systemd-tmpfiles config error

©TriMoon™ · 2024-02-11T10:16:13.501Z

While examining the journal logs i noticed these errors caused in `/usr/lib/tmpfiles.d/systemd.conf` ```console journalctl -b 0 -u systemd-tmpfiles-setup.service ``` - https://paste.centos.org/view/db50673b PS: The time seemed to jump back 3hrs back after the hostname change due to misconfigured default RTC setting as reported in https://discord.com/channels/1072614816579063828/1206177462397046834

M

M2•2/11/24, 1:12 PM

For some of these they are not errors. The directory or file has already been created.

Tmpfiles are used to have systemd create items on a booted system. It will attempt to create these on every boot. For somethings like in /run where it's part of ram based filesystem this is needed. For others like in /var this makes sure things are created if they are not there already.

One of the errors you had was setting up the journal. I'm assuming the journal is working for you to grab those logs. Others were for making the symlinks for things from /var to the appropriate places in FHS.

©

©TriMoon™OP•2/11/24, 2:08 PM

I know what the tmpfiles service and functionality is for, thanks for explaining for other readers though

The errors i'm talking about are these:

Failed to parse ACL "....", ignoring: Invalid argument

Failed to parse ACL "....", ignoring: Invalid argument

Failed to parse ACL "....", ignoring: Invalid argument

Failed to parse ACL "....", ignoring: Invalid argument

Which obviously indicate improper usage of the options in:

/usr/lib/tmpfiles.d/systemd.conf

/usr/lib/tmpfiles.d/systemd.conf

:

a+ /run/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
....
a+ /var/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--

a+ /run/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
....
a+ /var/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--

a+ /run/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
....
a+ /var/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--

a+ /run/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /run/log/journal/%m/*.journal* - - - - group:adm:r--,group:wheel:r--
....
a+ /var/log/journal    - - - - d:group::r-x,d:group:adm:r-x,d:group:wheel:r-x,group::r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m - - - - d:group:adm:r-x,d:group:wheel:r-x,group:adm:r-x,group:wheel:r-x
a+ /var/log/journal/%m/system.journal - - - - group:adm:r--,group:wheel:r--

Interpreting the intended values one can understand that they are meant to set default ACL's, which due to the errors are not being applied at moment.
No idea if the lack of those ACL's is or will cause problems for the rest of the functionality used in the uBlue/ostree systems, because of layering etc like Bazzite further down...

©

©TriMoon™OP•2/11/24, 2:13 PM

My guess is that stuff like

d:group::r-x

d:group::r-x

d:group::r-x

d:group::r-x should instead be given like

d:g::rx

d:g::rx

d:g::rx

d:g::rx instead...
Or

d:group:adm:r-x

d:group:adm:r-x

d:group:adm:r-x

d:group:adm:r-x should become

d:g:adm:rx

d:g:adm:rx

d:g:adm:rx

d:g:adm:rx instead, etc etc...
Thus no dash between the

r

r and

and use

g

g instead of

group

group

group

group.

setfacl

setfacl

setfacl

setfacl does not use dashes in these positions.

systemd-tmpfiles config error

Similar Threads

Similar Threads

Similar Threads