1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <acl/libacl.h>
31 #include <sys/ioctl.h>
32 #include <linux/sockios.h>
33 #include <sys/statvfs.h>
36 #include "journal-file.h"
37 #include "sd-daemon.h"
38 #include "socket-util.h"
40 #include "cgroup-util.h"
42 #include "journal-rate-limit.h"
43 #include "sd-journal.h"
45 #include "journal-internal.h"
47 #define USER_JOURNALS_MAX 1024
48 #define STDOUT_STREAMS_MAX 4096
50 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
51 #define DEFAULT_RATE_LIMIT_BURST 200
53 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
55 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
57 #define SYSLOG_TIMEOUT_USEC (5*USEC_PER_SEC)
59 typedef struct StdoutStream StdoutStream;
61 typedef struct Server {
68 JournalFile *runtime_journal;
69 JournalFile *system_journal;
70 Hashmap *user_journals;
77 JournalRateLimit *rate_limit;
79 JournalMetrics runtime_metrics;
80 JournalMetrics system_metrics;
84 uint64_t cached_available_space;
85 usec_t cached_available_space_timestamp;
87 uint64_t var_available_timestamp;
89 LIST_HEAD(StdoutStream, stdout_streams);
90 unsigned n_stdout_streams;
93 typedef enum StdoutStreamState {
95 STDOUT_STREAM_PRIORITY,
96 STDOUT_STREAM_PRIORITY_PREFIX,
97 STDOUT_STREAM_TEE_CONSOLE,
101 struct StdoutStream {
103 StdoutStreamState state;
111 bool priority_prefix:1;
114 char buffer[LINE_MAX+1];
117 LIST_FIELDS(StdoutStream, stdout_stream);
120 static int server_flush_to_var(Server *s);
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
170 k = readdir_r(d, &buf, &de);
179 if (!dirent_is_file_with_suffix(de, ".journal"))
182 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
185 sum += (uint64_t) st.st_blocks * (uint64_t) st.st_blksize;
188 avail = sum >= m->max_use ? 0 : m->max_use - sum;
190 ss_avail = ss.f_bsize * ss.f_bavail;
192 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
194 if (ss_avail < avail)
197 s->cached_available_space = avail;
198 s->cached_available_space_timestamp = ts;
206 static void fix_perms(JournalFile *f, uid_t uid) {
209 acl_permset_t permset;
214 r = fchmod_and_fchown(f->fd, 0640, 0, 0);
216 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
221 acl = acl_get_fd(f->fd);
223 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
227 r = acl_find_uid(acl, uid, &entry);
230 if (acl_create_entry(&acl, &entry) < 0 ||
231 acl_set_tag_type(entry, ACL_USER) < 0 ||
232 acl_set_qualifier(entry, &uid) < 0) {
233 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
238 if (acl_get_permset(entry, &permset) < 0 ||
239 acl_add_perm(permset, ACL_READ) < 0 ||
240 acl_calc_mask(&acl) < 0) {
241 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
245 if (acl_set_fd(f->fd, acl) < 0)
246 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
252 static JournalFile* find_journal(Server *s, uid_t uid) {
261 /* We split up user logs only on /var, not on /run. If the
262 * runtime file is open, we write to it exclusively, in order
263 * to guarantee proper order as soon as we flush /run to
264 * /var and close the runtime file. */
266 if (s->runtime_journal)
267 return s->runtime_journal;
270 return s->system_journal;
272 r = sd_id128_get_machine(&machine);
274 return s->system_journal;
276 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
280 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
281 return s->system_journal;
283 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
284 /* Too many open? Then let's close one */
285 f = hashmap_steal_first(s->user_journals);
287 journal_file_close(f);
290 r = journal_file_open(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
294 return s->system_journal;
297 f->metrics = s->system_metrics;
298 f->compress = s->compress;
300 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
302 journal_file_close(f);
303 return s->system_journal;
309 static void server_vacuum(Server *s) {
318 log_info("Rotating...");
320 if (s->runtime_journal) {
321 r = journal_file_rotate(&s->runtime_journal);
323 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
326 if (s->system_journal) {
327 r = journal_file_rotate(&s->system_journal);
329 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
332 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
333 r = journal_file_rotate(&f);
335 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
337 hashmap_replace(s->user_journals, k, f);
340 log_info("Vacuuming...");
342 r = sd_id128_get_machine(&machine);
344 log_error("Failed to get machine ID: %s", strerror(-r));
348 sd_id128_to_string(machine, ids);
350 if (s->system_journal) {
351 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
352 log_error("Out of memory.");
356 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
357 if (r < 0 && r != -ENOENT)
358 log_error("Failed to vacuum %s: %s", p, strerror(-r));
363 if (s->runtime_journal) {
364 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
365 log_error("Out of memory.");
369 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
370 if (r < 0 && r != -ENOENT)
371 log_error("Failed to vacuum %s: %s", p, strerror(-r));
375 s->cached_available_space_timestamp = 0;
378 static char *shortened_cgroup_path(pid_t pid) {
380 char *process_path, *init_path, *path;
384 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
388 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
394 if (endswith(init_path, "/system"))
395 init_path[strlen(init_path) - 7] = 0;
396 else if (streq(init_path, "/"))
399 if (startswith(process_path, init_path)) {
402 p = strdup(process_path + strlen(init_path));
420 static void dispatch_message_real(Server *s,
421 struct iovec *iovec, unsigned n, unsigned m,
423 struct timeval *tv) {
425 char *pid = NULL, *uid = NULL, *gid = NULL,
426 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
427 *comm = NULL, *cmdline = NULL, *hostname = NULL,
428 *audit_session = NULL, *audit_loginuid = NULL,
429 *exe = NULL, *cgroup = NULL, *session = NULL,
430 *owner_uid = NULL, *service = NULL;
436 uid_t loginuid = 0, realuid = 0;
438 bool vacuumed = false;
449 realuid = ucred->uid;
451 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
452 IOVEC_SET_STRING(iovec[n++], pid);
454 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
455 IOVEC_SET_STRING(iovec[n++], uid);
457 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
458 IOVEC_SET_STRING(iovec[n++], gid);
460 r = get_process_comm(ucred->pid, &t);
462 comm = strappend("_COMM=", t);
466 IOVEC_SET_STRING(iovec[n++], comm);
469 r = get_process_exe(ucred->pid, &t);
471 exe = strappend("_EXE=", t);
475 IOVEC_SET_STRING(iovec[n++], exe);
478 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
480 cmdline = strappend("_CMDLINE=", t);
484 IOVEC_SET_STRING(iovec[n++], cmdline);
487 r = audit_session_from_pid(ucred->pid, &audit);
489 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
490 IOVEC_SET_STRING(iovec[n++], audit_session);
492 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
494 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
495 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
497 t = shortened_cgroup_path(ucred->pid);
499 cgroup = strappend("_SYSTEMD_CGROUP=", t);
503 IOVEC_SET_STRING(iovec[n++], cgroup);
506 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
507 session = strappend("_SYSTEMD_SESSION=", t);
511 IOVEC_SET_STRING(iovec[n++], session);
514 if (sd_pid_get_service(ucred->pid, &t) >= 0) {
515 service = strappend("_SYSTEMD_SERVICE=", t);
519 IOVEC_SET_STRING(iovec[n++], service);
522 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
523 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
524 IOVEC_SET_STRING(iovec[n++], owner_uid);
528 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
529 (unsigned long long) timeval_load(tv)) >= 0)
530 IOVEC_SET_STRING(iovec[n++], source_time);
