Am 2015-07-08 16:42, schrieb Vincent Lefevre:
On 2015-07-07 13:35:00 +0200, Christian Seiler wrote:Am 2015-07-05 13:03, schrieb Vincent Lefevre: >Can anyone explain these strange journald permissions? > >-rw-r-x---+ 1 root root 16777216 2015-07-05 12:57:55 >system.journal* >-rw-r-x---+ 1 root systemd-journal 8388608 2015-07-05 12:17:21 >user-1000.journal* > >More precisely, why the bit x for the group? So when activating the persistent journal, README.Debian contains the following line: setfacl -R -nm g:adm:rx,d:g:adm:rx /var/log/journal Did you by any chance forget the -n when executing it, so that instead you executed setfacl -R -m g:adm:rx,d:g:adm:rx /var/log/journal ?I activated the persistent journal by setting Storage=persistent in /etc/systemd/journald.conf, but didn't do anything else. In particular, I've never used setfacl. So, where does this bit x come from?
Are you sure you never used setfacl? Because your files have ACLs
(as seen by the + sign next to the mode), but systemd-journald by
default only uses normal permissions (at least under Jessie);
unless you explicitly set ACLs on the directory, for example to
let members of the 'adm' group access the journal (see the
snippet in README.Debian I posted).
(Ok, technically it uses ACLs by default for the user-*.journal,
to grant each user access to their own journal, but not for
system.journal.)
- What does 'getfacl system.journal' print?
- Do you have any tmpfiles.d snippet installed that does
something to /var/log/journal?
grep -r var/log/journal {/etc,/usr/lib}/tmpfiles.d
Should only print systemd.conf with two 'z' (i.e.
non-recursive) entries for /var/log/journal and
/var/log/journal/%m.
- Do you have any cron job or init script or systemd
service installed that plays around with file modes?
(Note: /var/log/journal is under /var/log, so if
anything modifies /var/log, /var/log/journal may also
be affected!)
Christian