On Mon, Dec 5, 2011 at 1:40 AM, Kay Sievers <kay.siev...@vrfy.org> wrote: > On Sat, Dec 3, 2011 at 20:41, Rainer Gerhards <rgerha...@gmail.com> wrote: >> I have digested our discussion now. Two questions came up: >> >> The first one is a bit direct and blunt, my apologies for that. But I >> want to make sure I put effort into the right place. Do you see any >> benefit in an interface like I described (reading and writing the >> journal from the syslogd)? Or do you think this is a needless effort? > > Oh sure, I think it can be very useful. We might need to find out how > to identify such a stream of data in the journal, or if we should make > it possible log things for a different machine-id. Your example like > the SOHO router which pushes out syslog data could possibly get a > machine-id assigned from the syslogd config that processes the data. > We need to find out the details ... > > Syslog will not go away in many setups, the network log from other > hosts which speak syslog, real boxes or the specialized hardware like > a SOHO router, will speak the current syslog for a very long time in > the future. And we don't want to speak real syslog with the journal; > that's all stuff that should be done with syslog, and possibly if it > can act as a bridge to the journal index, it sounds like a very nice > option to have.
This sounds reasonable to me as well. IMHO a bit problem in this process is how to keep trusted things trusted. But I understand that you currently have more important core things to do than tackle that beast or interop. I would be happy to provide feedback once you look at this issue. >> The second one is on /dev/log: is what is provided to the syslogd just >> like "the real thing"? I am specifically concerned if SCM_CREDENTIALS >> will properly identify the log emitter. > > We expect we are able to fake all the properties. If not we will need > to make that possible, we didn't look into the details as of now, but > the plan surely is to make /dev/log behave like it is without the > journald interception. Yes, that would be very important, especially as the rate-limiting in rsyslog heavily depends on SCM_CREDENTIALS (as do some other things, but rate-limiting is the most important one IMHO). Thanks again, Rainer _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel