mirror of
https://github.com/systemd/systemd.git
synced 2025-03-25 18:50:18 +03:00
journald: make SplitMode=uid the default
Now that we actually can distuingish system and normal users there's no point in taking session information into account anymore when splitting up logs. This has the beenfit with that coredump information will actually end up in each user's own journal.
This commit is contained in:
Lennart Poettering
parent
9eecdbc354
commit
edc3797f7c
@ -146,29 +146,30 @@
|
||||
|
||||
<listitem><para>Controls whether to
|
||||
split up journal files per user. One
|
||||
of <literal>login</literal>,
|
||||
<literal>uid</literal> and
|
||||
<literal>none</literal>. If
|
||||
<literal>login</literal>, each logged-in
|
||||
user will get his own journal
|
||||
files, but systemd user IDs will log
|
||||
into the system journal. If
|
||||
<literal>uid</literal>, any user ID
|
||||
will get his own journal files
|
||||
regardless of whether it belongs to a
|
||||
system service or refers to a real
|
||||
logged in user. If
|
||||
of <literal>uid</literal>,
|
||||
<literal>login</literal> and
|
||||
<literal>none</literal>. If
|
||||
<literal>uid</literal>, all users will
|
||||
get each their own journal files
|
||||
regardless of whether they possess a
|
||||
login session or not, however system
|
||||
users will log into the system
|
||||
journal. If <literal>login</literal>,
|
||||
actually logged-in users will get each
|
||||
their own journal files, but users
|
||||
without login session and system users
|
||||
will log into the system journal. If
|
||||
<literal>none</literal>, journal files
|
||||
are not split up by user and all
|
||||
messages are instead stored in the single
|
||||
system journal. Note that splitting
|
||||
up journal files by user is only
|
||||
available for journals stored
|
||||
messages are instead stored in the
|
||||
single system journal. Note that
|
||||
splitting up journal files by user is
|
||||
only available for journals stored
|
||||
persistently. If journals are stored
|
||||
on volatile storage (see above), only a
|
||||
single journal file for all user IDs
|
||||
on volatile storage (see above), only
|
||||
a single journal file for all user IDs
|
||||
is kept. Defaults to
|
||||
<literal>login</literal>.</para></listitem>
|
||||
<literal>uid</literal>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
||||
@ -805,12 +805,11 @@ static void dispatch_message_real(
|
||||
/* Split up strictly by any UID */
|
||||
journal_uid = realuid;
|
||||
else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
|
||||
/* Split up by login UIDs, this avoids creation of
|
||||
* individual journals for system UIDs. We do this
|
||||
* only if the realuid is not root, in order not to
|
||||
* accidentally leak privileged information to the
|
||||
* user that is logged by a privileged process that is
|
||||
* part of an unprivileged session.*/
|
||||
/* Split up by login UIDs. We do this only if the
|
||||
* realuid is not root, in order not to accidentally
|
||||
* leak privileged information to the user that is
|
||||
* logged by a privileged process that is part of an
|
||||
* unprivileged session.*/
|
||||
journal_uid = owner;
|
||||
else
|
||||
journal_uid = 0;
|
||||
|
||||
@ -45,8 +45,8 @@ typedef enum Storage {
|
||||
} Storage;
|
||||
|
||||
typedef enum SplitMode {
|
||||
SPLIT_LOGIN,
|
||||
SPLIT_UID,
|
||||
SPLIT_LOGIN,
|
||||
SPLIT_NONE,
|
||||
_SPLIT_MAX,
|
||||
_SPLIT_INVALID = -1
|
||||
|
||||
@ -11,7 +11,7 @@
|
||||
#Storage=auto
|
||||
#Compress=yes
|
||||
#Seal=yes
|
||||
#SplitMode=login
|
||||
#SplitMode=uid
|
||||
#SyncIntervalSec=5m
|
||||
#RateLimitInterval=30s
|
||||
#RateLimitBurst=1000
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user