summaryrefslogtreecommitdiff
path: root/src/journal/journalctl.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/journal/journalctl.c')
-rw-r--r--src/journal/journalctl.c42
1 files changed, 22 insertions, 20 deletions
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index 91dbde3ba1..0a82a1cf15 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -905,9 +905,9 @@ static int access_check_var_log_journal(sd_journal *j) {
if (!have_access) {
if (strv_isempty(g))
- log_notice("Hint: You are currently not seeing messages from other users and\n"
- "the system. Users in the group 'systemd-journal' can see all messages.\n"
- "Pass -q to turn this notice off.");
+ log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
+ " Users in the 'systemd-journal' group can see all messages. Pass -q to\n"
+ " turn off this notice.");
else {
_cleanup_free_ char *s = NULL;
@@ -923,8 +923,8 @@ static int access_check_var_log_journal(sd_journal *j) {
return log_oom();
log_notice("Hint: You are currently not seeing messages from other users and the system.\n"
- "Users in the groups '%s' can see all messages.\n"
- "Pass -q to turn this notice off.", s);
+ " Users in the groups '%s' can see all messages.\n"
+ " Pass -q to turn off this notice.", s);
}
}
@@ -933,29 +933,27 @@ static int access_check_var_log_journal(sd_journal *j) {
#endif
static int access_check(sd_journal *j) {
- uint64_t eacces = EACCES, *code;
Iterator it;
+ void *code;
int r = 0;
assert(j);
- assert(j->errors);
- assert(j->files);
if (set_isempty(j->errors)) {
if (hashmap_isempty(j->files))
- log_info("No journal files were found.");
+ log_notice("No journal files were found.");
return 0;
}
- if (!set_contains(j->errors, &eacces)) {
+ if (set_contains(j->errors, INT_TO_PTR(-EACCES))) {
#ifdef HAVE_ACL
/* If /var/log/journal doesn't even exist,
- unprivileged users have no access at all */
+ * unprivileged users have no access at all */
if (access("/var/log/journal", F_OK) < 0 &&
geteuid() != 0 &&
in_group("systemd-journal") <= 0) {
- log_error("Unprivileged users can't see messages unless persistent log storage\n"
- "is enabled. Users in the group 'systemd-journal' can always see messages.");
+ log_error("Unprivileged users cannot access messages, unless persistent log storage is\n"
+ "enabled. Users in the 'systemd-journal' group may always access messages.");
return -EACCES;
}
@@ -967,26 +965,30 @@ static int access_check(sd_journal *j) {
return r;
}
#else
- if (geteuid() != 0 && in_group("systemd-journal") <= 0)
- log_error("No access to messages.\n"
- "Users in the group 'systemd-journal' can see messages.");
+ if (geteuid() != 0 && in_group("systemd-journal") <= 0) {
+ log_error("Unprivileged users cannot access messages. Users in the 'systemd-journal' group\n"
+ "group may access messages.");
+ return -EACCES;
+ }
#endif
+
if (hashmap_isempty(j->files)) {
- log_error("No journal files were opened, due to insufficient permissions.");
+ log_error("No journal files were opened due to insufficient permissions.");
r = -EACCES;
}
}
SET_FOREACH(code, j->errors, it) {
- int err = -PTR_TO_INT(code);
+ int err;
+
+ err = -PTR_TO_INT(code);
assert(err > 0);
+
if (err != EACCES)
log_warning("Error was encountered while opening journal files: %s",
strerror(err));
}
- log_notice("Hint: run journalctl in debug mode: SYSTEMD_LOG_LEVEL=debug journalct ...");
-
return r;
}