summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorLennart Poettering <lennart@poettering.net>2013-03-05 18:53:21 +0100
committerLennart Poettering <lennart@poettering.net>2013-03-05 18:59:03 +0100
commita24c64f03f9c5c0304451d8542fee853187a5168 (patch)
treeedf4d80e044bf051629d8dcdfe43c9d6ec2abf67 /src
parentfc7b7e2e74ed0c4ce2bda91d693240c9dcd0d526 (diff)
journald: introduce new "systemd-journal" group and make it own the journal files
Previously all journal files were owned by "adm". In order to allow specific users to read the journal files without granting it access to the full "adm" powers, introduce a new specific group for this. "systemd-journal" has to be created by the packaging scripts manually at installation time. It's a good idea to assign a static UID/GID to this group, since /var/log/journal might be shared across machines via NFS. This commit also grants read access to the journal files by default to members of the "wheel" and "adm" groups via file system ACLs, since these "almost-root" groups should be able to see what's going on on the system. These ACLs are created by "make install". Packagers probably need to duplicate this logic in their postinst scripts. This also adds documentation how to grant access to the journal to additional users or groups via fs ACLs.
Diffstat (limited to 'src')
-rw-r--r--src/journal/journalctl.c12
-rw-r--r--src/journal/journald-server.c6
2 files changed, 9 insertions, 9 deletions
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index d898ae7179..cb93fea63b 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -870,16 +870,16 @@ static int verify(sd_journal *j) {
static int access_check(void) {
#ifdef HAVE_ACL
- if (access("/var/log/journal", F_OK) < 0 && geteuid() != 0 && in_group("adm") <= 0) {
- log_error("Unprivileged users can't see messages unless persistent log storage is enabled. Users in the group 'adm' can always see messages.");
+ if (access("/var/log/journal", F_OK) < 0 && geteuid() != 0 && in_group("systemd-journal") <= 0) {
+ log_error("Unprivileged users can't see messages unless persistent log storage is enabled. Users in the group 'systemd-journal' can always see messages.");
return -EACCES;
}
- if (!arg_quiet && geteuid() != 0 && in_group("adm") <= 0)
- log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this notice off.");
+ if (!arg_quiet && geteuid() != 0 && in_group("systemd-journal") <= 0)
+ log_warning("Showing user generated messages only. Users in the group 'systemd-journal' can see all messages. Pass -q to turn this notice off.");
#else
- if (geteuid() != 0 && in_group("adm") <= 0) {
- log_error("No access to messages. Only users in the group 'adm' can see messages.");
+ if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
+ log_error("No access to messages. Only users in the group 'systemd-journal' can see messages.");
return -EACCES;
}
#endif
diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 654f7ace21..ac565c7ece 100644
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -174,7 +174,7 @@ static uint64_t available_space(Server *s) {
}
static void server_read_file_gid(Server *s) {
- const char *adm = "adm";
+ const char *g = "systemd-journal";
int r;
assert(s);
@@ -182,9 +182,9 @@ static void server_read_file_gid(Server *s) {
if (s->file_gid_valid)
return;
- r = get_group_creds(&adm, &s->file_gid);
+ r = get_group_creds(&g, &s->file_gid);
if (r < 0)
- log_warning("Failed to resolve 'adm' group: %s", strerror(-r));
+ log_warning("Failed to resolve '%s' group: %s", g, strerror(-r));
/* if we couldn't read the gid, then it will be 0, but that's
* fine and we shouldn't try to resolve the group again, so