Bug#800947: ACL for /var/log/journal not set for group adm

Control: tags -1 + pending On Mon, 5 Oct 2015 12:26:02 +0200 =?UTF-8?Q?Rapha=c3=abl_Halimi?= wrote: > Package: systemd > Version: 226-4 > > Hi, > > About persistent logging, README.Debian claims : > > "systemd will add an ACL for read permissions for users in the

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 17:35 schrieb Felipe Sateler: > I think a reasonable alternative is to ship using Storage=volatile by > default, and ship the directory in the package (or create it in > postinst). After thinking more about this, I think this is the only sane solution: - Ship /var/log/journal in

Bug#800947: ACL for /var/log/journal not set for group adm

On 7 October 2015 at 12:17, Josh Triplett wrote: > On Wed, 7 Oct 2015 13:55:30 +0200 Michael Biebl wrote: >> Am 05.10.2015 um 17:35 schrieb Felipe Sateler: >> > I think a reasonable alternative is to ship using Storage=volatile by >> > default, and ship

Bug#800947: ACL for /var/log/journal not set for group adm

On Wed, 7 Oct 2015 13:55:30 +0200 Michael Biebl wrote: > Am 05.10.2015 um 17:35 schrieb Felipe Sateler: > > I think a reasonable alternative is to ship using Storage=volatile by > > default, and ship the directory in the package (or create it in > > postinst). > > After

Bug#800947: ACL for /var/log/journal not set for group adm

On Wed, Oct 07, 2015 at 12:26:19PM -0300, Felipe Sateler wrote: > On 7 October 2015 at 12:17, Josh Triplett wrote: > > On Wed, 7 Oct 2015 13:55:30 +0200 Michael Biebl wrote: > >> Am 05.10.2015 um 17:35 schrieb Felipe Sateler: > >> > I think a reasonable

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 13:21 schrieb Michael Biebl: > I wonder if we should fix the documentation to tell people to run > systemd-tmpfiles /usr/lib/tmpfiles/systemd.conf immediately after > enabling persistent journal. We might also consider re-adding

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 12:26 schrieb Raphaël Halimi: > Package: systemd > Version: 226-4 > > Hi, > > About persistent logging, README.Debian claims : > > "systemd will add an ACL for read permissions for users in the "adm" group." > > This is not working: after creating /var/log/journal with the

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 13:08 schrieb Raphaël Halimi: > Le 05/10/2015 12:30, Michael Biebl a écrit : >> But the subdirectories of /var/log/journal have the correct ACL set, right? > > Yes, you're right, I just noticed it; but using journalctl as a user > won't display system messages (only user

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 13:12 schrieb Michael Biebl: > Am 05.10.2015 um 13:08 schrieb Raphaël Halimi: >> Le 05/10/2015 12:30, Michael Biebl a écrit : >>> But the subdirectories of /var/log/journal have the correct ACL set, right? >> >> Yes, you're right, I just noticed it; but using journalctl as a user

Bug#800947: ACL for /var/log/journal not set for group adm

Le 05/10/2015 12:30, Michael Biebl a écrit : > But the subdirectories of /var/log/journal have the correct ACL set, right? Yes, you're right, I just noticed it; but using journalctl as a user won't display system messages (only user messages), which is not the expected behavior of adding a user

Bug#800947: ACL for /var/log/journal not set for group adm

Le 05/10/2015 13:21, Michael Biebl a écrit : > Apparently the files were created before the ACLs have been set for > /var/log/journal/3deacfa10d0c169adfdeb36c50522bd6 > so the journal files that were created did not inherit the correct ACLs > from the parent directory. > > Possibly you created

Bug#800947: ACL for /var/log/journal not set for group adm

Package: systemd Version: 226-4 Hi, About persistent logging, README.Debian claims : "systemd will add an ACL for read permissions for users in the "adm" group." This is not working: after creating /var/log/journal with the "install" command as instructed in the README.Debian, and even after

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 13:57 schrieb Raphaël Halimi: > Le 05/10/2015 13:21, Michael Biebl a écrit : >> Apparently the files were created before the ACLs have been set for >> /var/log/journal/3deacfa10d0c169adfdeb36c50522bd6 >> so the journal files that were created did not inherit the correct ACLs >>

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 17:35 schrieb Felipe Sateler: > On 5 October 2015 at 12:20, Michael Biebl wrote: >> But, when using Storage=persistent, journald will create the directory >> /var/log/journal/ itself. So this won't help in that case, unless >> systemd-journald re-added the code

Bug#800947: ACL for /var/log/journal not set for group adm

On 5 October 2015 at 12:20, Michael Biebl wrote: > Am 05.10.2015 um 13:57 schrieb Raphaël Halimi: >> Le 05/10/2015 13:21, Michael Biebl a écrit : >>> Apparently the files were created before the ACLs have been set for >>> /var/log/journal/3deacfa10d0c169adfdeb36c50522bd6 >>> so

Bug#800947: ACL for /var/log/journal not set for group adm

Am 05.10.2015 um 17:20 schrieb Michael Biebl: > Hm, right. There might be a race condition during boot, where > systemd-journald-flush.service is started before systemd-tmpfiles.service. > We could order systemd-journald-flush.service *after* > systemd-tmpfiles.service. Fwiw, this directly

Bug#800947: ACL for /var/log/journal not set for group adm

On 5 October 2015 at 12:37, Michael Biebl wrote: > Am 05.10.2015 um 17:35 schrieb Felipe Sateler: >> On 5 October 2015 at 12:20, Michael Biebl wrote: >>> But, when using Storage=persistent, journald will create the directory >>> /var/log/journal/ itself. So