X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fsystemd-journald.service.xml;h=bc32c8e38bd29c942de2967a84846c133597ca7c;hp=5d39c50f62d7523efafacfc35beb357de4b3ecea;hb=cb90460e04743dd66dea37534af601786c428206;hpb=3ab1e259d918228c68c1829bd67625e1dc660862

diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml
index 5d39c50f6..bc32c8e38 100644
--- a/man/systemd-journald.service.xml
+++ b/man/systemd-journald.service.xml
@@ -24,7 +24,7 @@
 <refentry id="systemd-journald.service">
 
         <refentryinfo>
-                <title>systemd-journald</title>
+                <title>systemd-journald.service</title>
                 <productname>systemd</productname>
 
                 <authorgroup>
@@ -38,18 +38,20 @@
         </refentryinfo>
 
         <refmeta>
-                <refentrytitle>systemd-journald</refentrytitle>
+                <refentrytitle>systemd-journald.service</refentrytitle>
                 <manvolnum>8</manvolnum>
         </refmeta>
 
         <refnamediv>
                 <refname>systemd-journald.service</refname>
+                <refname>systemd-journald.socket</refname>
                 <refname>systemd-journald</refname>
-                <refpurpose>systemd Journal Service</refpurpose>
+                <refpurpose>Journal service</refpurpose>
         </refnamediv>
 
         <refsynopsisdiv>
                 <para><filename>systemd-journald.service</filename></para>
+                <para><filename>systemd-journald.socket</filename></para>
                 <para><filename>/usr/lib/systemd/systemd-journald</filename></para>
         </refsynopsisdiv>
 
@@ -97,13 +99,107 @@
                 service.</para>
         </refsect1>
 
+        <refsect1>
+                <title>Signals</title>
+
+                <variablelist>
+                        <varlistentry>
+                                <term>SIGUSR1</term>
+
+                                <listitem><para>Request that journal
+                                data from <filename>/run/</filename>
+                                is flushed to
+                                <filename>/var/</filename> in order to
+                                make it persistent (if this is
+                                enabled). This may be used after
+                                <filename>/var/</filename> is mounted,
+                                but is generally not required since
+                                the first journal write when
+                                <filename>/var/</filename> becomes
+                                writable triggers the flushing
+                                anyway.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term>SIGUSR2</term>
+
+                                <listitem><para>Request immediate
+                                rotation of the journal
+                                files.</para></listitem>
+                        </varlistentry>
+                </variablelist>
+        </refsect1>
+
+        <refsect1>
+                <title>Kernel Command Line</title>
+
+                <para>A few configuration parameters from
+                <filename>journald.conf</filename> may be overridden on
+                the kernel command line:</para>
+
+                <variablelist class='kernel-commandline-options'>
+                        <varlistentry>
+                                <term><varname>systemd.journald.forward_to_syslog=</varname></term>
+                                <term><varname>systemd.journald.forward_to_kmsg=</varname></term>
+                                <term><varname>systemd.journald.forward_to_console=</varname></term>
+
+                                <listitem><para>Enables/disables
+                                forwarding of collected log messages
+                                to syslog, the kernel log buffer or
+                                the system console.
+                                </para>
+
+                                <para>See
+                                <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for information about these settings.</para>
+                                </listitem>
+
+                        </varlistentry>
+                </variablelist>
+        </refsect1>
+
+        <refsect1>
+                <title>Access Control</title>
+
+                <para>Journal files are by default owned and readable
+                by the <literal>systemd-journal</literal> system group
+                (but not writable). Adding a user to this group thus
+                enables her/him to read the journal files.</para>
+
+                <para>By default, each logged in user will get her/his
+                own set of journal files in
+                <filename>/var/log/journal/</filename>. These files
+                will not be owned by the user however, in order to
+                avoid that the user can write to them
+                directly. Instead, file system ACLs are used to ensure
+                the user gets read access only.</para>
+
+                <para>Additional users and groups may be granted
+                access to journal files via file system access control
+                lists (ACL). Distributions and administrators may
+                choose to grant read access to all members of the
+                <literal>wheel</literal> and <literal>adm</literal>
+                system groups with a command such as the
+                following:</para>
+
+                <programlisting># setfacl -Rnm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/</programlisting>
+
+                <para>Note that this command will update the ACLs both
+                for existing journal files and for future journal
+                files created in the
+                <filename>/var/log/journal/</filename>
+                directory.</para>
+        </refsect1>
+
         <refsect1>
                 <title>See Also</title>
                 <para>
                         <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                         <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                         <citerefentry><refentrytitle>journald.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
-                        <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+                        <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+                        <citerefentry><refentrytitle>sd-journal</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+                        <citerefentry><refentrytitle>setfacl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
                 </para>
         </refsect1>