1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_UNIT_ID,
81 STDOUT_STREAM_PRIORITY,
82 STDOUT_STREAM_LEVEL_PREFIX,
83 STDOUT_STREAM_FORWARD_TO_SYSLOG,
84 STDOUT_STREAM_FORWARD_TO_KMSG,
85 STDOUT_STREAM_FORWARD_TO_CONSOLE,
91 StdoutStreamState state;
97 security_context_t security_context;
104 bool forward_to_syslog:1;
105 bool forward_to_kmsg:1;
106 bool forward_to_console:1;
108 char buffer[LINE_MAX+1];
111 LIST_FIELDS(StdoutStream, stdout_stream);
114 static int server_flush_to_var(Server *s);
116 static uint64_t available_space(Server *s) {
121 uint64_t sum = 0, avail = 0, ss_avail = 0;
127 ts = now(CLOCK_MONOTONIC);
129 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
130 return s->cached_available_space;
132 r = sd_id128_get_machine(&machine);
136 if (s->system_journal) {
137 f = "/var/log/journal/";
138 m = &s->system_metrics;
140 f = "/run/log/journal/";
141 m = &s->runtime_metrics;
146 p = strappend(f, sd_id128_to_string(machine, ids));
156 if (fstatvfs(dirfd(d), &ss) < 0)
161 struct dirent buf, *de;
163 r = readdir_r(d, &buf, &de);
170 if (!endswith(de->d_name, ".journal") &&
171 !endswith(de->d_name, ".journal~"))
174 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
177 if (!S_ISREG(st.st_mode))
180 sum += (uint64_t) st.st_blocks * 512UL;
183 avail = sum >= m->max_use ? 0 : m->max_use - sum;
185 ss_avail = ss.f_bsize * ss.f_bavail;
187 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
189 if (ss_avail < avail)
192 s->cached_available_space = avail;
193 s->cached_available_space_timestamp = ts;
201 static void server_read_file_gid(Server *s) {
202 const char *adm = "adm";
207 if (s->file_gid_valid)
210 r = get_group_creds(&adm, &s->file_gid);
212 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
214 /* if we couldn't read the gid, then it will be 0, but that's
215 * fine and we shouldn't try to resolve the group again, so
216 * let's just pretend it worked right-away. */
217 s->file_gid_valid = true;
220 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
225 acl_permset_t permset;
230 server_read_file_gid(s);
232 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
234 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
240 acl = acl_get_fd(f->fd);
242 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
246 r = acl_find_uid(acl, uid, &entry);
249 if (acl_create_entry(&acl, &entry) < 0 ||
250 acl_set_tag_type(entry, ACL_USER) < 0 ||
251 acl_set_qualifier(entry, &uid) < 0) {
252 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
257 if (acl_get_permset(entry, &permset) < 0 ||
258 acl_add_perm(permset, ACL_READ) < 0 ||
259 acl_calc_mask(&acl) < 0) {
260 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
264 if (acl_set_fd(f->fd, acl) < 0)
265 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
272 static JournalFile* find_journal(Server *s, uid_t uid) {
281 /* We split up user logs only on /var, not on /run. If the
282 * runtime file is open, we write to it exclusively, in order
283 * to guarantee proper order as soon as we flush /run to
284 * /var and close the runtime file. */
286 if (s->runtime_journal)
287 return s->runtime_journal;
290 return s->system_journal;
292 r = sd_id128_get_machine(&machine);
294 return s->system_journal;
296 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
300 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
301 return s->system_journal;
303 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
304 /* Too many open? Then let's close one */
305 f = hashmap_steal_first(s->user_journals);
307 journal_file_close(f);
310 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
314 return s->system_journal;
316 server_fix_perms(s, f, uid);
318 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
320 journal_file_close(f);
321 return s->system_journal;
327 static void server_rotate(Server *s) {
333 log_info("Rotating...");
335 if (s->runtime_journal) {
336 r = journal_file_rotate(&s->runtime_journal);
338 if (s->runtime_journal)
339 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
341 log_error("Failed to create new runtime journal: %s", strerror(-r));
343 server_fix_perms(s, s->runtime_journal, 0);
346 if (s->system_journal) {
347 r = journal_file_rotate(&s->system_journal);
349 if (s->system_journal)
350 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
352 log_error("Failed to create new system journal: %s", strerror(-r));
355 server_fix_perms(s, s->system_journal, 0);
358 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
359 r = journal_file_rotate(&f);
362 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
364 log_error("Failed to create user journal: %s", strerror(-r));
366 hashmap_replace(s->user_journals, k, f);
367 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
372 static void server_vacuum(Server *s) {
378 log_info("Vacuuming...");
380 r = sd_id128_get_machine(&machine);
382 log_error("Failed to get machine ID: %s", strerror(-r));
386 sd_id128_to_string(machine, ids);
388 if (s->system_journal) {
389 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
390 log_error("Out of memory.");
394 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
395 if (r < 0 && r != -ENOENT)
396 log_error("Failed to vacuum %s: %s", p, strerror(-r));
401 if (s->runtime_journal) {
402 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
403 log_error("Out of memory.");
407 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
408 if (r < 0 && r != -ENOENT)
409 log_error("Failed to vacuum %s: %s", p, strerror(-r));
413 s->cached_available_space_timestamp = 0;
416 static char *shortened_cgroup_path(pid_t pid) {
418 char *process_path, *init_path, *path;
422 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
426 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
432 if (endswith(init_path, "/system"))
433 init_path[strlen(init_path) - 7] = 0;
434 else if (streq(init_path, "/"))
437 if (startswith(process_path, init_path)) {
440 p = strdup(process_path + strlen(init_path));
458 static void dispatch_message_real(
460 struct iovec *iovec, unsigned n, unsigned m,
463 const char *label, size_t label_len, const char *unit_id) {
465 char *pid = NULL, *uid = NULL, *gid = NULL,
466 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
467 *comm = NULL, *cmdline = NULL, *hostname = NULL,
468 *audit_session = NULL, *audit_loginuid = NULL,
469 *exe = NULL, *cgroup = NULL, *session = NULL,
470 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
476 uid_t loginuid = 0, realuid = 0;
478 bool vacuumed = false;
483 assert(n + N_IOVEC_META_FIELDS <= m);
491 realuid = ucred->uid;
493 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
494 IOVEC_SET_STRING(iovec[n++], pid);
496 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
497 IOVEC_SET_STRING(iovec[n++], uid);
499 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
500 IOVEC_SET_STRING(iovec[n++], gid);
502 r = get_process_comm(ucred->pid, &t);
504 comm = strappend("_COMM=", t);
508 IOVEC_SET_STRING(iovec[n++], comm);
511 r = get_process_exe(ucred->pid, &t);
513 exe = strappend("_EXE=", t);
517 IOVEC_SET_STRING(iovec[n++], exe);
520 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
522 cmdline = strappend("_CMDLINE=", t);
526 IOVEC_SET_STRING(iovec[n++], cmdline);
529 r = audit_session_from_pid(ucred->pid, &audit);
531 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
532 IOVEC_SET_STRING(iovec[n++], audit_session);
534 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
536 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
537 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
539 t = shortened_cgroup_path(ucred->pid);
541 cgroup = strappend("_SYSTEMD_CGROUP=", t);
545 IOVEC_SET_STRING(iovec[n++], cgroup);
549 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
550 session = strappend("_SYSTEMD_SESSION=", t);
554 IOVEC_SET_STRING(iovec[n++], session);
557 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
558 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
559 IOVEC_SET_STRING(iovec[n++], owner_uid);
562 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
563 unit = strappend("_SYSTEMD_UNIT=", t);
566 unit = strappend("_SYSTEMD_UNIT=", unit_id);
569 IOVEC_SET_STRING(iovec[n++], unit);
573 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
574 if (selinux_context) {
575 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
576 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
577 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
578 IOVEC_SET_STRING(iovec[n++], selinux_context);
581 security_context_t con;
583 if (getpidcon(ucred->pid, &con) >= 0) {
584 selinux_context = strappend("_SELINUX_CONTEXT=", con);
586 IOVEC_SET_STRING(iovec[n++], selinux_context);
595 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
596 (unsigned long long) timeval_load(tv)) >= 0)
597 IOVEC_SET_STRING(iovec[n++], source_time);
600 /* Note that strictly speaking storing the boot id here is
601 * redundant since the entry includes this in-line
602 * anyway. However, we need this indexed, too. */
603 r = sd_id128_get_boot(&id);
605 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
606 IOVEC_SET_STRING(iovec[n++], boot_id);
608 r = sd_id128_get_machine(&id);
610 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
611 IOVEC_SET_STRING(iovec[n++], machine_id);
613 t = gethostname_malloc();
615 hostname = strappend("_HOSTNAME=", t);
618 IOVEC_SET_STRING(iovec[n++], hostname);
623 server_flush_to_var(s);
626 f = find_journal(s, realuid == 0 ? 0 : loginuid);
628 log_warning("Dropping message, as we can't find a place to store the data.");
630 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
632 if ((r == -E2BIG || /* hit limit */
633 r == -EFBIG || /* hit fs limit */
634 r == -EDQUOT || /* quota hit */
635 r == -ENOSPC || /* disk full */
636 r == -EBADMSG || /* corrupted */
637 r == -ENODATA || /* truncated */
638 r == -EHOSTDOWN || /* other machine */
639 r == -EPROTONOSUPPORT) && /* unsupported feature */
643 log_info("Allocation limit reached, rotating.");
645 log_warning("Journal file corrupted, rotating.");
651 log_info("Retrying write.");
656 log_error("Failed to write entry, ignoring: %s", strerror(-r));
670 free(audit_loginuid);
675 free(selinux_context);
678 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
679 char mid[11 + 32 + 1];
680 char buffer[16 + LINE_MAX + 1];
681 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
689 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
690 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
692 memcpy(buffer, "MESSAGE=", 8);
693 va_start(ap, format);
694 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
696 char_array_0(buffer);
697 IOVEC_SET_STRING(iovec[n++], buffer);
699 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
701 IOVEC_SET_STRING(iovec[n++], mid);
704 ucred.pid = getpid();
705 ucred.uid = getuid();
706 ucred.gid = getgid();
708 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
711 static void dispatch_message(Server *s,
712 struct iovec *iovec, unsigned n, unsigned m,
715 const char *label, size_t label_len,
719 char *path = NULL, *c;
722 assert(iovec || n == 0);
727 if (LOG_PRI(priority) > s->max_level_store)
733 path = shortened_cgroup_path(ucred->pid);
737 /* example: /user/lennart/3/foobar
738 * /system/dbus.service/foobar
740 * So let's cut of everything past the third /, since that is
741 * wher user directories start */
743 c = strchr(path, '/');
745 c = strchr(c+1, '/');
747 c = strchr(c+1, '/');
753 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
760 /* Write a suppression message if we suppressed something */
762 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
767 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
770 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
771 struct msghdr msghdr;
772 struct cmsghdr *cmsg;
774 struct cmsghdr cmsghdr;
775 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
777 union sockaddr_union sa;
784 msghdr.msg_iov = (struct iovec*) iovec;
