DaemonForums  

Go Back   DaemonForums > DaemonForums.org > News

News News regarding BSD and related.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 21st November 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default Journal: end of the line for syslog?

From http://h-online.com/-1382246

Quote:
Lennart Poettering and Kay Sievers have developed a new Linux logging system with the aim of replacing syslog. The two Red Hat developers hope that their Journal daemon will resolve a number of perceived problems with syslog, the current industry standard for logging on Unix systems.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
  #2   (View Single Post)  
Old 21st November 2011
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,051
Thanked 198 Times in 156 Posts
Default

1) Red Hat developed it.
2) Lennart Poettering was involved.
3) It replaces a perfectly working system for no good reason.

Result: High chance of Journal being complete crap.
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #3   (View Single Post)  
Old 21st November 2011
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,051
Thanked 198 Times in 156 Posts
Default

Examples of a journal log entry:

Code:
  MESSAGE_ID=c686f3b205dd48e0b43ceb6eda479721
  MESSAGE=User harald logged in
  LOGIN_USER=500
  SEAT=seat0
  _SERVICE=systemd-logind.service
  _EXE=/lib/systemd/systemd-logind
  _COMM=systemd-logind
  _CMDLINE=/lib/systemd/systemd-logind
  _PID=4711
  _UID=0
  _GID=0
  _SYSTEMD_CGROUP=/system/systemd-logind.service
  _CGROUPS=cpu:/system/systemd-logind.service
  PRIORITY=6
  _BOOT_ID=422bc3d271414bc8bc95870f222f24a9
  _MACHINE_ID=a91663387a90b89f185d4e860067801a
  _HOSTNAME=waldi
  LOGIN_USER=500
Code:
  MESSAGE_ID=c2c90533e0614ac2964085462f5fe730
  MESSAGE=Sector 4365345 bad: IO error during read operation
  _DRIVER=ahci
  _DEVICE=b8:0
  _SUBSYSTEM=block
  _NODE=/dev/sda
  _UDEV_SYMLINKS=/dev/by-uuid/47111-2i4325-435345 /dev/by-path/pci-32i74625
  SECTOR=4365345
  SMART_BLOB
  [64bit LE int buffer length][buffer]
  _BOOT_ID=422bc3d271414bc8bc95870f222f24a9
  _MACHINE_ID=a91663387a90b89f185d4e860067801a
  _HOSTNAME=waldi
  PRIORITY=2
un-grepable, un-awkable, un-tailable, un-lessable, un-trivially-scriptable, un-just-about-anything-else-you-would-expect-a-unix-system-to-be-able-to-doable

Upside:
At least it's not a binary format ... Although it doesn't really matter like this ...
__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
  #4   (View Single Post)  
Old 21st November 2011
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 699
Thanked 90 Times in 81 Posts
Default

Note: there's support within journald for binary output formats.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
  #5   (View Single Post)  
Old 22nd November 2011
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
formerly killasmurf86
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 588
Thanked 29 Times in 26 Posts
Default

Linux is evolving to WinDos
Reply With Quote
  #6   (View Single Post)  
Old 22nd November 2011
Beastie Beastie is offline
Daemonology student
 
Join Date: Jan 2009
Location: /dev/earth0
Posts: 267
Thanked 23 Times in 23 Posts
Default

Quote:
Originally Posted by Carpetsmoker View Post
Examples of a journal log entry:
[...]

un-grepable, un-awkable, un-tailable, un-lessable, un-trivially-scriptable, un-just-about-anything-else-you-would-expect-a-unix-system-to-be-able-to-doable
Really horrible and unusable output. I hope it's never adopted anywhere. Sigh!
__________________
May the source be with you!
Reply With Quote
  #7   (View Single Post)  
Old 22nd November 2011
graudeejs's Avatar
graudeejs graudeejs is offline
Real Name: Aldis Berjoza
formerly killasmurf86
 
Join Date: Jul 2008
Location: Riga, Latvia
Posts: 588
Thanked 29 Times in 26 Posts
Default

I will be in horrible pain, if I'll have to use Linux at work.
Luckily for my current job I can use any software that I want/like
Reply With Quote
  #8   (View Single Post)  
Old 22nd November 2011
vermaden's Avatar
vermaden vermaden is offline
Administrator
 
Join Date: Apr 2008
Location: pl_PL.lodz
Posts: 1,051
Thanked 118 Times in 93 Posts
Default

Beautiful!
__________________
religions, worst damnation of mankind
"If 386BSD had been available when I started on Linux, Linux would probably never had happened." Linus Torvalds

Linux is not UNIX! Face it! It is not an insult. It is fact: GNU is a recursive acronym for “GNU's Not UNIX”.
vermaden's: links resources deviantart spreadbsd
Reply With Quote
  #9   (View Single Post)  
Old 23rd November 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default

For some reactions see http://lwn.net/Articles/468049/#Comments
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 23rd November 2011
Carpetsmoker's Avatar
Carpetsmoker Carpetsmoker is offline
Real Name: Martin
Old man from scene 24
 
Join Date: Apr 2008
Location: Eindhoven, Netherlands
Posts: 2,051
Thanked 198 Times in 156 Posts
Default

Quote:
Originally Posted by J65nko View Post
Some of those comments worry me.

Quote:
Why not use XML or something like that so that tools can still read and parse it, the log files can still be read even if the system can not boot. and provide a tool that can control access to the log file.


__________________
UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things.
Reply With Quote
Old 24th November 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default

XML should be used in the same way as brute force. If it still doesn't help or work out, you simply should use more of it.

I like Daniel Bernstein's multilog, which gives finer grained timestamps and does more effort not to lose log info.


BTW did you see http://linux.slashdot.org/comments.p...6&cid=38152602 ?

Quote:
Signing log messages does not need to be complicated or incompatible with current text-based logging. Hashing messages is incredibly easy to do, and there's really no reason not to do it. I just implemented this in python in less than two minutes.

>>> from hashlib import md5
>>> log = lambda last_message, message: "{}: {}".format( md5(last_message).hexdigest(), message)

The output hashes the last message with the current message:

8a023b9cbebe055e4b080585ccba3246: [ 19.609619] userif-2: sent link up event.
649a2719064f7f276462464527b48a69: [ 29.680009] eth0: no IPv6 routers present

No binaries, still grepable, single host and most importantly, there is now a trail that can be verified.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 24th November 2011
nilsgecko's Avatar
nilsgecko nilsgecko is offline
Port Guard
 
Join Date: Apr 2011
Location: Chicago, USA
Posts: 45
Thanked 0 Times in 0 Posts
Default

The great Dennis Ritchie would be rolling over in his grave if this ever became widely-implemented!
Reply With Quote
Old 24th November 2011
phoenix's Avatar
phoenix phoenix is offline
Risen from the ashes
 
Join Date: May 2008
Posts: 699
Thanked 90 Times in 81 Posts
Default

I like the comment about "Lennux". It would be nice if Lennart went off and did his own distro, and stopped polluting Fedora (and thus the whole Linux ecosystem) with his half-baked "improvements". At least that way we could all ignore him.
__________________
Freddie

Help for FreeBSD: Handbook, FAQ, man pages, mailing lists.
Reply With Quote
Old 24th November 2011
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 3,116
Thanked 182 Times in 149 Posts
Default

This http://lwn.net/Articles/468208/ remark is also interesting:

Quote:
It's really too bad that the OpenBSD folks have such a bad attitude toward Linux; when they set about making a more secure replacement for some bit of Unix infrastructure, they're quite good at doing it in a way that respects the way people expect (and want) Unix to work.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote
Old 25th November 2011
Oko's Avatar
Oko Oko is offline
Fsck Surgeon
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 733
Thanked 36 Times in 32 Posts
Default

I think this is a great news for BSDs. Every time Linux community does something outrageously stupid it is poised to lose some of its most competent users. Naturally, after the death of Solaris I would expect these people to migrate to one of BSD flavors thereby strengthening our community. As of Linux being Unix-like, for me OS X (in particularly after recent introducing of PF instead of IPFW as default firewall) is far more true Unix. If I had to decide whether I have to use Linux or OS X as my primary system, I would chose OS X without the second thought.

Last edited by Oko; 25th November 2011 at 06:30 AM.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
syslog strangeness on freebsd 8.0 and 8.1-RC vikashb FreeBSD General 0 6th July 2010 04:31 AM
Syslog-ng Monitor plexter OpenBSD Packages and Ports 8 5th February 2010 09:38 PM
Cisco Secure ACS 4.1 syslog OpenBSD 3.9 cyberpaisalegionair OpenBSD General 1 24th July 2008 06:42 PM
good old syslog-ng issue amiga505 OpenBSD Packages and Ports 7 4th July 2008 06:01 PM
SYSLOG disappearance jaymax FreeBSD General 6 26th June 2008 02:53 AM


All times are GMT. The time now is 05:01 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick