chiark / gitweb /
~ianmdlvl / elogind.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
journald: introduce new "systemd-journal" group and make it own the journal files
[elogind.git] / README
diff --git a/README b/README
index d8b1b1296a74f7abd5f2106a771420c2a7281c94..300a4cf8bc177770511e3c5170382eb6dd51f9e6 100644 (file)
--- a/README
+++ b/README
@@ -100,6 +100,19 @@ REQUIREMENTS:
         being 'html' or 'latexpdf'. If using DESTDIR for installation,
         pass the same DESTDIR to 'make sphinx-html' invocation.
 
+USERS AND GROUPS:
+        During runtime the journal daemon requires the
+        "system-journal" system group to exist. New journal files will
+        be readable by this group (but not writable) which may be used
+        to grant specific users read access.
+
+        It is also recommended to grant read access to all journal
+        files to the system groups "wheel" and "adm" with a command
+        like the following in the post installation script of the
+        package:
+
+        # setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/
+
 WARNINGS:
         systemd will warn you during boot if /etc/mtab is not a
         symlink to /proc/mounts. Please ensure that /etc/mtab is a
Unnamed repository; edit this file 'description' to name the repository.