summaryrefslogtreecommitdiff
path: root/src/stdout-syslog-bridge.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/stdout-syslog-bridge.c')
-rw-r--r--src/stdout-syslog-bridge.c694
1 files changed, 694 insertions, 0 deletions
diff --git a/src/stdout-syslog-bridge.c b/src/stdout-syslog-bridge.c
new file mode 100644
index 0000000000..48a301f6a7
--- /dev/null
+++ b/src/stdout-syslog-bridge.c
@@ -0,0 +1,694 @@
+/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
+
+/***
+ This file is part of systemd.
+
+ Copyright 2010 Lennart Poettering
+
+ systemd is free software; you can redistribute it and/or modify it
+ under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ systemd is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <sys/socket.h>
+#include <sys/types.h>
+#include <assert.h>
+#include <time.h>
+#include <string.h>
+#include <stdio.h>
+#include <errno.h>
+#include <unistd.h>
+#include <sys/poll.h>
+#include <sys/epoll.h>
+#include <sys/un.h>
+#include <fcntl.h>
+
+#include "util.h"
+#include "log.h"
+#include "list.h"
+#include "sd-daemon.h"
+#include "tcpwrap.h"
+#include "def.h"
+
+#define STREAMS_MAX 4096
+#define SERVER_FD_MAX 16
+#define TIMEOUT_MSEC ((int) (DEFAULT_EXIT_USEC/USEC_PER_MSEC))
+
+typedef struct Stream Stream;
+
+typedef struct Server {
+ int syslog_fd;
+ int kmsg_fd;
+ int epoll_fd;
+
+ unsigned n_server_fd;
+
+ bool syslog_is_stream;
+
+ LIST_HEAD(Stream, streams);
+ unsigned n_streams;
+} Server;
+
+typedef enum StreamTarget {
+ STREAM_SYSLOG,
+ STREAM_KMSG
+} StreamTarget;
+
+typedef enum StreamState {
+ STREAM_TARGET,
+ STREAM_PRIORITY,
+ STREAM_PROCESS,
+ STREAM_PREFIX,
+ STREAM_RUNNING
+} StreamState;
+
+struct Stream {
+ Server *server;
+
+ StreamState state;
+
+ int fd;
+
+ StreamTarget target;
+ int priority;
+ char *process;
+ pid_t pid;
+ uid_t uid;
+ gid_t gid;
+
+ bool prefix:1;
+ bool tee_console:1;
+
+ char buffer[LINE_MAX];
+ size_t length;
+
+ LIST_FIELDS(Stream, stream);
+};
+
+static int stream_log(Stream *s, char *p, usec_t ts) {
+
+ char header_priority[16], header_time[64], header_pid[16];
+ struct iovec iovec[5];
+ int priority;
+
+ assert(s);
+ assert(p);
+
+ priority = s->priority;
+
+ if (s->prefix)
+ parse_syslog_priority(&p, &priority);
+
+ if (*p == 0)
+ return 0;
+
+ /* Patch in LOG_USER facility if necessary */
+ if ((priority & LOG_FACMASK) == 0)
+ priority = LOG_USER | LOG_PRI(priority);
+
+ /*
+ * The format glibc uses to talk to the syslog daemon is:
+ *
+ * <priority>time process[pid]: msg
+ *
+ * The format the kernel uses is:
+ *
+ * <priority>msg\n
+ *
+ * We extend the latter to include the process name and pid.
+ */
+
+ snprintf(header_priority, sizeof(header_priority), "<%i>", priority);
+ char_array_0(header_priority);
+
+ if (s->target == STREAM_SYSLOG) {
+ time_t t;
+ struct tm *tm;
+
+ t = (time_t) (ts / USEC_PER_SEC);
+ if (!(tm = localtime(&t)))
+ return -EINVAL;
+
+ if (strftime(header_time, sizeof(header_time), "%h %e %T ", tm) <= 0)
+ return -EINVAL;
+ }
+
+ snprintf(header_pid, sizeof(header_pid), "[%lu]: ", (unsigned long) s->pid);
+ char_array_0(header_pid);
+
+ zero(iovec);
+ IOVEC_SET_STRING(iovec[0], header_priority);
+
+ if (s->target == STREAM_SYSLOG) {
+ struct msghdr msghdr;
+ union {
+ struct cmsghdr cmsghdr;
+ uint8_t buf[CMSG_SPACE(sizeof(struct ucred))];
+ } control;
+ struct ucred *ucred;
+
+ zero(control);
+ control.cmsghdr.cmsg_level = SOL_SOCKET;
+ control.cmsghdr.cmsg_type = SCM_CREDENTIALS;
+ control.cmsghdr.cmsg_len = CMSG_LEN(sizeof(struct ucred));
+
+ ucred = (struct ucred*) CMSG_DATA(&control.cmsghdr);
+ ucred->pid = s->pid;
+ ucred->uid = s->uid;
+ ucred->gid = s->gid;
+
+ IOVEC_SET_STRING(iovec[1], header_time);
+ IOVEC_SET_STRING(iovec[2], s->process);
+ IOVEC_SET_STRING(iovec[3], header_pid);
+ IOVEC_SET_STRING(iovec[4], p);
+
+ /* When using syslog via SOCK_STREAM separate the messages by NUL chars */
+ if (s->server->syslog_is_stream)
+ iovec[4].iov_len++;
+
+ zero(msghdr);
+ msghdr.msg_iov = iovec;
+ msghdr.msg_iovlen = ELEMENTSOF(iovec);
+ msghdr.msg_control = &control;
+ msghdr.msg_controllen = control.cmsghdr.cmsg_len;
+
+ for (;;) {
+ ssize_t n;
+
+ if ((n = sendmsg(s->server->syslog_fd, &msghdr, MSG_NOSIGNAL)) < 0) {
+
+ if (errno == ESRCH) {
+ pid_t our_pid;
+
+ /* Hmm, maybe the process this
+ * line originates from is
+ * dead? Then let's patch in
+ * our own pid and retry,
+ * since we have nothing
+ * better */
+
+ our_pid = getpid();
+
+ if (ucred->pid != our_pid) {
+ ucred->pid = our_pid;
+ continue;
+ }
+ }
+
+ return -errno;
+ }
+
+ if (!s->server->syslog_is_stream ||
+ (size_t) n >= IOVEC_TOTAL_SIZE(iovec, ELEMENTSOF(iovec)))
+ break;
+
+ IOVEC_INCREMENT(iovec, ELEMENTSOF(iovec), n);
+ }
+
+ } else if (s->target == STREAM_KMSG) {
+ IOVEC_SET_STRING(iovec[1], s->process);
+ IOVEC_SET_STRING(iovec[2], header_pid);
+ IOVEC_SET_STRING(iovec[3], p);
+ IOVEC_SET_STRING(iovec[4], (char*) "\n");
+
+ if (writev(s->server->kmsg_fd, iovec, ELEMENTSOF(iovec)) < 0)
+ return -errno;
+ } else
+ assert_not_reached("Unknown log target");
+
+ if (s->tee_console) {
+ int console;
+
+ if ((console = open_terminal("/dev/console", O_WRONLY|O_NOCTTY|O_CLOEXEC)) >= 0) {
+ IOVEC_SET_STRING(iovec[0], s->process);
+ IOVEC_SET_STRING(iovec[1], header_pid);
+ IOVEC_SET_STRING(iovec[2], p);
+ IOVEC_SET_STRING(iovec[3], (char*) "\n");
+
+ writev(console, iovec, 4);
+ }
+
+ }
+
+ return 0;
+}
+
+static int stream_line(Stream *s, char *p, usec_t ts) {
+ int r;
+
+ assert(s);
+ assert(p);
+
+ p = strstrip(p);
+
+ switch (s->state) {
+
+ case STREAM_TARGET:
+ if (streq(p, "syslog") || streq(p, "syslog+console"))
+ s->target = STREAM_SYSLOG;
+ else if (streq(p, "kmsg") || streq(p, "kmsg+console")) {
+
+ if (s->server->kmsg_fd >= 0 && s->uid == 0)
+ s->target = STREAM_KMSG;
+ else {
+ log_warning("/dev/kmsg logging not available.");
+ return -EPERM;
+ }
+ } else {
+ log_warning("Failed to parse log target line.");
+ return -EBADMSG;
+ }
+
+ if (endswith(p, "+console"))
+ s->tee_console = true;
+
+ s->state = STREAM_PRIORITY;
+ return 0;
+
+ case STREAM_PRIORITY:
+ if ((r = safe_atoi(p, &s->priority)) < 0) {
+ log_warning("Failed to parse log priority line: %m");
+ return r;
+ }
+
+ if (s->priority < 0) {
+ log_warning("Log priority negative: %m");
+ return -ERANGE;
+ }
+
+ s->state = STREAM_PROCESS;
+ return 0;
+
+ case STREAM_PROCESS:
+ if (!(s->process = strdup(p)))
+ return -ENOMEM;
+
+ s->state = STREAM_PREFIX;
+ return 0;
+
+ case STREAM_PREFIX:
+
+ if ((r = parse_boolean(p)) < 0)
+ return r;
+
+ s->prefix = r;
+ s->state = STREAM_RUNNING;
+ return 0;
+
+ case STREAM_RUNNING:
+ return stream_log(s, p, ts);
+ }
+
+ assert_not_reached("Unknown stream state");
+}
+
+static int stream_scan(Stream *s, usec_t ts) {
+ char *p;
+ size_t remaining;
+ int r = 0;
+
+ assert(s);
+
+ p = s->buffer;
+ remaining = s->length;
+ for (;;) {
+ char *newline;
+
+ if (!(newline = memchr(p, '\n', remaining)))
+ break;
+
+ *newline = 0;
+
+ if ((r = stream_line(s, p, ts)) >= 0) {
+ remaining -= newline-p+1;
+ p = newline+1;
+ }
+ }
+
+ if (p > s->buffer) {
+ memmove(s->buffer, p, remaining);
+ s->length = remaining;
+ }
+
+ return r;
+}
+
+static int stream_process(Stream *s, usec_t ts) {
+ ssize_t l;
+ int r;
+ assert(s);
+
+ if ((l = read(s->fd, s->buffer+s->length, LINE_MAX-s->length)) < 0) {
+
+ if (errno == EAGAIN)
+ return 0;
+
+ log_warning("Failed to read from stream: %m");
+ return -errno;
+ }
+
+
+ if (l == 0)
+ return 0;
+
+ s->length += l;
+ r = stream_scan(s, ts);
+
+ if (r < 0)
+ return r;
+
+ return 1;
+}
+
+static void stream_free(Stream *s) {
+ assert(s);
+
+ if (s->server) {
+ assert(s->server->n_streams > 0);
+ s->server->n_streams--;
+ LIST_REMOVE(Stream, stream, s->server->streams, s);
+
+ }
+
+ if (s->fd >= 0) {
+ if (s->server)
+ epoll_ctl(s->server->epoll_fd, EPOLL_CTL_DEL, s->fd, NULL);
+
+ close_nointr_nofail(s->fd);
+ }
+
+ free(s->process);
+ free(s);
+}
+
+static int stream_new(Server *s, int server_fd) {
+ Stream *stream;
+ int fd;
+ struct ucred ucred;
+ socklen_t len = sizeof(ucred);
+ struct epoll_event ev;
+ int r;
+
+ assert(s);
+
+ if ((fd = accept4(server_fd, NULL, NULL, SOCK_NONBLOCK|SOCK_CLOEXEC)) < 0)
+ return -errno;
+
+ if (s->n_streams >= STREAMS_MAX) {
+ log_warning("Too many connections, refusing connection.");
+ close_nointr_nofail(fd);
+ return 0;
+ }
+
+ if (!socket_tcpwrap(fd, "systemd-stdout-syslog-bridge")) {
+ close_nointr_nofail(fd);
+ return 0;
+ }
+
+ if (!(stream = new0(Stream, 1))) {
+ close_nointr_nofail(fd);
+ return -ENOMEM;
+ }
+
+ stream->fd = fd;