533 /* Note that strictly speaking storing the boot id here is
534 * redundant since the entry includes this in-line
535 * anyway. However, we need this indexed, too. */
536 r = sd_id128_get_boot(&id);
538 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
539 IOVEC_SET_STRING(iovec[n++], boot_id);
541 r = sd_id128_get_machine(&id);
543 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
544 IOVEC_SET_STRING(iovec[n++], machine_id);
546 t = gethostname_malloc();
548 hostname = strappend("_HOSTNAME=", t);
551 IOVEC_SET_STRING(iovec[n++], hostname);
556 server_flush_to_var(s);
559 f = find_journal(s, realuid == 0 ? 0 : loginuid);
561 log_warning("Dropping message, as we can't find a place to store the data.");
563 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
565 if (r == -E2BIG && !vacuumed) {
566 log_info("Allocation limit reached.");
571 log_info("Retrying write.");
576 log_error("Failed to write entry, ignoring: %s", strerror(-r));
590 free(audit_loginuid);
597 static void dispatch_message(Server *s,
598 struct iovec *iovec, unsigned n, unsigned m,
603 char *path = NULL, *c;
606 assert(iovec || n == 0);
614 path = shortened_cgroup_path(ucred->pid);
618 /* example: /user/lennart/3/foobar
619 * /system/dbus.service/foobar
621 * So let's cut of everything past the third /, since that is
622 * wher user directories start */
624 c = strchr(path, '/');
626 c = strchr(c+1, '/');
628 c = strchr(c+1, '/');
634 rl = journal_rate_limit_test(s->rate_limit, path, priority, available_space(s));
643 char suppress_message[LINE_MAX];
644 struct iovec suppress_iovec[18];
646 /* Write a suppression message if we suppressed something */
648 snprintf(suppress_message, sizeof(suppress_message), "MESSAGE=Suppressed %u messages from %s", rl - 1, path);
649 char_array_0(suppress_message);
651 IOVEC_SET_STRING(suppress_iovec[j++], "PRIORITY=5");
652 IOVEC_SET_STRING(suppress_iovec[j++], suppress_message);
654 dispatch_message_real(s, suppress_iovec, j, ELEMENTSOF(suppress_iovec), NULL, NULL);
660 dispatch_message_real(s, iovec, n, m, ucred, tv);
663 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv) {
664 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL;
665 struct iovec iovec[19];
667 int priority = LOG_USER | LOG_INFO;
672 parse_syslog_priority((char**) &buf, &priority);
673 skip_syslog_date((char**) &buf);
675 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
676 IOVEC_SET_STRING(iovec[n++], syslog_priority);
678 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
679 IOVEC_SET_STRING(iovec[n++], syslog_facility);
681 message = strappend("MESSAGE=", buf);
683 IOVEC_SET_STRING(iovec[n++], message);
685 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, priority & LOG_PRIMASK);
688 free(syslog_facility);
689 free(syslog_priority);
692 static bool valid_user_field(const char *p, size_t l) {
695 /* We kinda enforce POSIX syntax recommendations for
696 environment variables here, but make a couple of additional
699 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
701 /* No empty field names */
705 /* Don't allow names longer than 64 chars */
709 /* Variables starting with an underscore are protected */
713 /* Don't allow digits as first character */
714 if (p[0] >= '0' && p[0] <= '9')
717 /* Only allow A-Z0-9 and '_' */
718 for (a = p; a < p + l; a++)
719 if (!((*a >= 'A' && *a <= 'Z') ||
720 (*a >= '0' && *a <= '9') ||
727 static void process_native_message(Server *s, const void *buffer, size_t buffer_size, struct ucred *ucred, struct timeval *tv) {
728 struct iovec *iovec = NULL;
729 unsigned n = 0, m = 0, j;
732 int priority = LOG_INFO;
735 assert(buffer || n == 0);
738 remaining = buffer_size;
740 while (remaining > 0) {
743 e = memchr(p, '\n', remaining);
746 /* Trailing noise, let's ignore it, and flush what we collected */
747 log_debug("Received message with trailing noise, ignoring.");
752 /* Entry separator */
