1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
482 f = find_journal(s, uid);
488 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
493 (r != -E2BIG && /* hit limit */
494 r != -EFBIG && /* hit fs limit */
495 r != -EDQUOT && /* quota hit */
496 r != -ENOSPC && /* disk full */
497 r != -EBADMSG && /* corrupted */
498 r != -ENODATA && /* truncated */
499 r != -EHOSTDOWN && /* other machine */
500 r != -EPROTONOSUPPORT && /* unsupported feature */
501 r != -EBUSY && /* unclean shutdown */
502 r != -ESHUTDOWN /* already archived */)) {
503 log_error("Failed to write entry, ignoring: %s", strerror(-r));
507 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
508 log_info("Allocation limit reached, rotating.");
509 else if (r == -EHOSTDOWN)
510 log_info("Journal file from other machine, rotating.");
511 else if (r == -EBUSY)
512 log_info("Unlcean shutdown, rotating.");
514 log_warning("Journal file corrupted, rotating.");
520 f = find_journal(s, uid);
524 log_info("Retrying write.");
528 static void dispatch_message_real(
530 struct iovec *iovec, unsigned n, unsigned m,
533 const char *label, size_t label_len,
534 const char *unit_id) {
536 char *pid = NULL, *uid = NULL, *gid = NULL,
537 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
538 *comm = NULL, *cmdline = NULL, *hostname = NULL,
539 *audit_session = NULL, *audit_loginuid = NULL,
540 *exe = NULL, *cgroup = NULL, *session = NULL,
541 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
547 uid_t loginuid = 0, realuid = 0;
552 assert(n + N_IOVEC_META_FIELDS <= m);
560 realuid = ucred->uid;
562 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
563 IOVEC_SET_STRING(iovec[n++], pid);
565 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
566 IOVEC_SET_STRING(iovec[n++], uid);
568 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
569 IOVEC_SET_STRING(iovec[n++], gid);
571 r = get_process_comm(ucred->pid, &t);
573 comm = strappend("_COMM=", t);
577 IOVEC_SET_STRING(iovec[n++], comm);
580 r = get_process_exe(ucred->pid, &t);
582 exe = strappend("_EXE=", t);
586 IOVEC_SET_STRING(iovec[n++], exe);
589 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
591 cmdline = strappend("_CMDLINE=", t);
595 IOVEC_SET_STRING(iovec[n++], cmdline);
598 r = audit_session_from_pid(ucred->pid, &audit);
600 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
601 IOVEC_SET_STRING(iovec[n++], audit_session);
603 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
605 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
606 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
608 t = shortened_cgroup_path(ucred->pid);
610 cgroup = strappend("_SYSTEMD_CGROUP=", t);
614 IOVEC_SET_STRING(iovec[n++], cgroup);
618 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
619 session = strappend("_SYSTEMD_SESSION=", t);
623 IOVEC_SET_STRING(iovec[n++], session);
626 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
627 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
628 IOVEC_SET_STRING(iovec[n++], owner_uid);
631 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
632 unit = strappend("_SYSTEMD_UNIT=", t);
635 unit = strappend("_SYSTEMD_UNIT=", unit_id);
638 IOVEC_SET_STRING(iovec[n++], unit);
642 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
643 if (selinux_context) {
644 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
645 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
646 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
647 IOVEC_SET_STRING(iovec[n++], selinux_context);
650 security_context_t con;
652 if (getpidcon(ucred->pid, &con) >= 0) {
653 selinux_context = strappend("_SELINUX_CONTEXT=", con);
655 IOVEC_SET_STRING(iovec[n++], selinux_context);
664 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
665 (unsigned long long) timeval_load(tv)) >= 0)
666 IOVEC_SET_STRING(iovec[n++], source_time);
669 /* Note that strictly speaking storing the boot id here is
670 * redundant since the entry includes this in-line
671 * anyway. However, we need this indexed, too. */
672 r = sd_id128_get_boot(&id);
674 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
675 IOVEC_SET_STRING(iovec[n++], boot_id);
677 r = sd_id128_get_machine(&id);
679 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
680 IOVEC_SET_STRING(iovec[n++], machine_id);
682 t = gethostname_malloc();
684 hostname = strappend("_HOSTNAME=", t);
687 IOVEC_SET_STRING(iovec[n++], hostname);
692 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
705 free(audit_loginuid);
710 free(selinux_context);
713 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
714 char mid[11 + 32 + 1];
715 char buffer[16 + LINE_MAX + 1];
716 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
724 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
725 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
727 memcpy(buffer, "MESSAGE=", 8);
728 va_start(ap, format);
729 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
731 char_array_0(buffer);
732 IOVEC_SET_STRING(iovec[n++], buffer);
734 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
736 IOVEC_SET_STRING(iovec[n++], mid);
739 ucred.pid = getpid();
740 ucred.uid = getuid();
741 ucred.gid = getgid();
743 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
746 static void dispatch_message(Server *s,
747 struct iovec *iovec, unsigned n, unsigned m,
750 const char *label, size_t label_len,
754 char *path = NULL, *c;
757 assert(iovec || n == 0);
762 if (LOG_PRI(priority) > s->max_level_store)
768 path = shortened_cgroup_path(ucred->pid);
772 /* example: /user/lennart/3/foobar
773 * /system/dbus.service/foobar
775 * So let's cut of everything past the third /, since that is
776 * wher user directories start */
778 c = strchr(path, '/');
780 c = strchr(c+1, '/');
782 c = strchr(c+1, '/');
788 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
795 /* Write a suppression message if we suppressed something */
797 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
802 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
805 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
806 struct msghdr msghdr;
807 struct cmsghdr *cmsg;
809 struct cmsghdr cmsghdr;
810 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
812 union sockaddr_union sa;
819 msghdr.msg_iov = (struct iovec*) iovec;
820 msghdr.msg_iovlen = n_iovec;
823 sa.un.sun_family = AF_UNIX;
824 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
825 msghdr.msg_name = &sa;
826 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
830 msghdr.msg_control = &control;
831 msghdr.msg_controllen = sizeof(control);
833 cmsg = CMSG_FIRSTHDR(&msghdr);
834 cmsg->cmsg_level = SOL_SOCKET;
835 cmsg->cmsg_type = SCM_CREDENTIALS;
836 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
837 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
838 msghdr.msg_controllen = cmsg->cmsg_len;
841 /* Forward the syslog message we received via /dev/log to
842 * /run/systemd/syslog. Unfortunately we currently can't set
843 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
845 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
848 /* The socket is full? I guess the syslog implementation is
849 * too slow, and we shouldn't wait for that... */
853 if (ucred && errno == ESRCH) {
856 /* Hmm, presumably the sender process vanished
857 * by now, so let's fix it as good as we
862 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
864 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
871 log_debug("Failed to forward syslog message: %m");
874 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
880 if (LOG_PRI(priority) > s->max_level_syslog)
883 IOVEC_SET_STRING(iovec, buffer);
884 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
887 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
888 struct iovec iovec[5];
889 char header_priority[6], header_time[64], header_pid[16];
893 char *ident_buf = NULL;
896 assert(priority >= 0);
897 assert(priority <= 999);
900 if (LOG_PRI(priority) > s->max_level_syslog)
903 /* First: priority field */
904 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
905 char_array_0(header_priority);
906 IOVEC_SET_STRING(iovec[n++], header_priority);
908 /* Second: timestamp */
909 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
913 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
915 IOVEC_SET_STRING(iovec[n++], header_time);
917 /* Third: identifier and PID */
920 get_process_comm(ucred->pid, &ident_buf);
921 identifier = ident_buf;
924 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
925 char_array_0(header_pid);
928 IOVEC_SET_STRING(iovec[n++], identifier);
930 IOVEC_SET_STRING(iovec[n++], header_pid);
931 } else if (identifier) {
932 IOVEC_SET_STRING(iovec[n++], identifier);
933 IOVEC_SET_STRING(iovec[n++], ": ");
936 /* Fourth: message */
937 IOVEC_SET_STRING(iovec[n++], message);
939 forward_syslog_iovec(s, iovec, n, ucred, tv);
944 static int fixup_priority(int priority) {
946 if ((priority & LOG_FACMASK) == 0)
947 return (priority & LOG_PRIMASK) | LOG_USER;
952 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
953 struct iovec iovec[5];
954 char header_priority[6], header_pid[16];
956 char *ident_buf = NULL;
960 assert(priority >= 0);
961 assert(priority <= 999);
964 if (LOG_PRI(priority) > s->max_level_kmsg)
967 /* Never allow messages with kernel facility to be written to
968 * kmsg, regardless where the data comes from. */
969 priority = fixup_priority(priority);
971 /* First: priority field */
972 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
973 char_array_0(header_priority);
974 IOVEC_SET_STRING(iovec[n++], header_priority);
976 /* Second: identifier and PID */
979 get_process_comm(ucred->pid, &ident_buf);
980 identifier = ident_buf;
983 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
984 char_array_0(header_pid);
987 IOVEC_SET_STRING(iovec[n++], identifier);
989 IOVEC_SET_STRING(iovec[n++], header_pid);
990 } else if (identifier) {
991 IOVEC_SET_STRING(iovec[n++], identifier);
992 IOVEC_SET_STRING(iovec[n++], ": ");
995 /* Fourth: message */
996 IOVEC_SET_STRING(iovec[n++], message);
997 IOVEC_SET_STRING(iovec[n++], "\n");
999 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
1001 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
1005 if (writev(fd, iovec, n) < 0)
1006 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1008 close_nointr_nofail(fd);
1014 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1015 struct iovec iovec[4];
1016 char header_pid[16];
1018 char *ident_buf = NULL;
1024 if (LOG_PRI(priority) > s->max_level_console)
1027 /* First: identifier and PID */
1030 get_process_comm(ucred->pid, &ident_buf);
1031 identifier = ident_buf;
1034 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1035 char_array_0(header_pid);
1038 IOVEC_SET_STRING(iovec[n++], identifier);
1040 IOVEC_SET_STRING(iovec[n++], header_pid);
1041 } else if (identifier) {
1042 IOVEC_SET_STRING(iovec[n++], identifier);
1043 IOVEC_SET_STRING(iovec[n++], ": ");
1046 /* Third: message */
1047 IOVEC_SET_STRING(iovec[n++], message);
1048 IOVEC_SET_STRING(iovec[n++], "\n");
1050 tty = s->tty_path ? s->tty_path : "/dev/console";
1052 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1054 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1058 if (writev(fd, iovec, n) < 0)
1059 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1061 close_nointr_nofail(fd);
1067 static void read_identifier(const char **buf, char **identifier, char **pid) {
1078 p += strspn(p, WHITESPACE);
1079 l = strcspn(p, WHITESPACE);
1088 if (p[l-1] == ']') {
1094 t = strndup(p+k+1, l-k-2);
1114 *buf += strspn(*buf, WHITESPACE);
1117 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1118 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1119 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1121 int priority = LOG_USER | LOG_INFO;
1122 char *identifier = NULL, *pid = NULL;
1129 parse_syslog_priority((char**) &buf, &priority);
1131 if (s->forward_to_syslog)
1132 forward_syslog_raw(s, priority, orig, ucred, tv);
1134 skip_syslog_date((char**) &buf);
1135 read_identifier(&buf, &identifier, &pid);
1137 if (s->forward_to_kmsg)
1138 forward_kmsg(s, priority, identifier, buf, ucred);
1140 if (s->forward_to_console)
1141 forward_console(s, priority, identifier, buf, ucred);
1143 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1145 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1146 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1148 if (priority & LOG_FACMASK)
1149 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1150 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1153 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1154 if (syslog_identifier)
1155 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1159 syslog_pid = strappend("SYSLOG_PID=", pid);
1161 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1164 message = strappend("MESSAGE=", buf);
1166 IOVEC_SET_STRING(iovec[n++], message);
1168 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1173 free(syslog_priority);
1174 free(syslog_facility);
1175 free(syslog_identifier);
1178 static bool valid_user_field(const char *p, size_t l) {
1181 /* We kinda enforce POSIX syntax recommendations for
1182 environment variables here, but make a couple of additional
1185 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1187 /* No empty field names */
1191 /* Don't allow names longer than 64 chars */
1195 /* Variables starting with an underscore are protected */
1199 /* Don't allow digits as first character */
1200 if (p[0] >= '0' && p[0] <= '9')
1203 /* Only allow A-Z0-9 and '_' */
1204 for (a = p; a < p + l; a++)
1205 if (!((*a >= 'A' && *a <= 'Z') ||
1206 (*a >= '0' && *a <= '9') ||
1213 static void process_native_message(
1215 const void *buffer, size_t buffer_size,
1216 struct ucred *ucred,
1218 const char *label, size_t label_len) {
1220 struct iovec *iovec = NULL;
1221 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1224 int priority = LOG_INFO;
1225 char *identifier = NULL, *message = NULL;
1228 assert(buffer || buffer_size == 0);
1231 remaining = buffer_size;
1233 while (remaining > 0) {
1236 e = memchr(p, '\n', remaining);
1239 /* Trailing noise, let's ignore it, and flush what we collected */
1240 log_debug("Received message with trailing noise, ignoring.");
1245 /* Entry separator */
1246 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1248 priority = LOG_INFO;
1255 if (*p == '.' || *p == '#') {
1256 /* Ignore control commands for now, and
1258 remaining -= (e - p) + 1;
1263 /* A property follows */
1265 if (n+N_IOVEC_META_FIELDS >= m) {
1269 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1270 c = realloc(iovec, u * sizeof(struct iovec));
1272 log_error("Out of memory");
1280 q = memchr(p, '=', e - p);
1282 if (valid_user_field(p, q - p)) {
1287 /* If the field name starts with an
1288 * underscore, skip the variable,
1289 * since that indidates a trusted
1291 iovec[n].iov_base = (char*) p;
1292 iovec[n].iov_len = l;
1295 /* We need to determine the priority
1296 * of this entry for the rate limiting
1299 memcmp(p, "PRIORITY=", 9) == 0 &&
1300 p[9] >= '0' && p[9] <= '9')
1301 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1304 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1305 p[16] >= '0' && p[16] <= '9')
1306 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1309 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1310 p[16] >= '0' && p[16] <= '9' &&
1311 p[17] >= '0' && p[17] <= '9')
1312 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1315 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1318 t = strndup(p + 18, l - 18);
1323 } else if (l >= 8 &&
1324 memcmp(p, "MESSAGE=", 8) == 0) {
1327 t = strndup(p + 8, l - 8);
1335 remaining -= (e - p) + 1;
1343 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1344 log_debug("Failed to parse message, ignoring.");
1348 memcpy(&l_le, e + 1, sizeof(uint64_t));
1351 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1352 e[1+sizeof(uint64_t)+l] != '\n') {
1353 log_debug("Failed to parse message, ignoring.");
1357 k = malloc((e - p) + 1 + l);
1359 log_error("Out of memory");
1363 memcpy(k, p, e - p);
1365 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1367 if (valid_user_field(p, e - p)) {
1368 iovec[n].iov_base = k;
1369 iovec[n].iov_len = (e - p) + 1 + l;
1374 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1375 p = e + 1 + sizeof(uint64_t) + l + 1;
1383 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1386 if (s->forward_to_syslog)
1387 forward_syslog(s, priority, identifier, message, ucred, tv);
1389 if (s->forward_to_kmsg)
1390 forward_kmsg(s, priority, identifier, message, ucred);
1392 if (s->forward_to_console)
1393 forward_console(s, priority, identifier, message, ucred);
1396 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1399 for (j = 0; j < n; j++) {
1403 if (iovec[j].iov_base < buffer ||
1404 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1405 free(iovec[j].iov_base);
1413 static void process_native_file(
1416 struct ucred *ucred,
1418 const char *label, size_t label_len) {
1427 /* Data is in the passed file, since it didn't fit in a
1428 * datagram. We can't map the file here, since clients might
1429 * then truncate it and trigger a SIGBUS for us. So let's
1430 * stupidly read it */
1432 if (fstat(fd, &st) < 0) {
1433 log_error("Failed to stat passed file, ignoring: %m");
1437 if (!S_ISREG(st.st_mode)) {
1438 log_error("File passed is not regular. Ignoring.");
1442 if (st.st_size <= 0)
1445 if (st.st_size > ENTRY_SIZE_MAX) {
1446 log_error("File passed too large. Ignoring.");
1450 p = malloc(st.st_size);
1452 log_error("Out of memory");
1456 n = pread(fd, p, st.st_size, 0);
1458 log_error("Failed to read file, ignoring: %s", strerror(-n));
1460 process_native_message(s, p, n, ucred, tv, label, label_len);
1465 static int stdout_stream_log(StdoutStream *s, const char *p) {
1466 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1467 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1471 size_t label_len = 0;
1479 priority = s->priority;
1481 if (s->level_prefix)
1482 parse_syslog_priority((char**) &p, &priority);
1484 if (s->forward_to_syslog || s->server->forward_to_syslog)
1485 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1487 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1488 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1490 if (s->forward_to_console || s->server->forward_to_console)
1491 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1493 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1495 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1496 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1498 if (priority & LOG_FACMASK)
1499 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1500 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1502 if (s->identifier) {
1503 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1504 if (syslog_identifier)
1505 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1508 message = strappend("MESSAGE=", p);
1510 IOVEC_SET_STRING(iovec[n++], message);
1513 if (s->security_context) {
1514 label = (char*) s->security_context;
1515 label_len = strlen((char*) s->security_context);
1519 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1522 free(syslog_priority);
1523 free(syslog_facility);
1524 free(syslog_identifier);
1529 static int stdout_stream_line(StdoutStream *s, char *p) {
1539 case STDOUT_STREAM_IDENTIFIER:
1541 s->identifier = NULL;
1543 s->identifier = strdup(p);
1544 if (!s->identifier) {
1545 log_error("Out of memory");
1550 s->state = STDOUT_STREAM_UNIT_ID;
1553 case STDOUT_STREAM_UNIT_ID:
1554 if (s->ucred.uid == 0) {
1558 s->unit_id = strdup(p);
1560 log_error("Out of memory");
1566 s->state = STDOUT_STREAM_PRIORITY;
1569 case STDOUT_STREAM_PRIORITY:
1570 r = safe_atoi(p, &s->priority);
1571 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1572 log_warning("Failed to parse log priority line.");
1576 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1579 case STDOUT_STREAM_LEVEL_PREFIX:
1580 r = parse_boolean(p);
1582 log_warning("Failed to parse level prefix line.");
1586 s->level_prefix = !!r;
1587 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1590 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1591 r = parse_boolean(p);
1593 log_warning("Failed to parse forward to syslog line.");
1597 s->forward_to_syslog = !!r;
1598 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1601 case STDOUT_STREAM_FORWARD_TO_KMSG:
1602 r = parse_boolean(p);
1604 log_warning("Failed to parse copy to kmsg line.");
1608 s->forward_to_kmsg = !!r;
1609 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1612 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1613 r = parse_boolean(p);
1615 log_warning("Failed to parse copy to console line.");
1619 s->forward_to_console = !!r;
1620 s->state = STDOUT_STREAM_RUNNING;
1623 case STDOUT_STREAM_RUNNING:
1624 return stdout_stream_log(s, p);