+
+ if (getsockopt(stream->fd, SOL_SOCKET, SO_PEERCRED, &ucred, &len) < 0) {
+ r = -errno;
+ goto fail;
+ }
+
+ if (shutdown(fd, SHUT_WR) < 0) {
+ r = -errno;
+ goto fail;
+ }
+
+ zero(ev);
+ ev.data.ptr = stream;
+ ev.events = EPOLLIN;
+ if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
+ r = -errno;
+ goto fail;
+ }
+
+ stream->pid = ucred.pid;
+ stream->uid = ucred.uid;
+ stream->gid = ucred.gid;
+
+ stream->server = s;
+ LIST_PREPEND(Stream, stream, s->streams, stream);
+ s->n_streams ++;
+
+ return 0;
+
+fail:
+ stream_free(stream);
+ return r;
+}
+
+static void server_done(Server *s) {
+ unsigned i;
+ assert(s);
+
+ while (s->streams)
+ stream_free(s->streams);
+
+ for (i = 0; i < s->n_server_fd; i++)
+ close_nointr_nofail(SD_LISTEN_FDS_START+i);
+
+ if (s->syslog_fd >= 0)
+ close_nointr_nofail(s->syslog_fd);
+
+ if (s->epoll_fd >= 0)
+ close_nointr_nofail(s->epoll_fd);
+
+ if (s->kmsg_fd >= 0)
+ close_nointr_nofail(s->kmsg_fd);
+}
+
+static int server_init(Server *s, unsigned n_sockets) {
+ int r;
+ unsigned i;
+ union {
+ struct sockaddr sa;
+ struct sockaddr_un un;
+ } sa;
+
+ assert(s);
+ assert(n_sockets > 0);
+
+ zero(*s);
+
+ s->n_server_fd = n_sockets;
+ s->syslog_fd = -1;
+ s->kmsg_fd = -1;
+
+ if ((s->epoll_fd = epoll_create1(EPOLL_CLOEXEC)) < 0) {
+ r = -errno;
+ log_error("Failed to create epoll object: %m");
+ goto fail;
+ }
+
+ for (i = 0; i < n_sockets; i++) {
+ struct epoll_event ev;
+ int fd;
+
+ fd = SD_LISTEN_FDS_START+i;
+
+ if ((r = sd_is_socket(fd, AF_UNSPEC, SOCK_STREAM, 1)) < 0) {
+ log_error("Failed to determine file descriptor type: %s", strerror(-r));
+ goto fail;
+ }
+
+ if (!r) {
+ log_error("Wrong file descriptor type.");
+ r = -EINVAL;
+ goto fail;
+ }
+
+ /* We use ev.data.ptr instead of ev.data.fd here,
+ * since on 64bit archs fd is 32bit while a pointer is
+ * 64bit. To make sure we can easily distinguish fd
+ * values and pointer values we want to make sure to
+ * write the full field unconditionally. */
+
+ zero(ev);
+ ev.events = EPOLLIN;
+ ev.data.ptr = INT_TO_PTR(fd);
+ if (epoll_ctl(s->epoll_fd, EPOLL_CTL_ADD, fd, &ev) < 0) {
+ r = -errno;
+ log_error("Failed to add server fd to epoll object: %m");
+ goto fail;
+ }
+ }
+
+ zero(sa);
+ sa.un.sun_family = AF_UNIX;
+ strncpy(sa.un.sun_path, "/dev/log", sizeof(sa.un.sun_path));
+
+ if ((s->syslog_fd = socket(AF_UNIX, SOCK_DGRAM|SOCK_CLOEXEC, 0)) < 0) {
+ r = -errno;
+ log_error("Failed to create log fd: %m");
+ goto fail;
+ }
+
+ if (connect(s->syslog_fd, &sa.sa, sizeof(sa)) < 0) {
+ close_nointr_nofail(s->syslog_fd);
+
+ if ((s->syslog_fd = socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC, 0)) < 0) {
+ r = -errno;
+ log_error("Failed to create log fd: %m");
+ goto fail;
+ }
+
+ if (connect(s->syslog_fd, &sa.sa, sizeof(sa)) < 0) {
+ r = -errno;
+ log_error("Failed to connect log socket to /dev/log: %m");
+ goto fail;
+ }
+
+ s->syslog_is_stream = true;
+ } else
+ s->syslog_is_stream = false;
+
+ /* /dev/kmsg logging is strictly optional */
+ if ((s->kmsg_fd = open("/dev/kmsg", O_WRONLY|O_NOCTTY|O_CLOEXEC)) < 0)
+ log_warning("Failed to open /dev/kmsg for logging, disabling kernel log buffer support: %m");
+
+ return 0;
+
+fail:
+ server_done(s);
+ return r;
+}
+
+static int process_event(Server *s, struct epoll_event *ev) {
+ int r;
+
+ assert(s);
+
+ /* Yes, this is a bit ugly, we assume that that valid pointers
+ * are > SD_LISTEN_FDS_START+SERVER_FD_MAX. Which is certainly
+ * true on Linux (and probably most other OSes, too, since the
+ * first 4k usually are part of a separate null pointer
+ * dereference page. */
+
+ if (PTR_TO_INT(ev->data.ptr) >= SD_LISTEN_FDS_START &&
+ PTR_TO_INT(ev->data.ptr) < SD_LISTEN_FDS_START+(int)s->n_server_fd) {
+
+ if (ev->events != EPOLLIN) {
+ log_info("Got invalid event from epoll. (1)");
+ return -EIO;
+ }
+
+ if ((r = stream_new(s, PTR_TO_INT(ev->data.ptr))) < 0) {
+ log_info("Failed to accept new connection: %s", strerror(-r));
+ return r;
+ }
+
+ } else {
+ usec_t ts;
+ Stream *stream = ev->data.ptr;
+
+ ts = now(CLOCK_REALTIME);
+
+ if (!(ev->events & EPOLLIN)) {
+ log_info("Got invalid event from epoll. (2)");
+ stream_free(stream);
+ return 0;
+ }
+
+ if ((r = stream_process(stream, ts)) <= 0) {
+
+ if (r < 0)
+ log_info("Got error on stream: %s", strerror(-r));
+
+ stream_free(stream);
+ return 0;
+ }
+ }
+
+ return 0;
+}
+
+int main(int argc, char *argv[]) {
+ Server server;
+ int r = EXIT_FAILURE, n;
+
+ if (getppid() != 1) {
+ log_error("This program should be invoked by init only.");
+ return EXIT_FAILURE;
+ }
+
+ if (argc > 1) {
+ log_error("This program does not take arguments.");
+ return EXIT_FAILURE;
+ }
+
+ log_set_target(LOG_TARGET_SYSLOG_OR_KMSG);
+ log_parse_environment();
+ log_open();
+
+ umask(0022);
+
+ if ((n = sd_listen_fds(true)) < 0) {
+ log_error("Failed to read listening file descriptors from environment: %s", strerror(-r));
+ return EXIT_FAILURE;
+ }
+
+ if (n <= 0 || n > SERVER_FD_MAX) {
+ log_error("No or too many file descriptors passed.");
+ return EXIT_FAILURE;
+ }
+
+ if (server_init(&server, (unsigned) n) < 0)
+ return EXIT_FAILURE;
+
+ log_debug("systemd-stdout-syslog-bridge running as pid %lu", (unsigned long) getpid());
+
+ sd_notify(false,
+ "READY=1\n"
+ "STATUS=Processing requests...");
+
+ for (;;) {
+ struct epoll_event event;
+ int k;
+
+ if ((k = epoll_wait(server.epoll_fd,
+ &event, 1,
+ server.n_streams <= 0 ? TIMEOUT_MSEC : -1)) < 0) {
+
+ if (errno == EINTR)
+ continue;
+
+ log_error("epoll_wait() failed: %m");
+ goto fail;
+ }
+
+ if (k <= 0)
+ break;
+
+ if (process_event(&server, &event) < 0)
+ goto fail;
+ }
+
+ r = EXIT_SUCCESS;
+
+ log_debug("systemd-stdout-syslog-bridge stopped as pid %lu", (unsigned long) getpid());
+
+fail:
+ sd_notify(false,
+ "STATUS=Shutting down...");
+
+ server_done(&server);
+
+ return r;
+}
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-11 07:28:44 +0000