X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fjournal%2Fjournald.c;h=5ecb7f72d34a4e80742d51b78a82938bfd584022;hb=c485d3ba094a0bf8d0165a4ba3eb5602cc21812a;hp=ad7c655ff4e17678906ede9d29ba77c98b1ec2f6;hpb=2d44fc7ba5aaf700672baa7b0697caefddafdc53;p=elogind.git
diff --git a/src/journal/journald.c b/src/journal/journald.c
index ad7c655ff..5ecb7f72d 100644
--- a/src/journal/journald.c
+++ b/src/journal/journald.c
@@ -6,16 +6,16 @@
Copyright 2011 Lennart Poettering
systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 2 of the License, or
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- General Public License for more details.
+ Lesser General Public License for more details.
- You should have received a copy of the GNU General Public License
+ You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see .
***/
@@ -29,13 +29,13 @@
#include
#include
#include
-#include
#include
#include
#include
#include
+#include "mkdir.h"
#include "hashmap.h"
#include "journal-file.h"
#include "socket-util.h"
@@ -154,24 +154,25 @@ static uint64_t available_space(Server *s) {
for (;;) {
struct stat st;
struct dirent buf, *de;
- int k;
- k = readdir_r(d, &buf, &de);
- if (k != 0) {
- r = -k;
- goto finish;
- }
+ r = readdir_r(d, &buf, &de);
+ if (r != 0)
+ break;
if (!de)
break;
- if (!dirent_is_file_with_suffix(de, ".journal"))
+ if (!endswith(de->d_name, ".journal") &&
+ !endswith(de->d_name, ".journal~"))
continue;
if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
continue;
- sum += (uint64_t) st.st_blocks * (uint64_t) st.st_blksize;
+ if (!S_ISREG(st.st_mode))
+ continue;
+
+ sum += (uint64_t) st.st_blocks * 512UL;
}
avail = sum >= m->max_use ? 0 : m->max_use - sum;
@@ -301,15 +302,13 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
journal_file_close(f);
}
- r = journal_file_open(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
+ r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
free(p);
if (r < 0)
return s->system_journal;
server_fix_perms(s, f, uid);
- f->metrics = s->system_metrics;
- f->compress = s->compress;
r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
if (r < 0) {
@@ -331,21 +330,37 @@ static void server_rotate(Server *s) {
if (s->runtime_journal) {
r = journal_file_rotate(&s->runtime_journal);
if (r < 0)
- log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
+ if (s->runtime_journal)
+ log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
+ else
+ log_error("Failed to create new runtime journal: %s", strerror(-r));
+ else
+ server_fix_perms(s, s->runtime_journal, 0);
}
if (s->system_journal) {
r = journal_file_rotate(&s->system_journal);
if (r < 0)
- log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
+ if (s->system_journal)
+ log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
+ else
+ log_error("Failed to create new system journal: %s", strerror(-r));
+
+ else
+ server_fix_perms(s, s->system_journal, 0);
}
HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
r = journal_file_rotate(&f);
if (r < 0)
- log_error("Failed to rotate %s: %s", f->path, strerror(-r));
- else
+ if (f->path)
+ log_error("Failed to rotate %s: %s", f->path, strerror(-r));
+ else
+ log_error("Failed to create user journal: %s", strerror(-r));
+ else {
hashmap_replace(s->user_journals, k, f);
+ server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
+ }
}
}
@@ -604,8 +619,20 @@ retry:
else {
r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
- if (r == -E2BIG && !vacuumed) {
- log_info("Allocation limit reached.");
+ if ((r == -E2BIG || /* hit limit */
+ r == -EFBIG || /* hit fs limit */
+ r == -EDQUOT || /* quota hit */
+ r == -ENOSPC || /* disk full */
+ r == -EBADMSG || /* corrupted */
+ r == -ENODATA || /* truncated */
+ r == -EHOSTDOWN || /* other machine */
+ r == -EPROTONOSUPPORT) && /* unsupported feature */
+ !vacuumed) {
+
+ if (r == -E2BIG)
+ log_info("Allocation limit reached, rotating.");
+ else
+ log_warning("Journal file corrupted, rotating.");
server_rotate(s);
server_vacuum(s);
@@ -1131,7 +1158,7 @@ static void process_native_message(
char *identifier = NULL, *message = NULL;
assert(s);
- assert(buffer || n == 0);
+ assert(buffer || buffer_size == 0);
p = buffer;
remaining = buffer_size;
@@ -1217,11 +1244,11 @@ static void process_native_message(
p[17] >= '0' && p[17] <= '9')
priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
- else if (l >= 12 &&
- memcmp(p, "SYSLOG_IDENTIFIER=", 11) == 0) {
+ else if (l >= 19 &&
+ memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
char *t;
- t = strndup(p + 11, l - 11);
+ t = strndup(p + 18, l - 18);
if (t) {
free(identifier);
identifier = t;
@@ -1242,6 +1269,7 @@ static void process_native_message(
p = e + 1;
continue;
} else {
+ le64_t l_le;
uint64_t l;
char *k;
@@ -1250,8 +1278,8 @@ static void process_native_message(
break;
}
- memcpy(&l, e + 1, sizeof(uint64_t));
- l = le64toh(l);
+ memcpy(&l_le, e + 1, sizeof(uint64_t));
+ l = le64toh(l_le);
if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
e[1+sizeof(uint64_t)+l] != '\n') {
@@ -1310,6 +1338,7 @@ finish:
free(iovec[j].iov_base);
}
+ free(iovec);
free(identifier);
free(message);
}
@@ -1663,8 +1692,8 @@ static int stdout_stream_new(Server *s) {
}
#ifdef HAVE_SELINUX
- if (getpeercon(fd, &stream->security_context) < 0)
- log_error("Failed to determine peer security context.");
+ if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
+ log_error("Failed to determine peer security context: %m");
#endif
if (shutdown(fd, SHUT_WR) < 0) {
@@ -1739,6 +1768,17 @@ static int parse_kernel_timestamp(char **_p, usec_t *t) {
return 1;
}
+static bool is_us(const char *pid) {
+ pid_t t;
+
+ assert(pid);
+
+ if (parse_pid(pid, &t) < 0)
+ return false;
+
+ return t == getpid();
+}
+
static void proc_kmsg_line(Server *s, const char *p) {
struct iovec iovec[N_IOVEC_META_FIELDS + 7];
char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
@@ -1778,6 +1818,11 @@ static void proc_kmsg_line(Server *s, const char *p) {
} else {
read_identifier(&p, &identifier, &pid);
+ /* Avoid any messages we generated ourselves via
+ * log_info() and friends. */
+ if (is_us(pid))
+ goto finish;
+
if (s->forward_to_syslog)
forward_syslog(s, priority, identifier, p, NULL, NULL);
@@ -1803,6 +1848,7 @@ static void proc_kmsg_line(Server *s, const char *p) {
dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
+finish:
free(message);
free(syslog_priority);
free(syslog_identifier);
@@ -1874,7 +1920,7 @@ static int system_journal_open(Server *s) {
if (!fn)
return -ENOMEM;
- r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
+ r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
free(fn);
if (r >= 0) {
@@ -1921,7 +1967,7 @@ static int system_journal_open(Server *s) {
* it if necessary. */
(void) mkdir_parents(fn, 0755);
- r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
+ r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
free(fn);
if (r < 0) {
@@ -2131,10 +2177,20 @@ static int process_event(Server *s, struct epoll_event *ev) {
size_t label_len = 0;
union {
struct cmsghdr cmsghdr;
+
+ /* We use NAME_MAX space for the
+ * SELinux label here. The kernel
+ * currently enforces no limit, but
+ * according to suggestions from the
+ * SELinux people this will change and
+ * it will probably be identical to
+ * NAME_MAX. For now we use that, but
+ * this should be updated one day when
+ * the final limit is known.*/
uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
CMSG_SPACE(sizeof(struct timeval)) +
- CMSG_SPACE(sizeof(int)) +
- CMSG_SPACE(PAGE_SIZE)]; /* selinux label */
+ CMSG_SPACE(sizeof(int)) + /* fd */
+ CMSG_SPACE(NAME_MAX)]; /* selinux label */
} control;
ssize_t n;
int v;
@@ -2307,10 +2363,12 @@ static int open_syslog_socket(Server *s) {
return -errno;
}
+#ifdef HAVE_SELINUX
one = 1;
r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
if (r < 0)
log_warning("SO_PASSSEC failed: %m");
+#endif
one = 1;
r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
@@ -2368,10 +2426,12 @@ static int open_native_socket(Server*s) {
return -errno;
}
+#ifdef HAVE_SELINUX
one = 1;
r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
if (r < 0)
log_warning("SO_PASSSEC failed: %m");
+#endif
one = 1;
r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
@@ -2446,8 +2506,7 @@ static int open_proc_kmsg(Server *s) {
if (!s->import_proc_kmsg)
return 0;
-
- s->proc_kmsg_fd = open("/proc/kmsg", O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
+ s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
if (s->proc_kmsg_fd < 0) {
log_warning("Failed to open /proc/kmsg, ignoring: %m");
return 0;
@@ -2552,7 +2611,7 @@ static int server_parse_config_file(Server *s) {
assert(s);
- fn = "/etc/systemd/systemd-journald.conf";
+ fn = "/etc/systemd/journald.conf";
f = fopen(fn, "re");
if (!f) {
if (errno == ENOENT)
@@ -2661,10 +2720,6 @@ static int server_init(Server *s) {
if (r < 0)
return r;
- r = system_journal_open(s);
- if (r < 0)
- return r;
-
r = open_signalfd(s);
if (r < 0)
return r;
@@ -2673,6 +2728,10 @@ static int server_init(Server *s) {
if (!s->rate_limit)
return -ENOMEM;
+ r = system_journal_open(s);
+ if (r < 0)
+ return r;
+
return 0;
}
@@ -2732,7 +2791,8 @@ int main(int argc, char *argv[]) {
return EXIT_FAILURE;
}
- log_set_target(LOG_TARGET_CONSOLE);
+ log_set_target(LOG_TARGET_SAFE);
+ log_set_facility(LOG_SYSLOG);
log_parse_environment();
log_open();