journald: don't recalculate the ACL mask

[elogind.git] / src / journal / journald-server.c

diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 4134e9fc67440a1b16eb9a9909090c486d0b616f..cc52b8a5c9b4b9d64e4f02b5f9a1e273cc5916ed 100644 (file)
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -227,9 +227,9 @@ void server_fix_perms(Server *s, JournalFile *f, uid_t uid) {
                 }
         }
 
+        /* We do not recalculate the mask here, so that the fchmod() mask above stays intact. */
         if (acl_get_permset(entry, &permset) < 0 ||
-            acl_add_perm(permset, ACL_READ) < 0 ||
-            acl_calc_mask(&acl) < 0) {
+            acl_add_perm(permset, ACL_READ) < 0) {
                 log_warning("Failed to patch ACL on %s, ignoring: %m", f->path);
                 goto finish;
         }
@@ -508,7 +508,7 @@ static void dispatch_message_real(
                 source_time[sizeof("_SOURCE_REALTIME_TIMESTAMP=") + DECIMAL_STR_MAX(usec_t)],
                 boot_id[sizeof("_BOOT_ID=") + 32] = "_BOOT_ID=",
                 machine_id[sizeof("_MACHINE_ID=") + 32] = "_MACHINE_ID=";
-        char *comm, *exe, *cmdline, *cgroup, *session, *unit, *selinux_context, *hostname;
+        char *comm, *exe, *cmdline, *cgroup, *session, *unit, *hostname;
         sd_id128_t id;
         int r;
         char *t, *c;
@@ -615,7 +615,7 @@ static void dispatch_message_real(
 
 #ifdef HAVE_SELINUX
                 if (label) {
-                        selinux_context = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
+                        char *selinux_context = alloca(sizeof("_SELINUX_CONTEXT=") + label_len);
 
                         *((char*) mempcpy(stpcpy(selinux_context, "_SELINUX_CONTEXT="), label, label_len)) = 0;
                         IOVEC_SET_STRING(iovec[n++], selinux_context);
@@ -623,7 +623,8 @@ static void dispatch_message_real(
                         security_context_t con;
 
                         if (getpidcon(ucred->pid, &con) >= 0) {
-                                selinux_context = strappenda("_SELINUX_CONTEXT=", con);
+                                char *selinux_context = strappenda("_SELINUX_CONTEXT=", con);
+
                                 freecon(con);
                                 IOVEC_SET_STRING(iovec[n++], selinux_context);
                         }
@@ -937,6 +938,12 @@ int server_flush_to_var(Server *s) {
                 server_rotate(s);
                 server_vacuum(s);
 
+                if (!s->system_journal) {
+                        log_notice("Didn't flush runtime journal since rotation of system journal wasn't successful.");
+                        r = -EIO;
+                        goto finish;
+                }
+
                 log_debug("Retrying write.");
                 r = journal_file_copy_entry(f, s->system_journal, o, f->current_offset, NULL, NULL, NULL);
                 if (r < 0) {
@@ -1270,7 +1277,7 @@ static int server_parse_proc_cmdline(Server *s) {
 }
 
 static int server_parse_config_file(Server *s) {
-        static const char *fn = "/etc/systemd/journald.conf";
+        static const char fn[] = "/etc/systemd/journald.conf";
         _cleanup_fclose_ FILE *f = NULL;
         int r;
 
@@ -1286,7 +1293,7 @@ static int server_parse_config_file(Server *s) {
         }
 
         r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
-                         (void*) journald_gperf_lookup, false, s);
+                         (void*) journald_gperf_lookup, false, false, s);
         if (r < 0)
                 log_warning("Failed to parse configuration file: %s", strerror(-r));