753 dispatch_message(s, iovec, n, m, ucred, tv, priority);
762 if (*p == '.' || *p == '#') {
763 /* Ignore control commands for now, and
765 remaining -= (e - p) + 1;
770 /* A property follows */
776 u = MAX((n+16U) * 2U, 4U);
777 c = realloc(iovec, u * sizeof(struct iovec));
779 log_error("Out of memory");
787 q = memchr(p, '=', e - p);
789 if (valid_user_field(p, q - p)) {
790 /* If the field name starts with an
791 * underscore, skip the variable,
792 * since that indidates a trusted
794 iovec[n].iov_base = (char*) p;
795 iovec[n].iov_len = e - p;
798 /* We need to determine the priority
799 * of this entry for the rate limiting
802 memcmp(p, "PRIORITY=", 10) == 0 &&
805 priority = p[10] - '0';
808 remaining -= (e - p) + 1;
815 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
816 log_debug("Failed to parse message, ignoring.");
820 memcpy(&l, e + 1, sizeof(uint64_t));
823 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
824 e[1+sizeof(uint64_t)+l] != '\n') {
825 log_debug("Failed to parse message, ignoring.");
829 k = malloc((e - p) + 1 + l);
831 log_error("Out of memory");
837 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
839 if (valid_user_field(p, e - p)) {
840 iovec[n].iov_base = k;
841 iovec[n].iov_len = (e - p) + 1 + l;
846 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
847 p = e + 1 + sizeof(uint64_t) + l + 1;
851 dispatch_message(s, iovec, n, m, ucred, tv, priority);
853 for (j = 0; j < n; j++)
854 if (iovec[j].iov_base < buffer ||
855 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
856 free(iovec[j].iov_base);
859 static int stdout_stream_log(StdoutStream *s, const char *p, size_t l) {
860 struct iovec iovec[18];
861 char *message = NULL, *syslog_priority = NULL;
869 priority = s->priority;
871 if (s->priority_prefix &&
874 p[1] >= '0' && p[1] <= '7' &&
877 priority = p[1] - '0';
885 if (asprintf(&syslog_priority, "PRIORITY=%i", priority) >= 0)
886 IOVEC_SET_STRING(iovec[n++], syslog_priority);
888 tag_len = s->tag ? strlen(s->tag) + 2: 0;
889 message = malloc(8 + tag_len + l);
891 memcpy(message, "MESSAGE=", 8);
894 memcpy(message+8, s->tag, tag_len-2);
895 memcpy(message+8+tag_len-2, ": ", 2);
898 memcpy(message+8+tag_len, p, l);
899 iovec[n].iov_base = message;
900 iovec[n].iov_len = 8+tag_len+l;
904 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, priority);
906 if (s->tee_console) {
909 console = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
913 IOVEC_SET_STRING(iovec[n++], s->tag);
914 IOVEC_SET_STRING(iovec[n++], ": ");
917 iovec[n].iov_base = (void*) p;
918 iovec[n].iov_len = l;
921 IOVEC_SET_STRING(iovec[n++], (char*) "\n");
923 writev(console, iovec, n);
928 free(syslog_priority);
933 static int stdout_stream_line(StdoutStream *s, const char *p, size_t l) {
937 while (l > 0 && strchr(WHITESPACE, *p)) {
942 while (l > 0 && strchr(WHITESPACE, *(p+l-1)))
947 case STDOUT_STREAM_TAG:
950 s->tag = strndup(p, l);
952 log_error("Out of memory");
957 s->state = STDOUT_STREAM_PRIORITY;
960 case STDOUT_STREAM_PRIORITY:
961 if (l != 1 || *p < '0' || *p > '7') {
962 log_warning("Failed to parse log priority line.");
966 s->priority = *p - '0';
967 s->state = STDOUT_STREAM_PRIORITY_PREFIX;
970 case STDOUT_STREAM_PRIORITY_PREFIX:
971 if (l != 1 || *p < '0' || *p > '1') {
972 log_warning("Failed to parse priority prefix line.");
976 s->priority_prefix = *p - '0';
977 s->state = STDOUT_STREAM_TEE_CONSOLE;
980 case STDOUT_STREAM_TEE_CONSOLE:
981 if (l != 1 || *p < '0' || *p > '1') {
982 log_warning("Failed to parse tee to console line.");
986 s->tee_console = *p - '0';
987 s->state = STDOUT_STREAM_RUNNING;
990 case STDOUT_STREAM_RUNNING:
991 return stdout_stream_log(s, p, l);
994 assert_not_reached("Unknown stream state");
997 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1005 remaining = s->length;
1010 end = memchr(p, '\n', remaining);
1012 if (remaining >= LINE_MAX) {
1020 r = stdout_stream_line(s, p, end - p);
1028 if (force_flush && remaining > 0) {
1029 r = stdout_stream_line(s, p, remaining);
1037 if (p > s->buffer) {
1038 memmove(s->buffer, p, remaining);
1039 s->length = remaining;
1045 static int stdout_stream_process(StdoutStream *s) {
1051 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1054 if (errno == EAGAIN)
1057 log_warning("Failed to read from stream: %m");
1062 r = stdout_stream_scan(s, true);
1070 r = stdout_stream_scan(s, false);
1078 static void stdout_stream_free(StdoutStream *s) {
1082 assert(s->server->n_stdout_streams > 0);
1083 s->server->n_stdout_streams --;
1084 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1089 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1091 close_nointr_nofail(s->fd);
1098 static int stdout_stream_new(Server *s) {
1099 StdoutStream *stream;
1102 struct epoll_event ev;
1106 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1108 if (errno == EAGAIN)
1111 log_error("Failed to accept stdout connection: %m");
1115 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1116 log_warning("Too many stdout streams, refusing connection.");
1117 close_nointr_nofail(fd);
1121 stream = new0(StdoutStream, 1);
1123 log_error("Out of memory.");
1124 close_nointr_nofail(fd);
1130 len = sizeof(stream->ucred);
1131 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1132 log_error("Failed to determine peer credentials: %m");
1137 if (shutdown(fd, SHUT_WR) < 0) {
1138 log_error("Failed to shutdown writing side of socket: %m");
1144 ev.data.ptr = stream;
1145 ev.events = EPOLLIN;
1146 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1147 log_error("Failed to add stream to event loop: %m");
1153 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1154 s->n_stdout_streams ++;
1159 stdout_stream_free(stream);
1163 static int system_journal_open(Server *s) {
1169 r = sd_id128_get_machine(&machine);
1173 sd_id128_to_string(machine, ids);
1175 if (!s->system_journal) {
1177 /* First try to create the machine path, but not the prefix */
1178 fn = strappend("/var/log/journal/", ids);
1181 (void) mkdir(fn, 0755);
1184 /* The create the system journal file */
1185 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1189 r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1193 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1195 s->system_journal->metrics = s->system_metrics;
1196 s->system_journal->compress = s->compress;
1198 fix_perms(s->system_journal, 0);
1201 if (r != -ENOENT && r != -EROFS)
1202 log_warning("Failed to open system journal: %s", strerror(-r));
1208 if (!s->runtime_journal) {
1210 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1214 if (s->system_journal) {
1216 /* Try to open the runtime journal, but only
1217 * if it already exists, so that we can flush
1218 * it into the system journal */
1220 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
1225 log_warning("Failed to open runtime journal: %s", strerror(-r));
1232 /* OK, we really need the runtime journal, so create
1233 * it if necessary. */
1235 (void) mkdir_parents(fn, 0755);
1236 r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
1240 log_error("Failed to open runtime journal: %s", strerror(-r));
1245 if (s->runtime_journal) {
1246 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
1248 s->runtime_journal->metrics = s->runtime_metrics;
1249 s->runtime_journal->compress = s->compress;
1251 fix_perms(s->runtime_journal, 0);
1258 static int server_flush_to_var(Server *s) {
1259 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
1268 if (!s->runtime_journal)
1271 ts = now(CLOCK_MONOTONIC);
1272 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
1275 s->var_available_timestamp = ts;
1277 system_journal_open(s);
1279 if (!s->system_journal)
1282 r = sd_id128_get_machine(&machine);
1284 log_error("Failed to get machine id: %s", strerror(-r));
1288 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1290 log_error("Failed to read runtime journal: %s", strerror(-r));
1294 SD_JOURNAL_FOREACH(j) {
1297 f = j->current_file;
1298 assert(f && f->current_offset > 0);
1300 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1302 log_error("Can't read entry: %s", strerror(-r));
1306 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1308 log_info("Allocation limit reached.");
1310 journal_file_post_change(s->system_journal);
1313 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1317 log_error("Can't write entry: %s", strerror(-r));
1323 journal_file_post_change(s->system_journal);
1325 journal_file_close(s->runtime_journal);
1326 s->runtime_journal = NULL;
1329 sd_id128_to_string(machine, path + 17);
1330 rm_rf(path, false, true, false);
1336 static void forward_syslog(Server *s, const void *buffer, size_t length, struct ucred *ucred, struct timeval *tv) {
1337 struct msghdr msghdr;
1339 struct cmsghdr *cmsg;
1341 struct cmsghdr cmsghdr;
1342 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1343 CMSG_SPACE(sizeof(struct timeval))];
1345 union sockaddr_union sa;
1352 iovec.iov_base = (void*) buffer;
1353 iovec.iov_len = length;
1354 msghdr.msg_iov = &iovec;
1355 msghdr.msg_iovlen = 1;
1358 sa.un.sun_family = AF_UNIX;
1359 strncpy(sa.un.sun_path, "/run/systemd/syslog", sizeof(sa.un.sun_path));
1360 msghdr.msg_name = &sa;
1361 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
1364 msghdr.msg_control = &control;
1365 msghdr.msg_controllen = sizeof(control);
1367 cmsg = CMSG_FIRSTHDR(&msghdr);
1368 cmsg->cmsg_level = SOL_SOCKET;
1369 cmsg->cmsg_type = SCM_CREDENTIALS;
1370 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
1371 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
1372 msghdr.msg_controllen = cmsg->cmsg_len;
1374 /* Forward the syslog message we received via /dev/log to
1375 * /run/systemd/syslog. Unfortunately we currently can't set
1376 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
1378 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
1381 if (errno == ESRCH) {
1384 /* Hmm, presumably the sender process vanished
1385 * by now, so let's fix it as good as we
1390 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
1392 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
1396 log_debug("Failed to forward syslog message: %m");
1399 static int process_event(Server *s, struct epoll_event *ev) {
1402 if (ev->data.fd == s->signal_fd) {
1403 struct signalfd_siginfo sfsi;
1406 if (ev->events != EPOLLIN) {
1407 log_info("Got invalid event from epoll.");
1411 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
1412 if (n != sizeof(sfsi)) {
1417 if (errno == EINTR || errno == EAGAIN)
1423 if (sfsi.ssi_signo == SIGUSR1) {
1424 server_flush_to_var(s);
1428 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1431 } else if (ev->data.fd == s->native_fd ||
1432 ev->data.fd == s->syslog_fd) {
1434 if (ev->events != EPOLLIN) {
1435 log_info("Got invalid event from epoll.");
1440 struct msghdr msghdr;
1442 struct ucred *ucred = NULL;
1443 struct timeval *tv = NULL;
1444 struct cmsghdr *cmsg;
1446 struct cmsghdr cmsghdr;
1447 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1448 CMSG_SPACE(sizeof(struct timeval))];
1453 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1454 log_error("SIOCINQ failed: %m");
1461 if (s->buffer_size < (size_t) v) {
1465 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1466 b = realloc(s->buffer, l+1);
1469 log_error("Couldn't increase buffer.");
1478 iovec.iov_base = s->buffer;
1479 iovec.iov_len = s->buffer_size;
1483 msghdr.msg_iov = &iovec;
1484 msghdr.msg_iovlen = 1;
1485 msghdr.msg_control = &control;
1486 msghdr.msg_controllen = sizeof(control);
1488 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT);
1491 if (errno == EINTR || errno == EAGAIN)
1494 log_error("recvmsg() failed: %m");
1498 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1500 if (cmsg->cmsg_level == SOL_SOCKET &&
1501 cmsg->cmsg_type == SCM_CREDENTIALS &&
1502 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1503 ucred = (struct ucred*) CMSG_DATA(cmsg);
1504 else if (cmsg->cmsg_level == SOL_SOCKET &&
1505 cmsg->cmsg_type == SO_TIMESTAMP &&
1506 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1507 tv = (struct timeval*) CMSG_DATA(cmsg);
1510 if (ev->data.fd == s->syslog_fd) {
1513 e = memchr(s->buffer, '\n', n);
1519 forward_syslog(s, s->buffer, n, ucred, tv);
1520 process_syslog_message(s, strstrip(s->buffer), ucred, tv);
1522 process_native_message(s, s->buffer, n, ucred, tv);
1527 } else if (ev->data.fd == s->stdout_fd) {
1529 if (ev->events != EPOLLIN) {
1530 log_info("Got invalid event from epoll.");
1534 stdout_stream_new(s);
1538 StdoutStream *stream;
1540 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1541 log_info("Got invalid event from epoll.");
1545 /* If it is none of the well-known fds, it must be an
1546 * stdout stream fd. Note that this is a bit ugly here
1547 * (since we rely that none of the well-known fds
1548 * could be interpreted as pointer), but nonetheless
1549 * safe, since the well-known fds would never get an
1550 * fd > 4096, i.e. beyond the first memory page */
1552 stream = ev->data.ptr;
1554 if (stdout_stream_process(stream) <= 0)
1555 stdout_stream_free(stream);
1560 log_error("Unknown event.");
1564 static int open_syslog_socket(Server *s) {
1565 union sockaddr_union sa;
1567 struct epoll_event ev;
1572 if (s->syslog_fd < 0) {
1574 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
1575 if (s->syslog_fd < 0) {
1576 log_error("socket() failed: %m");
1581 sa.un.sun_family = AF_UNIX;
1582 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
1584 unlink(sa.un.sun_path);
1586 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
1588 log_error("bind() failed: %m");
1592 chmod(sa.un.sun_path, 0666);
1596 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
1598 log_error("SO_PASSCRED failed: %m");
1603 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
1605 log_error("SO_TIMESTAMP failed: %m");
1609 /* Since we use the same socket for forwarding this to some
1610 * other syslog implementation, make sure we don't hang
1612 timeval_store(&tv, SYSLOG_TIMEOUT_USEC);
1613 if (setsockopt(s->syslog_fd, SOL_SOCKET, SO_SNDTIMEO, &tv, sizeof(tv)) < 0) {
1614 log_error("SO_SNDTIMEO failed: %m");
1619 ev.events = EPOLLIN;
1620 ev.data.fd = s->syslog_fd;
1621 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
1622 log_error("Failed to add syslog server fd to epoll object: %m");
1629 static int open_native_socket(Server*s) {
1630 union sockaddr_union sa;
1632 struct epoll_event ev;
1636 if (s->native_fd < 0) {
1638 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
1639 if (s->native_fd < 0) {
1640 log_error("socket() failed: %m");
1645 sa.un.sun_family = AF_UNIX;
1646 strncpy(sa.un.sun_path, "/run/systemd/journal", sizeof(sa.un.sun_path));
1648 unlink(sa.un.sun_path);
1650 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
1652 log_error("bind() failed: %m");
1656 chmod(sa.un.sun_path, 0666);
1660 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
1662 log_error("SO_PASSCRED failed: %m");
1667 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
1669 log_error("SO_TIMESTAMP failed: %m");
1674 ev.events = EPOLLIN;
1675 ev.data.fd = s->native_fd;
1676 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
1677 log_error("Failed to add native server fd to epoll object: %m");
1684 static int open_stdout_socket(Server *s) {
1685 union sockaddr_union sa;
1687 struct epoll_event ev;
1691 if (s->stdout_fd < 0) {
1693 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
1694 if (s->stdout_fd < 0) {
1695 log_error("socket() failed: %m");
1700 sa.un.sun_family = AF_UNIX;
1701 strncpy(sa.un.sun_path, "/run/systemd/stdout", sizeof(sa.un.sun_path));
1703 unlink(sa.un.sun_path);
1705 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
1707 log_error("bind() failed: %m");
1711 chmod(sa.un.sun_path, 0666);
1713 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
1714 log_error("liste() failed: %m");
1720 ev.events = EPOLLIN;
1721 ev.data.fd = s->stdout_fd;
1722 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
1723 log_error("Failed to add stdout server fd to epoll object: %m");
1730 static int open_signalfd(Server *s) {
1732 struct epoll_event ev;
1736 assert_se(sigemptyset(&mask) == 0);
1737 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, -1);
1738 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1740 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1741 if (s->signal_fd < 0) {
1742 log_error("signalfd(): %m");
1747 ev.events = EPOLLIN;
1748 ev.data.fd = s->signal_fd;
1750 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1751 log_error("epoll_ctl(): %m");
1758 static int server_init(Server *s) {
1764 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = -1;
1767 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1768 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1770 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1771 if (!s->user_journals) {
1772 log_error("Out of memory.");
1776 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1777 if (s->epoll_fd < 0) {
1778 log_error("Failed to create epoll object: %m");
1782 n = sd_listen_fds(true);
1784 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1788 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1790 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/native", 0) > 0) {
1792 if (s->native_fd >= 0) {
1793 log_error("Too many native sockets passed.");
1799 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/stdout", 0) > 0) {
1801 if (s->stdout_fd >= 0) {
1802 log_error("Too many stdout sockets passed.");
1808 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1810 if (s->syslog_fd >= 0) {
1811 log_error("Too many /dev/log sockets passed.");
1818 log_error("Unknown socket passed.");
1823 r = open_syslog_socket(s);
1827 r = open_native_socket(s);
1831 r = open_stdout_socket(s);
1835 r = system_journal_open(s);
1839 r = open_signalfd(s);
1843 s->rate_limit = journal_rate_limit_new(DEFAULT_RATE_LIMIT_INTERVAL, DEFAULT_RATE_LIMIT_BURST);
1850 static void server_done(Server *s) {
1854 while (s->stdout_streams)
1855 stdout_stream_free(s->stdout_streams);
1857 if (s->system_journal)
1858 journal_file_close(s->system_journal);
1860 if (s->runtime_journal)
1861 journal_file_close(s->runtime_journal);
1863 while ((f = hashmap_steal_first(s->user_journals)))
1864 journal_file_close(f);
1866 hashmap_free(s->user_journals);
1868 if (s->epoll_fd >= 0)
1869 close_nointr_nofail(s->epoll_fd);
1871 if (s->signal_fd >= 0)
1872 close_nointr_nofail(s->signal_fd);
1874 if (s->syslog_fd >= 0)
1875 close_nointr_nofail(s->syslog_fd);
1877 if (s->native_fd >= 0)
1878 close_nointr_nofail(s->native_fd);
1880 if (s->stdout_fd >= 0)
1881 close_nointr_nofail(s->stdout_fd);
1884 journal_rate_limit_free(s->rate_limit);
1889 int main(int argc, char *argv[]) {
1893 /* if (getppid() != 1) { */
1894 /* log_error("This program should be invoked by init only."); */
1895 /* return EXIT_FAILURE; */
1899 log_error("This program does not take arguments.");
1900 return EXIT_FAILURE;
1903 log_set_target(LOG_TARGET_CONSOLE);
1904 log_parse_environment();
1909 r = server_init(&server);
1913 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
1917 "STATUS=Processing requests...");
1919 server_vacuum(&server);
1920 server_flush_to_var(&server);
1923 struct epoll_event event;
1925 r = epoll_wait(server.epoll_fd, &event, 1, -1);
1931 log_error("epoll_wait() failed: %m");
1937 r = process_event(&server, &event);
1944 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
1948 "STATUS=Shutting down...");
1950 server_done(&server);
1952 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob