1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_PRIORITY,
81 STDOUT_STREAM_LEVEL_PREFIX,
82 STDOUT_STREAM_FORWARD_TO_SYSLOG,
83 STDOUT_STREAM_FORWARD_TO_KMSG,
84 STDOUT_STREAM_FORWARD_TO_CONSOLE,
90 StdoutStreamState state;
96 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static int server_flush_to_var(Server *s);
114 static uint64_t available_space(Server *s) {
119 uint64_t sum = 0, avail = 0, ss_avail = 0;
125 ts = now(CLOCK_MONOTONIC);
127 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
128 return s->cached_available_space;
130 r = sd_id128_get_machine(&machine);
134 if (s->system_journal) {
135 f = "/var/log/journal/";
136 m = &s->system_metrics;
138 f = "/run/log/journal/";
139 m = &s->runtime_metrics;
144 p = strappend(f, sd_id128_to_string(machine, ids));
154 if (fstatvfs(dirfd(d), &ss) < 0)
159 struct dirent buf, *de;
161 r = readdir_r(d, &buf, &de);
168 if (!endswith(de->d_name, ".journal") &&
169 !endswith(de->d_name, ".journal~"))
172 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
175 if (!S_ISREG(st.st_mode))
178 sum += (uint64_t) st.st_blocks * 512UL;
181 avail = sum >= m->max_use ? 0 : m->max_use - sum;
183 ss_avail = ss.f_bsize * ss.f_bavail;
185 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
187 if (ss_avail < avail)
190 s->cached_available_space = avail;
191 s->cached_available_space_timestamp = ts;
199 static void server_read_file_gid(Server *s) {
200 const char *adm = "adm";
205 if (s->file_gid_valid)
208 r = get_group_creds(&adm, &s->file_gid);
210 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
212 /* if we couldn't read the gid, then it will be 0, but that's
213 * fine and we shouldn't try to resolve the group again, so
214 * let's just pretend it worked right-away. */
215 s->file_gid_valid = true;
218 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
223 acl_permset_t permset;
228 server_read_file_gid(s);
230 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
232 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
238 acl = acl_get_fd(f->fd);
240 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
244 r = acl_find_uid(acl, uid, &entry);
247 if (acl_create_entry(&acl, &entry) < 0 ||
248 acl_set_tag_type(entry, ACL_USER) < 0 ||
249 acl_set_qualifier(entry, &uid) < 0) {
250 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
255 if (acl_get_permset(entry, &permset) < 0 ||
256 acl_add_perm(permset, ACL_READ) < 0 ||
257 acl_calc_mask(&acl) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
262 if (acl_set_fd(f->fd, acl) < 0)
263 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
270 static JournalFile* find_journal(Server *s, uid_t uid) {
279 /* We split up user logs only on /var, not on /run. If the
280 * runtime file is open, we write to it exclusively, in order
281 * to guarantee proper order as soon as we flush /run to
282 * /var and close the runtime file. */
284 if (s->runtime_journal)
285 return s->runtime_journal;
288 return s->system_journal;
290 r = sd_id128_get_machine(&machine);
292 return s->system_journal;
294 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
298 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
299 return s->system_journal;
301 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
302 /* Too many open? Then let's close one */
303 f = hashmap_steal_first(s->user_journals);
305 journal_file_close(f);
308 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
312 return s->system_journal;
314 server_fix_perms(s, f, uid);
316 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
318 journal_file_close(f);
319 return s->system_journal;
325 static void server_rotate(Server *s) {
331 log_info("Rotating...");
333 if (s->runtime_journal) {
334 r = journal_file_rotate(&s->runtime_journal);
336 if (s->runtime_journal)
337 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
339 log_error("Failed to create new runtime journal: %s", strerror(-r));
341 server_fix_perms(s, s->runtime_journal, 0);
344 if (s->system_journal) {
345 r = journal_file_rotate(&s->system_journal);
347 if (s->system_journal)
348 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
350 log_error("Failed to create new system journal: %s", strerror(-r));
353 server_fix_perms(s, s->system_journal, 0);
356 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
357 r = journal_file_rotate(&f);
360 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
362 log_error("Failed to create user journal: %s", strerror(-r));
364 hashmap_replace(s->user_journals, k, f);
365 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
370 static void server_vacuum(Server *s) {
376 log_info("Vacuuming...");
378 r = sd_id128_get_machine(&machine);
380 log_error("Failed to get machine ID: %s", strerror(-r));
384 sd_id128_to_string(machine, ids);
386 if (s->system_journal) {
387 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
388 log_error("Out of memory.");
392 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
393 if (r < 0 && r != -ENOENT)
394 log_error("Failed to vacuum %s: %s", p, strerror(-r));
399 if (s->runtime_journal) {
400 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
401 log_error("Out of memory.");
405 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
406 if (r < 0 && r != -ENOENT)
407 log_error("Failed to vacuum %s: %s", p, strerror(-r));
411 s->cached_available_space_timestamp = 0;
414 static char *shortened_cgroup_path(pid_t pid) {
416 char *process_path, *init_path, *path;
420 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
424 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
430 if (endswith(init_path, "/system"))
431 init_path[strlen(init_path) - 7] = 0;
432 else if (streq(init_path, "/"))
435 if (startswith(process_path, init_path)) {
438 p = strdup(process_path + strlen(init_path));
456 static void dispatch_message_real(
458 struct iovec *iovec, unsigned n, unsigned m,
461 const char *label, size_t label_len) {
