summaryrefslogtreecommitdiff
path: root/src/journal
AgeCommit message (Collapse)Author
2016-09-23journal: fix HMAC calculation when appending a data objectFranck Bui
Since commit 5996c7c295e073ce21d41305169132c8aa993ad0 (v190 !), the calculation of the HMAC is broken because the hash for a data object including a field is done in the wrong order: the field object is hashed before the data object is. However during verification, the hash is done in the opposite order as objects are scanned sequentially.
2016-09-23journal: warn when we fail to append a tag to a journalFranck Bui
We shouldn't silently fail when appending the tag to a journal file since FSS protection will simply be disabled in this case.
2016-09-18journal: fix typo in comment (#4176)Felix Zhang
2016-09-17Merge pull request #4123 from keszybz/network-file-dropinsMartin Pitt
Network file dropins
2016-09-16tree-wide: rename config_parse_many to …_nulstrZbigniew Jędrzejewski-Szmek
In preparation for adding a version which takes a strv.
2016-09-16Updated formatting for printing the key for FSS (#4165)hi117
The key used to be jammed next to the local file path. Based on the format string on line 1675, I determined that the order of arguments was written incorrectly, and updated the function based on that assumption. Before: ``` Please write down the following secret verification key. It should be stored at a safe location and should not be saved locally on disk. /var/log/journal/9b47c1a5b339412887a197b7654673a7/fss8f66d6-f0a998-f782d0-1fe522/18fdb8-35a4e900 The sealing key is automatically changed every 15min. ``` After: ``` Please write down the following secret verification key. It should be stored at a safe location and should not be saved locally on disk. d53ed4-cc43d6-284e10-8f0324/18fdb8-35a4e900 The sealing key is automatically changed every 15min. ```
2016-09-14Merge pull request #4133 from keszybz/strerror-removalMartin Pitt
Strerror removal and other janitorial cleanups
2016-09-13tests: get rid of strerrorZbigniew Jędrzejewski-Szmek
2016-09-13journal-verify: get rid of strerrorZbigniew Jędrzejewski-Szmek
2016-09-13fileio: simplify mkostemp_safe() (#4090)Topi Miettinen
According to its manual page, flags given to mkostemp(3) shouldn't include O_RDWR, O_CREAT or O_EXCL flags as these are always included. Beyond those, the only flag that all callers (except a few tests where it probably doesn't matter) use is O_CLOEXEC, so set that unconditionally.
2016-08-26journal: add/use flushed_flag_is_set() helper (#4041)Vito Caputo
Minor cleanup suggested by Lennart.
2016-08-25journal: implicitly flush to var on recovery (#4028)Vito Caputo
When the system journal becomes re-opened post-flush with the runtime journal open, it implies we've recovered from something like an ENOSPC situation where the system journal rotate had failed, leaving the system journal closed, causing the runtime journal to be opened post-flush. For the duration of the unavailable system journal, we log to the runtime journal. But when the system journal gets opened (space made available, for example), we need to close the runtime journal before new journal writes will go to the system journal. Calling server_flush_to_var() after opening the system journal with a runtime journal present, post-flush, achieves this while preserving the runtime journal's contents in the system journal. The combination of the present flushed flag file and the runtime journal being open is a state where we should be logging to the system journal, so it's appropriate to resume doing so once we've successfully opened the system journal.
2016-08-18journald: do not create split journals for dynamic usersZbigniew Jędrzejewski-Szmek
Dynamic users should be treated like system users, and their logs should end up in the main system journal.
2016-08-17Merge pull request #3946 from keszybz/open-journal-rootLennart Poettering
Make journalctl more flexible
2016-08-17journal: ensure open journals from find_journal() (#3973)Vito Caputo
If journals get into a closed state like when rotate fails due to ENOSPC, when space is made available it currently goes unnoticed leaving the journals in a closed state indefinitely. By calling system_journal_open() on entry to find_journal() we ensure the journal has been opened/created if possible. Also moved system_journal_open() up to after open_journal(), before find_journal(). Fixes https://github.com/systemd/systemd/issues/3968
2016-08-12journalctl: allow --root argument for journal watchingZbigniew Jędrzejewski-Szmek
It is useful to look at a (possibly inactive) container or other os tree with --root=/path/to/container. This is similar to specifying --directory=/path/to/container/var/log/journal --directory=/path/to/container/run/systemd/journal (if using --directory multiple times was allowed), but doesn't require as much typing.
2016-08-12sd-journal: fix sd_journal_open_directory with SD_JOURNAL_OS_ROOTZbigniew Jędrzejewski-Szmek
The directory argument that is given to sd_j_o_d was ignored when SD_JOURNAL_OS_ROOT was given, and directories relative to the root of the host file system were used. With that flag, sd_j_o_d should do the same as sd_j_open_container: use the path as "prefix", i.e. the directory relative to which everything happens. Instead of touching sd_j_o_d, journal_new is fixed to do what sd_j_o_c was doing, and treat the specified path as prefix when SD_JOURNAL_OS_ROOT is specified.
2016-08-12sd-journal: allow SYSTEM and CURRENT_USER flags with sd_j_open_directory[_fd]Zbigniew Jędrzejewski-Szmek
There is no reason not to. This makes journalctl -D ... --system work, useful for example when viewing files from a deactivated container.
2016-08-12sd-journal: split out flags into separate defines for legibilityZbigniew Jędrzejewski-Szmek
… in preparation for future changes.
2016-08-09sd-journal: watch logs below container's /{var,run}/log/journal (instead of ↵Evgeny Vereshchagin
the /) (#3934) Fixes #3927.
2016-08-06buildsys,journal: allow -fsanitize=address without VALGRIND definedCristian Rodríguez
Fixed (master) versions of libtool pass -fsanitize=address correctly into CFLAGS and LDFLAGS allowing ASAN to be used without any special configure tricks..however ASAN triggers in lookup3.c for the same reasons valgrind does. take the alternative codepath if __SANITIZE_ADDRESS__ is defined as well.
2016-08-04util-lib: rework /tmp and /var/tmp handling codeLennart Poettering
Beef up the existing var_tmp() call, rename it to var_tmp_dir() and add a matching tmp_dir() call (the former looks for the place for /var/tmp, the latter for /tmp). Both calls check $TMPDIR, $TEMP, $TMP, following the algorithm Python3 uses. All dirs are validated before use. secure_getenv() is used in order to limite exposure in suid binaries. This also ports a couple of users over to these new APIs. The var_tmp() return parameter is changed from an allocated buffer the caller will own to a const string either pointing into environ[], or into a static const buffer. Given that environ[] is mostly considered constant (and this is exposed in the very well-known getenv() call), this should be OK behaviour and allows us to avoid memory allocations in most cases. Note that $TMPDIR and friends override both /var/tmp and /tmp usage if set.
2016-08-04journalctl,systemctl: add "short-full", "short-unix" mode to --helpZbigniew Jędrzejewski-Szmek
2016-08-02gitignore: libsystemd-journal.pc is no more (#3863)Zbigniew Jędrzejewski-Szmek
…since 4de282cf9324ab.
2016-07-26journald: deprecate SplitMode=login (#3805)Zbigniew Jędrzejewski-Szmek
In this mode, messages from processes which are not part of the session land in the main journal file, and only output of processes which are properly part of the session land in the user's journal. This is confusing, in particular because systemd-coredump runs outside of the login session. "Deprecate" SplitMode=login by removing it from documentation, to discourage people from using it.
2016-07-22tree-wide: use sd_id128_is_null() instead of sd_id128_equal where appropriateLennart Poettering
It's a bit easier to read because shorter. Also, most likely a tiny bit faster.
2016-07-19sd-journal: suppress empty linesLennart Poettering
Let's make sure our logging APIs is in sync with how stdout/stderr logging works.
2016-07-19sd-journal: when formatting log messages, implicitly strip trailing whitespaceLennart Poettering
When converting log messages from human readable text into binary records to send off to journald in sd_journal_print(), strip trailing whitespace in the log message. This way, handling of logs made via syslog(), stdout/stderr and sd_journal_print() are treated the same way: trailing (but not leading) whitespace is automatically removed, in particular \n and \r. Note that in case of syslog() and stdout/stderr based logging the stripping takes place server-side though, while for the native protocol based transport this takes place client-side. This is because in the former cases conversion from free-form human-readable strings into structured, binary log records takes place on the server-side while for journal-native logging it happens on the client side, and after conversion into binary records we probably shouldn't alter the data anymore. See: #3416
2016-07-15tree-wide: get rid of selinux_context_t (#3732)Zbigniew Jędrzejewski-Szmek
https://github.com/SELinuxProject/selinux/commit/9eb9c9327563014ad6a807814e7975424642d5b9 deprecated selinux_context_t. Replace with a simple char* everywhere. Alternative fix for #3719.
2016-07-11treewide: fix typos and remove accidental repetition of wordsTorstein Husebø
2016-06-30journalctl: Make temporary files directory configurable (#3574)ottopotto
journalctl: Use env variable TMPDIR to save temporary files
2016-06-28journalct: allow --boot=0 to DTRT with --file/--directoryZbigniew Jędrzejewski-Szmek
--boot=0 magically meant "this boot", but when used with --file/--directory it should simply refer to the last boot found in the specified journal. This way, --boot and --list-boots are consistent. Fixes #3603.
2016-06-28journalctl: use simpler variable names in get_boots()Zbigniew Jędrzejewski-Szmek
Those are just local variables and ref_boot_offset is especially obnoxious.
2016-06-28journalct: do no allow --this-boot to take argumentsZbigniew Jędrzejewski-Szmek
Before --this-boot was deprecated in a331b5e6d47243, it did not take any arguments.
2016-06-28journalctl: allow --file/--directory with --boot or --list-bootsZbigniew Jędrzejewski-Szmek
It works mostly fine, and can be quite useful to examine data from another system. OTOH, a single boot id doesn't make sense with --merge, so mixing with --merge is still not allowed.
2016-06-21tree-wide: some work-arounds for gcc false positives regarding uninitialized ↵Lennart Poettering
variables
2016-05-30tree-wide: check colors_enabled() before outputting ANSI color stringsLennart Poettering
2016-05-30tree-wide: use ansi_highlight() instead of ANSI_HIGHLIGHT where appropriateLennart Poettering
Let's make sure SYSTEMD_COLORS is honour by more tools
2016-05-05journald: stack allocation cannot failLennart Poettering
No need to check whether alloca() failed...
2016-05-05tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhereLennart Poettering
The macro determines the right length of a AF_UNIX "struct sockaddr_un" to pass to connect() or bind(). It automatically figures out if the socket refers to an abstract namespace socket, or a socket in the file system, and properly handles the full length of the path field. This macro is not only safer, but also simpler to use, than the usual offsetof() + strlen() logic.
2016-05-04treewide: fix typos (#3187)Torstein Husebø
2016-05-02tree-wide: fix invocations of chattr_path()Lennart Poettering
chattr_path() takes two bitmasks, and no booleans. Fix the various invocations to do this properly.
2016-04-29core: rename StartLimitInterval= to StartLimitIntervalSec=Lennart Poettering
We generally follow the rule that for time settings we suffix the setting name with "Sec" to indicate the default unit if none is specified. The only exception was the rate limiting interval settings. Fix this, and keep the old names for compatibility. Do the same for journald's RateLimitInterval= setting
2016-04-29journal-file: when rotating a journal file, fsync directory tooLennart Poettering
As suggested by: https://github.com/systemd/systemd/pull/3126#discussion_r61125474
2016-04-29journal: when creating a new journal file, fsync() the directory it is ↵Lennart Poettering
created in too Fixes: #2831
2016-04-27Correctly parse OBJECT_PID in journald messages (#3129)Nalin Dahyabhai
The parse_pid() function doesn't succeed if we don't zero-terminate after the last digit in the buffer.
2016-04-27journal: set STATE_ARCHIVED as part of offlining (#2740)Vito Caputo
The only code path which makes a journal durable is via journal_file_set_offline(). When we perform a rotate the journal's header->state is being set to STATE_ARCHIVED prior to journal_file_set_offline() being called. In journal_file_set_offline(), we short-circuit the entire offline when f->header->state != STATE_ONLINE. This all results in none of the journal_file_set_offline() fsync() calls being reached when rotate archives a journal, so archived journals are never explicitly made durable. What we do now is instead of setting the f->header->state to STATE_ARCHIVED directly in journal_file_rotate() prior to journal_file_close(), we set an archive flag in f->archive for the journal_file_set_offline() machinery to honor by committing STATE_ARCHIVED instead of STATE_OFFLINE when set. Prior to this, rotated journals were never getting fsync() explicitly performed on them, since journal_file_set_offline() short-circuited. Obviously this is undesirable, and depends entirely on the underlying filesystem as to how much durability was achieved when simply closing the file. Note that this problem existed prior to the recent asynchronous fsync changes, but those changes do facilitate our performing this durable offline on rotate without blocking, regardless of the underlying filesystem sync-on-close semantics.
2016-04-26journal-file: make seeking in corrupted files workLennart Poettering
Previously, when we used a bisection table for seeking through a corrupted file, and the end of the bisection table was corrupted we'd most likely fail the entire seek operation. Improve the situation: if we encounter invalid entries in a bisection table, linearly go backwards until we find a working entry again.
2016-04-26journal-file: when iterating through a partly corruped journal file, treat ↵Lennart Poettering
error like EOF When we linearly iterate through a corrupted journal file, and we encounter a read error, don't consider this fatal, but merely as EOF condition (and log about it).
2016-04-26journal-file: always generate the same error when encountering corrupted filesLennart Poettering
Let's make sure EBADMSG is the one error we throw when we encounter corrupted data, so that we can neatly test for it.