1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
484 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
489 (r != -E2BIG && /* hit limit */
490 r != -EFBIG && /* hit fs limit */
491 r != -EDQUOT && /* quota hit */
492 r != -ENOSPC && /* disk full */
493 r != -EBADMSG && /* corrupted */
494 r != -ENODATA && /* truncated */
495 r != -EHOSTDOWN && /* other machine */
496 r != -EPROTONOSUPPORT && /* unsupported feature */
497 r != -EBUSY && /* unclean shutdown */
498 r != -ESHUTDOWN /* already archived */)) {
499 log_error("Failed to write entry, ignoring: %s", strerror(-r));
503 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
504 log_info("Allocation limit reached, rotating.");
505 else if (r == -EHOSTDOWN)
506 log_info("Journal file from other machine, rotating.");
507 else if (r == -EBUSY)
508 log_info("Unlcean shutdown, rotating.");
510 log_warning("Journal file corrupted, rotating.");
516 f = find_journal(s, uid);
520 log_info("Retrying write.");
524 static void dispatch_message_real(
526 struct iovec *iovec, unsigned n, unsigned m,
529 const char *label, size_t label_len,
530 const char *unit_id) {
532 char *pid = NULL, *uid = NULL, *gid = NULL,
533 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
534 *comm = NULL, *cmdline = NULL, *hostname = NULL,
535 *audit_session = NULL, *audit_loginuid = NULL,
536 *exe = NULL, *cgroup = NULL, *session = NULL,
537 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
543 uid_t loginuid = 0, realuid = 0;
548 assert(n + N_IOVEC_META_FIELDS <= m);
556 realuid = ucred->uid;
558 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
559 IOVEC_SET_STRING(iovec[n++], pid);
561 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
562 IOVEC_SET_STRING(iovec[n++], uid);
564 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
565 IOVEC_SET_STRING(iovec[n++], gid);
567 r = get_process_comm(ucred->pid, &t);
569 comm = strappend("_COMM=", t);
573 IOVEC_SET_STRING(iovec[n++], comm);
576 r = get_process_exe(ucred->pid, &t);
578 exe = strappend("_EXE=", t);
582 IOVEC_SET_STRING(iovec[n++], exe);
585 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
587 cmdline = strappend("_CMDLINE=", t);
591 IOVEC_SET_STRING(iovec[n++], cmdline);
594 r = audit_session_from_pid(ucred->pid, &audit);
596 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
597 IOVEC_SET_STRING(iovec[n++], audit_session);
599 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
601 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
602 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
604 t = shortened_cgroup_path(ucred->pid);
606 cgroup = strappend("_SYSTEMD_CGROUP=", t);
610 IOVEC_SET_STRING(iovec[n++], cgroup);
614 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
615 session = strappend("_SYSTEMD_SESSION=", t);
619 IOVEC_SET_STRING(iovec[n++], session);
622 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
623 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
624 IOVEC_SET_STRING(iovec[n++], owner_uid);
627 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
628 unit = strappend("_SYSTEMD_UNIT=", t);
631 unit = strappend("_SYSTEMD_UNIT=", unit_id);
634 IOVEC_SET_STRING(iovec[n++], unit);
638 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
639 if (selinux_context) {
640 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
641 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
642 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
643 IOVEC_SET_STRING(iovec[n++], selinux_context);
646 security_context_t con;
648 if (getpidcon(ucred->pid, &con) >= 0) {
649 selinux_context = strappend("_SELINUX_CONTEXT=", con);
651 IOVEC_SET_STRING(iovec[n++], selinux_context);
660 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
661 (unsigned long long) timeval_load(tv)) >= 0)
662 IOVEC_SET_STRING(iovec[n++], source_time);
665 /* Note that strictly speaking storing the boot id here is
666 * redundant since the entry includes this in-line
667 * anyway. However, we need this indexed, too. */
668 r = sd_id128_get_boot(&id);
670 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
671 IOVEC_SET_STRING(iovec[n++], boot_id);
673 r = sd_id128_get_machine(&id);
675 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
676 IOVEC_SET_STRING(iovec[n++], machine_id);
678 t = gethostname_malloc();
680 hostname = strappend("_HOSTNAME=", t);
683 IOVEC_SET_STRING(iovec[n++], hostname);
688 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
701 free(audit_loginuid);
706 free(selinux_context);
709 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
710 char mid[11 + 32 + 1];
711 char buffer[16 + LINE_MAX + 1];
712 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
720 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
721 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
723 memcpy(buffer, "MESSAGE=", 8);
724 va_start(ap, format);
725 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
727 char_array_0(buffer);
728 IOVEC_SET_STRING(iovec[n++], buffer);
730 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
732 IOVEC_SET_STRING(iovec[n++], mid);
735 ucred.pid = getpid();
736 ucred.uid = getuid();
737 ucred.gid = getgid();
739 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
