1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
482 f = find_journal(s, uid);
488 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
493 (r != -E2BIG && /* hit limit */
494 r != -EFBIG && /* hit fs limit */
495 r != -EDQUOT && /* quota hit */
496 r != -ENOSPC && /* disk full */
497 r != -EBADMSG && /* corrupted */
498 r != -ENODATA && /* truncated */
499 r != -EHOSTDOWN && /* other machine */
500 r != -EPROTONOSUPPORT && /* unsupported feature */
501 r != -EBUSY && /* unclean shutdown */
502 r != -ESHUTDOWN /* already archived */)) {
503 log_error("Failed to write entry, ignoring: %s", strerror(-r));
507 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
508 log_info("Allocation limit reached, rotating.");
509 else if (r == -EHOSTDOWN)
510 log_info("Journal file from other machine, rotating.");
511 else if (r == -EBUSY)
512 log_info("Unlcean shutdown, rotating.");
514 log_warning("Journal file corrupted, rotating.");
520 f = find_journal(s, uid);
524 log_info("Retrying write.");
528 static void dispatch_message_real(
530 struct iovec *iovec, unsigned n, unsigned m,
533 const char *label, size_t label_len,
534 const char *unit_id) {
536 char *pid = NULL, *uid = NULL, *gid = NULL,
537 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
538 *comm = NULL, *cmdline = NULL, *hostname = NULL,
539 *audit_session = NULL, *audit_loginuid = NULL,
540 *exe = NULL, *cgroup = NULL, *session = NULL,
541 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
547 uid_t loginuid = 0, realuid = 0;
552 assert(n + N_IOVEC_META_FIELDS <= m);
560 realuid = ucred->uid;
562 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
563 IOVEC_SET_STRING(iovec[n++], pid);
565 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
566 IOVEC_SET_STRING(iovec[n++], uid);
568 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
569 IOVEC_SET_STRING(iovec[n++], gid);
571 r = get_process_comm(ucred->pid, &t);
573 comm = strappend("_COMM=", t);
577 IOVEC_SET_STRING(iovec[n++], comm);
580 r = get_process_exe(ucred->pid, &t);
582 exe = strappend("_EXE=", t);
586 IOVEC_SET_STRING(iovec[n++], exe);
589 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
591 cmdline = strappend("_CMDLINE=", t);
595 IOVEC_SET_STRING(iovec[n++], cmdline);
598 r = audit_session_from_pid(ucred->pid, &audit);
600 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
601 IOVEC_SET_STRING(iovec[n++], audit_session);
603 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
605 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
606 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
608 t = shortened_cgroup_path(ucred->pid);
610 cgroup = strappend("_SYSTEMD_CGROUP=", t);
614 IOVEC_SET_STRING(iovec[n++], cgroup);
618 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
619 session = strappend("_SYSTEMD_SESSION=", t);
623 IOVEC_SET_STRING(iovec[n++], session);
626 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
627 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
628 IOVEC_SET_STRING(iovec[n++], owner_uid);
631 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
632 unit = strappend("_SYSTEMD_UNIT=", t);
635 unit = strappend("_SYSTEMD_UNIT=", unit_id);
638 IOVEC_SET_STRING(iovec[n++], unit);
642 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
643 if (selinux_context) {
644 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
645 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
646 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
647 IOVEC_SET_STRING(iovec[n++], selinux_context);
650 security_context_t con;
652 if (getpidcon(ucred->pid, &con) >= 0) {
653 selinux_context = strappend("_SELINUX_CONTEXT=", con);
655 IOVEC_SET_STRING(iovec[n++], selinux_context);
664 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
665 (unsigned long long) timeval_load(tv)) >= 0)
666 IOVEC_SET_STRING(iovec[n++], source_time);
669 /* Note that strictly speaking storing the boot id here is
670 * redundant since the entry includes this in-line
671 * anyway. However, we need this indexed, too. */
672 r = sd_id128_get_boot(&id);
674 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
675 IOVEC_SET_STRING(iovec[n++], boot_id);
677 r = sd_id128_get_machine(&id);
679 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
680 IOVEC_SET_STRING(iovec[n++], machine_id);
682 t = gethostname_malloc();
684 hostname = strappend("_HOSTNAME=", t);
687 IOVEC_SET_STRING(iovec[n++], hostname);
692 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
705 free(audit_loginuid);
710 free(selinux_context);
713 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
714 char mid[11 + 32 + 1];
715 char buffer[16 + LINE_MAX + 1];
716 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
724 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
725 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
727 memcpy(buffer, "MESSAGE=", 8);
728 va_start(ap, format);
729 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
731 char_array_0(buffer);
732 IOVEC_SET_STRING(iovec[n++], buffer);
734 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
736 IOVEC_SET_STRING(iovec[n++], mid);
739 ucred.pid = getpid();
740 ucred.uid = getuid();
741 ucred.gid = getgid();
743 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
