Hi, having read through this report in details I think using ACLs would be best, 'cause:
On Sat, Jul 20, 2013 at 11:37:43AM +0200, Michael Stapelberg wrote: [..snip..] > Thanks for creating a bug report to track this, it was planned from our > side to do this (but after the upload). I see three action items here: > > 1. (bug #717386) Create the systemd-journal group That makes sense with ACLs and the explanation Sven attached from the upstram logs. We might want a user with minimal rights given that adm continues to work. > 2. (bug #717388) Ensure systemd-journal and adm have read access to > /var/log/journal ...by setting filesystem ACLs as upstream does > 3. (bug #717388) Patch the message in journalctl to make users aware > of the adm group. This is IMHO already fixed. If you look at access_check_var_log_journal in upstream git it will print a list of groups given that you have ACLs enabled and search_acl_groups doesn't fail. Let me know if I can help to drive this further. Cheers, -- Guido > > -- > Best regards, > Michael -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
