Package: systemd Version: 222-1 Severity: normal The .journal files under /var/log/journal/*/ have an incorrect x bit for the group:
-rw-r-x---+ 1 root root 50331648 2015-07-09 12:25:09 system.journal -rw-r-x---+ 1 root systemd-journal 16777216 2015-07-09 11:27:15 user-1000.journal According to Christian Seiler's message https://lists.debian.org/debian-user/2015/07/msg00359.html the cause is the following lines in /usr/lib/tmpfiles.d/systemd.conf: a+ /var/log/journal/%m - - - - d:group:adm:r-x A+ /var/log/journal/%m - - - - group:adm:r-x Christian said: "Ok, that's it: a+/A+ is new in systemd in unstable (don't remember when exactly it was introduced, but 215 from Jessie doesn't have it), and that is used to set ACLs. So what happend is the following: - journald created these files after you initially set Storage=persistent, but without ACLs (and thus no ACL mask) - the tmpfiles.d snippet was executed after that (probably at the next boot) - A+ is recursive and adds ACL entries (in this case for the adm group) - but since the files didn't have an ACL mask yet, it was automatically created, leaving the mask with an x bit (because the adm-ACL for group was added with x) [...] That said, I think it would be justified to open a bug report about the current behavior (even if after removing the bit once it doesn't occur anymore), and the solution would be to have tmpfiles.d provide an option to set ACLs without recalculating a mask (equivalent to what setfacl -n does), and change the tmpfiles.d snippet to make use of that." Note: since Jessie is not affected, I suppose that this will affect Jessie users in the next upgrade if nothing is done to fix the problem. systemd should ensure that: * The x bit is no longer added in the future. * If the x bit was set due to this bug, it should be removed automatically. -- Package-specific info: -- System Information: Debian Release: stretch/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages systemd depends on: ii adduser 3.113+nmu3 ii libacl1 2.2.52-2 ii libapparmor1 2.9.2-3 ii libaudit1 1:2.4.2-1 ii libblkid1 2.26.2-6 ii libc6 2.19-18 ii libcap2 1:2.24-9 ii libcap2-bin 1:2.24-9 ii libcryptsetup4 2:1.6.6-5 ii libgcrypt20 1.6.3-2 ii libkmod2 20-1 ii liblzma5 5.1.1alpha+20120614-2.1 ii libmount1 2.26.2-6 ii libpam0g 1.1.8-3.1 ii libseccomp2 2.2.1-2 ii libselinux1 2.3-2+b1 ii libsystemd0 222-1 ii mount 2.26.2-6 ii sysv-rc 2.88dsf-59.2 ii udev 222-1 ii util-linux 2.26.2-6 Versions of packages systemd recommends: ii dbus 1.8.18-1 ii libpam-systemd 222-1 Versions of packages systemd suggests: pn systemd-ui <none> -- Configuration Files: /etc/systemd/journald.conf changed: [Journal] Storage=persistent -- no debconf information -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
