1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2011 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 #include <sys/epoll.h>
23 #include <sys/socket.h>
25 #include <sys/signalfd.h>
29 #include <sys/ioctl.h>
30 #include <linux/sockios.h>
31 #include <sys/statvfs.h>
35 #include <systemd/sd-journal.h>
36 #include <systemd/sd-messages.h>
37 #include <systemd/sd-daemon.h>
40 #include <systemd/sd-login.h>
45 #include "journal-file.h"
46 #include "socket-util.h"
47 #include "cgroup-util.h"
49 #include "journal-rate-limit.h"
50 #include "journal-internal.h"
51 #include "journal-vacuum.h"
52 #include "journal-authenticate.h"
53 #include "conf-parser.h"
55 #include "journald-kmsg.h"
61 #include <acl/libacl.h>
66 #include <selinux/selinux.h>
69 #define USER_JOURNALS_MAX 1024
70 #define STDOUT_STREAMS_MAX 4096
72 #define DEFAULT_RATE_LIMIT_INTERVAL (10*USEC_PER_SEC)
73 #define DEFAULT_RATE_LIMIT_BURST 200
75 #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
77 #define ENTRY_SIZE_MAX (1024*1024*32)
79 typedef enum StdoutStreamState {
80 STDOUT_STREAM_IDENTIFIER,
81 STDOUT_STREAM_UNIT_ID,
82 STDOUT_STREAM_PRIORITY,
83 STDOUT_STREAM_LEVEL_PREFIX,
84 STDOUT_STREAM_FORWARD_TO_SYSLOG,
85 STDOUT_STREAM_FORWARD_TO_KMSG,
86 STDOUT_STREAM_FORWARD_TO_CONSOLE,
92 StdoutStreamState state;
98 security_context_t security_context;
105 bool forward_to_syslog:1;
106 bool forward_to_kmsg:1;
107 bool forward_to_console:1;
109 char buffer[LINE_MAX+1];
112 LIST_FIELDS(StdoutStream, stdout_stream);
115 static const char* const storage_table[] = {
116 [STORAGE_AUTO] = "auto",
117 [STORAGE_VOLATILE] = "volatile",
118 [STORAGE_PERSISTENT] = "persistent",
119 [STORAGE_NONE] = "none"
122 DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
123 DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
125 static uint64_t available_space(Server *s) {
130 uint64_t sum = 0, avail = 0, ss_avail = 0;
136 ts = now(CLOCK_MONOTONIC);
138 if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts)
139 return s->cached_available_space;
141 r = sd_id128_get_machine(&machine);
145 if (s->system_journal) {
146 f = "/var/log/journal/";
147 m = &s->system_metrics;
149 f = "/run/log/journal/";
150 m = &s->runtime_metrics;
155 p = strappend(f, sd_id128_to_string(machine, ids));
165 if (fstatvfs(dirfd(d), &ss) < 0)
170 struct dirent buf, *de;
172 r = readdir_r(d, &buf, &de);
179 if (!endswith(de->d_name, ".journal") &&
180 !endswith(de->d_name, ".journal~"))
183 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
186 if (!S_ISREG(st.st_mode))
189 sum += (uint64_t) st.st_blocks * 512UL;
192 avail = sum >= m->max_use ? 0 : m->max_use - sum;
194 ss_avail = ss.f_bsize * ss.f_bavail;
196 ss_avail = ss_avail < m->keep_free ? 0 : ss_avail - m->keep_free;
198 if (ss_avail < avail)
201 s->cached_available_space = avail;
202 s->cached_available_space_timestamp = ts;
210 static void server_read_file_gid(Server *s) {
211 const char *adm = "adm";
216 if (s->file_gid_valid)
219 r = get_group_creds(&adm, &s->file_gid);
221 log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
223 /* if we couldn't read the gid, then it will be 0, but that's
224 * fine and we shouldn't try to resolve the group again, so
225 * let's just pretend it worked right-away. */
226 s->file_gid_valid = true;
229 static void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
234 acl_permset_t permset;
239 server_read_file_gid(s);
241 r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
243 log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
249 acl = acl_get_fd(f->fd);
251 log_warning("Failed to read ACL on %s, ignoring: %m", f->path);
255 r = acl_find_uid(acl, uid, &entry);
258 if (acl_create_entry(&acl, &entry) < 0 ||
259 acl_set_tag_type(entry, ACL_USER) < 0 ||
260 acl_set_qualifier(entry, &uid) < 0) {
261 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
266 if (acl_get_permset(entry, &permset) < 0 ||
267 acl_add_perm(permset, ACL_READ) < 0 ||
268 acl_calc_mask(&acl) < 0) {
269 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
273 if (acl_set_fd(f->fd, acl) < 0)
274 log_warning("Failed to set ACL on %s, ignoring: %m", f->path);
281 static JournalFile* find_journal(Server *s, uid_t uid) {
289 /* We split up user logs only on /var, not on /run. If the
290 * runtime file is open, we write to it exclusively, in order
291 * to guarantee proper order as soon as we flush /run to
292 * /var and close the runtime file. */
294 if (s->runtime_journal)
295 return s->runtime_journal;
298 return s->system_journal;
300 r = sd_id128_get_machine(&machine);
302 return s->system_journal;
304 f = hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
308 if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal",
309 SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0)
310 return s->system_journal;
312 while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
313 /* Too many open? Then let's close one */
314 f = hashmap_steal_first(s->user_journals);
316 journal_file_close(f);
319 r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, s->system_journal, &f);
323 return s->system_journal;
325 server_fix_perms(s, f, uid);
327 r = hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
329 journal_file_close(f);
330 return s->system_journal;
336 static void server_rotate(Server *s) {
342 log_info("Rotating...");
344 if (s->runtime_journal) {
345 r = journal_file_rotate(&s->runtime_journal, s->compress, false);
347 if (s->runtime_journal)
348 log_error("Failed to rotate %s: %s", s->runtime_journal->path, strerror(-r));
350 log_error("Failed to create new runtime journal: %s", strerror(-r));
352 server_fix_perms(s, s->runtime_journal, 0);
355 if (s->system_journal) {
356 r = journal_file_rotate(&s->system_journal, s->compress, s->seal);
358 if (s->system_journal)
359 log_error("Failed to rotate %s: %s", s->system_journal->path, strerror(-r));
361 log_error("Failed to create new system journal: %s", strerror(-r));
364 server_fix_perms(s, s->system_journal, 0);
367 HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
368 r = journal_file_rotate(&f, s->compress, s->seal);
371 log_error("Failed to rotate %s: %s", f->path, strerror(-r));
373 log_error("Failed to create user journal: %s", strerror(-r));
