1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <acl/libacl.h>
31 #include <sys/ioctl.h>
32 #include <linux/sockios.h>
33 #include <sys/statvfs.h>
36 #include "journal-file.h"
37 #include "sd-daemon.h"
38 #include "socket-util.h"
40 #include "cgroup-util.h"
42 #include "journal-rate-limit.h"
44 #define USER_JOURNALS_MAX 1024
45 #define STDOUT_STREAMS_MAX 4096
47 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
48 #define DEFAULT_RATE_LIMIT_BURST 200
50 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
52 typedef struct StdoutStream StdoutStream;
54 typedef struct Server {
61 JournalFile *runtime_journal;
62 JournalFile *system_journal;
63 Hashmap *user_journals;
70 JournalRateLimit *rate_limit;
72 JournalMetrics metrics;
76 uint64_t cached_available_space;
77 usec_t cached_available_space_timestamp;
79 LIST_HEAD(StdoutStream, stdout_streams);
80 unsigned n_stdout_streams;
83 typedef enum StdoutStreamState {
85 STDOUT_STREAM_PRIORITY,
86 STDOUT_STREAM_PRIORITY_PREFIX,
87 STDOUT_STREAM_TEE_CONSOLE,
93 StdoutStreamState state;
101 bool priority_prefix:1;
104 char buffer[LINE_MAX+1];
107 LIST_FIELDS(StdoutStream, stdout_stream);
110 static uint64_t available_space(Server *s) {
116 uint64_t sum = 0, avail = 0, ss_avail = 0;
119 usec_t ts = now(CLOCK_MONOTONIC);
121 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
122 return s->cached_available_space;
124 r = sd_id128_get_machine(&machine);
128 if (s->system_journal)
129 f = "/var/log/journal/";
131 f = "/run/log/journal/";
133 p = strappend(f, sd_id128_to_string(machine, ids));
143 if (fstatvfs(dirfd(d), &ss) < 0)
148 struct dirent buf, *de;
151 k = readdir_r(d, &buf, &de);
160 if (!dirent_is_file_with_suffix(de, ".journal"))
163 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
166 sum += (uint64_t) st.st_blocks * (uint64_t) st.st_blksize;
169 avail = sum >= s->max_use ? 0 : s->max_use - sum;
171 ss_avail = ss.f_bsize * ss.f_bavail;
173 ss_avail = ss_avail < s->metrics.keep_free ? 0 : ss_avail - s->metrics.keep_free;
175 if (ss_avail < avail)
178 s->cached_available_space = avail;
179 s->cached_available_space_timestamp = ts;
187 static void fix_perms(JournalFile *f, uid_t uid) {
190 acl_permset_t permset;
195 r = fchmod_and_fchown(f->fd, 0640, 0, 0);
197 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
202 acl = acl_get_fd(f->fd);
204 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
208 r = acl_find_uid(acl, uid, &entry);
211 if (acl_create_entry(&acl, &entry) < 0 ||
212 acl_set_tag_type(entry, ACL_USER) < 0 ||
213 acl_set_qualifier(entry, &uid) < 0) {
214 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
219 if (acl_get_permset(entry, &permset) < 0 ||
220 acl_add_perm(permset, ACL_READ) < 0 ||
221 acl_calc_mask(&acl) < 0) {
222 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
226 if (acl_set_fd(f->fd, acl) < 0)
227 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
233 static JournalFile* find_journal(Server *s, uid_t uid) {
242 /* We split up user logs only on /var, not on /run */
243 if (!s->system_journal)
244 return s->runtime_journal;
247 return s->system_journal;
249 r = sd_id128_get_machine(&machine);
251 return s->system_journal;
253 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
257 if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
258 return s->system_journal;
260 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
261 /* Too many open? Then let's close one */
262 f = hashmap_steal_first(s->user_journals);
264 journal_file_close(f);
267 r = journal_file_open(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
271 return s->system_journal;
274 f->metrics = s->metrics;
275 f->compress = s->compress;
277 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
279 journal_file_close(f);
280 return s->system_journal;
286 static void server_vacuum(Server *s) {
295 log_info("Rotating...");
297 if (s->runtime_journal) {
298 r = journal_file_rotate(&s->runtime_journal);
300 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
303 if (s->system_journal) {
304 r = journal_file_rotate(&s->system_journal);
306 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
309 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
310 r = journal_file_rotate(&f);
312 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
314 hashmap_replace(s->user_journals, k, f);
317 log_info("Vacuuming...");
319 r = sd_id128_get_machine(&machine);
321 log_error("Failed to get machine ID: %s", strerror(-r));
325 if (asprintf(&p, "/var/log/journal/%s", sd_id128_to_string(machine, ids)) < 0) {
326 log_error("Out of memory.");
330 r = journal_directory_vacuum(p, s->max_use, s->metrics.keep_free);
331 if (r < 0 && r != -ENOENT)
332 log_error("Failed to vacuum %s: %s", p, strerror(-r));
335 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
336 log_error("Out of memory.");
340 r = journal_directory_vacuum(p, s->max_use, s->metrics.keep_free);
341 if (r < 0 && r != -ENOENT)
342 log_error("Failed to vacuum %s: %s", p, strerror(-r));
345 s->cached_available_space_timestamp = 0;
348 static char *shortened_cgroup_path(pid_t pid) {
350 char *process_path, *init_path, *path;
354 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
358 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
364 if (streq(init_path, "/"))
367 if (startswith(process_path, init_path))
368 path = process_path + strlen(init_path);
377 static void dispatch_message_real(Server *s,
378 struct iovec *iovec, unsigned n, unsigned m,
380 struct timeval *tv) {
382 char *pid = NULL, *uid = NULL, *gid = NULL,
383 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
384 *comm = NULL, *cmdline = NULL, *hostname = NULL,
385 *audit_session = NULL, *audit_loginuid = NULL,
386 *exe = NULL, *cgroup = NULL;
392 uid_t loginuid = 0, realuid = 0;
394 bool vacuumed = false;
405 realuid = ucred->uid;
407 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
408 IOVEC_SET_STRING(iovec[n++], pid);
410 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
411 IOVEC_SET_STRING(iovec[n++], uid);
413 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
414 IOVEC_SET_STRING(iovec[n++], gid);
416 r = get_process_comm(ucred->pid, &t);
418 comm = strappend("_COMM=", t);
420 IOVEC_SET_STRING(iovec[n++], comm);
424 r = get_process_exe(ucred->pid, &t);
426 exe = strappend("_EXE=", t);
428 IOVEC_SET_STRING(iovec[n++], exe);
432 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
434 cmdline = strappend("_CMDLINE=", t);
436 IOVEC_SET_STRING(iovec[n++], cmdline);
440 r = audit_session_from_pid(ucred->pid, &session);
442 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) session) >= 0)
443 IOVEC_SET_STRING(iovec[n++], audit_session);
445 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
447 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
448 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
450 path = shortened_cgroup_path(ucred->pid);
452 cgroup = strappend("_SYSTEMD_CGROUP=", path);
454 IOVEC_SET_STRING(iovec[n++], cgroup);
461 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
462 (unsigned long long) timeval_load(tv)) >= 0)
463 IOVEC_SET_STRING(iovec[n++], source_time);
466 /* Note that strictly speaking storing the boot id here is
467 * redundant since the entry includes this in-line
468 * anyway. However, we need this indexed, too. */
469 r = sd_id128_get_boot(&id);
471 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
472 IOVEC_SET_STRING(iovec[n++], boot_id);
474 r = sd_id128_get_machine(&id);
476 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
477 IOVEC_SET_STRING(iovec[n++], machine_id);
479 t = gethostname_malloc();
481 hostname = strappend("_HOSTNAME=", t);
483 IOVEC_SET_STRING(iovec[n++], hostname);
490 f = find_journal(s, realuid == 0 ? 0 : loginuid);
492 log_warning("Dropping message, as we can't find a place to store the data.");
494 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
496 if (r == -E2BIG && !vacuumed) {
497 log_info("Allocation limit reached.");
502 log_info("Retrying write.");
507 log_error("Failed to write entry, ignoring: %s", strerror(-r));
521 free(audit_loginuid);
525 static void dispatch_message(Server *s,
526 struct iovec *iovec, unsigned n, unsigned m,
534 assert(iovec || n == 0);
542 path = shortened_cgroup_path(ucred->pid);
546 /* example: /user/lennart/3/foobar
547 * /system/dbus.service/foobar
549 * So let's cut of everything past the third /, since that is
550 * wher user directories start */
552 c = strchr(path, '/');
554 c = strchr(c+1, '/');
556 c = strchr(c+1, '/');
562 rl = journal_rate_limit_test(s->rate_limit, path, priority, available_space(s));
571 char suppress_message[LINE_MAX];
572 struct iovec suppress_iovec[15];
574 /* Write a suppression message if we suppressed something */
576 snprintf(suppress_message, sizeof(suppress_message), "MESSAGE=Suppressed %u messages from %s", rl - 1, path);
577 char_array_0(suppress_message);
579 IOVEC_SET_STRING(suppress_iovec[j++], "PRIORITY=5");
580 IOVEC_SET_STRING(suppress_iovec[j++], suppress_message);
582 dispatch_message_real(s, suppress_iovec, j, ELEMENTSOF(suppress_iovec), NULL, NULL);
588 dispatch_message_real(s, iovec, n, m, ucred, tv);
591 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv) {
592 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL;
593 struct iovec iovec[16];
595 int priority = LOG_USER | LOG_INFO;
600 parse_syslog_priority((char**) &buf, &priority);
601 skip_syslog_date((char**) &buf);
603 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
604 IOVEC_SET_STRING(iovec[n++], syslog_priority);
606 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
607 IOVEC_SET_STRING(iovec[n++], syslog_facility);
609 message = strappend("MESSAGE=", buf);
611 IOVEC_SET_STRING(iovec[n++], message);
613 dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, priority & LOG_PRIMASK);
616 free(syslog_facility);
617 free(syslog_priority);
620 static bool valid_user_field(const char *p, size_t l) {
623 /* We kinda enforce POSIX syntax recommendations for
624 environment variables here, but make a couple of additional
627 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
629 /* No empty field names */
633 /* Don't allow names longer than 64 chars */
637 /* Variables starting with an underscore are protected */
641 /* Don't allow digits as first character */
642 if (p[0] >= '0' && p[0] <= '9')
645 /* Only allow A-Z0-9 and '_' */
646 for (a = p; a < p + l; a++)
647 if (!((*a >= 'A' && *a <= 'Z') ||
648 (*a >= '0' && *a <= '9') ||
655 static void process_native_message(Server *s, const void *buffer, size_t buffer_size, struct ucred *ucred, struct timeval *tv) {
656 struct iovec *iovec = NULL;
657 unsigned n = 0, m = 0, j;
660 int priority = LOG_INFO;
663 assert(buffer || n == 0);
666 remaining = buffer_size;
668 while (remaining > 0) {
671 e = memchr(p, '\n', remaining);
674 /* Trailing noise, let's ignore it, and flush what we collected */
675 log_debug("Received message with trailing noise, ignoring.");
680 /* Entry separator */
681 dispatch_message(s, iovec, n, m, ucred, tv, priority);
690 if (*p == '.' || *p == '#') {
691 /* Ignore control commands for now, and
693 remaining -= (e - p) + 1;
698 /* A property follows */
704 u = MAX((n+13U) * 2U, 4U);
705 c = realloc(iovec, u * sizeof(struct iovec));
707 log_error("Out of memory");
715 q = memchr(p, '=', e - p);
717 if (valid_user_field(p, q - p)) {
718 /* If the field name starts with an
719 * underscore, skip the variable,
720 * since that indidates a trusted
722 iovec[n].iov_base = (char*) p;
723 iovec[n].iov_len = e - p;
726 /* We need to determine the priority
727 * of this entry for the rate limiting
730 memcmp(p, "PRIORITY=", 10) == 0 &&
733 priority = p[10] - '0';
736 remaining -= (e - p) + 1;
743 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
744 log_debug("Failed to parse message, ignoring.");
748 memcpy(&l, e + 1, sizeof(uint64_t));
751 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
752 e[1+sizeof(uint64_t)+l] != '\n') {
753 log_debug("Failed to parse message, ignoring.");
757 k = malloc((e - p) + 1 + l);
759 log_error("Out of memory");
765 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
767 if (valid_user_field(p, e - p)) {
768 iovec[n].iov_base = k;
769 iovec[n].iov_len = (e - p) + 1 + l;
774 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
775 p = e + 1 + sizeof(uint64_t) + l + 1;
779 dispatch_message(s, iovec, n, m, ucred, tv, priority);
781 for (j = 0; j < n; j++)
782 if (iovec[j].iov_base < buffer ||
783 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
784 free(iovec[j].iov_base);
787 static int stdout_stream_log(StdoutStream *s, const char *p, size_t l) {
788 struct iovec iovec[15];
789 char *message = NULL, *syslog_priority = NULL;
797 priority = s->priority;
799 if (s->priority_prefix &&
802 p[1] >= '0' && p[1] <= '7' &&
805 priority = p[1] - '0';
813 if (asprintf(&syslog_priority, "PRIORITY=%i", priority) >= 0)
814 IOVEC_SET_STRING(iovec[n++], syslog_priority);
816 tag_len = s->tag ? strlen(s->tag) + 2: 0;
817 message = malloc(8 + tag_len + l);
819 memcpy(message, "MESSAGE=", 8);
822 memcpy(message+8, s->tag, tag_len-2);
823 memcpy(message+8+tag_len-2, ": ", 2);
826 memcpy(message+8+tag_len, p, l);
827 iovec[n].iov_base = message;
828 iovec[n].iov_len = 8+tag_len+l;
832 dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, priority);
834 if (s->tee_console) {
837 console = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC);
841 IOVEC_SET_STRING(iovec[n++], s->tag);
842 IOVEC_SET_STRING(iovec[n++], ": ");
845 iovec[n].iov_base = (void*) p;
846 iovec[n].iov_len = l;
849 IOVEC_SET_STRING(iovec[n++], (char*) "\n");
851 writev(console, iovec, n);
856 free(syslog_priority);
861 static int stdout_stream_line(StdoutStream *s, const char *p, size_t l) {
865 while (l > 0 && strchr(WHITESPACE, *p)) {
870 while (l > 0 && strchr(WHITESPACE, *(p+l-1)))
875 case STDOUT_STREAM_TAG:
878 s->tag = strndup(p, l);
880 log_error("Out of memory");
885 s->state = STDOUT_STREAM_PRIORITY;
888 case STDOUT_STREAM_PRIORITY:
889 if (l != 1 || *p < '0' || *p > '7') {
890 log_warning("Failed to parse log priority line.");
894 s->priority = *p - '0';
895 s->state = STDOUT_STREAM_PRIORITY_PREFIX;
898 case STDOUT_STREAM_PRIORITY_PREFIX:
899 if (l != 1 || *p < '0' || *p > '1') {
900 log_warning("Failed to parse priority prefix line.");
904 s->priority_prefix = *p - '0';
905 s->state = STDOUT_STREAM_TEE_CONSOLE;
908 case STDOUT_STREAM_TEE_CONSOLE:
909 if (l != 1 || *p < '0' || *p > '1') {
910 log_warning("Failed to parse tee to console line.");
914 s->tee_console = *p - '0';
915 s->state = STDOUT_STREAM_RUNNING;
918 case STDOUT_STREAM_RUNNING:
919 return stdout_stream_log(s, p, l);
922 assert_not_reached("Unknown stream state");
925 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
933 remaining = s->length;
938 end = memchr(p, '\n', remaining);
940 if (remaining >= LINE_MAX) {
948 r = stdout_stream_line(s, p, end - p);
956 if (force_flush && remaining > 0) {
957 r = stdout_stream_line(s, p, remaining);
966 memmove(s->buffer, p, remaining);
967 s->length = remaining;
973 static int stdout_stream_process(StdoutStream *s) {
979 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
985 log_warning("Failed to read from stream: %m");
990 r = stdout_stream_scan(s, true);
998 r = stdout_stream_scan(s, false);
1006 static void stdout_stream_free(StdoutStream *s) {
1010 assert(s->server->n_stdout_streams > 0);
1011 s->server->n_stdout_streams --;
1012 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1017 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1019 close_nointr_nofail(s->fd);
1026 static int stdout_stream_new(Server *s) {
1027 StdoutStream *stream;
1030 struct epoll_event ev;
1034 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1036 if (errno == EAGAIN)
1039 log_error("Failed to accept stdout connection: %m");
1043 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1044 log_warning("Too many stdout streams, refusing connection.");
1045 close_nointr_nofail(fd);
1049 stream = new0(StdoutStream, 1);
1051 log_error("Out of memory.");
1052 close_nointr_nofail(fd);
1058 len = sizeof(stream->ucred);
1059 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1060 log_error("Failed to determine peer credentials: %m");
1065 if (shutdown(fd, SHUT_WR) < 0) {
1066 log_error("Failed to shutdown writing side of socket: %m");
1072 ev.data.ptr = stream;
1073 ev.events = EPOLLIN;
1074 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1075 log_error("Failed to add stream to event loop: %m");
1081 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1082 s->n_stdout_streams ++;
1087 stdout_stream_free(stream);
1091 static int process_event(Server *s, struct epoll_event *ev) {
1094 if (ev->data.fd == s->signal_fd) {
1095 struct signalfd_siginfo sfsi;
1098 if (ev->events != EPOLLIN) {
1099 log_info("Got invalid event from epoll.");
1103 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
1104 if (n != sizeof(sfsi)) {
1109 if (errno == EINTR || errno == EAGAIN)
1115 log_debug("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1118 } else if (ev->data.fd == s->native_fd ||
1119 ev->data.fd == s->syslog_fd) {
1121 if (ev->events != EPOLLIN) {
1122 log_info("Got invalid event from epoll.");
1127 struct msghdr msghdr;
1129 struct ucred *ucred = NULL;
1130 struct timeval *tv = NULL;
1131 struct cmsghdr *cmsg;
1133 struct cmsghdr cmsghdr;
1134 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1135 CMSG_SPACE(sizeof(struct timeval))];
1140 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
1141 log_error("SIOCINQ failed: %m");
1148 if (s->buffer_size < (size_t) v) {
1152 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
1153 b = realloc(s->buffer, l+1);
1156 log_error("Couldn't increase buffer.");
1165 iovec.iov_base = s->buffer;
1166 iovec.iov_len = s->buffer_size;
1170 msghdr.msg_iov = &iovec;
1171 msghdr.msg_iovlen = 1;
1172 msghdr.msg_control = &control;
1173 msghdr.msg_controllen = sizeof(control);
1175 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT);
1178 if (errno == EINTR || errno == EAGAIN)
1181 log_error("recvmsg() failed: %m");
1185 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
1187 if (cmsg->cmsg_level == SOL_SOCKET &&
1188 cmsg->cmsg_type == SCM_CREDENTIALS &&
1189 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1190 ucred = (struct ucred*) CMSG_DATA(cmsg);
1191 else if (cmsg->cmsg_level == SOL_SOCKET &&
1192 cmsg->cmsg_type == SO_TIMESTAMP &&
1193 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1194 tv = (struct timeval*) CMSG_DATA(cmsg);
1197 if (ev->data.fd == s->syslog_fd) {
1200 e = memchr(s->buffer, '\n', n);
1206 process_syslog_message(s, strstrip(s->buffer), ucred, tv);
1208 process_native_message(s, s->buffer, n, ucred, tv);
1213 } else if (ev->data.fd == s->stdout_fd) {
1215 if (ev->events != EPOLLIN) {
1216 log_info("Got invalid event from epoll.");
1220 stdout_stream_new(s);
1224 StdoutStream *stream;
1226 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
1227 log_info("Got invalid event from epoll.");
1231 /* If it is none of the well-known fds, it must be an
1232 * stdout stream fd. Note that this is a bit ugly here
1233 * (since we rely that none of the well-known fds
1234 * could be interpreted as pointer), but nonetheless
1235 * safe, since the well-known fds would never get an
1236 * fd > 4096, i.e. beyond the first memory page */
1238 stream = ev->data.ptr;
1240 if (stdout_stream_process(stream) <= 0)
1241 stdout_stream_free(stream);
1246 log_error("Unknown event.");
1250 static int system_journal_open(Server *s) {
1256 r = sd_id128_get_machine(&machine);
1260 /* First try to create the machine path, but not the prefix */
1261 fn = strappend("/var/log/journal/", sd_id128_to_string(machine, ids));
1264 (void) mkdir(fn, 0755);
1267 /* The create the system journal file */
1268 fn = join("/var/log/journal/", ids, "/system.journal", NULL);
1272 r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->system_journal);
1276 s->system_journal->metrics = s->metrics;
1277 s->system_journal->compress = s->compress;
1279 fix_perms(s->system_journal, 0);
1283 if (r < 0 && r != -ENOENT) {
1284 log_error("Failed to open system journal: %s", strerror(-r));
1288 /* /var didn't work, so try /run, but this time we
1289 * create the prefix too */
1290 fn = join("/run/log/journal/", ids, "/system.journal", NULL);
1294 (void) mkdir_parents(fn, 0755);
1295 r = journal_file_open(fn, O_RDWR|O_CREAT, 0640, NULL, &s->runtime_journal);
1299 log_error("Failed to open runtime journal: %s", strerror(-r));
1303 s->runtime_journal->metrics = s->metrics;
1304 s->runtime_journal->compress = s->compress;
1306 fix_perms(s->runtime_journal, 0);
1310 static int open_syslog_socket(Server *s) {
1311 union sockaddr_union sa;
1313 struct epoll_event ev;
1317 if (s->syslog_fd < 0) {
1319 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
1320 if (s->syslog_fd < 0) {
1321 log_error("socket() failed: %m");
1326 sa.un.sun_family = AF_UNIX;
1327 strncpy(sa.un.sun_path, "/run/systemd/syslog", sizeof(sa.un.sun_path));
1329 unlink(sa.un.sun_path);
1331 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
1333 log_error("bind() failed: %m");
1337 chmod(sa.un.sun_path, 0666);
1341 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
1343 log_error("SO_PASSCRED failed: %m");
1348 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
1350 log_error("SO_TIMESTAMP failed: %m");
1355 ev.events = EPOLLIN;
1356 ev.data.fd = s->syslog_fd;
1357 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
1358 log_error("Failed to add syslog server fd to epoll object: %m");
1365 static int open_native_socket(Server*s) {
1366 union sockaddr_union sa;
1368 struct epoll_event ev;
1372 if (s->native_fd < 0) {
1374 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0);
1375 if (s->native_fd < 0) {
1376 log_error("socket() failed: %m");
1381 sa.un.sun_family = AF_UNIX;
1382 strncpy(sa.un.sun_path, "/run/systemd/journal", sizeof(sa.un.sun_path));
1384 unlink(sa.un.sun_path);
1386 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
1388 log_error("bind() failed: %m");
1392 chmod(sa.un.sun_path, 0666);
1396 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
1398 log_error("SO_PASSCRED failed: %m");
1403 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
1405 log_error("SO_TIMESTAMP failed: %m");
1410 ev.events = EPOLLIN;
1411 ev.data.fd = s->native_fd;
1412 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
1413 log_error("Failed to add native server fd to epoll object: %m");
1420 static int open_stdout_socket(Server *s) {
1421 union sockaddr_union sa;
1423 struct epoll_event ev;
1427 if (s->stdout_fd < 0) {
1429 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0);
1430 if (s->stdout_fd < 0) {
1431 log_error("socket() failed: %m");
1436 sa.un.sun_family = AF_UNIX;
1437 strncpy(sa.un.sun_path, "/run/systemd/stdout", sizeof(sa.un.sun_path));
1439 unlink(sa.un.sun_path);
1441 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
1443 log_error("bind() failed: %m");
1447 chmod(sa.un.sun_path, 0666);
1449 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
1450 log_error("liste() failed: %m");
1456 ev.events = EPOLLIN;
1457 ev.data.fd = s->stdout_fd;
1458 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
1459 log_error("Failed to add stdout server fd to epoll object: %m");
1466 static int open_signalfd(Server *s) {
1468 struct epoll_event ev;
1472 assert_se(sigemptyset(&mask) == 0);
1473 sigset_add_many(&mask, SIGINT, SIGTERM, -1);
1474 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
1476 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
1477 if (s->signal_fd < 0) {
1478 log_error("signalfd(): %m");
1483 ev.events = EPOLLIN;
1484 ev.data.fd = s->signal_fd;
1486 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
1487 log_error("epoll_ctl(): %m");
1494 static int server_init(Server *s) {
1500 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = -1;
1501 s->metrics.max_size = DEFAULT_MAX_SIZE;
1502 s->metrics.min_size = DEFAULT_MIN_SIZE;
1503 s->metrics.keep_free = DEFAULT_KEEP_FREE;
1504 s->max_use = DEFAULT_MAX_USE;
1507 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
1508 if (!s->user_journals) {
1509 log_error("Out of memory.");
1513 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
1514 if (s->epoll_fd < 0) {
1515 log_error("Failed to create epoll object: %m");
1519 n = sd_listen_fds(true);
1521 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
1525 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1527 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/native", 0) > 0) {
1529 if (s->native_fd >= 0) {
1530 log_error("Too many native sockets passed.");
1536 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/stdout", 0) > 0) {
1538 if (s->stdout_fd >= 0) {
1539 log_error("Too many stdout sockets passed.");
1545 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
1547 if (s->syslog_fd >= 0) {
1548 log_error("Too many /dev/log sockets passed.");
1555 log_error("Unknown socket passed.");
1560 r = open_syslog_socket(s);
1564 r = open_native_socket(s);
1568 r = open_stdout_socket(s);
1572 r = system_journal_open(s);
1576 r = open_signalfd(s);
1580 s->rate_limit = journal_rate_limit_new(DEFAULT_RATE_LIMIT_INTERVAL, DEFAULT_RATE_LIMIT_BURST);
1587 static void server_done(Server *s) {
1591 while (s->stdout_streams)
1592 stdout_stream_free(s->stdout_streams);
1594 if (s->system_journal)
1595 journal_file_close(s->system_journal);
1597 if (s->runtime_journal)
1598 journal_file_close(s->runtime_journal);
1600 while ((f = hashmap_steal_first(s->user_journals)))
1601 journal_file_close(f);
1603 hashmap_free(s->user_journals);
1605 if (s->epoll_fd >= 0)
1606 close_nointr_nofail(s->epoll_fd);
1608 if (s->signal_fd >= 0)
1609 close_nointr_nofail(s->signal_fd);
1611 if (s->syslog_fd >= 0)
1612 close_nointr_nofail(s->syslog_fd);
1614 if (s->native_fd >= 0)
1615 close_nointr_nofail(s->native_fd);
1617 if (s->stdout_fd >= 0)
1618 close_nointr_nofail(s->stdout_fd);
1621 journal_rate_limit_free(s->rate_limit);
1624 int main(int argc, char *argv[]) {
1628 /* if (getppid() != 1) { */
1629 /* log_error("This program should be invoked by init only."); */
1630 /* return EXIT_FAILURE; */
1634 log_error("This program does not take arguments.");
1635 return EXIT_FAILURE;
1638 log_set_target(LOG_TARGET_CONSOLE);
1639 log_set_max_level(LOG_DEBUG);
1640 log_parse_environment();
1645 r = server_init(&server);
1649 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
1653 "STATUS=Processing requests...");
1656 struct epoll_event event;
1658 r = epoll_wait(server.epoll_fd, &event, 1, -1);
1664 log_error("epoll_wait() failed: %m");
1670 r = process_event(&server, &event);
1677 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
1681 "STATUS=Shutting down...");
1683 server_done(&server);
1685 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
~ianmdlvl / elogind.git / blob