1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_UNIT_ID,
81 STDOUT_STREAM_PRIORITY,
82 STDOUT_STREAM_LEVEL_PREFIX,
83 STDOUT_STREAM_FORWARD_TO_SYSLOG,
84 STDOUT_STREAM_FORWARD_TO_KMSG,
85 STDOUT_STREAM_FORWARD_TO_CONSOLE,
91 StdoutStreamState state;
97 security_context_t security_context;
104 bool forward_to_syslog:1;
105 bool forward_to_kmsg:1;
106 bool forward_to_console:1;
108 char buffer[LINE_MAX+1];
111 LIST_FIELDS(StdoutStream, stdout_stream);
114 static const char* const storage_table[] = {
115 [STORAGE_AUTO] = "auto",
116 [STORAGE_VOLATILE] = "volatile",
117 [STORAGE_PERMANENT] = "permanent",
118 [STORAGE_NONE] = "none"
121 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
122 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
124 static int server_flush_to_var(Server *s);
126 static uint64_t available_space(Server *s) {
131 uint64_t sum = 0, avail = 0, ss_avail = 0;
137 ts = now(CLOCK_MONOTONIC);
139 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
140 return s->cached_available_space;
142 r = sd_id128_get_machine(&machine);
146 if (s->system_journal) {
147 f = "/var/log/journal/";
148 m = &s->system_metrics;
150 f = "/run/log/journal/";
151 m = &s->runtime_metrics;
156 p = strappend(f, sd_id128_to_string(machine, ids));
166 if (fstatvfs(dirfd(d), &ss) < 0)
171 struct dirent buf, *de;
173 r = readdir_r(d, &buf, &de);
180 if (!endswith(de->d_name, ".journal") &&
181 !endswith(de->d_name, ".journal~"))
184 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
187 if (!S_ISREG(st.st_mode))
190 sum += (uint64_t) st.st_blocks * 512UL;
193 avail = sum >= m->max_use ? 0 : m->max_use - sum;
195 ss_avail = ss.f_bsize * ss.f_bavail;
197 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
199 if (ss_avail < avail)
202 s->cached_available_space = avail;
203 s->cached_available_space_timestamp = ts;
211 static void server_read_file_gid(Server *s) {
212 const char *adm = "adm";
217 if (s->file_gid_valid)
220 r = get_group_creds(&adm, &s->file_gid);
222 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
224 /* if we couldn't read the gid, then it will be 0, but that's
225 * fine and we shouldn't try to resolve the group again, so
226 * let's just pretend it worked right-away. */
227 s->file_gid_valid = true;
230 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
235 acl_permset_t permset;
240 server_read_file_gid(s);
242 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
244 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
250 acl = acl_get_fd(f->fd);
252 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
256 r = acl_find_uid(acl, uid, &entry);
259 if (acl_create_entry(&acl, &entry) < 0 ||
260 acl_set_tag_type(entry, ACL_USER) < 0 ||
261 acl_set_qualifier(entry, &uid) < 0) {
262 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
267 if (acl_get_permset(entry, &permset) < 0 ||
268 acl_add_perm(permset, ACL_READ) < 0 ||
269 acl_calc_mask(&acl) < 0) {
270 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
274 if (acl_set_fd(f->fd, acl) < 0)
275 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
282 static JournalFile* find_journal(Server *s, uid_t uid) {
291 /* We split up user logs only on /var, not on /run. If the
292 * runtime file is open, we write to it exclusively, in order
293 * to guarantee proper order as soon as we flush /run to
294 * /var and close the runtime file. */
296 if (s->runtime_journal)
297 return s->runtime_journal;
300 return s->system_journal;
302 r = sd_id128_get_machine(&machine);
304 return s->system_journal;
306 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
310 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
311 return s->system_journal;
313 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
314 /* Too many open? Then let's close one */
315 f = hashmap_steal_first(s->user_journals);
317 journal_file_close(f);
320 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
324 return s->system_journal;
326 server_fix_perms(s, f, uid);
328 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
330 journal_file_close(f);
331 return s->system_journal;
337 static void server_rotate(Server *s) {
343 log_info("Rotating...");
345 if (s->runtime_journal) {
346 r = journal_file_rotate(&s->runtime_journal);
348 if (s->runtime_journal)
349 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
351 log_error("Failed to create new runtime journal: %s", strerror(-r));
353 server_fix_perms(s, s->runtime_journal, 0);
356 if (s->system_journal) {
357 r = journal_file_rotate(&s->system_journal);
359 if (s->system_journal)
360 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
362 log_error("Failed to create new system journal: %s", strerror(-r));
365 server_fix_perms(s, s->system_journal, 0);
368 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
369 r = journal_file_rotate(&f);
372 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
374 log_error("Failed to create user journal: %s", strerror(-r));
376 hashmap_replace(s->user_journals, k, f);
377 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
382 static void server_vacuum(Server *s) {
388 log_info("Vacuuming...");
390 r = sd_id128_get_machine(&machine);
392 log_error("Failed to get machine ID: %s", strerror(-r));
396 sd_id128_to_string(machine, ids);
398 if (s->system_journal) {
399 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
400 log_error("Out of memory.");
404 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
405 if (r < 0 && r != -ENOENT)
406 log_error("Failed to vacuum %s: %s", p, strerror(-r));
410 if (s->runtime_journal) {
411 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
412 log_error("Out of memory.");
416 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
417 if (r < 0 && r != -ENOENT)
418 log_error("Failed to vacuum %s: %s", p, strerror(-r));
422 s->cached_available_space_timestamp = 0;
425 static char *shortened_cgroup_path(pid_t pid) {
427 char *process_path, *init_path, *path;
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
435 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
441 if (endswith(init_path, "/system"))
442 init_path[strlen(init_path) - 7] = 0;
443 else if (streq(init_path, "/"))
446 if (startswith(process_path, init_path)) {
449 p = strdup(process_path + strlen(init_path));
467 static void dispatch_message_real(
469 struct iovec *iovec, unsigned n, unsigned m,
472 const char *label, size_t label_len,
