Taming systemd-resolved: Avoiding DNS Leaks and Surprises on Multi-Homed Linux Systems

Introduction to systemd-resolved

I’ve seen systemd-resolved become a crucial part of many Linux distributions, including Ubuntu, Debian, and Fedora, as of 2026. While it’s designed to provide a flexible and secure way to resolve domain names, its behavior can sometimes lead to unexpected DNS leaks and surprises, especially on multi-homed systems. Don’t bother with trying to disable it, though - it’s usually a better idea to learn how to configure it correctly.

[Read More]

Taming the container log mess with jq and a dash of systemd-journald

Introduction to Container Log Management

I’ve seen containerized applications generate a staggering amount of log data, making it a nightmare to manage and analyze. Luckily, tools like jq and systemd-journald can help tame the container log mess. In this article, I’ll focus on practical examples and commands to get you started with container log management.

Understanding Container Logs

Container logs are usually stored in JSON format, which makes them easy to parse and analyze using jq. The real trick is knowing how to extract the relevant information. For example, you can use the following command to extract the log level and message from a container log:

[Read More]

Taming Noisy Systemd Logs with Journalctl Filters and Log Rotation Tweaks

Introduction to Systemd Logs

I’ve seen systemd logs become overwhelming on many Linux systems, making it tough to find relevant information. Systemd is a core component of most modern Linux distributions, responsible for managing system services, devices, and processes. One of its key features is the ability to collect and manage system logs through the journald service, which stores log messages in a binary format.

Understanding Journalctl

The real trick is to use journalctl effectively. It’s the primary tool for interacting with systemd logs, allowing you to view, filter, and manage log messages. By default, journalctl will show you all log messages since the last boot, which can be a lot of data. To make sense of this data, we need to use filters.

[Read More]

Taming Log Noise with journalctl: Filtering Out the Chaff to Find Real Issues

Introduction to Log Noise

When working with Linux systems, logs are an essential tool for diagnosing issues, monitoring performance, and ensuring security. However, the sheer volume of log data can be overwhelming, making it challenging to identify real problems. I’ve seen this go wrong when trying to debug a complex issue, only to be drowned out by a sea of irrelevant log messages. This is where journalctl comes in – a powerful utility for managing and filtering log data on systemd-based systems.

[Read More]

Taming Disk Usage with btrfs Snapshots and Automatic Pruning

Introduction to btrfs Snapshots

I’ve been using btrfs for years, and one of its most powerful features is snapshotting. This allows you to create a point-in-time copy of your data, which is incredibly useful for backups, testing, and deploying new software versions. However, managing these snapshots can become cumbersome, especially when dealing with limited disk space. The real trick is to automate the process and set up a pruning system to keep your disk usage in check.

[Read More]

Taming systemd's Restart Policy: When and How to Use RestartSec and StartLimitBurst

Introduction to systemd’s Restart Policy

I’ve worked with systemd for years, and one of its most useful features is the ability to automatically restart services that fail or exit unexpectedly. This is all controlled by the restart policy, which can be customized using the Restart directive in systemd service files. However, I’ve seen this go wrong when a service is restarted repeatedly in a short period of time, leading to unintended consequences. To mitigate this, systemd provides two directives: RestartSec and StartLimitBurst.

[Read More]

Taming Persistent Network Interface Names on Linux Laptops

Introduction to Persistent Network Interface Names

I’ve seen this go wrong when working with Linux laptops: network interface names changing after a reboot or when adding/removing hardware. It can cause issues with network configuration and scripting. Luckily, Linux distributions have adopted a system of persistent network interface names to address this problem.

Understanding Persistent Network Interface Names

The real trick is that persistent network interface names are generated based on hardware properties like the MAC address or physical location of the device. This ensures the interface name remains the same even after a reboot or hardware changes. To see the current interface names on your system, use the ip link command:

[Read More]

Taming Log Noise with systemd's Built-in Journalctl Filters and Priorities

Introduction to Journalctl Filters

I’ve seen log management become a real challenge when working with Linux systems - it’s crucial for troubleshooting and security. That’s where systemd’s journalctl comes in - a powerful tool for managing and filtering logs. In this article, I’ll walk you through how to use journalctl’s built-in filters and priorities to tame log noise.

Understanding Journalctl Priorities

The real trick is understanding journalctl’s priority system, which categorizes log messages from emerg (emergency) to debug. Don’t bother with memorizing all the priority levels - just remember that emerg is the highest and debug is the lowest. You can use the -p option to filter logs by priority. For example, to view only error messages and above, you can use the following command:

[Read More]

Taming Wildcard DNS Queries with systemd-resolved and resolv.conf

Introduction to Wildcard DNS Queries

I’ve worked with Linux systems for years, and I’ve seen wildcard DNS queries go from a useful tool to a potential security risk if not properly configured. With many Linux distributions now using systemd-resolved as the default DNS resolver, it’s time to take a closer look at how to manage wildcard DNS queries. In this article, I’ll share my experience with configuring systemd-resolved and resolv.conf to tame wildcard DNS queries.

[Read More]

Taming Log Noise with journalctl and a Little Help from jq

Introduction to Log Noise

When working with Linux systems, logs can be overwhelming. I’ve seen this go wrong when trying to troubleshoot an issue, only to be drowned in a sea of unnecessary log entries. This is where log noise comes in – all those redundant or irrelevant log entries that make it tough to find the signal in the noise. In this article, I’ll show you how to tame log noise using journalctl and jq, two essential tools in the Linux admin’s toolkit.

[Read More]