[systemd-devel] systemd-journal-remote
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Sun Mar 16 23:29:22 PDT 2014
[CC: people who commented on previous version of patches or otherwise
expressed interest]
Hi,
I now pushed patches which add systemd-journal-remote. They are based
on the previous version from 2012, but were rewritten to use sd-event
and epoll in µhttpd. Basic usage goes like this:
pull:
remote> systmectl start systemd-journal-gatewayd
local> systemd-journal-remote --url http://some.host:19531/
push:
remote> systemd-journal-remote --listen-raw 2000
local> journalctl -f -o verbose | nc some.host 2000
or
remote> systemd-journal-remote --listen-http 2000
local> journalctl -o verbose > file
local> curl -X POST -H 'Content-Type: application/vnd.fdo.journal' --data-binary '@file' http://some.host:2000/upload
Curl requires the whole file to be exported first, which isn't great,
because it wants to give the content size in the header. I'm note
sure if it is possible to tell it to not do that.
There's also simplistic encryption and authentication support.
With --cert and --key options, systemd-journal-gateway will present
the given certificate when clients connect to it. With an
additional --trust option, it will present a CA certificate to
clients, and require in turn that the client present a certificate
signed by the same CA.
I haven't really tested things too much, so I'm pretty sure that there
are bugs, so this (systemd-journal-remote) shouldn't be used for anything
serious yet.
Outlook:
I talked with David about resolving the CN as a local user and
requiring that this user be in some group. I still think this would
be nice to add.
A dedicated pusher tool, which would keep track of pushed messages and
store the last confirmed cursor in /var/lib/systemd/ somewhere and
run as a service would be nice too.
Zbyszek
More information about the systemd-devel
mailing list