1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/signalfd.h>
23 #include <sys/ioctl.h>
24 #include <linux/sockios.h>
25 #include <sys/statvfs.h>
29 #include <systemd/sd-journal.h>
30 #include <systemd/sd-messages.h>
31 #include <systemd/sd-daemon.h>
34 #include <systemd/sd-login.h>
40 #include "journal-file.h"
41 #include "socket-util.h"
42 #include "cgroup-util.h"
46 #include "conf-parser.h"
47 #include "journal-internal.h"
48 #include "journal-vacuum.h"
49 #include "journal-authenticate.h"
50 #include "journald-server.h"
51 #include "journald-rate-limit.h"
52 #include "journald-kmsg.h"
53 #include "journald-syslog.h"
54 #include "journald-stream.h"
55 #include "journald-console.h"
56 #include "journald-native.h"
60 #include <acl/libacl.h>
65 #include <selinux/selinux.h>
68 #define USER_JOURNALS_MAX 1024
70 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
71 #define DEFAULT_RATE_LIMIT_BURST 200
73 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
75 static const char* const storage_table[] = {
76 [STORAGE_AUTO] = "auto",
77 [STORAGE_VOLATILE] = "volatile",
78 [STORAGE_PERSISTENT] = "persistent",
79 [STORAGE_NONE] = "none"
82 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
83 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
85 static const char* const split_mode_table[] = {
86 [SPLIT_NONE] = "none",
88 [SPLIT_LOGIN] = "login"
91 DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
92 DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
94 static uint64_t available_space(Server *s) {
96 char _cleanup_free_ *p = NULL;
100 uint64_t sum = 0, avail = 0, ss_avail = 0;
102 DIR _cleanup_closedir_ *d = NULL;
106 ts = now(CLOCK_MONOTONIC);
108 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
109 return s->cached_available_space;
111 r = sd_id128_get_machine(&machine);
115 if (s->system_journal) {
116 f = "/var/log/journal/";
117 m = &s->system_metrics;
119 f = "/run/log/journal/";
120 m = &s->runtime_metrics;
125 p = strappend(f, sd_id128_to_string(machine, ids));
133 if (fstatvfs(dirfd(d), &ss) < 0)
139 union dirent_storage buf;
141 r = readdir_r(d, &buf.de, &de);
148 if (!endswith(de->d_name, ".journal") &&
149 !endswith(de->d_name, ".journal~"))
152 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
155 if (!S_ISREG(st.st_mode))
158 sum += (uint64_t) st.st_blocks * 512UL;
161 avail = sum >= m->max_use ? 0 : m->max_use - sum;
163 ss_avail = ss.f_bsize * ss.f_bavail;
165 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
167 if (ss_avail < avail)
170 s->cached_available_space = avail;
171 s->cached_available_space_timestamp = ts;
176 static void server_read_file_gid(Server *s) {
177 const char *adm = "adm";
182 if (s->file_gid_valid)
185 r = get_group_creds(&adm, &s->file_gid);
187 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
189 /* if we couldn't read the gid, then it will be 0, but that's
190 * fine and we shouldn't try to resolve the group again, so
191 * let's just pretend it worked right-away. */
192 s->file_gid_valid = true;
195 void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
200 acl_permset_t permset;
205 server_read_file_gid(s);
207 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
209 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
215 acl = acl_get_fd(f->fd);
217 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
221 r = acl_find_uid(acl, uid, &entry);
224 if (acl_create_entry(&acl, &entry) < 0 ||
225 acl_set_tag_type(entry, ACL_USER) < 0 ||
226 acl_set_qualifier(entry, &uid) < 0) {
227 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
232 if (acl_get_permset(entry, &permset) < 0 ||
233 acl_add_perm(permset, ACL_READ) < 0 ||
234 acl_calc_mask(&acl) < 0) {
235 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
239 if (acl_set_fd(f->fd, acl) < 0)
240 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
247 static JournalFile* find_journal(Server *s, uid_t uid) {