1627 assert_not_reached("Unknown stream state");
1630 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1638 remaining = s->length;
1643 end = memchr(p, '\n', remaining);
1646 else if (remaining >= sizeof(s->buffer) - 1) {
1647 end = p + sizeof(s->buffer) - 1;
1654 r = stdout_stream_line(s, p);
1662 if (force_flush && remaining > 0) {
1664 r = stdout_stream_line(s, p);
1672 if (p > s->buffer) {
1673 memmove(s->buffer, p, remaining);
1674 s->length = remaining;
1680 static int stdout_stream_process(StdoutStream *s) {
1686 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1689 if (errno == EAGAIN)
1692 log_warning("Failed to read from stream: %m");
1697 r = stdout_stream_scan(s, true);
1705 r = stdout_stream_scan(s, false);
1713 static void stdout_stream_free(StdoutStream *s) {
1717 assert(s->server->n_stdout_streams > 0);
1718 s->server->n_stdout_streams --;
1719 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1724 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1726 close_nointr_nofail(s->fd);
1730 if (s->security_context)
1731 freecon(s->security_context);
1734 free(s->identifier);
1738 static int stdout_stream_new(Server *s) {
1739 StdoutStream *stream;
1742 struct epoll_event ev;
1746 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1748 if (errno == EAGAIN)
1751 log_error("Failed to accept stdout connection: %m");
1755 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1756 log_warning("Too many stdout streams, refusing connection.");
1757 close_nointr_nofail(fd);
1761 stream = new0(StdoutStream, 1);
1763 log_error("Out of memory.");
1764 close_nointr_nofail(fd);
1770 len = sizeof(stream->ucred);
1771 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1772 log_error("Failed to determine peer credentials: %m");
1778 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1779 log_error("Failed to determine peer security context: %m");
1782 if (shutdown(fd, SHUT_WR) < 0) {
1783 log_error("Failed to shutdown writing side of socket: %m");
1789 ev.data.ptr = stream;
1790 ev.events = EPOLLIN;
1791 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1792 log_error("Failed to add stream to event loop: %m");
1798 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1799 s->n_stdout_streams ++;
1804 stdout_stream_free(stream);
1808 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1819 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1824 for (i = 1; i <= 5; i++) {
1830 k = undecchar(p[i]);
1837 for (i = 7; i <= 12; i++) {
1840 k = undecchar(p[i]);
1849 *_p += strspn(*_p, WHITESPACE);
1854 static bool is_us(const char *pid) {
1859 if (parse_pid(pid, &t) < 0)
1862 return t == getpid();
1865 static void proc_kmsg_line(Server *s, const char *p) {
1866 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1867 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1868 int priority = LOG_KERN | LOG_INFO;
1871 char *identifier = NULL, *pid = NULL;
1879 parse_syslog_priority((char **) &p, &priority);
1881 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1884 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1885 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1886 (unsigned long long) usec) >= 0)
1887 IOVEC_SET_STRING(iovec[n++], source_time);
1890 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1892 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1893 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1895 if ((priority & LOG_FACMASK) == LOG_KERN) {
1897 if (s->forward_to_syslog)
1898 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1900 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1902 read_identifier(&p, &identifier, &pid);
1904 /* Avoid any messages we generated ourselves via
1905 * log_info() and friends. */
1906 if (pid && is_us(pid))
1909 if (s->forward_to_syslog)
1910 forward_syslog(s, priority, identifier, p, NULL, NULL);
1913 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1914 if (syslog_identifier)
1915 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1919 syslog_pid = strappend("SYSLOG_PID=", pid);
1921 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1924 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1925 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1928 message = strappend("MESSAGE=", p);
1930 IOVEC_SET_STRING(iovec[n++], message);
1932 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1936 free(syslog_priority);
1937 free(syslog_identifier);
1939 free(syslog_facility);
1945 static void proc_kmsg_scan(Server *s) {
1951 p = s->proc_kmsg_buffer;
1952 remaining = s->proc_kmsg_length;
1957 end = memchr(p, '\n', remaining);
1960 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1961 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1968 proc_kmsg_line(s, p);
1974 if (p > s->proc_kmsg_buffer) {
1975 memmove(s->proc_kmsg_buffer, p, remaining);
1976 s->proc_kmsg_length = remaining;
1980 static int system_journal_open(Server *s) {
1986 r = sd_id128_get_machine(&machine);
1990 sd_id128_to_string(machine, ids);
1992 if (!s->system_journal &&
1993 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1994 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1996 /* If in auto mode: first try to create the machine
1997 * path, but not the prefix.
1999 * If in persistent mode: create /var/log/journal and
2000 * the machine path */
2002 if (s->storage == STORAGE_PERSISTENT)
2003 (void) mkdir("/var/log/journal/", 0755);
2005 fn = strappend("/var/log/journal/", ids);
2009 (void) mkdir(fn, 0755);
2012 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2016 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
2020 s->system_journal->compress = s->compress;
2022 server_fix_perms(s, s->system_journal, 0);
2025 if (r != -ENOENT && r != -EROFS)
2026 log_warning("Failed to open system journal: %s", strerror(-r));
2032 if (!s->runtime_journal &&
2033 (s->storage != STORAGE_NONE)) {
2035 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2039 if (s->system_journal) {
2041 /* Try to open the runtime journal, but only
2042 * if it already exists, so that we can flush
2043 * it into the system journal */
2045 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2050 log_warning("Failed to open runtime journal: %s", strerror(-r));
2057 /* OK, we really need the runtime journal, so create
2058 * it if necessary. */
2060 (void) mkdir_parents(fn, 0755);
2061 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2065 log_error("Failed to open runtime journal: %s", strerror(-r));
2070 if (s->runtime_journal) {
2071 s->runtime_journal->compress = s->compress;
2073 server_fix_perms(s, s->runtime_journal, 0);
2080 static int server_flush_to_var(Server *s) {
2088 if (s->storage != STORAGE_AUTO &&
2089 s->storage != STORAGE_PERSISTENT)
2092 if (!s->runtime_journal)
2095 system_journal_open(s);
2097 if (!s->system_journal)
2100 log_info("Flushing to /var...");
2102 r = sd_id128_get_machine(&machine);
2104 log_error("Failed to get machine id: %s", strerror(-r));
2108 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2110 log_error("Failed to read runtime journal: %s", strerror(-r));
2114 SD_JOURNAL_FOREACH(j) {
2117 f = j->current_file;
2118 assert(f && f->current_offset > 0);
2120 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2122 log_error("Can't read entry: %s", strerror(-r));
2126 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2128 log_info("Allocation limit reached.");
2130 journal_file_post_change(s->system_journal);
2134 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2138 log_error("Can't write entry: %s", strerror(-r));
2144 journal_file_post_change(s->system_journal);
2146 journal_file_close(s->runtime_journal);
2147 s->runtime_journal = NULL;
2150 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2151 sd_id128_to_string(machine, path + 17);
2152 rm_rf(path, false, true, false);
2158 static int server_read_proc_kmsg(Server *s) {
2161 assert(s->proc_kmsg_fd >= 0);
2163 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2164 if (l == 0) /* the kernel is stupid and in some race
2165 * conditions returns 0 in the middle of the
2170 if (errno == EAGAIN || errno == EINTR)
2173 log_error("Failed to read from kernel: %m");
2177 s->proc_kmsg_length += l;
2183 static int server_flush_proc_kmsg(Server *s) {
2188 if (s->proc_kmsg_fd < 0)
2191 log_info("Flushing /proc/kmsg...");
2194 r = server_read_proc_kmsg(s);
2205 static int process_event(Server *s, struct epoll_event *ev) {
2209 if (ev->data.fd == s->signal_fd) {
2210 struct signalfd_siginfo sfsi;
2213 if (ev->events != EPOLLIN) {
2214 log_info("Got invalid event from epoll.");
2218 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2219 if (n != sizeof(sfsi)) {
2224 if (errno == EINTR || errno == EAGAIN)
2230 if (sfsi.ssi_signo == SIGUSR1) {
2231 touch("/run/systemd/journal/flushed");
2232 server_flush_to_var(s);
2236 if (sfsi.ssi_signo == SIGUSR2) {
2242 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2245 } else if (ev->data.fd == s->proc_kmsg_fd) {
2248 if (ev->events != EPOLLIN) {
2249 log_info("Got invalid event from epoll.");
2253 r = server_read_proc_kmsg(s);
2259 } else if (ev->data.fd == s->native_fd ||
2260 ev->data.fd == s->syslog_fd) {
2262 if (ev->events != EPOLLIN) {
2263 log_info("Got invalid event from epoll.");
2268 struct msghdr msghdr;
2270 struct ucred *ucred = NULL;
2271 struct timeval *tv = NULL;
2272 struct cmsghdr *cmsg;
2274 size_t label_len = 0;
2276 struct cmsghdr cmsghdr;
2278 /* We use NAME_MAX space for the
2279 * SELinux label here. The kernel
2280 * currently enforces no limit, but
2281 * according to suggestions from the
2282 * SELinux people this will change and
2283 * it will probably be identical to
2284 * NAME_MAX. For now we use that, but
2285 * this should be updated one day when
2286 * the final limit is known.*/
2287 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2288 CMSG_SPACE(sizeof(struct timeval)) +
2289 CMSG_SPACE(sizeof(int)) + /* fd */
2290 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2297 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2298 log_error("SIOCINQ failed: %m");
2302 if (s->buffer_size < (size_t) v) {
2306 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2307 b = realloc(s->buffer, l+1);
2310 log_error("Couldn't increase buffer.");
2319 iovec.iov_base = s->buffer;
2320 iovec.iov_len = s->buffer_size;
2324 msghdr.msg_iov = &iovec;
2325 msghdr.msg_iovlen = 1;
2326 msghdr.msg_control = &control;
2327 msghdr.msg_controllen = sizeof(control);
2329 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2332 if (errno == EINTR || errno == EAGAIN)
2335 log_error("recvmsg() failed: %m");
