On Sat, 10 Nov 2012 19:46:24 +0100 Jan Steffens <jan.steffens@gmail.com> wrote:
The meaning of these two groups ("adm" and "log") seems to be identical. Both allow read access to system logs, except "adm" is used by journald and "log" by syslogd (and tomcat, apparently).
Wouldn't it make sense to do away with one?
Is there a guarantee that `adm` group will be confined to only journald and not include wider priviledges in the future? By default it is probably unnecessary to have a log group as supplied by `filesystem`, but I I would still keep its creation in syslog-ng.install and similar. This way users who need a better logger than the journal will have a proper group setup... -- Leonid Isaev GnuPG key: 0x164B5A6D Fingerprint: C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D