replacing rsyslogd in minimal with journald [was Re: systemd requires HTTP server and serves QR codes]

Tue Oct 9 20:53:01 UTC 2012

On Tue, 2012-10-09 at 20:47 +0200, Lennart Poettering wrote:
> On Tue, 09.10.12 13:40, Chris Adams (cmadams at hiwaay.net) wrote:
> 
> > Once upon a time, Lennart Poettering <mzerqung at 0pointer.de> said:
> > > Only users in the "adm" group can see system logs and logs of
> > > other users.
> > 
> > Is this configurable (if so, how)?  For example, all the "wheel is
> > special" behavior I am aware of is configurable (e.g. PAM config,
> > visudo).
> 
> This is currently not configurable.

This is bad, I certainly do not want adm users to be able to
read /var/log/secure, passwords do accidentally end up there, only root
should be allowed to read that file.

And AFAIK only root can read /var/log/messages in fedora, so you are
*relaxing* access and that is something that should be carefully
reviewed.

What is the rationale for relaxing access ?
Who is normally added to the adm group ?

> > Also: what is the equivalent for logrotate in the systemd journal
> > case?
> 
> Rotation happens in-line, i.e. each time before we are about to write an
> entry we check if rotation is necessary and execute it. This should make
> things a lot more robust, as this fixes a common issue with syslog where
> a lot of data generated in bursts could flood the fs until a much later
> time-based rotation took place. This time window goes away with the journal.

Lovely so now I have a perfect way to remove all traces of access all we
need is to cause a lot of logging to go through until it is merrily
deleted ?

This *must* be configurable, there are places where rotation is not
allowed at all and the system *must* crash and stop if logs can't be
written and preserved.

> > How can you configure how much log data is kept and for how long?
> 
> Rotation is strictly bound to disk size and space. There's an upper
> limit on how much journald will consume, and a lower limit on how much
> journald will always leave free.
> 
> See SystemMaxUse= resp. SystemKeepFree= in journald.conf(5).

You need to allow boundless configurations, see above.
Also rotating based on use is generally annoying to admins, as it makes
more difficult to predict where stuff will end up and what will
deterministically be in backups.

logrotate has time based policies for very good reasons.

Your policy may make sense on space-constrained configuration but in any
other system they make little sense, and log compression on rotation is
all you really need (lots of repetitions in the logs allow big gains
when compressing).

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York