replacing rsyslogd in minimal with journald [was Re: systemd requires HTTP server and serves QR codes]
Stephen John Smoogen
smooge at gmail.com
Tue Oct 9 22:17:39 UTC 2012
On 9 October 2012 16:08, Lennart Poettering <mzerqung at 0pointer.de> wrote:
> On Tue, 09.10.12 15:41, Stephen John Smoogen (smooge at gmail.com) wrote:
>> On 9 October 2012 15:24, Lennart Poettering <mzerqung at 0pointer.de> wrote:
>> > On Tue, 09.10.12 16:53, Simo Sorce (simo at redhat.com) wrote:
>> > If you want audit-like semantics with crashing if we cannot write, then
>> > use something else, not the journal. The journal is supposed to be
>> > robust and do the right thing so that you can leave it unnatteneded and
>> > whatever happens it didn't spill the disk or become unavailable. It's
>> > supposed to be "zero maintainance".
>> So in those cases rsyslog would be required, but would be seen as a
>> post-install step.
>> EG what you are looking at is building a GNOME-OS and for those sorts
>> of tablets, etc the journal is right for that. The other cases like at
>> a Hospital, trading firm or various .gov.XX then having rsyslog
>> installed with audit post would be the way to get the needed features.
> This is BS. The journal is for most folks, not just GNOME users.
Ugh.. look I was trying to restate exactly what you said in previous
emails to make sure I understood what you were saying and to show I
agreed where that is coming from.. and it looks like I dropped some
By GNOME-OS I meant a particular use-case where a journal would be
useful and it is built for like you said in previous emails. Change
GNOME-OS to Fedora, KDE-OS, Mozilla-OS, whatever.. it is a use case
for a lot of people.
Sites that need specialized big business needs are going to need
something like rsyslog because they have limited case issues.. like
never over-writing logs, halting when logs fill up, etc. Those are
written in regulations that aren't going to change in anytime before
say RHEL-10 comes out.
> How many people actually enable "auditctl -f2"? There's probably not
> many except a few three letter agencies and similar folks.
The hospital servers I helped work with had to have it for HIPAA and
SOX Banes. The money systems that had PCI-DSS also had it on some. But
I am agreeing with you it is a small case.
Stephen J Smoogen.
"Don't derail a useful feature for the 99% because you're not in it."
"Years ago my mother used to say to me,... Elwood, you must be oh
so smart or oh so pleasant. Well, for years I was smart. I
recommend pleasant. You may quote me." —James Stewart as Elwood P. Dowd
More information about the devel