Hello, Michael, you asked:
> Can you also send us the output of > ls -la /var/log/journal I'm not sure this is still needed, but I'll leave that for you to decide. The following is after my initial workaround, no additional change beyond that. In passing: It strikes me as somewhat inconsequential that the software produces fine-tuned ACL, but I as the admin I have to remember to set the g+s bit on the directory for that ACL to do any good. That's not a big issue, though. Regards, Andreas > Script started on Sa 21 Nov 2015 13:20:11 CET > root@falcon:~ > # ls -laR /var/log/journal/ > /var/log/journal/: > insgesamt 20 > drwxr-xr-x 3 root root 4096 Nov 9 16:49 . > drwxr-xr-x 17 root root 12288 Nov 20 11:37 .. > drwxr-xr-x 2 root root 4096 Nov 11 13:08 a40db01e5f2643f68bc99238f1b07903 > > /var/log/journal/a40db01e5f2643f68bc99238f1b07903: > insgesamt 311328 > drwxr-xr-x 2 root root 4096 Nov 11 13:08 . > drwxr-xr-x 3 root root 4096 Nov 9 16:49 .. > -rw-r----- 1 root systemd-journal 134217728 Nov 11 13:08 system@e41bf2c7805949d5aded2b24d60f8cef-0000000000000001-000522a3bb30b625.journal > -rw-r----- 1 root systemd-journal 92274688 Nov 21 13:20 system.journal > -rw-r-----+ 1 root systemd-journal 8388608 Nov 11 13:08 user-1000@5903d660b88f444d884298a8dc4324c1-000000000001d6d8-0005241dac321f96.journal > -rw-r-----+ 1 root systemd-journal 25165824 Nov 21 13:15 user-1000.journal > -rw-r-----+ 1 root systemd-journal 8388608 Nov 11 13:08 user-1001@09ef76898b3844bda80636b8d1ab57b0-000000000001d6d4-0005241daa1d6d25.journal > -rw-r-----+ 1 root systemd-journal 33554432 Nov 21 13:15 user-1001.journal > -rw-r-----+ 1 root systemd-journal 8388608 Nov 11 13:08 user-65534@4bc5536f47f44143b0418cdf0391a240-000000000001dc3e-0005241dec12aa4e.journal > -rw-r-----+ 1 root systemd-journal 8388608 Nov 18 10:04 user-65534.journal > root@falcon:~ > # getfacl -R /var/log/journal/ > getfacl: Entferne führende '/' von absoluten Pfadnamen > # file: var/log/journal/ > # owner: root > # group: root > user::rwx > group::r-x > other::r-x > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903 > # owner: root > # group: root > user::rwx > group::r-x > other::r-x > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/user-65534@4bc5536f47f44143b0418cdf0391a240-000000000001dc3e-0005241dec12aa4e.journal > # owner: root > # group: systemd-journal > user::rw- > user:nobody:r-- > group::r-- > mask::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/system.journal > # owner: root > # group: systemd-journal > user::rw- > group::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/user-1001@09ef76898b3844bda80636b8d1ab57b0-000000000001d6d4-0005241daa1d6d25.journal > # owner: root > # group: systemd-journal > user::rw- > user:andreas:r-- > group::r-- > mask::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/system@e41bf2c7805949d5aded2b24d60f8cef-0000000000000001-000522a3bb30b625.journal > # owner: root > # group: systemd-journal > user::rw- > group::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/user-65534.journal > # owner: root > # group: systemd-journal > user::rw- > user:nobody:r-- > group::r-- > mask::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/user-1001.journal > # owner: root > # group: systemd-journal > user::rw- > user:andreas:r-- > group::r-- > mask::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/user-1000.journal > # owner: root > # group: systemd-journal > user::rw- > user:andreask:r-- > group::r-- > mask::r-- > other::--- > > # file: var/log/journal//a40db01e5f2643f68bc99238f1b07903/user-1000@5903d660b88f444d884298a8dc4324c1-000000000001d6d8-0005241dac321f96.journal > # owner: root > # group: systemd-journal > user::rw- > user:andreask:r-- > group::r-- > mask::r-- > other::--- > > root@falcon:~ > # exit > > Script done on Sa 21 Nov 2015 13:20:42 CET
signature.asc
Description: OpenPGP digital signature
