On Tue, Mar 11, 2014 at 11:08:59PM -0700, Greg KH wrote: > On Tue, Mar 11, 2014 at 10:44:17PM -0700, Greg KH wrote: > > On Tue, Mar 11, 2014 at 09:41:50PM -0700, Greg KH wrote: > > > On Tue, Mar 11, 2014 at 08:38:58PM -0700, Greg KH wrote: > > > > On Wed, Mar 12, 2014 at 04:21:55AM +0200, Mantas Mikulėnas wrote: > > > > > On Wed, Mar 12, 2014 at 3:46 AM, Greg KH <gre...@linuxfoundation.org> > > > > > wrote: > > > > > > Hi all, > > > > > > > > > > > > With systemd 211, a new journal file is getting created with > > > > > > permissions > > > > > > of root:root instead of root:systemd-journal like previously (210 > > > > > > and > > > > > > prior). > > > > > > > > > > > > I looked at the git log and can't see anything obvious that would > > > > > > have > > > > > > caused this. > > > > > > > > > > > > Is this intentional? Or something on my end with my system's > > > > > > configuration? > > > > > > > > > > Normally the journal files just inherit the group of /var/log/journal, > > > > > which has the setgid bit (and the correct group) set by > > > > > /usr/lib/tmpfiles.d/systemd.conf. > > > > > > > > I thought so, and this worked on 210, and the permissions of > > > > /var/log/journal/ is correct: > > > > > > > > drwxr-sr-x 2 root systemd-journal 4096 Mar 12 01:36 > > > > 0da484f8dee497fee9585ba9531fb7f1 > > > > > > > > > If you ran `make install`, however, it would chown /var/log/journal to > > > > > 0:0 until the next time systemd-tmpfiles ran. > > > > > > > > This gets created by the ebuild (this is on CoreOs), and the 210 ebuild > > > > worked, so what is different here? > > > > > > Apologies, I can now reproduce this on systemd 210, so this isn't a 211 > > > issue from what I can tell just yet, sorry for the noise. > > > > In looking at this further, the /usr/lib/tmpfiles.d/systemd.conf will > > not change the permissions on the journald file, only the directory: > > m /var/log/journal 2755 root systemd-journal - - > > m /var/log/journal/%m 2755 root systemd-journal - - > > m /run/log/journal 2755 root systemd-journal - - > > m /run/log/journal/%m 2755 root systemd-journal - - > > > > So what is supposed to set the permissions on the journal file(s) that > > live in /var/log/journal/%m/ ? > > > > Let me do a build with 207 and see how that handles this issue... > > Ah, found it. > > Commit 4608af4333d0f7f5f8e3bc632801b04ef07d246d is the issue. > > We moved from handling the mode internally, in 207, to using the > tmpfiles.d infrastructure in 208. On systems that previously were > working on 207, if you upgrade, the permissions are set properly from > 207. > > But, for 208, this changed :( > > So, what's the odds that file globbing works with tmpfile.d, time to > rebuild...
It works well enough, the following patch fixes the issue for me: diff --git a/tmpfiles.d/systemd.conf b/tmpfiles.d/systemd.conf index 7c6d6b9099b9..1aeb5e40f1ee 100644 --- a/tmpfiles.d/systemd.conf +++ b/tmpfiles.d/systemd.conf @@ -24,5 +24,7 @@ d /run/systemd/shutdown 0755 root root - m /var/log/journal 2755 root systemd-journal - - m /var/log/journal/%m 2755 root systemd-journal - - +m /var/log/journal/%m/system.journal 2755 root systemd-journal - - m /run/log/journal 2755 root systemd-journal - - m /run/log/journal/%m 2755 root systemd-journal - - +m /run/log/journal/%m/system.journal 2755 root systemd-journal - - _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel