Am 05.10.2015 um 13:08 schrieb Raphaël Halimi: > Le 05/10/2015 12:30, Michael Biebl a écrit : >> But the subdirectories of /var/log/journal have the correct ACL set, right? > > Yes, you're right, I just noticed it; but using journalctl as a user > won't display system messages (only user messages), which is not the > expected behavior of adding a user in the "adm" group (pre-systemd). > > Maybe it's because the system.journal file doesn't have the ACL set ? > > raph@arche:~$ getfacl -R /var/log/journal/ > getfacl : suppression du premier « / » des noms de chemins absolus > # file: var/log/journal/ > # owner: root > # group: systemd-journal > # flags: -s- > user::rwx > group::r-x > other::r-x > > # file: var/log/journal//3deacfa10d0c169adfdeb36c50522bd6 > # owner: root > # group: systemd-journal > # flags: -s- > user::rwx > group::r-x > group:adm:r-x > mask::r-x > other::r-x > default:user::rwx > default:group::r-x > default:group:adm:r-x > default:mask::r-x > default:other::r-x > > # file: var/log/journal//3deacfa10d0c169adfdeb36c50522bd6/user-1000.journal > # owner: root > # group: root > user::rw- > user:raph:r-- > group::r-- > mask::r-- > other::--- > > # file: var/log/journal//3deacfa10d0c169adfdeb36c50522bd6/system.journal > # owner: root > # group: root > user::rw- > group::r-- > other::--- > > I admit I don't know ACLs very well, but aren't the "default:..." lines > supposed to mean that the files under there should have these > permissions too ?
See https://github.com/systemd/systemd/commit/8b258a645ae63dff3ab8dde6520d2e770e2a40f1 Apparently this was an intended change. -- Why is it that all of the instruments seeking intelligent life in the universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature