summaryrefslogtreecommitdiff
path: root/src/journal/journald-syslog.c
AgeCommit message (Collapse)Author
2016-01-12tree-wide: use xsprintf() where applicableDaniel Mack
Also add a coccinelle receipt to help with such transitions.
2016-01-12Merge pull request #2303 from aadamowski/fix-miscalculated-bufferDaniel Mack
Fix miscalculated buffer size and uses of size-unlimited sprintf()
2016-01-11Fix miscalculated buffer size and uses of size-unlimited sprintf()Aleksander Adamowski
function. Not sure if this results in an exploitable buffer overflow, probably not since the the int value is likely sanitized somewhere earlier and it's being put through a bit mask shortly before being used.
2016-01-08journal: normalize priority of logging sourcesVito Caputo
The stream event source has a priority of SD_EVENT_PRIORITY_NORMAL+5, and stdout source +10, but the native and syslog event sources are left at the default of 0. As a result, any heavy native or syslog logger can cause starvation of the other loggers. This is trivially demonstrated by running: dd if=/dev/urandom bs=8k | od | systemd-cat & # native spammer systemd-run echo hello & # stream logger journalctl --follow --output=verbose --no-pager --identifier=echo & ... and wait, and wait, the "hello" never comes. Now kill %1, "hello" arrives finally.
2015-11-27selinux: split up mac_selinux_have() from mac_selinux_use()Lennart Poettering
Let's distuingish the cases where our code takes an active role in selinux management, or just passively reports whatever selinux properties are set. mac_selinux_have() now checks whether selinux is around for the passive stuff, and mac_selinux_use() for the active stuff. The latter checks the former, plus also checks UID == 0, under the assumption that only when we run priviliged selinux management really makes sense. Fixes: #1941
2015-10-27util-lib: split out allocation calls into alloc-util.[ch]Lennart Poettering
2015-10-27util-lib: split out printf() helpers to stdio-util.hLennart Poettering
2015-10-27io-util.h: move iovec stuff from macro.h to io-util.hLennart Poettering
2015-10-27util-lib: split out syslog-related calls into syslog-util.[ch]Lennart Poettering
2015-10-25util-lib: split out fd-related operations into fd-util.[ch]Lennart Poettering
There are more than enough to deserve their own .c file, hence move them over.
2015-10-24util-lib: split our string related calls from util.[ch] into its own file ↵Lennart Poettering
string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
2015-06-10journald: do not strip leading whitespace from messagesFilipe Brandenburger
Keep leading whitespace for compatibility with older syslog implementations. Also useful when piping formatted output to the `logger` command. Keep removing trailing whitespace. Tested with `pstree | logger` and checking that the output of `journalctl | tail` included aligned and formatted output. Confirmed that all test cases still pass as expected.
2015-04-12journal: use (void) to silence coverityZbigniew Jędrzejewski-Szmek
This shouldn't really fail and anyway not much we can do about it. CID #996292, #996294, #996295.
2015-04-10shared: add process-util.[ch]Ronny Chevalier
2015-04-10shared: add formats-util.hRonny Chevalier
2015-02-03journald: fix some xsprrintf() buffer size falloutLennart Poettering
2015-02-03util: rework strappenda(), and rename it strjoina()Lennart Poettering
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-02-01Add a snprinf wrapper which checks that the buffer was big enoughZbigniew Jędrzejewski-Szmek
If we scale our buffer to be wide enough for the format string, we should expect that the calculation was correct. char_array_0() invocations are removed, since snprintf nul-terminates the output in any case. A similar wrapper is used for strftime calls, but only in timedatectl.c.
2015-01-22import: introduce new mini-daemon systemd-importd, and make machinectl a ↵Lennart Poettering
client to it The old "systemd-import" binary is now an internal tool. We still use it as asynchronous backend for systemd-importd. Since the import tool might require some IO and CPU resources (due to qcow2 explosion, and decompression), and because we might want to run it with more minimal priviliges we still keep it around as the worker binary to execute as child process of importd. machinectl now has verbs for pulling down images, cancelling them and listing them.
2015-01-21journal: Fix syslog forwarding without CAP_SYS_ADMINChristian Seiler
In case CAP_SYS_ADMIN is missing (like in containers), one cannot fake pid in struct ucred (uid/gid are fine if CAP_SETUID/CAP_SETGID are present). Ensure that journald will try again to forward the messages to syslog without faking the SCM_CREDENTIALS pid (which isn't guaranteed to succeed anyway, since it also does the same thing if the process has already exited). With this patch, journald will no longer silently discard messages that are supposed to be sent to syslog in these situations. https://bugs.debian.org/775067
2015-01-05journald: prefix exported calls with "server_", unexport unnecessary callsLennart Poettering
2014-11-28treewide: another round of simplificationsMichal Schmidt
Using the same scripts as in f647962d64e "treewide: yet more log_*_errno + return simplifications".
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-11-28treewide: more log_*_errno + return simplificationsMichal Schmidt
2014-11-28treewide: no need to negate errno for log_*_errno()Michal Schmidt
It corrrectly handles both positive and negative errno values.
2014-11-28treewide: auto-convert the simple cases to log_*_errno()Michal Schmidt
As a followup to 086891e5c1 "log: add an "error" parameter to all low-level logging calls and intrdouce log_error_errno() as log calls that take error numbers", use sed to convert the simple cases to use the new macros: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/' Multi-line log_*() invocations are not covered. And we also should add log_unit_*_errno().
2014-11-03journald: remove a number of malloc()s from the syslog message handlingLennart Poettering
2014-11-03journald: constify all things!Lennart Poettering
2014-10-23mac: also rename use_{smack,selinux,apparmor}() calls so that they share the ↵Lennart Poettering
new mac_{smack,selinux,apparmor}_xyz() convention
2014-07-18Be more verbose when bind or listen failsZbigniew Jędrzejewski-Szmek
Also be more verbose in devnode_acl_all().
2014-07-11journald: turn ForwardToSyslog= off by defaultLennart Poettering
After all, rsyslog and friends nowadays read their data directly from the journal, hence the forwarding is unnecessary in most cases.
2014-06-04journald: move /dev/log socket to /runLennart Poettering
This way we can make the socket also available for sandboxed apps that have their own private /dev. They can now simply symlink the socket from /dev.
2014-05-15Remove unnecessary casts in printfsZbigniew Jędrzejewski-Szmek
No functional change expected :)
2014-03-16Use strlen even for constant stringsJosh Triplett
GCC optimizes strlen("string constant") to a constant, even with -O0. Thus, replace patterns like sizeof("string constant")-1 with strlen("string constant") where possible, for clarity. In particular, for expressions intended to add up the lengths of components going into a string, this often makes it clearer that the expression counts the trailing '\0' exactly once, by putting the +1 for the '\0' at the end of the expression, rather than hidden in a sizeof in the middle of the expression.
2014-03-14journald: add support for wall forwardingSebastian Thorarensen
This will let journald forward logs as messages sent to all logged in users (like wall). Two options are added: * ForwardToWall (default yes) * MaxLevelWall (default emerg) 'ForwardToWall' is overridable by kernel command line option 'systemd.journald.forward_to_wall'. This is used to emulate the traditional syslogd behaviour of sending emergency messages to all logged in users.
2014-02-20api: in constructor function calls, always put the returned object pointer ↵Lennart Poettering
first (or second) Previously the returned object of constructor functions where sometimes returned as last, sometimes as first and sometimes as second parameter. Let's clean this up a bit. Here are the new rules: 1. The object the new object is derived from is put first, if there is any 2. The object we are creating will be returned in the next arguments 3. This is followed by any additional arguments Rationale: For functions that operate on an object we always put that object first. Constructors should probably not be too different in this regard. Also, if the additional parameters might want to use varargs which suggests to put them last. Note that this new scheme only applies to constructor functions, not to all other functions. We do give a lot of freedom for those. Note that this commit only changes the order of the new functions we added, for old ones we accept the wrong order and leave it like that.
2013-12-11journald: port to sd-event and enable watchdog supportLennart Poettering
2013-12-10journald: malloc less when streaming messagesZbigniew Jędrzejewski-Szmek
2013-10-10security: rework selinux, smack, ima, apparmor detection logicLennart Poettering
Always cache the results, and bypass low-level security calls when the respective subsystem is not enabled.
2013-08-19journal: fix parsing of facility in syslog messagesZbigniew Jędrzejewski-Szmek
In 49998b383 (journald: do not overwrite syslog facility when parsing priority) journald started ignoring facility part when reading service stderr to convert to syslog messages. In this case it is fine, because only the priority is allowed. But the same codepath is used for syslog messages, where the facility should be used. Split the two codepaths by explicitly specyfing whether the facility should be ignored or not. https://bugzilla.redhat.com/show_bug.cgi?id=988814
2013-06-20journal: allow callers to specify OBJECT_PID=Zbigniew Jędrzejewski-Szmek
When journald encounters a message with OBJECT_PID= set coming from a priviledged process (UID==0), additional fields will be added to the message: OBJECT_UID=, OBJECT_GID=, OBJECT_COMM=, OBJECT_EXE=, OBJECT_CMDLINE=, OBJECT_AUDIT_SESSION=, OBJECT_AUDIT_LOGINUID=, OBJECT_SYSTEMD_CGROUP=, OBJECT_SYSTEMD_SESSION=, OBJECT_SYSTEMD_OWNER_UID=, OBJECT_SYSTEMD_UNIT= or OBJECT_SYSTEMD_USER_UNIT=. This is for other logging daemons, like setroubleshoot, to be able to augment their logs with data about the process. https://bugzilla.redhat.com/show_bug.cgi?id=951627
2013-06-10journald: do not overwrite syslog facility when parsing priorityZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=65610
2013-04-05Use initalization instead of explicit zeroingZbigniew Jędrzejewski-Szmek
Before, we would initialize many fields twice: first by filling the structure with zeros, and then a second time with the real values. We can let the compiler do the job for us, avoiding one copy. A downside of this patch is that text gets slightly bigger. This is because all zero() calls are effectively inlined: $ size build/.libs/systemd text data bss dec hex filename before 897737 107300 2560 1007597 f5fed build/.libs/systemd after 897873 107300 2560 1007733 f6075 build/.libs/systemd … actually less than 1‰. A few asserts that the parameter is not null had to be removed. I don't think this changes much, because first, it is quite unlikely for the assert to fail, and second, an immediate SEGV is almost as good as an assert.
2012-11-14build-sys: store journald code in a noinst libraryZbigniew Jędrzejewski-Szmek
The point is to allow the use of journald functions by other binaries. Before, journald code was split into multiple files (journald-*.[ch]), but all those files all required functions from journald.c. And journald.c has its own main(). Now, it is possible to link against those functions, e.g. from test binaries. This constitutes a fix for https://bugzilla.redhat.com/show_bug.cgi?id=872638. The patch does the following: 1. rename journald.h to journald-server.h and move corresponding code to journald-server.c. 2. add journald-server.c and other journald-*.c parts to libsystemd-journal-internal. 3. remove journald-syslog.c from test_journal_syslog_SOURCES, since it is now contained in libsystemd-journal-internal. There are no code changes, apart from the removal of a few static's, to allow function calls between files.
2012-10-13journald: properly update message size after stripping the identifierZbigniew Jędrzejewski-Szmek
Valgrind says: ==29176== Conditional jump or move depends on uninitialised value(s) ==29176== at 0x412A85: cunescape_length_with_prefix (util.c:1565) ==29176== by 0x40B351: dev_kmsg_record (journald-kmsg.c:301) ==29176== by 0x40B653: server_read_dev_kmsg (journald-kmsg.c:347) ==29176== by 0x40B701: server_flush_dev_kmsg (journald-kmsg.c:365) ==29176== by 0x409DE7: main (journald.c:1535)
2012-09-17journald: log when we fail to forward messages to syslogLennart Poettering
https://bugzilla.redhat.com/show_bug.cgi?id=847207
2012-08-24journald: add missing includesAllin Cottrell
2012-08-22journald: split console transport stuff into its own fileLennart Poettering
2012-08-22journal: move syslog specific calls out of util.cLennart Poettering
2012-08-22journald: splitt of syslog protocol support into its own fileLennart Poettering