255 /* We split up user logs only on /var, not on /run. If the
256 * runtime file is open, we write to it exclusively, in order
257 * to guarantee proper order as soon as we flush /run to
258 * /var and close the runtime file. */
260 if (s->runtime_journal)
261 return s->runtime_journal;
264 return s->system_journal;
266 r = sd_id128_get_machine(&machine);
268 return s->system_journal;
270 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
274 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
275 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
276 return s->system_journal;
278 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
279 /* Too many open? Then let's close one */
280 f = hashmap_steal_first(s->user_journals);
282 journal_file_close(f);
285 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f);
289 return s->system_journal;
291 server_fix_perms(s, f, uid);
293 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
295 journal_file_close(f);
296 return s->system_journal;
302 void server_rotate(Server *s) {
308 log_debug("Rotating...");
310 if (s->runtime_journal) {
311 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
313 if (s->runtime_journal)
314 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
316 log_error("Failed to create new runtime journal: %s", strerror(-r));
318 server_fix_perms(s, s->runtime_journal, 0);
321 if (s->system_journal) {
322 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
324 if (s->system_journal)
325 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
327 log_error("Failed to create new system journal: %s", strerror(-r));
330 server_fix_perms(s, s->system_journal, 0);
333 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
334 r = journal_file_rotate(&f, s->compress, s->seal);
337 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
339 log_error("Failed to create user journal: %s", strerror(-r));
341 hashmap_replace(s->user_journals, k, f);
342 server_fix_perms(s, f, PTR_TO_UINT32(k));
347 void server_vacuum(Server *s) {
353 log_debug("Vacuuming...");
355 s->oldest_file_usec = 0;
357 r = sd_id128_get_machine(&machine);
359 log_error("Failed to get machine ID: %s", strerror(-r));
363 sd_id128_to_string(machine, ids);
365 if (s->system_journal) {
366 p = strappend("/var/log/journal/", ids);
372 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
373 if (r < 0 && r != -ENOENT)
374 log_error("Failed to vacuum %s: %s", p, strerror(-r));
378 if (s->runtime_journal) {
379 p = strappend("/run/log/journal/", ids);
385 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free, s->max_retention_usec, &s->oldest_file_usec);
386 if (r < 0 && r != -ENOENT)
387 log_error("Failed to vacuum %s: %s", p, strerror(-r));
391 s->cached_available_space_timestamp = 0;
394 static char *shortened_cgroup_path(pid_t pid) {
396 char _cleanup_free_ *process_path = NULL, *init_path = NULL;
401 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
405 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
409 if (endswith(init_path, "/system"))
410 init_path[strlen(init_path) - 7] = 0;
411 else if (streq(init_path, "/"))
414 if (startswith(process_path, init_path)) {
415 path = strdup(process_path + strlen(init_path));
424 bool shall_try_append_again(JournalFile *f, int r) {
426 /* -E2BIG Hit configured limit
428 -EDQUOT Quota limit hit
430 -EHOSTDOWN Other machine
431 -EBUSY Unclean shutdown
432 -EPROTONOSUPPORT Unsupported feature
435 -ESHUTDOWN Already archived */
437 if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
438 log_debug("%s: Allocation limit reached, rotating.", f->path);
439 else if (r == -EHOSTDOWN)
440 log_info("%s: Journal file from other machine, rotating.", f->path);
441 else if (r == -EBUSY)
442 log_info("%s: Unclean shutdown, rotating.", f->path);
443 else if (r == -EPROTONOSUPPORT)
444 log_info("%s: Unsupported feature, rotating.", f->path);
445 else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
446 log_warning("%s: Journal file corrupted, rotating.", f->path);
453 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
455 bool vacuumed = false;
462 f = find_journal(s, uid);
466 if (journal_file_rotate_suggested(f, s->max_file_usec)) {
467 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
472 f = find_journal(s, uid);
477 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
481 if (vacuumed || !shall_try_append_again(f, r)) {
482 log_error("Failed to write entry, ignoring: %s", strerror(-r));
489 f = find_journal(s, uid);
493 log_debug("Retrying write.");
494 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
496 log_error("Failed to write entry, ignoring: %s", strerror(-r));
499 static void dispatch_message_real(
501 struct iovec *iovec, unsigned n, unsigned m,
504 const char *label, size_t label_len,
505 const char *unit_id) {
507 char _cleanup_free_ *pid = NULL, *uid = NULL, *gid = NULL,
508 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
509 *comm = NULL, *cmdline = NULL, *hostname = NULL,
510 *audit_session = NULL, *audit_loginuid = NULL,
511 *exe = NULL, *cgroup = NULL, *session = NULL,
512 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
518 uid_t loginuid = 0, realuid = 0, owner = 0, journal_uid;
519 bool loginuid_valid = false, owner_valid = false;
524 assert(n + N_IOVEC_META_FIELDS <= m);
529 realuid = ucred->uid;
531 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
532 IOVEC_SET_STRING(iovec[n++], pid);
534 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
535 IOVEC_SET_STRING(iovec[n++], uid);
537 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
538 IOVEC_SET_STRING(iovec[n++], gid);
540 r = get_process_comm(ucred->pid, &t);
542 comm = strappend("_COMM=", t);
546 IOVEC_SET_STRING(iovec[n++], comm);
549 r = get_process_exe(ucred->pid, &t);
551 exe = strappend("_EXE=", t);
555 IOVEC_SET_STRING(iovec[n++], exe);
558 r = get_process_cmdline(ucred->pid, 0, false, &t);
560 cmdline = strappend("_CMDLINE=", t);
564 IOVEC_SET_STRING(iovec[n++], cmdline);
567 r = audit_session_from_pid(ucred->pid, &audit);
569 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
570 IOVEC_SET_STRING(iovec[n++], audit_session);
572 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
574 loginuid_valid = true;
575 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
576 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
579 t = shortened_cgroup_path(ucred->pid);
581 cgroup = strappend("_SYSTEMD_CGROUP=", t);
585 IOVEC_SET_STRING(iovec[n++], cgroup);
589 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
590 session = strappend("_SYSTEMD_SESSION=", t);
594 IOVEC_SET_STRING(iovec[n++], session);
597 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0) {
599 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
600 IOVEC_SET_STRING(iovec[n++], owner_uid);
604 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
605 unit = strappend("_SYSTEMD_UNIT=", t);
607 } else if (cg_pid_get_user_unit(ucred->pid, &t) >= 0) {
608 unit = strappend("_SYSTEMD_USER_UNIT=", t);
610 } else if (unit_id) {
612 unit = strappend("_SYSTEMD_USER_UNIT=", unit_id);
614 unit = strappend("_SYSTEMD_UNIT=", unit_id);
618 IOVEC_SET_STRING(iovec[n++], unit);
622 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
623 if (selinux_context) {
624 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
625 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
626 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
627 IOVEC_SET_STRING(iovec[n++], selinux_context);
630 security_context_t con;
632 if (getpidcon(ucred->pid, &con) >= 0) {
633 selinux_context = strappend("_SELINUX_CONTEXT=", con);
635 IOVEC_SET_STRING(iovec[n++], selinux_context);
644 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
645 (unsigned long long) timeval_load(tv)) >= 0)
646 IOVEC_SET_STRING(iovec[n++], source_time);
649 /* Note that strictly speaking storing the boot id here is
650 * redundant since the entry includes this in-line