473 const char *unit_id) {
475 char *pid = NULL, *uid = NULL, *gid = NULL,
476 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
477 *comm = NULL, *cmdline = NULL, *hostname = NULL,
478 *audit_session = NULL, *audit_loginuid = NULL,
479 *exe = NULL, *cgroup = NULL, *session = NULL,
480 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
486 uid_t loginuid = 0, realuid = 0;
488 bool vacuumed = false;
493 assert(n + N_IOVEC_META_FIELDS <= m);
501 realuid = ucred->uid;
503 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
504 IOVEC_SET_STRING(iovec[n++], pid);
506 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
507 IOVEC_SET_STRING(iovec[n++], uid);
509 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
510 IOVEC_SET_STRING(iovec[n++], gid);
512 r = get_process_comm(ucred->pid, &t);
514 comm = strappend("_COMM=", t);
518 IOVEC_SET_STRING(iovec[n++], comm);
521 r = get_process_exe(ucred->pid, &t);
523 exe = strappend("_EXE=", t);
527 IOVEC_SET_STRING(iovec[n++], exe);
530 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
532 cmdline = strappend("_CMDLINE=", t);
536 IOVEC_SET_STRING(iovec[n++], cmdline);
539 r = audit_session_from_pid(ucred->pid, &audit);
541 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
542 IOVEC_SET_STRING(iovec[n++], audit_session);
544 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
546 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
547 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
549 t = shortened_cgroup_path(ucred->pid);
551 cgroup = strappend("_SYSTEMD_CGROUP=", t);
555 IOVEC_SET_STRING(iovec[n++], cgroup);
559 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
560 session = strappend("_SYSTEMD_SESSION=", t);
564 IOVEC_SET_STRING(iovec[n++], session);
567 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
568 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
569 IOVEC_SET_STRING(iovec[n++], owner_uid);
572 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
573 unit = strappend("_SYSTEMD_UNIT=", t);
576 unit = strappend("_SYSTEMD_UNIT=", unit_id);
579 IOVEC_SET_STRING(iovec[n++], unit);
583 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
584 if (selinux_context) {
585 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
586 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
587 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
588 IOVEC_SET_STRING(iovec[n++], selinux_context);
591 security_context_t con;
593 if (getpidcon(ucred->pid, &con) >= 0) {
594 selinux_context = strappend("_SELINUX_CONTEXT=", con);
596 IOVEC_SET_STRING(iovec[n++], selinux_context);
605 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
606 (unsigned long long) timeval_load(tv)) >= 0)
607 IOVEC_SET_STRING(iovec[n++], source_time);
610 /* Note that strictly speaking storing the boot id here is
611 * redundant since the entry includes this in-line
612 * anyway. However, we need this indexed, too. */
613 r = sd_id128_get_boot(&id);
615 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
616 IOVEC_SET_STRING(iovec[n++], boot_id);
618 r = sd_id128_get_machine(&id);
620 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
621 IOVEC_SET_STRING(iovec[n++], machine_id);
623 t = gethostname_malloc();
625 hostname = strappend("_HOSTNAME=", t);
628 IOVEC_SET_STRING(iovec[n++], hostname);
633 server_flush_to_var(s);
636 f = find_journal(s, realuid == 0 ? 0 : loginuid);
638 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
640 if ((r == -E2BIG || /* hit limit */
641 r == -EFBIG || /* hit fs limit */
642 r == -EDQUOT || /* quota hit */
643 r == -ENOSPC || /* disk full */
644 r == -EBADMSG || /* corrupted */
645 r == -ENODATA || /* truncated */
646 r == -EHOSTDOWN || /* other machine */
647 r == -EPROTONOSUPPORT) && /* unsupported feature */
651 log_info("Allocation limit reached, rotating.");
653 log_warning("Journal file corrupted, rotating.");
659 log_info("Retrying write.");
664 log_error("Failed to write entry, ignoring: %s", strerror(-r));
678 free(audit_loginuid);
683 free(selinux_context);
686 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
687 char mid[11 + 32 + 1];
688 char buffer[16 + LINE_MAX + 1];
689 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
697 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
698 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
700 memcpy(buffer, "MESSAGE=", 8);
701 va_start(ap, format);
702 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
704 char_array_0(buffer);
705 IOVEC_SET_STRING(iovec[n++], buffer);
707 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
709 IOVEC_SET_STRING(iovec[n++], mid);
712 ucred.pid = getpid();
713 ucred.uid = getuid();
714 ucred.gid = getgid();
716 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
719 static void dispatch_message(Server *s,
720 struct iovec *iovec, unsigned n, unsigned m,
723 const char *label, size_t label_len,
727 char *path = NULL, *c;
730 assert(iovec || n == 0);
735 if (LOG_PRI(priority) > s->max_level_store)
741 path = shortened_cgroup_path(ucred->pid);
745 /* example: /user/lennart/3/foobar
746 * /system/dbus.service/foobar
748 * So let's cut of everything past the third /, since that is
749 * wher user directories start */
751 c = strchr(path, '/');
753 c = strchr(c+1, '/');
755 c = strchr(c+1, '/');
761 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
768 /* Write a suppression message if we suppressed something */
770 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
775 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
778 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
779 struct msghdr msghdr;
780 struct cmsghdr *cmsg;
782 struct cmsghdr cmsghdr;
783 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
785 union sockaddr_union sa;
792 msghdr.msg_iov = (struct iovec*) iovec;
793 msghdr.msg_iovlen = n_iovec;
796 sa.un.sun_family = AF_UNIX;
797 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
798 msghdr.msg_name = &sa;
799 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
803 msghdr.msg_control = &control;
804 msghdr.msg_controllen = sizeof(control);
806 cmsg = CMSG_FIRSTHDR(&msghdr);
807 cmsg->cmsg_level = SOL_SOCKET;
808 cmsg->cmsg_type = SCM_CREDENTIALS;
809 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
810 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
811 msghdr.msg_controllen = cmsg->cmsg_len;
814 /* Forward the syslog message we received via /dev/log to
815 * /run/systemd/syslog. Unfortunately we currently can't set
816 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
818 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
821 /* The socket is full? I guess the syslog implementation is
822 * too slow, and we shouldn't wait for that... */
826 if (ucred && errno == ESRCH) {
829 /* Hmm, presumably the sender process vanished
830 * by now, so let's fix it as good as we
835 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
837 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
844 log_debug("Failed to forward syslog message: %m");
847 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
853 if (LOG_PRI(priority) > s->max_level_syslog)
856 IOVEC_SET_STRING(iovec, buffer);
857 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
860 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
861 struct iovec iovec[5];
862 char header_priority[6], header_time[64], header_pid[16];
866 char *ident_buf = NULL;
869 assert(priority >= 0);
870 assert(priority <= 999);
873 if (LOG_PRI(priority) > s->max_level_syslog)
876 /* First: priority field */
877 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
878 char_array_0(header_priority);
879 IOVEC_SET_STRING(iovec[n++], header_priority);
881 /* Second: timestamp */
882 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
886 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
888 IOVEC_SET_STRING(iovec[n++], header_time);
890 /* Third: identifier and PID */
893 get_process_comm(ucred->pid, &ident_buf);
894 identifier = ident_buf;
897 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
898 char_array_0(header_pid);
901 IOVEC_SET_STRING(iovec[n++], identifier);
903 IOVEC_SET_STRING(iovec[n++], header_pid);
904 } else if (identifier) {
905 IOVEC_SET_STRING(iovec[n++], identifier);
906 IOVEC_SET_STRING(iovec[n++], ": ");
909 /* Fourth: message */
910 IOVEC_SET_STRING(iovec[n++], message);
912 forward_syslog_iovec(s, iovec, n, ucred, tv);
917 static int fixup_priority(int priority) {
919 if ((priority & LOG_FACMASK) == 0)
920 return (priority & LOG_PRIMASK) | LOG_USER;
925 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
926 struct iovec iovec[5];
927 char header_priority[6], header_pid[16];
929 char *ident_buf = NULL;
933 assert(priority >= 0);
934 assert(priority <= 999);
937 if (LOG_PRI(priority) > s->max_level_kmsg)
940 /* Never allow messages with kernel facility to be written to
941 * kmsg, regardless where the data comes from. */
942 priority = fixup_priority(priority);
944 /* First: priority field */
945 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
946 char_array_0(header_priority);
947 IOVEC_SET_STRING(iovec[n++], header_priority);
949 /* Second: identifier and PID */
952 get_process_comm(ucred->pid, &ident_buf);
953 identifier = ident_buf;
956 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
957 char_array_0(header_pid);
960 IOVEC_SET_STRING(iovec[n++], identifier);
962 IOVEC_SET_STRING(iovec[n++], header_pid);
963 } else if (identifier) {
964 IOVEC_SET_STRING(iovec[n++], identifier);
965 IOVEC_SET_STRING(iovec[n++], ": ");
968 /* Fourth: message */
969 IOVEC_SET_STRING(iovec[n++], message);
970 IOVEC_SET_STRING(iovec[n++], "\n");
972 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
974 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
978 if (writev(fd, iovec, n) < 0)
979 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
981 close_nointr_nofail(fd);
987 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
988 struct iovec iovec[4];
991 char *ident_buf = NULL;
997 if (LOG_PRI(priority) > s->max_level_console)
1000 /* First: identifier and PID */
1003 get_process_comm(ucred->pid, &ident_buf);
1004 identifier = ident_buf;
1007 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1008 char_array_0(header_pid);
1011 IOVEC_SET_STRING(iovec[n++], identifier);
1013 IOVEC_SET_STRING(iovec[n++], header_pid);
1014 } else if (identifier) {
1015 IOVEC_SET_STRING(iovec[n++], identifier);
1016 IOVEC_SET_STRING(iovec[n++], ": ");
1019 /* Third: message */
1020 IOVEC_SET_STRING(iovec[n++], message);
1021 IOVEC_SET_STRING(iovec[n++], "\n");
1023 tty = s->tty_path ? s->tty_path : "/dev/console";
1025 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1027 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1031 if (writev(fd, iovec, n) < 0)
1032 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1034 close_nointr_nofail(fd);
1040 static void read_identifier(const char **buf, char **identifier, char **pid) {
1051 p += strspn(p, WHITESPACE);
1052 l = strcspn(p, WHITESPACE);
1061 if (p[l-1] == ']') {
1067 t = strndup(p+k+1, l-k-2);
1087 *buf += strspn(*buf, WHITESPACE);
1090 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1091 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1092 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1094 int priority = LOG_USER | LOG_INFO;
1095 char *identifier = NULL, *pid = NULL;
1102 parse_syslog_priority((char**) &buf, &priority);
1104 if (s->forward_to_syslog)
1105 forward_syslog_raw(s, priority, orig, ucred, tv);
1107 skip_syslog_date((char**) &buf);
1108 read_identifier(&buf, &identifier, &pid);
1110 if (s->forward_to_kmsg)
1111 forward_kmsg(s, priority, identifier, buf, ucred);
1113 if (s->forward_to_console)
1114 forward_console(s, priority, identifier, buf, ucred);
1116 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1118 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1119 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1121 if (priority & LOG_FACMASK)
1122 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1123 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1126 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1127 if (syslog_identifier)
1128 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1132 syslog_pid = strappend("SYSLOG_PID=", pid);
1134 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1137 message = strappend("MESSAGE=", buf);
1139 IOVEC_SET_STRING(iovec[n++], message);
1141 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1146 free(syslog_priority);
1147 free(syslog_facility);
1148 free(syslog_identifier);
1151 static bool valid_user_field(const char *p, size_t l) {
1154 /* We kinda enforce POSIX syntax recommendations for
1155 environment variables here, but make a couple of additional
1158 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1160 /* No empty field names */
1164 /* Don't allow names longer than 64 chars */
1168 /* Variables starting with an underscore are protected */
1172 /* Don't allow digits as first character */
1173 if (p[0] >= '0' && p[0] <= '9')
1176 /* Only allow A-Z0-9 and '_' */
1177 for (a = p; a < p + l; a++)
1178 if (!((*a >= 'A' && *a <= 'Z') ||
1179 (*a >= '0' && *a <= '9') ||
1186 static void process_native_message(
1188 const void *buffer, size_t buffer_size,
1189 struct ucred *ucred,
1191 const char *label, size_t label_len) {
1193 struct iovec *iovec = NULL;
1194 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1197 int priority = LOG_INFO;
1198 char *identifier = NULL, *message = NULL;
1201 assert(buffer || buffer_size == 0);
1204 remaining = buffer_size;
1206 while (remaining > 0) {
1209 e = memchr(p, '\n', remaining);
1212 /* Trailing noise, let's ignore it, and flush what we collected */
1213 log_debug("Received message with trailing noise, ignoring.");
1218 /* Entry separator */
1219 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1221 priority = LOG_INFO;
1228 if (*p == '.' || *p == '#') {
1229 /* Ignore control commands for now, and
1231 remaining -= (e - p) + 1;
1236 /* A property follows */
1238 if (n+N_IOVEC_META_FIELDS >= m) {
1242 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1243 c = realloc(iovec, u * sizeof(struct iovec));
1245 log_error("Out of memory");
1253 q = memchr(p, '=', e - p);
1255 if (valid_user_field(p, q - p)) {
1260 /* If the field name starts with an
1261 * underscore, skip the variable,
1262 * since that indidates a trusted
1264 iovec[n].iov_base = (char*) p;
1265 iovec[n].iov_len = l;
1268 /* We need to determine the priority
1269 * of this entry for the rate limiting
1272 memcmp(p, "PRIORITY=", 9) == 0 &&
1273 p[9] >= '0' && p[9] <= '9')
1274 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1277 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1278 p[16] >= '0' && p[16] <= '9')
1279 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1282 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1283 p[16] >= '0' && p[16] <= '9' &&
1284 p[17] >= '0' && p[17] <= '9')
1285 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1288 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1291 t = strndup(p + 18, l - 18);
1296 } else if (l >= 8 &&
1297 memcmp(p, "MESSAGE=", 8) == 0) {
1300 t = strndup(p + 8, l - 8);
1308 remaining -= (e - p) + 1;
1316 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1317 log_debug("Failed to parse message, ignoring.");
1321 memcpy(&l_le, e + 1, sizeof(uint64_t));
1324 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1325 e[1+sizeof(uint64_t)+l] != '\n') {
1326 log_debug("Failed to parse message, ignoring.");
1330 k = malloc((e - p) + 1 + l);
1332 log_error("Out of memory");
1336 memcpy(k, p, e - p);
1338 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1340 if (valid_user_field(p, e - p)) {
1341 iovec[n].iov_base = k;
1342 iovec[n].iov_len = (e - p) + 1 + l;
1347 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1348 p = e + 1 + sizeof(uint64_t) + l + 1;
1356 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1359 if (s->forward_to_syslog)
1360 forward_syslog(s, priority, identifier, message, ucred, tv);
1362 if (s->forward_to_kmsg)
1363 forward_kmsg(s, priority, identifier, message, ucred);
1365 if (s->forward_to_console)
1366 forward_console(s, priority, identifier, message, ucred);
1369 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1372 for (j = 0; j < n; j++) {
1376 if (iovec[j].iov_base < buffer ||
1377 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1378 free(iovec[j].iov_base);
1386 static void process_native_file(
1389 struct ucred *ucred,
1391 const char *label, size_t label_len) {
1400 /* Data is in the passed file, since it didn't fit in a
1401 * datagram. We can't map the file here, since clients might
1402 * then truncate it and trigger a SIGBUS for us. So let's
1403 * stupidly read it */
1405 if (fstat(fd, &st) < 0) {
1406 log_error("Failed to stat passed file, ignoring: %m");
1410 if (!S_ISREG(st.st_mode)) {
1411 log_error("File passed is not regular. Ignoring.");
1415 if (st.st_size <= 0)
1418 if (st.st_size > ENTRY_SIZE_MAX) {
1419 log_error("File passed too large. Ignoring.");
1423 p = malloc(st.st_size);
1425 log_error("Out of memory");
1429 n = pread(fd, p, st.st_size, 0);
1431 log_error("Failed to read file, ignoring: %s", strerror(-n));
1433 process_native_message(s, p, n, ucred, tv, label, label_len);
1438 static int stdout_stream_log(StdoutStream *s, const char *p) {
1439 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1440 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1444 size_t label_len = 0;
1452 priority = s->priority;
1454 if (s->level_prefix)
1455 parse_syslog_priority((char**) &p, &priority);
1457 if (s->forward_to_syslog || s->server->forward_to_syslog)
1458 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1460 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1461 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1463 if (s->forward_to_console || s->server->forward_to_console)
1464 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1466 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1468 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1469 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1471 if (priority & LOG_FACMASK)
1472 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1473 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1475 if (s->identifier) {
1476 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1477 if (syslog_identifier)
1478 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1481 message = strappend("MESSAGE=", p);
1483 IOVEC_SET_STRING(iovec[n++], message);
1486 if (s->security_context) {
1487 label = (char*) s->security_context;
1488 label_len = strlen((char*) s->security_context);
1492 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1495 free(syslog_priority);
1496 free(syslog_facility);
1497 free(syslog_identifier);
1502 static int stdout_stream_line(StdoutStream *s, char *p) {
1512 case STDOUT_STREAM_IDENTIFIER:
1514 s->identifier = NULL;
1516 s->identifier = strdup(p);
1517 if (!s->identifier) {
1518 log_error("Out of memory");
1523 s->state = STDOUT_STREAM_UNIT_ID;
1526 case STDOUT_STREAM_UNIT_ID:
1527 if (s->ucred.uid == 0) {
1531 s->unit_id = strdup(p);
1533 log_error("Out of memory");
1539 s->state = STDOUT_STREAM_PRIORITY;
1542 case STDOUT_STREAM_PRIORITY:
1543 r = safe_atoi(p, &s->priority);
1544 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1545 log_warning("Failed to parse log priority line.");
1549 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1552 case STDOUT_STREAM_LEVEL_PREFIX:
1553 r = parse_boolean(p);
1555 log_warning("Failed to parse level prefix line.");
1559 s->level_prefix = !!r;
1560 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1563 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1564 r = parse_boolean(p);
1566 log_warning("Failed to parse forward to syslog line.");
1570 s->forward_to_syslog = !!r;
1571 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1574 case STDOUT_STREAM_FORWARD_TO_KMSG:
1575 r = parse_boolean(p);
1577 log_warning("Failed to parse copy to kmsg line.");
1581 s->forward_to_kmsg = !!r;
1582 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1585 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1586 r = parse_boolean(p);
1588 log_warning("Failed to parse copy to console line.");
1592 s->forward_to_console = !!r;
1593 s->state = STDOUT_STREAM_RUNNING;
1596 case STDOUT_STREAM_RUNNING:
1597 return stdout_stream_log(s, p);
1600 assert_not_reached("Unknown stream state");
1603 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1611 remaining = s->length;
1616 end = memchr(p, '\n', remaining);
1619 else if (remaining >= sizeof(s->buffer) - 1) {
1620 end = p + sizeof(s->buffer) - 1;
1627 r = stdout_stream_line(s, p);
1635 if (force_flush && remaining > 0) {
1637 r = stdout_stream_line(s, p);
1645 if (p > s->buffer) {
1646 memmove(s->buffer, p, remaining);
1647 s->length = remaining;
1653 static int stdout_stream_process(StdoutStream *s) {
1659 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1662 if (errno == EAGAIN)
1665 log_warning("Failed to read from stream: %m");
1670 r = stdout_stream_scan(s, true);
1678 r = stdout_stream_scan(s, false);
1686 static void stdout_stream_free(StdoutStream *s) {
1690 assert(s->server->n_stdout_streams > 0);
1691 s->server->n_stdout_streams --;
1692 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1697 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1699 close_nointr_nofail(s->fd);
1703 if (s->security_context)
1704 freecon(s->security_context);
1707 free(s->identifier);
1711 static int stdout_stream_new(Server *s) {
1712 StdoutStream *stream;
1715 struct epoll_event ev;
1719 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1721 if (errno == EAGAIN)
1724 log_error("Failed to accept stdout connection: %m");
1728 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1729 log_warning("Too many stdout streams, refusing connection.");
1730 close_nointr_nofail(fd);
1734 stream = new0(StdoutStream, 1);
1736 log_error("Out of memory.");
1737 close_nointr_nofail(fd);
1743 len = sizeof(stream->ucred);
1744 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1745 log_error("Failed to determine peer credentials: %m");
1751 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1752 log_error("Failed to determine peer security context: %m");
1755 if (shutdown(fd, SHUT_WR) < 0) {
1756 log_error("Failed to shutdown writing side of socket: %m");
1762 ev.data.ptr = stream;
1763 ev.events = EPOLLIN;
1764 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1765 log_error("Failed to add stream to event loop: %m");
1771 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1772 s->n_stdout_streams ++;
1777 stdout_stream_free(stream);
1781 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1792 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1797 for (i = 1; i <= 5; i++) {
1803 k = undecchar(p[i]);
1810 for (i = 7; i <= 12; i++) {
1813 k = undecchar(p[i]);
1822 *_p += strspn(*_p, WHITESPACE);
1827 static bool is_us(const char *pid) {
1832 if (parse_pid(pid, &t) < 0)
1835 return t == getpid();
1838 static void proc_kmsg_line(Server *s, const char *p) {
1839 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1840 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1841 int priority = LOG_KERN | LOG_INFO;
1844 char *identifier = NULL, *pid = NULL;
1852 parse_syslog_priority((char **) &p, &priority);
1854 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1857 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1858 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1859 (unsigned long long) usec) >= 0)
1860 IOVEC_SET_STRING(iovec[n++], source_time);
1863 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1865 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1866 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1868 if ((priority & LOG_FACMASK) == LOG_KERN) {
1870 if (s->forward_to_syslog)
1871 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1873 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1875 read_identifier(&p, &identifier, &pid);
1877 /* Avoid any messages we generated ourselves via
1878 * log_info() and friends. */
1879 if (pid && is_us(pid))
1882 if (s->forward_to_syslog)
1883 forward_syslog(s, priority, identifier, p, NULL, NULL);
1886 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1887 if (syslog_identifier)
1888 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1892 syslog_pid = strappend("SYSLOG_PID=", pid);
1894 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1897 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1898 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1901 message = strappend("MESSAGE=", p);
1903 IOVEC_SET_STRING(iovec[n++], message);
1905 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1909 free(syslog_priority);
1910 free(syslog_identifier);
1912 free(syslog_facility);
1918 static void proc_kmsg_scan(Server *s) {
1924 p = s->proc_kmsg_buffer;
1925 remaining = s->proc_kmsg_length;
1930 end = memchr(p, '\n', remaining);
1933 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1934 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1941 proc_kmsg_line(s, p);
1947 if (p > s->proc_kmsg_buffer) {
1948 memmove(s->proc_kmsg_buffer, p, remaining);
1949 s->proc_kmsg_length = remaining;
1953 static int system_journal_open(Server *s) {
1959 r = sd_id128_get_machine(&machine);
1963 sd_id128_to_string(machine, ids);
1965 if (!s->system_journal &&
1966 (s->storage == STORAGE_PERMANENT ||
1967 s->storage == STORAGE_AUTO)) {
1969 /* If in auto mode: first try to create the machine
1970 * path, but not the prefix.
1972 * If in permanent mode: create /var/log/journal and
1973 * the machine path */
1975 if (s->storage & STORAGE_PERMANENT)
1976 (void) mkdir("/var/log/journal/", 0755);
1978 fn = strappend("/var/log/journal/", ids);
1982 (void) mkdir(fn, 0755);
1985 /* The create the system journal file */
1986 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1990 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1994 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1996 s->system_journal->metrics = s->system_metrics;
1997 s->system_journal->compress = s->compress;
1999 server_fix_perms(s, s->system_journal, 0);
2002 if (r != -ENOENT && r != -EROFS)
2003 log_warning("Failed to open system journal: %s", strerror(-r));
2009 if (!s->runtime_journal &&
2010 (s->storage != STORAGE_NONE)) {
2012 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
2016 if (s->system_journal) {
2018 /* Try to open the runtime journal, but only
2019 * if it already exists, so that we can flush
2020 * it into the system journal */
2022 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
2027 log_warning("Failed to open runtime journal: %s", strerror(-r));
2034 /* OK, we really need the runtime journal, so create
2035 * it if necessary. */
2037 (void) mkdir_parents_label(fn, 0755);
2038 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2042 log_error("Failed to open runtime journal: %s", strerror(-r));
2047 if (s->runtime_journal) {
2048 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2050 s->runtime_journal->metrics = s->runtime_metrics;
2051 s->runtime_journal->compress = s->compress;
2053 server_fix_perms(s, s->runtime_journal, 0);
2060 static int server_flush_to_var(Server *s) {
2061 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2070 if (s->storage != STORAGE_AUTO &&
2071 s->storage != STORAGE_PERMANENT)
2074 if (!s->runtime_journal)
2077 ts = now(CLOCK_MONOTONIC);
2078 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2081 s->var_available_timestamp = ts;
2083 system_journal_open(s);
2085 if (!s->system_journal)
2088 log_info("Flushing to /var...");
2090 r = sd_id128_get_machine(&machine);
2092 log_error("Failed to get machine id: %s", strerror(-r));
2096 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2098 log_error("Failed to read runtime journal: %s", strerror(-r));
2102 SD_JOURNAL_FOREACH(j) {
2105 f = j->current_file;
2106 assert(f && f->current_offset > 0);
2108 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2110 log_error("Can't read entry: %s", strerror(-r));
2114 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2116 log_info("Allocation limit reached.");
2118 journal_file_post_change(s->system_journal);
2122 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2126 log_error("Can't write entry: %s", strerror(-r));
2132 journal_file_post_change(s->system_journal);
2134 journal_file_close(s->runtime_journal);
2135 s->runtime_journal = NULL;
2138 sd_id128_to_string(machine, path + 17);
2139 rm_rf(path, false, true, false);
2145 static int server_read_proc_kmsg(Server *s) {
2148 assert(s->proc_kmsg_fd >= 0);
2150 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2153 if (errno == EAGAIN || errno == EINTR)
2156 log_error("Failed to read from kernel: %m");
2160 s->proc_kmsg_length += l;
2166 static int server_flush_proc_kmsg(Server *s) {
2171 if (s->proc_kmsg_fd < 0)
2174 log_info("Flushing /proc/kmsg...");
2177 r = server_read_proc_kmsg(s);
2188 static int process_event(Server *s, struct epoll_event *ev) {
2192 if (ev->data.fd == s->signal_fd) {
2193 struct signalfd_siginfo sfsi;
2196 if (ev->events != EPOLLIN) {
2197 log_info("Got invalid event from epoll.");
2201 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2202 if (n != sizeof(sfsi)) {
2207 if (errno == EINTR || errno == EAGAIN)
2213 if (sfsi.ssi_signo == SIGUSR1) {
2214 server_flush_to_var(s);
2218 if (sfsi.ssi_signo == SIGUSR2) {
2224 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2227 } else if (ev->data.fd == s->proc_kmsg_fd) {
2230 if (ev->events != EPOLLIN) {
2231 log_info("Got invalid event from epoll.");
2235 r = server_read_proc_kmsg(s);
2241 } else if (ev->data.fd == s->native_fd ||
2242 ev->data.fd == s->syslog_fd) {
2244 if (ev->events != EPOLLIN) {
2245 log_info("Got invalid event from epoll.");
2250 struct msghdr msghdr;
2252 struct ucred *ucred = NULL;
2253 struct timeval *tv = NULL;
2254 struct cmsghdr *cmsg;
2256 size_t label_len = 0;
2258 struct cmsghdr cmsghdr;
2260 /* We use NAME_MAX space for the
2261 * SELinux label here. The kernel
2262 * currently enforces no limit, but
2263 * according to suggestions from the
2264 * SELinux people this will change and
2265 * it will probably be identical to
2266 * NAME_MAX. For now we use that, but
2267 * this should be updated one day when
2268 * the final limit is known.*/
2269 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2270 CMSG_SPACE(sizeof(struct timeval)) +
2271 CMSG_SPACE(sizeof(int)) + /* fd */
2272 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2279 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2280 log_error("SIOCINQ failed: %m");
2284 if (s->buffer_size < (size_t) v) {
2288 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2289 b = realloc(s->buffer, l+1);
2292 log_error("Couldn't increase buffer.");
2301 iovec.iov_base = s->buffer;
2302 iovec.iov_len = s->buffer_size;
2306 msghdr.msg_iov = &iovec;
2307 msghdr.msg_iovlen = 1;
2308 msghdr.msg_control = &control;
2309 msghdr.msg_controllen = sizeof(control);
2311 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2314 if (errno == EINTR || errno == EAGAIN)
2317 log_error("recvmsg() failed: %m");
2321 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2323 if (cmsg->cmsg_level == SOL_SOCKET &&
2324 cmsg->cmsg_type == SCM_CREDENTIALS &&
2325 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2326 ucred = (struct ucred*) CMSG_DATA(cmsg);
2327 else if (cmsg->cmsg_level == SOL_SOCKET &&
2328 cmsg->cmsg_type == SCM_SECURITY) {
2329 label = (char*) CMSG_DATA(cmsg);
2330 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2331 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2332 cmsg->cmsg_type == SO_TIMESTAMP &&
2333 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2334 tv = (struct timeval*) CMSG_DATA(cmsg);
2335 else if (cmsg->cmsg_level == SOL_SOCKET &&
2336 cmsg->cmsg_type == SCM_RIGHTS) {
2337 fds = (int*) CMSG_DATA(cmsg);
2338 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2342 if (ev->data.fd == s->syslog_fd) {
2345 if (n > 0 && n_fds == 0) {
2346 e = memchr(s->buffer, '\n', n);
2352 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2353 } else if (n_fds > 0)
2354 log_warning("Got file descriptors via syslog socket. Ignoring.");
2357 if (n > 0 && n_fds == 0)
2358 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2359 else if (n == 0 && n_fds == 1)
2360 process_native_file(s, fds[0], ucred, tv, label, label_len);
2362 log_warning("Got too many file descriptors via native socket. Ignoring.");
2365 close_many(fds, n_fds);
2370 } else if (ev->data.fd == s->stdout_fd) {
2372 if (ev->events != EPOLLIN) {
2373 log_info("Got invalid event from epoll.");
2377 stdout_stream_new(s);
2381 StdoutStream *stream;
2383 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2384 log_info("Got invalid event from epoll.");
2388 /* If it is none of the well-known fds, it must be an
2389 * stdout stream fd. Note that this is a bit ugly here
2390 * (since we rely that none of the well-known fds
2391 * could be interpreted as pointer), but nonetheless
2392 * safe, since the well-known fds would never get an
2393 * fd > 4096, i.e. beyond the first memory page */
2395 stream = ev->data.ptr;
2397 if (stdout_stream_process(stream) <= 0)
2398 stdout_stream_free(stream);
2403 log_error("Unknown event.");
2407 static int open_syslog_socket(Server *s) {
2408 union sockaddr_union sa;
2410 struct epoll_event ev;
2414 if (s->syslog_fd < 0) {
2416 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2417 if (s->syslog_fd < 0) {
2418 log_error("socket() failed: %m");
2423 sa.un.sun_family = AF_UNIX;
2424 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2426 unlink(sa.un.sun_path);
2428 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2430 log_error("bind() failed: %m");
2434 chmod(sa.un.sun_path, 0666);
2436 fd_nonblock(s->syslog_fd, 1);
2439 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2441 log_error("SO_PASSCRED failed: %m");
2447 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2449 log_warning("SO_PASSSEC failed: %m");
2453 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2455 log_error("SO_TIMESTAMP failed: %m");
2460 ev.events = EPOLLIN;
2461 ev.data.fd = s->syslog_fd;
2462 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2463 log_error("Failed to add syslog server fd to epoll object: %m");
2470 static int open_native_socket(Server*s) {
2471 union sockaddr_union sa;
2473 struct epoll_event ev;
2477 if (s->native_fd < 0) {
2479 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2480 if (s->native_fd < 0) {
2481 log_error("socket() failed: %m");
2486 sa.un.sun_family = AF_UNIX;
2487 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2489 unlink(sa.un.sun_path);
2491 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2493 log_error("bind() failed: %m");
2497 chmod(sa.un.sun_path, 0666);
2499 fd_nonblock(s->native_fd, 1);
2502 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2504 log_error("SO_PASSCRED failed: %m");
2510 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2512 log_warning("SO_PASSSEC failed: %m");
2516 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2518 log_error("SO_TIMESTAMP failed: %m");
2523 ev.events = EPOLLIN;
2524 ev.data.fd = s->native_fd;
2525 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2526 log_error("Failed to add native server fd to epoll object: %m");
2533 static int open_stdout_socket(Server *s) {
2534 union sockaddr_union sa;
2536 struct epoll_event ev;
2540 if (s->stdout_fd < 0) {
2542 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2543 if (s->stdout_fd < 0) {
2544 log_error("socket() failed: %m");
2549 sa.un.sun_family = AF_UNIX;
2550 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2552 unlink(sa.un.sun_path);
2554 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2556 log_error("bind() failed: %m");
2560 chmod(sa.un.sun_path, 0666);
2562 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2563 log_error("liste() failed: %m");
2567 fd_nonblock(s->stdout_fd, 1);
2570 ev.events = EPOLLIN;
2571 ev.data.fd = s->stdout_fd;
2572 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2573 log_error("Failed to add stdout server fd to epoll object: %m");
2580 static int open_proc_kmsg(Server *s) {
2581 struct epoll_event ev;
2585 if (!s->import_proc_kmsg)
2588 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2589 if (s->proc_kmsg_fd < 0) {
2590 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2595 ev.events = EPOLLIN;
2596 ev.data.fd = s->proc_kmsg_fd;
2597 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2598 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2605 static int open_signalfd(Server *s) {
2607 struct epoll_event ev;
2611 assert_se(sigemptyset(&mask) == 0);
2612 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2613 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2615 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2616 if (s->signal_fd < 0) {
2617 log_error("signalfd(): %m");
2622 ev.events = EPOLLIN;
2623 ev.data.fd = s->signal_fd;
2625 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2626 log_error("epoll_ctl(): %m");
2633 static int server_parse_proc_cmdline(Server *s) {
2634 char *line, *w, *state;
2638 if (detect_container(NULL) > 0)
2641 r = read_one_line_file("/proc/cmdline", &line);
2643 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2647 FOREACH_WORD_QUOTED(w, l, line, state) {
2650 word = strndup(w, l);
2656 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2657 r = parse_boolean(word + 35);
2659 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2661 s->forward_to_syslog = r;
2662 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2663 r = parse_boolean(word + 33);
2665 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2667 s->forward_to_kmsg = r;
2668 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2669 r = parse_boolean(word + 36);
2671 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2673 s->forward_to_console = r;
2674 } else if (startswith(word, "systemd.journald"))
2675 log_warning("Invalid systemd.journald parameter. Ignoring.");
2687 static int server_parse_config_file(Server *s) {
2694 fn = "/etc/systemd/journald.conf";
2695 f = fopen(fn, "re");
2697 if (errno == ENOENT)
2700 log_warning("Failed to open configuration file %s: %m", fn);
2704 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2706 log_warning("Failed to parse configuration file: %s", strerror(-r));
2713 static int server_init(Server *s) {
2719 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2722 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2723 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2725 s->forward_to_syslog = true;
2726 s->import_proc_kmsg = true;
2728 s->max_level_store = LOG_DEBUG;
2729 s->max_level_syslog = LOG_DEBUG;
2730 s->max_level_kmsg = LOG_NOTICE;
2731 s->max_level_console = LOG_INFO;
2733 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2734 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2736 server_parse_config_file(s);
2737 server_parse_proc_cmdline(s);
2739 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2740 if (!s->user_journals) {
2741 log_error("Out of memory.");
2745 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2746 if (s->epoll_fd < 0) {
2747 log_error("Failed to create epoll object: %m");
2751 n = sd_listen_fds(true);
2753 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2757 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2759 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2761 if (s->native_fd >= 0) {
2762 log_error("Too many native sockets passed.");
2768 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2770 if (s->stdout_fd >= 0) {
2771 log_error("Too many stdout sockets passed.");
2777 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2779 if (s->syslog_fd >= 0) {
2780 log_error("Too many /dev/log sockets passed.");
2787 log_error("Unknown socket passed.");
2792 r = open_syslog_socket(s);
2796 r = open_native_socket(s);
2800 r = open_stdout_socket(s);
2804 r = open_proc_kmsg(s);
2808 r = open_signalfd(s);
2812 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2816 r = system_journal_open(s);
2823 static void server_done(Server *s) {
2827 while (s->stdout_streams)
2828 stdout_stream_free(s->stdout_streams);
2830 if (s->system_journal)
2831 journal_file_close(s->system_journal);
2833 if (s->runtime_journal)
2834 journal_file_close(s->runtime_journal);
2836 while ((f = hashmap_steal_first(s->user_journals)))
2837 journal_file_close(f);
2839 hashmap_free(s->user_journals);
2841 if (s->epoll_fd >= 0)
2842 close_nointr_nofail(s->epoll_fd);
2844 if (s->signal_fd >= 0)
2845 close_nointr_nofail(s->signal_fd);
2847 if (s->syslog_fd >= 0)
2848 close_nointr_nofail(s->syslog_fd);
2850 if (s->native_fd >= 0)
2851 close_nointr_nofail(s->native_fd);
2853 if (s->stdout_fd >= 0)
2854 close_nointr_nofail(s->stdout_fd);
2856 if (s->proc_kmsg_fd >= 0)
2857 close_nointr_nofail(s->proc_kmsg_fd);
2860 journal_rate_limit_free(s->rate_limit);
2866 int main(int argc, char *argv[]) {
2870 /* if (getppid() != 1) { */
2871 /* log_error("This program should be invoked by init only."); */
2872 /* return EXIT_FAILURE; */
2876 log_error("This program does not take arguments.");
2877 return EXIT_FAILURE;
2880 log_set_target(LOG_TARGET_SAFE);
2881 log_set_facility(LOG_SYSLOG);
2882 log_parse_environment();
2887 r = server_init(&server);
2891 server_vacuum(&server);
2892 server_flush_to_var(&server);
2893 server_flush_proc_kmsg(&server);
2895 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2896 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2900 "STATUS=Processing requests...");
2903 struct epoll_event event;
2905 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2911 log_error("epoll_wait() failed: %m");
2917 r = process_event(&server, &event);
2924 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2925 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2929 "STATUS=Shutting down...");
2931 server_done(&server);
2933 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;