starlingx/integ
Code Issues Proposed changes
24d535bb57
integ/base/systemd/centos/patches/0509-fix-systemd-tmpfiles-ACL-warnings.patch
Scott Little bab9bb6b69 Internal restructuring of stx-integ 
Create new directories:
   ceph
   config
   config-files
   filesystem
   kernel
   kernel/kernel-modules
   ldap
   logging
   strorage-drivers
   tools
   utilities
   virt

Retire directories:
   connectivity
   core
   devtools
   support
   extended

Delete two packages:
   tgt
   irqbalance

Relocated packages:
   base/
      dhcp
      initscripts
      libevent
      lighttpd
      linuxptp
      memcached
      net-snmp
      novnc
      ntp
      openssh
      pam
      procps
      sanlock
      shadow
      sudo
      systemd
      util-linux
      vim
      watchdog

   ceph/
      python-cephclient

   config/
      facter
      puppet-4.8.2
      puppet-modules

   filesystem/
      e2fsprogs
      nfs-utils
      nfscheck

   kernel/
      kernel-std
      kernel-rt

   kernel/kernel-modules/
      mlnx-ofa_kernel

   ldap/
      nss-pam-ldapd
      openldap

   logging/
      syslog-ng
      logrotate

   networking/
      lldpd
      iproute
      mellanox
      python-ryu
      mlx4-config

   python/
      python-2.7.5
      python-django
      python-gunicorn
      python-setuptools
      python-smartpm
      python-voluptuous

   security/
      shim-signed
      shim-unsigned
      tboot

   strorage-drivers/
      python-3parclient
      python-lefthandclient

   virt/
      cloud-init
      libvirt
      libvirt-python
      qemu

   tools/
      storage-topology
      vm-topology

   utilities/
      tis-extensions
      namespace-utils
      nova-utils
      update-motd

Change-Id: I37ade764d873c701b35eac5881eb40412ba64a86
Story: 2002801
Task: 22687
Signed-off-by: Scott Little <scott.little@windriver.com>
2018-08-01 10:06:31 -04:00

42 lines
1.8 KiB
Diff
Raw Blame History

From be01680d0b1df9d88e173cd2ee3eb60295bcdd47 Mon Sep 17 00:00:00 2001
From: Andy Ning <andy.ning@windriver.com>
Date: Wed, 28 Mar 2018 14:06:57 -0400
Subject: fix systemd tmpfiles ACL warnings
systemd tmpfiles configuration file append ACLs to journal log
directories/files to give access permissions to no-exist group "adm",
causing systemd-tmpfiles-setup service to generate ACL parsing warnings.
The patch fixed these warnings by replacing group "adm" with "wrs_protected".
This also gives wrs_protected group members (including wrsroot) access to
journal logs.
Note: this issue has been fixed before PIKE rebase. After the rebase the
original fix is no longer enough.
---
tmpfiles.d/systemd.conf.m4 | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tmpfiles.d/systemd.conf.m4 b/tmpfiles.d/systemd.conf.m4
index d984912..cdf0bf1 100644
--- a/tmpfiles.d/systemd.conf.m4
+++ b/tmpfiles.d/systemd.conf.m4
@@ -35,11 +35,11 @@ z /var/log/journal 2755 root systemd-journal - -
z /var/log/journal/%m 2755 root systemd-journal - -
z /var/log/journal/%m/system.journal 0640 root systemd-journal - -
m4_ifdef(`HAVE_ACL',``
-a+ /var/log/journal - - - - d:group:adm:r-x,d:group:wheel:r-x
-a+ /var/log/journal - - - - group:adm:r-x,group:wheel:r-x
+a+ /var/log/journal - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x
+a+ /var/log/journal - - - - group:wrs_protected:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:wrs_protected:r-x,d:group:wheel:r-x
a+ /var/log/journal/%m - - - - group:wrs_protected:r-x,group:wheel:r-x
-a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--
+a+ /var/log/journal/%m/system.journal - - - - group:wrs_protected:r--,group:wheel:r--
'')m4_dnl
d /var/lib/systemd 0755 root root -
--
1.8.3.1
View Git Blame Copy Permalink