summaryrefslogtreecommitdiff
path: root/src/journal
diff options
context:
space:
mode:
Diffstat (limited to 'src/journal')
-rw-r--r--src/journal/compress.c2
-rw-r--r--src/journal/journal-send.c10
-rw-r--r--src/journal/journald-native.c2
-rw-r--r--src/journal/journald-server.c59
-rw-r--r--src/journal/journald-server.h1
-rw-r--r--src/journal/journald-stream.c2
-rw-r--r--src/journal/journald-syslog.c2
-rw-r--r--src/journal/test-journal-send.c89
8 files changed, 78 insertions, 89 deletions
diff --git a/src/journal/compress.c b/src/journal/compress.c
index e1ca0a8818..1a3d2cdd80 100644
--- a/src/journal/compress.c
+++ b/src/journal/compress.c
@@ -201,7 +201,7 @@ int decompress_blob_lz4(const void *src, uint64_t src_size,
return -EBADMSG;
size = le64toh( *(le64_t*)src );
- if (size < 0 || (le64_t) size != *(le64_t*)src)
+ if (size < 0 || (unsigned) size != le64toh(*(le64_t*)src))
return -EFBIG;
if ((size_t) size > *dst_alloc_size) {
out = realloc(*dst, size);
diff --git a/src/journal/journal-send.c b/src/journal/journal-send.c
index fa5dee73c3..44fa11a00e 100644
--- a/src/journal/journal-send.c
+++ b/src/journal/journal-send.c
@@ -225,8 +225,8 @@ _public_ int sd_journal_sendv(const struct iovec *iov, int n) {
assert_return(iov, -EINVAL);
assert_return(n > 0, -EINVAL);
- w = alloca(sizeof(struct iovec) * n * 5 + 3);
- l = alloca(sizeof(uint64_t) * n);
+ w = newa(struct iovec, n * 5 + 3);
+ l = newa(uint64_t, n);
for (i = 0; i < n; i++) {
char *c, *nl;
@@ -337,7 +337,11 @@ _public_ int sd_journal_sendv(const struct iovec *iov, int n) {
return r;
}
- return send_one_fd(fd, buffer_fd, 0);
+ r = send_one_fd_sa(fd, buffer_fd, mh.msg_name, mh.msg_namelen, 0);
+ if (r == -ENOENT)
+ /* Fail silently if the journal is not available */
+ return 0;
+ return r;
}
static int fill_iovec_perror_and_send(const char *message, int skip, struct iovec iov[]) {
diff --git a/src/journal/journald-native.c b/src/journal/journald-native.c
index 69a685c06f..371df5b37f 100644
--- a/src/journal/journald-native.c
+++ b/src/journal/journald-native.c
@@ -480,7 +480,7 @@ int server_open_native_socket(Server*s) {
return log_error_errno(errno, "SO_PASSCRED failed: %m");
#ifdef HAVE_SELINUX
- if (mac_selinux_use()) {
+ if (mac_selinux_have()) {
r = setsockopt(s->native_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
if (r < 0)
log_warning_errno(errno, "SO_PASSSEC failed: %m");
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 7d11a568aa..a8a9b72080 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -204,58 +204,19 @@ static int determine_space(Server *s, bool verbose, bool patch_min_use, uint64_t
return determine_space_for(s, metrics, path, name, verbose, patch_min_use, available, limit);
}
-void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
- int r;
+static void server_add_acls(JournalFile *f, uid_t uid) {
#ifdef HAVE_ACL
- _cleanup_(acl_freep) acl_t acl = NULL;
- acl_entry_t entry;
- acl_permset_t permset;
+ int r;
#endif
-
assert(f);
- r = fchmod(f->fd, 0640);
- if (r < 0)
- log_warning_errno(errno, "Failed to fix access mode on %s, ignoring: %m", f->path);
-
#ifdef HAVE_ACL
if (uid <= SYSTEM_UID_MAX)
return;
- acl = acl_get_fd(f->fd);
- if (!acl) {
- log_warning_errno(errno, "Failed to read ACL on %s, ignoring: %m", f->path);
- return;
- }
-
- r = acl_find_uid(acl, uid, &entry);
- if (r <= 0) {
-
- if (acl_create_entry(&acl, &entry) < 0 ||
- acl_set_tag_type(entry, ACL_USER) < 0 ||
- acl_set_qualifier(entry, &uid) < 0) {
- log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
- return;
- }
- }
-
- /* We do not recalculate the mask unconditionally here,
- * so that the fchmod() mask above stays intact. */
- if (acl_get_permset(entry, &permset) < 0 ||
- acl_add_perm(permset, ACL_READ) < 0) {
- log_warning_errno(errno, "Failed to patch ACL on %s, ignoring: %m", f->path);
- return;
- }
-
- r = calc_acl_mask_if_needed(&acl);
- if (r < 0) {
- log_warning_errno(r, "Failed to patch ACL on %s, ignoring: %m", f->path);
- return;
- }
-
- if (acl_set_fd(f->fd, acl) < 0)
- log_warning_errno(errno, "Failed to set ACL on %s, ignoring: %m", f->path);
-
+ r = add_acls_for_user(f->fd, uid);
+ if (r < 0)
+ log_warning_errno(r, "Failed to set ACL on %s, ignoring: %m", f->path);
#endif
}
@@ -301,7 +262,7 @@ static JournalFile* find_journal(Server *s, uid_t uid) {
if (r < 0)
return s->system_journal;
- server_fix_perms(s, f, uid);
+ server_add_acls(f, uid);
r = ordered_hashmap_put(s->user_journals, UID_TO_PTR(uid), f);
if (r < 0) {
@@ -332,7 +293,7 @@ static int do_rotate(
else
log_error_errno(r, "Failed to create new %s journal: %m", name);
else
- server_fix_perms(s, *f, uid);
+ server_add_acls(*f, uid);
return r;
}
@@ -707,7 +668,7 @@ static void dispatch_message_real(
}
#ifdef HAVE_SELINUX
- if (mac_selinux_use()) {
+ if (mac_selinux_have()) {
if (label) {
x = alloca(strlen("_SELINUX_CONTEXT=") + label_len + 1);
@@ -971,7 +932,7 @@ static int system_journal_open(Server *s, bool flush_requested) {
fn = strjoina(fn, "/system.journal");
r = journal_file_open_reliably(fn, O_RDWR|O_CREAT, 0640, s->compress, s->seal, &s->system_metrics, s->mmap, NULL, &s->system_journal);
if (r >= 0) {
- server_fix_perms(s, s->system_journal, 0);
+ server_add_acls(s->system_journal, 0);
(void) determine_space_for(s, &s->system_metrics, "/var/log/journal/", "System journal", true, true, NULL, NULL);
} else if (r < 0) {
if (r != -ENOENT && r != -EROFS)
@@ -1015,7 +976,7 @@ static int system_journal_open(Server *s, bool flush_requested) {
}
if (s->runtime_journal) {
- server_fix_perms(s, s->runtime_journal, 0);
+ server_add_acls(s->runtime_journal, 0);
(void) determine_space_for(s, &s->runtime_metrics, "/run/log/journal/", "Runtime journal", true, true, NULL, NULL);
}
}
diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h
index dcc21bb7c3..1822765228 100644
--- a/src/journal/journald-server.h
+++ b/src/journal/journald-server.h
@@ -174,7 +174,6 @@ int config_parse_split_mode(const char *unit, const char *filename, unsigned lin
const char *split_mode_to_string(SplitMode s) _const_;
SplitMode split_mode_from_string(const char *s) _pure_;
-void server_fix_perms(Server *s, JournalFile *f, uid_t uid);
int server_init(Server *s);
void server_done(Server *s);
void server_sync(Server *s);
diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c
index 07a0f1bf41..131fcdac42 100644
--- a/src/journal/journald-stream.c
+++ b/src/journal/journald-stream.c
@@ -493,7 +493,7 @@ static int stdout_stream_install(Server *s, int fd, StdoutStream **ret) {
if (r < 0)
return log_error_errno(r, "Failed to determine peer credentials: %m");
- if (mac_selinux_use()) {
+ if (mac_selinux_have()) {
r = getpeersec(fd, &stream->label);
if (r < 0 && r != -EOPNOTSUPP)
(void) log_warning_errno(r, "Failed to determine peer security context: %m");
diff --git a/src/journal/journald-syslog.c b/src/journal/journald-syslog.c
index f3ac1a7ae0..cfc50d889b 100644
--- a/src/journal/journald-syslog.c
+++ b/src/journal/journald-syslog.c
@@ -415,7 +415,7 @@ int server_open_syslog_socket(Server *s) {
return log_error_errno(errno, "SO_PASSCRED failed: %m");
#ifdef HAVE_SELINUX
- if (mac_selinux_use()) {
+ if (mac_selinux_have()) {
r = setsockopt(s->syslog_fd, SOL_SOCKET, SO_PASSSEC, &one, sizeof(one));
if (r < 0)
log_warning_errno(errno, "SO_PASSSEC failed: %m");
diff --git a/src/journal/test-journal-send.c b/src/journal/test-journal-send.c
index 694376670d..e537c1fe5f 100644
--- a/src/journal/test-journal-send.c
+++ b/src/journal/test-journal-send.c
@@ -19,59 +19,84 @@
along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
+#include <errno.h>
#include <stdlib.h>
#include <unistd.h>
#include "sd-journal.h"
-#include "log.h"
+#include "macro.h"
int main(int argc, char *argv[]) {
char huge[4096*1024];
- log_set_max_level(LOG_DEBUG);
-
- sd_journal_print(LOG_INFO, "piepapo");
-
- sd_journal_send("MESSAGE=foobar",
- "VALUE=%i", 7,
- NULL);
+ /* utf-8 and non-utf-8, message-less and message-ful iovecs */
+ struct iovec graph1[] = {
+ {(char*) "GRAPH=graph", strlen("GRAPH=graph")}
+ };
+ struct iovec graph2[] = {
+ {(char*) "GRAPH=graph\n", strlen("GRAPH=graph\n")}
+ };
+ struct iovec message1[] = {
+ {(char*) "MESSAGE=graph", strlen("MESSAGE=graph")}
+ };
+ struct iovec message2[] = {
+ {(char*) "MESSAGE=graph\n", strlen("MESSAGE=graph\n")}
+ };
+
+ assert_se(sd_journal_print(LOG_INFO, "piepapo") == 0);
+
+ assert_se(sd_journal_send("MESSAGE=foobar",
+ "VALUE=%i", 7,
+ NULL) == 0);
errno = ENOENT;
- sd_journal_perror("Foobar");
+ assert_se(sd_journal_perror("Foobar") == 0);
- sd_journal_perror("");
+ assert_se(sd_journal_perror("") == 0);
memset(huge, 'x', sizeof(huge));
memcpy(huge, "HUGE=", 5);
char_array_0(huge);
- sd_journal_send("MESSAGE=Huge field attached",
- huge,
- NULL);
+ assert_se(sd_journal_send("MESSAGE=Huge field attached",
+ huge,
+ NULL) == 0);
- sd_journal_send("MESSAGE=uiui",
- "VALUE=A",
- "VALUE=B",
- "VALUE=C",
- "SINGLETON=1",
- "OTHERVALUE=X",
- "OTHERVALUE=Y",
- "WITH_BINARY=this is a binary value \a",
- NULL);
+ assert_se(sd_journal_send("MESSAGE=uiui",
+ "VALUE=A",
+ "VALUE=B",
+ "VALUE=C",
+ "SINGLETON=1",
+ "OTHERVALUE=X",
+ "OTHERVALUE=Y",
+ "WITH_BINARY=this is a binary value \a",
+ NULL) == 0);
syslog(LOG_NOTICE, "Hello World!");
- sd_journal_print(LOG_NOTICE, "Hello World");
-
- sd_journal_send("MESSAGE=Hello World!",
- "MESSAGE_ID=52fb62f99e2c49d89cfbf9d6de5e3555",
- "PRIORITY=5",
- "HOME=%s", getenv("HOME"),
- "TERM=%s", getenv("TERM"),
- "PAGE_SIZE=%li", sysconf(_SC_PAGESIZE),
- "N_CPUS=%li", sysconf(_SC_NPROCESSORS_ONLN),
- NULL);
+ assert_se(sd_journal_print(LOG_NOTICE, "Hello World") == 0);
+
+ assert_se(sd_journal_send("MESSAGE=Hello World!",
+ "MESSAGE_ID=52fb62f99e2c49d89cfbf9d6de5e3555",
+ "PRIORITY=5",
+ "HOME=%s", getenv("HOME"),
+ "TERM=%s", getenv("TERM"),
+ "PAGE_SIZE=%li", sysconf(_SC_PAGESIZE),
+ "N_CPUS=%li", sysconf(_SC_NPROCESSORS_ONLN),
+ NULL) == 0);
+
+ assert_se(sd_journal_sendv(graph1, 1) == 0);
+ assert_se(sd_journal_sendv(graph2, 1) == 0);
+ assert_se(sd_journal_sendv(message1, 1) == 0);
+ assert_se(sd_journal_sendv(message2, 1) == 0);
+
+ /* test without location fields */
+#undef sd_journal_sendv
+ assert_se(sd_journal_sendv(graph1, 1) == 0);
+ assert_se(sd_journal_sendv(graph2, 1) == 0);
+ assert_se(sd_journal_sendv(message1, 1) == 0);
+ assert_se(sd_journal_sendv(message2, 1) == 0);
sleep(1);
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2025-01-17 22:21:37 +0000