On Mon, Apr 28, 2014 at 11:58:46PM +0200, Michael Biebl wrote: > Am 28.04.2014 20:12, schrieb Alessandro Ghedini: > > On Mon, Apr 28, 2014 at 08:01:55PM +0200, Alessandro Ghedini wrote: > >> On Mon, Apr 28, 2014 at 07:39:10PM +0200, Michael Biebl wrote: > >>> Am 28.04.2014 19:19, schrieb Alessandro Ghedini: > >>>> I also had to add the line: > >>>> > >>>> m /run/log/journal/%m/system.journal 2755 root systemd-journal - - > >>>> > >>>> to /usr/lib/tmpfiles.d/systemd.conf, because, while the directory got > >>>> the right > >>>> owner, the journal file did not (it was still root:root). > >>>> > >>> > >>> Shouldn't the sticky bit ensure that subdirectories get the correct > >>> permissions once they are created? > >> > >> If I understand things correctly "m" only works on already existing > >> directories > >> and files, which means system.journal is already there with the wrong > >> usr:grp, > >> and changing the owner of a sticky directory won't change the owner of the > >> files > >> it contains... unless you do a recursive chown/chmod, which, I just > >> noticed, > >> is what systemd does since commit a606871da50 (it uses "Z" instead of "m"). > >> > >> I'm gonna try that and report back. > > > > Yep, it works. The diff for Debian is: > > > > --- /usr/lib/tmpfiles.d/systemd.conf 2014-04-28 00:59:40.000000000 > > +0200 > > +++ /usr/lib/tmpfiles.d/systemd.conf 2014-04-28 20:08:52.699331263 > > +0200 > > @@ -25,4 +25,6 @@ > > F /run/nologin 0644 - - - "System is booting up. See pam_nologin(8)" > > > > m /var/log/journal 2755 root systemd-journal - - > > -m /var/log/journal/%m 2755 root systemd-journal - - > > +Z /var/log/journal/%m 2755 root systemd-journal - - > > +m /run/log/journal 2755 root systemd-journal - - > > +Z /run/log/journal/%m 2755 root systemd-journal - - > > > > Thanks for investigating, Alessandro. > I'll cherry-pick the fixes for 208
The patch tmpfiles-fix-permissions-on-new-journal-files.patch fixes this (not sure if 208-6 was the version that introduced that patch though), so this bug can be closed I think. Cheers
signature.asc
Description: Digital signature
