[systemd-devel] systemd 211 journal getting created with different permissions
Greg KH
gregkh at linuxfoundation.org
Tue Mar 11 22:44:17 PDT 2014
On Tue, Mar 11, 2014 at 09:41:50PM -0700, Greg KH wrote:
> On Tue, Mar 11, 2014 at 08:38:58PM -0700, Greg KH wrote:
> > On Wed, Mar 12, 2014 at 04:21:55AM +0200, Mantas Mikulėnas wrote:
> > > On Wed, Mar 12, 2014 at 3:46 AM, Greg KH <gregkh at linuxfoundation.org> wrote:
> > > > Hi all,
> > > >
> > > > With systemd 211, a new journal file is getting created with permissions
> > > > of root:root instead of root:systemd-journal like previously (210 and
> > > > prior).
> > > >
> > > > I looked at the git log and can't see anything obvious that would have
> > > > caused this.
> > > >
> > > > Is this intentional? Or something on my end with my system's
> > > > configuration?
> > >
> > > Normally the journal files just inherit the group of /var/log/journal,
> > > which has the setgid bit (and the correct group) set by
> > > /usr/lib/tmpfiles.d/systemd.conf.
> >
> > I thought so, and this worked on 210, and the permissions of
> > /var/log/journal/ is correct:
> >
> > drwxr-sr-x 2 root systemd-journal 4096 Mar 12 01:36 0da484f8dee497fee9585ba9531fb7f1
> >
> > > If you ran `make install`, however, it would chown /var/log/journal to
> > > 0:0 until the next time systemd-tmpfiles ran.
> >
> > This gets created by the ebuild (this is on CoreOs), and the 210 ebuild
> > worked, so what is different here?
>
> Apologies, I can now reproduce this on systemd 210, so this isn't a 211
> issue from what I can tell just yet, sorry for the noise.
In looking at this further, the /usr/lib/tmpfiles.d/systemd.conf will
not change the permissions on the journald file, only the directory:
m /var/log/journal 2755 root systemd-journal - -
m /var/log/journal/%m 2755 root systemd-journal - -
m /run/log/journal 2755 root systemd-journal - -
m /run/log/journal/%m 2755 root systemd-journal - -
So what is supposed to set the permissions on the journal file(s) that
live in /var/log/journal/%m/ ?
Let me do a build with 207 and see how that handles this issue...
thanks,
greg k-h
More information about the systemd-devel
mailing list