1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, &s->system_metrics, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
484 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
489 (r != -E2BIG && /* hit limit */
490 r != -EFBIG && /* hit fs limit */
491 r != -EDQUOT && /* quota hit */
492 r != -ENOSPC && /* disk full */
493 r != -EBADMSG && /* corrupted */
494 r != -ENODATA && /* truncated */
495 r != -EHOSTDOWN && /* other machine */
496 r != -EPROTONOSUPPORT && /* unsupported feature */
497 r != -EBUSY && /* unclean shutdown */
498 r != -ESHUTDOWN /* already archived */)) {
499 log_error("Failed to write entry, ignoring: %s", strerror(-r));
503 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
504 log_info("Allocation limit reached, rotating.");
505 else if (r == -EHOSTDOWN)
506 log_info("Journal file from other machine, rotating.");
507 else if (r == -EBUSY)
508 log_info("Unlcean shutdown, rotating.");
510 log_warning("Journal file corrupted, rotating.");
516 log_info("Retrying write.");
520 static void dispatch_message_real(
522 struct iovec *iovec, unsigned n, unsigned m,
525 const char *label, size_t label_len,
526 const char *unit_id) {
528 char *pid = NULL, *uid = NULL, *gid = NULL,
529 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
530 *comm = NULL, *cmdline = NULL, *hostname = NULL,
531 *audit_session = NULL, *audit_loginuid = NULL,
532 *exe = NULL, *cgroup = NULL, *session = NULL,
533 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
539 uid_t loginuid = 0, realuid = 0;
544 assert(n + N_IOVEC_META_FIELDS <= m);
552 realuid = ucred->uid;
554 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
555 IOVEC_SET_STRING(iovec[n++], pid);
557 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
558 IOVEC_SET_STRING(iovec[n++], uid);
560 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
561 IOVEC_SET_STRING(iovec[n++], gid);
563 r = get_process_comm(ucred->pid, &t);
565 comm = strappend("_COMM=", t);
569 IOVEC_SET_STRING(iovec[n++], comm);
572 r = get_process_exe(ucred->pid, &t);
574 exe = strappend("_EXE=", t);
578 IOVEC_SET_STRING(iovec[n++], exe);
581 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
583 cmdline = strappend("_CMDLINE=", t);
587 IOVEC_SET_STRING(iovec[n++], cmdline);
590 r = audit_session_from_pid(ucred->pid, &audit);
592 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
593 IOVEC_SET_STRING(iovec[n++], audit_session);
595 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
597 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
598 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
600 t = shortened_cgroup_path(ucred->pid);
602 cgroup = strappend("_SYSTEMD_CGROUP=", t);
606 IOVEC_SET_STRING(iovec[n++], cgroup);
610 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
611 session = strappend("_SYSTEMD_SESSION=", t);
615 IOVEC_SET_STRING(iovec[n++], session);
618 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
619 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
620 IOVEC_SET_STRING(iovec[n++], owner_uid);
623 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
624 unit = strappend("_SYSTEMD_UNIT=", t);
627 unit = strappend("_SYSTEMD_UNIT=", unit_id);
630 IOVEC_SET_STRING(iovec[n++], unit);
634 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
635 if (selinux_context) {
636 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
637 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
638 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
639 IOVEC_SET_STRING(iovec[n++], selinux_context);
642 security_context_t con;
644 if (getpidcon(ucred->pid, &con) >= 0) {
645 selinux_context = strappend("_SELINUX_CONTEXT=", con);
647 IOVEC_SET_STRING(iovec[n++], selinux_context);
656 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
657 (unsigned long long) timeval_load(tv)) >= 0)
658 IOVEC_SET_STRING(iovec[n++], source_time);
661 /* Note that strictly speaking storing the boot id here is
662 * redundant since the entry includes this in-line
663 * anyway. However, we need this indexed, too. */
664 r = sd_id128_get_boot(&id);
666 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
667 IOVEC_SET_STRING(iovec[n++], boot_id);
669 r = sd_id128_get_machine(&id);
671 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
672 IOVEC_SET_STRING(iovec[n++], machine_id);
674 t = gethostname_malloc();
676 hostname = strappend("_HOSTNAME=", t);
679 IOVEC_SET_STRING(iovec[n++], hostname);
684 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
697 free(audit_loginuid);
702 free(selinux_context);
705 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
706 char mid[11 + 32 + 1];
707 char buffer[16 + LINE_MAX + 1];
708 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
716 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
717 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
719 memcpy(buffer, "MESSAGE=", 8);
720 va_start(ap, format);
721 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
723 char_array_0(buffer);
724 IOVEC_SET_STRING(iovec[n++], buffer);
726 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
728 IOVEC_SET_STRING(iovec[n++], mid);
731 ucred.pid = getpid();
732 ucred.uid = getuid();
733 ucred.gid = getgid();
735 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
