#include <fcntl.h>
#include <errno.h>
#include <stddef.h>
+#include <string.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <stdlib.h>
-#include "journal-file.h"
-
-static int system_journal_open(JournalFile **f) {
- int r;
- char *fn;
- sd_id128_t machine;
- char ids[33];
-
- assert(f);
-
- r = sd_id128_get_machine(&machine);
- if (r < 0)
- return r;
-
- fn = join("/var/log/journal/", sd_id128_to_string(machine, ids), "/system.journal", NULL);
- if (!fn)
- return -ENOMEM;
-
- r = journal_file_open(fn, O_RDONLY, 0640, NULL, f);
- free(fn);
-
- if (r >= 0)
- return r;
-
- if (r < 0 && r != -ENOENT) {
- log_error("Failed to open system journal: %s", strerror(-r));
- return r;
- }
-
- fn = join("/run/log/journal/", ids, "/system.journal", NULL);
- if (!fn)
- return -ENOMEM;
-
- r = journal_file_open(fn, O_RDONLY, 0640, NULL, f);
- free(fn);
-
- if (r < 0) {
- log_error("Failed to open system journal: %s", strerror(-r));
- return r;
- }
-
- return r;
-}
+#include "sd-journal.h"
+#include "log.h"
int main(int argc, char *argv[]) {
int r;
- JournalFile *f;
- Object *o = NULL;
+ sd_journal *j = NULL;
+
+ log_set_max_level(LOG_DEBUG);
+ log_set_target(LOG_TARGET_CONSOLE);
log_parse_environment();
log_open();
- r = system_journal_open(&f);
+ r = sd_journal_open(&j);
if (r < 0) {
log_error("Failed to open journal: %s", strerror(-r));
- return EXIT_FAILURE;
+ goto finish;
}
- for (;;) {
- uint64_t offset;
- uint64_t n, i;
+ SD_JOURNAL_FOREACH(j) {
+ const void *data;
+ size_t length;
+ char *cursor;
- r = journal_file_next_entry(f, o, &o, &offset);
+ r = sd_journal_get_cursor(j, &cursor);
if (r < 0) {
- log_error("Failed to read journal: %s", strerror(-r));
+ log_error("Failed to get cursor: %s", strerror(-r));
goto finish;
}
- if (r == 0)
- break;
+ printf("entry: %s\n", cursor);
+ free(cursor);
- printf("entry: %llu\n", (unsigned long long) le64toh(o->entry.seqnum));
-
- n = journal_file_entry_n_items(o);
- for (i = 0; i < n; i++) {
- uint64_t p, l;
-
- p = le64toh(o->entry.items[i].object_offset);
- r = journal_file_move_to_object(f, p, OBJECT_DATA, &o);
- if (r < 0) {
- log_error("Failed to move to data: %s", strerror(-r));
- goto finish;
- }
-
- l = o->object.size - offsetof(Object, data.payload);
- printf("\t[%.*s]\n", (int) l, o->data.payload);
-
- r = journal_file_move_to_object(f, offset, OBJECT_ENTRY, &o);
- if (r < 0) {
- log_error("Failed to move back to entry: %s", strerror(-r));
- goto finish;
- }
- }
+ SD_JOURNAL_FOREACH_FIELD(j, data, length)
+ printf("\t%.*s\n", (int) length, (const char*) data);
}
finish:
- journal_file_close(f);
+ if (j)
+ sd_journal_close(j);
- return 0;
+ return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}
#include <errno.h>
#include <fcntl.h>
+#include <stddef.h>
#include "sd-journal.h"
#include "journal-def.h"
if (new_current) {
j->current_file = new_current;
- f->current_offset = new_offset;
+ j->current_file->current_offset = new_offset;
+ j->current_file->current_field = 0;
return 1;
}
if (new_current) {
j->current_file = new_current;
- f->current_offset = new_offset;
+ j->current_file->current_offset = new_offset;
+ j->current_file->current_field = 0;
return 1;
}
return 0;
}
-int sd_journal_get_cursor(sd_journal *j, void **cursor, size_t *size) {
- JournalCursor *c;
+int sd_journal_get_cursor(sd_journal *j, char **cursor) {
Object *o;
int r;
+ char bid[33], sid[33];
assert(j);
assert(cursor);
- assert(size);
- if (!j->current_file || !j->current_file->current_offset <= 0)
- return 0;
+ if (!j->current_file || j->current_file->current_offset <= 0)
+ return -EADDRNOTAVAIL;
r = journal_file_move_to_object(j->current_file, j->current_file->current_offset, OBJECT_ENTRY, &o);
if (r < 0)
return r;
- c = new0(JournalCursor, 1);
- if (!c)
- return -ENOMEM;
+ sd_id128_to_string(j->current_file->header->seqnum_id, sid);
+ sd_id128_to_string(o->entry.boot_id, bid);
- c->version = 1;
- c->seqnum = o->entry.seqnum;
- c->seqnum_id = j->current_file->header->seqnum_id;
- c->boot_id = o->entry.boot_id;
- c->monotonic = o->entry.monotonic;
- c->realtime = o->entry.realtime;
- c->xor_hash = o->entry.xor_hash;
-
- *cursor = c;
- *size = sizeof(JournalCursor);
+ if (asprintf(cursor,
+ "s=%s;i=%llx;b=%s;m=%llx;t=%llx;x=%llx;p=%s",
+ sid, (unsigned long long) le64toh(o->entry.seqnum),
+ bid, (unsigned long long) le64toh(o->entry.monotonic),
+ (unsigned long long) le64toh(o->entry.realtime),
+ (unsigned long long) le64toh(o->entry.xor_hash),
+ file_name_from_path(j->current_file->path)) < 0)
+ return -ENOMEM;
return 1;
}
-int sd_journal_set_cursor(sd_journal *j, const void *cursor, size_t size) {
+int sd_journal_set_cursor(sd_journal *j, const char *cursor) {
return -EINVAL;
}
+static int add_file(sd_journal *j, const char *prefix, const char *dir, const char *filename) {
+ char *fn;
+ int r;
+ JournalFile *f;
+
+ assert(j);
+ assert(prefix);
+ assert(filename);
+
+ if (dir)
+ fn = join(prefix, "/", dir, "/", filename, NULL);
+ else
+ fn = join(prefix, "/", filename, NULL);
+
+ if (!fn)
+ return -ENOMEM;
+
+ r = journal_file_open(fn, O_RDONLY, 0, NULL, &f);
+ free(fn);
+
+ if (r < 0) {
+ if (errno == ENOENT)
+ return 0;
+
+ return r;
+ }
+
+ r = hashmap_put(j->files, f->path, f);
+ if (r < 0) {
+ journal_file_close(f);
+ return r;
+ }
+
+ return 0;
+}
+
+static int add_directory(sd_journal *j, const char *prefix, const char *dir) {
+ char *fn;
+ int r;
+ DIR *d;
+
+ assert(j);
+ assert(prefix);
+ assert(dir);
+
+ fn = join(prefix, "/", dir, NULL);
+ if (!fn)
+ return -ENOMEM;
+
+ d = opendir(fn);
+ free(fn);
+
+ if (!d) {
+ if (errno == ENOENT)
+ return 0;
+
+ return -errno;
+ }
+
+ for (;;) {
+ struct dirent buf, *de;
+
+ r = readdir_r(d, &buf, &de);
+ if (r != 0 || !de)
+ break;
+
+ if (!dirent_is_file_with_suffix(de, ".journal"))
+ continue;
+
+ r = add_file(j, prefix, dir, de->d_name);
+ if (r < 0)
+ log_debug("Failed to add file %s/%s/%s: %s", prefix, dir, de->d_name, strerror(-r));
+ }
+
+ closedir(d);
+
+ return 0;
+}
+
int sd_journal_open(sd_journal **ret) {
sd_journal *j;
- char *fn;
const char *p;
- int r = 0;
const char search_paths[] =
"/run/log/journal\0"
"/var/log/journal\0";
+ int r;
assert(ret);
return -ENOMEM;
j->files = hashmap_new(string_hash_func, string_compare_func);
