[opensuse-factory] Removing syslog from the default patterns - wasn't this a completely pointless discussion?
Just in case no one else has noticed - there is absolutely no (0, zero) benefit to anyone (user/admin/developer/packager/whoever) in omitting syslog from the default pattern/install. Yet it was suggested and we have been discussing it for quite some time now. I submit it should never have been suggested and certainly not discussed without someone arguing _why_ it is of benefit to the end user and hence worthwhile doing. I think the suggestion was completely pointless and in the end only caused unnecessary consternation among those openSUSE users that have a use for syslog. The majority of the default openSUSE users (90% according to the thread) don't care anyway, so why waste effort on upsetting the 10%? -- Per Jessen, Zürich (14.2°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Per Jessen <per@computer.org> [2012-09-26 19:09]:
No wonder, not even the authors themselves are able to do that, and try to distract from that by pointing out shortcomings of syslog from 30 years ago conveniently ignoring any advancements and standardization efforts since then. In contrast to systemd's booting it which undeniably has some benefits over sysvinit the journal stuff doesn't offer anything worthwhile over rsyslog or syslog-ng. And I fear we'll have such "discussions" over and over again as systemd introduces more and more cheap ripoffs of other Apple technologies.
Not necessarily upsetting, rather many tools and existing scripts are geared towards towards syslog logs and not some undocumented byinary format which, in case something goes wrong, are only guaranteed to be readable using the exact same systemd version they were written with... Since syslog is in the BASIS pattern it'll be missing from server default installs as well which IMO is unacceptable. -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Guido Berhoerster wrote:
Apple technologies? Um... from the behavior I thought it was following in the footsteps of Microsoft and it's service startup manager that's been around since 2000. Calling a near 13 year old Microsoft technology an "Apple" technology seems a bit misleading... -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 19:09, Per Jessen wrote:
Yes, I have seen some of it. I haven't said anything because it is so bewildering that I don't know if what I read is true, I misunderstood, or I'm dreaming :-( - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjS8cACgkQIvFNjefEBxomCwCfRiekfPehCRhsOl2ngmONCQDl ZfMAoNd1Jhx1FQOfgBynjtWUvT118skH =gG8r -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Wed, 26 Sep 2012, Carlos E. R. wrote:
+1 -dnh -- ... As I said, it's the little things you regret. -- George Lass -- Dead Like Me - 1x07 - Reaper Madness -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
2012/9/26 Per Jessen <per@computer.org>:
Wouldn't it be wise to let it be? For example, people which remote logging capabilities will become maybe crippled; Furthermore, introducing the replacement as 'technology preview' would be a nice option, so that people could be familiar... If something strange happens to less skilled people who at least are aware of the current logging options, this could become an issue. I know no one gives a damn about my opinion, and honestly I don't care... But just see this as something to avoid frustrations. Giving people time to adapt is indeed a good thing and can provide oustanding feedback. my $0.02 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 09/26/2012 07:09 PM, Per Jessen wrote:
Per, let's not continue bike shedding here. Let's collect the facts first and then decide. Here's a quick intro about the journal: The journal is integrated into systemd and supported by the Linux kernel. It is a cryptographically protected (allowing knowing when it was tampered with by potential attackers), strongly typed logfile in comparison to /var/log/messages. It comes with some new tools to access it. The journal integrates nicely with syslog/rsyslog, you can use them in parallel. I consider it as a logging solution for stand-alone desktops. For a stand-alone desktop, the majority of users does not need syslog if the journal is available. And the stand-alone desktop is the primary target of openSUSE. Some reference from Peter Czanik, an upstream syslog author with additional information: http://lists.opensuse.org/opensuse-factory/2012-09/msg00716.html http://lists.opensuse.org/opensuse-factory/2012-09/msg00828.html Per, is anything I state in the above wrong? If not, then let's discuss to your initial point: Removal of syslog. For servers, syslog is indeed useful and we should continue to support it. The questions are: * Should we install syslog on the desktop by default even if the majority of users will not use it? * If not: is there a way to install syslog it as part of a server installation? Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 21:16, Andreas Jaeger wrote:
IMHO, yes. How else can people post problems and print part of the logs in emails?
* If not: is there a way to install syslog it as part of a server installation?
At least, provide an easy clickable option in yast to have syslog installed and configured since initial system installation. What scares me is having so much power in a single application, systemd. I prefer the classical unix method of small programs doing their tasks to perfection. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjWQwACgkQIvFNjefEBxomRwCeLpCpiW2fSFOPY4RwR7hHJNFj W+wAnRkPJLOJjXgQBPXQIJjerAlPaXMm =F8sv -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Sep 26, 2012 at 3:35 PM, Carlos E. R. <carlos.e.r@opensuse.org> wrote:
Guys, I think you're missing the boat. For a single workstation we've been told that export tools either are, or will be, provided that generate text versions of the binary logs. As to the underlying logs being cryptographically valid, I can say I'm ecstatic to see that happen. I analyze logs all the time to figure out what happened. And I sometimes have to testify as to what they mean. (Helping lawyers understand computer based evidence is what I do for a living.) I have seen simple text logs edited to have false data, and more importantly every time I review them I have to keep in mind that they may have been tampered with. My hope is that even things like Apache and SMTP. logs are going to be cryptographically validated. fyi: I have a case currently where Apache logs from years ago are the foundation of the case. Since those logs are not cryptographically valid, I can't be sure the logs are actually what they claim to be. So the question is "Did company A log into company B's secure website without authority, or did Company B manipulate the logs to make it seem that way?" It is a non-trivial question in general. Greg Freemyer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 21:58, Greg Freemyer wrote:
On Wed, Sep 26, 2012 at 3:35 PM, Carlos E. R. <> wrote:
If the logs are cryptographically protected, the applications that send data to them are not. The problem remains. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjX7gACgkQIvFNjefEBxpYfwCgqTNjKXoGxzY0gc3w+4CJacYR LmMAoMVhnu6GnrN106HAIhibCtdr6PKA =Fbq0 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 26/09/12 17:04, Carlos E. R. escribió:
If the logs are cryptographically protected, the applications that send data to them are not. The problem remains.
The kernel wont let you forge from what app the logs messages are generated. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 22:07, Cristian Rodríguez wrote:
Doesn't matter. It is opensource, I can put a rogue apache that sends the logs I want. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjYXoACgkQIvFNjefEBxqkJACguiI+Q5XdIHZ+tElHrIabg1A/ TE8An2jrJFFQfv1JL/V2R98rNZoA8BSx =G2sn -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday, September 26, 2012 22:11:38 Carlos E. R. wrote:
The logs will also record that apache was restarted and when ;) Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-27 09:31, Andreas Jaeger wrote:
On Wednesday, September 26, 2012 22:11:38 Carlos E. R. wrote:
So what? The rogue apache may be in place months before. :-p In order for this to work, you have to distribute a certified Linux setup, probably certifying the binaries on disk. This can not be done with openSUSE, perhaps with SLES running from DVD. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBkwgcACgkQIvFNjefEBxrssgCeJoZeYFWYE9V+T9xyxCsAOzBr 4t4An0g/LqcJUapltJAY9tSa7/IVdoi/ =EcdC -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Carlos E. R. wrote:
Hi Carlos, that is not an issue. There will be utilities and tools available for extracting the right parts from the journal. The question is - for the average user, will they be any better than "grep xxxx /var/log/messages"?
