| <?xml version='1.0'?> <!--*-nxml-*--> |
| <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?> |
| <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
| "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
| |
| <!-- |
| This file is part of systemd. |
| |
| Copyright 2010 Lennart Poettering |
| |
| systemd is free software; you can redistribute it and/or modify it |
| under the terms of the GNU Lesser General Public License as published by |
| the Free Software Foundation; either version 2.1 of the License, or |
| (at your option) any later version. |
| |
| systemd is distributed in the hope that it will be useful, but |
| WITHOUT ANY WARRANTY; without even the implied warranty of |
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| Lesser General Public License for more details. |
| |
| You should have received a copy of the GNU Lesser General Public License |
| along with systemd; If not, see <http://www.gnu.org/licenses/>. |
| --> |
| |
| <refentry id="journald.conf"> |
| <refentryinfo> |
| <title>journald.conf</title> |
| <productname>systemd</productname> |
| |
| <authorgroup> |
| <author> |
| <contrib>Developer</contrib> |
| <firstname>Lennart</firstname> |
| <surname>Poettering</surname> |
| <email>lennart@poettering.net</email> |
| </author> |
| </authorgroup> |
| </refentryinfo> |
| |
| <refmeta> |
| <refentrytitle>journald.conf</refentrytitle> |
| <manvolnum>5</manvolnum> |
| </refmeta> |
| |
| <refnamediv> |
| <refname>journald.conf</refname> |
| <refpurpose>Journal service configuration file</refpurpose> |
| </refnamediv> |
| |
| <refsynopsisdiv> |
| <para><filename>/etc/systemd/journald.conf</filename></para> |
| </refsynopsisdiv> |
| |
| <refsect1> |
| <title>Description</title> |
| |
| <para>This file configures various parameters of the |
| systemd journal service, |
| <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para> |
| |
| </refsect1> |
| |
| <refsect1> |
| <title>Options</title> |
| |
| <para>All options are configured in the |
| <literal>[Journal]</literal> section:</para> |
| |
| <variablelist> |
| |
| <varlistentry> |
| <term><varname>Storage=</varname></term> |
| |
| <listitem><para>Controls where to |
| store journal data. One of |
| <literal>volatile</literal>, |
| <literal>persistent</literal>, |
| <literal>auto</literal> and |
| <literal>none</literal>. If |
| <literal>volatile</literal>, journal |
| log data will be stored only in |
| memory, i.e. below the |
| <filename>/run/log/journal</filename> |
| hierarchy (which is created if |
| needed). If |
| <literal>persistent</literal>, data will |
| be stored preferably on disk, |
| i.e. below the |
| <filename>/var/log/journal</filename> |
| hierarchy (which is created if |
| needed), with a fallback to |
| <filename>/run/log/journal</filename> |
| (which is created if needed), during |
| early boot and if the disk is not |
| writable. <literal>auto</literal> is |
| similar to |
| <literal>persistent</literal> but the |
| directory |
| <filename>/var/log/journal</filename> |
| is not created if needed, so that its |
| existence controls where log data |
| goes. <literal>none</literal> turns |
| off all storage, all log data received |
| will be dropped. Forwarding to other |
| targets, such as the console, the |
| kernel log buffer or a syslog daemon |
| will still work however. Defaults to |
| <literal>auto</literal>.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>Compress=</varname></term> |
| |
| <listitem><para>Takes a boolean |
| value. If enabled (the default), data |
| objects that shall be stored in the |
| journal and are larger than a certain |
| threshold are compressed with the XZ |
| compression algorithm before they are |
| written to the file |
| system.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>Seal=</varname></term> |
| |
| <listitem><para>Takes a boolean |
| value. If enabled (the default), and a |
| sealing key is available (as created |
| by |
| <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s |
| <option>--setup-keys</option> |
| command), Forward Secure Sealing (FSS) |
| for all persistent journal files is |
| enabled. FSS is based on <ulink |
| url="https://eprint.iacr.org/2013/397">Seekable |
| Sequential Key Generators</ulink> by |
| G. A. Marson and B. Poettering |
| (doi:10.1007/978-3-642-40203-6_7) |
| and may be used to protect journal files |
| from unnoticed alteration.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>SplitMode=</varname></term> |
| |
| <listitem><para>Controls whether to |
| split up journal files per user. One |
| of <literal>login</literal>, |
| <literal>uid</literal> and |
| <literal>none</literal>. If |
| <literal>login</literal>, each logged-in |
| user will get his own journal |
| files, but systemd user IDs will log |
| into the system journal. If |
| <literal>uid</literal>, any user ID |
| will get his own journal files |
| regardless of whether it belongs to a |
| system service or refers to a real |
| logged in user. If |
| <literal>none</literal>, journal files |
| are not split up by user and all |
| messages are instead stored in the single |