- if (!j->files)
+ if (!j->files) {
+ r = -ENOMEM;
goto fail;
+ }
+
+ /* We ignore most errors here, since the idea is to only open
+ * what's actually accessible, and ignore the rest. */
NULSTR_FOREACH(p, search_paths) {
DIR *d;
d = opendir(p);
if (!d) {
- if (errno != ENOENT && r == 0)
- r = -errno;
-
+ if (errno != ENOENT)
+ log_debug("Failed to open %s: %m", p);
continue;
}
for (;;) {
struct dirent buf, *de;
- int k;
- JournalFile *f;
-
- k = readdir_r(d, &buf, &de);
- if (k != 0) {
- if (r == 0)
- r = -k;
-
- break;
- }
+ sd_id128_t id;
- if (!de)
+ r = readdir_r(d, &buf, &de);
+ if (r != 0 || !de)
break;
- if (!dirent_is_file_with_suffix(de, ".journal"))
- continue;
+ if (dirent_is_file_with_suffix(de, ".journal")) {
+ r = add_file(j, p, NULL, de->d_name);
+ if (r < 0)
+ log_debug("Failed to add file %s/%s: %s", p, de->d_name, strerror(-r));
- fn = join(p, "/", de->d_name, NULL);
- if (!fn) {
- r = -ENOMEM;
- closedir(d);
- goto fail;
- }
-
- k = journal_file_open(fn, O_RDONLY, 0, NULL, &f);
- free(fn);
-
- if (k < 0) {
+ } else if ((de->d_type == DT_DIR || de->d_type == DT_UNKNOWN) &&
+ sd_id128_from_string(de->d_name, &id) >= 0) {
- if (r == 0)
- r = -k;
- } else {
- k = hashmap_put(j->files, f->path, f);
- if (k < 0) {
- journal_file_close(f);
- closedir(d);
-
- r = k;
- goto fail;
- }
+ r = add_directory(j, p, de->d_name);
+ if (r < 0)
+ log_debug("Failed to add directory %s/%s: %s", p, de->d_name, strerror(-r));
}
}
+
+ closedir(d);
}
*ret = j;
free(j);
}
+
+int sd_journal_get_realtime_usec(sd_journal *j, uint64_t *ret) {
+ Object *o;
+ JournalFile *f;
+ int r;
+
+ assert(j);
+ assert(ret);
+
+ f = j->current_file;
+ if (!f)
+ return 0;
+
+ if (f->current_offset <= 0)
+ return 0;
+
+ r = journal_file_move_to_object(f, f->current_offset, OBJECT_ENTRY, &o);
+ if (r < 0)
+ return r;
+
+ *ret = le64toh(o->entry.realtime);
+ return 1;
+}
+
+int sd_journal_get_monotonic_usec(sd_journal *j, uint64_t *ret) {
+ Object *o;
+ JournalFile *f;
+ int r;
+ sd_id128_t id;
+
+ assert(j);
+ assert(ret);
+
+ f = j->current_file;
+ if (!f)
+ return 0;
+
+ if (f->current_offset <= 0)
+ return 0;
+
+ r = sd_id128_get_machine(&id);
+ if (r < 0)
+ return r;
+
+ r = journal_file_move_to_object(f, f->current_offset, OBJECT_ENTRY, &o);
+ if (r < 0)
+ return r;
+
+ if (!sd_id128_equal(id, o->entry.boot_id))
+ return 0;
+
+ *ret = le64toh(o->entry.monotonic);
+ return 1;
+
+}
+
+int sd_journal_get_field(sd_journal *j, const char *field, const void **data, size_t *size) {
+ JournalFile *f;
+ uint64_t i, n;
+ size_t field_length;
+ int r;
+ Object *o;
+
+ assert(j);
+ assert(field);
+ assert(data);
+ assert(size);
+
+ if (isempty(field) || strchr(field, '='))
+ return -EINVAL;
+
+ f = j->current_file;
+ if (!f)
+ return 0;
+
+ if (f->current_offset <= 0)
+ return 0;
+
+ r = journal_file_move_to_object(f, f->current_offset, OBJECT_ENTRY, &o);
+ if (r < 0)
+ return r;
+
+ field_length = strlen(field);
+
+ n = journal_file_entry_n_items(o);
+ for (i = 0; i < n; i++) {
+ uint64_t p, l;
+ size_t t;
+
+ p = le64toh(o->entry.items[i].object_offset);
+ r = journal_file_move_to_object(f, p, OBJECT_DATA, &o);
+ if (r < 0)
+ return r;
+
+ l = le64toh(o->object.size) - offsetof(Object, data.payload);
+
+ if (field_length+1 > l)
+ continue;
+
+ if (memcmp(o->data.payload, field, field_length) ||
+ o->data.payload[field_length] != '=')
+ continue;
+
+ t = (size_t) l;
+
+ if ((uint64_t) t != l)
+ return -E2BIG;
+
+ *data = o->data.payload;
+ *size = t;
+
+ return 1;
+ }
+
+ return 0;
+}
+
+int sd_journal_iterate_fields(sd_journal *j, const void **data, size_t *size) {
+ JournalFile *f;
+ uint64_t p, l, n;
+ size_t t;
+ int r;
+ Object *o;
+
+ assert(j);
+ assert(data);
+ assert(size);
+
+ f = j->current_file;
+ if (!f)
+ return 0;
+
+ if (f->current_offset <= 0)
+ return 0;
+
+ r = journal_file_move_to_object(f, f->current_offset, OBJECT_ENTRY, &o);
+ if (r < 0)
+ return r;
+
+ n = journal_file_entry_n_items(o);
+ if (f->current_field >= n)
+ return 0;
+
+ p = le64toh(o->entry.items[f->current_field].object_offset);
+ r = journal_file_move_to_object(f, p, OBJECT_DATA, &o);
+ if (r < 0)
+ return r;
+
+ l = le64toh(o->object.size) - offsetof(Object, data.payload);
+ t = (size_t) l;
+
+ /* We can't read objects larger than 4G on a 32bit machine */
+ if ((uint64_t) t != l)
+ return -E2BIG;
+
+ *data = o->data.payload;
+ *size = t;
+
+ f->current_field ++;
+
+ return 1;
+}
/* TODO:
*
- * - implement rotation
* - check LE/BE conversion for 8bit, 16bit, 32bit values
* - implement parallel traversal
* - implement inotify usage on client
* - implement audit gateway
* - implement native gateway
+ * - implement stdout gateway
* - extend hash table/bisect table as we go
+ * - accelerate looking for "all hostnames" and suchlike.
*/
typedef struct sd_journal sd_journal;
int sd_journal_previous(sd_journal *j);
int sd_journal_next(sd_journal *j);
-int sd_journal_get(sd_journal *j, const char *field, const void **data, size_t *size);
-int sd_journal_get_seqnum(sd_journal *j, uint64_t *ret);
int sd_journal_get_realtime_usec(sd_journal *j, uint64_t *ret);
int sd_journal_get_monotonic_usec(sd_journal *j, uint64_t *ret);
+int sd_journal_get_field(sd_journal *j, const char *field, const void **data, size_t *l);
+int sd_journal_iterate_fields(sd_journal *j, const void **data, size_t *l);
int sd_journal_add_match(sd_journal *j, const char *field, const void *data, size_t size);
void sd_journal_flush_matches(sd_journal *j);
int sd_journal_seek_monotonic_usec(sd_journal *j, uint64_t usec);
int sd_journal_seek_realtime_usec(sd_journal *j, uint64_t usec);
-int sd_journal_get_cursor(sd_journal *j, void **cursor, size_t *size);
-int sd_journal_set_cursor(sd_journal *j, const void *cursor, size_t size);
+int sd_journal_get_cursor(sd_journal *j, char **cursor);
+int sd_journal_set_cursor(sd_journal *j, const char *cursor);
int sd_journal_get_fd(sd_journal *j);
+#define SD_JOURNAL_FOREACH(j) \
+ while (sd_journal_next(j) > 0)
+
+#define SD_JOURNAL_FOREACH_BACKWARDS(j) \
+ while (sd_journal_previous(j) > 0)
+
+#define SD_JOURNAL_FOREACH_FIELD(j, data, l) \
+ while (sd_journal_iterate_fields((j), &(data), &(l)) > 0)
+
#endif