Article <vqpsct$234iu$1@dont-email.me>

Deutsch English Français Italiano
<vqpsct$234iu$1@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article
Path: ...!weretis.net!feeder9.news.weretis.net!news.quux.org!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: John McCue <jmccue@qball.jmcunx.com>
Newsgroups: comp.os.linux.misc
Subject: Re: More systemdCrap
Date: Tue, 11 Mar 2025 17:37:33 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 41
Message-ID: <vqpsct$234iu$1@dont-email.me>
References: <vqn41l$1efis$1@dont-email.me> <vqna2v$1fks2$1@dont-email.me> <vqnbm7$1g56j$1@dont-email.me> <gjo3alxe38.ln2@Telcontar.valinor> <vqnja1$1hrbi$1@dont-email.me> <rq44alxv4u.ln2@Telcontar.valinor> <20250310152856.00004b5a@gmail.com> <vqoqfk$1s78c$3@dont-email.me> <h8m5alx305.ln2@Telcontar.valinor>
Reply-To: jmclnx@SPAMisBADgmail.com
Injection-Date: Tue, 11 Mar 2025 18:37:34 +0100 (CET)
Injection-Info: dont-email.me; posting-host="b8a52e2e891bc8ac285447f3748052cf";
	logging-data="2200158"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/vAm8v9JuFbvOBFhWtmLyi"
User-Agent: tin/2.6.3-20231224 ("Banff") (OpenBSD/7.6 (amd64))
Cancel-Lock: sha1:Nv8bmqbzUI0wQk4Vev/LLY7qgU8=
X-OS-Version: OpenBSD 7.6 amd64
Bytes: 2790

Carlos E.R. <robin_listas@es.invalid> wrote:
> On 2025-03-11 08:58, The Natural Philosopher wrote:
>> On 10/03/2025 22:28, John Ames wrote:
>>> On Mon, 10 Mar 2025 23:14:19 +0100
>>> "Carlos E.R." <robin_listas@es.invalid> wrote:
>>>
>>>> Nothing is broken, it has been intentionally designed this way
>>>
>>> Okay, sure - but that design is stupid.
>>>
>> Exactly.
>> 
>> Journalctl should be able to take the One True Logfile and scan it, 
>> rewriting items to be retained and discarding items to be deleted .
>> 
> Nope.
> 
> That's manipulating information and has legal implications. Yes,
> that's  the intentional reason why systemd refuses to do it.

I thought of this after I posted about the journal being a
database of sorts.  And yes, if this really worked it would
make a lot of sense.

But a person wanting to hide something would just delete all
the log files and have done with it, not take the time to
look for a specific entry.

In anycase, to me the best way to save log data is to mirror
it on a server only trusted people have access to, syslog
can do this.  I remember people asked for this with journald
and the response was to somehow pipe the data from journald
into syslogd and that would mirror it.

Also if entries are removed from the journal, a log on the
remote system could be added stating "this entry was deleted
by ? on ?".  But maybe the design makes this too hard.

-- 
[t]csh(1) - "An elegant shell, for a more... civilized age."
                        - Paraphrasing Star Wars