742 static void dispatch_message(Server *s,
743 struct iovec *iovec, unsigned n, unsigned m,
746 const char *label, size_t label_len,
750 char *path = NULL, *c;
753 assert(iovec || n == 0);
758 if (LOG_PRI(priority) > s->max_level_store)
764 path = shortened_cgroup_path(ucred->pid);
768 /* example: /user/lennart/3/foobar
769 * /system/dbus.service/foobar
771 * So let's cut of everything past the third /, since that is
772 * wher user directories start */
774 c = strchr(path, '/');
776 c = strchr(c+1, '/');
778 c = strchr(c+1, '/');
784 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
791 /* Write a suppression message if we suppressed something */
793 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
798 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
801 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
802 struct msghdr msghdr;
803 struct cmsghdr *cmsg;
805 struct cmsghdr cmsghdr;
806 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
808 union sockaddr_union sa;
815 msghdr.msg_iov = (struct iovec*) iovec;
816 msghdr.msg_iovlen = n_iovec;
819 sa.un.sun_family = AF_UNIX;
820 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
821 msghdr.msg_name = &sa;
822 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
826 msghdr.msg_control = &control;
827 msghdr.msg_controllen = sizeof(control);
829 cmsg = CMSG_FIRSTHDR(&msghdr);
830 cmsg->cmsg_level = SOL_SOCKET;
831 cmsg->cmsg_type = SCM_CREDENTIALS;
832 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
833 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
834 msghdr.msg_controllen = cmsg->cmsg_len;
837 /* Forward the syslog message we received via /dev/log to
838 * /run/systemd/syslog. Unfortunately we currently can't set
839 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
841 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
844 /* The socket is full? I guess the syslog implementation is
845 * too slow, and we shouldn't wait for that... */
849 if (ucred && errno == ESRCH) {
852 /* Hmm, presumably the sender process vanished
853 * by now, so let's fix it as good as we
858 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
860 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
867 log_debug("Failed to forward syslog message: %m");
870 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
876 if (LOG_PRI(priority) > s->max_level_syslog)
879 IOVEC_SET_STRING(iovec, buffer);
880 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
883 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
884 struct iovec iovec[5];
885 char header_priority[6], header_time[64], header_pid[16];
889 char *ident_buf = NULL;
892 assert(priority >= 0);
893 assert(priority <= 999);
896 if (LOG_PRI(priority) > s->max_level_syslog)
899 /* First: priority field */
900 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
901 char_array_0(header_priority);
902 IOVEC_SET_STRING(iovec[n++], header_priority);
904 /* Second: timestamp */
905 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
909 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
911 IOVEC_SET_STRING(iovec[n++], header_time);
913 /* Third: identifier and PID */
916 get_process_comm(ucred->pid, &ident_buf);
917 identifier = ident_buf;
920 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
921 char_array_0(header_pid);
924 IOVEC_SET_STRING(iovec[n++], identifier);
926 IOVEC_SET_STRING(iovec[n++], header_pid);
927 } else if (identifier) {
928 IOVEC_SET_STRING(iovec[n++], identifier);
929 IOVEC_SET_STRING(iovec[n++], ": ");
932 /* Fourth: message */
933 IOVEC_SET_STRING(iovec[n++], message);
935 forward_syslog_iovec(s, iovec, n, ucred, tv);
940 static int fixup_priority(int priority) {
942 if ((priority & LOG_FACMASK) == 0)
943 return (priority & LOG_PRIMASK) | LOG_USER;
948 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
949 struct iovec iovec[5];
950 char header_priority[6], header_pid[16];
952 char *ident_buf = NULL;
956 assert(priority >= 0);
957 assert(priority <= 999);
960 if (LOG_PRI(priority) > s->max_level_kmsg)
963 /* Never allow messages with kernel facility to be written to
964 * kmsg, regardless where the data comes from. */
965 priority = fixup_priority(priority);
967 /* First: priority field */
968 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
969 char_array_0(header_priority);
970 IOVEC_SET_STRING(iovec[n++], header_priority);
972 /* Second: identifier and PID */
975 get_process_comm(ucred->pid, &ident_buf);
976 identifier = ident_buf;
979 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
980 char_array_0(header_pid);
983 IOVEC_SET_STRING(iovec[n++], identifier);
985 IOVEC_SET_STRING(iovec[n++], header_pid);
986 } else if (identifier) {
987 IOVEC_SET_STRING(iovec[n++], identifier);
988 IOVEC_SET_STRING(iovec[n++], ": ");
991 /* Fourth: message */
992 IOVEC_SET_STRING(iovec[n++], message);
993 IOVEC_SET_STRING(iovec[n++], "\n");
995 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
997 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
1001 if (writev(fd, iovec, n) < 0)
1002 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1004 close_nointr_nofail(fd);
1010 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1011 struct iovec iovec[4];
1012 char header_pid[16];
1014 char *ident_buf = NULL;
