tmpfiles: don't allow read access to journal files to users not in systemd-journal
Also, don't apply access mode recursively to /var/log/journal/*/, since that might be quite large, and should be correct anyway.
This commit is contained in:
parent
e90738c9bb
commit
176f2acf8d
|
@ -20,7 +20,8 @@ d /run/systemd/netif 0755 systemd-network systemd-network -
|
||||||
d /run/systemd/netif/links 0755 systemd-network systemd-network -
|
d /run/systemd/netif/links 0755 systemd-network systemd-network -
|
||||||
d /run/systemd/netif/leases 0755 systemd-network systemd-network -
|
d /run/systemd/netif/leases 0755 systemd-network systemd-network -
|
||||||
|
|
||||||
z /var/log/journal 2755 root systemd-journal - -
|
|
||||||
Z /var/log/journal/%m ~2755 root systemd-journal - -
|
|
||||||
z /run/log/journal 2755 root systemd-journal - -
|
z /run/log/journal 2755 root systemd-journal - -
|
||||||
Z /run/log/journal/%m ~2755 root systemd-journal - -
|
Z /run/log/journal/%m ~2750 root systemd-journal - -
|
||||||
|
|
||||||
|
z /var/log/journal 2755 root systemd-journal - -
|
||||||
|
z /var/log/journal/%m 2755 root systemd-journal - -
|
||||||
|
|
Loading…
Reference in a new issue