Logging privacy

TheChosenOne · 2014-03-16 23:11:40

I noticed that a lot of information in journalctl is kind of private information. Even the file names of the things I download are listed in this file. Is there a way to disable this or to change the log directory?

Thanks.

karol · 2014-03-16 23:15:36

I think you can manage what gets logged. Disable logging of info from the applications you want to keep private or set it to log just warnings and errors.

ewaller · 2014-03-17 03:39:03

I have to ask. Is it your machine? Have you root access?

Root will have access to the information in the journal. Root has control of what is written to the journal.
Non-root users probably do not have access to the information about which you are concerned. You might create a non-privileged user and verify that assertion.

TheChosenOne · 2014-03-17 12:12:18

Yes, but this is a pc with multiple root accounts

x33a · 2014-03-17 13:20:55

TheChosenOne wrote:

Even the file names of the things I download are listed in this file.

Really? I assume it's your login manager coming into play. Can someone elaborate.

R00KIE · 2014-03-17 13:27:17

Can you give sanitized examples or tell which programs are logging that much information? At a quick glance I didn't find that much specific information on the output of journalctl on my machine.

TheChosenOne · 2014-03-17 15:48:46

The program is jDownloader. Things like this:

Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, PP1080p.part1.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.w
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, PP1080p.part1.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.w
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, PP1080p.part1.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.w
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, HA_TS_720p.part
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, HA_TS_720p.part
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, HA_TS_720p.part
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, HA_TS_720p.part
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, Aspx720p.part3.
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, Aspx720p.part3.
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, Aspx720p.part3.
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, LFW_1080.part1.
Mar 17 00:28:51 HackMachine-G51J gnome-session[567]: Done: {TL_tm_720p.part3.rar=0, HDLVCTRSwt.part3.rar=718884040, CC_zzn_720p.wmv=0, LFW_1080.part1.

x33a · 2014-03-17 15:51:50

It's probably an application specific setting. I would say this has nothing to do with systemd, but i might be incorrect.

Try looking around in JDownloader's settings to reduce the verbosity or other logging related settings.

Last edited by x33a (2014-03-17 15:52:08)

R00KIE · 2014-03-17 18:02:21

I have to agree with x33a, this does look specific to jdownloader (or java programs). Unless you give users permission to see all logs I believe users can only see things pertaining to them, the system administrator will always be able to see it all.

TheChosenOne · 2014-03-17 18:32:37

There doesn't seem to be such options in jDownloader.
What happens if I remove journalctl?

karol · 2014-03-17 18:36:14

journalctl can be useful e.g. for debugging.
You can set it so that the logs get lost on reboot.

are you using syslog-ng?

TheChosenOne · 2014-03-17 19:08:00

karol wrote:

journalctl can be useful e.g. for debugging.
You can set it so that the logs get lost on reboot.
are you using syslog-ng?

I don't want any log of this kind to be made. This is a shared pc!
I'm not running syslog-ng.

karol · 2014-03-17 19:12:41

Does

Storage=none

in /etc/systemd/journald.conf help?

alphaniner · 2014-03-17 19:25:08

When you say there's multiple root accounts, do you mean multiple users with sudo priveleges? If so, could you fine-tune sudo such that all sudoers don't have access to the journal?

TheChosenOne · 2014-03-17 19:56:20

alphaniner wrote:

When you say there's multiple root accounts, do you mean multiple users with sudo priveleges? If so, could you fine-tune sudo such that all sudoers don't have access to the journal?

How do you want me to do that? And also, everyone with sudo rights can just reverse this?

alphaniner · 2014-03-17 20:18:26

TheChosenOne wrote:

How do you want me to do that?

See
http://www.sudo.ws/sudoers.man.html
https://wiki.archlinux.org/index.php/Sudo
etc.

And also, everyone with sudo rights can just reverse this?

Not if done correctly.

Anyhoo, I find it odd that you're comfortable giving people full control over your system when you don't trust them to know what you've downloaded.

teateawhy · 2014-03-17 20:55:05

https://wiki.archlinux.org/index.php/Encryption

TheChosenOne · 2014-03-17 21:50:00

teateawhy wrote:

https://wiki.archlinux.org/index.php/Encryption

Lol. Then you have to type two times a password I already have home dir encryption.

WonderWoofy · 2014-03-17 22:00:49

If jdownloader does something you don't like, are there other similar programs that you might be able to explore? Without actually installing it, it seems that it is a download that is specific to so-called 'one-click' type sites. What is wrong with using a regular download manager? There also appears to be a couple other 'one-click' specific programs in the AUR.

If this program runs as a systemd service (I have no idea whether it does or not), you can control where stdout and stderr are sent. The systemd docs can tell you about how to do this.

TheChosenOne · 2014-03-17 22:18:21

WonderWoofy wrote:

If this program runs as a systemd service (I have no idea whether it does or not), you can control where stdout and stderr are sent. The systemd docs can tell you about how to do this.

Thanks! I'll check this out.

Arch Linux

#1 2014-03-16 23:11:40

Logging privacy

#2 2014-03-16 23:15:36

Re: Logging privacy

#3 2014-03-17 03:39:03

Re: Logging privacy

#4 2014-03-17 12:12:18

Re: Logging privacy

#5 2014-03-17 13:20:55

Re: Logging privacy

#6 2014-03-17 13:27:17

Re: Logging privacy

#7 2014-03-17 15:48:46

Re: Logging privacy

#8 2014-03-17 15:51:50

Re: Logging privacy

#9 2014-03-17 18:02:21

Re: Logging privacy

#10 2014-03-17 18:32:37

Re: Logging privacy

#11 2014-03-17 18:36:14

Re: Logging privacy

#12 2014-03-17 19:08:00

Re: Logging privacy

#13 2014-03-17 19:12:41

Re: Logging privacy

#14 2014-03-17 19:25:08

Re: Logging privacy

#15 2014-03-17 19:56:20

Re: Logging privacy

#16 2014-03-17 20:18:26

Re: Logging privacy

#17 2014-03-17 20:55:05

Re: Logging privacy

#18 2014-03-17 21:50:00

Re: Logging privacy

#19 2014-03-17 22:00:49

Re: Logging privacy

#20 2014-03-17 22:18:21

Re: Logging privacy

Board footer