From be01680d0b1df9d88e173cd2ee3eb60295bcdd47 Mon Sep 17 00:00:00 2001 From: Andy Ning Date: Wed, 28 Mar 2018 14:06:57 -0400 Subject: fix systemd tmpfiles ACL warnings systemd tmpfiles configuration file append ACLs to journal log directories/files to give access permissions to no-exist group "adm", causing systemd-tmpfiles-setup service to generate ACL parsing warnings. The patch fixed these warnings by replacing group "adm" with "wrs_protected". This also gives wrs_protected group members (including wrsroot) access to journal logs. Note: this issue has been fixed before PIKE rebase. After the rebase the original fix is no longer enough. --- tmpfiles.d/systemd.conf.m4 | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4 index d984912..cdf0bf1 100644 --- a/tmpfiles.d/systemd.conf.m4 +++ b/tmpfiles.d/systemd.conf.m4 @@ -35,11 +35,11 @@ z /var/log/journal 2755 root systemd-journal - - z /var/log/journal/%m 2755 root systemd-journal - - z /var/log/journal/%m/system.journal 0640 root systemd-journal - - m4_ifdef(`HAVE_ACL',`` -a+ /var/log/journal - - - - d:group:adm:r-x,d:group:wheel:r-x -a+ /var/log/journal - - - - group:adm:r-x,group:wheel:r-x +a+ /var/log/journal - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x +a+ /var/log/journal - - - - group:wrs_protected:r-x,group:wheel:r-x a+ /var/log/journal/%m - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x a+ /var/log/journal/%m - - - - group:wrs_protected:r-x,group:wheel:r-x -a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r-- +a+ /var/log/journal/%m/system.journal - - - - group:wrs_protected:r--,group:wheel:r-- '')m4_dnl d /var/lib/systemd 0755 root root - -- 1.8.3.1