Bug#925929: LogsDirectory vs. group adm
Felipe Sateler
fsateler at debian.org
Fri Mar 29 18:10:52 GMT 2019
Hi Thorsten,
On Fri, Mar 29, 2019 at 1:17 PM Thorsten Glaser <t.glaser at tarent.de> wrote:
> Hi,
>
> how can we make it so that a service that uses LogsDirectory
> has its logs readable by group adm?
>
> There is “LogsDirectoryMode=750” which we could change to 2750,
> but no way to set the group to adm, and from what I’ve read,
> pre-creating the /var/log/tomcat9 (in this case) as 2750 tomcat:adm
> will just make systemd chgrp it recursively?
>
> Having logs readable by group adm is customary on Debian, so how
> can this be implemented for non-sysvinit users?
>
>
You can ship a tmpfiles snippet like:
d /var/log/tomcat9 2750 root adm -
If you ship this, there is no need for a LogsDirectory= entry.
--
Saludos,
Felipe Sateler
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20190329/b85e45ed/attachment.html>
More information about the pkg-java-maintainers
mailing list