375 hashmap_replace(s->user_journals, k, f);
376 server_fix_perms(s, s->system_journal, PTR_TO_UINT32(k));
381 static void server_vacuum(Server *s) {
387 log_info("Vacuuming...");
389 r = sd_id128_get_machine(&machine);
391 log_error("Failed to get machine ID: %s", strerror(-r));
395 sd_id128_to_string(machine, ids);
397 if (s->system_journal) {
398 if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
403 r = journal_directory_vacuum(p, s->system_metrics.max_use, s->system_metrics.keep_free);
404 if (r < 0 && r != -ENOENT)
405 log_error("Failed to vacuum %s: %s", p, strerror(-r));
409 if (s->runtime_journal) {
410 if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
415 r = journal_directory_vacuum(p, s->runtime_metrics.max_use, s->runtime_metrics.keep_free);
416 if (r < 0 && r != -ENOENT)
417 log_error("Failed to vacuum %s: %s", p, strerror(-r));
421 s->cached_available_space_timestamp = 0;
424 static char *shortened_cgroup_path(pid_t pid) {
426 char *process_path, *init_path, *path;
430 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, pid, &process_path);
434 r = cg_get_by_pid(SYSTEMD_CGROUP_CONTROLLER, 1, &init_path);
440 if (endswith(init_path, "/system"))
441 init_path[strlen(init_path) - 7] = 0;
442 else if (streq(init_path, "/"))
445 if (startswith(process_path, init_path)) {
448 p = strdup(process_path + strlen(init_path));
466 static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n) {
468 bool vacuumed = false;
475 f = find_journal(s, uid);
479 if (journal_file_rotate_suggested(f)) {
480 log_info("Journal header limits reached or header out-of-date, rotating.");
485 f = find_journal(s, uid);
491 r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
496 (r != -E2BIG && /* hit limit */
497 r != -EFBIG && /* hit fs limit */
498 r != -EDQUOT && /* quota hit */
499 r != -ENOSPC && /* disk full */
500 r != -EBADMSG && /* corrupted */
501 r != -ENODATA && /* truncated */
502 r != -EHOSTDOWN && /* other machine */
503 r != -EPROTONOSUPPORT && /* unsupported feature */
504 r != -EBUSY && /* unclean shutdown */
505 r != -ESHUTDOWN /* already archived */)) {
506 log_error("Failed to write entry, ignoring: %s", strerror(-r));
510 if (r == -E2BIG || r == -EFBIG || r == EDQUOT || r == ENOSPC)
511 log_info("Allocation limit reached, rotating.");
512 else if (r == -EHOSTDOWN)
513 log_info("Journal file from other machine, rotating.");
514 else if (r == -EBUSY)
515 log_info("Unlcean shutdown, rotating.");
517 log_warning("Journal file corrupted, rotating.");
523 f = find_journal(s, uid);
527 log_info("Retrying write.");
531 static void dispatch_message_real(
533 struct iovec *iovec, unsigned n, unsigned m,
536 const char *label, size_t label_len,
537 const char *unit_id) {
539 char *pid = NULL, *uid = NULL, *gid = NULL,
540 *source_time = NULL, *boot_id = NULL, *machine_id = NULL,
541 *comm = NULL, *cmdline = NULL, *hostname = NULL,
542 *audit_session = NULL, *audit_loginuid = NULL,
543 *exe = NULL, *cgroup = NULL, *session = NULL,
544 *owner_uid = NULL, *unit = NULL, *selinux_context = NULL;
550 uid_t loginuid = 0, realuid = 0;
555 assert(n + N_IOVEC_META_FIELDS <= m);
563 realuid = ucred->uid;
565 if (asprintf(&pid, "_PID=%lu", (unsigned long) ucred->pid) >= 0)
566 IOVEC_SET_STRING(iovec[n++], pid);
568 if (asprintf(&uid, "_UID=%lu", (unsigned long) ucred->uid) >= 0)
569 IOVEC_SET_STRING(iovec[n++], uid);
571 if (asprintf(&gid, "_GID=%lu", (unsigned long) ucred->gid) >= 0)
572 IOVEC_SET_STRING(iovec[n++], gid);
574 r = get_process_comm(ucred->pid, &t);
576 comm = strappend("_COMM=", t);
580 IOVEC_SET_STRING(iovec[n++], comm);
583 r = get_process_exe(ucred->pid, &t);
585 exe = strappend("_EXE=", t);
589 IOVEC_SET_STRING(iovec[n++], exe);
592 r = get_process_cmdline(ucred->pid, LINE_MAX, false, &t);
594 cmdline = strappend("_CMDLINE=", t);
598 IOVEC_SET_STRING(iovec[n++], cmdline);
601 r = audit_session_from_pid(ucred->pid, &audit);
603 if (asprintf(&audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit) >= 0)
604 IOVEC_SET_STRING(iovec[n++], audit_session);
606 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
608 if (asprintf(&audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid) >= 0)
609 IOVEC_SET_STRING(iovec[n++], audit_loginuid);
611 t = shortened_cgroup_path(ucred->pid);
613 cgroup = strappend("_SYSTEMD_CGROUP=", t);
617 IOVEC_SET_STRING(iovec[n++], cgroup);
621 if (sd_pid_get_session(ucred->pid, &t) >= 0) {
622 session = strappend("_SYSTEMD_SESSION=", t);
626 IOVEC_SET_STRING(iovec[n++], session);
629 if (sd_pid_get_owner_uid(ucred->uid, &owner) >= 0)
630 if (asprintf(&owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner) >= 0)
631 IOVEC_SET_STRING(iovec[n++], owner_uid);
634 if (cg_pid_get_unit(ucred->pid, &t) >= 0) {
635 unit = strappend("_SYSTEMD_UNIT=", t);
638 unit = strappend("_SYSTEMD_UNIT=", unit_id);
641 IOVEC_SET_STRING(iovec[n++], unit);
645 selinux_context = malloc(sizeof("_SELINUX_CONTEXT=") + label_len);
646 if (selinux_context) {
647 memcpy(selinux_context, "_SELINUX_CONTEXT=", sizeof("_SELINUX_CONTEXT=")-1);
648 memcpy(selinux_context+sizeof("_SELINUX_CONTEXT=")-1, label, label_len);
649 selinux_context[sizeof("_SELINUX_CONTEXT=")-1+label_len] = 0;
650 IOVEC_SET_STRING(iovec[n++], selinux_context);
653 security_context_t con;
655 if (getpidcon(ucred->pid, &con) >= 0) {
656 selinux_context = strappend("_SELINUX_CONTEXT=", con);
658 IOVEC_SET_STRING(iovec[n++], selinux_context);
667 if (asprintf(&source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu",
668 (unsigned long long) timeval_load(tv)) >= 0)
669 IOVEC_SET_STRING(iovec[n++], source_time);
672 /* Note that strictly speaking storing the boot id here is
673 * redundant since the entry includes this in-line
674 * anyway. However, we need this indexed, too. */
675 r = sd_id128_get_boot(&id);
677 if (asprintf(&boot_id, "_BOOT_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
678 IOVEC_SET_STRING(iovec[n++], boot_id);
680 r = sd_id128_get_machine(&id);
682 if (asprintf(&machine_id, "_MACHINE_ID=%s", sd_id128_to_string(id, idbuf)) >= 0)
683 IOVEC_SET_STRING(iovec[n++], machine_id);
685 t = gethostname_malloc();
687 hostname = strappend("_HOSTNAME=", t);
690 IOVEC_SET_STRING(iovec[n++], hostname);
695 write_to_journal(s, realuid == 0 ? 0 : loginuid, iovec, n);
708 free(audit_loginuid);
713 free(selinux_context);
716 void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
717 char mid[11 + 32 + 1];
718 char buffer[16 + LINE_MAX + 1];
719 struct iovec iovec[N_IOVEC_META_FIELDS + 4];
727 IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
728 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
730 memcpy(buffer, "MESSAGE=", 8);
731 va_start(ap, format);
732 vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
734 char_array_0(buffer);
735 IOVEC_SET_STRING(iovec[n++], buffer);
737 snprintf(mid, sizeof(mid), "MESSAGE_ID=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(message_id));
739 IOVEC_SET_STRING(iovec[n++], mid);
742 ucred.pid = getpid();
743 ucred.uid = getuid();
744 ucred.gid = getgid();
746 dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL);
749 void server_dispatch_message(
751 struct iovec *iovec, unsigned n, unsigned m,
754 const char *label, size_t label_len,
759 char *path = NULL, *c;
762 assert(iovec || n == 0);
767 if (LOG_PRI(priority) > s->max_level_store)
773 path = shortened_cgroup_path(ucred->pid);
777 /* example: /user/lennart/3/foobar
778 * /system/dbus.service/foobar
780 * So let's cut of everything past the third /, since that is
781 * wher user directories start */
783 c = strchr(path, '/');
785 c = strchr(c+1, '/');
787 c = strchr(c+1, '/');
793 rl = journal_rate_limit_test(s->rate_limit, path, priority & LOG_PRIMASK, available_space(s));
800 /* Write a suppression message if we suppressed something */
802 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED, "Suppressed %u messages from %s", rl - 1, path);
807 dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id);
810 static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, struct ucred *ucred, struct timeval *tv) {
811 struct msghdr msghdr;
812 struct cmsghdr *cmsg;
814 struct cmsghdr cmsghdr;
815 uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
817 union sockaddr_union sa;
824 msghdr.msg_iov = (struct iovec*) iovec;
825 msghdr.msg_iovlen = n_iovec;
828 sa.un.sun_family = AF_UNIX;
829 strncpy(sa.un.sun_path, "/run/systemd/journal/syslog", sizeof(sa.un.sun_path));
830 msghdr.msg_name = &sa;
831 msghdr.msg_namelen = offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path);
835 msghdr.msg_control = &control;
836 msghdr.msg_controllen = sizeof(control);
838 cmsg = CMSG_FIRSTHDR(&msghdr);
839 cmsg->cmsg_level = SOL_SOCKET;
840 cmsg->cmsg_type = SCM_CREDENTIALS;
841 cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
842 memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
843 msghdr.msg_controllen = cmsg->cmsg_len;
846 /* Forward the syslog message we received via /dev/log to
847 * /run/systemd/syslog. Unfortunately we currently can't set
848 * the SO_TIMESTAMP auxiliary data, and hence we don't. */
850 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
853 /* The socket is full? I guess the syslog implementation is
854 * too slow, and we shouldn't wait for that... */
858 if (ucred && errno == ESRCH) {
861 /* Hmm, presumably the sender process vanished
862 * by now, so let's fix it as good as we
867 memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
869 if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
877 log_debug("Failed to forward syslog message: %m");
880 static void forward_syslog_raw(Server *s, int priority, const char *buffer, struct ucred *ucred, struct timeval *tv) {
886 if (LOG_PRI(priority) > s->max_level_syslog)
889 IOVEC_SET_STRING(iovec, buffer);
890 forward_syslog_iovec(s, &iovec, 1, ucred, tv);
893 static void forward_syslog(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred, struct timeval *tv) {
894 struct iovec iovec[5];
895 char header_priority[6], header_time[64], header_pid[16];
899 char *ident_buf = NULL;
902 assert(priority >= 0);
903 assert(priority <= 999);
906 if (LOG_PRI(priority) > s->max_level_syslog)
909 /* First: priority field */
910 snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
911 char_array_0(header_priority);
912 IOVEC_SET_STRING(iovec[n++], header_priority);
914 /* Second: timestamp */
915 t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
919 if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
921 IOVEC_SET_STRING(iovec[n++], header_time);
923 /* Third: identifier and PID */
926 get_process_comm(ucred->pid, &ident_buf);
927 identifier = ident_buf;
930 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
931 char_array_0(header_pid);
934 IOVEC_SET_STRING(iovec[n++], identifier);
936 IOVEC_SET_STRING(iovec[n++], header_pid);
937 } else if (identifier) {
938 IOVEC_SET_STRING(iovec[n++], identifier);
939 IOVEC_SET_STRING(iovec[n++], ": ");
942 /* Fourth: message */
943 IOVEC_SET_STRING(iovec[n++], message);
945 forward_syslog_iovec(s, iovec, n, ucred, tv);
950 static void forward_console(Server *s, int priority, const char *identifier, const char *message, struct ucred *ucred) {
951 struct iovec iovec[4];
954 char *ident_buf = NULL;
960 if (LOG_PRI(priority) > s->max_level_console)
963 /* First: identifier and PID */
966 get_process_comm(ucred->pid, &ident_buf);
967 identifier = ident_buf;
970 snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) ucred->pid);
971 char_array_0(header_pid);
974 IOVEC_SET_STRING(iovec[n++], identifier);
976 IOVEC_SET_STRING(iovec[n++], header_pid);
977 } else if (identifier) {
978 IOVEC_SET_STRING(iovec[n++], identifier);
979 IOVEC_SET_STRING(iovec[n++], ": ");
983 IOVEC_SET_STRING(iovec[n++], message);
984 IOVEC_SET_STRING(iovec[n++], "\n");
986 tty = s->tty_path ? s->tty_path : "/dev/console";
988 fd = open_terminal(tty, O_WRONLY|O_NOCTTY|O_CLOEXEC);
990 log_debug("Failed to open %s for logging: %s", tty, strerror(errno));
994 if (writev(fd, iovec, n) < 0)
995 log_debug("Failed to write to %s for logging: %s", tty, strerror(errno));
997 close_nointr_nofail(fd);
1003 int syslog_fixup_facility(int priority) {
1005 if ((priority & LOG_FACMASK) == 0)
1006 return (priority & LOG_PRIMASK) | LOG_USER;
1011 void syslog_read_identifier(const char **buf, char **identifier, char **pid) {
1022 p += strspn(p, WHITESPACE);
1023 l = strcspn(p, WHITESPACE);
1032 if (p[l-1] == ']') {
1038 t = strndup(p+k+1, l-k-2);
1058 *buf += strspn(*buf, WHITESPACE);
1061 static void process_syslog_message(Server *s, const char *buf, struct ucred *ucred, struct timeval *tv, const char *label, size_t label_len) {
1062 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
1063 struct iovec iovec[N_IOVEC_META_FIELDS + 6];
1065 int priority = LOG_USER | LOG_INFO;
1066 char *identifier = NULL, *pid = NULL;
1073 syslog_parse_priority((char**) &buf, &priority);
1075 if (s->forward_to_syslog)
1076 forward_syslog_raw(s, priority, orig, ucred, tv);
1078 syslog_skip_date((char**) &buf);
1079 syslog_read_identifier(&buf, &identifier, &pid);
1081 if (s->forward_to_kmsg)
1082 server_forward_kmsg(s, priority, identifier, buf, ucred);
1084 if (s->forward_to_console)
1085 forward_console(s, priority, identifier, buf, ucred);
1087 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
1089 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1090 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1092 if (priority & LOG_FACMASK)
1093 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1094 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1097 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", identifier);
1098 if (syslog_identifier)
1099 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1103 syslog_pid = strappend("SYSLOG_PID=", pid);
1105 IOVEC_SET_STRING(iovec[n++], syslog_pid);
1108 message = strappend("MESSAGE=", buf);
1110 IOVEC_SET_STRING(iovec[n++], message);
1112 server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority);
1117 free(syslog_priority);
1118 free(syslog_facility);
1119 free(syslog_identifier);
1123 static bool valid_user_field(const char *p, size_t l) {
1126 /* We kinda enforce POSIX syntax recommendations for
1127 environment variables here, but make a couple of additional
1130 http://pubs.opengroup.org/onlinepubs/000095399/basedefs/xbd_chap08.html */
1132 /* No empty field names */
1136 /* Don't allow names longer than 64 chars */
1140 /* Variables starting with an underscore are protected */
1144 /* Don't allow digits as first character */
1145 if (p[0] >= '0' && p[0] <= '9')
1148 /* Only allow A-Z0-9 and '_' */
1149 for (a = p; a < p + l; a++)
1150 if (!((*a >= 'A' && *a <= 'Z') ||
1151 (*a >= '0' && *a <= '9') ||
1158 static void process_native_message(
1160 const void *buffer, size_t buffer_size,
1161 struct ucred *ucred,
1163 const char *label, size_t label_len) {
1165 struct iovec *iovec = NULL;
1166 unsigned n = 0, m = 0, j, tn = (unsigned) -1;
1169 int priority = LOG_INFO;
1170 char *identifier = NULL, *message = NULL;
1173 assert(buffer || buffer_size == 0);
1176 remaining = buffer_size;
1178 while (remaining > 0) {
1181 e = memchr(p, '\n', remaining);
1184 /* Trailing noise, let's ignore it, and flush what we collected */
1185 log_debug("Received message with trailing noise, ignoring.");
1190 /* Entry separator */
1191 server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1193 priority = LOG_INFO;
1200 if (*p == '.' || *p == '#') {
1201 /* Ignore control commands for now, and
1203 remaining -= (e - p) + 1;
1208 /* A property follows */
1210 if (n+N_IOVEC_META_FIELDS >= m) {
1214 u = MAX((n+N_IOVEC_META_FIELDS+1) * 2U, 4U);
1215 c = realloc(iovec, u * sizeof(struct iovec));
1225 q = memchr(p, '=', e - p);
1227 if (valid_user_field(p, q - p)) {
1232 /* If the field name starts with an
1233 * underscore, skip the variable,
1234 * since that indidates a trusted
1236 iovec[n].iov_base = (char*) p;
1237 iovec[n].iov_len = l;
1240 /* We need to determine the priority
1241 * of this entry for the rate limiting
1244 memcmp(p, "PRIORITY=", 9) == 0 &&
1245 p[9] >= '0' && p[9] <= '9')
1246 priority = (priority & LOG_FACMASK) | (p[9] - '0');
1249 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1250 p[16] >= '0' && p[16] <= '9')
1251 priority = (priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
1254 memcmp(p, "SYSLOG_FACILITY=", 16) == 0 &&
1255 p[16] >= '0' && p[16] <= '9' &&
1256 p[17] >= '0' && p[17] <= '9')
1257 priority = (priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
1260 memcmp(p, "SYSLOG_IDENTIFIER=", 18) == 0) {
1263 t = strndup(p + 18, l - 18);
1268 } else if (l >= 8 &&
1269 memcmp(p, "MESSAGE=", 8) == 0) {
1272 t = strndup(p + 8, l - 8);
1280 remaining -= (e - p) + 1;
1288 if (remaining < e - p + 1 + sizeof(uint64_t) + 1) {
1289 log_debug("Failed to parse message, ignoring.");
1293 memcpy(&l_le, e + 1, sizeof(uint64_t));
1296 if (remaining < e - p + 1 + sizeof(uint64_t) + l + 1 ||
1297 e[1+sizeof(uint64_t)+l] != '\n') {
1298 log_debug("Failed to parse message, ignoring.");
1302 k = malloc((e - p) + 1 + l);
1308 memcpy(k, p, e - p);
1310 memcpy(k + (e - p) + 1, e + 1 + sizeof(uint64_t), l);
1312 if (valid_user_field(p, e - p)) {
1313 iovec[n].iov_base = k;
1314 iovec[n].iov_len = (e - p) + 1 + l;
1319 remaining -= (e - p) + 1 + sizeof(uint64_t) + l + 1;
1320 p = e + 1 + sizeof(uint64_t) + l + 1;
1328 IOVEC_SET_STRING(iovec[tn], "_TRANSPORT=journal");
1331 if (s->forward_to_syslog)
1332 forward_syslog(s, priority, identifier, message, ucred, tv);
1334 if (s->forward_to_kmsg)
1335 server_forward_kmsg(s, priority, identifier, message, ucred);
1337 if (s->forward_to_console)
1338 forward_console(s, priority, identifier, message, ucred);
1341 server_dispatch_message(s, iovec, n, m, ucred, tv, label, label_len, NULL, priority);
1344 for (j = 0; j < n; j++) {
1348 if (iovec[j].iov_base < buffer ||
1349 (const uint8_t*) iovec[j].iov_base >= (const uint8_t*) buffer + buffer_size)
1350 free(iovec[j].iov_base);
1358 static void process_native_file(
1361 struct ucred *ucred,
1363 const char *label, size_t label_len) {
1372 /* Data is in the passed file, since it didn't fit in a
1373 * datagram. We can't map the file here, since clients might
1374 * then truncate it and trigger a SIGBUS for us. So let's
1375 * stupidly read it */
1377 if (fstat(fd, &st) < 0) {
1378 log_error("Failed to stat passed file, ignoring: %m");
1382 if (!S_ISREG(st.st_mode)) {
1383 log_error("File passed is not regular. Ignoring.");
1387 if (st.st_size <= 0)
1390 if (st.st_size > ENTRY_SIZE_MAX) {
1391 log_error("File passed too large. Ignoring.");
1395 p = malloc(st.st_size);
1401 n = pread(fd, p, st.st_size, 0);
1403 log_error("Failed to read file, ignoring: %s", strerror(-n));
1405 process_native_message(s, p, n, ucred, tv, label, label_len);
1410 static int stdout_stream_log(StdoutStream *s, const char *p) {
1411 struct iovec iovec[N_IOVEC_META_FIELDS + 5];
1412 char *message = NULL, *syslog_priority = NULL, *syslog_facility = NULL, *syslog_identifier = NULL;
1416 size_t label_len = 0;
1424 priority = s->priority;
1426 if (s->level_prefix)
1427 syslog_parse_priority((char**) &p, &priority);
1429 if (s->forward_to_syslog || s->server->forward_to_syslog)
1430 forward_syslog(s->server, syslog_fixup_facility(priority), s->identifier, p, &s->ucred, NULL);
1432 if (s->forward_to_kmsg || s->server->forward_to_kmsg)
1433 server_forward_kmsg(s->server, priority, s->identifier, p, &s->ucred);
1435 if (s->forward_to_console || s->server->forward_to_console)
1436 forward_console(s->server, priority, s->identifier, p, &s->ucred);
1438 IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=stdout");
1440 if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
1441 IOVEC_SET_STRING(iovec[n++], syslog_priority);
1443 if (priority & LOG_FACMASK)
1444 if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
1445 IOVEC_SET_STRING(iovec[n++], syslog_facility);
1447 if (s->identifier) {
1448 syslog_identifier = strappend("SYSLOG_IDENTIFIER=", s->identifier);
1449 if (syslog_identifier)
1450 IOVEC_SET_STRING(iovec[n++], syslog_identifier);
1453 message = strappend("MESSAGE=", p);
1455 IOVEC_SET_STRING(iovec[n++], message);
1458 if (s->security_context) {
1459 label = (char*) s->security_context;
1460 label_len = strlen((char*) s->security_context);
1464 server_dispatch_message(s->server, iovec, n, ELEMENTSOF(iovec), &s->ucred, NULL, label, label_len, s->unit_id, priority);
1467 free(syslog_priority);
1468 free(syslog_facility);
1469 free(syslog_identifier);
1474 static int stdout_stream_line(StdoutStream *s, char *p) {
1484 case STDOUT_STREAM_IDENTIFIER:
1486 s->identifier = NULL;
1488 s->identifier = strdup(p);
1493 s->state = STDOUT_STREAM_UNIT_ID;
1496 case STDOUT_STREAM_UNIT_ID:
1497 if (s->ucred.uid == 0) {
1501 s->unit_id = strdup(p);
1507 s->state = STDOUT_STREAM_PRIORITY;
1510 case STDOUT_STREAM_PRIORITY:
1511 r = safe_atoi(p, &s->priority);
1512 if (r < 0 || s->priority <= 0 || s->priority >= 999) {
1513 log_warning("Failed to parse log priority line.");
1517 s->state = STDOUT_STREAM_LEVEL_PREFIX;
1520 case STDOUT_STREAM_LEVEL_PREFIX:
1521 r = parse_boolean(p);
1523 log_warning("Failed to parse level prefix line.");
1527 s->level_prefix = !!r;
1528 s->state = STDOUT_STREAM_FORWARD_TO_SYSLOG;
1531 case STDOUT_STREAM_FORWARD_TO_SYSLOG:
1532 r = parse_boolean(p);
1534 log_warning("Failed to parse forward to syslog line.");
1538 s->forward_to_syslog = !!r;
1539 s->state = STDOUT_STREAM_FORWARD_TO_KMSG;
1542 case STDOUT_STREAM_FORWARD_TO_KMSG:
1543 r = parse_boolean(p);
1545 log_warning("Failed to parse copy to kmsg line.");
1549 s->forward_to_kmsg = !!r;
1550 s->state = STDOUT_STREAM_FORWARD_TO_CONSOLE;
1553 case STDOUT_STREAM_FORWARD_TO_CONSOLE:
1554 r = parse_boolean(p);
1556 log_warning("Failed to parse copy to console line.");
1560 s->forward_to_console = !!r;
1561 s->state = STDOUT_STREAM_RUNNING;
1564 case STDOUT_STREAM_RUNNING:
1565 return stdout_stream_log(s, p);
1568 assert_not_reached("Unknown stream state");
1571 static int stdout_stream_scan(StdoutStream *s, bool force_flush) {
1579 remaining = s->length;
1584 end = memchr(p, '\n', remaining);
1587 else if (remaining >= sizeof(s->buffer) - 1) {
1588 end = p + sizeof(s->buffer) - 1;
1595 r = stdout_stream_line(s, p);
1603 if (force_flush && remaining > 0) {
1605 r = stdout_stream_line(s, p);
1613 if (p > s->buffer) {
1614 memmove(s->buffer, p, remaining);
1615 s->length = remaining;
1621 static int stdout_stream_process(StdoutStream *s) {
1627 l = read(s->fd, s->buffer+s->length, sizeof(s->buffer)-1-s->length);
1630 if (errno == EAGAIN)
1633 log_warning("Failed to read from stream: %m");
1638 r = stdout_stream_scan(s, true);
1646 r = stdout_stream_scan(s, false);
1654 static void stdout_stream_free(StdoutStream *s) {
1658 assert(s->server->n_stdout_streams > 0);
1659 s->server->n_stdout_streams --;
1660 LIST_REMOVE(StdoutStream, stdout_stream, s->server->stdout_streams, s);
1665 epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
1667 close_nointr_nofail(s->fd);
1671 if (s->security_context)
1672 freecon(s->security_context);
1675 free(s->identifier);
1679 static int stdout_stream_new(Server *s) {
1680 StdoutStream *stream;
1683 struct epoll_event ev;
1687 fd = accept4(s->stdout_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC);
1689 if (errno == EAGAIN)
1692 log_error("Failed to accept stdout connection: %m");
1696 if (s->n_stdout_streams >= STDOUT_STREAMS_MAX) {
1697 log_warning("Too many stdout streams, refusing connection.");
1698 close_nointr_nofail(fd);
1702 stream = new0(StdoutStream, 1);
1704 close_nointr_nofail(fd);
1710 len = sizeof(stream->ucred);
1711 if (getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &stream->ucred, &len) < 0) {
1712 log_error("Failed to determine peer credentials: %m");
1718 if (getpeercon(fd, &stream->security_context) < 0 && errno != ENOPROTOOPT)
1719 log_error("Failed to determine peer security context: %m");
1722 if (shutdown(fd, SHUT_WR) < 0) {
1723 log_error("Failed to shutdown writing side of socket: %m");
1729 ev.data.ptr = stream;
1730 ev.events = EPOLLIN;
1731 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
1732 log_error("Failed to add stream to event loop: %m");
1738 LIST_PREPEND(StdoutStream, stdout_stream, s->stdout_streams, stream);
1739 s->n_stdout_streams ++;
1744 stdout_stream_free(stream);
1748 static int system_journal_open(Server *s) {
1754 r = sd_id128_get_machine(&machine);
1758 sd_id128_to_string(machine, ids);
1760 if (!s->system_journal &&
1761 (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
1762 access("/run/systemd/journal/flushed", F_OK) >= 0) {
1764 /* If in auto mode: first try to create the machine
1765 * path, but not the prefix.
1767 * If in persistent mode: create /var/log/journal and
1768 * the machine path */
1770 if (s->storage == STORAGE_PERSISTENT)
1771 (void) mkdir("/var/log/journal/", 0755);
1773 fn = strappend("/var/log/journal/", ids);
1777 (void) mkdir(fn, 0755);
1780 fn = strjoin("/var/log/journal/", ids, "/system.journal", NULL);
1784 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
1788 server_fix_perms(s, s->system_journal, 0);
1791 if (r != -ENOENT && r != -EROFS)
1792 log_warning("Failed to open system journal: %s", strerror(-r));
1798 if (!s->runtime_journal &&
1799 (s->storage != STORAGE_NONE)) {
1801 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
1805 if (s->system_journal) {
1807 /* Try to open the runtime journal, but only
1808 * if it already exists, so that we can flush
1809 * it into the system journal */
1811 r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
1816 log_warning("Failed to open runtime journal: %s", strerror(-r));
1823 /* OK, we really need the runtime journal, so create
1824 * it if necessary. */
1826 (void) mkdir_parents(fn, 0755);
1827 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
1831 log_error("Failed to open runtime journal: %s", strerror(-r));
1836 if (s->runtime_journal)
1837 server_fix_perms(s, s->runtime_journal, 0);
1843 static int server_flush_to_var(Server *s) {
1851 if (s->storage != STORAGE_AUTO &&
1852 s->storage != STORAGE_PERSISTENT)
1855 if (!s->runtime_journal)
1858 system_journal_open(s);
1860 if (!s->system_journal)
1863 log_info("Flushing to /var...");
1865 r = sd_id128_get_machine(&machine);
1867 log_error("Failed to get machine id: %s", strerror(-r));
1871 r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1873 log_error("Failed to read runtime journal: %s", strerror(-r));
1877 SD_JOURNAL_FOREACH(j) {
1880 f = j->current_file;
1881 assert(f && f->current_offset > 0);
1883 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1885 log_error("Can't read entry: %s", strerror(-r));
1889 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1891 log_info("Allocation limit reached.");
1893 journal_file_post_change(s->system_journal);
1897 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1901 log_error("Can't write entry: %s", strerror(-r));
1907 journal_file_post_change(s->system_journal);
1909 journal_file_close(s->runtime_journal);
1910 s->runtime_journal = NULL;
1913 rm_rf("/run/log/journal", false, true, false);
1918 static int process_event(Server *s, struct epoll_event *ev) {
1922 if (ev->data.fd == s->signal_fd) {
1923 struct signalfd_siginfo sfsi;
1926 if (ev->events != EPOLLIN) {
1927 log_info("Got invalid event from epoll.");
1931 n = read(s->signal_fd, &sfsi, sizeof(sfsi));
1932 if (n != sizeof(sfsi)) {
1937 if (errno == EINTR || errno == EAGAIN)
1943 log_info("Received SIG%s", signal_to_string(sfsi.ssi_signo));
1945 if (sfsi.ssi_signo == SIGUSR1) {
1946 touch("/run/systemd/journal/flushed");
1947 server_flush_to_var(s);
1951 if (sfsi.ssi_signo == SIGUSR2) {
1959 } else if (ev->data.fd == s->dev_kmsg_fd) {
1962 if (ev->events != EPOLLIN) {
1963 log_info("Got invalid event from epoll.");
1967 r = server_read_dev_kmsg(s);
1973 } else if (ev->data.fd == s->native_fd ||
1974 ev->data.fd == s->syslog_fd) {
1976 if (ev->events != EPOLLIN) {
1977 log_info("Got invalid event from epoll.");
1982 struct msghdr msghdr;
1984 struct ucred *ucred = NULL;
1985 struct timeval *tv = NULL;
1986 struct cmsghdr *cmsg;
1988 size_t label_len = 0;
1990 struct cmsghdr cmsghdr;
1992 /* We use NAME_MAX space for the
1993 * SELinux label here. The kernel
1994 * currently enforces no limit, but
1995 * according to suggestions from the
1996 * SELinux people this will change and
1997 * it will probably be identical to
1998 * NAME_MAX. For now we use that, but
1999 * this should be updated one day when
2000 * the final limit is known.*/
2001 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
2002 CMSG_SPACE(sizeof(struct timeval)) +
2003 CMSG_SPACE(sizeof(int)) + /* fd */
2004 CMSG_SPACE(NAME_MAX)]; /* selinux label */
2011 if (ioctl(ev->data.fd, SIOCINQ, &v) < 0) {
2012 log_error("SIOCINQ failed: %m");
2016 if (s->buffer_size < (size_t) v) {
2020 l = MAX(LINE_MAX + (size_t) v, s->buffer_size * 2);
2021 b = realloc(s->buffer, l+1);
2024 log_error("Couldn't increase buffer.");
2033 iovec.iov_base = s->buffer;
2034 iovec.iov_len = s->buffer_size;
2038 msghdr.msg_iov = &iovec;
2039 msghdr.msg_iovlen = 1;
2040 msghdr.msg_control = &control;
2041 msghdr.msg_controllen = sizeof(control);
2043 n = recvmsg(ev->data.fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
2046 if (errno == EINTR || errno == EAGAIN)
2049 log_error("recvmsg() failed: %m");
2053 for (cmsg = CMSG_FIRSTHDR(&msghdr); cmsg; cmsg = CMSG_NXTHDR(&msghdr, cmsg)) {
2055 if (cmsg->cmsg_level == SOL_SOCKET &&
2056 cmsg->cmsg_type == SCM_CREDENTIALS &&
2057 cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
2058 ucred = (struct ucred*) CMSG_DATA(cmsg);
2059 else if (cmsg->cmsg_level == SOL_SOCKET &&
2060 cmsg->cmsg_type == SCM_SECURITY) {
2061 label = (char*) CMSG_DATA(cmsg);
2062 label_len = cmsg->cmsg_len - CMSG_LEN(0);
2063 } else if (cmsg->cmsg_level == SOL_SOCKET &&
2064 cmsg->cmsg_type == SO_TIMESTAMP &&
2065 cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
2066 tv = (struct timeval*) CMSG_DATA(cmsg);
2067 else if (cmsg->cmsg_level == SOL_SOCKET &&
2068 cmsg->cmsg_type == SCM_RIGHTS) {
2069 fds = (int*) CMSG_DATA(cmsg);
2070 n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
2074 if (ev->data.fd == s->syslog_fd) {
2077 if (n > 0 && n_fds == 0) {
2078 e = memchr(s->buffer, '\n', n);
2084 process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
2085 } else if (n_fds > 0)
2086 log_warning("Got file descriptors via syslog socket. Ignoring.");
2089 if (n > 0 && n_fds == 0)
2090 process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
2091 else if (n == 0 && n_fds == 1)
2092 process_native_file(s, fds[0], ucred, tv, label, label_len);
2094 log_warning("Got too many file descriptors via native socket. Ignoring.");
2097 close_many(fds, n_fds);
2102 } else if (ev->data.fd == s->stdout_fd) {
2104 if (ev->events != EPOLLIN) {
2105 log_info("Got invalid event from epoll.");
2109 stdout_stream_new(s);
2113 StdoutStream *stream;
2115 if ((ev->events|EPOLLIN|EPOLLHUP) != (EPOLLIN|EPOLLHUP)) {
2116 log_info("Got invalid event from epoll.");
2120 /* If it is none of the well-known fds, it must be an
2121 * stdout stream fd. Note that this is a bit ugly here
2122 * (since we rely that none of the well-known fds
2123 * could be interpreted as pointer), but nonetheless
2124 * safe, since the well-known fds would never get an
2125 * fd > 4096, i.e. beyond the first memory page */
2127 stream = ev->data.ptr;
2129 if (stdout_stream_process(stream) <= 0)
2130 stdout_stream_free(stream);
2135 log_error("Unknown event.");
2139 static int open_syslog_socket(Server *s) {
2140 union sockaddr_union sa;
2142 struct epoll_event ev;
2146 if (s->syslog_fd < 0) {
2148 s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2149 if (s->syslog_fd < 0) {
2150 log_error("socket() failed: %m");
2155 sa.un.sun_family = AF_UNIX;
2156 strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
2158 unlink(sa.un.sun_path);
2160 r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2162 log_error("bind() failed: %m");
2166 chmod(sa.un.sun_path, 0666);
2168 fd_nonblock(s->syslog_fd, 1);
2171 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2173 log_error("SO_PASSCRED failed: %m");
2179 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2181 log_warning("SO_PASSSEC failed: %m");
2185 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2187 log_error("SO_TIMESTAMP failed: %m");
2192 ev.events = EPOLLIN;
2193 ev.data.fd = s->syslog_fd;
2194 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->syslog_fd, &ev) < 0) {
2195 log_error("Failed to add syslog server fd to epoll object: %m");
2202 static int open_native_socket(Server*s) {
2203 union sockaddr_union sa;
2205 struct epoll_event ev;
2209 if (s->native_fd < 0) {
2211 s->native_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2212 if (s->native_fd < 0) {
2213 log_error("socket() failed: %m");
2218 sa.un.sun_family = AF_UNIX;
2219 strncpy(sa.un.sun_path, "/run/systemd/journal/socket", sizeof(sa.un.sun_path));
2221 unlink(sa.un.sun_path);
2223 r = bind(s->native_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2225 log_error("bind() failed: %m");
2229 chmod(sa.un.sun_path, 0666);
2231 fd_nonblock(s->native_fd, 1);
2234 r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
2236 log_error("SO_PASSCRED failed: %m");
2242 r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
2244 log_warning("SO_PASSSEC failed: %m");
2248 r = setsockopt(s->native_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
2250 log_error("SO_TIMESTAMP failed: %m");
2255 ev.events = EPOLLIN;
2256 ev.data.fd = s->native_fd;
2257 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->native_fd, &ev) < 0) {
2258 log_error("Failed to add native server fd to epoll object: %m");
2265 static int open_stdout_socket(Server *s) {
2266 union sockaddr_union sa;
2268 struct epoll_event ev;
2272 if (s->stdout_fd < 0) {
2274 s->stdout_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
2275 if (s->stdout_fd < 0) {
2276 log_error("socket() failed: %m");
2281 sa.un.sun_family = AF_UNIX;
2282 strncpy(sa.un.sun_path, "/run/systemd/journal/stdout", sizeof(sa.un.sun_path));
2284 unlink(sa.un.sun_path);
2286 r = bind(s->stdout_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
2288 log_error("bind() failed: %m");
2292 chmod(sa.un.sun_path, 0666);
2294 if (listen(s->stdout_fd, SOMAXCONN) < 0) {
2295 log_error("liste() failed: %m");
2299 fd_nonblock(s->stdout_fd, 1);
2302 ev.events = EPOLLIN;
2303 ev.data.fd = s->stdout_fd;
2304 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->stdout_fd, &ev) < 0) {
2305 log_error("Failed to add stdout server fd to epoll object: %m");
2312 static int open_signalfd(Server *s) {
2314 struct epoll_event ev;
2318 assert_se(sigemptyset(&mask) == 0);
2319 sigset_add_many(&mask, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1);
2320 assert_se(sigprocmask(SIG_SETMASK, &mask, NULL) == 0);
2322 s->signal_fd = signalfd(-1, &mask, SFD_NONBLOCK|SFD_CLOEXEC);
2323 if (s->signal_fd < 0) {
2324 log_error("signalfd(): %m");
2329 ev.events = EPOLLIN;
2330 ev.data.fd = s->signal_fd;
2332 if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, s->signal_fd, &ev) < 0) {
2333 log_error("epoll_ctl(): %m");
2340 static int server_parse_proc_cmdline(Server *s) {
2341 char *line, *w, *state;
2345 if (detect_container(NULL) > 0)
2348 r = read_one_line_file("/proc/cmdline", &line);
2350 log_warning("Failed to read /proc/cmdline, ignoring: %s", strerror(-r));
2354 FOREACH_WORD_QUOTED(w, l, line, state) {
2357 word = strndup(w, l);
2363 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
2364 r = parse_boolean(word + 35);
2366 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
2368 s->forward_to_syslog = r;
2369 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
2370 r = parse_boolean(word + 33);
2372 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
2374 s->forward_to_kmsg = r;
2375 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
2376 r = parse_boolean(word + 36);
2378 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
2380 s->forward_to_console = r;
2381 } else if (startswith(word, "systemd.journald"))
2382 log_warning("Invalid systemd.journald parameter. Ignoring.");
2394 static int server_parse_config_file(Server *s) {
2401 fn = "/etc/systemd/journald.conf";
2402 f = fopen(fn, "re");
2404 if (errno == ENOENT)
2407 log_warning("Failed to open configuration file %s: %m", fn);
2411 r = config_parse(fn, f, "Journal\0", config_item_perf_lookup, (void*) journald_gperf_lookup, false, s);
2413 log_warning("Failed to parse configuration file: %s", strerror(-r));
2420 static int server_init(Server *s) {
2426 s->syslog_fd = s->native_fd = s->stdout_fd = s->signal_fd = s->epoll_fd = s->dev_kmsg_fd = -1;
2430 s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
2431 s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
2433 s->forward_to_syslog = true;
2435 s->max_level_store = LOG_DEBUG;
2436 s->max_level_syslog = LOG_DEBUG;
2437 s->max_level_kmsg = LOG_NOTICE;
2438 s->max_level_console = LOG_INFO;
2440 memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
2441 memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
2443 server_parse_config_file(s);
2444 server_parse_proc_cmdline(s);
2446 mkdir_p("/run/systemd/journal", 0755);
2448 s->user_journals = hashmap_new(trivial_hash_func, trivial_compare_func);
2449 if (!s->user_journals)
2452 s->mmap = mmap_cache_new();
2456 s->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
2457 if (s->epoll_fd < 0) {
2458 log_error("Failed to create epoll object: %m");
2462 n = sd_listen_fds(true);
2464 log_error("Failed to read listening file descriptors from environment: %s", strerror(-n));
2468 for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
2470 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
2472 if (s->native_fd >= 0) {
2473 log_error("Too many native sockets passed.");
2479 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
2481 if (s->stdout_fd >= 0) {
2482 log_error("Too many stdout sockets passed.");
2488 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) {
2490 if (s->syslog_fd >= 0) {
2491 log_error("Too many /dev/log sockets passed.");
2498 log_error("Unknown socket passed.");
2503 r = open_syslog_socket(s);
2507 r = open_native_socket(s);
2511 r = open_stdout_socket(s);
2515 r = server_open_dev_kmsg(s);
2519 r = server_open_kernel_seqnum(s);
2523 r = open_signalfd(s);
2527 s->udev = udev_new();
2531 s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
2535 r = system_journal_open(s);
2542 static void maybe_append_tags(Server *s) {
2548 n = now(CLOCK_REALTIME);
2550 if (s->system_journal)
2551 journal_file_maybe_append_tag(s->system_journal, n);
2553 HASHMAP_FOREACH(f, s->user_journals, i)
2554 journal_file_maybe_append_tag(f, n);
2558 static void server_done(Server *s) {
2562 while (s->stdout_streams)
2563 stdout_stream_free(s->stdout_streams);
2565 if (s->system_journal)
2566 journal_file_close(s->system_journal);
2568 if (s->runtime_journal)
2569 journal_file_close(s->runtime_journal);
2571 while ((f = hashmap_steal_first(s->user_journals)))
2572 journal_file_close(f);
2574 hashmap_free(s->user_journals);
2576 if (s->epoll_fd >= 0)
2577 close_nointr_nofail(s->epoll_fd);
2579 if (s->signal_fd >= 0)
2580 close_nointr_nofail(s->signal_fd);
2582 if (s->syslog_fd >= 0)
2583 close_nointr_nofail(s->syslog_fd);
2585 if (s->native_fd >= 0)
2586 close_nointr_nofail(s->native_fd);
2588 if (s->stdout_fd >= 0)
2589 close_nointr_nofail(s->stdout_fd);
2591 if (s->dev_kmsg_fd >= 0)
2592 close_nointr_nofail(s->dev_kmsg_fd);
2595 journal_rate_limit_free(s->rate_limit);
2597 if (s->kernel_seqnum)
2598 munmap(s->kernel_seqnum, sizeof(uint64_t));
2604 mmap_cache_unref(s->mmap);
2607 udev_unref(s->udev);
2610 int main(int argc, char *argv[]) {
2614 /* if (getppid() != 1) { */
2615 /* log_error("This program should be invoked by init only."); */
2616 /* return EXIT_FAILURE; */
2620 log_error("This program does not take arguments.");
2621 return EXIT_FAILURE;
2624 log_set_target(LOG_TARGET_SAFE);
2625 log_set_facility(LOG_SYSLOG);
2626 log_set_max_level(LOG_DEBUG);
2627 log_parse_environment();
2632 r = server_init(&server);
2636 server_vacuum(&server);
2637 server_flush_to_var(&server);
2638 server_flush_dev_kmsg(&server);
2640 log_debug("systemd-journald running as pid %lu", (unsigned long) getpid());
2641 server_driver_message(&server, SD_MESSAGE_JOURNAL_START, "Journal started");
2645 "STATUS=Processing requests...");
2648 struct epoll_event event;
2654 if (server.system_journal &&
2655 journal_file_next_evolve_usec(server.system_journal, &u)) {
2658 n = now(CLOCK_REALTIME);
2663 t = (int) ((u - n + USEC_PER_MSEC - 1) / USEC_PER_MSEC);
2668 r = epoll_wait(server.epoll_fd, &event, 1, t);
2674 log_error("epoll_wait() failed: %m");
2680 r = process_event(&server, &event);
2687 maybe_append_tags(&server);
2690 log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());
2691 server_driver_message(&server, SD_MESSAGE_JOURNAL_STOP, "Journal stopped");
2695 "STATUS=Shutting down...");
2697 server_done(&server);
2699 return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;