On 24/12/22 15:41, Tim via users wrote:
On Sat, 2022-12-24 at 10:33 +1100, Stephen Morris wrote:
> How do I identify what file
>
.#user-1000@7668ca11a5184a26bcf4a7c1858f9574-0000000000000a42-0005ef6078e3e7f0.journalc7d37931ac52343c
> is?
You could use the file, less, cat, or hexdump commands. "file" would
try to identify it, the others will just show you the contents for you
to try and identify it.
If it's zero bytes in size, the system is probably just using the name
of the file, itself, to do a job.
What I'm trying to determine is why journal-offline get a security
failure on that file and not the equivalent file that has system before
the @, especially when all 4 files in /var/log/journal are owned by
root. If the ".#" is removed and the suffix after journal is removed
then that file seems to be being persisted across boots, or is being
deleted and recreated across boots, so why should there be an selinux
issue and is it a bug?
regards,
Steve