1020 if (LOG_PRI(priority) > s->max_level_console)
1023 /* First: identifier and PID */
1026 get_process_comm(ucred->pid, &ident_buf);
1027 identifier = ident_buf;
1030 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1031 char_array_0(header_pid);
1034 IOVEC_SET_STRING(iovec[n++], identifier);
1036 IOVEC_SET_STRING(iovec[n++], header_pid);
1037 } else if (identifier) {
1038 IOVEC_SET_STRING(iovec[n++], identifier);
1039 IOVEC_SET_STRING(iovec[n++], ": ");
1042 /* Third: message */
1043 IOVEC_SET_STRING(iovec[n++], message);
1044 IOVEC_SET_STRING(iovec[n++], "\n");
1046 tty = s->tty_path ? s->tty_path : "/dev/console";
1048 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1050 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1054 if (writev(fd, iovec, n) < 0)
1055 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1057 close_nointr_nofail(fd);
1063 static void read_identifier(const char **buf, char **identifier, char **pid) {
1074 p += strspn(p, WHITESPACE);
1075 l = strcspn(p, WHITESPACE);
1084 if (p[l-1] == ']') {
1090 t = strndup(p+k+1, l-k-2);
1110 *buf += strspn(*buf, WHITESPACE);
1113 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1114 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1115 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1117 int priority = LOG_USER | LOG_INFO;
1118 char *identifier = NULL, *pid = NULL;
1125 parse_syslog_priority((char**) &buf, &priority);
1127 if (s->forward_to_syslog)
1128 forward_syslog_raw(s, priority, orig, ucred, tv);
1130 skip_syslog_date((char**) &buf);
1131 read_identifier(&buf, &identifier, &pid);
1133 if (s->forward_to_kmsg)
1134 forward_kmsg(s, priority, identifier, buf, ucred);
1136 if (s->forward_to_console)
1137 forward_console(s, priority, identifier, buf, ucred);
1139 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1141 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1142 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1144 if (priority & LOG_FACMASK)
1145 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1146 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1149 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1150 if (syslog_identifier)
1151 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1155 syslog_pid = strappend("SYSLOG_PID=", pid);
1157 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1160 message = strappend("MESSAGE=", buf);
1162 IOVEC_SET_STRING(iovec[n++], message);
1164 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1169 free(syslog_priority);
1170 free(syslog_facility);
1171 free(syslog_identifier);
1174 static bool valid_user_field(const char *p, size_t l) {
1177 /* We kinda enforce POSIX syntax recommendations for
1178 environment variables here, but make a couple of additional
1181 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1183 /* No empty field names */
1187 /* Don't allow names longer than 64 chars */
1191 /* Variables starting with an underscore are protected */
1195 /* Don't allow digits as first character */
1196 if (p[0] >= '0' && p[0] <= '9')
1199 /* Only allow A-Z0-9 and '_' */
1200 for (a = p; a < p + l; a++)
1201 if (!((*a >= 'A' && *a <= 'Z') ||
1202 (*a >= '0' && *a <= '9') ||
1209 static void process_native_message(
1211 const void *buffer, size_t buffer_size,
1212 struct ucred *ucred,
1214 const char *label, size_t label_len) {
1216 struct iovec *iovec = NULL;
1217 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1220 int priority = LOG_INFO;
1221 char *identifier = NULL, *message = NULL;
1224 assert(buffer || buffer_size == 0);
1227 remaining = buffer_size;
1229 while (remaining > 0) {
1232 e = memchr(p, '\n', remaining);
1235 /* Trailing noise, let's ignore it, and flush what we collected */
1236 log_debug("Received message with trailing noise, ignoring.");
1241 /* Entry separator */
1242 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1244 priority = LOG_INFO;
1251 if (*p == '.' || *p == '#') {
1252 /* Ignore control commands for now, and
1254 remaining -= (e - p) + 1;
1259 /* A property follows */
1261 if (n+N_IOVEC_META_FIELDS >= m) {
1265 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1266 c = realloc(iovec, u * sizeof(struct iovec));
1268 log_error("Out of memory");
1276 q = memchr(p, '=', e - p);
1278 if (valid_user_field(p, q - p)) {
1283 /* If the field name starts with an
1284 * underscore, skip the variable,
1285 * since that indidates a trusted
1287 iovec[n].iov_base = (char*) p;
1288 iovec[n].iov_len = l;
1291 /* We need to determine the priority
1292 * of this entry for the rate limiting
1295 memcmp(p, "PRIORITY=", 9) == 0 &&
1296 p[9] >= '0' && p[9] <= '9')
1297 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1300 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1301 p[16] >= '0' && p[16] <= '9')
1302 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1305 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1306 p[16] >= '0' && p[16] <= '9' &&
1307 p[17] >= '0' && p[17] <= '9')
1308 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1311 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1314 t = strndup(p + 18, l - 18);
1319 } else if (l >= 8 &&
1320 memcmp(p, "MESSAGE=", 8) == 0) {
1323 t = strndup(p + 8, l - 8);
1331 remaining -= (e - p) + 1;
1339 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1340 log_debug("Failed to parse message, ignoring.");
1344 memcpy(&l_le, e + 1, sizeof(uint64_t));
1347 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1348 e[1+sizeof(uint64_t)+l] != '\n') {
1349 log_debug("Failed to parse message, ignoring.");
1353 k = malloc((e - p) + 1 + l);
1355 log_error("Out of memory");
1359 memcpy(k, p, e - p);
1361 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1363 if (valid_user_field(p, e - p)) {
1364 iovec[n].iov_base = k;
1365 iovec[n].iov_len = (e - p) + 1 + l;
1370 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1371 p = e + 1 + sizeof(uint64_t) + l + 1;
1379 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1382 if (s->forward_to_syslog)
1383 forward_syslog(s, priority, identifier, message, ucred, tv);
1385 if (s->forward_to_kmsg)
1386 forward_kmsg(s, priority, identifier, message, ucred);
1388 if (s->forward_to_console)
1389 forward_console(s, priority, identifier, message, ucred);
1392 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1395 for (j = 0; j < n; j++) {
1399 if (iovec[j].iov_base < buffer ||
1400 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1401 free(iovec[j].iov_base);
1409 static void process_native_file(
1412 struct ucred *ucred,
1414 const char *label, size_t label_len) {
1423 /* Data is in the passed file, since it didn't fit in a
1424 * datagram. We can't map the file here, since clients might
1425 * then truncate it and trigger a SIGBUS for us. So let's
1426 * stupidly read it */
1428 if (fstat(fd, &st) < 0) {
1429 log_error("Failed to stat passed file, ignoring: %m");
1433 if (!S_ISREG(st.st_mode)) {
1434 log_error("File passed is not regular. Ignoring.");
1438 if (st.st_size <= 0)
1441 if (st.st_size > ENTRY_SIZE_MAX) {
1442 log_error("File passed too large. Ignoring.");
1446 p = malloc(st.st_size);
1448 log_error("Out of memory");
1452 n = pread(fd, p, st.st_size, 0);
1454 log_error("Failed to read file, ignoring: %s", strerror(-n));
1456 process_native_message(s, p, n, ucred, tv, label, label_len);
1461 static int stdout_stream_log(StdoutStream *s, const char *p) {
1462 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1463 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1467 size_t label_len = 0;
1475 priority = s->priority;
1477 if (s->level_prefix)
1478 parse_syslog_priority((char**) &p, &priority);
1480 if (s->forward_to_syslog || s->server->forward_to_syslog)
1481 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1483 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1484 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1486 if (s->forward_to_console || s->server->forward_to_console)
1487 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1489 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1491 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1492 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1494 if (priority & LOG_FACMASK)
1495 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1496 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1498 if (s->identifier) {
1499 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1500 if (syslog_identifier)
1501 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1504 message = strappend("MESSAGE=", p);
1506 IOVEC_SET_STRING(iovec[n++], message);
1509 if (s->security_context) {
1510 label = (char*) s->security_context;
1511 label_len = strlen((char*) s->security_context);
1515 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1518 free(syslog_priority);
1519 free(syslog_facility);
1520 free(syslog_identifier);
1525 static int stdout_stream_line(StdoutStream *s, char *p) {
1535 case STDOUT_STREAM_IDENTIFIER:
1537 s->identifier = NULL;
1539 s->identifier = strdup(p);
1540 if (!s->identifier) {
1541 log_error("Out of memory");
1546 s->state = STDOUT_STREAM_UNIT_ID;
1549 case STDOUT_STREAM_UNIT_ID:
1550 if (s->ucred.uid == 0) {
1554 s->unit_id = strdup(p);
1556 log_error("Out of memory");
1562 s->state = STDOUT_STREAM_PRIORITY;
1565 case STDOUT_STREAM_PRIORITY:
1566 r = safe_atoi(p, &s->priority);
1567 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1568 log_warning("Failed to parse log priority line.");
1572 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1575 case STDOUT_STREAM_LEVEL_PREFIX:
1576 r = parse_boolean(p);
1578 log_warning("Failed to parse level prefix line.");
1582 s->level_prefix = !!r;
1583 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1586 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1587 r = parse_boolean(p);
1589 log_warning("Failed to parse forward to syslog line.");
1593 s->forward_to_syslog = !!r;
1594 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1597 case STDOUT_STREAM_FORWARD_TO_KMSG:
1598 r = parse_boolean(p);
1600 log_warning("Failed to parse copy to kmsg line.");
1604 s->forward_to_kmsg = !!r;
1605 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1608 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1609 r = parse_boolean(p);
1611 log_warning("Failed to parse copy to console line.");
1615 s->forward_to_console = !!r;
1616 s->state = STDOUT_STREAM_RUNNING;
1619 case STDOUT_STREAM_RUNNING:
1620 return stdout_stream_log(s, p);
1623 assert_not_reached("Unknown stream state");
1626 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1634 remaining = s->length;
1639 end = memchr(p, '\n', remaining);
1642 else if (remaining >= sizeof(s->buffer) - 1) {
1643 end = p + sizeof(s->buffer) - 1;
1650 r = stdout_stream_line(s, p);
1658 if (force_flush && remaining > 0) {
1660 r = stdout_stream_line(s, p);
1668 if (p > s->buffer) {
1669 memmove(s->buffer, p, remaining);
1670 s->length = remaining;
1676 static int stdout_stream_process(StdoutStream *s) {
1682 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1685 if (errno == EAGAIN)
1688 log_warning("Failed to read from stream: %m");
1693 r = stdout_stream_scan(s, true);
1701 r = stdout_stream_scan(s, false);
1709 static void stdout_stream_free(StdoutStream *s) {
1713 assert(s->server->n_stdout_streams > 0);
1714 s->server->n_stdout_streams --;
1715 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1720 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1722 close_nointr_nofail(s->fd);
1726 if (s->security_context)
1727 freecon(s->security_context);
1730 free(s->identifier);
1734 static int stdout_stream_new(Server *s) {
1735 StdoutStream *stream;
1738 struct epoll_event ev;
1742 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1744 if (errno == EAGAIN)
1747 log_error("Failed to accept stdout connection: %m");
1751 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1752 log_warning("Too many stdout streams, refusing connection.");
1753 close_nointr_nofail(fd);
1757 stream = new0(StdoutStream, 1);
1759 log_error("Out of memory.");
1760 close_nointr_nofail(fd);
1766 len = sizeof(stream->ucred);
1767 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1768 log_error("Failed to determine peer credentials: %m");
1774 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1775 log_error("Failed to determine peer security context: %m");
1778 if (shutdown(fd, SHUT_WR) < 0) {
1779 log_error("Failed to shutdown writing side of socket: %m");
1785 ev.data.ptr = stream;
1786 ev.events = EPOLLIN;
1787 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1788 log_error("Failed to add stream to event loop: %m");
1794 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1795 s->n_stdout_streams ++;
1800 stdout_stream_free(stream);
1804 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1815 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1820 for (i = 1; i <= 5; i++) {
1826 k = undecchar(p[i]);
1833 for (i = 7; i <= 12; i++) {
1836 k = undecchar(p[i]);
1845 *_p += strspn(*_p, WHITESPACE);
1850 static bool is_us(const char *pid) {
1855 if (parse_pid(pid, &t) < 0)
1858 return t == getpid();
1861 static void proc_kmsg_line(Server *s, const char *p) {
1862 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1863 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1864 int priority = LOG_KERN | LOG_INFO;
1867 char *identifier = NULL, *pid = NULL;
1875 parse_syslog_priority((char **) &p, &priority);
1877 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1880 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1881 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1882 (unsigned long long) usec) >= 0)
1883 IOVEC_SET_STRING(iovec[n++], source_time);
1886 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1888 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1889 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1891 if ((priority & LOG_FACMASK) == LOG_KERN) {
1893 if (s->forward_to_syslog)
1894 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1896 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1898 read_identifier(&p, &identifier, &pid);
1900 /* Avoid any messages we generated ourselves via
1901 * log_info() and friends. */
1902 if (pid && is_us(pid))
1905 if (s->forward_to_syslog)
1906 forward_syslog(s, priority, identifier, p, NULL, NULL);
1909 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1910 if (syslog_identifier)
1911 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1915 syslog_pid = strappend("SYSLOG_PID=", pid);
1917 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1920 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1921 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1924 message = strappend("MESSAGE=", p);
1926 IOVEC_SET_STRING(iovec[n++], message);
1928 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1932 free(syslog_priority);
1933 free(syslog_identifier);
1935 free(syslog_facility);
1941 static void proc_kmsg_scan(Server *s) {
1947 p = s->proc_kmsg_buffer;
1948 remaining = s->proc_kmsg_length;
1953 end = memchr(p, '\n', remaining);
1956 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1957 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1964 proc_kmsg_line(s, p);
1970 if (p > s->proc_kmsg_buffer) {
1971 memmove(s->proc_kmsg_buffer, p, remaining);
1972 s->proc_kmsg_length = remaining;
1976 static int system_journal_open(Server *s) {
1982 r = sd_id128_get_machine(&machine);
1986 sd_id128_to_string(machine, ids);
1988 if (!s->system_journal &&
1989 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1990 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1992 /* If in auto mode: first try to create the machine
1993 * path, but not the prefix.
1995 * If in persistent mode: create /var/log/journal and
1996 * the machine path */
1998 if (s->storage == STORAGE_PERSISTENT)
1999 (void) mkdir("/var/log/journal/", 0755);
2001 fn = strappend("/var/log/journal/", ids);
2005 (void) mkdir(fn, 0755);
2008 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2012 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
2016 s->system_journal->compress = s->compress;
2018 server_fix_perms(s, s->system_journal, 0);
2021 if (r != -ENOENT && r != -EROFS)
2022 log_warning("Failed to open system journal: %s", strerror(-r));
2028 if (!s->runtime_journal &&
2029 (s->storage != STORAGE_NONE)) {
2031 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2035 if (s->system_journal) {
2037 /* Try to open the runtime journal, but only
2038 * if it already exists, so that we can flush
2039 * it into the system journal */
2041 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2046 log_warning("Failed to open runtime journal: %s", strerror(-r));
2053 /* OK, we really need the runtime journal, so create
2054 * it if necessary. */
2056 (void) mkdir_parents(fn, 0755);
2057 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2061 log_error("Failed to open runtime journal: %s", strerror(-r));
2066 if (s->runtime_journal) {
2067 s->runtime_journal->compress = s->compress;
2069 server_fix_perms(s, s->runtime_journal, 0);
2076 static int server_flush_to_var(Server *s) {
2084 if (s->storage != STORAGE_AUTO &&
2085 s->storage != STORAGE_PERSISTENT)
2088 if (!s->runtime_journal)
2091 system_journal_open(s);
2093 if (!s->system_journal)
2096 log_info("Flushing to /var...");
2098 r = sd_id128_get_machine(&machine);
2100 log_error("Failed to get machine id: %s", strerror(-r));
2104 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2106 log_error("Failed to read runtime journal: %s", strerror(-r));
2110 SD_JOURNAL_FOREACH(j) {
2113 f = j->current_file;
2114 assert(f && f->current_offset > 0);
2116 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2118 log_error("Can't read entry: %s", strerror(-r));
2122 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2124 log_info("Allocation limit reached.");
2126 journal_file_post_change(s->system_journal);
2130 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2134 log_error("Can't write entry: %s", strerror(-r));
2140 journal_file_post_change(s->system_journal);
2142 journal_file_close(s->runtime_journal);
2143 s->runtime_journal = NULL;
2146 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2147 sd_id128_to_string(machine, path + 17);
2148 rm_rf(path, false, true, false);
2154 static int server_read_proc_kmsg(Server *s) {
2157 assert(s->proc_kmsg_fd >= 0);
2159 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2160 if (l == 0) /* the kernel is stupid and in some race
2161 * conditions returns 0 in the middle of the
2166 if (errno == EAGAIN || errno == EINTR)
2169 log_error("Failed to read from kernel: %m");
2173 s->proc_kmsg_length += l;
2179 static int server_flush_proc_kmsg(Server *s) {
2184 if (s->proc_kmsg_fd < 0)
2187 log_info("Flushing /proc/kmsg...");
2190 r = server_read_proc_kmsg(s);
2201 static int process_event(Server *s, struct epoll_event *ev) {
2205 if (ev->data.fd == s->signal_fd) {
2206 struct signalfd_siginfo sfsi;
2209 if (ev->events != EPOLLIN) {
2210 log_info("Got invalid event from epoll.");
2214 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2215 if (n != sizeof(sfsi)) {
2220 if (errno == EINTR || errno == EAGAIN)
2226 if (sfsi.ssi_signo == SIGUSR1) {
2227 touch("/run/systemd/journal/flushed");
2228 server_flush_to_var(s);
2232 if (sfsi.ssi_signo == SIGUSR2) {
2238 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2241 } else if (ev->data.fd == s->proc_kmsg_fd) {
2244 if (ev->events != EPOLLIN) {
2245 log_info("Got invalid event from epoll.");
2249 r = server_read_proc_kmsg(s);
2255 } else if (ev->data.fd == s->native_fd ||
2256 ev->data.fd == s->syslog_fd) {
2258 if (ev->events != EPOLLIN) {
2259 log_info("Got invalid event from epoll.");
2264 struct msghdr msghdr;
2266 struct ucred *ucred = NULL;
2267 struct timeval *tv = NULL;
2268 struct cmsghdr *cmsg;
2270 size_t label_len = 0;
2272 struct cmsghdr cmsghdr;
2274 /* We use NAME_MAX space for the
2275 * SELinux label here. The kernel
2276 * currently enforces no limit, but
2277 * according to suggestions from the
2278 * SELinux people this will change and
2279 * it will probably be identical to
2280 * NAME_MAX. For now we use that, but
2281 * this should be updated one day when
2282 * the final limit is known.*/
2283 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2284 CMSG_SPACE(sizeof(struct timeval)) +
2285 CMSG_SPACE(sizeof(int)) + /* fd */
2286 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2293 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2294 log_error("SIOCINQ failed: %m");
2298 if (s->buffer_size < (size_t) v) {
2302 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2303 b = realloc(s->buffer, l+1);
2306 log_error("Couldn't increase buffer.");
2315 iovec.iov_base = s->buffer;
2316 iovec.iov_len = s->buffer_size;
2320 msghdr.msg_iov = &iovec;
2321 msghdr.msg_iovlen = 1;
2322 msghdr.msg_control = &control;
2323 msghdr.msg_controllen = sizeof(control);
2325 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2328 if (errno == EINTR || errno == EAGAIN)
2331 log_error("recvmsg() failed: %m");
2335 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2337 if (cmsg->cmsg_level == SOL_SOCKET &&
2338 cmsg->cmsg_type == SCM_CREDENTIALS &&
2339 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2340 ucred = (struct ucred*) CMSG_DATA(cmsg);
2341 else if (cmsg->cmsg_level == SOL_SOCKET &&
2342 cmsg->cmsg_type == SCM_SECURITY) {
2343 label = (char*) CMSG_DATA(cmsg);
2344 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2345 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2346 cmsg->cmsg_type == SO_TIMESTAMP &&
2347 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2348 tv = (struct timeval*) CMSG_DATA(cmsg);
2349 else if (cmsg->cmsg_level == SOL_SOCKET &&
2350 cmsg->cmsg_type == SCM_RIGHTS) {
2351 fds = (int*) CMSG_DATA(cmsg);
2352 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2356 if (ev->data.fd == s->syslog_fd) {
2359 if (n > 0 && n_fds == 0) {
2360 e = memchr(s->buffer, '\n', n);
2366 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2367 } else if (n_fds > 0)
2368 log_warning("Got file descriptors via syslog socket. Ignoring.");
2371 if (n > 0 && n_fds == 0)
2372 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2373 else if (n == 0 && n_fds == 1)
2374 process_native_file(s, fds[0], ucred, tv, label, label_len);
2376 log_warning("Got too many file descriptors via native socket. Ignoring.");
2379 close_many(fds, n_fds);
2384 } else if (ev->data.fd == s->stdout_fd) {
2386 if (ev->events != EPOLLIN) {
2387 log_info("Got invalid event from epoll.");
2391 stdout_stream_new(s);
2395 StdoutStream *stream;
2397 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2398 log_info("Got invalid event from epoll.");
2402 /* If it is none of the well-known fds, it must be an
2403 * stdout stream fd. Note that this is a bit ugly here
2404 * (since we rely that none of the well-known fds
2405 * could be interpreted as pointer), but nonetheless
2406 * safe, since the well-known fds would never get an
2407 * fd > 4096, i.e. beyond the first memory page */
2409 stream = ev->data.ptr;
2411 if (stdout_stream_process(stream) <= 0)
2412 stdout_stream_free(stream);
2417 log_error("Unknown event.");
2421 static int open_syslog_socket(Server *s) {
2422 union sockaddr_union sa;
2424 struct epoll_event ev;
2428 if (s->syslog_fd < 0) {
2430 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2431 if (s->syslog_fd < 0) {
2432 log_error("socket() failed: %m");
2437 sa.un.sun_family = AF_UNIX;
2438 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2440 unlink(sa.un.sun_path);
2442 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2444 log_error("bind() failed: %m");
2448 chmod(sa.un.sun_path, 0666);
2450 fd_nonblock(s->syslog_fd, 1);
2453 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2455 log_error("SO_PASSCRED failed: %m");
2461 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2463 log_warning("SO_PASSSEC failed: %m");
2467 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2469 log_error("SO_TIMESTAMP failed: %m");
2474 ev.events = EPOLLIN;
2475 ev.data.fd = s->syslog_fd;
2476 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2477 log_error("Failed to add syslog server fd to epoll object: %m");
2484 static int open_native_socket(Server*s) {
2485 union sockaddr_union sa;
2487 struct epoll_event ev;
2491 if (s->native_fd < 0) {
2493 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2494 if (s->native_fd < 0) {
2495 log_error("socket() failed: %m");
2500 sa.un.sun_family = AF_UNIX;
2501 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2503 unlink(sa.un.sun_path);
2505 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2507 log_error("bind() failed: %m");
2511 chmod(sa.un.sun_path, 0666);
2513 fd_nonblock(s->native_fd, 1);
2516 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2518 log_error("SO_PASSCRED failed: %m");
2524 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2526 log_warning("SO_PASSSEC failed: %m");
2530 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2532 log_error("SO_TIMESTAMP failed: %m");
2537 ev.events = EPOLLIN;
2538 ev.data.fd = s->native_fd;
2539 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2540 log_error("Failed to add native server fd to epoll object: %m");
2547 static int open_stdout_socket(Server *s) {
2548 union sockaddr_union sa;
2550 struct epoll_event ev;
2554 if (s->stdout_fd < 0) {
2556 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2557 if (s->stdout_fd < 0) {
2558 log_error("socket() failed: %m");
2563 sa.un.sun_family = AF_UNIX;
2564 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2566 unlink(sa.un.sun_path);
2568 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2570 log_error("bind() failed: %m");
2574 chmod(sa.un.sun_path, 0666);
2576 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2577 log_error("liste() failed: %m");
2581 fd_nonblock(s->stdout_fd, 1);
2584 ev.events = EPOLLIN;
2585 ev.data.fd = s->stdout_fd;
2586 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2587 log_error("Failed to add stdout server fd to epoll object: %m");
2594 static int open_proc_kmsg(Server *s) {
2595 struct epoll_event ev;
2599 if (!s->import_proc_kmsg)
2602 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2603 if (s->proc_kmsg_fd < 0) {
2604 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2609 ev.events = EPOLLIN;
2610 ev.data.fd = s->proc_kmsg_fd;
2611 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2612 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2619 static int open_signalfd(Server *s) {
