kenj wrote:
> [...] Now it looks like the systemd pmda is running with the wrong
> uid ... on this system it is adm but strace shows
>
> open("/run/log/journal/6b092c3ed31ed3412f8508b0df478269/system.journal",
> O_RDONLY|O_CLOEXEC) = -1 EACCES (Permission denied)
I wonder if strace is misleading here, as though it interfered with
the setuid process. systemd marks its journal files with POSIX ACLs
in order to permit a variety of users/groups to get at the data. On
my RHEL7 VM,
# getfacl /var/log/journal/.../system.journal
[...]
group:adm:r-x
[...]
is included, and indeed the systemd pmda running as adm:adm (3:4) can
get at the data without -EACCES, and the 652 test passes nicely.
> [...] Forcing the PMDA to run as root did not really help, although
> the problem changed ... 8^)> ... the PMDA now fails like this ...
> [...]
I'm afraid nothing jumps out at me in there, except perhaps that bad
read(fd=-1), which I'm also seeing on my working machine. ISTR having
some success using systemtap to trace the internal activity of the
pmda. Interested in giving that a try?
- FChE
|