Line data Source code
1 : /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2 :
3 : /***
4 : This file is part of systemd.
5 :
6 : Copyright 2011 Lennart Poettering
7 :
8 : systemd is free software; you can redistribute it and/or modify it
9 : under the terms of the GNU Lesser General Public License as published by
10 : the Free Software Foundation; either version 2.1 of the License, or
11 : (at your option) any later version.
12 :
13 : systemd is distributed in the hope that it will be useful, but
14 : WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 : Lesser General Public License for more details.
17 :
18 : You should have received a copy of the GNU Lesser General Public License
19 : along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 : ***/
21 :
22 : #include <sys/signalfd.h>
23 : #include <sys/ioctl.h>
24 : #include <linux/sockios.h>
25 : #include <sys/statvfs.h>
26 : #include <sys/mman.h>
27 :
28 : #ifdef HAVE_SELINUX
29 : #include <selinux/selinux.h>
30 : #endif
31 :
32 : #include <libudev.h>
33 :
34 : #include "sd-journal.h"
35 : #include "sd-messages.h"
36 : #include "sd-daemon.h"
37 : #include "mkdir.h"
38 : #include "rm-rf.h"
39 : #include "hashmap.h"
40 : #include "journal-file.h"
41 : #include "socket-util.h"
42 : #include "cgroup-util.h"
43 : #include "missing.h"
44 : #include "conf-parser.h"
45 : #include "selinux-util.h"
46 : #include "acl-util.h"
47 : #include "formats-util.h"
48 : #include "process-util.h"
49 : #include "hostname-util.h"
50 : #include "signal-util.h"
51 : #include "journal-internal.h"
52 : #include "journal-vacuum.h"
53 : #include "journal-authenticate.h"
54 : #include "journald-rate-limit.h"
55 : #include "journald-kmsg.h"
56 : #include "journald-syslog.h"
57 : #include "journald-stream.h"
58 : #include "journald-native.h"
59 : #include "journald-audit.h"
60 : #include "journald-server.h"
61 :
62 : #define USER_JOURNALS_MAX 1024
63 :
64 : #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
65 : #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
66 : #define DEFAULT_RATE_LIMIT_BURST 1000
67 : #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
68 :
69 : #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
70 :
71 : static const char* const storage_table[_STORAGE_MAX] = {
72 : [STORAGE_AUTO] = "auto",
73 : [STORAGE_VOLATILE] = "volatile",
74 : [STORAGE_PERSISTENT] = "persistent",
75 : [STORAGE_NONE] = "none"
76 : };
77 :
78 12 : DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
79 0 : DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
80 :
81 : static const char* const split_mode_table[_SPLIT_MAX] = {
82 : [SPLIT_LOGIN] = "login",
83 : [SPLIT_UID] = "uid",
84 : [SPLIT_NONE] = "none",
85 : };
86 :
87 10 : DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
88 0 : DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
89 :
90 0 : static uint64_t available_space(Server *s, bool verbose) {
91 : char ids[33];
92 0 : _cleanup_free_ char *p = NULL;
93 : sd_id128_t machine;
94 : struct statvfs ss;
95 0 : uint64_t sum = 0, ss_avail = 0, avail = 0;
96 : int r;
97 0 : _cleanup_closedir_ DIR *d = NULL;
98 : usec_t ts;
99 : const char *f;
100 : JournalMetrics *m;
101 :
102 0 : ts = now(CLOCK_MONOTONIC);
103 :
104 0 : if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts
105 0 : && !verbose)
106 0 : return s->cached_available_space;
107 :
108 0 : r = sd_id128_get_machine(&machine);
109 0 : if (r < 0)
110 0 : return 0;
111 :
112 0 : if (s->system_journal) {
113 0 : f = "/var/log/journal/";
114 0 : m = &s->system_metrics;
115 : } else {
116 0 : f = "/run/log/journal/";
117 0 : m = &s->runtime_metrics;
118 : }
119 :
120 0 : assert(m);
121 :
122 0 : p = strappend(f, sd_id128_to_string(machine, ids));
123 0 : if (!p)
124 0 : return 0;
125 :
126 0 : d = opendir(p);
127 0 : if (!d)
128 0 : return 0;
129 :
130 0 : if (fstatvfs(dirfd(d), &ss) < 0)
131 0 : return 0;
132 :
133 : for (;;) {
134 : struct stat st;
135 : struct dirent *de;
136 :
137 0 : errno = 0;
138 0 : de = readdir(d);
139 0 : if (!de && errno != 0)
140 0 : return 0;
141 :
142 0 : if (!de)
143 0 : break;
144 :
145 0 : if (!endswith(de->d_name, ".journal") &&
146 0 : !endswith(de->d_name, ".journal~"))
147 0 : continue;
148 :
149 0 : if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
150 0 : continue;
151 :
152 0 : if (!S_ISREG(st.st_mode))
153 0 : continue;
154 :
155 0 : sum += (uint64_t) st.st_blocks * 512UL;
156 0 : }
157 :
158 0 : ss_avail = ss.f_bsize * ss.f_bavail;
159 :
160 : /* If we reached a high mark, we will always allow this much
161 : * again, unless usage goes above max_use. This watermark
162 : * value is cached so that we don't give up space on pressure,
163 : * but hover below the maximum usage. */
164 :
165 0 : if (m->use < sum)
166 0 : m->use = sum;
167 :
168 0 : avail = LESS_BY(ss_avail, m->keep_free);
169 :
170 0 : s->cached_available_space = LESS_BY(MIN(m->max_use, avail), sum);
171 0 : s->cached_available_space_timestamp = ts;
172 :
173 0 : if (verbose) {
174 : char fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
175 : fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX];
176 :
177 0 : server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
178 : "%s is currently using %s.\n"
179 : "Maximum allowed usage is set to %s.\n"
180 : "Leaving at least %s free (of currently available %s of space).\n"
181 : "Enforced usage limit is thus %s.",
182 0 : s->system_journal ? "Permanent journal (/var/log/journal/)" : "Runtime journal (/run/log/journal/)",
183 : format_bytes(fb1, sizeof(fb1), sum),
184 0 : format_bytes(fb2, sizeof(fb2), m->max_use),
185 0 : format_bytes(fb3, sizeof(fb3), m->keep_free),
186 : format_bytes(fb4, sizeof(fb4), ss_avail),
187 0 : format_bytes(fb5, sizeof(fb5), s->cached_available_space + sum));
188 : }
189 :
190 0 : return s->cached_available_space;
191 : }
192 :
193 0 : void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
194 : int r;
195 : #ifdef HAVE_ACL
196 : acl_t acl;
197 : acl_entry_t entry;
198 : acl_permset_t permset;
199 : #endif
200 :
201 0 : assert(f);
202 :
203 0 : r = fchmod(f->fd, 0640);
204 0 : if (r < 0)
205 0 : log_warning_errno(r, "Failed to fix access mode on %s, ignoring: %m", f->path);
206 :
207 : #ifdef HAVE_ACL
