Stop logging to deal with /var/log
Posted on Fri 10 June 2022 in Linux, Tips4Unices • 1 min read
I have /var/log mounted as separate partition, so trying to umount it gets to:
root@mail:~# umount /var/log umount: /var/log: target is busy.
Let's look what is blocking it:
lsof | grep 'var/log'
systemd-j 364 root mem REG 8,18 8388608 524326 /var/log/journal/d59b94e79c8c4d78baaa487f78c7f5b1/user-1000@666512ad46e3412bb055fb811107893a-000000000062c409-0005e11333729c20.journal php-fpm7. 696 root 4w REG 8,18 1456 64 /var/log/php7.4-fpm.log unattende 821 998 gmain root 3w REG 8,18 113 524316 /var/log/unattended-upgrades/unattended-upgrades-shutdown.log nginx 1016 root 2w REG 8,18 16384 393237 /var/log/nginx/error.log nginx 1019 www-data 7w REG 8,18 4096 393267 /var/log/nginx/phplist-error.log rspamd 1560 _rspamd 6w REG 8,18 7009 393282 /var/log/rspamd/rspamd.log
There are more of them, so I just removed some lines.
Services like ngins, rspamd, php-fpm are easy to stop, just do like following:
systemctl stop nginx.service
But what about systemd journal itself and kernel loggin? Do this:
systemctl stop logrotate.timer systemctl stop unattended-upgrades.service systemctl stop systemd-journald.service systemctl stop syslog.socket
and they are gone!