On Mon, Apr 28, 2014 at 08:01:55PM +0200, Alessandro Ghedini wrote: > On Mon, Apr 28, 2014 at 07:39:10PM +0200, Michael Biebl wrote: > > Am 28.04.2014 19:19, schrieb Alessandro Ghedini: > > > I also had to add the line: > > > > > > m /run/log/journal/%m/system.journal 2755 root systemd-journal - - > > > > > > to /usr/lib/tmpfiles.d/systemd.conf, because, while the directory got the > > > right > > > owner, the journal file did not (it was still root:root). > > > > > > > Shouldn't the sticky bit ensure that subdirectories get the correct > > permissions once they are created? > > If I understand things correctly "m" only works on already existing > directories > and files, which means system.journal is already there with the wrong usr:grp, > and changing the owner of a sticky directory won't change the owner of the > files > it contains... unless you do a recursive chown/chmod, which, I just noticed, > is what systemd does since commit a606871da50 (it uses "Z" instead of "m"). > > I'm gonna try that and report back.
Yep, it works. The diff for Debian is: --- /usr/lib/tmpfiles.d/systemd.conf 2014-04-28 00:59:40.000000000 +0200 +++ /usr/lib/tmpfiles.d/systemd.conf 2014-04-28 20:08:52.699331263 +0200 @@ -25,4 +25,6 @@ F /run/nologin 0644 - - - "System is booting up. See pam_nologin(8)" m /var/log/journal 2755 root systemd-journal - - -m /var/log/journal/%m 2755 root systemd-journal - - +Z /var/log/journal/%m 2755 root systemd-journal - - +m /run/log/journal 2755 root systemd-journal - - +Z /run/log/journal/%m 2755 root systemd-journal - -
signature.asc
Description: Digital signature
