LCOV - code coverage report
Current view: top level - journal - journald-server.c (source / functions) Hit Total Coverage
Test: systemd test coverage Lines: 2 887 0.2 %
Date: 2015-07-29 18:47:03 Functions: 4 38 10.5 %

          Line data    Source code
       1             : /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
       2             : 
       3             : /***
       4             :   This file is part of systemd.
       5             : 
       6             :   Copyright 2011 Lennart Poettering
       7             : 
       8             :   systemd is free software; you can redistribute it and/or modify it
       9             :   under the terms of the GNU Lesser General Public License as published by
      10             :   the Free Software Foundation; either version 2.1 of the License, or
      11             :   (at your option) any later version.
      12             : 
      13             :   systemd is distributed in the hope that it will be useful, but
      14             :   WITHOUT ANY WARRANTY; without even the implied warranty of
      15             :   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
      16             :   Lesser General Public License for more details.
      17             : 
      18             :   You should have received a copy of the GNU Lesser General Public License
      19             :   along with systemd; If not, see <http://www.gnu.org/licenses/>.
      20             : ***/
      21             : 
      22             : #include <sys/signalfd.h>
      23             : #include <sys/ioctl.h>
      24             : #include <linux/sockios.h>
      25             : #include <sys/statvfs.h>
      26             : #include <sys/mman.h>
      27             : 
      28             : #ifdef HAVE_SELINUX
      29             : #include <selinux/selinux.h>
      30             : #endif
      31             : 
      32             : #include <libudev.h>
      33             : 
      34             : #include "sd-journal.h"
      35             : #include "sd-messages.h"
      36             : #include "sd-daemon.h"
      37             : #include "mkdir.h"
      38             : #include "rm-rf.h"
      39             : #include "hashmap.h"
      40             : #include "journal-file.h"
      41             : #include "socket-util.h"
      42             : #include "cgroup-util.h"
      43             : #include "missing.h"
      44             : #include "conf-parser.h"
      45             : #include "selinux-util.h"
      46             : #include "acl-util.h"
      47             : #include "formats-util.h"
      48             : #include "process-util.h"
      49             : #include "hostname-util.h"
      50             : #include "signal-util.h"
      51             : #include "journal-internal.h"
      52             : #include "journal-vacuum.h"
      53             : #include "journal-authenticate.h"
      54             : #include "journald-rate-limit.h"
      55             : #include "journald-kmsg.h"
      56             : #include "journald-syslog.h"
      57             : #include "journald-stream.h"
      58             : #include "journald-native.h"
      59             : #include "journald-audit.h"
      60             : #include "journald-server.h"
      61             : 
      62             : #define USER_JOURNALS_MAX 1024
      63             : 
      64             : #define DEFAULT_SYNC_INTERVAL_USEC (5*USEC_PER_MINUTE)
      65             : #define DEFAULT_RATE_LIMIT_INTERVAL (30*USEC_PER_SEC)
      66             : #define DEFAULT_RATE_LIMIT_BURST 1000
      67             : #define DEFAULT_MAX_FILE_USEC USEC_PER_MONTH
      68             : 
      69             : #define RECHECK_AVAILABLE_SPACE_USEC (30*USEC_PER_SEC)
      70             : 
      71             : static const char* const storage_table[_STORAGE_MAX] = {
      72             :         [STORAGE_AUTO] = "auto",
      73             :         [STORAGE_VOLATILE] = "volatile",
      74             :         [STORAGE_PERSISTENT] = "persistent",
      75             :         [STORAGE_NONE] = "none"
      76             : };
      77             : 
      78          12 : DEFINE_STRING_TABLE_LOOKUP(storage, Storage);
      79           0 : DEFINE_CONFIG_PARSE_ENUM(config_parse_storage, storage, Storage, "Failed to parse storage setting");
      80             : 
      81             : static const char* const split_mode_table[_SPLIT_MAX] = {
      82             :         [SPLIT_LOGIN] = "login",
      83             :         [SPLIT_UID] = "uid",
      84             :         [SPLIT_NONE] = "none",
      85             : };
      86             : 
      87          10 : DEFINE_STRING_TABLE_LOOKUP(split_mode, SplitMode);
      88           0 : DEFINE_CONFIG_PARSE_ENUM(config_parse_split_mode, split_mode, SplitMode, "Failed to parse split mode setting");
      89             : 
      90           0 : static uint64_t available_space(Server *s, bool verbose) {
      91             :         char ids[33];
      92           0 :         _cleanup_free_ char *p = NULL;
      93             :         sd_id128_t machine;
      94             :         struct statvfs ss;
      95           0 :         uint64_t sum = 0, ss_avail = 0, avail = 0;
      96             :         int r;
      97           0 :         _cleanup_closedir_ DIR *d = NULL;
      98             :         usec_t ts;
      99             :         const char *f;
     100             :         JournalMetrics *m;
     101             : 
     102           0 :         ts = now(CLOCK_MONOTONIC);
     103             : 
     104           0 :         if (s->cached_available_space_timestamp + RECHECK_AVAILABLE_SPACE_USEC > ts
     105           0 :             && !verbose)
     106           0 :                 return s->cached_available_space;
     107             : 
     108           0 :         r = sd_id128_get_machine(&machine);
     109           0 :         if (r < 0)
     110           0 :                 return 0;
     111             : 
     112           0 :         if (s->system_journal) {
     113           0 :                 f = "/var/log/journal/";
     114           0 :                 m = &s->system_metrics;
     115             :         } else {
     116           0 :                 f = "/run/log/journal/";
     117           0 :                 m = &s->runtime_metrics;
     118             :         }
     119             : 
     120           0 :         assert(m);
     121             : 
     122           0 :         p = strappend(f, sd_id128_to_string(machine, ids));
     123           0 :         if (!p)
     124           0 :                 return 0;
     125             : 
     126           0 :         d = opendir(p);
     127           0 :         if (!d)
     128           0 :                 return 0;
     129             : 
     130           0 :         if (fstatvfs(dirfd(d), &ss) < 0)
     131           0 :                 return 0;
     132             : 
     133             :         for (;;) {
     134             :                 struct stat st;
     135             :                 struct dirent *de;
     136             : 
     137           0 :                 errno = 0;
     138           0 :                 de = readdir(d);
     139           0 :                 if (!de && errno != 0)
     140           0 :                         return 0;
     141             : 
     142           0 :                 if (!de)
     143           0 :                         break;
     144             : 
     145           0 :                 if (!endswith(de->d_name, ".journal") &&
     146           0 :                     !endswith(de->d_name, ".journal~"))
     147           0 :                         continue;
     148             : 
     149           0 :                 if (fstatat(dirfd(d), de->d_name, &st, AT_SYMLINK_NOFOLLOW) < 0)
     150           0 :                         continue;
     151             : 
     152           0 :                 if (!S_ISREG(st.st_mode))
     153           0 :                         continue;
     154             : 
     155           0 :                 sum += (uint64_t) st.st_blocks * 512UL;
     156           0 :         }
     157             : 
     158           0 :         ss_avail = ss.f_bsize * ss.f_bavail;
     159             : 
     160             :         /* If we reached a high mark, we will always allow this much
     161             :          * again, unless usage goes above max_use. This watermark
     162             :          * value is cached so that we don't give up space on pressure,
     163             :          * but hover below the maximum usage. */
     164             : 
     165           0 :         if (m->use < sum)
     166           0 :                 m->use = sum;
     167             : 
     168           0 :         avail = LESS_BY(ss_avail, m->keep_free);
     169             : 
     170           0 :         s->cached_available_space = LESS_BY(MIN(m->max_use, avail), sum);
     171           0 :         s->cached_available_space_timestamp = ts;
     172             : 
     173           0 :         if (verbose) {
     174             :                 char    fb1[FORMAT_BYTES_MAX], fb2[FORMAT_BYTES_MAX], fb3[FORMAT_BYTES_MAX],
     175             :                         fb4[FORMAT_BYTES_MAX], fb5[FORMAT_BYTES_MAX];
     176             : 
     177           0 :                 server_driver_message(s, SD_MESSAGE_JOURNAL_USAGE,
     178             :                                       "%s is currently using %s.\n"
     179             :                                       "Maximum allowed usage is set to %s.\n"
     180             :                                       "Leaving at least %s free (of currently available %s of space).\n"
     181             :                                       "Enforced usage limit is thus %s.",
     182           0 :                                       s->system_journal ? "Permanent journal (/var/log/journal/)" : "Runtime journal (/run/log/journal/)",
     183             :                                       format_bytes(fb1, sizeof(fb1), sum),
     184           0 :                                       format_bytes(fb2, sizeof(fb2), m->max_use),
     185           0 :                                       format_bytes(fb3, sizeof(fb3), m->keep_free),
     186             :                                       format_bytes(fb4, sizeof(fb4), ss_avail),
     187           0 :                                       format_bytes(fb5, sizeof(fb5), s->cached_available_space + sum));
     188             :         }
     189             : 
     190           0 :         return s->cached_available_space;
     191             : }
     192             : 
     193           0 : void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
     194             :         int r;
     195             : #ifdef HAVE_ACL
     196             :         acl_t acl;
     197             :         acl_entry_t entry;
     198             :         acl_permset_t permset;
     199             : #endif
     200             : 
     201           0 :         assert(f);
     202             : 
     203           0 :         r = fchmod(f->fd, 0640);
     204           0 :         if (r < 0)
     205           0 :                 log_warning_errno(r, "Failed to fix access mode on %s, ignoring: %m", f->path);
     206             : 
     207             : #ifdef HAVE_ACL
     208           0 :         if (uid <= SYSTEM_UID_MAX)
     209           0 :                 return;
     210             : 
     211           0 :         acl = acl_get_fd(f->fd);
     212           0 :         if (!acl) {
     213           0 :                 log_warning_errno(errno, "Failed to read ACL on %s, ignoring: %m", f->path);
     214           0 :                 return;
     215             :         }
     216             : 
     217           0 :         r = acl_find_uid(acl, uid, &entry);
     218           0 :         if (r <= 0) {
     219             : 
     220           0 :                 if (acl_create_entry(&acl, &entry) < 0 ||
     221           0 :                     acl_set_tag_type(entry, ACL_USER) < 0 ||
     222           0 :                     acl_set_qualifier(entry, &uid) < 0) {
     223           0 :                         log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
     224           0 :                         goto finish;
     225             :                 }
     226             :         }
     227             : 
     228             :         /* We do not recalculate the mask unconditionally here,
     229             :          * so that the fchmod() mask above stays intact. */
     230           0 :         if (acl_get_permset(entry, &permset) < 0 ||
     231           0 :             acl_add_perm(permset, ACL_READ) < 0 ||
     232           0 :             calc_acl_mask_if_needed(&acl) < 0) {
     233           0 :                 log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
     234           0 :                 goto finish;
     235             :         }
     236             : 
     237           0 :         if (acl_set_fd(f->fd, acl) < 0)
     238           0 :                 log_warning_errno(errno, "Failed to set ACL on %s, ignoring: %m", f->path);
     239             : 
     240             : finish:
     241           0 :         acl_free(acl);
     242             : #endif
     243             : }
     244             : 
     245           0 : static JournalFile* find_journal(Server *s, uid_t uid) {
     246           0 :         _cleanup_free_ char *p = NULL;
     247             :         int r;
     248             :         JournalFile *f;
     249             :         sd_id128_t machine;
     250             : 
     251           0 :         assert(s);
     252             : 
     253             :         /* We split up user logs only on /var, not on /run. If the
     254             :          * runtime file is open, we write to it exclusively, in order
     255             :          * to guarantee proper order as soon as we flush /run to
     256             :          * /var and close the runtime file. */
     257             : 
     258           0 :         if (s->runtime_journal)
     259           0 :                 return s->runtime_journal;
     260             : 
     261           0 :         if (uid <= SYSTEM_UID_MAX)
     262           0 :                 return s->system_journal;
     263             : 
     264           0 :         r = sd_id128_get_machine(&machine);
     265           0 :         if (r < 0)
     266           0 :                 return s->system_journal;
     267             : 
     268           0 :         f = ordered_hashmap_get(s->user_journals, UINT32_TO_PTR(uid));
     269           0 :         if (f)
     270           0 :                 return f;
     271             : 
     272           0 :         if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/user-"UID_FMT".journal",
     273           0 :                      SD_ID128_FORMAT_VAL(machine), uid) < 0)
     274           0 :                 return s->system_journal;
     275             : 
     276           0 :         while (ordered_hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
     277             :                 /* Too many open? Then let's close one */
     278           0 :                 f = ordered_hashmap_steal_first(s->user_journals);
     279           0 :                 assert(f);
     280           0 :                 journal_file_close(f);
     281             :         }
     282             : 
     283           0 :         r = journal_file_open_reliably(p, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &f);
     284           0 :         if (r < 0)
     285           0 :                 return s->system_journal;
     286             : 
     287           0 :         server_fix_perms(s, f, uid);
     288             : 
     289           0 :         r = ordered_hashmap_put(s->user_journals, UINT32_TO_PTR(uid), f);
     290           0 :         if (r < 0) {
     291           0 :                 journal_file_close(f);
     292           0 :                 return s->system_journal;
     293             :         }
     294             : 
     295           0 :         return f;
     296             : }
     297             : 
     298           0 : static int do_rotate(
     299             :                 Server *s,
     300             :                 JournalFile **f,
     301             :                 const char* name,
     302             :                 bool seal,
     303             :                 uint32_t uid) {
     304             : 
     305             :         int r;
     306           0 :         assert(s);
     307             : 
     308           0 :         if (!*f)
     309           0 :                 return -EINVAL;
     310             : 
     311           0 :         r = journal_file_rotate(f, s->compress, seal);
     312           0 :         if (r < 0)
     313           0 :                 if (*f)
     314           0 :                         log_error_errno(r, "Failed to rotate %s: %m", (*f)->path);
     315             :                 else
     316           0 :                         log_error_errno(r, "Failed to create new %s journal: %m", name);
     317             :         else
     318           0 :                 server_fix_perms(s, *f, uid);
     319             : 
     320           0 :         return r;
     321             : }
     322             : 
     323           0 : void server_rotate(Server *s) {
     324             :         JournalFile *f;
     325             :         void *k;
     326             :         Iterator i;
     327             :         int r;
     328             : 
     329           0 :         log_debug("Rotating...");
     330             : 
     331           0 :         do_rotate(s, &s->runtime_journal, "runtime", false, 0);
     332           0 :         do_rotate(s, &s->system_journal, "system", s->seal, 0);
     333             : 
     334           0 :         ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
     335           0 :                 r = do_rotate(s, &f, "user", s->seal, PTR_TO_UINT32(k));
     336           0 :                 if (r >= 0)
     337           0 :                         ordered_hashmap_replace(s->user_journals, k, f);
     338           0 :                 else if (!f)
     339             :                         /* Old file has been closed and deallocated */
     340           0 :                         ordered_hashmap_remove(s->user_journals, k);
     341             :         }
     342           0 : }
     343             : 
     344           0 : void server_sync(Server *s) {
     345             :         JournalFile *f;
     346             :         void *k;
     347             :         Iterator i;
     348             :         int r;
     349             : 
     350           0 :         if (s->system_journal) {
     351           0 :                 r = journal_file_set_offline(s->system_journal);
     352           0 :                 if (r < 0)
     353           0 :                         log_error_errno(r, "Failed to sync system journal: %m");
     354             :         }
     355             : 
     356           0 :         ORDERED_HASHMAP_FOREACH_KEY(f, k, s->user_journals, i) {
     357           0 :                 r = journal_file_set_offline(f);
     358           0 :                 if (r < 0)
     359           0 :                         log_error_errno(r, "Failed to sync user journal: %m");
     360             :         }
     361             : 
     362           0 :         if (s->sync_event_source) {
     363           0 :                 r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_OFF);
     364           0 :                 if (r < 0)
     365           0 :                         log_error_errno(r, "Failed to disable sync timer source: %m");
     366             :         }
     367             : 
     368           0 :         s->sync_scheduled = false;
     369           0 : }
     370             : 
     371           0 : static void do_vacuum(
     372             :                 Server *s,
     373             :                 const char *id,
     374             :                 JournalFile *f,
     375             :                 const char* path,
     376             :                 JournalMetrics *metrics) {
     377             : 
     378             :         const char *p;
     379             :         int r;
     380             : 
     381           0 :         if (!f)
     382           0 :                 return;
     383             : 
     384           0 :         p = strjoina(path, id);
     385           0 :         r = journal_directory_vacuum(p, metrics->max_use, s->max_retention_usec, &s->oldest_file_usec, false);
     386           0 :         if (r < 0 && r != -ENOENT)
     387           0 :                 log_error_errno(r, "Failed to vacuum %s: %m", p);
     388             : }
     389             : 
     390           0 : void server_vacuum(Server *s) {
     391             :         char ids[33];
     392             :         sd_id128_t machine;
     393             :         int r;
     394             : 
     395           0 :         log_debug("Vacuuming...");
     396             : 
     397           0 :         s->oldest_file_usec = 0;
     398             : 
     399           0 :         r = sd_id128_get_machine(&machine);
     400           0 :         if (r < 0) {
     401           0 :                 log_error_errno(r, "Failed to get machine ID: %m");
     402           0 :                 return;
     403             :         }
     404           0 :         sd_id128_to_string(machine, ids);
     405             : 
     406           0 :         do_vacuum(s, ids, s->system_journal, "/var/log/journal/", &s->system_metrics);
     407           0 :         do_vacuum(s, ids, s->runtime_journal, "/run/log/journal/", &s->runtime_metrics);
     408             : 
     409           0 :         s->cached_available_space_timestamp = 0;
     410             : }
     411             : 
     412           0 : static void server_cache_machine_id(Server *s) {
     413             :         sd_id128_t id;
     414             :         int r;
     415             : 
     416           0 :         assert(s);
     417             : 
     418           0 :         r = sd_id128_get_machine(&id);
     419           0 :         if (r < 0)
     420           0 :                 return;
     421             : 
     422           0 :         sd_id128_to_string(id, stpcpy(s->machine_id_field, "_MACHINE_ID="));
     423             : }
     424             : 
     425           0 : static void server_cache_boot_id(Server *s) {
     426             :         sd_id128_t id;
     427             :         int r;
     428             : 
     429           0 :         assert(s);
     430             : 
     431           0 :         r = sd_id128_get_boot(&id);
     432           0 :         if (r < 0)
     433           0 :                 return;
     434             : 
     435           0 :         sd_id128_to_string(id, stpcpy(s->boot_id_field, "_BOOT_ID="));
     436             : }
     437             : 
     438           0 : static void server_cache_hostname(Server *s) {
     439           0 :         _cleanup_free_ char *t = NULL;
     440             :         char *x;
     441             : 
     442           0 :         assert(s);
     443             : 
     444           0 :         t = gethostname_malloc();
     445           0 :         if (!t)
     446           0 :                 return;
     447             : 
     448           0 :         x = strappend("_HOSTNAME=", t);
     449           0 :         if (!x)
     450           0 :                 return;
     451             : 
     452           0 :         free(s->hostname_field);
     453           0 :         s->hostname_field = x;
     454             : }
     455             : 
     456           0 : static bool shall_try_append_again(JournalFile *f, int r) {
     457             : 
     458             :         /* -E2BIG            Hit configured limit
     459             :            -EFBIG            Hit fs limit
     460             :            -EDQUOT           Quota limit hit
     461             :            -ENOSPC           Disk full
     462             :            -EIO              I/O error of some kind (mmap)
     463             :            -EHOSTDOWN        Other machine
     464             :            -EBUSY            Unclean shutdown
     465             :            -EPROTONOSUPPORT  Unsupported feature
     466             :            -EBADMSG          Corrupted
     467             :            -ENODATA          Truncated
     468             :            -ESHUTDOWN        Already archived
     469             :            -EIDRM            Journal file has been deleted */
     470             : 
     471           0 :         if (r == -E2BIG || r == -EFBIG || r == -EDQUOT || r == -ENOSPC)
     472           0 :                 log_debug("%s: Allocation limit reached, rotating.", f->path);
     473           0 :         else if (r == -EHOSTDOWN)
     474           0 :                 log_info("%s: Journal file from other machine, rotating.", f->path);
     475           0 :         else if (r == -EBUSY)
     476           0 :                 log_info("%s: Unclean shutdown, rotating.", f->path);
     477           0 :         else if (r == -EPROTONOSUPPORT)
     478           0 :                 log_info("%s: Unsupported feature, rotating.", f->path);
     479           0 :         else if (r == -EBADMSG || r == -ENODATA || r == ESHUTDOWN)
     480           0 :                 log_warning("%s: Journal file corrupted, rotating.", f->path);
     481           0 :         else if (r == -EIO)
     482           0 :                 log_warning("%s: IO error, rotating.", f->path);
     483           0 :         else if (r == -EIDRM)
     484           0 :                 log_warning("%s: Journal file has been deleted, rotating.", f->path);
     485             :         else
     486           0 :                 return false;
     487             : 
     488           0 :         return true;
     489             : }
     490             : 
     491           0 : static void write_to_journal(Server *s, uid_t uid, struct iovec *iovec, unsigned n, int priority) {
     492             :         JournalFile *f;
     493           0 :         bool vacuumed = false;
     494             :         int r;
     495             : 
     496           0 :         assert(s);
     497           0 :         assert(iovec);
     498           0 :         assert(n > 0);
     499             : 
     500           0 :         f = find_journal(s, uid);
     501           0 :         if (!f)
     502           0 :                 return;
     503             : 
     504           0 :         if (journal_file_rotate_suggested(f, s->max_file_usec)) {
     505           0 :                 log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
     506           0 :                 server_rotate(s);
     507           0 :                 server_vacuum(s);
     508           0 :                 vacuumed = true;
     509             : 
     510           0 :                 f = find_journal(s, uid);
     511           0 :                 if (!f)
     512           0 :                         return;
     513             :         }
     514             : 
     515           0 :         r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
     516           0 :         if (r >= 0) {
     517           0 :                 server_schedule_sync(s, priority);
     518           0 :                 return;
     519             :         }
     520             : 
     521           0 :         if (vacuumed || !shall_try_append_again(f, r)) {
     522           0 :                 log_error_errno(r, "Failed to write entry (%d items, %zu bytes), ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
     523           0 :                 return;
     524             :         }
     525             : 
     526           0 :         server_rotate(s);
     527           0 :         server_vacuum(s);
     528             : 
     529           0 :         f = find_journal(s, uid);
     530           0 :         if (!f)
     531           0 :                 return;
     532             : 
     533           0 :         log_debug("Retrying write.");
     534           0 :         r = journal_file_append_entry(f, NULL, iovec, n, &s->seqnum, NULL, NULL);
     535           0 :         if (r < 0)
     536           0 :                 log_error_errno(r, "Failed to write entry (%d items, %zu bytes) despite vacuuming, ignoring: %m", n, IOVEC_TOTAL_SIZE(iovec, n));
     537             :         else
     538           0 :                 server_schedule_sync(s, priority);
     539             : }
     540             : 
     541           0 : static void dispatch_message_real(
     542             :                 Server *s,
     543             :                 struct iovec *iovec, unsigned n, unsigned m,
     544             :                 const struct ucred *ucred,
     545             :                 const struct timeval *tv,
     546             :                 const char *label, size_t label_len,
     547             :                 const char *unit_id,
     548             :                 int priority,
     549             :                 pid_t object_pid) {
     550             : 
     551             :         char    pid[sizeof("_PID=") + DECIMAL_STR_MAX(pid_t)],
     552             :                 uid[sizeof("_UID=") + DECIMAL_STR_MAX(uid_t)],
     553             :                 gid[sizeof("_GID=") + DECIMAL_STR_MAX(gid_t)],
     554             :                 owner_uid[sizeof("_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)],
     555             :                 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
     556             :                 o_uid[sizeof("OBJECT_UID=") + DECIMAL_STR_MAX(uid_t)],
     557             :                 o_gid[sizeof("OBJECT_GID=") + DECIMAL_STR_MAX(gid_t)],
     558             :                 o_owner_uid[sizeof("OBJECT_SYSTEMD_OWNER_UID=") + DECIMAL_STR_MAX(uid_t)];
     559             :         uid_t object_uid;
     560             :         gid_t object_gid;
     561             :         char *x;
     562             :         int r;
     563             :         char *t, *c;
     564           0 :         uid_t realuid = 0, owner = 0, journal_uid;
     565           0 :         bool owner_valid = false;
     566             : #ifdef HAVE_AUDIT
     567             :         char    audit_session[sizeof("_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
     568             :                 audit_loginuid[sizeof("_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)],
     569             :                 o_audit_session[sizeof("OBJECT_AUDIT_SESSION=") + DECIMAL_STR_MAX(uint32_t)],
     570             :                 o_audit_loginuid[sizeof("OBJECT_AUDIT_LOGINUID=") + DECIMAL_STR_MAX(uid_t)];
     571             : 
     572             :         uint32_t audit;
     573             :         uid_t loginuid;
     574             : #endif
     575             : 
     576           0 :         assert(s);
     577           0 :         assert(iovec);
     578           0 :         assert(n > 0);
     579           0 :         assert(n + N_IOVEC_META_FIELDS + (object_pid ? N_IOVEC_OBJECT_FIELDS : 0) <= m);
     580             : 
     581           0 :         if (ucred) {
     582           0 :                 realuid = ucred->uid;
     583             : 
     584           0 :                 sprintf(pid, "_PID="PID_FMT, ucred->pid);
     585           0 :                 IOVEC_SET_STRING(iovec[n++], pid);
     586             : 
     587           0 :                 sprintf(uid, "_UID="UID_FMT, ucred->uid);
     588           0 :                 IOVEC_SET_STRING(iovec[n++], uid);
     589             : 
     590           0 :                 sprintf(gid, "_GID="GID_FMT, ucred->gid);
     591           0 :                 IOVEC_SET_STRING(iovec[n++], gid);
     592             : 
     593           0 :                 r = get_process_comm(ucred->pid, &t);
     594           0 :                 if (r >= 0) {
     595           0 :                         x = strjoina("_COMM=", t);
     596           0 :                         free(t);
     597           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     598             :                 }
     599             : 
     600           0 :                 r = get_process_exe(ucred->pid, &t);
     601           0 :                 if (r >= 0) {
     602           0 :                         x = strjoina("_EXE=", t);
     603           0 :                         free(t);
     604           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     605             :                 }
     606             : 
     607           0 :                 r = get_process_cmdline(ucred->pid, 0, false, &t);
     608           0 :                 if (r >= 0) {
     609           0 :                         x = strjoina("_CMDLINE=", t);
     610           0 :                         free(t);
     611           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     612             :                 }
     613             : 
     614           0 :                 r = get_process_capeff(ucred->pid, &t);
     615           0 :                 if (r >= 0) {
     616           0 :                         x = strjoina("_CAP_EFFECTIVE=", t);
     617           0 :                         free(t);
     618           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     619             :                 }
     620             : 
     621             : #ifdef HAVE_AUDIT
     622           0 :                 r = audit_session_from_pid(ucred->pid, &audit);
     623           0 :                 if (r >= 0) {
     624           0 :                         sprintf(audit_session, "_AUDIT_SESSION=%"PRIu32, audit);
     625           0 :                         IOVEC_SET_STRING(iovec[n++], audit_session);
     626             :                 }
     627             : 
     628           0 :                 r = audit_loginuid_from_pid(ucred->pid, &loginuid);
     629           0 :                 if (r >= 0) {
     630           0 :                         sprintf(audit_loginuid, "_AUDIT_LOGINUID="UID_FMT, loginuid);
     631           0 :                         IOVEC_SET_STRING(iovec[n++], audit_loginuid);
     632             :                 }
     633             : #endif
     634             : 
     635           0 :                 r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &c);
     636           0 :                 if (r >= 0) {
     637           0 :                         char *session = NULL;
     638             : 
     639           0 :                         x = strjoina("_SYSTEMD_CGROUP=", c);
     640           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     641             : 
     642           0 :                         r = cg_path_get_session(c, &t);
     643           0 :                         if (r >= 0) {
     644           0 :                                 session = strjoina("_SYSTEMD_SESSION=", t);
     645           0 :                                 free(t);
     646           0 :                                 IOVEC_SET_STRING(iovec[n++], session);
     647             :                         }
     648             : 
     649           0 :                         if (cg_path_get_owner_uid(c, &owner) >= 0) {
     650           0 :                                 owner_valid = true;
     651             : 
     652           0 :                                 sprintf(owner_uid, "_SYSTEMD_OWNER_UID="UID_FMT, owner);
     653           0 :                                 IOVEC_SET_STRING(iovec[n++], owner_uid);
     654             :                         }
     655             : 
     656           0 :                         if (cg_path_get_unit(c, &t) >= 0) {
     657           0 :                                 x = strjoina("_SYSTEMD_UNIT=", t);
     658           0 :                                 free(t);
     659           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     660           0 :                         } else if (unit_id && !session) {
     661           0 :                                 x = strjoina("_SYSTEMD_UNIT=", unit_id);
     662           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     663             :                         }
     664             : 
     665           0 :                         if (cg_path_get_user_unit(c, &t) >= 0) {
     666           0 :                                 x = strjoina("_SYSTEMD_USER_UNIT=", t);
     667           0 :                                 free(t);
     668           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     669           0 :                         } else if (unit_id && session) {
     670           0 :                                 x = strjoina("_SYSTEMD_USER_UNIT=", unit_id);
     671           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     672             :                         }
     673             : 
     674           0 :                         if (cg_path_get_slice(c, &t) >= 0) {
     675           0 :                                 x = strjoina("_SYSTEMD_SLICE=", t);
     676           0 :                                 free(t);
     677           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     678             :                         }
     679             : 
     680           0 :                         free(c);
     681           0 :                 } else if (unit_id) {
     682           0 :                         x = strjoina("_SYSTEMD_UNIT=", unit_id);
     683           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     684             :                 }
     685             : 
     686             : #ifdef HAVE_SELINUX
     687             :                 if (mac_selinux_use()) {
     688             :                         if (label) {
     689             :                                 x = alloca(strlen("_SELINUX_CONTEXT=") + label_len + 1);
     690             : 
     691             :                                 *((char*) mempcpy(stpcpy(x, "_SELINUX_CONTEXT="), label, label_len)) = 0;
     692             :                                 IOVEC_SET_STRING(iovec[n++], x);
     693             :                         } else {
     694             :                                 security_context_t con;
     695             : 
     696             :                                 if (getpidcon(ucred->pid, &con) >= 0) {
     697             :                                         x = strjoina("_SELINUX_CONTEXT=", con);
     698             : 
     699             :                                         freecon(con);
     700             :                                         IOVEC_SET_STRING(iovec[n++], x);
     701             :                                 }
     702             :                         }
     703             :                 }
     704             : #endif
     705             :         }
     706           0 :         assert(n <= m);
     707             : 
     708           0 :         if (object_pid) {
     709           0 :                 r = get_process_uid(object_pid, &object_uid);
     710           0 :                 if (r >= 0) {
     711           0 :                         sprintf(o_uid, "OBJECT_UID="UID_FMT, object_uid);
     712           0 :                         IOVEC_SET_STRING(iovec[n++], o_uid);
     713             :                 }
     714             : 
     715           0 :                 r = get_process_gid(object_pid, &object_gid);
     716           0 :                 if (r >= 0) {
     717           0 :                         sprintf(o_gid, "OBJECT_GID="GID_FMT, object_gid);
     718           0 :                         IOVEC_SET_STRING(iovec[n++], o_gid);
     719             :                 }
     720             : 
     721           0 :                 r = get_process_comm(object_pid, &t);
     722           0 :                 if (r >= 0) {
     723           0 :                         x = strjoina("OBJECT_COMM=", t);
     724           0 :                         free(t);
     725           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     726             :                 }
     727             : 
     728           0 :                 r = get_process_exe(object_pid, &t);
     729           0 :                 if (r >= 0) {
     730           0 :                         x = strjoina("OBJECT_EXE=", t);
     731           0 :                         free(t);
     732           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     733             :                 }
     734             : 
     735           0 :                 r = get_process_cmdline(object_pid, 0, false, &t);
     736           0 :                 if (r >= 0) {
     737           0 :                         x = strjoina("OBJECT_CMDLINE=", t);
     738           0 :                         free(t);
     739           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     740             :                 }
     741             : 
     742             : #ifdef HAVE_AUDIT
     743           0 :                 r = audit_session_from_pid(object_pid, &audit);
     744           0 :                 if (r >= 0) {
     745           0 :                         sprintf(o_audit_session, "OBJECT_AUDIT_SESSION=%"PRIu32, audit);
     746           0 :                         IOVEC_SET_STRING(iovec[n++], o_audit_session);
     747             :                 }
     748             : 
     749           0 :                 r = audit_loginuid_from_pid(object_pid, &loginuid);
     750           0 :                 if (r >= 0) {
     751           0 :                         sprintf(o_audit_loginuid, "OBJECT_AUDIT_LOGINUID="UID_FMT, loginuid);
     752           0 :                         IOVEC_SET_STRING(iovec[n++], o_audit_loginuid);
     753             :                 }
     754             : #endif
     755             : 
     756           0 :                 r = cg_pid_get_path_shifted(object_pid, s->cgroup_root, &c);
     757           0 :                 if (r >= 0) {
     758           0 :                         x = strjoina("OBJECT_SYSTEMD_CGROUP=", c);
     759           0 :                         IOVEC_SET_STRING(iovec[n++], x);
     760             : 
     761           0 :                         r = cg_path_get_session(c, &t);
     762           0 :                         if (r >= 0) {
     763           0 :                                 x = strjoina("OBJECT_SYSTEMD_SESSION=", t);
     764           0 :                                 free(t);
     765           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     766             :                         }
     767             : 
     768           0 :                         if (cg_path_get_owner_uid(c, &owner) >= 0) {
     769           0 :                                 sprintf(o_owner_uid, "OBJECT_SYSTEMD_OWNER_UID="UID_FMT, owner);
     770           0 :                                 IOVEC_SET_STRING(iovec[n++], o_owner_uid);
     771             :                         }
     772             : 
     773           0 :                         if (cg_path_get_unit(c, &t) >= 0) {
     774           0 :                                 x = strjoina("OBJECT_SYSTEMD_UNIT=", t);
     775           0 :                                 free(t);
     776           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     777             :                         }
     778             : 
     779           0 :                         if (cg_path_get_user_unit(c, &t) >= 0) {
     780           0 :                                 x = strjoina("OBJECT_SYSTEMD_USER_UNIT=", t);
     781           0 :                                 free(t);
     782           0 :                                 IOVEC_SET_STRING(iovec[n++], x);
     783             :                         }
     784             : 
     785           0 :                         free(c);
     786             :                 }
     787             :         }
     788           0 :         assert(n <= m);
     789             : 
     790           0 :         if (tv) {
     791           0 :                 sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=%llu", (unsigned long long) timeval_load(tv));
     792           0 :                 IOVEC_SET_STRING(iovec[n++], source_time);
     793             :         }
     794             : 
     795             :         /* Note that strictly speaking storing the boot id here is
     796             :          * redundant since the entry includes this in-line
     797             :          * anyway. However, we need this indexed, too. */
     798           0 :         if (!isempty(s->boot_id_field))
     799           0 :                 IOVEC_SET_STRING(iovec[n++], s->boot_id_field);
     800             : 
     801           0 :         if (!isempty(s->machine_id_field))
     802           0 :                 IOVEC_SET_STRING(iovec[n++], s->machine_id_field);
     803             : 
     804           0 :         if (!isempty(s->hostname_field))
     805           0 :                 IOVEC_SET_STRING(iovec[n++], s->hostname_field);
     806             : 
     807           0 :         assert(n <= m);
     808             : 
     809           0 :         if (s->split_mode == SPLIT_UID && realuid > 0)
     810             :                 /* Split up strictly by any UID */
     811           0 :                 journal_uid = realuid;
     812           0 :         else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
     813             :                 /* Split up by login UIDs.  We do this only if the
     814             :                  * realuid is not root, in order not to accidentally
     815             :                  * leak privileged information to the user that is
     816             :                  * logged by a privileged process that is part of an
     817             :                  * unprivileged session. */
     818           0 :                 journal_uid = owner;
     819             :         else
     820           0 :                 journal_uid = 0;
     821             : 
     822           0 :         write_to_journal(s, journal_uid, iovec, n, priority);
     823           0 : }
     824             : 
     825           0 : void server_driver_message(Server *s, sd_id128_t message_id, const char *format, ...) {
     826             :         char mid[11 + 32 + 1];
     827             :         char buffer[16 + LINE_MAX + 1];
     828             :         struct iovec iovec[N_IOVEC_META_FIELDS + 4];
     829           0 :         int n = 0;
     830             :         va_list ap;
     831           0 :         struct ucred ucred = {};
     832             : 
     833           0 :         assert(s);
     834           0 :         assert(format);
     835             : 
     836           0 :         IOVEC_SET_STRING(iovec[n++], "PRIORITY=6");
     837           0 :         IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=driver");
     838             : 
     839           0 :         memcpy(buffer, "MESSAGE=", 8);
     840           0 :         va_start(ap, format);
     841           0 :         vsnprintf(buffer + 8, sizeof(buffer) - 8, format, ap);
     842           0 :         va_end(ap);
     843           0 :         IOVEC_SET_STRING(iovec[n++], buffer);
     844             : 
     845           0 :         if (!sd_id128_equal(message_id, SD_ID128_NULL)) {
     846           0 :                 snprintf(mid, sizeof(mid), LOG_MESSAGE_ID(message_id));
     847           0 :                 IOVEC_SET_STRING(iovec[n++], mid);
     848             :         }
     849             : 
     850           0 :         ucred.pid = getpid();
     851           0 :         ucred.uid = getuid();
     852           0 :         ucred.gid = getgid();
     853             : 
     854           0 :         dispatch_message_real(s, iovec, n, ELEMENTSOF(iovec), &ucred, NULL, NULL, 0, NULL, LOG_INFO, 0);
     855           0 : }
     856             : 
     857           0 : void server_dispatch_message(
     858             :                 Server *s,
     859             :                 struct iovec *iovec, unsigned n, unsigned m,
     860             :                 const struct ucred *ucred,
     861             :                 const struct timeval *tv,
     862             :                 const char *label, size_t label_len,
     863             :                 const char *unit_id,
     864             :                 int priority,
     865             :                 pid_t object_pid) {
     866             : 
     867             :         int rl, r;
     868           0 :         _cleanup_free_ char *path = NULL;
     869             :         char *c;
     870             : 
     871           0 :         assert(s);
     872           0 :         assert(iovec || n == 0);
     873             : 
     874           0 :         if (n == 0)
     875           0 :                 return;
     876             : 
     877           0 :         if (LOG_PRI(priority) > s->max_level_store)
     878           0 :                 return;
     879             : 
     880             :         /* Stop early in case the information will not be stored
     881             :          * in a journal. */
     882           0 :         if (s->storage == STORAGE_NONE)
     883           0 :                 return;
     884             : 
     885           0 :         if (!ucred)
     886           0 :                 goto finish;
     887             : 
     888           0 :         r = cg_pid_get_path_shifted(ucred->pid, s->cgroup_root, &path);
     889           0 :         if (r < 0)
     890           0 :                 goto finish;
     891             : 
     892             :         /* example: /user/lennart/3/foobar
     893             :          *          /system/dbus.service/foobar
     894             :          *
     895             :          * So let's cut of everything past the third /, since that is
     896             :          * where user directories start */
     897             : 
     898           0 :         c = strchr(path, '/');
     899           0 :         if (c) {
     900           0 :                 c = strchr(c+1, '/');
     901           0 :                 if (c) {
     902           0 :                         c = strchr(c+1, '/');
     903           0 :                         if (c)
     904           0 :                                 *c = 0;
     905             :                 }
     906             :         }
     907             : 
     908           0 :         rl = journal_rate_limit_test(s->rate_limit, path,
     909             :                                      priority & LOG_PRIMASK, available_space(s, false));
     910             : 
     911           0 :         if (rl == 0)
     912           0 :                 return;
     913             : 
     914             :         /* Write a suppression message if we suppressed something */
     915           0 :         if (rl > 1)
     916           0 :                 server_driver_message(s, SD_MESSAGE_JOURNAL_DROPPED,
     917             :                                       "Suppressed %u messages from %s", rl - 1, path);
     918             : 
     919             : finish:
     920           0 :         dispatch_message_real(s, iovec, n, m, ucred, tv, label, label_len, unit_id, priority, object_pid);
     921             : }
     922             : 
     923             : 
     924           0 : static int system_journal_open(Server *s, bool flush_requested) {
     925             :         int r;
     926             :         char *fn;
     927             :         sd_id128_t machine;
     928             :         char ids[33];
     929             : 
     930           0 :         r = sd_id128_get_machine(&machine);
     931           0 :         if (r < 0)
     932           0 :                 return log_error_errno(r, "Failed to get machine id: %m");
     933             : 
     934           0 :         sd_id128_to_string(machine, ids);
     935             : 
     936           0 :         if (!s->system_journal &&
     937           0 :             (s->storage == STORAGE_PERSISTENT || s->storage == STORAGE_AUTO) &&
     938             :             (flush_requested
     939           0 :              || access("/run/systemd/journal/flushed", F_OK) >= 0)) {
     940             : 
     941             :                 /* If in auto mode: first try to create the machine
     942             :                  * path, but not the prefix.
     943             :                  *
     944             :                  * If in persistent mode: create /var/log/journal and
     945             :                  * the machine path */
     946             : 
     947           0 :                 if (s->storage == STORAGE_PERSISTENT)
     948           0 :                         (void) mkdir_p("/var/log/journal/", 0755);
     949             : 
     950           0 :                 fn = strjoina("/var/log/journal/", ids);
     951           0 :                 (void) mkdir(fn, 0755);
     952             : 
     953           0 :                 fn = strjoina(fn, "/system.journal");
     954           0 :                 r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
     955             : 
     956           0 :                 if (r >= 0)
     957           0 :                         server_fix_perms(s, s->system_journal, 0);
     958           0 :                 else if (r < 0) {
     959           0 :                         if (r != -ENOENT && r != -EROFS)
     960           0 :                                 log_warning_errno(r, "Failed to open system journal: %m");
     961             : 
     962           0 :                         r = 0;
     963             :                 }
     964             :         }
     965             : 
     966           0 :         if (!s->runtime_journal &&
     967           0 :             (s->storage != STORAGE_NONE)) {
     968             : 
     969           0 :                 fn = strjoin("/run/log/journal/", ids, "/system.journal", NULL);
     970           0 :                 if (!fn)
     971           0 :                         return -ENOMEM;
     972             : 
     973           0 :                 if (s->system_journal) {
     974             : 
     975             :                         /* Try to open the runtime journal, but only
     976             :                          * if it already exists, so that we can flush
     977             :                          * it into the system journal */
     978             : 
     979           0 :                         r = journal_file_open(fn, O_RDWR, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
     980           0 :                         free(fn);
     981             : 
     982           0 :                         if (r < 0) {
     983           0 :                                 if (r != -ENOENT)
     984           0 :                                         log_warning_errno(r, "Failed to open runtime journal: %m");
     985             : 
     986           0 :                                 r = 0;
     987             :                         }
     988             : 
     989             :                 } else {
     990             : 
     991             :                         /* OK, we really need the runtime journal, so create
     992             :                          * it if necessary. */
     993             : 
     994           0 :                         (void) mkdir("/run/log", 0755);
     995           0 :                         (void) mkdir("/run/log/journal", 0755);
     996           0 :                         (void) mkdir_parents(fn, 0750);
     997             : 
     998           0 :                         r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, false, &s->runtime_metrics, s->mmap, NULL, &s->runtime_journal);
     999           0 :                         free(fn);
    1000             : 
    1001           0 :                         if (r < 0)
    1002           0 :                                 return log_error_errno(r, "Failed to open runtime journal: %m");
    1003             :                 }
    1004             : 
    1005           0 :                 if (s->runtime_journal)
    1006           0 :                         server_fix_perms(s, s->runtime_journal, 0);
    1007             :         }
    1008             : 
    1009           0 :         available_space(s, true);
    1010             : 
    1011           0 :         return r;
    1012             : }
    1013             : 
    1014           0 : int server_flush_to_var(Server *s) {
    1015             :         sd_id128_t machine;
    1016           0 :         sd_journal *j = NULL;
    1017             :         char ts[FORMAT_TIMESPAN_MAX];
    1018             :         usec_t start;
    1019           0 :         unsigned n = 0;
    1020             :         int r;
    1021             : 
    1022           0 :         assert(s);
    1023             : 
    1024           0 :         if (s->storage != STORAGE_AUTO &&
    1025           0 :             s->storage != STORAGE_PERSISTENT)
    1026           0 :                 return 0;
    1027             : 
    1028           0 :         if (!s->runtime_journal)
    1029           0 :                 return 0;
    1030             : 
    1031           0 :         system_journal_open(s, true);
    1032             : 
    1033           0 :         if (!s->system_journal)
    1034           0 :                 return 0;
    1035             : 
    1036           0 :         log_debug("Flushing to /var...");
    1037             : 
    1038           0 :         start = now(CLOCK_MONOTONIC);
    1039             : 
    1040           0 :         r = sd_id128_get_machine(&machine);
    1041           0 :         if (r < 0)
    1042           0 :                 return r;
    1043             : 
    1044           0 :         r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
    1045           0 :         if (r < 0)
    1046           0 :                 return log_error_errno(r, "Failed to read runtime journal: %m");
    1047             : 
    1048           0 :         sd_journal_set_data_threshold(j, 0);
    1049             : 
    1050           0 :         SD_JOURNAL_FOREACH(j) {
    1051           0 :                 Object *o = NULL;
    1052             :                 JournalFile *f;
    1053             : 
    1054           0 :                 f = j->current_file;
    1055           0 :                 assert(f && f->current_offset > 0);
    1056             : 
    1057           0 :                 n++;
    1058             : 
    1059           0 :                 r = journal_file_move_to_object(f, OBJECT_ENTRY, f->current_offset, &o);
    1060           0 :                 if (r < 0) {
    1061           0 :                         log_error_errno(r, "Can't read entry: %m");
    1062           0 :                         goto finish;
    1063             :                 }
    1064             : 
    1065           0 :                 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
    1066           0 :                 if (r >= 0)
    1067           0 :                         continue;
    1068             : 
    1069           0 :                 if (!shall_try_append_again(s->system_journal, r)) {
    1070           0 :                         log_error_errno(r, "Can't write entry: %m");
    1071           0 :                         goto finish;
    1072             :                 }
    1073             : 
    1074           0 :                 server_rotate(s);
    1075           0 :                 server_vacuum(s);
    1076             : 
    1077           0 :                 if (!s->system_journal) {
    1078           0 :                         log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
    1079           0 :                         r = -EIO;
    1080           0 :                         goto finish;
    1081             :                 }
    1082             : 
    1083           0 :                 log_debug("Retrying write.");
    1084           0 :                 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
    1085           0 :                 if (r < 0) {
    1086           0 :                         log_error_errno(r, "Can't write entry: %m");
    1087           0 :                         goto finish;
    1088             :                 }
    1089             :         }
    1090             : 
    1091             : finish:
    1092           0 :         journal_file_post_change(s->system_journal);
    1093             : 
    1094           0 :         journal_file_close(s->runtime_journal);
    1095           0 :         s->runtime_journal = NULL;
    1096             : 
    1097           0 :         if (r >= 0)
    1098           0 :                 (void) rm_rf("/run/log/journal", REMOVE_ROOT);
    1099             : 
    1100           0 :         sd_journal_close(j);
    1101             : 
    1102           0 :         server_driver_message(s, SD_ID128_NULL, "Time spent on flushing to /var is %s for %u entries.", format_timespan(ts, sizeof(ts), now(CLOCK_MONOTONIC) - start, 0), n);
    1103             : 
    1104           0 :         return r;
    1105             : }
    1106             : 
    1107           0 : int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
    1108           0 :         Server *s = userdata;
    1109           0 :         struct ucred *ucred = NULL;
    1110           0 :         struct timeval *tv = NULL;
    1111             :         struct cmsghdr *cmsg;
    1112           0 :         char *label = NULL;
    1113           0 :         size_t label_len = 0, m;
    1114             :         struct iovec iovec;
    1115             :         ssize_t n;
    1116           0 :         int *fds = NULL, v = 0;
    1117           0 :         unsigned n_fds = 0;
    1118             : 
    1119             :         union {
    1120             :                 struct cmsghdr cmsghdr;
    1121             : 
    1122             :                 /* We use NAME_MAX space for the SELinux label
    1123             :                  * here. The kernel currently enforces no
    1124             :                  * limit, but according to suggestions from
    1125             :                  * the SELinux people this will change and it
    1126             :                  * will probably be identical to NAME_MAX. For
    1127             :                  * now we use that, but this should be updated
    1128             :                  * one day when the final limit is known. */
    1129             :                 uint8_t buf[CMSG_SPACE(sizeof(struct ucred)) +
    1130             :                             CMSG_SPACE(sizeof(struct timeval)) +
    1131             :                             CMSG_SPACE(sizeof(int)) + /* fd */
    1132             :                             CMSG_SPACE(NAME_MAX)]; /* selinux label */
    1133           0 :         } control = {};
    1134             : 
    1135           0 :         union sockaddr_union sa = {};
    1136             : 
    1137           0 :         struct msghdr msghdr = {
    1138             :                 .msg_iov = &iovec,
    1139             :                 .msg_iovlen = 1,
    1140             :                 .msg_control = &control,
    1141             :                 .msg_controllen = sizeof(control),
    1142             :                 .msg_name = &sa,
    1143             :                 .msg_namelen = sizeof(sa),
    1144             :         };
    1145             : 
    1146           0 :         assert(s);
    1147           0 :         assert(fd == s->native_fd || fd == s->syslog_fd || fd == s->audit_fd);
    1148             : 
    1149           0 :         if (revents != EPOLLIN) {
    1150           0 :                 log_error("Got invalid event from epoll for datagram fd: %"PRIx32, revents);
    1151           0 :                 return -EIO;
    1152             :         }
    1153             : 
    1154             :         /* Try to get the right size, if we can. (Not all
    1155             :          * sockets support SIOCINQ, hence we just try, but
    1156             :          * don't rely on it. */
    1157           0 :         (void) ioctl(fd, SIOCINQ, &v);
    1158             : 
    1159             :         /* Fix it up, if it is too small. We use the same fixed value as auditd here. Awful! */
    1160           0 :         m = PAGE_ALIGN(MAX3((size_t) v + 1,
    1161             :                             (size_t) LINE_MAX,
    1162             :                             ALIGN(sizeof(struct nlmsghdr)) + ALIGN((size_t) MAX_AUDIT_MESSAGE_LENGTH)) + 1);
    1163             : 
    1164           0 :         if (!GREEDY_REALLOC(s->buffer, s->buffer_size, m))
    1165           0 :                 return log_oom();
    1166             : 
    1167           0 :         iovec.iov_base = s->buffer;
    1168           0 :         iovec.iov_len = s->buffer_size - 1; /* Leave room for trailing NUL we add later */
    1169             : 
    1170           0 :         n = recvmsg(fd, &msghdr, MSG_DONTWAIT|MSG_CMSG_CLOEXEC);
    1171           0 :         if (n < 0) {
    1172           0 :                 if (errno == EINTR || errno == EAGAIN)
    1173           0 :                         return 0;
    1174             : 
    1175           0 :                 return log_error_errno(errno, "recvmsg() failed: %m");
    1176             :         }
    1177             : 
    1178           0 :         CMSG_FOREACH(cmsg, &msghdr) {
    1179             : 
    1180           0 :                 if (cmsg->cmsg_level == SOL_SOCKET &&
    1181           0 :                     cmsg->cmsg_type == SCM_CREDENTIALS &&
    1182           0 :                     cmsg->cmsg_len == CMSG_LEN(sizeof(struct ucred)))
    1183           0 :                         ucred = (struct ucred*) CMSG_DATA(cmsg);
    1184           0 :                 else if (cmsg->cmsg_level == SOL_SOCKET &&
    1185           0 :                          cmsg->cmsg_type == SCM_SECURITY) {
    1186           0 :                         label = (char*) CMSG_DATA(cmsg);
    1187           0 :                         label_len = cmsg->cmsg_len - CMSG_LEN(0);
    1188           0 :                 } else if (cmsg->cmsg_level == SOL_SOCKET &&
    1189           0 :                            cmsg->cmsg_type == SO_TIMESTAMP &&
    1190           0 :                            cmsg->cmsg_len == CMSG_LEN(sizeof(struct timeval)))
    1191           0 :                         tv = (struct timeval*) CMSG_DATA(cmsg);
    1192           0 :                 else if (cmsg->cmsg_level == SOL_SOCKET &&
    1193           0 :                          cmsg->cmsg_type == SCM_RIGHTS) {
    1194           0 :                         fds = (int*) CMSG_DATA(cmsg);
    1195           0 :                         n_fds = (cmsg->cmsg_len - CMSG_LEN(0)) / sizeof(int);
    1196             :                 }
    1197             :         }
    1198             : 
    1199             :         /* And a trailing NUL, just in case */
    1200           0 :         s->buffer[n] = 0;
    1201             : 
    1202           0 :         if (fd == s->syslog_fd) {
    1203           0 :                 if (n > 0 && n_fds == 0)
    1204           0 :                         server_process_syslog_message(s, strstrip(s->buffer), ucred, tv, label, label_len);
    1205           0 :                 else if (n_fds > 0)
    1206           0 :                         log_warning("Got file descriptors via syslog socket. Ignoring.");
    1207             : 
    1208           0 :         } else if (fd == s->native_fd) {
    1209           0 :                 if (n > 0 && n_fds == 0)
    1210           0 :                         server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
    1211           0 :                 else if (n == 0 && n_fds == 1)
    1212           0 :                         server_process_native_file(s, fds[0], ucred, tv, label, label_len);
    1213           0 :                 else if (n_fds > 0)
    1214           0 :                         log_warning("Got too many file descriptors via native socket. Ignoring.");
    1215             : 
    1216             :         } else {
    1217           0 :                 assert(fd == s->audit_fd);
    1218             : 
    1219           0 :                 if (n > 0 && n_fds == 0)
    1220           0 :                         server_process_audit_message(s, s->buffer, n, ucred, &sa, msghdr.msg_namelen);
    1221           0 :                 else if (n_fds > 0)
    1222           0 :                         log_warning("Got file descriptors via audit socket. Ignoring.");
    1223             :         }
    1224             : 
    1225           0 :         close_many(fds, n_fds);
    1226           0 :         return 0;
    1227             : }
    1228             : 
    1229           0 : static int dispatch_sigusr1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
    1230           0 :         Server *s = userdata;
    1231             : 
    1232           0 :         assert(s);
    1233             : 
    1234           0 :         log_info("Received request to flush runtime journal from PID %"PRIu32, si->ssi_pid);
    1235             : 
    1236           0 :         server_flush_to_var(s);
    1237           0 :         server_sync(s);
    1238           0 :         server_vacuum(s);
    1239             : 
    1240           0 :         touch("/run/systemd/journal/flushed");
    1241             : 
    1242           0 :         return 0;
    1243             : }
    1244             : 
    1245           0 : static int dispatch_sigusr2(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
    1246           0 :         Server *s = userdata;
    1247             : 
    1248           0 :         assert(s);
    1249             : 
    1250           0 :         log_info("Received request to rotate journal from PID %"PRIu32, si->ssi_pid);
    1251           0 :         server_rotate(s);
    1252           0 :         server_vacuum(s);
    1253             : 
    1254           0 :         return 0;
    1255             : }
    1256             : 
    1257           0 : static int dispatch_sigterm(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
    1258           0 :         Server *s = userdata;
    1259             : 
    1260           0 :         assert(s);
    1261             : 
    1262           0 :         log_received_signal(LOG_INFO, si);
    1263             : 
    1264           0 :         sd_event_exit(s->event, 0);
    1265           0 :         return 0;
    1266             : }
    1267             : 
    1268           0 : static int setup_signals(Server *s) {
    1269             :         int r;
    1270             : 
    1271           0 :         assert(s);
    1272             : 
    1273           0 :         assert(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, -1) >= 0);
    1274             : 
    1275           0 :         r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s);
    1276           0 :         if (r < 0)
    1277           0 :                 return r;
    1278             : 
    1279           0 :         r = sd_event_add_signal(s->event, &s->sigusr2_event_source, SIGUSR2, dispatch_sigusr2, s);
    1280           0 :         if (r < 0)
    1281           0 :                 return r;
    1282             : 
    1283           0 :         r = sd_event_add_signal(s->event, &s->sigterm_event_source, SIGTERM, dispatch_sigterm, s);
    1284           0 :         if (r < 0)
    1285           0 :                 return r;
    1286             : 
    1287           0 :         r = sd_event_add_signal(s->event, &s->sigint_event_source, SIGINT, dispatch_sigterm, s);
    1288           0 :         if (r < 0)
    1289           0 :                 return r;
    1290             : 
    1291           0 :         return 0;
    1292             : }
    1293             : 
    1294           0 : static int server_parse_proc_cmdline(Server *s) {
    1295           0 :         _cleanup_free_ char *line = NULL;
    1296             :         const char *w, *state;
    1297             :         size_t l;
    1298             :         int r;
    1299             : 
    1300           0 :         r = proc_cmdline(&line);
    1301           0 :         if (r < 0) {
    1302           0 :                 log_warning_errno(r, "Failed to read /proc/cmdline, ignoring: %m");
    1303           0 :                 return 0;
    1304             :         }
    1305             : 
    1306           0 :         FOREACH_WORD_QUOTED(w, l, line, state) {
    1307           0 :                 _cleanup_free_ char *word;
    1308             : 
    1309           0 :                 word = strndup(w, l);
    1310           0 :                 if (!word)
    1311           0 :                         return -ENOMEM;
    1312             : 
    1313           0 :                 if (startswith(word, "systemd.journald.forward_to_syslog=")) {
    1314           0 :                         r = parse_boolean(word + 35);
    1315           0 :                         if (r < 0)
    1316           0 :                                 log_warning("Failed to parse forward to syslog switch %s. Ignoring.", word + 35);
    1317             :                         else
    1318           0 :                                 s->forward_to_syslog = r;
    1319           0 :                 } else if (startswith(word, "systemd.journald.forward_to_kmsg=")) {
    1320           0 :                         r = parse_boolean(word + 33);
    1321           0 :                         if (r < 0)
    1322           0 :                                 log_warning("Failed to parse forward to kmsg switch %s. Ignoring.", word + 33);
    1323             :                         else
    1324           0 :                                 s->forward_to_kmsg = r;
    1325           0 :                 } else if (startswith(word, "systemd.journald.forward_to_console=")) {
    1326           0 :                         r = parse_boolean(word + 36);
    1327           0 :                         if (r < 0)
    1328           0 :                                 log_warning("Failed to parse forward to console switch %s. Ignoring.", word + 36);
    1329             :                         else
    1330           0 :                                 s->forward_to_console = r;
    1331           0 :                 } else if (startswith(word, "systemd.journald.forward_to_wall=")) {
    1332           0 :                         r = parse_boolean(word + 33);
    1333           0 :                         if (r < 0)
    1334           0 :                                 log_warning("Failed to parse forward to wall switch %s. Ignoring.", word + 33);
    1335             :                         else
    1336           0 :                                 s->forward_to_wall = r;
    1337           0 :                 } else if (startswith(word, "systemd.journald"))
    1338           0 :                         log_warning("Invalid systemd.journald parameter. Ignoring.");
    1339             :         }
    1340             :         /* do not warn about state here, since probably systemd already did */
    1341             : 
    1342           0 :         return 0;
    1343             : }
    1344             : 
    1345           0 : static int server_parse_config_file(Server *s) {
    1346           0 :         assert(s);
    1347             : 
    1348           0 :         return config_parse_many("/etc/systemd/journald.conf",
    1349             :                                  CONF_DIRS_NULSTR("systemd/journald.conf"),
    1350             :                                  "Journal\0",
    1351             :                                  config_item_perf_lookup, journald_gperf_lookup,
    1352             :                                  false, s);
    1353             : }
    1354             : 
    1355           0 : static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
    1356           0 :         Server *s = userdata;
    1357             : 
    1358           0 :         assert(s);
    1359             : 
    1360           0 :         server_sync(s);
    1361           0 :         return 0;
    1362             : }
    1363             : 
    1364           0 : int server_schedule_sync(Server *s, int priority) {
    1365             :         int r;
    1366             : 
    1367           0 :         assert(s);
    1368             : 
    1369           0 :         if (priority <= LOG_CRIT) {
    1370             :                 /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
    1371           0 :                 server_sync(s);
    1372           0 :                 return 0;
    1373             :         }
    1374             : 
    1375           0 :         if (s->sync_scheduled)
    1376           0 :                 return 0;
    1377             : 
    1378           0 :         if (s->sync_interval_usec > 0) {
    1379             :                 usec_t when;
    1380             : 
    1381           0 :                 r = sd_event_now(s->event, CLOCK_MONOTONIC, &when);
    1382           0 :                 if (r < 0)
    1383           0 :                         return r;
    1384             : 
    1385           0 :                 when += s->sync_interval_usec;
    1386             : 
    1387           0 :                 if (!s->sync_event_source) {
    1388           0 :                         r = sd_event_add_time(
    1389             :                                         s->event,
    1390             :                                         &s->sync_event_source,
    1391             :                                         CLOCK_MONOTONIC,
    1392             :                                         when, 0,
    1393             :                                         server_dispatch_sync, s);
    1394           0 :                         if (r < 0)
    1395           0 :                                 return r;
    1396             : 
    1397           0 :                         r = sd_event_source_set_priority(s->sync_event_source, SD_EVENT_PRIORITY_IMPORTANT);
    1398             :                 } else {
    1399           0 :                         r = sd_event_source_set_time(s->sync_event_source, when);
    1400           0 :                         if (r < 0)
    1401           0 :                                 return r;
    1402             : 
    1403           0 :                         r = sd_event_source_set_enabled(s->sync_event_source, SD_EVENT_ONESHOT);
    1404             :                 }
    1405           0 :                 if (r < 0)
    1406           0 :                         return r;
    1407             : 
    1408           0 :                 s->sync_scheduled = true;
    1409             :         }
    1410             : 
    1411           0 :         return 0;
    1412             : }
    1413             : 
    1414           0 : static int dispatch_hostname_change(sd_event_source *es, int fd, uint32_t revents, void *userdata) {
    1415           0 :         Server *s = userdata;
    1416             : 
    1417           0 :         assert(s);
    1418             : 
    1419           0 :         server_cache_hostname(s);
    1420           0 :         return 0;
    1421             : }
    1422             : 
    1423           0 : static int server_open_hostname(Server *s) {
    1424             :         int r;
    1425             : 
    1426           0 :         assert(s);
    1427             : 
    1428           0 :         s->hostname_fd = open("/proc/sys/kernel/hostname", O_RDONLY|O_CLOEXEC|O_NDELAY|O_NOCTTY);
    1429           0 :         if (s->hostname_fd < 0)
    1430           0 :                 return log_error_errno(errno, "Failed to open /proc/sys/kernel/hostname: %m");
    1431             : 
    1432           0 :         r = sd_event_add_io(s->event, &s->hostname_event_source, s->hostname_fd, 0, dispatch_hostname_change, s);
    1433           0 :         if (r < 0) {
    1434             :                 /* kernels prior to 3.2 don't support polling this file. Ignore
    1435             :                  * the failure. */
    1436           0 :                 if (r == -EPERM) {
    1437           0 :                         log_warning("Failed to register hostname fd in event loop: %s. Ignoring.",
    1438             :                                         strerror(-r));
    1439           0 :                         s->hostname_fd = safe_close(s->hostname_fd);
    1440           0 :                         return 0;
    1441             :                 }
    1442             : 
    1443           0 :                 return log_error_errno(r, "Failed to register hostname fd in event loop: %m");
    1444             :         }
    1445             : 
    1446           0 :         r = sd_event_source_set_priority(s->hostname_event_source, SD_EVENT_PRIORITY_IMPORTANT-10);
    1447           0 :         if (r < 0)
    1448           0 :                 return log_error_errno(r, "Failed to adjust priority of host name event source: %m");
    1449             : 
    1450           0 :         return 0;
    1451             : }
    1452             : 
    1453           0 : int server_init(Server *s) {
    1454           0 :         _cleanup_fdset_free_ FDSet *fds = NULL;
    1455             :         int n, r, fd;
    1456             : 
    1457           0 :         assert(s);
    1458             : 
    1459           0 :         zero(*s);
    1460           0 :         s->syslog_fd = s->native_fd = s->stdout_fd = s->dev_kmsg_fd = s->audit_fd = s->hostname_fd = -1;
    1461           0 :         s->compress = true;
    1462           0 :         s->seal = true;
    1463             : 
    1464           0 :         s->sync_interval_usec = DEFAULT_SYNC_INTERVAL_USEC;
    1465           0 :         s->sync_scheduled = false;
    1466             : 
    1467           0 :         s->rate_limit_interval = DEFAULT_RATE_LIMIT_INTERVAL;
    1468           0 :         s->rate_limit_burst = DEFAULT_RATE_LIMIT_BURST;
    1469             : 
    1470           0 :         s->forward_to_wall = true;
    1471             : 
    1472           0 :         s->max_file_usec = DEFAULT_MAX_FILE_USEC;
    1473             : 
    1474           0 :         s->max_level_store = LOG_DEBUG;
    1475           0 :         s->max_level_syslog = LOG_DEBUG;
    1476           0 :         s->max_level_kmsg = LOG_NOTICE;
    1477           0 :         s->max_level_console = LOG_INFO;
    1478           0 :         s->max_level_wall = LOG_EMERG;
    1479             : 
    1480           0 :         memset(&s->system_metrics, 0xFF, sizeof(s->system_metrics));
    1481           0 :         memset(&s->runtime_metrics, 0xFF, sizeof(s->runtime_metrics));
    1482             : 
    1483           0 :         server_parse_config_file(s);
    1484           0 :         server_parse_proc_cmdline(s);
    1485           0 :         if (!!s->rate_limit_interval ^ !!s->rate_limit_burst) {
    1486           0 :                 log_debug("Setting both rate limit interval and burst from "USEC_FMT",%u to 0,0",
    1487             :                           s->rate_limit_interval, s->rate_limit_burst);
    1488           0 :                 s->rate_limit_interval = s->rate_limit_burst = 0;
    1489             :         }
    1490             : 
    1491           0 :         mkdir_p("/run/systemd/journal", 0755);
    1492             : 
    1493           0 :         s->user_journals = ordered_hashmap_new(NULL);
    1494           0 :         if (!s->user_journals)
    1495           0 :                 return log_oom();
    1496             : 
    1497           0 :         s->mmap = mmap_cache_new();
    1498           0 :         if (!s->mmap)
    1499           0 :                 return log_oom();
    1500             : 
    1501           0 :         r = sd_event_default(&s->event);
    1502           0 :         if (r < 0)
    1503           0 :                 return log_error_errno(r, "Failed to create event loop: %m");
    1504             : 
    1505           0 :         sd_event_set_watchdog(s->event, true);
    1506             : 
    1507           0 :         n = sd_listen_fds(true);
    1508           0 :         if (n < 0)
    1509           0 :                 return log_error_errno(n, "Failed to read listening file descriptors from environment: %m");
    1510             : 
    1511           0 :         for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
    1512             : 
    1513           0 :                 if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/socket", 0) > 0) {
    1514             : 
    1515           0 :                         if (s->native_fd >= 0) {
    1516           0 :                                 log_error("Too many native sockets passed.");
    1517           0 :                                 return -EINVAL;
    1518             :                         }
    1519             : 
    1520           0 :                         s->native_fd = fd;
    1521             : 
    1522           0 :                 } else if (sd_is_socket_unix(fd, SOCK_STREAM, 1, "/run/systemd/journal/stdout", 0) > 0) {
    1523             : 
    1524           0 :                         if (s->stdout_fd >= 0) {
    1525           0 :                                 log_error("Too many stdout sockets passed.");
    1526           0 :                                 return -EINVAL;
    1527             :                         }
    1528             : 
    1529           0 :                         s->stdout_fd = fd;
    1530             : 
    1531           0 :                 } else if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/dev/log", 0) > 0 ||
    1532           0 :                            sd_is_socket_unix(fd, SOCK_DGRAM, -1, "/run/systemd/journal/dev-log", 0) > 0) {
    1533             : 
    1534           0 :                         if (s->syslog_fd >= 0) {
    1535           0 :                                 log_error("Too many /dev/log sockets passed.");
    1536           0 :                                 return -EINVAL;
    1537             :                         }
    1538             : 
    1539           0 :                         s->syslog_fd = fd;
    1540             : 
    1541           0 :                 } else if (sd_is_socket(fd, AF_NETLINK, SOCK_RAW, -1) > 0) {
    1542             : 
    1543           0 :                         if (s->audit_fd >= 0) {
    1544           0 :                                 log_error("Too many audit sockets passed.");
    1545           0 :                                 return -EINVAL;
    1546             :                         }
    1547             : 
    1548           0 :                         s->audit_fd = fd;
    1549             : 
    1550             :                 } else {
    1551             : 
    1552           0 :                         if (!fds) {
    1553           0 :                                 fds = fdset_new();
    1554           0 :                                 if (!fds)
    1555           0 :                                         return log_oom();
    1556             :                         }
    1557             : 
    1558           0 :                         r = fdset_put(fds, fd);
    1559           0 :                         if (r < 0)
    1560           0 :                                 return log_oom();
    1561             :                 }
    1562             :         }
    1563             : 
    1564           0 :         r = server_open_stdout_socket(s, fds);
    1565           0 :         if (r < 0)
    1566           0 :                 return r;
    1567             : 
    1568           0 :         if (fdset_size(fds) > 0) {
    1569           0 :                 log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
    1570           0 :                 fds = fdset_free(fds);
    1571             :         }
    1572             : 
    1573           0 :         r = server_open_syslog_socket(s);
    1574           0 :         if (r < 0)
    1575           0 :                 return r;
    1576             : 
    1577           0 :         r = server_open_native_socket(s);
    1578           0 :         if (r < 0)
    1579           0 :                 return r;
    1580             : 
    1581           0 :         r = server_open_dev_kmsg(s);
    1582           0 :         if (r < 0)
    1583           0 :                 return r;
    1584             : 
    1585           0 :         r = server_open_audit(s);
    1586           0 :         if (r < 0)
    1587           0 :                 return r;
    1588             : 
    1589           0 :         r = server_open_kernel_seqnum(s);
    1590           0 :         if (r < 0)
    1591           0 :                 return r;
    1592             : 
    1593           0 :         r = server_open_hostname(s);
    1594           0 :         if (r < 0)
    1595           0 :                 return r;
    1596             : 
    1597           0 :         r = setup_signals(s);
    1598           0 :         if (r < 0)
    1599           0 :                 return r;
    1600             : 
    1601           0 :         s->udev = udev_new();
    1602           0 :         if (!s->udev)
    1603           0 :                 return -ENOMEM;
    1604             : 
    1605           0 :         s->rate_limit = journal_rate_limit_new(s->rate_limit_interval, s->rate_limit_burst);
    1606           0 :         if (!s->rate_limit)
    1607           0 :                 return -ENOMEM;
    1608             : 
    1609           0 :         r = cg_get_root_path(&s->cgroup_root);
    1610           0 :         if (r < 0)
    1611           0 :                 return r;
    1612             : 
    1613           0 :         server_cache_hostname(s);
    1614           0 :         server_cache_boot_id(s);
    1615           0 :         server_cache_machine_id(s);
    1616             : 
    1617           0 :         r = system_journal_open(s, false);
    1618           0 :         if (r < 0)
    1619           0 :                 return r;
    1620             : 
    1621           0 :         return 0;
    1622             : }
    1623             : 
    1624           0 : void server_maybe_append_tags(Server *s) {
    1625             : #ifdef HAVE_GCRYPT
    1626             :         JournalFile *f;
    1627             :         Iterator i;
    1628             :         usec_t n;
    1629             : 
    1630           0 :         n = now(CLOCK_REALTIME);
    1631             : 
    1632           0 :         if (s->system_journal)
    1633           0 :                 journal_file_maybe_append_tag(s->system_journal, n);
    1634             : 
    1635           0 :         ORDERED_HASHMAP_FOREACH(f, s->user_journals, i)
    1636           0 :                 journal_file_maybe_append_tag(f, n);
    1637             : #endif
    1638           0 : }
    1639             : 
    1640           0 : void server_done(Server *s) {
    1641             :         JournalFile *f;
    1642           0 :         assert(s);
    1643             : 
    1644           0 :         while (s->stdout_streams)
    1645           0 :                 stdout_stream_free(s->stdout_streams);
    1646             : 
    1647           0 :         if (s->system_journal)
    1648           0 :                 journal_file_close(s->system_journal);
    1649             : 
    1650           0 :         if (s->runtime_journal)
    1651           0 :                 journal_file_close(s->runtime_journal);
    1652             : 
    1653           0 :         while ((f = ordered_hashmap_steal_first(s->user_journals)))
    1654           0 :                 journal_file_close(f);
    1655             : 
    1656           0 :         ordered_hashmap_free(s->user_journals);
    1657             : 
    1658           0 :         sd_event_source_unref(s->syslog_event_source);
    1659           0 :         sd_event_source_unref(s->native_event_source);
    1660           0 :         sd_event_source_unref(s->stdout_event_source);
    1661           0 :         sd_event_source_unref(s->dev_kmsg_event_source);
    1662           0 :         sd_event_source_unref(s->audit_event_source);
    1663           0 :         sd_event_source_unref(s->sync_event_source);
    1664           0 :         sd_event_source_unref(s->sigusr1_event_source);
    1665           0 :         sd_event_source_unref(s->sigusr2_event_source);
    1666           0 :         sd_event_source_unref(s->sigterm_event_source);
    1667           0 :         sd_event_source_unref(s->sigint_event_source);
    1668           0 :         sd_event_source_unref(s->hostname_event_source);
    1669           0 :         sd_event_unref(s->event);
    1670             : 
    1671           0 :         safe_close(s->syslog_fd);
    1672           0 :         safe_close(s->native_fd);
    1673           0 :         safe_close(s->stdout_fd);
    1674           0 :         safe_close(s->dev_kmsg_fd);
    1675           0 :         safe_close(s->audit_fd);
    1676           0 :         safe_close(s->hostname_fd);
    1677             : 
    1678           0 :         if (s->rate_limit)
    1679           0 :                 journal_rate_limit_free(s->rate_limit);
    1680             : 
    1681           0 :         if (s->kernel_seqnum)
    1682           0 :                 munmap(s->kernel_seqnum, sizeof(uint64_t));
    1683             : 
    1684           0 :         free(s->buffer);
    1685           0 :         free(s->tty_path);
    1686           0 :         free(s->cgroup_root);
    1687           0 :         free(s->hostname_field);
    1688             : 
    1689           0 :         if (s->mmap)
    1690           0 :                 mmap_cache_unref(s->mmap);
    1691             : 
    1692           0 :         if (s->udev)
    1693           0 :                 udev_unref(s->udev);
    1694           0 : }

Generated by: LCOV version 1.11