summaryrefslogtreecommitdiff
path: root/src/journal/journald-server.c
AgeCommit message (Collapse)Author
2015-02-01Add a snprinf wrapper which checks that the buffer was big enoughZbigniew Jędrzejewski-Szmek
If we scale our buffer to be wide enough for the format string, we should expect that the calculation was correct. char_array_0() invocations are removed, since snprintf nul-terminates the output in any case. A similar wrapper is used for strftime calls, but only in timedatectl.c.
2015-01-22tmpfiles: add 'a' type to set ACLsZbigniew Jędrzejewski-Szmek
2015-01-13journald: allow zero length datagrams againLennart Poettering
This undoes a small part of 13790add4bf648fed816361794d8277a75253410 which was erroneously added, given that zero length datagrams are OK, and hence zero length reads on a SOCK_DGRAM be no means mean EOF.
2015-01-06journald: allow restarting journald without losing stream connectionsLennart Poettering
Making use of the fd storage capability of the previous commit, allow restarting journald by serilizing stream state to /run, and pushing open fds to PID 1.
2015-01-05journald: reuse IOVEC_TOTAL_SIZE() macros where possibleLennart Poettering
2015-01-05journald: when we detect the journal file we are about to write to has been ↵Lennart Poettering
deleted, rotate https://bugzilla.redhat.com/show_bug.cgi?id=1171719
2015-01-05journald: constify all thingsLennart Poettering
2015-01-05journald: prefix exported calls with "server_", unexport unnecessary callsLennart Poettering
2015-01-05journald: process SIGBUS for the memory maps we set upLennart Poettering
Even though we use fallocate() it appears that file systems like btrfs will trigger SIGBUS on certain low-disk-space situation. We should handle that, hence catch the signal, add it to a list of invalidated pages, and replace the page with an empty memory area. After each write check if SIGBUS was triggered, and consider the write invalid if it was. This should make journald a lot more robust with file systems where fallocate() is not reliable, for example all CoW file systems (btrfs...), where changing written data can fail with disk full errors. https://bugzilla.redhat.com/show_bug.cgi?id=1045810
2014-12-11journald: correct spacing near eol code commentsTorstein Husebø
2014-11-30journald: close passed fds we cannot make sense ofLennart Poettering
This is mostly likely the audit socket, and we really should close it if we cannot make sense of it, since as long as it is open the kernel might disable the kmsg forwarding of audit msgs, and we should avoid that, since audit msgs might get completely lost then. I also downgraded the log message we show a bit, after all things should really work fine, and we proceed fine with it.
2014-11-29journald: Support journald.conf.d directories in the usual search pathsJosh Triplett
2014-11-28treewide: another round of simplificationsMichal Schmidt
Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-11-28treewide: more log_*_errno + return simplificationsMichal Schmidt
2014-11-28treewide: more log_*_errno() conversions, multiline callsMichal Schmidt
Basically: find . -name '*.[ch]' | while read f; do perl -i.mmm -e \ 'local $/; local $_=<>; s/log_(debug|info|notice|warning|error|emergency)\("([^"]*)%s"([^;]*),\s*strerror\(-?([->a-zA-Z_]+)\)\);/log_\1_errno(\4, "\2%m"\3);/gms;print;' \ $f; done Plus manual indentation fixups.
2014-11-28treewide: no need to negate errno for log_*_errno()Michal Schmidt
It corrrectly handles both positive and negative errno values.
2014-11-28treewide: auto-convert the simple cases to log_*_errno()Michal Schmidt
As a followup to 086891e5c1 "log: add an "error" parameter to all low-level logging calls and intrdouce log_error_errno() as log calls that take error numbers", use sed to convert the simple cases to use the new macros: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/' Multi-line log_*() invocations are not covered. And we also should add log_unit_*_errno().
2014-11-28log: fix order of log_unit_struct() to match other logging callsLennart Poettering
Also, while we are at it, introduce some syntactic sugar for creating ERRNO= and MESSAGE= structured logging fields.
2014-11-26journald: proceed even if some sockets are unknownZbigniew Jędrzejewski-Szmek
systemd-journald would refuse to start if it received an unknown socket from systemd. This is annoying, because the failure more for systemd-journald is unpleasant: systemd will keep restarting journald, but most likely the same error will occur every time. It is better to continue. journald will try to open missing sockets on its own, so things should mostly work. One question is whether to close the sockets which cannot be parsed or to keep them open. Either way we might lose some messages. This failure is most likely for the audit socket (selinux issues), which can be opened multiple times so this not a problem, so I decided to keep them open because it makes it easier to debug the issue after the system is fully started.
2014-11-07util: simplify proc_cmdline() to reuse get_process_cmdline()Lennart Poettering
Also, make all parsing of the kernel cmdline non-fatal.
2014-11-04journald: don't pass around SO_TIMESTAMP timestamp for audit, which we don't ↵Lennart Poettering
have anyway
2014-11-03journalctl: add new --vacuum-size= and --vacuum-time= commands to clean up ↵Lennart Poettering
journal files based on a size/time limit This is equivalent to the effect of SystemMaxUse= and RetentionSec=, however can be invoked directly instead of implicitly.
2014-11-03journald: fix minor memory leakLennart Poettering
2014-11-03journald: if available pull audit messages from the kernel into journal logsLennart Poettering
2014-11-03journald: constify all things!Lennart Poettering
2014-10-26journald: fix flushingZbigniew Jędrzejewski-Szmek
Commit 74055aa762 'journalctl: add new --flush command and make use of it in systemd-journal-flush.service' broke flushing because journald checks for the /run/systemd/journal/flushed file before opening the permanent journal. When the creation of this file was postponed, flushing stoppage ensued.
2014-10-23journal: make Server::user_journals an OrderedHashmapMichal Schmidt
Order matters here. It replaces oldest entries first when USER_JOURNALS_MAX is reached.
2014-10-23mac: also rename use_{smack,selinux,apparmor}() calls so that they share the ↵Lennart Poettering
new mac_{smack,selinux,apparmor}_xyz() convention
2014-10-23journalctl: add new --flush command and make use of it in ↵Lennart Poettering
systemd-journal-flush.service This new command will ask the journal daemon to flush all log data stored in /run to /var, and wait for it to complete. This is useful, so that in case of Storage=persistent we can order systemd-tmpfiles-setup afterwards, to ensure any possibly newly created directory in /var/log gets proper access mode and owners.
2014-10-22journal: do server_vacuum for sigusr1WaLyong Cho
runtime journal is migrated to system journal when only "/run/systemd/journal/flushed" exist. It's ok but according to this the system journal directory size(max use) can be over the config. If journal is not rotated during some time the journal directory can be remained as over the config(or default) size. To avoid, do server_vacuum just after the system journal migration from runtime.
2014-10-12ModernizationZbigniew Jędrzejewski-Szmek
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-07-31Properly report invalid quoted stringsZbigniew Jędrzejewski-Szmek
$ systemd-analyze verify trailing-g.service [./trailing-g.service:2] Trailing garbage, ignoring. trailing-g.service lacks ExecStart setting. Refusing. Error: org.freedesktop.systemd1.LoadFailed: Unit trailing-g.service failed to load: Invalid argument. Failed to create trailing-g.service/start: Invalid argument
2014-07-31Reject invalid quoted stringsZbigniew Jędrzejewski-Szmek
String which ended in an unfinished quote were accepted, potentially with bad memory accesses. Reject anything which ends in a unfished quote, or contains non-whitespace characters right after the closing quote. _FOREACH_WORD now returns the invalid character in *state. But this return value is not checked anywhere yet. Also, make 'word' and 'state' variables const pointers, and rename 'w' to 'word' in various places. Things are easier to read if the same name is used consistently. mbiebl_> am I correct that something like this doesn't work mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"' mbiebl_> systemd seems to strip of the quotes mbiebl_> systemctl status shows mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint mbiebl_> which is pretty weird
2014-07-16Let config_parse open file where applicableZbigniew Jędrzejewski-Szmek
Special care is needed so that we get an error message if the file failed to parse, but not when it is missing. To avoid duplicating the same error check in every caller, add an additional 'warn' boolean to tell config_parse whether a message should be issued. This makes things both shorter and more robust wrt. to error reporting.
2014-07-15Constify ConfigTableItem tablesZbigniew Jędrzejewski-Szmek
2014-07-11journald: turn ForwardToSyslog= off by defaultLennart Poettering
After all, rsyslog and friends nowadays read their data directly from the journal, hence the forwarding is unnecessary in most cases.
2014-06-27journald: make MaxFileSec really default to 1monthMichał Bartoszkiewicz
journald.conf(5) states that the default for MaxFileSec is one month, but the code didn't respect that.
2014-06-19journald: make SplitMode=uid the defaultLennart Poettering
Now that we actually can distuingish system and normal users there's no point in taking session information into account anymore when splitting up logs. This has the beenfit with that coredump information will actually end up in each user's own journal.
2014-06-19coredump: optionally store coredumps on disk, not in the journalLennart Poettering
Introduce a new configuration file /etc/systemd/coredump.conf to configure when to place coredumps in the journal and when on disk. Since the coredumps are quite large, default to storing them only on disk.
2014-06-11journald: create /run/log/journal with the correct access modesLennart Poettering
2014-06-04journald: move /dev/log socket to /runLennart Poettering
This way we can make the socket also available for sandboxed apps that have their own private /dev. They can now simply symlink the socket from /dev.
2014-05-21logind: don't apply RemoveIPC= to system usersLennart Poettering
We shouldn't destroy IPC objects of system users on logout. http://lists.freedesktop.org/archives/systemd-devel/2014-April/018373.html This introduces SYSTEM_UID_MAX defined to the maximum UID of system users. This value is determined compile-time, either as configure switch or from /etc/login.defs. (We don't read that file at runtime, since this is really a choice for a system builder, not the end user.) While we are at it we then also update journald to use SYSTEM_UID_MAX when we decide whether to split out log data for a specific client.
2014-05-15Remove unnecessary casts in printfsZbigniew Jędrzejewski-Szmek
No functional change expected :)
2014-03-24sd-event: rework API to support CLOCK_REALTIME_ALARM and ↵Lennart Poettering
CLOCK_BOOTTIME_ALARM, too
2014-03-18util: replace close_nointr_nofail() by a more useful safe_close()Lennart Poettering
safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.
2014-03-17journal: extract duplicated code to a functionZbigniew Jędrzejewski-Szmek
2014-03-17journal: extract duplicated code to a functionZbigniew Jędrzejewski-Szmek
2014-03-16Use strlen even for constant stringsJosh Triplett
GCC optimizes strlen("string constant") to a constant, even with -O0. Thus, replace patterns like sizeof("string constant")-1 with strlen("string constant") where possible, for clarity. In particular, for expressions intended to add up the lengths of components going into a string, this often makes it clearer that the expression counts the trailing '\0' exactly once, by putting the +1 for the '\0' at the end of the expression, rather than hidden in a sizeof in the middle of the expression.