Re: They missed a trick
It isn't as though logging takes much resources in the first place though.
And here is one of the big problems with systemd's development. "We're not willing/to arrogant/to dumn to see how it can be problem to us so why should we bother fixing it?".
I don't care if it uses few resources. If I don't want it turned on then it should be turned off. My lavalamp uses very few resources, but I am quite happy to hit the off switch when I don't want it on. Those "few resources" can add up to quite a bit when enough of it is going on. And the arrogance, ignorance and sheer stupidity that is a problem with systemd and it's is apparent in your post... "It's not our fault/problem, other people don't have a problem with it, so we won't bother with it".
If people want binary logging then let them turn it on. If they don't want it then let them turn it off completely. MS can figure out ways that their extraneous services can be turned off completely, I'm sure that someone even as feeble-minded as a systemd supporter can at least work that much out.
The reality is the binary logs are there so they can be journaled, indexed, tamper resistent, searchable and all the rest.
Are you really that thick? Do you truly believe that these things have not been long fixed? Hang on, lets fire up an old VM and check... "grep -ir mika /var/log/*".. Yup, gets results back. Like it has done since grep was invented (or /var/log, depending on which came last). So we have searchable. Indexed... Is that worthwhile? If so, trivial to build an index file for it then. Strange, I know, but I think you could actually use a computer to index stuff. It might be a whole new concept but.... Journaled.. What problem does this solve? How many problems and how much unnecessary complexity does this create? Tamper-resistant may be nice, but looking at the attitude of that Potty thing at the head of systemd, I would not trust it to work. Charles 9 suggests a quite workable solution to this. How much intrusion detection is done just through logs anyway?
Does systemd actually log anything that would really be relevant when someone is trying to break in or change stuff? Does it log anything over and above what would be logged by a normal system? Again, given the attitudes of the leadership, I doubt it would log anything relevant or helpful. More likely a hindrance. After all just writing a single byte to the log journal in the wrong place would be enough to trash it. Write a single byte to a 5 byte log entry and you can probably still make sense of it.
So why introduce something that is unnecessarily complex and far more susceptible to file corruption? How does it help any one?