785 msghdr.msg_iovlen = n_iovec;
788 sa.un.sun_family = AF_UNIX;
789 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
790 msghdr.msg_name = &sa;
791 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
795 msghdr.msg_control = &control;
796 msghdr.msg_controllen = sizeof(control);
798 cmsg = CMSG_FIRSTHDR(&msghdr);
799 cmsg->cmsg_level = SOL_SOCKET;
800 cmsg->cmsg_type = SCM_CREDENTIALS;
801 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
802 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
803 msghdr.msg_controllen = cmsg->cmsg_len;
806 /* Forward the syslog message we received via /dev/log to
807 * /run/systemd/syslog. Unfortunately we currently can't set
808 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
810 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
813 /* The socket is full? I guess the syslog implementation is
814 * too slow, and we shouldn't wait for that... */
818 if (ucred && errno == ESRCH) {
821 /* Hmm, presumably the sender process vanished
822 * by now, so let's fix it as good as we
827 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
829 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
836 log_debug("Failed to forward syslog message: %m");
839 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
845 if (LOG_PRI(priority) > s->max_level_syslog)
848 IOVEC_SET_STRING(iovec, buffer);
849 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
852 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
853 struct iovec iovec[5];
854 char header_priority[6], header_time[64], header_pid[16];
858 char *ident_buf = NULL;
861 assert(priority >= 0);
862 assert(priority <= 999);
865 if (LOG_PRI(priority) > s->max_level_syslog)
868 /* First: priority field */
869 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
870 char_array_0(header_priority);
871 IOVEC_SET_STRING(iovec[n++], header_priority);
873 /* Second: timestamp */
874 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
878 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
880 IOVEC_SET_STRING(iovec[n++], header_time);
882 /* Third: identifier and PID */
885 get_process_comm(ucred->pid, &ident_buf);
886 identifier = ident_buf;
889 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
890 char_array_0(header_pid);
893 IOVEC_SET_STRING(iovec[n++], identifier);
895 IOVEC_SET_STRING(iovec[n++], header_pid);
896 } else if (identifier) {
897 IOVEC_SET_STRING(iovec[n++], identifier);
898 IOVEC_SET_STRING(iovec[n++], ": ");
901 /* Fourth: message */
902 IOVEC_SET_STRING(iovec[n++], message);
904 forward_syslog_iovec(s, iovec, n, ucred, tv);
909 static int fixup_priority(int priority) {
911 if ((priority & LOG_FACMASK) == 0)
912 return (priority & LOG_PRIMASK) | LOG_USER;
917 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
918 struct iovec iovec[5];
919 char header_priority[6], header_pid[16];
921 char *ident_buf = NULL;
925 assert(priority >= 0);
926 assert(priority <= 999);
929 if (LOG_PRI(priority) > s->max_level_kmsg)
932 /* Never allow messages with kernel facility to be written to
933 * kmsg, regardless where the data comes from. */
934 priority = fixup_priority(priority);
936 /* First: priority field */
937 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
938 char_array_0(header_priority);
939 IOVEC_SET_STRING(iovec[n++], header_priority);
941 /* Second: identifier and PID */
944 get_process_comm(ucred->pid, &ident_buf);
945 identifier = ident_buf;
948 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
949 char_array_0(header_pid);
952 IOVEC_SET_STRING(iovec[n++], identifier);
954 IOVEC_SET_STRING(iovec[n++], header_pid);
955 } else if (identifier) {
956 IOVEC_SET_STRING(iovec[n++], identifier);
957 IOVEC_SET_STRING(iovec[n++], ": ");
960 /* Fourth: message */
961 IOVEC_SET_STRING(iovec[n++], message);
962 IOVEC_SET_STRING(iovec[n++], "\n");
964 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
966 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
970 if (writev(fd, iovec, n) < 0)
971 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
973 close_nointr_nofail(fd);
979 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
980 struct iovec iovec[4];
983 char *ident_buf = NULL;
989 if (LOG_PRI(priority) > s->max_level_console)
992 /* First: identifier and PID */
995 get_process_comm(ucred->pid, &ident_buf);
996 identifier = ident_buf;
999 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1000 char_array_0(header_pid);
1003 IOVEC_SET_STRING(iovec[n++], identifier);
1005 IOVEC_SET_STRING(iovec[n++], header_pid);
1006 } else if (identifier) {
1007 IOVEC_SET_STRING(iovec[n++], identifier);
1008 IOVEC_SET_STRING(iovec[n++], ": ");
1011 /* Third: message */
1012 IOVEC_SET_STRING(iovec[n++], message);
1013 IOVEC_SET_STRING(iovec[n++], "\n");
1015 tty = s->tty_path ? s->tty_path : "/dev/console";
1017 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1019 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1023 if (writev(fd, iovec, n) < 0)
1024 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1026 close_nointr_nofail(fd);
1032 static void read_identifier(const char **buf, char **identifier, char **pid) {
1043 p += strspn(p, WHITESPACE);
1044 l = strcspn(p, WHITESPACE);
1053 if (p[l-1] == ']') {
1059 t = strndup(p+k+1, l-k-2);
1079 *buf += strspn(*buf, WHITESPACE);
1082 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1083 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1084 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1086 int priority = LOG_USER | LOG_INFO;
1087 char *identifier = NULL, *pid = NULL;
1094 parse_syslog_priority((char**) &buf, &priority);
1096 if (s->forward_to_syslog)
1097 forward_syslog_raw(s, priority, orig, ucred, tv);
1099 skip_syslog_date((char**) &buf);
1100 read_identifier(&buf, &identifier, &pid);
1102 if (s->forward_to_kmsg)
1103 forward_kmsg(s, priority, identifier, buf, ucred);
1105 if (s->forward_to_console)
1106 forward_console(s, priority, identifier, buf, ucred);
1108 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1110 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1111 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1113 if (priority & LOG_FACMASK)
1114 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1115 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1118 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1119 if (syslog_identifier)
1120 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1124 syslog_pid = strappend("SYSLOG_PID=", pid);
1126 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1129 message = strappend("MESSAGE=", buf);
1131 IOVEC_SET_STRING(iovec[n++], message);
1133 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1138 free(syslog_priority);
1139 free(syslog_facility);
1140 free(syslog_identifier);
1143 static bool valid_user_field(const char *p, size_t l) {
1146 /* We kinda enforce POSIX syntax recommendations for
1147 environment variables here, but make a couple of additional
1150 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1152 /* No empty field names */
1156 /* Don't allow names longer than 64 chars */
1160 /* Variables starting with an underscore are protected */
1164 /* Don't allow digits as first character */
1165 if (p[0] >= '0' && p[0] <= '9')
1168 /* Only allow A-Z0-9 and '_' */
1169 for (a = p; a < p + l; a++)
1170 if (!((*a >= 'A' && *a <= 'Z') ||
1171 (*a >= '0' && *a <= '9') ||
1178 static void process_native_message(
1180 const void *buffer, size_t buffer_size,
1181 struct ucred *ucred,
1183 const char *label, size_t label_len) {
1185 struct iovec *iovec = NULL;
1186 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1189 int priority = LOG_INFO;
1190 char *identifier = NULL, *message = NULL;
1193 assert(buffer || buffer_size == 0);
1196 remaining = buffer_size;
1198 while (remaining > 0) {
1201 e = memchr(p, '\n', remaining);
1204 /* Trailing noise, let's ignore it, and flush what we collected */
1205 log_debug("Received message with trailing noise, ignoring.");
1210 /* Entry separator */
1211 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1213 priority = LOG_INFO;
1220 if (*p == '.' || *p == '#') {
1221 /* Ignore control commands for now, and
1223 remaining -= (e - p) + 1;
1228 /* A property follows */
1230 if (n+N_IOVEC_META_FIELDS >= m) {
1234 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1235 c = realloc(iovec, u * sizeof(struct iovec));
1237 log_error("Out of memory");
1245 q = memchr(p, '=', e - p);
1247 if (valid_user_field(p, q - p)) {
1252 /* If the field name starts with an
1253 * underscore, skip the variable,
1254 * since that indidates a trusted
1256 iovec[n].iov_base = (char*) p;
1257 iovec[n].iov_len = l;
1260 /* We need to determine the priority
1261 * of this entry for the rate limiting
1264 memcmp(p, "PRIORITY=", 9) == 0 &&
1265 p[9] >= '0' && p[9] <= '9')
1266 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1269 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1270 p[16] >= '0' && p[16] <= '9')
1271 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1274 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1275 p[16] >= '0' && p[16] <= '9' &&
1276 p[17] >= '0' && p[17] <= '9')
1277 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1280 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1283 t = strndup(p + 18, l - 18);
1288 } else if (l >= 8 &&
1289 memcmp(p, "MESSAGE=", 8) == 0) {
1292 t = strndup(p + 8, l - 8);
1300 remaining -= (e - p) + 1;
1308 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1309 log_debug("Failed to parse message, ignoring.");
1313 memcpy(&l_le, e + 1, sizeof(uint64_t));
1316 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1317 e[1+sizeof(uint64_t)+l] != '\n') {
1318 log_debug("Failed to parse message, ignoring.");
1322 k = malloc((e - p) + 1 + l);
1324 log_error("Out of memory");
1328 memcpy(k, p, e - p);
1330 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1332 if (valid_user_field(p, e - p)) {
1333 iovec[n].iov_base = k;
1334 iovec[n].iov_len = (e - p) + 1 + l;
1339 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1340 p = e + 1 + sizeof(uint64_t) + l + 1;
1348 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1351 if (s->forward_to_syslog)
1352 forward_syslog(s, priority, identifier, message, ucred, tv);
1354 if (s->forward_to_kmsg)
1355 forward_kmsg(s, priority, identifier, message, ucred);
1357 if (s->forward_to_console)
1358 forward_console(s, priority, identifier, message, ucred);
1361 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1364 for (j = 0; j < n; j++) {
1368 if (iovec[j].iov_base < buffer ||
1369 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1370 free(iovec[j].iov_base);
1378 static void process_native_file(
1381 struct ucred *ucred,
1383 const char *label, size_t label_len) {
1392 /* Data is in the passed file, since it didn't fit in a
1393 * datagram. We can't map the file here, since clients might
1394 * then truncate it and trigger a SIGBUS for us. So let's
1395 * stupidly read it */
1397 if (fstat(fd, &st) < 0) {
1398 log_error("Failed to stat passed file, ignoring: %m");
1402 if (!S_ISREG(st.st_mode)) {
1403 log_error("File passed is not regular. Ignoring.");
1407 if (st.st_size <= 0)
1410 if (st.st_size > ENTRY_SIZE_MAX) {
1411 log_error("File passed too large. Ignoring.");
1415 p = malloc(st.st_size);
1417 log_error("Out of memory");
1421 n = pread(fd, p, st.st_size, 0);
1423 log_error("Failed to read file, ignoring: %s", strerror(-n));
1425 process_native_message(s, p, n, ucred, tv, label, label_len);
1430 static int stdout_stream_log(StdoutStream *s, const char *p) {
1431 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1432 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1436 size_t label_len = 0;
1444 priority = s->priority;
1446 if (s->level_prefix)
1447 parse_syslog_priority((char**) &p, &priority);
1449 if (s->forward_to_syslog || s->server->forward_to_syslog)
1450 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1452 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1453 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1455 if (s->forward_to_console || s->server->forward_to_console)
1456 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1458 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1460 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1461 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1463 if (priority & LOG_FACMASK)
1464 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1465 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1467 if (s->identifier) {
1468 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1469 if (syslog_identifier)
1470 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1473 message = strappend("MESSAGE=", p);
1475 IOVEC_SET_STRING(iovec[n++], message);
1478 if (s->security_context) {
1479 label = (char*) s->security_context;
1480 label_len = strlen((char*) s->security_context);
1484 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1487 free(syslog_priority);
1488 free(syslog_facility);
1489 free(syslog_identifier);
1494 static int stdout_stream_line(StdoutStream *s, char *p) {
1504 case STDOUT_STREAM_IDENTIFIER:
1506 s->identifier = NULL;
1508 s->identifier = strdup(p);
1509 if (!s->identifier) {
1510 log_error("Out of memory");
1515 s->state = STDOUT_STREAM_UNIT_ID;
1518 case STDOUT_STREAM_UNIT_ID:
1519 if (s->ucred.uid == 0) {
1523 s->unit_id = strdup(p);
1525 log_error("Out of memory");
1531 s->state = STDOUT_STREAM_PRIORITY;
1534 case STDOUT_STREAM_PRIORITY:
1535 r = safe_atoi(p, &s->priority);
1536 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1537 log_warning("Failed to parse log priority line.");
1541 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1544 case STDOUT_STREAM_LEVEL_PREFIX:
1545 r = parse_boolean(p);
1547 log_warning("Failed to parse level prefix line.");
1551 s->level_prefix = !!r;
1552 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1555 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1556 r = parse_boolean(p);
1558 log_warning("Failed to parse forward to syslog line.");
1562 s->forward_to_syslog = !!r;
1563 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1566 case STDOUT_STREAM_FORWARD_TO_KMSG:
1567 r = parse_boolean(p);
1569 log_warning("Failed to parse copy to kmsg line.");
1573 s->forward_to_kmsg = !!r;
1574 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1577 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1578 r = parse_boolean(p);
1580 log_warning("Failed to parse copy to console line.");
1584 s->forward_to_console = !!r;
1585 s->state = STDOUT_STREAM_RUNNING;
1588 case STDOUT_STREAM_RUNNING:
1589 return stdout_stream_log(s, p);
1592 assert_not_reached("Unknown stream state");
1595 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1603 remaining = s->length;
1608 end = memchr(p, '\n', remaining);
1611 else if (remaining >= sizeof(s->buffer) - 1) {
1612 end = p + sizeof(s->buffer) - 1;
1619 r = stdout_stream_line(s, p);
1627 if (force_flush && remaining > 0) {
1629 r = stdout_stream_line(s, p);
1637 if (p > s->buffer) {
1638 memmove(s->buffer, p, remaining);
1639 s->length = remaining;
1645 static int stdout_stream_process(StdoutStream *s) {
1651 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1654 if (errno == EAGAIN)
1657 log_warning("Failed to read from stream: %m");
1662 r = stdout_stream_scan(s, true);
1670 r = stdout_stream_scan(s, false);
1678 static void stdout_stream_free(StdoutStream *s) {
1682 assert(s->server->n_stdout_streams > 0);
1683 s->server->n_stdout_streams --;
1684 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1689 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1691 close_nointr_nofail(s->fd);
1695 if (s->security_context)
1696 freecon(s->security_context);
1699 free(s->identifier);
1703 static int stdout_stream_new(Server *s) {
1704 StdoutStream *stream;
1707 struct epoll_event ev;
1711 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1713 if (errno == EAGAIN)
1716 log_error("Failed to accept stdout connection: %m");
1720 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1721 log_warning("Too many stdout streams, refusing connection.");
1722 close_nointr_nofail(fd);
1726 stream = new0(StdoutStream, 1);
1728 log_error("Out of memory.");
1729 close_nointr_nofail(fd);
1735 len = sizeof(stream->ucred);
1736 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1737 log_error("Failed to determine peer credentials: %m");
1743 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1744 log_error("Failed to determine peer security context: %m");
1747 if (shutdown(fd, SHUT_WR) < 0) {
1748 log_error("Failed to shutdown writing side of socket: %m");
1754 ev.data.ptr = stream;
1755 ev.events = EPOLLIN;
1756 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1757 log_error("Failed to add stream to event loop: %m");
1763 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1764 s->n_stdout_streams ++;
1769 stdout_stream_free(stream);
1773 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1784 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1789 for (i = 1; i <= 5; i++) {
1795 k = undecchar(p[i]);
1802 for (i = 7; i <= 12; i++) {
1805 k = undecchar(p[i]);
1814 *_p += strspn(*_p, WHITESPACE);
1819 static bool is_us(const char *pid) {
1824 if (parse_pid(pid, &t) < 0)
1827 return t == getpid();
1830 static void proc_kmsg_line(Server *s, const char *p) {
1831 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1832 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1833 int priority = LOG_KERN | LOG_INFO;
1836 char *identifier = NULL, *pid = NULL;
1844 parse_syslog_priority((char **) &p, &priority);
1846 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1849 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1850 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1851 (unsigned long long) usec) >= 0)
1852 IOVEC_SET_STRING(iovec[n++], source_time);
1855 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1857 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1858 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1860 if ((priority & LOG_FACMASK) == LOG_KERN) {
1862 if (s->forward_to_syslog)
1863 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1865 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1867 read_identifier(&p, &identifier, &pid);
1869 /* Avoid any messages we generated ourselves via
1870 * log_info() and friends. */
1871 if (pid && is_us(pid))
1874 if (s->forward_to_syslog)
1875 forward_syslog(s, priority, identifier, p, NULL, NULL);
1878 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1879 if (syslog_identifier)
1880 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1884 syslog_pid = strappend("SYSLOG_PID=", pid);
1886 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1889 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1890 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1893 message = strappend("MESSAGE=", p);
1895 IOVEC_SET_STRING(iovec[n++], message);
1897 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1901 free(syslog_priority);
1902 free(syslog_identifier);
1904 free(syslog_facility);
1910 static void proc_kmsg_scan(Server *s) {
1916 p = s->proc_kmsg_buffer;
1917 remaining = s->proc_kmsg_length;
1922 end = memchr(p, '\n', remaining);
1925 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1926 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1933 proc_kmsg_line(s, p);
1939 if (p > s->proc_kmsg_buffer) {
1940 memmove(s->proc_kmsg_buffer, p, remaining);
1941 s->proc_kmsg_length = remaining;
1945 static int system_journal_open(Server *s) {
1951 r = sd_id128_get_machine(&machine);
1955 sd_id128_to_string(machine, ids);
1957 if (!s->system_journal) {
1959 /* First try to create the machine path, but not the prefix */
1960 fn = strappend("/var/log/journal/", ids);
1963 (void) mkdir(fn, 0755);
1966 /* The create the system journal file */
1967 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1971 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1975 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1977 s->system_journal->metrics = s->system_metrics;
1978 s->system_journal->compress = s->compress;
1980 server_fix_perms(s, s->system_journal, 0);
1983 if (r != -ENOENT && r != -EROFS)
1984 log_warning("Failed to open system journal: %s", strerror(-r));
1990 if (!s->runtime_journal) {
1992 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1996 if (s->system_journal) {
1998 /* Try to open the runtime journal, but only
1999 * if it already exists, so that we can flush
2000 * it into the system journal */
2002 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
2007 log_warning("Failed to open runtime journal: %s", strerror(-r));
2014 /* OK, we really need the runtime journal, so create
2015 * it if necessary. */
2017 (void) mkdir_parents_label(fn, 0755);
2018 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2022 log_error("Failed to open runtime journal: %s", strerror(-r));
2027 if (s->runtime_journal) {
2028 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2030 s->runtime_journal->metrics = s->runtime_metrics;
2031 s->runtime_journal->compress = s->compress;
2033 server_fix_perms(s, s->runtime_journal, 0);
2040 static int server_flush_to_var(Server *s) {
2041 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2050 if (!s->runtime_journal)
2053 ts = now(CLOCK_MONOTONIC);
2054 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2057 s->var_available_timestamp = ts;
2059 system_journal_open(s);
2061 if (!s->system_journal)
2064 log_info("Flushing to /var...");
2066 r = sd_id128_get_machine(&machine);
2068 log_error("Failed to get machine id: %s", strerror(-r));
2072 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2074 log_error("Failed to read runtime journal: %s", strerror(-r));
2078 SD_JOURNAL_FOREACH(j) {
2081 f = j->current_file;
2082 assert(f && f->current_offset > 0);
2084 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2086 log_error("Can't read entry: %s", strerror(-r));
2090 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2092 log_info("Allocation limit reached.");
2094 journal_file_post_change(s->system_journal);
2098 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2102 log_error("Can't write entry: %s", strerror(-r));
2108 journal_file_post_change(s->system_journal);
2110 journal_file_close(s->runtime_journal);
2111 s->runtime_journal = NULL;
2114 sd_id128_to_string(machine, path + 17);
2115 rm_rf(path, false, true, false);
2121 static int server_read_proc_kmsg(Server *s) {
2124 assert(s->proc_kmsg_fd >= 0);
2126 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2129 if (errno == EAGAIN || errno == EINTR)
2132 log_error("Failed to read from kernel: %m");
2136 s->proc_kmsg_length += l;
2142 static int server_flush_proc_kmsg(Server *s) {
2147 if (s->proc_kmsg_fd < 0)
2150 log_info("Flushing /proc/kmsg...");
2153 r = server_read_proc_kmsg(s);
2164 static int process_event(Server *s, struct epoll_event *ev) {
2168 if (ev->data.fd == s->signal_fd) {
2169 struct signalfd_siginfo sfsi;
2172 if (ev->events != EPOLLIN) {
2173 log_info("Got invalid event from epoll.");
2177 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2178 if (n != sizeof(sfsi)) {
2183 if (errno == EINTR || errno == EAGAIN)
2189 if (sfsi.ssi_signo == SIGUSR1) {
2190 server_flush_to_var(s);
2194 if (sfsi.ssi_signo == SIGUSR2) {
2200 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2203 } else if (ev->data.fd == s->proc_kmsg_fd) {
2206 if (ev->events != EPOLLIN) {
2207 log_info("Got invalid event from epoll.");
2211 r = server_read_proc_kmsg(s);
2217 } else if (ev->data.fd == s->native_fd ||
2218 ev->data.fd == s->syslog_fd) {
2220 if (ev->events != EPOLLIN) {
2221 log_info("Got invalid event from epoll.");
2226 struct msghdr msghdr;
2228 struct ucred *ucred = NULL;
2229 struct timeval *tv = NULL;
2230 struct cmsghdr *cmsg;
2232 size_t label_len = 0;
2234 struct cmsghdr cmsghdr;
2236 /* We use NAME_MAX space for the
2237 * SELinux label here. The kernel
2238 * currently enforces no limit, but
2239 * according to suggestions from the
2240 * SELinux people this will change and
2241 * it will probably be identical to
2242 * NAME_MAX. For now we use that, but
2243 * this should be updated one day when
2244 * the final limit is known.*/
2245 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2246 CMSG_SPACE(sizeof(struct timeval)) +
2247 CMSG_SPACE(sizeof(int)) + /* fd */
2248 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2255 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2256 log_error("SIOCINQ failed: %m");
2260 if (s->buffer_size < (size_t) v) {
2264 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2265 b = realloc(s->buffer, l+1);
2268 log_error("Couldn't increase buffer.");
2277 iovec.iov_base = s->buffer;
2278 iovec.iov_len = s->buffer_size;
2282 msghdr.msg_iov = &iovec;
2283 msghdr.msg_iovlen = 1;
2284 msghdr.msg_control = &control;
2285 msghdr.msg_controllen = sizeof(control);
2287 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2290 if (errno == EINTR || errno == EAGAIN)
2293 log_error("recvmsg() failed: %m");
2297 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2299 if (cmsg->cmsg_level == SOL_SOCKET &&
2300 cmsg->cmsg_type == SCM_CREDENTIALS &&
2301 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2302 ucred = (struct ucred*) CMSG_DATA(cmsg);
2303 else if (cmsg->cmsg_level == SOL_SOCKET &&
2304 cmsg->cmsg_type == SCM_SECURITY) {
2305 label = (char*) CMSG_DATA(cmsg);
2306 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2307 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2308 cmsg->cmsg_type == SO_TIMESTAMP &&
2309 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2310 tv = (struct timeval*) CMSG_DATA(cmsg);
2311 else if (cmsg->cmsg_level == SOL_SOCKET &&
2312 cmsg->cmsg_type == SCM_RIGHTS) {
2313 fds = (int*) CMSG_DATA(cmsg);
2314 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2318 if (ev->data.fd == s->syslog_fd) {
2321 if (n > 0 && n_fds == 0) {
2322 e = memchr(s->buffer, '\n', n);
2328 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2329 } else if (n_fds > 0)
2330 log_warning("Got file descriptors via syslog socket. Ignoring.");
2333 if (n > 0 && n_fds == 0)
2334 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2335 else if (n == 0 && n_fds == 1)
2336 process_native_file(s, fds[0], ucred, tv, label, label_len);
2338 log_warning("Got too many file descriptors via native socket. Ignoring.");
2341 close_many(fds, n_fds);
2346 } else if (ev->data.fd == s->stdout_fd) {
2348 if (ev->events != EPOLLIN) {
2349 log_info("Got invalid event from epoll.");
2353 stdout_stream_new(s);
2357 StdoutStream *stream;
2359 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2360 log_info("Got invalid event from epoll.");
2364 /* If it is none of the well-known fds, it must be an
2365 * stdout stream fd. Note that this is a bit ugly here
2366 * (since we rely that none of the well-known fds
2367 * could be interpreted as pointer), but nonetheless
2368 * safe, since the well-known fds would never get an
2369 * fd > 4096, i.e. beyond the first memory page */
2371 stream = ev->data.ptr;
2373 if (stdout_stream_process(stream) <= 0)
2374 stdout_stream_free(stream);
2379 log_error("Unknown event.");
2383 static int open_syslog_socket(Server *s) {
2384 union sockaddr_union sa;
2386 struct epoll_event ev;
2390 if (s->syslog_fd < 0) {
2392 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2393 if (s->syslog_fd < 0) {
2394 log_error("socket() failed: %m");
2399 sa.un.sun_family = AF_UNIX;
2400 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2402 unlink(sa.un.sun_path);
2404 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2406 log_error("bind() failed: %m");
2410 chmod(sa.un.sun_path, 0666);
2412 fd_nonblock(s->syslog_fd, 1);
2415 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2417 log_error("SO_PASSCRED failed: %m");
2423 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2425 log_warning("SO_PASSSEC failed: %m");
2429 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2431 log_error("SO_TIMESTAMP failed: %m");
2436 ev.events = EPOLLIN;
2437 ev.data.fd = s->syslog_fd;
2438 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2439 log_error("Failed to add syslog server fd to epoll object: %m");
2446 static int open_native_socket(Server*s) {
2447 union sockaddr_union sa;
2449 struct epoll_event ev;
2453 if (s->native_fd < 0) {
2455 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2456 if (s->native_fd < 0) {
2457 log_error("socket() failed: %m");
2462 sa.un.sun_family = AF_UNIX;
2463 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2465 unlink(sa.un.sun_path);
2467 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2469 log_error("bind() failed: %m");
2473 chmod(sa.un.sun_path, 0666);
2475 fd_nonblock(s->native_fd, 1);
2478 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2480 log_error("SO_PASSCRED failed: %m");
2486 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2488 log_warning("SO_PASSSEC failed: %m");
2492 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2494 log_error("SO_TIMESTAMP failed: %m");
2499 ev.events = EPOLLIN;
2500 ev.data.fd = s->native_fd;
2501 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2502 log_error("Failed to add native server fd to epoll object: %m");
2509 static int open_stdout_socket(Server *s) {
2510 union sockaddr_union sa;
2512 struct epoll_event ev;
2516 if (s->stdout_fd < 0) {
2518 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2519 if (s->stdout_fd < 0) {
2520 log_error("socket() failed: %m");
2525 sa.un.sun_family = AF_UNIX;
2526 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2528 unlink(sa.un.sun_path);
2530 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2532 log_error("bind() failed: %m");
2536 chmod(sa.un.sun_path, 0666);
2538 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2539 log_error("liste() failed: %m");
2543 fd_nonblock(s->stdout_fd, 1);
2546 ev.events = EPOLLIN;
2547 ev.data.fd = s->stdout_fd;
2548 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2549 log_error("Failed to add stdout server fd to epoll object: %m");
2556 static int open_proc_kmsg(Server *s) {
2557 struct epoll_event ev;
2561 if (!s->import_proc_kmsg)
2564 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2565 if (s->proc_kmsg_fd < 0) {
2566 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2571 ev.events = EPOLLIN;
2572 ev.data.fd = s->proc_kmsg_fd;
2573 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2574 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2581 static int open_signalfd(Server *s) {
2583 struct epoll_event ev;
2587 assert_se(sigemptyset(&mask) == 0);
2588 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2589 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2591 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2592 if (s->signal_fd < 0) {
2593 log_error("signalfd(): %m");
2598 ev.events = EPOLLIN;
2599 ev.data.fd = s->signal_fd;
2601 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2602 log_error("epoll_ctl(): %m");
2609 static int server_parse_proc_cmdline(Server *s) {
2610 char *line, *w, *state;
2614 if (detect_container(NULL) > 0)
2617 r = read_one_line_file("/proc/cmdline", &line);
2619 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2623 FOREACH_WORD_QUOTED(w, l, line, state) {
2626 word = strndup(w, l);
2632 if (startswith(word, "systemd_journald.forward_to_syslog=")) {
2633 r = parse_boolean(word + 35);
2635 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2637 s->forward_to_syslog = r;
2638 } else if (startswith(word, "systemd_journald.forward_to_kmsg=")) {
2639 r = parse_boolean(word + 33);
2641 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2643 s->forward_to_kmsg = r;
2644 } else if (startswith(word, "systemd_journald.forward_to_console=")) {
2645 r = parse_boolean(word + 36);
2647 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2649 s->forward_to_console = r;
2662 static int server_parse_config_file(Server *s) {
2669 fn = "/etc/systemd/journald.conf";
2670 f = fopen(fn, "re");
2672 if (errno == ENOENT)
2675 log_warning("Failed to open configuration file %s: %m", fn);
2679 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2681 log_warning("Failed to parse configuration file: %s", strerror(-r));
2688 static int server_init(Server *s) {
2694 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2697 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2698 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2700 s->forward_to_syslog = true;
2701 s->import_proc_kmsg = true;
2703 s->max_level_store = LOG_DEBUG;
2704 s->max_level_syslog = LOG_DEBUG;
2705 s->max_level_kmsg = LOG_NOTICE;
2706 s->max_level_console = LOG_INFO;
2708 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2709 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2711 server_parse_config_file(s);
2712 server_parse_proc_cmdline(s);
2714 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2715 if (!s->user_journals) {
2716 log_error("Out of memory.");
2720 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2721 if (s->epoll_fd < 0) {
2722 log_error("Failed to create epoll object: %m");
2726 n = sd_listen_fds(true);
2728 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2732 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2734 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2736 if (s->native_fd >= 0) {
2737 log_error("Too many native sockets passed.");
2743 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2745 if (s->stdout_fd >= 0) {
2746 log_error("Too many stdout sockets passed.");
2752 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2754 if (s->syslog_fd >= 0) {
2755 log_error("Too many /dev/log sockets passed.");
2762 log_error("Unknown socket passed.");
2767 r = open_syslog_socket(s);
2771 r = open_native_socket(s);
2775 r = open_stdout_socket(s);
2779 r = open_proc_kmsg(s);
2783 r = open_signalfd(s);
2787 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2791 r = system_journal_open(s);
2798 static void server_done(Server *s) {
2802 while (s->stdout_streams)
2803 stdout_stream_free(s->stdout_streams);
2805 if (s->system_journal)
2806 journal_file_close(s->system_journal);
2808 if (s->runtime_journal)
2809 journal_file_close(s->runtime_journal);
2811 while ((f = hashmap_steal_first(s->user_journals)))
2812 journal_file_close(f);
2814 hashmap_free(s->user_journals);
2816 if (s->epoll_fd >= 0)
2817 close_nointr_nofail(s->epoll_fd);
2819 if (s->signal_fd >= 0)
2820 close_nointr_nofail(s->signal_fd);
2822 if (s->syslog_fd >= 0)
2823 close_nointr_nofail(s->syslog_fd);
2825 if (s->native_fd >= 0)
2826 close_nointr_nofail(s->native_fd);
2828 if (s->stdout_fd >= 0)
2829 close_nointr_nofail(s->stdout_fd);
2831 if (s->proc_kmsg_fd >= 0)
2832 close_nointr_nofail(s->proc_kmsg_fd);
2835 journal_rate_limit_free(s->rate_limit);
2841 int main(int argc, char *argv[]) {
2845 /* if (getppid() != 1) { */
2846 /* log_error("This program should be invoked by init only."); */
2847 /* return EXIT_FAILURE; */
2851 log_error("This program does not take arguments.");
2852 return EXIT_FAILURE;
2855 log_set_target(LOG_TARGET_SAFE);
2856 log_set_facility(LOG_SYSLOG);
2857 log_parse_environment();
2862 r = server_init(&server);
2866 server_vacuum(&server);
2867 server_flush_to_var(&server);
2868 server_flush_proc_kmsg(&server);
2870 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2871 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2875 "STATUS=Processing requests...");
2878 struct epoll_event event;
2880 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2886 log_error("epoll_wait() failed: %m");
2892 r = process_event(&server, &event);
2899 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2900 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2904 "STATUS=Shutting down...");
2906 server_done(&server);
2908 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;