picnoir
/
Systemd
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

journalctl: complain if unprivileged users attempt to access the journal and persistant logging is off

This commit is contained in:
Lennart Poettering 2012-08-22 04:45:17 +02:00
parent d2bd7630d7
commit 99add6fd0b
3 changed files with 20 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
TODO
View File

@ -61,14 +61,10 @@ Features:
* testing tool for socket activation: some binary that listens on a socket and passes it on using the usual socket activation protocol to some server.
* journald: add symlinks and device names to kernel messages
* maybe make systemd-detect-virt suid? or use fscaps?
* consider using __secure_getenv() instead of getenv() in libs
* journald: automatic rekeying with no log messages doesn't appear to work
* man: document in ExecStart= explicitly that we don't take shell command lines, only executable names with arguments
* shutdown: don't read-only mount anything when running in container
@ -135,14 +131,10 @@ Features:
* switch-root: sockets need relabelling
* segfault in journalctl during /var migration
* systemd-analyze post-boot is broken for initrd
* man: clarify that time-sync.target is not only sysv compat but also useful otherwise. Same for similar targets
* journalctl should complain if run with uid != 0 and no persistent logs exist
* .device aliases need to be implemented with the "following" logic, probably.
* refuse taking lower-case variable names in sd_journal_send() and friends.
@ -188,7 +180,7 @@ Features:
* systemctl: when stopping a service which has triggres and warning about it actually check the TriggeredBy= deps fields
* journal: hook up with EFI firmware log, new kmsg logic
* journal: hook up with EFI firmware log
* handle C-A-Del in logind, like the power/suspend buttons?

14
src/journal/journalctl.c
View File

@ -747,8 +747,20 @@ int main(int argc, char *argv[]) {
}
#ifdef HAVE_ACL
if (access("/var/log/journal", F_OK) < 0 && geteuid() != 0 && in_group("adm") <= 0) {
log_error("Unprivileged users can't see messages unless persistent log storage is enabled. Users in the group 'adm' can always see messages.");
r = -EACCES;
goto finish;
}
if (!arg_quiet && geteuid() != 0 && in_group("adm") <= 0)
log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this message off.");
log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this notice off.");
#else
if (geteuid() != 0 && in_group("adm") <= 0) {
log_error("No access to messages. Only users in the group 'adm' can see messages.");
r = -EACCES;
goto finish;
}
#endif
r = add_this_boot(j);

10
src/journal/journald.c
View File

@ -360,7 +360,8 @@ static void server_vacuum(Server *s) {
sd_id128_to_string(machine, ids);
if (s->system_journal) {
if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
p = strappend("/var/log/journal/", ids);
if (!p) {
log_oom();
return;
}
@ -372,7 +373,8 @@ static void server_vacuum(Server *s) {
}
if (s->runtime_journal) {
if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
p = strappend("/run/log/journal/", ids);
if (!p) {
log_oom();
return;
}
@ -1394,7 +1396,7 @@ static int server_init(Server *s) {
return 0;
}
static void maybe_append_tags(Server *s) {
static void server_maybe_append_tags(Server *s) {
#ifdef HAVE_GCRYPT
JournalFile *f;
Iterator i;
@ -1539,7 +1541,7 @@ int main(int argc, char *argv[]) {
break;
}
maybe_append_tags(&server);
server_maybe_append_tags(&server);
}
log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());