463 char *pid = NULL, *uid = NULL, *gid = NULL,
464 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
465 *comm = NULL, *cmdline = NULL, *hostname = NULL,
466 *audit_session = NULL, *audit_loginuid = NULL,
467 *exe = NULL, *cgroup = NULL, *session = NULL,
468 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
474 uid_t loginuid = 0, realuid = 0;
476 bool vacuumed = false;
481 assert(n + N_IOVEC_META_FIELDS <= m);
489 realuid = ucred->uid;
491 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
492 IOVEC_SET_STRING(iovec[n++], pid);
494 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
495 IOVEC_SET_STRING(iovec[n++], uid);
497 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
498 IOVEC_SET_STRING(iovec[n++], gid);
500 r = get_process_comm(ucred->pid, &t);
502 comm = strappend("_COMM=", t);
506 IOVEC_SET_STRING(iovec[n++], comm);
509 r = get_process_exe(ucred->pid, &t);
511 exe = strappend("_EXE=", t);
515 IOVEC_SET_STRING(iovec[n++], exe);
518 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
520 cmdline = strappend("_CMDLINE=", t);
524 IOVEC_SET_STRING(iovec[n++], cmdline);
527 r = audit_session_from_pid(ucred->pid, &audit);
529 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
530 IOVEC_SET_STRING(iovec[n++], audit_session);
532 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
534 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
535 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
537 t = shortened_cgroup_path(ucred->pid);
539 cgroup = strappend("_SYSTEMD_CGROUP=", t);
543 IOVEC_SET_STRING(iovec[n++], cgroup);
547 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
548 session = strappend("_SYSTEMD_SESSION=", t);
552 IOVEC_SET_STRING(iovec[n++], session);
555 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
556 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
557 IOVEC_SET_STRING(iovec[n++], owner_uid);
560 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
561 unit = strappend("_SYSTEMD_UNIT=", t);
565 IOVEC_SET_STRING(iovec[n++], unit);
570 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
571 if (selinux_context) {
572 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
573 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
574 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
575 IOVEC_SET_STRING(iovec[n++], selinux_context);
578 security_context_t con;
580 if (getpidcon(ucred->pid, &con) >= 0) {
581 selinux_context = strappend("_SELINUX_CONTEXT=", con);
583 IOVEC_SET_STRING(iovec[n++], selinux_context);
592 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
593 (unsigned long long) timeval_load(tv)) >= 0)
594 IOVEC_SET_STRING(iovec[n++], source_time);
597 /* Note that strictly speaking storing the boot id here is
598 * redundant since the entry includes this in-line
599 * anyway. However, we need this indexed, too. */
600 r = sd_id128_get_boot(&id);
602 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
603 IOVEC_SET_STRING(iovec[n++], boot_id);
605 r = sd_id128_get_machine(&id);
607 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
608 IOVEC_SET_STRING(iovec[n++], machine_id);
610 t = gethostname_malloc();
612 hostname = strappend("_HOSTNAME=", t);
615 IOVEC_SET_STRING(iovec[n++], hostname);
620 server_flush_to_var(s);
623 f = find_journal(s, realuid == 0 ? 0 : loginuid);
625 log_warning("Dropping message, as we can't find a place to store the data.");
627 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
629 if ((r == -E2BIG || /* hit limit */
630 r == -EFBIG || /* hit fs limit */
631 r == -EDQUOT || /* quota hit */
632 r == -ENOSPC || /* disk full */
633 r == -EBADMSG || /* corrupted */
634 r == -ENODATA || /* truncated */
635 r == -EHOSTDOWN || /* other machine */
636 r == -EPROTONOSUPPORT) && /* unsupported feature */
640 log_info("Allocation limit reached, rotating.");
642 log_warning("Journal file corrupted, rotating.");
648 log_info("Retrying write.");
653 log_error("Failed to write entry, ignoring: %s", strerror(-r));
667 free(audit_loginuid);
672 free(selinux_context);
675 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
676 char mid[11 + 32 + 1];
677 char buffer[16 + LINE_MAX + 1];
678 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
686 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
687 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
689 memcpy(buffer, "MESSAGE=", 8);
690 va_start(ap, format);
691 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
693 char_array_0(buffer);
694 IOVEC_SET_STRING(iovec[n++], buffer);
696 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
698 IOVEC_SET_STRING(iovec[n++], mid);
701 ucred.pid = getpid();
702 ucred.uid = getuid();
703 ucred.gid = getgid();
705 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0);
708 static void dispatch_message(Server *s,
709 struct iovec *iovec, unsigned n, unsigned m,
712 const char *label, size_t label_len,
715 char *path = NULL, *c;
718 assert(iovec || n == 0);
723 if (LOG_PRI(priority) > s->max_level_store)
729 path = shortened_cgroup_path(ucred->pid);
733 /* example: /user/lennart/3/foobar
734 * /system/dbus.service/foobar
736 * So let's cut of everything past the third /, since that is
737 * wher user directories start */
739 c = strchr(path, '/');
741 c = strchr(c+1, '/');
743 c = strchr(c+1, '/');
749 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
756 /* Write a suppression message if we suppressed something */
758 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
763 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len);
766 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
767 struct msghdr msghdr;
768 struct cmsghdr *cmsg;
770 struct cmsghdr cmsghdr;
771 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
773 union sockaddr_union sa;
780 msghdr.msg_iov = (struct iovec*) iovec;
781 msghdr.msg_iovlen = n_iovec;
784 sa.un.sun_family = AF_UNIX;
785 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
786 msghdr.msg_name = &sa;
787 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
791 msghdr.msg_control = &control;
792 msghdr.msg_controllen = sizeof(control);
794 cmsg = CMSG_FIRSTHDR(&msghdr);
795 cmsg->cmsg_level = SOL_SOCKET;
796 cmsg->cmsg_type = SCM_CREDENTIALS;
797 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
798 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
799 msghdr.msg_controllen = cmsg->cmsg_len;
802 /* Forward the syslog message we received via /dev/log to
803 * /run/systemd/syslog. Unfortunately we currently can't set
804 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
806 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
809 /* The socket is full? I guess the syslog implementation is
810 * too slow, and we shouldn't wait for that... */
814 if (ucred && errno == ESRCH) {
817 /* Hmm, presumably the sender process vanished
818 * by now, so let's fix it as good as we
823 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
825 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
832 log_debug("Failed to forward syslog message: %m");
835 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
841 if (LOG_PRI(priority) > s->max_level_syslog)
844 IOVEC_SET_STRING(iovec, buffer);
845 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
848 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
849 struct iovec iovec[5];
850 char header_priority[6], header_time[64], header_pid[16];
854 char *ident_buf = NULL;
857 assert(priority >= 0);
858 assert(priority <= 999);
861 if (LOG_PRI(priority) > s->max_level_syslog)
864 /* First: priority field */
865 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
866 char_array_0(header_priority);
867 IOVEC_SET_STRING(iovec[n++], header_priority);
869 /* Second: timestamp */
870 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
874 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
876 IOVEC_SET_STRING(iovec[n++], header_time);
878 /* Third: identifier and PID */
881 get_process_comm(ucred->pid, &ident_buf);
882 identifier = ident_buf;
885 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
886 char_array_0(header_pid);
889 IOVEC_SET_STRING(iovec[n++], identifier);
891 IOVEC_SET_STRING(iovec[n++], header_pid);
892 } else if (identifier) {
893 IOVEC_SET_STRING(iovec[n++], identifier);
894 IOVEC_SET_STRING(iovec[n++], ": ");
897 /* Fourth: message */
898 IOVEC_SET_STRING(iovec[n++], message);
900 forward_syslog_iovec(s, iovec, n, ucred, tv);
905 static int fixup_priority(int priority) {
907 if ((priority & LOG_FACMASK) == 0)
908 return (priority & LOG_PRIMASK) | LOG_USER;
913 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
914 struct iovec iovec[5];
915 char header_priority[6], header_pid[16];
917 char *ident_buf = NULL;
921 assert(priority >= 0);
922 assert(priority <= 999);
925 if (LOG_PRI(priority) > s->max_level_kmsg)
928 /* Never allow messages with kernel facility to be written to
929 * kmsg, regardless where the data comes from. */
930 priority = fixup_priority(priority);
932 /* First: priority field */
933 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
934 char_array_0(header_priority);
935 IOVEC_SET_STRING(iovec[n++], header_priority);
937 /* Second: identifier and PID */
940 get_process_comm(ucred->pid, &ident_buf);
941 identifier = ident_buf;
944 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
945 char_array_0(header_pid);
948 IOVEC_SET_STRING(iovec[n++], identifier);
950 IOVEC_SET_STRING(iovec[n++], header_pid);
951 } else if (identifier) {
952 IOVEC_SET_STRING(iovec[n++], identifier);
953 IOVEC_SET_STRING(iovec[n++], ": ");
956 /* Fourth: message */
957 IOVEC_SET_STRING(iovec[n++], message);
958 IOVEC_SET_STRING(iovec[n++], "\n");
960 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
962 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
966 if (writev(fd, iovec, n) < 0)
967 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
969 close_nointr_nofail(fd);
975 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
976 struct iovec iovec[4];
979 char *ident_buf = NULL;
985 if (LOG_PRI(priority) > s->max_level_console)
988 /* First: identifier and PID */
991 get_process_comm(ucred->pid, &ident_buf);
992 identifier = ident_buf;
995 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
996 char_array_0(header_pid);
999 IOVEC_SET_STRING(iovec[n++], identifier);
1001 IOVEC_SET_STRING(iovec[n++], header_pid);
1002 } else if (identifier) {
1003 IOVEC_SET_STRING(iovec[n++], identifier);
1004 IOVEC_SET_STRING(iovec[n++], ": ");
1007 /* Third: message */
1008 IOVEC_SET_STRING(iovec[n++], message);
1009 IOVEC_SET_STRING(iovec[n++], "\n");
1011 tty = s->tty_path ? s->tty_path : "/dev/console";
1013 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1015 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1019 if (writev(fd, iovec, n) < 0)
1020 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1022 close_nointr_nofail(fd);
1028 static void read_identifier(const char **buf, char **identifier, char **pid) {
1039 p += strspn(p, WHITESPACE);
1040 l = strcspn(p, WHITESPACE);
1049 if (p[l-1] == ']') {
1055 t = strndup(p+k+1, l-k-2);
1075 *buf += strspn(*buf, WHITESPACE);
1078 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1079 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1080 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1082 int priority = LOG_USER | LOG_INFO;
1083 char *identifier = NULL, *pid = NULL;
1090 parse_syslog_priority((char**) &buf, &priority);
1092 if (s->forward_to_syslog)
1093 forward_syslog_raw(s, priority, orig, ucred, tv);
1095 skip_syslog_date((char**) &buf);
1096 read_identifier(&buf, &identifier, &pid);
1098 if (s->forward_to_kmsg)
1099 forward_kmsg(s, priority, identifier, buf, ucred);
1101 if (s->forward_to_console)
1102 forward_console(s, priority, identifier, buf, ucred);
1104 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1106 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1107 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1109 if (priority & LOG_FACMASK)
1110 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1111 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1114 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1115 if (syslog_identifier)
1116 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1120 syslog_pid = strappend("SYSLOG_PID=", pid);
1122 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1125 message = strappend("MESSAGE=", buf);
1127 IOVEC_SET_STRING(iovec[n++], message);
1129 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, priority);
1134 free(syslog_priority);
1135 free(syslog_facility);
1136 free(syslog_identifier);
1139 static bool valid_user_field(const char *p, size_t l) {
1142 /* We kinda enforce POSIX syntax recommendations for
1143 environment variables here, but make a couple of additional
1146 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1148 /* No empty field names */
1152 /* Don't allow names longer than 64 chars */
1156 /* Variables starting with an underscore are protected */
1160 /* Don't allow digits as first character */
1161 if (p[0] >= '0' && p[0] <= '9')
1164 /* Only allow A-Z0-9 and '_' */
1165 for (a = p; a < p + l; a++)
1166 if (!((*a >= 'A' && *a <= 'Z') ||
1167 (*a >= '0' && *a <= '9') ||
1174 static void process_native_message(
1176 const void *buffer, size_t buffer_size,
1177 struct ucred *ucred,
1179 const char *label, size_t label_len) {
1181 struct iovec *iovec = NULL;
1182 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1185 int priority = LOG_INFO;
1186 char *identifier = NULL, *message = NULL;
1189 assert(buffer || buffer_size == 0);
1192 remaining = buffer_size;
1194 while (remaining > 0) {
1197 e = memchr(p, '\n', remaining);
1200 /* Trailing noise, let's ignore it, and flush what we collected */
1201 log_debug("Received message with trailing noise, ignoring.");
1206 /* Entry separator */
1207 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1209 priority = LOG_INFO;
1216 if (*p == '.' || *p == '#') {
1217 /* Ignore control commands for now, and
1219 remaining -= (e - p) + 1;
1224 /* A property follows */
1226 if (n+N_IOVEC_META_FIELDS >= m) {
1230 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1231 c = realloc(iovec, u * sizeof(struct iovec));
1233 log_error("Out of memory");
1241 q = memchr(p, '=', e - p);
1243 if (valid_user_field(p, q - p)) {
1248 /* If the field name starts with an
1249 * underscore, skip the variable,
1250 * since that indidates a trusted
1252 iovec[n].iov_base = (char*) p;
1253 iovec[n].iov_len = l;
1256 /* We need to determine the priority
1257 * of this entry for the rate limiting
1260 memcmp(p, "PRIORITY=", 9) == 0 &&
1261 p[9] >= '0' && p[9] <= '9')
1262 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1265 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1266 p[16] >= '0' && p[16] <= '9')
1267 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1270 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1271 p[16] >= '0' && p[16] <= '9' &&
1272 p[17] >= '0' && p[17] <= '9')
1273 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1276 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1279 t = strndup(p + 18, l - 18);
1284 } else if (l >= 8 &&
1285 memcmp(p, "MESSAGE=", 8) == 0) {
1288 t = strndup(p + 8, l - 8);
1296 remaining -= (e - p) + 1;
1304 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1305 log_debug("Failed to parse message, ignoring.");
1309 memcpy(&l_le, e + 1, sizeof(uint64_t));
1312 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1313 e[1+sizeof(uint64_t)+l] != '\n') {
1314 log_debug("Failed to parse message, ignoring.");
1318 k = malloc((e - p) + 1 + l);
1320 log_error("Out of memory");
1324 memcpy(k, p, e - p);
1326 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1328 if (valid_user_field(p, e - p)) {
1329 iovec[n].iov_base = k;
1330 iovec[n].iov_len = (e - p) + 1 + l;
1335 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1336 p = e + 1 + sizeof(uint64_t) + l + 1;
1344 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1347 if (s->forward_to_syslog)
1348 forward_syslog(s, priority, identifier, message, ucred, tv);
1350 if (s->forward_to_kmsg)
1351 forward_kmsg(s, priority, identifier, message, ucred);
1353 if (s->forward_to_console)
1354 forward_console(s, priority, identifier, message, ucred);
1357 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1360 for (j = 0; j < n; j++) {
1364 if (iovec[j].iov_base < buffer ||
1365 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1366 free(iovec[j].iov_base);
1374 static void process_native_file(
1377 struct ucred *ucred,
1379 const char *label, size_t label_len) {
1388 /* Data is in the passed file, since it didn't fit in a
1389 * datagram. We can't map the file here, since clients might
1390 * then truncate it and trigger a SIGBUS for us. So let's
1391 * stupidly read it */
1393 if (fstat(fd, &st) < 0) {
1394 log_error("Failed to stat passed file, ignoring: %m");
1398 if (!S_ISREG(st.st_mode)) {
1399 log_error("File passed is not regular. Ignoring.");
1403 if (st.st_size <= 0)
1406 if (st.st_size > ENTRY_SIZE_MAX) {
1407 log_error("File passed too large. Ignoring.");
1411 p = malloc(st.st_size);
1413 log_error("Out of memory");
1417 n = pread(fd, p, st.st_size, 0);
1419 log_error("Failed to read file, ignoring: %s", strerror(-n));
1421 process_native_message(s, p, n, ucred, tv, label, label_len);
1426 static int stdout_stream_log(StdoutStream *s, const char *p) {
1427 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1428 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1432 size_t label_len = 0;
1440 priority = s->priority;
1442 if (s->level_prefix)
1443 parse_syslog_priority((char**) &p, &priority);
1445 if (s->forward_to_syslog || s->server->forward_to_syslog)
1446 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1448 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1449 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1451 if (s->forward_to_console || s->server->forward_to_console)
1452 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1454 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1456 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1457 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1459 if (priority & LOG_FACMASK)
1460 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1461 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1463 if (s->identifier) {
1464 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1465 if (syslog_identifier)
1466 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1469 message = strappend("MESSAGE=", p);
1471 IOVEC_SET_STRING(iovec[n++], message);
1474 if (s->security_context) {
1475 label = (char*) s->security_context;
1476 label_len = strlen((char*) s->security_context);
1480 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, priority);
1483 free(syslog_priority);
1484 free(syslog_facility);
1485 free(syslog_identifier);
1490 static int stdout_stream_line(StdoutStream *s, char *p) {
1500 case STDOUT_STREAM_IDENTIFIER:
1502 s->identifier = NULL;
1504 s->identifier = strdup(p);
1505 if (!s->identifier) {
1506 log_error("Out of memory");
1511 s->state = STDOUT_STREAM_PRIORITY;
1514 case STDOUT_STREAM_PRIORITY:
1515 r = safe_atoi(p, &s->priority);
1516 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1517 log_warning("Failed to parse log priority line.");
1521 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1524 case STDOUT_STREAM_LEVEL_PREFIX:
1525 r = parse_boolean(p);
1527 log_warning("Failed to parse level prefix line.");
1531 s->level_prefix = !!r;
1532 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1535 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1536 r = parse_boolean(p);
1538 log_warning("Failed to parse forward to syslog line.");
1542 s->forward_to_syslog = !!r;
1543 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1546 case STDOUT_STREAM_FORWARD_TO_KMSG:
1547 r = parse_boolean(p);
1549 log_warning("Failed to parse copy to kmsg line.");
1553 s->forward_to_kmsg = !!r;
1554 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1557 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1558 r = parse_boolean(p);
1560 log_warning("Failed to parse copy to console line.");
1564 s->forward_to_console = !!r;
1565 s->state = STDOUT_STREAM_RUNNING;
1568 case STDOUT_STREAM_RUNNING:
1569 return stdout_stream_log(s, p);
1572 assert_not_reached("Unknown stream state");
1575 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1583 remaining = s->length;
1588 end = memchr(p, '\n', remaining);
1591 else if (remaining >= sizeof(s->buffer) - 1) {
1592 end = p + sizeof(s->buffer) - 1;
1599 r = stdout_stream_line(s, p);
1607 if (force_flush && remaining > 0) {
1609 r = stdout_stream_line(s, p);
1617 if (p > s->buffer) {
1618 memmove(s->buffer, p, remaining);
1619 s->length = remaining;
1625 static int stdout_stream_process(StdoutStream *s) {
1631 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1634 if (errno == EAGAIN)
1637 log_warning("Failed to read from stream: %m");
1642 r = stdout_stream_scan(s, true);
1650 r = stdout_stream_scan(s, false);
1658 static void stdout_stream_free(StdoutStream *s) {
1662 assert(s->server->n_stdout_streams > 0);
1663 s->server->n_stdout_streams --;
1664 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1669 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1671 close_nointr_nofail(s->fd);
1675 if (s->security_context)
1676 freecon(s->security_context);
1679 free(s->identifier);
1683 static int stdout_stream_new(Server *s) {
1684 StdoutStream *stream;
1687 struct epoll_event ev;
1691 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1693 if (errno == EAGAIN)
1696 log_error("Failed to accept stdout connection: %m");
1700 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1701 log_warning("Too many stdout streams, refusing connection.");
1702 close_nointr_nofail(fd);
1706 stream = new0(StdoutStream, 1);
1708 log_error("Out of memory.");
1709 close_nointr_nofail(fd);
1715 len = sizeof(stream->ucred);
1716 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1717 log_error("Failed to determine peer credentials: %m");
1723 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1724 log_error("Failed to determine peer security context: %m");
1727 if (shutdown(fd, SHUT_WR) < 0) {
1728 log_error("Failed to shutdown writing side of socket: %m");
1734 ev.data.ptr = stream;
1735 ev.events = EPOLLIN;
1736 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1737 log_error("Failed to add stream to event loop: %m");
1743 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1744 s->n_stdout_streams ++;
1749 stdout_stream_free(stream);
1753 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1764 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1769 for (i = 1; i <= 5; i++) {
1775 k = undecchar(p[i]);
1782 for (i = 7; i <= 12; i++) {
1785 k = undecchar(p[i]);
1794 *_p += strspn(*_p, WHITESPACE);
1799 static bool is_us(const char *pid) {
1804 if (parse_pid(pid, &t) < 0)
1807 return t == getpid();
1810 static void proc_kmsg_line(Server *s, const char *p) {
1811 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1812 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1813 int priority = LOG_KERN | LOG_INFO;
1816 char *identifier = NULL, *pid = NULL;
1824 parse_syslog_priority((char **) &p, &priority);
1826 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1829 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1830 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1831 (unsigned long long) usec) >= 0)
1832 IOVEC_SET_STRING(iovec[n++], source_time);
1835 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1837 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1838 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1840 if ((priority & LOG_FACMASK) == LOG_KERN) {
1842 if (s->forward_to_syslog)
1843 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1845 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1847 read_identifier(&p, &identifier, &pid);
1849 /* Avoid any messages we generated ourselves via
1850 * log_info() and friends. */
1851 if (pid && is_us(pid))
1854 if (s->forward_to_syslog)
1855 forward_syslog(s, priority, identifier, p, NULL, NULL);
1858 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1859 if (syslog_identifier)
1860 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1864 syslog_pid = strappend("SYSLOG_PID=", pid);
1866 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1869 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1870 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1873 message = strappend("MESSAGE=", p);
1875 IOVEC_SET_STRING(iovec[n++], message);
1877 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
1881 free(syslog_priority);
1882 free(syslog_identifier);
1884 free(syslog_facility);
1890 static void proc_kmsg_scan(Server *s) {
1896 p = s->proc_kmsg_buffer;
1897 remaining = s->proc_kmsg_length;
1902 end = memchr(p, '\n', remaining);
1905 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1906 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1913 proc_kmsg_line(s, p);
1919 if (p > s->proc_kmsg_buffer) {
1920 memmove(s->proc_kmsg_buffer, p, remaining);
1921 s->proc_kmsg_length = remaining;
1925 static int system_journal_open(Server *s) {
1931 r = sd_id128_get_machine(&machine);
1935 sd_id128_to_string(machine, ids);
1937 if (!s->system_journal) {
1939 /* First try to create the machine path, but not the prefix */
1940 fn = strappend("/var/log/journal/", ids);
1943 (void) mkdir(fn, 0755);
1946 /* The create the system journal file */
1947 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1951 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1955 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1957 s->system_journal->metrics = s->system_metrics;
1958 s->system_journal->compress = s->compress;
1960 server_fix_perms(s, s->system_journal, 0);
1963 if (r != -ENOENT && r != -EROFS)
1964 log_warning("Failed to open system journal: %s", strerror(-r));
1970 if (!s->runtime_journal) {
1972 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1976 if (s->system_journal) {
1978 /* Try to open the runtime journal, but only
1979 * if it already exists, so that we can flush
1980 * it into the system journal */
1982 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
1987 log_warning("Failed to open runtime journal: %s", strerror(-r));
1994 /* OK, we really need the runtime journal, so create
1995 * it if necessary. */
1997 (void) mkdir_parents_label(fn, 0755);
1998 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2002 log_error("Failed to open runtime journal: %s", strerror(-r));
2007 if (s->runtime_journal) {
2008 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2010 s->runtime_journal->metrics = s->runtime_metrics;
2011 s->runtime_journal->compress = s->compress;
2013 server_fix_perms(s, s->runtime_journal, 0);
2020 static int server_flush_to_var(Server *s) {
2021 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2030 if (!s->runtime_journal)
2033 ts = now(CLOCK_MONOTONIC);
2034 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2037 s->var_available_timestamp = ts;
2039 system_journal_open(s);
2041 if (!s->system_journal)
2044 log_info("Flushing to /var...");
2046 r = sd_id128_get_machine(&machine);
2048 log_error("Failed to get machine id: %s", strerror(-r));
2052 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2054 log_error("Failed to read runtime journal: %s", strerror(-r));
2058 SD_JOURNAL_FOREACH(j) {
2061 f = j->current_file;
2062 assert(f && f->current_offset > 0);
2064 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2066 log_error("Can't read entry: %s", strerror(-r));
2070 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2072 log_info("Allocation limit reached.");
2074 journal_file_post_change(s->system_journal);
2078 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2082 log_error("Can't write entry: %s", strerror(-r));
2088 journal_file_post_change(s->system_journal);
2090 journal_file_close(s->runtime_journal);
2091 s->runtime_journal = NULL;
2094 sd_id128_to_string(machine, path + 17);
2095 rm_rf(path, false, true, false);
2101 static int server_read_proc_kmsg(Server *s) {
2104 assert(s->proc_kmsg_fd >= 0);
2106 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2109 if (errno == EAGAIN || errno == EINTR)
2112 log_error("Failed to read from kernel: %m");
2116 s->proc_kmsg_length += l;
2122 static int server_flush_proc_kmsg(Server *s) {
2127 if (s->proc_kmsg_fd < 0)
2130 log_info("Flushing /proc/kmsg...");
2133 r = server_read_proc_kmsg(s);
2144 static int process_event(Server *s, struct epoll_event *ev) {
2148 if (ev->data.fd == s->signal_fd) {
2149 struct signalfd_siginfo sfsi;
2152 if (ev->events != EPOLLIN) {
2153 log_info("Got invalid event from epoll.");
2157 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2158 if (n != sizeof(sfsi)) {
2163 if (errno == EINTR || errno == EAGAIN)
2169 if (sfsi.ssi_signo == SIGUSR1) {
2170 server_flush_to_var(s);
2174 if (sfsi.ssi_signo == SIGUSR2) {
2180 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2183 } else if (ev->data.fd == s->proc_kmsg_fd) {
2186 if (ev->events != EPOLLIN) {
2187 log_info("Got invalid event from epoll.");
2191 r = server_read_proc_kmsg(s);
2197 } else if (ev->data.fd == s->native_fd ||
2198 ev->data.fd == s->syslog_fd) {
2200 if (ev->events != EPOLLIN) {
2201 log_info("Got invalid event from epoll.");
2206 struct msghdr msghdr;
2208 struct ucred *ucred = NULL;
2209 struct timeval *tv = NULL;
2210 struct cmsghdr *cmsg;
2212 size_t label_len = 0;
2214 struct cmsghdr cmsghdr;
2216 /* We use NAME_MAX space for the
2217 * SELinux label here. The kernel
2218 * currently enforces no limit, but
2219 * according to suggestions from the
2220 * SELinux people this will change and
2221 * it will probably be identical to
2222 * NAME_MAX. For now we use that, but
2223 * this should be updated one day when
2224 * the final limit is known.*/
2225 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2226 CMSG_SPACE(sizeof(struct timeval)) +
2227 CMSG_SPACE(sizeof(int)) + /* fd */
2228 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2235 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2236 log_error("SIOCINQ failed: %m");
2240 if (s->buffer_size < (size_t) v) {
2244 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2245 b = realloc(s->buffer, l+1);
2248 log_error("Couldn't increase buffer.");
2257 iovec.iov_base = s->buffer;
2258 iovec.iov_len = s->buffer_size;
2262 msghdr.msg_iov = &iovec;
2263 msghdr.msg_iovlen = 1;
2264 msghdr.msg_control = &control;
2265 msghdr.msg_controllen = sizeof(control);
2267 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2270 if (errno == EINTR || errno == EAGAIN)
2273 log_error("recvmsg() failed: %m");
2277 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2279 if (cmsg->cmsg_level == SOL_SOCKET &&
2280 cmsg->cmsg_type == SCM_CREDENTIALS &&
2281 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2282 ucred = (struct ucred*) CMSG_DATA(cmsg);
2283 else if (cmsg->cmsg_level == SOL_SOCKET &&
2284 cmsg->cmsg_type == SCM_SECURITY) {
2285 label = (char*) CMSG_DATA(cmsg);
2286 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2287 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2288 cmsg->cmsg_type == SO_TIMESTAMP &&
2289 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2290 tv = (struct timeval*) CMSG_DATA(cmsg);
2291 else if (cmsg->cmsg_level == SOL_SOCKET &&
2292 cmsg->cmsg_type == SCM_RIGHTS) {
2293 fds = (int*) CMSG_DATA(cmsg);
2294 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2298 if (ev->data.fd == s->syslog_fd) {
2301 if (n > 0 && n_fds == 0) {
2302 e = memchr(s->buffer, '\n', n);
2308 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2309 } else if (n_fds > 0)
2310 log_warning("Got file descriptors via syslog socket. Ignoring.");
2313 if (n > 0 && n_fds == 0)
2314 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2315 else if (n == 0 && n_fds == 1)
2316 process_native_file(s, fds[0], ucred, tv, label, label_len);
2318 log_warning("Got too many file descriptors via native socket. Ignoring.");
2321 close_many(fds, n_fds);
2326 } else if (ev->data.fd == s->stdout_fd) {
2328 if (ev->events != EPOLLIN) {
2329 log_info("Got invalid event from epoll.");
2333 stdout_stream_new(s);
2337 StdoutStream *stream;
2339 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2340 log_info("Got invalid event from epoll.");
2344 /* If it is none of the well-known fds, it must be an
2345 * stdout stream fd. Note that this is a bit ugly here
2346 * (since we rely that none of the well-known fds
2347 * could be interpreted as pointer), but nonetheless
2348 * safe, since the well-known fds would never get an
2349 * fd > 4096, i.e. beyond the first memory page */
2351 stream = ev->data.ptr;
2353 if (stdout_stream_process(stream) <= 0)
2354 stdout_stream_free(stream);
2359 log_error("Unknown event.");
2363 static int open_syslog_socket(Server *s) {
2364 union sockaddr_union sa;
2366 struct epoll_event ev;
2370 if (s->syslog_fd < 0) {
2372 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2373 if (s->syslog_fd < 0) {
2374 log_error("socket() failed: %m");
2379 sa.un.sun_family = AF_UNIX;
2380 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2382 unlink(sa.un.sun_path);
2384 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2386 log_error("bind() failed: %m");
2390 chmod(sa.un.sun_path, 0666);
2392 fd_nonblock(s->syslog_fd, 1);
2395 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2397 log_error("SO_PASSCRED failed: %m");
2403 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2405 log_warning("SO_PASSSEC failed: %m");
2409 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2411 log_error("SO_TIMESTAMP failed: %m");
2416 ev.events = EPOLLIN;
2417 ev.data.fd = s->syslog_fd;
2418 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2419 log_error("Failed to add syslog server fd to epoll object: %m");
2426 static int open_native_socket(Server*s) {
2427 union sockaddr_union sa;
2429 struct epoll_event ev;
2433 if (s->native_fd < 0) {
2435 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2436 if (s->native_fd < 0) {
2437 log_error("socket() failed: %m");
2442 sa.un.sun_family = AF_UNIX;
2443 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2445 unlink(sa.un.sun_path);
2447 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2449 log_error("bind() failed: %m");
2453 chmod(sa.un.sun_path, 0666);
2455 fd_nonblock(s->native_fd, 1);
2458 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2460 log_error("SO_PASSCRED failed: %m");
2466 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2468 log_warning("SO_PASSSEC failed: %m");
2472 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2474 log_error("SO_TIMESTAMP failed: %m");
2479 ev.events = EPOLLIN;
2480 ev.data.fd = s->native_fd;
2481 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2482 log_error("Failed to add native server fd to epoll object: %m");
2489 static int open_stdout_socket(Server *s) {
2490 union sockaddr_union sa;
2492 struct epoll_event ev;
2496 if (s->stdout_fd < 0) {
2498 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2499 if (s->stdout_fd < 0) {
2500 log_error("socket() failed: %m");
2505 sa.un.sun_family = AF_UNIX;
2506 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2508 unlink(sa.un.sun_path);
2510 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2512 log_error("bind() failed: %m");
2516 chmod(sa.un.sun_path, 0666);
2518 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2519 log_error("liste() failed: %m");
2523 fd_nonblock(s->stdout_fd, 1);
2526 ev.events = EPOLLIN;
