diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-12 03:50:40 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-06-12 03:50:40 +0000 |
commit | fc53809803cd2bc2434e312b19a18fa36776da12 (patch) | |
tree | b4b43bd6538f51965ce32856e9c053d0f90919c8 /src/journal | |
parent | Adding upstream version 255.5. (diff) | |
download | systemd-fc53809803cd2bc2434e312b19a18fa36776da12.tar.xz systemd-fc53809803cd2bc2434e312b19a18fa36776da12.zip |
Adding upstream version 256.upstream/256
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/journal')
42 files changed, 3135 insertions, 2209 deletions
diff --git a/src/journal/bsod.c b/src/journal/bsod.c index a88cb66..b2889f0 100644 --- a/src/journal/bsod.c +++ b/src/journal/bsod.c @@ -17,6 +17,7 @@ #include "log.h" #include "logs-show.h" #include "main-func.h" +#include "parse-argument.h" #include "pretty-print.h" #include "qrcode-util.h" #include "sigbus.h" @@ -25,6 +26,9 @@ #include "terminal-util.h" static bool arg_continuous = false; +static char *arg_tty = NULL; + +STATIC_DESTRUCTOR_REGISTER(arg_tty, freep); static int help(void) { _cleanup_free_ char *link = NULL; @@ -34,19 +38,22 @@ static int help(void) { if (r < 0) return log_oom(); - printf("%s\n\n" - "%sFilter the journal to fetch the first message from the\n" - "current boot with an emergency log level and displays it\n" - "as a string and a QR code.\n\n%s" + printf("%1$s [OPTIONS...]\n\n" + "%5$sFilter the journal to fetch the first message from the current boot with an%6$s\n" + "%5$semergency log level and display it as a string and a QR code.%6$s\n" + "\n%3$sOptions:%4$s\n" " -h --help Show this help\n" " --version Show package version\n" " -c --continuous Make systemd-bsod wait continuously\n" " for changes in the journal\n" - "\nSee the %s for details.\n", + " --tty=TTY Specify path to TTY to use\n" + "\nSee the %2$s for details.\n", program_invocation_short_name, - ansi_highlight(), + link, + ansi_underline(), ansi_normal(), - link); + ansi_highlight(), + ansi_normal()); return 0; } @@ -60,22 +67,22 @@ static int acquire_first_emergency_log_message(char **ret) { assert(ret); - r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY); + r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY | (arg_continuous ? 0 : SD_JOURNAL_ASSUME_IMMUTABLE)); if (r < 0) return log_error_errno(r, "Failed to open journal: %m"); r = add_match_this_boot(j, NULL); if (r < 0) - return log_warning_errno(r, "Failed to add boot ID filter: %m"); + return log_error_errno(r, "Failed to add boot ID filter: %m"); - r = sd_journal_add_match(j, "_UID=0", 0); + r = sd_journal_add_match(j, "_UID=0", SIZE_MAX); if (r < 0) - return log_warning_errno(r, "Failed to add User ID filter: %m"); + return log_error_errno(r, "Failed to add User ID filter: %m"); assert_cc(0 == LOG_EMERG); - r = sd_journal_add_match(j, "PRIORITY=0", 0); + r = sd_journal_add_match(j, "PRIORITY=0", SIZE_MAX); if (r < 0) - return log_warning_errno(r, "Failed to add Emergency filter: %m"); + return log_error_errno(r, "Failed to add Emergency filter: %m"); r = sd_journal_seek_head(j); if (r < 0) @@ -103,7 +110,7 @@ static int acquire_first_emergency_log_message(char **ret) { if (r < 0) return log_error_errno(r, "Failed to read journal message: %m"); - message = memdup_suffix0((const char*)d + STRLEN("MESSAGE="), l - STRLEN("MESSAGE=")); + message = memdup_suffix0((const char*)d + strlen("MESSAGE="), l - strlen("MESSAGE=")); if (!message) return log_oom(); @@ -124,18 +131,18 @@ static int find_next_free_vt(int fd, int *ret_free_vt, int *ret_original_vt) { for (size_t i = 0; i < sizeof(terminal_status.v_state) * 8; i++) if ((terminal_status.v_state & (1 << i)) == 0) { - *ret_free_vt = i; + *ret_free_vt = i + 1; *ret_original_vt = terminal_status.v_active; return 0; } - return log_error_errno(SYNTHETIC_ERRNO(ENOTTY), "No free VT found: %m"); + return -ENOTTY; } static int display_emergency_message_fullscreen(const char *message) { - int r, ret = 0, free_vt = 0, original_vt = 0; + int r, free_vt = 0, original_vt = 0; unsigned qr_code_start_row = 1, qr_code_start_column = 1; - char tty[STRLEN("/dev/tty") + DECIMAL_STR_MAX(int) + 1]; + char ttybuf[STRLEN("/dev/tty") + DECIMAL_STR_MAX(int) + 1]; _cleanup_close_ int fd = -EBADF; _cleanup_fclose_ FILE *stream = NULL; char read_character_buffer = '\0'; @@ -143,30 +150,36 @@ static int display_emergency_message_fullscreen(const char *message) { .ws_col = 80, .ws_row = 25, }; + const char *tty; assert(message); - fd = open_terminal("/dev/tty1", O_RDWR|O_NOCTTY|O_CLOEXEC); - if (fd < 0) - return log_error_errno(fd, "Failed to open tty1: %m"); + if (arg_tty) + tty = arg_tty; + else { + fd = open_terminal("/dev/tty1", O_RDWR|O_NOCTTY|O_CLOEXEC); + if (fd < 0) + return log_error_errno(fd, "Failed to open /dev/tty1: %m"); - r = find_next_free_vt(fd, &free_vt, &original_vt); - if (r < 0) - return log_error_errno(r, "Failed to find a free VT: %m"); + r = find_next_free_vt(fd, &free_vt, &original_vt); + if (r < 0) + return log_error_errno(r, "Failed to find a free VT: %m"); - xsprintf(tty, "/dev/tty%d", free_vt + 1); + xsprintf(ttybuf, "/dev/tty%d", free_vt); + tty = ttybuf; - r = open_terminal(tty, O_RDWR|O_NOCTTY|O_CLOEXEC); - if (r < 0) - return log_error_errno(fd, "Failed to open tty: %m"); + fd = safe_close(fd); + } - close_and_replace(fd, r); + fd = open_terminal(tty, O_RDWR|O_NOCTTY|O_CLOEXEC); + if (fd < 0) + return log_error_errno(fd, "Failed to open %s: %m", tty); if (ioctl(fd, TIOCGWINSZ, &w) < 0) log_warning_errno(errno, "Failed to fetch tty size, ignoring: %m"); - if (ioctl(fd, VT_ACTIVATE, free_vt + 1) < 0) - return log_error_errno(errno, "Failed to activate tty: %m"); + if (free_vt > 0 && ioctl(fd, VT_ACTIVATE, free_vt) < 0) + return log_error_errno(errno, "Failed to activate /dev/tty%i, ignoring: %m", free_vt); r = loop_write(fd, ANSI_BACKGROUND_BLUE ANSI_HOME_CLEAR, SIZE_MAX); if (r < 0) @@ -178,7 +191,7 @@ static int display_emergency_message_fullscreen(const char *message) { r = loop_write(fd, "The current boot has failed!", SIZE_MAX); if (r < 0) { - ret = log_warning_errno(r, "Failed to write to terminal: %m"); + log_error_errno(r, "Failed to write to terminal: %m"); goto cleanup; } @@ -190,13 +203,13 @@ static int display_emergency_message_fullscreen(const char *message) { r = loop_write(fd, message, SIZE_MAX); if (r < 0) { - ret = log_warning_errno(r, "Failed to write emergency message to terminal: %m"); + log_error_errno(r, "Failed to write emergency message to terminal: %m"); goto cleanup; } r = fdopen_independent(fd, "r+", &stream); if (r < 0) { - ret = log_error_errno(errno, "Failed to open output file: %m"); + r = log_error_errno(errno, "Failed to open output file: %m"); goto cleanup; } @@ -208,37 +221,41 @@ static int display_emergency_message_fullscreen(const char *message) { if (r < 0) log_warning_errno(r, "Failed to move terminal cursor position, ignoring: %m"); - r = loop_write(fd, "Press any key to exit...", SIZE_MAX); + r = loop_write(fd, ANSI_BACKGROUND_BLUE "Press any key to exit...", SIZE_MAX); if (r < 0) { - ret = log_warning_errno(r, "Failed to write to terminal: %m"); + log_error_errno(r, "Failed to write to terminal: %m"); goto cleanup; } r = read_one_char(stream, &read_character_buffer, USEC_INFINITY, NULL); if (r < 0 && r != -EINTR) - ret = log_error_errno(r, "Failed to read character: %m"); + log_error_errno(r, "Failed to read character: %m"); + + r = 0; cleanup: - if (ioctl(fd, VT_ACTIVATE, original_vt) < 0) - return log_error_errno(errno, "Failed to switch back to original VT: %m"); + if (original_vt > 0 && ioctl(fd, VT_ACTIVATE, original_vt) < 0) + log_warning_errno(errno, "Failed to switch back to original VT /dev/tty%i: %m", original_vt); - return ret; + return r; } static int parse_argv(int argc, char * argv[]) { enum { ARG_VERSION = 0x100, + ARG_TTY, }; static const struct option options[] = { - { "help", no_argument, NULL, 'h' }, - { "version", no_argument, NULL, ARG_VERSION }, - { "continuous", no_argument, NULL, 'c' }, + { "help", no_argument, NULL, 'h' }, + { "version", no_argument, NULL, ARG_VERSION }, + { "continuous", no_argument, NULL, 'c' }, + { "tty", required_argument, NULL, ARG_TTY }, {} }; - int c; + int c, r; assert(argc >= 0); assert(argv); @@ -257,6 +274,13 @@ static int parse_argv(int argc, char * argv[]) { arg_continuous = true; break; + case ARG_TTY: + r = parse_path_argument(optarg, /* suppress_root= */ false, &arg_tty); + if (r < 0) + return r; + + break; + case '?': return -EINVAL; @@ -281,8 +305,7 @@ static int run(int argc, char *argv[]) { _cleanup_free_ char *message = NULL; int r; - log_open(); - log_parse_environment(); + log_setup(); sigbus_install(); @@ -292,7 +315,7 @@ static int run(int argc, char *argv[]) { r = acquire_first_emergency_log_message(&message); if (r < 0) - return log_error_errno(r, "Failed to acquire first emergency log message: %m"); + return r; if (!message) { log_debug("No emergency-level entries"); @@ -301,11 +324,7 @@ static int run(int argc, char *argv[]) { assert_se(sigaction_many(&nop_sigaction, SIGTERM, SIGINT) >= 0); - r = display_emergency_message_fullscreen((const char*) message); - if (r < 0) - return log_error_errno(r, "Failed to display emergency message on terminal: %m"); - - return 0; + return display_emergency_message_fullscreen(message); } DEFINE_MAIN_FUNCTION(run); diff --git a/src/journal/cat.c b/src/journal/cat.c index 0325add..90d4f53 100644 --- a/src/journal/cat.c +++ b/src/journal/cat.c @@ -24,6 +24,7 @@ #include "terminal-util.h" static const char *arg_identifier = NULL; +static const char *arg_namespace = NULL; static int arg_priority = LOG_INFO; static int arg_stderr_priority = -1; static bool arg_level_prefix = true; @@ -44,6 +45,7 @@ static int help(void) { " -p --priority=PRIORITY Set priority value (0..7)\n" " --stderr-priority=PRIORITY Set priority value (0..7) used for stderr\n" " --level-prefix=BOOL Control whether level prefix shall be parsed\n" + " --namespace=NAMESPACE Connect to specified journal namespace\n" "\nSee the %s for details.\n", program_invocation_short_name, ansi_highlight(), @@ -58,7 +60,8 @@ static int parse_argv(int argc, char *argv[]) { enum { ARG_VERSION = 0x100, ARG_STDERR_PRIORITY, - ARG_LEVEL_PREFIX + ARG_LEVEL_PREFIX, + ARG_NAMESPACE, }; static const struct option options[] = { @@ -68,6 +71,7 @@ static int parse_argv(int argc, char *argv[]) { { "priority", required_argument, NULL, 'p' }, { "stderr-priority", required_argument, NULL, ARG_STDERR_PRIORITY }, { "level-prefix", required_argument, NULL, ARG_LEVEL_PREFIX }, + { "namespace", required_argument, NULL, ARG_NAMESPACE }, {} }; @@ -91,10 +95,7 @@ static int parse_argv(int argc, char *argv[]) { return version(); case 't': - if (isempty(optarg)) - arg_identifier = NULL; - else - arg_identifier = optarg; + arg_identifier = empty_to_null(optarg); break; case 'p': @@ -117,6 +118,10 @@ static int parse_argv(int argc, char *argv[]) { return r; break; + case ARG_NAMESPACE: + arg_namespace = empty_to_null(optarg); + break; + case '?': return -EINVAL; @@ -137,12 +142,12 @@ static int run(int argc, char *argv[]) { if (r <= 0) return r; - outfd = sd_journal_stream_fd(arg_identifier, arg_priority, arg_level_prefix); + outfd = sd_journal_stream_fd_with_namespace(arg_namespace, arg_identifier, arg_priority, arg_level_prefix); if (outfd < 0) return log_error_errno(outfd, "Failed to create stream fd: %m"); if (arg_stderr_priority >= 0 && arg_stderr_priority != arg_priority) { - errfd = sd_journal_stream_fd(arg_identifier, arg_stderr_priority, arg_level_prefix); + errfd = sd_journal_stream_fd_with_namespace(arg_namespace, arg_identifier, arg_stderr_priority, arg_level_prefix); if (errfd < 0) return log_error_errno(errfd, "Failed to create stream fd: %m"); } diff --git a/src/journal/fuzz-journald-audit.c b/src/journal/fuzz-journald-audit.c index 9bf7d01..3e08ce3 100644 --- a/src/journal/fuzz-journald-audit.c +++ b/src/journal/fuzz-journald-audit.c @@ -5,13 +5,13 @@ #include "journald-audit.h" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - Server s; + _cleanup_(server_freep) Server *s = NULL; fuzz_setup_logging(); - dummy_server_init(&s, data, size); - process_audit_string(&s, 0, s.buffer, size); - server_done(&s); + assert_se(server_new(&s) >= 0); + dummy_server_init(s, data, size); + process_audit_string(s, 0, s->buffer, size); return 0; } diff --git a/src/journal/fuzz-journald-kmsg.c b/src/journal/fuzz-journald-kmsg.c index 104a9b3..1a19f50 100644 --- a/src/journal/fuzz-journald-kmsg.c +++ b/src/journal/fuzz-journald-kmsg.c @@ -5,16 +5,16 @@ #include "journald-kmsg.h" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - Server s; + _cleanup_(server_freep) Server *s = NULL; if (size == 0) return 0; fuzz_setup_logging(); - dummy_server_init(&s, data, size); - dev_kmsg_record(&s, s.buffer, size); - server_done(&s); + assert_se(server_new(&s) >= 0); + dummy_server_init(s, data, size); + dev_kmsg_record(s, s->buffer, size); return 0; } diff --git a/src/journal/fuzz-journald-native-fd.c b/src/journal/fuzz-journald-native-fd.c index 110eb7f..07a8eb5 100644 --- a/src/journal/fuzz-journald-native-fd.c +++ b/src/journal/fuzz-journald-native-fd.c @@ -10,7 +10,7 @@ #include "tmpfile-util.h" int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - Server s; + _cleanup_(server_freep) Server *s = NULL; _cleanup_close_ int sealed_fd = -EBADF, unsealed_fd = -EBADF; _cleanup_(unlink_tempfilep) char name[] = "/tmp/fuzz-journald-native-fd.XXXXXX"; char *label = NULL; @@ -20,7 +20,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { fuzz_setup_logging(); - dummy_server_init(&s, NULL, 0); + assert_se(server_new(&s) >= 0); + dummy_server_init(s, NULL, 0); sealed_fd = memfd_new_and_seal(NULL, data, size); assert_se(sealed_fd >= 0); @@ -29,15 +30,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { .uid = geteuid(), .gid = getegid(), }; - server_process_native_file(&s, sealed_fd, &ucred, tv, label, label_len); + (void) server_process_native_file(s, sealed_fd, &ucred, tv, label, label_len); unsealed_fd = mkostemp_safe(name); assert_se(unsealed_fd >= 0); assert_se(write(unsealed_fd, data, size) == (ssize_t) size); assert_se(lseek(unsealed_fd, 0, SEEK_SET) == 0); - server_process_native_file(&s, unsealed_fd, &ucred, tv, label, label_len); - - server_done(&s); + (void) server_process_native_file(s, unsealed_fd, &ucred, tv, label, label_len); return 0; } diff --git a/src/journal/fuzz-journald-stream.c b/src/journal/fuzz-journald-stream.c index 6b2055f..3ad9e20 100644 --- a/src/journal/fuzz-journald-stream.c +++ b/src/journal/fuzz-journald-stream.c @@ -9,12 +9,11 @@ #include "fuzz-journald.h" #include "journald-stream.h" -static int stream_fds[2] = EBADF_PAIR; - int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { - Server s; + _cleanup_close_pair_ int stream_fds[2] = EBADF_PAIR; + _cleanup_(server_freep) Server *s = NULL; StdoutStream *stream; - int v; + int v, fd0; if (outside_size_range(size, 1, 65536)) return 0; @@ -22,15 +21,18 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) { fuzz_setup_logging(); assert_se(socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0, stream_fds) >= 0); - dummy_server_init(&s, NULL, 0); - assert_se(stdout_stream_install(&s, stream_fds[0], &stream) >= 0); + assert_se(server_new(&s) >= 0); + dummy_server_init(s, NULL, 0); + + assert_se(stdout_stream_install(s, stream_fds[0], &stream) >= 0); + fd0 = TAKE_FD(stream_fds[0]); /* avoid double close */ + assert_se(write(stream_fds[1], data, size) == (ssize_t) size); - while (ioctl(stream_fds[0], SIOCINQ, &v) == 0 && v) - sd_event_run(s.event, UINT64_MAX); - if (s.n_stdout_streams) + while (ioctl(fd0, SIOCINQ, &v) == 0 && v) + sd_event_run(s->event, UINT64_MAX); + + if (s->n_stdout_streams > 0) stdout_stream_destroy(stream); - server_done(&s); - stream_fds[1] = safe_close(stream_fds[1]); return 0; } diff --git a/src/journal/fuzz-journald.c b/src/journal/fuzz-journald.c index c96fad5..8317783 100644 --- a/src/journal/fuzz-journald.c +++ b/src/journal/fuzz-journald.c @@ -6,17 +6,9 @@ #include "sd-event.h" void dummy_server_init(Server *s, const uint8_t *buffer, size_t size) { - *s = (Server) { - .syslog_fd = -EBADF, - .native_fd = -EBADF, - .stdout_fd = -EBADF, - .dev_kmsg_fd = -EBADF, - .audit_fd = -EBADF, - .hostname_fd = -EBADF, - .notify_fd = -EBADF, - .storage = STORAGE_NONE, - .line_max = 64, - }; + assert(s); + + s->storage = STORAGE_NONE; assert_se(sd_event_default(&s->event) >= 0); if (buffer) { @@ -30,7 +22,8 @@ void fuzz_journald_processing_function( size_t size, void (*f)(Server *s, const char *buf, size_t raw_len, const struct ucred *ucred, const struct timeval *tv, const char *label, size_t label_len) ) { - Server s; + + _cleanup_(server_freep) Server *s = NULL; char *label = NULL; size_t label_len = 0; struct ucred *ucred = NULL; @@ -39,7 +32,7 @@ void fuzz_journald_processing_function( if (size == 0) return; - dummy_server_init(&s, data, size); - (*f)(&s, s.buffer, size, ucred, tv, label, label_len); - server_done(&s); + assert_se(server_new(&s) >= 0); + dummy_server_init(s, data, size); + (*f)(s, s->buffer, size, ucred, tv, label, label_len); } diff --git a/src/journal/journalctl-authenticate.c b/src/journal/journalctl-authenticate.c new file mode 100644 index 0000000..10630f5 --- /dev/null +++ b/src/journal/journalctl-authenticate.c @@ -0,0 +1,207 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "chattr-util.h" +#include "errno-util.h" +#include "fd-util.h" +#include "fs-util.h" +#include "fsprg.h" +#include "hostname-util.h" +#include "io-util.h" +#include "journal-authenticate.h" +#include "journalctl.h" +#include "journalctl-authenticate.h" +#include "memstream-util.h" +#include "path-util.h" +#include "qrcode-util.h" +#include "random-util.h" +#include "stat-util.h" +#include "terminal-util.h" +#include "tmpfile-util.h" + +static int format_key( + const void *seed, + size_t seed_size, + uint64_t start, + uint64_t interval, + char **ret) { + + _cleanup_(memstream_done) MemStream m = {}; + FILE *f; + + assert(seed); + assert(seed_size > 0); + assert(ret); + + f = memstream_init(&m); + if (!f) + return -ENOMEM; + + for (size_t i = 0; i < seed_size; i++) { + if (i > 0 && i % 3 == 0) + fputc('-', f); + fprintf(f, "%02x", ((uint8_t*) seed)[i]); + } + + fprintf(f, "/%"PRIx64"-%"PRIx64, start, interval); + + return memstream_finalize(&m, ret, NULL); +} + +int action_setup_keys(void) { + _cleanup_(unlink_and_freep) char *tmpfile = NULL; + _cleanup_close_ int fd = -EBADF; + _cleanup_free_ char *path = NULL; + size_t mpk_size, seed_size, state_size; + uint8_t *mpk, *seed, *state; + sd_id128_t machine, boot; + uint64_t n; + int r; + + assert(arg_action == ACTION_SETUP_KEYS); + + r = is_dir("/var/log/journal/", /* follow = */ false); + if (r == 0) + return log_error_errno(SYNTHETIC_ERRNO(ENOTDIR), + "/var/log/journal is not a directory, must be using persistent logging for FSS."); + if (r == -ENOENT) + return log_error_errno(r, "Directory /var/log/journal/ does not exist, must be using persistent logging for FSS."); + if (r < 0) + return log_error_errno(r, "Failed to check if /var/log/journal/ is a directory: %m"); + + r = sd_id128_get_machine(&machine); + if (r < 0) + return log_error_errno(r, "Failed to get machine ID: %m"); + + r = sd_id128_get_boot(&boot); + if (r < 0) + return log_error_errno(r, "Failed to get boot ID: %m"); + + path = path_join("/var/log/journal/", SD_ID128_TO_STRING(machine), "/fss"); + if (!path) + return log_oom(); + + if (arg_force) { + if (unlink(path) < 0 && errno != ENOENT) + return log_error_errno(errno, "Failed to remove \"%s\": %m", path); + } else if (access(path, F_OK) >= 0) + return log_error_errno(SYNTHETIC_ERRNO(EEXIST), + "Sealing key file %s exists already. Use --force to recreate.", path); + + mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR); + mpk = alloca_safe(mpk_size); + + seed_size = FSPRG_RECOMMENDED_SEEDLEN; + seed = alloca_safe(seed_size); + + state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR); + state = alloca_safe(state_size); + + log_info("Generating seed..."); + r = crypto_random_bytes(seed, seed_size); + if (r < 0) + return log_error_errno(r, "Failed to acquire random seed: %m"); + + log_info("Generating key pair..."); + r = FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR); + if (r < 0) + return log_error_errno(r, "Failed to generate key pair: %m"); + + log_info("Generating sealing key..."); + r = FSPRG_GenState0(state, mpk, seed, seed_size); + if (r < 0) + return log_error_errno(r, "Failed to generate sealing key: %m"); + + assert(arg_interval > 0); + n = now(CLOCK_REALTIME); + n /= arg_interval; + + fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmpfile); + if (fd < 0) + return log_error_errno(fd, "Failed to open a temporary file for %s: %m", path); + + r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS); + if (r < 0) + log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING, + r, "Failed to set file attributes on a temporary file for '%s', ignoring: %m", path); + + struct FSSHeader h = { + .signature = { 'K', 'S', 'H', 'H', 'R', 'H', 'L', 'P' }, + .machine_id = machine, + .boot_id = boot, + .header_size = htole64(sizeof(h)), + .start_usec = htole64(n * arg_interval), + .interval_usec = htole64(arg_interval), + .fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR), + .fsprg_state_size = htole64(state_size), + }; + + r = loop_write(fd, &h, sizeof(h)); + if (r < 0) + return log_error_errno(r, "Failed to write header: %m"); + + r = loop_write(fd, state, state_size); + if (r < 0) + return log_error_errno(r, "Failed to write state: %m"); + + r = link_tmpfile(fd, tmpfile, path, /* flags = */ 0); + if (r < 0) + return log_error_errno(r, "Failed to link file: %m"); + + tmpfile = mfree(tmpfile); + + _cleanup_free_ char *key = NULL; + r = format_key(seed, seed_size, n, arg_interval, &key); + if (r < 0) + return r; + + if (!on_tty()) { + /* If we are not on a TTY, show only the key. */ + puts(key); + return 0; + } + + _cleanup_free_ char *hn = NULL; + hn = gethostname_malloc(); + if (hn) + hostname_cleanup(hn); + + fprintf(stderr, + "\nNew keys have been generated for host %s%s" SD_ID128_FORMAT_STR ".\n" + "\n" + "The %ssecret sealing key%s has been written to the following local file.\n" + "This key file is automatically updated when the sealing key is advanced.\n" + "It should not be used on multiple hosts.\n" + "\n" + "\t%s\n" + "\n" + "The sealing key is automatically changed every %s.\n" + "\n" + "Please write down the following %ssecret verification key%s. It should be stored\n" + "in a safe location and should not be saved locally on disk.\n" + "\n\t%s", + strempty(hn), hn ? "/" : "", + SD_ID128_FORMAT_VAL(machine), + ansi_highlight(), ansi_normal(), + path, + FORMAT_TIMESPAN(arg_interval, 0), + ansi_highlight(), ansi_normal(), + ansi_highlight_red()); + fflush(stderr); + + puts(key); + + fputs(ansi_normal(), stderr); + +#if HAVE_QRENCODE + _cleanup_free_ char *url = NULL; + url = strjoin("fss://", key, "?machine=", SD_ID128_TO_STRING(machine), hn ? ";hostname=" : "", hn); + if (!url) + return log_oom(); + + (void) print_qrcode(stderr, + "To transfer the verification key to your phone scan the QR code below", + url); +#endif + + return 0; +} diff --git a/src/journal/journalctl-authenticate.h b/src/journal/journalctl-authenticate.h new file mode 100644 index 0000000..2a8ebd5 --- /dev/null +++ b/src/journal/journalctl-authenticate.h @@ -0,0 +1,16 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#if HAVE_GCRYPT + +int action_setup_keys(void); + +#else + +#include "log.h" + +static inline int action_setup_keys(void) { + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Forward-secure sealing not available."); +} + +#endif diff --git a/src/journal/journalctl-catalog.c b/src/journal/journalctl-catalog.c new file mode 100644 index 0000000..116e152 --- /dev/null +++ b/src/journal/journalctl-catalog.c @@ -0,0 +1,51 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "catalog.h" +#include "journalctl.h" +#include "journalctl-catalog.h" +#include "path-util.h" + +int action_update_catalog(void) { + _cleanup_free_ char *database = NULL; + const char *e; + int r; + + assert(arg_action == ACTION_UPDATE_CATALOG); + + database = path_join(arg_root, secure_getenv("SYSTEMD_CATALOG") ?: CATALOG_DATABASE); + if (!database) + return log_oom(); + + e = secure_getenv("SYSTEMD_CATALOG_SOURCES"); + r = catalog_update(database, + arg_root, + e ? STRV_MAKE_CONST(e) : catalog_file_dirs); + if (r < 0) + return log_error_errno(r, "Failed to update catalog: %m"); + + return 0; +} + +int action_list_catalog(char **items) { + _cleanup_free_ char *database = NULL; + int r; + + assert(IN_SET(arg_action, ACTION_LIST_CATALOG, ACTION_DUMP_CATALOG)); + + database = path_join(arg_root, secure_getenv("SYSTEMD_CATALOG") ?: CATALOG_DATABASE); + if (!database) + return log_oom(); + + bool oneline = arg_action == ACTION_LIST_CATALOG; + + pager_open(arg_pager_flags); + + if (items) + r = catalog_list_items(stdout, database, oneline, items); + else + r = catalog_list(stdout, database, oneline); + if (r < 0) + return log_error_errno(r, "Failed to list catalog: %m"); + + return 0; +} diff --git a/src/journal/journalctl-catalog.h b/src/journal/journalctl-catalog.h new file mode 100644 index 0000000..d52bdd4 --- /dev/null +++ b/src/journal/journalctl-catalog.h @@ -0,0 +1,5 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +int action_update_catalog(void); +int action_list_catalog(char **items); diff --git a/src/journal/journalctl-filter.c b/src/journal/journalctl-filter.c new file mode 100644 index 0000000..f9eb9f8 --- /dev/null +++ b/src/journal/journalctl-filter.c @@ -0,0 +1,484 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "sd-device.h" + +#include "chase.h" +#include "devnum-util.h" +#include "fileio.h" +#include "glob-util.h" +#include "journal-internal.h" +#include "journalctl.h" +#include "journalctl-filter.h" +#include "journalctl-util.h" +#include "logs-show.h" +#include "missing_sched.h" +#include "nulstr-util.h" +#include "path-util.h" +#include "unit-name.h" + +static int add_boot(sd_journal *j) { + int r; + + assert(j); + + if (!arg_boot) + return 0; + + assert(!sd_id128_is_null(arg_boot_id)); + + r = add_match_boot_id(j, arg_boot_id); + if (r < 0) + return r; + + return sd_journal_add_conjunction(j); +} + +static int add_dmesg(sd_journal *j) { + int r; + + assert(j); + + if (!arg_dmesg) + return 0; + + r = sd_journal_add_match(j, "_TRANSPORT=kernel", SIZE_MAX); + if (r < 0) + return r; + + return sd_journal_add_conjunction(j); +} + +static int get_possible_units( + sd_journal *j, + const char *fields, + char **patterns, + Set **ret) { + + _cleanup_set_free_ Set *found = NULL; + int r; + + assert(j); + assert(fields); + assert(ret); + + NULSTR_FOREACH(field, fields) { + const void *data; + size_t size; + + r = sd_journal_query_unique(j, field); + if (r < 0) + return r; + + SD_JOURNAL_FOREACH_UNIQUE(j, data, size) { + _cleanup_free_ char *u = NULL; + char *eq; + + eq = memchr(data, '=', size); + if (eq) { + size -= eq - (char*) data + 1; + data = ++eq; + } + + u = strndup(data, size); + if (!u) + return -ENOMEM; + + size_t i; + if (!strv_fnmatch_full(patterns, u, FNM_NOESCAPE, &i)) + continue; + + log_debug("Matched %s with pattern %s=%s", u, field, patterns[i]); + r = set_ensure_consume(&found, &string_hash_ops_free, TAKE_PTR(u)); + if (r < 0) + return r; + } + } + + *ret = TAKE_PTR(found); + return 0; +} + +/* This list is supposed to return the superset of unit names + * possibly matched by rules added with add_matches_for_unit... */ +#define SYSTEM_UNITS \ + "_SYSTEMD_UNIT\0" \ + "COREDUMP_UNIT\0" \ + "UNIT\0" \ + "OBJECT_SYSTEMD_UNIT\0" \ + "_SYSTEMD_SLICE\0" + +/* ... and add_matches_for_user_unit */ +#define USER_UNITS \ + "_SYSTEMD_USER_UNIT\0" \ + "USER_UNIT\0" \ + "COREDUMP_USER_UNIT\0" \ + "OBJECT_SYSTEMD_USER_UNIT\0" \ + "_SYSTEMD_USER_SLICE\0" + +static int add_units(sd_journal *j) { + _cleanup_strv_free_ char **patterns = NULL; + bool added = false; + int r; + + assert(j); + + if (strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) + return 0; + + STRV_FOREACH(i, arg_system_units) { + _cleanup_free_ char *u = NULL; + + r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u); + if (r < 0) + return r; + + if (string_is_glob(u)) { + r = strv_consume(&patterns, TAKE_PTR(u)); + if (r < 0) + return r; + } else { + r = add_matches_for_unit(j, u); + if (r < 0) + return r; + r = sd_journal_add_disjunction(j); + if (r < 0) + return r; + added = true; + } + } + + if (!strv_isempty(patterns)) { + _cleanup_set_free_ Set *units = NULL; + char *u; + + r = get_possible_units(j, SYSTEM_UNITS, patterns, &units); + if (r < 0) + return r; + + SET_FOREACH(u, units) { + r = add_matches_for_unit(j, u); + if (r < 0) + return r; + r = sd_journal_add_disjunction(j); + if (r < 0) + return r; + added = true; + } + } + + patterns = strv_free(patterns); + + STRV_FOREACH(i, arg_user_units) { + _cleanup_free_ char *u = NULL; + + r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u); + if (r < 0) + return r; + + if (string_is_glob(u)) { + r = strv_consume(&patterns, TAKE_PTR(u)); + if (r < 0) + return r; + } else { + r = add_matches_for_user_unit(j, u); + if (r < 0) + return r; + r = sd_journal_add_disjunction(j); + if (r < 0) + return r; + added = true; + } + } + + if (!strv_isempty(patterns)) { + _cleanup_set_free_ Set *units = NULL; + char *u; + + r = get_possible_units(j, USER_UNITS, patterns, &units); + if (r < 0) + return r; + + SET_FOREACH(u, units) { + r = add_matches_for_user_unit(j, u); + if (r < 0) + return r; + r = sd_journal_add_disjunction(j); + if (r < 0) + return r; + added = true; + } + } + + /* Complain if the user request matches but nothing whatsoever was found, since otherwise everything + * would be matched. */ + if (!added) + return -ENODATA; + + return sd_journal_add_conjunction(j); +} + +static int add_syslog_identifier(sd_journal *j) { + int r; + + assert(j); + + if (strv_isempty(arg_syslog_identifier)) + return 0; + + STRV_FOREACH(i, arg_syslog_identifier) { + r = journal_add_match_pair(j, "SYSLOG_IDENTIFIER", *i); + if (r < 0) + return r; + r = sd_journal_add_disjunction(j); + if (r < 0) + return r; + } + + return sd_journal_add_conjunction(j); +} + +static int add_exclude_identifier(sd_journal *j) { + _cleanup_set_free_ Set *excludes = NULL; + int r; + + assert(j); + + r = set_put_strdupv(&excludes, arg_exclude_identifier); + if (r < 0) + return r; + + return set_free_and_replace(j->exclude_syslog_identifiers, excludes); +} + +static int add_priorities(sd_journal *j) { + int r; + + assert(j); + + if (arg_priorities == 0) + return 0; + + for (int i = LOG_EMERG; i <= LOG_DEBUG; i++) + if (arg_priorities & (1 << i)) { + r = journal_add_matchf(j, "PRIORITY=%d", i); + if (r < 0) + return r; + } + + return sd_journal_add_conjunction(j); +} + +static int add_facilities(sd_journal *j) { + int r; + + assert(j); + + if (set_isempty(arg_facilities)) + return 0; + + void *p; + SET_FOREACH(p, arg_facilities) { + r = journal_add_matchf(j, "SYSLOG_FACILITY=%d", PTR_TO_INT(p)); + if (r < 0) + return r; + } + + return sd_journal_add_conjunction(j); +} + +static int add_matches_for_executable(sd_journal *j, const char *path) { + _cleanup_free_ char *interpreter = NULL; + int r; + + assert(j); + assert(path); + + if (executable_is_script(path, &interpreter) > 0) { + _cleanup_free_ char *comm = NULL; + + r = path_extract_filename(path, &comm); + if (r < 0) + return log_error_errno(r, "Failed to extract filename of '%s': %m", path); + + r = journal_add_match_pair(j, "_COMM", strshorten(comm, TASK_COMM_LEN-1)); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + /* Append _EXE only if the interpreter is not a link. Otherwise, it might be outdated often. */ + path = is_symlink(interpreter) > 0 ? interpreter : NULL; + } + + if (path) { + r = journal_add_match_pair(j, "_EXE", path); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + } + + return 0; +} + +static int add_matches_for_device(sd_journal *j, const char *devpath) { + _cleanup_(sd_device_unrefp) sd_device *device = NULL; + int r; + + assert(j); + assert(devpath); + + r = sd_device_new_from_devname(&device, devpath); + if (r < 0) + return log_error_errno(r, "Failed to get device '%s': %m", devpath); + + for (sd_device *d = device; d; ) { + const char *subsys, *sysname; + + r = sd_device_get_subsystem(d, &subsys); + if (r < 0) + goto get_parent; + + r = sd_device_get_sysname(d, &sysname); + if (r < 0) + goto get_parent; + + r = journal_add_matchf(j, "_KERNEL_DEVICE=+%s:%s", subsys, sysname); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + dev_t devnum; + if (sd_device_get_devnum(d, &devnum) >= 0) { + r = journal_add_matchf(j, "_KERNEL_DEVICE=%c" DEVNUM_FORMAT_STR, + streq(subsys, "block") ? 'b' : 'c', + DEVNUM_FORMAT_VAL(devnum)); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + } + +get_parent: + if (sd_device_get_parent(d, &d) < 0) + break; + } + + return add_match_boot_id(j, SD_ID128_NULL); +} + +static int add_matches_for_path(sd_journal *j, const char *path) { + _cleanup_free_ char *p = NULL; + struct stat st; + int r; + + assert(j); + assert(path); + + if (arg_root || arg_machine) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "An extra path in match filter is currently not supported with --root, --image, or -M/--machine."); + + r = chase_and_stat(path, NULL, 0, &p, &st); + if (r < 0) + return log_error_errno(r, "Couldn't canonicalize path '%s': %m", path); + + if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) + return add_matches_for_executable(j, p); + + if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) + return add_matches_for_device(j, p); + + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "File is neither a device node nor executable: %s", p); +} + +static int add_matches(sd_journal *j, char **args) { + bool have_term = false; + int r; + + assert(j); + + if (strv_isempty(args)) + return 0; + + STRV_FOREACH(i, args) + if (streq(*i, "+")) { + if (!have_term) + break; + + r = sd_journal_add_disjunction(j); + if (r < 0) + return log_error_errno(r, "Failed to add disjunction: %m"); + + have_term = false; + + } else if (path_is_absolute(*i)) { + r = add_matches_for_path(j, *i); + if (r < 0) + return r; + have_term = true; + + } else { + r = sd_journal_add_match(j, *i, SIZE_MAX); + if (r < 0) + return log_error_errno(r, "Failed to add match '%s': %m", *i); + have_term = true; + } + + if (!have_term) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "\"+\" can only be used between terms."); + + return 0; +} + +int add_filters(sd_journal *j, char **matches) { + int r; + + assert(j); + + /* First, search boot ID, as that may set and flush matches and seek journal. */ + r = journal_acquire_boot(j); + if (r < 0) + return r; + + /* Clear unexpected matches for safety. */ + sd_journal_flush_matches(j); + + /* Then, add filters in the below. */ + r = add_boot(j); + if (r < 0) + return log_error_errno(r, "Failed to add filter for boot: %m"); + + r = add_dmesg(j); + if (r < 0) + return log_error_errno(r, "Failed to add filter for dmesg: %m"); + + r = add_units(j); + if (r < 0) + return log_error_errno(r, "Failed to add filter for units: %m"); + + r = add_syslog_identifier(j); + if (r < 0) + return log_error_errno(r, "Failed to add filter for syslog identifiers: %m"); + + r = add_exclude_identifier(j); + if (r < 0) + return log_error_errno(r, "Failed to add exclude filter for syslog identifiers: %m"); + + r = add_priorities(j); + if (r < 0) + return log_error_errno(r, "Failed to add filter for priorities: %m"); + + r = add_facilities(j); + if (r < 0) + return log_error_errno(r, "Failed to add filter for facilities: %m"); + + r = add_matches(j, matches); + if (r < 0) + return r; + + if (DEBUG_LOGGING) { + _cleanup_free_ char *filter = NULL; + + filter = journal_make_match_string(j); + if (!filter) + return log_oom(); + + log_debug("Journal filter: %s", filter); + } + + return 0; +} diff --git a/src/journal/journalctl-filter.h b/src/journal/journalctl-filter.h new file mode 100644 index 0000000..c752c0c --- /dev/null +++ b/src/journal/journalctl-filter.h @@ -0,0 +1,6 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "sd-journal.h" + +int add_filters(sd_journal *j, char **matches); diff --git a/src/journal/journalctl-misc.c b/src/journal/journalctl-misc.c new file mode 100644 index 0000000..8ca6ea2 --- /dev/null +++ b/src/journal/journalctl-misc.c @@ -0,0 +1,298 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "dirent-util.h" +#include "fd-util.h" +#include "format-table.h" +#include "format-util.h" +#include "journal-internal.h" +#include "journal-verify.h" +#include "journalctl.h" +#include "journalctl-misc.h" +#include "journalctl-util.h" +#include "logs-show.h" +#include "syslog-util.h" + +int action_print_header(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + int r; + + assert(arg_action == ACTION_PRINT_HEADER); + + r = acquire_journal(&j); + if (r < 0) + return r; + + journal_print_header(j); + return 0; +} + +int action_verify(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + int r; + + assert(arg_action == ACTION_VERIFY); + + r = acquire_journal(&j); + if (r < 0) + return r; + + log_show_color(true); + + JournalFile *f; + ORDERED_HASHMAP_FOREACH(f, j->files) { + int k; + usec_t first = 0, validated = 0, last = 0; + +#if HAVE_GCRYPT + if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) + log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path); +#endif + + k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, /* show_progress = */ !arg_quiet); + if (k == -EINVAL) + /* If the key was invalid give up right-away. */ + return k; + if (k < 0) + r = log_warning_errno(k, "FAIL: %s (%m)", f->path); + else { + char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX]; + log_full(arg_quiet ? LOG_DEBUG : LOG_INFO, "PASS: %s", f->path); + + if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) { + if (validated > 0) { + log_full(arg_quiet ? LOG_DEBUG : LOG_INFO, + "=> Validated from %s to %s, final %s entries not sealed.", + format_timestamp_maybe_utc(a, sizeof(a), first), + format_timestamp_maybe_utc(b, sizeof(b), validated), + FORMAT_TIMESPAN(last > validated ? last - validated : 0, 0)); + } else if (last > 0) + log_full(arg_quiet ? LOG_DEBUG : LOG_INFO, + "=> No sealing yet, %s of entries not sealed.", + FORMAT_TIMESPAN(last - first, 0)); + else + log_full(arg_quiet ? LOG_DEBUG : LOG_INFO, + "=> No sealing yet, no entries in file."); + } + } + } + + return r; +} + +int action_disk_usage(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + uint64_t bytes = 0; + int r; + + assert(arg_action == ACTION_DISK_USAGE); + + r = acquire_journal(&j); + if (r < 0) + return r; + + r = sd_journal_get_usage(j, &bytes); + if (r < 0) + return log_error_errno(r, "Failed to get disk usage: %m"); + + printf("Archived and active journals take up %s in the file system.\n", FORMAT_BYTES(bytes)); + return 0; +} + +int action_list_boots(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + _cleanup_(table_unrefp) Table *table = NULL; + _cleanup_free_ BootId *boots = NULL; + size_t n_boots; + int r; + + assert(arg_action == ACTION_LIST_BOOTS); + + r = acquire_journal(&j); + if (r < 0) + return r; + + r = journal_get_boots( + j, + /* advance_older = */ arg_lines_needs_seek_end(), + /* max_ids = */ arg_lines >= 0 ? (size_t) arg_lines : SIZE_MAX, + &boots, &n_boots); + if (r < 0) + return log_error_errno(r, "Failed to determine boots: %m"); + if (r == 0) + return log_full_errno(arg_quiet ? LOG_DEBUG : LOG_ERR, SYNTHETIC_ERRNO(ENODATA), + "No boot found."); + + table = table_new("idx", "boot id", "first entry", "last entry"); + if (!table) + return log_oom(); + + if (arg_full) + table_set_width(table, 0); + + r = table_set_json_field_name(table, 0, "index"); + if (r < 0) + return log_error_errno(r, "Failed to set JSON field name of column 0: %m"); + + (void) table_set_sort(table, (size_t) 0); + (void) table_set_reverse(table, 0, arg_reverse); + + for (int i = 0; i < (int) n_boots; i++) { + int index; + + if (arg_lines_needs_seek_end()) + /* With --lines=N, we only know the negative index, and the older ID is located earlier. */ + index = -i; + else if (arg_lines >= 0) + /* With --lines=+N, we only know the positive index, and the newer ID is located earlier. */ + index = i + 1; + else + /* Otherwise, show negative index. Note, in this case, newer ID is located earlier. */ + index = i + 1 - (int) n_boots; + + r = table_add_many(table, + TABLE_INT, index, + TABLE_SET_ALIGN_PERCENT, 100, + TABLE_ID128, boots[i].id, + TABLE_TIMESTAMP, boots[i].first_usec, + TABLE_TIMESTAMP, boots[i].last_usec); + if (r < 0) + return table_log_add_error(r); + } + + r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, !arg_quiet); + if (r < 0) + return table_log_print_error(r); + + return 0; +} + +int action_list_fields(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + int r, n_shown = 0; + + assert(arg_action == ACTION_LIST_FIELDS); + assert(arg_field); + + r = acquire_journal(&j); + if (r < 0) + return r; + + if (!journal_boot_has_effect(j)) + return 0; + + r = sd_journal_set_data_threshold(j, 0); + if (r < 0) + return log_error_errno(r, "Failed to unset data size threshold: %m"); + + r = sd_journal_query_unique(j, arg_field); + if (r < 0) + return log_error_errno(r, "Failed to query unique data objects: %m"); + + const void *data; + size_t size; + SD_JOURNAL_FOREACH_UNIQUE(j, data, size) { + const void *eq; + + if (arg_lines >= 0 && n_shown >= arg_lines) + break; + + eq = memchr(data, '=', size); + if (eq) + printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1); + else + printf("%.*s\n", (int) size, (const char*) data); + + n_shown++; + } + + return 0; +} + +int action_list_field_names(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + int r; + + assert(arg_action == ACTION_LIST_FIELD_NAMES); + + r = acquire_journal(&j); + if (r < 0) + return r; + + const char *field; + SD_JOURNAL_FOREACH_FIELD(j, field) + printf("%s\n", field); + + return 0; +} + +int action_list_namespaces(void) { + _cleanup_(table_unrefp) Table *table = NULL; + sd_id128_t machine; + int r; + + assert(arg_action == ACTION_LIST_NAMESPACES); + + r = sd_id128_get_machine(&machine); + if (r < 0) + return log_error_errno(r, "Failed to get machine ID: %m"); + + table = table_new("namespace"); + if (!table) + return log_oom(); + + (void) table_set_sort(table, (size_t) 0); + + FOREACH_STRING(dir, "/var/log/journal", "/run/log/journal") { + _cleanup_free_ char *path = NULL; + _cleanup_closedir_ DIR *dirp = NULL; + + path = path_join(arg_root, dir); + if (!path) + return log_oom(); + + dirp = opendir(path); + if (!dirp) { + log_debug_errno(errno, "Failed to open directory %s, ignoring: %m", path); + continue; + } + + FOREACH_DIRENT(de, dirp, return log_error_errno(errno, "Failed to iterate through %s: %m", path)) { + + const char *e = strchr(de->d_name, '.'); + if (!e) + continue; + + _cleanup_free_ char *ids = strndup(de->d_name, e - de->d_name); + if (!ids) + return log_oom(); + + sd_id128_t id; + r = sd_id128_from_string(ids, &id); + if (r < 0) + continue; + + if (!sd_id128_equal(machine, id)) + continue; + + e++; + + if (!log_namespace_name_valid(e)) + continue; + + r = table_add_cell(table, NULL, TABLE_STRING, e); + if (r < 0) + return table_log_add_error(r); + } + } + + if (table_isempty(table) && FLAGS_SET(arg_json_format_flags, JSON_FORMAT_OFF)) { + if (!arg_quiet) + log_notice("No namespaces found."); + } else { + r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, !arg_quiet); + if (r < 0) + return r; + } + + return 0; +} diff --git a/src/journal/journalctl-misc.h b/src/journal/journalctl-misc.h new file mode 100644 index 0000000..70f851b --- /dev/null +++ b/src/journal/journalctl-misc.h @@ -0,0 +1,12 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include <stdbool.h> + +int action_print_header(void); +int action_verify(void); +int action_disk_usage(void); +int action_list_boots(void); +int action_list_fields(void); +int action_list_field_names(void); +int action_list_namespaces(void); diff --git a/src/journal/journalctl-show.c b/src/journal/journalctl-show.c new file mode 100644 index 0000000..e8ffc72 --- /dev/null +++ b/src/journal/journalctl-show.c @@ -0,0 +1,477 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <unistd.h> + +#include "sd-event.h" + +#include "fileio.h" +#include "journalctl.h" +#include "journalctl-filter.h" +#include "journalctl-show.h" +#include "journalctl-util.h" +#include "logs-show.h" +#include "terminal-util.h" + +#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1024 messages processed */ + +typedef struct Context { + sd_journal *journal; + bool has_cursor; + bool need_seek; + bool since_seeked; + bool ellipsized; + bool previous_boot_id_valid; + sd_id128_t previous_boot_id; + sd_id128_t previous_boot_id_output; + dual_timestamp previous_ts_output; +} Context; + +static void context_done(Context *c) { + assert(c); + + sd_journal_close(c->journal); +} + +static int seek_journal(Context *c) { + sd_journal *j = ASSERT_PTR(ASSERT_PTR(c)->journal); + _cleanup_free_ char *cursor_from_file = NULL; + const char *cursor = NULL; + bool after_cursor = false; + int r; + + if (arg_cursor || arg_after_cursor) { + assert(!!arg_cursor != !!arg_after_cursor); + + cursor = arg_cursor ?: arg_after_cursor; + after_cursor = arg_after_cursor; + + } else if (arg_cursor_file) { + r = read_one_line_file(arg_cursor_file, &cursor_from_file); + if (r < 0 && r != -ENOENT) + return log_error_errno(r, "Failed to read cursor file %s: %m", arg_cursor_file); + if (r > 0) { + cursor = cursor_from_file; + after_cursor = true; + } + } + + if (cursor) { + c->has_cursor = true; + + r = sd_journal_seek_cursor(j, cursor); + if (r < 0) + return log_error_errno(r, "Failed to seek to cursor: %m"); + + r = sd_journal_step_one(j, !arg_reverse); + if (r < 0) + return log_error_errno(r, "Failed to iterate through journal: %m"); + + if (after_cursor && r > 0) { + /* With --after-cursor=/--cursor-file= we want to skip the first entry only if it's + * the entry the cursor is pointing at, otherwise, if some journal filters are used, + * we might skip the first entry of the filter match, which leads to unexpectedly + * missing journal entries. */ + int k; + + k = sd_journal_test_cursor(j, cursor); + if (k < 0) + return log_error_errno(k, "Failed to test cursor against current entry: %m"); + if (k > 0) + /* Current entry matches the one our cursor is pointing at, so let's try + * to advance the next entry. */ + r = sd_journal_step_one(j, !arg_reverse); + } + + if (r == 0 && !arg_follow) + /* We couldn't find the next entry after the cursor. */ + arg_lines = 0; + + } else if (arg_reverse || arg_lines_needs_seek_end()) { + /* If --reverse and/or --lines=N are specified, things get a little tricky. First we seek to + * the place of --until if specified, otherwise seek to tail. Then, if --reverse is + * specified, we search backwards and let the output counter in show() handle --lines for us. + * If --reverse is unspecified, we just jump backwards arg_lines and search afterwards from + * there. */ + + if (arg_until_set) { + r = sd_journal_seek_realtime_usec(j, arg_until); + if (r < 0) + return log_error_errno(r, "Failed to seek to date: %m"); + } else { + r = sd_journal_seek_tail(j); + if (r < 0) + return log_error_errno(r, "Failed to seek to tail: %m"); + } + + if (arg_reverse) + r = sd_journal_previous(j); + else /* arg_lines_needs_seek_end */ + r = sd_journal_previous_skip(j, arg_lines); + + } else if (arg_since_set) { + /* This is placed after arg_reverse and arg_lines. If --since is used without + * both, we seek to the place of --since and search afterwards from there. + * If used with --reverse or --lines, we seek to the tail first and check if + * the entry is within the range of --since later. */ + + r = sd_journal_seek_realtime_usec(j, arg_since); + if (r < 0) + return log_error_errno(r, "Failed to seek to date: %m"); + c->since_seeked = true; + + r = sd_journal_next(j); + + } else { + r = sd_journal_seek_head(j); + if (r < 0) + return log_error_errno(r, "Failed to seek to head: %m"); + + r = sd_journal_next(j); + } + if (r < 0) + return log_error_errno(r, "Failed to iterate through journal: %m"); + if (r == 0) + c->need_seek = true; + + return 0; +} + +static int show(Context *c) { + sd_journal *j = ASSERT_PTR(ASSERT_PTR(c)->journal); + int r, n_shown = 0; + + OutputFlags flags = + arg_all * OUTPUT_SHOW_ALL | + arg_full * OUTPUT_FULL_WIDTH | + colors_enabled() * OUTPUT_COLOR | + arg_catalog * OUTPUT_CATALOG | + arg_utc * OUTPUT_UTC | + arg_truncate_newline * OUTPUT_TRUNCATE_NEWLINE | + arg_no_hostname * OUTPUT_NO_HOSTNAME; + + while (arg_lines < 0 || n_shown < arg_lines || arg_follow) { + size_t highlight[2] = {}; + + if (c->need_seek) { + r = sd_journal_step_one(j, !arg_reverse); + if (r < 0) + return log_error_errno(r, "Failed to iterate through journal: %m"); + if (r == 0) + break; + } + + if (arg_until_set && !arg_reverse && (arg_lines < 0 || arg_since_set || c->has_cursor)) { + /* If --lines= is set, we usually rely on the n_shown to tell us when to stop. + * However, if --since= or one of the cursor argument is set too, we may end up + * having less than --lines= to output. In this case let's also check if the entry + * is in range. */ + + usec_t usec; + + r = sd_journal_get_realtime_usec(j, &usec); + if (r < 0) + return log_error_errno(r, "Failed to determine timestamp: %m"); + if (usec > arg_until) + break; + } + + if (arg_since_set && (arg_reverse || !c->since_seeked)) { + usec_t usec; + + r = sd_journal_get_realtime_usec(j, &usec); + if (r < 0) + return log_error_errno(r, "Failed to determine timestamp: %m"); + + if (usec < arg_since) { + if (arg_reverse) + break; /* Reached the earliest entry */ + + /* arg_lines >= 0 (!since_seeked): + * We jumped arg_lines back and it seems to be too much */ + r = sd_journal_seek_realtime_usec(j, arg_since); + if (r < 0) + return log_error_errno(r, "Failed to seek to date: %m"); + c->since_seeked = true; + + c->need_seek = true; + continue; + } + c->since_seeked = true; /* We're surely within the range of --since now */ + } + + if (!arg_merge && !arg_quiet) { + sd_id128_t boot_id; + + r = sd_journal_get_monotonic_usec(j, NULL, &boot_id); + if (r >= 0) { + if (c->previous_boot_id_valid && + !sd_id128_equal(boot_id, c->previous_boot_id)) + printf("%s-- Boot "SD_ID128_FORMAT_STR" --%s\n", + ansi_highlight(), SD_ID128_FORMAT_VAL(boot_id), ansi_normal()); + + c->previous_boot_id = boot_id; + c->previous_boot_id_valid = true; + } + } + + if (arg_compiled_pattern) { + const void *message; + size_t len; + + r = sd_journal_get_data(j, "MESSAGE", &message, &len); + if (r < 0) { + if (r == -ENOENT) { + c->need_seek = true; + continue; + } + + return log_error_errno(r, "Failed to get MESSAGE field: %m"); + } + + assert_se(message = startswith(message, "MESSAGE=")); + + r = pattern_matches_and_log(arg_compiled_pattern, message, + len - strlen("MESSAGE="), highlight); + if (r < 0) + return r; + if (r == 0) { + c->need_seek = true; + continue; + } + } + + r = show_journal_entry(stdout, j, arg_output, 0, flags, + arg_output_fields, highlight, &c->ellipsized, + &c->previous_ts_output, &c->previous_boot_id_output); + c->need_seek = true; + if (r == -EADDRNOTAVAIL) + break; + if (r < 0) + return r; + + n_shown++; + + /* If journalctl take a long time to process messages, and during that time journal file + * rotation occurs, a journalctl client will keep those rotated files open until it calls + * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below + * in the "following" case. By periodically calling sd_journal_process() during the processing + * loop we shrink the window of time a client instance has open file descriptors for rotated + * (deleted) journal files. */ + if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) { + r = sd_journal_process(j); + if (r < 0) + return log_error_errno(r, "Failed to process inotify events: %m"); + } + } + + return n_shown; +} + +static int show_and_fflush(Context *c, sd_event_source *s) { + int r; + + assert(c); + assert(s); + + r = show(c); + if (r < 0) + return sd_event_exit(sd_event_source_get_event(s), r); + + fflush(stdout); + return 0; +} + +static int on_journal_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) { + Context *c = ASSERT_PTR(userdata); + int r; + + assert(s); + + r = sd_journal_process(c->journal); + if (r < 0) { + log_error_errno(r, "Failed to process journal events: %m"); + return sd_event_exit(sd_event_source_get_event(s), r); + } + + return show_and_fflush(c, s); +} + +static int on_first_event(sd_event_source *s, void *userdata) { + return show_and_fflush(userdata, s); +} + +static int on_signal(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) { + assert(s); + assert(si); + assert(IN_SET(si->ssi_signo, SIGTERM, SIGINT)); + + return sd_event_exit(sd_event_source_get_event(s), si->ssi_signo); +} + +static int setup_event(Context *c, int fd, sd_event **ret) { + _cleanup_(sd_event_unrefp) sd_event *e = NULL; + int r; + + assert(arg_follow); + assert(c); + assert(fd >= 0); + assert(ret); + + r = sd_event_default(&e); + if (r < 0) + return log_error_errno(r, "Failed to allocate sd_event object: %m"); + + (void) sd_event_add_signal(e, NULL, SIGTERM | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL); + (void) sd_event_add_signal(e, NULL, SIGINT | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL); + + r = sd_event_add_io(e, NULL, fd, EPOLLIN, &on_journal_event, c); + if (r < 0) + return log_error_errno(r, "Failed to add io event source for journal: %m"); + + /* Also keeps an eye on STDOUT, and exits as soon as we see a POLLHUP on that, i.e. when it is closed. */ + r = sd_event_add_io(e, NULL, STDOUT_FILENO, EPOLLHUP|EPOLLERR, NULL, INT_TO_PTR(-ECANCELED)); + if (r == -EPERM) + /* Installing an epoll watch on a regular file doesn't work and fails with EPERM. Which is + * totally OK, handle it gracefully. epoll_ctl() documents EPERM as the error returned when + * the specified fd doesn't support epoll, hence it's safe to check for that. */ + log_debug_errno(r, "Unable to install EPOLLHUP watch on stderr, not watching for hangups."); + else if (r < 0) + return log_error_errno(r, "Failed to add io event source for stdout: %m"); + + if (arg_lines != 0 || arg_since_set) { + r = sd_event_add_defer(e, NULL, on_first_event, c); + if (r < 0) + return log_error_errno(r, "Failed to add defer event source: %m"); + } + + *ret = TAKE_PTR(e); + return 0; +} + +static int update_cursor(sd_journal *j) { + _cleanup_free_ char *cursor = NULL; + int r; + + assert(j); + + if (!arg_show_cursor && !arg_cursor_file) + return 0; + + r = sd_journal_get_cursor(j, &cursor); + if (r == -EADDRNOTAVAIL) + return 0; + if (r < 0) + return log_error_errno(r, "Failed to get cursor: %m"); + + if (arg_show_cursor) + printf("-- cursor: %s\n", cursor); + + if (arg_cursor_file) { + r = write_string_file(arg_cursor_file, cursor, WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_ATOMIC); + if (r < 0) + return log_error_errno(r, "Failed to write new cursor to %s: %m", arg_cursor_file); + } + + return 0; +} + +int action_show(char **matches) { + _cleanup_(context_done) Context c = {}; + int n_shown, r, poll_fd = -EBADF; + + assert(arg_action == ACTION_SHOW); + + (void) signal(SIGWINCH, columns_lines_cache_reset); + + r = acquire_journal(&c.journal); + if (r < 0) + return r; + + if (!journal_boot_has_effect(c.journal)) + return arg_compiled_pattern ? -ENOENT : 0; + + r = add_filters(c.journal, matches); + if (r < 0) + return r; + + r = seek_journal(&c); + if (r < 0) + return r; + + /* Opening the fd now means the first sd_journal_wait() will actually wait */ + if (arg_follow) { + poll_fd = sd_journal_get_fd(c.journal); + if (poll_fd == -EMFILE) { + log_warning_errno(poll_fd, "Insufficient watch descriptors available. Reverting to -n."); + arg_follow = false; + } else if (poll_fd == -EMEDIUMTYPE) + return log_error_errno(poll_fd, "The --follow switch is not supported in conjunction with reading from STDIN."); + else if (poll_fd < 0) + return log_error_errno(poll_fd, "Failed to get journal fd: %m"); + } + + if (!arg_follow) + pager_open(arg_pager_flags); + + if (!arg_quiet && (arg_lines != 0 || arg_follow) && DEBUG_LOGGING) { + usec_t start, end; + char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX]; + + r = sd_journal_get_cutoff_realtime_usec(c.journal, &start, &end); + if (r < 0) + return log_error_errno(r, "Failed to get cutoff: %m"); + if (r > 0) { + if (arg_follow) + printf("-- Journal begins at %s. --\n", + format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start)); + else + printf("-- Journal begins at %s, ends at %s. --\n", + format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start), + format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end)); + } + } + + if (arg_follow) { + _cleanup_(sd_event_unrefp) sd_event *e = NULL; + int sig; + + assert(poll_fd >= 0); + + r = setup_event(&c, poll_fd, &e); + if (r < 0) + return r; + + r = sd_event_loop(e); + if (r < 0) + return r; + sig = r; + + r = update_cursor(c.journal); + if (r < 0) + return r; + + /* re-send the original signal. */ + return sig; + } + + r = show(&c); + if (r < 0) + return r; + n_shown = r; + + if (n_shown == 0 && !arg_quiet) + printf("-- No entries --\n"); + + r = update_cursor(c.journal); + if (r < 0) + return r; + + if (arg_compiled_pattern && n_shown == 0) + /* --grep was used, no error was thrown, but the pattern didn't + * match anything. Let's mimic grep's behavior here and return + * a non-zero exit code, so journalctl --grep can be used + * in scripts and such */ + return -ENOENT; + + return 0; +} diff --git a/src/journal/journalctl-show.h b/src/journal/journalctl-show.h new file mode 100644 index 0000000..83f3bdd --- /dev/null +++ b/src/journal/journalctl-show.h @@ -0,0 +1,4 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +int action_show(char **matches); diff --git a/src/journal/journalctl-util.c b/src/journal/journalctl-util.c new file mode 100644 index 0000000..32cdaf8 --- /dev/null +++ b/src/journal/journalctl-util.c @@ -0,0 +1,120 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <unistd.h> + +#include "id128-util.h" +#include "journal-util.h" +#include "journalctl.h" +#include "journalctl-util.h" +#include "logs-show.h" +#include "rlimit-util.h" +#include "sigbus.h" +#include "terminal-util.h" + +char* format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) { + assert(buf); + + if (arg_utc) + return format_timestamp_style(buf, l, t, TIMESTAMP_UTC); + + return format_timestamp(buf, l, t); +} + +int acquire_journal(sd_journal **ret) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + int r; + + assert(ret); + + /* Increase max number of open files if we can, we might needs this when browsing journal files, which might be + * split up into many files. */ + (void) rlimit_nofile_bump(HIGH_RLIMIT_NOFILE); + + sigbus_install(); + + if (arg_directory) + r = sd_journal_open_directory(&j, arg_directory, arg_journal_type | arg_journal_additional_open_flags); + else if (arg_root) + r = sd_journal_open_directory(&j, arg_root, arg_journal_type | arg_journal_additional_open_flags | SD_JOURNAL_OS_ROOT); + else if (arg_file_stdin) + r = sd_journal_open_files_fd(&j, (int[]) { STDIN_FILENO }, 1, arg_journal_additional_open_flags); + else if (arg_file) + r = sd_journal_open_files(&j, (const char**) arg_file, arg_journal_additional_open_flags); + else if (arg_machine) + r = journal_open_machine(&j, arg_machine, arg_journal_additional_open_flags); + else + r = sd_journal_open_namespace( + &j, + arg_namespace, + (arg_merge ? 0 : SD_JOURNAL_LOCAL_ONLY) | + arg_namespace_flags | arg_journal_type | arg_journal_additional_open_flags); + if (r < 0) + return log_error_errno(r, "Failed to open %s: %m", arg_directory ?: arg_file ? "files" : "journal"); + + r = journal_access_check_and_warn(j, arg_quiet, + !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units)); + if (r < 0) + return r; + + *ret = TAKE_PTR(j); + return 0; +} + +bool journal_boot_has_effect(sd_journal *j) { + assert(j); + + if (arg_boot_offset != 0 && + sd_journal_has_runtime_files(j) > 0 && + sd_journal_has_persistent_files(j) == 0) { + log_info("Specifying boot ID or boot offset has no effect, no persistent journal was found."); + return false; + } + + return true; +} + +int journal_acquire_boot(sd_journal *j) { + int r; + + assert(j); + + if (!arg_boot) { + /* Clear relevant field for safety. */ + arg_boot_id = SD_ID128_NULL; + arg_boot_offset = 0; + return 0; + } + + /* Take a shortcut and use the current boot_id, which we can do very quickly. + * We can do this only when the logs are coming from the current machine, + * so take the slow path if log location is specified. */ + if (arg_boot_offset == 0 && sd_id128_is_null(arg_boot_id) && + !arg_directory && !arg_file && !arg_file_stdin && !arg_root) { + r = id128_get_boot_for_machine(arg_machine, &arg_boot_id); + if (r < 0) + return log_error_errno(r, "Failed to get boot ID%s%s: %m", + isempty(arg_machine) ? "" : " of container ", strempty(arg_machine)); + } else { + sd_id128_t boot_id; + + r = journal_find_boot(j, arg_boot_id, arg_boot_offset, &boot_id); + if (r < 0) + return log_error_errno(r, "Failed to find journal entry from the specified boot (%s%+i): %m", + sd_id128_is_null(arg_boot_id) ? "" : SD_ID128_TO_STRING(arg_boot_id), + arg_boot_offset); + if (r == 0) + return log_error_errno(SYNTHETIC_ERRNO(ENODATA), + "No journal boot entry found from the specified boot (%s%+i).", + sd_id128_is_null(arg_boot_id) ? "" : SD_ID128_TO_STRING(arg_boot_id), + arg_boot_offset); + + log_debug("Found boot %s for %s%+i", + SD_ID128_TO_STRING(boot_id), + sd_id128_is_null(arg_boot_id) ? "" : SD_ID128_TO_STRING(arg_boot_id), + arg_boot_offset); + + arg_boot_id = boot_id; + } + + return 1; +} diff --git a/src/journal/journalctl-util.h b/src/journal/journalctl-util.h new file mode 100644 index 0000000..ea3e568 --- /dev/null +++ b/src/journal/journalctl-util.h @@ -0,0 +1,11 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "sd-journal.h" + +#include "time-util.h" + +char* format_timestamp_maybe_utc(char *buf, size_t l, usec_t t); +int acquire_journal(sd_journal **ret); +bool journal_boot_has_effect(sd_journal *j); +int journal_acquire_boot(sd_journal *j); diff --git a/src/journal/journalctl-varlink.c b/src/journal/journalctl-varlink.c new file mode 100644 index 0000000..89aed05 --- /dev/null +++ b/src/journal/journalctl-varlink.c @@ -0,0 +1,142 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "errno-util.h" +#include "journal-internal.h" +#include "journal-vacuum.h" +#include "journalctl.h" +#include "journalctl-util.h" +#include "journalctl-varlink.h" +#include "varlink.h" + +static int varlink_connect_journal(Varlink **ret) { + _cleanup_(varlink_flush_close_unrefp) Varlink *vl = NULL; + const char *address; + int r; + + assert(ret); + + address = arg_namespace ? + strjoina("/run/systemd/journal.", arg_namespace, "/io.systemd.journal") : + "/run/systemd/journal/io.systemd.journal"; + + r = varlink_connect_address(&vl, address); + if (r < 0) + return r; + + (void) varlink_set_description(vl, "journal"); + (void) varlink_set_relative_timeout(vl, USEC_INFINITY); + + *ret = TAKE_PTR(vl); + return 0; +} + +int action_flush_to_var(void) { + _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL; + int r; + + assert(arg_action == ACTION_FLUSH); + + if (arg_machine || arg_namespace) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "--flush is not supported in conjunction with %s.", + arg_machine ? "--machine=" : "--namespace="); + + if (access("/run/systemd/journal/flushed", F_OK) >= 0) + return 0; /* Already flushed, no need to contact journald */ + if (errno != ENOENT) + return log_error_errno(errno, "Unable to check for existence of /run/systemd/journal/flushed: %m"); + + r = varlink_connect_journal(&link); + if (r < 0) + return log_error_errno(r, "Failed to connect to Varlink socket: %m"); + + return varlink_call_and_log(link, "io.systemd.Journal.FlushToVar", /* parameters= */ NULL, /* ret_parameters= */ NULL); +} + +int action_relinquish_var(void) { + _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL; + int r; + + assert(arg_action == ACTION_RELINQUISH_VAR); + + if (arg_machine || arg_namespace) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "--(smart-)relinquish-var is not supported in conjunction with %s.", + arg_machine ? "--machine=" : "--namespace="); + + r = varlink_connect_journal(&link); + if (r < 0) + return log_error_errno(r, "Failed to connect to Varlink socket: %m"); + + return varlink_call_and_log(link, "io.systemd.Journal.RelinquishVar", /* parameters= */ NULL, /* ret_parameters= */ NULL); +} + +int action_rotate(void) { + _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL; + int r; + + assert(IN_SET(arg_action, ACTION_ROTATE, ACTION_ROTATE_AND_VACUUM)); + + if (arg_machine) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "--rotate is not supported in conjunction with --machine=."); + + r = varlink_connect_journal(&link); + if (r < 0) + return log_error_errno(r, "Failed to connect to Varlink socket: %m"); + + return varlink_call_and_log(link, "io.systemd.Journal.Rotate", /* parameters= */ NULL, /* ret_parameters= */ NULL); +} + +int action_vacuum(void) { + _cleanup_(sd_journal_closep) sd_journal *j = NULL; + Directory *d; + int r, ret = 0; + + assert(IN_SET(arg_action, ACTION_VACUUM, ACTION_ROTATE_AND_VACUUM)); + + r = acquire_journal(&j); + if (r < 0) + return r; + + HASHMAP_FOREACH(d, j->directories_by_path) { + r = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet); + if (r < 0) + RET_GATHER(ret, log_error_errno(r, "Failed to vacuum %s: %m", d->path)); + } + + return ret; +} + +int action_rotate_and_vacuum(void) { + int r; + + assert(arg_action == ACTION_ROTATE_AND_VACUUM); + + r = action_rotate(); + if (r < 0) + return r; + + return action_vacuum(); +} + +int action_sync(void) { + _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL; + int r; + + assert(arg_action == ACTION_SYNC); + + if (arg_machine) + return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), + "--sync is not supported in conjunction with --machine=."); + + r = varlink_connect_journal(&link); + if (ERRNO_IS_NEG_DISCONNECT(r) && arg_namespace) + /* If the namespaced sd-journald instance was shut down due to inactivity, it should already + * be synchronized */ + return 0; + if (r < 0) + return log_error_errno(r, "Failed to connect to Varlink socket: %m"); + + return varlink_call_and_log(link, "io.systemd.Journal.Synchronize", /* parameters= */ NULL, /* ret_parameters= */ NULL); +} diff --git a/src/journal/journalctl-varlink.h b/src/journal/journalctl-varlink.h new file mode 100644 index 0000000..e10983a --- /dev/null +++ b/src/journal/journalctl-varlink.h @@ -0,0 +1,9 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +int action_flush_to_var(void); +int action_relinquish_var(void); +int action_rotate(void); +int action_vacuum(void); +int action_rotate_and_vacuum(void); +int action_sync(void); diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c index 45ecc96..45173a6 100644 --- a/src/journal/journalctl.c +++ b/src/journal/journalctl.c @@ -1,85 +1,29 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ -#include <errno.h> -#include <fcntl.h> -#include <fnmatch.h> #include <getopt.h> -#include <linux/fs.h> -#include <signal.h> -#include <stddef.h> -#include <stdio.h> -#include <stdlib.h> -#include <sys/inotify.h> -#include <sys/stat.h> -#include <unistd.h> - -#include "sd-bus.h" -#include "sd-device.h" + #include "sd-journal.h" -#include "acl-util.h" -#include "alloc-util.h" #include "build.h" -#include "bus-error.h" -#include "bus-locator.h" -#include "bus-util.h" -#include "catalog.h" -#include "chase.h" -#include "chattr-util.h" -#include "constants.h" -#include "devnum-util.h" -#include "dissect-image.h" -#include "fd-util.h" -#include "fileio.h" -#include "format-table.h" -#include "format-util.h" -#include "fs-util.h" -#include "fsprg.h" #include "glob-util.h" -#include "hostname-util.h" #include "id128-print.h" -#include "io-util.h" -#include "journal-def.h" -#include "journal-internal.h" -#include "journal-util.h" -#include "journal-vacuum.h" -#include "journal-verify.h" +#include "journalctl.h" +#include "journalctl-authenticate.h" +#include "journalctl-catalog.h" +#include "journalctl-misc.h" +#include "journalctl-show.h" +#include "journalctl-varlink.h" #include "locale-util.h" -#include "log.h" -#include "logs-show.h" #include "main-func.h" -#include "memory-util.h" -#include "memstream-util.h" -#include "missing_sched.h" -#include "mkdir.h" #include "mount-util.h" #include "mountpoint-util.h" -#include "nulstr-util.h" -#include "pager.h" #include "parse-argument.h" -#include "parse-util.h" -#include "path-util.h" -#include "pcre2-util.h" #include "pretty-print.h" -#include "qrcode-util.h" -#include "random-util.h" -#include "rlimit-util.h" -#include "set.h" -#include "sigbus.h" -#include "signal-util.h" #include "static-destruct.h" -#include "stdio-util.h" #include "string-table.h" -#include "strv.h" #include "syslog-util.h" -#include "terminal-util.h" -#include "tmpfile-util.h" -#include "unit-name.h" -#include "user-util.h" -#include "varlink.h" #define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE) -#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */ enum { /* Special values for arg_lines */ @@ -87,65 +31,71 @@ enum { ARG_LINES_ALL = -1, }; -static OutputMode arg_output = OUTPUT_SHORT; -static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF; -static bool arg_utc = false; -static bool arg_follow = false; -static bool arg_full = true; -static bool arg_all = false; -static PagerFlags arg_pager_flags = 0; -static int arg_lines = ARG_LINES_DEFAULT; -static bool arg_lines_oldest = false; -static bool arg_no_tail = false; -static bool arg_truncate_newline = false; -static bool arg_quiet = false; -static bool arg_merge = false; -static bool arg_boot = false; -static sd_id128_t arg_boot_id = {}; -static int arg_boot_offset = 0; -static bool arg_dmesg = false; -static bool arg_no_hostname = false; -static const char *arg_cursor = NULL; -static const char *arg_cursor_file = NULL; -static const char *arg_after_cursor = NULL; -static bool arg_show_cursor = false; -static const char *arg_directory = NULL; -static char **arg_file = NULL; -static bool arg_file_stdin = false; -static int arg_priorities = 0xFF; -static Set *arg_facilities = NULL; -static char *arg_verify_key = NULL; +JournalctlAction arg_action = ACTION_SHOW; +OutputMode arg_output = OUTPUT_SHORT; +JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF; +PagerFlags arg_pager_flags = 0; +bool arg_utc = false; +bool arg_follow = false; +bool arg_full = true; +bool arg_all = false; +int arg_lines = ARG_LINES_DEFAULT; +bool arg_lines_oldest = false; +bool arg_no_tail = false; +bool arg_truncate_newline = false; +bool arg_quiet = false; +bool arg_merge = false; +bool arg_boot = false; +sd_id128_t arg_boot_id = {}; +int arg_boot_offset = 0; +bool arg_dmesg = false; +bool arg_no_hostname = false; +const char *arg_cursor = NULL; +const char *arg_cursor_file = NULL; +const char *arg_after_cursor = NULL; +bool arg_show_cursor = false; +const char *arg_directory = NULL; +char **arg_file = NULL; +bool arg_file_stdin = false; +int arg_priorities = 0; +Set *arg_facilities = NULL; +char *arg_verify_key = NULL; #if HAVE_GCRYPT -static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC; -static bool arg_force = false; +usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC; +bool arg_force = false; #endif -static usec_t arg_since = 0, arg_until = 0; -static bool arg_since_set = false, arg_until_set = false; -static char **arg_syslog_identifier = NULL; -static char **arg_system_units = NULL; -static char **arg_user_units = NULL; -static const char *arg_field = NULL; -static bool arg_catalog = false; -static bool arg_reverse = false; -static int arg_journal_type = 0; -static int arg_namespace_flags = 0; -static char *arg_root = NULL; -static char *arg_image = NULL; -static const char *arg_machine = NULL; -static const char *arg_namespace = NULL; -static uint64_t arg_vacuum_size = 0; -static uint64_t arg_vacuum_n_files = 0; -static usec_t arg_vacuum_time = 0; -static Set *arg_output_fields = NULL; -static const char *arg_pattern = NULL; -static pcre2_code *arg_compiled_pattern = NULL; -static PatternCompileCase arg_case = PATTERN_COMPILE_CASE_AUTO; -ImagePolicy *arg_image_policy = NULL; +usec_t arg_since = 0; +usec_t arg_until = 0; +bool arg_since_set = false; +bool arg_until_set = false; +char **arg_syslog_identifier = NULL; +char **arg_exclude_identifier = NULL; +char **arg_system_units = NULL; +char **arg_user_units = NULL; +const char *arg_field = NULL; +bool arg_catalog = false; +bool arg_reverse = false; +int arg_journal_type = 0; +int arg_journal_additional_open_flags = 0; +int arg_namespace_flags = 0; +char *arg_root = NULL; +char *arg_image = NULL; +const char *arg_machine = NULL; +const char *arg_namespace = NULL; +uint64_t arg_vacuum_size = 0; +uint64_t arg_vacuum_n_files = 0; +usec_t arg_vacuum_time = 0; +Set *arg_output_fields = NULL; +const char *arg_pattern = NULL; +pcre2_code *arg_compiled_pattern = NULL; +PatternCompileCase arg_case = PATTERN_COMPILE_CASE_AUTO; +static ImagePolicy *arg_image_policy = NULL; STATIC_DESTRUCTOR_REGISTER(arg_file, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_facilities, set_freep); STATIC_DESTRUCTOR_REGISTER(arg_verify_key, freep); STATIC_DESTRUCTOR_REGISTER(arg_syslog_identifier, strv_freep); +STATIC_DESTRUCTOR_REGISTER(arg_exclude_identifier, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_system_units, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_user_units, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_root, freep); @@ -154,115 +104,21 @@ STATIC_DESTRUCTOR_REGISTER(arg_output_fields, set_freep); STATIC_DESTRUCTOR_REGISTER(arg_compiled_pattern, pattern_freep); STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep); -static enum { - ACTION_SHOW, - ACTION_NEW_ID128, - ACTION_PRINT_HEADER, - ACTION_SETUP_KEYS, - ACTION_VERIFY, - ACTION_DISK_USAGE, - ACTION_LIST_CATALOG, - ACTION_DUMP_CATALOG, - ACTION_UPDATE_CATALOG, - ACTION_LIST_BOOTS, - ACTION_FLUSH, - ACTION_RELINQUISH_VAR, - ACTION_SYNC, - ACTION_ROTATE, - ACTION_VACUUM, - ACTION_ROTATE_AND_VACUUM, - ACTION_LIST_FIELDS, - ACTION_LIST_FIELD_NAMES, -} arg_action = ACTION_SHOW; - -static int add_matches_for_device(sd_journal *j, const char *devpath) { - _cleanup_(sd_device_unrefp) sd_device *device = NULL; - sd_device *d = NULL; - struct stat st; - int r; - - assert(j); - assert(devpath); - - if (!path_startswith(devpath, "/dev/")) - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "Devpath does not start with /dev/"); - - if (stat(devpath, &st) < 0) - return log_error_errno(errno, "Couldn't stat file: %m"); - - r = sd_device_new_from_stat_rdev(&device, &st); - if (r < 0) - return log_error_errno(r, "Failed to get device from devnum " DEVNUM_FORMAT_STR ": %m", DEVNUM_FORMAT_VAL(st.st_rdev)); - - for (d = device; d; ) { - _cleanup_free_ char *match = NULL; - const char *subsys, *sysname, *devnode; - sd_device *parent; - - r = sd_device_get_subsystem(d, &subsys); - if (r < 0) - goto get_parent; - - r = sd_device_get_sysname(d, &sysname); - if (r < 0) - goto get_parent; - - match = strjoin("_KERNEL_DEVICE=+", subsys, ":", sysname); - if (!match) - return log_oom(); - - r = sd_journal_add_match(j, match, 0); - if (r < 0) - return log_error_errno(r, "Failed to add match: %m"); - - if (sd_device_get_devname(d, &devnode) >= 0) { - _cleanup_free_ char *match1 = NULL; - - r = stat(devnode, &st); - if (r < 0) - return log_error_errno(r, "Failed to stat() device node \"%s\": %m", devnode); - - r = asprintf(&match1, "_KERNEL_DEVICE=%c" DEVNUM_FORMAT_STR, S_ISBLK(st.st_mode) ? 'b' : 'c', DEVNUM_FORMAT_VAL(st.st_rdev)); - if (r < 0) - return log_oom(); - - r = sd_journal_add_match(j, match1, 0); - if (r < 0) - return log_error_errno(r, "Failed to add match: %m"); - } - -get_parent: - if (sd_device_get_parent(d, &parent) < 0) - break; - - d = parent; - } - - r = add_match_this_boot(j, arg_machine); - if (r < 0) - return log_error_errno(r, "Failed to add match for the current boot: %m"); - - return 0; -} - -static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) { - - if (arg_utc) - return format_timestamp_style(buf, l, t, TIMESTAMP_UTC); - - return format_timestamp(buf, l, t); -} - -static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) { +static int parse_id_descriptor(const char *x, sd_id128_t *ret_id, int *ret_offset) { sd_id128_t id = SD_ID128_NULL; int off = 0, r; + assert(x); + assert(ret_id); + assert(ret_offset); + if (streq(x, "all")) { - *boot_id = SD_ID128_NULL; - *offset = 0; + *ret_id = SD_ID128_NULL; + *ret_offset = 0; return 0; - } else if (strlen(x) >= SD_ID128_STRING_MAX - 1) { + } + + if (strlen(x) >= SD_ID128_STRING_MAX - 1) { char *t; t = strndupa_safe(x, SD_ID128_STRING_MAX - 1); @@ -284,12 +140,8 @@ static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset return r; } - if (boot_id) - *boot_id = id; - - if (offset) - *offset = off; - + *ret_id = id; + *ret_offset = off; return 1; } @@ -328,10 +180,6 @@ default_noarg: return 0; } -static bool arg_lines_needs_seek_end(void) { - return arg_lines >= 0 && !arg_lines_oldest; -} - static int help_facilities(void) { if (!arg_quiet) puts("Available facilities:"); @@ -339,7 +187,7 @@ static int help_facilities(void) { for (int i = 0; i < LOG_NFACILITIES; i++) { _cleanup_free_ char *t = NULL; - if (log_facility_unshifted_to_string_alloc(i, &t)) + if (log_facility_unshifted_to_string_alloc(i, &t) < 0) return log_oom(); puts(t); } @@ -365,7 +213,7 @@ static int help(void) { " -M --machine=CONTAINER Operate on local container\n" " -m --merge Show entries from all available journals\n" " -D --directory=PATH Show journal files from directory\n" - " --file=PATH Show journal file\n" + " -i --file=PATH Show journal file\n" " --root=PATH Operate on an alternate filesystem root\n" " --image=PATH Operate on disk image as filesystem root\n" " --image-policy=POLICY Specify disk image dissection policy\n" @@ -380,6 +228,8 @@ static int help(void) { " -u --unit=UNIT Show logs from the specified unit\n" " --user-unit=UNIT Show logs from the specified user unit\n" " -t --identifier=STRING Show entries with the specified syslog identifier\n" + " -T --exclude-identifier=STRING\n" + " Hide entries with the specified syslog identifier\n" " -p --priority=RANGE Show entries within the specified priority range\n" " --facility=FACILITY... Show entries with the specified facilities\n" " -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n" @@ -417,6 +267,7 @@ static int help(void) { " -N --fields List all field names currently used\n" " -F --field=FIELD List all values that a specified field takes\n" " --list-boots Show terse information about recorded boots\n" + " --list-namespaces Show list of journal namespaces\n" " --disk-usage Show total disk usage of all journal files\n" " --vacuum-size=BYTES Reduce disk usage below specified size\n" " --vacuum-files=INT Leave only the specified number of journal files\n" @@ -461,7 +312,6 @@ static int parse_argv(int argc, char *argv[]) { ARG_HEADER, ARG_FACILITY, ARG_SETUP_KEYS, - ARG_FILE, ARG_INTERVAL, ARG_VERIFY, ARG_VERIFY_KEY, @@ -488,6 +338,7 @@ static int parse_argv(int argc, char *argv[]) { ARG_NO_HOSTNAME, ARG_OUTPUT_FIELDS, ARG_NAMESPACE, + ARG_LIST_NAMESPACES, }; static const struct option options[] = { @@ -514,12 +365,13 @@ static int parse_argv(int argc, char *argv[]) { { "system", no_argument, NULL, ARG_SYSTEM }, { "user", no_argument, NULL, ARG_USER }, { "directory", required_argument, NULL, 'D' }, - { "file", required_argument, NULL, ARG_FILE }, + { "file", required_argument, NULL, 'i' }, { "root", required_argument, NULL, ARG_ROOT }, { "image", required_argument, NULL, ARG_IMAGE }, { "image-policy", required_argument, NULL, ARG_IMAGE_POLICY }, { "header", no_argument, NULL, ARG_HEADER }, { "identifier", required_argument, NULL, 't' }, + { "exclude-identifier", required_argument, NULL, 'T' }, { "priority", required_argument, NULL, 'p' }, { "facility", required_argument, NULL, ARG_FACILITY }, { "grep", required_argument, NULL, 'g' }, @@ -557,6 +409,7 @@ static int parse_argv(int argc, char *argv[]) { { "no-hostname", no_argument, NULL, ARG_NO_HOSTNAME }, { "output-fields", required_argument, NULL, ARG_OUTPUT_FIELDS }, { "namespace", required_argument, NULL, ARG_NAMESPACE }, + { "list-namespaces", no_argument, NULL, ARG_LIST_NAMESPACES }, {} }; @@ -565,7 +418,7 @@ static int parse_argv(int argc, char *argv[]) { assert(argc >= 0); assert(argv); - while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:u:NF:xrM:", options, NULL)) >= 0) + while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:T:u:NF:xrM:i:", options, NULL)) >= 0) switch (c) { @@ -666,19 +519,16 @@ static int parse_argv(int argc, char *argv[]) { arg_boot_offset = 0; if (optarg) { - r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset); + r = parse_id_descriptor(optarg, &arg_boot_id, &arg_boot_offset); if (r < 0) return log_error_errno(r, "Failed to parse boot descriptor '%s'", optarg); arg_boot = r; - /* Hmm, no argument? Maybe the next - * word on the command line is - * supposed to be the argument? Let's - * see if there is one and is parsable - * as a boot descriptor... */ } else if (optind < argc) { - r = parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset); + /* Hmm, no argument? Maybe the next word on the command line is supposed to be the + * argument? Let's see if there is one and is parsable as a boot descriptor... */ + r = parse_id_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset); if (r >= 0) { arg_boot = r; optind++; @@ -723,11 +573,15 @@ static int parse_argv(int argc, char *argv[]) { break; + case ARG_LIST_NAMESPACES: + arg_action = ACTION_LIST_NAMESPACES; + break; + case 'D': arg_directory = optarg; break; - case ARG_FILE: + case 'i': if (streq(optarg, "-")) /* An undocumented feature: we can read journal files from STDIN. We don't document * this though, since after all we only support this for mmap-able, seekable files, and @@ -959,6 +813,12 @@ static int parse_argv(int argc, char *argv[]) { return log_oom(); break; + case 'T': + r = strv_extend(&arg_exclude_identifier, optarg); + if (r < 0) + return log_oom(); + break; + case 'u': r = strv_extend(&arg_system_units, optarg); if (r < 0) @@ -1081,7 +941,7 @@ static int parse_argv(int argc, char *argv[]) { arg_boot_offset = 0; } - if (!!arg_directory + !!arg_file + !!arg_machine + !!arg_root + !!arg_image > 1) + if (!!arg_directory + !!arg_file + arg_file_stdin + !!arg_machine + !!arg_root + !!arg_image > 1) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Please specify at most one of -D/--directory=, --file=, -M/--machine=, --root=, --image=."); @@ -1089,15 +949,15 @@ static int parse_argv(int argc, char *argv[]) { return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "--since= must be before --until=."); - if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1) + if (!!arg_cursor + !!arg_after_cursor + !!arg_cursor_file + !!arg_since_set > 1) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "Please specify only one of --since=, --cursor=, and --after-cursor=."); + "Please specify only one of --since=, --cursor=, --cursor-file=, and --after-cursor=."); if (arg_follow && arg_reverse) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "Please specify either --reverse or --follow, not both."); - if (arg_lines >= 0 && arg_lines_oldest && (arg_reverse || arg_follow)) + if (arg_action == ACTION_SHOW && arg_lines >= 0 && arg_lines_oldest && (arg_reverse || arg_follow)) return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "--lines=+N is unsupported when --reverse or --follow is specified."); @@ -1135,1056 +995,26 @@ static int parse_argv(int argc, char *argv[]) { arg_reverse = true; } - return 1; -} - -static int add_matches(sd_journal *j, char **args) { - bool have_term = false; - - assert(j); - - STRV_FOREACH(i, args) { - int r; - - if (streq(*i, "+")) { - if (!have_term) - break; - r = sd_journal_add_disjunction(j); - have_term = false; - - } else if (path_is_absolute(*i)) { - _cleanup_free_ char *p = NULL, *t = NULL, *t2 = NULL, *interpreter = NULL; - struct stat st; - - r = chase(*i, NULL, CHASE_TRAIL_SLASH, &p, NULL); - if (r < 0) - return log_error_errno(r, "Couldn't canonicalize path: %m"); - - if (lstat(p, &st) < 0) - return log_error_errno(errno, "Couldn't stat file: %m"); - - if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) { - if (executable_is_script(p, &interpreter) > 0) { - _cleanup_free_ char *comm = NULL; - - r = path_extract_filename(p, &comm); - if (r < 0) - return log_error_errno(r, "Failed to extract filename of '%s': %m", p); - - t = strjoin("_COMM=", strshorten(comm, TASK_COMM_LEN-1)); - if (!t) - return log_oom(); - - /* Append _EXE only if the interpreter is not a link. - Otherwise, it might be outdated often. */ - if (lstat(interpreter, &st) == 0 && !S_ISLNK(st.st_mode)) { - t2 = strjoin("_EXE=", interpreter); - if (!t2) - return log_oom(); - } - } else { - t = strjoin("_EXE=", p); - if (!t) - return log_oom(); - } - - r = sd_journal_add_match(j, t, 0); - - if (r >=0 && t2) - r = sd_journal_add_match(j, t2, 0); - - } else if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) { - r = add_matches_for_device(j, p); - if (r < 0) - return r; - } else - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "File is neither a device node, nor regular file, nor executable: %s", - *i); - - have_term = true; - } else { - r = sd_journal_add_match(j, *i, 0); - have_term = true; - } - - if (r < 0) - return log_error_errno(r, "Failed to add match '%s': %m", *i); - } - - if (!strv_isempty(args) && !have_term) - return log_error_errno(SYNTHETIC_ERRNO(EINVAL), - "\"+\" can only be used between terms"); - - return 0; -} - -static int list_boots(sd_journal *j) { - _cleanup_(table_unrefp) Table *table = NULL; - _cleanup_free_ BootId *boots = NULL; - size_t n_boots; - int r; - - assert(j); - - r = journal_get_boots(j, &boots, &n_boots); - if (r < 0) - return log_error_errno(r, "Failed to determine boots: %m"); - if (r == 0) - return 0; - - table = table_new("idx", "boot id", "first entry", "last entry"); - if (!table) - return log_oom(); - - if (arg_full) - table_set_width(table, 0); - - r = table_set_json_field_name(table, 0, "index"); - if (r < 0) - return log_error_errno(r, "Failed to set JSON field name of column 0: %m"); - - (void) table_set_sort(table, (size_t) 0); - (void) table_set_reverse(table, 0, arg_reverse); - - FOREACH_ARRAY(i, boots, n_boots) { - r = table_add_many(table, - TABLE_INT, (int)(i - boots) - (int) n_boots + 1, - TABLE_SET_ALIGN_PERCENT, 100, - TABLE_ID128, i->id, - TABLE_TIMESTAMP, i->first_usec, - TABLE_TIMESTAMP, i->last_usec); - if (r < 0) - return table_log_add_error(r); - } - - r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, !arg_quiet); - if (r < 0) - return table_log_print_error(r); - - return 0; -} - -static int add_boot(sd_journal *j) { - int r; - - assert(j); - - if (!arg_boot) - return 0; - - /* Take a shortcut and use the current boot_id, which we can do very quickly. - * We can do this only when we logs are coming from the current machine, - * so take the slow path if log location is specified. */ - if (arg_boot_offset == 0 && sd_id128_is_null(arg_boot_id) && - !arg_directory && !arg_file && !arg_root) - return add_match_this_boot(j, arg_machine); - - if (sd_id128_is_null(arg_boot_id)) { - r = journal_find_boot_by_offset(j, arg_boot_offset, &arg_boot_id); - if (r < 0) - return log_error_errno(r, "Failed to find journal entry from the specified boot offset (%+i): %m", - arg_boot_offset); - if (r == 0) - return log_error_errno(SYNTHETIC_ERRNO(ENODATA), - "No journal boot entry found from the specified boot offset (%+i).", - arg_boot_offset); - } else { - r = journal_find_boot_by_id(j, arg_boot_id); - if (r < 0) - return log_error_errno(r, "Failed to find journal entry from the specified boot ID (%s): %m", - SD_ID128_TO_STRING(arg_boot_id)); - if (r == 0) - return log_error_errno(SYNTHETIC_ERRNO(ENODATA), - "No journal boot entry found from the specified boot ID (%s).", - SD_ID128_TO_STRING(arg_boot_id)); - } - - r = add_match_boot_id(j, arg_boot_id); - if (r < 0) - return log_error_errno(r, "Failed to add match: %m"); - - r = sd_journal_add_conjunction(j); - if (r < 0) - return log_error_errno(r, "Failed to add conjunction: %m"); - - return 0; -} - -static int add_dmesg(sd_journal *j) { - int r; - assert(j); - - if (!arg_dmesg) - return 0; - - r = sd_journal_add_match(j, "_TRANSPORT=kernel", - STRLEN("_TRANSPORT=kernel")); - if (r < 0) - return log_error_errno(r, "Failed to add match: %m"); - - r = sd_journal_add_conjunction(j); - if (r < 0) - return log_error_errno(r, "Failed to add conjunction: %m"); - - return 0; -} - -static int get_possible_units( - sd_journal *j, - const char *fields, - char **patterns, - Set **units) { - - _cleanup_set_free_free_ Set *found = NULL; - int r; - - found = set_new(&string_hash_ops); - if (!found) - return -ENOMEM; - - NULSTR_FOREACH(field, fields) { - const void *data; - size_t size; - - r = sd_journal_query_unique(j, field); - if (r < 0) - return r; - - SD_JOURNAL_FOREACH_UNIQUE(j, data, size) { - char *eq; - size_t prefix; - _cleanup_free_ char *u = NULL; - - eq = memchr(data, '=', size); - if (eq) - prefix = eq - (char*) data + 1; - else - prefix = 0; - - u = strndup((char*) data + prefix, size - prefix); - if (!u) - return -ENOMEM; - - STRV_FOREACH(pattern, patterns) - if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) { - log_debug("Matched %s with pattern %s=%s", u, field, *pattern); - - r = set_consume(found, u); - u = NULL; - if (r < 0 && r != -EEXIST) - return r; - - break; - } - } - } - - *units = TAKE_PTR(found); - - return 0; -} - -/* This list is supposed to return the superset of unit names - * possibly matched by rules added with add_matches_for_unit... */ -#define SYSTEM_UNITS \ - "_SYSTEMD_UNIT\0" \ - "COREDUMP_UNIT\0" \ - "UNIT\0" \ - "OBJECT_SYSTEMD_UNIT\0" \ - "_SYSTEMD_SLICE\0" - -/* ... and add_matches_for_user_unit */ -#define USER_UNITS \ - "_SYSTEMD_USER_UNIT\0" \ - "USER_UNIT\0" \ - "COREDUMP_USER_UNIT\0" \ - "OBJECT_SYSTEMD_USER_UNIT\0" \ - "_SYSTEMD_USER_SLICE\0" - -static int add_units(sd_journal *j) { - _cleanup_strv_free_ char **patterns = NULL; - int r, count = 0; - - assert(j); - - STRV_FOREACH(i, arg_system_units) { - _cleanup_free_ char *u = NULL; - - r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u); - if (r < 0) - return r; - - if (string_is_glob(u)) { - r = strv_push(&patterns, u); - if (r < 0) - return r; - u = NULL; - } else { - r = add_matches_for_unit(j, u); - if (r < 0) - return r; - r = sd_journal_add_disjunction(j); - if (r < 0) - return r; - count++; - } - } - - if (!strv_isempty(patterns)) { - _cleanup_set_free_free_ Set *units = NULL; - char *u; - - r = get_possible_units(j, SYSTEM_UNITS, patterns, &units); - if (r < 0) - return r; - - SET_FOREACH(u, units) { - r = add_matches_for_unit(j, u); - if (r < 0) - return r; - r = sd_journal_add_disjunction(j); - if (r < 0) - return r; - count++; - } - } - - patterns = strv_free(patterns); - - STRV_FOREACH(i, arg_user_units) { - _cleanup_free_ char *u = NULL; - - r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u); - if (r < 0) - return r; - - if (string_is_glob(u)) { - r = strv_push(&patterns, u); - if (r < 0) - return r; - u = NULL; - } else { - r = add_matches_for_user_unit(j, u, getuid()); - if (r < 0) - return r; - r = sd_journal_add_disjunction(j); - if (r < 0) - return r; - count++; - } - } - - if (!strv_isempty(patterns)) { - _cleanup_set_free_free_ Set *units = NULL; - char *u; - - r = get_possible_units(j, USER_UNITS, patterns, &units); - if (r < 0) - return r; - - SET_FOREACH(u, units) { - r = add_matches_for_user_unit(j, u, getuid()); - if (r < 0) - return r; - r = sd_journal_add_disjunction(j); - if (r < 0) - return r; - count++; - } - } - - /* Complain if the user request matches but nothing whatsoever was - * found, since otherwise everything would be matched. */ - if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0) - return -ENODATA; - - r = sd_journal_add_conjunction(j); - if (r < 0) - return r; - - return 0; -} - -static int add_priorities(sd_journal *j) { - char match[] = "PRIORITY=0"; - int i, r; - assert(j); - - if (arg_priorities == 0xFF) - return 0; - - for (i = LOG_EMERG; i <= LOG_DEBUG; i++) - if (arg_priorities & (1 << i)) { - match[sizeof(match)-2] = '0' + i; - - r = sd_journal_add_match(j, match, strlen(match)); - if (r < 0) - return log_error_errno(r, "Failed to add match: %m"); - } - - r = sd_journal_add_conjunction(j); - if (r < 0) - return log_error_errno(r, "Failed to add conjunction: %m"); - - return 0; -} - -static int add_facilities(sd_journal *j) { - void *p; - int r; - - SET_FOREACH(p, arg_facilities) { - char match[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)]; - - xsprintf(match, "SYSLOG_FACILITY=%d", PTR_TO_INT(p)); - - r = sd_journal_add_match(j, match, strlen(match)); - if (r < 0) - return log_error_errno(r, "Failed to add match: %m"); - } - - return 0; -} - -static int add_syslog_identifier(sd_journal *j) { - int r; - - assert(j); - - STRV_FOREACH(i, arg_syslog_identifier) { - _cleanup_free_ char *u = NULL; - - u = strjoin("SYSLOG_IDENTIFIER=", *i); - if (!u) - return -ENOMEM; - r = sd_journal_add_match(j, u, 0); - if (r < 0) - return r; - r = sd_journal_add_disjunction(j); - if (r < 0) - return r; - } - - r = sd_journal_add_conjunction(j); - if (r < 0) - return r; - - return 0; -} - -#if HAVE_GCRYPT -static int format_journal_url( - const void *seed, - size_t seed_size, - uint64_t start, - uint64_t interval, - const char *hn, - sd_id128_t machine, - bool full, - char **ret_url) { - - _cleanup_(memstream_done) MemStream m = {}; - FILE *f; - - assert(seed); - assert(seed_size > 0); - - f = memstream_init(&m); - if (!f) - return -ENOMEM; - - if (full) - fputs("fss://", f); - - for (size_t i = 0; i < seed_size; i++) { - if (i > 0 && i % 3 == 0) - fputc('-', f); - fprintf(f, "%02x", ((uint8_t*) seed)[i]); - } - - fprintf(f, "/%"PRIx64"-%"PRIx64, start, interval); - - if (full) { - fprintf(f, "?machine=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(machine)); - if (hn) - fprintf(f, ";hostname=%s", hn); - } - - return memstream_finalize(&m, ret_url, NULL); -} -#endif - -static int setup_keys(void) { -#if HAVE_GCRYPT - size_t mpk_size, seed_size, state_size; - _cleanup_(unlink_and_freep) char *k = NULL; - _cleanup_free_ char *p = NULL; - uint8_t *mpk, *seed, *state; - _cleanup_close_ int fd = -EBADF; - sd_id128_t machine, boot; - struct stat st; - uint64_t n; - int r; - - r = stat("/var/log/journal", &st); - if (r < 0 && !IN_SET(errno, ENOENT, ENOTDIR)) - return log_error_errno(errno, "stat(\"%s\") failed: %m", "/var/log/journal"); - - if (r < 0 || !S_ISDIR(st.st_mode)) { - log_error("%s is not a directory, must be using persistent logging for FSS.", - "/var/log/journal"); - return r < 0 ? -errno : -ENOTDIR; - } - - r = sd_id128_get_machine(&machine); - if (r < 0) - return log_error_errno(r, "Failed to get machine ID: %m"); - - r = sd_id128_get_boot(&boot); - if (r < 0) - return log_error_errno(r, "Failed to get boot ID: %m"); - - if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss", - SD_ID128_FORMAT_VAL(machine)) < 0) - return log_oom(); - - if (arg_force) { - r = unlink(p); - if (r < 0 && errno != ENOENT) - return log_error_errno(errno, "unlink(\"%s\") failed: %m", p); - } else if (access(p, F_OK) >= 0) - return log_error_errno(SYNTHETIC_ERRNO(EEXIST), - "Sealing key file %s exists already. Use --force to recreate.", p); - - if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX", - SD_ID128_FORMAT_VAL(machine)) < 0) - return log_oom(); - - mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR); - mpk = alloca_safe(mpk_size); - - seed_size = FSPRG_RECOMMENDED_SEEDLEN; - seed = alloca_safe(seed_size); - - state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR); - state = alloca_safe(state_size); - - log_info("Generating seed..."); - r = crypto_random_bytes(seed, seed_size); - if (r < 0) - return log_error_errno(r, "Failed to acquire random seed: %m"); - - log_info("Generating key pair..."); - FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR); - - log_info("Generating sealing key..."); - FSPRG_GenState0(state, mpk, seed, seed_size); - - assert(arg_interval > 0); - - n = now(CLOCK_REALTIME); - n /= arg_interval; - - safe_close(fd); - fd = mkostemp_safe(k); - if (fd < 0) - return log_error_errno(fd, "Failed to open %s: %m", k); - - r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS); - if (r < 0) - log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING, - r, "Failed to set file attributes on '%s', ignoring: %m", k); - - struct FSSHeader h = { - .signature = { 'K', 'S', 'H', 'H', 'R', 'H', 'L', 'P' }, - .machine_id = machine, - .boot_id = boot, - .header_size = htole64(sizeof(h)), - .start_usec = htole64(n * arg_interval), - .interval_usec = htole64(arg_interval), - .fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR), - .fsprg_state_size = htole64(state_size), - }; - - r = loop_write(fd, &h, sizeof(h)); - if (r < 0) - return log_error_errno(r, "Failed to write header: %m"); - - r = loop_write(fd, state, state_size); - if (r < 0) - return log_error_errno(r, "Failed to write state: %m"); - - if (rename(k, p) < 0) - return log_error_errno(errno, "Failed to link file: %m"); - - k = mfree(k); - - _cleanup_free_ char *hn = NULL, *key = NULL; - - r = format_journal_url(seed, seed_size, n, arg_interval, hn, machine, false, &key); - if (r < 0) - return r; - - if (on_tty()) { - hn = gethostname_malloc(); - if (hn) - hostname_cleanup(hn); - - fprintf(stderr, - "\nNew keys have been generated for host %s%s" SD_ID128_FORMAT_STR ".\n" - "\n" - "The %ssecret sealing key%s has been written to the following local file.\n" - "This key file is automatically updated when the sealing key is advanced.\n" - "It should not be used on multiple hosts.\n" - "\n" - "\t%s\n" - "\n" - "The sealing key is automatically changed every %s.\n" - "\n" - "Please write down the following %ssecret verification key%s. It should be stored\n" - "in a safe location and should not be saved locally on disk.\n" - "\n\t%s", - strempty(hn), hn ? "/" : "", - SD_ID128_FORMAT_VAL(machine), - ansi_highlight(), ansi_normal(), - p, - FORMAT_TIMESPAN(arg_interval, 0), - ansi_highlight(), ansi_normal(), - ansi_highlight_red()); - fflush(stderr); - } - - puts(key); - - if (on_tty()) { - fprintf(stderr, "%s", ansi_normal()); -#if HAVE_QRENCODE - _cleanup_free_ char *url = NULL; - r = format_journal_url(seed, seed_size, n, arg_interval, hn, machine, true, &url); - if (r < 0) - return r; - - (void) print_qrcode(stderr, - "To transfer the verification key to your phone scan the QR code below", - url); -#endif - } - - return 0; -#else - return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), - "Forward-secure sealing not available."); -#endif -} - -static int verify(sd_journal *j, bool verbose) { - int r = 0; - JournalFile *f; - - assert(j); - - log_show_color(true); - - ORDERED_HASHMAP_FOREACH(f, j->files) { - int k; - usec_t first = 0, validated = 0, last = 0; - -#if HAVE_GCRYPT - if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) - log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path); -#endif - - k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, verbose); - if (k == -EINVAL) - /* If the key was invalid give up right-away. */ - return k; - else if (k < 0) - r = log_warning_errno(k, "FAIL: %s (%m)", f->path); - else { - char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX]; - log_full(verbose ? LOG_INFO : LOG_DEBUG, "PASS: %s", f->path); - - if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) { - if (validated > 0) { - log_full(verbose ? LOG_INFO : LOG_DEBUG, - "=> Validated from %s to %s, final %s entries not sealed.", - format_timestamp_maybe_utc(a, sizeof(a), first), - format_timestamp_maybe_utc(b, sizeof(b), validated), - FORMAT_TIMESPAN(last > validated ? last - validated : 0, 0)); - } else if (last > 0) - log_full(verbose ? LOG_INFO : LOG_DEBUG, - "=> No sealing yet, %s of entries not sealed.", - FORMAT_TIMESPAN(last - first, 0)); - else - log_full(verbose ? LOG_INFO : LOG_DEBUG, - "=> No sealing yet, no entries in file."); - } - } - } - - return r; -} - -static int simple_varlink_call(const char *option, const char *method) { - _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL; - const char *error, *fn; - int r; - - if (arg_machine) - return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "%s is not supported in conjunction with --machine=.", option); - - fn = arg_namespace ? - strjoina("/run/systemd/journal.", arg_namespace, "/io.systemd.journal") : - "/run/systemd/journal/io.systemd.journal"; - - r = varlink_connect_address(&link, fn); - if (r < 0) - return log_error_errno(r, "Failed to connect to %s: %m", fn); - - (void) varlink_set_description(link, "journal"); - (void) varlink_set_relative_timeout(link, USEC_INFINITY); - - r = varlink_call(link, method, NULL, NULL, &error, NULL); - if (r < 0) - return log_error_errno(r, "Failed to execute varlink call: %m"); - if (error) - return log_error_errno(SYNTHETIC_ERRNO(ENOANO), - "Failed to execute varlink call: %s", error); - - return 0; -} - -static int flush_to_var(void) { - if (access("/run/systemd/journal/flushed", F_OK) >= 0) - return 0; /* Already flushed, no need to contact journald */ - if (errno != ENOENT) - return log_error_errno(errno, "Unable to check for existence of /run/systemd/journal/flushed: %m"); - - return simple_varlink_call("--flush", "io.systemd.Journal.FlushToVar"); -} - -static int relinquish_var(void) { - return simple_varlink_call("--relinquish-var/--smart-relinquish-var", "io.systemd.Journal.RelinquishVar"); -} - -static int rotate(void) { - return simple_varlink_call("--rotate", "io.systemd.Journal.Rotate"); -} - -static int sync_journal(void) { - return simple_varlink_call("--sync", "io.systemd.Journal.Synchronize"); -} - -static int action_list_fields(sd_journal *j) { - const void *data; - size_t size; - int r, n_shown = 0; - - assert(arg_field); - - r = sd_journal_set_data_threshold(j, 0); - if (r < 0) - return log_error_errno(r, "Failed to unset data size threshold: %m"); - - r = sd_journal_query_unique(j, arg_field); - if (r < 0) - return log_error_errno(r, "Failed to query unique data objects: %m"); - - SD_JOURNAL_FOREACH_UNIQUE(j, data, size) { - const void *eq; - - if (arg_lines >= 0 && n_shown >= arg_lines) - break; - - eq = memchr(data, '=', size); - if (eq) - printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1); - else - printf("%.*s\n", (int) size, (const char*) data); - - n_shown++; - } - - return 0; -} - -static int update_cursor(sd_journal *j) { - _cleanup_free_ char *cursor = NULL; - int r; - - assert(j); - - if (!arg_show_cursor && !arg_cursor_file) - return 0; - - r = sd_journal_get_cursor(j, &cursor); - if (r == -EADDRNOTAVAIL) - return 0; - if (r < 0) - return log_error_errno(r, "Failed to get cursor: %m"); - - if (arg_show_cursor) - printf("-- cursor: %s\n", cursor); - - if (arg_cursor_file) { - r = write_string_file(arg_cursor_file, cursor, WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_ATOMIC); - if (r < 0) - return log_error_errno(r, "Failed to write new cursor to %s: %m", arg_cursor_file); - } - - return 0; -} - -typedef struct Context { - sd_journal *journal; - bool has_cursor; - bool need_seek; - bool since_seeked; - bool ellipsized; - bool previous_boot_id_valid; - sd_id128_t previous_boot_id; - sd_id128_t previous_boot_id_output; - dual_timestamp previous_ts_output; -} Context; - -static int show(Context *c) { - sd_journal *j; - int r, n_shown = 0; - - assert(c); - - j = ASSERT_PTR(c->journal); - - while (arg_lines < 0 || n_shown < arg_lines || arg_follow) { - int flags; - size_t highlight[2] = {}; - - if (c->need_seek) { - r = sd_journal_step_one(j, !arg_reverse); - if (r < 0) - return log_error_errno(r, "Failed to iterate through journal: %m"); - if (r == 0) - break; - } - - if (arg_until_set && !arg_reverse && (arg_lines < 0 || arg_since_set || c->has_cursor)) { - /* If --lines= is set, we usually rely on the n_shown to tell us when to stop. - * However, if --since= or one of the cursor argument is set too, we may end up - * having less than --lines= to output. In this case let's also check if the entry - * is in range. */ - - usec_t usec; - - r = sd_journal_get_realtime_usec(j, &usec); - if (r < 0) - return log_error_errno(r, "Failed to determine timestamp: %m"); - if (usec > arg_until) - break; - } - - if (arg_since_set && (arg_reverse || !c->since_seeked)) { - usec_t usec; - - r = sd_journal_get_realtime_usec(j, &usec); - if (r < 0) - return log_error_errno(r, "Failed to determine timestamp: %m"); - - if (usec < arg_since) { - if (arg_reverse) - break; /* Reached the earliest entry */ - - /* arg_lines >= 0 (!since_seeked): - * We jumped arg_lines back and it seems to be too much */ - r = sd_journal_seek_realtime_usec(j, arg_since); - if (r < 0) - return log_error_errno(r, "Failed to seek to date: %m"); - c->since_seeked = true; - - c->need_seek = true; - continue; - } - c->since_seeked = true; /* We're surely within the range of --since now */ - } - - if (!arg_merge && !arg_quiet) { - sd_id128_t boot_id; - - r = sd_journal_get_monotonic_usec(j, NULL, &boot_id); - if (r >= 0) { - if (c->previous_boot_id_valid && - !sd_id128_equal(boot_id, c->previous_boot_id)) - printf("%s-- Boot "SD_ID128_FORMAT_STR" --%s\n", - ansi_highlight(), SD_ID128_FORMAT_VAL(boot_id), ansi_normal()); - - c->previous_boot_id = boot_id; - c->previous_boot_id_valid = true; - } - } - - if (arg_compiled_pattern) { - const void *message; - size_t len; - - r = sd_journal_get_data(j, "MESSAGE", &message, &len); - if (r < 0) { - if (r == -ENOENT) { - c->need_seek = true; - continue; - } - - return log_error_errno(r, "Failed to get MESSAGE field: %m"); - } - - assert_se(message = startswith(message, "MESSAGE=")); - - r = pattern_matches_and_log(arg_compiled_pattern, message, - len - strlen("MESSAGE="), highlight); - if (r < 0) - return r; - if (r == 0) { - c->need_seek = true; - continue; - } - } - - flags = - arg_all * OUTPUT_SHOW_ALL | - arg_full * OUTPUT_FULL_WIDTH | - colors_enabled() * OUTPUT_COLOR | - arg_catalog * OUTPUT_CATALOG | - arg_utc * OUTPUT_UTC | - arg_truncate_newline * OUTPUT_TRUNCATE_NEWLINE | - arg_no_hostname * OUTPUT_NO_HOSTNAME; - - r = show_journal_entry(stdout, j, arg_output, 0, flags, - arg_output_fields, highlight, &c->ellipsized, - &c->previous_ts_output, &c->previous_boot_id_output); - c->need_seek = true; - if (r == -EADDRNOTAVAIL) - break; - if (r < 0) - return r; - - n_shown++; - - /* If journalctl take a long time to process messages, and during that time journal file - * rotation occurs, a journalctl client will keep those rotated files open until it calls - * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below - * in the "following" case. By periodically calling sd_journal_process() during the processing - * loop we shrink the window of time a client instance has open file descriptors for rotated - * (deleted) journal files. */ - if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) { - r = sd_journal_process(j); - if (r < 0) - return log_error_errno(r, "Failed to process inotify events: %m"); - } - } - - return n_shown; -} - -static int show_and_fflush(Context *c, sd_event_source *s) { - int r; - - assert(c); - assert(s); - - r = show(c); - if (r < 0) - return sd_event_exit(sd_event_source_get_event(s), r); - - fflush(stdout); - return 0; -} - -static int on_journal_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) { - Context *c = ASSERT_PTR(userdata); - int r; - - assert(s); - - r = sd_journal_process(c->journal); - if (r < 0) { - log_error_errno(r, "Failed to process journal events: %m"); - return sd_event_exit(sd_event_source_get_event(s), r); - } - - return show_and_fflush(c, s); -} - -static int on_first_event(sd_event_source *s, void *userdata) { - return show_and_fflush(userdata, s); -} - -static int on_signal(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) { - assert(s); - assert(si); - assert(IN_SET(si->ssi_signo, SIGTERM, SIGINT)); - - return sd_event_exit(sd_event_source_get_event(s), si->ssi_signo); -} - -static int setup_event(Context *c, int fd, sd_event **ret) { - _cleanup_(sd_event_unrefp) sd_event *e = NULL; - int r; - - assert(arg_follow); - assert(c); - assert(fd >= 0); - assert(ret); - - r = sd_event_default(&e); - if (r < 0) - return log_error_errno(r, "Failed to allocate sd_event object: %m"); - - (void) sd_event_add_signal(e, NULL, SIGTERM | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL); - (void) sd_event_add_signal(e, NULL, SIGINT | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL); - - r = sd_event_add_io(e, NULL, fd, EPOLLIN, &on_journal_event, c); - if (r < 0) - return log_error_errno(r, "Failed to add io event source for journal: %m"); - - /* Also keeps an eye on STDOUT, and exits as soon as we see a POLLHUP on that, i.e. when it is closed. */ - r = sd_event_add_io(e, NULL, STDOUT_FILENO, EPOLLHUP|EPOLLERR, NULL, INT_TO_PTR(-ECANCELED)); - if (r == -EPERM) - /* Installing an epoll watch on a regular file doesn't work and fails with EPERM. Which is - * totally OK, handle it gracefully. epoll_ctl() documents EPERM as the error returned when - * the specified fd doesn't support epoll, hence it's safe to check for that. */ - log_debug_errno(r, "Unable to install EPOLLHUP watch on stderr, not watching for hangups."); - else if (r < 0) - return log_error_errno(r, "Failed to add io event source for stdout: %m"); - - if (arg_lines != 0 || arg_since_set) { - r = sd_event_add_defer(e, NULL, on_first_event, c); - if (r < 0) - return log_error_errno(r, "Failed to add defer event source: %m"); - } + if (!arg_follow) + arg_journal_additional_open_flags = SD_JOURNAL_ASSUME_IMMUTABLE; - *ret = TAKE_PTR(e); - return 0; + return 1; } static int run(int argc, char *argv[]) { - bool need_seek = false, since_seeked = false, after_cursor = false; _cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL; _cleanup_(umount_and_freep) char *mounted_dir = NULL; - _cleanup_(sd_journal_closep) sd_journal *j = NULL; - _cleanup_free_ char *cursor_from_file = NULL; - const char *cursor = NULL; - int n_shown, r, poll_fd = -EBADF; + int r; setlocale(LC_ALL, ""); log_setup(); - /* Increase max number of open files if we can, we might needs this when browsing journal files, which might be - * split up into many files. */ - (void) rlimit_nofile_bump(HIGH_RLIMIT_NOFILE); - r = parse_argv(argc, argv); if (r <= 0) return r; + char **args = strv_skip(argv, optind); + if (arg_image) { assert(!arg_root); @@ -2195,7 +1025,8 @@ static int run(int argc, char *argv[]) { DISSECT_IMAGE_REQUIRE_ROOT | DISSECT_IMAGE_VALIDATE_OS | DISSECT_IMAGE_RELAX_VAR_CHECK | - (arg_action == ACTION_UPDATE_CATALOG ? DISSECT_IMAGE_FSCK|DISSECT_IMAGE_GROWFS : DISSECT_IMAGE_READ_ONLY), + (arg_action == ACTION_UPDATE_CATALOG ? DISSECT_IMAGE_FSCK|DISSECT_IMAGE_GROWFS : DISSECT_IMAGE_READ_ONLY) | + DISSECT_IMAGE_ALLOW_USERSPACE_VERITY, &mounted_dir, /* ret_dir_fd= */ NULL, &loop_device); @@ -2207,427 +1038,66 @@ static int run(int argc, char *argv[]) { return log_oom(); } - signal(SIGWINCH, columns_lines_cache_reset); - sigbus_install(); - switch (arg_action) { + case ACTION_SHOW: + return action_show(args); + case ACTION_NEW_ID128: return id128_print_new(ID128_PRINT_PRETTY); case ACTION_SETUP_KEYS: - return setup_keys(); + return action_setup_keys(); case ACTION_LIST_CATALOG: case ACTION_DUMP_CATALOG: - case ACTION_UPDATE_CATALOG: { - _cleanup_free_ char *database = NULL; + return action_list_catalog(args); - database = path_join(arg_root, secure_getenv("SYSTEMD_CATALOG") ?: CATALOG_DATABASE); - if (!database) - return log_oom(); + case ACTION_UPDATE_CATALOG: + return action_update_catalog(); - if (arg_action == ACTION_UPDATE_CATALOG) { - const char *e; + case ACTION_PRINT_HEADER: + return action_print_header(); - e = secure_getenv("SYSTEMD_CATALOG_SOURCES"); + case ACTION_VERIFY: + return action_verify(); - r = catalog_update( - database, - arg_root, - e ? (const char* const*) STRV_MAKE(e) : catalog_file_dirs); - if (r < 0) - return log_error_errno(r, "Failed to list catalog: %m"); - } else { - bool oneline = arg_action == ACTION_LIST_CATALOG; + case ACTION_DISK_USAGE: + return action_disk_usage(); - pager_open(arg_pager_flags); + case ACTION_LIST_BOOTS: + return action_list_boots(); - if (optind < argc) - r = catalog_list_items(stdout, database, oneline, argv + optind); - else - r = catalog_list(stdout, database, oneline); - if (r < 0) - return log_error_errno(r, "Failed to list catalog: %m"); - } + case ACTION_LIST_FIELDS: + return action_list_fields(); - return 0; - } + case ACTION_LIST_FIELD_NAMES: + return action_list_field_names(); + + case ACTION_LIST_NAMESPACES: + return action_list_namespaces(); case ACTION_FLUSH: - return flush_to_var(); + return action_flush_to_var(); case ACTION_RELINQUISH_VAR: - return relinquish_var(); + return action_relinquish_var(); case ACTION_SYNC: - return sync_journal(); + return action_sync(); case ACTION_ROTATE: - return rotate(); + return action_rotate(); - case ACTION_SHOW: - case ACTION_PRINT_HEADER: - case ACTION_VERIFY: - case ACTION_DISK_USAGE: - case ACTION_LIST_BOOTS: case ACTION_VACUUM: - case ACTION_ROTATE_AND_VACUUM: - case ACTION_LIST_FIELDS: - case ACTION_LIST_FIELD_NAMES: - /* These ones require access to the journal files, continue below. */ - break; - - default: - assert_not_reached(); - } - - if (arg_directory) - r = sd_journal_open_directory(&j, arg_directory, arg_journal_type); - else if (arg_root) - r = sd_journal_open_directory(&j, arg_root, arg_journal_type | SD_JOURNAL_OS_ROOT); - else if (arg_file_stdin) - r = sd_journal_open_files_fd(&j, (int[]) { STDIN_FILENO }, 1, 0); - else if (arg_file) - r = sd_journal_open_files(&j, (const char**) arg_file, 0); - else if (arg_machine) - r = journal_open_machine(&j, arg_machine); - else - r = sd_journal_open_namespace( - &j, - arg_namespace, - (arg_merge ? 0 : SD_JOURNAL_LOCAL_ONLY) | - arg_namespace_flags | arg_journal_type); - if (r < 0) - return log_error_errno(r, "Failed to open %s: %m", arg_directory ?: arg_file ? "files" : "journal"); - - r = journal_access_check_and_warn(j, arg_quiet, - !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units)); - if (r < 0) - return r; - - switch (arg_action) { - - case ACTION_NEW_ID128: - case ACTION_SETUP_KEYS: - case ACTION_LIST_CATALOG: - case ACTION_DUMP_CATALOG: - case ACTION_UPDATE_CATALOG: - case ACTION_FLUSH: - case ACTION_SYNC: - case ACTION_ROTATE: - assert_not_reached(); - - case ACTION_PRINT_HEADER: - journal_print_header(j); - return 0; - - case ACTION_VERIFY: - return verify(j, !arg_quiet); - - case ACTION_DISK_USAGE: { - uint64_t bytes = 0; - - r = sd_journal_get_usage(j, &bytes); - if (r < 0) - return r; - - printf("Archived and active journals take up %s in the file system.\n", - FORMAT_BYTES(bytes)); - - return 0; - } - - case ACTION_LIST_BOOTS: - return list_boots(j); + return action_vacuum(); case ACTION_ROTATE_AND_VACUUM: - - r = rotate(); - if (r < 0) - return r; - - _fallthrough_; - - case ACTION_VACUUM: { - Directory *d; - int ret = 0; - - HASHMAP_FOREACH(d, j->directories_by_path) { - r = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet); - if (r < 0) { - log_error_errno(r, "Failed to vacuum %s: %m", d->path); - if (ret >= 0) - ret = r; - } - } - - return ret; - } - - case ACTION_LIST_FIELD_NAMES: { - const char *field; - - SD_JOURNAL_FOREACH_FIELD(j, field) - printf("%s\n", field); - - return 0; - } - - case ACTION_SHOW: - case ACTION_LIST_FIELDS: - break; + return action_rotate_and_vacuum(); default: assert_not_reached(); } - - if (arg_boot_offset != 0 && - sd_journal_has_runtime_files(j) > 0 && - sd_journal_has_persistent_files(j) == 0) { - log_info("Specifying boot ID or boot offset has no effect, no persistent journal was found."); - - if (arg_action == ACTION_SHOW && arg_compiled_pattern) - return -ENOENT; - - return 0; - } - /* add_boot() must be called first! - * It may need to seek the journal to find parent boot IDs. */ - r = add_boot(j); - if (r < 0) - return r; - - r = add_dmesg(j); - if (r < 0) - return r; - - r = add_units(j); - if (r < 0) - return log_error_errno(r, "Failed to add filter for units: %m"); - - r = add_syslog_identifier(j); - if (r < 0) - return log_error_errno(r, "Failed to add filter for syslog identifiers: %m"); - - r = add_priorities(j); - if (r < 0) - return r; - - r = add_facilities(j); - if (r < 0) - return r; - - r = add_matches(j, argv + optind); - if (r < 0) - return r; - - if (DEBUG_LOGGING) { - _cleanup_free_ char *filter = NULL; - - filter = journal_make_match_string(j); - if (!filter) - return log_oom(); - - log_debug("Journal filter: %s", filter); - } - - if (arg_action == ACTION_LIST_FIELDS) - return action_list_fields(j); - - /* Opening the fd now means the first sd_journal_wait() will actually wait */ - if (arg_follow) { - poll_fd = sd_journal_get_fd(j); - if (poll_fd == -EMFILE) { - log_warning_errno(poll_fd, "Insufficient watch descriptors available. Reverting to -n."); - arg_follow = false; - } else if (poll_fd == -EMEDIUMTYPE) - return log_error_errno(poll_fd, "The --follow switch is not supported in conjunction with reading from STDIN."); - else if (poll_fd < 0) - return log_error_errno(poll_fd, "Failed to get journal fd: %m"); - } - - if (arg_cursor || arg_after_cursor || arg_cursor_file) { - cursor = arg_cursor ?: arg_after_cursor; - - if (arg_cursor_file) { - r = read_one_line_file(arg_cursor_file, &cursor_from_file); - if (r < 0 && r != -ENOENT) - return log_error_errno(r, "Failed to read cursor file %s: %m", arg_cursor_file); - - if (r > 0) { - cursor = cursor_from_file; - after_cursor = true; - } - } else - after_cursor = arg_after_cursor; - } - - if (cursor) { - r = sd_journal_seek_cursor(j, cursor); - if (r < 0) - return log_error_errno(r, "Failed to seek to cursor: %m"); - - r = sd_journal_step_one(j, !arg_reverse); - if (r < 0) - return log_error_errno(r, "Failed to iterate through journal: %m"); - - if (after_cursor && r > 0) { - /* With --after-cursor=/--cursor-file= we want to skip the first entry only if it's - * the entry the cursor is pointing at, otherwise, if some journal filters are used, - * we might skip the first entry of the filter match, which leads to unexpectedly - * missing journal entries. */ - int k; - - k = sd_journal_test_cursor(j, cursor); - if (k < 0) - return log_error_errno(k, "Failed to test cursor against current entry: %m"); - if (k > 0) - /* Current entry matches the one our cursor is pointing at, so let's try - * to advance the next entry. */ - r = sd_journal_step_one(j, !arg_reverse); - } - - if (r == 0) { - /* We couldn't find the next entry after the cursor. */ - if (arg_follow) - need_seek = true; - else - arg_lines = 0; - } - } else if (arg_until_set && (arg_reverse || arg_lines_needs_seek_end())) { - /* If both --until and any of --reverse and --lines=N is specified, things get - * a little tricky. We seek to the place of --until first. If only --reverse or - * --reverse and --lines is specified, we search backwards and let the output - * counter handle --lines for us. If only --lines is used, we just jump backwards - * arg_lines and search afterwards from there. */ - - r = sd_journal_seek_realtime_usec(j, arg_until); - if (r < 0) - return log_error_errno(r, "Failed to seek to date: %m"); - - if (arg_reverse) - r = sd_journal_previous(j); - else /* arg_lines_needs_seek_end */ - r = sd_journal_previous_skip(j, arg_lines); - - } else if (arg_reverse) { - r = sd_journal_seek_tail(j); - if (r < 0) - return log_error_errno(r, "Failed to seek to tail: %m"); - - r = sd_journal_previous(j); - - } else if (arg_lines_needs_seek_end()) { - r = sd_journal_seek_tail(j); - if (r < 0) - return log_error_errno(r, "Failed to seek to tail: %m"); - - r = sd_journal_previous_skip(j, arg_lines); - - } else if (arg_since_set) { - /* This is placed after arg_reverse and arg_lines. If --since is used without - * both, we seek to the place of --since and search afterwards from there. - * If used with --reverse or --lines, we seek to the tail first and check if - * the entry is within the range of --since later. */ - - r = sd_journal_seek_realtime_usec(j, arg_since); - if (r < 0) - return log_error_errno(r, "Failed to seek to date: %m"); - since_seeked = true; - - r = sd_journal_next(j); - - } else { - r = sd_journal_seek_head(j); - if (r < 0) - return log_error_errno(r, "Failed to seek to head: %m"); - - r = sd_journal_next(j); - } - if (r < 0) - return log_error_errno(r, "Failed to iterate through journal: %m"); - if (r == 0) - need_seek = true; - - if (!arg_follow) - pager_open(arg_pager_flags); - - if (!arg_quiet && (arg_lines != 0 || arg_follow) && DEBUG_LOGGING) { - usec_t start, end; - char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX]; - - r = sd_journal_get_cutoff_realtime_usec(j, &start, &end); - if (r < 0) - return log_error_errno(r, "Failed to get cutoff: %m"); - if (r > 0) { - if (arg_follow) - printf("-- Journal begins at %s. --\n", - format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start)); - else - printf("-- Journal begins at %s, ends at %s. --\n", - format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start), - format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end)); - } - } - - Context c = { - .journal = j, - .has_cursor = cursor, - .need_seek = need_seek, - .since_seeked = since_seeked, - }; - - if (arg_follow) { - _cleanup_(sd_event_unrefp) sd_event *e = NULL; - int sig; - - assert(poll_fd >= 0); - - r = setup_event(&c, poll_fd, &e); - if (r < 0) - return r; - - r = sd_event_loop(e); - if (r < 0) - return r; - sig = r; - - /* unref signal event sources. */ - e = sd_event_unref(e); - - r = update_cursor(j); - if (r < 0) - return r; - - /* re-send the original signal. */ - assert(SIGNAL_VALID(sig)); - if (raise(sig) < 0) - log_error("Failed to raise the original signal SIG%s, ignoring: %m", signal_to_string(sig)); - - return 0; - } - - r = show(&c); - if (r < 0) - return r; - n_shown = r; - - if (n_shown == 0 && !arg_quiet) - printf("-- No entries --\n"); - - r = update_cursor(j); - if (r < 0) - return r; - - if (arg_compiled_pattern && n_shown == 0) - /* --grep was used, no error was thrown, but the pattern didn't - * match anything. Let's mimic grep's behavior here and return - * a non-zero exit code, so journalctl --grep can be used - * in scripts and such */ - return -ENOENT; - - return 0; } -DEFINE_MAIN_FUNCTION(run); +DEFINE_MAIN_FUNCTION_WITH_POSITIVE_SIGNAL(run); diff --git a/src/journal/journalctl.h b/src/journal/journalctl.h new file mode 100644 index 0000000..c6993a2 --- /dev/null +++ b/src/journal/journalctl.h @@ -0,0 +1,99 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include <inttypes.h> +#include <stdbool.h> + +#include "sd-id128.h" + +#include "json.h" +#include "output-mode.h" +#include "pager.h" +#include "pcre2-util.h" +#include "set.h" +#include "time-util.h" + +typedef enum JournalctlAction { + ACTION_SHOW, + ACTION_NEW_ID128, + ACTION_SETUP_KEYS, + ACTION_LIST_CATALOG, + ACTION_DUMP_CATALOG, + ACTION_UPDATE_CATALOG, + ACTION_PRINT_HEADER, + ACTION_VERIFY, + ACTION_DISK_USAGE, + ACTION_LIST_BOOTS, + ACTION_LIST_FIELDS, + ACTION_LIST_FIELD_NAMES, + ACTION_LIST_NAMESPACES, + ACTION_FLUSH, + ACTION_RELINQUISH_VAR, + ACTION_SYNC, + ACTION_ROTATE, + ACTION_VACUUM, + ACTION_ROTATE_AND_VACUUM, +} JournalctlAction; + +extern JournalctlAction arg_action; +extern OutputMode arg_output; +extern JsonFormatFlags arg_json_format_flags; +extern PagerFlags arg_pager_flags; +extern bool arg_utc; +extern bool arg_follow; +extern bool arg_full; +extern bool arg_all; +extern int arg_lines; +extern bool arg_lines_oldest; +extern bool arg_no_tail; +extern bool arg_truncate_newline; +extern bool arg_quiet; +extern bool arg_merge; +extern bool arg_boot; +extern sd_id128_t arg_boot_id; +extern int arg_boot_offset; +extern bool arg_dmesg; +extern bool arg_no_hostname; +extern const char *arg_cursor; +extern const char *arg_cursor_file; +extern const char *arg_after_cursor; +extern bool arg_show_cursor; +extern const char *arg_directory; +extern char **arg_file; +extern bool arg_file_stdin; +extern int arg_priorities; +extern Set *arg_facilities; +extern char *arg_verify_key; +#if HAVE_GCRYPT +extern usec_t arg_interval; +extern bool arg_force; +#endif +extern usec_t arg_since; +extern usec_t arg_until; +extern bool arg_since_set; +extern bool arg_until_set; +extern char **arg_syslog_identifier; +extern char **arg_exclude_identifier; +extern char **arg_system_units; +extern char **arg_user_units; +extern const char *arg_field; +extern bool arg_catalog; +extern bool arg_reverse; +extern int arg_journal_type; +extern int arg_journal_additional_open_flags; +extern int arg_namespace_flags; +extern char *arg_root; +extern char *arg_image; +extern const char *arg_machine; +extern const char *arg_namespace; +extern uint64_t arg_vacuum_size; +extern uint64_t arg_vacuum_n_files; +extern usec_t arg_vacuum_time; +extern Set *arg_output_fields; +extern const char *arg_pattern; +extern pcre2_code *arg_compiled_pattern; +extern PatternCompileCase arg_case; + +static inline bool arg_lines_needs_seek_end(void) { + return arg_lines >= 0 && !arg_lines_oldest; +} diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c index bddfe76..d49283d 100644 --- a/src/journal/journald-audit.c +++ b/src/journal/journald-audit.c @@ -335,10 +335,9 @@ void process_audit_string(Server *s, int type, const char *data, size_t size) { size_t n = 0, z; uint64_t seconds, msec, id; const char *p, *type_name; - char id_field[sizeof("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)], - type_field[sizeof("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)], - source_time_field[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)]; - struct iovec iovec[N_IOVEC_META_FIELDS + 8 + N_IOVEC_AUDIT_FIELDS]; + char id_field[STRLEN("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)], + type_field[STRLEN("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)]; + struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_AUDIT_FIELDS]; char *m, *type_field_name; int k; @@ -375,14 +374,10 @@ void process_audit_string(Server *s, int type, const char *data, size_t size) { iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=audit"); - sprintf(source_time_field, "_SOURCE_REALTIME_TIMESTAMP=%" PRIu64, - (usec_t) seconds * USEC_PER_SEC + (usec_t) msec * USEC_PER_MSEC); - iovec[n++] = IOVEC_MAKE_STRING(source_time_field); - - sprintf(type_field, "_AUDIT_TYPE=%i", type); + xsprintf(type_field, "_AUDIT_TYPE=%i", type); iovec[n++] = IOVEC_MAKE_STRING(type_field); - sprintf(id_field, "_AUDIT_ID=%" PRIu64, id); + xsprintf(id_field, "_AUDIT_ID=%" PRIu64, id); iovec[n++] = IOVEC_MAKE_STRING(id_field); assert_cc(4 == LOG_FAC(LOG_AUTH)); @@ -401,7 +396,9 @@ void process_audit_string(Server *s, int type, const char *data, size_t size) { map_all_fields(p, map_fields_kernel, "_AUDIT_FIELD_", true, iovec, &n, n + N_IOVEC_AUDIT_FIELDS); - server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, LOG_NOTICE, 0); + server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, + TIMEVAL_STORE((usec_t) seconds * USEC_PER_SEC + (usec_t) msec * USEC_PER_MSEC), + LOG_NOTICE, 0); /* free() all entries that map_all_fields() added. All others * are allocated on the stack or are constant. */ diff --git a/src/journal/journald-context.c b/src/journal/journald-context.c index f5f6ec5..b44f700 100644 --- a/src/journal/journald-context.c +++ b/src/journal/journald-context.c @@ -612,7 +612,7 @@ static void client_context_try_shrink_to(Server *s, size_t limit) { if (pid_is_unwaited(c->pid) == 0) client_context_free(s, c); else - idx ++; + idx++; } s->last_cache_pid_flush = t; @@ -650,8 +650,8 @@ void client_context_flush_all(Server *s) { client_context_flush_regular(s); - assert(prioq_size(s->client_contexts_lru) == 0); - assert(hashmap_size(s->client_contexts) == 0); + assert(prioq_isempty(s->client_contexts_lru)); + assert(hashmap_isempty(s->client_contexts)); s->client_contexts_lru = prioq_free(s->client_contexts_lru); s->client_contexts = hashmap_free(s->client_contexts); diff --git a/src/journal/journald-gperf.gperf b/src/journal/journald-gperf.gperf index 9076597..49987f5 100644 --- a/src/journal/journald-gperf.gperf +++ b/src/journal/journald-gperf.gperf @@ -19,35 +19,37 @@ struct ConfigPerfItem; %struct-type %includes %% -Journal.Storage, config_parse_storage, 0, offsetof(Server, storage) -Journal.Compress, config_parse_compress, 0, offsetof(Server, compress) -Journal.Seal, config_parse_bool, 0, offsetof(Server, seal) -Journal.ReadKMsg, config_parse_bool, 0, offsetof(Server, read_kmsg) -Journal.Audit, config_parse_tristate, 0, offsetof(Server, set_audit) -Journal.SyncIntervalSec, config_parse_sec, 0, offsetof(Server, sync_interval_usec) +Journal.Storage, config_parse_storage, 0, offsetof(Server, storage) +Journal.Compress, config_parse_compress, 0, offsetof(Server, compress) +Journal.Seal, config_parse_bool, 0, offsetof(Server, seal) +Journal.ReadKMsg, config_parse_bool, 0, offsetof(Server, read_kmsg) +Journal.Audit, config_parse_tristate, 0, offsetof(Server, set_audit) +Journal.SyncIntervalSec, config_parse_sec, 0, offsetof(Server, sync_interval_usec) # The following is a legacy name for compatibility -Journal.RateLimitInterval, config_parse_sec, 0, offsetof(Server, ratelimit_interval) -Journal.RateLimitIntervalSec,config_parse_sec, 0, offsetof(Server, ratelimit_interval) -Journal.RateLimitBurst, config_parse_unsigned, 0, offsetof(Server, ratelimit_burst) -Journal.SystemMaxUse, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_use) -Journal.SystemMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_size) -Journal.SystemKeepFree, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.keep_free) -Journal.SystemMaxFiles, config_parse_uint64, 0, offsetof(Server, system_storage.metrics.n_max_files) -Journal.RuntimeMaxUse, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_use) -Journal.RuntimeMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_size) -Journal.RuntimeKeepFree, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.keep_free) -Journal.RuntimeMaxFiles, config_parse_uint64, 0, offsetof(Server, runtime_storage.metrics.n_max_files) -Journal.MaxRetentionSec, config_parse_sec, 0, offsetof(Server, max_retention_usec) -Journal.MaxFileSec, config_parse_sec, 0, offsetof(Server, max_file_usec) -Journal.ForwardToSyslog, config_parse_bool, 0, offsetof(Server, forward_to_syslog) -Journal.ForwardToKMsg, config_parse_bool, 0, offsetof(Server, forward_to_kmsg) -Journal.ForwardToConsole, config_parse_bool, 0, offsetof(Server, forward_to_console) -Journal.ForwardToWall, config_parse_bool, 0, offsetof(Server, forward_to_wall) -Journal.TTYPath, config_parse_path, 0, offsetof(Server, tty_path) -Journal.MaxLevelStore, config_parse_log_level, 0, offsetof(Server, max_level_store) -Journal.MaxLevelSyslog, config_parse_log_level, 0, offsetof(Server, max_level_syslog) -Journal.MaxLevelKMsg, config_parse_log_level, 0, offsetof(Server, max_level_kmsg) -Journal.MaxLevelConsole, config_parse_log_level, 0, offsetof(Server, max_level_console) -Journal.MaxLevelWall, config_parse_log_level, 0, offsetof(Server, max_level_wall) -Journal.SplitMode, config_parse_split_mode, 0, offsetof(Server, split_mode) -Journal.LineMax, config_parse_line_max, 0, offsetof(Server, line_max) +Journal.RateLimitInterval, config_parse_sec, 0, offsetof(Server, ratelimit_interval) +Journal.RateLimitIntervalSec,config_parse_sec, 0, offsetof(Server, ratelimit_interval) +Journal.RateLimitBurst, config_parse_unsigned, 0, offsetof(Server, ratelimit_burst) +Journal.SystemMaxUse, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_use) +Journal.SystemMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_size) +Journal.SystemKeepFree, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.keep_free) +Journal.SystemMaxFiles, config_parse_uint64, 0, offsetof(Server, system_storage.metrics.n_max_files) +Journal.RuntimeMaxUse, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_use) +Journal.RuntimeMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_size) +Journal.RuntimeKeepFree, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.keep_free) +Journal.RuntimeMaxFiles, config_parse_uint64, 0, offsetof(Server, runtime_storage.metrics.n_max_files) +Journal.MaxRetentionSec, config_parse_sec, 0, offsetof(Server, max_retention_usec) +Journal.MaxFileSec, config_parse_sec, 0, offsetof(Server, max_file_usec) +Journal.ForwardToSyslog, config_parse_bool, 0, offsetof(Server, forward_to_syslog) +Journal.ForwardToKMsg, config_parse_bool, 0, offsetof(Server, forward_to_kmsg) +Journal.ForwardToConsole, config_parse_bool, 0, offsetof(Server, forward_to_console) +Journal.ForwardToWall, config_parse_bool, 0, offsetof(Server, forward_to_wall) +Journal.ForwardToSocket, config_parse_forward_to_socket, 0, offsetof(Server, forward_to_socket) +Journal.TTYPath, config_parse_path, 0, offsetof(Server, tty_path) +Journal.MaxLevelStore, config_parse_log_level, 0, offsetof(Server, max_level_store) +Journal.MaxLevelSyslog, config_parse_log_level, 0, offsetof(Server, max_level_syslog) +Journal.MaxLevelKMsg, config_parse_log_level, 0, offsetof(Server, max_level_kmsg) +Journal.MaxLevelConsole, config_parse_log_level, 0, offsetof(Server, max_level_console) +Journal.MaxLevelWall, config_parse_log_level, 0, offsetof(Server, max_level_wall) +Journal.MaxLevelSocket, config_parse_log_level, 0, offsetof(Server, max_level_socket) +Journal.SplitMode, config_parse_split_mode, 0, offsetof(Server, split_mode) +Journal.LineMax, config_parse_line_max, 0, offsetof(Server, line_max) diff --git a/src/journal/journald-kmsg.c b/src/journal/journald-kmsg.c index 28d4880..78f6e1f 100644 --- a/src/journal/journald-kmsg.c +++ b/src/journal/journald-kmsg.c @@ -98,7 +98,7 @@ static bool is_us(const char *identifier, const char *pid) { void dev_kmsg_record(Server *s, char *p, size_t l) { - _cleanup_free_ char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL, *identifier = NULL, *pid = NULL; + _cleanup_free_ char *message = NULL, *syslog_pid = NULL, *syslog_identifier = NULL, *identifier = NULL, *pid = NULL; struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_KERNEL_FIELDS + 2 + N_IOVEC_UDEV_FIELDS]; char *kernel_device = NULL; unsigned long long usec; @@ -253,16 +253,19 @@ void dev_kmsg_record(Server *s, char *p, size_t l) { } } - if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu", usec) >= 0) - iovec[n++] = IOVEC_MAKE_STRING(source_time); + char source_time[STRLEN("_SOURCE_MONOTONIC_TIMESTAMP=") + DECIMAL_STR_MAX(unsigned long long)]; + xsprintf(source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu", usec); + iovec[n++] = IOVEC_MAKE_STRING(source_time); iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=kernel"); - if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0) - iovec[n++] = IOVEC_MAKE_STRING(syslog_priority); + char syslog_priority[STRLEN("PRIORITY=") + DECIMAL_STR_MAX(int)]; + xsprintf(syslog_priority, "PRIORITY=%i", LOG_PRI(priority)); + iovec[n++] = IOVEC_MAKE_STRING(syslog_priority); - if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0) - iovec[n++] = IOVEC_MAKE_STRING(syslog_facility); + char syslog_facility[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)]; + xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)); + iovec[n++] = IOVEC_MAKE_STRING(syslog_facility); if (LOG_FAC(priority) == LOG_KERN) iovec[n++] = IOVEC_MAKE_STRING("SYSLOG_IDENTIFIER=kernel"); diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c index 315ec0b..0600102 100644 --- a/src/journal/journald-native.c +++ b/src/journal/journald-native.c @@ -22,7 +22,6 @@ #include "journald-wall.h" #include "memfd-util.h" #include "memory-util.h" -#include "missing_fcntl.h" #include "parse-util.h" #include "path-util.h" #include "process-util.h" @@ -54,13 +53,13 @@ static void server_process_entry_meta( else if (l == 17 && startswith(p, "SYSLOG_FACILITY=") && p[16] >= '0' && p[16] <= '9') - *priority = (*priority & LOG_PRIMASK) | ((p[16] - '0') << 3); + *priority = LOG_PRI(*priority) | ((p[16] - '0') << 3); else if (l == 18 && startswith(p, "SYSLOG_FACILITY=") && p[16] >= '0' && p[16] <= '9' && p[17] >= '0' && p[17] <= '9') - *priority = (*priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3); + *priority = LOG_PRI(*priority) | (((p[16] - '0')*10 + (p[17] - '0')) << 3); else if (l >= 19 && startswith(p, "SYSLOG_IDENTIFIER=")) { @@ -327,7 +326,7 @@ void server_process_native_message( } while (r == 0); } -void server_process_native_file( +int server_process_native_file( Server *s, int fd, const struct ucred *ucred, @@ -343,30 +342,25 @@ void server_process_native_file( assert(s); assert(fd >= 0); - if (fstat(fd, &st) < 0) { - log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, "Failed to stat passed file, ignoring: %m"); - return; - } + if (fstat(fd, &st) < 0) + return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, + "Failed to stat passed file: %m"); r = stat_verify_regular(&st); - if (r < 0) { - log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, "File passed is not regular, ignoring: %m"); - return; - } + if (r < 0) + return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, + "File passed is not regular, ignoring message: %m"); if (st.st_size <= 0) - return; + return 0; - int flags = fcntl(fd, F_GETFL); - if (flags < 0) { - log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, "Failed to get flags of passed file, ignoring: %m"); - return; - } - - if ((flags & ~(O_ACCMODE|RAW_O_LARGEFILE)) != 0) { - log_ratelimit_error(JOURNAL_LOG_RATELIMIT, "Unexpected flags of passed memory fd, ignoring message: %m"); - return; - } + r = fd_verify_safe_flags(fd); + if (r == -EREMOTEIO) + return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, + "Unexpected flags of passed memory fd, ignoring message."); + if (r < 0) + return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, + "Failed to get flags of passed file: %m"); /* If it's a memfd, check if it is sealed. If so, we can just mmap it and use it, and do not need to * copy the data out. */ @@ -376,38 +370,30 @@ void server_process_native_file( _cleanup_free_ char *k = NULL; const char *e; - /* If this is not a sealed memfd, and the peer is unknown or - * unprivileged, then verify the path. */ + /* If this is not a sealed memfd, and the peer is unknown or unprivileged, then verify the + * path. */ r = fd_get_path(fd, &k); - if (r < 0) { - log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, - "readlink(/proc/self/fd/%i) failed: %m", fd); - return; - } + if (r < 0) + return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, + "Failed to get path of passed fd: %m"); e = PATH_STARTSWITH_SET(k, "/dev/shm/", "/tmp/", "/var/tmp/"); - if (!e) { - log_ratelimit_error(JOURNAL_LOG_RATELIMIT, - "Received file outside of allowed directories. Refusing."); - return; - } + if (!e) + return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EPERM), JOURNAL_LOG_RATELIMIT, + "Received file outside of allowed directories, refusing."); - if (!filename_is_valid(e)) { - log_ratelimit_error(JOURNAL_LOG_RATELIMIT, - "Received file in subdirectory of allowed directories. Refusing."); - return; - } + if (!filename_is_valid(e)) + return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EPERM), JOURNAL_LOG_RATELIMIT, + "Received file in subdirectory of allowed directories, refusing."); } /* When !sealed, set a lower memory limit. We have to read the file, effectively doubling memory * use. */ - if (st.st_size > ENTRY_SIZE_MAX / (sealed ? 1 : 2)) { - log_ratelimit_error(JOURNAL_LOG_RATELIMIT, - "File passed too large (%"PRIu64" bytes). Ignoring.", - (uint64_t) st.st_size); - return; - } + if (st.st_size > ENTRY_SIZE_MAX / (sealed ? 1 : 2)) + return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EFBIG), JOURNAL_LOG_RATELIMIT, + "File passed too large (%"PRIu64" bytes), refusing.", + (uint64_t) st.st_size); if (sealed) { void *p; @@ -418,67 +404,54 @@ void server_process_native_file( ps = PAGE_ALIGN(st.st_size); assert(ps < SIZE_MAX); p = mmap(NULL, ps, PROT_READ, MAP_PRIVATE, fd, 0); - if (p == MAP_FAILED) { - log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, - "Failed to map memfd, ignoring: %m"); - return; - } + if (p == MAP_FAILED) + return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, + "Failed to map memfd: %m"); server_process_native_message(s, p, st.st_size, ucred, tv, label, label_len); assert_se(munmap(p, ps) >= 0); - } else { - _cleanup_free_ void *p = NULL; - struct statvfs vfs; - ssize_t n; - - if (fstatvfs(fd, &vfs) < 0) { - log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, - "Failed to stat file system of passed file, not processing it: %m"); - return; - } - /* Refuse operating on file systems that have - * mandatory locking enabled, see: - * - * https://github.com/systemd/systemd/issues/1822 - */ - if (vfs.f_flag & ST_MANDLOCK) { - log_ratelimit_error(JOURNAL_LOG_RATELIMIT, - "Received file descriptor from file system with mandatory locking enabled, not processing it."); - return; - } + return 0; + } - /* Make the fd non-blocking. On regular files this has - * the effect of bypassing mandatory locking. Of - * course, this should normally not be necessary given - * the check above, but let's better be safe than - * sorry, after all NFS is pretty confusing regarding - * file system flags, and we better don't trust it, - * and so is SMB. */ - r = fd_nonblock(fd, true); - if (r < 0) { - log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, - "Failed to make fd non-blocking, not processing it: %m"); - return; - } + _cleanup_free_ void *p = NULL; + struct statvfs vfs; + ssize_t n; + + if (fstatvfs(fd, &vfs) < 0) + return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, + "Failed to stat file system of passed file: %m"); + + /* Refuse operating on file systems that have mandatory locking enabled. + * See also: https://github.com/systemd/systemd/issues/1822 */ + if (FLAGS_SET(vfs.f_flag, ST_MANDLOCK)) + return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EPERM), JOURNAL_LOG_RATELIMIT, + "Received file descriptor from file system with mandatory locking enabled, not processing it."); + + /* Make the fd non-blocking. On regular files this has the effect of bypassing mandatory + * locking. Of course, this should normally not be necessary given the check above, but let's + * better be safe than sorry, after all NFS is pretty confusing regarding file system flags, + * and we better don't trust it, and so is SMB. */ + r = fd_nonblock(fd, true); + if (r < 0) + return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, + "Failed to make fd non-blocking: %m"); - /* The file is not sealed, we can't map the file here, since - * clients might then truncate it and trigger a SIGBUS for - * us. So let's stupidly read it. */ + /* The file is not sealed, we can't map the file here, since clients might then truncate it + * and trigger a SIGBUS for us. So let's stupidly read it. */ - p = malloc(st.st_size); - if (!p) { - log_oom(); - return; - } + p = malloc(st.st_size); + if (!p) + return log_oom(); - n = pread(fd, p, st.st_size, 0); - if (n < 0) - log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, - "Failed to read file, ignoring: %m"); - else if (n > 0) - server_process_native_message(s, p, n, ucred, tv, label, label_len); - } + n = pread(fd, p, st.st_size, 0); + if (n < 0) + return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, + "Failed to read file: %m"); + if (n > 0) + server_process_native_message(s, p, n, ucred, tv, label, label_len); + + return 0; } int server_open_native_socket(Server *s, const char *native_socket) { diff --git a/src/journal/journald-native.h b/src/journal/journald-native.h index 7bbaaed..10db267 100644 --- a/src/journal/journald-native.h +++ b/src/journal/journald-native.h @@ -12,7 +12,7 @@ void server_process_native_message( const char *label, size_t label_len); -void server_process_native_file( +int server_process_native_file( Server *s, int fd, const struct ucred *ucred, diff --git a/src/journal/journald-rate-limit.c b/src/journal/journald-rate-limit.c index 1028e38..a1ae172 100644 --- a/src/journal/journald-rate-limit.c +++ b/src/journal/journald-rate-limit.c @@ -1,18 +1,13 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ -#include <errno.h> - #include "alloc-util.h" #include "hashmap.h" #include "journald-rate-limit.h" -#include "list.h" #include "logarithm.h" -#include "random-util.h" #include "string-util.h" #include "time-util.h" #define POOLS_MAX 5 -#define BUCKETS_MAX 127 #define GROUPS_MAX 2047 static const int priority_map[] = { @@ -23,20 +18,17 @@ static const int priority_map[] = { [LOG_WARNING] = 2, [LOG_NOTICE] = 3, [LOG_INFO] = 3, - [LOG_DEBUG] = 4 + [LOG_DEBUG] = 4, }; -typedef struct JournalRateLimitPool JournalRateLimitPool; -typedef struct JournalRateLimitGroup JournalRateLimitGroup; - -struct JournalRateLimitPool { +typedef struct JournalRateLimitPool { usec_t begin; unsigned num; unsigned suppressed; -}; +} JournalRateLimitPool; -struct JournalRateLimitGroup { - JournalRateLimit *parent; +typedef struct JournalRateLimitGroup { + OrderedHashmap *groups_by_id; char *id; @@ -44,116 +36,112 @@ struct JournalRateLimitGroup { usec_t interval; JournalRateLimitPool pools[POOLS_MAX]; - uint64_t hash; - - LIST_FIELDS(JournalRateLimitGroup, bucket); - LIST_FIELDS(JournalRateLimitGroup, lru); -}; - -struct JournalRateLimit { +} JournalRateLimitGroup; - JournalRateLimitGroup* buckets[BUCKETS_MAX]; - JournalRateLimitGroup *lru, *lru_tail; - - unsigned n_groups; - - uint8_t hash_key[16]; -}; - -JournalRateLimit *journal_ratelimit_new(void) { - JournalRateLimit *r; - - r = new0(JournalRateLimit, 1); - if (!r) +static JournalRateLimitGroup* journal_ratelimit_group_free(JournalRateLimitGroup *g) { + if (!g) return NULL; - random_bytes(r->hash_key, sizeof(r->hash_key)); - - return r; -} - -static void journal_ratelimit_group_free(JournalRateLimitGroup *g) { - assert(g); - - if (g->parent) { - assert(g->parent->n_groups > 0); - - if (g->parent->lru_tail == g) - g->parent->lru_tail = g->lru_prev; - - LIST_REMOVE(lru, g->parent->lru, g); - LIST_REMOVE(bucket, g->parent->buckets[g->hash % BUCKETS_MAX], g); - - g->parent->n_groups--; - } + if (g->groups_by_id && g->id) + /* The group is already removed from the hashmap when this is called from the + * destructor of the hashmap. Hence, do not check the return value here. */ + ordered_hashmap_remove_value(g->groups_by_id, g->id, g); free(g->id); - free(g); + return mfree(g); } -void journal_ratelimit_free(JournalRateLimit *r) { - assert(r); +DEFINE_TRIVIAL_CLEANUP_FUNC(JournalRateLimitGroup*, journal_ratelimit_group_free); - while (r->lru) - journal_ratelimit_group_free(r->lru); - - free(r); -} +DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR( + journal_ratelimit_group_hash_ops, + char, + string_hash_func, + string_compare_func, + JournalRateLimitGroup, + journal_ratelimit_group_free); static bool journal_ratelimit_group_expired(JournalRateLimitGroup *g, usec_t ts) { - unsigned i; - assert(g); - for (i = 0; i < POOLS_MAX; i++) - if (g->pools[i].begin + g->interval >= ts) + FOREACH_ELEMENT(p, g->pools) + if (usec_add(p->begin, g->interval) >= ts) return false; return true; } -static void journal_ratelimit_vacuum(JournalRateLimit *r, usec_t ts) { - assert(r); +static void journal_ratelimit_vacuum(OrderedHashmap *groups_by_id, usec_t ts) { /* Makes room for at least one new item, but drop all expired items too. */ - while (r->n_groups >= GROUPS_MAX || - (r->lru_tail && journal_ratelimit_group_expired(r->lru_tail, ts))) - journal_ratelimit_group_free(r->lru_tail); -} + while (ordered_hashmap_size(groups_by_id) >= GROUPS_MAX) + journal_ratelimit_group_free(ordered_hashmap_first(groups_by_id)); -static JournalRateLimitGroup* journal_ratelimit_group_new(JournalRateLimit *r, const char *id, usec_t interval, usec_t ts) { JournalRateLimitGroup *g; + while ((g = ordered_hashmap_first(groups_by_id)) && journal_ratelimit_group_expired(g, ts)) + journal_ratelimit_group_free(g); +} + +static int journal_ratelimit_group_new( + OrderedHashmap **groups_by_id, + const char *id, + usec_t interval, + usec_t ts, + JournalRateLimitGroup **ret) { - assert(r); + _cleanup_(journal_ratelimit_group_freep) JournalRateLimitGroup *g = NULL; + int r; + + assert(groups_by_id); assert(id); + assert(ret); - g = new0(JournalRateLimitGroup, 1); + g = new(JournalRateLimitGroup, 1); if (!g) - return NULL; + return -ENOMEM; - g->id = strdup(id); + *g = (JournalRateLimitGroup) { + .id = strdup(id), + .interval = interval, + }; if (!g->id) - goto fail; + return -ENOMEM; - g->hash = siphash24_string(g->id, r->hash_key); + journal_ratelimit_vacuum(*groups_by_id, ts); - g->interval = interval; + r = ordered_hashmap_ensure_put(groups_by_id, &journal_ratelimit_group_hash_ops, g->id, g); + if (r < 0) + return r; + assert(r > 0); - journal_ratelimit_vacuum(r, ts); + g->groups_by_id = *groups_by_id; - LIST_PREPEND(bucket, r->buckets[g->hash % BUCKETS_MAX], g); - LIST_PREPEND(lru, r->lru, g); - if (!g->lru_next) - r->lru_tail = g; - r->n_groups++; + *ret = TAKE_PTR(g); + return 0; +} + +static int journal_ratelimit_group_acquire( + OrderedHashmap **groups_by_id, + const char *id, + usec_t interval, + usec_t ts, + JournalRateLimitGroup **ret) { - g->parent = r; - return g; + JournalRateLimitGroup *g; + + assert(groups_by_id); + assert(id); + assert(ret); -fail: - journal_ratelimit_group_free(g); - return NULL; + g = ordered_hashmap_get(*groups_by_id, id); + if (!g) + return journal_ratelimit_group_new(groups_by_id, id, interval, ts, ret); + + g->interval = interval; + + *ret = g; + return 0; } static unsigned burst_modulate(unsigned burst, uint64_t available) { @@ -184,13 +172,21 @@ static unsigned burst_modulate(unsigned burst, uint64_t available) { return burst; } -int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interval, unsigned rl_burst, int priority, uint64_t available) { - JournalRateLimitGroup *g, *found = NULL; +int journal_ratelimit_test( + OrderedHashmap **groups_by_id, + const char *id, + usec_t rl_interval, + unsigned rl_burst, + int priority, + uint64_t available) { + + JournalRateLimitGroup *g; JournalRateLimitPool *p; unsigned burst; - uint64_t h; usec_t ts; + int r; + assert(groups_by_id); assert(id); /* Returns: @@ -200,33 +196,18 @@ int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interv * < 0 → error */ - if (!r) - return 1; - ts = now(CLOCK_MONOTONIC); - h = siphash24_string(id, r->hash_key); - g = r->buckets[h % BUCKETS_MAX]; - - LIST_FOREACH(bucket, i, g) - if (streq(i->id, id)) { - found = i; - break; - } - - if (!found) { - found = journal_ratelimit_group_new(r, id, rl_interval, ts); - if (!found) - return -ENOMEM; - } else - found->interval = rl_interval; + r = journal_ratelimit_group_acquire(groups_by_id, id, rl_interval, ts, &g); + if (r < 0) + return r; if (rl_interval == 0 || rl_burst == 0) return 1; burst = burst_modulate(rl_burst, available); - p = &found->pools[priority_map[priority]]; + p = &g->pools[priority_map[priority]]; if (p->begin <= 0) { p->suppressed = 0; @@ -235,7 +216,7 @@ int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interv return 1; } - if (p->begin + rl_interval < ts) { + if (usec_add(p->begin, rl_interval) < ts) { unsigned s; s = p->suppressed; diff --git a/src/journal/journald-rate-limit.h b/src/journal/journald-rate-limit.h index 8def60f..566bba4 100644 --- a/src/journal/journald-rate-limit.h +++ b/src/journal/journald-rate-limit.h @@ -1,10 +1,15 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ #pragma once -#include "time-util.h" +#include <inttypes.h> -typedef struct JournalRateLimit JournalRateLimit; +#include "hashmap.h" +#include "time-util.h" -JournalRateLimit *journal_ratelimit_new(void); -void journal_ratelimit_free(JournalRateLimit *r); -int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interval, unsigned rl_burst, int priority, uint64_t available); +int journal_ratelimit_test( + OrderedHashmap **groups_by_id, + const char *id, + usec_t rl_interval, + unsigned rl_burst, + int priority, + uint64_t available); diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index 1c3a2a0..717c8e4 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -18,7 +18,9 @@ #include "audit-util.h" #include "cgroup-util.h" #include "conf-parser.h" +#include "creds-util.h" #include "dirent-util.h" +#include "event-util.h" #include "extract-word.h" #include "fd-util.h" #include "fileio.h" @@ -39,9 +41,11 @@ #include "journald-native.h" #include "journald-rate-limit.h" #include "journald-server.h" +#include "journald-socket.h" #include "journald-stream.h" #include "journald-syslog.h" #include "log.h" +#include "memory-util.h" #include "missing_audit.h" #include "mkdir.h" #include "parse-util.h" @@ -51,12 +55,13 @@ #include "rm-rf.h" #include "selinux-util.h" #include "signal-util.h" +#include "socket-netlink.h" #include "socket-util.h" #include "stdio-util.h" #include "string-table.h" #include "string-util.h" #include "syslog-util.h" -#include "uid-alloc-range.h" +#include "uid-classification.h" #include "user-util.h" #include "varlink-io.systemd.Journal.h" @@ -87,6 +92,9 @@ #define FAILED_TO_WRITE_ENTRY_RATELIMIT ((const RateLimit) { .interval = 1 * USEC_PER_SEC, .burst = 1 }) +static int server_schedule_sync(Server *s, int priority); +static int server_refresh_idle_timer(Server *s); + static int server_determine_path_usage( Server *s, const char *path, @@ -289,11 +297,10 @@ static int server_open_journal( s->compress.threshold_bytes, metrics, s->mmap, - /* template= */ NULL, &f); else r = journal_file_open( - /* fd= */ -1, + /* fd= */ -EBADF, fname, open_flags, file_flags, @@ -328,6 +335,20 @@ static bool server_flushed_flag_is_set(Server *s) { return access(fn, F_OK) >= 0; } +static void server_drop_flushed_flag(Server *s) { + const char *fn; + + assert(s); + + if (s->namespace) + return; + + fn = strjoina(s->runtime_directory, "/flushed"); + if (unlink(fn) < 0 && errno != ENOENT) + log_ratelimit_warning_errno(errno, JOURNAL_LOG_RATELIMIT, + "Failed to unlink %s, ignoring: %m", fn); +} + static int server_system_journal_open( Server *s, bool flush_requested, @@ -430,6 +451,7 @@ static int server_system_journal_open( server_add_acls(s->runtime_journal, 0); (void) cache_space_refresh(s, &s->runtime_storage); patch_min_use(&s->runtime_storage); + server_drop_flushed_flag(s); } } @@ -717,19 +739,46 @@ void server_rotate(Server *s) { server_process_deferred_closes(s); } -void server_sync(Server *s) { +static void server_rotate_journal(Server *s, JournalFile *f, uid_t uid) { + int r; + + assert(s); + assert(f); + + /* This is similar to server_rotate(), but rotates only specified journal file. + * + * 💣💣💣 This invalidate 'f', and the caller cannot reuse the passed JournalFile object. 💣💣💣 */ + + if (f == s->system_journal) + (void) server_do_rotate(s, &s->system_journal, "system", s->seal, /* uid= */ 0); + else if (f == s->runtime_journal) + (void) server_do_rotate(s, &s->runtime_journal, "runtime", /* seal= */ false, /* uid= */ 0); + else { + assert(ordered_hashmap_get(s->user_journals, UID_TO_PTR(uid)) == f); + r = server_do_rotate(s, &f, "user", s->seal, uid); + if (r >= 0) + ordered_hashmap_replace(s->user_journals, UID_TO_PTR(uid), f); + else if (!f) + /* Old file has been closed and deallocated */ + ordered_hashmap_remove(s->user_journals, UID_TO_PTR(uid)); + } + + server_process_deferred_closes(s); +} + +static void server_sync(Server *s, bool wait) { JournalFile *f; int r; if (s->system_journal) { - r = journal_file_set_offline(s->system_journal, false); + r = journal_file_set_offline(s->system_journal, wait); if (r < 0) log_ratelimit_warning_errno(r, JOURNAL_LOG_RATELIMIT, "Failed to sync system journal, ignoring: %m"); } ORDERED_HASHMAP_FOREACH(f, s->user_journals) { - r = journal_file_set_offline(f, false); + r = journal_file_set_offline(f, wait); if (r < 0) log_ratelimit_warning_errno(r, JOURNAL_LOG_RATELIMIT, "Failed to sync user journal, ignoring: %m"); @@ -899,47 +948,45 @@ static void server_write_to_journal( uid_t uid, const struct iovec *iovec, size_t n, + const dual_timestamp *ts, int priority) { - bool vacuumed = false, rotate = false; - struct dual_timestamp ts; + bool vacuumed = false; JournalFile *f; int r; assert(s); assert(iovec); assert(n > 0); + assert(ts); - /* Get the closest, linearized time we have for this log event from the event loop. (Note that we do not use - * the source time, and not even the time the event was originally seen, but instead simply the time we started - * processing it, as we want strictly linear ordering in what we write out.) */ - assert_se(sd_event_now(s->event, CLOCK_REALTIME, &ts.realtime) >= 0); - assert_se(sd_event_now(s->event, CLOCK_MONOTONIC, &ts.monotonic) >= 0); - - if (ts.realtime < s->last_realtime_clock) { + if (ts->realtime < s->last_realtime_clock) { /* When the time jumps backwards, let's immediately rotate. Of course, this should not happen during * regular operation. However, when it does happen, then we should make sure that we start fresh files * to ensure that the entries in the journal files are strictly ordered by time, in order to ensure * bisection works correctly. */ log_ratelimit_info(JOURNAL_LOG_RATELIMIT, "Time jumped backwards, rotating."); - rotate = true; - } else { + server_rotate(s); + server_vacuum(s, /* verbose = */ false); + vacuumed = true; + } - f = server_find_journal(s, uid); - if (!f) - return; + f = server_find_journal(s, uid); + if (!f) + return; - if (journal_file_rotate_suggested(f, s->max_file_usec, LOG_DEBUG)) { - log_debug("%s: Journal header limits reached or header out-of-date, rotating.", - f->path); - rotate = true; + if (journal_file_rotate_suggested(f, s->max_file_usec, LOG_DEBUG)) { + if (vacuumed) { + log_ratelimit_warning(JOURNAL_LOG_RATELIMIT, + "Suppressing rotation, as we already rotated immediately before write attempt. Giving up."); + return; } - } - if (rotate) { - server_rotate(s); - server_vacuum(s, false); + log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path); + + server_rotate_journal(s, TAKE_PTR(f), uid); + server_vacuum(s, /* verbose = */ false); vacuumed = true; f = server_find_journal(s, uid); @@ -947,11 +994,11 @@ static void server_write_to_journal( return; } - s->last_realtime_clock = ts.realtime; + s->last_realtime_clock = ts->realtime; r = journal_file_append_entry( f, - &ts, + ts, /* boot_id= */ NULL, iovec, n, &s->seqnum->seqnum, @@ -973,8 +1020,8 @@ static void server_write_to_journal( return; } - server_rotate(s); - server_vacuum(s, false); + server_rotate_journal(s, TAKE_PTR(f), uid); + server_vacuum(s, /* verbose = */ false); f = server_find_journal(s, uid); if (!f) @@ -983,7 +1030,7 @@ static void server_write_to_journal( log_debug_errno(r, "Retrying write."); r = journal_file_append_entry( f, - &ts, + ts, /* boot_id= */ NULL, iovec, n, &s->seqnum->seqnum, @@ -1037,7 +1084,7 @@ static void server_dispatch_message_real( int priority, pid_t object_pid) { - char source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)]; + char source_time[STRLEN("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)]; _unused_ _cleanup_free_ char *cmdline1 = NULL, *cmdline2 = NULL; uid_t journal_uid; ClientContext *o; @@ -1111,13 +1158,13 @@ static void server_dispatch_message_real( IOVEC_ADD_STRING_FIELD(iovec, n, o->slice, "OBJECT_SYSTEMD_SLICE"); IOVEC_ADD_STRING_FIELD(iovec, n, o->user_slice, "OBJECT_SYSTEMD_USER_SLICE"); - IOVEC_ADD_ID128_FIELD(iovec, n, o->invocation_id, "OBJECT_SYSTEMD_INVOCATION_ID="); + IOVEC_ADD_ID128_FIELD(iovec, n, o->invocation_id, "OBJECT_SYSTEMD_INVOCATION_ID"); } assert(n <= m); if (tv) { - sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=" USEC_FMT, timeval_load(tv)); + xsprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=" USEC_FMT, timeval_load(tv)); iovec[n++] = IOVEC_MAKE_STRING(source_time); } @@ -1152,7 +1199,15 @@ static void server_dispatch_message_real( else journal_uid = 0; - server_write_to_journal(s, journal_uid, iovec, n, priority); + /* Get the closest, linearized time we have for this log event from the event loop. (Note that we do + * not use the source time, and not even the time the event was originally seen, but instead simply + * the time we started processing it, as we want strictly linear ordering in what we write out.) */ + struct dual_timestamp ts; + event_dual_timestamp_now(s->event, &ts); + + (void) server_forward_socket(s, iovec, n, &ts, priority); + + server_write_to_journal(s, journal_uid, iovec, n, &ts, priority); } void server_driver_message(Server *s, pid_t object_pid, const char *message_id, const char *format, ...) { @@ -1233,7 +1288,13 @@ void server_dispatch_message( if (c && c->unit) { (void) server_determine_space(s, &available, /* limit= */ NULL); - rl = journal_ratelimit_test(s->ratelimit, c->unit, c->log_ratelimit_interval, c->log_ratelimit_burst, priority & LOG_PRIMASK, available); + rl = journal_ratelimit_test( + &s->ratelimit_groups_by_id, + c->unit, + c->log_ratelimit_interval, + c->log_ratelimit_burst, + LOG_PRI(priority), + available); if (rl == 0) return; @@ -1275,11 +1336,19 @@ int server_flush_to_var(Server *s, bool require_flag_file) { if (!s->system_journal) return 0; + /* Offline and close the 'main' runtime journal file to allow the runtime journal to be opened with + * the SD_JOURNAL_ASSUME_IMMUTABLE flag in the below. */ + s->runtime_journal = journal_file_offline_close(s->runtime_journal); + + /* Reset current seqnum data to avoid unnecessary rotation when switching to system journal. + * See issue #30092. */ + zero(*s->seqnum); + log_debug("Flushing to %s...", s->system_storage.path); start = now(CLOCK_MONOTONIC); - r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY); + r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY | SD_JOURNAL_ASSUME_IMMUTABLE); if (r < 0) return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, "Failed to read runtime journal: %m"); @@ -1318,8 +1387,8 @@ int server_flush_to_var(Server *s, bool require_flag_file) { log_ratelimit_info(JOURNAL_LOG_RATELIMIT, "Rotating system journal."); - server_rotate(s); - server_vacuum(s, false); + server_rotate_journal(s, s->system_journal, /* uid = */ 0); + server_vacuum(s, /* verbose = */ false); if (!s->system_journal) { log_ratelimit_notice(JOURNAL_LOG_RATELIMIT, @@ -1348,13 +1417,36 @@ finish: if (s->system_journal) journal_file_post_change(s->system_journal); - s->runtime_journal = journal_file_offline_close(s->runtime_journal); - - if (r >= 0) - (void) rm_rf(s->runtime_storage.path, REMOVE_ROOT); + /* Save parent directories of runtime journals before closing runtime journals. */ + _cleanup_strv_free_ char **dirs = NULL; + (void) journal_get_directories(j, &dirs); + /* First, close all runtime journals opened in the above. */ sd_journal_close(j); + /* Remove the runtime directory if the all entries are successfully flushed to /var/. */ + if (r >= 0) { + r = rm_rf(s->runtime_storage.path, REMOVE_ROOT); + if (r < 0) + log_debug_errno(r, "Failed to remove runtime journal directory %s, ignoring: %m", s->runtime_storage.path); + else + log_debug("Removed runtime journal directory %s.", s->runtime_storage.path); + + /* The initrd may have a different machine ID from the host's one. Typically, that happens + * when our tests running on qemu, as the host's initrd is picked as is without updating + * the machine ID in the initrd with the one used in the image. Even in such the case, the + * runtime journals in the subdirectory named with the initrd's machine ID are flushed to + * the persistent journal. To make not the runtime journal flushed multiple times, let's + * also remove the runtime directories. */ + STRV_FOREACH(p, dirs) { + r = rm_rf(*p, REMOVE_ROOT); + if (r < 0) + log_debug_errno(r, "Failed to remove additional runtime journal directory %s, ignoring: %m", *p); + else + log_debug("Removed additional runtime journal directory %s.", *p); + } + } + server_driver_message(s, 0, NULL, LOG_MESSAGE("Time spent on flushing to %s is %s for %u entries.", s->system_storage.path, @@ -1373,7 +1465,6 @@ finish: } static int server_relinquish_var(Server *s) { - const char *fn; assert(s); if (s->storage == STORAGE_NONE) @@ -1393,11 +1484,6 @@ static int server_relinquish_var(Server *s) { ordered_hashmap_clear_with_destructor(s->user_journals, journal_file_offline_close); set_clear_with_destructor(s->deferred_closes, journal_file_offline_close); - fn = strjoina(s->runtime_directory, "/flushed"); - if (unlink(fn) < 0 && errno != ENOENT) - log_ratelimit_warning_errno(errno, JOURNAL_LOG_RATELIMIT, - "Failed to unlink %s, ignoring: %m", fn); - server_refresh_idle_timer(s); return 0; } @@ -1512,7 +1598,7 @@ int server_process_datagram( if (n > 0 && n_fds == 0) server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len); else if (n == 0 && n_fds == 1) - server_process_native_file(s, fds[0], ucred, tv, label, label_len); + (void) server_process_native_file(s, fds[0], ucred, tv, label, label_len); else if (n_fds > 0) log_ratelimit_warning(JOURNAL_LOG_RATELIMIT, "Got too many file descriptors via native socket. Ignoring."); @@ -1537,7 +1623,7 @@ static void server_full_flush(Server *s) { assert(s); (void) server_flush_to_var(s, false); - server_sync(s); + server_sync(s, /* wait = */ false); server_vacuum(s, false); server_space_usage_message(s, NULL); @@ -1669,13 +1755,13 @@ fail: return 0; } -static void server_full_sync(Server *s) { +static void server_full_sync(Server *s, bool wait) { const char *fn; int r; assert(s); - server_sync(s); + server_sync(s, wait); /* Let clients know when the most recent sync happened. */ fn = strjoina(s->runtime_directory, "/synced"); @@ -1683,15 +1769,13 @@ static void server_full_sync(Server *s) { if (r < 0) log_ratelimit_warning_errno(r, JOURNAL_LOG_RATELIMIT, "Failed to write %s, ignoring: %m", fn); - - return; } static int dispatch_sigrtmin1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) { Server *s = ASSERT_PTR(userdata); log_debug("Received SIGRTMIN1 signal from PID %u, as request to sync.", si->ssi_pid); - server_full_sync(s); + server_full_sync(s, /* wait = */ false); return 0; } @@ -1701,7 +1785,7 @@ static int server_setup_signals(Server *s) { assert(s); - assert_se(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, SIGRTMIN+1, SIGRTMIN+18, -1) >= 0); + assert_se(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, SIGRTMIN+1, SIGRTMIN+18) >= 0); r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s); if (r < 0) @@ -1839,6 +1923,17 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat else s->max_level_wall = r; + } else if (proc_cmdline_key_streq(key, "systemd.journald.max_level_socket")) { + + if (proc_cmdline_value_missing(key, value)) + return 0; + + r = log_level_from_string(value); + if (r < 0) + log_warning("Failed to parse max level socket value \"%s\". Ignoring.", value); + else + s->max_level_socket = r; + } else if (startswith(key, "systemd.journald")) log_warning("Unknown journald kernel command line option \"%s\". Ignoring.", key); @@ -1847,39 +1942,44 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat } static int server_parse_config_file(Server *s) { - const char *conf_file = "journald.conf"; + const char *conf_file; assert(s); if (s->namespace) - conf_file = strjoina("journald@", s->namespace, ".conf"); + conf_file = strjoina("systemd/journald@", s->namespace, ".conf"); + else + conf_file = "systemd/journald.conf"; - return config_parse_config_file(conf_file, "Journal\0", - config_item_perf_lookup, journald_gperf_lookup, - CONFIG_PARSE_WARN, s); + return config_parse_standard_file_with_dropins( + conf_file, + "Journal\0", + config_item_perf_lookup, journald_gperf_lookup, + CONFIG_PARSE_WARN, + /* userdata= */ s); } static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) { Server *s = ASSERT_PTR(userdata); - server_sync(s); + server_sync(s, /* wait = */ false); return 0; } -int server_schedule_sync(Server *s, int priority) { +static int server_schedule_sync(Server *s, int priority) { int r; assert(s); if (priority <= LOG_CRIT) { /* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */ - server_sync(s); + server_sync(s, /* wait = */ false); return 0; } if (!s->event || sd_event_get_state(s->event) == SD_EVENT_FINISHED) { /* Shutting down the server? Let's sync immediately. */ - server_sync(s); + server_sync(s, /* wait = */ false); return 0; } @@ -2098,7 +2198,7 @@ static int synchronize_second_half(sd_event_source *event_source, void *userdata /* This is the "second half" of the Synchronize() varlink method. This function is called as deferred * event source at a low priority to ensure the synchronization completes after all queued log * messages are processed. */ - server_full_sync(s); + server_full_sync(s, /* wait = */ true); /* Let's get rid of the event source now, by marking it as non-floating again. It then has no ref * anymore and is immediately destroyed after we return from this function, i.e. from this event @@ -2303,7 +2403,7 @@ int server_map_seqnum_file( return 0; } -void server_unmap_seqnum_file(void *p, size_t size) { +static void server_unmap_seqnum_file(void *p, size_t size) { assert(size > 0); if (!p) @@ -2373,7 +2473,7 @@ int server_start_or_stop_idle_timer(Server *s) { return 1; } -int server_refresh_idle_timer(Server *s) { +static int server_refresh_idle_timer(Server *s) { int r; assert(s); @@ -2444,14 +2544,44 @@ static int server_setup_memory_pressure(Server *s) { return 0; } -int server_init(Server *s, const char *namespace) { - const char *native_socket, *syslog_socket, *stdout_socket, *varlink_socket, *e; - _cleanup_fdset_free_ FDSet *fds = NULL; - int n, r, fd, varlink_fd = -EBADF; - bool no_sockets; +static void server_load_credentials(Server *s) { + _cleanup_free_ void *data = NULL; + int r; assert(s); + r = read_credential("journal.forward_to_socket", &data, NULL); + if (r < 0) + log_debug_errno(r, "Failed to read credential journal.forward_to_socket, ignoring: %m"); + else { + r = socket_address_parse(&s->forward_to_socket, data); + if (r < 0) + log_debug_errno(r, "Failed to parse socket address '%s' from credential journal.forward_to_socket, ignoring: %m", (char *) data); + } + + data = mfree(data); + + r = read_credential("journal.storage", &data, NULL); + if (r < 0) + log_debug_errno(r, "Failed to read credential journal.storage, ignoring: %m"); + else { + r = storage_from_string(data); + if (r < 0) + log_debug_errno(r, "Failed to parse storage '%s' from credential journal.storage, ignoring: %m", (char *) data); + else + s->storage = r; + } +} + +int server_new(Server **ret) { + _cleanup_(server_freep) Server *s = NULL; + + assert(ret); + + s = new(Server, 1); + if (!s) + return -ENOMEM; + *s = (Server) { .syslog_fd = -EBADF, .native_fd = -EBADF, @@ -2460,6 +2590,7 @@ int server_init(Server *s, const char *namespace) { .audit_fd = -EBADF, .hostname_fd = -EBADF, .notify_fd = -EBADF, + .forward_socket_fd = -EBADF, .compress.enabled = true, .compress.threshold_bytes = UINT64_MAX, @@ -2476,6 +2607,7 @@ int server_init(Server *s, const char *namespace) { .ratelimit_burst = DEFAULT_RATE_LIMIT_BURST, .forward_to_wall = true, + .forward_to_socket = { .sockaddr.sa.sa_family = AF_UNSPEC }, .max_file_usec = DEFAULT_MAX_FILE_USEC, @@ -2484,6 +2616,7 @@ int server_init(Server *s, const char *namespace) { .max_level_kmsg = LOG_NOTICE, .max_level_console = LOG_INFO, .max_level_wall = LOG_EMERG, + .max_level_socket = LOG_DEBUG, .line_max = DEFAULT_LINE_MAX, @@ -2499,6 +2632,18 @@ int server_init(Server *s, const char *namespace) { .sigrtmin18_info.memory_pressure_userdata = s, }; + *ret = TAKE_PTR(s); + return 0; +} + +int server_init(Server *s, const char *namespace) { + const char *native_socket, *syslog_socket, *stdout_socket, *varlink_socket, *e; + _cleanup_fdset_free_ FDSet *fds = NULL; + int n, r, varlink_fd = -EBADF; + bool no_sockets; + + assert(s); + r = server_set_namespace(s, namespace); if (r < 0) return r; @@ -2510,6 +2655,7 @@ int server_init(Server *s, const char *namespace) { journal_reset_metrics(&s->system_storage.metrics); journal_reset_metrics(&s->runtime_storage.metrics); + server_load_credentials(s); server_parse_config_file(s); if (!s->namespace) { @@ -2562,7 +2708,7 @@ int server_init(Server *s, const char *namespace) { syslog_socket = strjoina(s->runtime_directory, "/dev-log"); varlink_socket = strjoina(s->runtime_directory, "/io.systemd.journal"); - for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) { + for (int fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, native_socket, 0) > 0) { @@ -2615,12 +2761,11 @@ int server_init(Server *s, const char *namespace) { if (r < 0) return log_oom(); } - } /* Try to restore streams, but don't bother if this fails */ (void) server_restore_streams(s, fds); - if (fdset_size(fds) > 0) { + if (!fdset_isempty(fds)) { log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds)); fds = fdset_free(fds); } @@ -2683,10 +2828,6 @@ int server_init(Server *s, const char *namespace) { if (r < 0) return r; - s->ratelimit = journal_ratelimit_new(); - if (!s->ratelimit) - return log_oom(); - r = cg_get_root_path(&s->cgroup_root); if (r < 0) return log_error_errno(r, "Failed to acquire cgroup root path: %m"); @@ -2721,6 +2862,7 @@ int server_init(Server *s, const char *namespace) { return r; server_start_or_stop_idle_timer(s); + return 0; } @@ -2739,8 +2881,9 @@ void server_maybe_append_tags(Server *s) { #endif } -void server_done(Server *s) { - assert(s); +Server* server_free(Server *s) { + if (!s) + return NULL; free(s->namespace); free(s->namespace_field); @@ -2783,9 +2926,9 @@ void server_done(Server *s) { safe_close(s->audit_fd); safe_close(s->hostname_fd); safe_close(s->notify_fd); + safe_close(s->forward_socket_fd); - if (s->ratelimit) - journal_ratelimit_free(s->ratelimit); + ordered_hashmap_free(s->ratelimit_groups_by_id); server_unmap_seqnum_file(s->seqnum, sizeof(*s->seqnum)); server_unmap_seqnum_file(s->kernel_seqnum, sizeof(*s->kernel_seqnum)); @@ -2799,6 +2942,8 @@ void server_done(Server *s) { free(s->runtime_directory); mmap_cache_unref(s->mmap); + + return mfree(s); } static const char* const storage_table[_STORAGE_MAX] = { @@ -2883,9 +3028,12 @@ int config_parse_compress( void *data, void *userdata) { - JournalCompressOptions* compress = data; + JournalCompressOptions* compress = ASSERT_PTR(data); int r; + assert(filename); + assert(rvalue); + if (isempty(rvalue)) { compress->enabled = true; compress->threshold_bytes = UINT64_MAX; @@ -2912,3 +3060,33 @@ int config_parse_compress( return 0; } + +int config_parse_forward_to_socket( + const char* unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + SocketAddress* addr = ASSERT_PTR(data); + int r; + + assert(filename); + assert(rvalue); + + if (isempty(rvalue)) + *addr = (SocketAddress) { .sockaddr.sa.sa_family = AF_UNSPEC }; + else { + r = socket_address_parse(addr, rvalue); + if (r < 0) + log_syntax(unit, LOG_WARNING, filename, line, r, + "Failed to parse ForwardToSocket= value, ignoring: %s", rvalue); + } + + return 0; +} diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h index 2a17676..5138908 100644 --- a/src/journal/journald-server.h +++ b/src/journal/journald-server.h @@ -5,6 +5,7 @@ #include <sys/types.h> #include "sd-event.h" +#include "socket-util.h" typedef struct Server Server; @@ -13,7 +14,6 @@ typedef struct Server Server; #include "hashmap.h" #include "journal-file.h" #include "journald-context.h" -#include "journald-rate-limit.h" #include "journald-stream.h" #include "list.h" #include "prioq.h" @@ -78,6 +78,7 @@ struct Server { int audit_fd; int hostname_fd; int notify_fd; + int forward_socket_fd; sd_event *event; @@ -106,7 +107,7 @@ struct Server { char *buffer; - JournalRateLimit *ratelimit; + OrderedHashmap *ratelimit_groups_by_id; usec_t sync_interval_usec; usec_t ratelimit_interval; unsigned ratelimit_burst; @@ -123,6 +124,7 @@ struct Server { bool forward_to_syslog; bool forward_to_console; bool forward_to_wall; + SocketAddress forward_to_socket; unsigned n_forward_syslog_missed; usec_t last_warn_forward_syslog_missed; @@ -142,6 +144,7 @@ struct Server { int max_level_kmsg; int max_level_console; int max_level_wall; + int max_level_socket; Storage storage; SplitMode split_mode; @@ -158,8 +161,8 @@ struct Server { bool sent_notify_ready:1; bool sync_scheduled:1; - char machine_id_field[sizeof("_MACHINE_ID=") + 32]; - char boot_id_field[sizeof("_BOOT_ID=") + 32]; + char machine_id_field[STRLEN("_MACHINE_ID=") + SD_ID128_STRING_MAX]; + char boot_id_field[STRLEN("_BOOT_ID=") + SD_ID128_STRING_MAX]; char *hostname_field; char *namespace_field; char *runtime_directory; @@ -214,6 +217,7 @@ const struct ConfigPerfItem* journald_gperf_lookup(const char *key, GPERF_LEN_TY CONFIG_PARSER_PROTOTYPE(config_parse_storage); CONFIG_PARSER_PROTOTYPE(config_parse_line_max); CONFIG_PARSER_PROTOTYPE(config_parse_compress); +CONFIG_PARSER_PROTOTYPE(config_parse_forward_to_socket); const char *storage_to_string(Storage s) _const_; Storage storage_from_string(const char *s) _pure_; @@ -223,19 +227,17 @@ CONFIG_PARSER_PROTOTYPE(config_parse_split_mode); const char *split_mode_to_string(SplitMode s) _const_; SplitMode split_mode_from_string(const char *s) _pure_; +int server_new(Server **ret); int server_init(Server *s, const char *namespace); -void server_done(Server *s); -void server_sync(Server *s); +Server* server_free(Server *s); +DEFINE_TRIVIAL_CLEANUP_FUNC(Server*, server_free); void server_vacuum(Server *s, bool verbose); void server_rotate(Server *s); -int server_schedule_sync(Server *s, int priority); int server_flush_to_var(Server *s, bool require_flag_file); void server_maybe_append_tags(Server *s); int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata); void server_space_usage_message(Server *s, JournalStorage *storage); int server_start_or_stop_idle_timer(Server *s); -int server_refresh_idle_timer(Server *s); int server_map_seqnum_file(Server *s, const char *fname, size_t size, void **ret); -void server_unmap_seqnum_file(void *p, size_t size); diff --git a/src/journal/journald-socket.c b/src/journal/journald-socket.c new file mode 100644 index 0000000..a079624 --- /dev/null +++ b/src/journal/journald-socket.c @@ -0,0 +1,163 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include <string.h> +#include <sys/socket.h> +#include <sys/uio.h> + +#include "fd-util.h" +#include "iovec-util.h" +#include "journald-socket.h" +#include "log.h" +#include "macro.h" +#include "process-util.h" +#include "socket-util.h" +#include "sparse-endian.h" + +static int server_open_forward_socket(Server *s) { + _cleanup_close_ int socket_fd = -EBADF; + const SocketAddress *addr; + int family; + + assert(s); + + /* Noop if there is nothing to do. */ + if (s->forward_to_socket.sockaddr.sa.sa_family == AF_UNSPEC || s->namespace) + return 0; + /* All ready, nothing to do. */ + if (s->forward_socket_fd >= 0) + return 1; + + addr = &s->forward_to_socket; + + family = socket_address_family(addr); + + if (!IN_SET(family, AF_UNIX, AF_INET, AF_INET6, AF_VSOCK)) + return log_debug_errno(SYNTHETIC_ERRNO(ESOCKTNOSUPPORT), + "Unsupported socket type for forward socket: %d", family); + + socket_fd = socket(family, SOCK_STREAM|SOCK_CLOEXEC, 0); + if (socket_fd < 0) + return log_debug_errno(errno, "Failed to create forward socket, ignoring: %m"); + + if (connect(socket_fd, &addr->sockaddr.sa, addr->size) < 0) + return log_debug_errno(errno, "Failed to connect to remote address for forwarding, ignoring: %m"); + + s->forward_socket_fd = TAKE_FD(socket_fd); + log_debug("Successfully connected to remote address for forwarding."); + return 1; +} + +static inline bool must_serialize(struct iovec iov) { + /* checks an iovec of the form FIELD=VALUE to see if VALUE needs binary safe serialisation: + * See https://systemd.io/JOURNAL_EXPORT_FORMATS/#journal-export-format for more information + * on binary safe serialisation for the journal export format */ + + assert(iov.iov_len == 0 || iov.iov_base); + + const uint8_t *s = iov.iov_base; + bool before_value = true; + + FOREACH_ARRAY(c, s, iov.iov_len) + if (before_value) + before_value = *c != (uint8_t)'='; + else if (*c < (uint8_t)' ' && *c != (uint8_t)'\t') + return true; + + return false; +} + +int server_forward_socket( + Server *s, + const struct iovec *iovec, + size_t n_iovec, + const dual_timestamp *ts, + int priority) { + + _cleanup_free_ struct iovec *iov_alloc = NULL; + struct iovec *iov; + _cleanup_free_ le64_t *len_alloc = NULL; + le64_t *len; + int r; + + assert(s); + assert(iovec); + assert(n_iovec > 0); + assert(ts); + + if (LOG_PRI(priority) > s->max_level_socket) + return 0; + + r = server_open_forward_socket(s); + if (r <= 0) + return r; + + /* We need a newline after each iovec + 4 for each we have to serialize in a binary safe way + * + 2 for the final __REALTIME_TIMESTAMP and __MONOTONIC_TIMESTAMP metadata fields. */ + size_t n = n_iovec * 5 + 2; + + if (n < ALLOCA_MAX / (sizeof(struct iovec) + sizeof(le64_t)) / 2) { + iov = newa(struct iovec, n); + len = newa(le64_t, n_iovec); + } else { + iov_alloc = new(struct iovec, n); + if (!iov_alloc) + return log_oom(); + + iov = iov_alloc; + + len_alloc = new(le64_t, n_iovec); + if (!len_alloc) + return log_oom(); + + len = len_alloc; + } + + struct iovec nl = IOVEC_MAKE_STRING("\n"); + size_t iov_idx = 0, len_idx = 0; + FOREACH_ARRAY(i, iovec, n_iovec) { + if (must_serialize(*i)) { + const uint8_t *c; + c = memchr(i->iov_base, '=', i->iov_len); + + /* this should never happen */ + if (_unlikely_(!c || c == i->iov_base)) + return log_warning_errno(SYNTHETIC_ERRNO(EBADMSG), + "Found invalid journal field, refusing to forward."); + + /* write the field name */ + iov[iov_idx++] = IOVEC_MAKE(i->iov_base, c - (uint8_t*) i->iov_base); + iov[iov_idx++] = nl; + + /* write the length of the value */ + len[len_idx] = htole64(i->iov_len - (c - (uint8_t*) i->iov_base) - 1); + iov[iov_idx++] = IOVEC_MAKE(&len[len_idx++], sizeof(le64_t)); + + /* write the raw binary value */ + iov[iov_idx++] = IOVEC_MAKE(c + 1, i->iov_len - (c - (uint8_t*) i->iov_base) - 1); + } else + /* if it doesn't need special treatment just write the value out */ + iov[iov_idx++] = *i; + + iov[iov_idx++] = nl; + } + + /* Synthesise __REALTIME_TIMESTAMP and __MONOTONIC_TIMESTAMP as the last arguments so + * systemd-journal-upload can receive these export messages. */ + char realtime_buf[STRLEN("__REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t) + 1]; + xsprintf(realtime_buf, "__REALTIME_TIMESTAMP="USEC_FMT"\n", ts->realtime); + iov[iov_idx++] = IOVEC_MAKE_STRING(realtime_buf); + + char monotonic_buf[STRLEN("__MONOTONIC_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t) + 2]; + xsprintf(monotonic_buf, "__MONOTONIC_TIMESTAMP="USEC_FMT"\n\n", ts->monotonic); + iov[iov_idx++] = IOVEC_MAKE_STRING(monotonic_buf); + + if (writev(s->forward_socket_fd, iov, iov_idx) < 0) { + log_debug_errno(errno, "Failed to forward log message over socket: %m"); + + /* If we failed to send once we will probably fail again so wait for a new connection to + * establish before attempting to forward again. */ + s->forward_socket_fd = safe_close(s->forward_socket_fd); + } + + return 0; +} diff --git a/src/journal/journald-socket.h b/src/journal/journald-socket.h new file mode 100644 index 0000000..2373953 --- /dev/null +++ b/src/journal/journald-socket.h @@ -0,0 +1,7 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ +#pragma once + +#include "journald-server.h" +#include "socket-util.h" + +int server_forward_socket(Server *s, const struct iovec *iovec, size_t n, const dual_timestamp *ts, int priority); diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c index 81a0e68..e8437e3 100644 --- a/src/journal/journald-stream.c +++ b/src/journal/journald-stream.c @@ -310,7 +310,7 @@ static int stdout_stream_log( syslog_priority[STRLEN("PRIORITY=")] = '0' + LOG_PRI(priority); iovec[n++] = IOVEC_MAKE_STRING(syslog_priority); - if (priority & LOG_FACMASK) { + if (LOG_FAC(priority) != 0) { xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)); iovec[n++] = IOVEC_MAKE_STRING(syslog_facility); } diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c index f6accb5..4ad73ed 100644 --- a/src/journal/journald-syslog.c +++ b/src/journal/journald-syslog.c @@ -177,8 +177,8 @@ void server_forward_syslog(Server *s, int priority, const char *identifier, cons int syslog_fixup_facility(int priority) { - if ((priority & LOG_FACMASK) == 0) - return (priority & LOG_PRIMASK) | LOG_USER; + if (LOG_FAC(priority) == 0) + return LOG_PRI(priority) | LOG_USER; return priority; } @@ -314,8 +314,8 @@ void server_process_syslog_message( const char *label, size_t label_len) { - char *t, syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)], - syslog_facility[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)]; + char *t, syslog_priority[STRLEN("PRIORITY=") + DECIMAL_STR_MAX(int)], + syslog_facility[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)]; const char *msg, *syslog_ts, *a; _cleanup_free_ char *identifier = NULL, *pid = NULL, *dummy = NULL, *msg_msg = NULL, *msg_raw = NULL; @@ -403,10 +403,10 @@ void server_process_syslog_message( iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog"); - xsprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK); + xsprintf(syslog_priority, "PRIORITY=%i", LOG_PRI(priority)); iovec[n++] = IOVEC_MAKE_STRING(syslog_priority); - if (priority & LOG_FACMASK) { + if (LOG_FAC(priority) != 0) { xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)); iovec[n++] = IOVEC_MAKE_STRING(syslog_facility); } diff --git a/src/journal/journald.c b/src/journal/journald.c index 94aad05..2f013c2 100644 --- a/src/journal/journald.c +++ b/src/journal/journald.c @@ -10,19 +10,19 @@ #include "journald-kmsg.h" #include "journald-server.h" #include "journald-syslog.h" +#include "main-func.h" #include "process-util.h" #include "sigbus.h" +#include "terminal-util.h" -int main(int argc, char *argv[]) { +static int run(int argc, char *argv[]) { + _cleanup_(server_freep) Server *s = NULL; const char *namespace; LogTarget log_target; - Server server; int r; - if (argc > 2) { - log_error("This program takes one or no arguments."); - return EXIT_FAILURE; - } + if (argc > 2) + return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program takes one or no arguments."); namespace = argc > 1 ? empty_to_null(argv[1]) : NULL; @@ -36,7 +36,7 @@ int main(int argc, char *argv[]) { * daemon when it comes to logging hence LOG_TARGET_AUTO won't do the right thing for * us. Hence explicitly log to the console if we're started from a console or to kmsg * otherwise. */ - log_target = isatty(STDERR_FILENO) > 0 ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG; + log_target = isatty(STDERR_FILENO) ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG; log_set_prohibit_ipc(true); /* better safe than sorry */ log_set_target(log_target); @@ -48,20 +48,24 @@ int main(int argc, char *argv[]) { sigbus_install(); - r = server_init(&server, namespace); + r = server_new(&s); + if (r < 0) + return log_oom(); + + r = server_init(s, namespace); if (r < 0) - goto finish; + return r; - server_vacuum(&server, false); - server_flush_to_var(&server, true); - server_flush_dev_kmsg(&server); + server_vacuum(s, /* verbose = */ false); + server_flush_to_var(s, /* require_flag_file = */ true); + server_flush_dev_kmsg(s); - if (server.namespace) - log_debug("systemd-journald running as PID "PID_FMT" for namespace '%s'.", getpid_cached(), server.namespace); + if (s->namespace) + log_debug("systemd-journald running as PID "PID_FMT" for namespace '%s'.", getpid_cached(), s->namespace); else log_debug("systemd-journald running as PID "PID_FMT" for the system.", getpid_cached()); - server_driver_message(&server, 0, + server_driver_message(s, 0, "MESSAGE_ID=" SD_MESSAGE_JOURNAL_START_STR, LOG_MESSAGE("Journal started"), NULL); @@ -69,70 +73,63 @@ int main(int argc, char *argv[]) { /* Make sure to send the usage message *after* flushing the * journal so entries from the runtime journals are ordered * before this message. See #4190 for some details. */ - server_space_usage_message(&server, NULL); + server_space_usage_message(s, NULL); for (;;) { - usec_t t = USEC_INFINITY, n; + usec_t t, n; - r = sd_event_get_state(server.event); - if (r < 0) { - log_error_errno(r, "Failed to get event loop state: %m"); - goto finish; - } + r = sd_event_get_state(s->event); + if (r < 0) + return log_error_errno(r, "Failed to get event loop state: %m"); if (r == SD_EVENT_FINISHED) break; - n = now(CLOCK_REALTIME); + r = sd_event_now(s->event, CLOCK_REALTIME, &n); + if (r < 0) + return log_error_errno(r, "Failed to get the current time: %m"); - if (server.max_retention_usec > 0 && server.oldest_file_usec > 0) { + if (s->max_retention_usec > 0 && s->oldest_file_usec > 0) { + /* Calculate when to rotate the next time */ + t = usec_sub_unsigned(usec_add(s->oldest_file_usec, s->max_retention_usec), n); /* The retention time is reached, so let's vacuum! */ - if (server.oldest_file_usec + server.max_retention_usec < n) { + if (t <= 0) { log_info("Retention time reached, rotating."); - server_rotate(&server); - server_vacuum(&server, false); + server_rotate(s); + server_vacuum(s, /* verbose = */ false); continue; } - - /* Calculate when to rotate the next time */ - t = server.oldest_file_usec + server.max_retention_usec - n; - } + } else + t = USEC_INFINITY; #if HAVE_GCRYPT - if (server.system_journal) { + if (s->system_journal) { usec_t u; - if (journal_file_next_evolve_usec(server.system_journal, &u)) { - if (n >= u) - t = 0; - else - t = MIN(t, u - n); - } + if (journal_file_next_evolve_usec(s->system_journal, &u)) + t = MIN(t, usec_sub_unsigned(u, n)); } #endif - r = sd_event_run(server.event, t); - if (r < 0) { - log_error_errno(r, "Failed to run event loop: %m"); - goto finish; - } + r = sd_event_run(s->event, t); + if (r < 0) + return log_error_errno(r, "Failed to run event loop: %m"); - server_maybe_append_tags(&server); - server_maybe_warn_forward_syslog_missed(&server); + server_maybe_append_tags(s); + server_maybe_warn_forward_syslog_missed(s); } - if (server.namespace) - log_debug("systemd-journald stopped as PID "PID_FMT" for namespace '%s'.", getpid_cached(), server.namespace); + if (s->namespace) + log_debug("systemd-journald stopped as PID "PID_FMT" for namespace '%s'.", getpid_cached(), s->namespace); else log_debug("systemd-journald stopped as PID "PID_FMT" for the system.", getpid_cached()); - server_driver_message(&server, 0, + server_driver_message(s, 0, "MESSAGE_ID=" SD_MESSAGE_JOURNAL_STOP_STR, LOG_MESSAGE("Journal stopped"), NULL); -finish: - server_done(&server); - - return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; + return 0; } + +DEFINE_MAIN_FUNCTION(run); diff --git a/src/journal/journald.conf b/src/journal/journald.conf index 7b9e232..13cdd63 100644 --- a/src/journal/journald.conf +++ b/src/journal/journald.conf @@ -44,6 +44,7 @@ #MaxLevelKMsg=notice #MaxLevelConsole=info #MaxLevelWall=emerg +#MaxLevelSocket=debug #LineMax=48K #ReadKMsg=yes #Audit=yes diff --git a/src/journal/meson.build b/src/journal/meson.build index 36600bf..9f0e699 100644 --- a/src/journal/meson.build +++ b/src/journal/meson.build @@ -12,6 +12,7 @@ sources = files( 'journald-stream.c', 'journald-syslog.c', 'journald-wall.c', + 'journald-socket.c', ) sources += custom_target( @@ -28,11 +29,24 @@ libjournal_core = static_library( userspace], build_by_default : false) +journalctl_sources = files( + 'journalctl.c', + 'journalctl-catalog.c', + 'journalctl-filter.c', + 'journalctl-misc.c', + 'journalctl-show.c', + 'journalctl-util.c', + 'journalctl-varlink.c', +) + +if conf.get('HAVE_GCRYPT') == 1 + journalctl_sources += files('journalctl-authenticate.c') +endif + if get_option('link-journalctl-shared') journalctl_link_with = [libshared] else journalctl_link_with = [ - libbasic_gcrypt, libshared_static, libsystemd_static, ] @@ -62,10 +76,10 @@ executables += [ libshared, ], 'dependencies' : [ - liblz4, + liblz4_cflags, libselinux, - libxz, - libzstd, + libxz_cflags, + libzstd_cflags, threads, ], }, @@ -90,30 +104,36 @@ executables += [ executable_template + { 'name' : 'journalctl', 'public' : true, - 'sources' : files('journalctl.c'), + 'sources' : journalctl_sources, 'link_with' : journalctl_link_with, 'dependencies' : [ libdl, - liblz4, - libxz, - libzstd, + liblz4_cflags, + libxz_cflags, + libzstd_cflags, threads, ], }, journal_test_template + { 'sources' : files('test-journald-config.c'), 'dependencies' : [ - liblz4, + liblz4_cflags, libselinux, - libxz, + libxz_cflags, ], }, + test_template + { + 'sources' : files( + 'test-journald-rate-limit.c', + 'journald-rate-limit.c', + ), + }, journal_test_template + { 'sources' : files('test-journald-syslog.c'), 'dependencies' : [ - liblz4, + liblz4_cflags, libselinux, - libxz, + libxz_cflags, threads, ], }, diff --git a/src/journal/test-journald-config.c b/src/journal/test-journald-config.c index 1a6c531..900b1db 100644 --- a/src/journal/test-journald-config.c +++ b/src/journal/test-journald-config.c @@ -1,8 +1,15 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ +#include <netinet/in.h> #include <stdbool.h> +#include <string.h> +#include <sys/un.h> #include "journald-server.h" +#include "log.h" +#include "path-util.h" +#include "socket-util.h" +#include "sparse-endian.h" #include "tests.h" #define _COMPRESS_PARSE_CHECK(str, enab, thresh, varname) \ @@ -47,4 +54,125 @@ TEST(config_compress) { COMPRESS_PARSE_CHECK("", true, UINT64_MAX); } +#define _FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(str, addr, varname) \ + do { \ + SocketAddress varname = {}; \ + config_parse_forward_to_socket("", "", 0, "", 0, "", 0, str, \ + &varname, NULL); \ + assert_se(socket_address_verify(&varname, true) < 0); \ + } while (0) + +#define FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(str) \ + _FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(str, addr, conf##__COUNTER__) + +#define _FORWARD_TO_SOCKET_PARSE_CHECK(str, addr, varname) \ + do { \ + SocketAddress varname = {}; \ + config_parse_forward_to_socket("", "", 0, "", 0, "", 0, str, \ + &varname, NULL); \ + buf = mfree(buf); \ + buf2 = mfree(buf2); \ + socket_address_print(&varname, &buf); \ + socket_address_print(&addr, &buf2); \ + log_info("\"%s\" parsed as \"%s\", should be \"%s\"", str, buf, buf2); \ + log_info("socket_address_verify(&addr, false) = %d", socket_address_verify(&addr, false)); \ + log_info("socket_address_verify(&varname, false) = %d", socket_address_verify(&varname, false)); \ + log_info("socket_address_family(&addr) = %d", socket_address_family(&addr)); \ + log_info("socket_address_family(&varname) = %d", socket_address_family(&varname)); \ + log_info("addr.size = %u", addr.size); \ + log_info("varname.size = %u", varname.size); \ + assert_se(socket_address_equal(&varname, &addr)); \ + } while (0) + +#define FORWARD_TO_SOCKET_PARSE_CHECK(str, addr) \ + _FORWARD_TO_SOCKET_PARSE_CHECK(str, addr, conf##__COUNTER__) + +TEST(config_forward_to_socket) { + SocketAddress addr; + _cleanup_free_ char *buf = NULL, *buf2 = NULL; + + /* Valid AF_UNIX */ + addr = (SocketAddress) { + .sockaddr.un = (struct sockaddr_un) { + .sun_family = AF_UNIX, + .sun_path = "/run/host/journal/socket", + }, + .size = offsetof(struct sockaddr_un, sun_path) + strlen("/run/host/journal/socket") + 1, + }; + FORWARD_TO_SOCKET_PARSE_CHECK("/run/host/journal/socket", addr); + + addr.size -= 1; + memcpy(addr.sockaddr.un.sun_path, "\0run/host/journal/socket", sizeof("\0run/host/journal/socket")); + FORWARD_TO_SOCKET_PARSE_CHECK("@run/host/journal/socket", addr); + + /* Valid AF_INET */ + addr = (SocketAddress) { + .sockaddr.in = (struct sockaddr_in) { + .sin_family = AF_INET, + .sin_addr = { htobe32(0xC0A80001) }, + .sin_port = htobe16(1234), + }, + .size = sizeof(struct sockaddr_in), + }; + FORWARD_TO_SOCKET_PARSE_CHECK("192.168.0.1:1234", addr); + + /* Valid AF_INET6 */ + addr = (SocketAddress) { + .sockaddr.in6 = (struct sockaddr_in6) { + .sin6_family = AF_INET6, + .sin6_addr = (struct in6_addr) { + .s6_addr16 = { + htobe16(0x2001), + htobe16(0xdb8), + htobe16(0x4006), + htobe16(0x812), + 0, 0, 0, + htobe16(0x200e) + } + }, + .sin6_port = htobe16(8080), + }, + .size = sizeof(struct sockaddr_in6), + }; + FORWARD_TO_SOCKET_PARSE_CHECK("[2001:db8:4006:812::200e]:8080", addr); + + /* Valid AF_VSOCK */ + addr = (SocketAddress) { + .sockaddr.vm = (struct sockaddr_vm) { + .svm_family = AF_VSOCK, + .svm_cid = 123456, + .svm_port = 654321, + }, + .size = sizeof(struct sockaddr_vm), + }; + FORWARD_TO_SOCKET_PARSE_CHECK("vsock:123456:654321", addr); + + /* Invalid IPv4 */ + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("256.123.45.12:1235"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("252.123.45.12:123500"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("252.123.45.12:0"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("252.123.45.12:-1"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("-1.123.45.12:22"); + + /* Invalid IPv6 */ + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[2001:db8:4006:812::200e]:80800"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[1ffff:db8:4006:812::200e]:8080"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[-1:db8:4006:812::200e]:8080"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[2001:db8:4006:812::200e]:-1"); + + /* Invalid UNIX */ + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("a/b/c"); + + /* Invalid VSock */ + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:4294967296:1234"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:1234:4294967296"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:abcd:1234"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:1234:abcd"); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:1234"); + + /* Invalid Case */ + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(""); + FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("ahh yes sockets, mmh"); +} + DEFINE_TEST_MAIN(LOG_INFO); diff --git a/src/journal/test-journald-rate-limit.c b/src/journal/test-journald-rate-limit.c new file mode 100644 index 0000000..a08faba --- /dev/null +++ b/src/journal/test-journald-rate-limit.c @@ -0,0 +1,40 @@ +/* SPDX-License-Identifier: LGPL-2.1-or-later */ + +#include "journald-rate-limit.h" +#include "tests.h" + +TEST(journal_ratelimit_test) { + _cleanup_ordered_hashmap_free_ OrderedHashmap *rl = NULL; + int r; + + for (unsigned i = 0; i < 20; i++) { + r = journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_DEBUG, 0); + assert_se(r == (i < 10 ? 1 : 0)); + r = journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_DEBUG, 0); + assert_se(r == (i < 10 ? 1 : 0)); + } + + /* Different priority group with the same ID is not ratelimited. */ + assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_INFO, 0) == 1); + assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_INFO, 0) == 1); + /* Still LOG_DEBUG is ratelimited. */ + assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 0); + assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_DEBUG, 0) == 0); + /* Different ID is not ratelimited. */ + assert_se(journal_ratelimit_test(&rl, "quux", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 1); + + usleep_safe(USEC_PER_SEC); + + /* The ratelimit is now expired (11 trials are suppressed, so the return value should be 12). */ + assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 1 + 11); + + /* foo is still ratelimited. */ + assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_DEBUG, 0) == 0); + + /* Still other priority and/or other IDs are not ratelimited. */ + assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_INFO, 0) == 1); + assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_INFO, 0) == 1); + assert_se(journal_ratelimit_test(&rl, "quux", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 1); +} + +DEFINE_TEST_MAIN(LOG_INFO); |