by
<citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
<option>--setup-keys</option>
- command), forward secure sealing (FSS)
+ command), Forward Secure Sealing (FSS)
for all persistent journal files is
enabled. FSS is based on <ulink
url="https://eprint.iacr.org/2013/397">Seekable
Sequential Key Generators</ulink> by
- G. A. Marson and B. Poettering and
- may be used to protect journal files
- from unnoticed
- alteration.</para></listitem>
+ G. A. Marson and B. Poettering
+ (doi:10.1007/978-3-642-40203-6_7)
+ and may be used to protect journal files
+ from unnoticed alteration.</para></listitem>
</varlistentry>
<varlistentry>
into the system journal. If
<literal>uid</literal>, any user ID
will get his own journal files
- regardless whether it belongs to a
+ regardless of whether it belongs to a
system service or refers to a real
logged in user. If
<literal>none</literal>, journal files
<para><varname>SystemMaxUse=</varname>
and <varname>RuntimeMaxUse=</varname>
control how much disk space the
- journal may use up at
- maximum. Defaults to 10% of the size
- of the respective file
- system. <varname>SystemKeepFree=</varname>
- and
+ journal may use up at maximum.
+ <varname>SystemKeepFree=</varname> and
<varname>RuntimeKeepFree=</varname>
control how much disk space
- systemd-journald shall always leave
- free for other uses. Defaults to 15%
- of the size of the respective file
- system. systemd-journald will respect
- both limits, i.e. use the smaller of
- the two values.
- <varname>SystemMaxFileSize=</varname>
+ systemd-journald shall leave free for
+ other uses.
+ <command>systemd-journald</command>
+ will respect both limits and use the
+ smaller of the two values.</para>
+
+ <para>The first pair defaults to 10%
+ and the second to 15% of the size of
+ the respective file system. If the
+ file system is nearly full and either
+ <varname>SystemKeepFree=</varname> or
+ <varname>RuntimeKeepFree=</varname> is
+ violated when systemd-journald is
+ started, the value will be raised to
+ percentage that is actually free. This
+ means that if there was enough
+ free space before and journal files were
+ created, and subsequently something
+ else causes the file system to fill
+ up, journald will stop using more
+ space, but it will not be removing
+ existing files to go reduce footprint
+ either.</para>
+
+ <para><varname>SystemMaxFileSize=</varname>
and
<varname>RuntimeMaxFileSize=</varname>
control how large individual journal
<varlistentry>
<term><varname>SyncIntervalSec=</varname></term>
- <listitem><para>The timeout before synchronizing journal
- data to disk. After syncing, journal files have
- the OFFLINE state. Default timeout is 5 minutes.
+ <listitem><para>The timeout before
+ synchronizing journal files to
+ disk. After syncing, journal files are
+ placed in the OFFLINE state. Note that
+ syncing is unconditionally done
+ immediately after a log message of
+ priority CRIT, ALERT or EMERG has been
+ logged. This setting hence applies
+ only to messages of the levels ERR,
+ WARNING, NOTICE, INFO, DEBUG. The
+ default timeout is 5 minutes.
</para></listitem>
</varlistentry>
<term><varname>ForwardToSyslog=</varname></term>
<term><varname>ForwardToKMsg=</varname></term>
<term><varname>ForwardToConsole=</varname></term>
+ <term><varname>ForwardToWall=</varname></term>
<listitem><para>Control whether log
messages received by the journal
daemon shall be forwarded to a
traditional syslog daemon, to the
- kernel log buffer (kmsg), or to the
- system console. These options take
- boolean arguments. If forwarding to
- syslog is enabled but no syslog daemon
- is running, the respective option has
- no effect. By default, only forwarding
- to syslog is enabled. These settings
- may be overridden at boot time with
- the kernel command line options
+ kernel log buffer (kmsg), to the
+ system console, or sent as wall
+ messages to all logged-in users. These
+ options take boolean arguments. If
+ forwarding to syslog is enabled but no
+ syslog daemon is running, the
+ respective option has no effect. By
+ default, only forwarding to syslog and
+ wall is enabled. These settings may be
+ overridden at boot time with the
+ kernel command line options
<literal>systemd.journald.forward_to_syslog=</literal>,
- <literal>systemd.journald.forward_to_kmsg=</literal>
+ <literal>systemd.journald.forward_to_kmsg=</literal>,
+ <literal>systemd.journald.forward_to_console=</literal>
and
- <literal>systemd.journald.forward_to_console=</literal>.
- </para></listitem>
+ <literal>systemd.journald.forward_to_wall=</literal>.
+ When forwarding to the console, the
+ TTY to log to can be changed
+ with <varname>TTYPath=</varname>,
+ described below.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>MaxLevelSyslog=</varname></term>
<term><varname>MaxLevelKMsg=</varname></term>
<term><varname>MaxLevelConsole=</varname></term>
+ <term><varname>MaxLevelWall=</varname></term>
<listitem><para>Controls the maximum
log level of messages that are stored
- on disk, forwarded to syslog, kmsg or
- the console (if that is enabled, see
- above). As argument, takes one of
+ on disk, forwarded to syslog, kmsg,
+ the console or wall (if that is
+ enabled, see above). As argument,
+ takes one of
<literal>emerg</literal>,
<literal>alert</literal>,
<literal>crit</literal>,
written to disk and forwarded to
syslog. Defaults to
<literal>notice</literal> for
- <varname>MaxLevelKMsg=</varname> and
+ <varname>MaxLevelKMsg=</varname>,
<literal>info</literal> for
- <varname>MaxLevelConsole=</varname>.</para></listitem>
+ <varname>MaxLevelConsole=</varname> and
+ <literal>emerg</literal> for
+ <varname>MaxLevelWall=</varname>.</para></listitem>
</varlistentry>
<varlistentry>