From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 4 Jun 2014 14:37:02 +0000 (+0200)
Subject: journald: move /dev/log socket to /run
X-Git-Tag: v214~86
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=03ee5c38cb0da193dd08733fb4c0c2809cee6a99

journald: move /dev/log socket to /run

This way we can make the socket also available for sandboxed apps that
have their own private /dev. They can now simply symlink the socket from
/dev.
---

diff --git a/Makefile.am b/Makefile.am
index d778b31b0..110937781 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -3480,7 +3480,8 @@ bin_PROGRAMS += \
 	systemd-cat
 
 dist_systemunit_DATA += \
-	units/systemd-journald.socket
+	units/systemd-journald.socket \
+	units/systemd-journald-dev-log.socket
 
 nodist_systemunit_DATA += \
 	units/systemd-journald.service \
@@ -3496,7 +3497,9 @@ dist_catalog_DATA = \
 	catalog/systemd.catalog
 
 SOCKETS_TARGET_WANTS += \
-	systemd-journald.socket
+	systemd-journald.socket \
+	systemd-journald-dev-log.socket
+
 SYSINIT_TARGET_WANTS += \
 	systemd-journald.service \
 	systemd-journal-flush.service
diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml
index f0ce7aae6..7ac73ed66 100644
--- a/man/systemd-journald.service.xml
+++ b/man/systemd-journald.service.xml
@@ -45,6 +45,7 @@
         <refnamediv>
                 <refname>systemd-journald.service</refname>
                 <refname>systemd-journald.socket</refname>
+                <refname>systemd-journald-dev-log.socket</refname>
                 <refname>systemd-journald</refname>
                 <refpurpose>Journal service</refpurpose>
         </refnamediv>
@@ -52,6 +53,7 @@
         <refsynopsisdiv>
                 <para><filename>systemd-journald.service</filename></para>
                 <para><filename>systemd-journald.socket</filename></para>
+                <para><filename>systemd-journald-dev-log.socket</filename></para>
                 <para><filename>/usr/lib/systemd/systemd-journald</filename></para>
         </refsynopsisdiv>
 
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 381d80a93..3211773c2 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -1535,7 +1535,8 @@ int server_init(Server *s) {
 
                         s->stdout_fd = fd;
 
-                } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
+                } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 ||
+                           sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) {
 
                         if (s->syslog_fd >= 0) {
                                 log_error("Too many /dev/log sockets passed.");
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index 434eac428..b826e23c0 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -428,7 +428,7 @@ int server_open_syslog_socket(Server *s) {
         if (s->syslog_fd < 0) {
                 union sockaddr_union sa = {
                         .un.sun_family = AF_UNIX,
-                        .un.sun_path = "/dev/log",
+                        .un.sun_path = "/run/systemd/journal/dev-log",
                 };
 
                 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
diff --git a/units/systemd-journald-dev-log.socket b/units/systemd-journald-dev-log.socket
new file mode 100644
index 000000000..c01b310b4
--- /dev/null
+++ b/units/systemd-journald-dev-log.socket
@@ -0,0 +1,26 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+[Unit]
+Description=Journal Socket (/dev/log)
+Documentation=man:systemd-journald.service(8) man:journald.conf(5)
+DefaultDependencies=no
+Before=sockets.target
+
+# Mount and swap units need this. If this socket unit is removed by an
+# isolate request the mount and swap units would be removed too,
+# hence let's exclude this from isolate requests.
+IgnoreOnIsolate=yes
+
+[Socket]
+ListenDatagram=/run/systemd/journal/dev-log
+Symlinks=/dev/log
+SocketMode=0666
+PassCredentials=yes
+PassSecurity=yes
+ReceiveBuffer=8M
+Service=systemd-journald.service
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index ba3f84720..4a307c708 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -10,10 +10,11 @@ Description=Journal Service
 Documentation=man:systemd-journald.service(8) man:journald.conf(5)
 DefaultDependencies=no
 Requires=systemd-journald.socket
-After=systemd-journald.socket syslog.socket
+After=systemd-journald.socket systemd-journald-dev-log.socket syslog.socket
 Before=sysinit.target
 
 [Service]
+Sockets=systemd-journald.socket systemd-journald-dev-log.socket
 ExecStart=@rootlibexecdir@/systemd-journald
 Restart=always
 RestartSec=0
diff --git a/units/systemd-journald.socket b/units/systemd-journald.socket
index fbeb10baa..71737014c 100644
--- a/units/systemd-journald.socket
+++ b/units/systemd-journald.socket
@@ -19,8 +19,8 @@ IgnoreOnIsolate=yes
 [Socket]
 ListenStream=/run/systemd/journal/stdout
 ListenDatagram=/run/systemd/journal/socket
-ListenDatagram=/dev/log
 SocketMode=0666
 PassCredentials=yes
 PassSecurity=yes
 ReceiveBuffer=8M
+Service=systemd-journald.service