replacing rsyslogd in minimal with journald [was Re: systemd requires HTTP server and serves QR codes]
Miloslav Trmač
mitr at volny.cz
Wed Oct 10 15:05:58 UTC 2012
I apologize, I'm ill and not generally up to providing detailed
responses. So just some sourced facts to counter [1] untruths.
For education on what current syslogs do,
http://blog.gerhards.net/2012/10/main-advantages-of-rsyslog-v7-vs-v5.html
is a possible start and http://www.rsyslog.com/doc/manual.html
contains much more.
On Tue, Oct 9, 2012 at 11:24 PM, Lennart Poettering
<mzerqung at 0pointer.de> wrote:
> I am not generally against adding time-based rotation, but really, this
> is much less of a "necessity" than other things the journal provides,
> which syslog does not: for example per-service rate limits,
False. http://www.rsyslog.com/doc/imuxsock.html, "There is input rate
limiting available", currently enabled by default in Fedora.
> and
> unfakable meta-data for log messages.
False: http://www.rsyslog.com/doc/imuxsock.html, "trusted syslog
properties are available" (and in v7 they can be enabled in the Fedora
configuration by default)
On Wed, Oct 10, 2012 at 12:08 AM, Lennart Poettering
<mzerqung at 0pointer.de> wrote:
> I am not a security guy, but having
> logs where unprivileged users cannot insert undetectable fakes
(Re: the implied claim that systemd provides that):
For the "unprivileged user" part, see above.
For the cryptographic protection, false.
http://cgit.freedesktop.org/systemd/systemd/tree/man/journalctl.xml#n358
defaults to 15 minutes, which is an eternity.
Mirek
[1] An adjective belongs here. I can think of about 10 candidates,
but I feel too ill and grumpy to trust myself to choose well.
More information about the devel
mailing list