1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <acl/libacl.h>
31 #include <sys/ioctl.h>
32 #include <linux/sockios.h>
35 #include "journal-file.h"
36 #include "sd-daemon.h"
37 #include "socket-util.h"
39 #include "cgroup-util.h"
41 typedef struct Server {
47 JournalFile *runtime_journal;
48 JournalFile *system_journal;
49 Hashmap *user_journals;
57 static void fix_perms(JournalFile *f, uid_t uid) {
60 acl_permset_t permset;
65 r = fchmod_and_fchown(f->fd, 0640, 0, 0);
67 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
72 acl = acl_get_fd(f->fd);
74 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
78 r = acl_find_uid(acl, uid, &entry);
81 if (acl_create_entry(&acl, &entry) < 0 ||
82 acl_set_tag_type(entry, ACL_USER) < 0 ||
83 acl_set_qualifier(entry, &uid) < 0) {
84 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
89 if (acl_get_permset(entry, &permset) < 0 ||
90 acl_add_perm(permset, ACL_READ) < 0 ||
91 acl_calc_mask(&acl) < 0) {
92 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
96 if (acl_set_fd(f->fd, acl) < 0)
97 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
103 static JournalFile* find_journal(Server *s, uid_t uid) {
112 /* We split up user logs only on /var, not on /run */
113 if (!s->system_journal)
114 return s->runtime_journal;
117 return s->system_journal;
119 r = sd_id128_get_machine(&machine);
121 return s->system_journal;
123 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
127 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
128 return s->system_journal;
130 r = journal_file_open(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
134 return s->system_journal;
138 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
140 journal_file_close(f);
141 return s->system_journal;
147 static void dispatch_message(Server *s, struct iovec *iovec, unsigned n, unsigned m, struct ucred *ucred, struct timeval *tv) {
148 char *pid = NULL, *uid = NULL, *gid = NULL,
149 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
150 *comm = NULL, *cmdline = NULL, *hostname = NULL,
151 *audit_session = NULL, *audit_loginuid = NULL,
152 *exe = NULL, *cgroup = NULL;
158 uid_t loginuid = 0, realuid = 0;
162 assert(iovec || n == 0);
173 realuid = ucred->uid;
175 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
176 IOVEC_SET_STRING(iovec[n++], pid);
178 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
179 IOVEC_SET_STRING(iovec[n++], uid);
181 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
182 IOVEC_SET_STRING(iovec[n++], gid);
184 r = get_process_comm(ucred->pid, &t);
186 comm = strappend("_COMM=", t);
188 IOVEC_SET_STRING(iovec[n++], comm);
192 r = get_process_exe(ucred->pid, &t);
194 exe = strappend("_EXE=", t);
196 IOVEC_SET_STRING(iovec[n++], exe);
200 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
202 cmdline = strappend("_CMDLINE=", t);
204 IOVEC_SET_STRING(iovec[n++], cmdline);
208 r = audit_session_from_pid(ucred->pid, &session);
210 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) session) >= 0)
211 IOVEC_SET_STRING(iovec[n++], audit_session);
213 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
215 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
216 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
218 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, ucred->pid, &path);
220 cgroup = strappend("_SYSTEMD_CGROUP=", path);
222 IOVEC_SET_STRING(iovec[n++], cgroup);
228 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
229 (unsigned long long) timeval_load(tv)) >= 0)
230 IOVEC_SET_STRING(iovec[n++], source_time);
233 /* Note that strictly speaking storing the boot id here is
234 * redundant since the entry includes this in-line
235 * anyway. However, we need this indexed, too. */
236 r = sd_id128_get_boot(&id);
238 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
239 IOVEC_SET_STRING(iovec[n++], boot_id);
241 r = sd_id128_get_machine(&id);
243 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
244 IOVEC_SET_STRING(iovec[n++], machine_id);
246 t = gethostname_malloc();
248 hostname = strappend("_HOSTNAME=", t);
250 IOVEC_SET_STRING(iovec[n++], hostname);
256 f = find_journal(s, realuid == 0 ? 0 : loginuid);
258 log_warning("Dropping message, as we can't find a place to store the data.");
260 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
263 log_error("Failed to write entry, ignoring: %s", strerror(-r));
277 free(audit_loginuid);
282 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv) {
283 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL;
284 struct iovec iovec[16];
286 int priority = LOG_USER | LOG_INFO;
291 parse_syslog_priority((char**) &buf, &priority);
292 skip_syslog_date((char**) &buf);
294 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
295 IOVEC_SET_STRING(iovec[n++], syslog_priority);
297 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
298 IOVEC_SET_STRING(iovec[n++], syslog_facility);
300 message = strappend("MESSAGE=", buf);
302 IOVEC_SET_STRING(iovec[n++], message);
304 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv);
307 free(syslog_facility);
308 free(syslog_priority);
311 static void process_native_message(Server *s, const void *buffer, size_t buffer_size, struct ucred *ucred, struct timeval *tv) {
312 struct iovec *iovec = NULL;
313 unsigned n = 0, m = 0, j;
318 assert(buffer || n == 0);
321 remaining = buffer_size;
323 while (remaining > 0) {
326 e = memchr(p, '\n', remaining);
329 /* Trailing noise, let's ignore it, and flush what we collected */
330 log_debug("Received message with trailing noise, ignoring.");
335 /* Entry separator */
336 dispatch_message(s, iovec, n, m, ucred, tv);
345 /* Control command, ignore for now */
346 remaining -= (e - p) + 1;
351 /* A property follows */
357 u = MAX((n+13U) * 2U, 4U);
358 c = realloc(iovec, u * sizeof(struct iovec));
360 log_error("Out of memory");
368 q = memchr(p, '=', e - p);
370 iovec[n].iov_base = (char*) p;
371 iovec[n].iov_len = e - p;
374 remaining -= (e - p) + 1;
381 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
382 log_debug("Failed to parse message, ignoring.");
386 memcpy(&l, e + 1, sizeof(uint64_t));
389 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
390 e[1+sizeof(uint64_t)+l] != '\n') {
391 log_debug("Failed to parse message, ignoring.");
395 k = malloc((e - p) + 1 + l);
397 log_error("Out of memory");
403 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
405 iovec[n].iov_base = k;
406 iovec[n].iov_len = (e - p) + 1 + l;
409 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
410 p = e + 1 + sizeof(uint64_t) + l + 1;
414 dispatch_message(s, iovec, n, m, ucred, tv);
416 for (j = 0; j < n; j++)
417 if (iovec[j].iov_base < buffer ||
418 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
419 free(iovec[j].iov_base);
422 static int process_event(Server *s, struct epoll_event *ev) {
425 if (ev->events != EPOLLIN) {
426 log_info("Got invalid event from epoll.");
430 if (ev->data.fd == s->signal_fd) {
431 struct signalfd_siginfo sfsi;
434 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
435 if (n != sizeof(sfsi)) {
440 if (errno == EINTR || errno == EAGAIN)
446 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
451 if (ev->data.fd == s->native_fd ||
452 ev->data.fd == s->syslog_fd) {
454 struct msghdr msghdr;
456 struct ucred *ucred = NULL;
457 struct timeval *tv = NULL;
458 struct cmsghdr *cmsg;
460 struct cmsghdr cmsghdr;
461 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
462 CMSG_SPACE(sizeof(struct timeval))];
467 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
468 log_error("SIOCINQ failed: %m");
475 if (s->buffer_size < (size_t) v) {
479 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
480 b = realloc(s->buffer, l+1);
483 log_error("Couldn't increase buffer.");
492 iovec.iov_base = s->buffer;
493 iovec.iov_len = s->buffer_size;
497 msghdr.msg_iov = &iovec;
498 msghdr.msg_iovlen = 1;
499 msghdr.msg_control = &control;
500 msghdr.msg_controllen = sizeof(control);
502 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT);
505 if (errno == EINTR || errno == EAGAIN)
508 log_error("recvmsg() failed: %m");
512 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
514 if (cmsg->cmsg_level == SOL_SOCKET &&
515 cmsg->cmsg_type == SCM_CREDENTIALS &&
516 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
517 ucred = (struct ucred*) CMSG_DATA(cmsg);
518 else if (cmsg->cmsg_level == SOL_SOCKET &&
519 cmsg->cmsg_type == SO_TIMESTAMP &&
520 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
521 tv = (struct timeval*) CMSG_DATA(cmsg);
524 if (ev->data.fd == s->syslog_fd) {
527 e = memchr(s->buffer, '\n', n);
533 process_syslog_message(s, strstrip(s->buffer), ucred, tv);
535 process_native_message(s, s->buffer, n, ucred, tv);
541 log_error("Unknown event.");
545 static int system_journal_open(Server *s) {
551 r = sd_id128_get_machine(&machine);
555 /* First try to create the machine path, but not the prefix */
556 fn = strappend("/var/log/journal/", sd_id128_to_string(machine, ids));
559 (void) mkdir(fn, 0755);
562 /* The create the system journal file */
563 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
567 r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
571 fix_perms(s->system_journal, 0);
575 if (r < 0 && r != -ENOENT) {
576 log_error("Failed to open system journal: %s", strerror(-r));
580 /* /var didn't work, so try /run, but this time we
581 * create the prefix too */
582 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
586 (void) mkdir_parents(fn, 0755);
587 r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
591 log_error("Failed to open runtime journal: %s", strerror(-r));
595 fix_perms(s->runtime_journal, 0);
599 static int open_syslog_socket(Server *s) {
600 union sockaddr_union sa;
605 if (s->syslog_fd < 0) {
607 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
608 if (s->syslog_fd < 0) {
609 log_error("socket() failed: %m");
614 sa.un.sun_family = AF_UNIX;
615 strncpy(sa.un.sun_path, "/run/systemd/syslog", sizeof(sa.un.sun_path));
617 unlink(sa.un.sun_path);
619 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
621 log_error("bind() failed: %m");
625 chmod(sa.un.sun_path, 0666);
629 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
631 log_error("SO_PASSCRED failed: %m");
636 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
638 log_error("SO_TIMESTAMP failed: %m");
645 static int open_native_socket(Server*s) {
646 union sockaddr_union sa;
651 if (s->native_fd < 0) {
653 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
654 if (s->native_fd < 0) {
655 log_error("socket() failed: %m");
660 sa.un.sun_family = AF_UNIX;
661 strncpy(sa.un.sun_path, "/run/systemd/journal", sizeof(sa.un.sun_path));
663 unlink(sa.un.sun_path);
665 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
667 log_error("bind() failed: %m");
671 chmod(sa.un.sun_path, 0666);
675 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
677 log_error("SO_PASSCRED failed: %m");
682 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
684 log_error("SO_TIMESTAMP failed: %m");
691 static int server_init(Server *s) {
693 struct epoll_event ev;
699 s->syslog_fd = s->native_fd = s->signal_fd = -1;
701 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
702 if (s->epoll_fd < 0) {
703 log_error("Failed to create epoll object: %m");
707 n = sd_listen_fds(true);
709 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
713 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
715 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
717 if (s->syslog_fd >= 0) {
718 log_error("Too many /dev/log sockets passed.");
724 } else if (sd_is_socket(fd, AF_UNIX, SOCK_DGRAM, -1) > 0) {
726 if (s->native_fd >= 0) {
727 log_error("Too many native sockets passed.");
733 log_error("Unknown socket passed.");
738 r = open_syslog_socket(s);
744 ev.data.fd = s->syslog_fd;
745 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
746 log_error("Failed to add syslog server fd to epoll object: %m");
750 r = open_native_socket(s);
756 ev.data.fd = s->native_fd;
757 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
758 log_error("Failed to add native server fd to epoll object: %m");
762 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
763 if (!s->user_journals) {
764 log_error("Out of memory.");
768 r = system_journal_open(s);
772 assert_se(sigemptyset(&mask) == 0);
773 sigset_add_many(&mask, SIGINT, SIGTERM, -1);
774 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
776 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
777 if (s->signal_fd < 0) {
778 log_error("signalfd(): %m");
784 ev.data.fd = s->signal_fd;
786 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
787 log_error("epoll_ctl(): %m");
794 static void server_done(Server *s) {
798 if (s->system_journal)
799 journal_file_close(s->system_journal);
801 if (s->runtime_journal)
802 journal_file_close(s->runtime_journal);
804 while ((f = hashmap_steal_first(s->user_journals)))
805 journal_file_close(f);
807 hashmap_free(s->user_journals);
809 if (s->epoll_fd >= 0)
810 close_nointr_nofail(s->epoll_fd);
812 if (s->signal_fd >= 0)
813 close_nointr_nofail(s->signal_fd);
815 if (s->syslog_fd >= 0)
816 close_nointr_nofail(s->syslog_fd);
818 if (s->native_fd >= 0)
819 close_nointr_nofail(s->native_fd);
822 int main(int argc, char *argv[]) {
826 /* if (getppid() != 1) { */
827 /* log_error("This program should be invoked by init only."); */
828 /* return EXIT_FAILURE; */
832 log_error("This program does not take arguments.");
836 log_set_target(LOG_TARGET_CONSOLE);
837 log_parse_environment();
842 r = server_init(&server);
846 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
850 "STATUS=Processing messages...");
853 struct epoll_event event;
855 r = epoll_wait(server.epoll_fd, &event, 1, -1);
861 log_error("epoll_wait() failed: %m");
867 r = process_event(&server, &event);
876 "STATUS=Shutting down...");
878 server_done(&server);
880 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob