Unhandled option");
685 if (arg_follow && !arg_no_tail && arg_lines == ARG_LINES_DEFAULT)
688 if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
689 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
693 if (arg_since_set && arg_until_set && arg_since > arg_until) {
694 log_error("--since= must be before --until=.");
698 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
699 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
703 if (arg_follow && arg_reverse) {
704 log_error("Please specify either --reverse= or --follow=, not both.");
708 if (arg_action != ACTION_SHOW && optind < argc) {
709 log_error("Extraneous arguments starting with '%s'", argv[optind]);
716 static int generate_new_id128(void) {
721 r = sd_id128_randomize(&id);
723 log_error("Failed to generate ID: %s", strerror(-r));
727 printf("As string:\n"
728 SD_ID128_FORMAT_STR "\n\n"
730 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
732 "#define MESSAGE_XYZ SD_ID128_MAKE(",
733 SD_ID128_FORMAT_VAL(id),
734 SD_ID128_FORMAT_VAL(id));
735 for (i = 0; i < 16; i++)
736 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
737 fputs(")\n\n", stdout);
739 printf("As Python constant:\n"
741 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
742 SD_ID128_FORMAT_VAL(id));
747 static int add_matches(sd_journal *j, char **args) {
749 bool have_term = false;
753 STRV_FOREACH(i, args) {
756 if (streq(*i, "+")) {
759 r = sd_journal_add_disjunction(j);
762 } else if (path_is_absolute(*i)) {
763 _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
765 _cleanup_free_ char *interpreter = NULL;
768 p = canonicalize_file_name(*i);
771 if (stat(path, &st) < 0) {
772 log_error("Couldn't stat file: %m");
776 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
777 if (executable_is_script(path, &interpreter) > 0) {
778 _cleanup_free_ char *comm;
780 comm = strndup(basename(path), 15);
784 t = strappend("_COMM=", comm);
786 /* Append _EXE only if the interpreter is not a link.
787 Otherwise, it might be outdated often. */
788 if (lstat(interpreter, &st) == 0 &&
789 !S_ISLNK(st.st_mode)) {
790 t2 = strappend("_EXE=", interpreter);
795 t = strappend("_EXE=", path);
796 } else if (S_ISCHR(st.st_mode)) {
797 if (asprintf(&t, "_KERNEL_DEVICE=c%u:%u",
799 minor(st.st_rdev)) < 0)
801 } else if (S_ISBLK(st.st_mode)) {
802 if (asprintf(&t, "_KERNEL_DEVICE=b%u:%u",
804 minor(st.st_rdev)) < 0)
807 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
814 r = sd_journal_add_match(j, t, 0);
816 r = sd_journal_add_match(j, t2, 0);
820 r = sd_journal_add_match(j, *i, 0);
825 log_error("Failed to add match '%s': %s", *i, strerror(-r));
830 if (!strv_isempty(args) && !have_term) {
831 log_error("\"+\" can only be used between terms");
838 static int boot_id_cmp(const void *a, const void *b) {
841 _a = ((const boot_id_t *)a)->first;
842 _b = ((const boot_id_t *)b)->first;
844 return _a < _b ? -1 : (_a > _b ? 1 : 0);
847 static int list_boots(sd_journal *j) {
850 unsigned int count = 0;
852 size_t length, allocated = 0;
854 _cleanup_free_ boot_id_t *all_ids = NULL;
856 r = sd_journal_query_unique(j, "_BOOT_ID");
860 pager_open_if_enabled();
862 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
863 assert(startswith(data, "_BOOT_ID="));
865 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
868 id = &all_ids[count];
870 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
874 r = sd_journal_add_match(j, data, length);
878 r = sd_journal_seek_head(j);
882 r = sd_journal_next(j);
888 r = sd_journal_get_realtime_usec(j, &id->first);
892 r = sd_journal_seek_tail(j);
896 r = sd_journal_previous(j);
902 r = sd_journal_get_realtime_usec(j, &id->last);
908 sd_journal_flush_matches(j);
911 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
913 /* numbers are one less, but we need an extra char for the sign */
914 w = DECIMAL_STR_WIDTH(count - 1) + 1;
916 for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
917 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
919 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
921 SD_ID128_FORMAT_VAL(id->id),
922 format_timestamp_maybe_utc(a, sizeof(a), id->first),
923 format_timestamp_maybe_utc(b, sizeof(b), id->last));
929 static int get_relative_boot_id(sd_journal *j, sd_id128_t *boot_id, int relative) {
932 unsigned int count = 0;
933 size_t length, allocated = 0;
934 boot_id_t ref_boot_id = {SD_ID128_NULL}, *id;
935 _cleanup_free_ boot_id_t *all_ids = NULL;
940 r = sd_journal_query_unique(j, "_BOOT_ID");
944 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
945 if (length < strlen("_BOOT_ID="))
948 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
951 id = &all_ids[count];
953 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
957 r = sd_journal_add_match(j, data, length);
961 r = sd_journal_seek_head(j);
965 r = sd_journal_next(j);
971 r = sd_journal_get_realtime_usec(j, &id->first);
975 if (sd_id128_equal(id->id, *boot_id))
980 sd_journal_flush_matches(j);
983 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
985 if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
986 if (relative > (int) count || relative <= -(int)count)
987 return -EADDRNOTAVAIL;
989 *boot_id = all_ids[(relative <= 0)*count + relative - 1].id;
991 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
994 relative <= 0 ? (id - all_ids) + relative < 0 :
995 (id - all_ids) + relative >= (int) count)
996 return -EADDRNOTAVAIL;
998 *boot_id = (id + relative)->id;
1004 static int add_boot(sd_journal *j) {
1005 char match[9+32+1] = "_BOOT_ID=";
1013 if (arg_boot_offset == 0 && sd_id128_equal(arg_boot_id, SD_ID128_NULL))
1014 return add_match_this_boot(j, arg_machine);
1016 r = get_relative_boot_id(j, &arg_boot_id, arg_boot_offset);
1018 if (sd_id128_equal(arg_boot_id, SD_ID128_NULL))
1019 log_error("Failed to look up boot %+i: %s", arg_boot_offset, strerror(-r));
1021 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+i: %s",
1022 SD_ID128_FORMAT_VAL(arg_boot_id), arg_boot_offset, strerror(-r));
1026 sd_id128_to_string(arg_boot_id, match + 9);
1028 r = sd_journal_add_match(j, match, sizeof(match) - 1);
1030 log_error("Failed to add match: %s", strerror(-r));
1034 r = sd_journal_add_conjunction(j);
1041 static int add_dmesg(sd_journal *j) {
1048 r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
1050 log_error("Failed to add match: %s", strerror(-r));
1054 r = sd_journal_add_conjunction(j);
1061 static int get_possible_units(sd_journal *j,
1065 _cleanup_set_free_free_ Set *found;
1069 found = set_new(&string_hash_ops);
1073 NULSTR_FOREACH(field, fields) {
1077 r = sd_journal_query_unique(j, field);
1081 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1082 char **pattern, *eq;
1084 _cleanup_free_ char *u = NULL;
1086 eq = memchr(data, '=', size);
1088 prefix = eq - (char*) data + 1;
1092 u = strndup((char*) data + prefix, size - prefix);
1096 STRV_FOREACH(pattern, patterns)
1097 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1098 log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1100 r = set_consume(found, u);
1102 if (r < 0 && r != -EEXIST)
1115 /* This list is supposed to return the superset of unit names
1116 * possibly matched by rules added with add_matches_for_unit... */
1117 #define SYSTEM_UNITS \
1121 "OBJECT_SYSTEMD_UNIT\0" \
1124 /* ... and add_matches_for_user_unit */
