On Sat, 10 Nov 2012 19:46:24 +0100
Jan Steffens <jan.steffens@xxxxxxxxx> wrote:
> The meaning of these two groups ("adm" and "log") seems to be
> identical. Both allow read access to system logs, except "adm" is used
> by journald and "log" by syslogd (and tomcat, apparently).
>
> Wouldn't it make sense to do away with one?
Is there a guarantee that `adm` group will be confined to only journald and not
include wider priviledges in the future? By default it is probably unnecessary
to have a log group as supplied by `filesystem`, but I I would still keep its
creation in syslog-ng.install and similar. This way users who need a better
logger than the journal will have a proper group setup...
--
Leonid Isaev
GnuPG key: 0x164B5A6D
Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
Attachment:
signature.asc
Description: PGP signature
