From: Lennart Poettering <lennart@poettering.net>
Date: Sat, 17 Dec 2011 00:13:55 +0000 (+0100)
Subject: journal: enforce limits on open journal files
X-Git-Tag: v38~144^2~39
X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=commitdiff_plain;h=cab8ac60837b489b27a247990f741315c71cb389;hp=7f3e62571a63ac90de6ac5eefeeb8d3e9aa6f49e

journal: enforce limits on open journal files
---

diff --git a/src/journal/journald.c b/src/journal/journald.c
index 453495a96..6b774f499 100644
--- a/src/journal/journald.c
+++ b/src/journal/journald.c
@@ -38,6 +38,8 @@
 #include "acl-util.h"
 #include "cgroup-util.h"
 
+#define USER_JOURNALS_MAX 1024
+
 typedef struct Server {
         int epoll_fd;
         int signal_fd;
@@ -127,6 +129,13 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
         if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
                 return s->system_journal;
 
+        while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
+                /* Too many open? Then let's close one */
+                f = hashmap_steal_first(s->user_journals);
+                assert(f);
+                journal_file_close(f);
+        }
+
         r = journal_file_open(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
         free(p);
 
diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index 85c57170d..bcfcbfb9e 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -30,6 +30,8 @@
 #include "list.h"
 #include "lookup3.h"
 
+#define JOURNAL_FILES_MAX 1024
+
 typedef struct Match Match;
 
 struct Match {
@@ -932,6 +934,11 @@ static int add_file(sd_journal *j, const char *prefix, const char *dir, const ch
         assert(prefix);
         assert(filename);
 
+        if (hashmap_size(j->files) >= JOURNAL_FILES_MAX) {
+                log_debug("Too many open journal files, ignoring.");
+                return 0;
+        }
+
         if (dir)
                 fn = join(prefix, "/", dir, "/", filename, NULL);
         else
@@ -952,7 +959,6 @@ static int add_file(sd_journal *j, const char *prefix, const char *dir, const ch
 
         journal_file_dump(f);
 
-
         r = hashmap_put(j->files, f->path, f);
         if (r < 0) {
                 journal_file_close(f);
diff --git a/src/journal/sd-journal.h b/src/journal/sd-journal.h
index e42293ffe..b167dcf09 100644
--- a/src/journal/sd-journal.h
+++ b/src/journal/sd-journal.h
@@ -34,12 +34,10 @@
  *   - check LE/BE conversion for 8bit, 16bit, 32bit values
  *   - implement inotify usage on client
  *   - implement audit gateway
- *   - implement native gateway
  *   - implement stdout gateway
  *   - extend hash tables table as we go
  *   - accelerate looking for "all hostnames" and suchlike.
  *   - throttling
- *   - enforce limit on open journal files in journald and journalctl
  *   - cryptographic hash
  *   - fix space reservation logic
  *   - comm, argv can be manipulated, should it be _COMM=, _CMDLINE= or COMM=, CMDLINE=?