1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/signalfd.h>
23 #include <sys/ioctl.h>
24 #include <linux/sockios.h>
25 #include <sys/statvfs.h>
27 #include <sys/timerfd.h>
31 #include "sd-journal.h"
32 #include "sd-messages.h"
33 #include "sd-daemon.h"
37 #include "journal-file.h"
38 #include "socket-util.h"
39 #include "cgroup-util.h"
42 #include "conf-parser.h"
43 #include "selinux-util.h"
44 #include "journal-internal.h"
45 #include "journal-vacuum.h"
46 #include "journal-authenticate.h"
47 #include "journald-rate-limit.h"
48 #include "journald-kmsg.h"
49 #include "journald-syslog.h"
50 #include "journald-stream.h"
51 #include "journald-console.h"
52 #include "journald-native.h"
53 #include "journald-server.h"
57 #include <acl/libacl.h>
62 #include <selinux/selinux.h>
65 #define USER_JOURNALS_MAX 1024
67 #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
68 #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
69 #define DEFAULT_RATE_LIMIT_BURST 1000
71 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
73 static const char* const storage_table[] = {
74 [STORAGE_AUTO] = "auto",
75 [STORAGE_VOLATILE] = "volatile",
76 [STORAGE_PERSISTENT] = "persistent",
77 [STORAGE_NONE] = "none"
80 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
81 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
83 static const char* const split_mode_table[] = {
84 [SPLIT_NONE] = "none",
86 [SPLIT_LOGIN] = "login"
89 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
90 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
92 static uint64_t available_space(Server *s, bool verbose) {
94 _cleanup_free_ char *p = NULL;
97 uint64_t sum = 0, ss_avail = 0, avail = 0;
99 _cleanup_closedir_ DIR *d = NULL;
104 ts = now(CLOCK_MONOTONIC);
106 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts
108 return s->cached_available_space;
110 r = sd_id128_get_machine(&machine);
114 if (s->system_journal) {
115 f = "/var/log/journal/";
116 m = &s->system_metrics;
118 f = "/run/log/journal/";
119 m = &s->runtime_metrics;
124 p = strappend(f, sd_id128_to_string(machine, ids));
132 if (fstatvfs(dirfd(d), &ss) < 0)
138 union dirent_storage buf;
140 r = readdir_r(d, &buf.de, &de);
147 if (!endswith(de->d_name, ".journal") &&
148 !endswith(de->d_name, ".journal~"))
151 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
154 if (!S_ISREG(st.st_mode))
157 sum += (uint64_t) st.st_blocks * 512UL;
160 ss_avail = ss.f_bsize * ss.f_bavail;
161 avail = ss_avail > m->keep_free ? ss_avail - m->keep_free : 0;
163 s->cached_available_space = MIN(m->max_use, avail) > sum ? MIN(m->max_use, avail) - sum : 0;
164 s->cached_available_space_timestamp = ts;
167 char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
168 fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX];
170 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
171 "%s journal is using %s (max %s, leaving %s of free %s, current limit %s).",
172 s->system_journal ? "Permanent" : "Runtime",
173 format_bytes(fb1, sizeof(fb1), sum),
174 format_bytes(fb2, sizeof(fb2), m->max_use),
175 format_bytes(fb3, sizeof(fb3), m->keep_free),
176 format_bytes(fb4, sizeof(fb4), ss_avail),
177 format_bytes(fb5, sizeof(fb5), MIN(m->max_use, avail)));
180 return s->cached_available_space;
183 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
188 acl_permset_t permset;
193 r = fchmod(f->fd, 0640);
195 log_warning("Failed to fix access mode on %s, ignoring: %s", f->path, strerror(-r));
201 acl = acl_get_fd(f->fd);
203 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
207 r = acl_find_uid(acl, uid, &entry);
210 if (acl_create_entry(&acl, &entry) < 0 ||
211 acl_set_tag_type(entry, ACL_USER) < 0 ||
212 acl_set_qualifier(entry, &uid) < 0) {
213 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
218 /* We do not recalculate the mask unconditionally here,
219 * so that the fchmod() mask above stays intact. */
220 if (acl_get_permset(entry, &permset) < 0 ||
221 acl_add_perm(permset, ACL_READ) < 0 ||
222 calc_acl_mask_if_needed(&acl) < 0) {
223 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
227 if (acl_set_fd(f->fd, acl) < 0)
228 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
235 static JournalFile* find_journal(Server *s, uid_t uid) {
236 _cleanup_free_ char *p = NULL;
243 /* We split up user logs only on /var, not on /run. If the
244 * runtime file is open, we write to it exclusively, in order
245 * to guarantee proper order as soon as we flush /run to
246 * /var and close the runtime file. */
248 if (s->runtime_journal)
249 return s->runtime_journal;
252 return s->system_journal;
254 r = sd_id128_get_machine(&machine);
256 return s->system_journal;
258 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
262 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
263 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
264 return s->system_journal;
266 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
267 /* Too many open? Then let's close one */
268 f = hashmap_steal_first(s->user_journals);
270 journal_file_close(f);
273 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
275 return s->system_journal;
277 server_fix_perms(s, f, uid);
279 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
281 journal_file_close(f);
282 return s->system_journal;
288 void server_rotate(Server *s) {
294 log_debug("Rotating...");
296 if (s->runtime_journal) {
297 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
299 if (s->runtime_journal)
300 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
302 log_error("Failed to create new runtime journal: %s", strerror(-r));
304 server_fix_perms(s, s->runtime_journal, 0);
307 if (s->system_journal) {
308 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
310 if (s->system_journal)
311 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
313 log_error("Failed to create new system journal: %s", strerror(-r));
316 server_fix_perms(s, s->system_journal, 0);
319 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
320 r = journal_file_rotate(&f, s->compress, s->seal);
323 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
325 log_error("Failed to create user journal: %s", strerror(-r));
326 hashmap_remove(s->user_journals, k);
329 hashmap_replace(s->user_journals, k, f);
330 server_fix_perms(s, f, PTR_TO_UINT32(k));
335 void server_sync(Server *s) {
341 if (s->system_journal) {
342 r = journal_file_set_offline(s->system_journal);
344 log_error("Failed to sync system journal: %s", strerror(-r));
347 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
348 r = journal_file_set_offline(f);
350 log_error("Failed to sync user journal: %s", strerror(-r));
353 if (s->sync_event_source) {
354 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
356 log_error("Failed to disable sync timer source: %s", strerror(-r));
359 s->sync_scheduled = false;
362 void server_vacuum(Server *s) {
367 log_debug("Vacuuming...");
369 s->oldest_file_usec = 0;
371 r = sd_id128_get_machine(&machine);
373 log_error("Failed to get machine ID: %s", strerror(-r));
377 sd_id128_to_string(machine, ids);
379 if (s->system_journal) {
380 char *p = strappenda("/var/log/journal/", ids);
382 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
383 if (r < 0 && r != -ENOENT)
384 log_error("Failed to vacuum %s: %s", p, strerror(-r));
387 if (s->runtime_journal) {
388 char *p = strappenda("/run/log/journal/", ids);
390 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
391 if (r < 0 && r != -ENOENT)
392 log_error("Failed to vacuum %s: %s", p, strerror(-r));
395 s->cached_available_space_timestamp = 0;
398 bool shall_try_append_again(JournalFile *f, int r) {
400 /* -E2BIG Hit configured limit
402 -EDQUOT Quota limit hit
404 -EHOSTDOWN Other machine
405 -EBUSY Unclean shutdown
406 -EPROTONOSUPPORT Unsupported feature
409 -ESHUTDOWN Already archived */
411 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
412 log_debug("%s: Allocation limit reached, rotating.", f->path);
413 else if (r == -EHOSTDOWN)
414 log_info("%s: Journal file from other machine, rotating.", f->path);
415 else if (r == -EBUSY)
416 log_info("%s: Unclean shutdown, rotating.", f->path);
417 else if (r == -EPROTONOSUPPORT)
418 log_info("%s: Unsupported feature, rotating.", f->path);
419 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
420 log_warning("%s: Journal file corrupted, rotating.", f->path);
427 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
429 bool vacuumed = false;
436 f = find_journal(s, uid);
440 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
441 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
446 f = find_journal(s, uid);
451 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
453 server_schedule_sync(s, priority);
457 if (vacuumed || !shall_try_append_again(f, r)) {
460 for (i = 0; i < n; i++)
461 size += iovec[i].iov_len;
463 log_error("Failed to write entry (%d items, %zu bytes), ignoring: %s", n, size, strerror(-r));
470 f = find_journal(s, uid);
474 log_debug("Retrying write.");
475 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
479 for (i = 0; i < n; i++)