Go into Software Management, search for syslog and tick the syslog-ng or rsyslog box. The issue is not so much the drawbacks of removing the default syslog, but whether it brings any actual benefits to the majority of our users. -- Per Jessen, Zürich (11.9°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 22:12, Per Jessen wrote:
Carlos E. R. wrote:
Tools that I have to explain to someone via email...
The question is - for the average user, will they be any better than "grep xxxx /var/log/messages"?
IMHO, no. Windows has structured logs, and it is a nightmare searching for things you do not already know how to find and where. Examining logs in Linux is wonderfully easy in comparison.
Not good enough, not prominent enough.
The issue is not so much the drawbacks of removing the default syslog, but whether it brings any actual benefits to the majority of our users.
Ok, right. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjY9QACgkQIvFNjefEBxoPlgCfZHA2ByR3I84Tla8tXaCiaxVr ZzUAoIKOXDKMaTrQpPu3C+b5N6lfLPGt =vzap -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday, September 26, 2012 21:35:40 Carlos E. R. wrote:
Just run systemd-journal to access the data. It's even easier to output just the relevant part.
How?
It's not in systemd, it's a separate daemon. It just interacts nicely with systemd. Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Le jeudi 27 septembre 2012 à 09:30 +0200, Andreas Jaeger a écrit :
correction, systemd-journalctl (or journalctl in upcoming systemd in Factory). Moreover, journalctl will support easy "extraction", like journalctl <path_of_binary_involved> and other goodies. -- Frederic Crozat <fcrozat@suse.com> SUSE -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-27 09:30, Andreas Jaeger wrote:
On Wednesday, September 26, 2012 21:35:40 Carlos E. R. wrote:
Your choice :-) Wherever is appropriate, put a screen with several selections. This was proposed before: server, desktop, laptop... and now syslog.
Then add whatever is needed to rsyslog, syslog-ng, etc. Have diversity. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBkwyUACgkQIvFNjefEBxrqSACglPmXe1NbPUL2QrsPyNb51LH/ L2AAn13Ne9zdtuZRckOqKxZLQakzzZe4 =57+5 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Andreas Jaeger <aj@suse.com> [2012-09-26 21:16]:
it was tampered with by potential attackers), strongly typed logfile in comparison to /var/log/messages. It comes with some new tools to
Through project Lumberjack both rsyslog and syslog-ng are coordinating to allow for structured logging in a common CEE-based format through the existing syslog API. rsyslog also supports RFC5424 structured data though its future seems unclear.
That's very unfortunate for those of us who also use it on servers as such use cases seem to get less and less testing and attention. -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 26/09/12 16:49, Guido Berhoerster escribió:
From the limited info on FSS,
Sure, the initial implementation is just one month old.. it seems that it is inherently racy
as sealing happens in certain intervals giving an attacker a time window to conceal its tracks,
The attacker can delete the journal file if he/she/it has aquired that level of privilege, however modifing the existing journal entries is very hard without getting noticed. } furthermore it depends on
cryptographic technology which hasn't even undergone basic peer review yet.
Yeah, FUD. that's all we need right ? Im afraid that you would have to prove such thing before that statement is giving any validity...
It will need attention anyway for SLE or the rest of the world. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 09/26/2012 09:55 PM, Cristian Rodríguez wrote:
http://www.freedesktop.org/software/systemd/man/systemd-journald.service.htm... does not give much details, but https://plus.google.com/115547683951727699051/posts/g1E6AxVKtyc mentions a verification key that needs to be stored in a secure location... actually it is a secret key that might allow faking logs by regenerating the sealing keys from it. It could work, if the crypto is done right. Ciao Bernhard M. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBlVKEACgkQSTYLOx37oWR8OQCgvAnQxGl8G/RgHa/1EDzfGxaZ KrgAn2jIQiDqJeBtBu1vm11qaK9Q873k =0M9D -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Sep 28, 2012 at 4:41 AM, Bernhard M. Wiedemann <bernhardout@lsmod.de> wrote:
It also needs to be available to journal during its whole lifetime. It's a known "chicken and egg" problem in cryptography, where only hardware (a secure token) can help, by performing all crypto inside a protected chip that self-destructs if attacked. If the system comes with a TPS module, and if journal makes use of it... maybe. Thing is, journal uses an HMAC. It's not a signature (asymmetric), in which the verification key is different from the signing key. HMACs are symmetric. With those, whoever has access to verification, can also forge. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 09/26/2012 12:49 PM, Guido Berhoerster wrote:
Ditto. I took over servers running SuSE in 2002 and had been running Redhat/Fedora/Slackware previous to that. openSUSE is my distribution of choice for servers, laptops and Desktops. In my opinion (worth what you payed for it), it has been much better put together than it's nearest competition and much more manageable, without regard to marketing/popularity. Tghe last couple of releases have been rocky, at best, and made it more difficult for me to support as a choice for/to my customers. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am Mittwoch, 26. September 2012, 13:03:57 schrieb Bruce Ferrell:
Are you refering to openSUSE or SLE? I guess openSUSE since this is an openSUSE list. So isn't it true that only server users can test openSUSE's server capabilities? If those are not tested well enough it just means that the server users at some point started to neglect testing and expect a solid server release nonetheless. Since you get openSUSE for free I expect especially those users who use it in a business environment, i.e. use it to earn money in one way or another, to contribute their bit to the distro, e.g. by testing. Sven -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 09/27/2012 01:01 AM, Sven Burmeister wrote:
Were I the only one getting those responses, I'd take it personally, but truth be known, there's enough traffic reporting problems being met with "bad" answers that it points not to a code problem but an attitude problem... And those I haven't a clue of how to fix. All I do know is there used to be a time when using a Linux distro meant we were part of something that was about offering choices, not cramming someones idea of the "right" way to do things down peoples throat. My opinion, systemd = bad. The journal = bad, pulse, not so cool either (in fact MOST of the stuff out of freedesktop, not too too cool... If I wanted an Ubuntu like experience, I'd use Ubuntu... Or windows ). So... I'll trow it back to you, you get the kernel for free... Got a "right" to complain when somehting doesn't work? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am Donnerstag, 27. September 2012, 01:21:07 schrieb Bruce Ferrell:
Most issues I encounter are actually upstream issues and not openSUSE- specific. In an ideal world openSUSE had the resources to gather all those reports and file them upstream or even fix them themselves. However this is not the case. If you are referring to systemd, I would not use it as an example for the general way things are handled at openSUSE. systemd polarises and always triggers a lot of aggressive "no change!" reactions and then the unfortunate "you reap what you sow" follows by systemd devs.
openSUSE always had defaults. Defaults are not set in stone and may change as time changes. There might be a "I am most familiar with"-way but certainly not a "best forever"-way.
