diff options
-rw-r--r-- | configure.ac | 9 | ||||
-rw-r--r-- | tmpfiles.d/systemd.conf.m4 | 19 |
2 files changed, 24 insertions, 4 deletions
diff --git a/configure.ac b/configure.ac index 614f0553b8..f51533c2b3 100644 --- a/configure.ac +++ b/configure.ac @@ -495,6 +495,14 @@ if test "x$enable_apparmor" != "xno"; then fi AM_CONDITIONAL(HAVE_APPARMOR, [test "$have_apparmor" = "yes"]) +have_wheel_group=no +AC_ARG_ENABLE(wheel-group, AS_HELP_STRING([--disable-wheel-group], [disable wheel group])) +AS_IF([test "x$enable_wheel_group" != "xno"], [ + AC_DEFINE(ENABLE_WHEEL_GROUP, 1, [Define if the ACL for wheel group should be enabled]) + have_wheel_group=yes + M4_DEFINES="$M4_DEFINES -DENABLE_WHEEL_GROUP" +]) + AC_ARG_WITH(debug-shell, AS_HELP_STRING([--with-debug-shell=PATH], @@ -1631,6 +1639,7 @@ AC_MSG_RESULT([ Zsh completions dir: ${with_zshcompletiondir} Extra start script: ${RC_LOCAL_SCRIPT_PATH_START} Extra stop script: ${RC_LOCAL_SCRIPT_PATH_STOP} + Wheel group: ${have_wheel_group} Debug shell: ${SUSHELL} @ ${DEBUGTTY} TTY GID: ${TTY_GID} Maximum System UID: ${SYSTEM_UID_MAX} diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4 index 0575408dbe..276bc6b1ba 100644 --- a/tmpfiles.d/systemd.conf.m4 +++ b/tmpfiles.d/systemd.conf.m4 @@ -26,21 +26,32 @@ d /run/log 0755 root root - z /run/log/journal 2755 root systemd-journal - - Z /run/log/journal/%m ~2750 root systemd-journal - - -m4_ifdef(`HAVE_ACL',`` +m4_ifdef(`HAVE_ACL', +m4_ifdef(`ENABLE_WHEEL_GROUP',`` a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x A+ /run/log/journal/%m - - - - group:adm:r-x,group:wheel:r-x -'')m4_dnl +'',`` +a+ /run/log/journal/%m - - - - d:group:adm:r-x +A+ /run/log/journal/%m - - - - group:adm:r-x +''))m4_dnl z /var/log/journal 2755 root systemd-journal - - z /var/log/journal/%m 2755 root systemd-journal - - z /var/log/journal/%m/system.journal 0640 root systemd-journal - - -m4_ifdef(`HAVE_ACL',`` +m4_ifdef(`HAVE_ACL', +m4_ifdef(`ENABLE_WHEEL_GROUP',`` a+ /var/log/journal - - - - d:group:adm:r-x,d:group:wheel:r-x a+ /var/log/journal - - - - group:adm:r-x,group:wheel:r-x a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x a+ /var/log/journal/%m - - - - group:adm:r-x,group:wheel:r-x a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r-- -'')m4_dnl +'',`` +a+ /var/log/journal - - - - d:group:adm:r-x +a+ /var/log/journal - - - - group:adm:r-x +a+ /var/log/journal/%m - - - - d:group:adm:r-x +a+ /var/log/journal/%m - - - - group:adm:r-x +a+ /var/log/journal/%m/system.journal - - - - group:adm:r-- +''))m4_dnl d /var/lib/systemd 0755 root root - d /var/lib/systemd/coredump 0755 root root 3d |