summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2011-12-17 01:13:55 +0100
committerLennart Poettering <lennart@poettering.net>2011-12-17 01:13:55 +0100
commitcab8ac60837b489b27a247990f741315c71cb389 (patch)
treec5eb0e242f349e0d61f8cd92c7e85e12049e2b90
parent7f3e62571a63ac90de6ac5eefeeb8d3e9aa6f49e (diff)
journal: enforce limits on open journal files
-rw-r--r--src/journal/journald.c9
-rw-r--r--src/journal/sd-journal.c8
-rw-r--r--src/journal/sd-journal.h2
3 files changed, 16 insertions, 3 deletions
diff --git a/src/journal/journald.c b/src/journal/journald.c
index 453495a964..6b774f499d 100644
--- a/src/journal/journald.c
+++ b/src/journal/journald.c
@@ -38,6 +38,8 @@
#include "acl-util.h"
#include "cgroup-util.h"
+#define USER_JOURNALS_MAX 1024
+
typedef struct Server {
int epoll_fd;
int signal_fd;
@@ -127,6 +129,13 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
if (asprintf(&p, "/var/log/journal/%s/user-%lu.journal", sd_id128_to_string(machine, ids), (unsigned long) uid) < 0)
return s->system_journal;
+ while (hashmap_size(s->user_journals) >= USER_JOURNALS_MAX) {
+ /* Too many open? Then let's close one */
+ f = hashmap_steal_first(s->user_journals);
+ assert(f);
+ journal_file_close(f);
+ }
+
r = journal_file_open(p, O_RDWR|O_CREAT, 0640, s->system_journal, &f);
free(p);
diff --git a/src/journal/sd-journal.c b/src/journal/sd-journal.c
index 85c57170d5..bcfcbfb9e1 100644
--- a/src/journal/sd-journal.c
+++ b/src/journal/sd-journal.c
@@ -30,6 +30,8 @@
#include "list.h"
#include "lookup3.h"
+#define JOURNAL_FILES_MAX 1024
+
typedef struct Match Match;
struct Match {
@@ -932,6 +934,11 @@ static int add_file(sd_journal *j, const char *prefix, const char *dir, const ch
assert(prefix);
assert(filename);
+ if (hashmap_size(j->files) >= JOURNAL_FILES_MAX) {
+ log_debug("Too many open journal files, ignoring.");
+ return 0;
+ }
+
if (dir)
fn = join(prefix, "/", dir, "/", filename, NULL);
else
@@ -952,7 +959,6 @@ static int add_file(sd_journal *j, const char *prefix, const char *dir, const ch
journal_file_dump(f);
-
r = hashmap_put(j->files, f->path, f);
if (r < 0) {
journal_file_close(f);
diff --git a/src/journal/sd-journal.h b/src/journal/sd-journal.h
index e42293ffe7..b167dcf097 100644
--- a/src/journal/sd-journal.h
+++ b/src/journal/sd-journal.h
@@ -34,12 +34,10 @@
* - check LE/BE conversion for 8bit, 16bit, 32bit values
* - implement inotify usage on client
* - implement audit gateway
- * - implement native gateway
* - implement stdout gateway
* - extend hash tables table as we go
* - accelerate looking for "all hostnames" and suchlike.
* - throttling
- * - enforce limit on open journal files in journald and journalctl
* - cryptographic hash
* - fix space reservation logic
* - comm, argv can be manipulated, should it be _COMM=, _CMDLINE= or COMM=, CMDLINE=?