So... I'll trow it back to you, you get the kernel for free... Got a "right" to complain when somehting doesn't work?
I'd say no. Report yes, just complaining is useless. In fact, even reporting downstream, i.e. at openSUSE, becomes less useful for a lot of things, simply because the organisation changed. E.g. back in the time openSUSE had a KDE team. No more. The community is supposed to take over that job now, i.e not only reporting but fixing+packaging. I guess it's the same for other areas. Hence you better report issues upstream, where the actual devs are or become part of the fixing community for server issues. You can get added to the triaging team for a component you care about at bugzilla or bring upstream fixes to openSUSE via the buildservice. Sven -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-27 10:45, Sven Burmeister wrote:
Hence you better report issues upstream, where the actual devs are or become part of the fixing community for server issues.
That doesn't often work: upstream uses other versions. That if they listen. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBkxEcACgkQIvFNjefEBxo+RACeNXktUucYTvVIs+6Wti8wrV54 N54An3qFGKo9WckzTSB1MN/8vix8rCEC =9WbR -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am Donnerstag, 27. September 2012, 23:25:27 schrieb Carlos E. R.:
This is not true in most cases. And if so it is another reason why the "openSUSE stable" is broken by design unless there is enough paid staff to to upstream work at openSUSE. Sven -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday, September 26, 2012 21:49:59 Guido Berhoerster wrote:
openSUSE supports servers just fine and should continue to do so - that's why I asked how we could add syslog for server installations, Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Andreas Jaeger wrote:
Andreas, please, this is not "bikeshedding". There are no technical details here. This is about whether there is any point at all in the proposed change (and if so, why no one has argued it so far).
No, it isn't wrong, but it is also not relevant in this context. If you want to continue the discussion, please start by informing everyone exactly which benefits 90% percent of our users will reap from not having syslog installed by default. (Personally speaking, I am not convinced that "the stand-alone desktop is the primary target of openSUSE", but that is a very different topic)
If not, then let's discuss to your initial point: Removal of syslog.
Actually, that is not my point. I don't really care if syslog is removed from the default pattern(s), although it does mean a little more work for me. However, I want to know _why_ it should be removed, in particular how the removal would benefit the majority of our users. To those who have never worked in a commercial setting, this is what is usually known as the business case. So far, I haven't seen anything remotely resembling a business case. -- Per Jessen, Zürich (12.6°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, 2012-09-26 at 22:01 +0200, Per Jessen wrote:
Business Case? Serious? What 'business case' is there for an average end-user to have this piece of software on his system? How much money can can average user make out of having syslog on his disk? Or how much loss for not having it? Serious now, Per, you know better than that. for the 'general usecase of a home machine' it does not matter much which logging infrastructure is being used (if any at all). Most users I dealt with so far anyway needed instruction which log file to look at.. and "grep xxx /var/log/messages" ? yes, right.. every end user knows what to grep for. I myself care very few for 'which program keeps the log for me': I'm generally happy for not having to mess around in the log files... as even though I run Factory, most of the time my machine works (ok, I am not foolish enough to accept zypper to change arch of most of my packages due to a conflict...). If it does not work, how much difference is there in using one tool over another one? (Mind: THIS targets standalone machines! In no way would I want to speak badly about syslog-ng, which is a great logging daemon; so the availability of it in the repos is a given; addition to a 'server' pattern could be easily achieved.) Dominique -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 2012-09-26 22:48 (GMT+0200) Dimstar / Dominique Leuenberger composed:
I don't grep except as input to a filter. Since last century when I'm looking for something in a log I'm using MC's F3 & F7 keys. There'll be no small problem when I have to boot whatever media's handy to rescue an installation by viewing its binary logs that MC on the rescue media has no knowledge of. -- "The wise are known for their understanding, and pleasant words are persuasive." Proverbs 16:21 (New Living Translation) Team OS/2 ** Reg. Linux User #211409 ** a11y rocks! Felix Miata *** http://fm.no-ip.com/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Dimstar / Dominique Leuenberger wrote:
Dominique, there is no business case needed for maintaining status quo. It's when you want to change something that a business case is usually required (in a commercial setting). -- Per Jessen, Zürich (13.1°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Le mercredi 26 septembre 2012, à 22:01 +0200, Per Jessen a écrit :
(assuming the desktop target; because I see the point of syslog on servers; I guess we can play with the patterns to get syslog installed on servers by default) Actually, I'd argue that the question we should ask ourselves is "why should we install syslog by default?". Clearly, it was there before because we needed a way to log things. Now, if we have journald, this need is already covered. So is there a reason to keep syslog by default? Note that it's really the same question as with any other package: do we need to install Firefox by default? Yes, we want a web browser and we want this one by default because it's good, well-maintained and people like it. Do we need to install mutt by default? Hrm probably no, we want a mail client, but there's already one coming with the desktops. The reasons for installing syslog by default I can think of are: - it has always been like that (well, not really a good reason) - tons of documentation refer to this log setup (can we update our doc for the release?) - it makes debugging easier (is it true? or is this only a matter of documentation) There might be other valid reasons. Vincent -- Les gens heureux ne sont pas pressés. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Vincent Untz <vuntz@opensuse.org> [2012-09-27 09:41]:
- it's a standardized solution and there's no compelling reason to replace it - there are tons of existing scripts, tools, applications supporting it, not all of which controlled by oS - almost all of the purported advantages can be achieved using rsyslog which has none of the drawbacks such as binary logs - extracting binary logs from a box (be it broken or for forensics) suddenly becomes a problem if you're not running the exactly same systemd version -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Vincent Untz wrote:
Well, that's what I'm getting at - yes, we should keep it simply because there is nothing gained by omitting it. -- Per Jessen, Zürich (13.3°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Sep 26, 2012 at 4:16 PM, Andreas Jaeger <aj@suse.com> wrote:
Do you know of any links to how it's done? Because my cryptography background tells me it's impossible with software only. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday, September 26, 2012 18:06:15 Claudio Freire wrote:
Read the design document and Lennart's blog posts, google for "journal Lennart" should give you the links.
Because my cryptography background tells me it's impossible with software only.
Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, Sep 27, 2012 at 4:36 AM, Andreas Jaeger <aj@suse.com> wrote:
Thanks, that's very very little information, but: "Inspired by git, in the journal all entries are cryptographically hashed along with the hash of the previous entry in the file." That's quite easy to forge. Just recompute all hashes. A modern computer can do that in a few seconds for a hundred-MB file. A lot easier if the entry I want to forge is the last one. If it was a MAC, maybe it would be a tad harder (but I wouldn't expect it to be too hard). Still possible though. "If the top-most hash is regularly saved to a secure write-once location, the full chain is authenticated by it. Manipulations by the attacker can hence easily be detected." I would certainly like details on this part. Unluckily, the design doc says nothing of this. I do not know a single write-once location on a computer, other than with specialized hardware. In essence, I distrust that "write-once" assertion. I know this should go to the systemd list, but my point is, the journal is a half-baked solution. Most of the "benefits" are just marketing, and the real benefits (trusted properties and standardized format IMHO) aren't exclusive to the journal anyway. The cryptography part really should be ignored until peer-reviewed, because cryptography is a very tricky business. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Am 27.09.2012 16:57 schrieb Claudio Freire:
Write a tool to recompute the hashes, submit a talk about it to 29C3 <http://events.ccc.de/2012/08/03/call-for-participation-for-29th-chaos-communication-congress/> and watch the systemd fans go mad. Should be fun. Regards, Carl-Daniel -- http://www.hailfinger.org/ -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, Sep 27, 2012 at 9:19 PM, Carl-Daniel Hailfinger <c-d.hailfinger.devel.2006@gmx.net> wrote:
Ok. git clone http://cgit.freedesktop.org/systemd/systemd/src/journal go to journal-verify.c line 83, change "if (h1 != h2) return -EBADMSG" into "if (h1 != h2) o->data.hash = htole64(h2);" Build. Enjoy. Best of all, since the file is mmapped, the change is immediately visible to journald. Cool huh? I probably needs a little more rock'n'roll to sync up the tool's fsprg_state with journald's, that can be done with /proc/pid/mem. Can I submit now? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Andreas Jaeger wrote:
And the stand-alone desktop is the primary target of openSUSE.
This change of target is very sad to read about. Joachim, S.U.S.E Linux user since 4.4 -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Joachim Schrod, Roedermark, Germany Email: jschrod@acm.org -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday, October 10, 2012 01:51:27 Joachim Schrod wrote:
Joachim, this is no change, this is what openSUSE does for ages already. openSUSE is a desktop, a server, a development platform. The default installation - and the way questions are asks - are targetting the desktop users. Still, you can setup a server - and many do. It's just not the *primary* target. Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-10-10 09:52, Andreas Jaeger wrote:
On Wednesday, October 10, 2012 01:51:27 Joachim Schrod wrote:
Still, you can setup a server - and many do. It's just not the *primary* target.
As long as it is a target, I'm happy. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB1OFEACgkQIvFNjefEBxr+YwCg1nREcx9phSz0LPYwoibwQvzg jWYAn36qn8w+vZ0sjik6X8fCfk20PyNI =UCyv -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday 10 October 2012, Andreas Jaeger wrote:
The problem is that in past the default installation was much more standardized and scalable. Syslog is very nice to have on both desktop or any other target. It doesn't matter whether grandma needs syslog's full feature set or not. But when she ask me for help then it would be helpful to find a serious system rather than a freedesktop-only toy box. IMO it's the wrong way to change the desktop target to something which is unusable for serious usage. Removing syslog is just one example issue. Usually any Linux/Unix beginner book points out somehow that the unix stability, scalability, modularity, compatibility, simplicity, transparency, etc. are the key features. Why we want to remove this? cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-10-10 12:27, Ruediger Meier wrote:
On Wednesday 10 October 2012, Andreas Jaeger wrote:
Absolutely. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB1T3QACgkQIvFNjefEBxoungCeKxW2Gejsoqi9gAvs510LF9t3 qscAn2e962gVzdc7hvw0fgBvB3Re0wsw =CKGu -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Ruediger Meier wrote:
There is (still) no business case for removing syslog from the default, so presumably it won't happen. -- Per Jessen, Zürich (14.1°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Per Jessen <per@computer.org> writes:
There is (still) no business case for removing syslog from the default, so presumably it won't happen.
At least, in the past syslog caused trouble on laptop (and desktop) systems preventing them from falling into a good sleep mode and thus wasting power and probable chasing users aways to systems where sleep mode just works. This is probably fixed by now. But if a feature is no longer needed, I vote to make it at least optional and do not install it by default. -- Karl Eichwalder SUSE LINUX Products GmbH R&D / Documentation Maxfeldstraße 5 90409 Nürnberg, Germany GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Karl Eichwalder wrote:
That's hardly the current policy though - I mean, there's hundreds of unneeded packages in the default desktop install :-) -- Per Jessen, Zürich (14.1°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Quoting Per Jessen <per@computer.org>:
There is (still) no business case for removing syslog from the default, so presumably it won't happen.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1951 (Not to try to argue about the quality of the syslog-ng! ANY package installed by default offers a default surface for attack... this is NOT the only CVE there is for syslog-ng). What's the number to put behind a 'breach into a system due to having a package installed which nobody cares for' ? Business case provided... not let's work on serious stuff please and stop using keyboard to produce non-sensical mails (or I'll ask for a business case to read this mailing list... will be hard to come up with) Dominique -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Oct 10, 2012 at 12:02 PM, Dominique Leuenberger a.k.a DimStar <DimStar@opensuse.org> wrote:
I have to agree. I'm all for supporting syslog, in fact I believe it's quite superior to journal, but that doesn't mean installing it in tandem with journal when its features aren't required makes sense. If average desktop users have no need for all the extra functionality of syslog, like remote logging, then average desktop users don't need it installed. The "average grandma walking out the walmart" can still ask for help, because journal still logs relevant diagnostic information. Only differently. The pain of accessing journal's binary log is only paid then, and the benefit of not having it by default, as pointed out by dimstar, is many-faceted. Not just performance, not just power consumption, not just security. A mix of all. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Claudio Freire wrote:
Correct, but the average desktop user doesn't _need_ Solitaire either. However, I refer you to $SUBJ. -- Per Jessen, Zürich (13.5°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Dominique Leuenberger a.k.a DimStar wrote:
It's about syslog-ng, whereas we install rsyslog by default. Very poor business case Dominique.
Business case provided... not let's work on serious stuff please and stop using keyboard to produce non-sensical mails
I made that suggestion first, see $SUBJ, but I'm glad you agree. -- Per Jessen, Zürich (13.4°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Oct 10, 2012 at 01:58:05PM +0200, Per Jessen wrote:
There is (still) no business case for removing syslog from the default, so presumably it won't happen.
It was said before that: - It will reduce risk (bugs, security issues, etc) - Reduce duplication of disk space - Remove almost duplicate functionality So there is a business case for it. -- Regards, Olav -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 10/10/2012 12:52 AM, Andreas Jaeger wrote:
I agree Andreas. For example, I've got one box with dual Xeon CPUs, 48-GB of ram and six LSI and 3Ware disk controllers. The disks are configured as two 24-disk RAID-6 arrays and 96 independent JBOD disks. It also has four 160-GB SSDs configured as a RAID-5 for the operating system. The disks themselves are a mixture of 1, 2 and 3 terrabyte Seagates. There are two Ethernet ports, one of which is used for NFS traffic. I know, it's an odd configuration, but it meets the needs of a specific project. It was running openSuSE 11.4 until I bumped it up to 12.1 a few months ago. The box also supports scientific data processing and visualization using Python and SciPy. The box, and openSuSE, have been lifesavers for this project, and I'd like to take this opportunity to thank all the participants and developers for their good work. They are appreciated and they are making real-world contributions to society. BTW, I had to revert to sysvinit to get reliable booting with the Big Box. But I've been using Systemd on all my other boxes without issue. Regards, Lew -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Andreas Jaeger writes:
This is still Linux. *I* *can* set up everything; I've started with Unix System V in 1981. The issue ain't if I'm *able* to, but -- how much work/effort is it. Effort is the selection criteria, not ability. Heck, most of the stuff we need, we're able to do with Windows servers, but we don't *want* to. As long as the server pattern delivers necessary infrastructure packages, that's OK. I.e., if one wants to install server software packages, syslog is a must-have. If that won't change at the same time parallel to your expected improvement »throwing out syslog from the default pattern«, you're doing a disservice to your user base. You're communicating: openSUSE is a desktop system, and the server pattern is second class. AFAIUS, this decision hasn't been done by now, that's why I'm speaking up. Excecutive summary: -- Moving syslog to server pattern installation: good. -- Removing syslog from default pattern without regard to server pattern: bad. -- Thinking openSUSE will capture the desktop market: desastrous. (If I would want to have a pure desktop-oriented user-centered Linux distribution, I would install Ubuntu.) But, judging from discussions here on this list, server requirements doesn't seem to be a focus any more. That's sad. But not to bad, we still have Debian that we can recommend to our customers, so no quarrels. We'll not leaving Linux. Joachim -- =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Joachim Schrod Net & Publication Consultance GmbH Kranichweg 1, 63322 Roedermark, Germany Email: jschrod@npc.de, Web: http://www.npc.de/ Tel: +49-6074-861530, Fax: +49-6074-861531 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thursday, October 11, 2012 02:13:58 Joachim Schrod wrote:
Indeed, that's what I expect would happen *if* we do the move.
-- Removing syslog from default pattern without regard to server pattern: bad.
That's why we're discussing - to find a solution for both.
Server requirements are a focus. The question is what is the default install and what requirements that has, Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Andreas Jaeger wrote:
It is a solution looking for a problem. It's not even worth discussing. -- Per Jessen, Zürich (13.6°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2012-10-11 10:45, Andreas Jaeger wrote:
Server requirements are a focus. The question is what is the default install and what requirements that has,
But we don't have the option to choose target at install time. Like desktop/laptop, desktop/server, home/enterprise, etc. I don't know how the installer program does those choices automatically, because often it choose the wrong kernel. Or a list to choose common software not in the default - and not the package manager, that list is terribly large. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlB3El8ACgkQja8UbcUWM1xlCgD+NJH0NwYZ7xKLrdufqisVv0La 4LNQj213oR+ZZPlufKkA/Rvmy99Cx9q/GE1asaNm0DpiMFSbzcZfaPgsK8wOp1d9 =Qsur -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 10/11/2012 10:45 AM, Andreas Jaeger wrote:
See comments below
see comments below
Server requirements are a focus. The question is what is the default install and what requirements that has,
If openSUSE is targetting stand-alone desktop as you say, and the questions are asked for the targetted desktop users, I would have expected instead of syslog, MTAs are dropped, who would need to have postfix, exim, sendmail when the so called stand-alone desktop user is using his ISP provided email SMTP POP/IMAP or gmail account. Maybe it is time, before 12.3 hits the Milestone 2-3 to establish a consensus for the definition of each one of the patterns and what packages should be included in those patterns. Togan -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
2012/10/11 Togan Muftuoglu <toganm@opensuse.org>:
Hi, The "base" pattern doesn't have MTA packages: https://github.com/openSUSE/patterns/blob/master/data/BASIS Regards, Luiz -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 10/11/2012 11:31 PM, Luiz Fernando Ranghetti wrote:
Hi,
The "base" pattern doesn't have MTA packages:
And that is what the so called target group installs, you gotta be kidding right ? Togan -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Thu, 11 Oct 2012 23:38:21 +0200 Togan Muftuoglu <toganm@opensuse.org> wrote:
And that is what the so called target group installs, you gotta be kidding right ?
Pattern *base* is installed with any other pattern, in other words every openSUSE system has those packages independent of intention how to use it, as desktop or server. I have feeling that at this point in thread not many read subject which is: "Removing syslog from the default patterns" This is not very precise description of intention, as it is addressing "default patterns", not pattern. There is only one "default pattern" (KDE desktop), but there is few "predefined patterns" and they are not all desktops. IMHO, whole discussion is about removing syslog from desktop patterns, which means it will be removed from *base*, and included in a server pattern. That way not every system will get it by default, but server pattern will still have it. -- Regards, Rajko. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Rajko wrote:
Do we have a server pattern? -- Per Jessen, Zürich (14.3°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 12 Oct 2012 12:02:45 +0200 Per Jessen <per@computer.org> wrote: ...
Let we see. linux:~ # zypper patterns | grep server | dhcp_dns_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | dhcp_dns_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | directory_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | directory_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | file_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | file_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | gateway_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | gateway_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | lamp_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | lamp_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | mail_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | mail_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | misc_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | misc_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | print_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | print_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | xen_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | xen_server | 12.2-5.5.1 | openSUSE-12.2-Oss | linux:~ # It seems yes. -- Regards, Rajko. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, 12 Oct 2012 12:02:45 +0200 Per Jessen <per@computer.org> wrote: ...
Do we have a server pattern?
As zypper for some reason prints all entries 2 times this is with manually added sort: linux:~ # zypper patterns | grep server | sort --unique | dhcp_dns_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | directory_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | file_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | gateway_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | lamp_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | mail_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | misc_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | print_server | 12.2-5.5.1 | openSUSE-12.2-Oss | | xen_server | 12.2-5.5.1 | openSUSE-12.2-Oss | linux:~ # -- Regards, Rajko. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sat, 13 Oct 2012 10:47:01 -0500 Rajko <rmatov101@charter.net> wrote:
Hi Just use zypper ;) zypper se -t pattern server -- Cheers Malcolm °¿° (Linux Counter #276890) openSUSE 12.2 (x86_64) Kernel 3.4.11-2.16-desktop up 11:14, 3 users, load average: 0.02, 0.09, 0.12 CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Malcolm wrote:
Thanks a lot guys, I had no idea. -- Per Jessen, Zürich (11.8°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-10-13 18:41, Per Jessen wrote:
Malcolm wrote:
On Sat, 13 Oct 2012 10:47:01 -0500 Rajko <> wrote:
zypper se -t pattern server
Thanks a lot guys, I had no idea.
