Am 14.03.22 um 12:32 schrieb Marc Haber:
On Mon, Mar 14, 2022 at 11:38:01AM +0100, Michael Biebl wrote:
Nowadays I have a persistent journal enabled basically everywhere, which
somewhat mitigates this issue as /var/log/journal/<machineid> will persist
across reboots and new files will always inherit the same ACLs settings.

That might apply to the default configuration, yes.

That said, I know too little about ACLs to suggest a way how to setup the
parent folder differently so new files not getting the (ineffective) x-bit.

Maybe ACLs have a construct similiar to umask?

It's a bit of an oddity for sure but at least with a persistent journal you
would not get this warning from aide I assume as all files would now have an
(in-effective) x-bit set?

I have no machine running with a persistent journal. I am probably too
much an old fart to adjust my finger memory to using journalctl, despite
desperately trying for years yet.


upstream has closed bug report I created at

https://github.com/systemd/systemd/issues/22729

They argue that everything is working as expected and if aide trips up over that masked out x-bit it should be aide that needs to be fixed.


Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply via email to