diff options
| author | Lennart Poettering <lennart@poettering.net> | 2014-06-19 12:36:35 +0200 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2014-06-19 12:38:45 +0200 |
| commit | edc3797f7cd9e37c24e5241cac3263e7c918f732 (patch) | |
| tree | 789f94f81ffa82ccaacabfc857f1c774f4d88d3c | |
| parent | 9eecdbc354c180885f10415b01fee126f3bb34aa (diff) | |
journald: make SplitMode=uid the default
Now that we actually can distuingish system and normal users there's no
point in taking session information into account anymore when splitting
up logs.
This has the beenfit with that coredump information will actually end up
in each user's own journal.
| -rw-r--r-- | man/journald.conf.xml | 39 | ||||
| -rw-r--r-- | src/journal/journald-server.c | 11 | ||||
| -rw-r--r-- | src/journal/journald-server.h | 2 | ||||
| -rw-r--r-- | src/journal/journald.conf | 2 |
4 files changed, 27 insertions, 27 deletions
diff --git a/man/journald.conf.xml b/man/journald.conf.xml index 5cd09a217..046609e40 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -146,29 +146,30 @@ <listitem><para>Controls whether to split up journal files per user. One - of <literal>login</literal>, - <literal>uid</literal> and - <literal>none</literal>. If - <literal>login</literal>, each logged-in - user will get his own journal - files, but systemd user IDs will log - into the system journal. If - <literal>uid</literal>, any user ID - will get his own journal files - regardless of whether it belongs to a - system service or refers to a real - logged in user. If + of <literal>uid</literal>, + <literal>login</literal> and + <literal>none</literal>. If + <literal>uid</literal>, all users will + get each their own journal files + regardless of whether they possess a + login session or not, however system + users will log into the system + journal. If <literal>login</literal>, + actually logged-in users will get each + their own journal files, but users + without login session and system users + will log into the system journal. If <literal>none</literal>, journal files are not split up by user and all - messages are instead stored in the single - system journal. Note that splitting - up journal files by user is only - available for journals stored + messages are instead stored in the + single system journal. Note that + splitting up journal files by user is + only available for journals stored persistently. If journals are stored - on volatile storage (see above), only a - single journal file for all user IDs + on volatile storage (see above), only + a single journal file for all user IDs is kept. Defaults to - <literal>login</literal>.</para></listitem> + <literal>uid</literal>.</para></listitem> </varlistentry> <varlistentry> diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c index 39a1a07ed..a4600e331 100644 --- a/src/journal/journald-server.c +++ b/src/journal/journald-server.c @@ -805,12 +805,11 @@ static void dispatch_message_real( /* Split up strictly by any UID */ journal_uid = realuid; else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0) - /* Split up by login UIDs, this avoids creation of - * individual journals for system UIDs. We do this - * only if the realuid is not root, in order not to - * accidentally leak privileged information to the - * user that is logged by a privileged process that is - * part of an unprivileged session.*/ + /* Split up by login UIDs. We do this only if the + * realuid is not root, in order not to accidentally + * leak privileged information to the user that is + * logged by a privileged process that is part of an + * unprivileged session.*/ journal_uid = owner; else journal_uid = 0; diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h index e468b8293..42a2235ba 100644 --- a/src/journal/journald-server.h +++ b/src/journal/journald-server.h @@ -45,8 +45,8 @@ typedef enum Storage { } Storage; typedef enum SplitMode { - SPLIT_LOGIN, SPLIT_UID, + SPLIT_LOGIN, SPLIT_NONE, _SPLIT_MAX, _SPLIT_INVALID = -1 diff --git a/src/journal/journald.conf b/src/journal/journald.conf index d106d00b5..cded4a9d4 100644 --- a/src/journal/journald.conf +++ b/src/journal/journald.conf @@ -11,7 +11,7 @@ #Storage=auto #Compress=yes #Seal=yes -#SplitMode=login +#SplitMode=uid #SyncIntervalSec=5m #RateLimitInterval=30s #RateLimitBurst=1000 |