Am 26.08.23 um 18:41 schrieb Cecil Westerhof:
Replying on google does not work as I am used to. It sends to the sender
instead of the group. 😱
Op za 26 aug 2023 om 18:36 schreef Cecil Westerhof
<cldwesterhof@xxxxxxxxx <mailto:cldwesterhof@xxxxxxxxx>>:
Op za 26 aug 2023 om 14:46 schreef Michael Biebl <mbiebl@xxxxxxxxx
<mailto:mbiebl@xxxxxxxxx>>:
Am Sa., 26. Aug. 2023 um 09:44 Uhr schrieb Cecil Westerhof
<cldwesterhof@xxxxxxxxx <mailto:cldwesterhof@xxxxxxxxx>>:
>
> I am at last implementing systemd timers. The service I
created can have its status queried by a normal user. I thought
I must have made a mistake. But when I do:
> systemctl status cron
>
> I get:
> ● cron.service - Regular background program processing daemon
> Loaded: loaded (/lib/systemd/system/cron.service;
enabled; preset: enabled)
> Active: active (running) since Sat 2023-08-19
18:12:04 CEST; 6 days ago
> Docs: man:cron(8)
> Main PID: 790 (cron)
> Tasks: 1 (limit: 17837)
> Memory: 91.0M
> CPU: 14min 3.110s
> CGroup: /system.slice/cron.service
> └─790 /usr/sbin/cron -f
>
> Warning: some journal files were not opened due to
insufficient permissions.
>
> Is this the expected behaviour?
> If not: what could be wrong with my system?
>
> This is on Debian 11.
Reading system logs is a privileged operation.
You can grant this privilege to individual users by adding them
to the
systemd-journal (or adm) group.
Adding users to the adm will grant them additional privileges,
so be careful.
The user is in the lpadmin group, but not in systemd-journal, or adm
and still can ask the status.
Another reply indicates that this is normal.
Well, you can look at the process list anytime as normal user. So, what
are you trying to accomplishing. Whats the goal? Hiding the process from
the users?
--
Leon
