Does the 'core' user have a UID smaller than 1000? If so, the stdout and stderr of the container should go to the system journal, if not, it should get sent to the user's journal, and you should be able to use `journalctl --user` as the 'user' core to read the logs of the rootless container. See this[1] on the Arch wiki. Also I think that the alpine `logger` command should send its input to syslog (the /dev/log socket), not stdout, and so not end up in the journal. Joost [1] https://wiki.archlinux.org/title/systemd/User#Reading_the_journal ------- Original Message ------- On Friday, August 19th, 2022 at 20:29, Ryan Wilson <rdwilson(a)gmail.com&gt; wrote: The previous thread about logging was timely as I've been experimenting with a setup to make sure I'm capturing all the logs from a few important containers I've got running. But I'm still having some inconsistencies in what shows up in the logs. Some of my containers I want to run as root (rootful podman) and some as a user (rootless podman). I'd like to get all of their logs to journald if possible. This systemd service file runs as a user and works correctly, but doesn't log anything to journald. I can't make it work with "type=forking" (the container starts, but is immediately stopped then killed for some reason): [Unit] Description=Hello After=network-online.target Wants=network-online.target user-runtime-dir(a)1000.service [Service] Type=simple User=core Group=core TimeoutStartSec=70 ExecStart=/usr/bin/podman run --name hello --replace alpine /bin/sh -c "while true; do date; logger $(date); echo hello; logger hello; sleep 60; done" ExecStop=/usr/bin/podman stop --ignore hello ExecStopPost=/usr/bin/podman rm -f --ignore hello [Install] WantedBy=multi-user.target This systemd service file works correctly and logs to journald, but only as root: [Unit] Description=Hello After=network-online.target Wants=network-online.target [Service] Type=forking TimeoutStartSec=70 ExecStart=/usr/bin/podman run --name hello -d --replace alpine /bin/sh -c "while true; do date; logger $(date); echo hello; logger hello; sleep 60; done" ExecStop=/usr/bin/podman stop --ignore hello ExecStopPost=/usr/bin/podman rm -f --ignore hello [Install] WantedBy=multi-user.target How do I make the logging work to journald from rootless podman? Ryan

You don't specify a PIDFile=, so systemd considers the unit started as soon as the ExecStart= process exits, and then doesn't know which process to track, and proceeds to kill the entire cgroup. See the Type=forking documentation in `man systemd.unit`. Joost ------- Original Message ------- On Saturday, August 20th, 2022 at 00:38, Ryan Wilson <rdwilson(a)gmail.com&gt; wrote: Thanks so much! That was it. I didn't realize the logs were going to the user journal. User core on Fedora CoreOS is UID=1000. While not directly related to logging, I'm a bit perplexed as to why forking doesn't work when User= is specified. This config launches the container, but then immediately stops it for some reason. [Unit] Description=Hello After=network-online.target Wants=network-online.target [Service] Type=forking User=core Group=core TimeoutStartSec=70 ExecStart=/usr/bin/podman run --name hello -d --replace alpine /bin/sh -c "while true; do date; logger $(date); echo hello; logger hello; sleep 60; done" ExecStop=/usr/bin/podman stop --ignore hello ExecStopPost=/usr/bin/podman rm -f --ignore hello [Install] WantedBy=multi-user.target On Sat, Aug 20, 2022 at 7:21 AM Joost Molenaar <jjm(a)j0057.nl&gt; wrote: > Does the 'core' user have a UID smaller than 1000? If so, the stdout and > stderr of the container should go to the system journal, if not, it should > get sent to the user's journal, and you should be able to use `journalctl > --user` as the 'user' core to read the logs of the rootless container. See > this[1] on the Arch wiki. > > Also I think that the alpine `logger` command should send its input to > syslog (the /dev/log socket), not stdout, and so not end up in the journal. > > Joost > > [1] https://wiki.archlinux.org/title/systemd/User#Reading_the_journal > > ------- Original Message ------- > On Friday, August 19th, 2022 at 20:29, Ryan Wilson <rdwilson(a)gmail.com&gt; > wrote: > > The previous thread about logging was timely as I've been experimenting > with a setup to make sure I'm capturing all the logs from a few important > containers I've got running. But I'm still having some inconsistencies in > what shows up in the logs. > > Some of my containers I want to run as root (rootful podman) and some as > a user (rootless podman). I'd like to get all of their logs to journald if > possible. > > This systemd service file runs as a user and works correctly, but doesn't > log anything to journald. I can't make it work with "type=forking" (the > container starts, but is immediately stopped then killed for some reason): > > [Unit] > Description=Hello > After=network-online.target > Wants=network-online.target user-runtime-dir(a)1000.service > > [Service] > Type=simple > User=core > Group=core > TimeoutStartSec=70 > ExecStart=/usr/bin/podman run --name hello --replace alpine /bin/sh -c > "while true; do date; logger $(date); echo hello; logger hello; sleep 60; > done" > ExecStop=/usr/bin/podman stop --ignore hello > ExecStopPost=/usr/bin/podman rm -f --ignore hello > > [Install] > WantedBy=multi-user.target > > This systemd service file works correctly and logs to journald, but only > as root: > > [Unit] > Description=Hello > After=network-online.target > Wants=network-online.target > > [Service] > Type=forking > TimeoutStartSec=70 > ExecStart=/usr/bin/podman run --name hello -d --replace alpine /bin/sh -c > "while true; do date; logger $(date); echo hello; logger hello; sleep 60; > done" > ExecStop=/usr/bin/podman stop --ignore hello > ExecStopPost=/usr/bin/podman rm -f --ignore hello > > [Install] > WantedBy=multi-user.target > > How do I make the logging work to journald from rootless podman? > > Ryan > > >