systemd user journals not being created

24.8k views Asked by At

Several identical machines all running Fedora 21 in a cluster are all exhibiting identical issues:

Attempting to pull a user journal with journalctl -r gives:

No journal files were opened due to insufficient permissions.

Trying journalctl --user -r gives:

No journal files were found.

Checking in /var/log/journal/[whatever] yields system journals (which seem to work fine as root) and one or two user journals. Logging in as a user that has a user journal in this directory shows that these users can pull their own journal just fine.

It seems like journals are being created for some users but not others. I can find nothing different about the users with journals, and it's not the same users exhibiting the problem on every system, despite identical /etc/passwd, /etc/group, and /etc/shadow files across the systems.

All of this worked fine on Fedora 20.

2

There are 2 answers

3
datu-puti On

I believe this is related to this question.

I had this issue on Ubuntu 17.10. One of my users could view his journal entries, but another couldn't. The issue was resolved by changing the Storage directive of the [Journal] section of /etc/systemd/journald.conf to persistent:

Edit journald.conf

$ sudo vi /etc/systemd/journald.conf

Original Config

[Journal]
#Storage=auto
...

New Config

[Journal]
Storage=persistent
...

After a restart of journalctl, all users could view their respective logs:

$ sudo systemctl restart systemd-journald

From the journald.conf man page:

If "persistent", data will be stored preferably on disk, i.e. below the /var/log/journal hierarchy (which is created if needed), with a fallback to /run/log/journal (which is created if needed), during early boot and if the disk is not writable.

0
Hi-Angel On

Check the output of id -u, if it shows a number less than 1000 then you stumble upon this resolved systemd bug. It is fixed since v254 release.

For older releases without the fix there is a known workaround for the case where you know the name of the unit you want to watch: the --user -u foo would need to be replaced with --user-unit foo.