1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
35 #include <sys/ioctl.h>
43 #include "systemd/sd-journal.h"
46 #include "logs-show.h"
48 #include "path-util.h"
54 #include "journal-internal.h"
55 #include "journal-def.h"
56 #include "journal-verify.h"
57 #include "journal-authenticate.h"
58 #include "journal-qrcode.h"
60 #include "unit-name.h"
63 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
65 static OutputMode arg_output = OUTPUT_SHORT;
66 static bool arg_utc = false;
67 static bool arg_pager_end = false;
68 static bool arg_follow = false;
69 static bool arg_full = true;
70 static bool arg_all = false;
71 static bool arg_no_pager = false;
72 static int arg_lines = -2;
73 static bool arg_no_tail = false;
74 static bool arg_quiet = false;
75 static bool arg_merge = false;
76 static bool arg_boot = false;
77 static sd_id128_t arg_boot_id = {};
78 static int arg_boot_offset = 0;
79 static bool arg_dmesg = false;
80 static const char *arg_cursor = NULL;
81 static const char *arg_after_cursor = NULL;
82 static bool arg_show_cursor = false;
83 static const char *arg_directory = NULL;
84 static char **arg_file = NULL;
85 static int arg_priorities = 0xFF;
86 static const char *arg_verify_key = NULL;
88 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
89 static bool arg_force = false;
91 static usec_t arg_since, arg_until;
92 static bool arg_since_set = false, arg_until_set = false;
93 static char **arg_syslog_identifier = NULL;
94 static char **arg_system_units = NULL;
95 static char **arg_user_units = NULL;
96 static const char *arg_field = NULL;
97 static bool arg_catalog = false;
98 static bool arg_reverse = false;
99 static int arg_journal_type = 0;
100 static const char *arg_root = NULL;
101 static const char *arg_machine = NULL;
112 ACTION_UPDATE_CATALOG,
114 } arg_action = ACTION_SHOW;
116 typedef struct boot_id_t {
122 static void pager_open_if_enabled(void) {
127 pager_open(arg_pager_end);
130 static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
133 return format_timestamp_utc(buf, l, t);
135 return format_timestamp(buf, l, t);
138 static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
139 sd_id128_t id = SD_ID128_NULL;
142 if (strlen(x) >= 32) {
146 r = sd_id128_from_string(t, &id);
150 if (*x != '-' && *x != '+' && *x != 0)
154 r = safe_atoi(x, &off);
159 r = safe_atoi(x, &off);
173 static void help(void) {
175 pager_open_if_enabled();
177 printf("%s [OPTIONS...] [MATCHES...]\n\n"
178 "Query the journal.\n\n"
180 " --system Show the system journal\n"
181 " --user Show the user journal for the current user\n"
182 " -M --machine=CONTAINER Operate on local container\n"
183 " --since=DATE Start showing entries on or newer than the specified date\n"
184 " --until=DATE Stop showing entries on or older than the specified date\n"
185 " -c --cursor=CURSOR Start showing entries from the specified cursor\n"
186 " --after-cursor=CURSOR Start showing entries from after the specified cursor\n"
187 " --show-cursor Print the cursor after all the entries\n"
188 " -b --boot[=ID] Show data only from ID or, if unspecified, the current boot\n"
189 " --list-boots Show terse information about recorded boots\n"
190 " -k --dmesg Show kernel message log from the current boot\n"
191 " -u --unit=UNIT Show data only from the specified unit\n"
192 " --user-unit=UNIT Show data only from the specified user session unit\n"
193 " -t --identifier=STRING Show only messages with the specified syslog identifier\n"
194 " -p --priority=RANGE Show only messages within the specified priority range\n"
195 " -e --pager-end Immediately jump to end of the journal in the pager\n"
196 " -f --follow Follow the journal\n"
197 " -n --lines[=INTEGER] Number of journal entries to show\n"
198 " --no-tail Show all lines, even in follow mode\n"
199 " -r --reverse Show the newest entries first\n"
200 " -o --output=STRING Change journal output mode (short, short-iso,\n"
201 " short-precise, short-monotonic, verbose,\n"
202 " export, json, json-pretty, json-sse, cat)\n"
203 " --utc Express time in Coordinated Universal Time (UTC)\n"
204 " -x --catalog Add message explanations where available\n"
205 " --no-full Ellipsize fields\n"
206 " -a --all Show all fields, including long and unprintable\n"
207 " -q --quiet Do not show privilege warning\n"
208 " --no-pager Do not pipe output into a pager\n"
