replacing rsyslogd in minimal with journald [was Re: systemd requires HTTP server and serves QR codes]
Simo Sorce
simo at redhat.com
Wed Oct 10 02:30:38 UTC 2012
On Tue, 2012-10-09 at 23:24 +0200, Lennart Poettering wrote:
> I am not generally against adding time-based rotation, but really,
> this
> is much less of a "necessity" than other things the journal provides,
> which syslog does not: for example per-service rate limits, and
> unfakable meta-data for log messages. I mean, really, how can we ship
> a syslog where every random user can fake messages, say they are from
> a privileged process and offer no way how to detect that?
I am not saying you need to remove any of the good features, not even
sure why you seem to make an either/or case.
The point of adding time based rotation is exactly so that *more* users
can use it and benefit from the other features.
> > Also rotating based on use is generally annoying to admins, as it
> makes
> > more difficult to predict where stuff will end up and what will
> > deterministically be in backups.
>
> For some sure, for most not.
For most people you could simply throw away multiuser support and always
run as root, I don't think that makes for a good argument to do so
anyway.
> > logrotate has time based policies for very good reasons.
>
> Yeah, because Unix doesn't really allow much else...
>
Oh come on, stop bashing unix, logrotate could certainly grow a size
checking policy if people felt the need, unix is not holding you back,
in fact you are building this stuff on a unix-like system.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the devel
mailing list