1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
33 #include <systemd/sd-journal.h>
34 #include <systemd/sd-messages.h>
35 #include <systemd/sd-daemon.h>
38 #include <systemd/sd-login.h>
43 #include "journal-file.h"
44 #include "socket-util.h"
45 #include "cgroup-util.h"
47 #include "journal-rate-limit.h"
48 #include "journal-internal.h"
49 #include "conf-parser.h"
56 #include <acl/libacl.h>
61 #include <selinux/selinux.h>
64 #define USER_JOURNALS_MAX 1024
65 #define STDOUT_STREAMS_MAX 4096
67 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
68 #define DEFAULT_RATE_LIMIT_BURST 200
70 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
72 #define N_IOVEC_META_FIELDS 17
74 #define ENTRY_SIZE_MAX (1024*1024*32)
76 typedef enum StdoutStreamState {
77 STDOUT_STREAM_IDENTIFIER,
78 STDOUT_STREAM_UNIT_ID,
79 STDOUT_STREAM_PRIORITY,
80 STDOUT_STREAM_LEVEL_PREFIX,
81 STDOUT_STREAM_FORWARD_TO_SYSLOG,
82 STDOUT_STREAM_FORWARD_TO_KMSG,
83 STDOUT_STREAM_FORWARD_TO_CONSOLE,
89 StdoutStreamState state;
95 security_context_t security_context;
102 bool forward_to_syslog:1;
103 bool forward_to_kmsg:1;
104 bool forward_to_console:1;
106 char buffer[LINE_MAX+1];
109 LIST_FIELDS(StdoutStream, stdout_stream);
112 static const char* const storage_table[] = {
113 [STORAGE_AUTO] = "auto",
114 [STORAGE_VOLATILE] = "volatile",
115 [STORAGE_PERSISTENT] = "persistent",
116 [STORAGE_NONE] = "none"
119 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
120 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
122 static uint64_t available_space(Server *s) {
127 uint64_t sum = 0, avail = 0, ss_avail = 0;
133 ts = now(CLOCK_MONOTONIC);
135 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
136 return s->cached_available_space;
138 r = sd_id128_get_machine(&machine);
142 if (s->system_journal) {
143 f = "/var/log/journal/";
144 m = &s->system_metrics;
146 f = "/run/log/journal/";
147 m = &s->runtime_metrics;
152 p = strappend(f, sd_id128_to_string(machine, ids));
162 if (fstatvfs(dirfd(d), &ss) < 0)
167 struct dirent buf, *de;
169 r = readdir_r(d, &buf, &de);
176 if (!endswith(de->d_name, ".journal") &&
177 !endswith(de->d_name, ".journal~"))
180 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
183 if (!S_ISREG(st.st_mode))
186 sum += (uint64_t) st.st_blocks * 512UL;
189 avail = sum >= m->max_use ? 0 : m->max_use - sum;
191 ss_avail = ss.f_bsize * ss.f_bavail;
193 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
195 if (ss_avail < avail)
198 s->cached_available_space = avail;
199 s->cached_available_space_timestamp = ts;
207 static void server_read_file_gid(Server *s) {
208 const char *adm = "adm";
213 if (s->file_gid_valid)
216 r = get_group_creds(&adm, &s->file_gid);
218 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
220 /* if we couldn't read the gid, then it will be 0, but that's
221 * fine and we shouldn't try to resolve the group again, so
222 * let's just pretend it worked right-away. */
223 s->file_gid_valid = true;
226 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
231 acl_permset_t permset;
236 server_read_file_gid(s);
238 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
240 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
246 acl = acl_get_fd(f->fd);
248 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
252 r = acl_find_uid(acl, uid, &entry);
255 if (acl_create_entry(&acl, &entry) < 0 ||
256 acl_set_tag_type(entry, ACL_USER) < 0 ||
257 acl_set_qualifier(entry, &uid) < 0) {
258 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
263 if (acl_get_permset(entry, &permset) < 0 ||
264 acl_add_perm(permset, ACL_READ) < 0 ||
265 acl_calc_mask(&acl) < 0) {
266 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
270 if (acl_set_fd(f->fd, acl) < 0)
271 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
278 static JournalFile* find_journal(Server *s, uid_t uid) {
287 /* We split up user logs only on /var, not on /run. If the
288 * runtime file is open, we write to it exclusively, in order
289 * to guarantee proper order as soon as we flush /run to
290 * /var and close the runtime file. */
292 if (s->runtime_journal)
293 return s->runtime_journal;
296 return s->system_journal;
298 r = sd_id128_get_machine(&machine);
300 return s->system_journal;
302 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
306 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
307 return s->system_journal;
309 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
310 /* Too many open? Then let's close one */
311 f = hashmap_steal_first(s->user_journals);
313 journal_file_close(f);
316 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
320 return s->system_journal;
322 server_fix_perms(s, f, uid);
324 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
326 journal_file_close(f);
327 return s->system_journal;
333 static void server_rotate(Server *s) {
339 log_info("Rotating...");
341 if (s->runtime_journal) {
342 r = journal_file_rotate(&s->runtime_journal);
344 if (s->runtime_journal)
345 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
347 log_error("Failed to create new runtime journal: %s", strerror(-r));
349 server_fix_perms(s, s->runtime_journal, 0);
352 if (s->system_journal) {
353 r = journal_file_rotate(&s->system_journal);
355 if (s->system_journal)
356 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
358 log_error("Failed to create new system journal: %s", strerror(-r));
361 server_fix_perms(s, s->system_journal, 0);
364 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
365 r = journal_file_rotate(&f);
368 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
370 log_error("Failed to create user journal: %s", strerror(-r));
372 hashmap_replace(s->user_journals, k, f);
373 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
378 static void server_vacuum(Server *s) {
384 log_info("Vacuuming...");
386 r = sd_id128_get_machine(&machine);
388 log_error("Failed to get machine ID: %s", strerror(-r));
392 sd_id128_to_string(machine, ids);
394 if (s->system_journal) {
395 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
396 log_error("Out of memory.");
