[systemd-devel] how to encrypt journalctl metadata

Mikhail Kasimov mikhail.kasimov at gmail.com
Thu Aug 18 15:08:38 UTC 2016


Ok, thanks for making this aspect more clear!


18.08.2016 18:00, Lennart Poettering пишет:
> On Thu, 18.08.16 15:55, Mikhail Kasimov (mikhail.kasimov at gmail.com) wrote:
>
>> Hello!
>> Personally, don't we have philosophical contradiction here? -- Journal is
>> positioned as syslog alternative with more wide functionality, but in
>> current case we offer to turn off whole journal to make functionality only
>> as transport. No problem, but is RFE to incorporate ExcludeMetaData=
>> parameter to /journald.conf acceptable here?
> No, we explicitly never had the goal to be as featureful as rsyslog or
> syslog-ng. The journal has a different feature set, and puts a strong
> emphasis on structured log events, implicit metadata and indexed
> lookups. It's completely OK if people look for a different feature set
> and it's easy to install a different logger side-by-side to journald
> and it will get all the same data the journal gets.
>
> Quite frankly, I am very much against turning the journal into
> something that processes log data at collection time with matches and
> regexes and suchlike. If you don't want the journal to collect
> metadata, then the journal is probably not the tool you want, but
> something else, and in that case turn stroage in it off, and just use
> it as a multiplexer that collects data from all the various sources
> and passes it to the syslog implementation of your choice.
>
> Of course, you'll lose all the journal hook-up in tools like
> "systemctl status" if you don#t use the journal, but I think that's a
> fair deal.
>
> Lennart
>



More information about the systemd-devel mailing list