summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2015-07-09 18:43:55 -0300
committerLennart Poettering <lennart@poettering.net>2015-07-09 18:46:01 -0300
commit8b258a645ae63dff3ab8dde6520d2e770e2a40f1 (patch)
tree6ff55063a03f604379f434b60ee9c149b2cc1235
parent43694a8cc70667498f3ffc5d9325b7d0428558e5 (diff)
tmpfiles: don't recursively descend into journal directories in /var
Do so only in /run. We shouldn't alter ACLs for existing files in /var, but only for new files. If the admin made changes to the ACLs they shouls stay in place. We should still do recursive ACL changes for files in /run, since those are not persistent, and will hence lack ACLs on every boot. Also, /var/log/journal might be quit large, /run/log/journal is usually not, hence we should avoid the recursive descending on /var, but not on /run. Fixes #534
-rw-r--r--tmpfiles.d/systemd.conf.m42
1 files changed, 1 insertions, 1 deletions
diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4
index b447b01f58..d9d51af929 100644
--- a/tmpfiles.d/systemd.conf.m4
+++ b/tmpfiles.d/systemd.conf.m4
@@ -35,7 +35,7 @@ z /var/log/journal 2755 root systemd-journal - -
z /var/log/journal/%m 2755 root systemd-journal - -
m4_ifdef(`HAVE_ACL',``
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x
-A+ /var/log/journal/%m - - - - group:adm:r-x,group:wheel:r-x
+a+ /var/log/journal/%m - - - - group:adm:r-x,group:wheel:r-x
'')m4_dnl
d /var/lib/systemd 0755 root root -