Line data Source code
1 : /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
2 :
3 : /***
4 : This file is part of systemd.
5 :
6 : Copyright 2011 Lennart Poettering
7 :
8 : systemd is free software; you can redistribute it and/or modify it
9 : under the terms of the GNU Lesser General Public License as published by
10 : the Free Software Foundation; either version 2.1 of the License, or
11 : (at your option) any later version.
12 :
13 : systemd is distributed in the hope that it will be useful, but
14 : WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 : Lesser General Public License for more details.
17 :
18 : You should have received a copy of the GNU Lesser General Public License
19 : along with systemd; If not, see <http://www.gnu.org/licenses/>.
20 : ***/
21 :
22 : #include <unistd.h>
23 : #include <stddef.h>
24 : #include <sys/epoll.h>
25 :
26 : #include "systemd/sd-messages.h"
27 : #include "socket-util.h"
28 : #include "selinux-util.h"
29 : #include "journald-server.h"
30 : #include "journald-syslog.h"
31 : #include "journald-kmsg.h"
32 : #include "journald-console.h"
33 : #include "journald-wall.h"
34 : #include "formats-util.h"
35 : #include "process-util.h"
36 :
37 : /* Warn once every 30s if we missed syslog message */
38 : #define WARN_FORWARD_SYSLOG_MISSED_USEC (30 * USEC_PER_SEC)
39 :
40 0 : static void forward_syslog_iovec(Server *s, const struct iovec *iovec, unsigned n_iovec, const struct ucred *ucred, const struct timeval *tv) {
41 :
42 : static const union sockaddr_union sa = {
43 : .un.sun_family = AF_UNIX,
44 : .un.sun_path = "/run/systemd/journal/syslog",
45 : };
46 0 : struct msghdr msghdr = {
47 : .msg_iov = (struct iovec *) iovec,
48 : .msg_iovlen = n_iovec,
49 : .msg_name = (struct sockaddr*) &sa.sa,
50 : .msg_namelen = offsetof(union sockaddr_union, un.sun_path)
51 : + strlen("/run/systemd/journal/syslog"),
52 : };
53 : struct cmsghdr *cmsg;
54 : union {
55 : struct cmsghdr cmsghdr;
56 : uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
57 : } control;
58 :
59 0 : assert(s);
60 0 : assert(iovec);
61 0 : assert(n_iovec > 0);
62 :
63 0 : if (ucred) {
64 0 : zero(control);
65 0 : msghdr.msg_control = &control;
66 0 : msghdr.msg_controllen = sizeof(control);
67 :
68 0 : cmsg = CMSG_FIRSTHDR(&msghdr);
69 0 : cmsg->cmsg_level = SOL_SOCKET;
70 0 : cmsg->cmsg_type = SCM_CREDENTIALS;
71 0 : cmsg->cmsg_len = CMSG_LEN(sizeof(struct ucred));
72 0 : memcpy(CMSG_DATA(cmsg), ucred, sizeof(struct ucred));
73 0 : msghdr.msg_controllen = cmsg->cmsg_len;
74 : }
75 :
76 : /* Forward the syslog message we received via /dev/log to
77 : * /run/systemd/syslog. Unfortunately we currently can't set
78 : * the SO_TIMESTAMP auxiliary data, and hence we don't. */
79 :
80 0 : if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
81 0 : return;
82 :
83 : /* The socket is full? I guess the syslog implementation is
84 : * too slow, and we shouldn't wait for that... */
85 0 : if (errno == EAGAIN) {
86 0 : s->n_forward_syslog_missed++;
87 0 : return;
88 : }
89 :
90 0 : if (ucred && (errno == ESRCH || errno == EPERM)) {
91 : struct ucred u;
92 :
93 : /* Hmm, presumably the sender process vanished
94 : * by now, or we don't have CAP_SYS_AMDIN, so
95 : * let's fix it as good as we can, and retry */
96 :
97 0 : u = *ucred;
98 0 : u.pid = getpid();
99 0 : memcpy(CMSG_DATA(cmsg), &u, sizeof(struct ucred));
100 :
101 0 : if (sendmsg(s->syslog_fd, &msghdr, MSG_NOSIGNAL) >= 0)
102 0 : return;
103 :
104 0 : if (errno == EAGAIN) {
105 0 : s->n_forward_syslog_missed++;
106 0 : return;
107 : }
108 : }
109 :
110 0 : if (errno != ENOENT)
111 0 : log_debug_errno(errno, "Failed to forward syslog message: %m");
112 : }
113 :
114 0 : static void forward_syslog_raw(Server *s, int priority, const char *buffer, const struct ucred *ucred, const struct timeval *tv) {
115 : struct iovec iovec;
116 :
117 0 : assert(s);
118 0 : assert(buffer);
119 :
120 0 : if (LOG_PRI(priority) > s->max_level_syslog)
121 0 : return;
122 :
123 0 : IOVEC_SET_STRING(iovec, buffer);
124 0 : forward_syslog_iovec(s, &iovec, 1, ucred, tv);
125 : }
126 :
127 0 : void server_forward_syslog(Server *s, int priority, const char *identifier, const char *message, const struct ucred *ucred, const struct timeval *tv) {
128 : struct iovec iovec[5];
129 : char header_priority[DECIMAL_STR_MAX(priority) + 3], header_time[64],
130 : header_pid[sizeof("[]: ")-1 + DECIMAL_STR_MAX(pid_t) + 1];
131 0 : int n = 0;
132 : time_t t;
133 : struct tm *tm;
134 0 : char *ident_buf = NULL;
135 :
136 0 : assert(s);
137 0 : assert(priority >= 0);
138 0 : assert(priority <= 999);
139 0 : assert(message);
140 :
141 0 : if (LOG_PRI(priority) > s->max_level_syslog)
142 0 : return;
143 :
144 : /* First: priority field */
145 0 : xsprintf(header_priority, "<%i>", priority);
146 0 : IOVEC_SET_STRING(iovec[n++], header_priority);
147 :
148 : /* Second: timestamp */
149 0 : t = tv ? tv->tv_sec : ((time_t) (now(CLOCK_REALTIME) / USEC_PER_SEC));
150 0 : tm = localtime(&t);
151 0 : if (!tm)
152 0 : return;
153 0 : if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
154 0 : return;
155 0 : IOVEC_SET_STRING(iovec[n++], header_time);
156 :
157 : /* Third: identifier and PID */
158 0 : if (ucred) {
159 0 : if (!identifier) {
160 0 : get_process_comm(ucred->pid, &ident_buf);
161 0 : identifier = ident_buf;
162 : }
163 :
164 0 : xsprintf(header_pid, "["PID_FMT"]: ", ucred->pid);
165 :
166 0 : if (identifier)
167 0 : IOVEC_SET_STRING(iovec[n++], identifier);
168 :
169 0 : IOVEC_SET_STRING(iovec[n++], header_pid);
170 0 : } else if (identifier) {
171 0 : IOVEC_SET_STRING(iovec[n++], identifier);
172 0 : IOVEC_SET_STRING(iovec[n++], ": ");
173 : }
174 :
175 : /* Fourth: message */
176 0 : IOVEC_SET_STRING(iovec[n++], message);
177 :
178 0 : forward_syslog_iovec(s, iovec, n, ucred, tv);
179 :
180 0 : free(ident_buf);
181 : }
182 :
183 0 : int syslog_fixup_facility(int priority) {
184 :
185 0 : if ((priority & LOG_FACMASK) == 0)
186 0 : return (priority & LOG_PRIMASK) | LOG_USER;
187 :
188 0 : return priority;
189 : }
190 :
191 3 : size_t syslog_parse_identifier(const char **buf, char **identifier, char **pid) {
192 : const char *p;
193 : char *t;
194 : size_t l, e;
195 :
196 3 : assert(buf);
197 3 : assert(identifier);
198 3 : assert(pid);
199 :
200 3 : p = *buf;
201 :
202 3 : p += strspn(p, WHITESPACE);
203 3 : l = strcspn(p, WHITESPACE);
204 :
205 6 : if (l <= 0 ||
206 3 : p[l-1] != ':')
207 1 : return 0;
208 :
209 2 : e = l;
210 2 : l--;
211 :
212 2 : if (p[l-1] == ']') {
213 1 : size_t k = l-1;
214 :
215 : for (;;) {
216 :
217 5 : if (p[k] == '[') {
218 1 : t = strndup(p+k+1, l-k-2);
219 1 : if (t)
220 1 : *pid = t;
221 :
222 1 : l = k;
223 1 : break;
224 : }
225 :
226 4 : if (k == 0)
227 0 : break;
228 :
229 4 : k--;
230 4 : }
231 : }
232 :
233 2 : t = strndup(p, l);
234 2 : if (t)
235 2 : *identifier = t;
236 :
237 2 : if (strchr(WHITESPACE, p[e]))
238 2 : e++;
239 2 : *buf = p + e;
240 2 : return e;
241 : }
242 :
243 0 : static void syslog_skip_date(char **buf) {
244 : enum {
245 : LETTER,
246 : SPACE,
247 : NUMBER,
248 : SPACE_OR_NUMBER,
249 : COLON
250 0 : } sequence[] = {
251 : LETTER, LETTER, LETTER,
252 : SPACE,
253 : SPACE_OR_NUMBER, NUMBER,
254 : SPACE,
255 : SPACE_OR_NUMBER, NUMBER,
256 : COLON,
257 : SPACE_OR_NUMBER, NUMBER,
258 : COLON,
259 : SPACE_OR_NUMBER, NUMBER,
260 : SPACE
261 : };
262 :
263 : char *p;
264 : unsigned i;
265 :
266 0 : assert(buf);
267 0 : assert(*buf);
268 :
269 0 : p = *buf;
270 :
271 0 : for (i = 0; i < ELEMENTSOF(sequence); i++, p++) {
272 :
273 0 : if (!*p)
274 0 : return;
275 :
276 0 : switch (sequence[i]) {
277 :
278 : case SPACE:
279 0 : if (*p != ' ')
280 0 : return;
281 0 : break;
282 :
283 : case SPACE_OR_NUMBER:
284 0 : if (*p == ' ')
285 0 : break;
286 :
287 : /* fall through */
288 :
289 : case NUMBER:
290 0 : if (*p < '0' || *p > '9')
291 0 : return;
292 :
293 0 : break;
294 :
295 : case LETTER:
296 0 : if (!(*p >= 'A' && *p <= 'Z') &&
297 0 : !(*p >= 'a' && *p <= 'z'))
298 0 : return;
299 :
300 0 : break;
301 :
302 : case COLON:
303 0 : if (*p != ':')
304 0 : return;
305 0 : break;
306 :
307 : }
308 : }
309 :
310 0 : *buf = p;
311 : }
312 :
313 0 : void server_process_syslog_message(
314 : Server *s,
315 : const char *buf,
316 : const struct ucred *ucred,
317 : const struct timeval *tv,
318 : const char *label,
319 : size_t label_len) {
320 :
321 : char syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
322 : syslog_facility[sizeof("SYSLOG_FACILITY") + DECIMAL_STR_MAX(int)];
323 0 : const char *message = NULL, *syslog_identifier = NULL, *syslog_pid = NULL;
324 : struct iovec iovec[N_IOVEC_META_FIELDS + 6];
325 0 : unsigned n = 0;
326 0 : int priority = LOG_USER | LOG_INFO;
327 0 : _cleanup_free_ char *identifier = NULL, *pid = NULL;
328 : const char *orig;
329 :
330 0 : assert(s);
331 0 : assert(buf);
332 :
333 0 : orig = buf;
334 0 : syslog_parse_priority(&buf, &priority, true);
335 :
336 0 : if (s->forward_to_syslog)
337 0 : forward_syslog_raw(s, priority, orig, ucred, tv);
338 :
339 0 : syslog_skip_date((char**) &buf);
340 0 : syslog_parse_identifier(&buf, &identifier, &pid);
341 :
342 0 : if (s->forward_to_kmsg)
343 0 : server_forward_kmsg(s, priority, identifier, buf, ucred);
344 :
345 0 : if (s->forward_to_console)
346 0 : server_forward_console(s, priority, identifier, buf, ucred);
347 :
348 0 : if (s->forward_to_wall)
349 0 : server_forward_wall(s, priority, identifier, buf, ucred);
350 :
351 0 : IOVEC_SET_STRING(iovec[n++], "_TRANSPORT=syslog");
352 :
353 0 : sprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK);
354 0 : IOVEC_SET_STRING(iovec[n++], syslog_priority);
355 :
356 0 : if (priority & LOG_FACMASK) {
357 0 : sprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
358 0 : IOVEC_SET_STRING(iovec[n++], syslog_facility);
359 : }
360 :
361 0 : if (identifier) {
362 0 : syslog_identifier = strjoina("SYSLOG_IDENTIFIER=", identifier);
363 0 : if (syslog_identifier)
364 0 : IOVEC_SET_STRING(iovec[n++], syslog_identifier);
365 : }
366 :
367 0 : if (pid) {
368 0 : syslog_pid = strjoina("SYSLOG_PID=", pid);
369 0 : if (syslog_pid)
370 0 : IOVEC_SET_STRING(iovec[n++], syslog_pid);
371 : }
372 :
373 0 : message = strjoina("MESSAGE=", buf);
374 0 : if (message)
375 0 : IOVEC_SET_STRING(iovec[n++], message);
376 :
377 0 : server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), ucred, tv, label, label_len, NULL, priority, 0);
378 0 : }
379 :
380 0 : int server_open_syslog_socket(Server *s) {
381 : static const int one = 1;
382 : int r;
383 :
384 0 : assert(s);
385 :
386 0 : if (s->syslog_fd < 0) {
387 : static const union sockaddr_union sa = {
388 : .un.sun_family = AF_UNIX,
389 : .un.sun_path = "/run/systemd/journal/dev-log",
390 : };
391 :
392 0 : s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0);
393 0 : if (s->syslog_fd < 0)
394 0 : return log_error_errno(errno, "socket() failed: %m");
395 :
396 0 : unlink(sa.un.sun_path);
397 :
398 0 : r = bind(s->syslog_fd, &sa.sa, offsetof(union sockaddr_union, un.sun_path) + strlen(sa.un.sun_path));
399 0 : if (r < 0)
400 0 : return log_error_errno(errno, "bind(%s) failed: %m", sa.un.sun_path);
401 :
402 0 : (void) chmod(sa.un.sun_path, 0666);
403 : } else
404 0 : fd_nonblock(s->syslog_fd, 1);
405 :
406 0 : r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSCRED, &one, sizeof(one));
407 0 : if (r < 0)
408 0 : return log_error_errno(errno, "SO_PASSCRED failed: %m");
409 :
410 : #ifdef HAVE_SELINUX
411 : if (mac_selinux_use()) {
412 : r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
413 : if (r < 0)
414 : log_warning_errno(errno, "SO_PASSSEC failed: %m");
415 : }
416 : #endif
417 :
418 0 : r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_TIMESTAMP, &one, sizeof(one));
419 0 : if (r < 0)
420 0 : return log_error_errno(errno, "SO_TIMESTAMP failed: %m");
421 :
422 0 : r = sd_event_add_io(s->event, &s->syslog_event_source, s->syslog_fd, EPOLLIN, server_process_datagram, s);
423 0 : if (r < 0)
424 0 : return log_error_errno(r, "Failed to add syslog server fd to event loop: %m");
425 :
426 0 : return 0;
427 : }
428 :
429 0 : void server_maybe_warn_forward_syslog_missed(Server *s) {
430 : usec_t n;
431 0 : assert(s);
432 :
433 0 : if (s->n_forward_syslog_missed <= 0)
434 0 : return;
435 :
436 0 : n = now(CLOCK_MONOTONIC);
437 0 : if (s->last_warn_forward_syslog_missed + WARN_FORWARD_SYSLOG_MISSED_USEC > n)
438 0 : return;
439 :
440 0 : server_driver_message(s, SD_MESSAGE_FORWARD_SYSLOG_MISSED, "Forwarding to syslog missed %u messages.", s->n_forward_syslog_missed);
441 :
442 0 : s->n_forward_syslog_missed = 0;
443 0 : s->last_warn_forward_syslog_missed = n;
444 : }
|