746 static void dispatch_message(Server *s,
747 struct iovec *iovec, unsigned n, unsigned m,
750 const char *label, size_t label_len,
754 char *path = NULL, *c;
757 assert(iovec || n == 0);
762 if (LOG_PRI(priority) > s->max_level_store)
768 path = shortened_cgroup_path(ucred->pid);
772 /* example: /user/lennart/3/foobar
773 * /system/dbus.service/foobar
775 * So let's cut of everything past the third /, since that is
776 * wher user directories start */
778 c = strchr(path, '/');
780 c = strchr(c+1, '/');
782 c = strchr(c+1, '/');
788 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
795 /* Write a suppression message if we suppressed something */
797 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
802 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
805 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
806 struct msghdr msghdr;
807 struct cmsghdr *cmsg;
809 struct cmsghdr cmsghdr;
810 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
812 union sockaddr_union sa;
819 msghdr.msg_iov = (struct iovec*) iovec;
820 msghdr.msg_iovlen = n_iovec;
823 sa.un.sun_family = AF_UNIX;
824 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
825 msghdr.msg_name = &sa;
826 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
830 msghdr.msg_control = &control;
831 msghdr.msg_controllen = sizeof(control);
833 cmsg = CMSG_FIRSTHDR(&msghdr);
834 cmsg->cmsg_level = SOL_SOCKET;
835 cmsg->cmsg_type = SCM_CREDENTIALS;
836 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
837 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
838 msghdr.msg_controllen = cmsg->cmsg_len;
841 /* Forward the syslog message we received via /dev/log to
842 * /run/systemd/syslog. Unfortunately we currently can't set
843 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
845 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
848 /* The socket is full? I guess the syslog implementation is
849 * too slow, and we shouldn't wait for that... */
853 if (ucred && errno == ESRCH) {
856 /* Hmm, presumably the sender process vanished
857 * by now, so let's fix it as good as we
862 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
864 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
872 log_debug("Failed to forward syslog message: %m");
875 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
881 if (LOG_PRI(priority) > s->max_level_syslog)
884 IOVEC_SET_STRING(iovec, buffer);
885 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
888 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
889 struct iovec iovec[5];
890 char header_priority[6], header_time[64], header_pid[16];
894 char *ident_buf = NULL;
897 assert(priority >= 0);
898 assert(priority <= 999);
901 if (LOG_PRI(priority) > s->max_level_syslog)
904 /* First: priority field */
905 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
906 char_array_0(header_priority);
907 IOVEC_SET_STRING(iovec[n++], header_priority);
909 /* Second: timestamp */
910 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
914 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
916 IOVEC_SET_STRING(iovec[n++], header_time);
918 /* Third: identifier and PID */
921 get_process_comm(ucred->pid, &ident_buf);
922 identifier = ident_buf;
925 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
926 char_array_0(header_pid);
929 IOVEC_SET_STRING(iovec[n++], identifier);
931 IOVEC_SET_STRING(iovec[n++], header_pid);
932 } else if (identifier) {
933 IOVEC_SET_STRING(iovec[n++], identifier);
934 IOVEC_SET_STRING(iovec[n++], ": ");
937 /* Fourth: message */
938 IOVEC_SET_STRING(iovec[n++], message);
940 forward_syslog_iovec(s, iovec, n, ucred, tv);
945 static int fixup_priority(int priority) {
947 if ((priority & LOG_FACMASK) == 0)
948 return (priority & LOG_PRIMASK) | LOG_USER;
953 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
954 struct iovec iovec[5];
955 char header_priority[6], header_pid[16];
957 char *ident_buf = NULL;
961 assert(priority >= 0);
962 assert(priority <= 999);
965 if (LOG_PRI(priority) > s->max_level_kmsg)
968 /* Never allow messages with kernel facility to be written to
969 * kmsg, regardless where the data comes from. */
970 priority = fixup_priority(priority);
972 /* First: priority field */
973 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
974 char_array_0(header_priority);
975 IOVEC_SET_STRING(iovec[n++], header_priority);
977 /* Second: identifier and PID */
980 get_process_comm(ucred->pid, &ident_buf);
981 identifier = ident_buf;
984 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
985 char_array_0(header_pid);
988 IOVEC_SET_STRING(iovec[n++], identifier);
990 IOVEC_SET_STRING(iovec[n++], header_pid);
991 } else if (identifier) {
992 IOVEC_SET_STRING(iovec[n++], identifier);
993 IOVEC_SET_STRING(iovec[n++], ": ");
996 /* Fourth: message */
997 IOVEC_SET_STRING(iovec[n++], message);
998 IOVEC_SET_STRING(iovec[n++], "\n");
1000 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
1002 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
1006 if (writev(fd, iovec, n) < 0)
1007 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1009 close_nointr_nofail(fd);
1015 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1016 struct iovec iovec[4];
1017 char header_pid[16];
