summaryrefslogtreecommitdiff
path: root/man/systemd-nspawn.xml
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-01-01 04:40:41 +0100
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-01-05 14:12:58 -0500
commit524daa8c3e2bd63ad9dbc24711cdcfb45a65b2db (patch)
tree2a15cff09799dca02bf99580a89a28da8f94d691 /man/systemd-nspawn.xml
parent9c3349e23b14db27e7ba45f82cf647899c563ea9 (diff)
journal: call connect() with dropped privileges
When systemd starts a service, it first opened /run/systemd/journal/stdout socket, and only later switched to the right user.group (if they are specified). Later on, journald looked at the credentials, and saw root.root, because credentials are stored at the time the socket is opened. As a result, all messages passed over _TRANSPORT=stdout were logged with _UID=0, _GID=0. Drop real uid and gid temporarily to fix the issue.
Diffstat (limited to 'man/systemd-nspawn.xml')
0 files changed, 0 insertions, 0 deletions