Bug 1278661 - journal should not fail if it is not allowed to read audit data.
journal should not fail if it is not allowed to read audit data.
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: systemd (Show other bugs)
rawhide
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: systemd-maint
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-11-06 00:54 EST by Daniel Walsh
Modified: 2015-11-06 23:40 EST (History)
7 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2015-11-06 23:40:32 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Daniel Walsh 2015-11-06 00:54:31 EST
When running docker inside of a container, journald is failing because we have removed AUDIT_READ.  We don't want to allow containers to read audit data, so journald should fail this check and continue.  

Perhaps it could check if AUDIT_READ capability is missing and not report an error.
Comment 1 Daniel Walsh 2015-11-06 23:40:32 EST
This was blowing up on systemd in fedora 22 container, seems to work in fedora 23.

Note You need to log in before you can comment on or make changes to this bug.