Is it possible to choose those patterns at initial system installation time? - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlB57e0ACgkQIvFNjefEBxpdJQCfQDttqpuiiqlurZ7EnjsYNyXa 1XUAoLiN8QiKLBpEL/eXalmdySoTk70i =28fo -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Sun, 14 Oct 2012 00:40:45 +0200 "Carlos E. R." <robin.listas@telefonica.net> wrote:
Hi I imagine so, via the software selection? I've never looked in a long time.... -- Cheers Malcolm °¿° (Linux Counter #276890) openSUSE 12.2 (x86_64) Kernel 3.4.11-2.16-desktop up 18:52, 3 users, load average: 0.10, 0.08, 0.06 CPU Intel i5 CPU M520@2.40GHz | Intel Arrandale GPU -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Togan Muftuoglu wrote:
Well, lots of scripts and daemons use e.g. "mail" or "sendmail" to send messages to the admin. I guess the stand-alone desktop user could just ignore those, of course. -- Per Jessen, Zürich (14.3°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 12/10/12 07:01, Per Jessen escribió:
These daemons have to be fixed at some point though, making them able to talk the SMTP protocol instead of forking mail or sendmail. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Friday 12 October 2012, Cristian Rodríguez wrote:
SMTP protocol to write an email to the local admin or user? So wouldn't this require an SMTP server on the local box? LOL cu, Rudi -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 12/10/12 10:47, Ruediger Meier escribió:
Not always in the local machine.. and would solve some nasty problems permanently.. for example.. did you know that forking "sendmail" from PHP + apache may cause the mail server to take over port 80 ? ;) or hang your webserver .. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2012-10-12 15:47, Ruediger Meier wrote:
On Friday 12 October 2012, Cristian Rodríguez wrote:
Why local? It would send to another smtp server anywhere. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlB4ZFEACgkQja8UbcUWM1xgmQD/d1oEUInnukU1iGBmQFnrE83H 66VO1lVsAUBhxJJudj8A/iQ82+iVpDYxHQ1GcElV7qALpLRZgzmWIvJFbEKh7kMw =fwtV -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 12/10/12 15:41, Carlos E. R. escribió:
Or in the cloud to something like amazon SES which is both an SMTP and a webservice. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Carlos E. R. wrote:
The context here is a stand-alone desktop machine, don't forget. -- Per Jessen, Zürich (11.3°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2012-10-13 11:31, Per Jessen wrote:
Carlos E. R. wrote:
"Anywhere" can be that desktop machine, too. We just would not be tied to it, we would have the choice. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlB5Yh4ACgkQja8UbcUWM1xnZAEAmtp0NBHj5SZMQ5QktFlKFQJI +tpCRps0B9AdJKQYP5sBAINzsteEe1f1Wi04A4Rd/1c13GsYq+Whw8htRyHhokzZ =BKQB -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Oct 12, 2012 at 10:22 AM, Cristian Rodríguez <crrodriguez@opensuse.org> wrote:
What? No... sendmail has to be able to actually send mail (ie, through SMTP). And that's it. Actually, in gnome with evolution it already works quite fine as it is now, since evolution can read the local mailbox and present it to users rather transparently. So... rather than change how daemons work, desktop environments should simply stop ignoring the local mailbox. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 12/10/12 11:50, Claudio Freire escribió:
So... rather than change how daemons work, desktop environments should simply stop ignoring the local mailbox.
No, that will be going ass-backwards.. both OSes and use cases are dramatically different than they were in the 70-80 when this idea came around.. Applications that fork sendmail do not scale well either. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Oct 12, 2012 at 4:25 PM, Cristian Rodríguez <crrodriguez@opensuse.org> wrote:
I don't see how. SMTP is for external mail. Ok, you may want an internal SMTP server for IPC, but really, internal notifications (internal mail) should not have to go through an external SMTP server. I don't need google/hotmail seeing all my server's internal notifications. So there's still a use case for an internal mailbox. If cron sends notifications to the internal mailbox in servers, there's no point in doing it differently for desktops only because users don't check the internal mailbox. And evolution already reads the internal mailbox. What's wrong with that? How is that ass-backwards? -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2012-10-12 22:08, Claudio Freire wrote:
On Fri, Oct 12, 2012 at 4:25 PM, Cristian Rodríguez <> wrote:
smtp can be either same computer, local network, or external, it doesn't matter. You have a choice. It is a sensible change: instead of having services using sendmail binary to send an email, have them use a library that talks to an smtp server anywhere. Perhaps with a central, simple configuration file that says which smtp server to use, and login, pass, from address... far simpler than configuring and keeping a full smtp server locally - which we may keep anyway. - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlB4geMACgkQja8UbcUWM1xO7QD9GQWwdo5820C0V0uqfb9WR4tN vs2baeG54MjpzbDhFg8A/1hTX16UT+5VuVDp5sQkW64zQ31fvqSrLrGHFpounDD9 =bbyk -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Oct 12, 2012 at 5:47 PM, Carlos E. R. <robin.listas@telefonica.net> wrote:
You still have to add an internal POP and make desktop environments check it. I'd buy that. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 2012-10-12 22:52, Claudio Freire wrote:
On Fri, Oct 12, 2012 at 5:47 PM, Carlos E. R. <> wrote:
You still have to add an internal POP and make desktop environments check it.
Same as with local sendmail, few people use "mail" in terminal or configure their thunderbird or whatever to check local email.
I'd buy that.
Yes, I think so - at least while we can easily configure a local smtp server if we want it. If the change would have the consequence of it being more difficult (no yast support) then I'd vote against ;-) - -- Cheers / Saludos, Carlos E. R. (from 11.4 x86_64 "Celadon" (Minas Tirith)) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iF4EAREIAAYFAlB4jrQACgkQja8UbcUWM1xJmAD/ZRyY8YTgtVsPAToHRdIROBTy SLUlRxRRUva31+7dtA0A/0sQceTKlnJn/FbtNQ7sjB59xfmMSHCrOO3rB0u0tUFF =NaZ7 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 10/12/2012 10:08 PM, Claudio Freire wrote:
Why not use d-bus system or notify or wall or whatever but default install should be with no MTA in my opinion. Someone doing click click install can/should be able to live without the admin messages, since they can do without syslog as well Togan -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 12/10/12 19:02, Togan Muftuoglu escribió:
In the case of cron, it already supports logging to syslog instead of sending mail on every event. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Cristian Rodríguez wrote:
That is the default behaviour, but what about a) output from cron-jobs and b) per-user cronjobs? -- Per Jessen, Zürich (11.5°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
In data sabato 13 ottobre 2012 11:30:27, Per Jessen ha scritto:
If I remember well, in Debian there is a "local only" MTA. maybe something perl based, not sure... Who know it ? -- *** Linux user # 198661 ---_ ICQ 33500725 *** *** Home http://www.kailed.net *** *** Powered by openSUSE *** -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Daniele wrote:
Normally you only get a mail when something is written to stderr, but if the cron file has MAILTO defined, you'll get the full output. -- Per Jessen, Zürich (10.0°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Fri, Oct 12, 2012 at 7:02 PM, Togan Muftuoglu <toganm@opensuse.org> wrote:
Whatever method it should be the same for all installations (server or desktop), and configurable for both needs. I don't think wall is all that nice though. Especially if there's no logged user. I think though a simple MTA is still the correct tool. Messages usually sent with sendmail are notifications that have to be delivered at a later time to certain users. They may or may not be logged, so it really needs to be store-and-forward. If you'd like to cripple it so that it cannot communicate with the outside, ok, but sendmail/exim both support local and remote mails. It's not that average desktop users can live without an MTA. It's that they wouldn't miss it, because it's never functioned properly without intervention. If it came properly configured from the start, users would appreciate it. Important system notifications like "your hard disk is dying" for instance go through sendmail in addition to syslog, because they shouldn't go unnoticed. In fact, IMO, It's of special service to average desktop users. Put a local SMTP MTA like postfix or qmail (configured for local-only operation), and make sure to set up the sendmail command to relay through it, and desktops to monitor it through POP, and you've got yourself functional notification system that can rather easily be configured to use internet mail (just make postfix/qmail relay to whatever SMTP you use), and used by SMTP libraries (localhost:25). It may have security implications though. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Cristian Rodríguez wrote:
On a stand-alone desktop machine scalability is probably not an issue :-) -- Per Jessen, Zürich (11.5°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On 09/26/2012 07:09 PM, Per Jessen wrote:
So, here are some systemd journal advantages. Please note, that I do not list here the crypto part, as the journal is local only, and it's easier to 'rm -fr /var/log/journal' than to tamper it :) The primary advantage of the journal is, that it's heavily integrated with the init system (systemd): - logging of early boot related messages is possible, while (r)syslog(-ng) can't be started early enough and only with ugly hacks to catch part of those. - much better logging of apps started by systemd A much hyped feature is "trusted properties", which can help debugging as long as that "rm -fr" did not happen. Just see what is recorded by syslog-ng, and what is recorded by the journal. I created an obviously falsified log message, but I could also spoof an ssh login, or dhcpd IP request into the logs. Using the verbose output of journalctl one can see, that this message is coming from a user and not from a daemon... $ logger -t ooops -i I was where # tail -1 /var/log/messages Sep 27 08:09:00 linux-dbr3 ooops[3147]: I was where # vs. # systemd-journalctl -o verbose Thu, 27 Sep 2012 08:09:00 +0200 [s=3df0698924264732814a4ffbbc73cb76;i=49a;b=80a aa318b95c42748481efeff8fd2150;m=a72e2270;t=4caa8c67f409c;x=a6873d5ab8006c50;p=s ystem.journal] _TRANSPORT=syslog PRIORITY=5 SYSLOG_FACILITY=1 SYSLOG_IDENTIFIER=ooops SYSLOG_PID=3147 MESSAGE=I was where _PID=3147 _UID=1000 _GID=100 _SOURCE_REALTIME_TIMESTAMP=1348726140387051 _BOOT_ID=80aaa318b95c42748481efeff8fd2150 _MACHINE_ID=42f6872bec8588115c31d8de0000095a _HOSTNAME=linux-dbr3.site It has also a circular log file, so it never fills the HDD, but uses a given percentage of it (5% by default AFAIR). So log rotation is not any more a problem. Right now there is double logging by default: the journal collects messages to /var/log/journal and syslog(-ng) to /var/log. One of this is just wasting disk space... And the major advantage from the syslog(-ng) point of view, that most of it can be disabled while the useful part continues to work. As it will still follow apps started by systemd, collect status messages, etc. which is not possible by any syslog implementation on that level. Of course, SLES/SLED have a very different focus, where syslog-ng and central logging are important components. But the vast majority of openSUSE users will never notice, that (r)syslog(-ng) is gone from the default install. Those, who care about logs and logging are not the kind anyway, who install openSUSE with a "next, next, finish" attitude, and will add syslog-ng to a long list of applications, which needs to be installed after the base install is finished. Bye, CzP -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Peter Czanik <pczanik@fang.fa.gau.hu> [2012-09-27 09:06]:
As you said, early boot logging can be made to work without completely reinventing the wheel.
This may no be possible with syslog-ng, however rsyslogd which is the openSUSE default syslog has supported securely recording of pid, gid, uid for a long time, more recently it has become capable of recording the path of the executable, command name and full commandline obtained via /proc.
rsyslogd has fixed-length log rotation built in which can achieve exactly the same.
Yes, that sucks on oS 12.2.
As stated above, implementing this doesn't require to replace the whole logging infrastructure. -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Peter Czanik wrote:
Really? TBH, I'm not sure who it was.
So, here are some systemd journal advantages.
I think you're off on the wrong track - my posting was not about systemd nor the journal. [big snip - systemd advantages] The question remains - how is omitting syslog from the default patterns good for the 90% of end users? It seems to me that the change to the default pattern is a tiny effort, brings no advantage to 90% of the users and a slight disadvantage to the other 10%. Is it really worth us even discussing it? -- Per Jessen, Zürich (13.1°C) -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
I just figured out that syslog removing from the install is not possible due to packages requiring it, so even if you remove it from the pattern, it will still get installed. So, I'm not proposing it anymore for *now* and will instead investigate the hard requirements on syslog a bit more, Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
* Per Jessen <per@computer.org> [2012-09-26 19:09]:
No wonder, not even the authors themselves are able to do that, and try to distract from that by pointing out shortcomings of syslog from 30 years ago conveniently ignoring any advancements and standardization efforts since then. In contrast to systemd's booting it which undeniably has some benefits over sysvinit the journal stuff doesn't offer anything worthwhile over rsyslog or syslog-ng. And I fear we'll have such "discussions" over and over again as systemd introduces more and more cheap ripoffs of other Apple technologies.
Not necessarily upsetting, rather many tools and existing scripts are geared towards towards syslog logs and not some undocumented byinary format which, in case something goes wrong, are only guaranteed to be readable using the exact same systemd version they were written with... Since syslog is in the BASIS pattern it'll be missing from server default installs as well which IMO is unacceptable. -- Guido Berhoerster -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Guido Berhoerster wrote:
Apple technologies? Um... from the behavior I thought it was following in the footsteps of Microsoft and it's service startup manager that's been around since 2000. Calling a near 13 year old Microsoft technology an "Apple" technology seems a bit misleading... -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 19:09, Per Jessen wrote:
Yes, I have seen some of it. I haven't said anything because it is so bewildering that I don't know if what I read is true, I misunderstood, or I'm dreaming :-( - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjS8cACgkQIvFNjefEBxomCwCfRiekfPehCRhsOl2ngmONCQDl ZfMAoNd1Jhx1FQOfgBynjtWUvT118skH =gG8r -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
Hello, On Wed, 26 Sep 2012, Carlos E. R. wrote:
+1 -dnh -- ... As I said, it's the little things you regret. -- George Lass -- Dead Like Me - 1x07 - Reaper Madness -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
2012/9/26 Per Jessen <per@computer.org>:
Wouldn't it be wise to let it be? For example, people which remote logging capabilities will become maybe crippled; Furthermore, introducing the replacement as 'technology preview' would be a nice option, so that people could be familiar... If something strange happens to less skilled people who at least are aware of the current logging options, this could become an issue. I know no one gives a damn about my opinion, and honestly I don't care... But just see this as something to avoid frustrations. Giving people time to adapt is indeed a good thing and can provide oustanding feedback. my $0.02 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On 09/26/2012 07:09 PM, Per Jessen wrote:
Per, let's not continue bike shedding here. Let's collect the facts first and then decide. Here's a quick intro about the journal: The journal is integrated into systemd and supported by the Linux kernel. It is a cryptographically protected (allowing knowing when it was tampered with by potential attackers), strongly typed logfile in comparison to /var/log/messages. It comes with some new tools to access it. The journal integrates nicely with syslog/rsyslog, you can use them in parallel. I consider it as a logging solution for stand-alone desktops. For a stand-alone desktop, the majority of users does not need syslog if the journal is available. And the stand-alone desktop is the primary target of openSUSE. Some reference from Peter Czanik, an upstream syslog author with additional information: http://lists.opensuse.org/opensuse-factory/2012-09/msg00716.html http://lists.opensuse.org/opensuse-factory/2012-09/msg00828.html Per, is anything I state in the above wrong? If not, then let's discuss to your initial point: Removal of syslog. For servers, syslog is indeed useful and we should continue to support it. The questions are: * Should we install syslog on the desktop by default even if the majority of users will not use it? * If not: is there a way to install syslog it as part of a server installation? Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 21:16, Andreas Jaeger wrote:
IMHO, yes. How else can people post problems and print part of the logs in emails?
* If not: is there a way to install syslog it as part of a server installation?
At least, provide an easy clickable option in yast to have syslog installed and configured since initial system installation. What scares me is having so much power in a single application, systemd. I prefer the classical unix method of small programs doing their tasks to perfection. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjWQwACgkQIvFNjefEBxomRwCeLpCpiW2fSFOPY4RwR7hHJNFj W+wAnRkPJLOJjXgQBPXQIJjerAlPaXMm =F8sv -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wed, Sep 26, 2012 at 3:35 PM, Carlos E. R. <carlos.e.r@opensuse.org> wrote:
Guys, I think you're missing the boat. For a single workstation we've been told that export tools either are, or will be, provided that generate text versions of the binary logs. As to the underlying logs being cryptographically valid, I can say I'm ecstatic to see that happen. I analyze logs all the time to figure out what happened. And I sometimes have to testify as to what they mean. (Helping lawyers understand computer based evidence is what I do for a living.) I have seen simple text logs edited to have false data, and more importantly every time I review them I have to keep in mind that they may have been tampered with. My hope is that even things like Apache and SMTP. logs are going to be cryptographically validated. fyi: I have a case currently where Apache logs from years ago are the foundation of the case. Since those logs are not cryptographically valid, I can't be sure the logs are actually what they claim to be. So the question is "Did company A log into company B's secure website without authority, or did Company B manipulate the logs to make it seem that way?" It is a non-trivial question in general. Greg Freemyer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 21:58, Greg Freemyer wrote:
On Wed, Sep 26, 2012 at 3:35 PM, Carlos E. R. <> wrote:
If the logs are cryptographically protected, the applications that send data to them are not. The problem remains. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjX7gACgkQIvFNjefEBxpYfwCgqTNjKXoGxzY0gc3w+4CJacYR LmMAoMVhnu6GnrN106HAIhibCtdr6PKA =Fbq0 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
El 26/09/12 17:04, Carlos E. R. escribió:
If the logs are cryptographically protected, the applications that send data to them are not. The problem remains.
The kernel wont let you forge from what app the logs messages are generated. -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2012-09-26 22:07, Cristian Rodríguez wrote:
Doesn't matter. It is opensource, I can put a rogue apache that sends the logs I want. - -- Cheers / Saludos, Carlos E. R. (from 12.1 x86_64 "Asparagus" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://www.enigmail.net/ iEYEARECAAYFAlBjYXoACgkQIvFNjefEBxqkJACguiI+Q5XdIHZ+tElHrIabg1A/ TE8An2jrJFFQfv1JL/V2R98rNZoA8BSx =G2sn -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
On Wednesday, September 26, 2012 22:11:38 Carlos E. R. wrote:
The logs will also record that apache was restarted and when ;) Andreas -- Andreas Jaeger aj@{suse.com,opensuse.org} Twitter/Identica: jaegerandi SUSE LINUX Products GmbH, Maxfeldstr. 5, 90409 Nürnberg, Germany GF: Jeff Hawn,Jennifer Guild,Felix Imendörffer,HRB16746 (AG Nürnberg) GPG fingerprint = 93A3 365E CE47 B889 DF7F FED1 389A 563C C272 A126 -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org
participants (31)
-
Andreas Jaeger -
Bernhard M. Wiedemann -
Bruce Ferrell -
Carl-Daniel Hailfinger -
Carlos E. R. -
Carlos E. R. -
Claudio Freire -
Cristian Rodríguez -
Daniele -
David Haller -
Dimstar / Dominique Leuenberger -
Dominique Leuenberger a.k.a DimStar
-
Felix Miata -
Frederic Crozat -
Greg Freemyer -
Guido Berhoerster -
Joachim Schrod -
Karl Eichwalder -
Lew Wolfgang -
Linda Walsh -
Luiz Fernando Ranghetti -
Malcolm -
Nelson Marques -
Per Jessen -
Peter Czanik -
Rajko -
Ruediger Meier -
Sven Burmeister -
Togan Muftuoglu -
Vincent Untz -
zago