X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=src%2Fjournal%2Fjournald-server.c;h=a4600e3315ecf145733c4a3493f46f2402120107;hp=ef39d0a60203c4a2b217ec862ba57b6c618cea43;hb=cf677ac1b7ae1e46c593d055df27f36528be548a;hpb=63c8666b824e8762ffb73647e1caee165dfbc868 diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index ef39d0a60..a4600e331 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -205,7 +205,7 @@ void server_fix_perms(Server *s, JournalFile *f, uid_t uid) { log_warning("Failed to fix access mode on %s, ignoring: %s", f->path, strerror(-r)); #ifdef HAVE_ACL - if (uid <= 0) + if (uid <= SYSTEM_UID_MAX) return; acl = acl_get_fd(f->fd); @@ -258,7 +258,7 @@ static JournalFile* find_journal(Server *s, uid_t uid) { if (s->runtime_journal) return s->runtime_journal; - if (uid <= 0) + if (uid <= SYSTEM_UID_MAX) return s->system_journal; r = sd_id128_get_machine(&machine); @@ -269,8 +269,8 @@ static JournalFile* find_journal(Server *s, uid_t uid) { if (f) return f; - if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-%lu.journal", - SD_ID128_FORMAT_VAL(machine), (unsigned long) uid) < 0) + if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-"UID_FMT".journal", + SD_ID128_FORMAT_VAL(machine), uid) < 0) return s->system_journal; while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) { @@ -576,13 +576,13 @@ static void dispatch_message_real( if (ucred) { realuid = ucred->uid; - sprintf(pid, "_PID=%lu", (unsigned long) ucred->pid); + sprintf(pid, "_PID="PID_FMT, ucred->pid); IOVEC_SET_STRING(iovec[n++], pid); - sprintf(uid, "_UID=%lu", (unsigned long) ucred->uid); + sprintf(uid, "_UID="UID_FMT, ucred->uid); IOVEC_SET_STRING(iovec[n++], uid); - sprintf(gid, "_GID=%lu", (unsigned long) ucred->gid); + sprintf(gid, "_GID="GID_FMT, ucred->gid); IOVEC_SET_STRING(iovec[n++], gid); r = get_process_comm(ucred->pid, &t); @@ -616,13 +616,13 @@ static void dispatch_message_real( #ifdef HAVE_AUDIT r = audit_session_from_pid(ucred->pid, &audit); if (r >= 0) { - sprintf(audit_session, "_AUDIT_SESSION=%lu", (unsigned long) audit); + sprintf(audit_session, "_AUDIT_SESSION=%"PRIu32, audit); IOVEC_SET_STRING(iovec[n++], audit_session); } r = audit_loginuid_from_pid(ucred->pid, &loginuid); if (r >= 0) { - sprintf(audit_loginuid, "_AUDIT_LOGINUID=%lu", (unsigned long) loginuid); + sprintf(audit_loginuid, "_AUDIT_LOGINUID="UID_FMT, loginuid); IOVEC_SET_STRING(iovec[n++], audit_loginuid); } #endif @@ -644,7 +644,7 @@ static void dispatch_message_real( if (cg_path_get_owner_uid(c, &owner) >= 0) { owner_valid = true; - sprintf(owner_uid, "_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner); + sprintf(owner_uid, "_SYSTEMD_OWNER_UID="UID_FMT, owner); IOVEC_SET_STRING(iovec[n++], owner_uid); } @@ -703,13 +703,13 @@ static void dispatch_message_real( if (object_pid) { r = get_process_uid(object_pid, &object_uid); if (r >= 0) { - sprintf(o_uid, "OBJECT_UID=%lu", (unsigned long) object_uid); + sprintf(o_uid, "OBJECT_UID="UID_FMT, object_uid); IOVEC_SET_STRING(iovec[n++], o_uid); } r = get_process_gid(object_pid, &object_gid); if (r >= 0) { - sprintf(o_gid, "OBJECT_GID=%lu", (unsigned long) object_gid); + sprintf(o_gid, "OBJECT_GID="GID_FMT, object_gid); IOVEC_SET_STRING(iovec[n++], o_gid); } @@ -737,13 +737,13 @@ static void dispatch_message_real( #ifdef HAVE_AUDIT r = audit_session_from_pid(object_pid, &audit); if (r >= 0) { - sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%lu", (unsigned long) audit); + sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%"PRIu32, audit); IOVEC_SET_STRING(iovec[n++], o_audit_session); } r = audit_loginuid_from_pid(object_pid, &loginuid); if (r >= 0) { - sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID=%lu", (unsigned long) loginuid); + sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID="UID_FMT, loginuid); IOVEC_SET_STRING(iovec[n++], o_audit_loginuid); } #endif @@ -761,7 +761,7 @@ static void dispatch_message_real( } if (cg_path_get_owner_uid(c, &owner) >= 0) { - sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID=%lu", (unsigned long) owner); + sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT, owner); IOVEC_SET_STRING(iovec[n++], o_owner_uid); } @@ -805,12 +805,11 @@ static void dispatch_message_real( /* Split up strictly by any UID */ journal_uid = realuid; else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0) - /* Split up by login UIDs, this avoids creation of - * individual journals for system UIDs. We do this - * only if the realuid is not root, in order not to - * accidentally leak privileged information to the - * user that is logged by a privileged process that is - * part of an unprivileged session.*/ + /* Split up by login UIDs. We do this only if the + * realuid is not root, in order not to accidentally + * leak privileged information to the user that is + * logged by a privileged process that is part of an + * unprivileged session.*/ journal_uid = owner; else journal_uid = 0; @@ -990,7 +989,10 @@ static int system_journal_open(Server *s) { /* OK, we really need the runtime journal, so create * it if necessary. */ - (void) mkdir_parents(fn, 0755); + (void) mkdir("/run/log", 0755); + (void) mkdir("/run/log/journal", 0755); + (void) mkdir_parents(fn, 0750); + r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal); free(fn); @@ -1377,14 +1379,19 @@ int server_schedule_sync(Server *s, int priority) { if (s->sync_interval_usec > 0) { usec_t when; - r = sd_event_get_now_monotonic(s->event, &when); + r = sd_event_now(s->event, CLOCK_MONOTONIC, &when); if (r < 0) return r; when += s->sync_interval_usec; if (!s->sync_event_source) { - r = sd_event_add_monotonic(s->event, &s->sync_event_source, when, 0, server_dispatch_sync, s); + r = sd_event_add_time( + s->event, + &s->sync_event_source, + CLOCK_MONOTONIC, + when, 0, + server_dispatch_sync, s); if (r < 0) return r; @@ -1432,8 +1439,7 @@ static int server_open_hostname(Server *s) { if (r == -EPERM) { log_warning("Failed to register hostname fd in event loop: %s. Ignoring.", strerror(-r)); - close_nointr_nofail(s->hostname_fd); - s->hostname_fd = -1; + s->hostname_fd = safe_close(s->hostname_fd); return 0; } @@ -1531,7 +1537,8 @@ int server_init(Server *s) { s->stdout_fd = fd; - } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0) { + } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 || + sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) { if (s->syslog_fd >= 0) { log_error("Too many /dev/log sockets passed."); @@ -1643,20 +1650,11 @@ void server_done(Server *s) { sd_event_source_unref(s->hostname_event_source); sd_event_unref(s->event); - if (s->syslog_fd >= 0) - close_nointr_nofail(s->syslog_fd); - - if (s->native_fd >= 0) - close_nointr_nofail(s->native_fd); - - if (s->stdout_fd >= 0) - close_nointr_nofail(s->stdout_fd); - - if (s->dev_kmsg_fd >= 0) - close_nointr_nofail(s->dev_kmsg_fd); - - if (s->hostname_fd >= 0) - close_nointr_nofail(s->hostname_fd); + safe_close(s->syslog_fd); + safe_close(s->native_fd); + safe_close(s->stdout_fd); + safe_close(s->dev_kmsg_fd); + safe_close(s->hostname_fd); if (s->rate_limit) journal_rate_limit_free(s->rate_limit);