1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define RECHECK_VAR_AVAILABLE_USEC (30*USEC_PER_SEC)
74 #define N_IOVEC_META_FIELDS 17
76 #define ENTRY_SIZE_MAX (1024*1024*32)
78 typedef enum StdoutStreamState {
79 STDOUT_STREAM_IDENTIFIER,
80 STDOUT_STREAM_PRIORITY,
81 STDOUT_STREAM_LEVEL_PREFIX,
82 STDOUT_STREAM_FORWARD_TO_SYSLOG,
83 STDOUT_STREAM_FORWARD_TO_KMSG,
84 STDOUT_STREAM_FORWARD_TO_CONSOLE,
90 StdoutStreamState state;
96 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static int server_flush_to_var(Server *s);
114 static uint64_t available_space(Server *s) {
119 uint64_t sum = 0, avail = 0, ss_avail = 0;
125 ts = now(CLOCK_MONOTONIC);
127 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
128 return s->cached_available_space;
130 r = sd_id128_get_machine(&machine);
134 if (s->system_journal) {
135 f = "/var/log/journal/";
136 m = &s->system_metrics;
138 f = "/run/log/journal/";
139 m = &s->runtime_metrics;
144 p = strappend(f, sd_id128_to_string(machine, ids));
154 if (fstatvfs(dirfd(d), &ss) < 0)
159 struct dirent buf, *de;
161 r = readdir_r(d, &buf, &de);
168 if (!endswith(de->d_name, ".journal") &&
169 !endswith(de->d_name, ".journal~"))
172 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
175 if (!S_ISREG(st.st_mode))
178 sum += (uint64_t) st.st_blocks * 512UL;
181 avail = sum >= m->max_use ? 0 : m->max_use - sum;
183 ss_avail = ss.f_bsize * ss.f_bavail;
185 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
187 if (ss_avail < avail)
190 s->cached_available_space = avail;
191 s->cached_available_space_timestamp = ts;
199 static void server_read_file_gid(Server *s) {
200 const char *adm = "adm";
205 if (s->file_gid_valid)
208 r = get_group_creds(&adm, &s->file_gid);
210 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
212 /* if we couldn't read the gid, then it will be 0, but that's
213 * fine and we shouldn't try to resolve the group again, so
214 * let's just pretend it worked right-away. */
215 s->file_gid_valid = true;
218 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
223 acl_permset_t permset;
228 server_read_file_gid(s);
230 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
232 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
238 acl = acl_get_fd(f->fd);
240 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
244 r = acl_find_uid(acl, uid, &entry);
247 if (acl_create_entry(&acl, &entry) < 0 ||
248 acl_set_tag_type(entry, ACL_USER) < 0 ||
249 acl_set_qualifier(entry, &uid) < 0) {
250 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
255 if (acl_get_permset(entry, &permset) < 0 ||
256 acl_add_perm(permset, ACL_READ) < 0 ||
257 acl_calc_mask(&acl) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
262 if (acl_set_fd(f->fd, acl) < 0)
263 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
270 static JournalFile* find_journal(Server *s, uid_t uid) {
279 /* We split up user logs only on /var, not on /run. If the
280 * runtime file is open, we write to it exclusively, in order
281 * to guarantee proper order as soon as we flush /run to
282 * /var and close the runtime file. */
284 if (s->runtime_journal)
285 return s->runtime_journal;
288 return s->system_journal;
290 r = sd_id128_get_machine(&machine);
292 return s->system_journal;
294 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
298 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
299 return s->system_journal;
301 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
302 /* Too many open? Then let's close one */
303 f = hashmap_steal_first(s->user_journals);
305 journal_file_close(f);
308 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
312 return s->system_journal;
314 server_fix_perms(s, f, uid);
316 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
318 journal_file_close(f);
319 return s->system_journal;
325 static void server_rotate(Server *s) {
331 log_info("Rotating...");
333 if (s->runtime_journal) {
334 r = journal_file_rotate(&s->runtime_journal);
336 if (s->runtime_journal)
337 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
339 log_error("Failed to create new runtime journal: %s", strerror(-r));
341 server_fix_perms(s, s->runtime_journal, 0);
344 if (s->system_journal) {
345 r = journal_file_rotate(&s->system_journal);
347 if (s->system_journal)
348 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
350 log_error("Failed to create new system journal: %s", strerror(-r));
353 server_fix_perms(s, s->system_journal, 0);
356 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
357 r = journal_file_rotate(&f);
360 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
362 log_error("Failed to create user journal: %s", strerror(-r));
364 hashmap_replace(s->user_journals, k, f);
365 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
370 static void server_vacuum(Server *s) {
376 log_info("Vacuuming...");
378 r = sd_id128_get_machine(&machine);
380 log_error("Failed to get machine ID: %s", strerror(-r));
384 sd_id128_to_string(machine, ids);
386 if (s->system_journal) {
387 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
388 log_error("Out of memory.");
392 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
393 if (r < 0 && r != -ENOENT)
394 log_error("Failed to vacuum %s: %s", p, strerror(-r));
399 if (s->runtime_journal) {
400 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
401 log_error("Out of memory.");
405 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
406 if (r < 0 && r != -ENOENT)
407 log_error("Failed to vacuum %s: %s", p, strerror(-r));
411 s->cached_available_space_timestamp = 0;
414 static char *shortened_cgroup_path(pid_t pid) {
416 char *process_path, *init_path, *path;
420 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
424 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
430 if (endswith(init_path, "/system"))
431 init_path[strlen(init_path) - 7] = 0;
432 else if (streq(init_path, "/"))
435 if (startswith(process_path, init_path)) {
438 p = strdup(process_path + strlen(init_path));
456 static void dispatch_message_real(
458 struct iovec *iovec, unsigned n, unsigned m,
461 const char *label, size_t label_len) {
463 char *pid = NULL, *uid = NULL, *gid = NULL,
464 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
465 *comm = NULL, *cmdline = NULL, *hostname = NULL,
466 *audit_session = NULL, *audit_loginuid = NULL,
467 *exe = NULL, *cgroup = NULL, *session = NULL,
468 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
474 uid_t loginuid = 0, realuid = 0;
476 bool vacuumed = false;
481 assert(n + N_IOVEC_META_FIELDS <= m);
489 realuid = ucred->uid;
491 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
492 IOVEC_SET_STRING(iovec[n++], pid);
494 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
495 IOVEC_SET_STRING(iovec[n++], uid);
497 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
498 IOVEC_SET_STRING(iovec[n++], gid);
500 r = get_process_comm(ucred->pid, &t);
502 comm = strappend("_COMM=", t);
506 IOVEC_SET_STRING(iovec[n++], comm);
509 r = get_process_exe(ucred->pid, &t);
511 exe = strappend("_EXE=", t);
515 IOVEC_SET_STRING(iovec[n++], exe);
518 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
520 cmdline = strappend("_CMDLINE=", t);
524 IOVEC_SET_STRING(iovec[n++], cmdline);
527 r = audit_session_from_pid(ucred->pid, &audit);
529 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
530 IOVEC_SET_STRING(iovec[n++], audit_session);
532 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
534 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
535 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
537 t = shortened_cgroup_path(ucred->pid);
539 cgroup = strappend("_SYSTEMD_CGROUP=", t);
543 IOVEC_SET_STRING(iovec[n++], cgroup);
547 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
548 session = strappend("_SYSTEMD_SESSION=", t);
552 IOVEC_SET_STRING(iovec[n++], session);
555 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
556 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
557 IOVEC_SET_STRING(iovec[n++], owner_uid);
560 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
561 unit = strappend("_SYSTEMD_UNIT=", t);
565 IOVEC_SET_STRING(iovec[n++], unit);
570 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
571 if (selinux_context) {
572 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
573 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
574 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
575 IOVEC_SET_STRING(iovec[n++], selinux_context);
578 security_context_t con;
580 if (getpidcon(ucred->pid, &con) >= 0) {
581 selinux_context = strappend("_SELINUX_CONTEXT=", con);
583 IOVEC_SET_STRING(iovec[n++], selinux_context);
592 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
593 (unsigned long long) timeval_load(tv)) >= 0)
594 IOVEC_SET_STRING(iovec[n++], source_time);
597 /* Note that strictly speaking storing the boot id here is
598 * redundant since the entry includes this in-line
599 * anyway. However, we need this indexed, too. */
600 r = sd_id128_get_boot(&id);
602 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
603 IOVEC_SET_STRING(iovec[n++], boot_id);
605 r = sd_id128_get_machine(&id);
607 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
608 IOVEC_SET_STRING(iovec[n++], machine_id);
610 t = gethostname_malloc();
612 hostname = strappend("_HOSTNAME=", t);
615 IOVEC_SET_STRING(iovec[n++], hostname);
620 server_flush_to_var(s);
623 f = find_journal(s, realuid == 0 ? 0 : loginuid);
625 log_warning("Dropping message, as we can't find a place to store the data.");
627 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
629 if ((r == -E2BIG || /* hit limit */
630 r == -EFBIG || /* hit fs limit */
631 r == -EDQUOT || /* quota hit */
632 r == -ENOSPC || /* disk full */
633 r == -EBADMSG || /* corrupted */
634 r == -ENODATA || /* truncated */
635 r == -EHOSTDOWN || /* other machine */
636 r == -EPROTONOSUPPORT) && /* unsupported feature */
640 log_info("Allocation limit reached, rotating.");
642 log_warning("Journal file corrupted, rotating.");
648 log_info("Retrying write.");
653 log_error("Failed to write entry, ignoring: %s", strerror(-r));
667 free(audit_loginuid);
672 free(selinux_context);
675 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
676 char mid[11 + 32 + 1];
677 char buffer[16 + LINE_MAX + 1];
678 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
686 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
687 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
689 memcpy(buffer, "MESSAGE=", 8);
690 va_start(ap, format);
691 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
693 char_array_0(buffer);
694 IOVEC_SET_STRING(iovec[n++], buffer);
696 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
698 IOVEC_SET_STRING(iovec[n++], mid);
701 ucred.pid = getpid();
702 ucred.uid = getuid();
703 ucred.gid = getgid();
705 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0);
708 static void dispatch_message(Server *s,
709 struct iovec *iovec, unsigned n, unsigned m,
712 const char *label, size_t label_len,
715 char *path = NULL, *c;
718 assert(iovec || n == 0);
726 path = shortened_cgroup_path(ucred->pid);
730 /* example: /user/lennart/3/foobar
731 * /system/dbus.service/foobar
733 * So let's cut of everything past the third /, since that is
734 * wher user directories start */
736 c = strchr(path, '/');
738 c = strchr(c+1, '/');
740 c = strchr(c+1, '/');
746 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
753 /* Write a suppression message if we suppressed something */
755 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
760 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len);
763 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
764 struct msghdr msghdr;
765 struct cmsghdr *cmsg;
767 struct cmsghdr cmsghdr;
768 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
770 union sockaddr_union sa;
