Public bug reported:

Upgrading or reinstalling the systemd package when using rsyslogd
results in bad permissions (0755 instead of 0775) being set on
/var/log/. As a consequence of this, rsyslogd can no longer create new
files within this directory, resulting in lost log messages.

The default configuration of rsyslogd provided by Ubuntu runs the daemon
as syslog:syslog and sets ownership of /var/log to syslog:adm with mode

Systemd's default tmpfiles configuration sets /var/log to 0755 in
/usr/lib/tmpfiles.d/var.conf, however this is overridden in
/usr/lib/tmpfiles.d/00rsyslog.conf which is provided by package rsyslog.

It looks as though an upgrade of the systemd package fails to take
/usr/lib/tmpfiles.d/00rsyslog.conf into account, as demonstrated below.
This results in /var/log receiving mode 0755 instead of the expected

nick @ log2.be1.ams1:~ $ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 16.04.3 LTS
Release:        16.04
Codename:       xenial

nick @ log2.be1.ams1:~ $ apt policy systemd
  Installed: 229-4ubuntu21.1
  Candidate: 229-4ubuntu21.1
  Version table:
 *** 229-4ubuntu21.1 500
        500 xenial-updates/main amd64 Packages
        500 xenial-security/main amd64 
        100 /var/lib/dpkg/status
     229-4ubuntu4 500
        500 xenial/main amd64 Packages

nick @ log2.be1.ams1:~ $ apt policy rsyslog
  Installed: 8.16.0-1ubuntu3
  Candidate: 8.16.0-1ubuntu3
  Version table:
 *** 8.16.0-1ubuntu3 500
        500 xenial/main amd64 Packages
        100 /var/lib/dpkg/status

nick @ log2.be1.ams1:~ $ grep -F /var/log /usr/lib/tmpfiles.d/var.conf
d /var/log 0755 - - -
f /var/log/wtmp 0664 root utmp -
f /var/log/btmp 0600 root utmp -

nick @ log2.be1.ams1:~ $ cat /usr/lib/tmpfiles.d/00rsyslog.conf
# Override systemd's default tmpfiles.d/var.conf to make /var/log writable by
# the syslog group, so that rsyslog can run as user.
# See tmpfiles.d(5) for details.

# Type Path    Mode UID  GID  Age Argument
d /var/log 0775 root syslog -

nick @ log2.be1.ams1:~ $ ls -ld /var/log
drwxrwxr-x 8 root syslog 4096 Feb  7 13:45 /var/log

nick @ log2.be1.ams1:~ $ sudo apt install --reinstall systemd
Reading package lists... Done
Building dependency tree       
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 7 not upgraded.
Need to get 3,634 kB of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 xenial-updates/main amd64 systemd amd64 
229-4ubuntu21.1 [3,634 kB]
Fetched 3,634 kB in 0s (24.3 MB/s)
(Reading database ... 86614 files and directories currently installed.)
Preparing to unpack .../systemd_229-4ubuntu21.1_amd64.deb ...
Unpacking systemd (229-4ubuntu21.1) over (229-4ubuntu21.1) ...
Processing triggers for dbus (1.10.6-1ubuntu3.3) ...
Processing triggers for ureadahead (0.100.0-19) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up systemd (229-4ubuntu21.1) ...
addgroup: The group `systemd-journal' already exists as a system group. Exiting.

nick @ log2.be1.ams1:~ $ ls -ld /var/log
drwxr-xr-x 8 root syslog 4096 Feb  7 13:45 /var/log

** Affects: systemd (Ubuntu)
     Importance: Undecided
         Status: New

You received this bug notification because you are a member of Ubuntu
Desktop Bugs, which is subscribed to systemd in Ubuntu.

  Upgrading systemd sets incorrect permissions on /var/log/

To manage notifications about this bug go to:

desktop-bugs mailing list

Reply via email to