1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_PRIORITY,
81 STDOUT_STREAM_LEVEL_PREFIX,
82 STDOUT_STREAM_FORWARD_TO_SYSLOG,
83 STDOUT_STREAM_FORWARD_TO_KMSG,
84 STDOUT_STREAM_FORWARD_TO_CONSOLE,
90 StdoutStreamState state;
96 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static int server_flush_to_var(Server *s);
114 static uint64_t available_space(Server *s) {
119 uint64_t sum = 0, avail = 0, ss_avail = 0;
125 ts = now(CLOCK_MONOTONIC);
127 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
128 return s->cached_available_space;
130 r = sd_id128_get_machine(&machine);
134 if (s->system_journal) {
135 f = "/var/log/journal/";
136 m = &s->system_metrics;
138 f = "/run/log/journal/";
139 m = &s->runtime_metrics;
144 p = strappend(f, sd_id128_to_string(machine, ids));
154 if (fstatvfs(dirfd(d), &ss) < 0)
159 struct dirent buf, *de;
161 r = readdir_r(d, &buf, &de);
168 if (!endswith(de->d_name, ".journal") &&
169 !endswith(de->d_name, ".journal~"))
172 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
175 if (!S_ISREG(st.st_mode))
178 sum += (uint64_t) st.st_blocks * 512UL;
181 avail = sum >= m->max_use ? 0 : m->max_use - sum;
183 ss_avail = ss.f_bsize * ss.f_bavail;
185 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
187 if (ss_avail < avail)
190 s->cached_available_space = avail;
191 s->cached_available_space_timestamp = ts;
199 static void server_read_file_gid(Server *s) {
200 const char *adm = "adm";
205 if (s->file_gid_valid)
208 r = get_group_creds(&adm, &s->file_gid);
210 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
212 /* if we couldn't read the gid, then it will be 0, but that's
213 * fine and we shouldn't try to resolve the group again, so
214 * let's just pretend it worked right-away. */
215 s->file_gid_valid = true;
218 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
223 acl_permset_t permset;
228 server_read_file_gid(s);
230 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
232 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
238 acl = acl_get_fd(f->fd);
240 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
244 r = acl_find_uid(acl, uid, &entry);
247 if (acl_create_entry(&acl, &entry) < 0 ||
248 acl_set_tag_type(entry, ACL_USER) < 0 ||
249 acl_set_qualifier(entry, &uid) < 0) {
250 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
255 if (acl_get_permset(entry, &permset) < 0 ||
256 acl_add_perm(permset, ACL_READ) < 0 ||
257 acl_calc_mask(&acl) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
262 if (acl_set_fd(f->fd, acl) < 0)
263 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
270 static JournalFile* find_journal(Server *s, uid_t uid) {
279 /* We split up user logs only on /var, not on /run. If the
280 * runtime file is open, we write to it exclusively, in order
281 * to guarantee proper order as soon as we flush /run to
282 * /var and close the runtime file. */
284 if (s->runtime_journal)
285 return s->runtime_journal;
288 return s->system_journal;
290 r = sd_id128_get_machine(&machine);
292 return s->system_journal;
294 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
298 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
299 return s->system_journal;
301 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
302 /* Too many open? Then let's close one */
303 f = hashmap_steal_first(s->user_journals);
305 journal_file_close(f);
308 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
312 return s->system_journal;
314 server_fix_perms(s, f, uid);
316 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
318 journal_file_close(f);
319 return s->system_journal;
325 static void server_rotate(Server *s) {
331 log_info("Rotating...");
333 if (s->runtime_journal) {
334 r = journal_file_rotate(&s->runtime_journal);
336 if (s->runtime_journal)
337 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
339 log_error("Failed to create new runtime journal: %s", strerror(-r));
341 server_fix_perms(s, s->runtime_journal, 0);
344 if (s->system_journal) {
345 r = journal_file_rotate(&s->system_journal);
347 if (s->system_journal)
348 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
350 log_error("Failed to create new system journal: %s", strerror(-r));
353 server_fix_perms(s, s->system_journal, 0);
356 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
357 r = journal_file_rotate(&f);
360 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
362 log_error("Failed to create user journal: %s", strerror(-r));
364 hashmap_replace(s->user_journals, k, f);
365 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
370 static void server_vacuum(Server *s) {
376 log_info("Vacuuming...");
378 r = sd_id128_get_machine(&machine);
380 log_error("Failed to get machine ID: %s", strerror(-r));
384 sd_id128_to_string(machine, ids);
386 if (s->system_journal) {
387 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
388 log_error("Out of memory.");
392 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
393 if (r < 0 && r != -ENOENT)
394 log_error("Failed to vacuum %s: %s", p, strerror(-r));
399 if (s->runtime_journal) {
400 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
401 log_error("Out of memory.");
405 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
406 if (r < 0 && r != -ENOENT)
407 log_error("Failed to vacuum %s: %s", p, strerror(-r));
411 s->cached_available_space_timestamp = 0;
414 static char *shortened_cgroup_path(pid_t pid) {
416 char *process_path, *init_path, *path;
420 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
424 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
430 if (endswith(init_path, "/system"))
431 init_path[strlen(init_path) - 7] = 0;
432 else if (streq(init_path, "/"))
435 if (startswith(process_path, init_path)) {
438 p = strdup(process_path + strlen(init_path));
456 static void dispatch_message_real(
458 struct iovec *iovec, unsigned n, unsigned m,
461 const char *label, size_t label_len) {
463 char *pid = NULL, *uid = NULL, *gid = NULL,
464 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
465 *comm = NULL, *cmdline = NULL, *hostname = NULL,
466 *audit_session = NULL, *audit_loginuid = NULL,
467 *exe = NULL, *cgroup = NULL, *session = NULL,
468 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
474 uid_t loginuid = 0, realuid = 0;
476 bool vacuumed = false;
481 assert(n + N_IOVEC_META_FIELDS <= m);
489 realuid = ucred->uid;
491 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
492 IOVEC_SET_STRING(iovec[n++], pid);
494 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
495 IOVEC_SET_STRING(iovec[n++], uid);
497 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
498 IOVEC_SET_STRING(iovec[n++], gid);
500 r = get_process_comm(ucred->pid, &t);
502 comm = strappend("_COMM=", t);
506 IOVEC_SET_STRING(iovec[n++], comm);
509 r = get_process_exe(ucred->pid, &t);
511 exe = strappend("_EXE=", t);
515 IOVEC_SET_STRING(iovec[n++], exe);
518 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
520 cmdline = strappend("_CMDLINE=", t);
524 IOVEC_SET_STRING(iovec[n++], cmdline);
527 r = audit_session_from_pid(ucred->pid, &audit);
529 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
530 IOVEC_SET_STRING(iovec[n++], audit_session);
532 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
534 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
535 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
537 t = shortened_cgroup_path(ucred->pid);
539 cgroup = strappend("_SYSTEMD_CGROUP=", t);
543 IOVEC_SET_STRING(iovec[n++], cgroup);
547 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
548 session = strappend("_SYSTEMD_SESSION=", t);
552 IOVEC_SET_STRING(iovec[n++], session);
555 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
556 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
557 IOVEC_SET_STRING(iovec[n++], owner_uid);
560 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
561 unit = strappend("_SYSTEMD_UNIT=", t);
565 IOVEC_SET_STRING(iovec[n++], unit);
570 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
571 if (selinux_context) {
572 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
573 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
574 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
575 IOVEC_SET_STRING(iovec[n++], selinux_context);
578 security_context_t con;
580 if (getpidcon(ucred->pid, &con) >= 0) {
581 selinux_context = strappend("_SELINUX_CONTEXT=", con);
583 IOVEC_SET_STRING(iovec[n++], selinux_context);
592 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
593 (unsigned long long) timeval_load(tv)) >= 0)
594 IOVEC_SET_STRING(iovec[n++], source_time);
597 /* Note that strictly speaking storing the boot id here is
598 * redundant since the entry includes this in-line
599 * anyway. However, we need this indexed, too. */
600 r = sd_id128_get_boot(&id);
602 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
603 IOVEC_SET_STRING(iovec[n++], boot_id);
605 r = sd_id128_get_machine(&id);
607 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
608 IOVEC_SET_STRING(iovec[n++], machine_id);
610 t = gethostname_malloc();
612 hostname = strappend("_HOSTNAME=", t);
615 IOVEC_SET_STRING(iovec[n++], hostname);
620 server_flush_to_var(s);
623 f = find_journal(s, realuid == 0 ? 0 : loginuid);
625 log_warning("Dropping message, as we can't find a place to store the data.");
627 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
629 if ((r == -E2BIG || /* hit limit */
630 r == -EFBIG || /* hit fs limit */
631 r == -EDQUOT || /* quota hit */
632 r == -ENOSPC || /* disk full */
633 r == -EBADMSG || /* corrupted */
634 r == -ENODATA || /* truncated */
635 r == -EHOSTDOWN || /* other machine */
636 r == -EPROTONOSUPPORT) && /* unsupported feature */
640 log_info("Allocation limit reached, rotating.");
642 log_warning("Journal file corrupted, rotating.");
648 log_info("Retrying write.");
653 log_error("Failed to write entry, ignoring: %s", strerror(-r));
667 free(audit_loginuid);
672 free(selinux_context);
675 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
676 char mid[11 + 32 + 1];
677 char buffer[16 + LINE_MAX + 1];
678 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
686 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
687 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
689 memcpy(buffer, "MESSAGE=", 8);
690 va_start(ap, format);
691 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
693 char_array_0(buffer);
694 IOVEC_SET_STRING(iovec[n++], buffer);
696 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
698 IOVEC_SET_STRING(iovec[n++], mid);
701 ucred.pid = getpid();
702 ucred.uid = getuid();
703 ucred.gid = getgid();
705 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0);
708 static void dispatch_message(Server *s,
709 struct iovec *iovec, unsigned n, unsigned m,
712 const char *label, size_t label_len,
715 char *path = NULL, *c;
718 assert(iovec || n == 0);
726 path = shortened_cgroup_path(ucred->pid);
730 /* example: /user/lennart/3/foobar
731 * /system/dbus.service/foobar
733 * So let's cut of everything past the third /, since that is
734 * wher user directories start */
736 c = strchr(path, '/');
738 c = strchr(c+1, '/');
740 c = strchr(c+1, '/');
746 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
753 /* Write a suppression message if we suppressed something */
755 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
760 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len);
763 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
764 struct msghdr msghdr;
765 struct cmsghdr *cmsg;
767 struct cmsghdr cmsghdr;
768 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
770 union sockaddr_union sa;
777 msghdr.msg_iov = (struct iovec*) iovec;
778 msghdr.msg_iovlen = n_iovec;
781 sa.un.sun_family = AF_UNIX;
782 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