| system journal. Note that splitting |
| up journal files by user is only |
| available for journals stored |
| persistently. If journals are stored |
| on volatile storage (see above), only a |
| single journal file for all user IDs |
| is kept. Defaults to |
| <literal>login</literal>.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>RateLimitInterval=</varname></term> |
| <term><varname>RateLimitBurst=</varname></term> |
| |
| <listitem><para>Configures the rate |
| limiting that is applied to all |
| messages generated on the system. If, |
| in the time interval defined by |
| <varname>RateLimitInterval=</varname>, |
| more messages than specified in |
| <varname>RateLimitBurst=</varname> are |
| logged by a service, all further |
| messages within the interval are |
| dropped until the interval is over. A |
| message about the number of dropped |
| messages is generated. This rate |
| limiting is applied per-service, so |
| that two services which log do not |
| interfere with each other's |
| limits. Defaults to 200 messages in |
| 10s. The time specification for |
| <varname>RateLimitInterval=</varname> |
| may be specified in the following |
| units: <literal>s</literal>, |
| <literal>min</literal>, |
| <literal>h</literal>, |
| <literal>ms</literal>, |
| <literal>us</literal>. To turn off any |
| kind of rate limiting, set either |
| value to 0.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>SystemMaxUse=</varname></term> |
| <term><varname>SystemKeepFree=</varname></term> |
| <term><varname>SystemMaxFileSize=</varname></term> |
| <term><varname>RuntimeMaxUse=</varname></term> |
| <term><varname>RuntimeKeepFree=</varname></term> |
| <term><varname>RuntimeMaxFileSize=</varname></term> |
| |
| <listitem><para>Enforce size limits on |
| the journal files stored. The options |
| prefixed with |
| <literal>System</literal> apply to the |
| journal files when stored on a |
| persistent file system, more |
| specifically |
| <filename>/var/log/journal</filename>. The |
| options prefixed with |
| <literal>Runtime</literal> apply to |
| the journal files when stored on a |
| volatile in-memory file system, more |
| specifically |
| <filename>/run/log/journal</filename>. The |
| former is used only when |
| <filename>/var</filename> is mounted, |
| writable, and the directory |
| <filename>/var/log/journal</filename> |
| exists. Otherwise, only the latter |
| applies. Note that this means that |
| during early boot and if the |
| administrator disabled persistent |
| logging, only the latter options apply, |
| while the former apply if persistent |
| logging is enabled and the system is |
| fully booted |
| up. <command>journalctl</command> and |
| <command>systemd-journald</command> |
| ignore all files with names not ending |
| with <literal>.journal</literal> or |
| <literal>.journal~</literal>, so only |
| such files, located in the appropriate |
| directories, are taken into account |
| when calculating current disk usage. |
| </para> |
| |
| <para><varname>SystemMaxUse=</varname> |
| and <varname>RuntimeMaxUse=</varname> |
| control how much disk space the |
| journal may use up at maximum. |
| <varname>SystemKeepFree=</varname> and |
| <varname>RuntimeKeepFree=</varname> |
| control how much disk space |
| systemd-journald shall leave free for |
| other uses. |
| <command>systemd-journald</command> |
| will respect both limits and use the |
| smaller of the two values.</para> |
| |
| <para>The first pair defaults to 10% |
| and the second to 15% of the size of |
| the respective file system. If the |
| file system is nearly full and either |
| <varname>SystemKeepFree=</varname> or |
| <varname>RuntimeKeepFree=</varname> is |
| violated when systemd-journald is |
| started, the value will be raised to |
| percentage that is actually free. This |
| means that if there was enough |
| free space before and journal files were |
| created, and subsequently something |
| else causes the file system to fill |
| up, journald will stop using more |
| space, but it will not be removing |
| existing files to go reduce footprint |
| either.</para> |
| |
| <para><varname>SystemMaxFileSize=</varname> |
| and |
| <varname>RuntimeMaxFileSize=</varname> |
| control how large individual journal |
| files may grow at maximum. This |
| influences the granularity in which |
| disk space is made available through |
| rotation, i.e. deletion of historic |
| data. Defaults to one eighth of the |
| values configured with |
| <varname>SystemMaxUse=</varname> and |
| <varname>RuntimeMaxUse=</varname>, so |
| that usually seven rotated journal |
| files are kept as history. Specify |
| values in bytes or use K, M, G, T, P, |
| E as units for the specified sizes |
| (equal to 1024, 1024²,... bytes). |
| Note that size limits are enforced |
| synchronously when journal files are |
| extended, and no explicit rotation |
| step triggered by time is |
| needed.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>MaxFileSec=</varname></term> |
| |
| <listitem><para>The maximum time to |
| store entries in a single journal |
| file before rotating to the next |
| one. Normally, time-based rotation |
| should not be required as size-based |
| rotation with options such as |
| <varname>SystemMaxFileSize=</varname> |
| should be sufficient to ensure that |
| journal files do not grow without |
| bounds. However, to ensure that not |
| too much data is lost at once when old |
| journal files are deleted, it might |
| make sense to change this value from |
| the default of one month. Set to 0 to |
| turn off this feature. This setting |
| takes time values which may be |
| suffixed with the units |
| <literal>year</literal>, |
| <literal>month</literal>, |
| <literal>week</literal>, <literal>day</literal>, |
| <literal>h</literal> or <literal>m</literal> |
| to override the default time unit of |
| seconds.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>MaxRetentionSec=</varname></term> |
| |
| <listitem><para>The maximum time to |
| store journal entries. This |
| controls whether journal files |
| containing entries older then the |
| specified time span are |
| deleted. Normally, time-based deletion |
| of old journal files should not be |
| required as size-based deletion with |
| options such as |
| <varname>SystemMaxUse=</varname> |
| should be sufficient to ensure that |
| journal files do not grow without |
| bounds. However, to enforce data |
| retention policies, it might make sense |
| to change this value from the |
| default of 0 (which turns off this |
| feature). This setting also takes |
| time values which may be suffixed with |
| the units <literal>year</literal>, |
| <literal>month</literal>, |
| <literal>week</literal>, <literal>day</literal>, |
| <literal>h</literal> or <literal> m</literal> |
| to override the default time unit of |
| seconds.</para></listitem> |
| </varlistentry> |
| |
| |
| <varlistentry> |
| <term><varname>SyncIntervalSec=</varname></term> |
| |
| <listitem><para>The timeout before |
| synchronizing journal files to |
| disk. After syncing, journal files are |
| placed in the OFFLINE state. Note that |
| syncing is unconditionally done |
| immediately after a log message of |
| priority CRIT, ALERT or EMERG has been |
| logged. This setting hence applies |
| only to messages of the levels ERR, |
| WARNING, NOTICE, INFO, DEBUG. The |
| default timeout is 5 minutes. |
| </para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>ForwardToSyslog=</varname></term> |
| <term><varname>ForwardToKMsg=</varname></term> |
| <term><varname>ForwardToConsole=</varname></term> |
| |
| <listitem><para>Control whether log |
| messages received by the journal |
| daemon shall be forwarded to a |
| traditional syslog daemon, to the |
| kernel log buffer (kmsg), or to the |
| system console. These options take |
| boolean arguments. If forwarding to |
| syslog is enabled but no syslog daemon |
| is running, the respective option has |
| no effect. By default, only forwarding |
| to syslog is enabled. These settings |
| may be overridden at boot time with |
| the kernel command line options |
| <literal>systemd.journald.forward_to_syslog=</literal>, |
| <literal>systemd.journald.forward_to_kmsg=</literal> |
| and |
| <literal>systemd.journald.forward_to_console=</literal>. |
| When forwarding to the console, the |
| TTY to log to can be changed |
| with <varname>TTYPath=</varname>, |
| described below.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>MaxLevelStore=</varname></term> |
| <term><varname>MaxLevelSyslog=</varname></term> |
| <term><varname>MaxLevelKMsg=</varname></term> |
| <term><varname>MaxLevelConsole=</varname></term> |
| |
| <listitem><para>Controls the maximum |
| log level of messages that are stored |
| on disk, forwarded to syslog, kmsg or |
| the console (if that is enabled, see |
| above). As argument, takes one of |
| <literal>emerg</literal>, |
| <literal>alert</literal>, |
| <literal>crit</literal>, |
| <literal>err</literal>, |
| <literal>warning</literal>, |
| <literal>notice</literal>, |
| <literal>info</literal>, |
| <literal>debug</literal> or integer |
| values in the range of 0..7 (corresponding |
| to the same levels). Messages equal or below |
| the log level specified are |
| stored/forwarded, messages above are |
| dropped. Defaults to |
| <literal>debug</literal> for |
| <varname>MaxLevelStore=</varname> and |
| <varname>MaxLevelSyslog=</varname>, to |
| ensure that the all messages are |
| written to disk and forwarded to |
| syslog. Defaults to |
| <literal>notice</literal> for |
| <varname>MaxLevelKMsg=</varname> and |
| <literal>info</literal> for |
| <varname>MaxLevelConsole=</varname>.</para></listitem> |
| </varlistentry> |
| |
| <varlistentry> |
| <term><varname>TTYPath=</varname></term> |
| |
| <listitem><para>Change the console TTY |
| to use if |
| <varname>ForwardToConsole=yes</varname> |
| is used. Defaults to |
| <filename>/dev/console</filename>.</para></listitem> |
| </varlistentry> |
| |
| </variablelist> |
| |
| </refsect1> |
| |
| <refsect1> |
| <title>See Also</title> |
| <para> |
| <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>, |
| <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry> |
| </para> |
| </refsect1> |
| |
| </refentry> |