738 static void dispatch_message(Server *s,
739 struct iovec *iovec, unsigned n, unsigned m,
742 const char *label, size_t label_len,
746 char *path = NULL, *c;
749 assert(iovec || n == 0);
754 if (LOG_PRI(priority) > s->max_level_store)
760 path = shortened_cgroup_path(ucred->pid);
764 /* example: /user/lennart/3/foobar
765 * /system/dbus.service/foobar
767 * So let's cut of everything past the third /, since that is
768 * wher user directories start */
770 c = strchr(path, '/');
772 c = strchr(c+1, '/');
774 c = strchr(c+1, '/');
780 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
787 /* Write a suppression message if we suppressed something */
789 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
794 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
797 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
798 struct msghdr msghdr;
799 struct cmsghdr *cmsg;
801 struct cmsghdr cmsghdr;
802 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
804 union sockaddr_union sa;
811 msghdr.msg_iov = (struct iovec*) iovec;
812 msghdr.msg_iovlen = n_iovec;
815 sa.un.sun_family = AF_UNIX;
816 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
817 msghdr.msg_name = &sa;
818 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
822 msghdr.msg_control = &control;
823 msghdr.msg_controllen = sizeof(control);
825 cmsg = CMSG_FIRSTHDR(&msghdr);
826 cmsg->cmsg_level = SOL_SOCKET;
827 cmsg->cmsg_type = SCM_CREDENTIALS;
828 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
829 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
830 msghdr.msg_controllen = cmsg->cmsg_len;
833 /* Forward the syslog message we received via /dev/log to
834 * /run/systemd/syslog. Unfortunately we currently can't set
835 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
837 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
840 /* The socket is full? I guess the syslog implementation is
841 * too slow, and we shouldn't wait for that... */
845 if (ucred && errno == ESRCH) {
848 /* Hmm, presumably the sender process vanished
849 * by now, so let's fix it as good as we
854 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
856 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
863 log_debug("Failed to forward syslog message: %m");
866 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
872 if (LOG_PRI(priority) > s->max_level_syslog)
875 IOVEC_SET_STRING(iovec, buffer);
876 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
879 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
880 struct iovec iovec[5];
881 char header_priority[6], header_time[64], header_pid[16];
885 char *ident_buf = NULL;
888 assert(priority >= 0);
889 assert(priority <= 999);
892 if (LOG_PRI(priority) > s->max_level_syslog)
895 /* First: priority field */
896 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
897 char_array_0(header_priority);
898 IOVEC_SET_STRING(iovec[n++], header_priority);
900 /* Second: timestamp */
901 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
905 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
907 IOVEC_SET_STRING(iovec[n++], header_time);
909 /* Third: identifier and PID */
912 get_process_comm(ucred->pid, &ident_buf);
913 identifier = ident_buf;
916 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
917 char_array_0(header_pid);
920 IOVEC_SET_STRING(iovec[n++], identifier);
922 IOVEC_SET_STRING(iovec[n++], header_pid);
923 } else if (identifier) {
924 IOVEC_SET_STRING(iovec[n++], identifier);
925 IOVEC_SET_STRING(iovec[n++], ": ");
928 /* Fourth: message */
929 IOVEC_SET_STRING(iovec[n++], message);
931 forward_syslog_iovec(s, iovec, n, ucred, tv);
936 static int fixup_priority(int priority) {
938 if ((priority & LOG_FACMASK) == 0)
939 return (priority & LOG_PRIMASK) | LOG_USER;
944 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
945 struct iovec iovec[5];
946 char header_priority[6], header_pid[16];
948 char *ident_buf = NULL;
952 assert(priority >= 0);
953 assert(priority <= 999);
956 if (LOG_PRI(priority) > s->max_level_kmsg)
959 /* Never allow messages with kernel facility to be written to
960 * kmsg, regardless where the data comes from. */
961 priority = fixup_priority(priority);
963 /* First: priority field */
964 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
965 char_array_0(header_priority);
966 IOVEC_SET_STRING(iovec[n++], header_priority);
968 /* Second: identifier and PID */
971 get_process_comm(ucred->pid, &ident_buf);
972 identifier = ident_buf;
975 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
976 char_array_0(header_pid);
979 IOVEC_SET_STRING(iovec[n++], identifier);
981 IOVEC_SET_STRING(iovec[n++], header_pid);
982 } else if (identifier) {
983 IOVEC_SET_STRING(iovec[n++], identifier);
984 IOVEC_SET_STRING(iovec[n++], ": ");
987 /* Fourth: message */
988 IOVEC_SET_STRING(iovec[n++], message);
989 IOVEC_SET_STRING(iovec[n++], "\n");
991 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
993 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
997 if (writev(fd, iovec, n) < 0)
998 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
1000 close_nointr_nofail(fd);
1006 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1007 struct iovec iovec[4];
1008 char header_pid[16];
1010 char *ident_buf = NULL;
1016 if (LOG_PRI(priority) > s->max_level_console)
1019 /* First: identifier and PID */
1022 get_process_comm(ucred->pid, &ident_buf);
1023 identifier = ident_buf;
1026 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1027 char_array_0(header_pid);
1030 IOVEC_SET_STRING(iovec[n++], identifier);
1032 IOVEC_SET_STRING(iovec[n++], header_pid);
1033 } else if (identifier) {
1034 IOVEC_SET_STRING(iovec[n++], identifier);
1035 IOVEC_SET_STRING(iovec[n++], ": ");
1038 /* Third: message */
1039 IOVEC_SET_STRING(iovec[n++], message);
1040 IOVEC_SET_STRING(iovec[n++], "\n");
1042 tty = s->tty_path ? s->tty_path : "/dev/console";
1044 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1046 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1050 if (writev(fd, iovec, n) < 0)
1051 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1053 close_nointr_nofail(fd);
1059 static void read_identifier(const char **buf, char **identifier, char **pid) {
1070 p += strspn(p, WHITESPACE);
1071 l = strcspn(p, WHITESPACE);
1080 if (p[l-1] == ']') {
1086 t = strndup(p+k+1, l-k-2);
1106 *buf += strspn(*buf, WHITESPACE);
1109 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1110 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1111 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1113 int priority = LOG_USER | LOG_INFO;
1114 char *identifier = NULL, *pid = NULL;
1121 parse_syslog_priority((char**) &buf, &priority);
1123 if (s->forward_to_syslog)
1124 forward_syslog_raw(s, priority, orig, ucred, tv);
1126 skip_syslog_date((char**) &buf);
1127 read_identifier(&buf, &identifier, &pid);
1129 if (s->forward_to_kmsg)
1130 forward_kmsg(s, priority, identifier, buf, ucred);
1132 if (s->forward_to_console)
1133 forward_console(s, priority, identifier, buf, ucred);
1135 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1137 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1138 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1140 if (priority & LOG_FACMASK)
1141 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1142 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1145 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1146 if (syslog_identifier)
1147 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1151 syslog_pid = strappend("SYSLOG_PID=", pid);
1153 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1156 message = strappend("MESSAGE=", buf);
1158 IOVEC_SET_STRING(iovec[n++], message);
1160 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1165 free(syslog_priority);
1166 free(syslog_facility);
1167 free(syslog_identifier);
1170 static bool valid_user_field(const char *p, size_t l) {
1173 /* We kinda enforce POSIX syntax recommendations for
1174 environment variables here, but make a couple of additional
1177 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1179 /* No empty field names */
1183 /* Don't allow names longer than 64 chars */
1187 /* Variables starting with an underscore are protected */
1191 /* Don't allow digits as first character */
1192 if (p[0] >= '0' && p[0] <= '9')
1195 /* Only allow A-Z0-9 and '_' */
1196 for (a = p; a < p + l; a++)
1197 if (!((*a >= 'A' && *a <= 'Z') ||
1198 (*a >= '0' && *a <= '9') ||
1205 static void process_native_message(
1207 const void *buffer, size_t buffer_size,
1208 struct ucred *ucred,
1210 const char *label, size_t label_len) {
1212 struct iovec *iovec = NULL;
1213 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1216 int priority = LOG_INFO;
1217 char *identifier = NULL, *message = NULL;
1220 assert(buffer || buffer_size == 0);
1223 remaining = buffer_size;
1225 while (remaining > 0) {
1228 e = memchr(p, '\n', remaining);
1231 /* Trailing noise, let's ignore it, and flush what we collected */
1232 log_debug("Received message with trailing noise, ignoring.");
1237 /* Entry separator */
1238 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1240 priority = LOG_INFO;
1247 if (*p == '.' || *p == '#') {
1248 /* Ignore control commands for now, and
1250 remaining -= (e - p) + 1;
1255 /* A property follows */
1257 if (n+N_IOVEC_META_FIELDS >= m) {
1261 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1262 c = realloc(iovec, u * sizeof(struct iovec));
1264 log_error("Out of memory");
1272 q = memchr(p, '=', e - p);
1274 if (valid_user_field(p, q - p)) {
1279 /* If the field name starts with an
1280 * underscore, skip the variable,
1281 * since that indidates a trusted
1283 iovec[n].iov_base = (char*) p;
1284 iovec[n].iov_len = l;
1287 /* We need to determine the priority
1288 * of this entry for the rate limiting
1291 memcmp(p, "PRIORITY=", 9) == 0 &&
1292 p[9] >= '0' && p[9] <= '9')
1293 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1296 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1297 p[16] >= '0' && p[16] <= '9')
1298 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1301 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1302 p[16] >= '0' && p[16] <= '9' &&
1303 p[17] >= '0' && p[17] <= '9')
1304 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1307 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1310 t = strndup(p + 18, l - 18);
1315 } else if (l >= 8 &&
1316 memcmp(p, "MESSAGE=", 8) == 0) {
1319 t = strndup(p + 8, l - 8);
1327 remaining -= (e - p) + 1;
1335 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1336 log_debug("Failed to parse message, ignoring.");
1340 memcpy(&l_le, e + 1, sizeof(uint64_t));
1343 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1344 e[1+sizeof(uint64_t)+l] != '\n') {
1345 log_debug("Failed to parse message, ignoring.");
1349 k = malloc((e - p) + 1 + l);
1351 log_error("Out of memory");
1355 memcpy(k, p, e - p);
1357 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1359 if (valid_user_field(p, e - p)) {
1360 iovec[n].iov_base = k;
1361 iovec[n].iov_len = (e - p) + 1 + l;
1366 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1367 p = e + 1 + sizeof(uint64_t) + l + 1;
1375 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1378 if (s->forward_to_syslog)
1379 forward_syslog(s, priority, identifier, message, ucred, tv);
1381 if (s->forward_to_kmsg)
1382 forward_kmsg(s, priority, identifier, message, ucred);
1384 if (s->forward_to_console)
1385 forward_console(s, priority, identifier, message, ucred);
1388 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1391 for (j = 0; j < n; j++) {
1395 if (iovec[j].iov_base < buffer ||
1396 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1397 free(iovec[j].iov_base);
1405 static void process_native_file(
1408 struct ucred *ucred,
1410 const char *label, size_t label_len) {
1419 /* Data is in the passed file, since it didn't fit in a
1420 * datagram. We can't map the file here, since clients might
1421 * then truncate it and trigger a SIGBUS for us. So let's
1422 * stupidly read it */
1424 if (fstat(fd, &st) < 0) {
1425 log_error("Failed to stat passed file, ignoring: %m");
1429 if (!S_ISREG(st.st_mode)) {
1430 log_error("File passed is not regular. Ignoring.");
1434 if (st.st_size <= 0)
1437 if (st.st_size > ENTRY_SIZE_MAX) {
1438 log_error("File passed too large. Ignoring.");
1442 p = malloc(st.st_size);
1444 log_error("Out of memory");
1448 n = pread(fd, p, st.st_size, 0);
1450 log_error("Failed to read file, ignoring: %s", strerror(-n));
1452 process_native_message(s, p, n, ucred, tv, label, label_len);
1457 static int stdout_stream_log(StdoutStream *s, const char *p) {
1458 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1459 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1463 size_t label_len = 0;
1471 priority = s->priority;
1473 if (s->level_prefix)
1474 parse_syslog_priority((char**) &p, &priority);
1476 if (s->forward_to_syslog || s->server->forward_to_syslog)
1477 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1479 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1480 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1482 if (s->forward_to_console || s->server->forward_to_console)
1483 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1485 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1487 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1488 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1490 if (priority & LOG_FACMASK)
1491 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1492 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1494 if (s->identifier) {
1495 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1496 if (syslog_identifier)
1497 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1500 message = strappend("MESSAGE=", p);
1502 IOVEC_SET_STRING(iovec[n++], message);
1505 if (s->security_context) {
1506 label = (char*) s->security_context;
1507 label_len = strlen((char*) s->security_context);
1511 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1514 free(syslog_priority);
1515 free(syslog_facility);
1516 free(syslog_identifier);
1521 static int stdout_stream_line(StdoutStream *s, char *p) {
1531 case STDOUT_STREAM_IDENTIFIER:
1533 s->identifier = NULL;
1535 s->identifier = strdup(p);
1536 if (!s->identifier) {
1537 log_error("Out of memory");
1542 s->state = STDOUT_STREAM_UNIT_ID;
1545 case STDOUT_STREAM_UNIT_ID:
1546 if (s->ucred.uid == 0) {
1550 s->unit_id = strdup(p);
1552 log_error("Out of memory");
1558 s->state = STDOUT_STREAM_PRIORITY;
1561 case STDOUT_STREAM_PRIORITY:
1562 r = safe_atoi(p, &s->priority);
1563 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1564 log_warning("Failed to parse log priority line.");
1568 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1571 case STDOUT_STREAM_LEVEL_PREFIX:
1572 r = parse_boolean(p);
1574 log_warning("Failed to parse level prefix line.");
1578 s->level_prefix = !!r;
1579 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1582 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1583 r = parse_boolean(p);
1585 log_warning("Failed to parse forward to syslog line.");
1589 s->forward_to_syslog = !!r;
1590 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1593 case STDOUT_STREAM_FORWARD_TO_KMSG:
1594 r = parse_boolean(p);
1596 log_warning("Failed to parse copy to kmsg line.");
1600 s->forward_to_kmsg = !!r;
1601 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1604 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1605 r = parse_boolean(p);
1607 log_warning("Failed to parse copy to console line.");
1611 s->forward_to_console = !!r;
1612 s->state = STDOUT_STREAM_RUNNING;
1615 case STDOUT_STREAM_RUNNING:
1616 return stdout_stream_log(s, p);
1619 assert_not_reached("Unknown stream state");
1622 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1630 remaining = s->length;
1635 end = memchr(p, '\n', remaining);
1638 else if (remaining >= sizeof(s->buffer) - 1) {
1639 end = p + sizeof(s->buffer) - 1;
1646 r = stdout_stream_line(s, p);
1654 if (force_flush && remaining > 0) {
1656 r = stdout_stream_line(s, p);
1664 if (p > s->buffer) {
1665 memmove(s->buffer, p, remaining);
1666 s->length = remaining;
1672 static int stdout_stream_process(StdoutStream *s) {
1678 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1681 if (errno == EAGAIN)
1684 log_warning("Failed to read from stream: %m");
1689 r = stdout_stream_scan(s, true);
1697 r = stdout_stream_scan(s, false);
1705 static void stdout_stream_free(StdoutStream *s) {
1709 assert(s->server->n_stdout_streams > 0);
1710 s->server->n_stdout_streams --;
1711 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1716 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1718 close_nointr_nofail(s->fd);
1722 if (s->security_context)
1723 freecon(s->security_context);
1726 free(s->identifier);
1730 static int stdout_stream_new(Server *s) {
1731 StdoutStream *stream;
1734 struct epoll_event ev;
1738 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1740 if (errno == EAGAIN)
1743 log_error("Failed to accept stdout connection: %m");
1747 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1748 log_warning("Too many stdout streams, refusing connection.");
1749 close_nointr_nofail(fd);
1753 stream = new0(StdoutStream, 1);
1755 log_error("Out of memory.");
1756 close_nointr_nofail(fd);
1762 len = sizeof(stream->ucred);
1763 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1764 log_error("Failed to determine peer credentials: %m");
1770 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1771 log_error("Failed to determine peer security context: %m");
1774 if (shutdown(fd, SHUT_WR) < 0) {
1775 log_error("Failed to shutdown writing side of socket: %m");
1781 ev.data.ptr = stream;
1782 ev.events = EPOLLIN;
1783 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1784 log_error("Failed to add stream to event loop: %m");
1790 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1791 s->n_stdout_streams ++;
1796 stdout_stream_free(stream);
1800 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1811 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1816 for (i = 1; i <= 5; i++) {
1822 k = undecchar(p[i]);
1829 for (i = 7; i <= 12; i++) {
1832 k = undecchar(p[i]);
1841 *_p += strspn(*_p, WHITESPACE);
1846 static bool is_us(const char *pid) {
1851 if (parse_pid(pid, &t) < 0)
1854 return t == getpid();
1857 static void proc_kmsg_line(Server *s, const char *p) {
1858 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1859 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1860 int priority = LOG_KERN | LOG_INFO;
1863 char *identifier = NULL, *pid = NULL;
1871 parse_syslog_priority((char **) &p, &priority);
1873 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1876 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1877 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1878 (unsigned long long) usec) >= 0)
1879 IOVEC_SET_STRING(iovec[n++], source_time);
1882 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1884 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1885 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1887 if ((priority & LOG_FACMASK) == LOG_KERN) {
1889 if (s->forward_to_syslog)
1890 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1892 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1894 read_identifier(&p, &identifier, &pid);
1896 /* Avoid any messages we generated ourselves via
1897 * log_info() and friends. */
1898 if (pid && is_us(pid))
1901 if (s->forward_to_syslog)
1902 forward_syslog(s, priority, identifier, p, NULL, NULL);
1905 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1906 if (syslog_identifier)
1907 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1911 syslog_pid = strappend("SYSLOG_PID=", pid);
1913 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1916 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1917 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1920 message = strappend("MESSAGE=", p);
1922 IOVEC_SET_STRING(iovec[n++], message);
1924 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1928 free(syslog_priority);
1929 free(syslog_identifier);
1931 free(syslog_facility);
1937 static void proc_kmsg_scan(Server *s) {
1943 p = s->proc_kmsg_buffer;
1944 remaining = s->proc_kmsg_length;
1949 end = memchr(p, '\n', remaining);
1952 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1953 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1960 proc_kmsg_line(s, p);
1966 if (p > s->proc_kmsg_buffer) {
1967 memmove(s->proc_kmsg_buffer, p, remaining);
1968 s->proc_kmsg_length = remaining;
1972 static int system_journal_open(Server *s) {
1978 r = sd_id128_get_machine(&machine);
1982 sd_id128_to_string(machine, ids);
1984 if (!s->system_journal &&
1985 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1986 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1988 /* If in auto mode: first try to create the machine
1989 * path, but not the prefix.
1991 * If in persistent mode: create /var/log/journal and
1992 * the machine path */
1994 if (s->storage == STORAGE_PERSISTENT)
1995 (void) mkdir("/var/log/journal/", 0755);
1997 fn = strappend("/var/log/journal/", ids);
2001 (void) mkdir(fn, 0755);
2004 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2008 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->system_metrics, NULL, &s->system_journal);
2012 s->system_journal->compress = s->compress;
2014 server_fix_perms(s, s->system_journal, 0);
2017 if (r != -ENOENT && r != -EROFS)
2018 log_warning("Failed to open system journal: %s", strerror(-r));
2024 if (!s->runtime_journal &&
2025 (s->storage != STORAGE_NONE)) {
2027 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2031 if (s->system_journal) {
2033 /* Try to open the runtime journal, but only
2034 * if it already exists, so that we can flush
2035 * it into the system journal */
2037 r = journal_file_open(fn, O_RDWR, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2042 log_warning("Failed to open runtime journal: %s", strerror(-r));
2049 /* OK, we really need the runtime journal, so create
2050 * it if necessary. */
2052 (void) mkdir_parents(fn, 0755);
2053 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, &s->runtime_metrics, NULL, &s->runtime_journal);
2057 log_error("Failed to open runtime journal: %s", strerror(-r));
2062 if (s->runtime_journal) {
2063 s->runtime_journal->compress = s->compress;
2065 server_fix_perms(s, s->runtime_journal, 0);
2072 static int server_flush_to_var(Server *s) {
2080 if (s->storage != STORAGE_AUTO &&
2081 s->storage != STORAGE_PERSISTENT)
2084 if (!s->runtime_journal)
2087 system_journal_open(s);
2089 if (!s->system_journal)
2092 log_info("Flushing to /var...");
2094 r = sd_id128_get_machine(&machine);
2096 log_error("Failed to get machine id: %s", strerror(-r));
2100 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2102 log_error("Failed to read runtime journal: %s", strerror(-r));
2106 SD_JOURNAL_FOREACH(j) {
2109 f = j->current_file;
2110 assert(f && f->current_offset > 0);
2112 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2114 log_error("Can't read entry: %s", strerror(-r));
2118 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2120 log_info("Allocation limit reached.");
2122 journal_file_post_change(s->system_journal);
2126 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2130 log_error("Can't write entry: %s", strerror(-r));
2136 journal_file_post_change(s->system_journal);
2138 journal_file_close(s->runtime_journal);
2139 s->runtime_journal = NULL;
2142 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2143 sd_id128_to_string(machine, path + 17);
2144 rm_rf(path, false, true, false);
2150 static int server_read_proc_kmsg(Server *s) {
2153 assert(s->proc_kmsg_fd >= 0);
2155 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2156 if (l == 0) /* the kernel is stupid and in some race
2157 * conditions returns 0 in the middle of the
2162 if (errno == EAGAIN || errno == EINTR)
2165 log_error("Failed to read from kernel: %m");
2169 s->proc_kmsg_length += l;
2175 static int server_flush_proc_kmsg(Server *s) {
2180 if (s->proc_kmsg_fd < 0)
2183 log_info("Flushing /proc/kmsg...");
2186 r = server_read_proc_kmsg(s);
2197 static int process_event(Server *s, struct epoll_event *ev) {
2201 if (ev->data.fd == s->signal_fd) {
2202 struct signalfd_siginfo sfsi;
2205 if (ev->events != EPOLLIN) {
2206 log_info("Got invalid event from epoll.");
2210 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2211 if (n != sizeof(sfsi)) {
2216 if (errno == EINTR || errno == EAGAIN)
2222 if (sfsi.ssi_signo == SIGUSR1) {
2223 touch("/run/systemd/journal/flushed");
2224 server_flush_to_var(s);
2228 if (sfsi.ssi_signo == SIGUSR2) {
2234 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2237 } else if (ev->data.fd == s->proc_kmsg_fd) {
2240 if (ev->events != EPOLLIN) {
2241 log_info("Got invalid event from epoll.");
2245 r = server_read_proc_kmsg(s);
2251 } else if (ev->data.fd == s->native_fd ||
2252 ev->data.fd == s->syslog_fd) {
2254 if (ev->events != EPOLLIN) {
2255 log_info("Got invalid event from epoll.");
2260 struct msghdr msghdr;
2262 struct ucred *ucred = NULL;
2263 struct timeval *tv = NULL;
2264 struct cmsghdr *cmsg;
2266 size_t label_len = 0;
2268 struct cmsghdr cmsghdr;
2270 /* We use NAME_MAX space for the
2271 * SELinux label here. The kernel
2272 * currently enforces no limit, but
2273 * according to suggestions from the
2274 * SELinux people this will change and
2275 * it will probably be identical to
2276 * NAME_MAX. For now we use that, but
2277 * this should be updated one day when
2278 * the final limit is known.*/
2279 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2280 CMSG_SPACE(sizeof(struct timeval)) +
2281 CMSG_SPACE(sizeof(int)) + /* fd */
2282 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2289 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2290 log_error("SIOCINQ failed: %m");
2294 if (s->buffer_size < (size_t) v) {
2298 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2299 b = realloc(s->buffer, l+1);
2302 log_error("Couldn't increase buffer.");
2311 iovec.iov_base = s->buffer;
2312 iovec.iov_len = s->buffer_size;
2316 msghdr.msg_iov = &iovec;
2317 msghdr.msg_iovlen = 1;
2318 msghdr.msg_control = &control;
2319 msghdr.msg_controllen = sizeof(control);
2321 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2324 if (errno == EINTR || errno == EAGAIN)
2327 log_error("recvmsg() failed: %m");
2331 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2333 if (cmsg->cmsg_level == SOL_SOCKET &&
2334 cmsg->cmsg_type == SCM_CREDENTIALS &&
2335 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2336 ucred = (struct ucred*) CMSG_DATA(cmsg);
2337 else if (cmsg->cmsg_level == SOL_SOCKET &&
2338 cmsg->cmsg_type == SCM_SECURITY) {
2339 label = (char*) CMSG_DATA(cmsg);
2340 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2341 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2342 cmsg->cmsg_type == SO_TIMESTAMP &&
2343 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2344 tv = (struct timeval*) CMSG_DATA(cmsg);
2345 else if (cmsg->cmsg_level == SOL_SOCKET &&
2346 cmsg->cmsg_type == SCM_RIGHTS) {
2347 fds = (int*) CMSG_DATA(cmsg);
2348 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2352 if (ev->data.fd == s->syslog_fd) {
2355 if (n > 0 && n_fds == 0) {
2356 e = memchr(s->buffer, '\n', n);
2362 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2363 } else if (n_fds > 0)
2364 log_warning("Got file descriptors via syslog socket. Ignoring.");
2367 if (n > 0 && n_fds == 0)
2368 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2369 else if (n == 0 && n_fds == 1)
2370 process_native_file(s, fds[0], ucred, tv, label, label_len);
2372 log_warning("Got too many file descriptors via native socket. Ignoring.");
2375 close_many(fds, n_fds);
2380 } else if (ev->data.fd == s->stdout_fd) {
2382 if (ev->events != EPOLLIN) {
2383 log_info("Got invalid event from epoll.");
2387 stdout_stream_new(s);
2391 StdoutStream *stream;
2393 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2394 log_info("Got invalid event from epoll.");
2398 /* If it is none of the well-known fds, it must be an
2399 * stdout stream fd. Note that this is a bit ugly here
2400 * (since we rely that none of the well-known fds
2401 * could be interpreted as pointer), but nonetheless
2402 * safe, since the well-known fds would never get an
2403 * fd > 4096, i.e. beyond the first memory page */
2405 stream = ev->data.ptr;
2407 if (stdout_stream_process(stream) <= 0)
2408 stdout_stream_free(stream);
2413 log_error("Unknown event.");
2417 static int open_syslog_socket(Server *s) {
2418 union sockaddr_union sa;
2420 struct epoll_event ev;
2424 if (s->syslog_fd < 0) {
2426 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2427 if (s->syslog_fd < 0) {
2428 log_error("socket() failed: %m");
2433 sa.un.sun_family = AF_UNIX;
2434 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2436 unlink(sa.un.sun_path);
2438 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2440 log_error("bind() failed: %m");
2444 chmod(sa.un.sun_path, 0666);
2446 fd_nonblock(s->syslog_fd, 1);
2449 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2451 log_error("SO_PASSCRED failed: %m");
2457 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2459 log_warning("SO_PASSSEC failed: %m");
2463 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2465 log_error("SO_TIMESTAMP failed: %m");
2470 ev.events = EPOLLIN;
2471 ev.data.fd = s->syslog_fd;
2472 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2473 log_error("Failed to add syslog server fd to epoll object: %m");
2480 static int open_native_socket(Server*s) {
2481 union sockaddr_union sa;
2483 struct epoll_event ev;
2487 if (s->native_fd < 0) {
2489 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2490 if (s->native_fd < 0) {
2491 log_error("socket() failed: %m");
2496 sa.un.sun_family = AF_UNIX;
2497 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2499 unlink(sa.un.sun_path);
2501 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2503 log_error("bind() failed: %m");
2507 chmod(sa.un.sun_path, 0666);
2509 fd_nonblock(s->native_fd, 1);
2512 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2514 log_error("SO_PASSCRED failed: %m");
2520 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2522 log_warning("SO_PASSSEC failed: %m");
2526 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2528 log_error("SO_TIMESTAMP failed: %m");
2533 ev.events = EPOLLIN;
2534 ev.data.fd = s->native_fd;
2535 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2536 log_error("Failed to add native server fd to epoll object: %m");
2543 static int open_stdout_socket(Server *s) {
2544 union sockaddr_union sa;
2546 struct epoll_event ev;
2550 if (s->stdout_fd < 0) {
2552 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2553 if (s->stdout_fd < 0) {
2554 log_error("socket() failed: %m");
2559 sa.un.sun_family = AF_UNIX;
2560 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2562 unlink(sa.un.sun_path);
2564 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2566 log_error("bind() failed: %m");
2570 chmod(sa.un.sun_path, 0666);
2572 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2573 log_error("liste() failed: %m");
2577 fd_nonblock(s->stdout_fd, 1);
2580 ev.events = EPOLLIN;
2581 ev.data.fd = s->stdout_fd;
2582 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2583 log_error("Failed to add stdout server fd to epoll object: %m");
2590 static int open_proc_kmsg(Server *s) {
2591 struct epoll_event ev;
2595 if (!s->import_proc_kmsg)
2598 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2599 if (s->proc_kmsg_fd < 0) {
2600 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2605 ev.events = EPOLLIN;
2606 ev.data.fd = s->proc_kmsg_fd;
2607 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2608 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2615 static int open_signalfd(Server *s) {
2617 struct epoll_event ev;
2621 assert_se(sigemptyset(&mask) == 0);
2622 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2623 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2625 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2626 if (s->signal_fd < 0) {
2627 log_error("signalfd(): %m");
2632 ev.events = EPOLLIN;
2633 ev.data.fd = s->signal_fd;
2635 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2636 log_error("epoll_ctl(): %m");
2643 static int server_parse_proc_cmdline(Server *s) {
2644 char *line, *w, *state;
2648 if (detect_container(NULL) > 0)
2651 r = read_one_line_file("/proc/cmdline", &line);
2653 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2657 FOREACH_WORD_QUOTED(w, l, line, state) {
2660 word = strndup(w, l);
2666 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2667 r = parse_boolean(word + 35);
2669 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2671 s->forward_to_syslog = r;
2672 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2673 r = parse_boolean(word + 33);
2675 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2677 s->forward_to_kmsg = r;
2678 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2679 r = parse_boolean(word + 36);
2681 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2683 s->forward_to_console = r;
2684 } else if (startswith(word, "systemd.journald"))
2685 log_warning("Invalid systemd.journald parameter. Ignoring.");
2697 static int server_parse_config_file(Server *s) {
2704 fn = "/etc/systemd/journald.conf";
2705 f = fopen(fn, "re");
2707 if (errno == ENOENT)
2710 log_warning("Failed to open configuration file %s: %m", fn);
2714 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2716 log_warning("Failed to parse configuration file: %s", strerror(-r));
2723 static int server_init(Server *s) {
2729 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2732 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2733 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2735 s->forward_to_syslog = true;
2737 s->max_level_store = LOG_DEBUG;
2738 s->max_level_syslog = LOG_DEBUG;
2739 s->max_level_kmsg = LOG_NOTICE;
2740 s->max_level_console = LOG_INFO;
2742 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2743 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2745 server_parse_config_file(s);
2746 server_parse_proc_cmdline(s);
2748 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2749 if (!s->user_journals) {
2750 log_error("Out of memory.");
2754 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2755 if (s->epoll_fd < 0) {
2756 log_error("Failed to create epoll object: %m");
2760 n = sd_listen_fds(true);
2762 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2766 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2768 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2770 if (s->native_fd >= 0) {
2771 log_error("Too many native sockets passed.");
2777 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2779 if (s->stdout_fd >= 0) {
2780 log_error("Too many stdout sockets passed.");
2786 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2788 if (s->syslog_fd >= 0) {
2789 log_error("Too many /dev/log sockets passed.");
2796 log_error("Unknown socket passed.");
2801 r = open_syslog_socket(s);
2805 r = open_native_socket(s);
2809 r = open_stdout_socket(s);
2813 r = open_proc_kmsg(s);
2817 r = open_signalfd(s);
2821 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2825 r = system_journal_open(s);
2832 static void server_done(Server *s) {
2836 while (s->stdout_streams)
2837 stdout_stream_free(s->stdout_streams);
2839 if (s->system_journal)
2840 journal_file_close(s->system_journal);
2842 if (s->runtime_journal)
2843 journal_file_close(s->runtime_journal);
2845 while ((f = hashmap_steal_first(s->user_journals)))
2846 journal_file_close(f);
2848 hashmap_free(s->user_journals);
2850 if (s->epoll_fd >= 0)
2851 close_nointr_nofail(s->epoll_fd);
2853 if (s->signal_fd >= 0)
2854 close_nointr_nofail(s->signal_fd);
2856 if (s->syslog_fd >= 0)
2857 close_nointr_nofail(s->syslog_fd);
2859 if (s->native_fd >= 0)
2860 close_nointr_nofail(s->native_fd);
2862 if (s->stdout_fd >= 0)
2863 close_nointr_nofail(s->stdout_fd);
2865 if (s->proc_kmsg_fd >= 0)
2866 close_nointr_nofail(s->proc_kmsg_fd);
2869 journal_rate_limit_free(s->rate_limit);
2875 int main(int argc, char *argv[]) {
2879 /* if (getppid() != 1) { */
2880 /* log_error("This program should be invoked by init only."); */
2881 /* return EXIT_FAILURE; */
2885 log_error("This program does not take arguments.");
2886 return EXIT_FAILURE;
2889 log_set_target(LOG_TARGET_SAFE);
2890 log_set_facility(LOG_SYSLOG);
2891 log_parse_environment();
2896 r = server_init(&server);
2900 server_vacuum(&server);
2901 server_flush_to_var(&server);
2902 server_flush_proc_kmsg(&server);
2904 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2905 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2909 "STATUS=Processing requests...");
2912 struct epoll_event event;
2914 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2920 log_error("epoll_wait() failed: %m");
2926 r = process_event(&server, &event);
2933 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2934 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2938 "STATUS=Shutting down...");
2940 server_done(&server);
2942 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;