208 0 : if (uid <= SYSTEM_UID_MAX)
209 0 : return;
210 :
211 0 : acl = acl_get_fd(f->fd);
212 0 : if (!acl) {
213 0 : log_warning_errno(errno, "Failed to read ACL on %s, ignoring: %m", f->path);
214 0 : return;
215 : }
216 :
217 0 : r = acl_find_uid(acl, uid, &entry);
218 0 : if (r <= 0) {
219 :
220 0 : if (acl_create_entry(&acl, &entry) < 0 ||
221 0 : acl_set_tag_type(entry, ACL_USER) < 0 ||
222 0 : acl_set_qualifier(entry, &uid) < 0) {
223 0 : log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
224 0 : goto finish;
225 : }
226 : }
227 :
228 : /* We do not recalculate the mask unconditionally here,
229 : * so that the fchmod() mask above stays intact. */
230 0 : if (acl_get_permset(entry, &permset) < 0 ||
231 0 : acl_add_perm(permset, ACL_READ) < 0 ||
232 0 : calc_acl_mask_if_needed(&acl) < 0) {
233 0 : log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
234 0 : goto finish;
235 : }
236 :
237 0 : if (acl_set_fd(f->fd, acl) < 0)
238 0 : log_warning_errno(errno, "Failed to set ACL on %s, ignoring: %m", f->path);
239 :
240 : finish:
241 0 : acl_free(acl);
242 : #endif
243 : }
244 :
245 0 : static JournalFile* find_journal(Server *s, uid_t uid) {
246 0 : _cleanup_free_ char *p = NULL;
247 : int r;
248 : JournalFile *f;
249 : sd_id128_t machine;
250 :
251 0 : assert(s);
252 :
253 : /* We split up user logs only on /var, not on /run. If the
254 : * runtime file is open, we write to it exclusively, in order
255 : * to guarantee proper order as soon as we flush /run to
256 : * /var and close the runtime file. */
257 :
258 0 : if (s->runtime_journal)
259 0 : return s->runtime_journal;
260 :
261 0 : if (uid <= SYSTEM_UID_MAX)
262 0 : return s->system_journal;
263 :
264 0 : r = sd_id128_get_machine(&machine);
265 0 : if (r < 0)
266 0 : return s->system_journal;
267 :
268 0 : f = ordered_hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
269 0 : if (f)
270 0 : return f;
271 :
272 0 : if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-"UID_FMT".journal",
273 0 : SD_ID128_FORMAT_VAL(machine), uid) < 0)
274 0 : return s->system_journal;
275 :
276 0 : while (ordered_hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
277 : /* Too many open? Then let's close one */
278 0 : f = ordered_hashmap_steal_first(s->user_journals);
279 0 : assert(f);
280 0 : journal_file_close(f);
281 : }
282 :
283 0 : r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
284 0 : if (r < 0)
285 0 : return s->system_journal;
286 :
287 0 : server_fix_perms(s, f, uid);
288 :
289 0 : r = ordered_hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
290 0 : if (r < 0) {
291 0 : journal_file_close(f);
292 0 : return s->system_journal;
293 : }
294 :
295 0 : return f;
296 : }
297 :
298 0 : static int do_rotate(
299 : Server *s,
300 : JournalFile **f,
301 : const char* name,
302 : bool seal,
303 : uint32_t uid) {
304 :
305 : int r;
306 0 : assert(s);
307 :
308 0 : if (!*f)
309 0 : return -EINVAL;
310 :
311 0 : r = journal_file_rotate(f, s->compress, seal);
312 0 : if (r < 0)
313 0 : if (*f)
314 0 : log_error_errno(r, "Failed to rotate %s: %m", (*f)->path);
315 : else
316 0 : log_error_errno(r, "Failed to create new %s journal: %m", name);
317 : else
318 0 : server_fix_perms(s, *f, uid);
319 :
320 0 : return r;
321 : }
322 :
323 0 : void server_rotate(Server *s) {
324 : JournalFile *f;
325 : void *k;
326 : Iterator i;
327 : int r;
328 :
329 0 : log_debug("Rotating...");
330 :
331 0 : do_rotate(s, &s->runtime_journal, "runtime", false, 0);
332 0 : do_rotate(s, &s->system_journal, "system", s->seal, 0);
333 :
334 0 : ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
335 0 : r = do_rotate(s, &f, "user", s->seal, PTR_TO_UINT32(k));
336 0 : if (r >= 0)
337 0 : ordered_hashmap_replace(s->user_journals, k, f);
338 0 : else if (!f)
339 : /* Old file has been closed and deallocated */
340 0 : ordered_hashmap_remove(s->user_journals, k);
341 : }
342 0 : }
343 :
344 0 : void server_sync(Server *s) {
345 : JournalFile *f;
346 : void *k;
347 : Iterator i;
348 : int r;
349 :
350 0 : if (s->system_journal) {
351 0 : r = journal_file_set_offline(s->system_journal);
352 0 : if (r < 0)
353 0 : log_error_errno(r, "Failed to sync system journal: %m");
354 : }
355 :
356 0 : ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
357 0 : r = journal_file_set_offline(f);
358 0 : if (r < 0)
359 0 : log_error_errno(r, "Failed to sync user journal: %m");
360 : }
361 :
362 0 : if (s->sync_event_source) {
363 0 : r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
364 0 : if (r < 0)
365 0 : log_error_errno(r, "Failed to disable sync timer source: %m");
366 : }
367 :
368 0 : s->sync_scheduled = false;
369 0 : }
370 :
371 0 : static void do_vacuum(
372 : Server *s,
373 : const char *id,
374 : JournalFile *f,
375 : const char* path,
376 : JournalMetrics *metrics) {
377 :
378 : const char *p;
379 : int r;
380 :
381 0 : if (!f)
382 0 : return;
383 :
384 0 : p = strjoina(path, id);
385 0 : r = journal_directory_vacuum(p, metrics->max_use, s->max_retention_usec, &s->oldest_file_usec, false);
386 0 : if (r < 0 && r != -ENOENT)
387 0 : log_error_errno(r, "Failed to vacuum %s: %m", p);
388 : }
389 :
390 0 : void server_vacuum(Server *s) {
391 : char ids[33];
392 : sd_id128_t machine;
393 : int r;
394 :
395 0 : log_debug("Vacuuming...");
396 :
397 0 : s->oldest_file_usec = 0;
398 :
399 0 : r = sd_id128_get_machine(&machine);
400 0 : if (r < 0) {
401 0 : log_error_errno(r, "Failed to get machine ID: %m");
402 0 : return;
403 : }
404 0 : sd_id128_to_string(machine, ids);
405 :
406 0 : do_vacuum(s, ids, s->system_journal, "/var/log/journal/", &s->system_metrics);
407 0 : do_vacuum(s, ids, s->runtime_journal, "/run/log/journal/", &s->runtime_metrics);
408 :
409 0 : s->cached_available_space_timestamp = 0;
410 : }
411 :
412 0 : static void server_cache_machine_id(Server *s) {
413 : sd_id128_t id;
414 : int r;
415 :
416 0 : assert(s);
417 :
418 0 : r = sd_id128_get_machine(&id);
419 0 : if (r < 0)
420 0 : return;
421 :
422 0 : sd_id128_to_string(id, stpcpy(s->machine_id_field, "_MACHINE_ID="));
423 : }
424 :
425 0 : static void server_cache_boot_id(Server *s) {
426 : sd_id128_t id;
427 : int r;
428 :
429 0 : assert(s);
430 :
431 0 : r = sd_id128_get_boot(&id);
432 0 : if (r < 0)
433 0 : return;
434 :
435 0 : sd_id128_to_string(id, stpcpy(s->boot_id_field, "_BOOT_ID="));
436 : }
437 :
438 0 : static void server_cache_hostname(Server *s) {
439 0 : _cleanup_free_ char *t = NULL;
440 : char *x;
441 :
442 0 : assert(s);
443 :
444 0 : t = gethostname_malloc();
445 0 : if (!t)
446 0 : return;
447 :
448 0 : x = strappend("_HOSTNAME=", t);
449 0 : if (!x)
450 0 : return;
451 :
452 0 : free(s->hostname_field);
453 0 : s->hostname_field = x;
454 : }
455 :
456 0 : static bool shall_try_append_again(JournalFile *f, int r) {
457 :
458 : /* -E2BIG Hit configured limit
459 : -EFBIG Hit fs limit
460 : -EDQUOT Quota limit hit
461 : -ENOSPC Disk full
462 : -EIO I/O error of some kind (mmap)
463 : -EHOSTDOWN Other machine
464 : -EBUSY Unclean shutdown
465 : -EPROTONOSUPPORT Unsupported feature
466 : -EBADMSG Corrupted
467 : -ENODATA Truncated
468 : -ESHUTDOWN Already archived
469 : -EIDRM Journal file has been deleted */
470 :
471 0 : if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
472 0 : log_debug("%s: Allocation limit reached, rotating.", f->path);
473 0 : else if (r == -EHOSTDOWN)
474 0 : log_info("%s: Journal file from other machine, rotating.", f->path);
475 0 : else if (r == -EBUSY)
476 0 : log_info("%s: Unclean shutdown, rotating.", f->path);
477 0 : else if (r == -EPROTONOSUPPORT)
478 0 : log_info("%s: Unsupported feature, rotating.", f->path);
479 0 : else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
480 0 : log_warning("%s: Journal file corrupted, rotating.", f->path);
481 0 : else if (r == -EIO)
482 0 : log_warning("%s: IO error, rotating.", f->path);
483 0 : else if (r == -EIDRM)
484 0 : log_warning("%s: Journal file has been deleted, rotating.", f->path);
485 : else
486 0 : return false;
487 :
488 0 : return true;
489 : }
490 :
491 0 : static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
492 : JournalFile *f;
493 0 : bool vacuumed = false;
494 : int r;
495 :
496 0 : assert(s);
497 0 : assert(iovec);
498 0 : assert(n > 0);
499 :
500 0 : f = find_journal(s, uid);
501 0 : if (!f)
502 0 : return;
503 :
504 0 : if (journal_file_rotate_suggested(f, s->max_file_usec)) {
505 0 : log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
506 0 : server_rotate(s);
507 0 : server_vacuum(s);
508 0 : vacuumed = true;
509 :
510 0 : f = find_journal(s, uid);
511 0 : if (!f)
512 0 : return;
513 : }
514 :
515 0 : r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
516 0 : if (r >= 0) {
517 0 : server_schedule_sync(s, priority);
518 0 : return;
519 : }
520 :
521 0 : if (vacuumed || !shall_try_append_again(f, r)) {
522 0 : log_error_errno(r, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
523 0 : return;
524 : }
525 :
526 0 : server_rotate(s);
527 0 : server_vacuum(s);
528 :
529 0 : f = find_journal(s, uid);
530 0 : if (!f)
531 0 : return;
532 :
533 0 : log_debug("Retrying write.");
534 0 : r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
535 0 : if (r < 0)
536 0 : log_error_errno(r, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
537 : else
538 0 : server_schedule_sync(s, priority);
539 : }
540 :
541 0 : static void dispatch_message_real(
542 : Server *s,
543 : struct iovec *iovec, unsigned n, unsigned m,
544 : const struct ucred *ucred,
545 : const struct timeval *tv,
546 : const char *label, size_t label_len,
547 : const char *unit_id,
548 : int priority,
549 : pid_t object_pid) {
550 :
551 : char pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
552 : uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
553 : gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
554 : owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
555 : source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
556 : o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
557 : o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
558 : o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
559 : uid_t object_uid;
560 : gid_t object_gid;
561 : char *x;
562 : int r;
563 : char *t, *c;
564 0 : uid_t realuid = 0, owner = 0, journal_uid;
565 0 : bool owner_valid = false;
566 : #ifdef HAVE_AUDIT
567 : char audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
568 : audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
569 : o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
570 : o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
571 :
572 : uint32_t audit;
573 : uid_t loginuid;
574 : #endif
575 :
576 0 : assert(s);
577 0 : assert(iovec);
578 0 : assert(n > 0);
579 0 : assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
580 :
581 0 : if (ucred) {
582 0 : realuid = ucred->uid;
583 :
584 0 : sprintf(pid, "_PID="PID_FMT, ucred->pid);
585 0 : IOVEC_SET_STRING(iovec[n++], pid);
586 :
587 0 : sprintf(uid, "_UID="UID_FMT, ucred->uid);
588 0 : IOVEC_SET_STRING(iovec[n++], uid);
589 :
590 0 : sprintf(gid, "_GID="GID_FMT, ucred->gid);
591 0 : IOVEC_SET_STRING(iovec[n++], gid);
592 :
593 0 : r = get_process_comm(ucred->pid, &t);
594 0 : if (r >= 0) {
595 0 : x = strjoina("_COMM=", t);
596 0 : free(t);
597 0 : IOVEC_SET_STRING(iovec[n++], x);
598 : }
599 :
600 0 : r = get_process_exe(ucred->pid, &t);
601 0 : if (r >= 0) {
602 0 : x = strjoina("_EXE=", t);
603 0 : free(t);
604 0 : IOVEC_SET_STRING(iovec[n++], x);
605 : }
606 :
607 0 : r = get_process_cmdline(ucred->pid, 0, false, &t);
608 0 : if (r >= 0) {
609 0 : x = strjoina("_CMDLINE=", t);
610 0 : free(t);
611 0 : IOVEC_SET_STRING(iovec[n++], x);
612 : }
613 :
614 0 : r = get_process_capeff(ucred->pid, &t);
615 0 : if (r >= 0) {
616 0 : x = strjoina("_CAP_EFFECTIVE=", t);
617 0 : free(t);
618 0 : IOVEC_SET_STRING(iovec[n++], x);
619 : }
620 :
621 : #ifdef HAVE_AUDIT
622 0 : r = audit_session_from_pid(ucred->pid, &audit);
623 0 : if (r >= 0) {
624 0 : sprintf(audit_session, "_AUDIT_SESSION=%"PRIu32, audit);
625 0 : IOVEC_SET_STRING(iovec[n++], audit_session);
626 : }
627 :
628 0 : r = audit_loginuid_from_pid(ucred->pid, &loginuid);
629 0 : if (r >= 0) {
630 0 : sprintf(audit_loginuid, "_AUDIT_LOGINUID="UID_FMT, loginuid);
631 0 : IOVEC_SET_STRING(iovec[n++], audit_loginuid);
632 : }
633 : #endif
634 :
635 0 : r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &c);
636 0 : if (r >= 0) {
637 0 : char *session = NULL;
638 :
639 0 : x = strjoina("_SYSTEMD_CGROUP=", c);
640 0 : IOVEC_SET_STRING(iovec[n++], x);
641 :
642 0 : r = cg_path_get_session(c, &t);
643 0 : if (r >= 0) {
644 0 : session = strjoina("_SYSTEMD_SESSION=", t);
645 0 : free(t);
646 0 : IOVEC_SET_STRING(iovec[n++], session);
647 : }
648 :
649 0 : if (cg_path_get_owner_uid(c, &owner) >= 0) {
650 0 : owner_valid = true;
651 :
652 0 : sprintf(owner_uid, "_SYSTEMD_OWNER_UID="UID_FMT, owner);
653 0 : IOVEC_SET_STRING(iovec[n++], owner_uid);
654 : }
655 :
656 0 : if (cg_path_get_unit(c, &t) >= 0) {
657 0 : x = strjoina("_SYSTEMD_UNIT=", t);
658 0 : free(t);
659 0 : IOVEC_SET_STRING(iovec[n++], x);
660 0 : } else if (unit_id && !session) {
661 0 : x = strjoina("_SYSTEMD_UNIT=", unit_id);
662 0 : IOVEC_SET_STRING(iovec[n++], x);
663 : }
664 :
665 0 : if (cg_path_get_user_unit(c, &t) >= 0) {
666 0 : x = strjoina("_SYSTEMD_USER_UNIT=", t);
667 0 : free(t);
668 0 : IOVEC_SET_STRING(iovec[n++], x);
669 0 : } else if (unit_id && session) {
670 0 : x = strjoina("_SYSTEMD_USER_UNIT=", unit_id);
671 0 : IOVEC_SET_STRING(iovec[n++], x);
672 : }
673 :
674 0 : if (cg_path_get_slice(c, &t) >= 0) {
675 0 : x = strjoina("_SYSTEMD_SLICE=", t);
676 0 : free(t);
677 0 : IOVEC_SET_STRING(iovec[n++], x);
678 : }
679 :
680 0 : free(c);
681 0 : } else if (unit_id) {
682 0 : x = strjoina("_SYSTEMD_UNIT=", unit_id);
683 0 : IOVEC_SET_STRING(iovec[n++], x);
684 : }
685 :
686 : #ifdef HAVE_SELINUX
687 : if (mac_selinux_use()) {
688 : if (label) {
689 : x = alloca(strlen("_SELINUX_CONTEXT=") + label_len + 1);
690 :
691 : *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
692 : IOVEC_SET_STRING(iovec[n++], x);
693 : } else {
694 : security_context_t con;
695 :
696 : if (getpidcon(ucred->pid, &con) >= 0) {
697 : x = strjoina("_SELINUX_CONTEXT=", con);
698 :
699 : freecon(con);
700 : IOVEC_SET_STRING(iovec[n++], x);
701 : }
702 : }
703 : }
704 : #endif
705 : }
706 0 : assert(n <= m);
707 :
708 0 : if (object_pid) {
709 0 : r = get_process_uid(object_pid, &object_uid);
710 0 : if (r >= 0) {
711 0 : sprintf(o_uid, "OBJECT_UID="UID_FMT, object_uid);
712 0 : IOVEC_SET_STRING(iovec[n++], o_uid);
713 : }
714 :
715 0 : r = get_process_gid(object_pid, &object_gid);
716 0 : if (r >= 0) {
717 0 : sprintf(o_gid, "OBJECT_GID="GID_FMT, object_gid);
718 0 : IOVEC_SET_STRING(iovec[n++], o_gid);
719 : }
720 :
721 0 : r = get_process_comm(object_pid, &t);
722 0 : if (r >= 0) {
723 0 : x = strjoina("OBJECT_COMM=", t);
724 0 : free(t);
725 0 : IOVEC_SET_STRING(iovec[n++], x);
726 : }
727 :
728 0 : r = get_process_exe(object_pid, &t);
729 0 : if (r >= 0) {
730 0 : x = strjoina("OBJECT_EXE=", t);
731 0 : free(t);
732 0 : IOVEC_SET_STRING(iovec[n++], x);
733 : }
734 :
735 0 : r = get_process_cmdline(object_pid, 0, false, &t);
736 0 : if (r >= 0) {
737 0 : x = strjoina("OBJECT_CMDLINE=", t);
738 0 : free(t);
739 0 : IOVEC_SET_STRING(iovec[n++], x);
740 : }
741 :
742 : #ifdef HAVE_AUDIT
743 0 : r = audit_session_from_pid(object_pid, &audit);
744 0 : if (r >= 0) {
745 0 : sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%"PRIu32, audit);
746 0 : IOVEC_SET_STRING(iovec[n++], o_audit_session);
747 : }
748 :
749 0 : r = audit_loginuid_from_pid(object_pid, &loginuid);
750 0 : if (r >= 0) {
751 0 : sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID="UID_FMT, loginuid);
752 0 : IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
753 : }
754 : #endif
755 :
756 0 : r = cg_pid_get_path_shifted(object_pid, s->cgroup_root, &c);
757 0 : if (r >= 0) {
758 0 : x = strjoina("OBJECT_SYSTEMD_CGROUP=", c);
759 0 : IOVEC_SET_STRING(iovec[n++], x);
760 :
761 0 : r = cg_path_get_session(c, &t);
762 0 : if (r >= 0) {
763 0 : x = strjoina("OBJECT_SYSTEMD_SESSION=", t);
764 0 : free(t);
765 0 : IOVEC_SET_STRING(iovec[n++], x);
766 : }
767 :
768 0 : if (cg_path_get_owner_uid(c, &owner) >= 0) {
769 0 : sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT, owner);
770 0 : IOVEC_SET_STRING(iovec[n++], o_owner_uid);
771 : }
772 :
773 0 : if (cg_path_get_unit(c, &t) >= 0) {
774 0 : x = strjoina("OBJECT_SYSTEMD_UNIT=", t);
775 0 : free(t);
776 0 : IOVEC_SET_STRING(iovec[n++], x);
777 : }
778 :
779 0 : if (cg_path_get_user_unit(c, &t) >= 0) {
780 0 : x = strjoina("OBJECT_SYSTEMD_USER_UNIT=", t);
781 0 : free(t);
782 0 : IOVEC_SET_STRING(iovec[n++], x);
783 : }
784 :
785 0 : free(c);
786 : }
787 : }
788 0 : assert(n <= m);
789 :
790 0 : if (tv) {
791 0 : sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
792 0 : IOVEC_SET_STRING(iovec[n++], source_time);
793 : }
794 :
795 : /* Note that strictly speaking storing the boot id here is
796 : * redundant since the entry includes this in-line
797 : * anyway. However, we need this indexed, too. */
798 0 : if (!isempty(s->boot_id_field))
799 0 : IOVEC_SET_STRING(iovec[n++], s->boot_id_field);
800 :
801 0 : if (!isempty(s->machine_id_field))
802 0 : IOVEC_SET_STRING(iovec[n++], s->machine_id_field);
803 :
804 0 : if (!isempty(s->hostname_field))
805 0 : IOVEC_SET_STRING(iovec[n++], s->hostname_field);
806 :
807 0 : assert(n <= m);
808 :
809 0 : if (s->split_mode == SPLIT_UID && realuid > 0)
810 : /* Split up strictly by any UID */
811 0 : journal_uid = realuid;
812 0 : else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
813 : /* Split up by login UIDs. We do this only if the
814 : * realuid is not root, in order not to accidentally
815 : * leak privileged information to the user that is
816 : * logged by a privileged process that is part of an
817 : * unprivileged session. */
818 0 : journal_uid = owner;
819 : else
820 0 : journal_uid = 0;
821 :
822 0 : write_to_journal(s, journal_uid, iovec, n, priority);
823 0 : }
824 :
825 0 : void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
826 : char mid[11 + 32 + 1];
827 : char buffer[16 + LINE_MAX + 1];
828 : struct iovec iovec[N_IOVEC_META_FIELDS + 4];
829 0 : int n = 0;
830 : va_list ap;
831 0 : struct ucred ucred = {};
832 :
833 0 : assert(s);
834 0 : assert(format);
835 :
836 0 : IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
837 0 : IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
838 :
839 0 : memcpy(buffer, "MESSAGE=", 8);
840 0 : va_start(ap, format);
841 0 : vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
