1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
35 #include <sys/ioctl.h>
43 #include <systemd/sd-journal.h>
46 #include "logs-show.h"
48 #include "path-util.h"
54 #include "journal-internal.h"
55 #include "journal-def.h"
56 #include "journal-verify.h"
57 #include "journal-authenticate.h"
58 #include "journal-qrcode.h"
60 #include "unit-name.h"
63 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
65 static OutputMode arg_output = OUTPUT_SHORT;
66 static bool arg_pager_end = false;
67 static bool arg_follow = false;
68 static bool arg_full = true;
69 static bool arg_all = false;
70 static bool arg_no_pager = false;
71 static int arg_lines = -1;
72 static bool arg_no_tail = false;
73 static bool arg_quiet = false;
74 static bool arg_merge = false;
75 static bool arg_boot = false;
76 static sd_id128_t arg_boot_id = {};
77 static int arg_boot_offset = 0;
78 static bool arg_dmesg = false;
79 static const char *arg_cursor = NULL;
80 static const char *arg_after_cursor = NULL;
81 static bool arg_show_cursor = false;
82 static const char *arg_directory = NULL;
83 static char **arg_file = NULL;
84 static int arg_priorities = 0xFF;
85 static const char *arg_verify_key = NULL;
87 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
88 static bool arg_force = false;
90 static usec_t arg_since, arg_until;
91 static bool arg_since_set = false, arg_until_set = false;
92 static char **arg_system_units = NULL;
93 static char **arg_user_units = NULL;
94 static const char *arg_field = NULL;
95 static bool arg_catalog = false;
96 static bool arg_reverse = false;
97 static int arg_journal_type = 0;
98 static const char *arg_root = NULL;
99 static const char *arg_machine = NULL;
110 ACTION_UPDATE_CATALOG,
112 } arg_action = ACTION_SHOW;
114 typedef struct boot_id_t {
120 static void pager_open_if_enabled(void) {
125 pager_open(arg_pager_end);
128 static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
129 sd_id128_t id = SD_ID128_NULL;
132 if (strlen(x) >= 32) {
136 r = sd_id128_from_string(t, &id);
140 if (*x != '-' && *x != '+' && *x != 0)
144 r = safe_atoi(x, &off);
149 r = safe_atoi(x, &off);
163 static int help(void) {
165 pager_open_if_enabled();
167 printf("%s [OPTIONS...] [MATCHES...]\n\n"
168 "Query the journal.\n\n"
170 " --system Show the system journal\n"
171 " --user Show the user journal for the current user\n"
172 " -M --machine=CONTAINER Operate on local container\n"
173 " --since=DATE Start showing entries on or newer than the specified date\n"
174 " --until=DATE Stop showing entries on or older than the specified date\n"
175 " -c --cursor=CURSOR Start showing entries from the specified cursor\n"
176 " --after-cursor=CURSOR Start showing entries from after the specified cursor\n"
177 " --show-cursor Print the cursor after all the entries\n"
178 " -b --boot[=ID] Show data only from ID or, if unspecified, the current boot\n"
179 " --list-boots Show terse information about recorded boots\n"
180 " -k --dmesg Show kernel message log from the current boot\n"
181 " -u --unit=UNIT Show data only from the specified unit\n"
182 " --user-unit=UNIT Show data only from the specified user session unit\n"
183 " -p --priority=RANGE Show only messages within the specified priority range\n"
184 " -e --pager-end Immediately jump to end of the journal in the pager\n"
185 " -f --follow Follow the journal\n"
186 " -n --lines[=INTEGER] Number of journal entries to show\n"
187 " --no-tail Show all lines, even in follow mode\n"
188 " -r --reverse Show the newest entries first\n"
189 " -o --output=STRING Change journal output mode (short, short-iso,\n"
190 " short-precise, short-monotonic, verbose,\n"
191 " export, json, json-pretty, json-sse, cat)\n"
192 " -x --catalog Add message explanations where available\n"
193 " --no-full Ellipsize fields\n"
194 " -a --all Show all fields, including long and unprintable\n"
195 " -q --quiet Do not show privilege warning\n"
196 " --no-pager Do not pipe output into a pager\n"
197 " -m --merge Show entries from all available journals\n"
198 " -D --directory=PATH Show journal files from directory\n"
199 " --file=PATH Show journal file\n"
200 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
