Age | Commit message (Collapse) | Author |
|
If we encounter an inconsistency in a file, let's just
ignore it. Otherwise, after previous patch, we would try,
and fail, to use this file in every invocation of sd_journal_next
or sd_journal_previous that happens afterwards.
|
|
With a corrupted file, we can get in a situation where two entries
in the entry array point to the same object. Then journal_file_next_entry
will find the first one using generic_arrray_bisect, and try to move to
the second one, but since the address is the same, generic_array_get will
return the first one. journal_file_next_entry ends up in an infinite loop.
https://bugzilla.redhat.com/show_bug.cgi?id=1047039
|
|
"level" is a bit too generic, let's clarify what kind of level we are
referring to here.
|
|
Positional arguments only make sense with the default action.
For other actions, complain instead of ignoring them silently.
|
|
As pointed-out by clang -Wunreachable-code.
No behaviour changes.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1047148
|
|
for sizes
According to Wikipedia it is customary to specify hardware metrics and
transfer speeds to the basis 1000 (SI decimal), while software metrics
and physical volatile memory (RAM) sizes to the basis 1024 (IEC binary).
So far we specified everything in IEC, let's fix that and be more
true to what's otherwise customary. Since we don't want to parse "Mi"
instead of "M" we document each time what the context used is.
|
|
Prior to 3.2, /proc/sys/kernel/hostname isn't a pollable file and
sd_event_add_io will return EPERM. Ignore this failure, since it isn't
critical to journald operation.
Reported and tested by user sraue on IRC.
|
|
|
|
gcc (4.8.2, arm) does not understand that journal_file_append_field()
will always set 'fo' when it returns 0, so this warning is bogus.
Anyway, fix it by initialiting fo = NULL.
|
|
gcc (4.8.2, arm) does not understand that next_beyond_location() will
always set 'p' when it returns > 0. Initialize p in order to fix this.
|
|
first (or second)
Previously the returned object of constructor functions where sometimes
returned as last, sometimes as first and sometimes as second parameter.
Let's clean this up a bit. Here are the new rules:
1. The object the new object is derived from is put first, if there is any
2. The object we are creating will be returned in the next arguments
3. This is followed by any additional arguments
Rationale:
For functions that operate on an object we always put that object first.
Constructors should probably not be too different in this regard. Also,
if the additional parameters might want to use varargs which suggests to
put them last.
Note that this new scheme only applies to constructor functions, not to
all other functions. We do give a lot of freedom for those.
Note that this commit only changes the order of the new functions we
added, for old ones we accept the wrong order and leave it like that.
|
|
|
|
sd_journal_get_cutoff_realtime_usec() on failure
|
|
If -flto is used then gcc will generate a lot more warnings than before,
among them a number of use-without-initialization warnings. Most of them
without are false positives, but let's make them go away, because it
doesn't really matter.
|
|
Resolve spotted issues related to missing or extraneous commas, dashes.
|
|
|
|
|
|
This is now part of libsystemd.
|
|
In trying to track down a stupid linker bug, I noticed a bunch of
memset() calls that should be using memzero() to make it more "obvious"
that the options are correct (i.e. 0 is not the length, but the data to
set). So fix up all current calls to memset(foo, 0, length) to
memzero(foo, length).
|
|
Current glibc implementation is safe. Kernel does this atomically,
and write is actually implemented through writev. So if write is
async-signal-safe, than writev pretty much must be too.
|
|
Let's unify our code here, and also always specifiy O_CLOEXEC.
|
|
signal(7) provides a list of functions which may be called from a
signal handler. Other functions, which only call those functions and
don't access global memory and are reentrant are also safe.
sd_j_sendv was mostly OK, but would call mkostemp and writev in a
fallback path, which are unsafe.
Being able to call sd_j_sendv in a async-signal-safe way is important
because it allows it be used in signal handlers.
Safety is achieved by replacing mkostemp with open(O_TMPFILE) and an
open-coded writev replacement which uses write. Unfortunately,
O_TMPFILE is only available on kernels >= 3.11. When O_TMPFILE is
unavailable, an open-coded mkostemp is used.
https://bugzilla.gnome.org/show_bug.cgi?id=722889
|
|
This will only work on Linux >= 3.11, and probably not on all
filesystems. Fallback code is provided.
|
|
In the case of the error set_consume will free the pointer 'pattern'
which is later used in log_error. Either we should stop priniting that
or use simple set_put and free pattern manually.
This reverts commit ece6b8fd5bbc1fee16f652e680e3033f2f3efc4a.
|
|
This reverts commit cf50a55277ee432e1217ad894afcbd9a664ff96c.
set_consume frees on error.
|
|
|
|
Before, journald would remove journal files until both MaxUse= and
KeepFree= settings would be satisfied. The first one depends (if set
automatically) on the size of the file system and is constant. But
the second one depends on current use of the file system, and a spike
in disk usage would cause journald to delete journal files, trying to
reach usage which would leave 15% of the disk free. This behaviour is
surprising for the user who doesn't expect his logs to be purged when
disk usage goes above 85%, which on a large disk could be some
gigabytes from being full. In addition attempting to keep 15% free
provides an attack vector where filling the disk sufficiently disposes
of almost all logs.
Instead, obey KeepFree= only as a limit on adding additional files.
When replacing old files with new, ignore KeepFree=. This means that
if journal disk usage reached some high point that at some later point
start to violate the KeepFree= constraint, journald will not add files
to go above this point, but it will stay (slightly) below it. When
journald is restarted, it forgets the previous maximum usage value,
and sets the limit based on the current usage, so if disk remains to
be filled, journald might use one journal-file-size less on each
restart, if restarts happen just after rotation. This seems like a
reasonable compromise between implementation complexity and robustness.
|
|
This is a continuation of e3e0314b systemctl: allow globbing in commands
which take multiple unit names.
Multiple patterns can be specified, as separate arguments, or as one argument
with patterns seperated by commas.
If patterns are given, at least one unit must be matched (by any of the patterns).
This is different behaviour than systemctl, but here it is necessary because
otherwise anything would be matched, which is unlikely to be the intended
behaviour.
https://bugs.freedesktop.org/show_bug.cgi?id=59336
|
|
sd_j_e_u needs to keep a reference to an object while comparing it
with possibly duplicate objects in other files. Because the size of
mmap cache is limited, with enough files and object to compare to,
at some point the object being compared would be munmapped, resulting
in a segmentation fault.
Fix this issue by turning keep_always into a reference count that can
be increased and decreased. Other callers which set keep_always=true
are unmodified: their references are never released but are ignored
when the whole file is closed, which happens at some point. keep_always
is increased in sd_j_e_u and later on released.
|
|
Convert entry_array.items[0] to host byte order prior to passing it to
chain_cache_put().
[zj: also use le64toh in journal-verify.c]
https://bugs.freedesktop.org/show_bug.cgi?id=73194
|
|
Suggested-by: Russ Allbery <rra@debian.org>
|
|
|
|
|
|
This reverts commit cf5bccc2bb9569030cb04debbc4208aaca0fe5b4.
We should fix thinks properly if they aren't perfect, not just break
other things...
|
|
This flag shouldn't try and consume the following argument. It should
behave like every other flag which takes an optional argument when
parsed by getopt_long.
|
|
including it in the log strings
|
|
Introduce new call getpeercred() which internally just uses SO_PEERCRED
but checks if the returned data is actually useful due to namespace
quirks.
|
|
|
|
SipHash appears to be the new gold standard for hashing smaller strings
for hashtables these days, so let's make use of it.
|
|
This commit also adds error handling for failures during
directory reading.
|
|
The available_space function now returns 0 if reading the directory
fails. Previously, such errors were silently ignored.
|
|
|
|
-- fix grammar and reword some descriptions for clarity
-- add a useful description of what --follow does
-- fix the description for --after-cursor
-- properly introduce the FSS acronym for "Forward Secure Sealing" in
both sections
-- clarify the --disk-usage command
[zj: perform similar changes to zsh completions]
squash! journalctl: fix several issues in --help message text
|
|
also define noreturn w/o <stdnoreturn.h>
|
|
we also do 'last_index = (uint64_t) -1;' at the end of the while
loop so there is no reason to also do it here.
|
|
|
|
|
|
|
|
While all the libc implementations I know return NULL when memchr's size
parameter is 0, without accessing any memory, passing NULL to memchr is
still invalid:
C11 7.24.1p2: Where an argument declared as "size_t n" specifies the length
of the array for a function, n can have the value zero on a call to that
function. Unless explicitly stated otherwise in the description of a
particular function in this subclause, pointer arguments on such a call
shall still have valid values, as described in 7.1.4. On such a call, a
function that locates a character finds no occurrence, a function that
compares two character sequences returns zero, and a function that copies
characters copies zero characters.
see http://llvm.org/bugs/show_bug.cgi?id=18247
|