2527 ev.data.fd = s->stdout_fd;
2528 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2529 log_error("Failed to add stdout server fd to epoll object: %m");
2536 static int open_proc_kmsg(Server *s) {
2537 struct epoll_event ev;
2541 if (!s->import_proc_kmsg)
2544 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2545 if (s->proc_kmsg_fd < 0) {
2546 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2551 ev.events = EPOLLIN;
2552 ev.data.fd = s->proc_kmsg_fd;
2553 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2554 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2561 static int open_signalfd(Server *s) {
2563 struct epoll_event ev;
2567 assert_se(sigemptyset(&mask) == 0);
2568 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2569 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2571 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2572 if (s->signal_fd < 0) {
2573 log_error("signalfd(): %m");
2578 ev.events = EPOLLIN;
2579 ev.data.fd = s->signal_fd;
2581 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2582 log_error("epoll_ctl(): %m");
2589 static int server_parse_proc_cmdline(Server *s) {
2590 char *line, *w, *state;
2594 if (detect_container(NULL) > 0)
2597 r = read_one_line_file("/proc/cmdline", &line);
2599 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2603 FOREACH_WORD_QUOTED(w, l, line, state) {
2606 word = strndup(w, l);
2612 if (startswith(word, "systemd_journald.forward_to_syslog=")) {
2613 r = parse_boolean(word + 35);
2615 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2617 s->forward_to_syslog = r;
2618 } else if (startswith(word, "systemd_journald.forward_to_kmsg=")) {
2619 r = parse_boolean(word + 33);
2621 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2623 s->forward_to_kmsg = r;
2624 } else if (startswith(word, "systemd_journald.forward_to_console=")) {
2625 r = parse_boolean(word + 36);
2627 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2629 s->forward_to_console = r;
2642 static int server_parse_config_file(Server *s) {
2649 fn = "/etc/systemd/journald.conf";
2650 f = fopen(fn, "re");
2652 if (errno == ENOENT)
2655 log_warning("Failed to open configuration file %s: %m", fn);
2659 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2661 log_warning("Failed to parse configuration file: %s", strerror(-r));
2668 static int server_init(Server *s) {
2674 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2677 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2678 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2680 s->forward_to_syslog = true;
2681 s->import_proc_kmsg = true;
2683 s->max_level_store = LOG_DEBUG;
2684 s->max_level_syslog = LOG_DEBUG;
2685 s->max_level_kmsg = LOG_NOTICE;
2686 s->max_level_console = LOG_INFO;
2688 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2689 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2691 server_parse_config_file(s);
2692 server_parse_proc_cmdline(s);
2694 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2695 if (!s->user_journals) {
2696 log_error("Out of memory.");
2700 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2701 if (s->epoll_fd < 0) {
2702 log_error("Failed to create epoll object: %m");
2706 n = sd_listen_fds(true);
2708 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2712 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2714 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2716 if (s->native_fd >= 0) {
2717 log_error("Too many native sockets passed.");
2723 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2725 if (s->stdout_fd >= 0) {
2726 log_error("Too many stdout sockets passed.");
2732 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2734 if (s->syslog_fd >= 0) {
2735 log_error("Too many /dev/log sockets passed.");
2742 log_error("Unknown socket passed.");
2747 r = open_syslog_socket(s);
2751 r = open_native_socket(s);
2755 r = open_stdout_socket(s);
2759 r = open_proc_kmsg(s);
2763 r = open_signalfd(s);
2767 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2771 r = system_journal_open(s);
2778 static void server_done(Server *s) {
2782 while (s->stdout_streams)
2783 stdout_stream_free(s->stdout_streams);
2785 if (s->system_journal)
2786 journal_file_close(s->system_journal);
2788 if (s->runtime_journal)
2789 journal_file_close(s->runtime_journal);
2791 while ((f = hashmap_steal_first(s->user_journals)))
2792 journal_file_close(f);
2794 hashmap_free(s->user_journals);
2796 if (s->epoll_fd >= 0)
2797 close_nointr_nofail(s->epoll_fd);
2799 if (s->signal_fd >= 0)
2800 close_nointr_nofail(s->signal_fd);
2802 if (s->syslog_fd >= 0)
2803 close_nointr_nofail(s->syslog_fd);
2805 if (s->native_fd >= 0)
2806 close_nointr_nofail(s->native_fd);
2808 if (s->stdout_fd >= 0)
2809 close_nointr_nofail(s->stdout_fd);
2811 if (s->proc_kmsg_fd >= 0)
2812 close_nointr_nofail(s->proc_kmsg_fd);
2815 journal_rate_limit_free(s->rate_limit);
2821 int main(int argc, char *argv[]) {
2825 /* if (getppid() != 1) { */
2826 /* log_error("This program should be invoked by init only."); */
2827 /* return EXIT_FAILURE; */
2831 log_error("This program does not take arguments.");
2832 return EXIT_FAILURE;
2835 log_set_target(LOG_TARGET_SAFE);
2836 log_set_facility(LOG_SYSLOG);
2837 log_parse_environment();
2842 r = server_init(&server);
2846 server_vacuum(&server);
2847 server_flush_to_var(&server);
2848 server_flush_proc_kmsg(&server);
2850 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2851 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2855 "STATUS=Processing requests...");
2858 struct epoll_event event;
2860 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2866 log_error("epoll_wait() failed: %m");
2872 r = process_event(&server, &event);
2879 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2880 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2884 "STATUS=Shutting down...");
2886 server_done(&server);
2888 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;