From: Lennart Poettering Date: Wed, 4 Oct 2017 19:44:29 +0000 (+0200) Subject: tmpfiles: change btmp mode 0600 → 0660 (#6997) X-Git-Tag: v235~20 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=f6e64b78ccab6554f7c5f04daffaa9f30b2ccb20;p=platform%2Fupstream%2Fsystemd.git tmpfiles: change btmp mode 0600 → 0660 (#6997) As discussed in #6994. Fixes: #6994 --- diff --git a/NEWS b/NEWS index e639f48..45fd911 100644 --- a/NEWS +++ b/NEWS @@ -193,6 +193,15 @@ CHANGES WITH 235: * .timer units now accept calendar specifications in other timezones than UTC or the local timezone. + * The tmpfiles snippet var.conf has been changed to create + /var/log/btmp with access mode 0660 instead of 0600. It has been + owned by the "utmp" group already, and it appears to be generally + understood that members of "utmp" can modify/flush the + utmp/wtmp/lastlog/btmp databases. Previously this was implemented + correctly for all these database excepts btmp, which has been opened + up like this now too. Note that while the other databases are + world-readable (i.e. 0644), btmp is not and remains more restrictive. + Contributions from: Abdó Roig-Maranges, Alan Jenkins, Alexander Kuleshov, Andreas Rammhold, Andrew Jeddeloh, Andrew Soutar, Ansgar Burchardt, b1tninja, bengal, Benjamin Berg, Benjamin Robin, Charles diff --git a/tmpfiles.d/var.conf.m4 b/tmpfiles.d/var.conf.m4 index 380c717..0e2c509 100644 --- a/tmpfiles.d/var.conf.m4 +++ b/tmpfiles.d/var.conf.m4 @@ -14,7 +14,7 @@ L /var/run - - - - ../run d /var/log 0755 - - - m4_ifdef(`ENABLE_UTMP', f /var/log/wtmp 0664 root utmp - -f /var/log/btmp 0600 root utmp - +f /var/log/btmp 0660 root utmp - f /var/log/lastlog 0664 root utmp - )m4_dnl