If adm is the only group necessary for log-access in bullseye, then it's
probably all good.
It would however be nice to see a fix also in buster (ie busters debian
installer at the next point release).
Cheers,
Daniel
On Thu, 16 Jul 2020, Michael Biebl wrote:
Am 15.07.20 um 12:52 schrieb Michael Biebl:
Am 15.07.20 um 01:19 schrieb Daniel Blaschke:
OK, so now it works after rebooting - logging out and back in was not
enough after adding myself to the groups apparently; sorry for the noise.
Could this bug perhaps be reassigned to the debian-installer?
Kind of think the primary admin user (which is set up during a fresh
install) should be added to those groups by default.
I think with bullseye this issue is mostly moot as a persistent journal
is now the default and the /var/log/journal directory has an ACL with
read permissions for the "adm" group and the admin user is already added
to this group.
buster:
# getfacl /run/log/journal/
getfacl: Removing leading '/' from absolute path names
# file: run/log/journal/
# owner: root
# group: systemd-journal
# flags: -s-
user::rwx
group::r-x
other::r-x
bullseye:
# getfacl /var/log/journal/
getfacl: Removing leading '/' from absolute path names
# file: var/log/journal/
# owner: root
# group: systemd-journal
# flags: -s-
user::rwx
group::r-x
group:adm:r-x
mask::r-x
other::r-x
default:user::rwx
default:group::r-x
default:group:adm:r-x
default:mask::r-x
default:other::r-x
Do you see any value in adding users to the more explicit
systemd-journal group? If not, I'd just close this bug report.
Regards,
Michael