783 msghdr.msg_name = &sa;
784 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
788 msghdr.msg_control = &control;
789 msghdr.msg_controllen = sizeof(control);
791 cmsg = CMSG_FIRSTHDR(&msghdr);
792 cmsg->cmsg_level = SOL_SOCKET;
793 cmsg->cmsg_type = SCM_CREDENTIALS;
794 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
795 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
796 msghdr.msg_controllen = cmsg->cmsg_len;
799 /* Forward the syslog message we received via /dev/log to
800 * /run/systemd/syslog. Unfortunately we currently can't set
801 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
803 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
806 /* The socket is full? I guess the syslog implementation is
807 * too slow, and we shouldn't wait for that... */
811 if (ucred && errno == ESRCH) {
814 /* Hmm, presumably the sender process vanished
815 * by now, so let's fix it as good as we
820 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
822 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
829 log_debug("Failed to forward syslog message: %m");
832 static void forward_syslog_raw(Server *s, const char *buffer, struct ucred *ucred, struct timeval *tv) {
838 IOVEC_SET_STRING(iovec, buffer);
839 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
842 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
843 struct iovec iovec[5];
844 char header_priority[6], header_time[64], header_pid[16];
848 char *ident_buf = NULL;
851 assert(priority >= 0);
852 assert(priority <= 999);
855 /* First: priority field */
856 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
857 char_array_0(header_priority);
858 IOVEC_SET_STRING(iovec[n++], header_priority);
860 /* Second: timestamp */
861 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
865 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
867 IOVEC_SET_STRING(iovec[n++], header_time);
869 /* Third: identifier and PID */
872 get_process_comm(ucred->pid, &ident_buf);
873 identifier = ident_buf;
876 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
877 char_array_0(header_pid);
880 IOVEC_SET_STRING(iovec[n++], identifier);
882 IOVEC_SET_STRING(iovec[n++], header_pid);
883 } else if (identifier) {
884 IOVEC_SET_STRING(iovec[n++], identifier);
885 IOVEC_SET_STRING(iovec[n++], ": ");
888 /* Fourth: message */
889 IOVEC_SET_STRING(iovec[n++], message);
891 forward_syslog_iovec(s, iovec, n, ucred, tv);
896 static int fixup_priority(int priority) {
898 if ((priority & LOG_FACMASK) == 0)
899 return (priority & LOG_PRIMASK) | LOG_USER;
904 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
905 struct iovec iovec[5];
906 char header_priority[6], header_pid[16];
908 char *ident_buf = NULL;
912 assert(priority >= 0);
913 assert(priority <= 999);
916 /* Never allow messages with kernel facility to be written to
917 * kmsg, regardless where the data comes from. */
918 priority = fixup_priority(priority);
920 /* First: priority field */
921 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
922 char_array_0(header_priority);
923 IOVEC_SET_STRING(iovec[n++], header_priority);
925 /* Second: identifier and PID */
928 get_process_comm(ucred->pid, &ident_buf);
929 identifier = ident_buf;
932 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
933 char_array_0(header_pid);
936 IOVEC_SET_STRING(iovec[n++], identifier);
938 IOVEC_SET_STRING(iovec[n++], header_pid);
939 } else if (identifier) {
940 IOVEC_SET_STRING(iovec[n++], identifier);
941 IOVEC_SET_STRING(iovec[n++], ": ");
944 /* Fourth: message */
945 IOVEC_SET_STRING(iovec[n++], message);
946 IOVEC_SET_STRING(iovec[n++], "\n");
948 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
950 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
954 if (writev(fd, iovec, n) < 0)
955 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
957 close_nointr_nofail(fd);
963 static void forward_console(Server *s, const char *identifier, const char *message, struct ucred *ucred) {
964 struct iovec iovec[4];
967 char *ident_buf = NULL;
972 /* First: identifier and PID */
975 get_process_comm(ucred->pid, &ident_buf);
976 identifier = ident_buf;
979 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
980 char_array_0(header_pid);
983 IOVEC_SET_STRING(iovec[n++], identifier);
985 IOVEC_SET_STRING(iovec[n++], header_pid);
986 } else if (identifier) {
987 IOVEC_SET_STRING(iovec[n++], identifier);
988 IOVEC_SET_STRING(iovec[n++], ": ");
992 IOVEC_SET_STRING(iovec[n++], message);
993 IOVEC_SET_STRING(iovec[n++], "\n");
995 fd = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
997 log_debug("Failed to open /dev/console for logging: %s", strerror(errno));
1001 if (writev(fd, iovec, n) < 0)
1002 log_debug("Failed to write to /dev/console for logging: %s", strerror(errno));
1004 close_nointr_nofail(fd);
1010 static void read_identifier(const char **buf, char **identifier, char **pid) {
1021 p += strspn(p, WHITESPACE);
1022 l = strcspn(p, WHITESPACE);
1031 if (p[l-1] == ']') {
1037 t = strndup(p+k+1, l-k-2);
1057 *buf += strspn(*buf, WHITESPACE);
1060 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1061 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1062 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1064 int priority = LOG_USER | LOG_INFO;
1065 char *identifier = NULL, *pid = NULL;
1070 if (s->forward_to_syslog)
1071 forward_syslog_raw(s, buf, ucred, tv);
1073 parse_syslog_priority((char**) &buf, &priority);
1074 skip_syslog_date((char**) &buf);
1075 read_identifier(&buf, &identifier, &pid);
1077 if (s->forward_to_kmsg)
1078 forward_kmsg(s, priority, identifier, buf, ucred);
1080 if (s->forward_to_console)
1081 forward_console(s, identifier, buf, ucred);
1083 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1085 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1086 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1088 if (priority & LOG_FACMASK)
1089 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1090 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1093 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1094 if (syslog_identifier)
1095 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1099 syslog_pid = strappend("SYSLOG_PID=", pid);
1101 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1104 message = strappend("MESSAGE=", buf);
1106 IOVEC_SET_STRING(iovec[n++], message);
1108 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, priority);
1113 free(syslog_priority);
1114 free(syslog_facility);
1115 free(syslog_identifier);
1118 static bool valid_user_field(const char *p, size_t l) {
1121 /* We kinda enforce POSIX syntax recommendations for
1122 environment variables here, but make a couple of additional
1125 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1127 /* No empty field names */
1131 /* Don't allow names longer than 64 chars */
1135 /* Variables starting with an underscore are protected */
1139 /* Don't allow digits as first character */
1140 if (p[0] >= '0' && p[0] <= '9')
1143 /* Only allow A-Z0-9 and '_' */
1144 for (a = p; a < p + l; a++)
1145 if (!((*a >= 'A' && *a <= 'Z') ||
1146 (*a >= '0' && *a <= '9') ||
1153 static void process_native_message(
1155 const void *buffer, size_t buffer_size,
1156 struct ucred *ucred,
1158 const char *label, size_t label_len) {
1160 struct iovec *iovec = NULL;
1161 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1164 int priority = LOG_INFO;
1165 char *identifier = NULL, *message = NULL;
1168 assert(buffer || buffer_size == 0);
1171 remaining = buffer_size;
1173 while (remaining > 0) {
1176 e = memchr(p, '\n', remaining);
1179 /* Trailing noise, let's ignore it, and flush what we collected */
1180 log_debug("Received message with trailing noise, ignoring.");
1185 /* Entry separator */
1186 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1188 priority = LOG_INFO;
1195 if (*p == '.' || *p == '#') {
1196 /* Ignore control commands for now, and
1198 remaining -= (e - p) + 1;
1203 /* A property follows */
1205 if (n+N_IOVEC_META_FIELDS >= m) {
1209 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1210 c = realloc(iovec, u * sizeof(struct iovec));
1212 log_error("Out of memory");
1220 q = memchr(p, '=', e - p);
1222 if (valid_user_field(p, q - p)) {
1227 /* If the field name starts with an
1228 * underscore, skip the variable,
1229 * since that indidates a trusted
1231 iovec[n].iov_base = (char*) p;
1232 iovec[n].iov_len = l;
1235 /* We need to determine the priority
1236 * of this entry for the rate limiting
1239 memcmp(p, "PRIORITY=", 9) == 0 &&
1240 p[9] >= '0' && p[9] <= '9')
1241 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1244 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1245 p[16] >= '0' && p[16] <= '9')
1246 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1249 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1250 p[16] >= '0' && p[16] <= '9' &&
1251 p[17] >= '0' && p[17] <= '9')
1252 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1255 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1258 t = strndup(p + 18, l - 18);
1263 } else if (l >= 8 &&
1264 memcmp(p, "MESSAGE=", 8) == 0) {
1267 t = strndup(p + 8, l - 8);
1275 remaining -= (e - p) + 1;
1283 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1284 log_debug("Failed to parse message, ignoring.");
1288 memcpy(&l_le, e + 1, sizeof(uint64_t));
1291 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1292 e[1+sizeof(uint64_t)+l] != '\n') {
1293 log_debug("Failed to parse message, ignoring.");
1297 k = malloc((e - p) + 1 + l);
1299 log_error("Out of memory");
1303 memcpy(k, p, e - p);
1305 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1307 if (valid_user_field(p, e - p)) {
1308 iovec[n].iov_base = k;
1309 iovec[n].iov_len = (e - p) + 1 + l;
1314 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1315 p = e + 1 + sizeof(uint64_t) + l + 1;
1323 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1326 if (s->forward_to_syslog)
1327 forward_syslog(s, priority, identifier, message, ucred, tv);
1329 if (s->forward_to_kmsg)
1330 forward_kmsg(s, priority, identifier, message, ucred);
1332 if (s->forward_to_console)
1333 forward_console(s, identifier, message, ucred);
1336 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1339 for (j = 0; j < n; j++) {
1343 if (iovec[j].iov_base < buffer ||
1344 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1345 free(iovec[j].iov_base);
1353 static void process_native_file(
1356 struct ucred *ucred,
1358 const char *label, size_t label_len) {
1367 /* Data is in the passed file, since it didn't fit in a
1368 * datagram. We can't map the file here, since clients might
1369 * then truncate it and trigger a SIGBUS for us. So let's
1370 * stupidly read it */
1372 if (fstat(fd, &st) < 0) {
1373 log_error("Failed to stat passed file, ignoring: %m");
1377 if (!S_ISREG(st.st_mode)) {
1378 log_error("File passed is not regular. Ignoring.");
1382 if (st.st_size <= 0)
1385 if (st.st_size > ENTRY_SIZE_MAX) {
1386 log_error("File passed too large. Ignoring.");
1390 p = malloc(st.st_size);
1392 log_error("Out of memory");
1396 n = pread(fd, p, st.st_size, 0);
1398 log_error("Failed to read file, ignoring: %s", strerror(-n));
1400 process_native_message(s, p, n, ucred, tv, label, label_len);
1405 static int stdout_stream_log(StdoutStream *s, const char *p) {
1406 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1407 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1411 size_t label_len = 0;
1419 priority = s->priority;
1421 if (s->level_prefix)
1422 parse_syslog_priority((char**) &p, &priority);
1424 if (s->forward_to_syslog || s->server->forward_to_syslog)
1425 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1427 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1428 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1430 if (s->forward_to_console || s->server->forward_to_console)
1431 forward_console(s->server, s->identifier, p, &s->ucred);
1433 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1435 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1436 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1438 if (priority & LOG_FACMASK)
1439 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1440 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1442 if (s->identifier) {
1443 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1444 if (syslog_identifier)
1445 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1448 message = strappend("MESSAGE=", p);
1450 IOVEC_SET_STRING(iovec[n++], message);
1453 if (s->security_context) {
1454 label = (char*) s->security_context;
1455 label_len = strlen((char*) s->security_context);
1459 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, priority);
1462 free(syslog_priority);
1463 free(syslog_facility);
1464 free(syslog_identifier);
1469 static int stdout_stream_line(StdoutStream *s, char *p) {
1479 case STDOUT_STREAM_IDENTIFIER:
1481 s->identifier = NULL;
1483 s->identifier = strdup(p);
1484 if (!s->identifier) {
1485 log_error("Out of memory");
1490 s->state = STDOUT_STREAM_PRIORITY;
1493 case STDOUT_STREAM_PRIORITY:
1494 r = safe_atoi(p, &s->priority);
1495 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1496 log_warning("Failed to parse log priority line.");
1500 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1503 case STDOUT_STREAM_LEVEL_PREFIX:
1504 r = parse_boolean(p);
1506 log_warning("Failed to parse level prefix line.");
1510 s->level_prefix = !!r;
1511 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1514 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1515 r = parse_boolean(p);
1517 log_warning("Failed to parse forward to syslog line.");
1521 s->forward_to_syslog = !!r;
1522 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1525 case STDOUT_STREAM_FORWARD_TO_KMSG:
1526 r = parse_boolean(p);
1528 log_warning("Failed to parse copy to kmsg line.");
1532 s->forward_to_kmsg = !!r;
1533 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1536 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1537 r = parse_boolean(p);
1539 log_warning("Failed to parse copy to console line.");
1543 s->forward_to_console = !!r;
1544 s->state = STDOUT_STREAM_RUNNING;
1547 case STDOUT_STREAM_RUNNING:
1548 return stdout_stream_log(s, p);
1551 assert_not_reached("Unknown stream state");
1554 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1562 remaining = s->length;
1567 end = memchr(p, '\n', remaining);
1570 else if (remaining >= sizeof(s->buffer) - 1) {
1571 end = p + sizeof(s->buffer) - 1;
1578 r = stdout_stream_line(s, p);
1586 if (force_flush && remaining > 0) {
1588 r = stdout_stream_line(s, p);
1596 if (p > s->buffer) {
1597 memmove(s->buffer, p, remaining);
1598 s->length = remaining;
1604 static int stdout_stream_process(StdoutStream *s) {
1610 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1613 if (errno == EAGAIN)
1616 log_warning("Failed to read from stream: %m");
1621 r = stdout_stream_scan(s, true);
1629 r = stdout_stream_scan(s, false);
1637 static void stdout_stream_free(StdoutStream *s) {
1641 assert(s->server->n_stdout_streams > 0);
1642 s->server->n_stdout_streams --;
1643 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1648 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1650 close_nointr_nofail(s->fd);
1654 if (s->security_context)
1655 freecon(s->security_context);
1658 free(s->identifier);
1662 static int stdout_stream_new(Server *s) {
1663 StdoutStream *stream;
1666 struct epoll_event ev;
1670 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1672 if (errno == EAGAIN)
1675 log_error("Failed to accept stdout connection: %m");
1679 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1680 log_warning("Too many stdout streams, refusing connection.");
1681 close_nointr_nofail(fd);
1685 stream = new0(StdoutStream, 1);
1687 log_error("Out of memory.");
1688 close_nointr_nofail(fd);
1694 len = sizeof(stream->ucred);
1695 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1696 log_error("Failed to determine peer credentials: %m");
1702 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1703 log_error("Failed to determine peer security context: %m");
1706 if (shutdown(fd, SHUT_WR) < 0) {
1707 log_error("Failed to shutdown writing side of socket: %m");
1713 ev.data.ptr = stream;
1714 ev.events = EPOLLIN;
1715 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1716 log_error("Failed to add stream to event loop: %m");
1722 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1723 s->n_stdout_streams ++;
1728 stdout_stream_free(stream);
1732 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1743 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1748 for (i = 1; i <= 5; i++) {
1754 k = undecchar(p[i]);
1761 for (i = 7; i <= 12; i++) {
1764 k = undecchar(p[i]);
1773 *_p += strspn(*_p, WHITESPACE);
1778 static bool is_us(const char *pid) {
1783 if (parse_pid(pid, &t) < 0)
1786 return t == getpid();
1789 static void proc_kmsg_line(Server *s, const char *p) {
1790 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1791 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1792 int priority = LOG_KERN | LOG_INFO;
1795 char *identifier = NULL, *pid = NULL;
1803 parse_syslog_priority((char **) &p, &priority);
1805 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1808 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1809 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1810 (unsigned long long) usec) >= 0)
1811 IOVEC_SET_STRING(iovec[n++], source_time);
1814 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1816 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1817 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1819 if ((priority & LOG_FACMASK) == LOG_KERN) {
1821 if (s->forward_to_syslog)
1822 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1824 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1826 read_identifier(&p, &identifier, &pid);
1828 /* Avoid any messages we generated ourselves via
1829 * log_info() and friends. */
1830 if (pid && is_us(pid))
1833 if (s->forward_to_syslog)
1834 forward_syslog(s, priority, identifier, p, NULL, NULL);
1837 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1838 if (syslog_identifier)
1839 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1843 syslog_pid = strappend("SYSLOG_PID=", pid);
1845 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1848 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1849 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1852 message = strappend("MESSAGE=", p);
1854 IOVEC_SET_STRING(iovec[n++], message);
1856 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
1860 free(syslog_priority);
1861 free(syslog_identifier);
1863 free(syslog_facility);
1869 static void proc_kmsg_scan(Server *s) {
1875 p = s->proc_kmsg_buffer;
1876 remaining = s->proc_kmsg_length;
1881 end = memchr(p, '\n', remaining);
1884 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1885 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1892 proc_kmsg_line(s, p);
1898 if (p > s->proc_kmsg_buffer) {
1899 memmove(s->proc_kmsg_buffer, p, remaining);
1900 s->proc_kmsg_length = remaining;
1904 static int system_journal_open(Server *s) {
1910 r = sd_id128_get_machine(&machine);
1914 sd_id128_to_string(machine, ids);
1916 if (!s->system_journal) {
1918 /* First try to create the machine path, but not the prefix */
1919 fn = strappend("/var/log/journal/", ids);
1922 (void) mkdir(fn, 0755);
1925 /* The create the system journal file */
1926 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1930 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1934 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1936 s->system_journal->metrics = s->system_metrics;
1937 s->system_journal->compress = s->compress;
1939 server_fix_perms(s, s->system_journal, 0);
1942 if (r != -ENOENT && r != -EROFS)
1943 log_warning("Failed to open system journal: %s", strerror(-r));
1949 if (!s->runtime_journal) {
1951 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1955 if (s->system_journal) {
1957 /* Try to open the runtime journal, but only
1958 * if it already exists, so that we can flush
1959 * it into the system journal */
1961 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
1966 log_warning("Failed to open runtime journal: %s", strerror(-r));
1973 /* OK, we really need the runtime journal, so create
1974 * it if necessary. */
1976 (void) mkdir_parents(fn, 0755);
1977 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
1981 log_error("Failed to open runtime journal: %s", strerror(-r));
1986 if (s->runtime_journal) {
1987 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
1989 s->runtime_journal->metrics = s->runtime_metrics;
1990 s->runtime_journal->compress = s->compress;
1992 server_fix_perms(s, s->runtime_journal, 0);
1999 static int server_flush_to_var(Server *s) {
2000 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2009 if (!s->runtime_journal)
2012 ts = now(CLOCK_MONOTONIC);
2013 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2016 s->var_available_timestamp = ts;
2018 system_journal_open(s);
2020 if (!s->system_journal)
2023 log_info("Flushing to /var...");
2025 r = sd_id128_get_machine(&machine);
2027 log_error("Failed to get machine id: %s", strerror(-r));
2031 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2033 log_error("Failed to read runtime journal: %s", strerror(-r));
2037 SD_JOURNAL_FOREACH(j) {
2040 f = j->current_file;
2041 assert(f && f->current_offset > 0);
2043 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2045 log_error("Can't read entry: %s", strerror(-r));
2049 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2051 log_info("Allocation limit reached.");
2053 journal_file_post_change(s->system_journal);
2057 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2061 log_error("Can't write entry: %s", strerror(-r));
2067 journal_file_post_change(s->system_journal);
2069 journal_file_close(s->runtime_journal);
2070 s->runtime_journal = NULL;
2073 sd_id128_to_string(machine, path + 17);
2074 rm_rf(path, false, true, false);
2080 static int server_read_proc_kmsg(Server *s) {
2083 assert(s->proc_kmsg_fd >= 0);
2085 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2088 if (errno == EAGAIN || errno == EINTR)
2091 log_error("Failed to read from kernel: %m");
2095 s->proc_kmsg_length += l;
2101 static int server_flush_proc_kmsg(Server *s) {
2106 if (s->proc_kmsg_fd < 0)
2109 log_info("Flushing /proc/kmsg...");
2112 r = server_read_proc_kmsg(s);
2123 static int process_event(Server *s, struct epoll_event *ev) {
2126 if (ev->data.fd == s->signal_fd) {
2127 struct signalfd_siginfo sfsi;
2130 if (ev->events != EPOLLIN) {
2131 log_info("Got invalid event from epoll.");
2135 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2136 if (n != sizeof(sfsi)) {
2141 if (errno == EINTR || errno == EAGAIN)
2147 if (sfsi.ssi_signo == SIGUSR1) {
2148 server_flush_to_var(s);
2152 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2155 } else if (ev->data.fd == s->proc_kmsg_fd) {
2158 if (ev->events != EPOLLIN) {
2159 log_info("Got invalid event from epoll.");
2163 r = server_read_proc_kmsg(s);
2169 } else if (ev->data.fd == s->native_fd ||
2170 ev->data.fd == s->syslog_fd) {
2172 if (ev->events != EPOLLIN) {
2173 log_info("Got invalid event from epoll.");
2178 struct msghdr msghdr;
2180 struct ucred *ucred = NULL;
2181 struct timeval *tv = NULL;
2182 struct cmsghdr *cmsg;
2184 size_t label_len = 0;
2186 struct cmsghdr cmsghdr;
2188 /* We use NAME_MAX space for the
2189 * SELinux label here. The kernel
2190 * currently enforces no limit, but
2191 * according to suggestions from the
2192 * SELinux people this will change and
2193 * it will probably be identical to
2194 * NAME_MAX. For now we use that, but
2195 * this should be updated one day when
2196 * the final limit is known.*/
2197 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2198 CMSG_SPACE(sizeof(struct timeval)) +
2199 CMSG_SPACE(sizeof(int)) + /* fd */
2200 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2207 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2208 log_error("SIOCINQ failed: %m");
2212 if (s->buffer_size < (size_t) v) {
2216 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2217 b = realloc(s->buffer, l+1);
2220 log_error("Couldn't increase buffer.");
2229 iovec.iov_base = s->buffer;
2230 iovec.iov_len = s->buffer_size;
2234 msghdr.msg_iov = &iovec;
2235 msghdr.msg_iovlen = 1;
2236 msghdr.msg_control = &control;
2237 msghdr.msg_controllen = sizeof(control);
2239 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2242 if (errno == EINTR || errno == EAGAIN)
2245 log_error("recvmsg() failed: %m");
2249 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2251 if (cmsg->cmsg_level == SOL_SOCKET &&
2252 cmsg->cmsg_type == SCM_CREDENTIALS &&
2253 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2254 ucred = (struct ucred*) CMSG_DATA(cmsg);
2255 else if (cmsg->cmsg_level == SOL_SOCKET &&
2256 cmsg->cmsg_type == SCM_SECURITY) {
2257 label = (char*) CMSG_DATA(cmsg);
2258 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2259 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2260 cmsg->cmsg_type == SO_TIMESTAMP &&
2261 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2262 tv = (struct timeval*) CMSG_DATA(cmsg);
2263 else if (cmsg->cmsg_level == SOL_SOCKET &&
2264 cmsg->cmsg_type == SCM_RIGHTS) {
2265 fds = (int*) CMSG_DATA(cmsg);
2266 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2270 if (ev->data.fd == s->syslog_fd) {
2273 if (n > 0 && n_fds == 0) {
2274 e = memchr(s->buffer, '\n', n);
2280 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2281 } else if (n_fds > 0)
2282 log_warning("Got file descriptors via syslog socket. Ignoring.");
2285 if (n > 0 && n_fds == 0)
2286 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2287 else if (n == 0 && n_fds == 1)
2288 process_native_file(s, fds[0], ucred, tv, label, label_len);
2290 log_warning("Got too many file descriptors via native socket. Ignoring.");
2293 close_many(fds, n_fds);
2298 } else if (ev->data.fd == s->stdout_fd) {
2300 if (ev->events != EPOLLIN) {
2301 log_info("Got invalid event from epoll.");
2305 stdout_stream_new(s);
2309 StdoutStream *stream;
2311 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2312 log_info("Got invalid event from epoll.");
2316 /* If it is none of the well-known fds, it must be an
2317 * stdout stream fd. Note that this is a bit ugly here
2318 * (since we rely that none of the well-known fds
2319 * could be interpreted as pointer), but nonetheless
2320 * safe, since the well-known fds would never get an
2321 * fd > 4096, i.e. beyond the first memory page */
2323 stream = ev->data.ptr;
2325 if (stdout_stream_process(stream) <= 0)
2326 stdout_stream_free(stream);
2331 log_error("Unknown event.");
2335 static int open_syslog_socket(Server *s) {
2336 union sockaddr_union sa;
2338 struct epoll_event ev;
2342 if (s->syslog_fd < 0) {
2344 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2345 if (s->syslog_fd < 0) {
2346 log_error("socket() failed: %m");
2351 sa.un.sun_family = AF_UNIX;
2352 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2354 unlink(sa.un.sun_path);
2356 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2358 log_error("bind() failed: %m");
2362 chmod(sa.un.sun_path, 0666);
2364 fd_nonblock(s->syslog_fd, 1);
2367 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2369 log_error("SO_PASSCRED failed: %m");
2375 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2377 log_warning("SO_PASSSEC failed: %m");
2381 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2383 log_error("SO_TIMESTAMP failed: %m");
2388 ev.events = EPOLLIN;
2389 ev.data.fd = s->syslog_fd;
2390 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2391 log_error("Failed to add syslog server fd to epoll object: %m");
2398 static int open_native_socket(Server*s) {
2399 union sockaddr_union sa;
2401 struct epoll_event ev;
2405 if (s->native_fd < 0) {
2407 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2408 if (s->native_fd < 0) {
2409 log_error("socket() failed: %m");
2414 sa.un.sun_family = AF_UNIX;
2415 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2417 unlink(sa.un.sun_path);
2419 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2421 log_error("bind() failed: %m");
2425 chmod(sa.un.sun_path, 0666);
2427 fd_nonblock(s->native_fd, 1);
2430 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2432 log_error("SO_PASSCRED failed: %m");
2438 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2440 log_warning("SO_PASSSEC failed: %m");
2444 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2446 log_error("SO_TIMESTAMP failed: %m");
2451 ev.events = EPOLLIN;
2452 ev.data.fd = s->native_fd;
2453 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2454 log_error("Failed to add native server fd to epoll object: %m");
2461 static int open_stdout_socket(Server *s) {
2462 union sockaddr_union sa;
2464 struct epoll_event ev;
2468 if (s->stdout_fd < 0) {
2470 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2471 if (s->stdout_fd < 0) {
2472 log_error("socket() failed: %m");
2477 sa.un.sun_family = AF_UNIX;
2478 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2480 unlink(sa.un.sun_path);
2482 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2484 log_error("bind() failed: %m");
2488 chmod(sa.un.sun_path, 0666);
2490 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2491 log_error("liste() failed: %m");
2495 fd_nonblock(s->stdout_fd, 1);
2498 ev.events = EPOLLIN;
2499 ev.data.fd = s->stdout_fd;
2500 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2501 log_error("Failed to add stdout server fd to epoll object: %m");
2508 static int open_proc_kmsg(Server *s) {
2509 struct epoll_event ev;
2513 if (!s->import_proc_kmsg)
2516 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2517 if (s->proc_kmsg_fd < 0) {
2518 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2523 ev.events = EPOLLIN;
2524 ev.data.fd = s->proc_kmsg_fd;
2525 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2526 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2533 static int open_signalfd(Server *s) {
2535 struct epoll_event ev;
2539 assert_se(sigemptyset(&mask) == 0);
2540 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, -1);
2541 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2543 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2544 if (s->signal_fd < 0) {
2545 log_error("signalfd(): %m");
2550 ev.events = EPOLLIN;
2551 ev.data.fd = s->signal_fd;
2553 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2554 log_error("epoll_ctl(): %m");
2561 static int server_parse_proc_cmdline(Server *s) {
2562 char *line, *w, *state;
2566 if (detect_container(NULL) > 0)
2569 r = read_one_line_file("/proc/cmdline", &line);
2571 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2575 FOREACH_WORD_QUOTED(w, l, line, state) {
2578 word = strndup(w, l);
2584 if (startswith(word, "systemd_journald.forward_to_syslog=")) {
2585 r = parse_boolean(word + 35);
2587 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2589 s->forward_to_syslog = r;
2590 } else if (startswith(word, "systemd_journald.forward_to_kmsg=")) {
2591 r = parse_boolean(word + 33);
2593 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2595 s->forward_to_kmsg = r;
2596 } else if (startswith(word, "systemd_journald.forward_to_console=")) {
2597 r = parse_boolean(word + 36);
2599 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2601 s->forward_to_console = r;
2614 static int server_parse_config_file(Server *s) {
2621 fn = "/etc/systemd/journald.conf";
2622 f = fopen(fn, "re");
2624 if (errno == ENOENT)
2627 log_warning("Failed to open configuration file %s: %m", fn);
2631 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2633 log_warning("Failed to parse configuration file: %s", strerror(-r));
2640 static int server_init(Server *s) {
2646 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2649 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2650 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2652 s->forward_to_syslog = true;
2653 s->import_proc_kmsg = true;
2655 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2656 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2658 server_parse_config_file(s);
2659 server_parse_proc_cmdline(s);
2661 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2662 if (!s->user_journals) {
2663 log_error("Out of memory.");
2667 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2668 if (s->epoll_fd < 0) {
2669 log_error("Failed to create epoll object: %m");
2673 n = sd_listen_fds(true);
2675 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2679 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2681 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2683 if (s->native_fd >= 0) {
2684 log_error("Too many native sockets passed.");
2690 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2692 if (s->stdout_fd >= 0) {
2693 log_error("Too many stdout sockets passed.");
2699 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2701 if (s->syslog_fd >= 0) {
2702 log_error("Too many /dev/log sockets passed.");
2709 log_error("Unknown socket passed.");
2714 r = open_syslog_socket(s);
2718 r = open_native_socket(s);
2722 r = open_stdout_socket(s);
2726 r = open_proc_kmsg(s);
2730 r = open_signalfd(s);
2734 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2738 r = system_journal_open(s);
2745 static void server_done(Server *s) {
2749 while (s->stdout_streams)
2750 stdout_stream_free(s->stdout_streams);
2752 if (s->system_journal)
2753 journal_file_close(s->system_journal);
2755 if (s->runtime_journal)
2756 journal_file_close(s->runtime_journal);
2758 while ((f = hashmap_steal_first(s->user_journals)))
2759 journal_file_close(f);
2761 hashmap_free(s->user_journals);
2763 if (s->epoll_fd >= 0)
2764 close_nointr_nofail(s->epoll_fd);
2766 if (s->signal_fd >= 0)
2767 close_nointr_nofail(s->signal_fd);
2769 if (s->syslog_fd >= 0)
2770 close_nointr_nofail(s->syslog_fd);
2772 if (s->native_fd >= 0)
2773 close_nointr_nofail(s->native_fd);
2775 if (s->stdout_fd >= 0)
2776 close_nointr_nofail(s->stdout_fd);
2778 if (s->proc_kmsg_fd >= 0)
2779 close_nointr_nofail(s->proc_kmsg_fd);
2782 journal_rate_limit_free(s->rate_limit);
2787 int main(int argc, char *argv[]) {
2791 /* if (getppid() != 1) { */
2792 /* log_error("This program should be invoked by init only."); */
2793 /* return EXIT_FAILURE; */
2797 log_error("This program does not take arguments.");
2798 return EXIT_FAILURE;
2801 log_set_target(LOG_TARGET_SAFE);
2802 log_set_facility(LOG_SYSLOG);
2803 log_parse_environment();
2808 r = server_init(&server);
2812 server_vacuum(&server);
2813 server_flush_to_var(&server);
2814 server_flush_proc_kmsg(&server);
2816 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2817 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2821 "STATUS=Processing requests...");
2824 struct epoll_event event;
2826 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2832 log_error("epoll_wait() failed: %m");
2838 r = process_event(&server, &event);
2845 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2846 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2850 "STATUS=Shutting down...");
2852 server_done(&server);
2854 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob