summaryrefslogtreecommitdiff
path: root/src/journal/journald-server.c
AgeCommit message (Collapse)Author
2014-10-26journald: fix flushingZbigniew Jędrzejewski-Szmek
Commit 74055aa762 'journalctl: add new --flush command and make use of it in systemd-journal-flush.service' broke flushing because journald checks for the /run/systemd/journal/flushed file before opening the permanent journal. When the creation of this file was postponed, flushing stoppage ensued.
2014-10-23journal: make Server::user_journals an OrderedHashmapMichal Schmidt
Order matters here. It replaces oldest entries first when USER_JOURNALS_MAX is reached.
2014-10-23mac: also rename use_{smack,selinux,apparmor}() calls so that they share the ↵Lennart Poettering
new mac_{smack,selinux,apparmor}_xyz() convention
2014-10-23journalctl: add new --flush command and make use of it in ↵Lennart Poettering
systemd-journal-flush.service This new command will ask the journal daemon to flush all log data stored in /run to /var, and wait for it to complete. This is useful, so that in case of Storage=persistent we can order systemd-tmpfiles-setup afterwards, to ensure any possibly newly created directory in /var/log gets proper access mode and owners.
2014-10-22journal: do server_vacuum for sigusr1WaLyong Cho
runtime journal is migrated to system journal when only "/run/systemd/journal/flushed" exist. It's ok but according to this the system journal directory size(max use) can be over the config. If journal is not rotated during some time the journal directory can be remained as over the config(or default) size. To avoid, do server_vacuum just after the system journal migration from runtime.
2014-10-12ModernizationZbigniew Jędrzejewski-Szmek
2014-09-15hashmap: introduce hash_ops to make struct Hashmap smallerMichal Schmidt
It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.
2014-07-31Properly report invalid quoted stringsZbigniew Jędrzejewski-Szmek
$ systemd-analyze verify trailing-g.service [./trailing-g.service:2] Trailing garbage, ignoring. trailing-g.service lacks ExecStart setting. Refusing. Error: org.freedesktop.systemd1.LoadFailed: Unit trailing-g.service failed to load: Invalid argument. Failed to create trailing-g.service/start: Invalid argument
2014-07-31Reject invalid quoted stringsZbigniew Jędrzejewski-Szmek
String which ended in an unfinished quote were accepted, potentially with bad memory accesses. Reject anything which ends in a unfished quote, or contains non-whitespace characters right after the closing quote. _FOREACH_WORD now returns the invalid character in *state. But this return value is not checked anywhere yet. Also, make 'word' and 'state' variables const pointers, and rename 'w' to 'word' in various places. Things are easier to read if the same name is used consistently. mbiebl_> am I correct that something like this doesn't work mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"' mbiebl_> systemd seems to strip of the quotes mbiebl_> systemctl status shows mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint mbiebl_> which is pretty weird
2014-07-16Let config_parse open file where applicableZbigniew Jędrzejewski-Szmek
Special care is needed so that we get an error message if the file failed to parse, but not when it is missing. To avoid duplicating the same error check in every caller, add an additional 'warn' boolean to tell config_parse whether a message should be issued. This makes things both shorter and more robust wrt. to error reporting.
2014-07-15Constify ConfigTableItem tablesZbigniew Jędrzejewski-Szmek
2014-07-11journald: turn ForwardToSyslog= off by defaultLennart Poettering
After all, rsyslog and friends nowadays read their data directly from the journal, hence the forwarding is unnecessary in most cases.
2014-06-27journald: make MaxFileSec really default to 1monthMichał Bartoszkiewicz
journald.conf(5) states that the default for MaxFileSec is one month, but the code didn't respect that.
2014-06-19journald: make SplitMode=uid the defaultLennart Poettering
Now that we actually can distuingish system and normal users there's no point in taking session information into account anymore when splitting up logs. This has the beenfit with that coredump information will actually end up in each user's own journal.
2014-06-19coredump: optionally store coredumps on disk, not in the journalLennart Poettering
Introduce a new configuration file /etc/systemd/coredump.conf to configure when to place coredumps in the journal and when on disk. Since the coredumps are quite large, default to storing them only on disk.
2014-06-11journald: create /run/log/journal with the correct access modesLennart Poettering
2014-06-04journald: move /dev/log socket to /runLennart Poettering
This way we can make the socket also available for sandboxed apps that have their own private /dev. They can now simply symlink the socket from /dev.
2014-05-21logind: don't apply RemoveIPC= to system usersLennart Poettering
We shouldn't destroy IPC objects of system users on logout. http://lists.freedesktop.org/archives/systemd-devel/2014-April/018373.html This introduces SYSTEM_UID_MAX defined to the maximum UID of system users. This value is determined compile-time, either as configure switch or from /etc/login.defs. (We don't read that file at runtime, since this is really a choice for a system builder, not the end user.) While we are at it we then also update journald to use SYSTEM_UID_MAX when we decide whether to split out log data for a specific client.
2014-05-15Remove unnecessary casts in printfsZbigniew Jędrzejewski-Szmek
No functional change expected :)
2014-03-24sd-event: rework API to support CLOCK_REALTIME_ALARM and ↵Lennart Poettering
CLOCK_BOOTTIME_ALARM, too
2014-03-18util: replace close_nointr_nofail() by a more useful safe_close()Lennart Poettering
safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.
2014-03-17journal: extract duplicated code to a functionZbigniew Jędrzejewski-Szmek
2014-03-17journal: extract duplicated code to a functionZbigniew Jędrzejewski-Szmek
2014-03-16Use strlen even for constant stringsJosh Triplett
GCC optimizes strlen("string constant") to a constant, even with -O0. Thus, replace patterns like sizeof("string constant")-1 with strlen("string constant") where possible, for clarity. In particular, for expressions intended to add up the lengths of components going into a string, this often makes it clearer that the expression counts the trailing '\0' exactly once, by putting the +1 for the '\0' at the end of the expression, rather than hidden in a sizeof in the middle of the expression.
2014-03-14journald: add support for wall forwardingSebastian Thorarensen
This will let journald forward logs as messages sent to all logged in users (like wall). Two options are added: * ForwardToWall (default yes) * MaxLevelWall (default emerg) 'ForwardToWall' is overridable by kernel command line option 'systemd.journald.forward_to_wall'. This is used to emulate the traditional syslogd behaviour of sending emergency messages to all logged in users.
2014-03-07Make tables for DEFINE_STRING_TABLE_LOOKUP consistentDaniel Mack
Bring some arrays that are used for DEFINE_STRING_TABLE_LOOKUP() in the same order than the enums they reference. Also, pass the corresponding _MAX value to the array initalizer where appropriate.
2014-02-24Remove dead lines in various placesZbigniew Jędrzejewski-Szmek
As pointed-out by clang -Wunreachable-code. No behaviour changes.
2014-02-21journald: ignore failure to watch hostname_fd on older kernelsDave Reisner
Prior to 3.2, /proc/sys/kernel/hostname isn't a pollable file and sd_event_add_io will return EPERM. Ignore this failure, since it isn't critical to journald operation. Reported and tested by user sraue on IRC.
2014-02-20api: in constructor function calls, always put the returned object pointer ↵Lennart Poettering
first (or second) Previously the returned object of constructor functions where sometimes returned as last, sometimes as first and sometimes as second parameter. Let's clean this up a bit. Here are the new rules: 1. The object the new object is derived from is put first, if there is any 2. The object we are creating will be returned in the next arguments 3. This is followed by any additional arguments Rationale: For functions that operate on an object we always put that object first. Constructors should probably not be too different in this regard. Also, if the additional parameters might want to use varargs which suggests to put them last. Note that this new scheme only applies to constructor functions, not to all other functions. We do give a lot of freedom for those. Note that this commit only changes the order of the new functions we added, for old ones we accept the wrong order and leave it like that.
2014-02-11journald: log provenience of signalsZbigniew Jędrzejewski-Szmek
2014-01-11journald: do not free space when disk space runs lowZbigniew Jędrzejewski-Szmek
Before, journald would remove journal files until both MaxUse= and KeepFree= settings would be satisfied. The first one depends (if set automatically) on the size of the file system and is constant. But the second one depends on current use of the file system, and a spike in disk usage would cause journald to delete journal files, trying to reach usage which would leave 15% of the disk free. This behaviour is surprising for the user who doesn't expect his logs to be purged when disk usage goes above 85%, which on a large disk could be some gigabytes from being full. In addition attempting to keep 15% free provides an attack vector where filling the disk sufficiently disposes of almost all logs. Instead, obey KeepFree= only as a limit on adding additional files. When replacing old files with new, ignore KeepFree=. This means that if journal disk usage reached some high point that at some later point start to violate the KeepFree= constraint, journald will not add files to go above this point, but it will stay (slightly) below it. When journald is restarted, it forgets the previous maximum usage value, and sets the limit based on the current usage, so if disk remains to be filled, journald might use one journal-file-size less on each restart, if restarts happen just after rotation. This seems like a reasonable compromise between implementation complexity and robustness.
2013-12-21journald/server: replace readdir_r with readdirFlorian Weimer
The available_space function now returns 0 if reading the directory fails. Previously, such errors were silently ignored.
2013-12-13event: rework sd-event exit logicLennart Poettering
With this change a failing event source handler will not cause the entire event loop to fail. Instead, we just disable the specific event source, log a message at debug level and go on. This also introduces a new concept of "exit code" which can be stored in the event loop and is returned by sd_event_loop(). We also rename "quit" to "exit" everywhere else. Altogether this should make things more robus and keep errors local while still providing a way to return event loop errors in a clear way.
2013-12-11journald: cache cgroup root path, instead of querying it on every incoming ↵Lennart Poettering
log message
2013-12-11journald: cache hostname, boot_id and machine_id fields instead of ↵Lennart Poettering
generating them fresh for each log entry
2013-12-11journald: port to sd-event and enable watchdog supportLennart Poettering
2013-12-10Ensure unit is journaled for short-lived or oneshot processesDan McGee
In the time it takes to process incoming log messages, the process we are logging details for may exit. This means the cgroup data is no longer available from '/proc'. Unfortunately, the way the code was structured before, we never log _SYSTEMD_UNIT if we don't have this cgroup information. Add an else if case that allows the passed in unit_id to be logged even if we couldn't capture cgroup information. This ensures a command like `journalctl -u run-XXX` will return all log messages from a oneshot process.
2013-11-27journald: mention how long we needed to flush to /var in the logsLennart Poettering
2013-11-06util: unify reading of /proc/cmdlineLennart Poettering
Instead of individually checking for containers in each user do this once in a new call proc_cmdline() that read the file only if we are not in a container.
2013-10-13journald: use greedy_realloc in one placeZbigniew Jędrzejewski-Szmek
2013-10-10security: missing header inclusionsLennart Poettering
2013-10-10security: rework selinux, smack, ima, apparmor detection logicLennart Poettering
Always cache the results, and bypass low-level security calls when the respective subsystem is not enabled.
2013-10-09journald: remove rotated file from hashmap when rotation failsZbigniew Jędrzejewski-Szmek
Before, when the user journal file was rotated, journal_file_rotate could close the old file and fail to open the new file. In that case, we would leave the old (deallocated) file in the hashmap. On subsequent accesses, we could retrieve this stale entry, leading to a segfault. When journal_file_rotate fails with the file pointer set to 0, old file is certainly gone, and cannot be used anymore. https://bugzilla.redhat.com/show_bug.cgi?id=890463
2013-09-27Do not use unitialized variable and remove duplicated lineZbigniew Jędrzejewski-Szmek
2013-09-26journald: accept EPOLLERR from /dev/kmsgZbigniew Jędrzejewski-Szmek
Also print out unexpected epoll events explictly.
2013-09-17journald: avoid NSS in journaldLennart Poettering
In order to avoid a deadlock between journald looking up the "systemd-journal" group name, and nscd (or anyother NSS backing daemon) logging something back to the journal avoid all NSS in journald the same way as we avoid it from PID 1. With this change we rely on the kernel file system logic to adjust the group of created journal files via the SETGID bit on the journal directory. To ensure that it is always set, even after the user created it with a simply "mkdir" on the shell we fix it up via tmpfiles on boot.
2013-09-17journald: log the slice of a process along with each message in _SYSTEMD_SLICE=Lennart Poettering
2013-09-12journald: Log error when failed to get machine-id on startOlivier Brunel
Can help since the journal requires /etc/machine-id to exists in order to start, and will simply silently exit when it does not.
2013-09-10journald: be a bit more verbose when vacuumingZbigniew Jędrzejewski-Szmek
Vacuuming behaviour is a bit confusing, and/or we have some bugs, so those additional messages should help to find out what's going on. Also, rotation of journal files shouldn't be happening too often, so the level of the messages is bumped to info, so that they'll be logged under normal operation.
2013-08-06journald: remove unused variableZbigniew Jędrzejewski-Szmek