I’m maintaining the Incus RPM package for Fedora on COPR. Yesterday I got this request to add startup directory creation for
/var/log/incus to the Incus systemd services. This made me dig into the
/var/log/incus directory more:
- Do we even need
/var/log/incus/incusd.logat all? My current Incus systemd unit is mainly based on
incus.servicewhich defines the log via
--logfile. Is there any additional benefit compared to only using journald? I tested
--logfile=/dev/nulland the systemd journal still contains the
incusdlog messages. Or is there even a better way to disable logging into a file?
- As there are other logs (dnsmasq, container logs) in
/var/log/incuswhat would be the appropriate permissions for this directory?
lxd.services systemd unit included a
mkdir since years and changed the group to
lxd (admin group) but with permissions of 0700 this doesn’t really have any effect.
I was thinking of
root:incus-admin and permissions of 0750 but then saw that the
incus-user instance logs are there too and not accessible by a regular user if I do so. Any suggestions?