diff options
-rw-r--r-- | man/journal-remote.conf.xml | 30 | ||||
-rw-r--r-- | src/journal-remote/journal-remote-main.c | 25 | ||||
-rw-r--r-- | src/journal-remote/journal-remote-write.c | 27 | ||||
-rw-r--r-- | src/journal-remote/journal-remote-write.h | 1 | ||||
-rw-r--r-- | src/journal-remote/journal-remote.conf.in | 4 | ||||
-rw-r--r-- | src/journal-remote/journal-remote.h | 2 |
6 files changed, 82 insertions, 7 deletions
diff --git a/man/journal-remote.conf.xml b/man/journal-remote.conf.xml index 3f69f30df3..56992369ac 100644 --- a/man/journal-remote.conf.xml +++ b/man/journal-remote.conf.xml @@ -84,6 +84,33 @@ <listitem><para>SSL CA certificate.</para></listitem> </varlistentry> + <varlistentry> + <term><varname>MaxUse=</varname></term> + <term><varname>KeepFree=</varname></term> + <term><varname>MaxFileSize=</varname></term> + <term><varname>MaxFiles=</varname></term> + + <listitem><para>These are analogous to <varname>SystemMaxUse=</varname>, + <varname>SystemKeepFree=</varname>, <varname>SystemMaxFileSize=</varname> + and <varname>SystemMaxFiles=</varname> in + <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> + + <para><varname>MaxUse=</varname> controls how much disk space + the <command>systemd-journal-remote</command> may use up at most. + <varname>KeepFree=</varname> controls how much disk + space <command>systemd-journal-remote</command> shall leave free for other uses. + <command>systemd-journal-remote</command> will respect both limits + and use the smaller of the two values.</para> + + <para><varname>MaxFiles=</varname> controls how many + individual journal files to keep at most. Note that only + archived files are deleted to reduce the number of files until + this limit is reached; active files will stay around. This + means that, in effect, there might still be more journal files + around in total than this limit after a vacuuming operation is + complete.</para></listitem> + </varlistentry> + </variablelist> </refsect1> @@ -91,8 +118,9 @@ <refsect1> <title>See Also</title> <para> - <citerefentry><refentrytitle>systemd-journal-remote.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-journal-remote.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> </para> </refsect1> diff --git a/src/journal-remote/journal-remote-main.c b/src/journal-remote/journal-remote-main.c index 440aad1cf7..476c9ad972 100644 --- a/src/journal-remote/journal-remote-main.c +++ b/src/journal-remote/journal-remote-main.c @@ -53,6 +53,11 @@ static bool arg_trust_all = false; static bool arg_trust_all = true; #endif +static uint64_t arg_max_use = UINT64_MAX; +static uint64_t arg_max_size = UINT64_MAX; +static uint64_t arg_n_max_files = UINT64_MAX; +static uint64_t arg_keep_free = UINT64_MAX; + STATIC_DESTRUCTOR_REGISTER(arg_gnutls_log, strv_freep); STATIC_DESTRUCTOR_REGISTER(arg_key, freep); STATIC_DESTRUCTOR_REGISTER(arg_cert, freep); @@ -759,11 +764,15 @@ static int negative_fd(const char *spec) { static int parse_config(void) { const ConfigTableItem items[] = { - { "Remote", "Seal", config_parse_bool, 0, &arg_seal }, - { "Remote", "SplitMode", config_parse_write_split_mode, 0, &arg_split_mode }, - { "Remote", "ServerKeyFile", config_parse_path, 0, &arg_key }, - { "Remote", "ServerCertificateFile", config_parse_path, 0, &arg_cert }, - { "Remote", "TrustedCertificateFile", config_parse_path, 0, &arg_trust }, + { "Remote", "Seal", config_parse_bool, 0, &arg_seal }, + { "Remote", "SplitMode", config_parse_write_split_mode, 0, &arg_split_mode }, + { "Remote", "ServerKeyFile", config_parse_path, 0, &arg_key }, + { "Remote", "ServerCertificateFile", config_parse_path, 0, &arg_cert }, + { "Remote", "TrustedCertificateFile", config_parse_path, 0, &arg_trust }, + { "Remote", "MaxUse", config_parse_iec_uint64, 0, &arg_max_use }, + { "Remote", "MaxFileSize", config_parse_iec_uint64, 0, &arg_max_size }, + { "Remote", "MaxFiles", config_parse_uint64, 0, &arg_n_max_files }, + { "Remote", "KeepFree", config_parse_iec_uint64, 0, &arg_keep_free }, {} }; @@ -1136,6 +1145,12 @@ static int run(int argc, char **argv) { s.check_trust = !arg_trust_all; } + journal_reset_metrics(&s.metrics); + s.metrics.max_use = arg_max_use; + s.metrics.max_size = arg_max_size; + s.metrics.max_size = arg_keep_free; + s.metrics.n_max_files = arg_n_max_files; + r = create_remoteserver(&s, key, cert, trust); if (r < 0) return r; diff --git a/src/journal-remote/journal-remote-write.c b/src/journal-remote/journal-remote-write.c index f4f3b64811..2e58c6d91e 100644 --- a/src/journal-remote/journal-remote-write.c +++ b/src/journal-remote/journal-remote-write.c @@ -1,7 +1,11 @@ /* SPDX-License-Identifier: LGPL-2.1-or-later */ +#include <libgen.h> + #include "alloc-util.h" #include "journal-remote.h" +#include "path-util.h" +#include "stat-util.h" static int do_rotate(ManagedJournalFile **f, MMapCache *m, JournalFileFlags file_flags) { int r; @@ -19,12 +23,13 @@ static int do_rotate(ManagedJournalFile **f, MMapCache *m, JournalFileFlags file Writer* writer_new(RemoteServer *server) { Writer *w; + int r; w = new0(Writer, 1); if (!w) return NULL; - memset(&w->metrics, 0xFF, sizeof(w->metrics)); + w->metrics = server->metrics; w->mmap = mmap_cache_new(); if (!w->mmap) @@ -33,6 +38,18 @@ Writer* writer_new(RemoteServer *server) { w->n_ref = 1; w->server = server; + if (is_dir(server->output, /* follow = */ true) > 0) { + w->output = strdup(server->output); + if (!w->output) + return NULL; + } else { + r = path_extract_directory(server->output, &w->output); + if (r < 0) { + log_error_errno(r, "Failed to find directory of file \"%s\": %m", server->output); + return NULL; + } + } + return w; } @@ -53,6 +70,8 @@ static Writer* writer_free(Writer *w) { if (w->mmap) mmap_cache_unref(w->mmap); + free(w->output); + return mfree(w); } @@ -75,6 +94,9 @@ int writer_write(Writer *w, r = do_rotate(&w->journal, w->mmap, file_flags); if (r < 0) return r; + r = journal_directory_vacuum(w->output, w->metrics.max_use, w->metrics.n_max_files, 0, NULL, /* verbose = */ true); + if (r < 0) + return r; } r = journal_file_append_entry(w->journal->file, ts, boot_id, @@ -93,6 +115,9 @@ int writer_write(Writer *w, return r; else log_debug("%s: Successfully rotated journal", w->journal->file->path); + r = journal_directory_vacuum(w->output, w->metrics.max_use, w->metrics.n_max_files, 0, NULL, /* verbose = */ true); + if (r < 0) + return r; log_debug("Retrying write."); r = journal_file_append_entry(w->journal->file, ts, boot_id, diff --git a/src/journal-remote/journal-remote-write.h b/src/journal-remote/journal-remote-write.h index 2079214e23..c140f6cba3 100644 --- a/src/journal-remote/journal-remote-write.h +++ b/src/journal-remote/journal-remote-write.h @@ -9,6 +9,7 @@ typedef struct RemoteServer RemoteServer; typedef struct Writer { ManagedJournalFile *journal; JournalMetrics metrics; + char *output; /* directory where we write, for vacuuming */ MMapCache *mmap; RemoteServer *server; diff --git a/src/journal-remote/journal-remote.conf.in b/src/journal-remote/journal-remote.conf.in index 648aa1ba11..afb319102c 100644 --- a/src/journal-remote/journal-remote.conf.in +++ b/src/journal-remote/journal-remote.conf.in @@ -18,3 +18,7 @@ # ServerKeyFile={{CERTIFICATE_ROOT}}/private/journal-remote.pem # ServerCertificateFile={{CERTIFICATE_ROOT}}/certs/journal-remote.pem # TrustedCertificateFile={{CERTIFICATE_ROOT}}/ca/trusted.pem +# MaxUse= +# KeepFree= +# MaxFileSize= +# MaxFiles= diff --git a/src/journal-remote/journal-remote.h b/src/journal-remote/journal-remote.h index facf1516e0..39d0446481 100644 --- a/src/journal-remote/journal-remote.h +++ b/src/journal-remote/journal-remote.h @@ -6,6 +6,7 @@ #include "hashmap.h" #include "journal-remote-parse.h" #include "journal-remote-write.h" +#include "journal-vacuum.h" #if HAVE_MICROHTTPD #include "microhttpd-util.h" @@ -40,6 +41,7 @@ struct RemoteServer { JournalWriteSplitMode split_mode; JournalFileFlags file_flags; bool check_trust; + JournalMetrics metrics; }; extern RemoteServer *journal_remote_server_global; |