2339 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2341 if (cmsg->cmsg_level == SOL_SOCKET &&
2342 cmsg->cmsg_type == SCM_CREDENTIALS &&
2343 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2344 ucred = (struct ucred*) CMSG_DATA(cmsg);
2345 else if (cmsg->cmsg_level == SOL_SOCKET &&
2346 cmsg->cmsg_type == SCM_SECURITY) {
2347 label = (char*) CMSG_DATA(cmsg);
2348 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2349 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2350 cmsg->cmsg_type == SO_TIMESTAMP &&
2351 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2352 tv = (struct timeval*) CMSG_DATA(cmsg);
2353 else if (cmsg->cmsg_level == SOL_SOCKET &&
2354 cmsg->cmsg_type == SCM_RIGHTS) {
2355 fds = (int*) CMSG_DATA(cmsg);
2356 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2360 if (ev->data.fd == s->syslog_fd) {
2363 if (n > 0 && n_fds == 0) {
2364 e = memchr(s->buffer, '\n', n);
2370 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2371 } else if (n_fds > 0)
2372 log_warning("Got file descriptors via syslog socket. Ignoring.");
2375 if (n > 0 && n_fds == 0)
2376 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2377 else if (n == 0 && n_fds == 1)
2378 process_native_file(s, fds[0], ucred, tv, label, label_len);
2380 log_warning("Got too many file descriptors via native socket. Ignoring.");
2383 close_many(fds, n_fds);
2388 } else if (ev->data.fd == s->stdout_fd) {
2390 if (ev->events != EPOLLIN) {
2391 log_info("Got invalid event from epoll.");
2395 stdout_stream_new(s);
2399 StdoutStream *stream;
2401 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2402 log_info("Got invalid event from epoll.");
2406 /* If it is none of the well-known fds, it must be an
2407 * stdout stream fd. Note that this is a bit ugly here
2408 * (since we rely that none of the well-known fds
2409 * could be interpreted as pointer), but nonetheless
2410 * safe, since the well-known fds would never get an
2411 * fd > 4096, i.e. beyond the first memory page */
2413 stream = ev->data.ptr;
2415 if (stdout_stream_process(stream) <= 0)
2416 stdout_stream_free(stream);
2421 log_error("Unknown event.");
2425 static int open_syslog_socket(Server *s) {
2426 union sockaddr_union sa;
2428 struct epoll_event ev;
2432 if (s->syslog_fd < 0) {
2434 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2435 if (s->syslog_fd < 0) {
2436 log_error("socket() failed: %m");
2441 sa.un.sun_family = AF_UNIX;
2442 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2444 unlink(sa.un.sun_path);
2446 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2448 log_error("bind() failed: %m");
2452 chmod(sa.un.sun_path, 0666);
2454 fd_nonblock(s->syslog_fd, 1);
2457 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2459 log_error("SO_PASSCRED failed: %m");
2465 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2467 log_warning("SO_PASSSEC failed: %m");
2471 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2473 log_error("SO_TIMESTAMP failed: %m");
2478 ev.events = EPOLLIN;
2479 ev.data.fd = s->syslog_fd;
2480 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2481 log_error("Failed to add syslog server fd to epoll object: %m");
2488 static int open_native_socket(Server*s) {
2489 union sockaddr_union sa;
2491 struct epoll_event ev;
2495 if (s->native_fd < 0) {
2497 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2498 if (s->native_fd < 0) {
2499 log_error("socket() failed: %m");
2504 sa.un.sun_family = AF_UNIX;
2505 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2507 unlink(sa.un.sun_path);
2509 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2511 log_error("bind() failed: %m");
2515 chmod(sa.un.sun_path, 0666);
2517 fd_nonblock(s->native_fd, 1);
2520 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2522 log_error("SO_PASSCRED failed: %m");
2528 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2530 log_warning("SO_PASSSEC failed: %m");
2534 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2536 log_error("SO_TIMESTAMP failed: %m");
2541 ev.events = EPOLLIN;
2542 ev.data.fd = s->native_fd;
2543 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2544 log_error("Failed to add native server fd to epoll object: %m");
2551 static int open_stdout_socket(Server *s) {
2552 union sockaddr_union sa;
2554 struct epoll_event ev;
2558 if (s->stdout_fd < 0) {
2560 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2561 if (s->stdout_fd < 0) {
2562 log_error("socket() failed: %m");
2567 sa.un.sun_family = AF_UNIX;
2568 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2570 unlink(sa.un.sun_path);
2572 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2574 log_error("bind() failed: %m");
2578 chmod(sa.un.sun_path, 0666);
2580 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2581 log_error("liste() failed: %m");
2585 fd_nonblock(s->stdout_fd, 1);
2588 ev.events = EPOLLIN;
2589 ev.data.fd = s->stdout_fd;
2590 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2591 log_error("Failed to add stdout server fd to epoll object: %m");
2598 static int open_proc_kmsg(Server *s) {
2599 struct epoll_event ev;
2603 if (!s->import_proc_kmsg)
2606 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2607 if (s->proc_kmsg_fd < 0) {
2608 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2613 ev.events = EPOLLIN;
2614 ev.data.fd = s->proc_kmsg_fd;
2615 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2616 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2623 static int open_signalfd(Server *s) {
