[systemd-devel] how to encrypt journalctl metadata
lennart at poettering.net
Thu Aug 18 11:25:41 UTC 2016
On Wed, 17.08.16 12:10, Divya Thaluru (divya.thaluru at gmail.com) wrote:
> Journalctl stores metadata like "_UID,_GID,_CMDLINE,_SYSTEMD_CGROUP etc…"
> for each message. Is there any way, can we encrypt metadata (commandline
> info) so sensitive information wont be stored.
> If encryption of metadata is not possible, can we disable collecting the
The journal does not support encryption, and it does not disable
collecting metadata implicitly. You may however turn off all storage
by the journal by setting Storage=none in journald.conf. In that mode
you may optionally connect another syslog daemon to it via
ForwardToSyslog=yes, which implements the features you are looking for.
Lennart Poettering, Red Hat
More information about the systemd-devel