LinuxQuestions.org - Journalctl. What kind of journald setting is more correct?

Page 2 of 2

Show 50 post(s) from this thread on one page

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - Journalctl. What kind of journald setting is more correct? (https://www.linuxquestions.org/questions/linux-server-73/journalctl-what-kind-of-journald-setting-is-more-correct-4175634698/)

alekseev

07-23-2018 02:56 AM

Quote:

Originally Posted by ferrari (Post 5882525)

Yes, that can be done eg

Code:

# journal --file journalctl --file /path/to/another/system.journal

Read the man page for journalctl...

Is vulnerability in the security system?

ferrari

07-23-2018 03:11 AM

Why do you ask that? It's no different than other system logs, or perhaps confidential/restricted files on a system. The system should be locked down by the administrator as necessary.

alekseev

07-23-2018 04:27 AM

Quote:

Originally Posted by ferrari (Post 5882536)

Why do you ask that? It's no different than other system logs, or perhaps confidential/restricted files on a system. The system should be locked down by the administrator as necessary.

Why does any user have full access to the database journald?
I can not understand the meaning !!!

ferrari

07-23-2018 05:31 AM

They don't. You need to be root to read it.

alekseev

07-23-2018 05:37 AM

Quote:

Originally Posted by ferrari (Post 5882564)

They don't. You need to be root to read it.

But then any user can copy the journald database to the local computer. Read the full log from all users.

ferrari

07-23-2018 05:58 AM

No, it can't be copied without root credentials! Look...

Code:

ls -la /var/log/journal/a0848146a8854c519ce698d28901e824/system.journal 

-rw-r----- 1 root systemd-journal 8388608 Jul 23 22:36 /var/log/journal/a0848146a8854c519ce698d28901e824/system.journal

alekseev

07-23-2018 06:04 AM

Quote:

Originally Posted by ferrari (Post 5882564)

They don't. You need to be root to read it.

Quote:

Originally Posted by ferrari (Post 5882577)

No, it can't be copied without root credentials! Look...

Code:

ls -la /var/log/journal/a0848146a8854c519ce698d28901e824/system.journal 

-rw-r----- 1 root systemd-journal 8388608 Jul 23 22:36 /var/log/journal/a0848146a8854c519ce698d28901e824/system.journal

Thank's.

All times are GMT -5. The time now is 12:43 PM.

Page 2 of 2

Show 50 post(s) from this thread on one page