1125 #define USER_UNITS \
1126 "_SYSTEMD_USER_UNIT\0" \
1128 "COREDUMP_USER_UNIT\0" \
1129 "OBJECT_SYSTEMD_USER_UNIT\0"
1131 static int add_units(sd_journal *j) {
1132 _cleanup_strv_free_ char **patterns = NULL;
1138 STRV_FOREACH(i, arg_system_units) {
1139 _cleanup_free_ char *u = NULL;
1141 u = unit_name_mangle(*i, MANGLE_GLOB);
1145 if (string_is_glob(u)) {
1146 r = strv_push(&patterns, u);
1151 r = add_matches_for_unit(j, u);
1154 r = sd_journal_add_disjunction(j);
1161 if (!strv_isempty(patterns)) {
1162 _cleanup_set_free_free_ Set *units = NULL;
1166 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
1170 SET_FOREACH(u, units, it) {
1171 r = add_matches_for_unit(j, u);
1174 r = sd_journal_add_disjunction(j);
1181 strv_free(patterns);
1184 STRV_FOREACH(i, arg_user_units) {
1185 _cleanup_free_ char *u = NULL;
1187 u = unit_name_mangle(*i, MANGLE_GLOB);
1191 if (string_is_glob(u)) {
1192 r = strv_push(&patterns, u);
1197 r = add_matches_for_user_unit(j, u, getuid());
1200 r = sd_journal_add_disjunction(j);
1207 if (!strv_isempty(patterns)) {
1208 _cleanup_set_free_free_ Set *units = NULL;
1212 r = get_possible_units(j, USER_UNITS, patterns, &units);
1216 SET_FOREACH(u, units, it) {
1217 r = add_matches_for_user_unit(j, u, getuid());
1220 r = sd_journal_add_disjunction(j);
1227 /* Complain if the user request matches but nothing whatsoever was
1228 * found, since otherwise everything would be matched. */
1229 if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1232 r = sd_journal_add_conjunction(j);
1239 static int add_priorities(sd_journal *j) {
1240 char match[] = "PRIORITY=0";
1244 if (arg_priorities == 0xFF)
1247 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1248 if (arg_priorities & (1 << i)) {
1249 match[sizeof(match)-2] = '0' + i;
1251 r = sd_journal_add_match(j, match, strlen(match));
1253 log_error("Failed to add match: %s", strerror(-r));
1258 r = sd_journal_add_conjunction(j);
1266 static int add_syslog_identifier(sd_journal *j) {
1272 STRV_FOREACH(i, arg_syslog_identifier) {
1275 u = strappenda("SYSLOG_IDENTIFIER=", *i);
1276 r = sd_journal_add_match(j, u, 0);
1279 r = sd_journal_add_disjunction(j);
1284 r = sd_journal_add_conjunction(j);
1291 static int setup_keys(void) {
1293 size_t mpk_size, seed_size, state_size, i;
1294 uint8_t *mpk, *seed, *state;
1296 int fd = -1, r, attr = 0;
1297 sd_id128_t machine, boot;
1298 char *p = NULL, *k = NULL;
1303 r = stat("/var/log/journal", &st);
1304 if (r < 0 && errno != ENOENT && errno != ENOTDIR) {
1305 log_error("stat(\"%s\") failed: %m", "/var/log/journal");
1309 if (r < 0 || !S_ISDIR(st.st_mode)) {
1310 log_error("%s is not a directory, must be using persistent logging for FSS.",
1311 "/var/log/journal");
1312 return r < 0 ? -errno : -ENOTDIR;
1315 r = sd_id128_get_machine(&machine);
1317 log_error("Failed to get machine ID: %s", strerror(-r));
1321 r = sd_id128_get_boot(&boot);
1323 log_error("Failed to get boot ID: %s", strerror(-r));
1327 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1328 SD_ID128_FORMAT_VAL(machine)) < 0)
1331 if (access(p, F_OK) >= 0) {
1335 log_error("unlink(\"%s\") failed: %m", p);
1340 log_error("Sealing key file %s exists already. (--force to recreate)", p);
1346 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1347 SD_ID128_FORMAT_VAL(machine)) < 0) {
1352 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1353 mpk = alloca(mpk_size);
1355 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1356 seed = alloca(seed_size);
1358 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1359 state = alloca(state_size);
1361 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1363 log_error("Failed to open /dev/random: %m");
1368 log_info("Generating seed...");
1369 l = loop_read(fd, seed, seed_size, true);
1370 if (l < 0 || (size_t) l != seed_size) {
1371 log_error("Failed to read random seed: %s", strerror(EIO));
1376 log_info("Generating key pair...");
1377 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1379 log_info("Generating sealing key...");
1380 FSPRG_GenState0(state, mpk, seed, seed_size);
1382 assert(arg_interval > 0);
1384 n = now(CLOCK_REALTIME);
1388 fd = mkostemp_safe(k, O_WRONLY|O_CLOEXEC);
1390 log_error("Failed to open %s: %m", k);
1395 /* Enable secure remove, exclusion from dump, synchronous
1396 * writing and in-place updating */
1397 if (ioctl(fd, FS_IOC_GETFLAGS, &attr) < 0)
1398 log_warning("FS_IOC_GETFLAGS failed: %m");
1400 attr |= FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL;
1402 if (ioctl(fd, FS_IOC_SETFLAGS, &attr) < 0)
1403 log_warning("FS_IOC_SETFLAGS failed: %m");
1406 memcpy(h.signature, "KSHHRHLP", 8);
1407 h.machine_id = machine;
1409 h.header_size = htole64(sizeof(h));
1410 h.start_usec = htole64(n * arg_interval);
1411 h.interval_usec = htole64(arg_interval);
1412 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1413 h.fsprg_state_size = htole64(state_size);
1415 l = loop_write(fd, &h, sizeof(h), false);
1416 if (l < 0 || (size_t) l != sizeof(h)) {
1417 log_error("Failed to write header: %s", strerror(EIO));
1422 l = loop_write(fd, state, state_size, false);
1423 if (l < 0 || (size_t) l != state_size) {
1424 log_error("Failed to write state: %s", strerror(EIO));
1429 if (link(k, p) < 0) {
1430 log_error("Failed to link file: %m");
1438 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1439 "the following local file. This key file is automatically updated when the\n"
1440 "sealing key is advanced. It should not be used on multiple hosts.\n"
1444 "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1445 "at a safe location and should not be saved locally on disk.\n"
1446 "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1449 for (i = 0; i < seed_size; i++) {
1450 if (i > 0 && i % 3 == 0)
1452 printf("%02x", ((uint8_t*) seed)[i]);
1455 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1458 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1461 ANSI_HIGHLIGHT_OFF "\n"
1462 "The sealing key is automatically changed every %s.\n",
1463 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1465 hn = gethostname_malloc();
1468 hostname_cleanup(hn, false);
1469 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1471 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1473 #ifdef HAVE_QRENCODE
1474 /* If this is not an UTF-8 system don't print any QR codes */
1475 if (is_locale_utf8()) {
1476 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1477 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1497 log_error("Forward-secure sealing not available.");
1502 static int verify(sd_journal *j) {
1509 log_show_color(true);
1511 ORDERED_HASHMAP_FOREACH(f, j->files, i) {
1513 usec_t first, validated, last;
1516 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1517 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1520 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1522 /* If the key was invalid give up right-away. */
1525 log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1528 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1529 log_info("PASS: %s", f->path);
1531 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1532 if (validated > 0) {
1533 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1534 format_timestamp_maybe_utc(a, sizeof(a), first),
1535 format_timestamp_maybe_utc(b, sizeof(b), validated),
1536 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1537 } else if (last > 0)
1538 log_info("=> No sealing yet, %s of entries not sealed.",
1539 format_timespan(c, sizeof(c), last - first, 0));
1541 log_info("=> No sealing yet, no entries in file.");
1550 static int access_check_var_log_journal(sd_journal *j) {
1551 _cleanup_strv_free_ char **g = NULL;
1557 have_access = in_group("systemd-journal") > 0;
1560 /* Let's enumerate all groups from the default ACL of
1561 * the directory, which generally should allow access
1562 * to most journal files too */
1563 r = search_acl_groups(&g, "/var/log/journal/", &have_access);
1570 if (strv_isempty(g))
1571 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1572 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1573 " turn off this notice.");
1575 _cleanup_free_ char *s = NULL;
1577 r = strv_extend(&g, "systemd-journal");
1584 s = strv_join(g, "', '");
1588 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1589 " Users in the groups '%s' can see all messages.\n"
1590 " Pass -q to turn off this notice.", s);
1598 static int access_check(sd_journal *j) {
1605 if (set_isempty(j->errors)) {
1606 if (ordered_hashmap_isempty(j->files))
1607 log_notice("No journal files were found.");
1611 if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1613 /* If /var/log/journal doesn't even exist,
1614 * unprivileged users have no access at all */
1615 if (access("/var/log/journal", F_OK) < 0 &&
1617 in_group("systemd-journal") <= 0) {
1618 log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
1619 "enabled. Users in the 'systemd-journal' group may always access messages.");
1623 /* If /var/log/journal exists, try to pring a nice
1624 notice if the user lacks access to it */
1625 if (!arg_quiet && geteuid() != 0) {
1626 r = access_check_var_log_journal(j);
1631 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1632 log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1633 "group may access messages.");
1638 if (ordered_hashmap_isempty(j->files)) {
1639 log_error("No journal files were opened due to insufficient permissions.");
1644 SET_FOREACH(code, j->errors, it) {
1647 err = -PTR_TO_INT(code);
1651 log_warning("Error was encountered while opening journal files: %s",
1658 static int flush_to_var(void) {
1659 _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
1660 _cleanup_bus_close_unref_ sd_bus *bus = NULL;
1661 _cleanup_close_ int watch_fd = -1;
1665 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1668 /* OK, let's actually do the full logic, send SIGUSR1 to the
1669 * daemon and set up inotify to wait for the flushed file to appear */
1670 r = bus_open_system_systemd(&bus);
1672 log_error("Failed to get D-Bus connection: %s", strerror(-r));
1676 r = sd_bus_call_method(
1678 "org.freedesktop.systemd1",
1679 "/org/freedesktop/systemd1",
1680 "org.freedesktop.systemd1.Manager",
1684 "ssi", "systemd-journald.service", "main", SIGUSR1);
1686 log_error("Failed to kill journal service: %s", bus_error_message(&error, r));
1690 mkdir_p("/run/systemd/journal", 0755);
1692 watch_fd = inotify_init1(IN_NONBLOCK|IN_CLOEXEC);
1694 log_error("Failed to create inotify watch: %m");
1698 r = inotify_add_watch(watch_fd, "/run/systemd/journal", IN_CREATE|IN_DONT_FOLLOW|IN_ONLYDIR);
1700 log_error("Failed to watch journal directory: %m");
1705 if (access("/run/systemd/journal/flushed", F_OK) >= 0)
1708 if (errno != ENOENT) {
1709 log_error("Failed to check for existance of /run/systemd/journal/flushed: %m");
1713 r = fd_wait_for_event(watch_fd, POLLIN, USEC_INFINITY);
1715 log_error("Failed to wait for event: %s", strerror(-r));
1719 r = flush_fd(watch_fd);
1721 log_error("Failed to flush inotify events: %s", strerror(-r));
1729 int main(int argc, char *argv[]) {
1731 _cleanup_journal_close_ sd_journal *j = NULL;
1732 bool need_seek = false;
1733 sd_id128_t previous_boot_id;
1734 bool previous_boot_id_valid = false, first_line = true;
1736 bool ellipsized = false;
1738 setlocale(LC_ALL, "");
1739 log_parse_environment();
1742 r = parse_argv(argc, argv);
1746 signal(SIGWINCH, columns_lines_cache_reset);
1748 if (arg_action == ACTION_NEW_ID128) {
1749 r = generate_new_id128();
1753 if (arg_action == ACTION_FLUSH) {
1758 if (arg_action == ACTION_SETUP_KEYS) {
1763 if (arg_action == ACTION_UPDATE_CATALOG ||
1764 arg_action == ACTION_LIST_CATALOG ||
1765 arg_action == ACTION_DUMP_CATALOG) {
1767 _cleanup_free_ char *database;
1769 database = path_join(arg_root, CATALOG_DATABASE, NULL);
1775 if (arg_action == ACTION_UPDATE_CATALOG) {
1776 r = catalog_update(database, arg_root, catalog_file_dirs);
1778 log_error("Failed to list catalog: %s", strerror(-r));
1780 bool oneline = arg_action == ACTION_LIST_CATALOG;
1783 r = catalog_list_items(stdout, database,
1784 oneline, argv + optind);
1786 r = catalog_list(stdout, database, oneline);
1788 log_error("Failed to list catalog: %s", strerror(-r));
1795 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1797 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1798 else if (arg_machine)
1799 r = sd_journal_open_container(&j, arg_machine, 0);
1801 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1803 log_error("Failed to open %s: %s",
1804 arg_directory ? arg_directory : arg_file ? "files" : "journal",
1806 return EXIT_FAILURE;
1809 r = access_check(j);
1811 return EXIT_FAILURE;
1813 if (arg_action == ACTION_VERIFY) {
1818 if (arg_action == ACTION_PRINT_HEADER) {
1819 journal_print_header(j);
1820 return EXIT_SUCCESS;
1823 if (arg_action == ACTION_DISK_USAGE) {
1825 char sbytes[FORMAT_BYTES_MAX];
1827 r = sd_journal_get_usage(j, &bytes);
1829 return EXIT_FAILURE;
1831 printf("Journals take up %s on disk.\n",
1832 format_bytes(sbytes, sizeof(sbytes), bytes));
1833 return EXIT_SUCCESS;
1836 if (arg_action == ACTION_LIST_BOOTS) {
1841 /* add_boot() must be called first!
1842 * It may need to seek the journal to find parent boot IDs. */
1845 return EXIT_FAILURE;
1849 return EXIT_FAILURE;
1852 strv_free(arg_system_units);
1853 strv_free(arg_user_units);
1856 log_error("Failed to add filter for units: %s", strerror(-r));
1857 return EXIT_FAILURE;
1860 r = add_syslog_identifier(j);
1862 log_error("Failed to add filter for syslog identifiers: %s", strerror(-r));
1863 return EXIT_FAILURE;
1866 r = add_priorities(j);
1868 log_error("Failed to add filter for priorities: %s", strerror(-r));
1869 return EXIT_FAILURE;
1872 r = add_matches(j, argv + optind);
1874 log_error("Failed to add filters: %s", strerror(-r));
1875 return EXIT_FAILURE;
1878 if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) {
1879 _cleanup_free_ char *filter;
1881 filter = journal_make_match_string(j);
1882 log_debug("Journal filter: %s", filter);
1889 r = sd_journal_set_data_threshold(j, 0);
1891 log_error("Failed to unset data size threshold");
1892 return EXIT_FAILURE;
1895 r = sd_journal_query_unique(j, arg_field);
1897 log_error("Failed to query unique data objects: %s", strerror(-r));
1898 return EXIT_FAILURE;
1901 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1904 if (arg_lines >= 0 && n_shown >= arg_lines)
1907 eq = memchr(data, '=', size);
1909 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1911 printf("%.*s\n", (int) size, (const char*) data);
1916 return EXIT_SUCCESS;
1919 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1921 r = sd_journal_get_fd(j);
1923 return EXIT_FAILURE;
1926 if (arg_cursor || arg_after_cursor) {
1927 r = sd_journal_seek_cursor(j, arg_cursor ?: arg_after_cursor);
1929 log_error("Failed to seek to cursor: %s", strerror(-r));
1930 return EXIT_FAILURE;
1933 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1935 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1937 if (arg_after_cursor && r < 2 && !arg_follow)
1938 /* We couldn't find the next entry after the cursor. */
1941 } else if (arg_since_set && !arg_reverse) {
1942 r = sd_journal_seek_realtime_usec(j, arg_since);
1944 log_error("Failed to seek to date: %s", strerror(-r));
1945 return EXIT_FAILURE;
1947 r = sd_journal_next(j);
1949 } else if (arg_until_set && arg_reverse) {
1950 r = sd_journal_seek_realtime_usec(j, arg_until);
1952 log_error("Failed to seek to date: %s", strerror(-r));
1953 return EXIT_FAILURE;
1955 r = sd_journal_previous(j);
1957 } else if (arg_lines >= 0) {
1958 r = sd_journal_seek_tail(j);
1960 log_error("Failed to seek to tail: %s", strerror(-r));
1961 return EXIT_FAILURE;
1964 r = sd_journal_previous_skip(j, arg_lines);
1966 } else if (arg_reverse) {
1967 r = sd_journal_seek_tail(j);
1969 log_error("Failed to seek to tail: %s", strerror(-r));
1970 return EXIT_FAILURE;
1973 r = sd_journal_previous(j);
1976 r = sd_journal_seek_head(j);
1978 log_error("Failed to seek to head: %s", strerror(-r));
1979 return EXIT_FAILURE;
1982 r = sd_journal_next(j);
1986 log_error("Failed to iterate through journal: %s", strerror(-r));
1987 return EXIT_FAILURE;
1991 pager_open_if_enabled();
1995 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1997 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1999 log_error("Failed to get cutoff: %s", strerror(-r));
2005 printf("-- Logs begin at %s. --\n",
2006 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
2008 printf("-- Logs begin at %s, end at %s. --\n",
2009 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
2010 format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
2015 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
2020 r = sd_journal_next(j);
2022 r = sd_journal_previous(j);
2024 log_error("Failed to iterate through journal: %s", strerror(-r));
2031 if (arg_until_set && !arg_reverse) {
2034 r = sd_journal_get_realtime_usec(j, &usec);
2036 log_error("Failed to determine timestamp: %s", strerror(-r));
2039 if (usec > arg_until)
2043 if (arg_since_set && arg_reverse) {
2046 r = sd_journal_get_realtime_usec(j, &usec);
2048 log_error("Failed to determine timestamp: %s", strerror(-r));
2051 if (usec < arg_since)
2055 if (!arg_merge && !arg_quiet) {
2058 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
2060 if (previous_boot_id_valid &&
2061 !sd_id128_equal(boot_id, previous_boot_id))
2062 printf("%s-- Reboot --%s\n",
2063 ansi_highlight(), ansi_highlight_off());
2065 previous_boot_id = boot_id;
2066 previous_boot_id_valid = true;
2071 arg_all * OUTPUT_SHOW_ALL |
2072 arg_full * OUTPUT_FULL_WIDTH |
2073 on_tty() * OUTPUT_COLOR |
2074 arg_catalog * OUTPUT_CATALOG |
2075 arg_utc * OUTPUT_UTC;
2077 r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
2079 if (r == -EADDRNOTAVAIL)
2081 else if (r < 0 || ferror(stdout))
2088 if (arg_show_cursor) {
2089 _cleanup_free_ char *cursor = NULL;
2091 r = sd_journal_get_cursor(j, &cursor);
2092 if (r < 0 && r != -EADDRNOTAVAIL)
2093 log_error("Failed to get cursor: %s", strerror(-r));
2095 printf("-- cursor: %s\n", cursor);
2101 r = sd_journal_wait(j, (uint64_t) -1);
2103 log_error("Couldn't wait for journal event: %s", strerror(-r));
2113 strv_free(arg_file);
2115 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob