On Sat, 10 Aug 2019 12:37:04 +0200 Marc Haber <[email protected]> wrote: > Hi Michael, > > thanks for your answer. > > On Fri, Aug 09, 2019 at 04:16:06PM +0200, Michael Biebl wrote: > > I have never seen this behaviour myself on the multitude of systems I > > run (laptop, servers, VM, containers) so I don't really have any idea. > > How closely are you watching the ACLs on the journal files? >
Forgot to answer here: I simply checked all systems I have acces to. This was a one-time check and includes a couple of PIs, a few VMs, containers, a laptop and a server. For some of them, /tmp is on the root, ext4 file system. Most of them have tmpfs for /tmp (like in your case). I guess once the x-bit has been set, it sticks? Or did it vanish (and reappear again) after some time, which would mean I'd need to continuously monitor the file system? Btw, does this only affect system.journal or also the files that are rotated away? E.g. on one of my PIs this look like this > root@raspberrypi:~# ls -l > /run/log/journal/d3670ff77a0bb988a953e7f053a3f4e7/system* > -rw-r-----+ 1 root systemd-journal 2834432 Jan 24 03:17 > /run/log/journal/d3670ff77a0bb988a953e7f053a3f4e7/system@ee9cfeba24044e90a191a267c13840a2-0000000000000001-00059cbeac13de5a.journal > -rw-r-----+ 1 root systemd-journal 2834432 Jan 27 06:17 > /run/log/journal/d3670ff77a0bb988a953e7f053a3f4e7/system@ee9cfeba24044e90a191a267c13840a2-000000000000063b-00059cd95a64682e.journal > -rw-r-----+ 1 root systemd-journal 2834432 Jan 30 07:22 > /run/log/journal/d3670ff77a0bb988a953e7f053a3f4e7/system@ee9cfeba24044e90a191a267c13840a2-0000000000000e28-00059d1837ab38f0.journal > -rw-r-----+ 1 root systemd-journal 2834432 Feb 1 05:39 > /run/log/journal/d3670ff77a0bb988a953e7f053a3f4e7/system@ee9cfeba24044e90a191a267c13840a2-0000000000001675-00059d557cd266fa.journal > -rw-r-----+ 1 root systemd-journal 2834432 Feb 1 12:43 > /run/log/journal/d3670ff77a0bb988a953e7f053a3f4e7/system.journal Can you correlate the change with a cron-entry, systemd timer? Do you use something like tmpreaper? Michael
signature.asc
Description: OpenPGP digital signature
