summaryrefslogtreecommitdiffstats
path: root/src/journal
diff options
context:
space:
mode:
Diffstat (limited to 'src/journal')
-rw-r--r--src/journal/bsod.c123
-rw-r--r--src/journal/cat.c19
-rw-r--r--src/journal/fuzz-journald-audit.c8
-rw-r--r--src/journal/fuzz-journald-kmsg.c8
-rw-r--r--src/journal/fuzz-journald-native-fd.c11
-rw-r--r--src/journal/fuzz-journald-stream.c24
-rw-r--r--src/journal/fuzz-journald.c23
-rw-r--r--src/journal/journalctl-authenticate.c207
-rw-r--r--src/journal/journalctl-authenticate.h16
-rw-r--r--src/journal/journalctl-catalog.c51
-rw-r--r--src/journal/journalctl-catalog.h5
-rw-r--r--src/journal/journalctl-filter.c484
-rw-r--r--src/journal/journalctl-filter.h6
-rw-r--r--src/journal/journalctl-misc.c298
-rw-r--r--src/journal/journalctl-misc.h12
-rw-r--r--src/journal/journalctl-show.c477
-rw-r--r--src/journal/journalctl-show.h4
-rw-r--r--src/journal/journalctl-util.c120
-rw-r--r--src/journal/journalctl-util.h11
-rw-r--r--src/journal/journalctl-varlink.c142
-rw-r--r--src/journal/journalctl-varlink.h9
-rw-r--r--src/journal/journalctl.c1816
-rw-r--r--src/journal/journalctl.h99
-rw-r--r--src/journal/journald-audit.c19
-rw-r--r--src/journal/journald-context.c6
-rw-r--r--src/journal/journald-gperf.gperf64
-rw-r--r--src/journal/journald-kmsg.c17
-rw-r--r--src/journal/journald-native.c171
-rw-r--r--src/journal/journald-native.h2
-rw-r--r--src/journal/journald-rate-limit.c205
-rw-r--r--src/journal/journald-rate-limit.h15
-rw-r--r--src/journal/journald-server.c354
-rw-r--r--src/journal/journald-server.h20
-rw-r--r--src/journal/journald-socket.c163
-rw-r--r--src/journal/journald-socket.h7
-rw-r--r--src/journal/journald-stream.c2
-rw-r--r--src/journal/journald-syslog.c12
-rw-r--r--src/journal/journald.c101
-rw-r--r--src/journal/journald.conf1
-rw-r--r--src/journal/meson.build44
-rw-r--r--src/journal/test-journald-config.c128
-rw-r--r--src/journal/test-journald-rate-limit.c40
42 files changed, 3135 insertions, 2209 deletions
diff --git a/src/journal/bsod.c b/src/journal/bsod.c
index a88cb66..b2889f0 100644
--- a/src/journal/bsod.c
+++ b/src/journal/bsod.c
@@ -17,6 +17,7 @@
#include "log.h"
#include "logs-show.h"
#include "main-func.h"
+#include "parse-argument.h"
#include "pretty-print.h"
#include "qrcode-util.h"
#include "sigbus.h"
@@ -25,6 +26,9 @@
#include "terminal-util.h"
static bool arg_continuous = false;
+static char *arg_tty = NULL;
+
+STATIC_DESTRUCTOR_REGISTER(arg_tty, freep);
static int help(void) {
_cleanup_free_ char *link = NULL;
@@ -34,19 +38,22 @@ static int help(void) {
if (r < 0)
return log_oom();
- printf("%s\n\n"
- "%sFilter the journal to fetch the first message from the\n"
- "current boot with an emergency log level and displays it\n"
- "as a string and a QR code.\n\n%s"
+ printf("%1$s [OPTIONS...]\n\n"
+ "%5$sFilter the journal to fetch the first message from the current boot with an%6$s\n"
+ "%5$semergency log level and display it as a string and a QR code.%6$s\n"
+ "\n%3$sOptions:%4$s\n"
" -h --help Show this help\n"
" --version Show package version\n"
" -c --continuous Make systemd-bsod wait continuously\n"
" for changes in the journal\n"
- "\nSee the %s for details.\n",
+ " --tty=TTY Specify path to TTY to use\n"
+ "\nSee the %2$s for details.\n",
program_invocation_short_name,
- ansi_highlight(),
+ link,
+ ansi_underline(),
ansi_normal(),
- link);
+ ansi_highlight(),
+ ansi_normal());
return 0;
}
@@ -60,22 +67,22 @@ static int acquire_first_emergency_log_message(char **ret) {
assert(ret);
- r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY);
+ r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY | (arg_continuous ? 0 : SD_JOURNAL_ASSUME_IMMUTABLE));
if (r < 0)
return log_error_errno(r, "Failed to open journal: %m");
r = add_match_this_boot(j, NULL);
if (r < 0)
- return log_warning_errno(r, "Failed to add boot ID filter: %m");
+ return log_error_errno(r, "Failed to add boot ID filter: %m");
- r = sd_journal_add_match(j, "_UID=0", 0);
+ r = sd_journal_add_match(j, "_UID=0", SIZE_MAX);
if (r < 0)
- return log_warning_errno(r, "Failed to add User ID filter: %m");
+ return log_error_errno(r, "Failed to add User ID filter: %m");
assert_cc(0 == LOG_EMERG);
- r = sd_journal_add_match(j, "PRIORITY=0", 0);
+ r = sd_journal_add_match(j, "PRIORITY=0", SIZE_MAX);
if (r < 0)
- return log_warning_errno(r, "Failed to add Emergency filter: %m");
+ return log_error_errno(r, "Failed to add Emergency filter: %m");
r = sd_journal_seek_head(j);
if (r < 0)
@@ -103,7 +110,7 @@ static int acquire_first_emergency_log_message(char **ret) {
if (r < 0)
return log_error_errno(r, "Failed to read journal message: %m");
- message = memdup_suffix0((const char*)d + STRLEN("MESSAGE="), l - STRLEN("MESSAGE="));
+ message = memdup_suffix0((const char*)d + strlen("MESSAGE="), l - strlen("MESSAGE="));
if (!message)
return log_oom();
@@ -124,18 +131,18 @@ static int find_next_free_vt(int fd, int *ret_free_vt, int *ret_original_vt) {
for (size_t i = 0; i < sizeof(terminal_status.v_state) * 8; i++)
if ((terminal_status.v_state & (1 << i)) == 0) {
- *ret_free_vt = i;
+ *ret_free_vt = i + 1;
*ret_original_vt = terminal_status.v_active;
return 0;
}
- return log_error_errno(SYNTHETIC_ERRNO(ENOTTY), "No free VT found: %m");
+ return -ENOTTY;
}
static int display_emergency_message_fullscreen(const char *message) {
- int r, ret = 0, free_vt = 0, original_vt = 0;
+ int r, free_vt = 0, original_vt = 0;
unsigned qr_code_start_row = 1, qr_code_start_column = 1;
- char tty[STRLEN("/dev/tty") + DECIMAL_STR_MAX(int) + 1];
+ char ttybuf[STRLEN("/dev/tty") + DECIMAL_STR_MAX(int) + 1];
_cleanup_close_ int fd = -EBADF;
_cleanup_fclose_ FILE *stream = NULL;
char read_character_buffer = '\0';
@@ -143,30 +150,36 @@ static int display_emergency_message_fullscreen(const char *message) {
.ws_col = 80,
.ws_row = 25,
};
+ const char *tty;
assert(message);
- fd = open_terminal("/dev/tty1", O_RDWR|O_NOCTTY|O_CLOEXEC);
- if (fd < 0)
- return log_error_errno(fd, "Failed to open tty1: %m");
+ if (arg_tty)
+ tty = arg_tty;
+ else {
+ fd = open_terminal("/dev/tty1", O_RDWR|O_NOCTTY|O_CLOEXEC);
+ if (fd < 0)
+ return log_error_errno(fd, "Failed to open /dev/tty1: %m");
- r = find_next_free_vt(fd, &free_vt, &original_vt);
- if (r < 0)
- return log_error_errno(r, "Failed to find a free VT: %m");
+ r = find_next_free_vt(fd, &free_vt, &original_vt);
+ if (r < 0)
+ return log_error_errno(r, "Failed to find a free VT: %m");
- xsprintf(tty, "/dev/tty%d", free_vt + 1);
+ xsprintf(ttybuf, "/dev/tty%d", free_vt);
+ tty = ttybuf;
- r = open_terminal(tty, O_RDWR|O_NOCTTY|O_CLOEXEC);
- if (r < 0)
- return log_error_errno(fd, "Failed to open tty: %m");
+ fd = safe_close(fd);
+ }
- close_and_replace(fd, r);
+ fd = open_terminal(tty, O_RDWR|O_NOCTTY|O_CLOEXEC);
+ if (fd < 0)
+ return log_error_errno(fd, "Failed to open %s: %m", tty);
if (ioctl(fd, TIOCGWINSZ, &w) < 0)
log_warning_errno(errno, "Failed to fetch tty size, ignoring: %m");
- if (ioctl(fd, VT_ACTIVATE, free_vt + 1) < 0)
- return log_error_errno(errno, "Failed to activate tty: %m");
+ if (free_vt > 0 && ioctl(fd, VT_ACTIVATE, free_vt) < 0)
+ return log_error_errno(errno, "Failed to activate /dev/tty%i, ignoring: %m", free_vt);
r = loop_write(fd, ANSI_BACKGROUND_BLUE ANSI_HOME_CLEAR, SIZE_MAX);
if (r < 0)
@@ -178,7 +191,7 @@ static int display_emergency_message_fullscreen(const char *message) {
r = loop_write(fd, "The current boot has failed!", SIZE_MAX);
if (r < 0) {
- ret = log_warning_errno(r, "Failed to write to terminal: %m");
+ log_error_errno(r, "Failed to write to terminal: %m");
goto cleanup;
}
@@ -190,13 +203,13 @@ static int display_emergency_message_fullscreen(const char *message) {
r = loop_write(fd, message, SIZE_MAX);
if (r < 0) {
- ret = log_warning_errno(r, "Failed to write emergency message to terminal: %m");
+ log_error_errno(r, "Failed to write emergency message to terminal: %m");
goto cleanup;
}
r = fdopen_independent(fd, "r+", &stream);
if (r < 0) {
- ret = log_error_errno(errno, "Failed to open output file: %m");
+ r = log_error_errno(errno, "Failed to open output file: %m");
goto cleanup;
}
@@ -208,37 +221,41 @@ static int display_emergency_message_fullscreen(const char *message) {
if (r < 0)
log_warning_errno(r, "Failed to move terminal cursor position, ignoring: %m");
- r = loop_write(fd, "Press any key to exit...", SIZE_MAX);
+ r = loop_write(fd, ANSI_BACKGROUND_BLUE "Press any key to exit...", SIZE_MAX);
if (r < 0) {
- ret = log_warning_errno(r, "Failed to write to terminal: %m");
+ log_error_errno(r, "Failed to write to terminal: %m");
goto cleanup;
}
r = read_one_char(stream, &read_character_buffer, USEC_INFINITY, NULL);
if (r < 0 && r != -EINTR)
- ret = log_error_errno(r, "Failed to read character: %m");
+ log_error_errno(r, "Failed to read character: %m");
+
+ r = 0;
cleanup:
- if (ioctl(fd, VT_ACTIVATE, original_vt) < 0)
- return log_error_errno(errno, "Failed to switch back to original VT: %m");
+ if (original_vt > 0 && ioctl(fd, VT_ACTIVATE, original_vt) < 0)
+ log_warning_errno(errno, "Failed to switch back to original VT /dev/tty%i: %m", original_vt);
- return ret;
+ return r;
}
static int parse_argv(int argc, char * argv[]) {
enum {
ARG_VERSION = 0x100,
+ ARG_TTY,
};
static const struct option options[] = {
- { "help", no_argument, NULL, 'h' },
- { "version", no_argument, NULL, ARG_VERSION },
- { "continuous", no_argument, NULL, 'c' },
+ { "help", no_argument, NULL, 'h' },
+ { "version", no_argument, NULL, ARG_VERSION },
+ { "continuous", no_argument, NULL, 'c' },
+ { "tty", required_argument, NULL, ARG_TTY },
{}
};
- int c;
+ int c, r;
assert(argc >= 0);
assert(argv);
@@ -257,6 +274,13 @@ static int parse_argv(int argc, char * argv[]) {
arg_continuous = true;
break;
+ case ARG_TTY:
+ r = parse_path_argument(optarg, /* suppress_root= */ false, &arg_tty);
+ if (r < 0)
+ return r;
+
+ break;
+
case '?':
return -EINVAL;
@@ -281,8 +305,7 @@ static int run(int argc, char *argv[]) {
_cleanup_free_ char *message = NULL;
int r;
- log_open();
- log_parse_environment();
+ log_setup();
sigbus_install();
@@ -292,7 +315,7 @@ static int run(int argc, char *argv[]) {
r = acquire_first_emergency_log_message(&message);
if (r < 0)
- return log_error_errno(r, "Failed to acquire first emergency log message: %m");
+ return r;
if (!message) {
log_debug("No emergency-level entries");
@@ -301,11 +324,7 @@ static int run(int argc, char *argv[]) {
assert_se(sigaction_many(&nop_sigaction, SIGTERM, SIGINT) >= 0);
- r = display_emergency_message_fullscreen((const char*) message);
- if (r < 0)
- return log_error_errno(r, "Failed to display emergency message on terminal: %m");
-
- return 0;
+ return display_emergency_message_fullscreen(message);
}
DEFINE_MAIN_FUNCTION(run);
diff --git a/src/journal/cat.c b/src/journal/cat.c
index 0325add..90d4f53 100644
--- a/src/journal/cat.c
+++ b/src/journal/cat.c
@@ -24,6 +24,7 @@
#include "terminal-util.h"
static const char *arg_identifier = NULL;
+static const char *arg_namespace = NULL;
static int arg_priority = LOG_INFO;
static int arg_stderr_priority = -1;
static bool arg_level_prefix = true;
@@ -44,6 +45,7 @@ static int help(void) {
" -p --priority=PRIORITY Set priority value (0..7)\n"
" --stderr-priority=PRIORITY Set priority value (0..7) used for stderr\n"
" --level-prefix=BOOL Control whether level prefix shall be parsed\n"
+ " --namespace=NAMESPACE Connect to specified journal namespace\n"
"\nSee the %s for details.\n",
program_invocation_short_name,
ansi_highlight(),
@@ -58,7 +60,8 @@ static int parse_argv(int argc, char *argv[]) {
enum {
ARG_VERSION = 0x100,
ARG_STDERR_PRIORITY,
- ARG_LEVEL_PREFIX
+ ARG_LEVEL_PREFIX,
+ ARG_NAMESPACE,
};
static const struct option options[] = {
@@ -68,6 +71,7 @@ static int parse_argv(int argc, char *argv[]) {
{ "priority", required_argument, NULL, 'p' },
{ "stderr-priority", required_argument, NULL, ARG_STDERR_PRIORITY },
{ "level-prefix", required_argument, NULL, ARG_LEVEL_PREFIX },
+ { "namespace", required_argument, NULL, ARG_NAMESPACE },
{}
};
@@ -91,10 +95,7 @@ static int parse_argv(int argc, char *argv[]) {
return version();
case 't':
- if (isempty(optarg))
- arg_identifier = NULL;
- else
- arg_identifier = optarg;
+ arg_identifier = empty_to_null(optarg);
break;
case 'p':
@@ -117,6 +118,10 @@ static int parse_argv(int argc, char *argv[]) {
return r;
break;
+ case ARG_NAMESPACE:
+ arg_namespace = empty_to_null(optarg);
+ break;
+
case '?':
return -EINVAL;
@@ -137,12 +142,12 @@ static int run(int argc, char *argv[]) {
if (r <= 0)
return r;
- outfd = sd_journal_stream_fd(arg_identifier, arg_priority, arg_level_prefix);
+ outfd = sd_journal_stream_fd_with_namespace(arg_namespace, arg_identifier, arg_priority, arg_level_prefix);
if (outfd < 0)
return log_error_errno(outfd, "Failed to create stream fd: %m");
if (arg_stderr_priority >= 0 && arg_stderr_priority != arg_priority) {
- errfd = sd_journal_stream_fd(arg_identifier, arg_stderr_priority, arg_level_prefix);
+ errfd = sd_journal_stream_fd_with_namespace(arg_namespace, arg_identifier, arg_stderr_priority, arg_level_prefix);
if (errfd < 0)
return log_error_errno(errfd, "Failed to create stream fd: %m");
}
diff --git a/src/journal/fuzz-journald-audit.c b/src/journal/fuzz-journald-audit.c
index 9bf7d01..3e08ce3 100644
--- a/src/journal/fuzz-journald-audit.c
+++ b/src/journal/fuzz-journald-audit.c
@@ -5,13 +5,13 @@
#include "journald-audit.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
- Server s;
+ _cleanup_(server_freep) Server *s = NULL;
fuzz_setup_logging();
- dummy_server_init(&s, data, size);
- process_audit_string(&s, 0, s.buffer, size);
- server_done(&s);
+ assert_se(server_new(&s) >= 0);
+ dummy_server_init(s, data, size);
+ process_audit_string(s, 0, s->buffer, size);
return 0;
}
diff --git a/src/journal/fuzz-journald-kmsg.c b/src/journal/fuzz-journald-kmsg.c
index 104a9b3..1a19f50 100644
--- a/src/journal/fuzz-journald-kmsg.c
+++ b/src/journal/fuzz-journald-kmsg.c
@@ -5,16 +5,16 @@
#include "journald-kmsg.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
- Server s;
+ _cleanup_(server_freep) Server *s = NULL;
if (size == 0)
return 0;
fuzz_setup_logging();
- dummy_server_init(&s, data, size);
- dev_kmsg_record(&s, s.buffer, size);
- server_done(&s);
+ assert_se(server_new(&s) >= 0);
+ dummy_server_init(s, data, size);
+ dev_kmsg_record(s, s->buffer, size);
return 0;
}
diff --git a/src/journal/fuzz-journald-native-fd.c b/src/journal/fuzz-journald-native-fd.c
index 110eb7f..07a8eb5 100644
--- a/src/journal/fuzz-journald-native-fd.c
+++ b/src/journal/fuzz-journald-native-fd.c
@@ -10,7 +10,7 @@
#include "tmpfile-util.h"
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
- Server s;
+ _cleanup_(server_freep) Server *s = NULL;
_cleanup_close_ int sealed_fd = -EBADF, unsealed_fd = -EBADF;
_cleanup_(unlink_tempfilep) char name[] = "/tmp/fuzz-journald-native-fd.XXXXXX";
char *label = NULL;
@@ -20,7 +20,8 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
fuzz_setup_logging();
- dummy_server_init(&s, NULL, 0);
+ assert_se(server_new(&s) >= 0);
+ dummy_server_init(s, NULL, 0);
sealed_fd = memfd_new_and_seal(NULL, data, size);
assert_se(sealed_fd >= 0);
@@ -29,15 +30,13 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
.uid = geteuid(),
.gid = getegid(),
};
- server_process_native_file(&s, sealed_fd, &ucred, tv, label, label_len);
+ (void) server_process_native_file(s, sealed_fd, &ucred, tv, label, label_len);
unsealed_fd = mkostemp_safe(name);
assert_se(unsealed_fd >= 0);
assert_se(write(unsealed_fd, data, size) == (ssize_t) size);
assert_se(lseek(unsealed_fd, 0, SEEK_SET) == 0);
- server_process_native_file(&s, unsealed_fd, &ucred, tv, label, label_len);
-
- server_done(&s);
+ (void) server_process_native_file(s, unsealed_fd, &ucred, tv, label, label_len);
return 0;
}
diff --git a/src/journal/fuzz-journald-stream.c b/src/journal/fuzz-journald-stream.c
index 6b2055f..3ad9e20 100644
--- a/src/journal/fuzz-journald-stream.c
+++ b/src/journal/fuzz-journald-stream.c
@@ -9,12 +9,11 @@
#include "fuzz-journald.h"
#include "journald-stream.h"
-static int stream_fds[2] = EBADF_PAIR;
-
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
- Server s;
+ _cleanup_close_pair_ int stream_fds[2] = EBADF_PAIR;
+ _cleanup_(server_freep) Server *s = NULL;
StdoutStream *stream;
- int v;
+ int v, fd0;
if (outside_size_range(size, 1, 65536))
return 0;
@@ -22,15 +21,18 @@ int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size) {
fuzz_setup_logging();
assert_se(socketpair(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0, stream_fds) >= 0);
- dummy_server_init(&s, NULL, 0);
- assert_se(stdout_stream_install(&s, stream_fds[0], &stream) >= 0);
+ assert_se(server_new(&s) >= 0);
+ dummy_server_init(s, NULL, 0);
+
+ assert_se(stdout_stream_install(s, stream_fds[0], &stream) >= 0);
+ fd0 = TAKE_FD(stream_fds[0]); /* avoid double close */
+
assert_se(write(stream_fds[1], data, size) == (ssize_t) size);
- while (ioctl(stream_fds[0], SIOCINQ, &v) == 0 && v)
- sd_event_run(s.event, UINT64_MAX);
- if (s.n_stdout_streams)
+ while (ioctl(fd0, SIOCINQ, &v) == 0 && v)
+ sd_event_run(s->event, UINT64_MAX);
+
+ if (s->n_stdout_streams > 0)
stdout_stream_destroy(stream);
- server_done(&s);
- stream_fds[1] = safe_close(stream_fds[1]);
return 0;
}
diff --git a/src/journal/fuzz-journald.c b/src/journal/fuzz-journald.c
index c96fad5..8317783 100644
--- a/src/journal/fuzz-journald.c
+++ b/src/journal/fuzz-journald.c
@@ -6,17 +6,9 @@
#include "sd-event.h"
void dummy_server_init(Server *s, const uint8_t *buffer, size_t size) {
- *s = (Server) {
- .syslog_fd = -EBADF,
- .native_fd = -EBADF,
- .stdout_fd = -EBADF,
- .dev_kmsg_fd = -EBADF,
- .audit_fd = -EBADF,
- .hostname_fd = -EBADF,
- .notify_fd = -EBADF,
- .storage = STORAGE_NONE,
- .line_max = 64,
- };
+ assert(s);
+
+ s->storage = STORAGE_NONE;
assert_se(sd_event_default(&s->event) >= 0);
if (buffer) {
@@ -30,7 +22,8 @@ void fuzz_journald_processing_function(
size_t size,
void (*f)(Server *s, const char *buf, size_t raw_len, const struct ucred *ucred, const struct timeval *tv, const char *label, size_t label_len)
) {
- Server s;
+
+ _cleanup_(server_freep) Server *s = NULL;
char *label = NULL;
size_t label_len = 0;
struct ucred *ucred = NULL;
@@ -39,7 +32,7 @@ void fuzz_journald_processing_function(
if (size == 0)
return;
- dummy_server_init(&s, data, size);
- (*f)(&s, s.buffer, size, ucred, tv, label, label_len);
- server_done(&s);
+ assert_se(server_new(&s) >= 0);
+ dummy_server_init(s, data, size);
+ (*f)(s, s->buffer, size, ucred, tv, label, label_len);
}
diff --git a/src/journal/journalctl-authenticate.c b/src/journal/journalctl-authenticate.c
new file mode 100644
index 0000000..10630f5
--- /dev/null
+++ b/src/journal/journalctl-authenticate.c
@@ -0,0 +1,207 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "chattr-util.h"
+#include "errno-util.h"
+#include "fd-util.h"
+#include "fs-util.h"
+#include "fsprg.h"
+#include "hostname-util.h"
+#include "io-util.h"
+#include "journal-authenticate.h"
+#include "journalctl.h"
+#include "journalctl-authenticate.h"
+#include "memstream-util.h"
+#include "path-util.h"
+#include "qrcode-util.h"
+#include "random-util.h"
+#include "stat-util.h"
+#include "terminal-util.h"
+#include "tmpfile-util.h"
+
+static int format_key(
+ const void *seed,
+ size_t seed_size,
+ uint64_t start,
+ uint64_t interval,
+ char **ret) {
+
+ _cleanup_(memstream_done) MemStream m = {};
+ FILE *f;
+
+ assert(seed);
+ assert(seed_size > 0);
+ assert(ret);
+
+ f = memstream_init(&m);
+ if (!f)
+ return -ENOMEM;
+
+ for (size_t i = 0; i < seed_size; i++) {
+ if (i > 0 && i % 3 == 0)
+ fputc('-', f);
+ fprintf(f, "%02x", ((uint8_t*) seed)[i]);
+ }
+
+ fprintf(f, "/%"PRIx64"-%"PRIx64, start, interval);
+
+ return memstream_finalize(&m, ret, NULL);
+}
+
+int action_setup_keys(void) {
+ _cleanup_(unlink_and_freep) char *tmpfile = NULL;
+ _cleanup_close_ int fd = -EBADF;
+ _cleanup_free_ char *path = NULL;
+ size_t mpk_size, seed_size, state_size;
+ uint8_t *mpk, *seed, *state;
+ sd_id128_t machine, boot;
+ uint64_t n;
+ int r;
+
+ assert(arg_action == ACTION_SETUP_KEYS);
+
+ r = is_dir("/var/log/journal/", /* follow = */ false);
+ if (r == 0)
+ return log_error_errno(SYNTHETIC_ERRNO(ENOTDIR),
+ "/var/log/journal is not a directory, must be using persistent logging for FSS.");
+ if (r == -ENOENT)
+ return log_error_errno(r, "Directory /var/log/journal/ does not exist, must be using persistent logging for FSS.");
+ if (r < 0)
+ return log_error_errno(r, "Failed to check if /var/log/journal/ is a directory: %m");
+
+ r = sd_id128_get_machine(&machine);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get machine ID: %m");
+
+ r = sd_id128_get_boot(&boot);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get boot ID: %m");
+
+ path = path_join("/var/log/journal/", SD_ID128_TO_STRING(machine), "/fss");
+ if (!path)
+ return log_oom();
+
+ if (arg_force) {
+ if (unlink(path) < 0 && errno != ENOENT)
+ return log_error_errno(errno, "Failed to remove \"%s\": %m", path);
+ } else if (access(path, F_OK) >= 0)
+ return log_error_errno(SYNTHETIC_ERRNO(EEXIST),
+ "Sealing key file %s exists already. Use --force to recreate.", path);
+
+ mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
+ mpk = alloca_safe(mpk_size);
+
+ seed_size = FSPRG_RECOMMENDED_SEEDLEN;
+ seed = alloca_safe(seed_size);
+
+ state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
+ state = alloca_safe(state_size);
+
+ log_info("Generating seed...");
+ r = crypto_random_bytes(seed, seed_size);
+ if (r < 0)
+ return log_error_errno(r, "Failed to acquire random seed: %m");
+
+ log_info("Generating key pair...");
+ r = FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
+ if (r < 0)
+ return log_error_errno(r, "Failed to generate key pair: %m");
+
+ log_info("Generating sealing key...");
+ r = FSPRG_GenState0(state, mpk, seed, seed_size);
+ if (r < 0)
+ return log_error_errno(r, "Failed to generate sealing key: %m");
+
+ assert(arg_interval > 0);
+ n = now(CLOCK_REALTIME);
+ n /= arg_interval;
+
+ fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmpfile);
+ if (fd < 0)
+ return log_error_errno(fd, "Failed to open a temporary file for %s: %m", path);
+
+ r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS);
+ if (r < 0)
+ log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING,
+ r, "Failed to set file attributes on a temporary file for '%s', ignoring: %m", path);
+
+ struct FSSHeader h = {
+ .signature = { 'K', 'S', 'H', 'H', 'R', 'H', 'L', 'P' },
+ .machine_id = machine,
+ .boot_id = boot,
+ .header_size = htole64(sizeof(h)),
+ .start_usec = htole64(n * arg_interval),
+ .interval_usec = htole64(arg_interval),
+ .fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR),
+ .fsprg_state_size = htole64(state_size),
+ };
+
+ r = loop_write(fd, &h, sizeof(h));
+ if (r < 0)
+ return log_error_errno(r, "Failed to write header: %m");
+
+ r = loop_write(fd, state, state_size);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write state: %m");
+
+ r = link_tmpfile(fd, tmpfile, path, /* flags = */ 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to link file: %m");
+
+ tmpfile = mfree(tmpfile);
+
+ _cleanup_free_ char *key = NULL;
+ r = format_key(seed, seed_size, n, arg_interval, &key);
+ if (r < 0)
+ return r;
+
+ if (!on_tty()) {
+ /* If we are not on a TTY, show only the key. */
+ puts(key);
+ return 0;
+ }
+
+ _cleanup_free_ char *hn = NULL;
+ hn = gethostname_malloc();
+ if (hn)
+ hostname_cleanup(hn);
+
+ fprintf(stderr,
+ "\nNew keys have been generated for host %s%s" SD_ID128_FORMAT_STR ".\n"
+ "\n"
+ "The %ssecret sealing key%s has been written to the following local file.\n"
+ "This key file is automatically updated when the sealing key is advanced.\n"
+ "It should not be used on multiple hosts.\n"
+ "\n"
+ "\t%s\n"
+ "\n"
+ "The sealing key is automatically changed every %s.\n"
+ "\n"
+ "Please write down the following %ssecret verification key%s. It should be stored\n"
+ "in a safe location and should not be saved locally on disk.\n"
+ "\n\t%s",
+ strempty(hn), hn ? "/" : "",
+ SD_ID128_FORMAT_VAL(machine),
+ ansi_highlight(), ansi_normal(),
+ path,
+ FORMAT_TIMESPAN(arg_interval, 0),
+ ansi_highlight(), ansi_normal(),
+ ansi_highlight_red());
+ fflush(stderr);
+
+ puts(key);
+
+ fputs(ansi_normal(), stderr);
+
+#if HAVE_QRENCODE
+ _cleanup_free_ char *url = NULL;
+ url = strjoin("fss://", key, "?machine=", SD_ID128_TO_STRING(machine), hn ? ";hostname=" : "", hn);
+ if (!url)
+ return log_oom();
+
+ (void) print_qrcode(stderr,
+ "To transfer the verification key to your phone scan the QR code below",
+ url);
+#endif
+
+ return 0;
+}
diff --git a/src/journal/journalctl-authenticate.h b/src/journal/journalctl-authenticate.h
new file mode 100644
index 0000000..2a8ebd5
--- /dev/null
+++ b/src/journal/journalctl-authenticate.h
@@ -0,0 +1,16 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#if HAVE_GCRYPT
+
+int action_setup_keys(void);
+
+#else
+
+#include "log.h"
+
+static inline int action_setup_keys(void) {
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "Forward-secure sealing not available.");
+}
+
+#endif
diff --git a/src/journal/journalctl-catalog.c b/src/journal/journalctl-catalog.c
new file mode 100644
index 0000000..116e152
--- /dev/null
+++ b/src/journal/journalctl-catalog.c
