View Issue Details
|ID||Project||Category||View Status||Date Submitted||Last Update|
|0017773||CentOS-8||systemd||public||2020-10-02 10:07||2020-10-02 10:07|
|Target Version||Fixed in Version|
|Summary||0017773: journalctl --user -xe does not work|
|Description||On CentOS8 with default configuration of /etc/systemd/journald.conf, journalctl --user -xe does not shows up user's journal, it causes permission error like this:|
"No journal files were opened due to insufficient permissions"
Also tried journalctl --user -u <service>, same result.
I have find this can be fix by changing "Storage=auto" to "Storage=persistent" on /etc/systemd/journald.conf.
Or just create /var/log/journal with "Storage=auto" setting, because auto mode become persistent mode when the directory exists.
However, in our use case we want to run the service without root privilege, there is no choice to change these configuration in root mode.
Also it should work properly in default configuration.
The reason why the error occur is, storage mode in journald is set to "Storage=auto" by default, and systemd rpm package does not provided /var/log/journal directory, so journald chooses volatile mode.
However, it seems like volatile mode does not split logs by uid, so we do not able to access journal from non-root user.
So it is rpm packaging issue, it should be solved by adding /var/log/journal in the package.
But the package decided seems like not to do this, I found the following changelog in the package, it probably added in upstream distribution:
"don't create /var/log/journal during package installation (#1523188)"
I tried to see what was #1523188, but I got access denied:
On Fedora, it just creates /var/log/journal by default and works with non-root user:
|Steps To Reproduce||systemctl --user start <service>|
journalctl --user -xe
It will show following error:
Hint: You are currently not seeing messages from the system.
Users in the 'systemd-journal' group can see all messages. Pass -q to
turn off this notice.
No journal files were opened due to insufficient permissions