1278661 – journal should not fail if it is not allowed to read audit data.

Bug 1278661 - journal should not fail if it is not allowed to read audit data.

Summary: journal should not fail if it is not allowed to read audit data.

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	systemd
Sub Component:
Version:	rawhide
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	unspecified
Target Milestone:	---
Assignee:	systemd-maint
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2015-11-06 05:54 UTC by Daniel Walsh
Modified:	2015-11-07 04:40 UTC (History)
CC List:	7 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2015-11-07 04:40:32 UTC
Type:	Bug
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Daniel Walsh 2015-11-06 05:54:31 UTC

When running docker inside of a container, journald is failing because we have removed AUDIT_READ.  We don't want to allow containers to read audit data, so journald should fail this check and continue.  

Perhaps it could check if AUDIT_READ capability is missing and not report an error.

Comment 1 Daniel Walsh 2015-11-07 04:40:32 UTC

This was blowing up on systemd in fedora 22 container, seems to work in fedora 23.

Note You need to log in before you can comment on or make changes to this bug.