journald: make SplitMode=uid the default

Now that we actually can distuingish system and normal users there's no
point in taking session information into account anymore when splitting
up logs.

This has the beenfit with that coredump information will actually end up
in each user's own journal.

diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index 5cd09a217ef710ddc7641e85f99f0188a5f1e97a..046609e401d6e09a9370b006104429db1acf83ef 100644 (file)
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -146,29 +146,30 @@
 
                                 <listitem><para>Controls whether to
                                 split up journal files per user. One
-                                of <literal>login</literal>,
-                                <literal>uid</literal> and
-                                <literal>none</literal>. If
-                                <literal>login</literal>, each logged-in
-                                user will get his own journal
-                                files, but systemd user IDs will log
-                                into the system journal. If
-                                <literal>uid</literal>, any user ID
-                                will get his own journal files
-                                regardless of whether it belongs to a
-                                system service or refers to a real
-                                logged in user. If
+                                of <literal>uid</literal>,
+                                <literal>login</literal> and
+                                <literal>none</literal>.  If
+                                <literal>uid</literal>, all users will
+                                get each their own journal files
+                                regardless of whether they possess a
+                                login session or not, however system
+                                users will log into the system
+                                journal. If <literal>login</literal>,
+                                actually logged-in users will get each
+                                their own journal files, but users
+                                without login session and system users
+                                will log into the system journal. If
                                 <literal>none</literal>, journal files
                                 are not split up by user and all
-                                messages are instead stored in the single
-                                system journal. Note that splitting
-                                up journal files by user is only
-                                available for journals stored
+                                messages are instead stored in the
+                                single system journal. Note that
+                                splitting up journal files by user is
+                                only available for journals stored
                                 persistently. If journals are stored
-                                on volatile storage (see above), only a
-                                single journal file for all user IDs
+                                on volatile storage (see above), only
+                                a single journal file for all user IDs
                                 is kept. Defaults to
-                                <literal>login</literal>.</para></listitem>
+                                <literal>uid</literal>.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>

diff --git a/src/journal/journald-server.c b/src/journal/journald-server.c
index 39a1a07edaeba494956817376aa191ae0f025713..a4600e3315ecf145733c4a3493f46f2402120107 100644 (file)
--- a/src/journal/journald-server.c
+++ b/src/journal/journald-server.c
@@ -805,12 +805,11 @@ static void dispatch_message_real(
                 /* Split up strictly by any UID */
                 journal_uid = realuid;
         else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
-                /* Split up by login UIDs, this avoids creation of
-                 * individual journals for system UIDs.  We do this
-                 * only if the realuid is not root, in order not to
-                 * accidentally leak privileged information to the
-                 * user that is logged by a privileged process that is
-                 * part of an unprivileged session.*/
+                /* Split up by login UIDs.  We do this only if the
+                 * realuid is not root, in order not to accidentally
+                 * leak privileged information to the user that is
+                 * logged by a privileged process that is part of an
+                 * unprivileged session.*/
                 journal_uid = owner;
         else
                 journal_uid = 0;

diff --git a/src/journal/journald-server.h b/src/journal/journald-server.h
index e468b82931233ede3847fd31f4d72ef9356e227b..42a2235ba91573d5c43d131cb48ba942609b0858 100644 (file)
--- a/src/journal/journald-server.h
+++ b/src/journal/journald-server.h
@@ -45,8 +45,8 @@ typedef enum Storage {
 } Storage;
 
 typedef enum SplitMode {
-        SPLIT_LOGIN,
         SPLIT_UID,
+        SPLIT_LOGIN,
         SPLIT_NONE,
         _SPLIT_MAX,
         _SPLIT_INVALID = -1

diff --git a/src/journal/journald.conf b/src/journal/journald.conf
index d106d00b5ecd7586ffbb99d97cdaca7f97cba06f..cded4a9d475e1d72e70b2b0e129568f80a52d02e 100644 (file)
--- a/src/journal/journald.conf
+++ b/src/journal/journald.conf
@@ -11,7 +11,7 @@
 #Storage=auto
 #Compress=yes
 #Seal=yes
-#SplitMode=login
+#SplitMode=uid
 #SyncIntervalSec=5m
 #RateLimitInterval=30s
 #RateLimitBurst=1000