202 " --interval=TIME Time interval for changing the FSS sealing key\n"
203 " --verify-key=KEY Specify FSS verification key\n"
204 " --force Force overriding of the FSS key pair with --setup-keys\n"
207 " -h --help Show this help text\n"
208 " --version Show package version\n"
209 " --new-id128 Generate a new 128-bit ID\n"
210 " --header Show journal header information\n"
211 " --disk-usage Show total disk usage of all journal files\n"
212 " -F --field=FIELD List all values that a specified field takes\n"
213 " --list-catalog Show message IDs of all entries in the message catalog\n"
214 " --dump-catalog Show entries in the message catalog\n"
215 " --update-catalog Update the message catalog database\n"
217 " --setup-keys Generate a new FSS key pair\n"
218 " --verify Verify journal file consistency\n"
220 , program_invocation_short_name);
225 static int parse_argv(int argc, char *argv[]) {
255 static const struct option options[] = {
256 { "help", no_argument, NULL, 'h' },
257 { "version" , no_argument, NULL, ARG_VERSION },
258 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
259 { "pager-end", no_argument, NULL, 'e' },
260 { "follow", no_argument, NULL, 'f' },
261 { "force", no_argument, NULL, ARG_FORCE },
262 { "output", required_argument, NULL, 'o' },
263 { "all", no_argument, NULL, 'a' },
264 { "full", no_argument, NULL, 'l' },
265 { "no-full", no_argument, NULL, ARG_NO_FULL },
266 { "lines", optional_argument, NULL, 'n' },
267 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
268 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
269 { "quiet", no_argument, NULL, 'q' },
270 { "merge", no_argument, NULL, 'm' },
271 { "boot", optional_argument, NULL, 'b' },
272 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
273 { "this-boot", optional_argument, NULL, 'b' }, /* deprecated */
274 { "dmesg", no_argument, NULL, 'k' },
275 { "system", no_argument, NULL, ARG_SYSTEM },
276 { "user", no_argument, NULL, ARG_USER },
277 { "directory", required_argument, NULL, 'D' },
278 { "file", required_argument, NULL, ARG_FILE },
279 { "root", required_argument, NULL, ARG_ROOT },
280 { "header", no_argument, NULL, ARG_HEADER },
281 { "priority", required_argument, NULL, 'p' },
282 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
283 { "interval", required_argument, NULL, ARG_INTERVAL },
284 { "verify", no_argument, NULL, ARG_VERIFY },
285 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
286 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
287 { "cursor", required_argument, NULL, 'c' },
288 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
289 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
290 { "since", required_argument, NULL, ARG_SINCE },
291 { "until", required_argument, NULL, ARG_UNTIL },
292 { "unit", required_argument, NULL, 'u' },
293 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
294 { "field", required_argument, NULL, 'F' },
295 { "catalog", no_argument, NULL, 'x' },
296 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
297 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
298 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
299 { "reverse", no_argument, NULL, 'r' },
300 { "machine", required_argument, NULL, 'M' },
309 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:u:F:xrM:", options, NULL)) >= 0) {
317 puts(PACKAGE_STRING);
318 puts(SYSTEMD_FEATURES);
326 arg_pager_end = true;
338 arg_output = output_mode_from_string(optarg);
339 if (arg_output < 0) {
340 log_error("Unknown output format '%s'.", optarg);
344 if (arg_output == OUTPUT_EXPORT ||
345 arg_output == OUTPUT_JSON ||
346 arg_output == OUTPUT_JSON_PRETTY ||
347 arg_output == OUTPUT_JSON_SSE ||
348 arg_output == OUTPUT_CAT)
367 r = safe_atoi(optarg, &arg_lines);
368 if (r < 0 || arg_lines < 0) {
369 log_error("Failed to parse lines '%s'", optarg);
375 /* Hmm, no argument? Maybe the next
376 * word on the command line is
377 * supposed to be the argument? Let's
378 * see if there is one, and is
379 * parsable as a positive
383 safe_atoi(argv[optind], &n) >= 0 &&
399 arg_action = ACTION_NEW_ID128;
414 r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