651 * anyway. However, we need this indexed, too. */
652 r = sd_id128_get_boot(&id);
654 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
655 IOVEC_SET_STRING(iovec[n++], boot_id);
657 r = sd_id128_get_machine(&id);
659 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
660 IOVEC_SET_STRING(iovec[n++], machine_id);
662 t = gethostname_malloc();
664 hostname = strappend("_HOSTNAME=", t);
667 IOVEC_SET_STRING(iovec[n++], hostname);
672 if (s->split_mode == SPLIT_UID && realuid > 0)
673 /* Split up strictly by any UID */
674 journal_uid = realuid;
675 else if (s->split_mode == SPLIT_LOGIN && owner_valid && owner > 0 && realuid > 0)
676 /* Split up by login UIDs, this avoids creation of
677 * individual journals for system UIDs. We do this
678 * only if the realuid is not root, in order not to
679 * accidentally leak privileged information logged by
680 * a privileged process that is part of an
681 * unprivileged session to the user. */
683 else if (s->split_mode == SPLIT_LOGIN && loginuid_valid && loginuid > 0 && realuid > 0)
684 /* Hmm, let's try via the audit uids, as fallback,
686 journal_uid = loginuid;
690 write_to_journal(s, journal_uid, iovec, n);
693 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
694 char mid[11 + 32 + 1];
695 char buffer[16 + LINE_MAX + 1];
696 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
704 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
705 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
707 memcpy(buffer, "MESSAGE=", 8);
708 va_start(ap, format);
709 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
711 char_array_0(buffer);
712 IOVEC_SET_STRING(iovec[n++], buffer);
714 if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
715 snprintf(mid, sizeof(mid), MESSAGE_ID(message_id));
717 IOVEC_SET_STRING(iovec[n++], mid);
721 ucred.pid = getpid();
722 ucred.uid = getuid();
723 ucred.gid = getgid();
725 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
728 void server_dispatch_message(
730 struct iovec *iovec, unsigned n, unsigned m,
733 const char *label, size_t label_len,
738 char _cleanup_free_ *path = NULL;
742 assert(iovec || n == 0);
747 if (LOG_PRI(priority) > s->max_level_store)
753 path = shortened_cgroup_path(ucred->pid);
757 /* example: /user/lennart/3/foobar
758 * /system/dbus.service/foobar
760 * So let's cut of everything past the third /, since that is
761 * where user directories start */
763 c = strchr(path, '/');
765 c = strchr(c+1, '/');
767 c = strchr(c+1, '/');
773 rl = journal_rate_limit_test(s->rate_limit, path,
774 priority & LOG_PRIMASK, available_space(s));
779 /* Write a suppression message if we suppressed something */
781 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
782 "Suppressed %u messages from %s", rl - 1, path);
785 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
789 static int system_journal_open(Server *s) {
795 r = sd_id128_get_machine(&machine);
799 sd_id128_to_string(machine, ids);
801 if (!s->system_journal &&
802 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
803 access("/run/systemd/journal/flushed", F_OK) >= 0) {
805 /* If in auto mode: first try to create the machine
806 * path, but not the prefix.
808 * If in persistent mode: create /var/log/journal and
809 * the machine path */
811 if (s->storage == STORAGE_PERSISTENT)
812 (void) mkdir("/var/log/journal/", 0755);
814 fn = strappend("/var/log/journal/", ids);
818 (void) mkdir(fn, 0755);
821 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
825 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
829 char fb[FORMAT_BYTES_MAX];
831 server_fix_perms(s, s->system_journal, 0);
832 server_driver_message(s, SD_ID128_NULL, "Allowing system journal files to grow to %s.",
833 format_bytes(fb, sizeof(fb), s->system_metrics.max_use));
837 if (r != -ENOENT && r != -EROFS)
838 log_warning("Failed to open system journal: %s", strerror(-r));
844 if (!s->runtime_journal &&
845 (s->storage != STORAGE_NONE)) {
847 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
851 if (s->system_journal) {
853 /* Try to open the runtime journal, but only
854 * if it already exists, so that we can flush
855 * it into the system journal */
857 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
862 log_warning("Failed to open runtime journal: %s", strerror(-r));
869 /* OK, we really need the runtime journal, so create
870 * it if necessary. */
872 (void) mkdir_parents(fn, 0755);
873 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
877 log_error("Failed to open runtime journal: %s", strerror(-r));
882 if (s->runtime_journal) {
883 char fb[FORMAT_BYTES_MAX];
885 server_fix_perms(s, s->runtime_journal, 0);
886 server_driver_message(s, SD_ID128_NULL, "Allowing runtime journal files to grow to %s.",
887 format_bytes(fb, sizeof(fb), s->runtime_metrics.max_use));
894 int server_flush_to_var(Server *s) {
897 sd_journal *j = NULL;
901 if (s->storage != STORAGE_AUTO &&
902 s->storage != STORAGE_PERSISTENT)
905 if (!s->runtime_journal)
908 system_journal_open(s);
910 if (!s->system_journal)
913 log_debug("Flushing to /var...");
915 r = sd_id128_get_machine(&machine);
917 log_error("Failed to get machine id: %s", strerror(-r));
921 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
923 log_error("Failed to read runtime journal: %s", strerror(-r));
927 sd_journal_set_data_threshold(j, 0);
929 SD_JOURNAL_FOREACH(j) {
934 assert(f && f->current_offset > 0);
936 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
938 log_error("Can't read entry: %s", strerror(-r));
942 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
946 if (!shall_try_append_again(s->system_journal, r)) {
947 log_error("Can't write entry: %s", strerror(-r));
954 log_debug("Retrying write.");
955 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
957 log_error("Can't write entry: %s", strerror(-r));
963 journal_file_post_change(s->system_journal);
965 journal_file_close(s->runtime_journal);
966 s->runtime_journal = NULL;
969 rm_rf("/run/log/journal", false, true, false);
977 int process_event(Server *s, struct epoll_event *ev) {
981 if (ev->data.fd == s->signal_fd) {
982 struct signalfd_siginfo sfsi;
985 if (ev->events != EPOLLIN) {
986 log_error("Got invalid event from epoll.");
990 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
991 if (n != sizeof(sfsi)) {
996 if (errno == EINTR || errno == EAGAIN)
1002 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1004 if (sfsi.ssi_signo == SIGUSR1) {
1005 touch("/run/systemd/journal/flushed");
1006 server_flush_to_var(s);
1010 if (sfsi.ssi_signo == SIGUSR2) {
1018 } else if (ev->data.fd == s->dev_kmsg_fd) {
1021 if (ev->events != EPOLLIN) {
1022 log_error("Got invalid event from epoll.");
1026 r = server_read_dev_kmsg(s);
1032 } else if (ev->data.fd == s->native_fd ||
1033 ev->data.fd == s->syslog_fd) {
1035 if (ev->events != EPOLLIN) {
1036 log_error("Got invalid event from epoll.");
1041 struct msghdr msghdr;
1043 struct ucred *ucred = NULL;
1044 struct timeval *tv = NULL;
1045 struct cmsghdr *cmsg;
1047 size_t label_len = 0;
1049 struct cmsghdr cmsghdr;
1051 /* We use NAME_MAX space for the
1052 * SELinux label here. The kernel
1053 * currently enforces no limit, but
1054 * according to suggestions from the
1055 * SELinux people this will change and
1056 * it will probably be identical to
1057 * NAME_MAX. For now we use that, but
1058 * this should be updated one day when
1059 * the final limit is known.*/
1060 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1061 CMSG_SPACE(sizeof(struct timeval)) +
1062 CMSG_SPACE(sizeof(int)) + /* fd */
1063 CMSG_SPACE(NAME_MAX)]; /* selinux label */
1070 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1071 log_error("SIOCINQ failed: %m");
1075 if (s->buffer_size < (size_t) v) {
1079 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1080 b = realloc(s->buffer, l+1);
