1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
34 #include <sys/ioctl.h>
42 #include <systemd/sd-journal.h>
45 #include "logs-show.h"
47 #include "path-util.h"
52 #include "journal-internal.h"
53 #include "journal-def.h"
54 #include "journal-verify.h"
55 #include "journal-authenticate.h"
56 #include "journal-qrcode.h"
58 #include "unit-name.h"
61 #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
63 static OutputMode arg_output = OUTPUT_SHORT;
64 static bool arg_pager_end = false;
65 static bool arg_follow = false;
66 static bool arg_full = true;
67 static bool arg_all = false;
68 static bool arg_no_pager = false;
69 static int arg_lines = -1;
70 static bool arg_no_tail = false;
71 static bool arg_quiet = false;
72 static bool arg_merge = false;
73 static bool arg_boot = false;
74 static char *arg_boot_descriptor = NULL;
75 static bool arg_dmesg = false;
76 static const char *arg_cursor = NULL;
77 static const char *arg_after_cursor = NULL;
78 static bool arg_show_cursor = false;
79 static const char *arg_directory = NULL;
80 static char **arg_file = NULL;
81 static int arg_priorities = 0xFF;
82 static const char *arg_verify_key = NULL;
84 static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
85 static bool arg_force = false;
87 static usec_t arg_since, arg_until;
88 static bool arg_since_set = false, arg_until_set = false;
89 static char **arg_system_units = NULL;
90 static char **arg_user_units = NULL;
91 static const char *arg_field = NULL;
92 static bool arg_catalog = false;
93 static bool arg_reverse = false;
94 static int arg_journal_type = 0;
95 static const char *arg_root = NULL;
96 static const char *arg_machine = NULL;
107 ACTION_UPDATE_CATALOG,
109 } arg_action = ACTION_SHOW;
111 typedef struct boot_id_t {
117 static void pager_open_if_enabled(void) {
122 pager_open(arg_pager_end);
125 static int help(void) {
127 pager_open_if_enabled();
129 printf("%s [OPTIONS...] [MATCHES...]\n\n"
130 "Query the journal.\n\n"
132 " --system Show only the system journal\n"
133 " --user Show only the user journal for the current user\n"
134 " -M --machine=CONTAINER Operate on local container\n"
135 " --since=DATE Start showing entries on or newer than the specified date\n"
136 " --until=DATE Stop showing entries on or older than the specified date\n"
137 " -c --cursor=CURSOR Start showing entries from the specified cursor\n"
138 " --after-cursor=CURSOR Start showing entries from after the specified cursor\n"
139 " --show-cursor Print the cursor after all the entries\n"
140 " -b --boot[=ID] Show data only from ID or, if unspecified, the current boot\n"
141 " --list-boots Show terse information about recorded boots\n"
142 " -k --dmesg Show kernel message log from the current boot\n"
143 " -u --unit=UNIT Show data only from the specified unit\n"
144 " --user-unit=UNIT Show data only from the specified user session unit\n"
145 " -p --priority=RANGE Show only messages within the specified priority range\n"
146 " -e --pager-end Immediately jump to end of the journal in the pager\n"
147 " -f --follow Follow the journal\n"
148 " -n --lines[=INTEGER] Number of journal entries to show\n"
149 " --no-tail Show all lines, even in follow mode\n"
150 " -r --reverse Show the newest entries first\n"
151 " -o --output=STRING Change journal output mode (short, short-iso,\n"
152 " short-precise, short-monotonic, verbose,\n"
153 " export, json, json-pretty, json-sse, cat)\n"
154 " -x --catalog Add message explanations where available\n"
155 " --no-full Ellipsize fields\n"
156 " -a --all Show all fields, including long and unprintable\n"
157 " -q --quiet Do not show privilege warning\n"
158 " --no-pager Do not pipe output into a pager\n"
159 " -m --merge Show entries from all available journals\n"
160 " -D --directory=PATH Show journal files from directory\n"
161 " --file=PATH Show journal file\n"
162 " --root=ROOT Operate on catalog files underneath the root ROOT\n"
164 " --interval=TIME Time interval for changing the FSS sealing key\n"
165 " --verify-key=KEY Specify FSS verification key\n"
166 " --force Force overriding of the FSS key pair with --setup-keys\n"
169 " -h --help Show this help text\n"
170 " --version Show package version\n"
171 " --new-id128 Generate a new 128-bit ID\n"
172 " --header Show journal header information\n"
173 " --disk-usage Show total disk usage of all journal files\n"
174 " -F --field=FIELD List all values that a specified field takes\n"
175 " --list-catalog Show message IDs of all entries in the message catalog\n"
176 " --dump-catalog Show entries in the message catalog\n"
177 " --update-catalog Update the message catalog database\n"
179 " --setup-keys Generate a new FSS key pair\n"
180 " --verify Verify journal file consistency\n"
182 , program_invocation_short_name);
187 static int parse_argv(int argc, char *argv[]) {
217 static const struct option options[] = {
218 { "help", no_argument, NULL, 'h' },
219 { "version" , no_argument, NULL, ARG_VERSION },
220 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
221 { "pager-end", no_argument, NULL, 'e' },
222 { "follow", no_argument, NULL, 'f' },
223 { "force", no_argument, NULL, ARG_FORCE },
224 { "output", required_argument, NULL, 'o' },
225 { "all", no_argument, NULL, 'a' },
226 { "full", no_argument, NULL, 'l' },
227 { "no-full", no_argument, NULL, ARG_NO_FULL },
228 { "lines", optional_argument, NULL, 'n' },
229 { "no-tail", no_argument, NULL, ARG_NO_TAIL },
230 { "new-id128", no_argument, NULL, ARG_NEW_ID128 },
231 { "quiet", no_argument, NULL, 'q' },
232 { "merge", no_argument, NULL, 'm' },
233 { "boot", optional_argument, NULL, 'b' },
234 { "list-boots", no_argument, NULL, ARG_LIST_BOOTS },
235 { "this-boot", optional_argument, NULL, 'b' }, /* deprecated */
236 { "dmesg", no_argument, NULL, 'k' },
237 { "system", no_argument, NULL, ARG_SYSTEM },
238 { "user", no_argument, NULL, ARG_USER },
239 { "directory", required_argument, NULL, 'D' },
240 { "file", required_argument, NULL, ARG_FILE },
241 { "root", required_argument, NULL, ARG_ROOT },
242 { "header", no_argument, NULL, ARG_HEADER },
243 { "priority", required_argument, NULL, 'p' },
244 { "setup-keys", no_argument, NULL, ARG_SETUP_KEYS },
245 { "interval", required_argument, NULL, ARG_INTERVAL },
246 { "verify", no_argument, NULL, ARG_VERIFY },
247 { "verify-key", required_argument, NULL, ARG_VERIFY_KEY },
248 { "disk-usage", no_argument, NULL, ARG_DISK_USAGE },
249 { "cursor", required_argument, NULL, 'c' },
250 { "after-cursor", required_argument, NULL, ARG_AFTER_CURSOR },
251 { "show-cursor", no_argument, NULL, ARG_SHOW_CURSOR },
252 { "since", required_argument, NULL, ARG_SINCE },
253 { "until", required_argument, NULL, ARG_UNTIL },
254 { "unit", required_argument, NULL, 'u' },
255 { "user-unit", required_argument, NULL, ARG_USER_UNIT },
256 { "field", required_argument, NULL, 'F' },
257 { "catalog", no_argument, NULL, 'x' },
258 { "list-catalog", no_argument, NULL, ARG_LIST_CATALOG },
259 { "dump-catalog", no_argument, NULL, ARG_DUMP_CATALOG },
260 { "update-catalog", no_argument, NULL, ARG_UPDATE_CATALOG },
261 { "reverse", no_argument, NULL, 'r' },
262 { "machine", required_argument, NULL, 'M' },
271 while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:c:u:F:xrM:", options, NULL)) >= 0) {
279 puts(PACKAGE_STRING);
280 puts(SYSTEMD_FEATURES);
288 arg_pager_end = true;
300 arg_output = output_mode_from_string(optarg);
301 if (arg_output < 0) {
302 log_error("Unknown output format '%s'.", optarg);
306 if (arg_output == OUTPUT_EXPORT ||
307 arg_output == OUTPUT_JSON ||
308 arg_output == OUTPUT_JSON_PRETTY ||
309 arg_output == OUTPUT_JSON_SSE ||
310 arg_output == OUTPUT_CAT)
329 r = safe_atoi(optarg, &arg_lines);
330 if (r < 0 || arg_lines < 0) {
331 log_error("Failed to parse lines '%s'", optarg);
337 /* Hmm, no argument? Maybe the next
338 * word on the command line is
339 * supposed to be the argument? Let's
340 * see if there is one, and is
341 * parsable as a positive
345 safe_atoi(argv[optind], &n) >= 0 &&
361 arg_action = ACTION_NEW_ID128;
374 arg_boot_descriptor = optarg;
379 arg_action = ACTION_LIST_BOOTS;
383 arg_boot = arg_dmesg = true;
387 arg_journal_type |= SD_JOURNAL_SYSTEM;
391 arg_journal_type |= SD_JOURNAL_CURRENT_USER;
395 arg_machine = optarg;
399 arg_directory = optarg;
403 r = glob_extend(&arg_file, optarg);
405 log_error("Failed to add paths: %s", strerror(-r));
418 case ARG_AFTER_CURSOR:
419 arg_after_cursor = optarg;
422 case ARG_SHOW_CURSOR:
423 arg_show_cursor = true;
427 arg_action = ACTION_PRINT_HEADER;
431 arg_action = ACTION_VERIFY;
435 arg_action = ACTION_DISK_USAGE;
444 arg_action = ACTION_SETUP_KEYS;
449 arg_action = ACTION_VERIFY;
450 arg_verify_key = optarg;
455 r = parse_sec(optarg, &arg_interval);
456 if (r < 0 || arg_interval <= 0) {
457 log_error("Failed to parse sealing key change interval: %s", optarg);
466 log_error("Forward-secure sealing not available.");
473 dots = strstr(optarg, "..");
479 a = strndup(optarg, dots - optarg);
483 from = log_level_from_string(a);
484 to = log_level_from_string(dots + 2);
487 if (from < 0 || to < 0) {
488 log_error("Failed to parse log level range %s", optarg);
495 for (i = from; i <= to; i++)
496 arg_priorities |= 1 << i;
498 for (i = to; i <= from; i++)
499 arg_priorities |= 1 << i;
505 p = log_level_from_string(optarg);
507 log_error("Unknown log level %s", optarg);
513 for (i = 0; i <= p; i++)
514 arg_priorities |= 1 << i;
521 r = parse_timestamp(optarg, &arg_since);
523 log_error("Failed to parse timestamp: %s", optarg);
526 arg_since_set = true;
530 r = parse_timestamp(optarg, &arg_until);
532 log_error("Failed to parse timestamp: %s", optarg);
535 arg_until_set = true;
539 r = strv_extend(&arg_system_units, optarg);
545 r = strv_extend(&arg_user_units, optarg);
558 case ARG_LIST_CATALOG:
559 arg_action = ACTION_LIST_CATALOG;
562 case ARG_DUMP_CATALOG:
563 arg_action = ACTION_DUMP_CATALOG;
566 case ARG_UPDATE_CATALOG:
567 arg_action = ACTION_UPDATE_CATALOG;
578 assert_not_reached("Unhandled option");
582 if (arg_follow && !arg_no_tail && arg_lines < 0)
585 if (!!arg_directory + !!arg_file + !!arg_machine > 1) {
586 log_error("Please specify either -D/--directory= or --file= or -M/--machine=, not more than one.");
590 if (arg_since_set && arg_until_set && arg_since > arg_until) {
591 log_error("--since= must be before --until=.");
595 if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) {
596 log_error("Please specify only one of --since=, --cursor=, and --after-cursor.");
600 if (arg_follow && arg_reverse) {
601 log_error("Please specify either --reverse= or --follow=, not both.");
608 static int generate_new_id128(void) {
613 r = sd_id128_randomize(&id);
615 log_error("Failed to generate ID: %s", strerror(-r));
619 printf("As string:\n"
620 SD_ID128_FORMAT_STR "\n\n"
622 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n\n"
624 "#define MESSAGE_XYZ SD_ID128_MAKE(",
625 SD_ID128_FORMAT_VAL(id),
626 SD_ID128_FORMAT_VAL(id));
627 for (i = 0; i < 16; i++)
628 printf("%02x%s", id.bytes[i], i != 15 ? "," : "");
629 fputs(")\n\n", stdout);
631 printf("As Python constant:\n"
633 ">>> MESSAGE_XYZ = uuid.UUID('" SD_ID128_FORMAT_STR "')\n",
634 SD_ID128_FORMAT_VAL(id));
639 static int add_matches(sd_journal *j, char **args) {
644 STRV_FOREACH(i, args) {
648 r = sd_journal_add_disjunction(j);
649 else if (path_is_absolute(*i)) {
650 _cleanup_free_ char *p, *t = NULL, *t2 = NULL;
652 _cleanup_free_ char *interpreter = NULL;
655 p = canonicalize_file_name(*i);
658 if (stat(path, &st) < 0) {
659 log_error("Couldn't stat file: %m");
663 if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
664 if (executable_is_script(path, &interpreter) > 0) {
665 _cleanup_free_ char *comm;
667 comm = strndup(basename(path), 15);
671 t = strappend("_COMM=", comm);
673 /* Append _EXE only if the interpreter is not a link.
674 Otherwise it might be outdated often. */
675 if (lstat(interpreter, &st) == 0 &&
676 !S_ISLNK(st.st_mode)) {
677 t2 = strappend("_EXE=", interpreter);
682 t = strappend("_EXE=", path);
683 } else if (S_ISCHR(st.st_mode))
684 asprintf(&t, "_KERNEL_DEVICE=c%u:%u", major(st.st_rdev), minor(st.st_rdev));
685 else if (S_ISBLK(st.st_mode))
686 asprintf(&t, "_KERNEL_DEVICE=b%u:%u", major(st.st_rdev), minor(st.st_rdev));
688 log_error("File is neither a device node, nor regular file, nor executable: %s", *i);
695 r = sd_journal_add_match(j, t, 0);
697 r = sd_journal_add_match(j, t2, 0);
699 r = sd_journal_add_match(j, *i, 0);
702 log_error("Failed to add match '%s': %s", *i, strerror(-r));
710 static int boot_id_cmp(const void *a, const void *b) {
713 _a = ((const boot_id_t *)a)->first;
714 _b = ((const boot_id_t *)b)->first;
716 return _a < _b ? -1 : (_a > _b ? 1 : 0);
719 static int list_boots(sd_journal *j) {
722 unsigned int count = 0;
724 size_t length, allocated = 0;
726 _cleanup_free_ boot_id_t *all_ids = NULL;
728 r = sd_journal_query_unique(j, "_BOOT_ID");
732 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
733 if (length < strlen("_BOOT_ID="))
736 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
739 id = &all_ids[count];
741 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
745 r = sd_journal_add_match(j, data, length);
749 r = sd_journal_seek_head(j);
753 r = sd_journal_next(j);
759 r = sd_journal_get_realtime_usec(j, &id->first);
763 r = sd_journal_seek_tail(j);
767 r = sd_journal_previous(j);
773 r = sd_journal_get_realtime_usec(j, &id->last);
779 sd_journal_flush_matches(j);
782 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
784 /* numbers are one less, but we need an extra char for the sign */
785 w = DECIMAL_STR_WIDTH(count - 1) + 1;
787 for (id = all_ids, i = 0; id < all_ids + count; id++, i++) {
788 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
790 printf("% *i " SD_ID128_FORMAT_STR " %s—%s\n",
792 SD_ID128_FORMAT_VAL(id->id),
793 format_timestamp(a, sizeof(a), id->first),
794 format_timestamp(b, sizeof(b), id->last));
800 static int get_relative_boot_id(sd_journal *j, sd_id128_t *boot_id, int relative) {
803 unsigned int count = 0;
804 size_t length, allocated = 0;
805 boot_id_t ref_boot_id = {SD_ID128_NULL}, *id;
806 _cleanup_free_ boot_id_t *all_ids = NULL;
811 if (relative == 0 && !sd_id128_equal(*boot_id, SD_ID128_NULL))
814 r = sd_journal_query_unique(j, "_BOOT_ID");
818 SD_JOURNAL_FOREACH_UNIQUE(j, data, length) {
819 if (length < strlen("_BOOT_ID="))
822 if (!GREEDY_REALLOC(all_ids, allocated, count + 1))
825 id = &all_ids[count];
827 r = sd_id128_from_string(((const char *)data) + strlen("_BOOT_ID="), &id->id);
831 r = sd_journal_add_match(j, data, length);
835 r = sd_journal_seek_head(j);
839 r = sd_journal_next(j);
845 r = sd_journal_get_realtime_usec(j, &id->first);
849 if (sd_id128_equal(id->id, *boot_id))
854 sd_journal_flush_matches(j);
857 qsort_safe(all_ids, count, sizeof(boot_id_t), boot_id_cmp);
859 if (sd_id128_equal(*boot_id, SD_ID128_NULL)) {
860 if (relative > (int) count || relative <= -(int)count)
861 return -EADDRNOTAVAIL;
863 *boot_id = all_ids[(relative <= 0)*count + relative - 1].id;
865 id = bsearch(&ref_boot_id, all_ids, count, sizeof(boot_id_t), boot_id_cmp);
868 relative <= 0 ? (id - all_ids) + relative < 0 :
869 (id - all_ids) + relative >= (int) count)
870 return -EADDRNOTAVAIL;
872 *boot_id = (id + relative)->id;
878 static int add_boot(sd_journal *j) {
879 char match[9+32+1] = "_BOOT_ID=";
881 sd_id128_t boot_id = SD_ID128_NULL;
889 if (!arg_boot_descriptor)
890 return add_match_this_boot(j, arg_machine);
892 if (strlen(arg_boot_descriptor) >= 32) {
893 char tmp = arg_boot_descriptor[32];
894 arg_boot_descriptor[32] = '\0';
895 r = sd_id128_from_string(arg_boot_descriptor, &boot_id);
896 arg_boot_descriptor[32] = tmp;
899 log_error("Failed to parse boot ID '%.32s': %s",
900 arg_boot_descriptor, strerror(-r));
904 offset = arg_boot_descriptor + 32;
906 if (*offset && *offset != '-' && *offset != '+') {
907 log_error("Relative boot ID offset must start with a '+' or a '-', found '%s' ", offset);
911 offset = arg_boot_descriptor;
914 r = safe_atoi(offset, &relative);
916 log_error("Failed to parse relative boot ID number '%s'", offset);
921 r = get_relative_boot_id(j, &boot_id, relative);
923 if (sd_id128_equal(boot_id, SD_ID128_NULL))
924 log_error("Failed to look up boot %+d: %s", relative, strerror(-r));
926 log_error("Failed to look up boot ID "SD_ID128_FORMAT_STR"%+d: %s",
927 SD_ID128_FORMAT_VAL(boot_id), relative, strerror(-r));
931 sd_id128_to_string(boot_id, match + 9);
933 r = sd_journal_add_match(j, match, sizeof(match) - 1);
935 log_error("Failed to add match: %s", strerror(-r));
939 r = sd_journal_add_conjunction(j);
946 static int add_dmesg(sd_journal *j) {
953 r = sd_journal_add_match(j, "_TRANSPORT=kernel", strlen("_TRANSPORT=kernel"));
955 log_error("Failed to add match: %s", strerror(-r));
959 r = sd_journal_add_conjunction(j);
966 static int add_units(sd_journal *j) {
967 _cleanup_free_ char *u = NULL;
973 STRV_FOREACH(i, arg_system_units) {
974 u = unit_name_mangle(*i);
977 r = add_matches_for_unit(j, u);
980 r = sd_journal_add_disjunction(j);
985 STRV_FOREACH(i, arg_user_units) {
986 u = unit_name_mangle(*i);
990 r = add_matches_for_user_unit(j, u, getuid());
994 r = sd_journal_add_disjunction(j);
1000 r = sd_journal_add_conjunction(j);
1007 static int add_priorities(sd_journal *j) {
1008 char match[] = "PRIORITY=0";
1012 if (arg_priorities == 0xFF)
1015 for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
1016 if (arg_priorities & (1 << i)) {
1017 match[sizeof(match)-2] = '0' + i;
1019 r = sd_journal_add_match(j, match, strlen(match));
1021 log_error("Failed to add match: %s", strerror(-r));
1026 r = sd_journal_add_conjunction(j);
1033 static int setup_keys(void) {
1035 size_t mpk_size, seed_size, state_size, i;
1036 uint8_t *mpk, *seed, *state;
1038 int fd = -1, r, attr = 0;
1039 sd_id128_t machine, boot;
1040 char *p = NULL, *k = NULL;
1045 r = stat("/var/log/journal", &st);
1046 if (r < 0 && errno != ENOENT && errno != ENOTDIR) {
1047 log_error("stat(\"%s\") failed: %m", "/var/log/journal");
1051 if (r < 0 || !S_ISDIR(st.st_mode)) {
1052 log_error("%s is not a directory, must be using persistent logging for FSS.",
1053 "/var/log/journal");
1054 return r < 0 ? -errno : -ENOTDIR;
1057 r = sd_id128_get_machine(&machine);
1059 log_error("Failed to get machine ID: %s", strerror(-r));
1063 r = sd_id128_get_boot(&boot);
1065 log_error("Failed to get boot ID: %s", strerror(-r));
1069 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
1070 SD_ID128_FORMAT_VAL(machine)) < 0)
1073 if (access(p, F_OK) >= 0) {
1077 log_error("unlink(\"%s\") failed: %m", p);
1082 log_error("Sealing key file %s exists already. (--force to recreate)", p);
1088 if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
1089 SD_ID128_FORMAT_VAL(machine)) < 0) {
1094 mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
1095 mpk = alloca(mpk_size);
1097 seed_size = FSPRG_RECOMMENDED_SEEDLEN;
1098 seed = alloca(seed_size);
1100 state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
1101 state = alloca(state_size);
1103 fd = open("/dev/random", O_RDONLY|O_CLOEXEC|O_NOCTTY);
1105 log_error("Failed to open /dev/random: %m");
1110 log_info("Generating seed...");
1111 l = loop_read(fd, seed, seed_size, true);
1112 if (l < 0 || (size_t) l != seed_size) {
1113 log_error("Failed to read random seed: %s", strerror(EIO));
1118 log_info("Generating key pair...");
1119 FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
1121 log_info("Generating sealing key...");
1122 FSPRG_GenState0(state, mpk, seed, seed_size);
1124 assert(arg_interval > 0);
1126 n = now(CLOCK_REALTIME);
1129 close_nointr_nofail(fd);
1130 fd = mkostemp(k, O_WRONLY|O_CLOEXEC|O_NOCTTY);
1132 log_error("Failed to open %s: %m", k);
1137 /* Enable secure remove, exclusion from dump, synchronous
1138 * writing and in-place updating */
1139 if (ioctl(fd, FS_IOC_GETFLAGS, &attr) < 0)
1140 log_warning("FS_IOC_GETFLAGS failed: %m");
1142 attr |= FS_SECRM_FL|FS_NODUMP_FL|FS_SYNC_FL|FS_NOCOW_FL;
1144 if (ioctl(fd, FS_IOC_SETFLAGS, &attr) < 0)
1145 log_warning("FS_IOC_SETFLAGS failed: %m");
1148 memcpy(h.signature, "KSHHRHLP", 8);
1149 h.machine_id = machine;
1151 h.header_size = htole64(sizeof(h));
1152 h.start_usec = htole64(n * arg_interval);
1153 h.interval_usec = htole64(arg_interval);
1154 h.fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR);
1155 h.fsprg_state_size = htole64(state_size);
1157 l = loop_write(fd, &h, sizeof(h), false);
1158 if (l < 0 || (size_t) l != sizeof(h)) {
1159 log_error("Failed to write header: %s", strerror(EIO));
1164 l = loop_write(fd, state, state_size, false);
1165 if (l < 0 || (size_t) l != state_size) {
1166 log_error("Failed to write state: %s", strerror(EIO));
1171 if (link(k, p) < 0) {
1172 log_error("Failed to link file: %m");
1180 "The new key pair has been generated. The " ANSI_HIGHLIGHT_ON "secret sealing key" ANSI_HIGHLIGHT_OFF " has been written to\n"
1181 "the following local file. This key file is automatically updated when the\n"
1182 "sealing key is advanced. It should not be used on multiple hosts.\n"
1186 "Please write down the following " ANSI_HIGHLIGHT_ON "secret verification key" ANSI_HIGHLIGHT_OFF ". It should be stored\n"
1187 "at a safe location and should not be saved locally on disk.\n"
1188 "\n\t" ANSI_HIGHLIGHT_RED_ON, p);
1191 for (i = 0; i < seed_size; i++) {
1192 if (i > 0 && i % 3 == 0)
1194 printf("%02x", ((uint8_t*) seed)[i]);
1197 printf("/%llx-%llx\n", (unsigned long long) n, (unsigned long long) arg_interval);
1200 char tsb[FORMAT_TIMESPAN_MAX], *hn;
1203 ANSI_HIGHLIGHT_OFF "\n"
1204 "The sealing key is automatically changed every %s.\n",
1205 format_timespan(tsb, sizeof(tsb), arg_interval, 0));
1207 hn = gethostname_malloc();
1210 hostname_cleanup(hn, false);
1211 fprintf(stderr, "\nThe keys have been generated for host %s/" SD_ID128_FORMAT_STR ".\n", hn, SD_ID128_FORMAT_VAL(machine));
1213 fprintf(stderr, "\nThe keys have been generated for host " SD_ID128_FORMAT_STR ".\n", SD_ID128_FORMAT_VAL(machine));
1215 #ifdef HAVE_QRENCODE
1216 /* If this is not an UTF-8 system don't print any QR codes */
1217 if (is_locale_utf8()) {
1218 fputs("\nTo transfer the verification key to your phone please scan the QR code below:\n\n", stderr);
1219 print_qr_code(stderr, seed, seed_size, n, arg_interval, hn, machine);
1229 close_nointr_nofail(fd);
1240 log_error("Forward-secure sealing not available.");
1245 static int verify(sd_journal *j) {
1252 log_show_color(true);
1254 HASHMAP_FOREACH(f, j->files, i) {
1256 usec_t first, validated, last;
1259 if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
1260 log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
1263 k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, true);
1265 /* If the key was invalid give up right-away. */
1268 log_warning("FAIL: %s (%s)", f->path, strerror(-k));
1271 char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX], c[FORMAT_TIMESPAN_MAX];
1272 log_info("PASS: %s", f->path);
1274 if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
1275 if (validated > 0) {
1276 log_info("=> Validated from %s to %s, final %s entries not sealed.",
1277 format_timestamp(a, sizeof(a), first),
1278 format_timestamp(b, sizeof(b), validated),
1279 format_timespan(c, sizeof(c), last > validated ? last - validated : 0, 0));
1280 } else if (last > 0)
1281 log_info("=> No sealing yet, %s of entries not sealed.",
1282 format_timespan(c, sizeof(c), last - first, 0));
1284 log_info("=> No sealing yet, no entries in file.");
1293 static int access_check_var_log_journal(sd_journal *j) {
1294 _cleanup_strv_free_ char **g = NULL;
1300 have_access = in_group("systemd-journal") > 0;
1303 /* Let's enumerate all groups from the default ACL of
