A few asserts are replaced with 'return -EINVAL'. I think that
assert should not be used to check argument in public functions.
Fields in struct sd_journal are rearranged to make it less
swiss-cheesy.
* document systemd-journal-flush.service properly
* document systemd-journal-flush.service properly
-* chane systemd-journal-flush into a service that stays around during
+* change systemd-journal-flush into a service that stays around during
boot, and causes the journal to be moved back to /run on shutdown,
so that we don't keep /var busy. This needs to happen synchronously,
hence doing this via signals is not going to work.
boot, and causes the journal to be moved back to /run on shutdown,
so that we don't keep /var busy. This needs to happen synchronously,
hence doing this via signals is not going to work.
* allow implementation of InaccessibleDirectories=/ plus
ReadOnlyDirectories=... for whitelisting files for a service.
* allow implementation of InaccessibleDirectories=/ plus
ReadOnlyDirectories=... for whitelisting files for a service.
-* libsystemd-journal:
- - return ECHILD as soon as somebody tries to reuse a journal object across a fork()
-
* libsystemd-bus:
- default policy (allow uid == 0 and our own uid)
- enforce alignment of pointers passed in
* libsystemd-bus:
- default policy (allow uid == 0 and our own uid)
- enforce alignment of pointers passed in
can be rotated at any moment, and the opening of
specific files is inherently racy.</para>
can be rotated at any moment, and the opening of
specific files is inherently racy.</para>
+ <para><varname>sd_journal</varname> objects cannot be
+ used in the child after a fork. Functions which take a
+ journal object as an argument
+ (<function>sd_journal_next()</function> and others)
+ will return <constant>-ECHILD</constant> after a fork.
+ </para>
+
<para><function>sd_journal_close()</function> will
close the journal context allocated with
<function>sd_journal_open()</function> or
<para><function>sd_journal_close()</function> will
close the journal context allocated with
<function>sd_journal_open()</function> or
char *path;
Hashmap *files;
char *path;
Hashmap *files;
JournalFile *current_file;
uint64_t current_field;
JournalFile *current_file;
uint64_t current_field;
- Hashmap *directories_by_path;
- Hashmap *directories_by_wd;
-
- int inotify_fd;
-
Match *level0, *level1, *level2;
Match *level0, *level1, *level2;
+ pid_t original_pid;
+
+ int inotify_fd;
unsigned current_invalidate_counter, last_invalidate_counter;
unsigned current_invalidate_counter, last_invalidate_counter;
+ usec_t last_process_usec;
char *unique_field;
JournalFile *unique_file;
uint64_t unique_offset;
char *unique_field;
JournalFile *unique_file;
uint64_t unique_offset;
bool on_network;
bool no_new_files;
size_t data_threshold;
bool on_network;
bool no_new_files;
size_t data_threshold;
+ Hashmap *directories_by_path;
+ Hashmap *directories_by_wd;
- usec_t last_process_usec;
};
char *journal_make_match_string(sd_journal *j);
};
char *journal_make_match_string(sd_journal *j);
#define DEFAULT_DATA_THRESHOLD (64*1024)
#define DEFAULT_DATA_THRESHOLD (64*1024)
+static bool journal_pid_changed(sd_journal *j) {
+ assert(j);
+
+ /* We don't support people creating a journal object and
+ * keeping it around over a fork(). Let's complain. */
+
+ return j->original_pid != getpid();
+}
+
/* We return an error here only if we didn't manage to
memorize the real error. */
static int set_put_error(sd_journal *j, int r) {
/* We return an error here only if we didn't manage to
memorize the real error. */
static int set_put_error(sd_journal *j, int r) {
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!data)
return -EINVAL;
if (!data)
return -EINVAL;
}
_public_ int sd_journal_add_conjunction(sd_journal *j) {
}
_public_ int sd_journal_add_conjunction(sd_journal *j) {
+ if (!j)
+ return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!j->level0)
return 0;
if (!j->level0)
return 0;
}
_public_ int sd_journal_add_disjunction(sd_journal *j) {
}
_public_ int sd_journal_add_disjunction(sd_journal *j) {
+ if (!j)
+ return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!j->level0)
return 0;
if (!j->level0)
return 0;
}
_public_ void sd_journal_flush_matches(sd_journal *j) {
}
_public_ void sd_journal_flush_matches(sd_journal *j) {
+ if (journal_pid_changed(j))
+ return -ECHILD;
HASHMAP_FOREACH(f, j->files, i) {
bool found;
HASHMAP_FOREACH(f, j->files, i) {
bool found;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (skip == 0) {
/* If this is not a discrete skip, then at least
if (skip == 0) {
/* If this is not a discrete skip, then at least
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!cursor)
return -EINVAL;
if (!cursor)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (isempty(cursor))
return -EINVAL;
if (isempty(cursor))
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (isempty(cursor))
return -EINVAL;
if (isempty(cursor))
return -EINVAL;
_public_ int sd_journal_seek_monotonic_usec(sd_journal *j, sd_id128_t boot_id, uint64_t usec) {
if (!j)
return -EINVAL;
_public_ int sd_journal_seek_monotonic_usec(sd_journal *j, sd_id128_t boot_id, uint64_t usec) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
reset_location(j);
j->current_location.type = LOCATION_SEEK;
reset_location(j);
j->current_location.type = LOCATION_SEEK;
_public_ int sd_journal_seek_realtime_usec(sd_journal *j, uint64_t usec) {
if (!j)
return -EINVAL;
_public_ int sd_journal_seek_realtime_usec(sd_journal *j, uint64_t usec) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
reset_location(j);
j->current_location.type = LOCATION_SEEK;
reset_location(j);
j->current_location.type = LOCATION_SEEK;
_public_ int sd_journal_seek_head(sd_journal *j) {
if (!j)
return -EINVAL;
_public_ int sd_journal_seek_head(sd_journal *j) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
reset_location(j);
j->current_location.type = LOCATION_HEAD;
reset_location(j);
j->current_location.type = LOCATION_HEAD;
_public_ int sd_journal_seek_tail(sd_journal *j) {
if (!j)
return -EINVAL;
_public_ int sd_journal_seek_tail(sd_journal *j) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
reset_location(j);
j->current_location.type = LOCATION_TAIL;
reset_location(j);
j->current_location.type = LOCATION_TAIL;
+ j->original_pid = getpid();
j->inotify_fd = -1;
j->flags = flags;
j->data_threshold = DEFAULT_DATA_THRESHOLD;
j->inotify_fd = -1;
j->flags = flags;
j->data_threshold = DEFAULT_DATA_THRESHOLD;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!ret)
return -EINVAL;
if (!ret)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
f = j->current_file;
if (!f)
f = j->current_file;
if (!f)
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!field)
return -EINVAL;
if (!data)
if (!field)
return -EINVAL;
if (!data)
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!data)
return -EINVAL;
if (!size)
if (!data)
return -EINVAL;
if (!size)
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (j->inotify_fd >= 0)
return j->inotify_fd;
if (j->inotify_fd >= 0)
return j->inotify_fd;
+ if (journal_pid_changed(j))
+ return -ECHILD;
fd = sd_journal_get_fd(j);
if (fd < 0)
fd = sd_journal_get_fd(j);
if (fd < 0)
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!timeout_usec)
return -EINVAL;
if (!timeout_usec)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
j->last_process_usec = now(CLOCK_MONOTONIC);
j->last_process_usec = now(CLOCK_MONOTONIC);
+ if (!j)
+ return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!from && !to)
return -EINVAL;
if (from == to)
if (!from && !to)
return -EINVAL;
if (from == to)
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!from && !to)
return -EINVAL;
if (from == to)
if (!from && !to)
return -EINVAL;
if (from == to)
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!bytes)
return -EINVAL;
if (!bytes)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (isempty(field))
return -EINVAL;
if (!field_is_valid(field))
if (isempty(field))
return -EINVAL;
if (!field_is_valid(field))
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!data)
return -EINVAL;
if (!l)
if (!data)
return -EINVAL;
if (!l)
_public_ int sd_journal_reliable_fd(sd_journal *j) {
if (!j)
return -EINVAL;
_public_ int sd_journal_reliable_fd(sd_journal *j) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
+ if (journal_pid_changed(j))
+ return -ECHILD;
if (!ret)
return -EINVAL;
if (!ret)
return -EINVAL;
_public_ int sd_journal_set_data_threshold(sd_journal *j, size_t sz) {
if (!j)
return -EINVAL;
_public_ int sd_journal_set_data_threshold(sd_journal *j, size_t sz) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;
j->data_threshold = sz;
return 0;
j->data_threshold = sz;
return 0;
_public_ int sd_journal_get_data_threshold(sd_journal *j, size_t *sz) {
if (!j)
return -EINVAL;
_public_ int sd_journal_get_data_threshold(sd_journal *j, size_t *sz) {
if (!j)
return -EINVAL;
+ if (journal_pid_changed(j))
+ return -ECHILD;