Hello, I’m new to this list and maybe it’s not the correct one, but I have not found which one. So please redirect me if needed.
I’m running systtemd #systemctl --version systemd 215 +PAM +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ -SECCOMP -APPARMOR I’m trying to setup sealing on journald and I have some wondering. - I have setup Seal=yes and Storage=peristent on the configuration file. - I have setup a key and the file /var/log/journal/<machine-id>/fss is created I have put a small intervall to see changes. - I have done a daemon-reload and restart systemd-journald. What is happening is : If I run journalctl —verify I have the following result : PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-000000000008a71f-00052f2a193c935a.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-0000000000082381-00052f09d08eeee4.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-000000000007a1ec-00052eeba607f5be.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-00000000000720ca-00052ece5488ab03.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-000000000006a0e2-00052eb32a7f1db0.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-0000000000062101-00052e994ab669e5.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-000000000005a200-00052e7f53534ac9.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-00000000000522d1-00052e6521583fef.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-000000000004a43b-00052e4b93651e16.journal PASS: /run/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@ed7996ee15d1483f807dd9681125583e-00000000000424e7-00052e31cbadb8e0.journal Journal file /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system.journal has sealing enabled but verification key has not been passed using --verify-key=. FAIL: /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system.journal (Clé requise non disponible) PASS: /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/[email protected]~ PASS: /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/[email protected]~ PASS: /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system@90cc32f84ce54286a58677b3b34a9e03-0000000000000001-00052e31cbadb8e0.journal PASS: /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/user-1000.journal That’s seem ok. But if I run journalctl —verify —verify-key=<mykey> I have the folliwing result for the system.journal file (the other one pass) Tag/entry realtime timestamp out of synchronization at 390e60 File corruption detected at /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system.journal:390e60 (of 8388608 bytes, 44%). FAIL: /var/log/journal/5300f6966bfb452da9d2c63ebc6bed4e/system.journal (Message invalide) But… if i rune journal —verify —verify-key=111111-222222-333333-444444/555555-666666 I have exactly the same result. So what is the deal with the key ? Any value does the job ? I’m missing some point ? f.g. _______________________________________________ systemd-devel mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/systemd-devel