400 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
401 if (r < 0 && r != -ENOENT)
402 log_error("Failed to vacuum %s: %s", p, strerror(-r));
406 if (s->runtime_journal) {
407 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
408 log_error("Out of memory.");
412 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
413 if (r < 0 && r != -ENOENT)
414 log_error("Failed to vacuum %s: %s", p, strerror(-r));
418 s->cached_available_space_timestamp = 0;
421 static char *shortened_cgroup_path(pid_t pid) {
423 char *process_path, *init_path, *path;
427 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
431 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
437 if (endswith(init_path, "/system"))
438 init_path[strlen(init_path) - 7] = 0;
439 else if (streq(init_path, "/"))
442 if (startswith(process_path, init_path)) {
445 p = strdup(process_path + strlen(init_path));
463 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
465 bool vacuumed = false;
472 f = find_journal(s, uid);
476 if (journal_file_rotate_suggested(f)) {
477 log_info("Journal header limits reached or header out-of-date, rotating.");
484 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
489 (r != -E2BIG && /* hit limit */
490 r != -EFBIG && /* hit fs limit */
491 r != -EDQUOT && /* quota hit */
492 r != -ENOSPC && /* disk full */
493 r != -EBADMSG && /* corrupted */
494 r != -ENODATA && /* truncated */
495 r != -EHOSTDOWN && /* other machine */
496 r != -EPROTONOSUPPORT /* unsupported feature */)) {
497 log_error("Failed to write entry, ignoring: %s", strerror(-r));
501 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
502 log_info("Allocation limit reached, rotating.");
503 else if (r == -EHOSTDOWN)
504 log_info("Journal file from other machine, rotating.");
506 log_warning("Journal file corrupted, rotating.");
512 log_info("Retrying write.");
516 static void dispatch_message_real(
518 struct iovec *iovec, unsigned n, unsigned m,
521 const char *label, size_t label_len,
522 const char *unit_id) {
524 char *pid = NULL, *uid = NULL, *gid = NULL,
525 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
526 *comm = NULL, *cmdline = NULL, *hostname = NULL,
527 *audit_session = NULL, *audit_loginuid = NULL,
528 *exe = NULL, *cgroup = NULL, *session = NULL,
529 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
535 uid_t loginuid = 0, realuid = 0;
540 assert(n + N_IOVEC_META_FIELDS <= m);
548 realuid = ucred->uid;
550 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
551 IOVEC_SET_STRING(iovec[n++], pid);
553 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
554 IOVEC_SET_STRING(iovec[n++], uid);
556 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
557 IOVEC_SET_STRING(iovec[n++], gid);
559 r = get_process_comm(ucred->pid, &t);
561 comm = strappend("_COMM=", t);
565 IOVEC_SET_STRING(iovec[n++], comm);
568 r = get_process_exe(ucred->pid, &t);
570 exe = strappend("_EXE=", t);
574 IOVEC_SET_STRING(iovec[n++], exe);
577 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
579 cmdline = strappend("_CMDLINE=", t);
583 IOVEC_SET_STRING(iovec[n++], cmdline);
586 r = audit_session_from_pid(ucred->pid, &audit);
588 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
589 IOVEC_SET_STRING(iovec[n++], audit_session);
591 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
593 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
594 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
596 t = shortened_cgroup_path(ucred->pid);
598 cgroup = strappend("_SYSTEMD_CGROUP=", t);
602 IOVEC_SET_STRING(iovec[n++], cgroup);
606 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
607 session = strappend("_SYSTEMD_SESSION=", t);
611 IOVEC_SET_STRING(iovec[n++], session);
614 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
615 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
616 IOVEC_SET_STRING(iovec[n++], owner_uid);
619 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
620 unit = strappend("_SYSTEMD_UNIT=", t);
623 unit = strappend("_SYSTEMD_UNIT=", unit_id);
626 IOVEC_SET_STRING(iovec[n++], unit);
630 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
631 if (selinux_context) {
632 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
633 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
634 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
635 IOVEC_SET_STRING(iovec[n++], selinux_context);
638 security_context_t con;
640 if (getpidcon(ucred->pid, &con) >= 0) {
641 selinux_context = strappend("_SELINUX_CONTEXT=", con);
643 IOVEC_SET_STRING(iovec[n++], selinux_context);
652 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
653 (unsigned long long) timeval_load(tv)) >= 0)
654 IOVEC_SET_STRING(iovec[n++], source_time);
657 /* Note that strictly speaking storing the boot id here is
658 * redundant since the entry includes this in-line
659 * anyway. However, we need this indexed, too. */
660 r = sd_id128_get_boot(&id);
662 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
663 IOVEC_SET_STRING(iovec[n++], boot_id);
665 r = sd_id128_get_machine(&id);
667 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
668 IOVEC_SET_STRING(iovec[n++], machine_id);
670 t = gethostname_malloc();
672 hostname = strappend("_HOSTNAME=", t);
675 IOVEC_SET_STRING(iovec[n++], hostname);
680 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
693 free(audit_loginuid);
698 free(selinux_context);
701 static void driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
702 char mid[11 + 32 + 1];
703 char buffer[16 + LINE_MAX + 1];
704 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
712 IOVEC_SET_STRING(iovec[n++], "PRIORITY=5");
713 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
715 memcpy(buffer, "MESSAGE=", 8);
716 va_start(ap, format);
717 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
719 char_array_0(buffer);
720 IOVEC_SET_STRING(iovec[n++], buffer);
722 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
724 IOVEC_SET_STRING(iovec[n++], mid);
727 ucred.pid = getpid();
728 ucred.uid = getuid();
729 ucred.gid = getgid();
731 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
