summaryrefslogtreecommitdiff
path: root/tmpfiles.d
diff options
context:
space:
mode:
authorZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-01-01 04:40:41 +0100
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2015-01-05 14:12:58 -0500
commit524daa8c3e2bd63ad9dbc24711cdcfb45a65b2db (patch)
tree2a15cff09799dca02bf99580a89a28da8f94d691 /tmpfiles.d
parent9c3349e23b14db27e7ba45f82cf647899c563ea9 (diff)
journal: call connect() with dropped privileges
When systemd starts a service, it first opened /run/systemd/journal/stdout socket, and only later switched to the right user.group (if they are specified). Later on, journald looked at the credentials, and saw root.root, because credentials are stored at the time the socket is opened. As a result, all messages passed over _TRANSPORT=stdout were logged with _UID=0, _GID=0. Drop real uid and gid temporarily to fix the issue.
Diffstat (limited to 'tmpfiles.d')
0 files changed, 0 insertions, 0 deletions