Bug 1211499
Summary: | "wheel" can't read the system journal. | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Marius Vollmer <mvollmer> |
Component: | systemd | Assignee: | systemd-maint |
Status: | CLOSED DUPLICATE | QA Contact: | qe-baseos-daemons |
Severity: | unspecified | Docs Contact: | |
Priority: | unspecified | ||
Version: | 7.1 | CC: | msekleta, systemd-maint-list |
Target Milestone: | rc | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2015-04-17 08:44:46 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1143927 |
Description
Marius Vollmer
2015-04-14 07:27:44 UTC
IIRC this works with volatile journal data in /run, thus I assume you are interested in persistent journal setup. Access list granting read access on /var/log/journal to members of wheel group is adjusted at package install time. In RHEL there is no /var/log/journal by default so after user creates it has to setup access list on directory manually. (In reply to Michal Sekletar from comment #2) > IIRC this works with volatile journal data in /run, thus I assume you are > interested in persistent journal setup. No, "wheel" can not read the journal files in /run either. The steps above were done without /var/log/journal, by accident. I think this is good, actually, because it means that the straightforward way to enable persistent journals, a simple mkdir /var/log/journal, will give consistent results. > Access list granting read access on /var/log/journal to members of wheel > group is adjusted at package install time. So the access rights might change when systemd is updated or reinstalled? I did # mkdir /var/log/journal # reboot # yum reinstall systemd and "wheel" still can't read the system journal. Your reply now makes me think that the actual behaviour here is more by accident than by design, but I must be wrong, no? Too many systemd version to keep track of what's where. Anyway, I think I can close this as dupe of #1101226. As for RHEL-7.2, we will rebase systemd to systemd-219. Package is already in works and should be available for testing sometime next week. And there we have tmpfiles.d snippet which takes care of setting appropriate ACLs on both /run/log/journal and /var/log/journal. And btw, in case you guys are interested we can ping you when RHEL systemd-219 build is available, so you could give it a try and test it in Cockpit setup. Note that package will be quite different from the one in Fedora. *** This bug has been marked as a duplicate of bug 1101226 *** (In reply to Michal Sekletar from comment #4) > Too many systemd version to keep track of what's where. Anyway, I think I > can close this as dupe of #1101226. Yes, thanks! > As for RHEL-7.2, we will rebase systemd to systemd-219. Package is already > in works and should be available for testing sometime next week. And there > we have tmpfiles.d snippet which takes care of setting appropriate ACLs on > both /run/log/journal and /var/log/journal. Very good. > And btw, in case you guys are interested we can ping you when RHEL > systemd-219 build is available, so you could give it a try and test it in > Cockpit setup. Note that package will be quite different from the one in > Fedora. Yes, please. |