@@ -0,0 +1,51 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "catalog.h"
+#include "journalctl.h"
+#include "journalctl-catalog.h"
+#include "path-util.h"
+
+int action_update_catalog(void) {
+ _cleanup_free_ char *database = NULL;
+ const char *e;
+ int r;
+
+ assert(arg_action == ACTION_UPDATE_CATALOG);
+
+ database = path_join(arg_root, secure_getenv("SYSTEMD_CATALOG") ?: CATALOG_DATABASE);
+ if (!database)
+ return log_oom();
+
+ e = secure_getenv("SYSTEMD_CATALOG_SOURCES");
+ r = catalog_update(database,
+ arg_root,
+ e ? STRV_MAKE_CONST(e) : catalog_file_dirs);
+ if (r < 0)
+ return log_error_errno(r, "Failed to update catalog: %m");
+
+ return 0;
+}
+
+int action_list_catalog(char **items) {
+ _cleanup_free_ char *database = NULL;
+ int r;
+
+ assert(IN_SET(arg_action, ACTION_LIST_CATALOG, ACTION_DUMP_CATALOG));
+
+ database = path_join(arg_root, secure_getenv("SYSTEMD_CATALOG") ?: CATALOG_DATABASE);
+ if (!database)
+ return log_oom();
+
+ bool oneline = arg_action == ACTION_LIST_CATALOG;
+
+ pager_open(arg_pager_flags);
+
+ if (items)
+ r = catalog_list_items(stdout, database, oneline, items);
+ else
+ r = catalog_list(stdout, database, oneline);
+ if (r < 0)
+ return log_error_errno(r, "Failed to list catalog: %m");
+
+ return 0;
+}
diff --git a/src/journal/journalctl-catalog.h b/src/journal/journalctl-catalog.h
new file mode 100644
index 0000000..d52bdd4
--- /dev/null
+++ b/src/journal/journalctl-catalog.h
@@ -0,0 +1,5 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+int action_update_catalog(void);
+int action_list_catalog(char **items);
diff --git a/src/journal/journalctl-filter.c b/src/journal/journalctl-filter.c
new file mode 100644
index 0000000..f9eb9f8
--- /dev/null
+++ b/src/journal/journalctl-filter.c
@@ -0,0 +1,484 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "sd-device.h"
+
+#include "chase.h"
+#include "devnum-util.h"
+#include "fileio.h"
+#include "glob-util.h"
+#include "journal-internal.h"
+#include "journalctl.h"
+#include "journalctl-filter.h"
+#include "journalctl-util.h"
+#include "logs-show.h"
+#include "missing_sched.h"
+#include "nulstr-util.h"
+#include "path-util.h"
+#include "unit-name.h"
+
+static int add_boot(sd_journal *j) {
+ int r;
+
+ assert(j);
+
+ if (!arg_boot)
+ return 0;
+
+ assert(!sd_id128_is_null(arg_boot_id));
+
+ r = add_match_boot_id(j, arg_boot_id);
+ if (r < 0)
+ return r;
+
+ return sd_journal_add_conjunction(j);
+}
+
+static int add_dmesg(sd_journal *j) {
+ int r;
+
+ assert(j);
+
+ if (!arg_dmesg)
+ return 0;
+
+ r = sd_journal_add_match(j, "_TRANSPORT=kernel", SIZE_MAX);
+ if (r < 0)
+ return r;
+
+ return sd_journal_add_conjunction(j);
+}
+
+static int get_possible_units(
+ sd_journal *j,
+ const char *fields,
+ char **patterns,
+ Set **ret) {
+
+ _cleanup_set_free_ Set *found = NULL;
+ int r;
+
+ assert(j);
+ assert(fields);
+ assert(ret);
+
+ NULSTR_FOREACH(field, fields) {
+ const void *data;
+ size_t size;
+
+ r = sd_journal_query_unique(j, field);
+ if (r < 0)
+ return r;
+
+ SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
+ _cleanup_free_ char *u = NULL;
+ char *eq;
+
+ eq = memchr(data, '=', size);
+ if (eq) {
+ size -= eq - (char*) data + 1;
+ data = ++eq;
+ }
+
+ u = strndup(data, size);
+ if (!u)
+ return -ENOMEM;
+
+ size_t i;
+ if (!strv_fnmatch_full(patterns, u, FNM_NOESCAPE, &i))
+ continue;
+
+ log_debug("Matched %s with pattern %s=%s", u, field, patterns[i]);
+ r = set_ensure_consume(&found, &string_hash_ops_free, TAKE_PTR(u));
+ if (r < 0)
+ return r;
+ }
+ }
+
+ *ret = TAKE_PTR(found);
+ return 0;
+}
+
+/* This list is supposed to return the superset of unit names
+ * possibly matched by rules added with add_matches_for_unit... */
+#define SYSTEM_UNITS \
+ "_SYSTEMD_UNIT\0" \
+ "COREDUMP_UNIT\0" \
+ "UNIT\0" \
+ "OBJECT_SYSTEMD_UNIT\0" \
+ "_SYSTEMD_SLICE\0"
+
+/* ... and add_matches_for_user_unit */
+#define USER_UNITS \
+ "_SYSTEMD_USER_UNIT\0" \
+ "USER_UNIT\0" \
+ "COREDUMP_USER_UNIT\0" \
+ "OBJECT_SYSTEMD_USER_UNIT\0" \
+ "_SYSTEMD_USER_SLICE\0"
+
+static int add_units(sd_journal *j) {
+ _cleanup_strv_free_ char **patterns = NULL;
+ bool added = false;
+ int r;
+
+ assert(j);
+
+ if (strv_isempty(arg_system_units) && strv_isempty(arg_user_units))
+ return 0;
+
+ STRV_FOREACH(i, arg_system_units) {
+ _cleanup_free_ char *u = NULL;
+
+ r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
+ if (r < 0)
+ return r;
+
+ if (string_is_glob(u)) {
+ r = strv_consume(&patterns, TAKE_PTR(u));
+ if (r < 0)
+ return r;
+ } else {
+ r = add_matches_for_unit(j, u);
+ if (r < 0)
+ return r;
+ r = sd_journal_add_disjunction(j);
+ if (r < 0)
+ return r;
+ added = true;
+ }
+ }
+
+ if (!strv_isempty(patterns)) {
+ _cleanup_set_free_ Set *units = NULL;
+ char *u;
+
+ r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
+ if (r < 0)
+ return r;
+
+ SET_FOREACH(u, units) {
+ r = add_matches_for_unit(j, u);
+ if (r < 0)
+ return r;
+ r = sd_journal_add_disjunction(j);
+ if (r < 0)
+ return r;
+ added = true;
+ }
+ }
+
+ patterns = strv_free(patterns);
+
+ STRV_FOREACH(i, arg_user_units) {
+ _cleanup_free_ char *u = NULL;
+
+ r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
+ if (r < 0)
+ return r;
+
+ if (string_is_glob(u)) {
+ r = strv_consume(&patterns, TAKE_PTR(u));
+ if (r < 0)
+ return r;
+ } else {
+ r = add_matches_for_user_unit(j, u);
+ if (r < 0)
+ return r;
+ r = sd_journal_add_disjunction(j);
+ if (r < 0)
+ return r;
+ added = true;
+ }
+ }
+
+ if (!strv_isempty(patterns)) {
+ _cleanup_set_free_ Set *units = NULL;
+ char *u;
+
+ r = get_possible_units(j, USER_UNITS, patterns, &units);
+ if (r < 0)
+ return r;
+
+ SET_FOREACH(u, units) {
+ r = add_matches_for_user_unit(j, u);
+ if (r < 0)
+ return r;
+ r = sd_journal_add_disjunction(j);
+ if (r < 0)
+ return r;
+ added = true;
+ }
+ }
+
+ /* Complain if the user request matches but nothing whatsoever was found, since otherwise everything
+ * would be matched. */
+ if (!added)
+ return -ENODATA;
+
+ return sd_journal_add_conjunction(j);
+}
+
+static int add_syslog_identifier(sd_journal *j) {
+ int r;
+
+ assert(j);
+
+ if (strv_isempty(arg_syslog_identifier))
+ return 0;
+
+ STRV_FOREACH(i, arg_syslog_identifier) {
+ r = journal_add_match_pair(j, "SYSLOG_IDENTIFIER", *i);
+ if (r < 0)
+ return r;
+ r = sd_journal_add_disjunction(j);
+ if (r < 0)
+ return r;
+ }
+
+ return sd_journal_add_conjunction(j);
+}
+
+static int add_exclude_identifier(sd_journal *j) {
+ _cleanup_set_free_ Set *excludes = NULL;
+ int r;
+
+ assert(j);
+
+ r = set_put_strdupv(&excludes, arg_exclude_identifier);
+ if (r < 0)
+ return r;
+
+ return set_free_and_replace(j->exclude_syslog_identifiers, excludes);
+}
+
+static int add_priorities(sd_journal *j) {
+ int r;
+
+ assert(j);
+
+ if (arg_priorities == 0)
+ return 0;
+
+ for (int i = LOG_EMERG; i <= LOG_DEBUG; i++)
+ if (arg_priorities & (1 << i)) {
+ r = journal_add_matchf(j, "PRIORITY=%d", i);
+ if (r < 0)
+ return r;
+ }
+
+ return sd_journal_add_conjunction(j);
+}
+
+static int add_facilities(sd_journal *j) {
+ int r;
+
+ assert(j);
+
+ if (set_isempty(arg_facilities))
+ return 0;
+
+ void *p;
+ SET_FOREACH(p, arg_facilities) {
+ r = journal_add_matchf(j, "SYSLOG_FACILITY=%d", PTR_TO_INT(p));
+ if (r < 0)
+ return r;
+ }
+
+ return sd_journal_add_conjunction(j);
+}
+
+static int add_matches_for_executable(sd_journal *j, const char *path) {
+ _cleanup_free_ char *interpreter = NULL;
+ int r;
+
+ assert(j);
+ assert(path);
+
+ if (executable_is_script(path, &interpreter) > 0) {
+ _cleanup_free_ char *comm = NULL;
+
+ r = path_extract_filename(path, &comm);
+ if (r < 0)
+ return log_error_errno(r, "Failed to extract filename of '%s': %m", path);
+
+ r = journal_add_match_pair(j, "_COMM", strshorten(comm, TASK_COMM_LEN-1));
+ if (r < 0)
+ return log_error_errno(r, "Failed to add match: %m");
+
+ /* Append _EXE only if the interpreter is not a link. Otherwise, it might be outdated often. */
+ path = is_symlink(interpreter) > 0 ? interpreter : NULL;
+ }
+
+ if (path) {
+ r = journal_add_match_pair(j, "_EXE", path);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add match: %m");
+ }
+
+ return 0;
+}
+
+static int add_matches_for_device(sd_journal *j, const char *devpath) {
+ _cleanup_(sd_device_unrefp) sd_device *device = NULL;
+ int r;
+
+ assert(j);
+ assert(devpath);
+
+ r = sd_device_new_from_devname(&device, devpath);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get device '%s': %m", devpath);
+
+ for (sd_device *d = device; d; ) {
+ const char *subsys, *sysname;
+
+ r = sd_device_get_subsystem(d, &subsys);
+ if (r < 0)
+ goto get_parent;
+
+ r = sd_device_get_sysname(d, &sysname);
+ if (r < 0)
+ goto get_parent;
+
+ r = journal_add_matchf(j, "_KERNEL_DEVICE=+%s:%s", subsys, sysname);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add match: %m");
+
+ dev_t devnum;
+ if (sd_device_get_devnum(d, &devnum) >= 0) {
+ r = journal_add_matchf(j, "_KERNEL_DEVICE=%c" DEVNUM_FORMAT_STR,
+ streq(subsys, "block") ? 'b' : 'c',
+ DEVNUM_FORMAT_VAL(devnum));
+ if (r < 0)
+ return log_error_errno(r, "Failed to add match: %m");
+ }
+
+get_parent:
+ if (sd_device_get_parent(d, &d) < 0)
+ break;
+ }
+
+ return add_match_boot_id(j, SD_ID128_NULL);
+}
+
+static int add_matches_for_path(sd_journal *j, const char *path) {
+ _cleanup_free_ char *p = NULL;
+ struct stat st;
+ int r;
+
+ assert(j);
+ assert(path);
+
+ if (arg_root || arg_machine)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+ "An extra path in match filter is currently not supported with --root, --image, or -M/--machine.");
+
+ r = chase_and_stat(path, NULL, 0, &p, &st);
+ if (r < 0)
+ return log_error_errno(r, "Couldn't canonicalize path '%s': %m", path);
+
+ if (S_ISREG(st.st_mode) && (0111 & st.st_mode))
+ return add_matches_for_executable(j, p);
+
+ if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode))
+ return add_matches_for_device(j, p);
+
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "File is neither a device node nor executable: %s", p);
+}
+
+static int add_matches(sd_journal *j, char **args) {
+ bool have_term = false;
+ int r;
+
+ assert(j);
+
+ if (strv_isempty(args))
+ return 0;
+
+ STRV_FOREACH(i, args)
+ if (streq(*i, "+")) {
+ if (!have_term)
+ break;
+
+ r = sd_journal_add_disjunction(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add disjunction: %m");
+
+ have_term = false;
+
+ } else if (path_is_absolute(*i)) {
+ r = add_matches_for_path(j, *i);
+ if (r < 0)
+ return r;
+ have_term = true;
+
+ } else {
+ r = sd_journal_add_match(j, *i, SIZE_MAX);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add match '%s': %m", *i);
+ have_term = true;
+ }
+
+ if (!have_term)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "\"+\" can only be used between terms.");
+
+ return 0;
+}
+
+int add_filters(sd_journal *j, char **matches) {
+ int r;
+
+ assert(j);
+
+ /* First, search boot ID, as that may set and flush matches and seek journal. */
+ r = journal_acquire_boot(j);
+ if (r < 0)
+ return r;
+
+ /* Clear unexpected matches for safety. */
+ sd_journal_flush_matches(j);
+
+ /* Then, add filters in the below. */
+ r = add_boot(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add filter for boot: %m");
+
+ r = add_dmesg(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add filter for dmesg: %m");
+
+ r = add_units(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add filter for units: %m");
+
+ r = add_syslog_identifier(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add filter for syslog identifiers: %m");
+
+ r = add_exclude_identifier(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add exclude filter for syslog identifiers: %m");
+
+ r = add_priorities(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add filter for priorities: %m");
+
+ r = add_facilities(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add filter for facilities: %m");
+
+ r = add_matches(j, matches);
+ if (r < 0)
+ return r;
+
+ if (DEBUG_LOGGING) {
+ _cleanup_free_ char *filter = NULL;
+
+ filter = journal_make_match_string(j);
+ if (!filter)
+ return log_oom();
+
+ log_debug("Journal filter: %s", filter);
+ }
+
+ return 0;
+}
diff --git a/src/journal/journalctl-filter.h b/src/journal/journalctl-filter.h
new file mode 100644
index 0000000..c752c0c
--- /dev/null
+++ b/src/journal/journalctl-filter.h
@@ -0,0 +1,6 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include "sd-journal.h"
+
+int add_filters(sd_journal *j, char **matches);
diff --git a/src/journal/journalctl-misc.c b/src/journal/journalctl-misc.c
new file mode 100644
index 0000000..8ca6ea2
--- /dev/null
+++ b/src/journal/journalctl-misc.c
@@ -0,0 +1,298 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "dirent-util.h"
+#include "fd-util.h"
+#include "format-table.h"
+#include "format-util.h"
+#include "journal-internal.h"
+#include "journal-verify.h"
+#include "journalctl.h"
+#include "journalctl-misc.h"
+#include "journalctl-util.h"
+#include "logs-show.h"
+#include "syslog-util.h"
+
+int action_print_header(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ int r;
+
+ assert(arg_action == ACTION_PRINT_HEADER);
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ journal_print_header(j);
+ return 0;
+}
+
+int action_verify(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ int r;
+
+ assert(arg_action == ACTION_VERIFY);
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ log_show_color(true);
+
+ JournalFile *f;
+ ORDERED_HASHMAP_FOREACH(f, j->files) {
+ int k;
+ usec_t first = 0, validated = 0, last = 0;
+
+#if HAVE_GCRYPT
+ if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
+ log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
+#endif
+
+ k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, /* show_progress = */ !arg_quiet);
+ if (k == -EINVAL)
+ /* If the key was invalid give up right-away. */
+ return k;
+ if (k < 0)
+ r = log_warning_errno(k, "FAIL: %s (%m)", f->path);
+ else {
+ char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
+ log_full(arg_quiet ? LOG_DEBUG : LOG_INFO, "PASS: %s", f->path);
+
+ if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
+ if (validated > 0) {
+ log_full(arg_quiet ? LOG_DEBUG : LOG_INFO,
+ "=> Validated from %s to %s, final %s entries not sealed.",
+ format_timestamp_maybe_utc(a, sizeof(a), first),
+ format_timestamp_maybe_utc(b, sizeof(b), validated),
+ FORMAT_TIMESPAN(last > validated ? last - validated : 0, 0));
+ } else if (last > 0)
+ log_full(arg_quiet ? LOG_DEBUG : LOG_INFO,
+ "=> No sealing yet, %s of entries not sealed.",
+ FORMAT_TIMESPAN(last - first, 0));
+ else
+ log_full(arg_quiet ? LOG_DEBUG : LOG_INFO,
+ "=> No sealing yet, no entries in file.");
+ }
+ }
+ }
+
+ return r;
+}
+
+int action_disk_usage(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ uint64_t bytes = 0;
+ int r;
+
+ assert(arg_action == ACTION_DISK_USAGE);
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ r = sd_journal_get_usage(j, &bytes);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get disk usage: %m");
+
+ printf("Archived and active journals take up %s in the file system.\n", FORMAT_BYTES(bytes));
+ return 0;
+}
+
+int action_list_boots(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ _cleanup_(table_unrefp) Table *table = NULL;
+ _cleanup_free_ BootId *boots = NULL;
+ size_t n_boots;
+ int r;
+
+ assert(arg_action == ACTION_LIST_BOOTS);
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ r = journal_get_boots(
+ j,
+ /* advance_older = */ arg_lines_needs_seek_end(),
+ /* max_ids = */ arg_lines >= 0 ? (size_t) arg_lines : SIZE_MAX,
+ &boots, &n_boots);
+ if (r < 0)
+ return log_error_errno(r, "Failed to determine boots: %m");
+ if (r == 0)
+ return log_full_errno(arg_quiet ? LOG_DEBUG : LOG_ERR, SYNTHETIC_ERRNO(ENODATA),
+ "No boot found.");
+
+ table = table_new("idx", "boot id", "first entry", "last entry");
+ if (!table)
+ return log_oom();
+
+ if (arg_full)
+ table_set_width(table, 0);
+
+ r = table_set_json_field_name(table, 0, "index");
+ if (r < 0)
+ return log_error_errno(r, "Failed to set JSON field name of column 0: %m");
+
+ (void) table_set_sort(table, (size_t) 0);
+ (void) table_set_reverse(table, 0, arg_reverse);
+
+ for (int i = 0; i < (int) n_boots; i++) {
+ int index;
+
+ if (arg_lines_needs_seek_end())
+ /* With --lines=N, we only know the negative index, and the older ID is located earlier. */
+ index = -i;
+ else if (arg_lines >= 0)
+ /* With --lines=+N, we only know the positive index, and the newer ID is located earlier. */
+ index = i + 1;
+ else
+ /* Otherwise, show negative index. Note, in this case, newer ID is located earlier. */
+ index = i + 1 - (int) n_boots;
+
+ r = table_add_many(table,
+ TABLE_INT, index,
+ TABLE_SET_ALIGN_PERCENT, 100,
+ TABLE_ID128, boots[i].id,
+ TABLE_TIMESTAMP, boots[i].first_usec,
+ TABLE_TIMESTAMP, boots[i].last_usec);
+ if (r < 0)
+ return table_log_add_error(r);
+ }
+
+ r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, !arg_quiet);
+ if (r < 0)
+ return table_log_print_error(r);
+
+ return 0;
+}
+
+int action_list_fields(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ int r, n_shown = 0;
+
+ assert(arg_action == ACTION_LIST_FIELDS);
+ assert(arg_field);
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ if (!journal_boot_has_effect(j))
+ return 0;
+
+ r = sd_journal_set_data_threshold(j, 0);
+ if (r < 0)
+ return log_error_errno(r, "Failed to unset data size threshold: %m");
+
+ r = sd_journal_query_unique(j, arg_field);
+ if (r < 0)
+ return log_error_errno(r, "Failed to query unique data objects: %m");
+
+ const void *data;
+ size_t size;
+ SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
+ const void *eq;
+
+ if (arg_lines >= 0 && n_shown >= arg_lines)
+ break;
+
+ eq = memchr(data, '=', size);
+ if (eq)
+ printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
+ else
+ printf("%.*s\n", (int) size, (const char*) data);
+
+ n_shown++;
+ }
+
+ return 0;
+}
+
+int action_list_field_names(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ int r;
+
+ assert(arg_action == ACTION_LIST_FIELD_NAMES);
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ const char *field;
+ SD_JOURNAL_FOREACH_FIELD(j, field)
+ printf("%s\n", field);
+
+ return 0;
+}
+
+int action_list_namespaces(void) {
+ _cleanup_(table_unrefp) Table *table = NULL;
+ sd_id128_t machine;
+ int r;
+
+ assert(arg_action == ACTION_LIST_NAMESPACES);
+
+ r = sd_id128_get_machine(&machine);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get machine ID: %m");
+
+ table = table_new("namespace");
+ if (!table)
+ return log_oom();
+
+ (void) table_set_sort(table, (size_t) 0);
+
+ FOREACH_STRING(dir, "/var/log/journal", "/run/log/journal") {
+ _cleanup_free_ char *path = NULL;
+ _cleanup_closedir_ DIR *dirp = NULL;
+
+ path = path_join(arg_root, dir);
+ if (!path)
+ return log_oom();
+
+ dirp = opendir(path);
+ if (!dirp) {
+ log_debug_errno(errno, "Failed to open directory %s, ignoring: %m", path);
+ continue;
+ }
+
+ FOREACH_DIRENT(de, dirp, return log_error_errno(errno, "Failed to iterate through %s: %m", path)) {
+
+ const char *e = strchr(de->d_name, '.');
+ if (!e)
+ continue;
+
+ _cleanup_free_ char *ids = strndup(de->d_name, e - de->d_name);
+ if (!ids)
+ return log_oom();
+
+ sd_id128_t id;
+ r = sd_id128_from_string(ids, &id);
+ if (r < 0)
+ continue;
+
+ if (!sd_id128_equal(machine, id))
+ continue;
+
+ e++;
+
+ if (!log_namespace_name_valid(e))
+ continue;
+
+ r = table_add_cell(table, NULL, TABLE_STRING, e);
+ if (r < 0)
+ return table_log_add_error(r);
+ }
+ }
+
+ if (table_isempty(table) && FLAGS_SET(arg_json_format_flags, JSON_FORMAT_OFF)) {
+ if (!arg_quiet)
+ log_notice("No namespaces found.");
+ } else {
+ r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, !arg_quiet);
+ if (r < 0)
+ return r;
+ }
+
+ return 0;
+}
diff --git a/src/journal/journalctl-misc.h b/src/journal/journalctl-misc.h
new file mode 100644
index 0000000..70f851b
--- /dev/null
+++ b/src/journal/journalctl-misc.h
@@ -0,0 +1,12 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include <stdbool.h>
+
+int action_print_header(void);
+int action_verify(void);
+int action_disk_usage(void);
+int action_list_boots(void);
+int action_list_fields(void);
+int action_list_field_names(void);
+int action_list_namespaces(void);
diff --git a/src/journal/journalctl-show.c b/src/journal/journalctl-show.c
new file mode 100644
index 0000000..e8ffc72
--- /dev/null
+++ b/src/journal/journalctl-show.c
@@ -0,0 +1,477 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <unistd.h>
+
+#include "sd-event.h"
+
+#include "fileio.h"
+#include "journalctl.h"
+#include "journalctl-filter.h"
+#include "journalctl-show.h"
+#include "journalctl-util.h"
+#include "logs-show.h"
+#include "terminal-util.h"
+
+#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1024 messages processed */
+
+typedef struct Context {
+ sd_journal *journal;
+ bool has_cursor;
+ bool need_seek;
+ bool since_seeked;
+ bool ellipsized;
+ bool previous_boot_id_valid;
+ sd_id128_t previous_boot_id;
+ sd_id128_t previous_boot_id_output;
+ dual_timestamp previous_ts_output;
+} Context;
+
+static void context_done(Context *c) {
+ assert(c);
+
+ sd_journal_close(c->journal);
+}
+
+static int seek_journal(Context *c) {
+ sd_journal *j = ASSERT_PTR(ASSERT_PTR(c)->journal);
+ _cleanup_free_ char *cursor_from_file = NULL;
+ const char *cursor = NULL;
+ bool after_cursor = false;
+ int r;
+
+ if (arg_cursor || arg_after_cursor) {
+ assert(!!arg_cursor != !!arg_after_cursor);
+
+ cursor = arg_cursor ?: arg_after_cursor;
+ after_cursor = arg_after_cursor;
+
+ } else if (arg_cursor_file) {
+ r = read_one_line_file(arg_cursor_file, &cursor_from_file);
+ if (r < 0 && r != -ENOENT)
+ return log_error_errno(r, "Failed to read cursor file %s: %m", arg_cursor_file);
+ if (r > 0) {
+ cursor = cursor_from_file;
+ after_cursor = true;
+ }
+ }
+
+ if (cursor) {
+ c->has_cursor = true;
+
+ r = sd_journal_seek_cursor(j, cursor);
+ if (r < 0)
+ return log_error_errno(r, "Failed to seek to cursor: %m");
+
+ r = sd_journal_step_one(j, !arg_reverse);
+ if (r < 0)
+ return log_error_errno(r, "Failed to iterate through journal: %m");
+
+ if (after_cursor && r > 0) {
+ /* With --after-cursor=/--cursor-file= we want to skip the first entry only if it's
+ * the entry the cursor is pointing at, otherwise, if some journal filters are used,
+ * we might skip the first entry of the filter match, which leads to unexpectedly
+ * missing journal entries. */
+ int k;
+
+ k = sd_journal_test_cursor(j, cursor);
+ if (k < 0)
+ return log_error_errno(k, "Failed to test cursor against current entry: %m");
+ if (k > 0)
+ /* Current entry matches the one our cursor is pointing at, so let's try
+ * to advance the next entry. */
+ r = sd_journal_step_one(j, !arg_reverse);
+ }
+
+ if (r == 0 && !arg_follow)
+ /* We couldn't find the next entry after the cursor. */
+ arg_lines = 0;
+
+ } else if (arg_reverse || arg_lines_needs_seek_end()) {
+ /* If --reverse and/or --lines=N are specified, things get a little tricky. First we seek to
+ * the place of --until if specified, otherwise seek to tail. Then, if --reverse is
+ * specified, we search backwards and let the output counter in show() handle --lines for us.
+ * If --reverse is unspecified, we just jump backwards arg_lines and search afterwards from
+ * there. */
+
+ if (arg_until_set) {
+ r = sd_journal_seek_realtime_usec(j, arg_until);
+ if (r < 0)
+ return log_error_errno(r, "Failed to seek to date: %m");
+ } else {
+ r = sd_journal_seek_tail(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to seek to tail: %m");
+ }
+
+ if (arg_reverse)
+ r = sd_journal_previous(j);
+ else /* arg_lines_needs_seek_end */
+ r = sd_journal_previous_skip(j, arg_lines);
+
+ } else if (arg_since_set) {
+ /* This is placed after arg_reverse and arg_lines. If --since is used without
+ * both, we seek to the place of --since and search afterwards from there.
+ * If used with --reverse or --lines, we seek to the tail first and check if
+ * the entry is within the range of --since later. */
+
+ r = sd_journal_seek_realtime_usec(j, arg_since);
+ if (r < 0)
+ return log_error_errno(r, "Failed to seek to date: %m");
+ c->since_seeked = true;
+
+ r = sd_journal_next(j);
+
+ } else {
+ r = sd_journal_seek_head(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to seek to head: %m");
+
+ r = sd_journal_next(j);
+ }
+ if (r < 0)
+ return log_error_errno(r, "Failed to iterate through journal: %m");
+ if (r == 0)
+ c->need_seek = true;
+
+ return 0;
+}
+
+static int show(Context *c) {
+ sd_journal *j = ASSERT_PTR(ASSERT_PTR(c)->journal);
+ int r, n_shown = 0;
+
+ OutputFlags flags =
+ arg_all * OUTPUT_SHOW_ALL |
+ arg_full * OUTPUT_FULL_WIDTH |
+ colors_enabled() * OUTPUT_COLOR |
+ arg_catalog * OUTPUT_CATALOG |
+ arg_utc * OUTPUT_UTC |
+ arg_truncate_newline * OUTPUT_TRUNCATE_NEWLINE |
+ arg_no_hostname * OUTPUT_NO_HOSTNAME;
+
+ while (arg_lines < 0 || n_shown < arg_lines || arg_follow) {
+ size_t highlight[2] = {};
+
+ if (c->need_seek) {
+ r = sd_journal_step_one(j, !arg_reverse);
+ if (r < 0)
+ return log_error_errno(r, "Failed to iterate through journal: %m");
+ if (r == 0)
+ break;
+ }
+
+ if (arg_until_set && !arg_reverse && (arg_lines < 0 || arg_since_set || c->has_cursor)) {
+ /* If --lines= is set, we usually rely on the n_shown to tell us when to stop.
