Table des matières
3 billet(s) pour janvier 2026
| Notes rsh rcp | 2026/01/21 18:08 | Jean-Baptiste |
| Git - Duplication d'un dépôt | 2026/01/19 10:22 | Jean-Baptiste |
| Exemple simple de conf Nagios | 2026/01/14 10:07 | Jean-Baptiste |
Systemd journalctl journal logs
Requête sur les logs, chercher et trouver
Trouver les logs entres deux dates
journalctl --since "2016-10-18 06:50" --until "2016-10-18 09:00" journalctl --since yesterday -p err
Par service et/ou par PID
journalctl -u pacemaker.service --since "2017-02-24 16:00" -p warning journalctl _SYSTEMD_UNIT=avahi-daemon.service _PID=28097 + _SYSTEMD_UNIT=dbus.service
Voir aussi
ps -f -p 28097 systemctl status 28097 # Par PPID ps -f --ppid 1
Erreur au boot
journalctl -b -p err
tailf
# dmesg -l warn journalctl -f -p warning
Ouvrir un fichier spécifique
journalctl --file /tmp/plop.journal
Filtrer les logs json
journalctl -u nginx -o json-pretty |jq '. |select(.SYSLOG_IDENTIFIER=="plop")
Les commandes sudo
# journalctl -b -t sudo -p 5 -u session-*.scope Sep 12 08:19:01 vmdeb01 sudo[601]: admin : TTY=pts/0 ; PWD=/root ; USER=root ; COMMAND=/bin/bash
Options sur le forme
Arguments :
--no-pager-f: tail -f
Configuration
Rendre persistant journalctl
Source : https://geekeries.de-labrusse.fr/?p=3189
Par défaut journalctl affiche uniquement les logs du dernier boot
# journalctl --boot=-1 Failed to look up boot -1: Cannot assign requested address
Pour avoir les logs persistant :
/etc/systemd/journald.conf
[Journal] #Storage=auto Storage=persistent Compress=yes #SystemMaxUse= SystemMaxUse=250M #ForwardToSyslog=yes
mkdir /var/log/journal systemd-tmpfiles --create --prefix /var/log/journal systemctl restart systemd-journald
Journalctl et container
Source : https://docs.docker.com/engine/logging/drivers/journald/
| CONTAINER_ID | The container ID truncated to 12 characters. |
| CONTAINER_ID_FULL | The full 64-character container ID. |
| CONTAINER_NAME | The container name at the time it was started. If you use docker rename to rename a container, the new name isn't reflected in the journal entries. |
| CONTAINER_TAG, SYSLOG_IDENTIFIER | The container tag ( log tag option documentation). |
| CONTAINER_PARTIAL_MESSAGE | A field that flags log integrity. Improve logging of long log lines. |
| IMAGE_NAME | The name of the container image. |
Retrieve log messages with journalctl
Use the journalctl command to retrieve log messages. You can apply filter expressions to limit the retrieved messages to those associated with a specific container:
sudo journalctl CONTAINER_NAME=webserver
You can use additional filters to further limit the messages retrieved. The -b flag only retrieves messages generated since the last system boot:
sudo journalctl -b CONTAINER_NAME=webserver
The -o flag specifies the format for the retrieved log messages. Use -o json to return the log messages in JSON format.
sudo journalctl -o json CONTAINER_NAME=webserver
View logs for a container with a TTY enabled
If TTY is enabled on a container you may see [10B blob data] in the output when retrieving log messages. The reason for that is that \r is appended to the end of the line and journalctl doesn't strip it automatically unless --all is set:
sudo journalctl -b CONTAINER_NAME=webserver --all
Journalctl container et Python
Retrieve log messages with the journal API This example uses the systemd Python module to retrieve container logs:
import systemd.journal reader = systemd.journal.Reader() reader.add_match('CONTAINER_NAME=web') for msg in reader: print '{CONTAINER_ID_FULL}: {MESSAGE}'.format(**msg)
Autres
/etc/systemd/journald.conf
[Journal] RateLimitInterval=10s RateLimitBurst=6000
Pb
Pb plus de logs avec journalctl ni dans /var/log/message
/var/log/message vide ?
# journalctl No journal files were found. -- No entries --
Solution
systemctl restart systemd-journald systemctl restart rsyslog.service
SystemD Autofs Automount
Ou comment monter automatiquement un lecteur via SystemD
Voir :
Voir aussi
/etc/systemd/system/mnt-partage.mount
[Unit] Description=Partage [Mount] What=//serveur/Partage Where=/mnt/partage Type=cifs #Options=_netdev,rw,uid=1100,forceuid,gid=1100,forcegid,file_mode=0777,dir_mode=0777,noperm,credentials=/root/.cifs_partage Options=noexec,nosuid,nodev,rw,uid=1100,forceuid,gid=1100,forcegid,file_mode=0777,dir_mode=0777,noperm,credentials=/root/.cifs_partage [Install] WantedBy=multi-user.target
/etc/systemd/system/mnt-partage.automount
[Unit] Description=Automount Partage #Requires=network-online.target #After=network-online.service [Automount] Where=/mnt/partage TimeoutIdleSec=10 [Install] WantedBy=multi-user.target
systemctl daemon-reload
systemctl disable mnt-partage.mount
systemctl enable mnt-partage.automount
Remarque : le nom du fichier à son importance. Pour un montage /mnt/plop le fichier doit s'appeler mnt-plop.mount
Vérif
systemctl status /mnt/partage journalctl -u /mnt/partage
La partition est vu comme montée en autofs par la commande mount
# mount |grep /mnt/partage systemd-1 on /mnt/partage type autofs (rw,relatime,fd=28,pgrp=1,timeout=10,minproto=5,maxproto=5,direct,pipe_ino=38828)
En cas de pb pour forcer le démontage. A utiliser si la commande df ne rien pas la main.
sudo umount -a -t cifs -l sudo umount -a -t autofs -l
Diag
Pour retrouver le nom du service KO :
systemctl list-units --state failed --type mount --type automount --no-pager
Puis copier-coller le nom entre des quotes
systemctl status 'mnt-app-c888_yy\x2yyyy\x2yyy\x2dapp-data-mounts-Quayyyyyy-Envoi.mount'
dmesg
Autres
Si caractères spéciaux
$ systemd-escape --suffix mount -p /mnt/foo-bar mnt-foo\x2dbar.mount $ systemd-escape -u 'mnt-foo\x2dbar.mount' mnt/foo-bar.mount
NOTE : '\x' pour échapper ASCII en notation hexadécimale \ '2d' corespond au code hexa du trait d'union.
https://github.com/systemd/systemd/blob/master/units/sys-fs-fuse-connections.mount
/etc/systemd/sys-fs-fuse-connections.mount
# SPDX-License-Identifier: LGPL-2.1+ # # This file is part of systemd. # # systemd is free software; you can redistribute it and/or modify it # under the terms of the GNU Lesser General Public License as published by # the Free Software Foundation; either version 2.1 of the License, or # (at your option) any later version. [Unit] Description=FUSE Control File System Documentation=https://www.kernel.org/doc/Documentation/filesystems/fuse.txt Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems DefaultDependencies=no ConditionPathExists=/sys/fs/fuse/connections ConditionCapability=CAP_SYS_ADMIN ConditionVirtualization=!private-users After=systemd-modules-load.service Before=sysinit.target [Mount] What=fusectl Where=/sys/fs/fuse/connections Type=fusectl Options=nosuid,nodev,noexec
Si SNMP
Message d'erreur sur la console si partage injoignable
CIFS VFS: cifs_mount failed w/return code
Solution
/etc/snmp/snmpd.conf
skipNFSInHostResources 1
Autres solution
https://www.justegeek.fr/montage-automatique-partages-cifs-systemd/
Ajouter l'option suivant dans le fstab : x-systemd.automount,x-systemd.device-timeout=3
SystemD - lingering
loginctl disable-linger jean loginctl enable-linger jean loginctl show-user $(id -u)
L'activation du lingering crée un fichier vide au nom de l'utilisateur dans le dossier /var/lib/systemd/linger/
mkdir -p ~/.config/systemd/user restorecon -rv ~/.config/
~/.bashrc
export DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/$(id -u)/bus export XDG_RUNTIME_DIR=/run/user/$(id -u)
~/.config/systemd/user/plop.service
[Unit] Description=Script plop After=syslog.target network.target network-online.target Wants=network.target network-online.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=/opt/plop/bin/init.sh start ExecStop=/opt/plop/bin/init.sh stop RemainAfterExit=yes [Install] WantedBy=default.target
systemctl --user daemon-reload systemctl --user enable plop.service
Syntax validator tool
Voir :
| Langage | Outil |
| Javascript | esvalidate |
| Ansible | ansible-lint |
| Bash | shellcheck |
Linter Multi langage :
Swap sur ramdisk
Voir :
Source : https://wiki.archlinux.org/index.php/Maximizing_performance
modprobe zram echo lz4 > /sys/block/zram0/comp_algorithm echo 1G > /sys/block/zram0/disksize mkswap --label zram0 /dev/zram0 swapon --priority 100 /dev/zram0
Erreur
echo 1G > /sys/block/zram0/disksize -bash: echo: write error: Invalid argument dmesg |grep zram [29996.637522] zram: Cannot initialise lz4
Solution
echo "lzo" > /sys/block/zram0/comp_algorithm
Autres
modprobe zram echo 3 > /sys/block/zram0/max_comp_streams echo "lzo" > /sys/block/zram0/comp_algorithm echo 100M > /sys/block/zram0/disksize mkswap --label zram0 /dev/zram0 swapon --priority 100 /dev/zram0