842 0 : va_end(ap);
843 0 : IOVEC_SET_STRING(iovec[n++], buffer);
844 :
845 0 : if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
846 0 : snprintf(mid, sizeof(mid), LOG_MESSAGE_ID(message_id));
847 0 : IOVEC_SET_STRING(iovec[n++], mid);
848 : }
849 :
850 0 : ucred.pid = getpid();
851 0 : ucred.uid = getuid();
852 0 : ucred.gid = getgid();
853 :
854 0 : dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
855 0 : }
856 :
857 0 : void server_dispatch_message(
858 : Server *s,
859 : struct iovec *iovec, unsigned n, unsigned m,
860 : const struct ucred *ucred,
861 : const struct timeval *tv,
862 : const char *label, size_t label_len,
863 : const char *unit_id,
864 : int priority,
865 : pid_t object_pid) {
866 :
867 : int rl, r;
868 0 : _cleanup_free_ char *path = NULL;
869 : char *c;
870 :
871 0 : assert(s);
872 0 : assert(iovec || n == 0);
873 :
874 0 : if (n == 0)
875 0 : return;
876 :
877 0 : if (LOG_PRI(priority) > s->max_level_store)
878 0 : return;
879 :
880 : /* Stop early in case the information will not be stored
881 : * in a journal. */
882 0 : if (s->storage == STORAGE_NONE)
883 0 : return;
884 :
885 0 : if (!ucred)
886 0 : goto finish;
887 :
888 0 : r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &path);
889 0 : if (r < 0)
890 0 : goto finish;
891 :
892 : /* example: /user/lennart/3/foobar
893 : * /system/dbus.service/foobar
894 : *
895 : * So let's cut of everything past the third /, since that is
896 : * where user directories start */
897 :
898 0 : c = strchr(path, '/');
899 0 : if (c) {
900 0 : c = strchr(c+1, '/');
901 0 : if (c) {
902 0 : c = strchr(c+1, '/');
903 0 : if (c)
904 0 : *c = 0;
905 : }
906 : }
907 :
908 0 : rl = journal_rate_limit_test(s->rate_limit, path,
909 : priority & LOG_PRIMASK, available_space(s, false));
910 :
911 0 : if (rl == 0)
912 0 : return;
913 :
914 : /* Write a suppression message if we suppressed something */
915 0 : if (rl > 1)
916 0 : server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
917 : "Suppressed %u messages from %s", rl - 1, path);
918 :
919 : finish:
920 0 : dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
921 : }
922 :
923 :
924 0 : static int system_journal_open(Server *s, bool flush_requested) {
925 : int r;
926 : char *fn;
927 : sd_id128_t machine;
928 : char ids[33];
929 :
930 0 : r = sd_id128_get_machine(&machine);
931 0 : if (r < 0)
932 0 : return log_error_errno(r, "Failed to get machine id: %m");
933 :
934 0 : sd_id128_to_string(machine, ids);
935 :
936 0 : if (!s->system_journal &&
937 0 : (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
938 : (flush_requested
939 0 : || access("/run/systemd/journal/flushed", F_OK) >= 0)) {
940 :
941 : /* If in auto mode: first try to create the machine
942 : * path, but not the prefix.
943 : *
944 : * If in persistent mode: create /var/log/journal and
945 : * the machine path */
946 :
947 0 : if (s->storage == STORAGE_PERSISTENT)
948 0 : (void) mkdir_p("/var/log/journal/", 0755);
949 :
950 0 : fn = strjoina("/var/log/journal/", ids);
951 0 : (void) mkdir(fn, 0755);
952 :
953 0 : fn = strjoina(fn, "/system.journal");
954 0 : r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
955 :
956 0 : if (r >= 0)
957 0 : server_fix_perms(s, s->system_journal, 0);
958 0 : else if (r < 0) {
959 0 : if (r != -ENOENT && r != -EROFS)
960 0 : log_warning_errno(r, "Failed to open system journal: %m");
961 :
962 0 : r = 0;
963 : }
964 : }
965 :
966 0 : if (!s->runtime_journal &&
967 0 : (s->storage != STORAGE_NONE)) {
968 :
969 0 : fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
970 0 : if (!fn)
971 0 : return -ENOMEM;
972 :
973 0 : if (s->system_journal) {
974 :
975 : /* Try to open the runtime journal, but only
976 : * if it already exists, so that we can flush
977 : * it into the system journal */
978 :
979 0 : r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
980 0 : free(fn);
981 :
982 0 : if (r < 0) {
983 0 : if (r != -ENOENT)
984 0 : log_warning_errno(r, "Failed to open runtime journal: %m");
985 :
986 0 : r = 0;
987 : }
988 :
989 : } else {
990 :
991 : /* OK, we really need the runtime journal, so create
992 : * it if necessary. */
993 :
994 0 : (void) mkdir("/run/log", 0755);
995 0 : (void) mkdir("/run/log/journal", 0755);
996 0 : (void) mkdir_parents(fn, 0750);
997 :
998 0 : r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
999 0 : free(fn);
1000 :
1001 0 : if (r < 0)
1002 0 : return log_error_errno(r, "Failed to open runtime journal: %m");
1003 : }
1004 :
1005 0 : if (s->runtime_journal)
1006 0 : server_fix_perms(s, s->runtime_journal, 0);
1007 : }
1008 :
1009 0 : available_space(s, true);
1010 :
1011 0 : return r;
1012 : }
1013 :
1014 0 : int server_flush_to_var(Server *s) {
1015 : sd_id128_t machine;
1016 0 : sd_journal *j = NULL;
1017 : char ts[FORMAT_TIMESPAN_MAX];
1018 : usec_t start;
1019 0 : unsigned n = 0;
1020 : int r;
1021 :
1022 0 : assert(s);
1023 :
1024 0 : if (s->storage != STORAGE_AUTO &&
1025 0 : s->storage != STORAGE_PERSISTENT)
1026 0 : return 0;
1027 :
1028 0 : if (!s->runtime_journal)
1029 0 : return 0;
1030 :
1031 0 : system_journal_open(s, true);
1032 :
1033 0 : if (!s->system_journal)
1034 0 : return 0;
1035 :
1036 0 : log_debug("Flushing to /var...");
1037 :
1038 0 : start = now(CLOCK_MONOTONIC);
1039 :
1040 0 : r = sd_id128_get_machine(&machine);
1041 0 : if (r < 0)
1042 0 : return r;
1043 :
1044 0 : r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
1045 0 : if (r < 0)
1046 0 : return log_error_errno(r, "Failed to read runtime journal: %m");
1047 :
1048 0 : sd_journal_set_data_threshold(j, 0);
1049 :
1050 0 : SD_JOURNAL_FOREACH(j) {
1051 0 : Object *o = NULL;
1052 : JournalFile *f;
1053 :
1054 0 : f = j->current_file;
1055 0 : assert(f && f->current_offset > 0);
1056 :
1057 0 : n++;
1058 :
1059 0 : r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
1060 0 : if (r < 0) {
1061 0 : log_error_errno(r, "Can't read entry: %m");
1062 0 : goto finish;
1063 : }
1064 :
1065 0 : r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1066 0 : if (r >= 0)
1067 0 : continue;
1068 :
1069 0 : if (!shall_try_append_again(s->system_journal, r)) {
1070 0 : log_error_errno(r, "Can't write entry: %m");
1071 0 : goto finish;
1072 : }
1073 :
1074 0 : server_rotate(s);
1075 0 : server_vacuum(s);
1076 :
1077 0 : if (!s->system_journal) {
1078 0 : log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
1079 0 : r = -EIO;
1080 0 : goto finish;
1081 : }
1082 :
1083 0 : log_debug("Retrying write.");
1084 0 : r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
1085 0 : if (r < 0) {
1086 0 : log_error_errno(r, "Can't write entry: %m");
1087 0 : goto finish;
1088 : }
1089 : }
1090 :
1091 : finish:
1092 0 : journal_file_post_change(s->system_journal);
1093 :
1094 0 : journal_file_close(s->runtime_journal);
1095 0 : s->runtime_journal = NULL;
1096 :
1097 0 : if (r >= 0)
1098 0 : (void) rm_rf("/run/log/journal", REMOVE_ROOT);
1099 :
1100 0 : sd_journal_close(j);
1101 :
1102 0 : server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
1103 :
1104 0 : return r;
1105 : }
1106 :
1107 0 : int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1108 0 : Server *s = userdata;
1109 0 : struct ucred *ucred = NULL;
1110 0 : struct timeval *tv = NULL;
1111 : struct cmsghdr *cmsg;
1112 0 : char *label = NULL;
1113 0 : size_t label_len = 0, m;
1114 : struct iovec iovec;
1115 : ssize_t n;
1116 0 : int *fds = NULL, v = 0;
1117 0 : unsigned n_fds = 0;
1118 :
1119 : union {
1120 : struct cmsghdr cmsghdr;
1121 :
1122 : /* We use NAME_MAX space for the SELinux label
1123 : * here. The kernel currently enforces no
1124 : * limit, but according to suggestions from
1125 : * the SELinux people this will change and it
1126 : * will probably be identical to NAME_MAX. For
1127 : * now we use that, but this should be updated
1128 : * one day when the final limit is known. */
1129 : uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
1130 : CMSG_SPACE(sizeof(struct timeval)) +
1131 : CMSG_SPACE(sizeof(int)) + /* fd */
1132 : CMSG_SPACE(NAME_MAX)]; /* selinux label */
1133 0 : } control = {};
1134 :
1135 0 : union sockaddr_union sa = {};
1136 :
1137 0 : struct msghdr msghdr = {
1138 : .msg_iov = &iovec,
1139 : .msg_iovlen = 1,
1140 : .msg_control = &control,
1141 : .msg_controllen = sizeof(control),
1142 : .msg_name = &sa,
1143 : .msg_namelen = sizeof(sa),
1144 : };
1145 :
1146 0 : assert(s);
1147 0 : assert(fd == s->native_fd || fd == s->syslog_fd || fd == s->audit_fd);
1148 :
1149 0 : if (revents != EPOLLIN) {
1150 0 : log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
1151 0 : return -EIO;
1152 : }
1153 :
1154 : /* Try to get the right size, if we can. (Not all
1155 : * sockets support SIOCINQ, hence we just try, but
1156 : * don't rely on it. */
1157 0 : (void) ioctl(fd, SIOCINQ, &v);
1158 :
1159 : /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
1160 0 : m = PAGE_ALIGN(MAX3((size_t) v + 1,
1161 : (size_t) LINE_MAX,
1162 : ALIGN(sizeof(struct nlmsghdr)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH)) + 1);
1163 :
1164 0 : if (!GREEDY_REALLOC(s->buffer, s->buffer_size, m))
1165 0 : return log_oom();
1166 :
1167 0 : iovec.iov_base = s->buffer;
1168 0 : iovec.iov_len = s->buffer_size - 1; /* Leave room for trailing NUL we add later */
1169 :
1170 0 : n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
1171 0 : if (n < 0) {
1172 0 : if (errno == EINTR || errno == EAGAIN)
1173 0 : return 0;
1174 :
1175 0 : return log_error_errno(errno, "recvmsg() failed: %m");
1176 : }
1177 :
1178 0 : CMSG_FOREACH(cmsg, &msghdr) {
1179 :
1180 0 : if (cmsg->cmsg_level == SOL_SOCKET &&
1181 0 : cmsg->cmsg_type == SCM_CREDENTIALS &&
1182 0 : cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
1183 0 : ucred = (struct ucred*) CMSG_DATA(cmsg);
1184 0 : else if (cmsg->cmsg_level == SOL_SOCKET &&
1185 0 : cmsg->cmsg_type == SCM_SECURITY) {
1186 0 : label = (char*) CMSG_DATA(cmsg);
1187 0 : label_len = cmsg->cmsg_len - CMSG_LEN(0);
1188 0 : } else if (cmsg->cmsg_level == SOL_SOCKET &&
1189 0 : cmsg->cmsg_type == SO_TIMESTAMP &&
1190 0 : cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
1191 0 : tv = (struct timeval*) CMSG_DATA(cmsg);
1192 0 : else if (cmsg->cmsg_level == SOL_SOCKET &&
1193 0 : cmsg->cmsg_type == SCM_RIGHTS) {
1194 0 : fds = (int*) CMSG_DATA(cmsg);
1195 0 : n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
1196 : }
1197 : }
1198 :
1199 : /* And a trailing NUL, just in case */
1200 0 : s->buffer[n] = 0;
1201 :
1202 0 : if (fd == s->syslog_fd) {
1203 0 : if (n > 0 && n_fds == 0)
1204 0 : server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
1205 0 : else if (n_fds > 0)
1206 0 : log_warning("Got file descriptors via syslog socket. Ignoring.");
1207 :
1208 0 : } else if (fd == s->native_fd) {
1209 0 : if (n > 0 && n_fds == 0)
1210 0 : server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
1211 0 : else if (n == 0 && n_fds == 1)
1212 0 : server_process_native_file(s, fds[0], ucred, tv, label, label_len);
1213 0 : else if (n_fds > 0)
1214 0 : log_warning("Got too many file descriptors via native socket. Ignoring.");
1215 :
1216 : } else {
1217 0 : assert(fd == s->audit_fd);
1218 :
1219 0 : if (n > 0 && n_fds == 0)
1220 0 : server_process_audit_message(s, s->buffer, n, ucred, &sa, msghdr.msg_namelen);
1221 0 : else if (n_fds > 0)
1222 0 : log_warning("Got file descriptors via audit socket. Ignoring.");
1223 : }
1224 :
1225 0 : close_many(fds, n_fds);
1226 0 : return 0;
1227 : }
1228 :
1229 0 : static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1230 0 : Server *s = userdata;
1231 :
1232 0 : assert(s);
1233 :
1234 0 : log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
1235 :
1236 0 : server_flush_to_var(s);
1237 0 : server_sync(s);
1238 0 : server_vacuum(s);
1239 :
1240 0 : touch("/run/systemd/journal/flushed");
1241 :
1242 0 : return 0;
1243 : }
1244 :
1245 0 : static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1246 0 : Server *s = userdata;
1247 :
1248 0 : assert(s);
1249 :
1250 0 : log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
1251 0 : server_rotate(s);
1252 0 : server_vacuum(s);
1253 :
1254 0 : return 0;
1255 : }
1256 :
1257 0 : static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
1258 0 : Server *s = userdata;
1259 :
1260 0 : assert(s);
1261 :
1262 0 : log_received_signal(LOG_INFO, si);
1263 :
1264 0 : sd_event_exit(s->event, 0);
1265 0 : return 0;
1266 : }
1267 :
1268 0 : static int setup_signals(Server *s) {
1269 : int r;
1270 :
1271 0 : assert(s);
1272 :
1273 0 : assert(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1) >= 0);
1274 :
1275 0 : r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s);
1276 0 : if (r < 0)
1277 0 : return r;
1278 :
1279 0 : r = sd_event_add_signal(s->event, &s->sigusr2_event_source, SIGUSR2, dispatch_sigusr2, s);
1280 0 : if (r < 0)
1281 0 : return r;
1282 :
1283 0 : r = sd_event_add_signal(s->event, &s->sigterm_event_source, SIGTERM, dispatch_sigterm, s);
1284 0 : if (r < 0)
1285 0 : return r;
1286 :
1287 0 : r = sd_event_add_signal(s->event, &s->sigint_event_source, SIGINT, dispatch_sigterm, s);
1288 0 : if (r < 0)
1289 0 : return r;
1290 :
1291 0 : return 0;
1292 : }
1293 :
1294 0 : static int server_parse_proc_cmdline(Server *s) {
1295 0 : _cleanup_free_ char *line = NULL;
1296 : const char *w, *state;
1297 : size_t l;
1298 : int r;
1299 :
1300 0 : r = proc_cmdline(&line);
1301 0 : if (r < 0) {
1302 0 : log_warning_errno(r, "Failed to read /proc/cmdline, ignoring: %m");
1303 0 : return 0;
1304 : }
1305 :
1306 0 : FOREACH_WORD_QUOTED(w, l, line, state) {
1307 0 : _cleanup_free_ char *word;
1308 :
1309 0 : word = strndup(w, l);
1310 0 : if (!word)
1311 0 : return -ENOMEM;
1312 :
1313 0 : if (startswith(word, "systemd.journald.forward_to_syslog=")) {
1314 0 : r = parse_boolean(word + 35);
1315 0 : if (r < 0)
1316 0 : log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
1317 : else
1318 0 : s->forward_to_syslog = r;
1319 0 : } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
1320 0 : r = parse_boolean(word + 33);
1321 0 : if (r < 0)
1322 0 : log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
1323 : else
1324 0 : s->forward_to_kmsg = r;
1325 0 : } else if (startswith(word, "systemd.journald.forward_to_console=")) {
1326 0 : r = parse_boolean(word + 36);
1327 0 : if (r < 0)
1328 0 : log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
1329 : else
1330 0 : s->forward_to_console = r;
1331 0 : } else if (startswith(word, "systemd.journald.forward_to_wall=")) {
1332 0 : r = parse_boolean(word + 33);
1333 0 : if (r < 0)
1334 0 : log_warning("Failed to parse forward to wall switch %s. Ignoring.", word + 33);
1335 : else
1336 0 : s->forward_to_wall = r;
1337 0 : } else if (startswith(word, "systemd.journald"))
1338 0 : log_warning("Invalid systemd.journald parameter. Ignoring.");
1339 : }
1340 : /* do not warn about state here, since probably systemd already did */
1341 :
1342 0 : return 0;
1343 : }
1344 :
1345 0 : static int server_parse_config_file(Server *s) {
1346 0 : assert(s);
1347 :
1348 0 : return config_parse_many("/etc/systemd/journald.conf",
1349 : CONF_DIRS_NULSTR("systemd/journald.conf"),
1350 : "Journal\0",
1351 : config_item_perf_lookup, journald_gperf_lookup,
1352 : false, s);
1353 : }
1354 :
1355 0 : static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
1356 0 : Server *s = userdata;
1357 :
1358 0 : assert(s);
1359 :
1360 0 : server_sync(s);
1361 0 : return 0;
1362 : }
1363 :
1364 0 : int server_schedule_sync(Server *s, int priority) {
1365 : int r;
1366 :
1367 0 : assert(s);
1368 :
1369 0 : if (priority <= LOG_CRIT) {
1370 : /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
1371 0 : server_sync(s);
1372 0 : return 0;
1373 : }
1374 :
1375 0 : if (s->sync_scheduled)
1376 0 : return 0;
1377 :
1378 0 : if (s->sync_interval_usec > 0) {
1379 : usec_t when;
1380 :
1381 0 : r = sd_event_now(s->event, CLOCK_MONOTONIC, &when);
1382 0 : if (r < 0)
1383 0 : return r;
1384 :
1385 0 : when += s->sync_interval_usec;
1386 :
1387 0 : if (!s->sync_event_source) {
1388 0 : r = sd_event_add_time(
1389 : s->event,
1390 : &s->sync_event_source,
1391 : CLOCK_MONOTONIC,
1392 : when, 0,
1393 : server_dispatch_sync, s);
1394 0 : if (r < 0)
1395 0 : return r;
1396 :
1397 0 : r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
1398 : } else {
1399 0 : r = sd_event_source_set_time(s->sync_event_source, when);
1400 0 : if (r < 0)
1401 0 : return r;
1402 :
1403 0 : r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
1404 : }
1405 0 : if (r < 0)
1406 0 : return r;
1407 :
1408 0 : s->sync_scheduled = true;
1409 : }
1410 :
1411 0 : return 0;
1412 : }
1413 :
1414 0 : static int dispatch_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
1415 0 : Server *s = userdata;
1416 :
1417 0 : assert(s);
1418 :
1419 0 : server_cache_hostname(s);
1420 0 : return 0;
1421 : }
1422 :
1423 0 : static int server_open_hostname(Server *s) {
1424 : int r;
1425 :
1426 0 : assert(s);
1427 :
1428 0 : s->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
1429 0 : if (s->hostname_fd < 0)
1430 0 : return log_error_errno(errno, "Failed to open /proc/sys/kernel/hostname: %m");
1431 :
1432 0 : r = sd_event_add_io(s->event, &s->hostname_event_source, s->hostname_fd, 0, dispatch_hostname_change, s);
1433 0 : if (r < 0) {
1434 : /* kernels prior to 3.2 don't support polling this file. Ignore
1435 : * the failure. */
1436 0 : if (r == -EPERM) {
1437 0 : log_warning("Failed to register hostname fd in event loop: %s. Ignoring.",
1438 : strerror(-r));
1439 0 : s->hostname_fd = safe_close(s->hostname_fd);
1440 0 : return 0;
1441 : }
1442 :
1443 0 : return log_error_errno(r, "Failed to register hostname fd in event loop: %m");
1444 : }
1445 :
1446 0 : r = sd_event_source_set_priority(s->hostname_event_source, SD_EVENT_PRIORITY_IMPORTANT-10);
1447 0 : if (r < 0)
1448 0 : return log_error_errno(r, "Failed to adjust priority of host name event source: %m");
1449 :
1450 0 : return 0;
1451 : }
1452 :
1453 0 : int server_init(Server *s) {
1454 0 : _cleanup_fdset_free_ FDSet *fds = NULL;
1455 : int n, r, fd;
1456 :
1457 0 : assert(s);
1458 :
1459 0 : zero(*s);
1460 0 : s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = s->audit_fd = s->hostname_fd = -1;
1461 0 : s->compress = true;
1462 0 : s->seal = true;
1463 :
1464 0 : s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
1465 0 : s->sync_scheduled = false;
1466 :
1467 0 : s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
1468 0 : s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
1469 :
1470 0 : s->forward_to_wall = true;
1471 :
1472 0 : s->max_file_usec = DEFAULT_MAX_FILE_USEC;
1473 :
1474 0 : s->max_level_store = LOG_DEBUG;
1475 0 : s->max_level_syslog = LOG_DEBUG;
1476 0 : s->max_level_kmsg = LOG_NOTICE;
1477 0 : s->max_level_console = LOG_INFO;
1478 0 : s->max_level_wall = LOG_EMERG;
1479 :
1480 0 : memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
1481 0 : memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
1482 :
1483 0 : server_parse_config_file(s);
1484 0 : server_parse_proc_cmdline(s);
1485 0 : if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
1486 0 : log_debug("Setting both rate limit interval and burst from "USEC_FMT",%u to 0,0",
1487 : s->rate_limit_interval, s->rate_limit_burst);
1488 0 : s->rate_limit_interval = s->rate_limit_burst = 0;
1489 : }
1490 :
1491 0 : mkdir_p("/run/systemd/journal", 0755);
1492 :
1493 0 : s->user_journals = ordered_hashmap_new(NULL);
1494 0 : if (!s->user_journals)
1495 0 : return log_oom();
1496 :
1497 0 : s->mmap = mmap_cache_new();
1498 0 : if (!s->mmap)
1499 0 : return log_oom();
1500 :
1501 0 : r = sd_event_default(&s->event);
1502 0 : if (r < 0)
1503 0 : return log_error_errno(r, "Failed to create event loop: %m");
1504 :
1505 0 : sd_event_set_watchdog(s->event, true);
1506 :
1507 0 : n = sd_listen_fds(true);
1508 0 : if (n < 0)
1509 0 : return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
1510 :
1511 0 : for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
1512 :
1513 0 : if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
1514 :
1515 0 : if (s->native_fd >= 0) {
1516 0 : log_error("Too many native sockets passed.");
1517 0 : return -EINVAL;
1518 : }
1519 :
1520 0 : s->native_fd = fd;
1521 :
1522 0 : } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
1523 :
1524 0 : if (s->stdout_fd >= 0) {
1525 0 : log_error("Too many stdout sockets passed.");
1526 0 : return -EINVAL;
1527 : }
1528 :
1529 0 : s->stdout_fd = fd;
1530 :
1531 0 : } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 ||
1532 0 : sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) {
1533 :
1534 0 : if (s->syslog_fd >= 0) {
1535 0 : log_error("Too many /dev/log sockets passed.");
1536 0 : return -EINVAL;
1537 : }
1538 :
1539 0 : s->syslog_fd = fd;
1540 :
1541 0 : } else if (sd_is_socket(fd, AF_NETLINK, SOCK_RAW, -1) > 0) {
1542 :
1543 0 : if (s->audit_fd >= 0) {
1544 0 : log_error("Too many audit sockets passed.");
1545 0 : return -EINVAL;
1546 : }
1547 :
1548 0 : s->audit_fd = fd;
1549 :
1550 : } else {
1551 :
1552 0 : if (!fds) {
1553 0 : fds = fdset_new();
1554 0 : if (!fds)
1555 0 : return log_oom();
1556 : }
1557 :
1558 0 : r = fdset_put(fds, fd);
1559 0 : if (r < 0)
1560 0 : return log_oom();
1561 : }
1562 : }
1563 :
1564 0 : r = server_open_stdout_socket(s, fds);
1565 0 : if (r < 0)
1566 0 : return r;
1567 :
1568 0 : if (fdset_size(fds) > 0) {
1569 0 : log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
1570 0 : fds = fdset_free(fds);
1571 : }
1572 :
1573 0 : r = server_open_syslog_socket(s);
1574 0 : if (r < 0)
1575 0 : return r;
1576 :
1577 0 : r = server_open_native_socket(s);
1578 0 : if (r < 0)
1579 0 : return r;
1580 :
1581 0 : r = server_open_dev_kmsg(s);
1582 0 : if (r < 0)
1583 0 : return r;
1584 :
1585 0 : r = server_open_audit(s);
1586 0 : if (r < 0)
1587 0 : return r;
1588 :
1589 0 : r = server_open_kernel_seqnum(s);
1590 0 : if (r < 0)
1591 0 : return r;
1592 :
1593 0 : r = server_open_hostname(s);
1594 0 : if (r < 0)
1595 0 : return r;
1596 :
1597 0 : r = setup_signals(s);
1598 0 : if (r < 0)
1599 0 : return r;
1600 :
1601 0 : s->udev = udev_new();
1602 0 : if (!s->udev)
1603 0 : return -ENOMEM;
1604 :
1605 0 : s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
1606 0 : if (!s->rate_limit)
1607 0 : return -ENOMEM;
1608 :
1609 0 : r = cg_get_root_path(&s->cgroup_root);
1610 0 : if (r < 0)
1611 0 : return r;
1612 :
1613 0 : server_cache_hostname(s);
1614 0 : server_cache_boot_id(s);
1615 0 : server_cache_machine_id(s);
1616 :
1617 0 : r = system_journal_open(s, false);
1618 0 : if (r < 0)
1619 0 : return r;
1620 :
1621 0 : return 0;
1622 : }
1623 :
1624 0 : void server_maybe_append_tags(Server *s) {
1625 : #ifdef HAVE_GCRYPT
1626 : JournalFile *f;
1627 : Iterator i;
1628 : usec_t n;
1629 :
1630 0 : n = now(CLOCK_REALTIME);
1631 :
1632 0 : if (s->system_journal)
1633 0 : journal_file_maybe_append_tag(s->system_journal, n);
1634 :
1635 0 : ORDERED_HASHMAP_FOREACH(f, s->user_journals, i)
1636 0 : journal_file_maybe_append_tag(f, n);
1637 : #endif
1638 0 : }
1639 :
1640 0 : void server_done(Server *s) {
1641 : JournalFile *f;
1642 0 : assert(s);
1643 :
1644 0 : while (s->stdout_streams)
1645 0 : stdout_stream_free(s->stdout_streams);
1646 :
1647 0 : if (s->system_journal)
1648 0 : journal_file_close(s->system_journal);
1649 :
1650 0 : if (s->runtime_journal)
1651 0 : journal_file_close(s->runtime_journal);
1652 :
1653 0 : while ((f = ordered_hashmap_steal_first(s->user_journals)))
1654 0 : journal_file_close(f);
1655 :
1656 0 : ordered_hashmap_free(s->user_journals);
1657 :
1658 0 : sd_event_source_unref(s->syslog_event_source);
1659 0 : sd_event_source_unref(s->native_event_source);
1660 0 : sd_event_source_unref(s->stdout_event_source);
1661 0 : sd_event_source_unref(s->dev_kmsg_event_source);
1662 0 : sd_event_source_unref(s->audit_event_source);
1663 0 : sd_event_source_unref(s->sync_event_source);
1664 0 : sd_event_source_unref(s->sigusr1_event_source);
1665 0 : sd_event_source_unref(s->sigusr2_event_source);
1666 0 : sd_event_source_unref(s->sigterm_event_source);
1667 0 : sd_event_source_unref(s->sigint_event_source);
1668 0 : sd_event_source_unref(s->hostname_event_source);
1669 0 : sd_event_unref(s->event);
1670 :
1671 0 : safe_close(s->syslog_fd);
1672 0 : safe_close(s->native_fd);
1673 0 : safe_close(s->stdout_fd);
1674 0 : safe_close(s->dev_kmsg_fd);
1675 0 : safe_close(s->audit_fd);
1676 0 : safe_close(s->hostname_fd);
1677 :
1678 0 : if (s->rate_limit)
1679 0 : journal_rate_limit_free(s->rate_limit);
1680 :
1681 0 : if (s->kernel_seqnum)
1682 0 : munmap(s->kernel_seqnum, sizeof(uint64_t));
1683 :
1684 0 : free(s->buffer);
1685 0 : free(s->tty_path);
1686 0 : free(s->cgroup_root);
1687 0 : free(s->hostname_field);
1688 :
1689 0 : if (s->mmap)
1690 0 : mmap_cache_unref(s->mmap);
1691 :
1692 0 : if (s->udev)
1693 0 : udev_unref(s->udev);
1694 0 : }
|