1019 char *ident_buf = NULL;
1025 if (LOG_PRI(priority) > s->max_level_console)
1028 /* First: identifier and PID */
1031 get_process_comm(ucred->pid, &ident_buf);
1032 identifier = ident_buf;
1035 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1036 char_array_0(header_pid);
1039 IOVEC_SET_STRING(iovec[n++], identifier);
1041 IOVEC_SET_STRING(iovec[n++], header_pid);
1042 } else if (identifier) {
1043 IOVEC_SET_STRING(iovec[n++], identifier);
1044 IOVEC_SET_STRING(iovec[n++], ": ");
1047 /* Third: message */
1048 IOVEC_SET_STRING(iovec[n++], message);
1049 IOVEC_SET_STRING(iovec[n++], "\n");
1051 tty = s->tty_path ? s->tty_path : "/dev/console";
1053 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1055 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1059 if (writev(fd, iovec, n) < 0)
1060 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1062 close_nointr_nofail(fd);
1068 static void read_identifier(const char **buf, char **identifier, char **pid) {
1079 p += strspn(p, WHITESPACE);
1080 l = strcspn(p, WHITESPACE);
1089 if (p[l-1] == ']') {
1095 t = strndup(p+k+1, l-k-2);
1115 *buf += strspn(*buf, WHITESPACE);
1118 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1119 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1120 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1122 int priority = LOG_USER | LOG_INFO;
1123 char *identifier = NULL, *pid = NULL;
1130 parse_syslog_priority((char**) &buf, &priority);
1132 if (s->forward_to_syslog)
1133 forward_syslog_raw(s, priority, orig, ucred, tv);
1135 skip_syslog_date((char**) &buf);
1136 read_identifier(&buf, &identifier, &pid);
1138 if (s->forward_to_kmsg)
1139 forward_kmsg(s, priority, identifier, buf, ucred);
1141 if (s->forward_to_console)
1142 forward_console(s, priority, identifier, buf, ucred);
1144 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1146 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1147 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1149 if (priority & LOG_FACMASK)
1150 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1151 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1154 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1155 if (syslog_identifier)
1156 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1160 syslog_pid = strappend("SYSLOG_PID=", pid);
1162 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1165 message = strappend("MESSAGE=", buf);
1167 IOVEC_SET_STRING(iovec[n++], message);
1169 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1174 free(syslog_priority);
1175 free(syslog_facility);
1176 free(syslog_identifier);
1179 static bool valid_user_field(const char *p, size_t l) {
1182 /* We kinda enforce POSIX syntax recommendations for
1183 environment variables here, but make a couple of additional
1186 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1188 /* No empty field names */
1192 /* Don't allow names longer than 64 chars */
1196 /* Variables starting with an underscore are protected */
1200 /* Don't allow digits as first character */
1201 if (p[0] >= '0' && p[0] <= '9')
1204 /* Only allow A-Z0-9 and '_' */
1205 for (a = p; a < p + l; a++)
1206 if (!((*a >= 'A' && *a <= 'Z') ||
1207 (*a >= '0' && *a <= '9') ||
1214 static void process_native_message(
1216 const void *buffer, size_t buffer_size,
1217 struct ucred *ucred,
1219 const char *label, size_t label_len) {
1221 struct iovec *iovec = NULL;
1222 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1225 int priority = LOG_INFO;
1226 char *identifier = NULL, *message = NULL;
1229 assert(buffer || buffer_size == 0);
1232 remaining = buffer_size;
1234 while (remaining > 0) {
1237 e = memchr(p, '\n', remaining);
1240 /* Trailing noise, let's ignore it, and flush what we collected */
1241 log_debug("Received message with trailing noise, ignoring.");
1246 /* Entry separator */
1247 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1249 priority = LOG_INFO;
1256 if (*p == '.' || *p == '#') {
1257 /* Ignore control commands for now, and
1259 remaining -= (e - p) + 1;
1264 /* A property follows */
1266 if (n+N_IOVEC_META_FIELDS >= m) {
1270 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1271 c = realloc(iovec, u * sizeof(struct iovec));
1273 log_error("Out of memory.");
1281 q = memchr(p, '=', e - p);
1283 if (valid_user_field(p, q - p)) {
1288 /* If the field name starts with an
1289 * underscore, skip the variable,
1290 * since that indidates a trusted
1292 iovec[n].iov_base = (char*) p;
1293 iovec[n].iov_len = l;
1296 /* We need to determine the priority
1297 * of this entry for the rate limiting
1300 memcmp(p, "PRIORITY=", 9) == 0 &&
1301 p[9] >= '0' && p[9] <= '9')
1302 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1305 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1306 p[16] >= '0' && p[16] <= '9')
1307 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1310 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1311 p[16] >= '0' && p[16] <= '9' &&
1312 p[17] >= '0' && p[17] <= '9')
1313 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1316 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1319 t = strndup(p + 18, l - 18);
1324 } else if (l >= 8 &&
1325 memcmp(p, "MESSAGE=", 8) == 0) {
1328 t = strndup(p + 8, l - 8);
1336 remaining -= (e - p) + 1;
1344 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1345 log_debug("Failed to parse message, ignoring.");
1349 memcpy(&l_le, e + 1, sizeof(uint64_t));
1352 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1353 e[1+sizeof(uint64_t)+l] != '\n') {
1354 log_debug("Failed to parse message, ignoring.");
1358 k = malloc((e - p) + 1 + l);
1360 log_error("Out of memory.");
1364 memcpy(k, p, e - p);
1366 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1368 if (valid_user_field(p, e - p)) {
1369 iovec[n].iov_base = k;
1370 iovec[n].iov_len = (e - p) + 1 + l;
1375 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1376 p = e + 1 + sizeof(uint64_t) + l + 1;
1384 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1387 if (s->forward_to_syslog)
1388 forward_syslog(s, priority, identifier, message, ucred, tv);
1390 if (s->forward_to_kmsg)
1391 forward_kmsg(s, priority, identifier, message, ucred);
1393 if (s->forward_to_console)
1394 forward_console(s, priority, identifier, message, ucred);
1397 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1400 for (j = 0; j < n; j++) {
1404 if (iovec[j].iov_base < buffer ||
1405 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1406 free(iovec[j].iov_base);
1414 static void process_native_file(
1417 struct ucred *ucred,
1419 const char *label, size_t label_len) {
1428 /* Data is in the passed file, since it didn't fit in a
1429 * datagram. We can't map the file here, since clients might
1430 * then truncate it and trigger a SIGBUS for us. So let's
1431 * stupidly read it */
1433 if (fstat(fd, &st) < 0) {
1434 log_error("Failed to stat passed file, ignoring: %m");
1438 if (!S_ISREG(st.st_mode)) {
1439 log_error("File passed is not regular. Ignoring.");
1443 if (st.st_size <= 0)
1446 if (st.st_size > ENTRY_SIZE_MAX) {
1447 log_error("File passed too large. Ignoring.");
1451 p = malloc(st.st_size);
1453 log_error("Out of memory.");
1457 n = pread(fd, p, st.st_size, 0);
1459 log_error("Failed to read file, ignoring: %s", strerror(-n));
1461 process_native_message(s, p, n, ucred, tv, label, label_len);
1466 static int stdout_stream_log(StdoutStream *s, const char *p) {
1467 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1468 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1472 size_t label_len = 0;
1480 priority = s->priority;
1482 if (s->level_prefix)
1483 parse_syslog_priority((char**) &p, &priority);
1485 if (s->forward_to_syslog || s->server->forward_to_syslog)
1486 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1488 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1489 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1491 if (s->forward_to_console || s->server->forward_to_console)
1492 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1494 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1496 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1497 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1499 if (priority & LOG_FACMASK)
1500 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1501 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1503 if (s->identifier) {
1504 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1505 if (syslog_identifier)
1506 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1509 message = strappend("MESSAGE=", p);
1511 IOVEC_SET_STRING(iovec[n++], message);
1514 if (s->security_context) {
1515 label = (char*) s->security_context;
1516 label_len = strlen((char*) s->security_context);
1520 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1523 free(syslog_priority);
1524 free(syslog_facility);
1525 free(syslog_identifier);
1530 static int stdout_stream_line(StdoutStream *s, char *p) {
1540 case STDOUT_STREAM_IDENTIFIER:
1542 s->identifier = NULL;
1544 s->identifier = strdup(p);
1545 if (!s->identifier) {
1546 log_error("Out of memory.");
1551 s->state = STDOUT_STREAM_UNIT_ID;
1554 case STDOUT_STREAM_UNIT_ID:
1555 if (s->ucred.uid == 0) {
1559 s->unit_id = strdup(p);
1561 log_error("Out of memory.");
1567 s->state = STDOUT_STREAM_PRIORITY;
1570 case STDOUT_STREAM_PRIORITY:
1571 r = safe_atoi(p, &s->priority);
1572 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1573 log_warning("Failed to parse log priority line.");
1577 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1580 case STDOUT_STREAM_LEVEL_PREFIX:
1581 r = parse_boolean(p);
1583 log_warning("Failed to parse level prefix line.");
1587 s->level_prefix = !!r;
1588 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1591 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1592 r = parse_boolean(p);
1594 log_warning("Failed to parse forward to syslog line.");
1598 s->forward_to_syslog = !!r;
1599 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1602 case STDOUT_STREAM_FORWARD_TO_KMSG:
1603 r = parse_boolean(p);
1605 log_warning("Failed to parse copy to kmsg line.");
1609 s->forward_to_kmsg = !!r;
1610 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1613 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1614 r = parse_boolean(p);
1616 log_warning("Failed to parse copy to console line.");
1620 s->forward_to_console = !!r;
1621 s->state = STDOUT_STREAM_RUNNING;
1624 case STDOUT_STREAM_RUNNING:
1625 return stdout_stream_log(s, p);
1628 assert_not_reached("Unknown stream state");
1631 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1639 remaining = s->length;
1644 end = memchr(p, '\n', remaining);
1647 else if (remaining >= sizeof(s->buffer) - 1) {
1648 end = p + sizeof(s->buffer) - 1;
1655 r = stdout_stream_line(s, p);
1663 if (force_flush && remaining > 0) {
1665 r = stdout_stream_line(s, p);
1673 if (p > s->buffer) {
1674 memmove(s->buffer, p, remaining);
1675 s->length = remaining;
1681 static int stdout_stream_process(StdoutStream *s) {
1687 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1690 if (errno == EAGAIN)
1693 log_warning("Failed to read from stream: %m");
1698 r = stdout_stream_scan(s, true);
1706 r = stdout_stream_scan(s, false);
1714 static void stdout_stream_free(StdoutStream *s) {
1718 assert(s->server->n_stdout_streams > 0);
1719 s->server->n_stdout_streams --;
1720 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1725 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1727 close_nointr_nofail(s->fd);
1731 if (s->security_context)
1732 freecon(s->security_context);
1735 free(s->identifier);
1739 static int stdout_stream_new(Server *s) {
1740 StdoutStream *stream;
1743 struct epoll_event ev;
1747 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1749 if (errno == EAGAIN)
1752 log_error("Failed to accept stdout connection: %m");
1756 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1757 log_warning("Too many stdout streams, refusing connection.");
1758 close_nointr_nofail(fd);
1762 stream = new0(StdoutStream, 1);
1764 log_error("Out of memory.");
1765 close_nointr_nofail(fd);
1771 len = sizeof(stream->ucred);
1772 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1773 log_error("Failed to determine peer credentials: %m");
1779 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1780 log_error("Failed to determine peer security context: %m");
1783 if (shutdown(fd, SHUT_WR) < 0) {
1784 log_error("Failed to shutdown writing side of socket: %m");
1790 ev.data.ptr = stream;
1791 ev.events = EPOLLIN;
1792 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1793 log_error("Failed to add stream to event loop: %m");
1799 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1800 s->n_stdout_streams ++;
1805 stdout_stream_free(stream);
1809 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1820 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1825 for (i = 1; i <= 5; i++) {
1831 k = undecchar(p[i]);
1838 for (i = 7; i <= 12; i++) {
1841 k = undecchar(p[i]);
1850 *_p += strspn(*_p, WHITESPACE);
1855 static bool is_us(const char *pid) {
1860 if (parse_pid(pid, &t) < 0)
1863 return t == getpid();
1866 static void proc_kmsg_line(Server *s, const char *p) {
1867 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1868 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1869 int priority = LOG_KERN | LOG_INFO;
1872 char *identifier = NULL, *pid = NULL;
1880 parse_syslog_priority((char **) &p, &priority);
1882 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1885 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1886 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1887 (unsigned long long) usec) >= 0)
1888 IOVEC_SET_STRING(iovec[n++], source_time);
1891 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1893 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1894 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1896 if ((priority & LOG_FACMASK) == LOG_KERN) {
1898 if (s->forward_to_syslog)
1899 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1901 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1903 read_identifier(&p, &identifier, &pid);
1905 /* Avoid any messages we generated ourselves via
1906 * log_info() and friends. */
1907 if (pid && is_us(pid))
1910 if (s->forward_to_syslog)
1911 forward_syslog(s, priority, identifier, p, NULL, NULL);
1914 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1915 if (syslog_identifier)
1916 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1920 syslog_pid = strappend("SYSLOG_PID=", pid);
1922 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1925 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1926 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1929 message = strappend("MESSAGE=", p);
1931 IOVEC_SET_STRING(iovec[n++], message);
1933 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1937 free(syslog_priority);
1938 free(syslog_identifier);
1940 free(syslog_facility);
1946 static void proc_kmsg_scan(Server *s) {
1952 p = s->proc_kmsg_buffer;
1953 remaining = s->proc_kmsg_length;
1958 end = memchr(p, '\n', remaining);
1961 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1962 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1969 proc_kmsg_line(s, p);
1975 if (p > s->proc_kmsg_buffer) {
1976 memmove(s->proc_kmsg_buffer, p, remaining);
1977 s->proc_kmsg_length = remaining;
1981 static int system_journal_open(Server *s) {
1987 r = sd_id128_get_machine(&machine);
1991 sd_id128_to_string(machine, ids);
1993 if (!s->system_journal &&
1994 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1995 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1997 /* If in auto mode: first try to create the machine
1998 * path, but not the prefix.
