Disable All Logging on Linux

PowerADM.com / Linux / Disable All Logging on Linux

In this article, we will look at how to completely disable system logging on Linux host (including /var/log, journald, and bash command history).

If you try to disable writing to the /var/log directory using the chmod 000 attribute, this will only work until the host is rebooted. Linux will then reassign the directory 755 permission.

The chattr +i attribute can be used to deny directory changes:

$ sudo chattr +i /var/log

After the reboot, Linux processes will no longer be able to write to the /var/log directory, which will be empty.

In this case, when installing packages using apt manager, various errors will occur (can be fixed by adding the Dir::Log "/yourpath" parameter to apt.conf.d).

However, you can still read the logs written by the kernel and applications via systemd:

$ journalctl -f

To disable journalctl logs, edit the /etc/systemd/journald.conf:


disable journald log files

Clear journald log files:

$ sudo journalctl --rotate && sudo journalctl --vacuum-time=1s

Restart the service and delete the remaining logs:

$ sudo systemctl restart systemd-journald
$ rm -R /run/log/journal/*
$ sudo rm -R /var/log/journal/*

If you now use the command

$ journalctl -f

It will return:

No journal files were found

journalctl: No journal files were found

If you have rsyslog installed on your Linux host, you will also need to disable it:

$ sudo systemctl stop rsyslog
$ sudo systemctl disable rsyslog

Now delete the .bash_history file:

$ cat /dev/null > ~/.bash_history
$ sudo chattr +i ~/.bash_history
$ history -c && history -w``

Or you can add the option to .bashrc:


Leave a Reply

Your email address will not be published. Required fields are marked *