1304 * the directory, which generally should allow access
1305 * to most journal files too */
1306 r = search_acl_groups(&g, "/var/log/journal/", &have_access);
1313 if (strv_isempty(g))
1314 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1315 " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
1316 " turn off this notice.");
1318 _cleanup_free_ char *s = NULL;
1320 r = strv_extend(&g, "systemd-journal");
1327 s = strv_join(g, "', '");
1331 log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
1332 " Users in the groups '%s' can see all messages.\n"
1333 " Pass -q to turn off this notice.", s);
1341 static int access_check(sd_journal *j) {
1348 if (set_isempty(j->errors)) {
1349 if (hashmap_isempty(j->files))
1350 log_notice("No journal files were found.");
1354 if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
1356 /* If /var/log/journal doesn't even exist,
1357 * unprivileged users have no access at all */
1358 if (access("/var/log/journal", F_OK) < 0 &&
1360 in_group("systemd-journal") <= 0) {
1361 log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
1362 "enabled. Users in the 'systemd-journal' group may always access messages.");
1366 /* If /var/log/journal exists, try to pring a nice
1367 notice if the user lacks access to it */
1368 if (!arg_quiet && geteuid() != 0) {
1369 r = access_check_var_log_journal(j);
1374 if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
1375 log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
1376 "group may access messages.");
1381 if (hashmap_isempty(j->files)) {
1382 log_error("No journal files were opened due to insufficient permissions.");
1387 SET_FOREACH(code, j->errors, it) {
1390 err = -PTR_TO_INT(code);
1394 log_warning("Error was encountered while opening journal files: %s",
1401 int main(int argc, char *argv[]) {
1403 _cleanup_journal_close_ sd_journal *j = NULL;
1404 bool need_seek = false;
1405 sd_id128_t previous_boot_id;
1406 bool previous_boot_id_valid = false, first_line = true;
1408 bool ellipsized = false;
1410 setlocale(LC_ALL, "");
1411 log_parse_environment();
1414 r = parse_argv(argc, argv);
1418 signal(SIGWINCH, columns_lines_cache_reset);
1420 if (arg_action == ACTION_NEW_ID128) {
1421 r = generate_new_id128();
1425 if (arg_action == ACTION_SETUP_KEYS) {
1430 if (arg_action == ACTION_UPDATE_CATALOG ||
1431 arg_action == ACTION_LIST_CATALOG ||
1432 arg_action == ACTION_DUMP_CATALOG) {
1434 const char* database = CATALOG_DATABASE;
1435 _cleanup_free_ char *copy = NULL;
1437 copy = strjoin(arg_root, "/", CATALOG_DATABASE, NULL);
1442 path_kill_slashes(copy);
1446 if (arg_action == ACTION_UPDATE_CATALOG) {
1447 r = catalog_update(database, arg_root, catalog_file_dirs);
1449 log_error("Failed to list catalog: %s", strerror(-r));
1451 bool oneline = arg_action == ACTION_LIST_CATALOG;
1454 r = catalog_list_items(stdout, database,
1455 oneline, argv + optind);
1457 r = catalog_list(stdout, database, oneline);
1459 log_error("Failed to list catalog: %s", strerror(-r));
1466 r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
1468 r = sd_journal_open_files(&j, (const char**) arg_file, 0);
1469 else if (arg_machine)
1470 r = sd_journal_open_container(&j, arg_machine, 0);
1472 r = sd_journal_open(&j, !arg_merge*SD_JOURNAL_LOCAL_ONLY + arg_journal_type);
1474 log_error("Failed to open %s: %s",
1475 arg_directory ? arg_directory : arg_file ? "files" : "journal",
1477 return EXIT_FAILURE;
1480 r = access_check(j);
1482 return EXIT_FAILURE;
1484 if (arg_action == ACTION_VERIFY) {
1489 if (arg_action == ACTION_PRINT_HEADER) {
1490 journal_print_header(j);
1491 return EXIT_SUCCESS;
1494 if (arg_action == ACTION_DISK_USAGE) {
1496 char sbytes[FORMAT_BYTES_MAX];
1498 r = sd_journal_get_usage(j, &bytes);
1500 return EXIT_FAILURE;
1502 printf("Journals take up %s on disk.\n",
1503 format_bytes(sbytes, sizeof(sbytes), bytes));
1504 return EXIT_SUCCESS;
1507 if (arg_action == ACTION_LIST_BOOTS) {
1512 /* add_boot() must be called first!
