IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Instead of :-0, :1, :5, etc., use -0, 1 or +1, 5, etc. For BOOT_ID+OFFSET,
use BOOT_ID+offset or BOOT_ID-offset (either + or - is required).
Also make error handling a bit more robust and verbose.
Modify the man page to describe the most common case (-b) first,
and the second most common case (-b -1) second.
Hi,
I redid the boot ID look up to use enumerate_unique.
This is quite fast if the cache is warm but painfully slow if
it isn't. It has a slight chance of returning the wrong order if
realtime clock jumps around.
This one has to do n searches for every boot ID there is plus
a sort, so it depends heavily on cache hotness. This is in contrast
to the other way of look-up through filtering by a MESSAGE_ID,
which only needs about 1 seek + whatever amount of relative IDs
you want to walk.
I also have a linked-list + (in-place) mergesort version of this
patch, which has pretty much the same runtime. But since this one
is using libc sorting and armortized allocation, I prefer this
one.
To summarize: The MESSAGE_ID way is a *lot* faster but can be
incomplete due to rotation, while the enumerate+sort will find
every boot ID out there but will be painfully slow for large
journals and cold caches.
You choose :P
Jan
Generating seed...
Generating key pair...
Generating sealing key...
Failed to open /var/log/journal/33f46101703a10c5fc6fa4f451840101/fss.tmp.k2wDDU: No such file or directory
--user basically gives messages from your own systemd --user services.
--system basically gives messages from PID 1, kernel, and --system
services. Those two options are not exahustive, because a priviledged
user might be able to see messages from other users, and they will not
be shown with either or both of those flags.
$ journalctl -o verbose _EXE=/quiet/binary -f
-- Logs begin at Sun 2013-03-17 17:28:22 EDT. --
Failed to get realtime timestamp: Cannot assign requested address
JOURNAL_FOREACH_DATA_RETVAL is added, which allows the caller
to get the return value from sd_journal_enumerate_data. I think
we might want to expose this macro like SD_JOURNAL_FOREACH_DATA,
but for now it is in journal-internal.h.
There's a change in behaviour for output_*, not only in
output_verbose, that errors in sd_j_enumerate_data are not silently
ignored anymore.
https://bugs.freedesktop.org/show_bug.cgi?id=56459
Also reworded a few debug messages for brevity, and added a log
statement which prints out the filter at debug level:
Journal filter: (((UNIT=sys-module-configfs.device AND _PID=1) OR (COREDUMP_UNIT=sys-module-configfs.device AND MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1) OR _SYSTEMD_UNIT=sys-module-configfs.device) AND _BOOT_ID=4e3c518ab0474c12ac8de7896fe6b154)
Previously only one "--unit=" or "--user-unit" could be specified.
With this patch, journalcrtl can show multiple units.
$ journalctl -u systemd-udevd.service -u sshd.service -u crond.service -b
-- Logs begin at Sa 2013-03-23 11:08:45 CET, end at Fr 2013-04-12
09:10:22 CEST. --
Apr 12 08:41:37 lenovo systemd[1]: Started udev Kernel Device Manager.
Apr 12 08:41:37 lenovo systemd[1]: Stopped udev Kernel Device Manager.
Apr 12 08:41:38 lenovo systemd[1]: Started udev Kernel Device Manager.
Apr 12 08:41:38 lenovo crond[291]: (CRON) INFO (Syslog will be used
instead of sendmail.)
Apr 12 08:41:38 lenovo crond[291]: (CRON) INFO (running with inotify
support)
Apr 12 08:41:39 lenovo systemd[1]: Starting OpenSSH server daemon...
Apr 12 08:41:39 lenovo systemd[1]: Started OpenSSH server daemon.
Apr 12 08:41:39 lenovo sshd[355]: Server listening on 0.0.0.0 port 22.
Apr 12 08:41:39 lenovo sshd[355]: Server listening on :: port 22.
Apr 12 08:41:39 lenovo mtp-probe[373]: checking bus 1, device 8:
"/sys/devices/pci0000:00/0000:00:1a.0/usb1/1-1/1-1.5/1-1.5.6/1-1.5.6.2/1-1.5.6.2.1"
When using "-p" and "-b" in combination with "-u", the output is not
what you would expect. The reason is the sd_journal_add_disjunction()
call in add_matches_for_unit() and add_matches_for_user_unit(), which
adds two ORs without taking the other conditions to every OR.
Adding another level on top with AND and sd_journal_add_conjunction()
solves the problem.
Output before:
$ journalctl -o short-monotonic -ab -p 0 -u sshd.service
-- Reboot --
[ 3.216305] lenovo systemd[1]: Starting OpenSSH server daemon...
-- Reboot --
[ 3.168666] lenovo systemd[1]: Starting OpenSSH server daemon...
[ 3.169639] lenovo systemd[1]: Started OpenSSH server daemon.
[36285.635389] lenovo systemd[1]: Stopped OpenSSH server daemon.
-- Reboot --
[ 10.838657] lenovo systemd[1]: Starting OpenSSH server daemon...
[ 10.913698] lenovo systemd[1]: Started OpenSSH server daemon.
[ 6881.035183] lenovo systemd[1]: Stopped OpenSSH server daemon.
-- Reboot --
[ 6.636228] lenovo systemd[1]: Starting OpenSSH server daemon...
[ 6.662573] lenovo systemd[1]: Started OpenSSH server daemon.
[ 6.681148] lenovo sshd[397]: Server listening on 0.0.0.0 port 22.
[ 6.681379] lenovo sshd[397]: Server listening on :: port 22.
As we see, the output is from _every_ boot and priority 0 is not taken
into account.
Output after patch:
$ journalctl -o short-monotonic -ab -p 0 -u sshd.service
-- Logs begin at Sun 2013-02-24 20:54:44 CET, end at Tue 2013-03-19 14:58:21 CET. --
Increasing the priority:
$ journalctl -o short-monotonic -ab -p 6 -u sshd.service
-- Logs begin at Sun 2013-02-24 20:54:44 CET, end at Tue 2013-03-19 14:59:12 CET. --
[ 6.636228] lenovo systemd[1]: Starting OpenSSH server daemon...
[ 6.662573] lenovo systemd[1]: Started OpenSSH server daemon.
[ 6.681148] lenovo sshd[397]: Server listening on 0.0.0.0 port 22.
[ 6.681379] lenovo sshd[397]: Server listening on :: port 22.
I see little point in silently truncating fields when
they are explictly requested. With this change e.g.
journalctl -b MESSAGE_ID=9f26aa562cf440c2b16c773d0479b518 --field=BOOTCHART
works as expected.
This function should be used when filling in "struct pollfd"'s .events
field for watching the journal. It will always return POLLIN for now,
but we should keep our options open to change this later on.
This mimics libsystemd-bus' sd_bus_get_events() call with the same
purpose.
Instead of outputting "5h 55s 50ms 3us" we'll now output "5h
55.050003s". Also, while outputting the accuracy is configurable.
Basically we now try use "dot notation" for all time values > 1min. For
>= 1s we use 's' as unit, otherwise for >= 1ms we use 'ms' as unit, and
finally 'us'.
This should give reasonably values in most cases.
Internally we store all time values in usec_t, however parse_usec()
actually was used mostly to parse values in seconds (unless explicit
units were specified to define a different unit). Hence, be clear about
this and name the function about what we pass into it, not what we get
out of it.
In order to write tests for the catalog functions, they
are made non-static and start taking a 'database' parameter,
which is the name of a file with the preprocessed catalog
entries.
This makes it possible to make test-catalog part of the
normal test suite, since it now only operates on files
in /tmp.
Some more tests are added.
- Reword messages a bit
- Correct check whether EACCES is in the set of errors
- Don't complain if no journal files are found
- allocate Set object for errors lazily since in the best case we don't
need it at all.
- don't consider it an error if /run/log/journal doesn't exist (because
that's the usual case actually, if storage is enabled)
There are many ways in which we can get those checks wrong, so it is
better to warn and then error out on a real access failure.
The error messages are wrapped to <80 lines, because their primary
use is to be displayed in the terminal, and it is easier to read them
this way. Reading them in the journal can be a bit trickier, but
this is a bug in logs-show.c.
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
journalctl -u unit is not very useful, because it doesn't show
systemd messages about starting, stopping, coredumps, etc,
like systemctl status unit does. Make it show the same
information using the same rules.
If somebody really want to see just messages from by the unit,
it is easy enough to use _SYSTEMD_UNIT=...
Previously all journal files were owned by "adm". In order to allow
specific users to read the journal files without granting it access to
the full "adm" powers, introduce a new specific group for this.
"systemd-journal" has to be created by the packaging scripts manually at
installation time. It's a good idea to assign a static UID/GID to this
group, since /var/log/journal might be shared across machines via NFS.
This commit also grants read access to the journal files by default to
members of the "wheel" and "adm" groups via file system ACLs, since
these "almost-root" groups should be able to see what's going on on the
system. These ACLs are created by "make install". Packagers probably
need to duplicate this logic in their postinst scripts.
This also adds documentation how to grant access to the journal to
additional users or groups via fs ACLs.
* python-systemd-reader:
python-systemd: rename Journal to Reader
build-sys: upload python documentation to freedesktop.org
systemd-python: add Journal class for reading journal
python: build html docs using sphinx
journalct: also print Python code in --new-id
python: utilize uuid.UUID in logging
python: add systemd.id128 module
... and 34 other commits
In short: python module systemd.id128 is added, and existing
systemd.journal gains a new class systemd.journal.Reader, which can be
used to iterate over journal entries. Documentation is provided, and
accessible under e.g.
pydoc3 systemd.journal.Reader
or
firefox http://www.freedesktop.org/software/systemd/man/python-systemd/
This makes journalctl quit on ferror() conditions on stdout. It fixes an
annoying bug if you pipe its output through 'less' and press 'q'. Without
this fix journalctl will continue reading all journal data until EOF which
can take quite some time. For instance on my machine:
david-nb ~ # time journalctl | wc -l
327240
real 1m13.039s
user 1m0.217s
sys 0m10.467s
However, expected behavior is journalctl to quit when its pager closed the
output pipe.
Signed-off-by: David Herrmann <dh.herrmann@googlemail.com>
Sometimes it is better to see messages in full, and the existing
set of options didn't allow this easily. E.g. now
journalctl -f --full
will behave like
tail -f /var/log/messages
of yore.
Long option only for now, since small letters are becoming
scarce, and this doesn't feel like a capital-letter-option.
'-u' would be nice, and the above command would be spelled
journalctl -fu
The message catalog can be used to attach short help texts to log lines,
keyed by their MESSAGE_ID= fields. This is useful to help the
administrator understand the context and cause of a message, find
possible solutions and find further related documentation.
Since this is keyed off MESSAGE_ID= this will only work for native
journal messages.
The message catalog supports i18n, and is useful to augment english
language system messages with explanations in the local language.
This commit only includes short explanatory messages for a few example
message IDs, we'll add more complete documentation for the relevant
systemd messages later on.
The new 'unique' API allows listing all unique field values that a field
specified by a field name can take in all entries of the journal. This
allows answering queries such as "What units logged to the journal?",
"What hosts have logged into the journal?", "Which boot IDs have logged
into the journal?".
Ultimately this allows implementation of tools similar to lastlog based
on journal data.
Note that listing these field values will not work for journal files
created with older journald, as the field values are not indexed in
older files.
Among other cleanups this introduces a threshold for the size of binary
blobs we serialize as integer arrays in the JSON output. THis can be
disabled via --all.
The old code used a timestamp to print a timespan for unsealed journalfiles,
incorrectly showing things like 2230 days of unsealed entries. Print the timespan
between the first and last entry instead.
This requires a little bit of tip-toeing around to explicitly avoid
touching the environment from a sig handler. Instead, simply create a
function to reset the var to its "unset" state, allowing the next call
to columns() to recalculate and cache the new value.
This splits the JSON output mode into different modes: json and
json-pretty. The former printing one entry per line, the latter showing
JSON objects nicely indented and in multiple lines to make it easier to
read for humans.
Let's clean up our terminology a bit. New terminology:
FSS = Forward Secure Sealing
FSPRG = Forward Secure Pseudo-Random Generator
FSS is the combination of FSPRG and a HMAC.
Sealing = process of adding authentication tags to the journal.
Verification = process of checking authentication tags to the journal.
Sealing Key = The key used for adding authentication tags to the journal.
Verification Key = The key used for checking authentication tags of the journal.
Key pair = The pair of Sealing Key and Verification Key
Internally, the Sealing Key is the combination of the FSPRG State plus
change interval/start time.
Internally, the Verification Key is the combination of the FSPRG Seed
plus change interval/start time.