Am 09.07.2015 um 12:43 schrieb Vincent Lefevre: > Package: systemd > Version: 222-1 > Severity: normal > > The .journal files under /var/log/journal/*/ have an incorrect x bit > for the group: > > -rw-r-x---+ 1 root root 50331648 2015-07-09 12:25:09 system.journal > -rw-r-x---+ 1 root systemd-journal 16777216 2015-07-09 11:27:15 > user-1000.journal > > According to Christian Seiler's message > > https://lists.debian.org/debian-user/2015/07/msg00359.html > > the cause is the following lines in /usr/lib/tmpfiles.d/systemd.conf: > > a+ /var/log/journal/%m - - - - d:group:adm:r-x > A+ /var/log/journal/%m - - - - group:adm:r-x > > Christian said: > > "Ok, that's it: a+/A+ is new in systemd in unstable (don't remember when > exactly it was introduced, but 215 from Jessie doesn't have it), and > that is used to set ACLs. > > So what happend is the following: > > - journald created these files after you initially set > Storage=persistent, but without ACLs (and thus no ACL mask) > > - the tmpfiles.d snippet was executed after that (probably at the next > boot) > > - A+ is recursive and adds ACL entries (in this case for the adm > group) > > - but since the files didn't have an ACL mask yet, it was > automatically created, leaving the mask with an x bit > (because the adm-ACL for group was added with x) > > [...] > > That said, I think it would be justified to open a bug report about the > current behavior (even if after removing the bit once it doesn't occur > anymore), and the solution would be to have tmpfiles.d provide an > option to set ACLs without recalculating a mask (equivalent to what > setfacl -n does), and change the tmpfiles.d snippet to make use of > that."
That sounds like an upstream change. > Note: since Jessie is not affected, I suppose that this will affect > Jessie users in the next upgrade if nothing is done to fix the problem. > > systemd should ensure that: > * The x bit is no longer added in the future. > * If the x bit was set due to this bug, it should be removed > automatically. Please consider filing this upstream. Thanks, Michael -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
