From 15d91bff36c61d38df8edff258d1702a017a0e66 Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Sat, 1 Aug 2015 19:53:03 -0400 Subject: journald: move server_restore_streams out of server_open_stdout_socket One has little to do with the other, so it's confusing that the second also calls the first. --- src/journal/journald-server.c | 9 ++++++--- src/journal/journald-stream.c | 7 ++----- src/journal/journald-stream.h | 4 ++-- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index 28b1472ac8..bff4e6f537 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -1561,15 +1561,18 @@ int server_init(Server *s) { } } - r = server_open_stdout_socket(s, fds); - if (r < 0) - return r; + /* Try to restore streams, but don't bother if this fails */ + (void) server_restore_streams(s, fds); if (fdset_size(fds) > 0) { log_warning("%u unknown file descriptors passed, closing.", fdset_size(fds)); fds = fdset_free(fds); } + r = server_open_stdout_socket(s); + if (r < 0) + return r; + r = server_open_syslog_socket(s); if (r < 0) return r; diff --git a/src/journal/journald-stream.c b/src/journal/journald-stream.c index db2f581972..c038b4cced 100644 --- a/src/journal/journald-stream.c +++ b/src/journal/journald-stream.c @@ -629,7 +629,7 @@ static int stdout_stream_restore(Server *s, const char *fname, int fd) { return 0; } -static int server_restore_streams(Server *s, FDSet *fds) { +int server_restore_streams(Server *s, FDSet *fds) { _cleanup_closedir_ DIR *d = NULL; struct dirent *de; int r; @@ -683,7 +683,7 @@ fail: return log_error_errno(errno, "Failed to read streams directory: %m"); } -int server_open_stdout_socket(Server *s, FDSet *fds) { +int server_open_stdout_socket(Server *s) { int r; assert(s); @@ -719,8 +719,5 @@ int server_open_stdout_socket(Server *s, FDSet *fds) { if (r < 0) return log_error_errno(r, "Failed to adjust priority of stdout server event source: %m"); - /* Try to restore streams, but don't bother if this fails */ - (void) server_restore_streams(s, fds); - return 0; } diff --git a/src/journal/journald-stream.h b/src/journal/journald-stream.h index 94bf955d78..257dce45df 100644 --- a/src/journal/journald-stream.h +++ b/src/journal/journald-stream.h @@ -24,6 +24,6 @@ #include "fdset.h" #include "journald-server.h" -int server_open_stdout_socket(Server *s, FDSet *fds); - +int server_open_stdout_socket(Server *s); +int server_restore_streams(Server *s, FDSet *fds); void stdout_stream_free(StdoutStream *s); -- cgit v1.2.3-54-g00ecf From 7d18d348da26fdbb392c76b0f5edb7f06282afbb Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Sun, 2 Aug 2015 13:55:57 -0400 Subject: journald: make audit socket optional If we were given some sockets through socket activation, and audit socket is not among them, do not try to open it. This way, if the socket unit is disabled, we will not receive audit events. https://bugzilla.redhat.com/show_bug.cgi?id=1227379 --- src/journal/journald-server.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index bff4e6f537..ae325c439e 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -1453,6 +1453,7 @@ static int server_open_hostname(Server *s) { int server_init(Server *s) { _cleanup_fdset_free_ FDSet *fds = NULL; int n, r, fd; + bool no_sockets; assert(s); @@ -1569,6 +1570,9 @@ int server_init(Server *s) { fds = fdset_free(fds); } + no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0; + + /* always open stdout, syslog, native, and kmsg sockets */ r = server_open_stdout_socket(s); if (r < 0) return r; @@ -1585,9 +1589,12 @@ int server_init(Server *s) { if (r < 0) return r; - r = server_open_audit(s); - if (r < 0) - return r; + /* Unless we got *some* sockets and not audit, open audit socket */ + if (s->audit_fd >= 0 || no_sockets) { + r = server_open_audit(s); + if (r < 0) + return r; + } r = server_open_kernel_seqnum(s); if (r < 0) -- cgit v1.2.3-54-g00ecf From 37b7affefde5443680d73642a990ce86776e28af Mon Sep 17 00:00:00 2001 From: Zbigniew Jędrzejewski-Szmek Date: Sun, 11 Oct 2015 23:25:43 -0400 Subject: Document journald sockets paths a bit more Adding them to the documentation makes it easier to find the right man page for people who are trying to understand where some socket in the filesystem is coming from. --- Makefile-man.am | 5 +++++ man/systemd-journald.service.xml | 17 ++++++++++++++++- src/journal/journald-server.c | 5 +++++ 3 files changed, 26 insertions(+), 1 deletion(-) diff --git a/Makefile-man.am b/Makefile-man.am index 218a299e91..3fbc8866c0 100644 --- a/Makefile-man.am +++ b/Makefile-man.am @@ -372,6 +372,7 @@ MANPAGES_ALIAS += \ man/systemd-hybrid-sleep.service.8 \ man/systemd-initctl.8 \ man/systemd-initctl.socket.8 \ + man/systemd-journald-audit.socket.8 \ man/systemd-journald-dev-log.socket.8 \ man/systemd-journald.8 \ man/systemd-journald.socket.8 \ @@ -658,6 +659,7 @@ man/systemd-hibernate.service.8: man/systemd-suspend.service.8 man/systemd-hybrid-sleep.service.8: man/systemd-suspend.service.8 man/systemd-initctl.8: man/systemd-initctl.service.8 man/systemd-initctl.socket.8: man/systemd-initctl.service.8 +man/systemd-journald-audit.socket.8: man/systemd-journald.service.8 man/systemd-journald-dev-log.socket.8: man/systemd-journald.service.8 man/systemd-journald.8: man/systemd-journald.service.8 man/systemd-journald.socket.8: man/systemd-journald.service.8 @@ -1364,6 +1366,9 @@ man/systemd-initctl.html: man/systemd-initctl.service.html man/systemd-initctl.socket.html: man/systemd-initctl.service.html $(html-alias) +man/systemd-journald-audit.socket.html: man/systemd-journald.service.html + $(html-alias) + man/systemd-journald-dev-log.socket.html: man/systemd-journald.service.html $(html-alias) diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml index dae6ee6042..6b572b8725 100644 --- a/man/systemd-journald.service.xml +++ b/man/systemd-journald.service.xml @@ -46,6 +46,7 @@ systemd-journald.service systemd-journald.socket systemd-journald-dev-log.socket + systemd-journald-audit.socket systemd-journald Journal service @@ -54,6 +55,7 @@ systemd-journald.service systemd-journald.socket systemd-journald-dev-log.socket + systemd-journald-audit.socket /usr/lib/systemd/systemd-journald @@ -227,7 +229,20 @@ /var/log/journal is not available, or when is set in the journald.conf5 - configuration file. + configuration file. + + + + /dev/kmsg + /dev/log + /run/systemd/journal/dev-log + /run/systemd/journal/socket + /run/systemd/journal/stdout + + Sockets that + systemd-journald will listen on that are + visible in the file system. In addition to those, journald can + listen for audit events using netlink. diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index ae325c439e..3d5f2524fe 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -1573,18 +1573,23 @@ int server_init(Server *s) { no_sockets = s->native_fd < 0 && s->stdout_fd < 0 && s->syslog_fd < 0 && s->audit_fd < 0; /* always open stdout, syslog, native, and kmsg sockets */ + + /* systemd-journald.socket: /run/systemd/journal/stdout */ r = server_open_stdout_socket(s); if (r < 0) return r; + /* systemd-journald-dev-log.socket: /run/systemd/journal/dev-log */ r = server_open_syslog_socket(s); if (r < 0) return r; + /* systemd-journald.socket: /run/systemd/journal/socket */ r = server_open_native_socket(s); if (r < 0) return r; + /* /dev/ksmg */ r = server_open_dev_kmsg(s); if (r < 0) return r; -- cgit v1.2.3-54-g00ecf