2625 struct epoll_event ev;
2629 assert_se(sigemptyset(&mask) == 0);
2630 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2631 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2633 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2634 if (s->signal_fd < 0) {
2635 log_error("signalfd(): %m");
2640 ev.events = EPOLLIN;
2641 ev.data.fd = s->signal_fd;
2643 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2644 log_error("epoll_ctl(): %m");
2651 static int server_parse_proc_cmdline(Server *s) {
2652 char *line, *w, *state;
2656 if (detect_container(NULL) > 0)
2659 r = read_one_line_file("/proc/cmdline", &line);
2661 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2665 FOREACH_WORD_QUOTED(w, l, line, state) {
2668 word = strndup(w, l);
2674 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2675 r = parse_boolean(word + 35);
2677 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2679 s->forward_to_syslog = r;
2680 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2681 r = parse_boolean(word + 33);
2683 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2685 s->forward_to_kmsg = r;
2686 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2687 r = parse_boolean(word + 36);
2689 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2691 s->forward_to_console = r;
2692 } else if (startswith(word, "systemd.journald"))
2693 log_warning("Invalid systemd.journald parameter. Ignoring.");
2705 static int server_parse_config_file(Server *s) {
2712 fn = "/etc/systemd/journald.conf";
2713 f = fopen(fn, "re");
2715 if (errno == ENOENT)
2718 log_warning("Failed to open configuration file %s: %m", fn);
2722 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2724 log_warning("Failed to parse configuration file: %s", strerror(-r));
2731 static int server_init(Server *s) {
2737 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2740 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2741 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2743 s->forward_to_syslog = true;
2745 s->max_level_store = LOG_DEBUG;
2746 s->max_level_syslog = LOG_DEBUG;
2747 s->max_level_kmsg = LOG_NOTICE;
2748 s->max_level_console = LOG_INFO;
2750 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2751 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2753 server_parse_config_file(s);
2754 server_parse_proc_cmdline(s);
2756 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2757 if (!s->user_journals) {
2758 log_error("Out of memory.");
2762 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2763 if (s->epoll_fd < 0) {
2764 log_error("Failed to create epoll object: %m");
2768 n = sd_listen_fds(true);
2770 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2774 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2776 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2778 if (s->native_fd >= 0) {
2779 log_error("Too many native sockets passed.");
2785 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2787 if (s->stdout_fd >= 0) {
2788 log_error("Too many stdout sockets passed.");
2794 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2796 if (s->syslog_fd >= 0) {
2797 log_error("Too many /dev/log sockets passed.");
2804 log_error("Unknown socket passed.");
2809 r = open_syslog_socket(s);
2813 r = open_native_socket(s);
2817 r = open_stdout_socket(s);
2821 r = open_proc_kmsg(s);
2825 r = open_signalfd(s);
2829 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2833 r = system_journal_open(s);
2840 static void server_done(Server *s) {
2844 while (s->stdout_streams)
2845 stdout_stream_free(s->stdout_streams);
2847 if (s->system_journal)
2848 journal_file_close(s->system_journal);
2850 if (s->runtime_journal)
2851 journal_file_close(s->runtime_journal);
2853 while ((f = hashmap_steal_first(s->user_journals)))
2854 journal_file_close(f);
2856 hashmap_free(s->user_journals);
2858 if (s->epoll_fd >= 0)
2859 close_nointr_nofail(s->epoll_fd);
2861 if (s->signal_fd >= 0)
2862 close_nointr_nofail(s->signal_fd);
2864 if (s->syslog_fd >= 0)
2865 close_nointr_nofail(s->syslog_fd);
2867 if (s->native_fd >= 0)
2868 close_nointr_nofail(s->native_fd);
2870 if (s->stdout_fd >= 0)
2871 close_nointr_nofail(s->stdout_fd);
2873 if (s->proc_kmsg_fd >= 0)
2874 close_nointr_nofail(s->proc_kmsg_fd);
2877 journal_rate_limit_free(s->rate_limit);
2883 int main(int argc, char *argv[]) {
2887 /* if (getppid() != 1) { */
2888 /* log_error("This program should be invoked by init only."); */
2889 /* return EXIT_FAILURE; */
2893 log_error("This program does not take arguments.");
2894 return EXIT_FAILURE;
2897 log_set_target(LOG_TARGET_SAFE);
2898 log_set_facility(LOG_SYSLOG);
2899 log_parse_environment();
2904 r = server_init(&server);
2908 server_vacuum(&server);
2909 server_flush_to_var(&server);
2910 server_flush_proc_kmsg(&server);
2912 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2913 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2917 "STATUS=Processing requests...");
2920 struct epoll_event event;
2922 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2928 log_error("epoll_wait() failed: %m");
2934 r = process_event(&server, &event);
2941 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2942 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2946 "STATUS=Shutting down...");
2948 server_done(&server);
2950 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;