734 static void dispatch_message(Server *s,
735 struct iovec *iovec, unsigned n, unsigned m,
738 const char *label, size_t label_len,
742 char *path = NULL, *c;
745 assert(iovec || n == 0);
750 if (LOG_PRI(priority) > s->max_level_store)
756 path = shortened_cgroup_path(ucred->pid);
760 /* example: /user/lennart/3/foobar
761 * /system/dbus.service/foobar
763 * So let's cut of everything past the third /, since that is
764 * wher user directories start */
766 c = strchr(path, '/');
768 c = strchr(c+1, '/');
770 c = strchr(c+1, '/');
776 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
783 /* Write a suppression message if we suppressed something */
785 driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
790 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
793 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
794 struct msghdr msghdr;
795 struct cmsghdr *cmsg;
797 struct cmsghdr cmsghdr;
798 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
800 union sockaddr_union sa;
807 msghdr.msg_iov = (struct iovec*) iovec;
808 msghdr.msg_iovlen = n_iovec;
811 sa.un.sun_family = AF_UNIX;
812 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
813 msghdr.msg_name = &sa;
814 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
818 msghdr.msg_control = &control;
819 msghdr.msg_controllen = sizeof(control);
821 cmsg = CMSG_FIRSTHDR(&msghdr);
822 cmsg->cmsg_level = SOL_SOCKET;
823 cmsg->cmsg_type = SCM_CREDENTIALS;
824 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
825 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
826 msghdr.msg_controllen = cmsg->cmsg_len;
829 /* Forward the syslog message we received via /dev/log to
830 * /run/systemd/syslog. Unfortunately we currently can't set
831 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
833 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
836 /* The socket is full? I guess the syslog implementation is
837 * too slow, and we shouldn't wait for that... */
841 if (ucred && errno == ESRCH) {
844 /* Hmm, presumably the sender process vanished
845 * by now, so let's fix it as good as we
850 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
852 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
859 log_debug("Failed to forward syslog message: %m");
862 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
868 if (LOG_PRI(priority) > s->max_level_syslog)
871 IOVEC_SET_STRING(iovec, buffer);
872 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
875 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
876 struct iovec iovec[5];
877 char header_priority[6], header_time[64], header_pid[16];
881 char *ident_buf = NULL;
884 assert(priority >= 0);
885 assert(priority <= 999);
888 if (LOG_PRI(priority) > s->max_level_syslog)
891 /* First: priority field */
892 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
893 char_array_0(header_priority);
894 IOVEC_SET_STRING(iovec[n++], header_priority);
896 /* Second: timestamp */
897 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
901 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
903 IOVEC_SET_STRING(iovec[n++], header_time);
905 /* Third: identifier and PID */
908 get_process_comm(ucred->pid, &ident_buf);
909 identifier = ident_buf;
912 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
913 char_array_0(header_pid);
916 IOVEC_SET_STRING(iovec[n++], identifier);
918 IOVEC_SET_STRING(iovec[n++], header_pid);
919 } else if (identifier) {
920 IOVEC_SET_STRING(iovec[n++], identifier);
921 IOVEC_SET_STRING(iovec[n++], ": ");
924 /* Fourth: message */
925 IOVEC_SET_STRING(iovec[n++], message);
927 forward_syslog_iovec(s, iovec, n, ucred, tv);
932 static int fixup_priority(int priority) {
934 if ((priority & LOG_FACMASK) == 0)
935 return (priority & LOG_PRIMASK) | LOG_USER;
940 static void forward_kmsg(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
941 struct iovec iovec[5];
942 char header_priority[6], header_pid[16];
944 char *ident_buf = NULL;
948 assert(priority >= 0);
949 assert(priority <= 999);
952 if (LOG_PRI(priority) > s->max_level_kmsg)
955 /* Never allow messages with kernel facility to be written to
956 * kmsg, regardless where the data comes from. */
957 priority = fixup_priority(priority);
959 /* First: priority field */
960 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
961 char_array_0(header_priority);
962 IOVEC_SET_STRING(iovec[n++], header_priority);
964 /* Second: identifier and PID */
967 get_process_comm(ucred->pid, &ident_buf);
968 identifier = ident_buf;
971 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
972 char_array_0(header_pid);
975 IOVEC_SET_STRING(iovec[n++], identifier);
977 IOVEC_SET_STRING(iovec[n++], header_pid);
978 } else if (identifier) {
979 IOVEC_SET_STRING(iovec[n++], identifier);
980 IOVEC_SET_STRING(iovec[n++], ": ");
983 /* Fourth: message */
984 IOVEC_SET_STRING(iovec[n++], message);
985 IOVEC_SET_STRING(iovec[n++], "\n");
987 fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC);
989 log_debug("Failed to open /dev/kmsg for logging: %s", strerror(errno));
993 if (writev(fd, iovec, n) < 0)
994 log_debug("Failed to write to /dev/kmsg for logging: %s", strerror(errno));
996 close_nointr_nofail(fd);
1002 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
1003 struct iovec iovec[4];
1004 char header_pid[16];
1006 char *ident_buf = NULL;
1012 if (LOG_PRI(priority) > s->max_level_console)
1015 /* First: identifier and PID */
1018 get_process_comm(ucred->pid, &ident_buf);
1019 identifier = ident_buf;
1022 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
1023 char_array_0(header_pid);
1026 IOVEC_SET_STRING(iovec[n++], identifier);
1028 IOVEC_SET_STRING(iovec[n++], header_pid);
1029 } else if (identifier) {
1030 IOVEC_SET_STRING(iovec[n++], identifier);
1031 IOVEC_SET_STRING(iovec[n++], ": ");
1034 /* Third: message */
1035 IOVEC_SET_STRING(iovec[n++], message);
1036 IOVEC_SET_STRING(iovec[n++], "\n");
1038 tty = s->tty_path ? s->tty_path : "/dev/console";
1040 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
1042 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
1046 if (writev(fd, iovec, n) < 0)
1047 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
1049 close_nointr_nofail(fd);
1055 static void read_identifier(const char **buf, char **identifier, char **pid) {
1066 p += strspn(p, WHITESPACE);
1067 l = strcspn(p, WHITESPACE);
1076 if (p[l-1] == ']') {
1082 t = strndup(p+k+1, l-k-2);
1102 *buf += strspn(*buf, WHITESPACE);
1105 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1106 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1107 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1109 int priority = LOG_USER | LOG_INFO;
1110 char *identifier = NULL, *pid = NULL;
1117 parse_syslog_priority((char**) &buf, &priority);
1119 if (s->forward_to_syslog)
1120 forward_syslog_raw(s, priority, orig, ucred, tv);
1122 skip_syslog_date((char**) &buf);
1123 read_identifier(&buf, &identifier, &pid);
1125 if (s->forward_to_kmsg)
1126 forward_kmsg(s, priority, identifier, buf, ucred);
1128 if (s->forward_to_console)
1129 forward_console(s, priority, identifier, buf, ucred);
1131 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1133 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1134 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1136 if (priority & LOG_FACMASK)
1137 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1138 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1141 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1142 if (syslog_identifier)
1143 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1147 syslog_pid = strappend("SYSLOG_PID=", pid);
1149 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1152 message = strappend("MESSAGE=", buf);
1154 IOVEC_SET_STRING(iovec[n++], message);
1156 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1161 free(syslog_priority);
1162 free(syslog_facility);
1163 free(syslog_identifier);
1166 static bool valid_user_field(const char *p, size_t l) {
1169 /* We kinda enforce POSIX syntax recommendations for
1170 environment variables here, but make a couple of additional
1173 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1175 /* No empty field names */
1179 /* Don't allow names longer than 64 chars */
1183 /* Variables starting with an underscore are protected */
1187 /* Don't allow digits as first character */
1188 if (p[0] >= '0' && p[0] <= '9')
1191 /* Only allow A-Z0-9 and '_' */
1192 for (a = p; a < p + l; a++)
1193 if (!((*a >= 'A' && *a <= 'Z') ||
1194 (*a >= '0' && *a <= '9') ||
1201 static void process_native_message(
1203 const void *buffer, size_t buffer_size,
1204 struct ucred *ucred,
1206 const char *label, size_t label_len) {
1208 struct iovec *iovec = NULL;
1209 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1212 int priority = LOG_INFO;
1213 char *identifier = NULL, *message = NULL;
1216 assert(buffer || buffer_size == 0);
1219 remaining = buffer_size;
1221 while (remaining > 0) {
1224 e = memchr(p, '\n', remaining);
1227 /* Trailing noise, let's ignore it, and flush what we collected */
1228 log_debug("Received message with trailing noise, ignoring.");
1233 /* Entry separator */
1234 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1236 priority = LOG_INFO;
1243 if (*p == '.' || *p == '#') {
1244 /* Ignore control commands for now, and
1246 remaining -= (e - p) + 1;
1251 /* A property follows */
1253 if (n+N_IOVEC_META_FIELDS >= m) {
1257 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1258 c = realloc(iovec, u * sizeof(struct iovec));
1260 log_error("Out of memory");
1268 q = memchr(p, '=', e - p);
1270 if (valid_user_field(p, q - p)) {
1275 /* If the field name starts with an
1276 * underscore, skip the variable,
1277 * since that indidates a trusted
1279 iovec[n].iov_base = (char*) p;
1280 iovec[n].iov_len = l;
1283 /* We need to determine the priority
1284 * of this entry for the rate limiting
1287 memcmp(p, "PRIORITY=", 9) == 0 &&
1288 p[9] >= '0' && p[9] <= '9')
1289 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1292 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1293 p[16] >= '0' && p[16] <= '9')
1294 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1297 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1298 p[16] >= '0' && p[16] <= '9' &&
1299 p[17] >= '0' && p[17] <= '9')
1300 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1303 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1306 t = strndup(p + 18, l - 18);
1311 } else if (l >= 8 &&
1312 memcmp(p, "MESSAGE=", 8) == 0) {
1315 t = strndup(p + 8, l - 8);
1323 remaining -= (e - p) + 1;
1331 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1332 log_debug("Failed to parse message, ignoring.");
1336 memcpy(&l_le, e + 1, sizeof(uint64_t));
1339 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1340 e[1+sizeof(uint64_t)+l] != '\n') {
1341 log_debug("Failed to parse message, ignoring.");
1345 k = malloc((e - p) + 1 + l);
1347 log_error("Out of memory");
1351 memcpy(k, p, e - p);
1353 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1355 if (valid_user_field(p, e - p)) {
1356 iovec[n].iov_base = k;
1357 iovec[n].iov_len = (e - p) + 1 + l;
1362 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1363 p = e + 1 + sizeof(uint64_t) + l + 1;
1371 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1374 if (s->forward_to_syslog)
1375 forward_syslog(s, priority, identifier, message, ucred, tv);
1377 if (s->forward_to_kmsg)
1378 forward_kmsg(s, priority, identifier, message, ucred);
1380 if (s->forward_to_console)
1381 forward_console(s, priority, identifier, message, ucred);
1384 dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1387 for (j = 0; j < n; j++) {
1391 if (iovec[j].iov_base < buffer ||
1392 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1393 free(iovec[j].iov_base);
1401 static void process_native_file(
1404 struct ucred *ucred,
1406 const char *label, size_t label_len) {
1415 /* Data is in the passed file, since it didn't fit in a
1416 * datagram. We can't map the file here, since clients might
1417 * then truncate it and trigger a SIGBUS for us. So let's
1418 * stupidly read it */
1420 if (fstat(fd, &st) < 0) {