+ * However, if --since= or one of the cursor argument is set too, we may end up
+ * having less than --lines= to output. In this case let's also check if the entry
+ * is in range. */
+
+ usec_t usec;
+
+ r = sd_journal_get_realtime_usec(j, &usec);
+ if (r < 0)
+ return log_error_errno(r, "Failed to determine timestamp: %m");
+ if (usec > arg_until)
+ break;
+ }
+
+ if (arg_since_set && (arg_reverse || !c->since_seeked)) {
+ usec_t usec;
+
+ r = sd_journal_get_realtime_usec(j, &usec);
+ if (r < 0)
+ return log_error_errno(r, "Failed to determine timestamp: %m");
+
+ if (usec < arg_since) {
+ if (arg_reverse)
+ break; /* Reached the earliest entry */
+
+ /* arg_lines >= 0 (!since_seeked):
+ * We jumped arg_lines back and it seems to be too much */
+ r = sd_journal_seek_realtime_usec(j, arg_since);
+ if (r < 0)
+ return log_error_errno(r, "Failed to seek to date: %m");
+ c->since_seeked = true;
+
+ c->need_seek = true;
+ continue;
+ }
+ c->since_seeked = true; /* We're surely within the range of --since now */
+ }
+
+ if (!arg_merge && !arg_quiet) {
+ sd_id128_t boot_id;
+
+ r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
+ if (r >= 0) {
+ if (c->previous_boot_id_valid &&
+ !sd_id128_equal(boot_id, c->previous_boot_id))
+ printf("%s-- Boot "SD_ID128_FORMAT_STR" --%s\n",
+ ansi_highlight(), SD_ID128_FORMAT_VAL(boot_id), ansi_normal());
+
+ c->previous_boot_id = boot_id;
+ c->previous_boot_id_valid = true;
+ }
+ }
+
+ if (arg_compiled_pattern) {
+ const void *message;
+ size_t len;
+
+ r = sd_journal_get_data(j, "MESSAGE", &message, &len);
+ if (r < 0) {
+ if (r == -ENOENT) {
+ c->need_seek = true;
+ continue;
+ }
+
+ return log_error_errno(r, "Failed to get MESSAGE field: %m");
+ }
+
+ assert_se(message = startswith(message, "MESSAGE="));
+
+ r = pattern_matches_and_log(arg_compiled_pattern, message,
+ len - strlen("MESSAGE="), highlight);
+ if (r < 0)
+ return r;
+ if (r == 0) {
+ c->need_seek = true;
+ continue;
+ }
+ }
+
+ r = show_journal_entry(stdout, j, arg_output, 0, flags,
+ arg_output_fields, highlight, &c->ellipsized,
+ &c->previous_ts_output, &c->previous_boot_id_output);
+ c->need_seek = true;
+ if (r == -EADDRNOTAVAIL)
+ break;
+ if (r < 0)
+ return r;
+
+ n_shown++;
+
+ /* If journalctl take a long time to process messages, and during that time journal file
+ * rotation occurs, a journalctl client will keep those rotated files open until it calls
+ * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below
+ * in the "following" case. By periodically calling sd_journal_process() during the processing
+ * loop we shrink the window of time a client instance has open file descriptors for rotated
+ * (deleted) journal files. */
+ if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) {
+ r = sd_journal_process(j);
+ if (r < 0)
+ return log_error_errno(r, "Failed to process inotify events: %m");
+ }
+ }
+
+ return n_shown;
+}
+
+static int show_and_fflush(Context *c, sd_event_source *s) {
+ int r;
+
+ assert(c);
+ assert(s);
+
+ r = show(c);
+ if (r < 0)
+ return sd_event_exit(sd_event_source_get_event(s), r);
+
+ fflush(stdout);
+ return 0;
+}
+
+static int on_journal_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
+ Context *c = ASSERT_PTR(userdata);
+ int r;
+
+ assert(s);
+
+ r = sd_journal_process(c->journal);
+ if (r < 0) {
+ log_error_errno(r, "Failed to process journal events: %m");
+ return sd_event_exit(sd_event_source_get_event(s), r);
+ }
+
+ return show_and_fflush(c, s);
+}
+
+static int on_first_event(sd_event_source *s, void *userdata) {
+ return show_and_fflush(userdata, s);
+}
+
+static int on_signal(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
+ assert(s);
+ assert(si);
+ assert(IN_SET(si->ssi_signo, SIGTERM, SIGINT));
+
+ return sd_event_exit(sd_event_source_get_event(s), si->ssi_signo);
+}
+
+static int setup_event(Context *c, int fd, sd_event **ret) {
+ _cleanup_(sd_event_unrefp) sd_event *e = NULL;
+ int r;
+
+ assert(arg_follow);
+ assert(c);
+ assert(fd >= 0);
+ assert(ret);
+
+ r = sd_event_default(&e);
+ if (r < 0)
+ return log_error_errno(r, "Failed to allocate sd_event object: %m");
+
+ (void) sd_event_add_signal(e, NULL, SIGTERM | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL);
+ (void) sd_event_add_signal(e, NULL, SIGINT | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL);
+
+ r = sd_event_add_io(e, NULL, fd, EPOLLIN, &on_journal_event, c);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add io event source for journal: %m");
+
+ /* Also keeps an eye on STDOUT, and exits as soon as we see a POLLHUP on that, i.e. when it is closed. */
+ r = sd_event_add_io(e, NULL, STDOUT_FILENO, EPOLLHUP|EPOLLERR, NULL, INT_TO_PTR(-ECANCELED));
+ if (r == -EPERM)
+ /* Installing an epoll watch on a regular file doesn't work and fails with EPERM. Which is
+ * totally OK, handle it gracefully. epoll_ctl() documents EPERM as the error returned when
+ * the specified fd doesn't support epoll, hence it's safe to check for that. */
+ log_debug_errno(r, "Unable to install EPOLLHUP watch on stderr, not watching for hangups.");
+ else if (r < 0)
+ return log_error_errno(r, "Failed to add io event source for stdout: %m");
+
+ if (arg_lines != 0 || arg_since_set) {
+ r = sd_event_add_defer(e, NULL, on_first_event, c);
+ if (r < 0)
+ return log_error_errno(r, "Failed to add defer event source: %m");
+ }
+
+ *ret = TAKE_PTR(e);
+ return 0;
+}
+
+static int update_cursor(sd_journal *j) {
+ _cleanup_free_ char *cursor = NULL;
+ int r;
+
+ assert(j);
+
+ if (!arg_show_cursor && !arg_cursor_file)
+ return 0;
+
+ r = sd_journal_get_cursor(j, &cursor);
+ if (r == -EADDRNOTAVAIL)
+ return 0;
+ if (r < 0)
+ return log_error_errno(r, "Failed to get cursor: %m");
+
+ if (arg_show_cursor)
+ printf("-- cursor: %s\n", cursor);
+
+ if (arg_cursor_file) {
+ r = write_string_file(arg_cursor_file, cursor, WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_ATOMIC);
+ if (r < 0)
+ return log_error_errno(r, "Failed to write new cursor to %s: %m", arg_cursor_file);
+ }
+
+ return 0;
+}
+
+int action_show(char **matches) {
+ _cleanup_(context_done) Context c = {};
+ int n_shown, r, poll_fd = -EBADF;
+
+ assert(arg_action == ACTION_SHOW);
+
+ (void) signal(SIGWINCH, columns_lines_cache_reset);
+
+ r = acquire_journal(&c.journal);
+ if (r < 0)
+ return r;
+
+ if (!journal_boot_has_effect(c.journal))
+ return arg_compiled_pattern ? -ENOENT : 0;
+
+ r = add_filters(c.journal, matches);
+ if (r < 0)
+ return r;
+
+ r = seek_journal(&c);
+ if (r < 0)
+ return r;
+
+ /* Opening the fd now means the first sd_journal_wait() will actually wait */
+ if (arg_follow) {
+ poll_fd = sd_journal_get_fd(c.journal);
+ if (poll_fd == -EMFILE) {
+ log_warning_errno(poll_fd, "Insufficient watch descriptors available. Reverting to -n.");
+ arg_follow = false;
+ } else if (poll_fd == -EMEDIUMTYPE)
+ return log_error_errno(poll_fd, "The --follow switch is not supported in conjunction with reading from STDIN.");
+ else if (poll_fd < 0)
+ return log_error_errno(poll_fd, "Failed to get journal fd: %m");
+ }
+
+ if (!arg_follow)
+ pager_open(arg_pager_flags);
+
+ if (!arg_quiet && (arg_lines != 0 || arg_follow) && DEBUG_LOGGING) {
+ usec_t start, end;
+ char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
+
+ r = sd_journal_get_cutoff_realtime_usec(c.journal, &start, &end);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get cutoff: %m");
+ if (r > 0) {
+ if (arg_follow)
+ printf("-- Journal begins at %s. --\n",
+ format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
+ else
+ printf("-- Journal begins at %s, ends at %s. --\n",
+ format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
+ format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
+ }
+ }
+
+ if (arg_follow) {
+ _cleanup_(sd_event_unrefp) sd_event *e = NULL;
+ int sig;
+
+ assert(poll_fd >= 0);
+
+ r = setup_event(&c, poll_fd, &e);
+ if (r < 0)
+ return r;
+
+ r = sd_event_loop(e);
+ if (r < 0)
+ return r;
+ sig = r;
+
+ r = update_cursor(c.journal);
+ if (r < 0)
+ return r;
+
+ /* re-send the original signal. */
+ return sig;
+ }
+
+ r = show(&c);
+ if (r < 0)
+ return r;
+ n_shown = r;
+
+ if (n_shown == 0 && !arg_quiet)
+ printf("-- No entries --\n");
+
+ r = update_cursor(c.journal);
+ if (r < 0)
+ return r;
+
+ if (arg_compiled_pattern && n_shown == 0)
+ /* --grep was used, no error was thrown, but the pattern didn't
+ * match anything. Let's mimic grep's behavior here and return
+ * a non-zero exit code, so journalctl --grep can be used
+ * in scripts and such */
+ return -ENOENT;
+
+ return 0;
+}
diff --git a/src/journal/journalctl-show.h b/src/journal/journalctl-show.h
new file mode 100644
index 0000000..83f3bdd
--- /dev/null
+++ b/src/journal/journalctl-show.h
@@ -0,0 +1,4 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+int action_show(char **matches);
diff --git a/src/journal/journalctl-util.c b/src/journal/journalctl-util.c
new file mode 100644
index 0000000..32cdaf8
--- /dev/null
+++ b/src/journal/journalctl-util.c
@@ -0,0 +1,120 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <unistd.h>
+
+#include "id128-util.h"
+#include "journal-util.h"
+#include "journalctl.h"
+#include "journalctl-util.h"
+#include "logs-show.h"
+#include "rlimit-util.h"
+#include "sigbus.h"
+#include "terminal-util.h"
+
+char* format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
+ assert(buf);
+
+ if (arg_utc)
+ return format_timestamp_style(buf, l, t, TIMESTAMP_UTC);
+
+ return format_timestamp(buf, l, t);
+}
+
+int acquire_journal(sd_journal **ret) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ int r;
+
+ assert(ret);
+
+ /* Increase max number of open files if we can, we might needs this when browsing journal files, which might be
+ * split up into many files. */
+ (void) rlimit_nofile_bump(HIGH_RLIMIT_NOFILE);
+
+ sigbus_install();
+
+ if (arg_directory)
+ r = sd_journal_open_directory(&j, arg_directory, arg_journal_type | arg_journal_additional_open_flags);
+ else if (arg_root)
+ r = sd_journal_open_directory(&j, arg_root, arg_journal_type | arg_journal_additional_open_flags | SD_JOURNAL_OS_ROOT);
+ else if (arg_file_stdin)
+ r = sd_journal_open_files_fd(&j, (int[]) { STDIN_FILENO }, 1, arg_journal_additional_open_flags);
+ else if (arg_file)
+ r = sd_journal_open_files(&j, (const char**) arg_file, arg_journal_additional_open_flags);
+ else if (arg_machine)
+ r = journal_open_machine(&j, arg_machine, arg_journal_additional_open_flags);
+ else
+ r = sd_journal_open_namespace(
+ &j,
+ arg_namespace,
+ (arg_merge ? 0 : SD_JOURNAL_LOCAL_ONLY) |
+ arg_namespace_flags | arg_journal_type | arg_journal_additional_open_flags);
+ if (r < 0)
+ return log_error_errno(r, "Failed to open %s: %m", arg_directory ?: arg_file ? "files" : "journal");
+
+ r = journal_access_check_and_warn(j, arg_quiet,
+ !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units));
+ if (r < 0)
+ return r;
+
+ *ret = TAKE_PTR(j);
+ return 0;
+}
+
+bool journal_boot_has_effect(sd_journal *j) {
+ assert(j);
+
+ if (arg_boot_offset != 0 &&
+ sd_journal_has_runtime_files(j) > 0 &&
+ sd_journal_has_persistent_files(j) == 0) {
+ log_info("Specifying boot ID or boot offset has no effect, no persistent journal was found.");
+ return false;
+ }
+
+ return true;
+}
+
+int journal_acquire_boot(sd_journal *j) {
+ int r;
+
+ assert(j);
+
+ if (!arg_boot) {
+ /* Clear relevant field for safety. */
+ arg_boot_id = SD_ID128_NULL;
+ arg_boot_offset = 0;
+ return 0;
+ }
+
+ /* Take a shortcut and use the current boot_id, which we can do very quickly.
+ * We can do this only when the logs are coming from the current machine,
+ * so take the slow path if log location is specified. */
+ if (arg_boot_offset == 0 && sd_id128_is_null(arg_boot_id) &&
+ !arg_directory && !arg_file && !arg_file_stdin && !arg_root) {
+ r = id128_get_boot_for_machine(arg_machine, &arg_boot_id);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get boot ID%s%s: %m",
+ isempty(arg_machine) ? "" : " of container ", strempty(arg_machine));
+ } else {
+ sd_id128_t boot_id;
+
+ r = journal_find_boot(j, arg_boot_id, arg_boot_offset, &boot_id);
+ if (r < 0)
+ return log_error_errno(r, "Failed to find journal entry from the specified boot (%s%+i): %m",
+ sd_id128_is_null(arg_boot_id) ? "" : SD_ID128_TO_STRING(arg_boot_id),
+ arg_boot_offset);
+ if (r == 0)
+ return log_error_errno(SYNTHETIC_ERRNO(ENODATA),
+ "No journal boot entry found from the specified boot (%s%+i).",
+ sd_id128_is_null(arg_boot_id) ? "" : SD_ID128_TO_STRING(arg_boot_id),
+ arg_boot_offset);
+
+ log_debug("Found boot %s for %s%+i",
+ SD_ID128_TO_STRING(boot_id),
+ sd_id128_is_null(arg_boot_id) ? "" : SD_ID128_TO_STRING(arg_boot_id),
+ arg_boot_offset);
+
+ arg_boot_id = boot_id;
+ }
+
+ return 1;
+}
diff --git a/src/journal/journalctl-util.h b/src/journal/journalctl-util.h
new file mode 100644
index 0000000..ea3e568
--- /dev/null
+++ b/src/journal/journalctl-util.h
@@ -0,0 +1,11 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include "sd-journal.h"
+
+#include "time-util.h"
+
+char* format_timestamp_maybe_utc(char *buf, size_t l, usec_t t);
+int acquire_journal(sd_journal **ret);
+bool journal_boot_has_effect(sd_journal *j);
+int journal_acquire_boot(sd_journal *j);
diff --git a/src/journal/journalctl-varlink.c b/src/journal/journalctl-varlink.c
new file mode 100644
index 0000000..89aed05
--- /dev/null
+++ b/src/journal/journalctl-varlink.c
@@ -0,0 +1,142 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "errno-util.h"
+#include "journal-internal.h"
+#include "journal-vacuum.h"
+#include "journalctl.h"
+#include "journalctl-util.h"
+#include "journalctl-varlink.h"
+#include "varlink.h"
+
+static int varlink_connect_journal(Varlink **ret) {
+ _cleanup_(varlink_flush_close_unrefp) Varlink *vl = NULL;
+ const char *address;
+ int r;
+
+ assert(ret);
+
+ address = arg_namespace ?
+ strjoina("/run/systemd/journal.", arg_namespace, "/io.systemd.journal") :
+ "/run/systemd/journal/io.systemd.journal";
+
+ r = varlink_connect_address(&vl, address);
+ if (r < 0)
+ return r;
+
+ (void) varlink_set_description(vl, "journal");
+ (void) varlink_set_relative_timeout(vl, USEC_INFINITY);
+
+ *ret = TAKE_PTR(vl);
+ return 0;
+}
+
+int action_flush_to_var(void) {
+ _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL;
+ int r;
+
+ assert(arg_action == ACTION_FLUSH);
+
+ if (arg_machine || arg_namespace)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+ "--flush is not supported in conjunction with %s.",
+ arg_machine ? "--machine=" : "--namespace=");
+
+ if (access("/run/systemd/journal/flushed", F_OK) >= 0)
+ return 0; /* Already flushed, no need to contact journald */
+ if (errno != ENOENT)
+ return log_error_errno(errno, "Unable to check for existence of /run/systemd/journal/flushed: %m");
+
+ r = varlink_connect_journal(&link);
+ if (r < 0)
+ return log_error_errno(r, "Failed to connect to Varlink socket: %m");
+
+ return varlink_call_and_log(link, "io.systemd.Journal.FlushToVar", /* parameters= */ NULL, /* ret_parameters= */ NULL);
+}
+
+int action_relinquish_var(void) {
+ _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL;
+ int r;
+
+ assert(arg_action == ACTION_RELINQUISH_VAR);
+
+ if (arg_machine || arg_namespace)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+ "--(smart-)relinquish-var is not supported in conjunction with %s.",
+ arg_machine ? "--machine=" : "--namespace=");
+
+ r = varlink_connect_journal(&link);
+ if (r < 0)
+ return log_error_errno(r, "Failed to connect to Varlink socket: %m");
+
+ return varlink_call_and_log(link, "io.systemd.Journal.RelinquishVar", /* parameters= */ NULL, /* ret_parameters= */ NULL);
+}
+
+int action_rotate(void) {
+ _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL;
+ int r;
+
+ assert(IN_SET(arg_action, ACTION_ROTATE, ACTION_ROTATE_AND_VACUUM));
+
+ if (arg_machine)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+ "--rotate is not supported in conjunction with --machine=.");
+
+ r = varlink_connect_journal(&link);
+ if (r < 0)
+ return log_error_errno(r, "Failed to connect to Varlink socket: %m");
+
+ return varlink_call_and_log(link, "io.systemd.Journal.Rotate", /* parameters= */ NULL, /* ret_parameters= */ NULL);
+}
+
+int action_vacuum(void) {
+ _cleanup_(sd_journal_closep) sd_journal *j = NULL;
+ Directory *d;
+ int r, ret = 0;
+
+ assert(IN_SET(arg_action, ACTION_VACUUM, ACTION_ROTATE_AND_VACUUM));
+
+ r = acquire_journal(&j);
+ if (r < 0)
+ return r;
+
+ HASHMAP_FOREACH(d, j->directories_by_path) {
+ r = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet);
+ if (r < 0)
+ RET_GATHER(ret, log_error_errno(r, "Failed to vacuum %s: %m", d->path));
+ }
+
+ return ret;
+}
+
+int action_rotate_and_vacuum(void) {
+ int r;
+
+ assert(arg_action == ACTION_ROTATE_AND_VACUUM);
+
+ r = action_rotate();
+ if (r < 0)
+ return r;
+
+ return action_vacuum();
+}
+
+int action_sync(void) {
+ _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL;
+ int r;
+
+ assert(arg_action == ACTION_SYNC);
+
+ if (arg_machine)
+ return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
+ "--sync is not supported in conjunction with --machine=.");
+
+ r = varlink_connect_journal(&link);
+ if (ERRNO_IS_NEG_DISCONNECT(r) && arg_namespace)
+ /* If the namespaced sd-journald instance was shut down due to inactivity, it should already
+ * be synchronized */
+ return 0;
+ if (r < 0)
+ return log_error_errno(r, "Failed to connect to Varlink socket: %m");
+
+ return varlink_call_and_log(link, "io.systemd.Journal.Synchronize", /* parameters= */ NULL, /* ret_parameters= */ NULL);
+}
diff --git a/src/journal/journalctl-varlink.h b/src/journal/journalctl-varlink.h
new file mode 100644
index 0000000..e10983a
--- /dev/null
+++ b/src/journal/journalctl-varlink.h
@@ -0,0 +1,9 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+int action_flush_to_var(void);
+int action_relinquish_var(void);
+int action_rotate(void);
+int action_vacuum(void);
+int action_rotate_and_vacuum(void);
+int action_sync(void);
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 45ecc96..45173a6 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -1,85 +1,29 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
-#include <errno.h>
-#include <fcntl.h>
-#include <fnmatch.h>
#include <getopt.h>
-#include <linux/fs.h>
-#include <signal.h>
-#include <stddef.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/inotify.h>
-#include <sys/stat.h>
-#include <unistd.h>
-
-#include "sd-bus.h"
-#include "sd-device.h"
+
#include "sd-journal.h"
-#include "acl-util.h"
-#include "alloc-util.h"
#include "build.h"
-#include "bus-error.h"
-#include "bus-locator.h"
-#include "bus-util.h"
-#include "catalog.h"
-#include "chase.h"
-#include "chattr-util.h"
-#include "constants.h"
-#include "devnum-util.h"
-#include "dissect-image.h"
-#include "fd-util.h"
-#include "fileio.h"
-#include "format-table.h"
-#include "format-util.h"
-#include "fs-util.h"
-#include "fsprg.h"
#include "glob-util.h"
-#include "hostname-util.h"
#include "id128-print.h"
-#include "io-util.h"
-#include "journal-def.h"
-#include "journal-internal.h"
-#include "journal-util.h"
-#include "journal-vacuum.h"
-#include "journal-verify.h"
+#include "journalctl.h"
+#include "journalctl-authenticate.h"
+#include "journalctl-catalog.h"
+#include "journalctl-misc.h"
+#include "journalctl-show.h"
+#include "journalctl-varlink.h"
#include "locale-util.h"
-#include "log.h"
-#include "logs-show.h"
#include "main-func.h"
-#include "memory-util.h"
-#include "memstream-util.h"
-#include "missing_sched.h"
-#include "mkdir.h"
#include "mount-util.h"
#include "mountpoint-util.h"
-#include "nulstr-util.h"
-#include "pager.h"
#include "parse-argument.h"
-#include "parse-util.h"
-#include "path-util.h"
-#include "pcre2-util.h"
#include "pretty-print.h"
-#include "qrcode-util.h"
-#include "random-util.h"
-#include "rlimit-util.h"
-#include "set.h"
-#include "sigbus.h"
-#include "signal-util.h"
#include "static-destruct.h"
-#include "stdio-util.h"
#include "string-table.h"
-#include "strv.h"
#include "syslog-util.h"
-#include "terminal-util.h"
-#include "tmpfile-util.h"
-#include "unit-name.h"
-#include "user-util.h"
-#include "varlink.h"
#define DEFAULT_FSS_INTERVAL_USEC (15*USEC_PER_MINUTE)
-#define PROCESS_INOTIFY_INTERVAL 1024 /* Every 1,024 messages processed */
enum {
/* Special values for arg_lines */
@@ -87,65 +31,71 @@ enum {
ARG_LINES_ALL = -1,
};
-static OutputMode arg_output = OUTPUT_SHORT;
-static JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
-static bool arg_utc = false;
-static bool arg_follow = false;
-static bool arg_full = true;
-static bool arg_all = false;
-static PagerFlags arg_pager_flags = 0;
-static int arg_lines = ARG_LINES_DEFAULT;
-static bool arg_lines_oldest = false;
-static bool arg_no_tail = false;
-static bool arg_truncate_newline = false;
-static bool arg_quiet = false;
-static bool arg_merge = false;
-static bool arg_boot = false;
-static sd_id128_t arg_boot_id = {};
-static int arg_boot_offset = 0;
-static bool arg_dmesg = false;
-static bool arg_no_hostname = false;
-static const char *arg_cursor = NULL;
-static const char *arg_cursor_file = NULL;
-static const char *arg_after_cursor = NULL;
-static bool arg_show_cursor = false;
-static const char *arg_directory = NULL;
-static char **arg_file = NULL;
-static bool arg_file_stdin = false;
-static int arg_priorities = 0xFF;
-static Set *arg_facilities = NULL;
-static char *arg_verify_key = NULL;
+JournalctlAction arg_action = ACTION_SHOW;
+OutputMode arg_output = OUTPUT_SHORT;
+JsonFormatFlags arg_json_format_flags = JSON_FORMAT_OFF;
+PagerFlags arg_pager_flags = 0;
+bool arg_utc = false;
+bool arg_follow = false;
+bool arg_full = true;
+bool arg_all = false;
+int arg_lines = ARG_LINES_DEFAULT;
+bool arg_lines_oldest = false;
+bool arg_no_tail = false;
+bool arg_truncate_newline = false;
+bool arg_quiet = false;
+bool arg_merge = false;
+bool arg_boot = false;
+sd_id128_t arg_boot_id = {};
+int arg_boot_offset = 0;
+bool arg_dmesg = false;
+bool arg_no_hostname = false;
+const char *arg_cursor = NULL;
+const char *arg_cursor_file = NULL;
+const char *arg_after_cursor = NULL;
+bool arg_show_cursor = false;
+const char *arg_directory = NULL;
+char **arg_file = NULL;
+bool arg_file_stdin = false;
+int arg_priorities = 0;
+Set *arg_facilities = NULL;
+char *arg_verify_key = NULL;
#if HAVE_GCRYPT
-static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
-static bool arg_force = false;
+usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
+bool arg_force = false;
#endif
-static usec_t arg_since = 0, arg_until = 0;
-static bool arg_since_set = false, arg_until_set = false;
-static char **arg_syslog_identifier = NULL;
-static char **arg_system_units = NULL;
-static char **arg_user_units = NULL;
-static const char *arg_field = NULL;
-static bool arg_catalog = false;
-static bool arg_reverse = false;
-static int arg_journal_type = 0;
-static int arg_namespace_flags = 0;
-static char *arg_root = NULL;
-static char *arg_image = NULL;
-static const char *arg_machine = NULL;
-static const char *arg_namespace = NULL;
-static uint64_t arg_vacuum_size = 0;
-static uint64_t arg_vacuum_n_files = 0;
-static usec_t arg_vacuum_time = 0;
-static Set *arg_output_fields = NULL;
-static const char *arg_pattern = NULL;
-static pcre2_code *arg_compiled_pattern = NULL;
-static PatternCompileCase arg_case = PATTERN_COMPILE_CASE_AUTO;
-ImagePolicy *arg_image_policy = NULL;
+usec_t arg_since = 0;
+usec_t arg_until = 0;
+bool arg_since_set = false;
+bool arg_until_set = false;
+char **arg_syslog_identifier = NULL;
+char **arg_exclude_identifier = NULL;
+char **arg_system_units = NULL;
+char **arg_user_units = NULL;
+const char *arg_field = NULL;
+bool arg_catalog = false;
+bool arg_reverse = false;
+int arg_journal_type = 0;
+int arg_journal_additional_open_flags = 0;
+int arg_namespace_flags = 0;
+char *arg_root = NULL;
+char *arg_image = NULL;
+const char *arg_machine = NULL;
+const char *arg_namespace = NULL;
+uint64_t arg_vacuum_size = 0;
+uint64_t arg_vacuum_n_files = 0;
+usec_t arg_vacuum_time = 0;
+Set *arg_output_fields = NULL;
+const char *arg_pattern = NULL;
+pcre2_code *arg_compiled_pattern = NULL;
+PatternCompileCase arg_case = PATTERN_COMPILE_CASE_AUTO;
+static ImagePolicy *arg_image_policy = NULL;
STATIC_DESTRUCTOR_REGISTER(arg_file, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_facilities, set_freep);
STATIC_DESTRUCTOR_REGISTER(arg_verify_key, freep);
STATIC_DESTRUCTOR_REGISTER(arg_syslog_identifier, strv_freep);
+STATIC_DESTRUCTOR_REGISTER(arg_exclude_identifier, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_system_units, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_user_units, strv_freep);
STATIC_DESTRUCTOR_REGISTER(arg_root, freep);
@@ -154,115 +104,21 @@ STATIC_DESTRUCTOR_REGISTER(arg_output_fields, set_freep);
STATIC_DESTRUCTOR_REGISTER(arg_compiled_pattern, pattern_freep);
STATIC_DESTRUCTOR_REGISTER(arg_image_policy, image_policy_freep);
-static enum {
- ACTION_SHOW,
- ACTION_NEW_ID128,
- ACTION_PRINT_HEADER,
- ACTION_SETUP_KEYS,
- ACTION_VERIFY,
- ACTION_DISK_USAGE,
- ACTION_LIST_CATALOG,
- ACTION_DUMP_CATALOG,
- ACTION_UPDATE_CATALOG,
- ACTION_LIST_BOOTS,
- ACTION_FLUSH,
- ACTION_RELINQUISH_VAR,
- ACTION_SYNC,
- ACTION_ROTATE,
- ACTION_VACUUM,
- ACTION_ROTATE_AND_VACUUM,
- ACTION_LIST_FIELDS,
- ACTION_LIST_FIELD_NAMES,
-} arg_action = ACTION_SHOW;
-
-static int add_matches_for_device(sd_journal *j, const char *devpath) {
- _cleanup_(sd_device_unrefp) sd_device *device = NULL;
- sd_device *d = NULL;
- struct stat st;
- int r;
-
- assert(j);
- assert(devpath);
-
- if (!path_startswith(devpath, "/dev/"))
- return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
- "Devpath does not start with /dev/");
-
- if (stat(devpath, &st) < 0)
- return log_error_errno(errno, "Couldn't stat file: %m");
-
- r = sd_device_new_from_stat_rdev(&device, &st);
- if (r < 0)
- return log_error_errno(r, "Failed to get device from devnum " DEVNUM_FORMAT_STR ": %m", DEVNUM_FORMAT_VAL(st.st_rdev));
-
- for (d = device; d; ) {
- _cleanup_free_ char *match = NULL;
- const char *subsys, *sysname, *devnode;
- sd_device *parent;
-
- r = sd_device_get_subsystem(d, &subsys);
- if (r < 0)
- goto get_parent;
-
- r = sd_device_get_sysname(d, &sysname);
- if (r < 0)
- goto get_parent;
-
- match = strjoin("_KERNEL_DEVICE=+", subsys, ":", sysname);
- if (!match)
- return log_oom();
-
- r = sd_journal_add_match(j, match, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to add match: %m");
-
- if (sd_device_get_devname(d, &devnode) >= 0) {
- _cleanup_free_ char *match1 = NULL;
-
- r = stat(devnode, &st);
- if (r < 0)
- return log_error_errno(r, "Failed to stat() device node \"%s\": %m", devnode);
-
- r = asprintf(&match1, "_KERNEL_DEVICE=%c" DEVNUM_FORMAT_STR, S_ISBLK(st.st_mode) ? 'b' : 'c', DEVNUM_FORMAT_VAL(st.st_rdev));
- if (r < 0)
- return log_oom();
-
- r = sd_journal_add_match(j, match1, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to add match: %m");
- }
-
-get_parent:
- if (sd_device_get_parent(d, &parent) < 0)
- break;
-
- d = parent;
- }
-
- r = add_match_this_boot(j, arg_machine);
- if (r < 0)
- return log_error_errno(r, "Failed to add match for the current boot: %m");
-
- return 0;
-}
-
-static char *format_timestamp_maybe_utc(char *buf, size_t l, usec_t t) {
-
- if (arg_utc)
- return format_timestamp_style(buf, l, t, TIMESTAMP_UTC);
-
- return format_timestamp(buf, l, t);
-}
-
-static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset) {
+static int parse_id_descriptor(const char *x, sd_id128_t *ret_id, int *ret_offset) {
sd_id128_t id = SD_ID128_NULL;
int off = 0, r;
+ assert(x);
+ assert(ret_id);
+ assert(ret_offset);
+
if (streq(x, "all")) {
- *boot_id = SD_ID128_NULL;
- *offset = 0;
+ *ret_id = SD_ID128_NULL;
+ *ret_offset = 0;
return 0;
- } else if (strlen(x) >= SD_ID128_STRING_MAX - 1) {
+ }
+
+ if (strlen(x) >= SD_ID128_STRING_MAX - 1) {
char *t;
t = strndupa_safe(x, SD_ID128_STRING_MAX - 1);
@@ -284,12 +140,8 @@ static int parse_boot_descriptor(const char *x, sd_id128_t *boot_id, int *offset
return r;
}
- if (boot_id)
- *boot_id = id;
-
- if (offset)
- *offset = off;
-
+ *ret_id = id;
+ *ret_offset = off;
return 1;
}
@@ -328,10 +180,6 @@ default_noarg:
return 0;
}
-static bool arg_lines_needs_seek_end(void) {
- return arg_lines >= 0 && !arg_lines_oldest;
-}
-
static int help_facilities(void) {
if (!arg_quiet)
puts("Available facilities:");
@@ -339,7 +187,7 @@ static int help_facilities(void) {
for (int i = 0; i < LOG_NFACILITIES; i++) {
_cleanup_free_ char *t = NULL;
- if (log_facility_unshifted_to_string_alloc(i, &t))
+ if (log_facility_unshifted_to_string_alloc(i, &t) < 0)
return log_oom();
puts(t);
}
@@ -365,7 +213,7 @@ static int help(void) {
" -M --machine=CONTAINER Operate on local container\n"
" -m --merge Show entries from all available journals\n"
" -D --directory=PATH Show journal files from directory\n"
- " --file=PATH Show journal file\n"
+ " -i --file=PATH Show journal file\n"
" --root=PATH Operate on an alternate filesystem root\n"
" --image=PATH Operate on disk image as filesystem root\n"
" --image-policy=POLICY Specify disk image dissection policy\n"
@@ -380,6 +228,8 @@ static int help(void) {
" -u --unit=UNIT Show logs from the specified unit\n"
" --user-unit=UNIT Show logs from the specified user unit\n"
" -t --identifier=STRING Show entries with the specified syslog identifier\n"
+ " -T --exclude-identifier=STRING\n"
+ " Hide entries with the specified syslog identifier\n"
" -p --priority=RANGE Show entries within the specified priority range\n"
" --facility=FACILITY... Show entries with the specified facilities\n"
" -g --grep=PATTERN Show entries with MESSAGE matching PATTERN\n"
@@ -417,6 +267,7 @@ static int help(void) {
" -N --fields List all field names currently used\n"
" -F --field=FIELD List all values that a specified field takes\n"
" --list-boots Show terse information about recorded boots\n"
+ " --list-namespaces Show list of journal namespaces\n"
" --disk-usage Show total disk usage of all journal files\n"
" --vacuum-size=BYTES Reduce disk usage below specified size\n"
" --vacuum-files=INT Leave only the specified number of journal files\n"
@@ -461,7 +312,6 @@ static int parse_argv(int argc, char *argv[]) {
ARG_HEADER,
ARG_FACILITY,
ARG_SETUP_KEYS,
- ARG_FILE,
ARG_INTERVAL,
ARG_VERIFY,
ARG_VERIFY_KEY,
@@ -488,6 +338,7 @@ static int parse_argv(int argc, char *argv[]) {
ARG_NO_HOSTNAME,
ARG_OUTPUT_FIELDS,
ARG_NAMESPACE,
+ ARG_LIST_NAMESPACES,
};
static const struct option options[] = {
@@ -514,12 +365,13 @@ static int parse_argv(int argc, char *argv[]) {
{ "system", no_argument, NULL, ARG_SYSTEM },
{ "user", no_argument, NULL, ARG_USER },
{ "directory", required_argument, NULL, 'D' },
- { "file", required_argument, NULL, ARG_FILE },
+ { "file", required_argument, NULL, 'i' },
{ "root", required_argument, NULL, ARG_ROOT },
{ "image", required_argument, NULL, ARG_IMAGE },
{ "image-policy", required_argument, NULL, ARG_IMAGE_POLICY },
{ "header", no_argument, NULL, ARG_HEADER },
{ "identifier", required_argument, NULL, 't' },
+ { "exclude-identifier", required_argument, NULL, 'T' },
{ "priority", required_argument, NULL, 'p' },
{ "facility", required_argument, NULL, ARG_FACILITY },
{ "grep", required_argument, NULL, 'g' },
@@ -557,6 +409,7 @@ static int parse_argv(int argc, char *argv[]) {
{ "no-hostname", no_argument, NULL, ARG_NO_HOSTNAME },
{ "output-fields", required_argument, NULL, ARG_OUTPUT_FIELDS },
{ "namespace", required_argument, NULL, ARG_NAMESPACE },
+ { "list-namespaces", no_argument, NULL, ARG_LIST_NAMESPACES },
{}
};
@@ -565,7 +418,7 @@ static int parse_argv(int argc, char *argv[]) {
assert(argc >= 0);
assert(argv);
- while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:u:NF:xrM:", options, NULL)) >= 0)
+ while ((c = getopt_long(argc, argv, "hefo:aln::qmb::kD:p:g:c:S:U:t:T:u:NF:xrM:i:", options, NULL)) >= 0)
switch (c) {
@@ -666,19 +519,16 @@ static int parse_argv(int argc, char *argv[]) {
arg_boot_offset = 0;
if (optarg) {
- r = parse_boot_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
+ r = parse_id_descriptor(optarg, &arg_boot_id, &arg_boot_offset);
if (r < 0)
return log_error_errno(r, "Failed to parse boot descriptor '%s'", optarg);
arg_boot = r;
- /* Hmm, no argument? Maybe the next
- * word on the command line is
- * supposed to be the argument? Let's
- * see if there is one and is parsable
- * as a boot descriptor... */
} else if (optind < argc) {
- r = parse_boot_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset);
+ /* Hmm, no argument? Maybe the next word on the command line is supposed to be the
+ * argument? Let's see if there is one and is parsable as a boot descriptor... */
+ r = parse_id_descriptor(argv[optind], &arg_boot_id, &arg_boot_offset);
if (r >= 0) {
arg_boot = r;
optind++;
@@ -723,11 +573,15 @@ static int parse_argv(int argc, char *argv[]) {
break;
+ case ARG_LIST_NAMESPACES:
+ arg_action = ACTION_LIST_NAMESPACES;
+ break;
+
case 'D':
arg_directory = optarg;
break;
- case ARG_FILE:
+ case 'i':
if (streq(optarg, "-"))
/* An undocumented feature: we can read journal files from STDIN. We don't document
* this though, since after all we only support this for mmap-able, seekable files, and
@@ -959,6 +813,12 @@ static int parse_argv(int argc, char *argv[]) {
return log_oom();
break;
+ case 'T':
+ r = strv_extend(&arg_exclude_identifier, optarg);
+ if (r < 0)
+ return log_oom();
+ break;
+
case 'u':
r = strv_extend(&arg_system_units, optarg);
if (r < 0)
@@ -1081,7 +941,7 @@ static int parse_argv(int argc, char *argv[]) {
arg_boot_offset = 0;
}
- if (!!arg_directory + !!arg_file + !!arg_machine + !!arg_root + !!arg_image > 1)
+ if (!!arg_directory + !!arg_file + arg_file_stdin + !!arg_machine + !!arg_root + !!arg_image > 1)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Please specify at most one of -D/--directory=, --file=, -M/--machine=, --root=, --image=.");
@@ -1089,15 +949,15 @@ static int parse_argv(int argc, char *argv[]) {
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--since= must be before --until=.");
- if (!!arg_cursor + !!arg_after_cursor + !!arg_since_set > 1)
+ if (!!arg_cursor + !!arg_after_cursor + !!arg_cursor_file + !!arg_since_set > 1)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
- "Please specify only one of --since=, --cursor=, and --after-cursor=.");
+ "Please specify only one of --since=, --cursor=, --cursor-file=, and --after-cursor=.");
if (arg_follow && arg_reverse)
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"Please specify either --reverse or --follow, not both.");
- if (arg_lines >= 0 && arg_lines_oldest && (arg_reverse || arg_follow))
+ if (arg_action == ACTION_SHOW && arg_lines >= 0 && arg_lines_oldest && (arg_reverse || arg_follow))
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
"--lines=+N is unsupported when --reverse or --follow is specified.");
@@ -1135,1056 +995,26 @@ static int parse_argv(int argc, char *argv[]) {
arg_reverse = true;
}
- return 1;
-}
-
-static int add_matches(sd_journal *j, char **args) {
- bool have_term = false;
-
- assert(j);
-
- STRV_FOREACH(i, args) {
- int r;
-
- if (streq(*i, "+")) {
- if (!have_term)
- break;
- r = sd_journal_add_disjunction(j);
- have_term = false;
-
- } else if (path_is_absolute(*i)) {
- _cleanup_free_ char *p = NULL, *t = NULL, *t2 = NULL, *interpreter = NULL;
- struct stat st;
-
- r = chase(*i, NULL, CHASE_TRAIL_SLASH, &p, NULL);
- if (r < 0)
- return log_error_errno(r, "Couldn't canonicalize path: %m");
-
- if (lstat(p, &st) < 0)
- return log_error_errno(errno, "Couldn't stat file: %m");
-
- if (S_ISREG(st.st_mode) && (0111 & st.st_mode)) {
- if (executable_is_script(p, &interpreter) > 0) {
- _cleanup_free_ char *comm = NULL;
-
- r = path_extract_filename(p, &comm);
- if (r < 0)
- return log_error_errno(r, "Failed to extract filename of '%s': %m", p);
-
- t = strjoin("_COMM=", strshorten(comm, TASK_COMM_LEN-1));
- if (!t)
- return log_oom();
-
- /* Append _EXE only if the interpreter is not a link.
- Otherwise, it might be outdated often. */
- if (lstat(interpreter, &st) == 0 && !S_ISLNK(st.st_mode)) {
- t2 = strjoin("_EXE=", interpreter);
- if (!t2)
- return log_oom();
- }
- } else {
- t = strjoin("_EXE=", p);
- if (!t)
- return log_oom();
- }
-
- r = sd_journal_add_match(j, t, 0);
-
- if (r >=0 && t2)
- r = sd_journal_add_match(j, t2, 0);
-
- } else if (S_ISCHR(st.st_mode) || S_ISBLK(st.st_mode)) {
- r = add_matches_for_device(j, p);
- if (r < 0)
- return r;
- } else
- return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
- "File is neither a device node, nor regular file, nor executable: %s",
- *i);
-
- have_term = true;
- } else {
- r = sd_journal_add_match(j, *i, 0);
- have_term = true;
- }
-
- if (r < 0)
- return log_error_errno(r, "Failed to add match '%s': %m", *i);
- }
-
- if (!strv_isempty(args) && !have_term)
- return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
- "\"+\" can only be used between terms");
-
- return 0;
-}
-
-static int list_boots(sd_journal *j) {
- _cleanup_(table_unrefp) Table *table = NULL;
- _cleanup_free_ BootId *boots = NULL;
- size_t n_boots;
- int r;
-
- assert(j);
-
- r = journal_get_boots(j, &boots, &n_boots);
- if (r < 0)
- return log_error_errno(r, "Failed to determine boots: %m");
- if (r == 0)
- return 0;
-
- table = table_new("idx", "boot id", "first entry", "last entry");
- if (!table)
- return log_oom();
-
- if (arg_full)
- table_set_width(table, 0);
-
- r = table_set_json_field_name(table, 0, "index");
- if (r < 0)
- return log_error_errno(r, "Failed to set JSON field name of column 0: %m");
-
- (void) table_set_sort(table, (size_t) 0);
- (void) table_set_reverse(table, 0, arg_reverse);
-
- FOREACH_ARRAY(i, boots, n_boots) {
- r = table_add_many(table,
- TABLE_INT, (int)(i - boots) - (int) n_boots + 1,
- TABLE_SET_ALIGN_PERCENT, 100,
- TABLE_ID128, i->id,
- TABLE_TIMESTAMP, i->first_usec,
- TABLE_TIMESTAMP, i->last_usec);
- if (r < 0)
- return table_log_add_error(r);
- }
-
- r = table_print_with_pager(table, arg_json_format_flags, arg_pager_flags, !arg_quiet);
- if (r < 0)
- return table_log_print_error(r);
-
- return 0;
-}
-
-static int add_boot(sd_journal *j) {
- int r;
-
- assert(j);
-
- if (!arg_boot)
- return 0;
-
- /* Take a shortcut and use the current boot_id, which we can do very quickly.
- * We can do this only when we logs are coming from the current machine,
- * so take the slow path if log location is specified. */
- if (arg_boot_offset == 0 && sd_id128_is_null(arg_boot_id) &&
- !arg_directory && !arg_file && !arg_root)
- return add_match_this_boot(j, arg_machine);
-
- if (sd_id128_is_null(arg_boot_id)) {
- r = journal_find_boot_by_offset(j, arg_boot_offset, &arg_boot_id);
- if (r < 0)
- return log_error_errno(r, "Failed to find journal entry from the specified boot offset (%+i): %m",
- arg_boot_offset);
- if (r == 0)
- return log_error_errno(SYNTHETIC_ERRNO(ENODATA),
- "No journal boot entry found from the specified boot offset (%+i).",
- arg_boot_offset);
- } else {
- r = journal_find_boot_by_id(j, arg_boot_id);
- if (r < 0)
- return log_error_errno(r, "Failed to find journal entry from the specified boot ID (%s): %m",
- SD_ID128_TO_STRING(arg_boot_id));
- if (r == 0)
- return log_error_errno(SYNTHETIC_ERRNO(ENODATA),
- "No journal boot entry found from the specified boot ID (%s).",
- SD_ID128_TO_STRING(arg_boot_id));
- }
-
- r = add_match_boot_id(j, arg_boot_id);
- if (r < 0)
- return log_error_errno(r, "Failed to add match: %m");
-
- r = sd_journal_add_conjunction(j);
- if (r < 0)
- return log_error_errno(r, "Failed to add conjunction: %m");
-
- return 0;
-}
-
-static int add_dmesg(sd_journal *j) {
- int r;
- assert(j);
-
- if (!arg_dmesg)
- return 0;
-
- r = sd_journal_add_match(j, "_TRANSPORT=kernel",
- STRLEN("_TRANSPORT=kernel"));
- if (r < 0)
- return log_error_errno(r, "Failed to add match: %m");
-
- r = sd_journal_add_conjunction(j);
- if (r < 0)
- return log_error_errno(r, "Failed to add conjunction: %m");
-
- return 0;
-}
-
-static int get_possible_units(
- sd_journal *j,
- const char *fields,
- char **patterns,
- Set **units) {
-
- _cleanup_set_free_free_ Set *found = NULL;
- int r;
-
- found = set_new(&string_hash_ops);
- if (!found)
- return -ENOMEM;
-
- NULSTR_FOREACH(field, fields) {
- const void *data;
- size_t size;
-
- r = sd_journal_query_unique(j, field);
- if (r < 0)
- return r;
-
- SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
- char *eq;
- size_t prefix;
- _cleanup_free_ char *u = NULL;
-
- eq = memchr(data, '=', size);
- if (eq)
- prefix = eq - (char*) data + 1;
- else
- prefix = 0;
-
- u = strndup((char*) data + prefix, size - prefix);
- if (!u)
- return -ENOMEM;
-
- STRV_FOREACH(pattern, patterns)
- if (fnmatch(*pattern, u, FNM_NOESCAPE) == 0) {
- log_debug("Matched %s with pattern %s=%s", u, field, *pattern);
-
- r = set_consume(found, u);
- u = NULL;
- if (r < 0 && r != -EEXIST)
- return r;
-
- break;
- }
- }
- }
-
- *units = TAKE_PTR(found);
-
- return 0;
-}
-
-/* This list is supposed to return the superset of unit names
- * possibly matched by rules added with add_matches_for_unit... */
-#define SYSTEM_UNITS \
- "_SYSTEMD_UNIT\0" \
- "COREDUMP_UNIT\0" \
- "UNIT\0" \
- "OBJECT_SYSTEMD_UNIT\0" \
- "_SYSTEMD_SLICE\0"
-
-/* ... and add_matches_for_user_unit */
-#define USER_UNITS \
- "_SYSTEMD_USER_UNIT\0" \
- "USER_UNIT\0" \
- "COREDUMP_USER_UNIT\0" \
- "OBJECT_SYSTEMD_USER_UNIT\0" \
- "_SYSTEMD_USER_SLICE\0"
-
-static int add_units(sd_journal *j) {
- _cleanup_strv_free_ char **patterns = NULL;
- int r, count = 0;
-
- assert(j);
-
- STRV_FOREACH(i, arg_system_units) {
- _cleanup_free_ char *u = NULL;
-
- r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
- if (r < 0)
- return r;
-
- if (string_is_glob(u)) {
- r = strv_push(&patterns, u);
- if (r < 0)
- return r;
- u = NULL;
- } else {
- r = add_matches_for_unit(j, u);
- if (r < 0)
- return r;
- r = sd_journal_add_disjunction(j);
- if (r < 0)
- return r;
- count++;
- }
- }
-
- if (!strv_isempty(patterns)) {
- _cleanup_set_free_free_ Set *units = NULL;
- char *u;
-
- r = get_possible_units(j, SYSTEM_UNITS, patterns, &units);
- if (r < 0)
- return r;
-
- SET_FOREACH(u, units) {
- r = add_matches_for_unit(j, u);
- if (r < 0)
- return r;
- r = sd_journal_add_disjunction(j);
- if (r < 0)
- return r;
- count++;
- }
- }
-
- patterns = strv_free(patterns);
-
- STRV_FOREACH(i, arg_user_units) {
- _cleanup_free_ char *u = NULL;
-
- r = unit_name_mangle(*i, UNIT_NAME_MANGLE_GLOB | (arg_quiet ? 0 : UNIT_NAME_MANGLE_WARN), &u);
- if (r < 0)
- return r;
-
- if (string_is_glob(u)) {
- r = strv_push(&patterns, u);
- if (r < 0)
- return r;
- u = NULL;
- } else {
- r = add_matches_for_user_unit(j, u, getuid());
- if (r < 0)
- return r;
- r = sd_journal_add_disjunction(j);
- if (r < 0)
- return r;
- count++;
- }
- }
-
- if (!strv_isempty(patterns)) {
- _cleanup_set_free_free_ Set *units = NULL;
- char *u;
-
- r = get_possible_units(j, USER_UNITS, patterns, &units);
- if (r < 0)
- return r;
-
- SET_FOREACH(u, units) {
- r = add_matches_for_user_unit(j, u, getuid());
- if (r < 0)
- return r;
- r = sd_journal_add_disjunction(j);
- if (r < 0)
- return r;
- count++;
- }
- }
-
- /* Complain if the user request matches but nothing whatsoever was
- * found, since otherwise everything would be matched. */
- if (!(strv_isempty(arg_system_units) && strv_isempty(arg_user_units)) && count == 0)
- return -ENODATA;
-
- r = sd_journal_add_conjunction(j);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-static int add_priorities(sd_journal *j) {
- char match[] = "PRIORITY=0";
- int i, r;
- assert(j);
-
- if (arg_priorities == 0xFF)
- return 0;
-
- for (i = LOG_EMERG; i <= LOG_DEBUG; i++)
- if (arg_priorities & (1 << i)) {
- match[sizeof(match)-2] = '0' + i;
-
- r = sd_journal_add_match(j, match, strlen(match));
- if (r < 0)
- return log_error_errno(r, "Failed to add match: %m");
- }
-
- r = sd_journal_add_conjunction(j);
- if (r < 0)
- return log_error_errno(r, "Failed to add conjunction: %m");
-
- return 0;
-}
-
-static int add_facilities(sd_journal *j) {
- void *p;
- int r;
-
- SET_FOREACH(p, arg_facilities) {
- char match[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
-
- xsprintf(match, "SYSLOG_FACILITY=%d", PTR_TO_INT(p));
-
- r = sd_journal_add_match(j, match, strlen(match));
- if (r < 0)
- return log_error_errno(r, "Failed to add match: %m");
- }
-
- return 0;
-}
-
-static int add_syslog_identifier(sd_journal *j) {
- int r;
-
- assert(j);
-
- STRV_FOREACH(i, arg_syslog_identifier) {
- _cleanup_free_ char *u = NULL;
-
- u = strjoin("SYSLOG_IDENTIFIER=", *i);
- if (!u)
- return -ENOMEM;
- r = sd_journal_add_match(j, u, 0);
- if (r < 0)
- return r;
- r = sd_journal_add_disjunction(j);
- if (r < 0)
- return r;
- }
-
- r = sd_journal_add_conjunction(j);
- if (r < 0)
- return r;
-
- return 0;
-}
-
-#if HAVE_GCRYPT
-static int format_journal_url(
- const void *seed,
- size_t seed_size,
- uint64_t start,
- uint64_t interval,
- const char *hn,
- sd_id128_t machine,
- bool full,
- char **ret_url) {
-
- _cleanup_(memstream_done) MemStream m = {};
- FILE *f;
-
- assert(seed);
- assert(seed_size > 0);
-
- f = memstream_init(&m);
- if (!f)
- return -ENOMEM;
-
- if (full)
- fputs("fss://", f);
-
- for (size_t i = 0; i < seed_size; i++) {
- if (i > 0 && i % 3 == 0)
- fputc('-', f);
- fprintf(f, "%02x", ((uint8_t*) seed)[i]);
- }
-
- fprintf(f, "/%"PRIx64"-%"PRIx64, start, interval);
-
- if (full) {
- fprintf(f, "?machine=" SD_ID128_FORMAT_STR, SD_ID128_FORMAT_VAL(machine));
- if (hn)
- fprintf(f, ";hostname=%s", hn);
- }
-
- return memstream_finalize(&m, ret_url, NULL);
-}
-#endif
-
-static int setup_keys(void) {
-#if HAVE_GCRYPT
- size_t mpk_size, seed_size, state_size;
- _cleanup_(unlink_and_freep) char *k = NULL;
- _cleanup_free_ char *p = NULL;
- uint8_t *mpk, *seed, *state;
- _cleanup_close_ int fd = -EBADF;
- sd_id128_t machine, boot;
- struct stat st;
- uint64_t n;
- int r;
-
- r = stat("/var/log/journal", &st);
- if (r < 0 && !IN_SET(errno, ENOENT, ENOTDIR))
- return log_error_errno(errno, "stat(\"%s\") failed: %m", "/var/log/journal");
-
- if (r < 0 || !S_ISDIR(st.st_mode)) {
- log_error("%s is not a directory, must be using persistent logging for FSS.",
- "/var/log/journal");
- return r < 0 ? -errno : -ENOTDIR;
- }
-
- r = sd_id128_get_machine(&machine);
- if (r < 0)
- return log_error_errno(r, "Failed to get machine ID: %m");
-
- r = sd_id128_get_boot(&boot);
- if (r < 0)
- return log_error_errno(r, "Failed to get boot ID: %m");
-
- if (asprintf(&p, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss",
- SD_ID128_FORMAT_VAL(machine)) < 0)
- return log_oom();
-
- if (arg_force) {
- r = unlink(p);
- if (r < 0 && errno != ENOENT)
- return log_error_errno(errno, "unlink(\"%s\") failed: %m", p);
- } else if (access(p, F_OK) >= 0)
- return log_error_errno(SYNTHETIC_ERRNO(EEXIST),
- "Sealing key file %s exists already. Use --force to recreate.", p);
-
- if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
- SD_ID128_FORMAT_VAL(machine)) < 0)
- return log_oom();
-
- mpk_size = FSPRG_mskinbytes(FSPRG_RECOMMENDED_SECPAR);
- mpk = alloca_safe(mpk_size);
-
- seed_size = FSPRG_RECOMMENDED_SEEDLEN;
- seed = alloca_safe(seed_size);
-
- state_size = FSPRG_stateinbytes(FSPRG_RECOMMENDED_SECPAR);
- state = alloca_safe(state_size);
-
- log_info("Generating seed...");
- r = crypto_random_bytes(seed, seed_size);
- if (r < 0)
- return log_error_errno(r, "Failed to acquire random seed: %m");
-
- log_info("Generating key pair...");
- FSPRG_GenMK(NULL, mpk, seed, seed_size, FSPRG_RECOMMENDED_SECPAR);
-
- log_info("Generating sealing key...");
- FSPRG_GenState0(state, mpk, seed, seed_size);
-
- assert(arg_interval > 0);
-
- n = now(CLOCK_REALTIME);
- n /= arg_interval;
-
- safe_close(fd);
- fd = mkostemp_safe(k);
- if (fd < 0)
- return log_error_errno(fd, "Failed to open %s: %m", k);
-
- r = chattr_secret(fd, CHATTR_WARN_UNSUPPORTED_FLAGS);
- if (r < 0)
- log_full_errno(ERRNO_IS_NOT_SUPPORTED(r) ? LOG_DEBUG : LOG_WARNING,
- r, "Failed to set file attributes on '%s', ignoring: %m", k);
-
- struct FSSHeader h = {
- .signature = { 'K', 'S', 'H', 'H', 'R', 'H', 'L', 'P' },
- .machine_id = machine,
- .boot_id = boot,
- .header_size = htole64(sizeof(h)),
- .start_usec = htole64(n * arg_interval),
- .interval_usec = htole64(arg_interval),
- .fsprg_secpar = htole16(FSPRG_RECOMMENDED_SECPAR),
- .fsprg_state_size = htole64(state_size),
- };
-
- r = loop_write(fd, &h, sizeof(h));
- if (r < 0)
- return log_error_errno(r, "Failed to write header: %m");
-
- r = loop_write(fd, state, state_size);
- if (r < 0)
- return log_error_errno(r, "Failed to write state: %m");
-
- if (rename(k, p) < 0)
- return log_error_errno(errno, "Failed to link file: %m");
-
- k = mfree(k);
-
- _cleanup_free_ char *hn = NULL, *key = NULL;
-
- r = format_journal_url(seed, seed_size, n, arg_interval, hn, machine, false, &key);
- if (r < 0)
- return r;
-
- if (on_tty()) {
- hn = gethostname_malloc();
- if (hn)
- hostname_cleanup(hn);
-
- fprintf(stderr,
- "\nNew keys have been generated for host %s%s" SD_ID128_FORMAT_STR ".\n"
- "\n"
- "The %ssecret sealing key%s has been written to the following local file.\n"
- "This key file is automatically updated when the sealing key is advanced.\n"
- "It should not be used on multiple hosts.\n"
- "\n"
- "\t%s\n"
- "\n"
- "The sealing key is automatically changed every %s.\n"
- "\n"
- "Please write down the following %ssecret verification key%s. It should be stored\n"
- "in a safe location and should not be saved locally on disk.\n"
- "\n\t%s",
- strempty(hn), hn ? "/" : "",
- SD_ID128_FORMAT_VAL(machine),
- ansi_highlight(), ansi_normal(),
- p,
- FORMAT_TIMESPAN(arg_interval, 0),
- ansi_highlight(), ansi_normal(),
- ansi_highlight_red());
- fflush(stderr);
- }
-
- puts(key);
-
- if (on_tty()) {
- fprintf(stderr, "%s", ansi_normal());
-#if HAVE_QRENCODE
- _cleanup_free_ char *url = NULL;
- r = format_journal_url(seed, seed_size, n, arg_interval, hn, machine, true, &url);
- if (r < 0)
- return r;
-
- (void) print_qrcode(stderr,
- "To transfer the verification key to your phone scan the QR code below",
- url);
-#endif
- }
-
- return 0;
-#else
- return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP),
- "Forward-secure sealing not available.");
-#endif
-}
-
-static int verify(sd_journal *j, bool verbose) {
- int r = 0;
- JournalFile *f;
-
- assert(j);
-
- log_show_color(true);
-
- ORDERED_HASHMAP_FOREACH(f, j->files) {
- int k;
- usec_t first = 0, validated = 0, last = 0;
-
-#if HAVE_GCRYPT
- if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))
- log_notice("Journal file %s has sealing enabled but verification key has not been passed using --verify-key=.", f->path);
-#endif
-
- k = journal_file_verify(f, arg_verify_key, &first, &validated, &last, verbose);
- if (k == -EINVAL)
- /* If the key was invalid give up right-away. */
- return k;
- else if (k < 0)
- r = log_warning_errno(k, "FAIL: %s (%m)", f->path);
- else {
- char a[FORMAT_TIMESTAMP_MAX], b[FORMAT_TIMESTAMP_MAX];
- log_full(verbose ? LOG_INFO : LOG_DEBUG, "PASS: %s", f->path);
-
- if (arg_verify_key && JOURNAL_HEADER_SEALED(f->header)) {
- if (validated > 0) {
- log_full(verbose ? LOG_INFO : LOG_DEBUG,
- "=> Validated from %s to %s, final %s entries not sealed.",
- format_timestamp_maybe_utc(a, sizeof(a), first),
- format_timestamp_maybe_utc(b, sizeof(b), validated),
- FORMAT_TIMESPAN(last > validated ? last - validated : 0, 0));
- } else if (last > 0)
- log_full(verbose ? LOG_INFO : LOG_DEBUG,
- "=> No sealing yet, %s of entries not sealed.",
- FORMAT_TIMESPAN(last - first, 0));
- else
- log_full(verbose ? LOG_INFO : LOG_DEBUG,
- "=> No sealing yet, no entries in file.");
- }
- }
- }
-
- return r;
-}
-
-static int simple_varlink_call(const char *option, const char *method) {
- _cleanup_(varlink_flush_close_unrefp) Varlink *link = NULL;
- const char *error, *fn;
- int r;
-
- if (arg_machine)
- return log_error_errno(SYNTHETIC_ERRNO(EOPNOTSUPP), "%s is not supported in conjunction with --machine=.", option);
-
- fn = arg_namespace ?
- strjoina("/run/systemd/journal.", arg_namespace, "/io.systemd.journal") :
- "/run/systemd/journal/io.systemd.journal";
-
- r = varlink_connect_address(&link, fn);
- if (r < 0)
- return log_error_errno(r, "Failed to connect to %s: %m", fn);
-
- (void) varlink_set_description(link, "journal");
- (void) varlink_set_relative_timeout(link, USEC_INFINITY);
-
- r = varlink_call(link, method, NULL, NULL, &error, NULL);
- if (r < 0)
- return log_error_errno(r, "Failed to execute varlink call: %m");
- if (error)
- return log_error_errno(SYNTHETIC_ERRNO(ENOANO),
- "Failed to execute varlink call: %s", error);
-
- return 0;
-}
-
-static int flush_to_var(void) {
- if (access("/run/systemd/journal/flushed", F_OK) >= 0)
- return 0; /* Already flushed, no need to contact journald */
- if (errno != ENOENT)
- return log_error_errno(errno, "Unable to check for existence of /run/systemd/journal/flushed: %m");
-
- return simple_varlink_call("--flush", "io.systemd.Journal.FlushToVar");
-}
-
-static int relinquish_var(void) {
- return simple_varlink_call("--relinquish-var/--smart-relinquish-var", "io.systemd.Journal.RelinquishVar");
-}
-
-static int rotate(void) {
- return simple_varlink_call("--rotate", "io.systemd.Journal.Rotate");
-}
-
-static int sync_journal(void) {
- return simple_varlink_call("--sync", "io.systemd.Journal.Synchronize");
-}
-
-static int action_list_fields(sd_journal *j) {
- const void *data;
- size_t size;
- int r, n_shown = 0;
-
- assert(arg_field);
-
- r = sd_journal_set_data_threshold(j, 0);
- if (r < 0)
- return log_error_errno(r, "Failed to unset data size threshold: %m");
-
- r = sd_journal_query_unique(j, arg_field);
- if (r < 0)
- return log_error_errno(r, "Failed to query unique data objects: %m");
-
- SD_JOURNAL_FOREACH_UNIQUE(j, data, size) {
- const void *eq;
-
- if (arg_lines >= 0 && n_shown >= arg_lines)
- break;
-
- eq = memchr(data, '=', size);
- if (eq)
- printf("%.*s\n", (int) (size - ((const uint8_t*) eq - (const uint8_t*) data + 1)), (const char*) eq + 1);
- else
- printf("%.*s\n", (int) size, (const char*) data);
-
- n_shown++;
- }
-
- return 0;
-}
-
-static int update_cursor(sd_journal *j) {
- _cleanup_free_ char *cursor = NULL;
- int r;
-
- assert(j);
-
- if (!arg_show_cursor && !arg_cursor_file)
- return 0;
-
- r = sd_journal_get_cursor(j, &cursor);
- if (r == -EADDRNOTAVAIL)
- return 0;
- if (r < 0)
- return log_error_errno(r, "Failed to get cursor: %m");
-
- if (arg_show_cursor)
- printf("-- cursor: %s\n", cursor);
-
- if (arg_cursor_file) {
- r = write_string_file(arg_cursor_file, cursor, WRITE_STRING_FILE_CREATE | WRITE_STRING_FILE_ATOMIC);
- if (r < 0)
- return log_error_errno(r, "Failed to write new cursor to %s: %m", arg_cursor_file);
- }
-
- return 0;
-}
-
-typedef struct Context {
- sd_journal *journal;
- bool has_cursor;
- bool need_seek;
- bool since_seeked;
- bool ellipsized;
- bool previous_boot_id_valid;
- sd_id128_t previous_boot_id;
- sd_id128_t previous_boot_id_output;
- dual_timestamp previous_ts_output;
-} Context;
-
-static int show(Context *c) {
- sd_journal *j;
- int r, n_shown = 0;
-
- assert(c);
-
- j = ASSERT_PTR(c->journal);
-
- while (arg_lines < 0 || n_shown < arg_lines || arg_follow) {
- int flags;
- size_t highlight[2] = {};
-
- if (c->need_seek) {
- r = sd_journal_step_one(j, !arg_reverse);
- if (r < 0)
- return log_error_errno(r, "Failed to iterate through journal: %m");
- if (r == 0)
- break;
- }
-
- if (arg_until_set && !arg_reverse && (arg_lines < 0 || arg_since_set || c->has_cursor)) {
- /* If --lines= is set, we usually rely on the n_shown to tell us when to stop.
- * However, if --since= or one of the cursor argument is set too, we may end up
- * having less than --lines= to output. In this case let's also check if the entry
- * is in range. */
-
- usec_t usec;
-
- r = sd_journal_get_realtime_usec(j, &usec);
- if (r < 0)
- return log_error_errno(r, "Failed to determine timestamp: %m");
- if (usec > arg_until)
- break;
- }
-
- if (arg_since_set && (arg_reverse || !c->since_seeked)) {
- usec_t usec;
-
- r = sd_journal_get_realtime_usec(j, &usec);
- if (r < 0)
- return log_error_errno(r, "Failed to determine timestamp: %m");
-
- if (usec < arg_since) {
- if (arg_reverse)
- break; /* Reached the earliest entry */
-
- /* arg_lines >= 0 (!since_seeked):
- * We jumped arg_lines back and it seems to be too much */
- r = sd_journal_seek_realtime_usec(j, arg_since);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to date: %m");
- c->since_seeked = true;
-
- c->need_seek = true;
- continue;
- }
- c->since_seeked = true; /* We're surely within the range of --since now */
- }
-
- if (!arg_merge && !arg_quiet) {
- sd_id128_t boot_id;
-
- r = sd_journal_get_monotonic_usec(j, NULL, &boot_id);
- if (r >= 0) {
- if (c->previous_boot_id_valid &&
- !sd_id128_equal(boot_id, c->previous_boot_id))
- printf("%s-- Boot "SD_ID128_FORMAT_STR" --%s\n",
- ansi_highlight(), SD_ID128_FORMAT_VAL(boot_id), ansi_normal());
-
- c->previous_boot_id = boot_id;
- c->previous_boot_id_valid = true;
- }
- }
-
- if (arg_compiled_pattern) {
- const void *message;
- size_t len;
-
- r = sd_journal_get_data(j, "MESSAGE", &message, &len);
- if (r < 0) {
- if (r == -ENOENT) {
- c->need_seek = true;
- continue;
- }
-
- return log_error_errno(r, "Failed to get MESSAGE field: %m");
- }
-
- assert_se(message = startswith(message, "MESSAGE="));
-
- r = pattern_matches_and_log(arg_compiled_pattern, message,
- len - strlen("MESSAGE="), highlight);
- if (r < 0)
- return r;
- if (r == 0) {
- c->need_seek = true;
- continue;
- }
- }
-
- flags =
- arg_all * OUTPUT_SHOW_ALL |
- arg_full * OUTPUT_FULL_WIDTH |
- colors_enabled() * OUTPUT_COLOR |
- arg_catalog * OUTPUT_CATALOG |
- arg_utc * OUTPUT_UTC |
- arg_truncate_newline * OUTPUT_TRUNCATE_NEWLINE |
- arg_no_hostname * OUTPUT_NO_HOSTNAME;
-
- r = show_journal_entry(stdout, j, arg_output, 0, flags,
- arg_output_fields, highlight, &c->ellipsized,
- &c->previous_ts_output, &c->previous_boot_id_output);
- c->need_seek = true;
- if (r == -EADDRNOTAVAIL)
- break;
- if (r < 0)
- return r;
-
- n_shown++;
-
- /* If journalctl take a long time to process messages, and during that time journal file
- * rotation occurs, a journalctl client will keep those rotated files open until it calls
- * sd_journal_process(), which typically happens as a result of calling sd_journal_wait() below
- * in the "following" case. By periodically calling sd_journal_process() during the processing
- * loop we shrink the window of time a client instance has open file descriptors for rotated
- * (deleted) journal files. */
- if ((n_shown % PROCESS_INOTIFY_INTERVAL) == 0) {
- r = sd_journal_process(j);
- if (r < 0)
- return log_error_errno(r, "Failed to process inotify events: %m");
- }
- }
-
- return n_shown;
-}
-
-static int show_and_fflush(Context *c, sd_event_source *s) {
- int r;
-
- assert(c);
- assert(s);
-
- r = show(c);
- if (r < 0)
- return sd_event_exit(sd_event_source_get_event(s), r);
-
- fflush(stdout);
- return 0;
-}
-
-static int on_journal_event(sd_event_source *s, int fd, uint32_t revents, void *userdata) {
- Context *c = ASSERT_PTR(userdata);
- int r;
-
- assert(s);
-
- r = sd_journal_process(c->journal);
- if (r < 0) {
- log_error_errno(r, "Failed to process journal events: %m");
- return sd_event_exit(sd_event_source_get_event(s), r);
- }
-
- return show_and_fflush(c, s);
-}
-
-static int on_first_event(sd_event_source *s, void *userdata) {
- return show_and_fflush(userdata, s);
-}
-
-static int on_signal(sd_event_source *s, const struct signalfd_siginfo *si, void *userdata) {
- assert(s);
- assert(si);
- assert(IN_SET(si->ssi_signo, SIGTERM, SIGINT));
-
- return sd_event_exit(sd_event_source_get_event(s), si->ssi_signo);
-}
-
-static int setup_event(Context *c, int fd, sd_event **ret) {
- _cleanup_(sd_event_unrefp) sd_event *e = NULL;
- int r;
-
- assert(arg_follow);
- assert(c);
- assert(fd >= 0);
- assert(ret);
-
- r = sd_event_default(&e);
- if (r < 0)
- return log_error_errno(r, "Failed to allocate sd_event object: %m");
-
- (void) sd_event_add_signal(e, NULL, SIGTERM | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL);
- (void) sd_event_add_signal(e, NULL, SIGINT | SD_EVENT_SIGNAL_PROCMASK, on_signal, NULL);
-
- r = sd_event_add_io(e, NULL, fd, EPOLLIN, &on_journal_event, c);
- if (r < 0)
- return log_error_errno(r, "Failed to add io event source for journal: %m");
-
- /* Also keeps an eye on STDOUT, and exits as soon as we see a POLLHUP on that, i.e. when it is closed. */
- r = sd_event_add_io(e, NULL, STDOUT_FILENO, EPOLLHUP|EPOLLERR, NULL, INT_TO_PTR(-ECANCELED));
- if (r == -EPERM)
- /* Installing an epoll watch on a regular file doesn't work and fails with EPERM. Which is
- * totally OK, handle it gracefully. epoll_ctl() documents EPERM as the error returned when
- * the specified fd doesn't support epoll, hence it's safe to check for that. */
- log_debug_errno(r, "Unable to install EPOLLHUP watch on stderr, not watching for hangups.");
- else if (r < 0)
- return log_error_errno(r, "Failed to add io event source for stdout: %m");
-
- if (arg_lines != 0 || arg_since_set) {
- r = sd_event_add_defer(e, NULL, on_first_event, c);
- if (r < 0)
- return log_error_errno(r, "Failed to add defer event source: %m");
- }
+ if (!arg_follow)
+ arg_journal_additional_open_flags = SD_JOURNAL_ASSUME_IMMUTABLE;
- *ret = TAKE_PTR(e);
- return 0;
+ return 1;
}
static int run(int argc, char *argv[]) {
- bool need_seek = false, since_seeked = false, after_cursor = false;
_cleanup_(loop_device_unrefp) LoopDevice *loop_device = NULL;
_cleanup_(umount_and_freep) char *mounted_dir = NULL;
- _cleanup_(sd_journal_closep) sd_journal *j = NULL;
- _cleanup_free_ char *cursor_from_file = NULL;
- const char *cursor = NULL;
- int n_shown, r, poll_fd = -EBADF;
+ int r;
setlocale(LC_ALL, "");
log_setup();
- /* Increase max number of open files if we can, we might needs this when browsing journal files, which might be
- * split up into many files. */
- (void) rlimit_nofile_bump(HIGH_RLIMIT_NOFILE);
-
r = parse_argv(argc, argv);
if (r <= 0)
return r;
+ char **args = strv_skip(argv, optind);
+
if (arg_image) {
assert(!arg_root);
@@ -2195,7 +1025,8 @@ static int run(int argc, char *argv[]) {
DISSECT_IMAGE_REQUIRE_ROOT |
DISSECT_IMAGE_VALIDATE_OS |
DISSECT_IMAGE_RELAX_VAR_CHECK |
- (arg_action == ACTION_UPDATE_CATALOG ? DISSECT_IMAGE_FSCK|DISSECT_IMAGE_GROWFS : DISSECT_IMAGE_READ_ONLY),
+ (arg_action == ACTION_UPDATE_CATALOG ? DISSECT_IMAGE_FSCK|DISSECT_IMAGE_GROWFS : DISSECT_IMAGE_READ_ONLY) |
+ DISSECT_IMAGE_ALLOW_USERSPACE_VERITY,
&mounted_dir,
/* ret_dir_fd= */ NULL,
&loop_device);
@@ -2207,427 +1038,66 @@ static int run(int argc, char *argv[]) {
return log_oom();
}
- signal(SIGWINCH, columns_lines_cache_reset);
- sigbus_install();
-
switch (arg_action) {
+ case ACTION_SHOW:
+ return action_show(args);
+
case ACTION_NEW_ID128:
return id128_print_new(ID128_PRINT_PRETTY);
case ACTION_SETUP_KEYS:
- return setup_keys();
+ return action_setup_keys();
case ACTION_LIST_CATALOG:
case ACTION_DUMP_CATALOG:
- case ACTION_UPDATE_CATALOG: {
- _cleanup_free_ char *database = NULL;
+ return action_list_catalog(args);
- database = path_join(arg_root, secure_getenv("SYSTEMD_CATALOG") ?: CATALOG_DATABASE);
- if (!database)
- return log_oom();
+ case ACTION_UPDATE_CATALOG:
+ return action_update_catalog();
- if (arg_action == ACTION_UPDATE_CATALOG) {
- const char *e;
+ case ACTION_PRINT_HEADER:
+ return action_print_header();
- e = secure_getenv("SYSTEMD_CATALOG_SOURCES");
+ case ACTION_VERIFY:
+ return action_verify();
- r = catalog_update(
- database,
- arg_root,
- e ? (const char* const*) STRV_MAKE(e) : catalog_file_dirs);
- if (r < 0)
- return log_error_errno(r, "Failed to list catalog: %m");
- } else {
- bool oneline = arg_action == ACTION_LIST_CATALOG;
+ case ACTION_DISK_USAGE:
+ return action_disk_usage();
- pager_open(arg_pager_flags);
+ case ACTION_LIST_BOOTS:
+ return action_list_boots();
- if (optind < argc)
- r = catalog_list_items(stdout, database, oneline, argv + optind);
- else
- r = catalog_list(stdout, database, oneline);
- if (r < 0)
- return log_error_errno(r, "Failed to list catalog: %m");
- }
+ case ACTION_LIST_FIELDS:
+ return action_list_fields();
- return 0;
- }
+ case ACTION_LIST_FIELD_NAMES:
+ return action_list_field_names();
+
+ case ACTION_LIST_NAMESPACES:
+ return action_list_namespaces();
case ACTION_FLUSH:
- return flush_to_var();
+ return action_flush_to_var();
case ACTION_RELINQUISH_VAR:
- return relinquish_var();
+ return action_relinquish_var();
case ACTION_SYNC:
- return sync_journal();
+ return action_sync();
case ACTION_ROTATE:
- return rotate();
+ return action_rotate();
- case ACTION_SHOW:
- case ACTION_PRINT_HEADER:
- case ACTION_VERIFY:
- case ACTION_DISK_USAGE:
- case ACTION_LIST_BOOTS:
case ACTION_VACUUM:
- case ACTION_ROTATE_AND_VACUUM:
- case ACTION_LIST_FIELDS:
- case ACTION_LIST_FIELD_NAMES:
- /* These ones require access to the journal files, continue below. */
- break;
-
- default:
- assert_not_reached();
- }
-
- if (arg_directory)
- r = sd_journal_open_directory(&j, arg_directory, arg_journal_type);
- else if (arg_root)
- r = sd_journal_open_directory(&j, arg_root, arg_journal_type | SD_JOURNAL_OS_ROOT);
- else if (arg_file_stdin)
- r = sd_journal_open_files_fd(&j, (int[]) { STDIN_FILENO }, 1, 0);
- else if (arg_file)
- r = sd_journal_open_files(&j, (const char**) arg_file, 0);
- else if (arg_machine)
- r = journal_open_machine(&j, arg_machine);
- else
- r = sd_journal_open_namespace(
- &j,
- arg_namespace,
- (arg_merge ? 0 : SD_JOURNAL_LOCAL_ONLY) |
- arg_namespace_flags | arg_journal_type);
- if (r < 0)
- return log_error_errno(r, "Failed to open %s: %m", arg_directory ?: arg_file ? "files" : "journal");
-
- r = journal_access_check_and_warn(j, arg_quiet,
- !(arg_journal_type == SD_JOURNAL_CURRENT_USER || arg_user_units));
- if (r < 0)
- return r;
-
- switch (arg_action) {
-
- case ACTION_NEW_ID128:
- case ACTION_SETUP_KEYS:
- case ACTION_LIST_CATALOG:
- case ACTION_DUMP_CATALOG:
- case ACTION_UPDATE_CATALOG:
- case ACTION_FLUSH:
- case ACTION_SYNC:
- case ACTION_ROTATE:
- assert_not_reached();
-
- case ACTION_PRINT_HEADER:
- journal_print_header(j);
- return 0;
-
- case ACTION_VERIFY:
- return verify(j, !arg_quiet);
-
- case ACTION_DISK_USAGE: {
- uint64_t bytes = 0;
-
- r = sd_journal_get_usage(j, &bytes);
- if (r < 0)
- return r;
-
- printf("Archived and active journals take up %s in the file system.\n",
- FORMAT_BYTES(bytes));
-
- return 0;
- }
-
- case ACTION_LIST_BOOTS:
- return list_boots(j);
+ return action_vacuum();
case ACTION_ROTATE_AND_VACUUM:
-
- r = rotate();
- if (r < 0)
- return r;
-
- _fallthrough_;
-
- case ACTION_VACUUM: {
- Directory *d;
- int ret = 0;
-
- HASHMAP_FOREACH(d, j->directories_by_path) {
- r = journal_directory_vacuum(d->path, arg_vacuum_size, arg_vacuum_n_files, arg_vacuum_time, NULL, !arg_quiet);
- if (r < 0) {
- log_error_errno(r, "Failed to vacuum %s: %m", d->path);
- if (ret >= 0)
- ret = r;
- }
- }
-
- return ret;
- }
-
- case ACTION_LIST_FIELD_NAMES: {
- const char *field;
-
- SD_JOURNAL_FOREACH_FIELD(j, field)
- printf("%s\n", field);
-
- return 0;
- }
-
- case ACTION_SHOW:
- case ACTION_LIST_FIELDS:
- break;
+ return action_rotate_and_vacuum();
default:
assert_not_reached();
}
-
- if (arg_boot_offset != 0 &&
- sd_journal_has_runtime_files(j) > 0 &&
- sd_journal_has_persistent_files(j) == 0) {
- log_info("Specifying boot ID or boot offset has no effect, no persistent journal was found.");
-
- if (arg_action == ACTION_SHOW && arg_compiled_pattern)
- return -ENOENT;
-
- return 0;
- }
- /* add_boot() must be called first!
- * It may need to seek the journal to find parent boot IDs. */
- r = add_boot(j);
- if (r < 0)
- return r;
-
- r = add_dmesg(j);
- if (r < 0)
- return r;
-
- r = add_units(j);
- if (r < 0)
- return log_error_errno(r, "Failed to add filter for units: %m");
-
- r = add_syslog_identifier(j);
- if (r < 0)
- return log_error_errno(r, "Failed to add filter for syslog identifiers: %m");
-
- r = add_priorities(j);
- if (r < 0)
- return r;
-
- r = add_facilities(j);
- if (r < 0)
- return r;
-
- r = add_matches(j, argv + optind);
- if (r < 0)
- return r;
-
- if (DEBUG_LOGGING) {
- _cleanup_free_ char *filter = NULL;
-
- filter = journal_make_match_string(j);
- if (!filter)
- return log_oom();
-
- log_debug("Journal filter: %s", filter);
- }
-
- if (arg_action == ACTION_LIST_FIELDS)
- return action_list_fields(j);
-
- /* Opening the fd now means the first sd_journal_wait() will actually wait */
- if (arg_follow) {
- poll_fd = sd_journal_get_fd(j);
- if (poll_fd == -EMFILE) {
- log_warning_errno(poll_fd, "Insufficient watch descriptors available. Reverting to -n.");
- arg_follow = false;
- } else if (poll_fd == -EMEDIUMTYPE)
- return log_error_errno(poll_fd, "The --follow switch is not supported in conjunction with reading from STDIN.");
- else if (poll_fd < 0)
- return log_error_errno(poll_fd, "Failed to get journal fd: %m");
- }
-
- if (arg_cursor || arg_after_cursor || arg_cursor_file) {
- cursor = arg_cursor ?: arg_after_cursor;
-
- if (arg_cursor_file) {
- r = read_one_line_file(arg_cursor_file, &cursor_from_file);
- if (r < 0 && r != -ENOENT)
- return log_error_errno(r, "Failed to read cursor file %s: %m", arg_cursor_file);
-
- if (r > 0) {
- cursor = cursor_from_file;
- after_cursor = true;
- }
- } else
- after_cursor = arg_after_cursor;
- }
-
- if (cursor) {
- r = sd_journal_seek_cursor(j, cursor);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to cursor: %m");
-
- r = sd_journal_step_one(j, !arg_reverse);
- if (r < 0)
- return log_error_errno(r, "Failed to iterate through journal: %m");
-
- if (after_cursor && r > 0) {
- /* With --after-cursor=/--cursor-file= we want to skip the first entry only if it's
- * the entry the cursor is pointing at, otherwise, if some journal filters are used,
- * we might skip the first entry of the filter match, which leads to unexpectedly
- * missing journal entries. */
- int k;
-
- k = sd_journal_test_cursor(j, cursor);
- if (k < 0)
- return log_error_errno(k, "Failed to test cursor against current entry: %m");
- if (k > 0)
- /* Current entry matches the one our cursor is pointing at, so let's try
- * to advance the next entry. */
- r = sd_journal_step_one(j, !arg_reverse);
- }
-
- if (r == 0) {
- /* We couldn't find the next entry after the cursor. */
- if (arg_follow)
- need_seek = true;
- else
- arg_lines = 0;
- }
- } else if (arg_until_set && (arg_reverse || arg_lines_needs_seek_end())) {
- /* If both --until and any of --reverse and --lines=N is specified, things get
- * a little tricky. We seek to the place of --until first. If only --reverse or
- * --reverse and --lines is specified, we search backwards and let the output
- * counter handle --lines for us. If only --lines is used, we just jump backwards
- * arg_lines and search afterwards from there. */
-
- r = sd_journal_seek_realtime_usec(j, arg_until);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to date: %m");
-
- if (arg_reverse)
- r = sd_journal_previous(j);
- else /* arg_lines_needs_seek_end */
- r = sd_journal_previous_skip(j, arg_lines);
-
- } else if (arg_reverse) {
- r = sd_journal_seek_tail(j);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to tail: %m");
-
- r = sd_journal_previous(j);
-
- } else if (arg_lines_needs_seek_end()) {
- r = sd_journal_seek_tail(j);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to tail: %m");
-
- r = sd_journal_previous_skip(j, arg_lines);
-
- } else if (arg_since_set) {
- /* This is placed after arg_reverse and arg_lines. If --since is used without
- * both, we seek to the place of --since and search afterwards from there.
- * If used with --reverse or --lines, we seek to the tail first and check if
- * the entry is within the range of --since later. */
-
- r = sd_journal_seek_realtime_usec(j, arg_since);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to date: %m");
- since_seeked = true;
-
- r = sd_journal_next(j);
-
- } else {
- r = sd_journal_seek_head(j);
- if (r < 0)
- return log_error_errno(r, "Failed to seek to head: %m");
-
- r = sd_journal_next(j);
- }
- if (r < 0)
- return log_error_errno(r, "Failed to iterate through journal: %m");
- if (r == 0)
- need_seek = true;
-
- if (!arg_follow)
- pager_open(arg_pager_flags);
-
- if (!arg_quiet && (arg_lines != 0 || arg_follow) && DEBUG_LOGGING) {
- usec_t start, end;
- char start_buf[FORMAT_TIMESTAMP_MAX], end_buf[FORMAT_TIMESTAMP_MAX];
-
- r = sd_journal_get_cutoff_realtime_usec(j, &start, &end);
- if (r < 0)
- return log_error_errno(r, "Failed to get cutoff: %m");
- if (r > 0) {
- if (arg_follow)
- printf("-- Journal begins at %s. --\n",
- format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start));
- else
- printf("-- Journal begins at %s, ends at %s. --\n",
- format_timestamp_maybe_utc(start_buf, sizeof(start_buf), start),
- format_timestamp_maybe_utc(end_buf, sizeof(end_buf), end));
- }
- }
-
- Context c = {
- .journal = j,
- .has_cursor = cursor,
- .need_seek = need_seek,
- .since_seeked = since_seeked,
- };
-
- if (arg_follow) {
- _cleanup_(sd_event_unrefp) sd_event *e = NULL;
- int sig;
-
- assert(poll_fd >= 0);
-
- r = setup_event(&c, poll_fd, &e);
- if (r < 0)
- return r;
-
- r = sd_event_loop(e);
- if (r < 0)
- return r;
- sig = r;
-
- /* unref signal event sources. */
- e = sd_event_unref(e);
-
- r = update_cursor(j);
- if (r < 0)
- return r;
-
- /* re-send the original signal. */
- assert(SIGNAL_VALID(sig));
- if (raise(sig) < 0)
- log_error("Failed to raise the original signal SIG%s, ignoring: %m", signal_to_string(sig));
-
- return 0;
- }
-
- r = show(&c);
- if (r < 0)
- return r;
- n_shown = r;
-
- if (n_shown == 0 && !arg_quiet)
- printf("-- No entries --\n");
-
- r = update_cursor(j);
- if (r < 0)
- return r;
-
- if (arg_compiled_pattern && n_shown == 0)
- /* --grep was used, no error was thrown, but the pattern didn't
- * match anything. Let's mimic grep's behavior here and return
- * a non-zero exit code, so journalctl --grep can be used
- * in scripts and such */
- return -ENOENT;
-
- return 0;
}
-DEFINE_MAIN_FUNCTION(run);
+DEFINE_MAIN_FUNCTION_WITH_POSITIVE_SIGNAL(run);
diff --git a/src/journal/journalctl.h b/src/journal/journalctl.h
new file mode 100644
index 0000000..c6993a2
--- /dev/null
+++ b/src/journal/journalctl.h
@@ -0,0 +1,99 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include <inttypes.h>
+#include <stdbool.h>
+
+#include "sd-id128.h"
+
+#include "json.h"
+#include "output-mode.h"
+#include "pager.h"
+#include "pcre2-util.h"
+#include "set.h"
+#include "time-util.h"
+
+typedef enum JournalctlAction {
+ ACTION_SHOW,
+ ACTION_NEW_ID128,
+ ACTION_SETUP_KEYS,
+ ACTION_LIST_CATALOG,
+ ACTION_DUMP_CATALOG,
+ ACTION_UPDATE_CATALOG,
+ ACTION_PRINT_HEADER,
+ ACTION_VERIFY,
+ ACTION_DISK_USAGE,
+ ACTION_LIST_BOOTS,
+ ACTION_LIST_FIELDS,
+ ACTION_LIST_FIELD_NAMES,
+ ACTION_LIST_NAMESPACES,
+ ACTION_FLUSH,
+ ACTION_RELINQUISH_VAR,
+ ACTION_SYNC,
+ ACTION_ROTATE,
+ ACTION_VACUUM,
+ ACTION_ROTATE_AND_VACUUM,
+} JournalctlAction;
+
+extern JournalctlAction arg_action;
+extern OutputMode arg_output;
+extern JsonFormatFlags arg_json_format_flags;
+extern PagerFlags arg_pager_flags;
+extern bool arg_utc;
+extern bool arg_follow;
+extern bool arg_full;
+extern bool arg_all;
+extern int arg_lines;
+extern bool arg_lines_oldest;
+extern bool arg_no_tail;
+extern bool arg_truncate_newline;
+extern bool arg_quiet;
+extern bool arg_merge;
+extern bool arg_boot;
+extern sd_id128_t arg_boot_id;
+extern int arg_boot_offset;
+extern bool arg_dmesg;
+extern bool arg_no_hostname;
+extern const char *arg_cursor;
+extern const char *arg_cursor_file;
+extern const char *arg_after_cursor;
+extern bool arg_show_cursor;
+extern const char *arg_directory;
+extern char **arg_file;
+extern bool arg_file_stdin;
+extern int arg_priorities;
+extern Set *arg_facilities;
+extern char *arg_verify_key;
+#if HAVE_GCRYPT
+extern usec_t arg_interval;
+extern bool arg_force;
+#endif
+extern usec_t arg_since;
+extern usec_t arg_until;
+extern bool arg_since_set;
+extern bool arg_until_set;
+extern char **arg_syslog_identifier;
+extern char **arg_exclude_identifier;
+extern char **arg_system_units;
+extern char **arg_user_units;
+extern const char *arg_field;
+extern bool arg_catalog;
+extern bool arg_reverse;
+extern int arg_journal_type;
+extern int arg_journal_additional_open_flags;
+extern int arg_namespace_flags;
+extern char *arg_root;
+extern char *arg_image;
+extern const char *arg_machine;
+extern const char *arg_namespace;
+extern uint64_t arg_vacuum_size;
+extern uint64_t arg_vacuum_n_files;
+extern usec_t arg_vacuum_time;
+extern Set *arg_output_fields;
+extern const char *arg_pattern;
+extern pcre2_code *arg_compiled_pattern;
+extern PatternCompileCase arg_case;
+
+static inline bool arg_lines_needs_seek_end(void) {
+ return arg_lines >= 0 && !arg_lines_oldest;
+}
diff --git a/src/journal/journald-audit.c b/src/journal/journald-audit.c
index bddfe76..d49283d 100644
--- a/src/journal/journald-audit.c
+++ b/src/journal/journald-audit.c
@@ -335,10 +335,9 @@ void process_audit_string(Server *s, int type, const char *data, size_t size) {
size_t n = 0, z;
uint64_t seconds, msec, id;
const char *p, *type_name;
- char id_field[sizeof("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)],
- type_field[sizeof("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)],
- source_time_field[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)];
- struct iovec iovec[N_IOVEC_META_FIELDS + 8 + N_IOVEC_AUDIT_FIELDS];
+ char id_field[STRLEN("_AUDIT_ID=") + DECIMAL_STR_MAX(uint64_t)],
+ type_field[STRLEN("_AUDIT_TYPE=") + DECIMAL_STR_MAX(int)];
+ struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_AUDIT_FIELDS];
char *m, *type_field_name;
int k;
@@ -375,14 +374,10 @@ void process_audit_string(Server *s, int type, const char *data, size_t size) {
iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=audit");
- sprintf(source_time_field, "_SOURCE_REALTIME_TIMESTAMP=%" PRIu64,
- (usec_t) seconds * USEC_PER_SEC + (usec_t) msec * USEC_PER_MSEC);
- iovec[n++] = IOVEC_MAKE_STRING(source_time_field);
-
- sprintf(type_field, "_AUDIT_TYPE=%i", type);
+ xsprintf(type_field, "_AUDIT_TYPE=%i", type);
iovec[n++] = IOVEC_MAKE_STRING(type_field);
- sprintf(id_field, "_AUDIT_ID=%" PRIu64, id);
+ xsprintf(id_field, "_AUDIT_ID=%" PRIu64, id);
iovec[n++] = IOVEC_MAKE_STRING(id_field);
assert_cc(4 == LOG_FAC(LOG_AUTH));
@@ -401,7 +396,9 @@ void process_audit_string(Server *s, int type, const char *data, size_t size) {
map_all_fields(p, map_fields_kernel, "_AUDIT_FIELD_", true, iovec, &n, n + N_IOVEC_AUDIT_FIELDS);
- server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL, NULL, LOG_NOTICE, 0);
+ server_dispatch_message(s, iovec, n, ELEMENTSOF(iovec), NULL,
+ TIMEVAL_STORE((usec_t) seconds * USEC_PER_SEC + (usec_t) msec * USEC_PER_MSEC),
+ LOG_NOTICE, 0);
/* free() all entries that map_all_fields() added. All others
* are allocated on the stack or are constant. */
diff --git a/src/journal/journald-context.c b/src/journal/journald-context.c
index f5f6ec5..b44f700 100644
--- a/src/journal/journald-context.c
+++ b/src/journal/journald-context.c
@@ -612,7 +612,7 @@ static void client_context_try_shrink_to(Server *s, size_t limit) {
if (pid_is_unwaited(c->pid) == 0)
client_context_free(s, c);
else
- idx ++;
+ idx++;
}
s->last_cache_pid_flush = t;
@@ -650,8 +650,8 @@ void client_context_flush_all(Server *s) {
client_context_flush_regular(s);
- assert(prioq_size(s->client_contexts_lru) == 0);
- assert(hashmap_size(s->client_contexts) == 0);
+ assert(prioq_isempty(s->client_contexts_lru));
+ assert(hashmap_isempty(s->client_contexts));
s->client_contexts_lru = prioq_free(s->client_contexts_lru);
s->client_contexts = hashmap_free(s->client_contexts);
diff --git a/src/journal/journald-gperf.gperf b/src/journal/journald-gperf.gperf
index 9076597..49987f5 100644
--- a/src/journal/journald-gperf.gperf
+++ b/src/journal/journald-gperf.gperf
@@ -19,35 +19,37 @@ struct ConfigPerfItem;
%struct-type
%includes
%%
-Journal.Storage, config_parse_storage, 0, offsetof(Server, storage)
-Journal.Compress, config_parse_compress, 0, offsetof(Server, compress)
-Journal.Seal, config_parse_bool, 0, offsetof(Server, seal)
-Journal.ReadKMsg, config_parse_bool, 0, offsetof(Server, read_kmsg)
-Journal.Audit, config_parse_tristate, 0, offsetof(Server, set_audit)
-Journal.SyncIntervalSec, config_parse_sec, 0, offsetof(Server, sync_interval_usec)
+Journal.Storage, config_parse_storage, 0, offsetof(Server, storage)
+Journal.Compress, config_parse_compress, 0, offsetof(Server, compress)
+Journal.Seal, config_parse_bool, 0, offsetof(Server, seal)
+Journal.ReadKMsg, config_parse_bool, 0, offsetof(Server, read_kmsg)
+Journal.Audit, config_parse_tristate, 0, offsetof(Server, set_audit)
+Journal.SyncIntervalSec, config_parse_sec, 0, offsetof(Server, sync_interval_usec)
# The following is a legacy name for compatibility
-Journal.RateLimitInterval, config_parse_sec, 0, offsetof(Server, ratelimit_interval)
-Journal.RateLimitIntervalSec,config_parse_sec, 0, offsetof(Server, ratelimit_interval)
-Journal.RateLimitBurst, config_parse_unsigned, 0, offsetof(Server, ratelimit_burst)
-Journal.SystemMaxUse, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_use)
-Journal.SystemMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_size)
-Journal.SystemKeepFree, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.keep_free)
-Journal.SystemMaxFiles, config_parse_uint64, 0, offsetof(Server, system_storage.metrics.n_max_files)
-Journal.RuntimeMaxUse, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_use)
-Journal.RuntimeMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_size)
-Journal.RuntimeKeepFree, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.keep_free)
-Journal.RuntimeMaxFiles, config_parse_uint64, 0, offsetof(Server, runtime_storage.metrics.n_max_files)
-Journal.MaxRetentionSec, config_parse_sec, 0, offsetof(Server, max_retention_usec)
-Journal.MaxFileSec, config_parse_sec, 0, offsetof(Server, max_file_usec)
-Journal.ForwardToSyslog, config_parse_bool, 0, offsetof(Server, forward_to_syslog)
-Journal.ForwardToKMsg, config_parse_bool, 0, offsetof(Server, forward_to_kmsg)
-Journal.ForwardToConsole, config_parse_bool, 0, offsetof(Server, forward_to_console)
-Journal.ForwardToWall, config_parse_bool, 0, offsetof(Server, forward_to_wall)
-Journal.TTYPath, config_parse_path, 0, offsetof(Server, tty_path)
-Journal.MaxLevelStore, config_parse_log_level, 0, offsetof(Server, max_level_store)
-Journal.MaxLevelSyslog, config_parse_log_level, 0, offsetof(Server, max_level_syslog)
-Journal.MaxLevelKMsg, config_parse_log_level, 0, offsetof(Server, max_level_kmsg)
-Journal.MaxLevelConsole, config_parse_log_level, 0, offsetof(Server, max_level_console)
-Journal.MaxLevelWall, config_parse_log_level, 0, offsetof(Server, max_level_wall)
-Journal.SplitMode, config_parse_split_mode, 0, offsetof(Server, split_mode)
-Journal.LineMax, config_parse_line_max, 0, offsetof(Server, line_max)
+Journal.RateLimitInterval, config_parse_sec, 0, offsetof(Server, ratelimit_interval)
+Journal.RateLimitIntervalSec,config_parse_sec, 0, offsetof(Server, ratelimit_interval)
+Journal.RateLimitBurst, config_parse_unsigned, 0, offsetof(Server, ratelimit_burst)
+Journal.SystemMaxUse, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_use)
+Journal.SystemMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.max_size)
+Journal.SystemKeepFree, config_parse_iec_uint64, 0, offsetof(Server, system_storage.metrics.keep_free)
+Journal.SystemMaxFiles, config_parse_uint64, 0, offsetof(Server, system_storage.metrics.n_max_files)
+Journal.RuntimeMaxUse, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_use)
+Journal.RuntimeMaxFileSize, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.max_size)
+Journal.RuntimeKeepFree, config_parse_iec_uint64, 0, offsetof(Server, runtime_storage.metrics.keep_free)
+Journal.RuntimeMaxFiles, config_parse_uint64, 0, offsetof(Server, runtime_storage.metrics.n_max_files)
+Journal.MaxRetentionSec, config_parse_sec, 0, offsetof(Server, max_retention_usec)
+Journal.MaxFileSec, config_parse_sec, 0, offsetof(Server, max_file_usec)
+Journal.ForwardToSyslog, config_parse_bool, 0, offsetof(Server, forward_to_syslog)
+Journal.ForwardToKMsg, config_parse_bool, 0, offsetof(Server, forward_to_kmsg)
+Journal.ForwardToConsole, config_parse_bool, 0, offsetof(Server, forward_to_console)
+Journal.ForwardToWall, config_parse_bool, 0, offsetof(Server, forward_to_wall)
+Journal.ForwardToSocket, config_parse_forward_to_socket, 0, offsetof(Server, forward_to_socket)
+Journal.TTYPath, config_parse_path, 0, offsetof(Server, tty_path)
+Journal.MaxLevelStore, config_parse_log_level, 0, offsetof(Server, max_level_store)
+Journal.MaxLevelSyslog, config_parse_log_level, 0, offsetof(Server, max_level_syslog)
+Journal.MaxLevelKMsg, config_parse_log_level, 0, offsetof(Server, max_level_kmsg)
+Journal.MaxLevelConsole, config_parse_log_level, 0, offsetof(Server, max_level_console)
+Journal.MaxLevelWall, config_parse_log_level, 0, offsetof(Server, max_level_wall)
+Journal.MaxLevelSocket, config_parse_log_level, 0, offsetof(Server, max_level_socket)
+Journal.SplitMode, config_parse_split_mode, 0, offsetof(Server, split_mode)
+Journal.LineMax, config_parse_line_max, 0, offsetof(Server, line_max)
diff --git a/src/journal/journald-kmsg.c b/src/journal/journald-kmsg.c
index 28d4880..78f6e1f 100644
--- a/src/journal/journald-kmsg.c
+++ b/src/journal/journald-kmsg.c
@@ -98,7 +98,7 @@ static bool is_us(const char *identifier, const char *pid) {
void dev_kmsg_record(Server *s, char *p, size_t l) {
- _cleanup_free_ char *message = NULL, *syslog_priority = NULL, *syslog_pid = NULL, *syslog_facility = NULL, *syslog_identifier = NULL, *source_time = NULL, *identifier = NULL, *pid = NULL;
+ _cleanup_free_ char *message = NULL, *syslog_pid = NULL, *syslog_identifier = NULL, *identifier = NULL, *pid = NULL;
struct iovec iovec[N_IOVEC_META_FIELDS + 7 + N_IOVEC_KERNEL_FIELDS + 2 + N_IOVEC_UDEV_FIELDS];
char *kernel_device = NULL;
unsigned long long usec;
@@ -253,16 +253,19 @@ void dev_kmsg_record(Server *s, char *p, size_t l) {
}
}
- if (asprintf(&source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu", usec) >= 0)
- iovec[n++] = IOVEC_MAKE_STRING(source_time);
+ char source_time[STRLEN("_SOURCE_MONOTONIC_TIMESTAMP=") + DECIMAL_STR_MAX(unsigned long long)];
+ xsprintf(source_time, "_SOURCE_MONOTONIC_TIMESTAMP=%llu", usec);
+ iovec[n++] = IOVEC_MAKE_STRING(source_time);
iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=kernel");
- if (asprintf(&syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK) >= 0)
- iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
+ char syslog_priority[STRLEN("PRIORITY=") + DECIMAL_STR_MAX(int)];
+ xsprintf(syslog_priority, "PRIORITY=%i", LOG_PRI(priority));
+ iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
- if (asprintf(&syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority)) >= 0)
- iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
+ char syslog_facility[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
+ xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
+ iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
if (LOG_FAC(priority) == LOG_KERN)
iovec[n++] = IOVEC_MAKE_STRING("SYSLOG_IDENTIFIER=kernel");
diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c
index 315ec0b..0600102 100644
--- a/src/journal/journald-native.c
+++ b/src/journal/journald-native.c
@@ -22,7 +22,6 @@
#include "journald-wall.h"
#include "memfd-util.h"
#include "memory-util.h"
-#include "missing_fcntl.h"
#include "parse-util.h"
#include "path-util.h"
#include "process-util.h"
@@ -54,13 +53,13 @@ static void server_process_entry_meta(
else if (l == 17 &&
startswith(p, "SYSLOG_FACILITY=") &&
p[16] >= '0' && p[16] <= '9')
- *priority = (*priority & LOG_PRIMASK) | ((p[16] - '0') << 3);
+ *priority = LOG_PRI(*priority) | ((p[16] - '0') << 3);
else if (l == 18 &&
startswith(p, "SYSLOG_FACILITY=") &&
p[16] >= '0' && p[16] <= '9' &&
p[17] >= '0' && p[17] <= '9')
- *priority = (*priority & LOG_PRIMASK) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
+ *priority = LOG_PRI(*priority) | (((p[16] - '0')*10 + (p[17] - '0')) << 3);
else if (l >= 19 &&
startswith(p, "SYSLOG_IDENTIFIER=")) {
@@ -327,7 +326,7 @@ void server_process_native_message(
} while (r == 0);
}
-void server_process_native_file(
+int server_process_native_file(
Server *s,
int fd,
const struct ucred *ucred,
@@ -343,30 +342,25 @@ void server_process_native_file(
assert(s);
assert(fd >= 0);
- if (fstat(fd, &st) < 0) {
- log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, "Failed to stat passed file, ignoring: %m");
- return;
- }
+ if (fstat(fd, &st) < 0)
+ return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
+ "Failed to stat passed file: %m");
r = stat_verify_regular(&st);
- if (r < 0) {
- log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT, "File passed is not regular, ignoring: %m");
- return;
- }
+ if (r < 0)
+ return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
+ "File passed is not regular, ignoring message: %m");
if (st.st_size <= 0)
- return;
+ return 0;
- int flags = fcntl(fd, F_GETFL);
- if (flags < 0) {
- log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT, "Failed to get flags of passed file, ignoring: %m");
- return;
- }
-
- if ((flags & ~(O_ACCMODE|RAW_O_LARGEFILE)) != 0) {
- log_ratelimit_error(JOURNAL_LOG_RATELIMIT, "Unexpected flags of passed memory fd, ignoring message: %m");
- return;
- }
+ r = fd_verify_safe_flags(fd);
+ if (r == -EREMOTEIO)
+ return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
+ "Unexpected flags of passed memory fd, ignoring message.");
+ if (r < 0)
+ return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
+ "Failed to get flags of passed file: %m");
/* If it's a memfd, check if it is sealed. If so, we can just mmap it and use it, and do not need to
* copy the data out. */
@@ -376,38 +370,30 @@ void server_process_native_file(
_cleanup_free_ char *k = NULL;
const char *e;
- /* If this is not a sealed memfd, and the peer is unknown or
- * unprivileged, then verify the path. */
+ /* If this is not a sealed memfd, and the peer is unknown or unprivileged, then verify the
+ * path. */
r = fd_get_path(fd, &k);
- if (r < 0) {
- log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
- "readlink(/proc/self/fd/%i) failed: %m", fd);
- return;
- }
+ if (r < 0)
+ return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
+ "Failed to get path of passed fd: %m");
e = PATH_STARTSWITH_SET(k, "/dev/shm/", "/tmp/", "/var/tmp/");
- if (!e) {
- log_ratelimit_error(JOURNAL_LOG_RATELIMIT,
- "Received file outside of allowed directories. Refusing.");
- return;
- }
+ if (!e)
+ return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EPERM), JOURNAL_LOG_RATELIMIT,
+ "Received file outside of allowed directories, refusing.");
- if (!filename_is_valid(e)) {
- log_ratelimit_error(JOURNAL_LOG_RATELIMIT,
- "Received file in subdirectory of allowed directories. Refusing.");
- return;
- }
+ if (!filename_is_valid(e))
+ return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EPERM), JOURNAL_LOG_RATELIMIT,
+ "Received file in subdirectory of allowed directories, refusing.");
}
/* When !sealed, set a lower memory limit. We have to read the file, effectively doubling memory
* use. */
- if (st.st_size > ENTRY_SIZE_MAX / (sealed ? 1 : 2)) {
- log_ratelimit_error(JOURNAL_LOG_RATELIMIT,
- "File passed too large (%"PRIu64" bytes). Ignoring.",
- (uint64_t) st.st_size);
- return;
- }
+ if (st.st_size > ENTRY_SIZE_MAX / (sealed ? 1 : 2))
+ return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EFBIG), JOURNAL_LOG_RATELIMIT,
+ "File passed too large (%"PRIu64" bytes), refusing.",
+ (uint64_t) st.st_size);
if (sealed) {
void *p;
@@ -418,67 +404,54 @@ void server_process_native_file(
ps = PAGE_ALIGN(st.st_size);
assert(ps < SIZE_MAX);
p = mmap(NULL, ps, PROT_READ, MAP_PRIVATE, fd, 0);
- if (p == MAP_FAILED) {
- log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
- "Failed to map memfd, ignoring: %m");
- return;
- }
+ if (p == MAP_FAILED)
+ return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
+ "Failed to map memfd: %m");
server_process_native_message(s, p, st.st_size, ucred, tv, label, label_len);
assert_se(munmap(p, ps) >= 0);
- } else {
- _cleanup_free_ void *p = NULL;
- struct statvfs vfs;
- ssize_t n;
-
- if (fstatvfs(fd, &vfs) < 0) {
- log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
- "Failed to stat file system of passed file, not processing it: %m");
- return;
- }
- /* Refuse operating on file systems that have
- * mandatory locking enabled, see:
- *
- * https://github.com/systemd/systemd/issues/1822
- */
- if (vfs.f_flag & ST_MANDLOCK) {
- log_ratelimit_error(JOURNAL_LOG_RATELIMIT,
- "Received file descriptor from file system with mandatory locking enabled, not processing it.");
- return;
- }
+ return 0;
+ }
- /* Make the fd non-blocking. On regular files this has
- * the effect of bypassing mandatory locking. Of
- * course, this should normally not be necessary given
- * the check above, but let's better be safe than
- * sorry, after all NFS is pretty confusing regarding
- * file system flags, and we better don't trust it,
- * and so is SMB. */
- r = fd_nonblock(fd, true);
- if (r < 0) {
- log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
- "Failed to make fd non-blocking, not processing it: %m");
- return;
- }
+ _cleanup_free_ void *p = NULL;
+ struct statvfs vfs;
+ ssize_t n;
+
+ if (fstatvfs(fd, &vfs) < 0)
+ return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
+ "Failed to stat file system of passed file: %m");
+
+ /* Refuse operating on file systems that have mandatory locking enabled.
+ * See also: https://github.com/systemd/systemd/issues/1822 */
+ if (FLAGS_SET(vfs.f_flag, ST_MANDLOCK))
+ return log_ratelimit_error_errno(SYNTHETIC_ERRNO(EPERM), JOURNAL_LOG_RATELIMIT,
+ "Received file descriptor from file system with mandatory locking enabled, not processing it.");
+
+ /* Make the fd non-blocking. On regular files this has the effect of bypassing mandatory
+ * locking. Of course, this should normally not be necessary given the check above, but let's
+ * better be safe than sorry, after all NFS is pretty confusing regarding file system flags,
+ * and we better don't trust it, and so is SMB. */
+ r = fd_nonblock(fd, true);
+ if (r < 0)
+ return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
+ "Failed to make fd non-blocking: %m");
- /* The file is not sealed, we can't map the file here, since
- * clients might then truncate it and trigger a SIGBUS for
- * us. So let's stupidly read it. */
+ /* The file is not sealed, we can't map the file here, since clients might then truncate it
+ * and trigger a SIGBUS for us. So let's stupidly read it. */
- p = malloc(st.st_size);
- if (!p) {
- log_oom();
- return;
- }
+ p = malloc(st.st_size);
+ if (!p)
+ return log_oom();
- n = pread(fd, p, st.st_size, 0);
- if (n < 0)
- log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
- "Failed to read file, ignoring: %m");
- else if (n > 0)
- server_process_native_message(s, p, n, ucred, tv, label, label_len);
- }
+ n = pread(fd, p, st.st_size, 0);
+ if (n < 0)
+ return log_ratelimit_error_errno(errno, JOURNAL_LOG_RATELIMIT,
+ "Failed to read file: %m");
+ if (n > 0)
+ server_process_native_message(s, p, n, ucred, tv, label, label_len);
+
+ return 0;
}
int server_open_native_socket(Server *s, const char *native_socket) {
diff --git a/src/journal/journald-native.h b/src/journal/journald-native.h
index 7bbaaed..10db267 100644
--- a/src/journal/journald-native.h
+++ b/src/journal/journald-native.h
@@ -12,7 +12,7 @@ void server_process_native_message(
const char *label,
size_t label_len);
-void server_process_native_file(
+int server_process_native_file(
Server *s,
int fd,
const struct ucred *ucred,
diff --git a/src/journal/journald-rate-limit.c b/src/journal/journald-rate-limit.c
index 1028e38..a1ae172 100644
--- a/src/journal/journald-rate-limit.c
+++ b/src/journal/journald-rate-limit.c
@@ -1,18 +1,13 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
-#include <errno.h>
-
#include "alloc-util.h"
#include "hashmap.h"
#include "journald-rate-limit.h"
-#include "list.h"
#include "logarithm.h"
-#include "random-util.h"
#include "string-util.h"
#include "time-util.h"
#define POOLS_MAX 5
-#define BUCKETS_MAX 127
#define GROUPS_MAX 2047
static const int priority_map[] = {
@@ -23,20 +18,17 @@ static const int priority_map[] = {
[LOG_WARNING] = 2,
[LOG_NOTICE] = 3,
[LOG_INFO] = 3,
- [LOG_DEBUG] = 4
+ [LOG_DEBUG] = 4,
};
-typedef struct JournalRateLimitPool JournalRateLimitPool;
-typedef struct JournalRateLimitGroup JournalRateLimitGroup;
-
-struct JournalRateLimitPool {
+typedef struct JournalRateLimitPool {
usec_t begin;
unsigned num;
unsigned suppressed;
-};
+} JournalRateLimitPool;
-struct JournalRateLimitGroup {
- JournalRateLimit *parent;
+typedef struct JournalRateLimitGroup {
+ OrderedHashmap *groups_by_id;
char *id;
@@ -44,116 +36,112 @@ struct JournalRateLimitGroup {
usec_t interval;
JournalRateLimitPool pools[POOLS_MAX];
- uint64_t hash;
-
- LIST_FIELDS(JournalRateLimitGroup, bucket);
- LIST_FIELDS(JournalRateLimitGroup, lru);
-};
-
-struct JournalRateLimit {
+} JournalRateLimitGroup;
- JournalRateLimitGroup* buckets[BUCKETS_MAX];
- JournalRateLimitGroup *lru, *lru_tail;
-
- unsigned n_groups;
-
- uint8_t hash_key[16];
-};
-
-JournalRateLimit *journal_ratelimit_new(void) {
- JournalRateLimit *r;
-
- r = new0(JournalRateLimit, 1);
- if (!r)
+static JournalRateLimitGroup* journal_ratelimit_group_free(JournalRateLimitGroup *g) {
+ if (!g)
return NULL;
- random_bytes(r->hash_key, sizeof(r->hash_key));
-
- return r;
-}
-
-static void journal_ratelimit_group_free(JournalRateLimitGroup *g) {
- assert(g);
-
- if (g->parent) {
- assert(g->parent->n_groups > 0);
-
- if (g->parent->lru_tail == g)
- g->parent->lru_tail = g->lru_prev;
-
- LIST_REMOVE(lru, g->parent->lru, g);
- LIST_REMOVE(bucket, g->parent->buckets[g->hash % BUCKETS_MAX], g);
-
- g->parent->n_groups--;
- }
+ if (g->groups_by_id && g->id)
+ /* The group is already removed from the hashmap when this is called from the
+ * destructor of the hashmap. Hence, do not check the return value here. */
+ ordered_hashmap_remove_value(g->groups_by_id, g->id, g);
free(g->id);
- free(g);
+ return mfree(g);
}
-void journal_ratelimit_free(JournalRateLimit *r) {
- assert(r);
+DEFINE_TRIVIAL_CLEANUP_FUNC(JournalRateLimitGroup*, journal_ratelimit_group_free);
- while (r->lru)
- journal_ratelimit_group_free(r->lru);
-
- free(r);
-}
+DEFINE_PRIVATE_HASH_OPS_WITH_VALUE_DESTRUCTOR(
+ journal_ratelimit_group_hash_ops,
+ char,
+ string_hash_func,
+ string_compare_func,
+ JournalRateLimitGroup,
+ journal_ratelimit_group_free);
static bool journal_ratelimit_group_expired(JournalRateLimitGroup *g, usec_t ts) {
- unsigned i;
-
assert(g);
- for (i = 0; i < POOLS_MAX; i++)
- if (g->pools[i].begin + g->interval >= ts)
+ FOREACH_ELEMENT(p, g->pools)
+ if (usec_add(p->begin, g->interval) >= ts)
return false;
return true;
}
-static void journal_ratelimit_vacuum(JournalRateLimit *r, usec_t ts) {
- assert(r);
+static void journal_ratelimit_vacuum(OrderedHashmap *groups_by_id, usec_t ts) {
/* Makes room for at least one new item, but drop all expired items too. */
- while (r->n_groups >= GROUPS_MAX ||
- (r->lru_tail && journal_ratelimit_group_expired(r->lru_tail, ts)))
- journal_ratelimit_group_free(r->lru_tail);
-}
+ while (ordered_hashmap_size(groups_by_id) >= GROUPS_MAX)
+ journal_ratelimit_group_free(ordered_hashmap_first(groups_by_id));
-static JournalRateLimitGroup* journal_ratelimit_group_new(JournalRateLimit *r, const char *id, usec_t interval, usec_t ts) {
JournalRateLimitGroup *g;
+ while ((g = ordered_hashmap_first(groups_by_id)) && journal_ratelimit_group_expired(g, ts))
+ journal_ratelimit_group_free(g);
+}
+
+static int journal_ratelimit_group_new(
+ OrderedHashmap **groups_by_id,
+ const char *id,
+ usec_t interval,
+ usec_t ts,
+ JournalRateLimitGroup **ret) {
- assert(r);
+ _cleanup_(journal_ratelimit_group_freep) JournalRateLimitGroup *g = NULL;
+ int r;
+
+ assert(groups_by_id);
assert(id);
+ assert(ret);
- g = new0(JournalRateLimitGroup, 1);
+ g = new(JournalRateLimitGroup, 1);
if (!g)
- return NULL;
+ return -ENOMEM;
- g->id = strdup(id);
+ *g = (JournalRateLimitGroup) {
+ .id = strdup(id),
+ .interval = interval,
+ };
if (!g->id)
- goto fail;
+ return -ENOMEM;
- g->hash = siphash24_string(g->id, r->hash_key);
+ journal_ratelimit_vacuum(*groups_by_id, ts);
- g->interval = interval;
+ r = ordered_hashmap_ensure_put(groups_by_id, &journal_ratelimit_group_hash_ops, g->id, g);
+ if (r < 0)
+ return r;
+ assert(r > 0);
- journal_ratelimit_vacuum(r, ts);
+ g->groups_by_id = *groups_by_id;
- LIST_PREPEND(bucket, r->buckets[g->hash % BUCKETS_MAX], g);
- LIST_PREPEND(lru, r->lru, g);
- if (!g->lru_next)
- r->lru_tail = g;
- r->n_groups++;
+ *ret = TAKE_PTR(g);
+ return 0;
+}
+
+static int journal_ratelimit_group_acquire(
+ OrderedHashmap **groups_by_id,
+ const char *id,
+ usec_t interval,
+ usec_t ts,
+ JournalRateLimitGroup **ret) {
- g->parent = r;
- return g;
+ JournalRateLimitGroup *g;
+
+ assert(groups_by_id);
+ assert(id);
+ assert(ret);
-fail:
- journal_ratelimit_group_free(g);
- return NULL;
+ g = ordered_hashmap_get(*groups_by_id, id);
+ if (!g)
+ return journal_ratelimit_group_new(groups_by_id, id, interval, ts, ret);
+
+ g->interval = interval;
+
+ *ret = g;
+ return 0;
}
static unsigned burst_modulate(unsigned burst, uint64_t available) {
@@ -184,13 +172,21 @@ static unsigned burst_modulate(unsigned burst, uint64_t available) {
return burst;
}
-int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interval, unsigned rl_burst, int priority, uint64_t available) {
- JournalRateLimitGroup *g, *found = NULL;
+int journal_ratelimit_test(
+ OrderedHashmap **groups_by_id,
+ const char *id,
+ usec_t rl_interval,
+ unsigned rl_burst,
+ int priority,
+ uint64_t available) {
+
+ JournalRateLimitGroup *g;
JournalRateLimitPool *p;
unsigned burst;
- uint64_t h;
usec_t ts;
+ int r;
+ assert(groups_by_id);
assert(id);
/* Returns:
@@ -200,33 +196,18 @@ int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interv
* < 0 → error
*/
- if (!r)
- return 1;
-
ts = now(CLOCK_MONOTONIC);
- h = siphash24_string(id, r->hash_key);
- g = r->buckets[h % BUCKETS_MAX];
-
- LIST_FOREACH(bucket, i, g)
- if (streq(i->id, id)) {
- found = i;
- break;
- }
-
- if (!found) {
- found = journal_ratelimit_group_new(r, id, rl_interval, ts);
- if (!found)
- return -ENOMEM;
- } else
- found->interval = rl_interval;
+ r = journal_ratelimit_group_acquire(groups_by_id, id, rl_interval, ts, &g);
+ if (r < 0)
+ return r;
if (rl_interval == 0 || rl_burst == 0)
return 1;
burst = burst_modulate(rl_burst, available);
- p = &found->pools[priority_map[priority]];
+ p = &g->pools[priority_map[priority]];
if (p->begin <= 0) {
p->suppressed = 0;
@@ -235,7 +216,7 @@ int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interv
return 1;
}
- if (p->begin + rl_interval < ts) {
+ if (usec_add(p->begin, rl_interval) < ts) {
unsigned s;
s = p->suppressed;
diff --git a/src/journal/journald-rate-limit.h b/src/journal/journald-rate-limit.h
index 8def60f..566bba4 100644
--- a/src/journal/journald-rate-limit.h
+++ b/src/journal/journald-rate-limit.h
@@ -1,10 +1,15 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
-#include "time-util.h"
+#include <inttypes.h>
-typedef struct JournalRateLimit JournalRateLimit;
+#include "hashmap.h"
+#include "time-util.h"
-JournalRateLimit *journal_ratelimit_new(void);
-void journal_ratelimit_free(JournalRateLimit *r);
-int journal_ratelimit_test(JournalRateLimit *r, const char *id, usec_t rl_interval, unsigned rl_burst, int priority, uint64_t available);
+int journal_ratelimit_test(
+ OrderedHashmap **groups_by_id,
+ const char *id,
+ usec_t rl_interval,
+ unsigned rl_burst,
+ int priority,
+ uint64_t available);
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 1c3a2a0..717c8e4 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -18,7 +18,9 @@
#include "audit-util.h"
#include "cgroup-util.h"
#include "conf-parser.h"
+#include "creds-util.h"
#include "dirent-util.h"
+#include "event-util.h"
#include "extract-word.h"
#include "fd-util.h"
#include "fileio.h"
@@ -39,9 +41,11 @@
#include "journald-native.h"
#include "journald-rate-limit.h"
#include "journald-server.h"
+#include "journald-socket.h"
#include "journald-stream.h"
#include "journald-syslog.h"
#include "log.h"
+#include "memory-util.h"
#include "missing_audit.h"
#include "mkdir.h"
#include "parse-util.h"
@@ -51,12 +55,13 @@
#include "rm-rf.h"
#include "selinux-util.h"
#include "signal-util.h"
+#include "socket-netlink.h"
#include "socket-util.h"
#include "stdio-util.h"
#include "string-table.h"
#include "string-util.h"
#include "syslog-util.h"
-#include "uid-alloc-range.h"
+#include "uid-classification.h"
#include "user-util.h"
#include "varlink-io.systemd.Journal.h"
@@ -87,6 +92,9 @@
#define FAILED_TO_WRITE_ENTRY_RATELIMIT ((const RateLimit) { .interval = 1 * USEC_PER_SEC, .burst = 1 })
+static int server_schedule_sync(Server *s, int priority);
+static int server_refresh_idle_timer(Server *s);
+
static int server_determine_path_usage(
Server *s,
const char *path,
@@ -289,11 +297,10 @@ static int server_open_journal(
s->compress.threshold_bytes,
metrics,
s->mmap,
- /* template= */ NULL,
&f);
else
r = journal_file_open(
- /* fd= */ -1,
+ /* fd= */ -EBADF,
fname,
open_flags,
file_flags,
@@ -328,6 +335,20 @@ static bool server_flushed_flag_is_set(Server *s) {
return access(fn, F_OK) >= 0;
}
+static void server_drop_flushed_flag(Server *s) {
+ const char *fn;
+
+ assert(s);
+
+ if (s->namespace)
+ return;
+
+ fn = strjoina(s->runtime_directory, "/flushed");
+ if (unlink(fn) < 0 && errno != ENOENT)
+ log_ratelimit_warning_errno(errno, JOURNAL_LOG_RATELIMIT,
+ "Failed to unlink %s, ignoring: %m", fn);
+}
+
static int server_system_journal_open(
Server *s,
bool flush_requested,
@@ -430,6 +451,7 @@ static int server_system_journal_open(
server_add_acls(s->runtime_journal, 0);
(void) cache_space_refresh(s, &s->runtime_storage);
patch_min_use(&s->runtime_storage);
+ server_drop_flushed_flag(s);
}
}
@@ -717,19 +739,46 @@ void server_rotate(Server *s) {
server_process_deferred_closes(s);
}
-void server_sync(Server *s) {
+static void server_rotate_journal(Server *s, JournalFile *f, uid_t uid) {
+ int r;
+
+ assert(s);
+ assert(f);
+
+ /* This is similar to server_rotate(), but rotates only specified journal file.
+ *
+ * 💣💣💣 This invalidate 'f', and the caller cannot reuse the passed JournalFile object. 💣💣💣 */
+
+ if (f == s->system_journal)
+ (void) server_do_rotate(s, &s->system_journal, "system", s->seal, /* uid= */ 0);
+ else if (f == s->runtime_journal)
+ (void) server_do_rotate(s, &s->runtime_journal, "runtime", /* seal= */ false, /* uid= */ 0);
+ else {
+ assert(ordered_hashmap_get(s->user_journals, UID_TO_PTR(uid)) == f);
+ r = server_do_rotate(s, &f, "user", s->seal, uid);
+ if (r >= 0)
+ ordered_hashmap_replace(s->user_journals, UID_TO_PTR(uid), f);
+ else if (!f)
+ /* Old file has been closed and deallocated */
+ ordered_hashmap_remove(s->user_journals, UID_TO_PTR(uid));
+ }
+
+ server_process_deferred_closes(s);
+}
+
+static void server_sync(Server *s, bool wait) {
JournalFile *f;
int r;
if (s->system_journal) {
- r = journal_file_set_offline(s->system_journal, false);
+ r = journal_file_set_offline(s->system_journal, wait);
if (r < 0)
log_ratelimit_warning_errno(r, JOURNAL_LOG_RATELIMIT,
"Failed to sync system journal, ignoring: %m");
}
ORDERED_HASHMAP_FOREACH(f, s->user_journals) {
- r = journal_file_set_offline(f, false);
+ r = journal_file_set_offline(f, wait);
if (r < 0)
log_ratelimit_warning_errno(r, JOURNAL_LOG_RATELIMIT,
"Failed to sync user journal, ignoring: %m");
@@ -899,47 +948,45 @@ static void server_write_to_journal(
uid_t uid,
const struct iovec *iovec,
size_t n,
+ const dual_timestamp *ts,
int priority) {
- bool vacuumed = false, rotate = false;
- struct dual_timestamp ts;
+ bool vacuumed = false;
JournalFile *f;
int r;
assert(s);
assert(iovec);
assert(n > 0);
+ assert(ts);
- /* Get the closest, linearized time we have for this log event from the event loop. (Note that we do not use
- * the source time, and not even the time the event was originally seen, but instead simply the time we started
- * processing it, as we want strictly linear ordering in what we write out.) */
- assert_se(sd_event_now(s->event, CLOCK_REALTIME, &ts.realtime) >= 0);
- assert_se(sd_event_now(s->event, CLOCK_MONOTONIC, &ts.monotonic) >= 0);
-
- if (ts.realtime < s->last_realtime_clock) {
+ if (ts->realtime < s->last_realtime_clock) {
/* When the time jumps backwards, let's immediately rotate. Of course, this should not happen during
* regular operation. However, when it does happen, then we should make sure that we start fresh files
* to ensure that the entries in the journal files are strictly ordered by time, in order to ensure
* bisection works correctly. */
log_ratelimit_info(JOURNAL_LOG_RATELIMIT, "Time jumped backwards, rotating.");
- rotate = true;
- } else {
+ server_rotate(s);
+ server_vacuum(s, /* verbose = */ false);
+ vacuumed = true;
+ }
- f = server_find_journal(s, uid);
- if (!f)
- return;
+ f = server_find_journal(s, uid);
+ if (!f)
+ return;
- if (journal_file_rotate_suggested(f, s->max_file_usec, LOG_DEBUG)) {
- log_debug("%s: Journal header limits reached or header out-of-date, rotating.",
- f->path);
- rotate = true;
+ if (journal_file_rotate_suggested(f, s->max_file_usec, LOG_DEBUG)) {
+ if (vacuumed) {
+ log_ratelimit_warning(JOURNAL_LOG_RATELIMIT,
+ "Suppressing rotation, as we already rotated immediately before write attempt. Giving up.");
+ return;
}
- }
- if (rotate) {
- server_rotate(s);
- server_vacuum(s, false);
+ log_debug("%s: Journal header limits reached or header out-of-date, rotating.", f->path);
+
+ server_rotate_journal(s, TAKE_PTR(f), uid);
+ server_vacuum(s, /* verbose = */ false);
vacuumed = true;
f = server_find_journal(s, uid);
@@ -947,11 +994,11 @@ static void server_write_to_journal(
return;
}
- s->last_realtime_clock = ts.realtime;
+ s->last_realtime_clock = ts->realtime;
r = journal_file_append_entry(
f,
- &ts,
+ ts,
/* boot_id= */ NULL,
iovec, n,
&s->seqnum->seqnum,
@@ -973,8 +1020,8 @@ static void server_write_to_journal(
return;
}
- server_rotate(s);
- server_vacuum(s, false);
+ server_rotate_journal(s, TAKE_PTR(f), uid);
+ server_vacuum(s, /* verbose = */ false);
f = server_find_journal(s, uid);
if (!f)
@@ -983,7 +1030,7 @@ static void server_write_to_journal(
log_debug_errno(r, "Retrying write.");
r = journal_file_append_entry(
f,
- &ts,
+ ts,
/* boot_id= */ NULL,
iovec, n,
&s->seqnum->seqnum,
@@ -1037,7 +1084,7 @@ static void server_dispatch_message_real(
int priority,
pid_t object_pid) {
- char source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)];
+ char source_time[STRLEN("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)];
_unused_ _cleanup_free_ char *cmdline1 = NULL, *cmdline2 = NULL;
uid_t journal_uid;
ClientContext *o;
@@ -1111,13 +1158,13 @@ static void server_dispatch_message_real(
IOVEC_ADD_STRING_FIELD(iovec, n, o->slice, "OBJECT_SYSTEMD_SLICE");
IOVEC_ADD_STRING_FIELD(iovec, n, o->user_slice, "OBJECT_SYSTEMD_USER_SLICE");
- IOVEC_ADD_ID128_FIELD(iovec, n, o->invocation_id, "OBJECT_SYSTEMD_INVOCATION_ID=");
+ IOVEC_ADD_ID128_FIELD(iovec, n, o->invocation_id, "OBJECT_SYSTEMD_INVOCATION_ID");
}
assert(n <= m);
if (tv) {
- sprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=" USEC_FMT, timeval_load(tv));
+ xsprintf(source_time, "_SOURCE_REALTIME_TIMESTAMP=" USEC_FMT, timeval_load(tv));
iovec[n++] = IOVEC_MAKE_STRING(source_time);
}
@@ -1152,7 +1199,15 @@ static void server_dispatch_message_real(
else
journal_uid = 0;
- server_write_to_journal(s, journal_uid, iovec, n, priority);
+ /* Get the closest, linearized time we have for this log event from the event loop. (Note that we do
+ * not use the source time, and not even the time the event was originally seen, but instead simply
+ * the time we started processing it, as we want strictly linear ordering in what we write out.) */
+ struct dual_timestamp ts;
+ event_dual_timestamp_now(s->event, &ts);
+
+ (void) server_forward_socket(s, iovec, n, &ts, priority);
+
+ server_write_to_journal(s, journal_uid, iovec, n, &ts, priority);
}
void server_driver_message(Server *s, pid_t object_pid, const char *message_id, const char *format, ...) {
@@ -1233,7 +1288,13 @@ void server_dispatch_message(
if (c && c->unit) {
(void) server_determine_space(s, &available, /* limit= */ NULL);
- rl = journal_ratelimit_test(s->ratelimit, c->unit, c->log_ratelimit_interval, c->log_ratelimit_burst, priority & LOG_PRIMASK, available);
+ rl = journal_ratelimit_test(
+ &s->ratelimit_groups_by_id,
+ c->unit,
+ c->log_ratelimit_interval,
+ c->log_ratelimit_burst,
+ LOG_PRI(priority),
+ available);
if (rl == 0)
return;
@@ -1275,11 +1336,19 @@ int server_flush_to_var(Server *s, bool require_flag_file) {
if (!s->system_journal)
return 0;
+ /* Offline and close the 'main' runtime journal file to allow the runtime journal to be opened with
+ * the SD_JOURNAL_ASSUME_IMMUTABLE flag in the below. */
+ s->runtime_journal = journal_file_offline_close(s->runtime_journal);
+
+ /* Reset current seqnum data to avoid unnecessary rotation when switching to system journal.
+ * See issue #30092. */
+ zero(*s->seqnum);
+
log_debug("Flushing to %s...", s->system_storage.path);
start = now(CLOCK_MONOTONIC);
- r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY);
+ r = sd_journal_open(&j, SD_JOURNAL_RUNTIME_ONLY | SD_JOURNAL_ASSUME_IMMUTABLE);
if (r < 0)
return log_ratelimit_error_errno(r, JOURNAL_LOG_RATELIMIT,
"Failed to read runtime journal: %m");
@@ -1318,8 +1387,8 @@ int server_flush_to_var(Server *s, bool require_flag_file) {
log_ratelimit_info(JOURNAL_LOG_RATELIMIT, "Rotating system journal.");
- server_rotate(s);
- server_vacuum(s, false);
+ server_rotate_journal(s, s->system_journal, /* uid = */ 0);
+ server_vacuum(s, /* verbose = */ false);
if (!s->system_journal) {
log_ratelimit_notice(JOURNAL_LOG_RATELIMIT,
@@ -1348,13 +1417,36 @@ finish:
if (s->system_journal)
journal_file_post_change(s->system_journal);
- s->runtime_journal = journal_file_offline_close(s->runtime_journal);
-
- if (r >= 0)
- (void) rm_rf(s->runtime_storage.path, REMOVE_ROOT);
+ /* Save parent directories of runtime journals before closing runtime journals. */
+ _cleanup_strv_free_ char **dirs = NULL;
+ (void) journal_get_directories(j, &dirs);
+ /* First, close all runtime journals opened in the above. */
sd_journal_close(j);
+ /* Remove the runtime directory if the all entries are successfully flushed to /var/. */
+ if (r >= 0) {
+ r = rm_rf(s->runtime_storage.path, REMOVE_ROOT);
+ if (r < 0)
+ log_debug_errno(r, "Failed to remove runtime journal directory %s, ignoring: %m", s->runtime_storage.path);
+ else
+ log_debug("Removed runtime journal directory %s.", s->runtime_storage.path);
+
+ /* The initrd may have a different machine ID from the host's one. Typically, that happens
+ * when our tests running on qemu, as the host's initrd is picked as is without updating
+ * the machine ID in the initrd with the one used in the image. Even in such the case, the
+ * runtime journals in the subdirectory named with the initrd's machine ID are flushed to
+ * the persistent journal. To make not the runtime journal flushed multiple times, let's
+ * also remove the runtime directories. */
+ STRV_FOREACH(p, dirs) {
+ r = rm_rf(*p, REMOVE_ROOT);
+ if (r < 0)
+ log_debug_errno(r, "Failed to remove additional runtime journal directory %s, ignoring: %m", *p);
+ else
+ log_debug("Removed additional runtime journal directory %s.", *p);
+ }
+ }
+
server_driver_message(s, 0, NULL,
LOG_MESSAGE("Time spent on flushing to %s is %s for %u entries.",
s->system_storage.path,
@@ -1373,7 +1465,6 @@ finish:
}
static int server_relinquish_var(Server *s) {
- const char *fn;
assert(s);
if (s->storage == STORAGE_NONE)
@@ -1393,11 +1484,6 @@ static int server_relinquish_var(Server *s) {
ordered_hashmap_clear_with_destructor(s->user_journals, journal_file_offline_close);
set_clear_with_destructor(s->deferred_closes, journal_file_offline_close);
- fn = strjoina(s->runtime_directory, "/flushed");
- if (unlink(fn) < 0 && errno != ENOENT)
- log_ratelimit_warning_errno(errno, JOURNAL_LOG_RATELIMIT,
- "Failed to unlink %s, ignoring: %m", fn);
-
server_refresh_idle_timer(s);
return 0;
}
@@ -1512,7 +1598,7 @@ int server_process_datagram(
if (n > 0 && n_fds == 0)
server_process_native_message(s, s->buffer, n, ucred, tv, label, label_len);
else if (n == 0 && n_fds == 1)
- server_process_native_file(s, fds[0], ucred, tv, label, label_len);
+ (void) server_process_native_file(s, fds[0], ucred, tv, label, label_len);
else if (n_fds > 0)
log_ratelimit_warning(JOURNAL_LOG_RATELIMIT,
"Got too many file descriptors via native socket. Ignoring.");
@@ -1537,7 +1623,7 @@ static void server_full_flush(Server *s) {
assert(s);
(void) server_flush_to_var(s, false);
- server_sync(s);
+ server_sync(s, /* wait = */ false);
server_vacuum(s, false);
server_space_usage_message(s, NULL);
@@ -1669,13 +1755,13 @@ fail:
return 0;
}
-static void server_full_sync(Server *s) {
+static void server_full_sync(Server *s, bool wait) {
const char *fn;
int r;
assert(s);
- server_sync(s);
+ server_sync(s, wait);
/* Let clients know when the most recent sync happened. */
fn = strjoina(s->runtime_directory, "/synced");
@@ -1683,15 +1769,13 @@ static void server_full_sync(Server *s) {
if (r < 0)
log_ratelimit_warning_errno(r, JOURNAL_LOG_RATELIMIT,
"Failed to write %s, ignoring: %m", fn);
-
- return;
}
static int dispatch_sigrtmin1(sd_event_source *es, const struct signalfd_siginfo *si, void *userdata) {
Server *s = ASSERT_PTR(userdata);
log_debug("Received SIGRTMIN1 signal from PID %u, as request to sync.", si->ssi_pid);
- server_full_sync(s);
+ server_full_sync(s, /* wait = */ false);
return 0;
}
@@ -1701,7 +1785,7 @@ static int server_setup_signals(Server *s) {
assert(s);
- assert_se(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, SIGRTMIN+1, SIGRTMIN+18, -1) >= 0);
+ assert_se(sigprocmask_many(SIG_SETMASK, NULL, SIGINT, SIGTERM, SIGUSR1, SIGUSR2, SIGRTMIN+1, SIGRTMIN+18) >= 0);
r = sd_event_add_signal(s->event, &s->sigusr1_event_source, SIGUSR1, dispatch_sigusr1, s);
if (r < 0)
@@ -1839,6 +1923,17 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
else
s->max_level_wall = r;
+ } else if (proc_cmdline_key_streq(key, "systemd.journald.max_level_socket")) {
+
+ if (proc_cmdline_value_missing(key, value))
+ return 0;
+
+ r = log_level_from_string(value);
+ if (r < 0)
+ log_warning("Failed to parse max level socket value \"%s\". Ignoring.", value);
+ else
+ s->max_level_socket = r;
+
} else if (startswith(key, "systemd.journald"))
log_warning("Unknown journald kernel command line option \"%s\". Ignoring.", key);
@@ -1847,39 +1942,44 @@ static int parse_proc_cmdline_item(const char *key, const char *value, void *dat
}
static int server_parse_config_file(Server *s) {
- const char *conf_file = "journald.conf";
+ const char *conf_file;
assert(s);
if (s->namespace)
- conf_file = strjoina("journald@", s->namespace, ".conf");
+ conf_file = strjoina("systemd/journald@", s->namespace, ".conf");
+ else
+ conf_file = "systemd/journald.conf";
- return config_parse_config_file(conf_file, "Journal\0",
- config_item_perf_lookup, journald_gperf_lookup,
- CONFIG_PARSE_WARN, s);
+ return config_parse_standard_file_with_dropins(
+ conf_file,
+ "Journal\0",
+ config_item_perf_lookup, journald_gperf_lookup,
+ CONFIG_PARSE_WARN,
+ /* userdata= */ s);
}
static int server_dispatch_sync(sd_event_source *es, usec_t t, void *userdata) {
Server *s = ASSERT_PTR(userdata);
- server_sync(s);
+ server_sync(s, /* wait = */ false);
return 0;
}
-int server_schedule_sync(Server *s, int priority) {
+static int server_schedule_sync(Server *s, int priority) {
int r;
assert(s);
if (priority <= LOG_CRIT) {
/* Immediately sync to disk when this is of priority CRIT, ALERT, EMERG */
- server_sync(s);
+ server_sync(s, /* wait = */ false);
return 0;
}
if (!s->event || sd_event_get_state(s->event) == SD_EVENT_FINISHED) {
/* Shutting down the server? Let's sync immediately. */
- server_sync(s);
+ server_sync(s, /* wait = */ false);
return 0;
}
@@ -2098,7 +2198,7 @@ static int synchronize_second_half(sd_event_source *event_source, void *userdata
/* This is the "second half" of the Synchronize() varlink method. This function is called as deferred
* event source at a low priority to ensure the synchronization completes after all queued log
* messages are processed. */
- server_full_sync(s);
+ server_full_sync(s, /* wait = */ true);
/* Let's get rid of the event source now, by marking it as non-floating again. It then has no ref
* anymore and is immediately destroyed after we return from this function, i.e. from this event
@@ -2303,7 +2403,7 @@ int server_map_seqnum_file(
return 0;
}
-void server_unmap_seqnum_file(void *p, size_t size) {
+static void server_unmap_seqnum_file(void *p, size_t size) {
assert(size > 0);
if (!p)
@@ -2373,7 +2473,7 @@ int server_start_or_stop_idle_timer(Server *s) {
return 1;
}
-int server_refresh_idle_timer(Server *s) {
+static int server_refresh_idle_timer(Server *s) {
int r;
assert(s);
@@ -2444,14 +2544,44 @@ static int server_setup_memory_pressure(Server *s) {
return 0;
}
-int server_init(Server *s, const char *namespace) {
- const char *native_socket, *syslog_socket, *stdout_socket, *varlink_socket, *e;
- _cleanup_fdset_free_ FDSet *fds = NULL;
- int n, r, fd, varlink_fd = -EBADF;
- bool no_sockets;
+static void server_load_credentials(Server *s) {
+ _cleanup_free_ void *data = NULL;
+ int r;
assert(s);
+ r = read_credential("journal.forward_to_socket", &data, NULL);
+ if (r < 0)
+ log_debug_errno(r, "Failed to read credential journal.forward_to_socket, ignoring: %m");
+ else {
+ r = socket_address_parse(&s->forward_to_socket, data);
+ if (r < 0)
+ log_debug_errno(r, "Failed to parse socket address '%s' from credential journal.forward_to_socket, ignoring: %m", (char *) data);
+ }
+
+ data = mfree(data);
+
+ r = read_credential("journal.storage", &data, NULL);
+ if (r < 0)
+ log_debug_errno(r, "Failed to read credential journal.storage, ignoring: %m");
+ else {
+ r = storage_from_string(data);
+ if (r < 0)
+ log_debug_errno(r, "Failed to parse storage '%s' from credential journal.storage, ignoring: %m", (char *) data);
+ else
+ s->storage = r;
+ }
+}
+
+int server_new(Server **ret) {
+ _cleanup_(server_freep) Server *s = NULL;
+
+ assert(ret);
+
+ s = new(Server, 1);
+ if (!s)
+ return -ENOMEM;
+
*s = (Server) {
.syslog_fd = -EBADF,
.native_fd = -EBADF,
@@ -2460,6 +2590,7 @@ int server_init(Server *s, const char *namespace) {
.audit_fd = -EBADF,
.hostname_fd = -EBADF,
.notify_fd = -EBADF,
+ .forward_socket_fd = -EBADF,
.compress.enabled = true,
.compress.threshold_bytes = UINT64_MAX,
@@ -2476,6 +2607,7 @@ int server_init(Server *s, const char *namespace) {
.ratelimit_burst = DEFAULT_RATE_LIMIT_BURST,
.forward_to_wall = true,
+ .forward_to_socket = { .sockaddr.sa.sa_family = AF_UNSPEC },
.max_file_usec = DEFAULT_MAX_FILE_USEC,
@@ -2484,6 +2616,7 @@ int server_init(Server *s, const char *namespace) {
.max_level_kmsg = LOG_NOTICE,
.max_level_console = LOG_INFO,
.max_level_wall = LOG_EMERG,
+ .max_level_socket = LOG_DEBUG,
.line_max = DEFAULT_LINE_MAX,
@@ -2499,6 +2632,18 @@ int server_init(Server *s, const char *namespace) {
.sigrtmin18_info.memory_pressure_userdata = s,
};
+ *ret = TAKE_PTR(s);
+ return 0;
+}
+
+int server_init(Server *s, const char *namespace) {
+ const char *native_socket, *syslog_socket, *stdout_socket, *varlink_socket, *e;
+ _cleanup_fdset_free_ FDSet *fds = NULL;
+ int n, r, varlink_fd = -EBADF;
+ bool no_sockets;
+
+ assert(s);
+
r = server_set_namespace(s, namespace);
if (r < 0)
return r;
@@ -2510,6 +2655,7 @@ int server_init(Server *s, const char *namespace) {
journal_reset_metrics(&s->system_storage.metrics);
journal_reset_metrics(&s->runtime_storage.metrics);
+ server_load_credentials(s);
server_parse_config_file(s);
if (!s->namespace) {
@@ -2562,7 +2708,7 @@ int server_init(Server *s, const char *namespace) {
syslog_socket = strjoina(s->runtime_directory, "/dev-log");
varlink_socket = strjoina(s->runtime_directory, "/io.systemd.journal");
- for (fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++) {
+ for (int fd = SD_LISTEN_FDS_START; fd < SD_LISTEN_FDS_START + n; fd++)
if (sd_is_socket_unix(fd, SOCK_DGRAM, -1, native_socket, 0) > 0) {
@@ -2615,12 +2761,11 @@ int server_init(Server *s, const char *namespace) {
if (r < 0)
return log_oom();
}
- }
/* Try to restore streams, but don't bother if this fails */
(void) server_restore_streams(s, fds);
- if (fdset_size(fds) > 0) {
+ if (!fdset_isempty(fds)) {
log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds));
fds = fdset_free(fds);
}
@@ -2683,10 +2828,6 @@ int server_init(Server *s, const char *namespace) {
if (r < 0)
return r;
- s->ratelimit = journal_ratelimit_new();
- if (!s->ratelimit)
- return log_oom();
-
r = cg_get_root_path(&s->cgroup_root);
if (r < 0)
return log_error_errno(r, "Failed to acquire cgroup root path: %m");
@@ -2721,6 +2862,7 @@ int server_init(Server *s, const char *namespace) {
return r;
server_start_or_stop_idle_timer(s);
+
return 0;
}
@@ -2739,8 +2881,9 @@ void server_maybe_append_tags(Server *s) {
#endif
}
-void server_done(Server *s) {
- assert(s);
+Server* server_free(Server *s) {
+ if (!s)
+ return NULL;
free(s->namespace);
free(s->namespace_field);
@@ -2783,9 +2926,9 @@ void server_done(Server *s) {
safe_close(s->audit_fd);
safe_close(s->hostname_fd);
safe_close(s->notify_fd);
+ safe_close(s->forward_socket_fd);
- if (s->ratelimit)
- journal_ratelimit_free(s->ratelimit);
+ ordered_hashmap_free(s->ratelimit_groups_by_id);
server_unmap_seqnum_file(s->seqnum, sizeof(*s->seqnum));
server_unmap_seqnum_file(s->kernel_seqnum, sizeof(*s->kernel_seqnum));
@@ -2799,6 +2942,8 @@ void server_done(Server *s) {
free(s->runtime_directory);
mmap_cache_unref(s->mmap);
+
+ return mfree(s);
}
static const char* const storage_table[_STORAGE_MAX] = {
@@ -2883,9 +3028,12 @@ int config_parse_compress(
void *data,
void *userdata) {
- JournalCompressOptions* compress = data;
+ JournalCompressOptions* compress = ASSERT_PTR(data);
int r;
+ assert(filename);
+ assert(rvalue);
+
if (isempty(rvalue)) {
compress->enabled = true;
compress->threshold_bytes = UINT64_MAX;
@@ -2912,3 +3060,33 @@ int config_parse_compress(
return 0;
}
+
+int config_parse_forward_to_socket(
+ const char* unit,
+ const char *filename,
+ unsigned line,
+ const char *section,
+ unsigned section_line,
+ const char *lvalue,
+ int ltype,
+ const char *rvalue,
+ void *data,
+ void *userdata) {
+
+ SocketAddress* addr = ASSERT_PTR(data);
+ int r;
+
+ assert(filename);
+ assert(rvalue);
+
+ if (isempty(rvalue))
+ *addr = (SocketAddress) { .sockaddr.sa.sa_family = AF_UNSPEC };
+ else {
+ r = socket_address_parse(addr, rvalue);
+ if (r < 0)
+ log_syntax(unit, LOG_WARNING, filename, line, r,
+ "Failed to parse ForwardToSocket= value, ignoring: %s", rvalue);
+ }
+
+ return 0;
+}
diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h
index 2a17676..5138908 100644
--- a/src/journal/journald-server.h
+++ b/src/journal/journald-server.h
@@ -5,6 +5,7 @@
#include <sys/types.h>
#include "sd-event.h"
+#include "socket-util.h"
typedef struct Server Server;
@@ -13,7 +14,6 @@ typedef struct Server Server;
#include "hashmap.h"
#include "journal-file.h"
#include "journald-context.h"
-#include "journald-rate-limit.h"
#include "journald-stream.h"
#include "list.h"
#include "prioq.h"
@@ -78,6 +78,7 @@ struct Server {
int audit_fd;
int hostname_fd;
int notify_fd;
+ int forward_socket_fd;
sd_event *event;
@@ -106,7 +107,7 @@ struct Server {
char *buffer;
- JournalRateLimit *ratelimit;
+ OrderedHashmap *ratelimit_groups_by_id;
usec_t sync_interval_usec;
usec_t ratelimit_interval;
unsigned ratelimit_burst;
@@ -123,6 +124,7 @@ struct Server {
bool forward_to_syslog;
bool forward_to_console;
bool forward_to_wall;
+ SocketAddress forward_to_socket;
unsigned n_forward_syslog_missed;
usec_t last_warn_forward_syslog_missed;
@@ -142,6 +144,7 @@ struct Server {
int max_level_kmsg;
int max_level_console;
int max_level_wall;
+ int max_level_socket;
Storage storage;
SplitMode split_mode;
@@ -158,8 +161,8 @@ struct Server {
bool sent_notify_ready:1;
bool sync_scheduled:1;
- char machine_id_field[sizeof("_MACHINE_ID=") + 32];
- char boot_id_field[sizeof("_BOOT_ID=") + 32];
+ char machine_id_field[STRLEN("_MACHINE_ID=") + SD_ID128_STRING_MAX];
+ char boot_id_field[STRLEN("_BOOT_ID=") + SD_ID128_STRING_MAX];
char *hostname_field;
char *namespace_field;
char *runtime_directory;
@@ -214,6 +217,7 @@ const struct ConfigPerfItem* journald_gperf_lookup(const char *key, GPERF_LEN_TY
CONFIG_PARSER_PROTOTYPE(config_parse_storage);
CONFIG_PARSER_PROTOTYPE(config_parse_line_max);
CONFIG_PARSER_PROTOTYPE(config_parse_compress);
+CONFIG_PARSER_PROTOTYPE(config_parse_forward_to_socket);
const char *storage_to_string(Storage s) _const_;
Storage storage_from_string(const char *s) _pure_;
@@ -223,19 +227,17 @@ CONFIG_PARSER_PROTOTYPE(config_parse_split_mode);
const char *split_mode_to_string(SplitMode s) _const_;
SplitMode split_mode_from_string(const char *s) _pure_;
+int server_new(Server **ret);
int server_init(Server *s, const char *namespace);
-void server_done(Server *s);
-void server_sync(Server *s);
+Server* server_free(Server *s);
+DEFINE_TRIVIAL_CLEANUP_FUNC(Server*, server_free);
void server_vacuum(Server *s, bool verbose);
void server_rotate(Server *s);
-int server_schedule_sync(Server *s, int priority);
int server_flush_to_var(Server *s, bool require_flag_file);
void server_maybe_append_tags(Server *s);
int server_process_datagram(sd_event_source *es, int fd, uint32_t revents, void *userdata);
void server_space_usage_message(Server *s, JournalStorage *storage);
int server_start_or_stop_idle_timer(Server *s);
-int server_refresh_idle_timer(Server *s);
int server_map_seqnum_file(Server *s, const char *fname, size_t size, void **ret);
-void server_unmap_seqnum_file(void *p, size_t size);
diff --git a/src/journal/journald-socket.c b/src/journal/journald-socket.c
new file mode 100644
index 0000000..a079624
--- /dev/null
+++ b/src/journal/journald-socket.c
@@ -0,0 +1,163 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/uio.h>
+
+#include "fd-util.h"
+#include "iovec-util.h"
+#include "journald-socket.h"
+#include "log.h"
+#include "macro.h"
+#include "process-util.h"
+#include "socket-util.h"
+#include "sparse-endian.h"
+
+static int server_open_forward_socket(Server *s) {
+ _cleanup_close_ int socket_fd = -EBADF;
+ const SocketAddress *addr;
+ int family;
+
+ assert(s);
+
+ /* Noop if there is nothing to do. */
+ if (s->forward_to_socket.sockaddr.sa.sa_family == AF_UNSPEC || s->namespace)
+ return 0;
+ /* All ready, nothing to do. */
+ if (s->forward_socket_fd >= 0)
+ return 1;
+
+ addr = &s->forward_to_socket;
+
+ family = socket_address_family(addr);
+
+ if (!IN_SET(family, AF_UNIX, AF_INET, AF_INET6, AF_VSOCK))
+ return log_debug_errno(SYNTHETIC_ERRNO(ESOCKTNOSUPPORT),
+ "Unsupported socket type for forward socket: %d", family);
+
+ socket_fd = socket(family, SOCK_STREAM|SOCK_CLOEXEC, 0);
+ if (socket_fd < 0)
+ return log_debug_errno(errno, "Failed to create forward socket, ignoring: %m");
+
+ if (connect(socket_fd, &addr->sockaddr.sa, addr->size) < 0)
+ return log_debug_errno(errno, "Failed to connect to remote address for forwarding, ignoring: %m");
+
+ s->forward_socket_fd = TAKE_FD(socket_fd);
+ log_debug("Successfully connected to remote address for forwarding.");
+ return 1;
+}
+
+static inline bool must_serialize(struct iovec iov) {
+ /* checks an iovec of the form FIELD=VALUE to see if VALUE needs binary safe serialisation:
+ * See https://systemd.io/JOURNAL_EXPORT_FORMATS/#journal-export-format for more information
+ * on binary safe serialisation for the journal export format */
+
+ assert(iov.iov_len == 0 || iov.iov_base);
+
+ const uint8_t *s = iov.iov_base;
+ bool before_value = true;
+
+ FOREACH_ARRAY(c, s, iov.iov_len)
+ if (before_value)
+ before_value = *c != (uint8_t)'=';
+ else if (*c < (uint8_t)' ' && *c != (uint8_t)'\t')
+ return true;
+
+ return false;
+}
+
+int server_forward_socket(
+ Server *s,
+ const struct iovec *iovec,
+ size_t n_iovec,
+ const dual_timestamp *ts,
+ int priority) {
+
+ _cleanup_free_ struct iovec *iov_alloc = NULL;
+ struct iovec *iov;
+ _cleanup_free_ le64_t *len_alloc = NULL;
+ le64_t *len;
+ int r;
+
+ assert(s);
+ assert(iovec);
+ assert(n_iovec > 0);
+ assert(ts);
+
+ if (LOG_PRI(priority) > s->max_level_socket)
+ return 0;
+
+ r = server_open_forward_socket(s);
+ if (r <= 0)
+ return r;
+
+ /* We need a newline after each iovec + 4 for each we have to serialize in a binary safe way
+ * + 2 for the final __REALTIME_TIMESTAMP and __MONOTONIC_TIMESTAMP metadata fields. */
+ size_t n = n_iovec * 5 + 2;
+
+ if (n < ALLOCA_MAX / (sizeof(struct iovec) + sizeof(le64_t)) / 2) {
+ iov = newa(struct iovec, n);
+ len = newa(le64_t, n_iovec);
+ } else {
+ iov_alloc = new(struct iovec, n);
+ if (!iov_alloc)
+ return log_oom();
+
+ iov = iov_alloc;
+
+ len_alloc = new(le64_t, n_iovec);
+ if (!len_alloc)
+ return log_oom();
+
+ len = len_alloc;
+ }
+
+ struct iovec nl = IOVEC_MAKE_STRING("\n");
+ size_t iov_idx = 0, len_idx = 0;
+ FOREACH_ARRAY(i, iovec, n_iovec) {
+ if (must_serialize(*i)) {
+ const uint8_t *c;
+ c = memchr(i->iov_base, '=', i->iov_len);
+
+ /* this should never happen */
+ if (_unlikely_(!c || c == i->iov_base))
+ return log_warning_errno(SYNTHETIC_ERRNO(EBADMSG),
+ "Found invalid journal field, refusing to forward.");
+
+ /* write the field name */
+ iov[iov_idx++] = IOVEC_MAKE(i->iov_base, c - (uint8_t*) i->iov_base);
+ iov[iov_idx++] = nl;
+
+ /* write the length of the value */
+ len[len_idx] = htole64(i->iov_len - (c - (uint8_t*) i->iov_base) - 1);
+ iov[iov_idx++] = IOVEC_MAKE(&len[len_idx++], sizeof(le64_t));
+
+ /* write the raw binary value */
+ iov[iov_idx++] = IOVEC_MAKE(c + 1, i->iov_len - (c - (uint8_t*) i->iov_base) - 1);
+ } else
+ /* if it doesn't need special treatment just write the value out */
+ iov[iov_idx++] = *i;
+
+ iov[iov_idx++] = nl;
+ }
+
+ /* Synthesise __REALTIME_TIMESTAMP and __MONOTONIC_TIMESTAMP as the last arguments so
+ * systemd-journal-upload can receive these export messages. */
+ char realtime_buf[STRLEN("__REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t) + 1];
+ xsprintf(realtime_buf, "__REALTIME_TIMESTAMP="USEC_FMT"\n", ts->realtime);
+ iov[iov_idx++] = IOVEC_MAKE_STRING(realtime_buf);
+
+ char monotonic_buf[STRLEN("__MONOTONIC_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t) + 2];
+ xsprintf(monotonic_buf, "__MONOTONIC_TIMESTAMP="USEC_FMT"\n\n", ts->monotonic);
+ iov[iov_idx++] = IOVEC_MAKE_STRING(monotonic_buf);
+
+ if (writev(s->forward_socket_fd, iov, iov_idx) < 0) {
+ log_debug_errno(errno, "Failed to forward log message over socket: %m");
+
+ /* If we failed to send once we will probably fail again so wait for a new connection to
+ * establish before attempting to forward again. */
+ s->forward_socket_fd = safe_close(s->forward_socket_fd);
+ }
+
+ return 0;
+}
diff --git a/src/journal/journald-socket.h b/src/journal/journald-socket.h
new file mode 100644
index 0000000..2373953
--- /dev/null
+++ b/src/journal/journald-socket.h
@@ -0,0 +1,7 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#pragma once
+
+#include "journald-server.h"
+#include "socket-util.h"
+
+int server_forward_socket(Server *s, const struct iovec *iovec, size_t n, const dual_timestamp *ts, int priority);
diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c
index 81a0e68..e8437e3 100644
--- a/src/journal/journald-stream.c
+++ b/src/journal/journald-stream.c
@@ -310,7 +310,7 @@ static int stdout_stream_log(
syslog_priority[STRLEN("PRIORITY=")] = '0' + LOG_PRI(priority);
iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
- if (priority & LOG_FACMASK) {
+ if (LOG_FAC(priority) != 0) {
xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
}
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index f6accb5..4ad73ed 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -177,8 +177,8 @@ void server_forward_syslog(Server *s, int priority, const char *identifier, cons
int syslog_fixup_facility(int priority) {
- if ((priority & LOG_FACMASK) == 0)
- return (priority & LOG_PRIMASK) | LOG_USER;
+ if (LOG_FAC(priority) == 0)
+ return LOG_PRI(priority) | LOG_USER;
return priority;
}
@@ -314,8 +314,8 @@ void server_process_syslog_message(
const char *label,
size_t label_len) {
- char *t, syslog_priority[sizeof("PRIORITY=") + DECIMAL_STR_MAX(int)],
- syslog_facility[sizeof("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
+ char *t, syslog_priority[STRLEN("PRIORITY=") + DECIMAL_STR_MAX(int)],
+ syslog_facility[STRLEN("SYSLOG_FACILITY=") + DECIMAL_STR_MAX(int)];
const char *msg, *syslog_ts, *a;
_cleanup_free_ char *identifier = NULL, *pid = NULL,
*dummy = NULL, *msg_msg = NULL, *msg_raw = NULL;
@@ -403,10 +403,10 @@ void server_process_syslog_message(
iovec[n++] = IOVEC_MAKE_STRING("_TRANSPORT=syslog");
- xsprintf(syslog_priority, "PRIORITY=%i", priority & LOG_PRIMASK);
+ xsprintf(syslog_priority, "PRIORITY=%i", LOG_PRI(priority));
iovec[n++] = IOVEC_MAKE_STRING(syslog_priority);
- if (priority & LOG_FACMASK) {
+ if (LOG_FAC(priority) != 0) {
xsprintf(syslog_facility, "SYSLOG_FACILITY=%i", LOG_FAC(priority));
iovec[n++] = IOVEC_MAKE_STRING(syslog_facility);
}
diff --git a/src/journal/journald.c b/src/journal/journald.c
index 94aad05..2f013c2 100644
--- a/src/journal/journald.c
+++ b/src/journal/journald.c
@@ -10,19 +10,19 @@
#include "journald-kmsg.h"
#include "journald-server.h"
#include "journald-syslog.h"
+#include "main-func.h"
#include "process-util.h"
#include "sigbus.h"
+#include "terminal-util.h"
-int main(int argc, char *argv[]) {
+static int run(int argc, char *argv[]) {
+ _cleanup_(server_freep) Server *s = NULL;
const char *namespace;
LogTarget log_target;
- Server server;
int r;
- if (argc > 2) {
- log_error("This program takes one or no arguments.");
- return EXIT_FAILURE;
- }
+ if (argc > 2)
+ return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "This program takes one or no arguments.");
namespace = argc > 1 ? empty_to_null(argv[1]) : NULL;
@@ -36,7 +36,7 @@ int main(int argc, char *argv[]) {
* daemon when it comes to logging hence LOG_TARGET_AUTO won't do the right thing for
* us. Hence explicitly log to the console if we're started from a console or to kmsg
* otherwise. */
- log_target = isatty(STDERR_FILENO) > 0 ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG;
+ log_target = isatty(STDERR_FILENO) ? LOG_TARGET_CONSOLE : LOG_TARGET_KMSG;
log_set_prohibit_ipc(true); /* better safe than sorry */
log_set_target(log_target);
@@ -48,20 +48,24 @@ int main(int argc, char *argv[]) {
sigbus_install();
- r = server_init(&server, namespace);
+ r = server_new(&s);
+ if (r < 0)
+ return log_oom();
+
+ r = server_init(s, namespace);
if (r < 0)
- goto finish;
+ return r;
- server_vacuum(&server, false);
- server_flush_to_var(&server, true);
- server_flush_dev_kmsg(&server);
+ server_vacuum(s, /* verbose = */ false);
+ server_flush_to_var(s, /* require_flag_file = */ true);
+ server_flush_dev_kmsg(s);
- if (server.namespace)
- log_debug("systemd-journald running as PID "PID_FMT" for namespace '%s'.", getpid_cached(), server.namespace);
+ if (s->namespace)
+ log_debug("systemd-journald running as PID "PID_FMT" for namespace '%s'.", getpid_cached(), s->namespace);
else
log_debug("systemd-journald running as PID "PID_FMT" for the system.", getpid_cached());
- server_driver_message(&server, 0,
+ server_driver_message(s, 0,
"MESSAGE_ID=" SD_MESSAGE_JOURNAL_START_STR,
LOG_MESSAGE("Journal started"),
NULL);
@@ -69,70 +73,63 @@ int main(int argc, char *argv[]) {
/* Make sure to send the usage message *after* flushing the
* journal so entries from the runtime journals are ordered
* before this message. See #4190 for some details. */
- server_space_usage_message(&server, NULL);
+ server_space_usage_message(s, NULL);
for (;;) {
- usec_t t = USEC_INFINITY, n;
+ usec_t t, n;
- r = sd_event_get_state(server.event);
- if (r < 0) {
- log_error_errno(r, "Failed to get event loop state: %m");
- goto finish;
- }
+ r = sd_event_get_state(s->event);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get event loop state: %m");
if (r == SD_EVENT_FINISHED)
break;
- n = now(CLOCK_REALTIME);
+ r = sd_event_now(s->event, CLOCK_REALTIME, &n);
+ if (r < 0)
+ return log_error_errno(r, "Failed to get the current time: %m");
- if (server.max_retention_usec > 0 && server.oldest_file_usec > 0) {
+ if (s->max_retention_usec > 0 && s->oldest_file_usec > 0) {
+ /* Calculate when to rotate the next time */
+ t = usec_sub_unsigned(usec_add(s->oldest_file_usec, s->max_retention_usec), n);
/* The retention time is reached, so let's vacuum! */
- if (server.oldest_file_usec + server.max_retention_usec < n) {
+ if (t <= 0) {
log_info("Retention time reached, rotating.");
- server_rotate(&server);
- server_vacuum(&server, false);
+ server_rotate(s);
+ server_vacuum(s, /* verbose = */ false);
continue;
}
-
- /* Calculate when to rotate the next time */
- t = server.oldest_file_usec + server.max_retention_usec - n;
- }
+ } else
+ t = USEC_INFINITY;
#if HAVE_GCRYPT
- if (server.system_journal) {
+ if (s->system_journal) {
usec_t u;
- if (journal_file_next_evolve_usec(server.system_journal, &u)) {
- if (n >= u)
- t = 0;
- else
- t = MIN(t, u - n);
- }
+ if (journal_file_next_evolve_usec(s->system_journal, &u))
+ t = MIN(t, usec_sub_unsigned(u, n));
}
#endif
- r = sd_event_run(server.event, t);
- if (r < 0) {
- log_error_errno(r, "Failed to run event loop: %m");
- goto finish;
- }
+ r = sd_event_run(s->event, t);
+ if (r < 0)
+ return log_error_errno(r, "Failed to run event loop: %m");
- server_maybe_append_tags(&server);
- server_maybe_warn_forward_syslog_missed(&server);
+ server_maybe_append_tags(s);
+ server_maybe_warn_forward_syslog_missed(s);
}
- if (server.namespace)
- log_debug("systemd-journald stopped as PID "PID_FMT" for namespace '%s'.", getpid_cached(), server.namespace);
+ if (s->namespace)
+ log_debug("systemd-journald stopped as PID "PID_FMT" for namespace '%s'.", getpid_cached(), s->namespace);
else
log_debug("systemd-journald stopped as PID "PID_FMT" for the system.", getpid_cached());
- server_driver_message(&server, 0,
+ server_driver_message(s, 0,
"MESSAGE_ID=" SD_MESSAGE_JOURNAL_STOP_STR,
LOG_MESSAGE("Journal stopped"),
NULL);
-finish:
- server_done(&server);
-
- return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
+ return 0;
}
+
+DEFINE_MAIN_FUNCTION(run);
diff --git a/src/journal/journald.conf b/src/journal/journald.conf
index 7b9e232..13cdd63 100644
--- a/src/journal/journald.conf
+++ b/src/journal/journald.conf
@@ -44,6 +44,7 @@
#MaxLevelKMsg=notice
#MaxLevelConsole=info
#MaxLevelWall=emerg
+#MaxLevelSocket=debug
#LineMax=48K
#ReadKMsg=yes
#Audit=yes
diff --git a/src/journal/meson.build b/src/journal/meson.build
index 36600bf..9f0e699 100644
--- a/src/journal/meson.build
+++ b/src/journal/meson.build
@@ -12,6 +12,7 @@ sources = files(
'journald-stream.c',
'journald-syslog.c',
'journald-wall.c',
+ 'journald-socket.c',
)
sources += custom_target(
@@ -28,11 +29,24 @@ libjournal_core = static_library(
userspace],
build_by_default : false)
+journalctl_sources = files(
+ 'journalctl.c',
+ 'journalctl-catalog.c',
+ 'journalctl-filter.c',
+ 'journalctl-misc.c',
+ 'journalctl-show.c',
+ 'journalctl-util.c',
+ 'journalctl-varlink.c',
+)
+
+if conf.get('HAVE_GCRYPT') == 1
+ journalctl_sources += files('journalctl-authenticate.c')
+endif
+
if get_option('link-journalctl-shared')
journalctl_link_with = [libshared]
else
journalctl_link_with = [
- libbasic_gcrypt,
libshared_static,
libsystemd_static,
]
@@ -62,10 +76,10 @@ executables += [
libshared,
],
'dependencies' : [
- liblz4,
+ liblz4_cflags,
libselinux,
- libxz,
- libzstd,
+ libxz_cflags,
+ libzstd_cflags,
threads,
],
},
@@ -90,30 +104,36 @@ executables += [
executable_template + {
'name' : 'journalctl',
'public' : true,
- 'sources' : files('journalctl.c'),
+ 'sources' : journalctl_sources,
'link_with' : journalctl_link_with,
'dependencies' : [
libdl,
- liblz4,
- libxz,
- libzstd,
+ liblz4_cflags,
+ libxz_cflags,
+ libzstd_cflags,
threads,
],
},
journal_test_template + {
'sources' : files('test-journald-config.c'),
'dependencies' : [
- liblz4,
+ liblz4_cflags,
libselinux,
- libxz,
+ libxz_cflags,
],
},
+ test_template + {
+ 'sources' : files(
+ 'test-journald-rate-limit.c',
+ 'journald-rate-limit.c',
+ ),
+ },
journal_test_template + {
'sources' : files('test-journald-syslog.c'),
'dependencies' : [
- liblz4,
+ liblz4_cflags,
libselinux,
- libxz,
+ libxz_cflags,
threads,
],
},
diff --git a/src/journal/test-journald-config.c b/src/journal/test-journald-config.c
index 1a6c531..900b1db 100644
--- a/src/journal/test-journald-config.c
+++ b/src/journal/test-journald-config.c
@@ -1,8 +1,15 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
+#include <netinet/in.h>
#include <stdbool.h>
+#include <string.h>
+#include <sys/un.h>
#include "journald-server.h"
+#include "log.h"
+#include "path-util.h"
+#include "socket-util.h"
+#include "sparse-endian.h"
#include "tests.h"
#define _COMPRESS_PARSE_CHECK(str, enab, thresh, varname) \
@@ -47,4 +54,125 @@ TEST(config_compress) {
COMPRESS_PARSE_CHECK("", true, UINT64_MAX);
}
+#define _FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(str, addr, varname) \
+ do { \
+ SocketAddress varname = {}; \
+ config_parse_forward_to_socket("", "", 0, "", 0, "", 0, str, \
+ &varname, NULL); \
+ assert_se(socket_address_verify(&varname, true) < 0); \
+ } while (0)
+
+#define FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(str) \
+ _FORWARD_TO_SOCKET_PARSE_CHECK_FAILS(str, addr, conf##__COUNTER__)
+
+#define _FORWARD_TO_SOCKET_PARSE_CHECK(str, addr, varname) \
+ do { \
+ SocketAddress varname = {}; \
+ config_parse_forward_to_socket("", "", 0, "", 0, "", 0, str, \
+ &varname, NULL); \
+ buf = mfree(buf); \
+ buf2 = mfree(buf2); \
+ socket_address_print(&varname, &buf); \
+ socket_address_print(&addr, &buf2); \
+ log_info("\"%s\" parsed as \"%s\", should be \"%s\"", str, buf, buf2); \
+ log_info("socket_address_verify(&addr, false) = %d", socket_address_verify(&addr, false)); \
+ log_info("socket_address_verify(&varname, false) = %d", socket_address_verify(&varname, false)); \
+ log_info("socket_address_family(&addr) = %d", socket_address_family(&addr)); \
+ log_info("socket_address_family(&varname) = %d", socket_address_family(&varname)); \
+ log_info("addr.size = %u", addr.size); \
+ log_info("varname.size = %u", varname.size); \
+ assert_se(socket_address_equal(&varname, &addr)); \
+ } while (0)
+
+#define FORWARD_TO_SOCKET_PARSE_CHECK(str, addr) \
+ _FORWARD_TO_SOCKET_PARSE_CHECK(str, addr, conf##__COUNTER__)
+
+TEST(config_forward_to_socket) {
+ SocketAddress addr;
+ _cleanup_free_ char *buf = NULL, *buf2 = NULL;
+
+ /* Valid AF_UNIX */
+ addr = (SocketAddress) {
+ .sockaddr.un = (struct sockaddr_un) {
+ .sun_family = AF_UNIX,
+ .sun_path = "/run/host/journal/socket",
+ },
+ .size = offsetof(struct sockaddr_un, sun_path) + strlen("/run/host/journal/socket") + 1,
+ };
+ FORWARD_TO_SOCKET_PARSE_CHECK("/run/host/journal/socket", addr);
+
+ addr.size -= 1;
+ memcpy(addr.sockaddr.un.sun_path, "\0run/host/journal/socket", sizeof("\0run/host/journal/socket"));
+ FORWARD_TO_SOCKET_PARSE_CHECK("@run/host/journal/socket", addr);
+
+ /* Valid AF_INET */
+ addr = (SocketAddress) {
+ .sockaddr.in = (struct sockaddr_in) {
+ .sin_family = AF_INET,
+ .sin_addr = { htobe32(0xC0A80001) },
+ .sin_port = htobe16(1234),
+ },
+ .size = sizeof(struct sockaddr_in),
+ };
+ FORWARD_TO_SOCKET_PARSE_CHECK("192.168.0.1:1234", addr);
+
+ /* Valid AF_INET6 */
+ addr = (SocketAddress) {
+ .sockaddr.in6 = (struct sockaddr_in6) {
+ .sin6_family = AF_INET6,
+ .sin6_addr = (struct in6_addr) {
+ .s6_addr16 = {
+ htobe16(0x2001),
+ htobe16(0xdb8),
+ htobe16(0x4006),
+ htobe16(0x812),
+ 0, 0, 0,
+ htobe16(0x200e)
+ }
+ },
+ .sin6_port = htobe16(8080),
+ },
+ .size = sizeof(struct sockaddr_in6),
+ };
+ FORWARD_TO_SOCKET_PARSE_CHECK("[2001:db8:4006:812::200e]:8080", addr);
+
+ /* Valid AF_VSOCK */
+ addr = (SocketAddress) {
+ .sockaddr.vm = (struct sockaddr_vm) {
+ .svm_family = AF_VSOCK,
+ .svm_cid = 123456,
+ .svm_port = 654321,
+ },
+ .size = sizeof(struct sockaddr_vm),
+ };
+ FORWARD_TO_SOCKET_PARSE_CHECK("vsock:123456:654321", addr);
+
+ /* Invalid IPv4 */
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("256.123.45.12:1235");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("252.123.45.12:123500");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("252.123.45.12:0");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("252.123.45.12:-1");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("-1.123.45.12:22");
+
+ /* Invalid IPv6 */
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[2001:db8:4006:812::200e]:80800");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[1ffff:db8:4006:812::200e]:8080");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[-1:db8:4006:812::200e]:8080");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("[2001:db8:4006:812::200e]:-1");
+
+ /* Invalid UNIX */
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("a/b/c");
+
+ /* Invalid VSock */
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:4294967296:1234");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:1234:4294967296");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:abcd:1234");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:1234:abcd");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("vsock:1234");
+
+ /* Invalid Case */
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("");
+ FORWARD_TO_SOCKET_PARSE_CHECK_FAILS("ahh yes sockets, mmh");
+}
+
DEFINE_TEST_MAIN(LOG_INFO);
diff --git a/src/journal/test-journald-rate-limit.c b/src/journal/test-journald-rate-limit.c
new file mode 100644
index 0000000..a08faba
--- /dev/null
+++ b/src/journal/test-journald-rate-limit.c
@@ -0,0 +1,40 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "journald-rate-limit.h"
+#include "tests.h"
+
+TEST(journal_ratelimit_test) {
+ _cleanup_ordered_hashmap_free_ OrderedHashmap *rl = NULL;
+ int r;
+
+ for (unsigned i = 0; i < 20; i++) {
+ r = journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_DEBUG, 0);
+ assert_se(r == (i < 10 ? 1 : 0));
+ r = journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_DEBUG, 0);
+ assert_se(r == (i < 10 ? 1 : 0));
+ }
+
+ /* Different priority group with the same ID is not ratelimited. */
+ assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_INFO, 0) == 1);
+ assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_INFO, 0) == 1);
+ /* Still LOG_DEBUG is ratelimited. */
+ assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 0);
+ assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_DEBUG, 0) == 0);
+ /* Different ID is not ratelimited. */
+ assert_se(journal_ratelimit_test(&rl, "quux", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 1);
+
+ usleep_safe(USEC_PER_SEC);
+
+ /* The ratelimit is now expired (11 trials are suppressed, so the return value should be 12). */
+ assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 1 + 11);
+
+ /* foo is still ratelimited. */
+ assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_DEBUG, 0) == 0);
+
+ /* Still other priority and/or other IDs are not ratelimited. */
+ assert_se(journal_ratelimit_test(&rl, "hoge", USEC_PER_SEC, 10, LOG_INFO, 0) == 1);
+ assert_se(journal_ratelimit_test(&rl, "foo", 10 * USEC_PER_SEC, 10, LOG_INFO, 0) == 1);
+ assert_se(journal_ratelimit_test(&rl, "quux", USEC_PER_SEC, 10, LOG_DEBUG, 0) == 1);
+}
+
+DEFINE_TEST_MAIN(LOG_INFO);