777 msghdr.msg_iov = (struct iovec*) iovec;
778 msghdr.msg_iovlen = n_iovec;
781 sa.un.sun_family = AF_UNIX;
782 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
783 msghdr.msg_name = &sa;
784 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
788 msghdr.msg_control = &control;
789 msghdr.msg_controllen = sizeof(control);
791 cmsg = CMSG_FIRSTHDR(&msghdr);
792 cmsg->cmsg_level = SOL_SOCKET;
793 cmsg->cmsg_type = SCM_CREDENTIALS;
794 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
795 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
796 msghdr.msg_controllen = cmsg->cmsg_len;
799 /* Forward the syslog message we received via /dev/log to
800 * /run/systemd/syslog. Unfortunately we currently can't set
801 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
803 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
806 /* The socket is full? I guess the syslog implementation is
807 * too slow, and we shouldn't wait for that... */
811 if (ucred && errno == ESRCH) {
814 /* Hmm, presumably the sender process vanished
815 * by now, so let's fix it as good as we
820 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
822 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
829 log_debug("Failed to forward syslog message: %m");
832 static void forward_syslog_raw(Server *s, const char *buffer, struct ucred *ucred, struct timeval *tv) {
838 IOVEC_SET_STRING(iovec, buffer);
839 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
842 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
843 struct iovec iovec[5];
844 char header_priority[6], header_time[64], header_pid[16];
848 char *ident_buf = NULL;
851 assert(priority >= 0);
852 assert(priority <= 999);
855 /* First: priority field */
856 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
857 char_array_0(header_priority);
858 IOVEC_SET_STRING(iovec[n++], header_priority);
860 /* Second: timestamp */
861 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
865 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
867 IOVEC_SET_STRING(iovec[n++], header_time);
869 /* Third: identifier and PID */
872 get_process_comm(ucred->pid, &ident_buf);
873 identifier = ident_buf;
876 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
877 char_array_0(header_pid);
880 IOVEC_SET_STRING(iovec[n++], identifier);
882 IOVEC_SET_STRING(iovec[n++], header_pid);
883 } else if (identifier) {
884 IOVEC_SET_STRING(iovec[n++], identifier);
885 IOVEC_SET_STRING(iovec[n++], ": ");
888 /* Fourth: message */
889 IOVEC_SET_STRING(iovec[n++], message);
891 forward_syslog_iovec(s, iovec, n, ucred, tv);
896 static int fixup_priority(int priority) {
898 if ((priority & LOG_FACMASK) == 0)
899 return (priority & LOG_PRIMASK) | LOG_USER;
904 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
905 struct iovec iovec[5];
906 char header_priority[6], header_pid[16];
908 char *ident_buf = NULL;
912 assert(priority >= 0);
913 assert(priority <= 999);
916 /* Never allow messages with kernel facility to be written to
917 * kmsg, regardless where the data comes from. */
918 priority = fixup_priority(priority);
920 /* First: priority field */
921 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
922 char_array_0(header_priority);
923 IOVEC_SET_STRING(iovec[n++], header_priority);
925 /* Second: identifier and PID */
928 get_process_comm(ucred->pid, &ident_buf);
929 identifier = ident_buf;
932 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
933 char_array_0(header_pid);
936 IOVEC_SET_STRING(iovec[n++], identifier);
938 IOVEC_SET_STRING(iovec[n++], header_pid);
939 } else if (identifier) {
940 IOVEC_SET_STRING(iovec[n++], identifier);
941 IOVEC_SET_STRING(iovec[n++], ": ");
944 /* Fourth: message */
945 IOVEC_SET_STRING(iovec[n++], message);
946 IOVEC_SET_STRING(iovec[n++], "\n");
948 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
950 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
954 if (writev(fd, iovec, n) < 0)
955 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
957 close_nointr_nofail(fd);
963 static void forward_console(Server *s, const char *identifier, const char *message, struct ucred *ucred) {
964 struct iovec iovec[4];
967 char *ident_buf = NULL;
973 /* First: identifier and PID */
976 get_process_comm(ucred->pid, &ident_buf);
977 identifier = ident_buf;
980 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
981 char_array_0(header_pid);
984 IOVEC_SET_STRING(iovec[n++], identifier);
986 IOVEC_SET_STRING(iovec[n++], header_pid);
987 } else if (identifier) {
988 IOVEC_SET_STRING(iovec[n++], identifier);
989 IOVEC_SET_STRING(iovec[n++], ": ");
993 IOVEC_SET_STRING(iovec[n++], message);
994 IOVEC_SET_STRING(iovec[n++], "\n");
996 tty = s->tty_path ? s->tty_path : "/dev/console";
998 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1000 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1004 if (writev(fd, iovec, n) < 0)
1005 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1007 close_nointr_nofail(fd);
1013 static void read_identifier(const char **buf, char **identifier, char **pid) {
1024 p += strspn(p, WHITESPACE);
1025 l = strcspn(p, WHITESPACE);
1034 if (p[l-1] == ']') {
1040 t = strndup(p+k+1, l-k-2);
1060 *buf += strspn(*buf, WHITESPACE);
1063 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1064 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1065 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1067 int priority = LOG_USER | LOG_INFO;
1068 char *identifier = NULL, *pid = NULL;
1073 if (s->forward_to_syslog)
1074 forward_syslog_raw(s, buf, ucred, tv);
1076 parse_syslog_priority((char**) &buf, &priority);
1077 skip_syslog_date((char**) &buf);
1078 read_identifier(&buf, &identifier, &pid);
1080 if (s->forward_to_kmsg)
1081 forward_kmsg(s, priority, identifier, buf, ucred);
1083 if (s->forward_to_console)
1084 forward_console(s, identifier, buf, ucred);
1086 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1088 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1089 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1091 if (priority & LOG_FACMASK)
1092 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1093 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1096 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1097 if (syslog_identifier)
1098 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1102 syslog_pid = strappend("SYSLOG_PID=", pid);
1104 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1107 message = strappend("MESSAGE=", buf);
1109 IOVEC_SET_STRING(iovec[n++], message);
1111 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, priority);
1116 free(syslog_priority);
1117 free(syslog_facility);
1118 free(syslog_identifier);
1121 static bool valid_user_field(const char *p, size_t l) {
1124 /* We kinda enforce POSIX syntax recommendations for
1125 environment variables here, but make a couple of additional
1128 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1130 /* No empty field names */
1134 /* Don't allow names longer than 64 chars */
1138 /* Variables starting with an underscore are protected */
1142 /* Don't allow digits as first character */
1143 if (p[0] >= '0' && p[0] <= '9')
1146 /* Only allow A-Z0-9 and '_' */
1147 for (a = p; a < p + l; a++)
1148 if (!((*a >= 'A' && *a <= 'Z') ||
1149 (*a >= '0' && *a <= '9') ||
1156 static void process_native_message(
1158 const void *buffer, size_t buffer_size,
1159 struct ucred *ucred,
1161 const char *label, size_t label_len) {
1163 struct iovec *iovec = NULL;
1164 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1167 int priority = LOG_INFO;
1168 char *identifier = NULL, *message = NULL;
1171 assert(buffer || buffer_size == 0);
1174 remaining = buffer_size;
1176 while (remaining > 0) {
1179 e = memchr(p, '\n', remaining);
1182 /* Trailing noise, let's ignore it, and flush what we collected */
1183 log_debug("Received message with trailing noise, ignoring.");
1188 /* Entry separator */
1189 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1191 priority = LOG_INFO;
1198 if (*p == '.' || *p == '#') {
1199 /* Ignore control commands for now, and
1201 remaining -= (e - p) + 1;
1206 /* A property follows */
1208 if (n+N_IOVEC_META_FIELDS >= m) {
1212 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1213 c = realloc(iovec, u * sizeof(struct iovec));
1215 log_error("Out of memory");
1223 q = memchr(p, '=', e - p);
1225 if (valid_user_field(p, q - p)) {
1230 /* If the field name starts with an
1231 * underscore, skip the variable,
1232 * since that indidates a trusted
1234 iovec[n].iov_base = (char*) p;
1235 iovec[n].iov_len = l;
1238 /* We need to determine the priority
1239 * of this entry for the rate limiting
1242 memcmp(p, "PRIORITY=", 9) == 0 &&
1243 p[9] >= '0' && p[9] <= '9')
1244 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1247 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1248 p[16] >= '0' && p[16] <= '9')
1249 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1252 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1253 p[16] >= '0' && p[16] <= '9' &&
1254 p[17] >= '0' && p[17] <= '9')
1255 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1258 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1261 t = strndup(p + 18, l - 18);
1266 } else if (l >= 8 &&
1267 memcmp(p, "MESSAGE=", 8) == 0) {
1270 t = strndup(p + 8, l - 8);
1278 remaining -= (e - p) + 1;
1286 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1287 log_debug("Failed to parse message, ignoring.");
1291 memcpy(&l_le, e + 1, sizeof(uint64_t));
1294 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1295 e[1+sizeof(uint64_t)+l] != '\n') {
1296 log_debug("Failed to parse message, ignoring.");
1300 k = malloc((e - p) + 1 + l);
1302 log_error("Out of memory");
1306 memcpy(k, p, e - p);
1308 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1310 if (valid_user_field(p, e - p)) {
1311 iovec[n].iov_base = k;
1312 iovec[n].iov_len = (e - p) + 1 + l;
1317 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1318 p = e + 1 + sizeof(uint64_t) + l + 1;
1326 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1329 if (s->forward_to_syslog)
1330 forward_syslog(s, priority, identifier, message, ucred, tv);
1332 if (s->forward_to_kmsg)
1333 forward_kmsg(s, priority, identifier, message, ucred);
1335 if (s->forward_to_console)
1336 forward_console(s, identifier, message, ucred);
1339 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, priority);
1342 for (j = 0; j < n; j++) {
1346 if (iovec[j].iov_base < buffer ||
1347 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1348 free(iovec[j].iov_base);
1356 static void process_native_file(
1359 struct ucred *ucred,
1361 const char *label, size_t label_len) {
1370 /* Data is in the passed file, since it didn't fit in a
1371 * datagram. We can't map the file here, since clients might
1372 * then truncate it and trigger a SIGBUS for us. So let's
1373 * stupidly read it */
1375 if (fstat(fd, &st) < 0) {
1376 log_error("Failed to stat passed file, ignoring: %m");
1380 if (!S_ISREG(st.st_mode)) {
1381 log_error("File passed is not regular. Ignoring.");
1385 if (st.st_size <= 0)
1388 if (st.st_size > ENTRY_SIZE_MAX) {
1389 log_error("File passed too large. Ignoring.");
1393 p = malloc(st.st_size);
1395 log_error("Out of memory");
1399 n = pread(fd, p, st.st_size, 0);
1401 log_error("Failed to read file, ignoring: %s", strerror(-n));
1403 process_native_message(s, p, n, ucred, tv, label, label_len);
1408 static int stdout_stream_log(StdoutStream *s, const char *p) {
1409 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1410 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1414 size_t label_len = 0;
1422 priority = s->priority;
1424 if (s->level_prefix)
1425 parse_syslog_priority((char**) &p, &priority);
1427 if (s->forward_to_syslog || s->server->forward_to_syslog)
1428 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1430 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1431 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1433 if (s->forward_to_console || s->server->forward_to_console)
1434 forward_console(s->server, s->identifier, p, &s->ucred);
1436 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1438 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1439 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1441 if (priority & LOG_FACMASK)
1442 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1443 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1445 if (s->identifier) {
1446 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1447 if (syslog_identifier)
1448 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1451 message = strappend("MESSAGE=", p);
1453 IOVEC_SET_STRING(iovec[n++], message);
1456 if (s->security_context) {
1457 label = (char*) s->security_context;
1458 label_len = strlen((char*) s->security_context);
1462 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, priority);
1465 free(syslog_priority);
1466 free(syslog_facility);
1467 free(syslog_identifier);
1472 static int stdout_stream_line(StdoutStream *s, char *p) {
1482 case STDOUT_STREAM_IDENTIFIER:
1484 s->identifier = NULL;
1486 s->identifier = strdup(p);
1487 if (!s->identifier) {
1488 log_error("Out of memory");
1493 s->state = STDOUT_STREAM_PRIORITY;
1496 case STDOUT_STREAM_PRIORITY:
1497 r = safe_atoi(p, &s->priority);
1498 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1499 log_warning("Failed to parse log priority line.");
1503 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1506 case STDOUT_STREAM_LEVEL_PREFIX:
1507 r = parse_boolean(p);
1509 log_warning("Failed to parse level prefix line.");
1513 s->level_prefix = !!r;
1514 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1517 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1518 r = parse_boolean(p);
1520 log_warning("Failed to parse forward to syslog line.");
1524 s->forward_to_syslog = !!r;
1525 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1528 case STDOUT_STREAM_FORWARD_TO_KMSG:
1529 r = parse_boolean(p);
1531 log_warning("Failed to parse copy to kmsg line.");
1535 s->forward_to_kmsg = !!r;
1536 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1539 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1540 r = parse_boolean(p);
1542 log_warning("Failed to parse copy to console line.");
1546 s->forward_to_console = !!r;
1547 s->state = STDOUT_STREAM_RUNNING;
1550 case STDOUT_STREAM_RUNNING:
1551 return stdout_stream_log(s, p);
1554 assert_not_reached("Unknown stream state");
1557 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1565 remaining = s->length;
1570 end = memchr(p, '\n', remaining);
1573 else if (remaining >= sizeof(s->buffer) - 1) {
1574 end = p + sizeof(s->buffer) - 1;
1581 r = stdout_stream_line(s, p);
1589 if (force_flush && remaining > 0) {
1591 r = stdout_stream_line(s, p);
1599 if (p > s->buffer) {
1600 memmove(s->buffer, p, remaining);
1601 s->length = remaining;
1607 static int stdout_stream_process(StdoutStream *s) {
1613 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1616 if (errno == EAGAIN)
1619 log_warning("Failed to read from stream: %m");
1624 r = stdout_stream_scan(s, true);
1632 r = stdout_stream_scan(s, false);
1640 static void stdout_stream_free(StdoutStream *s) {
1644 assert(s->server->n_stdout_streams > 0);
1645 s->server->n_stdout_streams --;
1646 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1651 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1653 close_nointr_nofail(s->fd);
1657 if (s->security_context)
1658 freecon(s->security_context);
1661 free(s->identifier);
1665 static int stdout_stream_new(Server *s) {
1666 StdoutStream *stream;
1669 struct epoll_event ev;
1673 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1675 if (errno == EAGAIN)
1678 log_error("Failed to accept stdout connection: %m");
1682 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1683 log_warning("Too many stdout streams, refusing connection.");
1684 close_nointr_nofail(fd);
1688 stream = new0(StdoutStream, 1);
1690 log_error("Out of memory.");
1691 close_nointr_nofail(fd);
1697 len = sizeof(stream->ucred);
1698 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1699 log_error("Failed to determine peer credentials: %m");
1705 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1706 log_error("Failed to determine peer security context: %m");
1709 if (shutdown(fd, SHUT_WR) < 0) {
1710 log_error("Failed to shutdown writing side of socket: %m");
1716 ev.data.ptr = stream;
1717 ev.events = EPOLLIN;
1718 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1719 log_error("Failed to add stream to event loop: %m");
1725 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1726 s->n_stdout_streams ++;
1731 stdout_stream_free(stream);
1735 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1746 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1751 for (i = 1; i <= 5; i++) {
1757 k = undecchar(p[i]);
1764 for (i = 7; i <= 12; i++) {
1767 k = undecchar(p[i]);
1776 *_p += strspn(*_p, WHITESPACE);
1781 static bool is_us(const char *pid) {
1786 if (parse_pid(pid, &t) < 0)
1789 return t == getpid();
1792 static void proc_kmsg_line(Server *s, const char *p) {
1793 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1794 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1795 int priority = LOG_KERN | LOG_INFO;
1798 char *identifier = NULL, *pid = NULL;
1806 parse_syslog_priority((char **) &p, &priority);
1808 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1811 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1812 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1813 (unsigned long long) usec) >= 0)
1814 IOVEC_SET_STRING(iovec[n++], source_time);
1817 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1819 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1820 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1822 if ((priority & LOG_FACMASK) == LOG_KERN) {
1824 if (s->forward_to_syslog)
1825 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1827 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1829 read_identifier(&p, &identifier, &pid);
1831 /* Avoid any messages we generated ourselves via
1832 * log_info() and friends. */
1833 if (pid && is_us(pid))
1836 if (s->forward_to_syslog)
1837 forward_syslog(s, priority, identifier, p, NULL, NULL);
1840 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1841 if (syslog_identifier)
1842 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1846 syslog_pid = strappend("SYSLOG_PID=", pid);
1848 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1851 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1852 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1855 message = strappend("MESSAGE=", p);
1857 IOVEC_SET_STRING(iovec[n++], message);
1859 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, priority);
1863 free(syslog_priority);
1864 free(syslog_identifier);
1866 free(syslog_facility);
1872 static void proc_kmsg_scan(Server *s) {
1878 p = s->proc_kmsg_buffer;
1879 remaining = s->proc_kmsg_length;
1884 end = memchr(p, '\n', remaining);
1887 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1888 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1895 proc_kmsg_line(s, p);
1901 if (p > s->proc_kmsg_buffer) {
1902 memmove(s->proc_kmsg_buffer, p, remaining);
1903 s->proc_kmsg_length = remaining;
1907 static int system_journal_open(Server *s) {
1913 r = sd_id128_get_machine(&machine);
1917 sd_id128_to_string(machine, ids);
1919 if (!s->system_journal) {
1921 /* First try to create the machine path, but not the prefix */
1922 fn = strappend("/var/log/journal/", ids);
1925 (void) mkdir(fn, 0755);
1928 /* The create the system journal file */
1929 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1933 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1937 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
1939 s->system_journal->metrics = s->system_metrics;
1940 s->system_journal->compress = s->compress;
1942 server_fix_perms(s, s->system_journal, 0);
1945 if (r != -ENOENT && r != -EROFS)
1946 log_warning("Failed to open system journal: %s", strerror(-r));
1952 if (!s->runtime_journal) {
1954 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1958 if (s->system_journal) {
1960 /* Try to open the runtime journal, but only
1961 * if it already exists, so that we can flush
1962 * it into the system journal */
1964 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
1969 log_warning("Failed to open runtime journal: %s", strerror(-r));
1976 /* OK, we really need the runtime journal, so create
1977 * it if necessary. */
1979 (void) mkdir_parents_label(fn, 0755);
1980 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
1984 log_error("Failed to open runtime journal: %s", strerror(-r));
1989 if (s->runtime_journal) {
1990 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
1992 s->runtime_journal->metrics = s->runtime_metrics;
1993 s->runtime_journal->compress = s->compress;
1995 server_fix_perms(s, s->runtime_journal, 0);
2002 static int server_flush_to_var(Server *s) {
2003 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2012 if (!s->runtime_journal)
2015 ts = now(CLOCK_MONOTONIC);
2016 if (s->var_available_timestamp + RECHECK_VAR_AVAILABLE_USEC > ts)
2019 s->var_available_timestamp = ts;
2021 system_journal_open(s);
2023 if (!s->system_journal)
2026 log_info("Flushing to /var...");
2028 r = sd_id128_get_machine(&machine);
2030 log_error("Failed to get machine id: %s", strerror(-r));
2034 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2036 log_error("Failed to read runtime journal: %s", strerror(-r));
2040 SD_JOURNAL_FOREACH(j) {
2043 f = j->current_file;
2044 assert(f && f->current_offset > 0);
2046 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2048 log_error("Can't read entry: %s", strerror(-r));
2052 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2054 log_info("Allocation limit reached.");
2056 journal_file_post_change(s->system_journal);
2060 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2064 log_error("Can't write entry: %s", strerror(-r));
2070 journal_file_post_change(s->system_journal);
2072 journal_file_close(s->runtime_journal);
2073 s->runtime_journal = NULL;
2076 sd_id128_to_string(machine, path + 17);
2077 rm_rf(path, false, true, false);
2083 static int server_read_proc_kmsg(Server *s) {
2086 assert(s->proc_kmsg_fd >= 0);
2088 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2091 if (errno == EAGAIN || errno == EINTR)
2094 log_error("Failed to read from kernel: %m");
2098 s->proc_kmsg_length += l;
2104 static int server_flush_proc_kmsg(Server *s) {
2109 if (s->proc_kmsg_fd < 0)
2112 log_info("Flushing /proc/kmsg...");
2115 r = server_read_proc_kmsg(s);
2126 static int process_event(Server *s, struct epoll_event *ev) {
2129 if (ev->data.fd == s->signal_fd) {
2130 struct signalfd_siginfo sfsi;
2133 if (ev->events != EPOLLIN) {
2134 log_info("Got invalid event from epoll.");
2138 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2139 if (n != sizeof(sfsi)) {
2144 if (errno == EINTR || errno == EAGAIN)
2150 if (sfsi.ssi_signo == SIGUSR1) {
2151 server_flush_to_var(s);
2155 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2158 } else if (ev->data.fd == s->proc_kmsg_fd) {
2161 if (ev->events != EPOLLIN) {
2162 log_info("Got invalid event from epoll.");
2166 r = server_read_proc_kmsg(s);
2172 } else if (ev->data.fd == s->native_fd ||
2173 ev->data.fd == s->syslog_fd) {
2175 if (ev->events != EPOLLIN) {
2176 log_info("Got invalid event from epoll.");
2181 struct msghdr msghdr;
2183 struct ucred *ucred = NULL;
2184 struct timeval *tv = NULL;
2185 struct cmsghdr *cmsg;
2187 size_t label_len = 0;
2189 struct cmsghdr cmsghdr;
2191 /* We use NAME_MAX space for the
2192 * SELinux label here. The kernel
2193 * currently enforces no limit, but
2194 * according to suggestions from the
2195 * SELinux people this will change and
2196 * it will probably be identical to
2197 * NAME_MAX. For now we use that, but
2198 * this should be updated one day when
2199 * the final limit is known.*/
2200 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2201 CMSG_SPACE(sizeof(struct timeval)) +
2202 CMSG_SPACE(sizeof(int)) + /* fd */
2203 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2210 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2211 log_error("SIOCINQ failed: %m");
2215 if (s->buffer_size < (size_t) v) {
2219 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2220 b = realloc(s->buffer, l+1);
2223 log_error("Couldn't increase buffer.");
2232 iovec.iov_base = s->buffer;
2233 iovec.iov_len = s->buffer_size;
2237 msghdr.msg_iov = &iovec;
2238 msghdr.msg_iovlen = 1;
2239 msghdr.msg_control = &control;
2240 msghdr.msg_controllen = sizeof(control);
2242 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2245 if (errno == EINTR || errno == EAGAIN)
2248 log_error("recvmsg() failed: %m");
2252 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2254 if (cmsg->cmsg_level == SOL_SOCKET &&
2255 cmsg->cmsg_type == SCM_CREDENTIALS &&
2256 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2257 ucred = (struct ucred*) CMSG_DATA(cmsg);
2258 else if (cmsg->cmsg_level == SOL_SOCKET &&
2259 cmsg->cmsg_type == SCM_SECURITY) {
2260 label = (char*) CMSG_DATA(cmsg);
2261 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2262 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2263 cmsg->cmsg_type == SO_TIMESTAMP &&
2264 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2265 tv = (struct timeval*) CMSG_DATA(cmsg);
2266 else if (cmsg->cmsg_level == SOL_SOCKET &&
2267 cmsg->cmsg_type == SCM_RIGHTS) {
2268 fds = (int*) CMSG_DATA(cmsg);
2269 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2273 if (ev->data.fd == s->syslog_fd) {
2276 if (n > 0 && n_fds == 0) {
2277 e = memchr(s->buffer, '\n', n);
2283 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2284 } else if (n_fds > 0)
2285 log_warning("Got file descriptors via syslog socket. Ignoring.");
2288 if (n > 0 && n_fds == 0)
2289 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2290 else if (n == 0 && n_fds == 1)
2291 process_native_file(s, fds[0], ucred, tv, label, label_len);
2293 log_warning("Got too many file descriptors via native socket. Ignoring.");
2296 close_many(fds, n_fds);
2301 } else if (ev->data.fd == s->stdout_fd) {
2303 if (ev->events != EPOLLIN) {
2304 log_info("Got invalid event from epoll.");
2308 stdout_stream_new(s);
2312 StdoutStream *stream;
2314 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2315 log_info("Got invalid event from epoll.");
2319 /* If it is none of the well-known fds, it must be an
2320 * stdout stream fd. Note that this is a bit ugly here
2321 * (since we rely that none of the well-known fds
2322 * could be interpreted as pointer), but nonetheless
2323 * safe, since the well-known fds would never get an
2324 * fd > 4096, i.e. beyond the first memory page */
2326 stream = ev->data.ptr;
2328 if (stdout_stream_process(stream) <= 0)
2329 stdout_stream_free(stream);
2334 log_error("Unknown event.");
2338 static int open_syslog_socket(Server *s) {
2339 union sockaddr_union sa;
2341 struct epoll_event ev;
2345 if (s->syslog_fd < 0) {
2347 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2348 if (s->syslog_fd < 0) {
2349 log_error("socket() failed: %m");
2354 sa.un.sun_family = AF_UNIX;
2355 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2357 unlink(sa.un.sun_path);
2359 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2361 log_error("bind() failed: %m");
2365 chmod(sa.un.sun_path, 0666);
2367 fd_nonblock(s->syslog_fd, 1);
2370 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2372 log_error("SO_PASSCRED failed: %m");
2378 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2380 log_warning("SO_PASSSEC failed: %m");
2384 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2386 log_error("SO_TIMESTAMP failed: %m");
2391 ev.events = EPOLLIN;
2392 ev.data.fd = s->syslog_fd;
2393 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2394 log_error("Failed to add syslog server fd to epoll object: %m");
2401 static int open_native_socket(Server*s) {
2402 union sockaddr_union sa;
2404 struct epoll_event ev;
2408 if (s->native_fd < 0) {
2410 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2411 if (s->native_fd < 0) {
2412 log_error("socket() failed: %m");
2417 sa.un.sun_family = AF_UNIX;
2418 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2420 unlink(sa.un.sun_path);
2422 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2424 log_error("bind() failed: %m");
2428 chmod(sa.un.sun_path, 0666);
2430 fd_nonblock(s->native_fd, 1);
2433 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2435 log_error("SO_PASSCRED failed: %m");
2441 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2443 log_warning("SO_PASSSEC failed: %m");
2447 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2449 log_error("SO_TIMESTAMP failed: %m");
2454 ev.events = EPOLLIN;
2455 ev.data.fd = s->native_fd;
2456 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2457 log_error("Failed to add native server fd to epoll object: %m");
2464 static int open_stdout_socket(Server *s) {
2465 union sockaddr_union sa;
2467 struct epoll_event ev;
2471 if (s->stdout_fd < 0) {
2473 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2474 if (s->stdout_fd < 0) {
2475 log_error("socket() failed: %m");
2480 sa.un.sun_family = AF_UNIX;
2481 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2483 unlink(sa.un.sun_path);
2485 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2487 log_error("bind() failed: %m");
2491 chmod(sa.un.sun_path, 0666);
2493 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2494 log_error("liste() failed: %m");
2498 fd_nonblock(s->stdout_fd, 1);
2501 ev.events = EPOLLIN;
2502 ev.data.fd = s->stdout_fd;
2503 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2504 log_error("Failed to add stdout server fd to epoll object: %m");
2511 static int open_proc_kmsg(Server *s) {
2512 struct epoll_event ev;
2516 if (!s->import_proc_kmsg)
2519 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2520 if (s->proc_kmsg_fd < 0) {
2521 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2526 ev.events = EPOLLIN;
2527 ev.data.fd = s->proc_kmsg_fd;
2528 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2529 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2536 static int open_signalfd(Server *s) {
2538 struct epoll_event ev;
2542 assert_se(sigemptyset(&mask) == 0);
2543 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, -1);
2544 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2546 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2547 if (s->signal_fd < 0) {
2548 log_error("signalfd(): %m");
2553 ev.events = EPOLLIN;
2554 ev.data.fd = s->signal_fd;
2556 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2557 log_error("epoll_ctl(): %m");
2564 static int server_parse_proc_cmdline(Server *s) {
2565 char *line, *w, *state;
2569 if (detect_container(NULL) > 0)
2572 r = read_one_line_file("/proc/cmdline", &line);
2574 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2578 FOREACH_WORD_QUOTED(w, l, line, state) {
2581 word = strndup(w, l);
2587 if (startswith(word, "systemd_journald.forward_to_syslog=")) {
2588 r = parse_boolean(word + 35);
2590 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2592 s->forward_to_syslog = r;
2593 } else if (startswith(word, "systemd_journald.forward_to_kmsg=")) {
2594 r = parse_boolean(word + 33);
2596 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2598 s->forward_to_kmsg = r;
2599 } else if (startswith(word, "systemd_journald.forward_to_console=")) {
2600 r = parse_boolean(word + 36);
2602 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2604 s->forward_to_console = r;
2617 static int server_parse_config_file(Server *s) {
2624 fn = "/etc/systemd/journald.conf";
2625 f = fopen(fn, "re");
2627 if (errno == ENOENT)
2630 log_warning("Failed to open configuration file %s: %m", fn);
2634 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2636 log_warning("Failed to parse configuration file: %s", strerror(-r));
2643 static int server_init(Server *s) {
2649 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2652 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2653 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2655 s->forward_to_syslog = true;
2656 s->import_proc_kmsg = true;
2658 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2659 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2661 server_parse_config_file(s);
2662 server_parse_proc_cmdline(s);
2664 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2665 if (!s->user_journals) {
2666 log_error("Out of memory.");
2670 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2671 if (s->epoll_fd < 0) {
2672 log_error("Failed to create epoll object: %m");
2676 n = sd_listen_fds(true);
2678 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2682 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2684 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2686 if (s->native_fd >= 0) {
2687 log_error("Too many native sockets passed.");
2693 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2695 if (s->stdout_fd >= 0) {
2696 log_error("Too many stdout sockets passed.");
2702 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2704 if (s->syslog_fd >= 0) {
2705 log_error("Too many /dev/log sockets passed.");
2712 log_error("Unknown socket passed.");
2717 r = open_syslog_socket(s);
2721 r = open_native_socket(s);
2725 r = open_stdout_socket(s);
2729 r = open_proc_kmsg(s);
2733 r = open_signalfd(s);
2737 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2741 r = system_journal_open(s);
2748 static void server_done(Server *s) {
2752 while (s->stdout_streams)
2753 stdout_stream_free(s->stdout_streams);
2755 if (s->system_journal)
2756 journal_file_close(s->system_journal);
2758 if (s->runtime_journal)
2759 journal_file_close(s->runtime_journal);
2761 while ((f = hashmap_steal_first(s->user_journals)))
2762 journal_file_close(f);
2764 hashmap_free(s->user_journals);
2766 if (s->epoll_fd >= 0)
2767 close_nointr_nofail(s->epoll_fd);
2769 if (s->signal_fd >= 0)
2770 close_nointr_nofail(s->signal_fd);
2772 if (s->syslog_fd >= 0)
2773 close_nointr_nofail(s->syslog_fd);
2775 if (s->native_fd >= 0)
2776 close_nointr_nofail(s->native_fd);
2778 if (s->stdout_fd >= 0)
2779 close_nointr_nofail(s->stdout_fd);
2781 if (s->proc_kmsg_fd >= 0)
2782 close_nointr_nofail(s->proc_kmsg_fd);
2785 journal_rate_limit_free(s->rate_limit);
2791 int main(int argc, char *argv[]) {
2795 /* if (getppid() != 1) { */
2796 /* log_error("This program should be invoked by init only."); */
2797 /* return EXIT_FAILURE; */
2801 log_error("This program does not take arguments.");
2802 return EXIT_FAILURE;
2805 log_set_target(LOG_TARGET_SAFE);
2806 log_set_facility(LOG_SYSLOG);
2807 log_parse_environment();
2812 r = server_init(&server);
2816 server_vacuum(&server);
2817 server_flush_to_var(&server);
2818 server_flush_proc_kmsg(&server);
2820 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2821 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2825 "STATUS=Processing requests...");
2828 struct epoll_event event;
2830 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2836 log_error("epoll_wait() failed: %m");
2842 r = process_event(&server, &event);
2849 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2850 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2854 "STATUS=Shutting down...");
2856 server_done(&server);
2858 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;