On Thu, 2013-06-27 at 18:41 -0400, Colin Walters wrote:
On Thu, 2013-06-27 at 23:38 +0200, Lennart Poettering wrote:
> Why would you want this? I mean, we rate-limit per-service anyway, so
> the issue of one app flooding evreything else should be mostly
> non-existant. And hence, what you are asking for is some policy control
> about what to delete first, which only really matters if your disk space
> is very very limited?
Would you consider it sane to log say Apache traffic to the journal? If
not, then there's still logrotate in the picture, and daemons need to do
the whole SIGHUP dance. You can ignore the rest of this message in that
case.
But if you do, then it would seem fairly sane to me on a medium traffic
site to want the ability to have different retention
policies for the webserver logs versus other system events like sudo
activations or a change of the root password.
I'm not entirely sure how this works, but in some sense, journal
separates logs *by uid* - if you look in /var/log/journal , there are
files for root and files for your uid. If you were logging httpd via the
journal, it may be that it'd wind up in a different journal file for the
uid httpd was being run as. I haven't checked if you can set rotation
policies on a per-uid level. (I'm sure Lennart can explain this more,
er, correctly.)
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora
http://www.happyassassin.net