Red Hat Bugzilla – Bug 1278661
journal should not fail if it is not allowed to read audit data.
Last modified: 2015-11-06 23:40:32 EST
When running docker inside of a container, journald is failing because we have removed AUDIT_READ. We don't want to allow containers to read audit data, so journald should fail this check and continue.
Perhaps it could check if AUDIT_READ capability is missing and not report an error.
This was blowing up on systemd in fedora 22 container, seems to work in fedora 23.