209 " -m --merge Show entries from all available journals\n"
210 " -D --directory=PATH Show journal files from directory\n"
211 " --file=PATH Show journal file\n"
212 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
214 " --interval=TIME Time interval for changing the FSS sealing key\n"
215 " --verify-key=KEY Specify FSS verification key\n"
216 " --force Force overriding of the FSS key pair with --setup-keys\n"
219 " -h --help Show this help text\n"
220 " --version Show package version\n"
221 " --new-id128 Generate a new 128-bit ID\n"
222 " --header Show journal header information\n"
223 " --disk-usage Show total disk usage of all journal files\n"
224 " -F --field=FIELD List all values that a specified field takes\n"
225 " --list-catalog Show message IDs of all entries in the message catalog\n"
226 " --dump-catalog Show entries in the message catalog\n"
227 " --update-catalog Update the message catalog database\n"
229 " --setup-keys Generate a new FSS key pair\n"
230 " --verify Verify journal file consistency\n"
232 , program_invocation_short_name);
235 static int parse_argv(int argc, char *argv[]) {
266 static const struct option options[] = {
267 { "help", no_argument, NULL, 'h' },
268 { "version" , no_argument, NULL, ARG_VERSION },
269 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
270 { "pager-end", no_argument, NULL, 'e' },
271 { "follow", no_argument, NULL, 'f' },
272 { "force", no_argument, NULL, ARG_FORCE },
273 { "output", required_argument, NULL, 'o' },
274 { "all", no_argument, NULL, 'a' },
275 { "full", no_argument, NULL, 'l' },
276 { "no-full", no_argument, NULL, ARG_NO_FULL },
277 { "lines", optional_argument, NULL, 'n' },
278 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
279 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
280 { "quiet", no_argument, NULL, 'q' },
281 { "merge", no_argument, NULL, 'm' },
282 { "boot", optional_argument, NULL, 'b' },
283 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
284 { "this-boot", optional_argument, NULL, 'b' }, /* deprecated */
285 { "dmesg", no_argument, NULL, 'k' },
286 { "system", no_argument, NULL, ARG_SYSTEM },
287 { "user", no_argument, NULL, ARG_USER },
288 { "directory", required_argument, NULL, 'D' },
289 { "file", required_argument, NULL, ARG_FILE },
290 { "root", required_argument, NULL, ARG_ROOT },
291 { "header", no_argument, NULL, ARG_HEADER },
292 { "identifier", required_argument, NULL, 't' },
293 { "priority", required_argument, NULL, 'p' },
294 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
295 { "interval", required_argument, NULL, ARG_INTERVAL },
296 { "verify", no_argument, NULL, ARG_VERIFY },
297 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
298 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
299 { "cursor", required_argument, NULL, 'c' },
300 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
301 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
302 { "since", required_argument, NULL, ARG_SINCE },
303 { "until", required_argument, NULL, ARG_UNTIL },
304 { "unit", required_argument, NULL, 'u' },
305 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
306 { "field", required_argument, NULL, 'F' },
307 { "catalog", no_argument, NULL, 'x' },
308 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
309 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
310 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
311 { "reverse", no_argument, NULL, 'r' },
312 { "machine", required_argument, NULL, 'M' },
313 { "utc", no_argument, NULL, ARG_UTC },
322 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:t:u:F:xrM:", options, NULL)) >= 0)
331 puts(PACKAGE_STRING);
332 puts(SYSTEMD_FEATURES);
340 arg_pager_end = true;
352 arg_output = output_mode_from_string(optarg);
353 if (arg_output < 0) {
354 log_error("Unknown output format '%s'.", optarg);
358 if (arg_output == OUTPUT_EXPORT ||
359 arg_output == OUTPUT_JSON ||
360 arg_output == OUTPUT_JSON_PRETTY ||
361 arg_output == OUTPUT_JSON_SSE ||
362 arg_output == OUTPUT_CAT)
381 if (streq(optarg, "all"))
384 r = safe_atoi(optarg, &arg_lines);
385 if (r < 0 || arg_lines < 0) {
386 log_error("Failed to parse lines '%s'", optarg);
393 /* Hmm, no argument? Maybe the next
394 * word on the command line is
395 * supposed to be the argument? Let's
396 * see if there is one, and is
400 if (streq(argv[optind], "all")) {
403 } else if (safe_atoi(argv[optind], &n) >= 0 && n >= 0) {
417 arg_action = ACTION_NEW_ID128;
432 r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
434 log_error("Failed to parse boot descriptor '%s'", optarg);
439 /* Hmm, no argument? Maybe the next
440 * word on the command line is
441 * supposed to be the argument? Let's
442 * see if there is one and is parsable
443 * as a boot descriptor... */
446 parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset) >= 0)
453 arg_action = ACTION_LIST_BOOTS;
457 arg_boot = arg_dmesg = true;
461 arg_journal_type |= SD_JOURNAL_SYSTEM;
465 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
469 arg_machine = optarg;
473 arg_directory = optarg;
477 r = glob_extend(&arg_file, optarg);
479 log_error("Failed to add paths: %s", strerror(-r));
492 case ARG_AFTER_CURSOR:
493 arg_after_cursor = optarg;
496 case ARG_SHOW_CURSOR:
497 arg_show_cursor = true;
501 arg_action = ACTION_PRINT_HEADER;
505 arg_action = ACTION_VERIFY;
509 arg_action = ACTION_DISK_USAGE;
518 arg_action = ACTION_SETUP_KEYS;
523 arg_action = ACTION_VERIFY;
524 arg_verify_key = optarg;
529 r = parse_sec(optarg, &arg_interval);
530 if (r < 0 || arg_interval <= 0) {
531 log_error("Failed to parse sealing key change interval: %s", optarg);
540 log_error("Forward-secure sealing not available.");
547 dots = strstr(optarg, "..");
553 a = strndup(optarg, dots - optarg);
557 from = log_level_from_string(a);
558 to = log_level_from_string(dots + 2);
561 if (from < 0 || to < 0) {
562 log_error("Failed to parse log level range %s", optarg);
569 for (i = from; i <= to; i++)
570 arg_priorities |= 1 << i;
572 for (i = to; i <= from; i++)
573 arg_priorities |= 1 << i;
579 p = log_level_from_string(optarg);
581 log_error("Unknown log level %s", optarg);
587 for (i = 0; i <= p; i++)
588 arg_priorities |= 1 << i;
595 r = parse_timestamp(optarg, &arg_since);
597 log_error("Failed to parse timestamp: %s", optarg);
600 arg_since_set = true;
604 r = parse_timestamp(optarg, &arg_until);
606 log_error("Failed to parse timestamp: %s", optarg);
609 arg_until_set = true;
613 r = strv_extend(&arg_syslog_identifier, optarg);
619 r = strv_extend(&arg_system_units, optarg);
625 r = strv_extend(&arg_user_units, optarg);
638 case ARG_LIST_CATALOG:
639 arg_action = ACTION_LIST_CATALOG;
642 case ARG_DUMP_CATALOG:
643 arg_action = ACTION_DUMP_CATALOG;
646 case ARG_UPDATE_CATALOG:
647 arg_action = ACTION_UPDATE_CATALOG;
662 assert_not_reached("Unhandled option");
665 if (arg_follow && !arg_no_tail && arg_lines < -1)
668 if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
669 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
673 if (arg_since_set && arg_until_set && arg_since > arg_until) {
674 log_error("--since= must be before --until=.");
678 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
679 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
683 if (arg_follow && arg_reverse) {
684 log_error("Please specify either --reverse= or --follow=, not both.");
688 if (arg_action != ACTION_SHOW && optind < argc) {
689 log_error("Extraneous arguments starting with '%s'", argv[optind]);
696 static int generate_new_id128(void) {
701 r = sd_id128_randomize(&id);
703 log_error("Failed to generate ID: %s", strerror(-r));
707 printf("As string:\n"
708 SD_ID128_FORMAT_STR "\n\n"
710 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
712 "#define MESSAGE_XYZ SD_ID128_MAKE(",
713 SD_ID128_FORMAT_VAL(id),
714 SD_ID128_FORMAT_VAL(id));
715 for (i = 0; i < 16; i++)
716 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
717 fputs(")\n\n", stdout);
719 printf("As Python constant:\n"
721 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
722 SD_ID128_FORMAT_VAL(id));
727 static int add_matches(sd_journal *j, char **args) {
729 bool have_term = false;
733 STRV_FOREACH(i, args) {
736 if (streq(*i, "+")) {
739 r = sd_journal_add_disjunction(j);
742 } else if (path_is_absolute(*i)) {
743 _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
745 _cleanup_free_ char *interpreter = NULL;
748 p = canonicalize_file_name(*i);
751 if (stat(path, &st) < 0) {
752 log_error("Couldn't stat file: %m");
756 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
757 if (executable_is_script(path, &interpreter) > 0) {
758 _cleanup_free_ char *comm;
760 comm = strndup(basename(path), 15);
764 t = strappend("_COMM=", comm);
766 /* Append _EXE only if the interpreter is not a link.
767 Otherwise, it might be outdated often. */
768 if (lstat(interpreter, &st) == 0 &&
769 !S_ISLNK(st.st_mode)) {
770 t2 = strappend("_EXE=", interpreter);
775 t = strappend("_EXE=", path);
776 } else if (S_ISCHR(st.st_mode)) {
777 if (asprintf(&t, "_KERNEL_DEVICE=c%u:%u",
779 minor(st.st_rdev)) < 0)
781 } else if (S_ISBLK(st.st_mode)) {
782 if (asprintf(&t, "_KERNEL_DEVICE=b%u:%u",
784 minor(st.st_rdev)) < 0)
787 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
794 r = sd_journal_add_match(j, t, 0);
796 r = sd_journal_add_match(j, t2, 0);
800 r = sd_journal_add_match(j, *i, 0);
805 log_error("Failed to add match '%s': %s", *i, strerror(-r));
810 if (!strv_isempty(args) && !have_term) {
811 log_error("\"+\" can only be used between terms");
818 static int boot_id_cmp(const void *a, const void *b) {
821 _a = ((const boot_id_t *)a)->first;
822 _b = ((const boot_id_t *)b)->first;
824 return _a < _b ? -1 : (_a > _b ? 1 : 0);
827 static int list_boots(sd_journal *j) {
830 unsigned int count = 0;
832 size_t length, allocated = 0;
834 _cleanup_free_ boot_id_t *all_ids = NULL;
836 r = sd_journal_query_unique(j, "_BOOT_ID");
840 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
841 if (length < strlen("_BOOT_ID="))
844 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
847 id = &all_ids[count];
849 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
853 r = sd_journal_add_match(j, data, length);
857 r = sd_journal_seek_head(j);
861 r = sd_journal_next(j);
867 r = sd_journal_get_realtime_usec(j, &id->first);
871 r = sd_journal_seek_tail(j);
875 r = sd_journal_previous(j);
881 r = sd_journal_get_realtime_usec(j, &id->last);
887 sd_journal_flush_matches(j);
890 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
892 /* numbers are one less, but we need an extra char for the sign */
893 w = DECIMAL_STR_WIDTH(count - 1) + 1;
895 for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
896 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
898 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
900 SD_ID128_FORMAT_VAL(id->id),
901 format_timestamp_maybe_utc(a, sizeof(a), id->first),
902 format_timestamp_maybe_utc(b, sizeof(b), id->last));
908 static int get_relative_boot_id(sd_journal *j, sd_id128_t *boot_id, int relative) {
911 unsigned int count = 0;
912 size_t length, allocated = 0;
913 boot_id_t ref_boot_id = {SD_ID128_NULL}, *id;
914 _cleanup_free_ boot_id_t *all_ids = NULL;
919 r = sd_journal_query_unique(j, "_BOOT_ID");
923 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
924 if (length < strlen("_BOOT_ID="))
927 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
930 id = &all_ids[count];
932 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
936 r = sd_journal_add_match(j, data, length);
940 r = sd_journal_seek_head(j);
944 r = sd_journal_next(j);
950 r = sd_journal_get_realtime_usec(j, &id->first);
954 if (sd_id128_equal(id->id, *boot_id))
959 sd_journal_flush_matches(j);
962 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
964 if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
965 if (relative > (int) count || relative <= -(int)count)
966 return -EADDRNOTAVAIL;
968 *boot_id = all_ids[(relative <= 0)*count + relative - 1].id;
970 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
973 relative <= 0 ? (id - all_ids) + relative < 0 :
974 (id - all_ids) + relative >= (int) count)
975 return -EADDRNOTAVAIL;
977 *boot_id = (id + relative)->id;
983 static int add_boot(sd_journal *j) {
984 char match[9+32+1] = "_BOOT_ID=";
992 if (arg_boot_offset == 0 && sd_id128_equal(arg_boot_id, SD_ID128_NULL))
993 return add_match_this_boot(j, arg_machine);
995 r = get_relative_boot_id(j, &arg_boot_id, arg_boot_offset);
997 if (sd_id128_equal(arg_boot_id, SD_ID128_NULL))
998 log_error("Failed to look up boot %+i: %s", arg_boot_offset, strerror(-r));
1000 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+i: %s",
1001 SD_ID128_FORMAT_VAL(arg_boot_id), arg_boot_offset, strerror(-r));
1005 sd_id128_to_string(arg_boot_id, match + 9);
1007 r = sd_journal_add_match(j, match, sizeof(match) - 1);
1009 log_error("Failed to add match: %s", strerror(-r));
1013 r = sd_journal_add_conjunction(j);
1020 static int add_dmesg(sd_journal *j) {
1027 r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
1029 log_error("Failed to add match: %s", strerror(-r));
1033 r = sd_journal_add_conjunction(j);
1040 static int get_possible_units(sd_journal *j,
1044 _cleanup_set_free_free_ Set *found;
1048 found = set_new(&string_hash_ops);
1052 NULSTR_FOREACH(field, fields) {
1056 r = sd_journal_query_unique(j, field);
1060 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1061 char **pattern, *eq;
1063 _cleanup_free_ char *u = NULL;
1065 eq = memchr(data, '=', size);
1067 prefix = eq - (char*) data + 1;
1071 u = strndup((char*) data + prefix, size - prefix);
1075 STRV_FOREACH(pattern, patterns)
1076 if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
1077 log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
1079 r = set_consume(found, u);
1081 if (r < 0 && r != -EEXIST)
1094 /* This list is supposed to return the superset of unit names
1095 * possibly matched by rules added with add_matches_for_unit... */
1096 #define SYSTEM_UNITS \
1100 "OBJECT_SYSTEMD_UNIT\0" \
1103 /* ... and add_matches_for_user_unit */
1104 #define USER_UNITS \
1105 "_SYSTEMD_USER_UNIT\0" \
1107 "COREDUMP_USER_UNIT\0" \
1108 "OBJECT_SYSTEMD_USER_UNIT\0"
1110 static int add_units(sd_journal *j) {
1111 _cleanup_strv_free_ char **patterns = NULL;
1117 STRV_FOREACH(i, arg_system_units) {
1118 _cleanup_free_ char *u = NULL;
1120 u = unit_name_mangle(*i, MANGLE_GLOB);
1124 if (string_is_glob(u)) {
1125 r = strv_push(&patterns, u);
1130 r = add_matches_for_unit(j, u);
1133 r = sd_journal_add_disjunction(j);
1140 if (!strv_isempty(patterns)) {
1141 _cleanup_set_free_free_ Set *units = NULL;
1145 r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
1149 SET_FOREACH(u, units, it) {
1150 r = add_matches_for_unit(j, u);
1153 r = sd_journal_add_disjunction(j);
1160 strv_free(patterns);
1163 STRV_FOREACH(i, arg_user_units) {
1164 _cleanup_free_ char *u = NULL;
1166 u = unit_name_mangle(*i, MANGLE_GLOB);
1170 if (string_is_glob(u)) {
1171 r = strv_push(&patterns, u);
1176 r = add_matches_for_user_unit(j, u, getuid());
1179 r = sd_journal_add_disjunction(j);
1186 if (!strv_isempty(patterns)) {
1187 _cleanup_set_free_free_ Set *units = NULL;
1191 r = get_possible_units(j, USER_UNITS, patterns, &units);
1195 SET_FOREACH(u, units, it) {
1196 r = add_matches_for_user_unit(j, u, getuid());
1199 r = sd_journal_add_disjunction(j);
1206 /* Complain if the user request matches but nothing whatsoever was
1207 * found, since otherwise everything would be matched. */
1208 if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
1211 r = sd_journal_add_conjunction(j);
1218 static int add_priorities(sd_journal *j) {
1219 char match[] = "PRIORITY=0";
1223 if (arg_priorities == 0xFF)
1226 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1227 if (arg_priorities & (1 << i)) {
1228 match[sizeof(match)-2] = '0' + i;
1230 r = sd_journal_add_match(j, match, strlen(match));
1232 log_error("Failed to add match: %s", strerror(-r));
1237 r = sd_journal_add_conjunction(j);
1245 static int add_syslog_identifier(sd_journal *j) {
1251 STRV_FOREACH(i, arg_syslog_identifier) {
1254 u = strappenda("SYSLOG_IDENTIFIER=", *i);
1255 r = sd_journal_add_match(j, u, 0);
1258 r = sd_journal_add_disjunction(j);
1263 r = sd_journal_add_conjunction(j);
1270 static int setup_keys(void) {
1272 size_t mpk_size, seed_size, state_size, i;
1273 uint8_t *mpk, *seed, *state;
1275 int fd = -1, r, attr = 0;
1276 sd_id128_t machine, boot;
1277 char *p = NULL, *k = NULL;
1282 r = stat("/var/log/journal", &st);
1283 if (r < 0 && errno != ENOENT && errno != ENOTDIR) {
1284 log_error("stat(\"%s\") failed: %m", "/var/log/journal");
1288 if (r < 0 || !S_ISDIR(st.st_mode)) {
1289 log_error("%s is not a directory, must be using persistent logging for FSS.",
1290 "/var/log/journal");
1291 return r < 0 ? -errno : -ENOTDIR;
1294 r = sd_id128_get_machine(&machine);
1296 log_error("Failed to get machine ID: %s", strerror(-r));
1300 r = sd_id128_get_boot(&boot);
1302 log_error("Failed to get boot ID: %s", strerror(-r));
1306 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1307 SD_ID128_FORMAT_VAL(machine)) < 0)
1310 if (access(p, F_OK) >= 0) {
1314 log_error("unlink(\"%s\") failed: %m", p);
1319 log_error("Sealing key file %s exists already. (--force to recreate)", p);
1325 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1326 SD_ID128_FORMAT_VAL(machine)) < 0) {
1331 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1332 mpk = alloca(mpk_size);
1334 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1335 seed = alloca(seed_size);
1337 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1338 state = alloca(state_size);
1340 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1342 log_error("Failed to open /dev/random: %m");
1347 log_info("Generating seed...");
1348 l = loop_read(fd, seed, seed_size, true);
1349 if (l < 0 || (size_t) l != seed_size) {
1350 log_error("Failed to read random seed: %s", strerror(EIO));
1355 log_info("Generating key pair...");
1356 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1358 log_info("Generating sealing key...");
1359 FSPRG_GenState0(state, mpk, seed, seed_size);
1361 assert(arg_interval > 0);
1363 n = now(CLOCK_REALTIME);
1367 fd = mkostemp_safe(k, O_WRONLY|O_CLOEXEC);
1369 log_error("Failed to open %s: %m", k);
1374 /* Enable secure remove, exclusion from dump, synchronous
1375 * writing and in-place updating */
1376 if (ioctl(fd, FS_IOC_GETFLAGS, &attr) < 0)
1377 log_warning("FS_IOC_GETFLAGS failed: %m");
1379 attr |= FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL;
1381 if (ioctl(fd, FS_IOC_SETFLAGS, &attr) < 0)
1382 log_warning("FS_IOC_SETFLAGS failed: %m");
1385 memcpy(h.signature, "KSHHRHLP", 8);
1386 h.machine_id = machine;
1388 h.header_size = htole64(sizeof(h));
1389 h.start_usec = htole64(n * arg_interval);
1390 h.interval_usec = htole64(arg_interval);
1391 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1392 h.fsprg_state_size = htole64(state_size);
1394 l = loop_write(fd, &h, sizeof(h), false);
1395 if (l < 0 || (size_t) l != sizeof(h)) {
1396 log_error("Failed to write header: %s", strerror(EIO));
1401 l = loop_write(fd, state, state_size, false);
1402 if (l < 0 || (size_t) l != state_size) {
1403 log_error("Failed to write state: %s", strerror(EIO));
1408 if (link(k, p) < 0) {
1409 log_error("Failed to link file: %m");
1417 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1418 "the following local file. This key file is automatically updated when the\n"
1419 "sealing key is advanced. It should not be used on multiple hosts.\n"
1423 "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1424 "at a safe location and should not be saved locally on disk.\n"
1425 "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1428 for (i = 0; i < seed_size; i++) {
1429 if (i > 0 && i % 3 == 0)
1431 printf("%02x", ((uint8_t*) seed)[i]);
1434 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1437 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1440 ANSI_HIGHLIGHT_OFF "\n"
1441 "The sealing key is automatically changed every %s.\n",
1442 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1444 hn = gethostname_malloc();
1447 hostname_cleanup(hn, false);
1448 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1450 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1452 #ifdef HAVE_QRENCODE
1453 /* If this is not an UTF-8 system don't print any QR codes */
1454 if (is_locale_utf8()) {
1455 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1456 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1476 log_error("Forward-secure sealing not available.");
1481 static int verify(sd_journal *j) {
1488 log_show_color(true);
1490 HASHMAP_FOREACH(f, j->files, i) {
1492 usec_t first, validated, last;
1495 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1496 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1499 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1501 /* If the key was invalid give up right-away. */
1504 log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1507 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1508 log_info("PASS: %s", f->path);
1510 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1511 if (validated > 0) {
1512 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1513 format_timestamp_maybe_utc(a, sizeof(a), first),
1514 format_timestamp_maybe_utc(b, sizeof(b), validated),
1515 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1516 } else if (last > 0)
1517 log_info("=> No sealing yet, %s of entries not sealed.",
1518 format_timespan(c, sizeof(c), last - first, 0));
1520 log_info("=> No sealing yet, no entries in file.");
1529 static int access_check_var_log_journal(sd_journal *j) {
1530 _cleanup_strv_free_ char **g = NULL;
1536 have_access = in_group("systemd-journal") > 0;
1539 /* Let's enumerate all groups from the default ACL of
1540 * the directory, which generally should allow access
1541 * to most journal files too */
1542 r = search_acl_groups(&g, "/var/log/journal/", &have_access);
1549 if (strv_isempty(g))
1550 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1551 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1552 " turn off this notice.");
1554 _cleanup_free_ char *s = NULL;
1556 r = strv_extend(&g, "systemd-journal");
1563 s = strv_join(g, "', '");
1567 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1568 " Users in the groups '%s' can see all messages.\n"
1569 " Pass -q to turn off this notice.", s);
1577 static int access_check(sd_journal *j) {
1584 if (set_isempty(j->errors)) {
1585 if (hashmap_isempty(j->files))
1586 log_notice("No journal files were found.");
1590 if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1592 /* If /var/log/journal doesn't even exist,
1593 * unprivileged users have no access at all */
1594 if (access("/var/log/journal", F_OK) < 0 &&
1596 in_group("systemd-journal") <= 0) {
1597 log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
1598 "enabled. Users in the 'systemd-journal' group may always access messages.");
1602 /* If /var/log/journal exists, try to pring a nice
1603 notice if the user lacks access to it */
1604 if (!arg_quiet && geteuid() != 0) {
1605 r = access_check_var_log_journal(j);
1610 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1611 log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1612 "group may access messages.");
1617 if (hashmap_isempty(j->files)) {
1618 log_error("No journal files were opened due to insufficient permissions.");
1623 SET_FOREACH(code, j->errors, it) {
1626 err = -PTR_TO_INT(code);
1630 log_warning("Error was encountered while opening journal files: %s",
1637 int main(int argc, char *argv[]) {
1639 _cleanup_journal_close_ sd_journal *j = NULL;
1640 bool need_seek = false;
1641 sd_id128_t previous_boot_id;
1642 bool previous_boot_id_valid = false, first_line = true;
1644 bool ellipsized = false;
1646 setlocale(LC_ALL, "");
1647 log_parse_environment();
1650 r = parse_argv(argc, argv);
1654 signal(SIGWINCH, columns_lines_cache_reset);
1656 if (arg_action == ACTION_NEW_ID128) {
1657 r = generate_new_id128();
1661 if (arg_action == ACTION_SETUP_KEYS) {
1666 if (arg_action == ACTION_UPDATE_CATALOG ||
1667 arg_action == ACTION_LIST_CATALOG ||
1668 arg_action == ACTION_DUMP_CATALOG) {
1670 _cleanup_free_ char *database;
1672 database = path_join(arg_root, CATALOG_DATABASE, NULL);
1678 if (arg_action == ACTION_UPDATE_CATALOG) {
1679 r = catalog_update(database, arg_root, catalog_file_dirs);
1681 log_error("Failed to list catalog: %s", strerror(-r));
1683 bool oneline = arg_action == ACTION_LIST_CATALOG;
1686 r = catalog_list_items(stdout, database,
1687 oneline, argv + optind);
1689 r = catalog_list(stdout, database, oneline);
1691 log_error("Failed to list catalog: %s", strerror(-r));
1698 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1700 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1701 else if (arg_machine)
1702 r = sd_journal_open_container(&j, arg_machine, 0);
1704 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1706 log_error("Failed to open %s: %s",
1707 arg_directory ? arg_directory : arg_file ? "files" : "journal",
1709 return EXIT_FAILURE;
1712 r = access_check(j);
1714 return EXIT_FAILURE;
1716 if (arg_action == ACTION_VERIFY) {
1721 if (arg_action == ACTION_PRINT_HEADER) {
1722 journal_print_header(j);
1723 return EXIT_SUCCESS;
1726 if (arg_action == ACTION_DISK_USAGE) {
1728 char sbytes[FORMAT_BYTES_MAX];
1730 r = sd_journal_get_usage(j, &bytes);
1732 return EXIT_FAILURE;
1734 printf("Journals take up %s on disk.\n",
1735 format_bytes(sbytes, sizeof(sbytes), bytes));
1736 return EXIT_SUCCESS;
1739 if (arg_action == ACTION_LIST_BOOTS) {
1744 /* add_boot() must be called first!
1745 * It may need to seek the journal to find parent boot IDs. */
1748 return EXIT_FAILURE;
1752 return EXIT_FAILURE;
1755 strv_free(arg_system_units);
1756 strv_free(arg_user_units);
1759 log_error("Failed to add filter for units: %s", strerror(-r));
1760 return EXIT_FAILURE;
1763 r = add_syslog_identifier(j);
1765 log_error("Failed to add filter for syslog identifiers: %s", strerror(-r));
1766 return EXIT_FAILURE;
1769 r = add_priorities(j);
1771 log_error("Failed to add filter for priorities: %s", strerror(-r));
1772 return EXIT_FAILURE;
1775 r = add_matches(j, argv + optind);
1777 log_error("Failed to add filters: %s", strerror(-r));
1778 return EXIT_FAILURE;
1781 if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) {
1782 _cleanup_free_ char *filter;
1784 filter = journal_make_match_string(j);
1785 log_debug("Journal filter: %s", filter);
1792 r = sd_journal_set_data_threshold(j, 0);
1794 log_error("Failed to unset data size threshold");
1795 return EXIT_FAILURE;
1798 r = sd_journal_query_unique(j, arg_field);
1800 log_error("Failed to query unique data objects: %s", strerror(-r));
1801 return EXIT_FAILURE;
1804 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1807 if (arg_lines >= 0 && n_shown >= arg_lines)
1810 eq = memchr(data, '=', size);
1812 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1814 printf("%.*s\n", (int) size, (const char*) data);
1819 return EXIT_SUCCESS;
1822 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1824 r = sd_journal_get_fd(j);
1826 return EXIT_FAILURE;
1829 if (arg_cursor || arg_after_cursor) {
1830 r = sd_journal_seek_cursor(j, arg_cursor ?: arg_after_cursor);
1832 log_error("Failed to seek to cursor: %s", strerror(-r));
1833 return EXIT_FAILURE;
1836 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1838 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1840 if (arg_after_cursor && r < 2 && !arg_follow)
1841 /* We couldn't find the next entry after the cursor. */
1844 } else if (arg_since_set && !arg_reverse) {
1845 r = sd_journal_seek_realtime_usec(j, arg_since);
1847 log_error("Failed to seek to date: %s", strerror(-r));
1848 return EXIT_FAILURE;
1850 r = sd_journal_next(j);
1852 } else if (arg_until_set && arg_reverse) {
1853 r = sd_journal_seek_realtime_usec(j, arg_until);
1855 log_error("Failed to seek to date: %s", strerror(-r));
1856 return EXIT_FAILURE;
1858 r = sd_journal_previous(j);
1860 } else if (arg_lines >= 0) {
1861 r = sd_journal_seek_tail(j);
1863 log_error("Failed to seek to tail: %s", strerror(-r));
1864 return EXIT_FAILURE;
1867 r = sd_journal_previous_skip(j, arg_lines);
1869 } else if (arg_reverse) {
1870 r = sd_journal_seek_tail(j);
1872 log_error("Failed to seek to tail: %s", strerror(-r));
1873 return EXIT_FAILURE;
1876 r = sd_journal_previous(j);
1879 r = sd_journal_seek_head(j);
1881 log_error("Failed to seek to head: %s", strerror(-r));
1882 return EXIT_FAILURE;
1885 r = sd_journal_next(j);
1889 log_error("Failed to iterate through journal: %s", strerror(-r));
1890 return EXIT_FAILURE;
1894 pager_open_if_enabled();
1898 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1900 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1902 log_error("Failed to get cutoff: %s", strerror(-r));
1908 printf("-- Logs begin at %s. --\n",
1909 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
1911 printf("-- Logs begin at %s, end at %s. --\n",
1912 format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
1913 format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
1918 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
1923 r = sd_journal_next(j);
1925 r = sd_journal_previous(j);
1927 log_error("Failed to iterate through journal: %s", strerror(-r));
1934 if (arg_until_set && !arg_reverse) {
1937 r = sd_journal_get_realtime_usec(j, &usec);
1939 log_error("Failed to determine timestamp: %s", strerror(-r));
1942 if (usec > arg_until)
1946 if (arg_since_set && arg_reverse) {
1949 r = sd_journal_get_realtime_usec(j, &usec);
1951 log_error("Failed to determine timestamp: %s", strerror(-r));
1954 if (usec < arg_since)
1958 if (!arg_merge && !arg_quiet) {
1961 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1963 if (previous_boot_id_valid &&
1964 !sd_id128_equal(boot_id, previous_boot_id))
1965 printf("%s-- Reboot --%s\n",
1966 ansi_highlight(), ansi_highlight_off());
1968 previous_boot_id = boot_id;
1969 previous_boot_id_valid = true;
1974 arg_all * OUTPUT_SHOW_ALL |
1975 arg_full * OUTPUT_FULL_WIDTH |
1976 on_tty() * OUTPUT_COLOR |
1977 arg_catalog * OUTPUT_CATALOG |
1978 arg_utc * OUTPUT_UTC;
1980 r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
1982 if (r == -EADDRNOTAVAIL)
1984 else if (r < 0 || ferror(stdout))
1991 if (arg_show_cursor) {
1992 _cleanup_free_ char *cursor = NULL;
1994 r = sd_journal_get_cursor(j, &cursor);
1995 if (r < 0 && r != -EADDRNOTAVAIL)
1996 log_error("Failed to get cursor: %s", strerror(-r));
1998 printf("-- cursor: %s\n", cursor);
2004 r = sd_journal_wait(j, (uint64_t) -1);
2006 log_error("Couldn't wait for journal event: %s", strerror(-r));
2016 strv_free(arg_file);
2018 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob