F20 System Wide Change: No Default Sendmail
Zbigniew Jędrzejewski-Szmek
zbyszek at in.waw.pl
Thu Jul 25 01:39:25 UTC 2013
On Thu, Jul 25, 2013 at 03:13:33AM +0300, Oron Peled wrote:
> On Wednesday 24 July 2013 13:23:08 Lennart Poettering wrote:
> > On Tue, 23.07.13 04:03, Oron Peled (oron at actcom.co.il) wrote:
> > > There are two issues however:
> > > * The log-splitting of journald is really nice feature. But it doesn't
> > > work for cron:
> > > $ echo '* * * * * /bin/echo "Test output from cron"' | \
> > >
> > > crontab '-' # than wait a minute
> > >
> > > $ journalctl # only shows crontab, not the cron output
> > > $ su -
> > > # journalctl # Cron output is properly shown.
> >
> > Also as mentioned on this thread, this doesn't work for cron right now
> > as cron actually collects all log output of a job and then posts it
> > under its own identity, which is why it is attributed to cron/root.
>
> Sounds reasonable, but please look at the result of previous tests:
> # journalctl SYSLOG_IDENTIFIER=CROND --output verbose
> Tue 2013-07-23 03:31:01 IDT ...
> PRIORITY=6
> _UID=0
> _MACHINE_ID=...
> _HOSTNAME=...
> _EXE=/usr/bin/bash
> _TRANSPORT=syslog
> SYSLOG_FACILITY=9
> _SELINUX_CONTEXT=system_u:system_r:crond_t:s0-s0:c0.c1023
> _GID=501
> _AUDIT_LOGINUID=501
> _SYSTEMD_OWNER_UID=501
> _BOOT_ID=...
> SYSLOG_IDENTIFIER=CROND
> _COMM=sh
> MESSAGE=(oron) CMD (/bin/echo "Test output from cron")
> _CMDLINE=/bin/sh -c /bin/echo "Test output from cron"
> SYSLOG_PID=19788
> _PID=19788
> _AUDIT_SESSION=194
> _SYSTEMD_CGROUP=/user/501.user/194.session
> _SYSTEMD_SESSION=194
> _SOURCE_REALTIME_TIMESTAMP=1374539461144186
>
> It seems it was filtered by _UID, but what's the difference between that
> and _AUDIT_LOGINUID and _SYSTEMD_OWNER_UID?
Those fields are described in systemd.journal-fields(7) manpage:
- _UID is the UID of the sender of the messsage
- _AUDIT_LOGINUID comes from the kernel's audit subsystem
- _SYSTEMD_OWNER_UID is derived from the position in systemd cgroup
hierarchy.
Each one serves a different purpose. The underscore in front signifies that
they were collected by journald itself, and are not controlled by the sender.
>
> > THis is, if you so will, a misdesign in cronie.
>
> Maybe:
> * But if it writes to syslog as root (_UID=0), how come _AUDIT_LOGINUID
> is my uid?
Cron opens a pam session when running your job, and then login uid
is set.
Zbyszek
--
they are not broken. they are refucktored
-- alxchk
More information about the devel
mailing list