2000 * If in persistent mode: create /var/log/journal and
2001 * the machine path */
2003 if (s->storage == STORAGE_PERSISTENT)
2004 (void) mkdir("/var/log/journal/", 0755);
2006 fn = strappend("/var/log/journal/", ids);
2010 (void) mkdir(fn, 0755);
2013 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2017 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
2021 s->system_journal->compress = s->compress;
2023 server_fix_perms(s, s->system_journal, 0);
2026 if (r != -ENOENT && r != -EROFS)
2027 log_warning("Failed to open system journal: %s", strerror(-r));
2033 if (!s->runtime_journal &&
2034 (s->storage != STORAGE_NONE)) {
2036 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2040 if (s->system_journal) {
2042 /* Try to open the runtime journal, but only
2043 * if it already exists, so that we can flush
2044 * it into the system journal */
2046 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2051 log_warning("Failed to open runtime journal: %s", strerror(-r));
2058 /* OK, we really need the runtime journal, so create
2059 * it if necessary. */
2061 (void) mkdir_parents(fn, 0755);
2062 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2066 log_error("Failed to open runtime journal: %s", strerror(-r));
2071 if (s->runtime_journal) {
2072 s->runtime_journal->compress = s->compress;
2074 server_fix_perms(s, s->runtime_journal, 0);
2081 static int server_flush_to_var(Server *s) {
2089 if (s->storage != STORAGE_AUTO &&
2090 s->storage != STORAGE_PERSISTENT)
2093 if (!s->runtime_journal)
2096 system_journal_open(s);
2098 if (!s->system_journal)
2101 log_info("Flushing to /var...");
2103 r = sd_id128_get_machine(&machine);
2105 log_error("Failed to get machine id: %s", strerror(-r));
2109 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2111 log_error("Failed to read runtime journal: %s", strerror(-r));
2115 SD_JOURNAL_FOREACH(j) {
2118 f = j->current_file;
2119 assert(f && f->current_offset > 0);
2121 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2123 log_error("Can't read entry: %s", strerror(-r));
2127 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2129 log_info("Allocation limit reached.");
2131 journal_file_post_change(s->system_journal);
2135 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2139 log_error("Can't write entry: %s", strerror(-r));
2145 journal_file_post_change(s->system_journal);
2147 journal_file_close(s->runtime_journal);
2148 s->runtime_journal = NULL;
2151 rm_rf("/run/log/journal", false, true, false);
2156 static int server_read_proc_kmsg(Server *s) {
2159 assert(s->proc_kmsg_fd >= 0);
2161 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2162 if (l == 0) /* the kernel is stupid and in some race
2163 * conditions returns 0 in the middle of the
2168 if (errno == EAGAIN || errno == EINTR)
2171 log_error("Failed to read from kernel: %m");
2175 s->proc_kmsg_length += l;
2181 static int server_flush_proc_kmsg(Server *s) {
2186 if (s->proc_kmsg_fd < 0)
2189 log_info("Flushing /proc/kmsg...");
2192 r = server_read_proc_kmsg(s);
2203 static int process_event(Server *s, struct epoll_event *ev) {
2207 if (ev->data.fd == s->signal_fd) {
2208 struct signalfd_siginfo sfsi;
2211 if (ev->events != EPOLLIN) {
2212 log_info("Got invalid event from epoll.");
2216 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2217 if (n != sizeof(sfsi)) {
2222 if (errno == EINTR || errno == EAGAIN)
2228 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2230 if (sfsi.ssi_signo == SIGUSR1) {
2231 touch("/run/systemd/journal/flushed");
2232 server_flush_to_var(s);
2236 if (sfsi.ssi_signo == SIGUSR2) {
2244 } else if (ev->data.fd == s->proc_kmsg_fd) {
2247 if (ev->events != EPOLLIN) {
2248 log_info("Got invalid event from epoll.");
2252 r = server_read_proc_kmsg(s);
2258 } else if (ev->data.fd == s->native_fd ||
2259 ev->data.fd == s->syslog_fd) {
2261 if (ev->events != EPOLLIN) {
2262 log_info("Got invalid event from epoll.");
2267 struct msghdr msghdr;
2269 struct ucred *ucred = NULL;
2270 struct timeval *tv = NULL;
2271 struct cmsghdr *cmsg;
2273 size_t label_len = 0;
2275 struct cmsghdr cmsghdr;
2277 /* We use NAME_MAX space for the
2278 * SELinux label here. The kernel
2279 * currently enforces no limit, but
2280 * according to suggestions from the
2281 * SELinux people this will change and
2282 * it will probably be identical to
2283 * NAME_MAX. For now we use that, but
2284 * this should be updated one day when
2285 * the final limit is known.*/
2286 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2287 CMSG_SPACE(sizeof(struct timeval)) +
2288 CMSG_SPACE(sizeof(int)) + /* fd */
2289 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2296 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2297 log_error("SIOCINQ failed: %m");
2301 if (s->buffer_size < (size_t) v) {
2305 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2306 b = realloc(s->buffer, l+1);
2309 log_error("Couldn't increase buffer.");
2318 iovec.iov_base = s->buffer;
2319 iovec.iov_len = s->buffer_size;
2323 msghdr.msg_iov = &iovec;
2324 msghdr.msg_iovlen = 1;
2325 msghdr.msg_control = &control;
2326 msghdr.msg_controllen = sizeof(control);
2328 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2331 if (errno == EINTR || errno == EAGAIN)
2334 log_error("recvmsg() failed: %m");
2338 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2340 if (cmsg->cmsg_level == SOL_SOCKET &&
2341 cmsg->cmsg_type == SCM_CREDENTIALS &&
2342 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2343 ucred = (struct ucred*) CMSG_DATA(cmsg);
2344 else if (cmsg->cmsg_level == SOL_SOCKET &&
2345 cmsg->cmsg_type == SCM_SECURITY) {
2346 label = (char*) CMSG_DATA(cmsg);
2347 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2348 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2349 cmsg->cmsg_type == SO_TIMESTAMP &&
2350 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2351 tv = (struct timeval*) CMSG_DATA(cmsg);
2352 else if (cmsg->cmsg_level == SOL_SOCKET &&
2353 cmsg->cmsg_type == SCM_RIGHTS) {
2354 fds = (int*) CMSG_DATA(cmsg);
2355 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2359 if (ev->data.fd == s->syslog_fd) {
2362 if (n > 0 && n_fds == 0) {
2363 e = memchr(s->buffer, '\n', n);
2369 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2370 } else if (n_fds > 0)
2371 log_warning("Got file descriptors via syslog socket. Ignoring.");
2374 if (n > 0 && n_fds == 0)
2375 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2376 else if (n == 0 && n_fds == 1)
2377 process_native_file(s, fds[0], ucred, tv, label, label_len);
2379 log_warning("Got too many file descriptors via native socket. Ignoring.");
2382 close_many(fds, n_fds);
2387 } else if (ev->data.fd == s->stdout_fd) {
2389 if (ev->events != EPOLLIN) {
2390 log_info("Got invalid event from epoll.");
2394 stdout_stream_new(s);
2398 StdoutStream *stream;
2400 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2401 log_info("Got invalid event from epoll.");
2405 /* If it is none of the well-known fds, it must be an
2406 * stdout stream fd. Note that this is a bit ugly here
2407 * (since we rely that none of the well-known fds
2408 * could be interpreted as pointer), but nonetheless
2409 * safe, since the well-known fds would never get an
2410 * fd > 4096, i.e. beyond the first memory page */
2412 stream = ev->data.ptr;
2414 if (stdout_stream_process(stream) <= 0)
2415 stdout_stream_free(stream);
2420 log_error("Unknown event.");
2424 static int open_syslog_socket(Server *s) {
2425 union sockaddr_union sa;
2427 struct epoll_event ev;
2431 if (s->syslog_fd < 0) {
2433 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2434 if (s->syslog_fd < 0) {
2435 log_error("socket() failed: %m");
2440 sa.un.sun_family = AF_UNIX;
2441 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2443 unlink(sa.un.sun_path);
2445 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2447 log_error("bind() failed: %m");
2451 chmod(sa.un.sun_path, 0666);
2453 fd_nonblock(s->syslog_fd, 1);
2456 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2458 log_error("SO_PASSCRED failed: %m");
2464 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2466 log_warning("SO_PASSSEC failed: %m");
2470 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2472 log_error("SO_TIMESTAMP failed: %m");
2477 ev.events = EPOLLIN;
2478 ev.data.fd = s->syslog_fd;
2479 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2480 log_error("Failed to add syslog server fd to epoll object: %m");
2487 static int open_native_socket(Server*s) {
2488 union sockaddr_union sa;
2490 struct epoll_event ev;
2494 if (s->native_fd < 0) {
2496 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2497 if (s->native_fd < 0) {
2498 log_error("socket() failed: %m");
2503 sa.un.sun_family = AF_UNIX;
2504 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2506 unlink(sa.un.sun_path);
2508 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2510 log_error("bind() failed: %m");
2514 chmod(sa.un.sun_path, 0666);
2516 fd_nonblock(s->native_fd, 1);
2519 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2521 log_error("SO_PASSCRED failed: %m");
2527 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2529 log_warning("SO_PASSSEC failed: %m");
2533 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2535 log_error("SO_TIMESTAMP failed: %m");
2540 ev.events = EPOLLIN;
2541 ev.data.fd = s->native_fd;
2542 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2543 log_error("Failed to add native server fd to epoll object: %m");
2550 static int open_stdout_socket(Server *s) {
2551 union sockaddr_union sa;
2553 struct epoll_event ev;
2557 if (s->stdout_fd < 0) {
2559 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2560 if (s->stdout_fd < 0) {
2561 log_error("socket() failed: %m");
2566 sa.un.sun_family = AF_UNIX;
2567 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2569 unlink(sa.un.sun_path);
2571 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2573 log_error("bind() failed: %m");
2577 chmod(sa.un.sun_path, 0666);
2579 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2580 log_error("liste() failed: %m");
2584 fd_nonblock(s->stdout_fd, 1);
2587 ev.events = EPOLLIN;
2588 ev.data.fd = s->stdout_fd;
2589 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2590 log_error("Failed to add stdout server fd to epoll object: %m");
2597 static int open_proc_kmsg(Server *s) {
2598 struct epoll_event ev;
2602 if (!s->import_proc_kmsg)
2605 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2606 if (s->proc_kmsg_fd < 0) {
2607 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2612 ev.events = EPOLLIN;
2613 ev.data.fd = s->proc_kmsg_fd;
2614 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2615 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2622 static int open_signalfd(Server *s) {
