chiark / gitweb /
journald: make SplitMode=uid the default
authorLennart Poettering <lennart@poettering.net>
Thu, 19 Jun 2014 10:36:35 +0000 (12:36 +0200)
committerLennart Poettering <lennart@poettering.net>
Thu, 19 Jun 2014 10:38:45 +0000 (12:38 +0200)
Now that we actually can distuingish system and normal users there's no
point in taking session information into account anymore when splitting
up logs.

This has the beenfit with that coredump information will actually end up
in each user's own journal.

man/journald.conf.xml
src/journal/journald-server.c
src/journal/journald-server.h
src/journal/journald.conf

index 5cd09a2..046609e 100644 (file)
 
                                 <listitem><para>Controls whether to
                                 split up journal files per user. One
-                                of <literal>login</literal>,
-                                <literal>uid</literal> and
-                                <literal>none</literal>. If
-                                <literal>login</literal>, each logged-in
-                                user will get his own journal
-                                files, but systemd user IDs will log
-                                into the system journal. If
-                                <literal>uid</literal>, any user ID
-                                will get his own journal files
-                                regardless of whether it belongs to a
-                                system service or refers to a real
-                                logged in user. If
+                                of <literal>uid</literal>,
+                                <literal>login</literal> and
+                                <literal>none</literal>.  If
+                                <literal>uid</literal>, all users will
+                                get each their own journal files
+                                regardless of whether they possess a
+                                login session or not, however system
+                                users will log into the system
+                                journal. If <literal>login</literal>,
+                                actually logged-in users will get each
+                                their own journal files, but users
+                                without login session and system users
+                                will log into the system journal. If
                                 <literal>none</literal>, journal files
                                 are not split up by user and all
-                                messages are instead stored in the single
-                                system journal. Note that splitting
-                                up journal files by user is only
-                                available for journals stored
+                                messages are instead stored in the
+                                single system journal. Note that
+                                splitting up journal files by user is
+                                only available for journals stored
                                 persistently. If journals are stored
-                                on volatile storage (see above), only a
-                                single journal file for all user IDs
+                                on volatile storage (see above), only
+                                single journal file for all user IDs
                                 is kept. Defaults to
-                                <literal>login</literal>.</para></listitem>
+                                <literal>uid</literal>.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
index 39a1a07..a4600e3 100644 (file)
@@ -805,12 +805,11 @@ static void dispatch_message_real(
                 /* Split up strictly by any UID */
                 journal_uid = realuid;
         else if (s->split_mode == SPLIT_LOGIN && realuid > 0 && owner_valid && owner > 0)
-                /* Split up by login UIDs, this avoids creation of
-                 * individual journals for system UIDs.  We do this
-                 * only if the realuid is not root, in order not to
-                 * accidentally leak privileged information to the
-                 * user that is logged by a privileged process that is
-                 * part of an unprivileged session.*/
+                /* Split up by login UIDs.  We do this only if the
+                 * realuid is not root, in order not to accidentally
+                 * leak privileged information to the user that is
+                 * logged by a privileged process that is part of an
+                 * unprivileged session.*/
                 journal_uid = owner;
         else
                 journal_uid = 0;
index e468b82..42a2235 100644 (file)
@@ -45,8 +45,8 @@ typedef enum Storage {
 } Storage;
 
 typedef enum SplitMode {
-        SPLIT_LOGIN,
         SPLIT_UID,
+        SPLIT_LOGIN,
         SPLIT_NONE,
         _SPLIT_MAX,
         _SPLIT_INVALID = -1
index d106d00..cded4a9 100644 (file)
@@ -11,7 +11,7 @@
 #Storage=auto
 #Compress=yes
 #Seal=yes
-#SplitMode=login
+#SplitMode=uid
 #SyncIntervalSec=5m
 #RateLimitInterval=30s
 #RateLimitBurst=1000