416 log_error("Failed to parse boot descriptor '%s'", optarg);
421 /* Hmm, no argument? Maybe the next
422 * word on the command line is
423 * supposed to be the argument? Let's
424 * see if there is one and is parsable
425 * as a boot descriptor... */
428 parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
435 arg_action = ACTION_LIST_BOOTS;
439 arg_boot = arg_dmesg = true;
443 arg_journal_type |= SD_JOURNAL_SYSTEM;
447 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
451 arg_machine = optarg;
455 arg_directory = optarg;
459 r = glob_extend(&arg_file, optarg);
461 log_error("Failed to add paths: %s", strerror(-r));
474 case ARG_AFTER_CURSOR:
475 arg_after_cursor = optarg;
478 case ARG_SHOW_CURSOR:
479 arg_show_cursor = true;
483 arg_action = ACTION_PRINT_HEADER;
487 arg_action = ACTION_VERIFY;
491 arg_action = ACTION_DISK_USAGE;
500 arg_action = ACTION_SETUP_KEYS;
505 arg_action = ACTION_VERIFY;
506 arg_verify_key = optarg;
511 r = parse_sec(optarg, &arg_interval);
512 if (r < 0 || arg_interval <= 0) {
513 log_error("Failed to parse sealing key change interval: %s", optarg);
522 log_error("Forward-secure sealing not available.");
529 dots = strstr(optarg, "..");
535 a = strndup(optarg, dots - optarg);
539 from = log_level_from_string(a);
540 to = log_level_from_string(dots + 2);
543 if (from < 0 || to < 0) {
544 log_error("Failed to parse log level range %s", optarg);
551 for (i = from; i <= to; i++)
552 arg_priorities |= 1 << i;
554 for (i = to; i <= from; i++)
555 arg_priorities |= 1 << i;
561 p = log_level_from_string(optarg);
563 log_error("Unknown log level %s", optarg);
569 for (i = 0; i <= p; i++)
570 arg_priorities |= 1 << i;
577 r = parse_timestamp(optarg, &arg_since);
579 log_error("Failed to parse timestamp: %s", optarg);
582 arg_since_set = true;
586 r = parse_timestamp(optarg, &arg_until);
588 log_error("Failed to parse timestamp: %s", optarg);
591 arg_until_set = true;
595 r = strv_extend(&arg_system_units, optarg);
601 r = strv_extend(&arg_user_units, optarg);
614 case ARG_LIST_CATALOG:
615 arg_action = ACTION_LIST_CATALOG;
618 case ARG_DUMP_CATALOG:
619 arg_action = ACTION_DUMP_CATALOG;
622 case ARG_UPDATE_CATALOG:
623 arg_action = ACTION_UPDATE_CATALOG;
634 assert_not_reached("Unhandled option");
638 if (arg_follow && !arg_no_tail && arg_lines < 0)
641 if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
642 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
646 if (arg_since_set && arg_until_set && arg_since > arg_until) {
647 log_error("--since= must be before --until=.");
651 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
652 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
656 if (arg_follow && arg_reverse) {
657 log_error("Please specify either --reverse= or --follow=, not both.");
661 if (arg_action != ACTION_SHOW && optind < argc) {
662 log_error("Extraneous arguments starting with '%s'", argv[optind]);
669 static int generate_new_id128(void) {
674 r = sd_id128_randomize(&id);
676 log_error("Failed to generate ID: %s", strerror(-r));
680 printf("As string:\n"
681 SD_ID128_FORMAT_STR "\n\n"
683 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
685 "#define MESSAGE_XYZ SD_ID128_MAKE(",
686 SD_ID128_FORMAT_VAL(id),
687 SD_ID128_FORMAT_VAL(id));
688 for (i = 0; i < 16; i++)
689 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
690 fputs(")\n\n", stdout);
692 printf("As Python constant:\n"
694 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
695 SD_ID128_FORMAT_VAL(id));
700 static int add_matches(sd_journal *j, char **args) {
702 bool have_term = false;
706 STRV_FOREACH(i, args) {
709 if (streq(*i, "+")) {
712 r = sd_journal_add_disjunction(j);
715 } else if (path_is_absolute(*i)) {
716 _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
718 _cleanup_free_ char *interpreter = NULL;
721 p = canonicalize_file_name(*i);
724 if (stat(path, &st) < 0) {
725 log_error("Couldn't stat file: %m");
729 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
730 if (executable_is_script(path, &interpreter) > 0) {
731 _cleanup_free_ char *comm;
733 comm = strndup(basename(path), 15);
737 t = strappend("_COMM=", comm);
739 /* Append _EXE only if the interpreter is not a link.
740 Otherwise, it might be outdated often. */
741 if (lstat(interpreter, &st) == 0 &&
742 !S_ISLNK(st.st_mode)) {
743 t2 = strappend("_EXE=", interpreter);
748 t = strappend("_EXE=", path);
749 } else if (S_ISCHR(st.st_mode))
750 asprintf(&t, "_KERNEL_DEVICE=c%u:%u", major(st.st_rdev), minor(st.st_rdev));
751 else if (S_ISBLK(st.st_mode))
752 asprintf(&t, "_KERNEL_DEVICE=b%u:%u", major(st.st_rdev), minor(st.st_rdev));
754 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
761 r = sd_journal_add_match(j, t, 0);
763 r = sd_journal_add_match(j, t2, 0);
767 r = sd_journal_add_match(j, *i, 0);
772 log_error("Failed to add match '%s': %s", *i, strerror(-r));
777 if (!strv_isempty(args) && !have_term) {
778 log_error("\"+\" can only be used between terms");
785 static int boot_id_cmp(const void *a, const void *b) {
788 _a = ((const boot_id_t *)a)->first;
789 _b = ((const boot_id_t *)b)->first;
791 return _a < _b ? -1 : (_a > _b ? 1 : 0);
794 static int list_boots(sd_journal *j) {
797 unsigned int count = 0;
799 size_t length, allocated = 0;
801 _cleanup_free_ boot_id_t *all_ids = NULL;
803 r = sd_journal_query_unique(j, "_BOOT_ID");
807 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
808 if (length < strlen("_BOOT_ID="))
811 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
814 id = &all_ids[count];
816 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
820 r = sd_journal_add_match(j, data, length);
824 r = sd_journal_seek_head(j);
828 r = sd_journal_next(j);
834 r = sd_journal_get_realtime_usec(j, &id->first);
838 r = sd_journal_seek_tail(j);
842 r = sd_journal_previous(j);
848 r = sd_journal_get_realtime_usec(j, &id->last);
854 sd_journal_flush_matches(j);
857 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
859 /* numbers are one less, but we need an extra char for the sign */
860 w = DECIMAL_STR_WIDTH(count - 1) + 1;
862 for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
863 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
865 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
867 SD_ID128_FORMAT_VAL(id->id),
868 format_timestamp(a, sizeof(a), id->first),
869 format_timestamp(b, sizeof(b), id->last));
875 static int get_relative_boot_id(sd_journal *j, sd_id128_t *boot_id, int relative) {
878 unsigned int count = 0;
879 size_t length, allocated = 0;
880 boot_id_t ref_boot_id = {SD_ID128_NULL}, *id;
881 _cleanup_free_ boot_id_t *all_ids = NULL;
886 r = sd_journal_query_unique(j, "_BOOT_ID");
890 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
891 if (length < strlen("_BOOT_ID="))
894 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
897 id = &all_ids[count];
899 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
903 r = sd_journal_add_match(j, data, length);
907 r = sd_journal_seek_head(j);
911 r = sd_journal_next(j);
917 r = sd_journal_get_realtime_usec(j, &id->first);
921 if (sd_id128_equal(id->id, *boot_id))
926 sd_journal_flush_matches(j);
929 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
931 if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
932 if (relative > (int) count || relative <= -(int)count)
933 return -EADDRNOTAVAIL;
935 *boot_id = all_ids[(relative <= 0)*count + relative - 1].id;
937 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
940 relative <= 0 ? (id - all_ids) + relative < 0 :
941 (id - all_ids) + relative >= (int) count)
942 return -EADDRNOTAVAIL;
944 *boot_id = (id + relative)->id;
950 static int add_boot(sd_journal *j) {
951 char match[9+32+1] = "_BOOT_ID=";
959 if (arg_boot_offset == 0 && sd_id128_equal(arg_boot_id, SD_ID128_NULL))
960 return add_match_this_boot(j, arg_machine);
962 r = get_relative_boot_id(j, &arg_boot_id, arg_boot_offset);
964 if (sd_id128_equal(arg_boot_id, SD_ID128_NULL))
965 log_error("Failed to look up boot %+i: %s", arg_boot_offset, strerror(-r));
967 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+i: %s",
968 SD_ID128_FORMAT_VAL(arg_boot_id), arg_boot_offset, strerror(-r));
972 sd_id128_to_string(arg_boot_id, match + 9);
974 r = sd_journal_add_match(j, match, sizeof(match) - 1);
976 log_error("Failed to add match: %s", strerror(-r));
980 r = sd_journal_add_conjunction(j);
987 static int add_dmesg(sd_journal *j) {
994 r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
996 log_error("Failed to add match: %s", strerror(-r));
1000 r = sd_journal_add_conjunction(j);
1007 static int get_possible_units(sd_journal *j,
1011 _cleanup_set_free_free_ Set *found;
1015 found = set_new(string_hash_func, string_compare_func);
1019 NULSTR_FOREACH(field, fields) {
1023 r = sd_journal_query_unique(j, field);
1027 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1028 char **pattern, *eq;
1030 _cleanup_free_ char *u = NULL;
1032 eq = memchr(data, '=', size);
1034 prefix = eq - (char*) data + 1;
1038 u = strndup((char*) data + prefix, size - prefix);
1042 STRV_FOREACH(pattern, patterns)
1043 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1044 log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1046 r = set_consume(found, u);
1048 if (r < 0 && r != -EEXIST)
1061 /* This list is supposed to return the superset of unit names
1062 * possibly matched by rules added with add_matches_for_unit... */
1063 #define SYSTEM_UNITS \
1067 "OBJECT_SYSTEMD_UNIT\0" \
1070 /* ... and add_matches_for_user_unit */
1071 #define USER_UNITS \
1072 "_SYSTEMD_USER_UNIT\0" \
1074 "COREDUMP_USER_UNIT\0" \
1075 "OBJECT_SYSTEMD_USER_UNIT\0"
1077 static int add_units(sd_journal *j) {
1078 _cleanup_strv_free_ char **patterns = NULL;
1084 STRV_FOREACH(i, arg_system_units) {
1085 _cleanup_free_ char *u = NULL;
1087 u = unit_name_mangle(*i, MANGLE_GLOB);
1091 if (string_is_glob(u)) {
1092 r = strv_push(&patterns, u);
1097 r = add_matches_for_unit(j, u);
1100 r = sd_journal_add_disjunction(j);
1107 if (!strv_isempty(patterns)) {
1108 _cleanup_set_free_free_ Set *units = NULL;
1112 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
1116 SET_FOREACH(u, units, it) {
1117 r = add_matches_for_unit(j, u);
1120 r = sd_journal_add_disjunction(j);
1127 strv_free(patterns);
1130 STRV_FOREACH(i, arg_user_units) {
1131 _cleanup_free_ char *u = NULL;
1133 u = unit_name_mangle(*i, MANGLE_GLOB);
1137 if (string_is_glob(u)) {
1138 r = strv_push(&patterns, u);
1143 r = add_matches_for_user_unit(j, u, getuid());
1146 r = sd_journal_add_disjunction(j);
1153 if (!strv_isempty(patterns)) {
1154 _cleanup_set_free_free_ Set *units = NULL;
1158 r = get_possible_units(j, USER_UNITS, patterns, &units);
1162 SET_FOREACH(u, units, it) {
1163 r = add_matches_for_user_unit(j, u, getuid());
1166 r = sd_journal_add_disjunction(j);
1173 /* Complain if the user request matches but nothing whatsoever was
1174 * found, since otherwise everything would be matched. */
1175 if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1178 r = sd_journal_add_conjunction(j);
1185 static int add_priorities(sd_journal *j) {
1186 char match[] = "PRIORITY=0";
1190 if (arg_priorities == 0xFF)
1193 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1194 if (arg_priorities & (1 << i)) {
1195 match[sizeof(match)-2] = '0' + i;
1197 r = sd_journal_add_match(j, match, strlen(match));
1199 log_error("Failed to add match: %s", strerror(-r));
1204 r = sd_journal_add_conjunction(j);
1211 static int setup_keys(void) {
1213 size_t mpk_size, seed_size, state_size, i;
1214 uint8_t *mpk, *seed, *state;
1216 int fd = -1, r, attr = 0;
1217 sd_id128_t machine, boot;
1218 char *p = NULL, *k = NULL;
1223 r = stat("/var/log/journal", &st);
1224 if (r < 0 && errno != ENOENT && errno != ENOTDIR) {
1225 log_error("stat(\"%s\") failed: %m", "/var/log/journal");
1229 if (r < 0 || !S_ISDIR(st.st_mode)) {
1230 log_error("%s is not a directory, must be using persistent logging for FSS.",
1231 "/var/log/journal");
1232 return r < 0 ? -errno : -ENOTDIR;
1235 r = sd_id128_get_machine(&machine);
1237 log_error("Failed to get machine ID: %s", strerror(-r));
1241 r = sd_id128_get_boot(&boot);
1243 log_error("Failed to get boot ID: %s", strerror(-r));
1247 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1248 SD_ID128_FORMAT_VAL(machine)) < 0)
1251 if (access(p, F_OK) >= 0) {
1255 log_error("unlink(\"%s\") failed: %m", p);
1260 log_error("Sealing key file %s exists already. (--force to recreate)", p);
1266 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1267 SD_ID128_FORMAT_VAL(machine)) < 0) {
1272 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1273 mpk = alloca(mpk_size);
1275 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1276 seed = alloca(seed_size);
1278 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1279 state = alloca(state_size);
1281 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1283 log_error("Failed to open /dev/random: %m");
1288 log_info("Generating seed...");
1289 l = loop_read(fd, seed, seed_size, true);
1290 if (l < 0 || (size_t) l != seed_size) {
1291 log_error("Failed to read random seed: %s", strerror(EIO));
1296 log_info("Generating key pair...");
1297 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1299 log_info("Generating sealing key...");
1300 FSPRG_GenState0(state, mpk, seed, seed_size);
1302 assert(arg_interval > 0);
1304 n = now(CLOCK_REALTIME);
1308 fd = mkostemp_safe(k, O_WRONLY|O_CLOEXEC);
1310 log_error("Failed to open %s: %m", k);
1315 /* Enable secure remove, exclusion from dump, synchronous
1316 * writing and in-place updating */
1317 if (ioctl(fd, FS_IOC_GETFLAGS, &attr) < 0)
1318 log_warning("FS_IOC_GETFLAGS failed: %m");
1320 attr |= FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL;
1322 if (ioctl(fd, FS_IOC_SETFLAGS, &attr) < 0)
1323 log_warning("FS_IOC_SETFLAGS failed: %m");
1326 memcpy(h.signature, "KSHHRHLP", 8);
1327 h.machine_id = machine;
1329 h.header_size = htole64(sizeof(h));
1330 h.start_usec = htole64(n * arg_interval);
1331 h.interval_usec = htole64(arg_interval);
1332 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1333 h.fsprg_state_size = htole64(state_size);
1335 l = loop_write(fd, &h, sizeof(h), false);
1336 if (l < 0 || (size_t) l != sizeof(h)) {
1337 log_error("Failed to write header: %s", strerror(EIO));
1342 l = loop_write(fd, state, state_size, false);
1343 if (l < 0 || (size_t) l != state_size) {
1344 log_error("Failed to write state: %s", strerror(EIO));
1349 if (link(k, p) < 0) {
1350 log_error("Failed to link file: %m");
1358 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1359 "the following local file. This key file is automatically updated when the\n"
1360 "sealing key is advanced. It should not be used on multiple hosts.\n"
1364 "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1365 "at a safe location and should not be saved locally on disk.\n"
1366 "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1369 for (i = 0; i < seed_size; i++) {
1370 if (i > 0 && i % 3 == 0)
1372 printf("%02x", ((uint8_t*) seed)[i]);
1375 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1378 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1381 ANSI_HIGHLIGHT_OFF "\n"
1382 "The sealing key is automatically changed every %s.\n",
1383 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1385 hn = gethostname_malloc();
1388 hostname_cleanup(hn, false);
1389 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1391 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1393 #ifdef HAVE_QRENCODE
1394 /* If this is not an UTF-8 system don't print any QR codes */
1395 if (is_locale_utf8()) {
1396 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1397 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1417 log_error("Forward-secure sealing not available.");
1422 static int verify(sd_journal *j) {
1429 log_show_color(true);
1431 HASHMAP_FOREACH(f, j->files, i) {
1433 usec_t first, validated, last;
1436 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1437 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1440 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1442 /* If the key was invalid give up right-away. */
1445 log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1448 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1449 log_info("PASS: %s", f->path);
1451 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1452 if (validated > 0) {
1453 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1454 format_timestamp(a, sizeof(a), first),
1455 format_timestamp(b, sizeof(b), validated),
1456 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1457 } else if (last > 0)
1458 log_info("=> No sealing yet, %s of entries not sealed.",
1459 format_timespan(c, sizeof(c), last - first, 0));
1461 log_info("=> No sealing yet, no entries in file.");
1470 static int access_check_var_log_journal(sd_journal *j) {
1471 _cleanup_strv_free_ char **g = NULL;
1477 have_access = in_group("systemd-journal") > 0;
1480 /* Let's enumerate all groups from the default ACL of
1481 * the directory, which generally should allow access
1482 * to most journal files too */
1483 r = search_acl_groups(&g, "/var/log/journal/", &have_access);
1490 if (strv_isempty(g))
1491 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1492 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1493 " turn off this notice.");
1495 _cleanup_free_ char *s = NULL;
1497 r = strv_extend(&g, "systemd-journal");
1504 s = strv_join(g, "', '");
1508 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1509 " Users in the groups '%s' can see all messages.\n"
1510 " Pass -q to turn off this notice.", s);
1518 static int access_check(sd_journal *j) {
1525 if (set_isempty(j->errors)) {
1526 if (hashmap_isempty(j->files))
1527 log_notice("No journal files were found.");
1531 if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1533 /* If /var/log/journal doesn't even exist,
1534 * unprivileged users have no access at all */
1535 if (access("/var/log/journal", F_OK) < 0 &&
1537 in_group("systemd-journal") <= 0) {
1538 log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
1539 "enabled. Users in the 'systemd-journal' group may always access messages.");
1543 /* If /var/log/journal exists, try to pring a nice
1544 notice if the user lacks access to it */
1545 if (!arg_quiet && geteuid() != 0) {
1546 r = access_check_var_log_journal(j);
1551 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1552 log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1553 "group may access messages.");
1558 if (hashmap_isempty(j->files)) {
1559 log_error("No journal files were opened due to insufficient permissions.");
1564 SET_FOREACH(code, j->errors, it) {
1567 err = -PTR_TO_INT(code);
1571 log_warning("Error was encountered while opening journal files: %s",
1578 int main(int argc, char *argv[]) {
1580 _cleanup_journal_close_ sd_journal *j = NULL;
1581 bool need_seek = false;
1582 sd_id128_t previous_boot_id;
1583 bool previous_boot_id_valid = false, first_line = true;
1585 bool ellipsized = false;
1587 setlocale(LC_ALL, "");
1588 log_parse_environment();
1591 r = parse_argv(argc, argv);
1595 signal(SIGWINCH, columns_lines_cache_reset);
1597 if (arg_action == ACTION_NEW_ID128) {
1598 r = generate_new_id128();
1602 if (arg_action == ACTION_SETUP_KEYS) {
1607 if (arg_action == ACTION_UPDATE_CATALOG ||
1608 arg_action == ACTION_LIST_CATALOG ||
1609 arg_action == ACTION_DUMP_CATALOG) {
1611 const char* database = CATALOG_DATABASE;
1612 _cleanup_free_ char *copy = NULL;
1614 copy = strjoin(arg_root, "/", CATALOG_DATABASE, NULL);
1619 path_kill_slashes(copy);
1623 if (arg_action == ACTION_UPDATE_CATALOG) {
1624 r = catalog_update(database, arg_root, catalog_file_dirs);
1626 log_error("Failed to list catalog: %s", strerror(-r));
1628 bool oneline = arg_action == ACTION_LIST_CATALOG;
1631 r = catalog_list_items(stdout, database,
1632 oneline, argv + optind);
1634 r = catalog_list(stdout, database, oneline);
1636 log_error("Failed to list catalog: %s", strerror(-r));
1643 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1645 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1646 else if (arg_machine)
1647 r = sd_journal_open_container(&j, arg_machine, 0);
1649 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1651 log_error("Failed to open %s: %s",
1652 arg_directory ? arg_directory : arg_file ? "files" : "journal",
1654 return EXIT_FAILURE;
1657 r = access_check(j);
1659 return EXIT_FAILURE;
1661 if (arg_action == ACTION_VERIFY) {
1666 if (arg_action == ACTION_PRINT_HEADER) {
1667 journal_print_header(j);
1668 return EXIT_SUCCESS;
1671 if (arg_action == ACTION_DISK_USAGE) {
1673 char sbytes[FORMAT_BYTES_MAX];
1675 r = sd_journal_get_usage(j, &bytes);
1677 return EXIT_FAILURE;
1679 printf("Journals take up %s on disk.\n",
1680 format_bytes(sbytes, sizeof(sbytes), bytes));
1681 return EXIT_SUCCESS;
1684 if (arg_action == ACTION_LIST_BOOTS) {
1689 /* add_boot() must be called first!
1690 * It may need to seek the journal to find parent boot IDs. */
1693 return EXIT_FAILURE;
1697 return EXIT_FAILURE;
1700 strv_free(arg_system_units);
1701 strv_free(arg_user_units);
1704 log_error("Failed to add filter for units: %s", strerror(-r));
1705 return EXIT_FAILURE;
1708 r = add_priorities(j);
1710 log_error("Failed to add filter for priorities: %s", strerror(-r));
1711 return EXIT_FAILURE;
1714 r = add_matches(j, argv + optind);
1716 log_error("Failed to add filters: %s", strerror(-r));
1717 return EXIT_FAILURE;
1720 if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) {
1721 _cleanup_free_ char *filter;
1723 filter = journal_make_match_string(j);
1724 log_debug("Journal filter: %s", filter);
1731 r = sd_journal_set_data_threshold(j, 0);
1733 log_error("Failed to unset data size threshold");
1734 return EXIT_FAILURE;
1737 r = sd_journal_query_unique(j, arg_field);
1739 log_error("Failed to query unique data objects: %s", strerror(-r));
1740 return EXIT_FAILURE;
1743 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1746 if (arg_lines >= 0 && n_shown >= arg_lines)
1749 eq = memchr(data, '=', size);
1751 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1753 printf("%.*s\n", (int) size, (const char*) data);
1758 return EXIT_SUCCESS;
1761 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1763 r = sd_journal_get_fd(j);
1765 return EXIT_FAILURE;
1768 if (arg_cursor || arg_after_cursor) {
1769 r = sd_journal_seek_cursor(j, arg_cursor ?: arg_after_cursor);
1771 log_error("Failed to seek to cursor: %s", strerror(-r));
1772 return EXIT_FAILURE;
1775 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1777 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1779 if (arg_after_cursor && r < 2 && !arg_follow)
1780 /* We couldn't find the next entry after the cursor. */
1783 } else if (arg_since_set && !arg_reverse) {
1784 r = sd_journal_seek_realtime_usec(j, arg_since);
1786 log_error("Failed to seek to date: %s", strerror(-r));
1787 return EXIT_FAILURE;
1789 r = sd_journal_next(j);
1791 } else if (arg_until_set && arg_reverse) {
1792 r = sd_journal_seek_realtime_usec(j, arg_until);
1794 log_error("Failed to seek to date: %s", strerror(-r));
1795 return EXIT_FAILURE;
1797 r = sd_journal_previous(j);
1799 } else if (arg_lines >= 0) {
1800 r = sd_journal_seek_tail(j);
1802 log_error("Failed to seek to tail: %s", strerror(-r));
1803 return EXIT_FAILURE;
1806 r = sd_journal_previous_skip(j, arg_lines);
1808 } else if (arg_reverse) {
1809 r = sd_journal_seek_tail(j);
1811 log_error("Failed to seek to tail: %s", strerror(-r));
1812 return EXIT_FAILURE;
1815 r = sd_journal_previous(j);
1818 r = sd_journal_seek_head(j);
1820 log_error("Failed to seek to head: %s", strerror(-r));
1821 return EXIT_FAILURE;
1824 r = sd_journal_next(j);
1828 log_error("Failed to iterate through journal: %s", strerror(-r));
1829 return EXIT_FAILURE;
1833 pager_open_if_enabled();
1837 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1839 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1841 log_error("Failed to get cutoff: %s", strerror(-r));
1847 printf("-- Logs begin at %s. --\n",
1848 format_timestamp(start_buf, sizeof(start_buf), start));
1850 printf("-- Logs begin at %s, end at %s. --\n",
1851 format_timestamp(start_buf, sizeof(start_buf), start),
1852 format_timestamp(end_buf, sizeof(end_buf), end));
1857 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
1862 r = sd_journal_next(j);
1864 r = sd_journal_previous(j);
1866 log_error("Failed to iterate through journal: %s", strerror(-r));
1873 if (arg_until_set && !arg_reverse) {
1876 r = sd_journal_get_realtime_usec(j, &usec);
1878 log_error("Failed to determine timestamp: %s", strerror(-r));
1881 if (usec > arg_until)
1885 if (arg_since_set && arg_reverse) {
1888 r = sd_journal_get_realtime_usec(j, &usec);
1890 log_error("Failed to determine timestamp: %s", strerror(-r));
1893 if (usec < arg_since)
1900 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1902 if (previous_boot_id_valid &&
1903 !sd_id128_equal(boot_id, previous_boot_id))
1904 printf("%s-- Reboot --%s\n",
1905 ansi_highlight(), ansi_highlight_off());
1907 previous_boot_id = boot_id;
1908 previous_boot_id_valid = true;
1913 arg_all * OUTPUT_SHOW_ALL |
1914 arg_full * OUTPUT_FULL_WIDTH |
1915 on_tty() * OUTPUT_COLOR |
1916 arg_catalog * OUTPUT_CATALOG;
1918 r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
1920 if (r == -EADDRNOTAVAIL)
1922 else if (r < 0 || ferror(stdout))
1929 if (arg_show_cursor) {
1930 _cleanup_free_ char *cursor = NULL;
1932 r = sd_journal_get_cursor(j, &cursor);
1933 if (r < 0 && r != -EADDRNOTAVAIL)
1934 log_error("Failed to get cursor: %s", strerror(-r));
1936 printf("-- cursor: %s\n", cursor);
1942 r = sd_journal_wait(j, (uint64_t) -1);
1944 log_error("Couldn't wait for journal event: %s", strerror(-r));
1954 strv_free(arg_file);
1956 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;