1083 log_error("Couldn't increase buffer.");
1092 iovec.iov_base = s->buffer;
1093 iovec.iov_len = s->buffer_size;
1097 msghdr.msg_iov = &iovec;
1098 msghdr.msg_iovlen = 1;
1099 msghdr.msg_control = &control;
1100 msghdr.msg_controllen = sizeof(control);
1102 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1105 if (errno == EINTR || errno == EAGAIN)
1108 log_error("recvmsg() failed: %m");
1112 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1114 if (cmsg->cmsg_level == SOL_SOCKET &&
1115 cmsg->cmsg_type == SCM_CREDENTIALS &&
1116 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1117 ucred = (struct ucred*) CMSG_DATA(cmsg);
1118 else if (cmsg->cmsg_level == SOL_SOCKET &&
1119 cmsg->cmsg_type == SCM_SECURITY) {
1120 label = (char*) CMSG_DATA(cmsg);
1121 label_len = cmsg->cmsg_len - CMSG_LEN(0);
1122 } else if (cmsg->cmsg_level == SOL_SOCKET &&
1123 cmsg->cmsg_type == SO_TIMESTAMP &&
1124 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1125 tv = (struct timeval*) CMSG_DATA(cmsg);
1126 else if (cmsg->cmsg_level == SOL_SOCKET &&
1127 cmsg->cmsg_type == SCM_RIGHTS) {
1128 fds = (int*) CMSG_DATA(cmsg);
1129 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1133 if (ev->data.fd == s->syslog_fd) {
1136 if (n > 0 && n_fds == 0) {
1137 e = memchr(s->buffer, '\n', n);
1143 server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1144 } else if (n_fds > 0)
1145 log_warning("Got file descriptors via syslog socket. Ignoring.");
1148 if (n > 0 && n_fds == 0)
1149 server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1150 else if (n == 0 && n_fds == 1)
1151 server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1153 log_warning("Got too many file descriptors via native socket. Ignoring.");
1156 close_many(fds, n_fds);
1161 } else if (ev->data.fd == s->stdout_fd) {
1163 if (ev->events != EPOLLIN) {
1164 log_error("Got invalid event from epoll.");
1168 stdout_stream_new(s);
1172 StdoutStream *stream;
1174 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1175 log_error("Got invalid event from epoll.");
1179 /* If it is none of the well-known fds, it must be an
1180 * stdout stream fd. Note that this is a bit ugly here
1181 * (since we rely that none of the well-known fds
1182 * could be interpreted as pointer), but nonetheless
1183 * safe, since the well-known fds would never get an
1184 * fd > 4096, i.e. beyond the first memory page */
1186 stream = ev->data.ptr;
1188 if (stdout_stream_process(stream) <= 0)
1189 stdout_stream_free(stream);
1194 log_error("Unknown event.");
1198 static int open_signalfd(Server *s) {
1200 struct epoll_event ev;
1204 assert_se(sigemptyset(&mask) == 0);
1205 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
1206 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1208 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1209 if (s->signal_fd < 0) {
1210 log_error("signalfd(): %m");
1215 ev.events = EPOLLIN;
1216 ev.data.fd = s->signal_fd;
1218 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1219 log_error("epoll_ctl(): %m");
1226 static int server_parse_proc_cmdline(Server *s) {
1227 char _cleanup_free_ *line = NULL;
1232 if (detect_container(NULL) > 0)
1235 r = read_one_line_file("/proc/cmdline", &line);
1237 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
1241 FOREACH_WORD_QUOTED(w, l, line, state) {
1242 char _cleanup_free_ *word;
1244 word = strndup(w, l);
1248 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1249 r = parse_boolean(word + 35);
1251 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1253 s->forward_to_syslog = r;
1254 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1255 r = parse_boolean(word + 33);
1257 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1259 s->forward_to_kmsg = r;
1260 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1261 r = parse_boolean(word + 36);
1263 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1265 s->forward_to_console = r;
1266 } else if (startswith(word, "systemd.journald"))
1267 log_warning("Invalid systemd.journald parameter. Ignoring.");
1273 static int server_parse_config_file(Server *s) {
1274 static const char *fn = "/etc/systemd/journald.conf";
1275 FILE _cleanup_fclose_ *f = NULL;
1280 f = fopen(fn, "re");
1282 if (errno == ENOENT)
1285 log_warning("Failed to open configuration file %s: %m", fn);
1289 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup,
1290 (void*) journald_gperf_lookup, false, s);
1292 log_warning("Failed to parse configuration file: %s", strerror(-r));
1297 int server_init(Server *s) {
1303 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1;
1307 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1308 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1310 s->forward_to_syslog = true;
1312 s->max_level_store = LOG_DEBUG;
1313 s->max_level_syslog = LOG_DEBUG;
1314 s->max_level_kmsg = LOG_NOTICE;
1315 s->max_level_console = LOG_INFO;
1317 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1318 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1320 server_parse_config_file(s);
1321 server_parse_proc_cmdline(s);
1322 if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1323 log_debug("Setting both rate limit interval and burst from %llu,%u to 0,0",
1324 (long long unsigned) s->rate_limit_interval,
1325 s->rate_limit_burst);
1326 s->rate_limit_interval = s->rate_limit_burst = 0;
1329 mkdir_p("/run/systemd/journal", 0755);
1331 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1332 if (!s->user_journals)
1335 s->mmap = mmap_cache_new();
1339 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1340 if (s->epoll_fd < 0) {
1341 log_error("Failed to create epoll object: %m");
1345 n = sd_listen_fds(true);
1347 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1351 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1353 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1355 if (s->native_fd >= 0) {
1356 log_error("Too many native sockets passed.");
1362 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1364 if (s->stdout_fd >= 0) {
1365 log_error("Too many stdout sockets passed.");
1371 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1373 if (s->syslog_fd >= 0) {
1374 log_error("Too many /dev/log sockets passed.");
1381 log_error("Unknown socket passed.");
1386 r = server_open_syslog_socket(s);
1390 r = server_open_native_socket(s);
1394 r = server_open_stdout_socket(s);
1398 r = server_open_dev_kmsg(s);
1402 r = server_open_kernel_seqnum(s);
1406 r = open_signalfd(s);
1410 s->udev = udev_new();
1414 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval,
1415 s->rate_limit_burst);
1419 r = system_journal_open(s);
1426 void server_maybe_append_tags(Server *s) {
1432 n = now(CLOCK_REALTIME);
1434 if (s->system_journal)
1435 journal_file_maybe_append_tag(s->system_journal, n);
1437 HASHMAP_FOREACH(f, s->user_journals, i)
1438 journal_file_maybe_append_tag(f, n);
1442 void server_done(Server *s) {
1446 while (s->stdout_streams)
1447 stdout_stream_free(s->stdout_streams);
1449 if (s->system_journal)
1450 journal_file_close(s->system_journal);
1452 if (s->runtime_journal)
1453 journal_file_close(s->runtime_journal);
1455 while ((f = hashmap_steal_first(s->user_journals)))
1456 journal_file_close(f);
1458 hashmap_free(s->user_journals);
1460 if (s->epoll_fd >= 0)
1461 close_nointr_nofail(s->epoll_fd);
1463 if (s->signal_fd >= 0)
1464 close_nointr_nofail(s->signal_fd);
1466 if (s->syslog_fd >= 0)
1467 close_nointr_nofail(s->syslog_fd);
1469 if (s->native_fd >= 0)
1470 close_nointr_nofail(s->native_fd);
1472 if (s->stdout_fd >= 0)
1473 close_nointr_nofail(s->stdout_fd);
1475 if (s->dev_kmsg_fd >= 0)
1476 close_nointr_nofail(s->dev_kmsg_fd);
1479 journal_rate_limit_free(s->rate_limit);
1481 if (s->kernel_seqnum)
1482 munmap(s->kernel_seqnum, sizeof(uint64_t));
1488 mmap_cache_unref(s->mmap);
1491 udev_unref(s->udev);
~ianmdlvl / elogind.git / blob