1421 log_error("Failed to stat passed file, ignoring: %m");
1425 if (!S_ISREG(st.st_mode)) {
1426 log_error("File passed is not regular. Ignoring.");
1430 if (st.st_size <= 0)
1433 if (st.st_size > ENTRY_SIZE_MAX) {
1434 log_error("File passed too large. Ignoring.");
1438 p = malloc(st.st_size);
1440 log_error("Out of memory");
1444 n = pread(fd, p, st.st_size, 0);
1446 log_error("Failed to read file, ignoring: %s", strerror(-n));
1448 process_native_message(s, p, n, ucred, tv, label, label_len);
1453 static int stdout_stream_log(StdoutStream *s, const char *p) {
1454 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1455 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1459 size_t label_len = 0;
1467 priority = s->priority;
1469 if (s->level_prefix)
1470 parse_syslog_priority((char**) &p, &priority);
1472 if (s->forward_to_syslog || s->server->forward_to_syslog)
1473 forward_syslog(s->server, fixup_priority(priority), s->identifier, p, &s->ucred, NULL);
1475 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1476 forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1478 if (s->forward_to_console || s->server->forward_to_console)
1479 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1481 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1483 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1484 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1486 if (priority & LOG_FACMASK)
1487 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1488 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1490 if (s->identifier) {
1491 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1492 if (syslog_identifier)
1493 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1496 message = strappend("MESSAGE=", p);
1498 IOVEC_SET_STRING(iovec[n++], message);
1501 if (s->security_context) {
1502 label = (char*) s->security_context;
1503 label_len = strlen((char*) s->security_context);
1507 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1510 free(syslog_priority);
1511 free(syslog_facility);
1512 free(syslog_identifier);
1517 static int stdout_stream_line(StdoutStream *s, char *p) {
1527 case STDOUT_STREAM_IDENTIFIER:
1529 s->identifier = NULL;
1531 s->identifier = strdup(p);
1532 if (!s->identifier) {
1533 log_error("Out of memory");
1538 s->state = STDOUT_STREAM_UNIT_ID;
1541 case STDOUT_STREAM_UNIT_ID:
1542 if (s->ucred.uid == 0) {
1546 s->unit_id = strdup(p);
1548 log_error("Out of memory");
1554 s->state = STDOUT_STREAM_PRIORITY;
1557 case STDOUT_STREAM_PRIORITY:
1558 r = safe_atoi(p, &s->priority);
1559 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1560 log_warning("Failed to parse log priority line.");
1564 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1567 case STDOUT_STREAM_LEVEL_PREFIX:
1568 r = parse_boolean(p);
1570 log_warning("Failed to parse level prefix line.");
1574 s->level_prefix = !!r;
1575 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1578 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1579 r = parse_boolean(p);
1581 log_warning("Failed to parse forward to syslog line.");
1585 s->forward_to_syslog = !!r;
1586 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1589 case STDOUT_STREAM_FORWARD_TO_KMSG:
1590 r = parse_boolean(p);
1592 log_warning("Failed to parse copy to kmsg line.");
1596 s->forward_to_kmsg = !!r;
1597 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1600 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1601 r = parse_boolean(p);
1603 log_warning("Failed to parse copy to console line.");
1607 s->forward_to_console = !!r;
1608 s->state = STDOUT_STREAM_RUNNING;
1611 case STDOUT_STREAM_RUNNING:
1612 return stdout_stream_log(s, p);
1615 assert_not_reached("Unknown stream state");
1618 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1626 remaining = s->length;
1631 end = memchr(p, '\n', remaining);
1634 else if (remaining >= sizeof(s->buffer) - 1) {
1635 end = p + sizeof(s->buffer) - 1;
1642 r = stdout_stream_line(s, p);
1650 if (force_flush && remaining > 0) {
1652 r = stdout_stream_line(s, p);
1660 if (p > s->buffer) {
1661 memmove(s->buffer, p, remaining);
1662 s->length = remaining;
1668 static int stdout_stream_process(StdoutStream *s) {
1674 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1677 if (errno == EAGAIN)
1680 log_warning("Failed to read from stream: %m");
1685 r = stdout_stream_scan(s, true);
1693 r = stdout_stream_scan(s, false);
1701 static void stdout_stream_free(StdoutStream *s) {
1705 assert(s->server->n_stdout_streams > 0);
1706 s->server->n_stdout_streams --;
1707 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1712 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1714 close_nointr_nofail(s->fd);
1718 if (s->security_context)
1719 freecon(s->security_context);
1722 free(s->identifier);
1726 static int stdout_stream_new(Server *s) {
1727 StdoutStream *stream;
1730 struct epoll_event ev;
1734 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1736 if (errno == EAGAIN)
1739 log_error("Failed to accept stdout connection: %m");
1743 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1744 log_warning("Too many stdout streams, refusing connection.");
1745 close_nointr_nofail(fd);
1749 stream = new0(StdoutStream, 1);
1751 log_error("Out of memory.");
1752 close_nointr_nofail(fd);
1758 len = sizeof(stream->ucred);
1759 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1760 log_error("Failed to determine peer credentials: %m");
1766 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1767 log_error("Failed to determine peer security context: %m");
1770 if (shutdown(fd, SHUT_WR) < 0) {
1771 log_error("Failed to shutdown writing side of socket: %m");
1777 ev.data.ptr = stream;
1778 ev.events = EPOLLIN;
1779 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1780 log_error("Failed to add stream to event loop: %m");
1786 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1787 s->n_stdout_streams ++;
1792 stdout_stream_free(stream);
1796 static int parse_kernel_timestamp(char **_p, usec_t *t) {
1807 if (strlen(p) < 14 || p[0] != '[' || p[13] != ']' || p[6] != '.')
1812 for (i = 1; i <= 5; i++) {
1818 k = undecchar(p[i]);
1825 for (i = 7; i <= 12; i++) {
1828 k = undecchar(p[i]);
1837 *_p += strspn(*_p, WHITESPACE);
1842 static bool is_us(const char *pid) {
1847 if (parse_pid(pid, &t) < 0)
1850 return t == getpid();
1853 static void proc_kmsg_line(Server *s, const char *p) {
1854 struct iovec iovec[N_IOVEC_META_FIELDS + 7];
1855 char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL;
1856 int priority = LOG_KERN | LOG_INFO;
1859 char *identifier = NULL, *pid = NULL;
1867 parse_syslog_priority((char **) &p, &priority);
1869 if (s->forward_to_kmsg && (priority & LOG_FACMASK) != LOG_KERN)
1872 if (parse_kernel_timestamp((char **) &p, &usec) > 0) {
1873 if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu",
1874 (unsigned long long) usec) >= 0)
1875 IOVEC_SET_STRING(iovec[n++], source_time);
1878 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=kernel");
1880 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1881 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1883 if ((priority & LOG_FACMASK) == LOG_KERN) {
1885 if (s->forward_to_syslog)
1886 forward_syslog(s, priority, "kernel", p, NULL, NULL);
1888 IOVEC_SET_STRING(iovec[n++], "SYSLOG_IDENTIFIER=kernel");
1890 read_identifier(&p, &identifier, &pid);
1892 /* Avoid any messages we generated ourselves via
1893 * log_info() and friends. */
1894 if (pid && is_us(pid))
1897 if (s->forward_to_syslog)
1898 forward_syslog(s, priority, identifier, p, NULL, NULL);
1901 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1902 if (syslog_identifier)
1903 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1907 syslog_pid = strappend("SYSLOG_PID=", pid);
1909 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1912 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1913 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1916 message = strappend("MESSAGE=", p);
1918 IOVEC_SET_STRING(iovec[n++], message);
1920 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, NULL, 0, NULL, priority);
1924 free(syslog_priority);
1925 free(syslog_identifier);
1927 free(syslog_facility);
1933 static void proc_kmsg_scan(Server *s) {
1939 p = s->proc_kmsg_buffer;
1940 remaining = s->proc_kmsg_length;
1945 end = memchr(p, '\n', remaining);
1948 else if (remaining >= sizeof(s->proc_kmsg_buffer) - 1) {
1949 end = p + sizeof(s->proc_kmsg_buffer) - 1;
1956 proc_kmsg_line(s, p);
1962 if (p > s->proc_kmsg_buffer) {
1963 memmove(s->proc_kmsg_buffer, p, remaining);
1964 s->proc_kmsg_length = remaining;
1968 static int system_journal_open(Server *s) {
1974 r = sd_id128_get_machine(&machine);
1978 sd_id128_to_string(machine, ids);
1980 if (!s->system_journal &&
1981 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1982 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1984 /* If in auto mode: first try to create the machine
1985 * path, but not the prefix.
1987 * If in persistent mode: create /var/log/journal and
1988 * the machine path */
1990 if (s->storage == STORAGE_PERSISTENT)
1991 (void) mkdir("/var/log/journal/", 0755);
1993 fn = strappend("/var/log/journal/", ids);
1997 (void) mkdir(fn, 0755);
2000 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
2004 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
2008 journal_default_metrics(&s->system_metrics, s->system_journal->fd);
2010 s->system_journal->metrics = s->system_metrics;
2011 s->system_journal->compress = s->compress;
2013 server_fix_perms(s, s->system_journal, 0);
2016 if (r != -ENOENT && r != -EROFS)
2017 log_warning("Failed to open system journal: %s", strerror(-r));
2023 if (!s->runtime_journal &&
2024 (s->storage != STORAGE_NONE)) {
2026 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
2030 if (s->system_journal) {
2032 /* Try to open the runtime journal, but only
2033 * if it already exists, so that we can flush
2034 * it into the system journal */
2036 r = journal_file_open(fn, O_RDWR, 0640, NULL, &s->runtime_journal);
2041 log_warning("Failed to open runtime journal: %s", strerror(-r));
2048 /* OK, we really need the runtime journal, so create
2049 * it if necessary. */
2051 (void) mkdir_parents(fn, 0755);
2052 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
2056 log_error("Failed to open runtime journal: %s", strerror(-r));
2061 if (s->runtime_journal) {
2062 journal_default_metrics(&s->runtime_metrics, s->runtime_journal->fd);
2064 s->runtime_journal->metrics = s->runtime_metrics;
2065 s->runtime_journal->compress = s->compress;
2067 server_fix_perms(s, s->runtime_journal, 0);
2074 static int server_flush_to_var(Server *s) {
2082 if (s->storage != STORAGE_AUTO &&
2083 s->storage != STORAGE_PERSISTENT)
2086 if (!s->runtime_journal)
2089 system_journal_open(s);
2091 if (!s->system_journal)
2094 log_info("Flushing to /var...");
2096 r = sd_id128_get_machine(&machine);
2098 log_error("Failed to get machine id: %s", strerror(-r));
2102 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
2104 log_error("Failed to read runtime journal: %s", strerror(-r));
2108 SD_JOURNAL_FOREACH(j) {
2111 f = j->current_file;
2112 assert(f && f->current_offset > 0);
2114 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
2116 log_error("Can't read entry: %s", strerror(-r));
2120 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2122 log_info("Allocation limit reached.");
2124 journal_file_post_change(s->system_journal);
2128 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
2132 log_error("Can't write entry: %s", strerror(-r));
2138 journal_file_post_change(s->system_journal);
2140 journal_file_close(s->runtime_journal);
2141 s->runtime_journal = NULL;
2144 char path[] = "/run/log/journal/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
2145 sd_id128_to_string(machine, path + 17);
2146 rm_rf(path, false, true, false);
2152 static int server_read_proc_kmsg(Server *s) {
2155 assert(s->proc_kmsg_fd >= 0);
2157 l = read(s->proc_kmsg_fd, s->proc_kmsg_buffer + s->proc_kmsg_length, sizeof(s->proc_kmsg_buffer) - 1 - s->proc_kmsg_length);
2158 if (l == 0) /* the kernel is stupid and in some race
2159 * conditions returns 0 in the middle of the
2164 if (errno == EAGAIN || errno == EINTR)
2167 log_error("Failed to read from kernel: %m");
2171 s->proc_kmsg_length += l;
2177 static int server_flush_proc_kmsg(Server *s) {
2182 if (s->proc_kmsg_fd < 0)
2185 log_info("Flushing /proc/kmsg...");
2188 r = server_read_proc_kmsg(s);
2199 static int process_event(Server *s, struct epoll_event *ev) {
2203 if (ev->data.fd == s->signal_fd) {
2204 struct signalfd_siginfo sfsi;
2207 if (ev->events != EPOLLIN) {
2208 log_info("Got invalid event from epoll.");
2212 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
2213 if (n != sizeof(sfsi)) {
2218 if (errno == EINTR || errno == EAGAIN)
2224 if (sfsi.ssi_signo == SIGUSR1) {
2225 touch("/run/systemd/journal/flushed");
2226 server_flush_to_var(s);
2230 if (sfsi.ssi_signo == SIGUSR2) {
2236 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
2239 } else if (ev->data.fd == s->proc_kmsg_fd) {
2242 if (ev->events != EPOLLIN) {
2243 log_info("Got invalid event from epoll.");
2247 r = server_read_proc_kmsg(s);
2253 } else if (ev->data.fd == s->native_fd ||
2254 ev->data.fd == s->syslog_fd) {
2256 if (ev->events != EPOLLIN) {
2257 log_info("Got invalid event from epoll.");
2262 struct msghdr msghdr;
2264 struct ucred *ucred = NULL;
2265 struct timeval *tv = NULL;
2266 struct cmsghdr *cmsg;
2268 size_t label_len = 0;
2270 struct cmsghdr cmsghdr;
2272 /* We use NAME_MAX space for the
2273 * SELinux label here. The kernel
2274 * currently enforces no limit, but
2275 * according to suggestions from the
2276 * SELinux people this will change and
2277 * it will probably be identical to
2278 * NAME_MAX. For now we use that, but
2279 * this should be updated one day when
2280 * the final limit is known.*/
2281 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2282 CMSG_SPACE(sizeof(struct timeval)) +
2283 CMSG_SPACE(sizeof(int)) + /* fd */
2284 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2291 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2292 log_error("SIOCINQ failed: %m");
2296 if (s->buffer_size < (size_t) v) {
2300 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2301 b = realloc(s->buffer, l+1);
2304 log_error("Couldn't increase buffer.");
2313 iovec.iov_base = s->buffer;
2314 iovec.iov_len = s->buffer_size;
2318 msghdr.msg_iov = &iovec;
2319 msghdr.msg_iovlen = 1;
2320 msghdr.msg_control = &control;
2321 msghdr.msg_controllen = sizeof(control);
2323 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2326 if (errno == EINTR || errno == EAGAIN)
2329 log_error("recvmsg() failed: %m");
2333 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2335 if (cmsg->cmsg_level == SOL_SOCKET &&
2336 cmsg->cmsg_type == SCM_CREDENTIALS &&
2337 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2338 ucred = (struct ucred*) CMSG_DATA(cmsg);
2339 else if (cmsg->cmsg_level == SOL_SOCKET &&
2340 cmsg->cmsg_type == SCM_SECURITY) {
2341 label = (char*) CMSG_DATA(cmsg);
2342 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2343 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2344 cmsg->cmsg_type == SO_TIMESTAMP &&
2345 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2346 tv = (struct timeval*) CMSG_DATA(cmsg);
2347 else if (cmsg->cmsg_level == SOL_SOCKET &&
2348 cmsg->cmsg_type == SCM_RIGHTS) {
2349 fds = (int*) CMSG_DATA(cmsg);
2350 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2354 if (ev->data.fd == s->syslog_fd) {
2357 if (n > 0 && n_fds == 0) {
2358 e = memchr(s->buffer, '\n', n);
2364 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2365 } else if (n_fds > 0)
2366 log_warning("Got file descriptors via syslog socket. Ignoring.");
2369 if (n > 0 && n_fds == 0)
2370 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2371 else if (n == 0 && n_fds == 1)
2372 process_native_file(s, fds[0], ucred, tv, label, label_len);
2374 log_warning("Got too many file descriptors via native socket. Ignoring.");
2377 close_many(fds, n_fds);
2382 } else if (ev->data.fd == s->stdout_fd) {
2384 if (ev->events != EPOLLIN) {
2385 log_info("Got invalid event from epoll.");
2389 stdout_stream_new(s);
2393 StdoutStream *stream;
2395 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2396 log_info("Got invalid event from epoll.");
2400 /* If it is none of the well-known fds, it must be an
2401 * stdout stream fd. Note that this is a bit ugly here
2402 * (since we rely that none of the well-known fds
2403 * could be interpreted as pointer), but nonetheless
2404 * safe, since the well-known fds would never get an
2405 * fd > 4096, i.e. beyond the first memory page */
2407 stream = ev->data.ptr;
2409 if (stdout_stream_process(stream) <= 0)
2410 stdout_stream_free(stream);
2415 log_error("Unknown event.");
2419 static int open_syslog_socket(Server *s) {
2420 union sockaddr_union sa;
2422 struct epoll_event ev;
2426 if (s->syslog_fd < 0) {
2428 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2429 if (s->syslog_fd < 0) {
2430 log_error("socket() failed: %m");
2435 sa.un.sun_family = AF_UNIX;
2436 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2438 unlink(sa.un.sun_path);
2440 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2442 log_error("bind() failed: %m");
2446 chmod(sa.un.sun_path, 0666);
2448 fd_nonblock(s->syslog_fd, 1);
2451 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2453 log_error("SO_PASSCRED failed: %m");
2459 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2461 log_warning("SO_PASSSEC failed: %m");
2465 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2467 log_error("SO_TIMESTAMP failed: %m");
2472 ev.events = EPOLLIN;
2473 ev.data.fd = s->syslog_fd;
2474 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2475 log_error("Failed to add syslog server fd to epoll object: %m");
2482 static int open_native_socket(Server*s) {
2483 union sockaddr_union sa;
2485 struct epoll_event ev;
2489 if (s->native_fd < 0) {
2491 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2492 if (s->native_fd < 0) {
2493 log_error("socket() failed: %m");
2498 sa.un.sun_family = AF_UNIX;
2499 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2501 unlink(sa.un.sun_path);
2503 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2505 log_error("bind() failed: %m");
2509 chmod(sa.un.sun_path, 0666);
2511 fd_nonblock(s->native_fd, 1);
2514 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2516 log_error("SO_PASSCRED failed: %m");
2522 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2524 log_warning("SO_PASSSEC failed: %m");
2528 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2530 log_error("SO_TIMESTAMP failed: %m");
2535 ev.events = EPOLLIN;
2536 ev.data.fd = s->native_fd;
2537 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2538 log_error("Failed to add native server fd to epoll object: %m");
2545 static int open_stdout_socket(Server *s) {
2546 union sockaddr_union sa;
2548 struct epoll_event ev;
2552 if (s->stdout_fd < 0) {
2554 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2555 if (s->stdout_fd < 0) {
2556 log_error("socket() failed: %m");
2561 sa.un.sun_family = AF_UNIX;
2562 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2564 unlink(sa.un.sun_path);
2566 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2568 log_error("bind() failed: %m");
2572 chmod(sa.un.sun_path, 0666);
2574 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2575 log_error("liste() failed: %m");
2579 fd_nonblock(s->stdout_fd, 1);
2582 ev.events = EPOLLIN;
2583 ev.data.fd = s->stdout_fd;
2584 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2585 log_error("Failed to add stdout server fd to epoll object: %m");
2592 static int open_proc_kmsg(Server *s) {
2593 struct epoll_event ev;
2597 if (!s->import_proc_kmsg)
2600 s->proc_kmsg_fd = open("/proc/kmsg", O_RDONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
2601 if (s->proc_kmsg_fd < 0) {
2602 log_warning("Failed to open /proc/kmsg, ignoring: %m");
2607 ev.events = EPOLLIN;
2608 ev.data.fd = s->proc_kmsg_fd;
2609 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->proc_kmsg_fd, &ev) < 0) {
2610 log_error("Failed to add /proc/kmsg fd to epoll object: %m");
2617 static int open_signalfd(Server *s) {
2619 struct epoll_event ev;
2623 assert_se(sigemptyset(&mask) == 0);
2624 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2625 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2627 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2628 if (s->signal_fd < 0) {
2629 log_error("signalfd(): %m");
2634 ev.events = EPOLLIN;
2635 ev.data.fd = s->signal_fd;
2637 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2638 log_error("epoll_ctl(): %m");
2645 static int server_parse_proc_cmdline(Server *s) {
2646 char *line, *w, *state;
2650 if (detect_container(NULL) > 0)
2653 r = read_one_line_file("/proc/cmdline", &line);
2655 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2659 FOREACH_WORD_QUOTED(w, l, line, state) {
2662 word = strndup(w, l);
2668 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2669 r = parse_boolean(word + 35);
2671 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2673 s->forward_to_syslog = r;
2674 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2675 r = parse_boolean(word + 33);
2677 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2679 s->forward_to_kmsg = r;
2680 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2681 r = parse_boolean(word + 36);
2683 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2685 s->forward_to_console = r;
2686 } else if (startswith(word, "systemd.journald"))
2687 log_warning("Invalid systemd.journald parameter. Ignoring.");
2699 static int server_parse_config_file(Server *s) {
2706 fn = "/etc/systemd/journald.conf";
2707 f = fopen(fn, "re");
2709 if (errno == ENOENT)
2712 log_warning("Failed to open configuration file %s: %m", fn);
2716 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2718 log_warning("Failed to parse configuration file: %s", strerror(-r));
2725 static int server_init(Server *s) {
2731 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->proc_kmsg_fd = -1;
2734 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2735 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2737 s->forward_to_syslog = true;
2739 s->max_level_store = LOG_DEBUG;
2740 s->max_level_syslog = LOG_DEBUG;
2741 s->max_level_kmsg = LOG_NOTICE;
2742 s->max_level_console = LOG_INFO;
2744 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2745 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2747 server_parse_config_file(s);
2748 server_parse_proc_cmdline(s);
2750 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2751 if (!s->user_journals) {
2752 log_error("Out of memory.");
2756 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2757 if (s->epoll_fd < 0) {
2758 log_error("Failed to create epoll object: %m");
2762 n = sd_listen_fds(true);
2764 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2768 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2770 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2772 if (s->native_fd >= 0) {
2773 log_error("Too many native sockets passed.");
2779 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2781 if (s->stdout_fd >= 0) {
2782 log_error("Too many stdout sockets passed.");
2788 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2790 if (s->syslog_fd >= 0) {
2791 log_error("Too many /dev/log sockets passed.");
2798 log_error("Unknown socket passed.");
2803 r = open_syslog_socket(s);
2807 r = open_native_socket(s);
2811 r = open_stdout_socket(s);
2815 r = open_proc_kmsg(s);
2819 r = open_signalfd(s);
2823 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2827 r = system_journal_open(s);
2834 static void server_done(Server *s) {
2838 while (s->stdout_streams)
2839 stdout_stream_free(s->stdout_streams);
2841 if (s->system_journal)
2842 journal_file_close(s->system_journal);
2844 if (s->runtime_journal)
2845 journal_file_close(s->runtime_journal);
2847 while ((f = hashmap_steal_first(s->user_journals)))
2848 journal_file_close(f);
2850 hashmap_free(s->user_journals);
2852 if (s->epoll_fd >= 0)
2853 close_nointr_nofail(s->epoll_fd);
2855 if (s->signal_fd >= 0)
2856 close_nointr_nofail(s->signal_fd);
2858 if (s->syslog_fd >= 0)
2859 close_nointr_nofail(s->syslog_fd);
2861 if (s->native_fd >= 0)
2862 close_nointr_nofail(s->native_fd);
2864 if (s->stdout_fd >= 0)
2865 close_nointr_nofail(s->stdout_fd);
2867 if (s->proc_kmsg_fd >= 0)
2868 close_nointr_nofail(s->proc_kmsg_fd);
2871 journal_rate_limit_free(s->rate_limit);
2877 int main(int argc, char *argv[]) {
2881 /* if (getppid() != 1) { */
2882 /* log_error("This program should be invoked by init only."); */
2883 /* return EXIT_FAILURE; */
2887 log_error("This program does not take arguments.");
2888 return EXIT_FAILURE;
2891 log_set_target(LOG_TARGET_SAFE);
2892 log_set_facility(LOG_SYSLOG);
2893 log_parse_environment();
2898 r = server_init(&server);
2902 server_vacuum(&server);
2903 server_flush_to_var(&server);
2904 server_flush_proc_kmsg(&server);
2906 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2907 driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2911 "STATUS=Processing requests...");
2914 struct epoll_event event;
2916 r = epoll_wait(server.epoll_fd, &event, 1, -1);
2922 log_error("epoll_wait() failed: %m");
2928 r = process_event(&server, &event);
2935 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2936 driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2940 "STATUS=Shutting down...");
2942 server_done(&server);
2944 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;