On Thu, 2013-10-17 at 08:55 -0500, Rex Dieter wrote:
> Matthew Miller wrote:
>
> > Back in May, the systemd package was changed to enable journal persistancy
> > by default, by creating /var/log/journal.
>
> that dir should be owned by systemd:
>
> repoquery --whatprovides /var/log/journal
> systemd-0:208-2.fc20.x86_64
>
> it is on my f20 box, systemd.spec in master/ branch has proper
> creation/ownership too:
>
> %dir %{_localstatedir}/log/journal
>
> Is that folder getting deleted for you somehow?
I've seen some interesting AVCs in images I've built / installs I've
done recently:
[ 3.494655] type=1400 audit(1382659969.717:4): avc: denied { setattr } for
pid=419 comm="systemd-tmpfile" name="journal" dev="dm-1" ino=391755
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_log_t:s0 tclass=dir
[ 3.513159] type=1400 audit(1382659969.737:5): avc: denied { setattr } for
pid=419 comm="systemd-tmpfile" name="1a57b8c4d8764583b84c8a8faec7f995"
dev="dm-1" ino=392555 scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:var_log_t:s0 tclass=dir
/var/log/journal does still exist on that install, but still, it's
interesting, and may be more of a problem on cloud images than it is on
a 'regular' install somehow.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fedora | XMPP: adamw AT happyassassin . net
http://www.happyassassin.net
--
devel mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