1513 * It may need to seek the journal to find parent boot IDs. */
1516 return EXIT_FAILURE;
1520 return EXIT_FAILURE;
1523 strv_free(arg_system_units);
1524 strv_free(arg_user_units);
1527 return EXIT_FAILURE;
1529 r = add_priorities(j);
1531 return EXIT_FAILURE;
1533 r = add_matches(j, argv + optind);
1535 return EXIT_FAILURE;
1537 if (_unlikely_(log_get_max_level() >= LOG_PRI(LOG_DEBUG))) {
1538 _cleanup_free_ char *filter;
1540 filter = journal_make_match_string(j);
1541 log_debug("Journal filter: %s", filter);
1548 r = sd_journal_set_data_threshold(j, 0);
1550 log_error("Failed to unset data size threshold");
1551 return EXIT_FAILURE;
1554 r = sd_journal_query_unique(j, arg_field);
1556 log_error("Failed to query unique data objects: %s", strerror(-r));
1557 return EXIT_FAILURE;
1560 SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
1563 if (arg_lines >= 0 && n_shown >= arg_lines)
1566 eq = memchr(data, '=', size);
1568 printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
1570 printf("%.*s\n", (int) size, (const char*) data);
1575 return EXIT_SUCCESS;
1578 /* Opening the fd now means the first sd_journal_wait() will actually wait */
1580 r = sd_journal_get_fd(j);
1582 return EXIT_FAILURE;
1585 if (arg_cursor || arg_after_cursor) {
1586 r = sd_journal_seek_cursor(j, arg_cursor ? arg_cursor : arg_after_cursor);
1588 log_error("Failed to seek to cursor: %s", strerror(-r));
1589 return EXIT_FAILURE;
1592 r = sd_journal_next_skip(j, 1 + !!arg_after_cursor);
1594 r = sd_journal_previous_skip(j, 1 + !!arg_after_cursor);
1596 if (arg_after_cursor && r < 2 && !arg_follow)
1597 /* We couldn't find the next entry after the cursor. */
1600 } else if (arg_since_set && !arg_reverse) {
1601 r = sd_journal_seek_realtime_usec(j, arg_since);
1603 log_error("Failed to seek to date: %s", strerror(-r));
1604 return EXIT_FAILURE;
1606 r = sd_journal_next(j);
1608 } else if (arg_until_set && arg_reverse) {
1609 r = sd_journal_seek_realtime_usec(j, arg_until);
1611 log_error("Failed to seek to date: %s", strerror(-r));
1612 return EXIT_FAILURE;
1614 r = sd_journal_previous(j);
1616 } else if (arg_lines >= 0) {
1617 r = sd_journal_seek_tail(j);
1619 log_error("Failed to seek to tail: %s", strerror(-r));
1620 return EXIT_FAILURE;
1623 r = sd_journal_previous_skip(j, arg_lines);
1625 } else if (arg_reverse) {
1626 r = sd_journal_seek_tail(j);
1628 log_error("Failed to seek to tail: %s", strerror(-r));
1629 return EXIT_FAILURE;
1632 r = sd_journal_previous(j);
1635 r = sd_journal_seek_head(j);
1637 log_error("Failed to seek to head: %s", strerror(-r));
1638 return EXIT_FAILURE;
1641 r = sd_journal_next(j);
1645 log_error("Failed to iterate through journal: %s", strerror(-r));
1646 return EXIT_FAILURE;
1650 pager_open_if_enabled();
1654 char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
1656 r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
1658 log_error("Failed to get cutoff: %s", strerror(-r));
1664 printf("-- Logs begin at %s. --\n",
1665 format_timestamp(start_buf, sizeof(start_buf), start));
1667 printf("-- Logs begin at %s, end at %s. --\n",
1668 format_timestamp(start_buf, sizeof(start_buf), start),
1669 format_timestamp(end_buf, sizeof(end_buf), end));
1674 while (arg_lines < 0 || n_shown < arg_lines || (arg_follow && !first_line)) {
1679 r = sd_journal_next(j);
1681 r = sd_journal_previous(j);
1683 log_error("Failed to iterate through journal: %s", strerror(-r));
1690 if (arg_until_set && !arg_reverse) {
1693 r = sd_journal_get_realtime_usec(j, &usec);
1695 log_error("Failed to determine timestamp: %s", strerror(-r));
1698 if (usec > arg_until)
1702 if (arg_since_set && arg_reverse) {
1705 r = sd_journal_get_realtime_usec(j, &usec);
1707 log_error("Failed to determine timestamp: %s", strerror(-r));
1710 if (usec < arg_since)
1717 r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
1719 if (previous_boot_id_valid &&
1720 !sd_id128_equal(boot_id, previous_boot_id))
1721 printf("%s-- Reboot --%s\n",
1722 ansi_highlight(), ansi_highlight_off());
1724 previous_boot_id = boot_id;
1725 previous_boot_id_valid = true;
1730 arg_all * OUTPUT_SHOW_ALL |
1731 arg_full * OUTPUT_FULL_WIDTH |
1732 on_tty() * OUTPUT_COLOR |
1733 arg_catalog * OUTPUT_CATALOG;
1735 r = output_journal(stdout, j, arg_output, 0, flags, &ellipsized);
1737 if (r == -EADDRNOTAVAIL)
1739 else if (r < 0 || ferror(stdout))
1746 if (arg_show_cursor) {
1747 _cleanup_free_ char *cursor = NULL;
1749 r = sd_journal_get_cursor(j, &cursor);
1750 if (r < 0 && r != -EADDRNOTAVAIL)
1751 log_error("Failed to get cursor: %s", strerror(-r));
1753 printf("-- cursor: %s\n", cursor);
1759 r = sd_journal_wait(j, (uint64_t) -1);
1761 log_error("Couldn't wait for journal event: %s", strerror(-r));
1771 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;