summaryrefslogtreecommitdiff
path: root/src/journal
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-09-17 16:42:36 -0500
committerLennart Poettering <lennart@poettering.net>2013-09-17 16:55:37 -0500
commit4608af4333d0f7f5f8e3bc632801b04ef07d246d (patch)
treec8614f1e3cf783bf6e969c9d485fdd528f2c5b37 /src/journal
parent265ffa1e05acf12769a64d0734fd2472237c03c5 (diff)
journald: avoid NSS in journald
In order to avoid a deadlock between journald looking up the "systemd-journal" group name, and nscd (or anyother NSS backing daemon) logging something back to the journal avoid all NSS in journald the same way as we avoid it from PID 1. With this change we rely on the kernel file system logic to adjust the group of created journal files via the SETGID bit on the journal directory. To ensure that it is always set, even after the user created it with a simply "mkdir" on the shell we fix it up via tmpfiles on boot.
Diffstat (limited to 'src/journal')
-rw-r--r--src/journal/journald-server.c25
-rw-r--r--src/journal/journald-server.h3
2 files changed, 2 insertions, 26 deletions
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 709fa8b7d0..cc8ce0dc0d 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -180,25 +180,6 @@ static uint64_t available_space(Server *s, bool verbose) {
return s->cached_available_space;
}
-static void server_read_file_gid(Server *s) {
- const char *g = "systemd-journal";
- int r;
-
- assert(s);
-
- if (s->file_gid_valid)
- return;
-
- r = get_group_creds(&g, &s->file_gid);
- if (r < 0)
- log_warning("Failed to resolve '%s' group: %s", g, strerror(-r));
-
- /* if we couldn't read the gid, then it will be 0, but that's
- * fine and we shouldn't try to resolve the group again, so
- * let's just pretend it worked right-away. */
- s->file_gid_valid = true;
-}
-
void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
int r;
#ifdef HAVE_ACL
@@ -209,11 +190,9 @@ void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
assert(f);
- server_read_file_gid(s);
-
- r = fchmod_and_fchown(f->fd, 0640, 0, s->file_gid);
+ r = fchmod(f->fd, 0640);
if (r < 0)
- log_warning("Failed to fix access mode/rights on %s, ignoring: %s", f->path, strerror(-r));
+ log_warning("Failed to fix access mode on %s, ignoring: %s", f->path, strerror(-r));
#ifdef HAVE_ACL
if (uid <= 0)
diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h
index 238fc8c3fb..10e9958be0 100644
--- a/src/journal/journald-server.h
+++ b/src/journal/journald-server.h
@@ -97,9 +97,6 @@ typedef struct Server {
usec_t max_file_usec;
usec_t oldest_file_usec;
- gid_t file_gid;
- bool file_gid_valid;
-
LIST_HEAD(StdoutStream, stdout_streams);
unsigned n_stdout_streams;