Journalctl. What kind of journald setting is more correct?

alekseev

New Member
Credits
0
journald allows you to configure yourself through a configuration file or command line.

Configuration file:
SystemMaxUse = - the maximum amount that logs can occupy on the disk;
SystemKeepFree = - the amount of free space that should remain on the disk after saving logs;
SystemMaxFileSize = - the size of the log file upon which it should be removed from the disk;
RuntimeMaxUse = - the maximum amount that logs can occupy in the file system / run;
RuntimeKeepFree = - the amount of free space that must remain in the file system / run after saving logs;
RuntimeMaxFileSize = - the size of the log file upon which it should be removed from the file system / run.

Command line:
journalctl --vacuum-size = 1G
journalctl --vacuum-time = 1years

Which option is more correct in view of saving the settings after rebooting or shutting down?
 


Credits
0
Greetings alekseev,
The command line options are cut off the current size to 1G or 1 year. If you set the variables in the configuration the future log files wont exceed the value. So to answer your question :
If you set it through the configuration file it will be persistent.

Greetings
Scoobithepirate
 

alekseev

New Member
Credits
0
Greetings alekseev,
The command line options are cut off the current size to 1G or 1 year. If you set the variables in the configuration the future log files wont exceed the value. So to answer your question :
If you set it through the configuration file it will be persistent.

Greetings
Scoobithepirate
If I understood you correctly. The logging configuration must go through the configuration file.
 
Credits
0
Why does any user have full access to the database journald?
I can not understand the meaning !!!
Lets take a log in the man journalctl

All users are granted access to their private per-user journals.
However, by default, only root and users who are members of a few
special groups are granted access to the system journal and the
journals of other users. Members of the groups "systemd-journal",
"adm", and "wheel" can read all journal files. Note that the two latter
groups traditionally have additional privileges specified by the
distribution. Members of the "wheel" group can often perform
administrative tasks.
There you go. Only root and members of the special groups are allowed for the whole database.

Greetings
 
Credits
0
It depents on the configuration. Is your log persistent or cleared at shutdown? Default Location for the Logs is /run/log/journal/uuid where uuid is different in every System. If you got it persistent it will be located in /var/...

Greetings
 

alekseev

New Member
Credits
0
It depents on the configuration. Is your log persistent or cleared at shutdown? Default Location for the Logs is /run/log/journal/uuid where uuid is different in every System. If you got it persistent it will be located in /var/...

Greetings
Deeply sorry. If the log in /var/log/journald. How to make access limited. I do not want everyone to copy the log to the local disk. But at the same time I want the user to see their logs.
 
Credits
0
No problem, your welcome.
Well lets take a look inside /var/log/journal/
-rw-r-----+ 1 root systemd-journal 16777216 23. Jul 12:36 system.journal
as wee see the owner of this file is root and the groupowner is systemd-journal.
so lets give it a try to open the system.journal as normal user will result:
cat: /var/log/journal/41150414268847b1860b5f6c3023d38b/system.journal: Permission denied
so the normal user isn´t able to check the system.journal or any other logfile. For each User there is an Log file placed which named like : User-$UID.journal . Owner is the root/systemd-journal

To read the file you must access as root. If you not you can´t copy because copy net to read the file. So i think the solution of your problem is to let it how it is.

Greetings
 


Members online


Latest posts

Top