2624 struct epoll_event ev;
2628 assert_se(sigemptyset(&mask) == 0);
2629 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2630 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2632 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2633 if (s->signal_fd < 0) {
2634 log_error("signalfd(): %m");
2639 ev.events = EPOLLIN;
2640 ev.data.fd = s->signal_fd;
2642 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2643 log_error("epoll_ctl(): %m");
2650 static int server_parse_proc_cmdline(Server *s) {
2651 char *line, *w, *state;
2655 if (detect_container(NULL) > 0)
2658 r = read_one_line_file("/proc/cmdline", &line);
2660 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2664 FOREACH_WORD_QUOTED(w, l, line, state) {
2667 word = strndup(w, l);
2673 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2674 r = parse_boolean(word + 35);
2676 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2678 s->forward_to_syslog = r;
2679 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2680 r = parse_boolean(word + 33);
2682 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2684 s->forward_to_kmsg = r;
2685 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2686 r = parse_boolean(word + 36);
2688 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2690 s->forward_to_console = r;
2691 } else if (startswith(word, "systemd.journald"))
2692 log_warning("Invalid systemd.journald parameter. Ignoring.");
2704 static int server_parse_config_file(Server *s) {
2711 fn = "/etc/systemd/journald.conf";
2712 f = fopen(fn, "re");
2714 if (errno == ENOENT)
2717 log_warning("Failed to open configuration file %s: %m", fn);
2721 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2723 log_warning("Failed to parse configuration file: %s", strerror(-r));
2730 static int server_init(Server *s) {
2736 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2739 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2740 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2742 s->forward_to_syslog = true;
2744 s->max_level_store = LOG_DEBUG;
2745 s->max_level_syslog = LOG_DEBUG;
2746 s->max_level_kmsg = LOG_NOTICE;
2747 s->max_level_console = LOG_INFO;
2749 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2750 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2752 server_parse_config_file(s);
2753 server_parse_proc_cmdline(s);
2755 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2756 if (!s->user_journals) {
2757 log_error("Out of memory.");
2761 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2762 if (s->epoll_fd < 0) {
2763 log_error("Failed to create epoll object: %m");
2767 n = sd_listen_fds(true);
2769 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2773 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2775 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2777 if (s->native_fd >= 0) {
2778 log_error("Too many native sockets passed.");
2784 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2786 if (s->stdout_fd >= 0) {
2787 log_error("Too many stdout sockets passed.");
2793 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2795 if (s->syslog_fd >= 0) {
2796 log_error("Too many /dev/log sockets passed.");
2803 log_error("Unknown socket passed.");
2808 r = open_syslog_socket(s);
2812 r = open_native_socket(s);
2816 r = open_stdout_socket(s);
2820 r = open_proc_kmsg(s);
2824 r = open_signalfd(s);
2828 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2832 r = system_journal_open(s);
2839 static void server_done(Server *s) {
2843 while (s->stdout_streams)
2844 stdout_stream_free(s->stdout_streams);
2846 if (s->system_journal)
2847 journal_file_close(s->system_journal);
2849 if (s->runtime_journal)
2850 journal_file_close(s->runtime_journal);
2852 while ((f = hashmap_steal_first(s->user_journals)))
2853 journal_file_close(f);
2855 hashmap_free(s->user_journals);
2857 if (s->epoll_fd >= 0)
2858 close_nointr_nofail(s->epoll_fd);
2860 if (s->signal_fd >= 0)
2861 close_nointr_nofail(s->signal_fd);
2863 if (s->syslog_fd >= 0)
2864 close_nointr_nofail(s->syslog_fd);
2866 if (s->native_fd >= 0)
2867 close_nointr_nofail(s->native_fd);
2869 if (s->stdout_fd >= 0)
2870 close_nointr_nofail(s->stdout_fd);
2872 if (s->proc_kmsg_fd >= 0)
2873 close_nointr_nofail(s->proc_kmsg_fd);
2876 journal_rate_limit_free(s->rate_limit);
2882 int main(int argc, char *argv[]) {
2886 /* if (getppid() != 1) { */
2887 /* log_error("This program should be invoked by init only."); */
2888 /* return EXIT_FAILURE; */
2892 log_error("This program does not take arguments.");
2893 return EXIT_FAILURE;
2896 log_set_target(LOG_TARGET_SAFE);
2897 log_set_facility(LOG_SYSLOG);
2898 log_parse_environment();
2903 r = server_init(&server);
2907 server_vacuum(&server);
2908 server_flush_to_var(&server);
2909 server_flush_proc_kmsg(&server);
2911 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2912 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2916 "STATUS=Processing requests...");
2919 struct epoll_event event;
2921 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2927 log_error("epoll_wait() failed: %m");
2933 r = process_event(&server, &event);
2940 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2941 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2945 "STATUS=Shutting down...");
2947 server_done(&server);
2949 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob