X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fsystemd-journald.service.xml;h=5634dd0a21c2b2089194372c74b2ec5cb9ff1202;hp=202ea004004979de673dc00a165cb245e576d077;hb=7abfbe7903d8e792850ec39286a3d86e616a6477;hpb=01cf0ca850dd1c21e1c405a4493fe61d0c28d721 diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml index 202ea0040..5634dd0a2 100644 --- a/man/systemd-journald.service.xml +++ b/man/systemd-journald.service.xml @@ -24,7 +24,7 @@ - systemd-journald + systemd-journald.service systemd @@ -38,18 +38,20 @@ - systemd-journald + systemd-journald.service 8 systemd-journald.service + systemd-journald.socket systemd-journald - systemd Journal Service + Journal service systemd-journald.service + systemd-journald.socket /usr/lib/systemd/systemd-journald @@ -71,24 +73,24 @@ Log data collected by the journal is primarily - text based but can also include binary data where + text-based but can also include binary data where necessary. All objects stored in the journal can be up to 2^64-1 bytes in size. By default the journal stores log data in /run/log/journal/. Since - /run/ is volatile log data is - lost at reboot. To make the data persistant it + /run/ is volatile, log data is + lost at reboot. To make the data persistent, it is sufficient to create /var/log/journal/ where systemd-journald will then store the data. systemd-journald will - forward all received log messages to the AF_UNIX - SOCK_DGRAM socket - /run/systemd/journal/syslog (if it exists) which - may be used by UNIX syslog daemons to process the data + forward all received log messages to the AF_UNIX + SOCK_DGRAM socket + /run/systemd/journal/syslog, if it exists, which + may be used by Unix syslog daemons to process the data further. See @@ -97,13 +99,154 @@ service. + + Signals + + + + SIGUSR1 + + Request that journal + data from /run/ + is flushed to + /var/ in order to + make it persistent (if this is + enabled). This must be used after + /var/ is mounted, + as otherwise log data from + /run is never + flushed to /var + regardless of the + configuration. + + + + SIGUSR2 + + Request immediate + rotation of the journal + files. + + + + + + Kernel Command Line + + A few configuration parameters from + journald.conf may be overridden on + the kernel command line: + + + + systemd.journald.forward_to_syslog= + systemd.journald.forward_to_kmsg= + systemd.journald.forward_to_console= + + Enables/disables + forwarding of collected log messages + to syslog, the kernel log buffer or + the system console. + + + See + journald.conf5 + for information about these settings. + + + + + + + + Access Control + + Journal files are, by default, owned and readable + by the systemd-journal system group + but are not writable. Adding a user to this group thus + enables her/him to read the journal files. + + By default, each logged in user will get her/his + own set of journal files in + /var/log/journal/. These files + will not be owned by the user, however, in order to + avoid that the user can write to them + directly. Instead, file system ACLs are used to ensure + the user gets read access only. + + Additional users and groups may be granted + access to journal files via file system access control + lists (ACL). Distributions and administrators may + choose to grant read access to all members of the + wheel and adm + system groups with a command such as the + following: + + # setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ + + Note that this command will update the ACLs both + for existing journal files and for future journal + files created in the + /var/log/journal/ + directory. + + + + Files + + + + /etc/systemd/journald.conf + + Configure + systemd-journald + behaviour. See + journald.conf5. + + + + + /run/log/journal/machine-id/*.journal + /run/log/journal/machine-id/*.journal~ + /var/log/journal/machine-id/*.journal + /var/log/journal/machine-id/*.journal~ + + systemd-journald + writes entries to files in + /run/log/journal/machine-id/ + or + /var/log/journal/machine-id/ + with the .journal + suffix. If the daemon is stopped + uncleanly, or if the files are found + to be corrupted, they are renamed + using the .journal~ + suffix, and + systemd-journald + starts writing to a new + file. /run is + used when + /var/log/journal + is not available, or when + is + set in the + journald.conf5 + configuration file. + + + + + See Also systemd1, journalctl1, journald.conf5, - systemd.journal-fields7 + systemd.journal-fields7, + sd-journal3, + setfacl1, + pydoc systemd.journal.