480 size += iovec[i].iov_len;
482 log_error("Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %s", n, size, strerror(-r));
484 server_schedule_sync(s, priority);
487 static void dispatch_message_real(
489 struct iovec *iovec, unsigned n, unsigned m,
492 const char *label, size_t label_len,
497 char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
498 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
499 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
500 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
501 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
502 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
503 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=",
504 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
505 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
506 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
513 uid_t realuid = 0, owner = 0, journal_uid;
514 bool owner_valid = false;
516 char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
517 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
518 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
519 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
528 assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
531 realuid = ucred->uid;
533 sprintf(pid, "_PID=%lu", (unsigned long) ucred->pid);
534 IOVEC_SET_STRING(iovec[n++], pid);
536 sprintf(uid, "_UID=%lu", (unsigned long) ucred->uid);
537 IOVEC_SET_STRING(iovec[n++], uid);
539 sprintf(gid, "_GID=%lu", (unsigned long) ucred->gid);
540 IOVEC_SET_STRING(iovec[n++], gid);
542 r = get_process_comm(ucred->pid, &t);
544 x = strappenda("_COMM=", t);
546 IOVEC_SET_STRING(iovec[n++], x);
549 r = get_process_exe(ucred->pid, &t);
551 x = strappenda("_EXE=", t);
553 IOVEC_SET_STRING(iovec[n++], x);
556 r = get_process_cmdline(ucred->pid, 0, false, &t);
558 x = strappenda("_CMDLINE=", t);
560 IOVEC_SET_STRING(iovec[n++], x);
563 r = get_process_capeff(ucred->pid, &t);
565 x = strappenda("_CAP_EFFECTIVE=", t);
567 IOVEC_SET_STRING(iovec[n++], x);
571 r = audit_session_from_pid(ucred->pid, &audit);
573 sprintf(audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit);
574 IOVEC_SET_STRING(iovec[n++], audit_session);
577 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
579 sprintf(audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
580 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
584 r = cg_pid_get_path_shifted(ucred->pid, NULL, &c);
586 char *session = NULL;
588 x = strappenda("_SYSTEMD_CGROUP=", c);
589 IOVEC_SET_STRING(iovec[n++], x);
591 r = cg_path_get_session(c, &t);
593 session = strappenda("_SYSTEMD_SESSION=", t);
595 IOVEC_SET_STRING(iovec[n++], session);
598 if (cg_path_get_owner_uid(c, &owner) >= 0) {
601 sprintf(owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
602 IOVEC_SET_STRING(iovec[n++], owner_uid);
605 if (cg_path_get_unit(c, &t) >= 0) {
606 x = strappenda("_SYSTEMD_UNIT=", t);
608 IOVEC_SET_STRING(iovec[n++], x);
609 } else if (unit_id && !session) {
610 x = strappenda("_SYSTEMD_UNIT=", unit_id);
611 IOVEC_SET_STRING(iovec[n++], x);
614 if (cg_path_get_user_unit(c, &t) >= 0) {
615 x = strappenda("_SYSTEMD_USER_UNIT=", t);
617 IOVEC_SET_STRING(iovec[n++], x);
618 } else if (unit_id && session) {
619 x = strappenda("_SYSTEMD_USER_UNIT=", unit_id);
620 IOVEC_SET_STRING(iovec[n++], x);
623 if (cg_path_get_slice(c, &t) >= 0) {
624 x = strappenda("_SYSTEMD_SLICE=", t);
626 IOVEC_SET_STRING(iovec[n++], x);
630 } else if (unit_id) {
631 x = strappenda("_SYSTEMD_UNIT=", unit_id);
632 IOVEC_SET_STRING(iovec[n++], x);
638 x = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
640 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
641 IOVEC_SET_STRING(iovec[n++], x);
643 security_context_t con;
645 if (getpidcon(ucred->pid, &con) >= 0) {
646 x = strappenda("_SELINUX_CONTEXT=", con);
649 IOVEC_SET_STRING(iovec[n++], x);
658 r = get_process_uid(object_pid, &object_uid);
660 sprintf(o_uid, "OBJECT_UID=%lu", (unsigned long) object_uid);
661 IOVEC_SET_STRING(iovec[n++], o_uid);
664 r = get_process_gid(object_pid, &object_gid);
666 sprintf(o_gid, "OBJECT_GID=%lu", (unsigned long) object_gid);
667 IOVEC_SET_STRING(iovec[n++], o_gid);
670 r = get_process_comm(object_pid, &t);
672 x = strappenda("OBJECT_COMM=", t);
674 IOVEC_SET_STRING(iovec[n++], x);
677 r = get_process_exe(object_pid, &t);
679 x = strappenda("OBJECT_EXE=", t);
681 IOVEC_SET_STRING(iovec[n++], x);
684 r = get_process_cmdline(object_pid, 0, false, &t);
686 x = strappenda("OBJECT_CMDLINE=", t);
688 IOVEC_SET_STRING(iovec[n++], x);
692 r = audit_session_from_pid(object_pid, &audit);
694 sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%lu", (unsigned long) audit);
695 IOVEC_SET_STRING(iovec[n++], o_audit_session);
698 r = audit_loginuid_from_pid(object_pid, &loginuid);
700 sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID=%lu", (unsigned long) loginuid);
701 IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
705 r = cg_pid_get_path_shifted(object_pid, NULL, &c);
707 x = strappenda("OBJECT_SYSTEMD_CGROUP=", c);
708 IOVEC_SET_STRING(iovec[n++], x);
710 r = cg_path_get_session(c, &t);
712 x = strappenda("OBJECT_SYSTEMD_SESSION=", t);
714 IOVEC_SET_STRING(iovec[n++], x);
717 if (cg_path_get_owner_uid(c, &owner) >= 0) {
718 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner);
719 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
722 if (cg_path_get_unit(c, &t) >= 0) {
723 x = strappenda("OBJECT_SYSTEMD_UNIT=", t);
725 IOVEC_SET_STRING(iovec[n++], x);
728 if (cg_path_get_user_unit(c, &t) >= 0) {
729 x = strappenda("OBJECT_SYSTEMD_USER_UNIT=", t);
731 IOVEC_SET_STRING(iovec[n++], x);
740 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
741 IOVEC_SET_STRING(iovec[n++], source_time);
744 /* Note that strictly speaking storing the boot id here is
745 * redundant since the entry includes this in-line
746 * anyway. However, we need this indexed, too. */
747 r = sd_id128_get_boot(&id);
749 sd_id128_to_string(id, boot_id + strlen("_BOOT_ID="));
750 IOVEC_SET_STRING(iovec[n++], boot_id);
753 r = sd_id128_get_machine(&id);
755 sd_id128_to_string(id, machine_id + strlen("_MACHINE_ID="));
756 IOVEC_SET_STRING(iovec[n++], machine_id);
759 t = gethostname_malloc();
761 x = strappenda("_HOSTNAME=", t);
763 IOVEC_SET_STRING(iovec[n++], x);
768 if (s->split_mode == SPLIT_UID && realuid > 0)
769 /* Split up strictly by any UID */
770 journal_uid = realuid;
771 else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
772 /* Split up by login UIDs, this avoids creation of
773 * individual journals for system UIDs. We do this
774 * only if the realuid is not root, in order not to
775 * accidentally leak privileged information to the
776 * user that is logged by a privileged process that is
777 * part of an unprivileged session.*/
782 write_to_journal(s, journal_uid, iovec, n, priority);
785 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
786 char mid[11 + 32 + 1];
787 char buffer[16 + LINE_MAX + 1];
788 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
791 struct ucred ucred = {};
796 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
797 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
799 memcpy(buffer, "MESSAGE=", 8);
800 va_start(ap, format);
801 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
803 char_array_0(buffer);
804 IOVEC_SET_STRING(iovec[n++], buffer);
806 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
807 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
809 IOVEC_SET_STRING(iovec[n++], mid);
812 ucred.pid = getpid();
813 ucred.uid = getuid();
814 ucred.gid = getgid();
816 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
819 void server_dispatch_message(
821 struct iovec *iovec, unsigned n, unsigned m,
824 const char *label, size_t label_len,
830 _cleanup_free_ char *path = NULL;
834 assert(iovec || n == 0);
839 if (LOG_PRI(priority) > s->max_level_store)
842 /* Stop early in case the information will not be stored
844 if (s->storage == STORAGE_NONE)
850 r = cg_pid_get_path_shifted(ucred->pid, NULL, &path);
854 /* example: /user/lennart/3/foobar
855 * /system/dbus.service/foobar
857 * So let's cut of everything past the third /, since that is
858 * where user directories start */
860 c = strchr(path, '/');
862 c = strchr(c+1, '/');
864 c = strchr(c+1, '/');
870 rl = journal_rate_limit_test(s->rate_limit, path,
871 priority & LOG_PRIMASK, available_space(s, false));
876 /* Write a suppression message if we suppressed something */
878 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
879 "Suppressed %u messages from %s", rl - 1, path);
882 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
886 static int system_journal_open(Server *s) {
892 r = sd_id128_get_machine(&machine);
894 log_error("Failed to get machine id: %s", strerror(-r));
898 sd_id128_to_string(machine, ids);
900 if (!s->system_journal &&
901 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
902 access("/run/systemd/journal/flushed", F_OK) >= 0) {
904 /* If in auto mode: first try to create the machine
905 * path, but not the prefix.
