1
/* $Cambridge: exim/exim-src/src/log.c,v 1.14 2009/11/16 19:50:37 nm4 Exp $ */
3
/*************************************************
4
* Exim - an Internet mail transport agent *
5
*************************************************/
7
/* Copyright (c) University of Cambridge 1995 - 2009 */
8
/* See the file NOTICE for conditions of use and distribution. */
10
/* Functions for writing log files. The code for maintaining datestamped
11
log files was originally contributed by Tony Sheen. */
16
#define LOG_NAME_SIZE 256
17
#define MAX_SYSLOG_LEN 870
19
#define LOG_MODE_FILE 1
20
#define LOG_MODE_SYSLOG 2
22
enum { lt_main, lt_reject, lt_panic, lt_process };
24
static uschar *log_names[] = { US"main", US"reject", US"panic", US"process" };
28
/*************************************************
29
* Local static variables *
30
*************************************************/
32
static uschar mainlog_name[LOG_NAME_SIZE];
33
static uschar rejectlog_name[LOG_NAME_SIZE];
35
static uschar *mainlog_datestamp = NULL;
36
static uschar *rejectlog_datestamp = NULL;
38
static int mainlogfd = -1;
39
static int rejectlogfd = -1;
40
static ino_t mainlog_inode = 0;
41
static ino_t rejectlog_inode = 0;
43
static uschar *panic_save_buffer = NULL;
44
static BOOL panic_recurseflag = FALSE;
46
static BOOL syslog_open = FALSE;
47
static BOOL path_inspected = FALSE;
48
static int logging_mode = LOG_MODE_FILE;
49
static uschar *file_path = US"";
54
/*************************************************
56
*************************************************/
58
/* The given string is split into sections according to length, or at embedded
59
newlines, and syslogged as a numbered sequence if it is overlong or if there is
60
more than one line. However, if we are running in the test harness, do not do
61
anything. (The test harness doesn't use syslog - for obvious reasons - but we
62
can get here if there is a failure to open the panic log.)
65
priority syslog priority
66
s the string to be written
72
write_syslog(int priority, uschar *s)
77
if (running_in_test_harness) return;
79
if (!syslog_timestamp) s += log_timezone? 26 : 20;
87
openlog(CS syslog_processname, LOG_PID|LOG_CONS, syslog_facility);
89
openlog(CS syslog_processname, LOG_CONS, syslog_facility);
95
/* First do a scan through the message in order to determine how many lines
96
it is going to end up as. Then rescan to output it. */
98
for (pass = 0; pass < 2; pass++)
103
for (i = 1, tlen = len; tlen > 0; i++)
106
uschar *nlptr = Ustrchr(ss, '\n');
107
if (nlptr != NULL) plen = nlptr - ss;
108
#ifndef SYSLOG_LONG_LINES
109
if (plen > MAX_SYSLOG_LEN) plen = MAX_SYSLOG_LEN;
112
if (ss[plen] == '\n') tlen--; /* chars left */
114
if (pass == 0) linecount++; else
117
syslog(priority, "%.*s", plen, ss);
119
syslog(priority, "[%d%c%d] %.*s", i,
120
(ss[plen] == '\n' && tlen != 0)? '\\' : '/',
121
linecount, plen, ss);
124
if (*ss == '\n') ss++;
131
/*************************************************
133
*************************************************/
135
/* This is called when Exim is dying as a result of something going wrong in
136
the logging, or after a log call with LOG_PANIC_DIE set. Optionally write a
137
message to debug_file or a stderr file, if they exist. Then, if in the middle
138
of accepting a message, throw it away tidily by calling receive_bomb_out();
139
this will attempt to send an SMTP response if appropriate. Passing NULL as the
140
first argument stops it trying to run the NOTQUIT ACL (which might try further
141
logging and thus cause problems). Otherwise, try to close down an outstanding
145
s1 Error message to write to debug_file and/or stderr and syslog
146
s2 Error message for any SMTP call that is in progress
147
Returns: The function does not return
151
die(uschar *s1, uschar *s2)
155
write_syslog(LOG_CRIT, s1);
156
if (debug_file != NULL) debug_printf("%s\n", s1);
157
if (log_stderr != NULL && log_stderr != debug_file)
158
fprintf(log_stderr, "%s\n", s1);
160
if (receive_call_bombout) receive_bomb_out(NULL, s2); /* does not return */
161
if (smtp_input) smtp_closedown(s2);
162
exim_exit(EXIT_FAILURE);
167
/*************************************************
168
* Create a log file *
169
*************************************************/
171
/* This function is called to create and open a log file. It may be called in a
172
subprocess when the original process is root.
177
The file name has been build in a working buffer, so it is permissible to
178
overwrite it temporarily if it is necessary to create the directory.
180
Returns: a file descriptor, or < 0 on failure (errno set)
184
create_log(uschar *name)
186
int fd = Uopen(name, O_CREAT|O_APPEND|O_WRONLY, LOG_MODE);
188
/* If creation failed, attempt to build a log directory in case that is the
191
if (fd < 0 && errno == ENOENT)
194
uschar *lastslash = Ustrrchr(name, '/');
196
created = directory_make(NULL, name, LOG_DIRECTORY_MODE, FALSE);
197
DEBUG(D_any) debug_printf("%s log directory %s\n",
198
created? "created" : "failed to create", name);
200
if (created) fd = Uopen(name, O_CREAT|O_APPEND|O_WRONLY, LOG_MODE);
209
/*************************************************
211
*************************************************/
213
/* This function opens one of a number of logs, which all (except for the
214
"process log") reside in the same directory, creating the directory if it does
215
not exist. This may be called recursively on failure, in order to open the
218
The directory is in the static variable file_path. This is static so that it
219
the work of sorting out the path is done just once per Exim process.
221
Exim is normally configured to avoid running as root wherever possible, the log
222
files must be owned by the non-privileged exim user. To ensure this, first try
223
an open without O_CREAT - most of the time this will succeed. If it fails, try
224
to create the file; if running as root, this must be done in a subprocess to
228
fd where to return the resulting file descriptor
229
type lt_main, lt_reject, lt_panic, or lt_process
235
open_log(int *fd, int type)
239
uschar buffer[LOG_NAME_SIZE];
241
/* Sort out the file name. This depends on the type of log we are opening. The
242
process "log" is written in the spool directory by default, but a path name can
243
be specified in the configuration. */
245
if (type == lt_process)
247
if (process_log_path == NULL)
248
ok = string_format(buffer, sizeof(buffer), "%s/exim-process.info",
251
ok = string_format(buffer, sizeof(buffer), "%s", process_log_path);
254
/* The names of the other three logs are controlled by file_path. The panic log
255
is written to the same directory as the main and reject logs, but its name does
256
not have a datestamp. The use of datestamps is indicated by %D in file_path.
257
When opening the panic log, if %D is present, we remove the datestamp from the
258
generated name; if it is at the start, remove a following non-alphameric
259
character as well; otherwise, remove a preceding non-alphameric character. This
260
is definitely kludgy, but it sort of does what people want, I hope. */
264
ok = string_format(buffer, sizeof(buffer), CS file_path, log_names[type]);
266
/* Save the name of the mainlog for rollover processing. Without a datestamp,
267
it gets statted to see if it has been cycled. With a datestamp, the datestamp
268
will be compared. The static slot for saving it is the same size as buffer,
269
and the text has been checked above to fit, so this use of strcpy() is OK. */
273
Ustrcpy(mainlog_name, buffer);
274
mainlog_datestamp = mainlog_name + string_datestamp_offset;
277
/* Ditto for the reject log */
279
else if (type == lt_reject)
281
Ustrcpy(rejectlog_name, buffer);
282
rejectlog_datestamp = rejectlog_name + string_datestamp_offset;
285
/* Remove any datestamp if this is the panic log. This is rare, so there's no
286
need to optimize getting the datestamp length. We remove one non-alphanumeric
287
char afterwards if at the start, otherwise one before. */
289
else if (string_datestamp_offset >= 0)
291
uschar *from = buffer + string_datestamp_offset;
292
uschar *to = from + Ustrlen(tod_stamp(tod_log_datestamp));
293
if (from == buffer || from[-1] == '/')
295
if (!isalnum(*to)) to++;
299
if (!isalnum(from[-1])) from--;
302
/* This strcpy is ok, because we know that to is a substring of from. */
308
/* If the file name is too long, it is an unrecoverable disaster */
312
die(US"exim: log file path too long: aborting",
313
US"Logging failure; please try later");
316
/* We now have the file name. Try to open an existing file. After a successful
317
open, arrange for automatic closure on exec(), and then return. */
319
*fd = Uopen(buffer, O_APPEND|O_WRONLY, LOG_MODE);
323
(void)fcntl(*fd, F_SETFD, fcntl(*fd, F_GETFD) | FD_CLOEXEC);
327
/* Open was not successful: try creating the file. If this is a root process,
328
we must do the creating in a subprocess set to exim:exim in order to ensure
329
that the file is created with the right ownership. Otherwise, there can be a
330
race if another Exim process is trying to write to the log at the same time.
331
The use of SIGUSR1 by the exiwhat utility can provoke a lot of simultaneous
336
/* If we are already running as the Exim user (even if that user is root),
337
we can go ahead and create in the current process. */
339
if (euid == exim_uid) *fd = create_log(buffer);
341
/* Otherwise, if we are root, do the creation in an exim:exim subprocess. If we
342
are neither exim nor root, creation is not attempted. */
344
else if (euid == root_uid)
349
/* In the subprocess, change uid/gid and do the creation. Return 0 from the
350
subprocess on success. There doesn't seem much point in testing for setgid
351
and setuid errors. */
355
(void)setgid(exim_gid);
356
(void)setuid(exim_uid);
357
_exit((create_log(buffer) < 0)? 1 : 0);
360
/* If we created a subprocess, wait for it. If it succeeded retry the open. */
364
while (waitpid(pid, &status, 0) != pid);
365
if (status == 0) *fd = Uopen(buffer, O_APPEND|O_WRONLY, LOG_MODE);
368
/* If we failed to create a subprocess, we are in a bad way. We fall through
369
with *fd still < 0, and errno set, letting the code below handle the error. */
372
/* If we now have an open file, set the close-on-exec flag and return. */
376
(void)fcntl(*fd, F_SETFD, fcntl(*fd, F_GETFD) | FD_CLOEXEC);
380
/* Creation failed. There are some circumstances in which we get here when
381
the effective uid is not root or exim, which is the problem. (For example, a
382
non-setuid binary with log_arguments set, called in certain ways.) Rather than
383
just bombing out, force the log to stderr and carry on if stderr is available.
386
if (euid != root_uid && euid != exim_uid && log_stderr != NULL)
388
*fd = fileno(log_stderr);
392
/* Otherwise this is a disaster. This call is deliberately ONLY to the panic
393
log. If possible, save a copy of the original line that was being logged. If we
394
are recursing (can't open the panic log either), the pointer will already be
397
if (panic_save_buffer == NULL)
399
panic_save_buffer = (uschar *)malloc(LOG_BUFFER_SIZE);
400
if (panic_save_buffer != NULL)
401
memcpy(panic_save_buffer, log_buffer, LOG_BUFFER_SIZE);
404
log_write(0, LOG_PANIC_DIE, "Cannot open %s log file \"%s\": %s: "
405
"euid=%d egid=%d", log_names[type], buffer, strerror(errno), euid, getegid());
411
/*************************************************
412
* Add configuration file info to log line *
413
*************************************************/
415
/* This is put in a function because it's needed twice (once for debugging,
419
ptr pointer to the end of the line we are building
422
Returns: updated pointer
426
log_config_info(uschar *ptr, int flags)
428
Ustrcpy(ptr, "Exim configuration error");
431
if ((flags & (LOG_CONFIG_FOR & ~LOG_CONFIG)) != 0)
433
Ustrcpy(ptr, " for ");
437
if ((flags & (LOG_CONFIG_IN & ~LOG_CONFIG)) != 0)
439
sprintf(CS ptr, " in line %d of %s", config_lineno, config_filename);
443
Ustrcpy(ptr, ":\n ");
448
/*************************************************
449
* A write() operation failed *
450
*************************************************/
452
/* This function is called when write() fails on anything other than the panic
453
log, which can happen if a disk gets full or a file gets too large or whatever.
454
We try to save the relevant message in the panic_save buffer before crashing
458
name the name of the log being written
459
length the string length being written
460
rc the return value from write()
462
Returns: does not return
466
log_write_failed(uschar *name, int length, int rc)
468
int save_errno = errno;
470
if (panic_save_buffer == NULL)
472
panic_save_buffer = (uschar *)malloc(LOG_BUFFER_SIZE);
473
if (panic_save_buffer != NULL)
474
memcpy(panic_save_buffer, log_buffer, LOG_BUFFER_SIZE);
477
log_write(0, LOG_PANIC_DIE, "failed to write to %s: length=%d result=%d "
478
"errno=%d (%s)", name, length, rc, save_errno,
479
(save_errno == 0)? "write incomplete" : strerror(save_errno));
485
/*************************************************
486
* Write message to log file *
487
*************************************************/
489
/* Exim can be configured to log to local files, or use syslog, or both. This
490
is controlled by the setting of log_file_path. The following cases are
493
log_file_path = "" write files in the spool/log directory
494
log_file_path = "xxx" write files in the xxx directory
495
log_file_path = "syslog" write to syslog
496
log_file_path = "syslog : xxx" write to syslog and to files (any order)
498
The one exception to this is messages containing LOG_PROCESS. These are always
499
written to exim-process.info in the spool directory. They aren't really log
500
messages in the same sense as the others.
502
The message always gets '\n' added on the end of it, since more than one
503
process may be writing to the log at once and we don't want intermingling to
504
happen in the middle of lines. To be absolutely sure of this we write the data
505
into a private buffer and then put it out in a single write() call.
507
The flags determine which log(s) the message is written to, or for syslogging,
508
which priority to use, and in the case of the panic log, whether the process
509
should die afterwards.
511
The variable really_exim is TRUE only when exim is running in privileged state
512
(i.e. not with a changed configuration or with testing options such as -brw).
513
If it is not, don't try to write to the log because permission will probably be
516
Avoid actually writing to the logs when exim is called with -bv or -bt to
517
test an address, but take other actions, such as panicing.
519
In Exim proper, the buffer for building the message is got at start-up, so that
520
nothing gets done if it can't be got. However, some functions that are also
521
used in utilities occasionally obey log_write calls in error situations, and it
522
is simplest to put a single malloc() here rather than put one in each utility.
523
Malloc is used directly because the store functions may call log_write().
525
If a message_id exists, we include it after the timestamp.
528
selector write to main log or LOG_INFO only if this value is zero, or if
529
its bit is set in log_write_selector
530
flags each bit indicates some independent action:
531
LOG_SENDER add raw sender to the message
532
LOG_RECIPIENTS add raw recipients list to message
533
LOG_CONFIG add "Exim configuration error"
534
LOG_CONFIG_FOR add " for " instead of ":\n "
535
LOG_CONFIG_IN add " in line x[ of file y]"
536
LOG_MAIN write to main log or syslog LOG_INFO
537
LOG_REJECT write to reject log or syslog LOG_NOTICE
538
LOG_PANIC write to panic log or syslog LOG_ALERT
539
LOG_PANIC_DIE write to panic log or LOG_ALERT and then crash
540
LOG_PROCESS write to process log (always a file)
541
format a printf() format
542
... arguments for format
548
log_write(unsigned int selector, int flags, char *format, ...)
555
/* If panic_recurseflag is set, we have failed to open the panic log. This is
556
the ultimate disaster. First try to write the message to a debug file and/or
557
stderr and also to syslog. If panic_save_buffer is not NULL, it contains the
558
original log line that caused the problem. Afterwards, expire. */
560
if (panic_recurseflag)
562
uschar *extra = (panic_save_buffer == NULL)? US"" : panic_save_buffer;
563
if (debug_file != NULL) debug_printf("%s%s", extra, log_buffer);
564
if (log_stderr != NULL && log_stderr != debug_file)
565
fprintf(log_stderr, "%s%s", extra, log_buffer);
566
if (*extra != 0) write_syslog(LOG_CRIT, extra);
567
write_syslog(LOG_CRIT, log_buffer);
568
die(US"exim: could not open panic log - aborting: see message(s) above",
569
US"Unexpected log failure, please try later");
572
/* Ensure we have a buffer (see comment above); this should never be obeyed
573
when running Exim proper, only when running utilities. */
575
if (log_buffer == NULL)
577
log_buffer = (uschar *)malloc(LOG_BUFFER_SIZE);
578
if (log_buffer == NULL)
580
fprintf(stderr, "exim: failed to get store for log buffer\n");
581
exim_exit(EXIT_FAILURE);
585
/* If we haven't already done so, inspect the setting of log_file_path to
586
determine whether to log to files and/or to syslog. Bits in logging_mode
587
control this, and for file logging, the path must end up in file_path. This
588
variable must be in permanent store because it may be required again later in
593
BOOL multiple = FALSE;
594
int old_pool = store_pool;
596
store_pool = POOL_PERM;
598
/* If nothing has been set, don't waste effort... the default values for the
599
statics are file_path="" and logging_mode = LOG_MODE_FILE. */
601
if (log_file_path[0] != 0)
603
int sep = ':'; /* Fixed separator - outside use */
605
uschar *ss = log_file_path;
607
while ((s = string_nextinlist(&ss,&sep,log_buffer,LOG_BUFFER_SIZE)) != NULL)
609
if (Ustrcmp(s, "syslog") == 0)
610
logging_mode |= LOG_MODE_SYSLOG;
611
else if ((logging_mode & LOG_MODE_FILE) != 0) multiple = TRUE;
614
logging_mode |= LOG_MODE_FILE;
616
/* If a non-empty path is given, use it */
620
file_path = string_copy(s);
623
/* If the path is empty, we want to use the first non-empty, non-
624
syslog item in LOG_FILE_PATH, if there is one, since the value of
625
log_file_path may have been set at runtime. If there is no such item,
626
use the ultimate default in the spool directory. */
631
uschar *tt = US LOG_FILE_PATH;
632
while ((t = string_nextinlist(&tt,&sep,log_buffer,LOG_BUFFER_SIZE))
635
if (Ustrcmp(t, "syslog") == 0 || t[0] == 0) continue;
636
file_path = string_copy(t);
639
} /* Empty item in log_file_path */
640
} /* First non-syslog item in log_file_path */
641
} /* Scan of log_file_path */
644
/* If no modes have been selected, it is a major disaster */
646
if (logging_mode == 0)
647
die(US"Neither syslog nor file logging set in log_file_path",
648
US"Unexpected logging failure");
650
/* Set up the ultimate default if necessary. Then revert to the old store
651
pool, and record that we've sorted out the path. */
653
if ((logging_mode & LOG_MODE_FILE) != 0 && file_path[0] == 0)
654
file_path = string_sprintf("%s/log/%%slog", spool_directory);
655
store_pool = old_pool;
656
path_inspected = TRUE;
658
/* If more than one file path was given, log a complaint. This recursive call
659
should work since we have now set up the routing. */
663
log_write(0, LOG_MAIN|LOG_PANIC,
664
"More than one path given in log_file_path: using %s", file_path);
668
/* If debugging, show all log entries, but don't show headers. Do it all
669
in one go so that it doesn't get split when multi-processing. */
676
Ustrcpy(ptr, "LOG:");
679
/* Show the options that were passed into the call. These are those whose
680
flag values do not have the 0x80000000 bit in them. Note that this
681
automatically exclude the "all" setting. */
683
for (i = 0; i < log_options_count; i++)
685
unsigned int bit = log_options[i].bit;
686
if ((bit & 0x80000000) != 0) continue;
687
if ((selector & bit) != 0)
690
Ustrcpy(ptr, log_options[i].name);
695
sprintf(CS ptr, "%s%s%s%s%s\n ",
696
((flags & LOG_MAIN) != 0)? " MAIN" : "",
697
((flags & LOG_PANIC) != 0)? " PANIC" : "",
698
((flags & LOG_PANIC_DIE) == LOG_PANIC_DIE)? " DIE" : "",
699
((flags & LOG_PROCESS) != 0)? " PROCESS": "",
700
((flags & LOG_REJECT) != 0)? " REJECT" : "");
703
if ((flags & LOG_CONFIG) != 0) ptr = log_config_info(ptr, flags);
705
va_start(ap, format);
706
if (!string_vformat(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer)-1, format, ap))
707
Ustrcpy(ptr, "**** log string overflowed log buffer ****");
712
debug_printf("%s", log_buffer);
715
/* If no log file is specified, we are in a mess. */
717
if ((flags & (LOG_MAIN|LOG_PANIC|LOG_REJECT|LOG_PROCESS)) == 0)
718
log_write(0, LOG_MAIN|LOG_PANIC_DIE, "log_write called with no log "
721
/* There are some weird circumstances in which logging is disabled. */
725
DEBUG(D_any) debug_printf("log writing disabled\n");
729
/* Handle disabled reject log */
731
if (!write_rejectlog) flags &= ~LOG_REJECT;
733
/* Create the main message in the log buffer, including the message
734
id except for the process log and when called by a utility. */
737
sprintf(CS ptr, "%s ", tod_stamp(tod_log));
740
if ((log_extra_selector & LX_pid) != 0)
742
sprintf(CS ptr, "[%d] ", (int)getpid());
746
if (really_exim && (flags & LOG_PROCESS) == 0 && message_id[0] != 0)
748
sprintf(CS ptr, "%s ", message_id);
752
if ((flags & LOG_CONFIG) != 0) ptr = log_config_info(ptr, flags);
754
va_start(ap, format);
755
if (!string_vformat(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer)-1, format, ap))
756
Ustrcpy(ptr, "**** log string overflowed log buffer ****\n");
760
/* Add the raw, unrewritten, sender to the message if required. This is done
761
this way because it kind of fits with LOG_RECIPIENTS. */
763
if ((flags & LOG_SENDER) != 0 &&
764
ptr < log_buffer + LOG_BUFFER_SIZE - 10 - Ustrlen(raw_sender))
766
sprintf(CS ptr, " from <%s>", raw_sender);
770
/* Add list of recipients to the message if required; the raw list,
771
before rewriting, was saved in raw_recipients. There may be none, if an ACL
772
discarded them all. */
774
if ((flags & LOG_RECIPIENTS) != 0 && ptr < log_buffer + LOG_BUFFER_SIZE - 6 &&
775
raw_recipients_count > 0)
778
sprintf(CS ptr, " for");
780
for (i = 0; i < raw_recipients_count; i++)
782
uschar *s = raw_recipients[i];
783
if (log_buffer + LOG_BUFFER_SIZE - ptr < Ustrlen(s) + 3) break;
784
sprintf(CS ptr, " %s", s);
789
sprintf(CS ptr, "\n");
791
length = ptr - log_buffer;
793
/* Handle loggable errors when running a utility, or when address testing.
794
Write to log_stderr unless debugging (when it will already have been written),
795
or unless there is no log_stderr (expn called from daemon, for example). */
797
if (!really_exim || log_testing_mode)
799
if (debug_selector == 0 && log_stderr != NULL &&
800
(selector == 0 || (selector & log_write_selector) != 0))
803
fprintf(log_stderr, "LOG: %s", CS(log_buffer + 20)); /* no timestamp */
805
fprintf(log_stderr, "%s", CS log_buffer);
807
if ((flags & LOG_PANIC_DIE) == LOG_PANIC_DIE) exim_exit(EXIT_FAILURE);
811
/* Handle the main log. We know that either syslog or file logging (or both) is
812
set up. A real file gets left open during reception or delivery once it has
813
been opened, but we don't want to keep on writing to it for too long after it
814
has been renamed. Therefore, do a stat() and see if the inode has changed, and
817
if ((flags & LOG_MAIN) != 0 &&
818
(selector == 0 || (selector & log_write_selector) != 0))
820
if ((logging_mode & LOG_MODE_SYSLOG) != 0 &&
821
(syslog_duplication || (flags & (LOG_REJECT|LOG_PANIC)) == 0))
822
write_syslog(LOG_INFO, log_buffer);
824
if ((logging_mode & LOG_MODE_FILE) != 0)
828
/* Check for a change to the mainlog file name when datestamping is in
829
operation. This happens at midnight, at which point we want to roll over
830
the file. Closing it has the desired effect. */
832
if (mainlog_datestamp != NULL)
834
uschar *nowstamp = tod_stamp(tod_log_datestamp);
835
if (Ustrncmp (mainlog_datestamp, nowstamp, Ustrlen(nowstamp)) != 0)
837
(void)close(mainlogfd); /* Close the file */
838
mainlogfd = -1; /* Clear the file descriptor */
839
mainlog_inode = 0; /* Unset the inode */
840
mainlog_datestamp = NULL; /* Clear the datestamp */
844
/* Otherwise, we want to check whether the file has been renamed by a
845
cycling script. This could be "if else", but for safety's sake, leave it as
846
"if" so that renaming the log starts a new file even when datestamping is
851
if (Ustat(mainlog_name, &statbuf) < 0 || statbuf.st_ino != mainlog_inode)
853
(void)close(mainlogfd);
859
/* If the log is closed, open it. Then write the line. */
863
open_log(&mainlogfd, lt_main); /* No return on error */
864
if (fstat(mainlogfd, &statbuf) >= 0) mainlog_inode = statbuf.st_ino;
867
/* Failing to write to the log is disastrous */
869
if ((rc = write(mainlogfd, log_buffer, length)) != length)
871
log_write_failed(US"main log", length, rc);
872
/* That function does not return */
877
/* Handle the log for rejected messages. This can be globally disabled, in
878
which case the flags are altered above. If there are any header lines (i.e. if
879
the rejection is happening after the DATA phase), log the recipients and the
882
if ((flags & LOG_REJECT) != 0)
886
if (header_list != NULL && (log_extra_selector & LX_rejected_header) != 0)
888
if (recipients_count > 0)
892
/* List the sender */
894
string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer),
895
"Envelope-from: <%s>\n", sender_address);
898
/* List up to 5 recipients */
900
string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer),
901
"Envelope-to: <%s>\n", recipients_list[0].address);
904
for (i = 1; i < recipients_count && i < 5; i++)
906
string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer), " <%s>\n",
907
recipients_list[i].address);
911
if (i < recipients_count)
913
(void)string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer),
919
/* A header with a NULL text is an unfilled in Received: header */
921
for (h = header_list; h != NULL; h = h->next)
924
if (h->text == NULL) continue;
925
fitted = string_format(ptr, LOG_BUFFER_SIZE - (ptr-log_buffer),
926
"%c %s", h->type, h->text);
928
if (!fitted) /* Buffer is full; truncate */
930
ptr -= 100; /* For message and separator */
931
if (ptr[-1] == '\n') ptr--;
932
Ustrcpy(ptr, "\n*** truncated ***\n");
938
length = ptr - log_buffer;
941
/* Write to syslog or to a log file */
943
if ((logging_mode & LOG_MODE_SYSLOG) != 0 &&
944
(syslog_duplication || (flags & LOG_PANIC) == 0))
945
write_syslog(LOG_NOTICE, log_buffer);
947
/* Check for a change to the rejectlog file name when datestamping is in
948
operation. This happens at midnight, at which point we want to roll over
949
the file. Closing it has the desired effect. */
951
if ((logging_mode & LOG_MODE_FILE) != 0)
955
if (rejectlog_datestamp != NULL)
957
uschar *nowstamp = tod_stamp(tod_log_datestamp);
958
if (Ustrncmp (rejectlog_datestamp, nowstamp, Ustrlen(nowstamp)) != 0)
960
(void)close(rejectlogfd); /* Close the file */
961
rejectlogfd = -1; /* Clear the file descriptor */
962
rejectlog_inode = 0; /* Unset the inode */
963
rejectlog_datestamp = NULL; /* Clear the datestamp */
967
/* Otherwise, we want to check whether the file has been renamed by a
968
cycling script. This could be "if else", but for safety's sake, leave it as
969
"if" so that renaming the log starts a new file even when datestamping is
972
if (rejectlogfd >= 0)
974
if (Ustat(rejectlog_name, &statbuf) < 0 ||
975
statbuf.st_ino != rejectlog_inode)
977
(void)close(rejectlogfd);
983
/* Open the file if necessary, and write the data */
987
open_log(&rejectlogfd, lt_reject); /* No return on error */
988
if (fstat(rejectlogfd, &statbuf) >= 0) rejectlog_inode = statbuf.st_ino;
991
if ((rc = write(rejectlogfd, log_buffer, length)) != length)
993
log_write_failed(US"reject log", length, rc);
994
/* That function does not return */
1000
/* Handle the process log file, where exim processes can be made to dump
1001
details of what they are doing by sending them a USR1 signal. Note that
1002
a message id is not automatically added above. This information is always
1003
written to a file - never to syslog. */
1005
if ((flags & LOG_PROCESS) != 0)
1008
open_log(&processlogfd, lt_process); /* No return on error */
1009
if ((rc = write(processlogfd, log_buffer, length)) != length)
1011
log_write_failed(US"process log", length, rc);
1012
/* That function does not return */
1014
(void)close(processlogfd);
1018
/* Handle the panic log, which is not kept open like the others. If it fails to
1019
open, there will be a recursive call to log_write(). We detect this above and
1020
attempt to write to the system log as a last-ditch try at telling somebody. In
1021
all cases except mua_wrapper, try to write to log_stderr. */
1023
if ((flags & LOG_PANIC) != 0)
1025
if (log_stderr != NULL && log_stderr != debug_file && !mua_wrapper)
1026
fprintf(log_stderr, "%s", CS log_buffer);
1028
if ((logging_mode & LOG_MODE_SYSLOG) != 0)
1030
write_syslog(LOG_ALERT, log_buffer);
1033
/* If this panic logging was caused by a failure to open the main log,
1034
the original log line is in panic_save_buffer. Make an attempt to write it. */
1036
if ((logging_mode & LOG_MODE_FILE) != 0)
1038
panic_recurseflag = TRUE;
1039
open_log(&paniclogfd, lt_panic); /* Won't return on failure */
1040
panic_recurseflag = FALSE;
1042
if (panic_save_buffer != NULL)
1043
(void) write(paniclogfd, panic_save_buffer, Ustrlen(panic_save_buffer));
1045
if ((rc = write(paniclogfd, log_buffer, length)) != length)
1047
int save_errno = errno;
1048
write_syslog(LOG_CRIT, log_buffer);
1049
sprintf(CS log_buffer, "write failed on panic log: length=%d result=%d "
1050
"errno=%d (%s)", length, rc, save_errno, strerror(save_errno));
1051
write_syslog(LOG_CRIT, log_buffer);
1052
flags |= LOG_PANIC_DIE;
1055
(void)close(paniclogfd);
1058
/* Give up if the DIE flag is set */
1060
if ((flags & LOG_PANIC_DIE) != LOG_PANIC)
1061
die(NULL, US"Unexpected failure, please try later");
1067
/*************************************************
1068
* Close any open log files *
1069
*************************************************/
1075
{ (void)close(mainlogfd); mainlogfd = -1; }
1076
if (rejectlogfd >= 0)
1077
{ (void)close(rejectlogfd); rejectlogfd = -1; }
1079
syslog_open = FALSE;