2621 struct epoll_event ev;
2625 assert_se(sigemptyset(&mask) == 0);
2626 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2627 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2629 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2630 if (s->signal_fd < 0) {
2631 log_error("signalfd(): %m");
2636 ev.events = EPOLLIN;
2637 ev.data.fd = s->signal_fd;
2639 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2640 log_error("epoll_ctl(): %m");
2647 static int server_parse_proc_cmdline(Server *s) {
2648 char *line, *w, *state;
2652 if (detect_container(NULL) > 0)
2655 r = read_one_line_file("/proc/cmdline", &line);
2657 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2661 FOREACH_WORD_QUOTED(w, l, line, state) {
2664 word = strndup(w, l);
2670 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2671 r = parse_boolean(word + 35);
2673 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2675 s->forward_to_syslog = r;
2676 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2677 r = parse_boolean(word + 33);
2679 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2681 s->forward_to_kmsg = r;
2682 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2683 r = parse_boolean(word + 36);
2685 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2687 s->forward_to_console = r;
2688 } else if (startswith(word, "systemd.journald"))
2689 log_warning("Invalid systemd.journald parameter. Ignoring.");
2701 static int server_parse_config_file(Server *s) {
2708 fn = "/etc/systemd/journald.conf";
2709 f = fopen(fn, "re");
2711 if (errno == ENOENT)
2714 log_warning("Failed to open configuration file %s: %m", fn);
2718 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2720 log_warning("Failed to parse configuration file: %s", strerror(-r));
2727 static int server_init(Server *s) {
2733 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2736 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2737 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2739 s->forward_to_syslog = true;
2741 s->max_level_store = LOG_DEBUG;
2742 s->max_level_syslog = LOG_DEBUG;
2743 s->max_level_kmsg = LOG_NOTICE;
2744 s->max_level_console = LOG_INFO;
2746 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2747 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2749 server_parse_config_file(s);
2750 server_parse_proc_cmdline(s);
2752 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2753 if (!s->user_journals) {
2754 log_error("Out of memory.");
2758 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2759 if (s->epoll_fd < 0) {
2760 log_error("Failed to create epoll object: %m");
2764 n = sd_listen_fds(true);
2766 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2770 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2772 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2774 if (s->native_fd >= 0) {
2775 log_error("Too many native sockets passed.");
2781 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2783 if (s->stdout_fd >= 0) {
2784 log_error("Too many stdout sockets passed.");
2790 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2792 if (s->syslog_fd >= 0) {
2793 log_error("Too many /dev/log sockets passed.");
2800 log_error("Unknown socket passed.");
2805 r = open_syslog_socket(s);
2809 r = open_native_socket(s);
2813 r = open_stdout_socket(s);
2817 r = open_proc_kmsg(s);
2821 r = open_signalfd(s);
2825 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2829 r = system_journal_open(s);
2836 static void server_done(Server *s) {
2840 while (s->stdout_streams)
2841 stdout_stream_free(s->stdout_streams);
2843 if (s->system_journal)
2844 journal_file_close(s->system_journal);
2846 if (s->runtime_journal)
2847 journal_file_close(s->runtime_journal);
2849 while ((f = hashmap_steal_first(s->user_journals)))
2850 journal_file_close(f);
2852 hashmap_free(s->user_journals);
2854 if (s->epoll_fd >= 0)
2855 close_nointr_nofail(s->epoll_fd);
2857 if (s->signal_fd >= 0)
2858 close_nointr_nofail(s->signal_fd);
2860 if (s->syslog_fd >= 0)
2861 close_nointr_nofail(s->syslog_fd);
2863 if (s->native_fd >= 0)
2864 close_nointr_nofail(s->native_fd);
2866 if (s->stdout_fd >= 0)
2867 close_nointr_nofail(s->stdout_fd);
2869 if (s->proc_kmsg_fd >= 0)
2870 close_nointr_nofail(s->proc_kmsg_fd);
2873 journal_rate_limit_free(s->rate_limit);
2879 int main(int argc, char *argv[]) {
2883 /* if (getppid() != 1) { */
2884 /* log_error("This program should be invoked by init only."); */
2885 /* return EXIT_FAILURE; */
2889 log_error("This program does not take arguments.");
2890 return EXIT_FAILURE;
2893 log_set_target(LOG_TARGET_SAFE);
2894 log_set_facility(LOG_SYSLOG);
2895 log_parse_environment();
2900 r = server_init(&server);
2904 server_vacuum(&server);
2905 server_flush_to_var(&server);
2906 server_flush_proc_kmsg(&server);
2908 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2909 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2913 "STATUS=Processing requests...");
2916 struct epoll_event event;
2918 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2924 log_error("epoll_wait() failed: %m");
2930 r = process_event(&server, &event);
2937 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2938 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2942 "STATUS=Shutting down...");
2944 server_done(&server);
2946 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;