907 * If in persistent mode: create /var/log/journal and
908 * the machine path */
910 if (s->storage == STORAGE_PERSISTENT)
911 (void) mkdir("/var/log/journal/", 0755);
913 fn = strappenda("/var/log/journal/", ids);
914 (void) mkdir(fn, 0755);
916 fn = strappenda(fn, "/system.journal");
917 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
920 server_fix_perms(s, s->system_journal, 0);
922 if (r != -ENOENT && r != -EROFS)
923 log_warning("Failed to open system journal: %s", strerror(-r));
929 if (!s->runtime_journal &&
930 (s->storage != STORAGE_NONE)) {
932 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
936 if (s->system_journal) {
938 /* Try to open the runtime journal, but only
939 * if it already exists, so that we can flush
940 * it into the system journal */
942 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
947 log_warning("Failed to open runtime journal: %s", strerror(-r));
954 /* OK, we really need the runtime journal, so create
955 * it if necessary. */
957 (void) mkdir_parents(fn, 0755);
958 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
962 log_error("Failed to open runtime journal: %s", strerror(-r));
967 if (s->runtime_journal)
968 server_fix_perms(s, s->runtime_journal, 0);
971 available_space(s, true);
976 int server_flush_to_var(Server *s) {
978 sd_journal *j = NULL;
979 char ts[FORMAT_TIMESPAN_MAX];
986 if (s->storage != STORAGE_AUTO &&
987 s->storage != STORAGE_PERSISTENT)
990 if (!s->runtime_journal)
993 system_journal_open(s);
995 if (!s->system_journal)
998 log_debug("Flushing to /var...");
1000 start = now(CLOCK_MONOTONIC);
1002 r = sd_id128_get_machine(&machine);
1006 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1008 log_error("Failed to read runtime journal: %s", strerror(-r));
1012 sd_journal_set_data_threshold(j, 0);
1014 SD_JOURNAL_FOREACH(j) {
1018 f = j->current_file;
1019 assert(f && f->current_offset > 0);
1023 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1025 log_error("Can't read entry: %s", strerror(-r));
1029 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1033 if (!shall_try_append_again(s->system_journal, r)) {
1034 log_error("Can't write entry: %s", strerror(-r));
1041 if (!s->system_journal) {
1042 log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1047 log_debug("Retrying write.");
1048 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1050 log_error("Can't write entry: %s", strerror(-r));
1056 journal_file_post_change(s->system_journal);
1058 journal_file_close(s->runtime_journal);
1059 s->runtime_journal = NULL;
1062 rm_rf("/run/log/journal", false, true, false);
1064 sd_journal_close(j);
1066 server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
1071 int process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1072 Server *s = userdata;
1075 assert(fd == s->native_fd || fd == s->syslog_fd);
1077 if (revents != EPOLLIN) {
1078 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1083 struct ucred *ucred = NULL;
1084 struct timeval *tv = NULL;
1085 struct cmsghdr *cmsg;
1087 size_t label_len = 0;
1091 struct cmsghdr cmsghdr;
1093 /* We use NAME_MAX space for the
1094 * SELinux label here. The kernel
1095 * currently enforces no limit, but
1096 * according to suggestions from the
1097 * SELinux people this will change and
1098 * it will probably be identical to
1099 * NAME_MAX. For now we use that, but
1100 * this should be updated one day when
1101 * the final limit is known.*/
1102 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1103 CMSG_SPACE(sizeof(struct timeval)) +
1104 CMSG_SPACE(sizeof(int)) + /* fd */
1105 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1107 struct msghdr msghdr = {
1110 .msg_control = &control,
1111 .msg_controllen = sizeof(control),
1119 if (ioctl(fd, SIOCINQ, &v) < 0) {
1120 log_error("SIOCINQ failed: %m");
1124 if (!GREEDY_REALLOC(s->buffer, s->buffer_size, LINE_MAX + (size_t) v))
1127 iovec.iov_base = s->buffer;
1128 iovec.iov_len = s->buffer_size;
1130 n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1132 if (errno == EINTR || errno == EAGAIN)
1135 log_error("recvmsg() failed: %m");
1139 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1141 if (cmsg->cmsg_level == SOL_SOCKET &&
1142 cmsg->cmsg_type == SCM_CREDENTIALS &&
1143 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1144 ucred = (struct ucred*) CMSG_DATA(cmsg);
1145 else if (cmsg->cmsg_level == SOL_SOCKET &&
1146 cmsg->cmsg_type == SCM_SECURITY) {
1147 label = (char*) CMSG_DATA(cmsg);
1148 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1149 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1150 cmsg->cmsg_type == SO_TIMESTAMP &&
1151 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1152 tv = (struct timeval*) CMSG_DATA(cmsg);
1153 else if (cmsg->cmsg_level == SOL_SOCKET &&
1154 cmsg->cmsg_type == SCM_RIGHTS) {
1155 fds = (int*) CMSG_DATA(cmsg);
1156 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1160 if (fd == s->syslog_fd) {
1161 if (n > 0 && n_fds == 0) {
1163 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1164 } else if (n_fds > 0)
1165 log_warning("Got file descriptors via syslog socket. Ignoring.");
1168 if (n > 0 && n_fds == 0)
1169 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1170 else if (n == 0 && n_fds == 1)
1171 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1173 log_warning("Got too many file descriptors via native socket. Ignoring.");
1176 close_many(fds, n_fds);
1182 static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1183 Server *s = userdata;
1187 log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
1189 touch("/run/systemd/journal/flushed");
1190 server_flush_to_var(s);
1196 static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1197 Server *s = userdata;
1201 log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
1208 static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1209 Server *s = userdata;
1213 log_info("Received SIG%s", signal_to_string(si->ssi_signo));
1215 sd_event_request_quit(s->event);
1219 static int setup_signals(Server *s) {
1225 assert_se(sigemptyset(&mask) == 0);
1226 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1227 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1229 r = sd_event_add_signal(s->event, SIGUSR1, dispatch_sigusr1, s, &s->sigusr1_event_source);
1233 r = sd_event_add_signal(s->event, SIGUSR2, dispatch_sigusr2, s, &s->sigusr2_event_source);
1237 r = sd_event_add_signal(s->event, SIGTERM, dispatch_sigterm, s, &s->sigterm_event_source);
1241 r = sd_event_add_signal(s->event, SIGINT, dispatch_sigterm, s, &s->sigint_event_source);
1248 static int server_parse_proc_cmdline(Server *s) {
1249 _cleanup_free_ char *line = NULL;
1254 r = proc_cmdline(&line);
1256 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1260 FOREACH_WORD_QUOTED(w, l, line, state) {
1261 _cleanup_free_ char *word;
1263 word = strndup(w, l);
1267 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1268 r = parse_boolean(word + 35);
1270 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1272 s->forward_to_syslog = r;
1273 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1274 r = parse_boolean(word + 33);
1276 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1278 s->forward_to_kmsg = r;
1279 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1280 r = parse_boolean(word + 36);
1282 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1284 s->forward_to_console = r;
1285 } else if (startswith(word, "systemd.journald"))
1286 log_warning("Invalid systemd.journald parameter. Ignoring.");
1292 static int server_parse_config_file(Server *s) {
1293 static const char fn[] = "/etc/systemd/journald.conf";
1294 _cleanup_fclose_ FILE *f = NULL;
1299 f = fopen(fn, "re");
1301 if (errno == ENOENT)
1304 log_warning("Failed to open configuration file %s: %m", fn);
1308 r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
1309 (void*) journald_gperf_lookup, false, false, s);
1311 log_warning("Failed to parse configuration file: %s", strerror(-r));
1316 static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1317 Server *s = userdata;
1325 int server_schedule_sync(Server *s, int priority) {
1330 if (priority <= LOG_CRIT) {
1331 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1336 if (s->sync_scheduled)
1339 if (s->sync_interval_usec > 0) {
1342 r = sd_event_get_now_monotonic(s->event, &when);
1346 when += s->sync_interval_usec;
1348 if (!s->sync_event_source) {
1349 r = sd_event_add_monotonic(s->event, when, 0, server_dispatch_sync, s, &s->sync_event_source);
1353 r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1355 r = sd_event_source_set_time(s->sync_event_source, when);
1359 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1364 s->sync_scheduled = true;
1370 int server_init(Server *s) {
1376 s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = -1;
1380 s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1381 s->sync_scheduled = false;
1383 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1384 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1386 s->forward_to_syslog = true;
1388 s->max_level_store = LOG_DEBUG;
1389 s->max_level_syslog = LOG_DEBUG;
1390 s->max_level_kmsg = LOG_NOTICE;
1391 s->max_level_console = LOG_INFO;
1393 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1394 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1396 server_parse_config_file(s);
1397 server_parse_proc_cmdline(s);
1398 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1399 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1400 (long long unsigned) s->rate_limit_interval,
1401 s->rate_limit_burst);
1402 s->rate_limit_interval = s->rate_limit_burst = 0;
1405 mkdir_p("/run/systemd/journal", 0755);
1407 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1408 if (!s->user_journals)
1411 s->mmap = mmap_cache_new();
1415 r = sd_event_default(&s->event);
1417 log_error("Failed to create event loop: %s", strerror(-r));
1421 sd_event_set_watchdog(s->event, true);
1423 n = sd_listen_fds(true);
1425 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1429 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1431 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1433 if (s->native_fd >= 0) {
1434 log_error("Too many native sockets passed.");
1440 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1442 if (s->stdout_fd >= 0) {
1443 log_error("Too many stdout sockets passed.");
1449 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1451 if (s->syslog_fd >= 0) {
1452 log_error("Too many /dev/log sockets passed.");
1459 log_error("Unknown socket passed.");
1464 r = server_open_syslog_socket(s);
1468 r = server_open_native_socket(s);
1472 r = server_open_stdout_socket(s);
1476 r = server_open_dev_kmsg(s);
1480 r = server_open_kernel_seqnum(s);
1484 r = setup_signals(s);
1488 s->udev = udev_new();
1492 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
1496 r = system_journal_open(s);
1503 void server_maybe_append_tags(Server *s) {
1509 n = now(CLOCK_REALTIME);
1511 if (s->system_journal)
1512 journal_file_maybe_append_tag(s->system_journal, n);
1514 HASHMAP_FOREACH(f, s->user_journals, i)
1515 journal_file_maybe_append_tag(f, n);
1519 void server_done(Server *s) {
1523 while (s->stdout_streams)
1524 stdout_stream_free(s->stdout_streams);
1526 if (s->system_journal)
1527 journal_file_close(s->system_journal);
1529 if (s->runtime_journal)
1530 journal_file_close(s->runtime_journal);
1532 while ((f = hashmap_steal_first(s->user_journals)))
1533 journal_file_close(f);
1535 hashmap_free(s->user_journals);
1537 sd_event_source_unref(s->syslog_event_source);
1538 sd_event_source_unref(s->native_event_source);
1539 sd_event_source_unref(s->stdout_event_source);
1540 sd_event_source_unref(s->dev_kmsg_event_source);
1541 sd_event_source_unref(s->sync_event_source);
1542 sd_event_source_unref(s->sigusr1_event_source);
1543 sd_event_source_unref(s->sigusr2_event_source);
1544 sd_event_source_unref(s->sigterm_event_source);
1545 sd_event_source_unref(s->sigint_event_source);
1546 sd_event_unref(s->event);
1548 if (s->syslog_fd >= 0)
1549 close_nointr_nofail(s->syslog_fd);
1551 if (s->native_fd >= 0)
1552 close_nointr_nofail(s->native_fd);
1554 if (s->stdout_fd >= 0)
1555 close_nointr_nofail(s->stdout_fd);
1557 if (s->dev_kmsg_fd >= 0)
1558 close_nointr_nofail(s->dev_kmsg_fd);
1561 journal_rate_limit_free(s->rate_limit);
1563 if (s->kernel_seqnum)
1564 munmap(s->kernel_seqnum, sizeof(uint64_t));
1570 mmap_cache_unref(s->mmap);
1573 udev_unref(s->udev);