picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tmpfiles: don't allow read access to journal files to users not in systemd-journal 

Also, don't apply access mode recursively to /var/log/journal/*/, since
that might be quite large, and should be correct anyway.
This commit is contained in:
Lennart Poettering 2014-06-11 10:23:16 +02:00
parent e90738c9bb
commit 176f2acf8d
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
tmpfiles.d/systemd.conf
View File

@ -20,7 +20,8 @@ d /run/systemd/netif 0755 systemd-network systemd-network -
d /run/systemd/netif/links 0755 systemd-network systemd-network -
d /run/systemd/netif/leases 0755 systemd-network systemd-network -
z /var/log/journal 2755 root systemd-journal - -
Z /var/log/journal/%m ~2755 root systemd-journal - -
z /run/log/journal 2755 root systemd-journal - -
Z /run/log/journal/%m ~2755 root systemd-journal - -
Z /run/log/journal/%m ~2750 root systemd-journal - -
z /var/log/journal 2755 root systemd-journal - -
z /var/log/journal/%m 2755 root systemd-journal - -