mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-31 17:17:43 +03:00
tmpfiles.d: set primary group rights to r-w (#5265)
If the /var/log/journal directory is created with rigths 700, the application of an ACL rules without any primary group right sets it to 0. A chmod 755 on this file will then only set the ACL mask and let the ACL primary group right to 0. The directory is then unreadable for the primary group. This patch explicitly sets the primary group to avoid this problem. Fixes #5264.
This commit is contained in:
parent
55295fd84d
commit
15fcdc98cf
@ -49,21 +49,21 @@ z /var/log/journal/%m/system.journal 0640 root systemd-journal - -
|
||||
m4_ifdef(`HAVE_ACL',`m4_dnl
|
||||
m4_ifdef(`ENABLE_ADM_GROUP',`m4_dnl
|
||||
m4_ifdef(`ENABLE_WHEEL_GROUP',``
|
||||
a+ /var/log/journal - - - - d:group:adm:r-x,d:group:wheel:r-x
|
||||
a+ /var/log/journal - - - - group:adm:r-x,group:wheel:r-x
|
||||
a+ /var/log/journal - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x
|
||||
a+ /var/log/journal - - - - group::r-x,group:adm:r-x,group:wheel:r-x
|
||||
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x
|
||||
a+ /var/log/journal/%m - - - - group:adm:r-x,group:wheel:r-x
|
||||
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--
|
||||
'', ``
|
||||
a+ /var/log/journal - - - - d:group:adm:r-x
|
||||
a+ /var/log/journal - - - - group:adm:r-x
|
||||
a+ /var/log/journal - - - - d:group::r-x,d:group:adm:r-x
|
||||
a+ /var/log/journal - - - - group::r-x,group:adm:r-x
|
||||
a+ /var/log/journal/%m - - - - d:group:adm:r-x
|
||||
a+ /var/log/journal/%m - - - - group:adm:r-x
|
||||
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--
|
||||
'')',`m4_dnl
|
||||
m4_ifdef(`ENABLE_WHEEL_GROUP',``
|
||||
a+ /var/log/journal - - - - d:group:wheel:r-x
|
||||
a+ /var/log/journal - - - - group:wheel:r-x
|
||||
a+ /var/log/journal - - - - d:group::r-x,d:group:wheel:r-x
|
||||
a+ /var/log/journal - - - - group::r-x,group:wheel:r-x
|
||||
a+ /var/log/journal/%m - - - - d:group:wheel:r-x
|
||||
a+ /var/log/journal/%m - - - - group:wheel:r-x
|
||||
a+ /var/log/journal/%m/system.journal - - - - group:wheel:r--
|
||||
|
Loading…
Reference in New Issue
Block a user