[man] note which UID ranges will get user journals

Fixes #13926

diff --git a/man/journald.conf.xml b/man/journald.conf.xml
index 6c9268f4dc319caa9538a5abe1450d18846ab040..d16cb185803a1d1611e2fb2fca84b4ef5b317db0 100644 (file)
--- a/man/journald.conf.xml
+++ b/man/journald.conf.xml
@@ -110,8 +110,11 @@
         <listitem><para>Controls whether to split up journal files per user, either <literal>uid</literal> or
         <literal>none</literal>. Split journal files are primarily useful for access control: on UNIX/Linux access
         control is managed per file, and the journal daemon will assign users read access to their journal files. If
-        <literal>uid</literal>, all regular users will each get their own journal files, and system users will log to
-        the system journal. If <literal>none</literal>, journal files are not split up by user and all messages are
+        <literal>uid</literal>, all regular users (with UID outside the range of system users, dynamic service users,
+        and the nobody user) will each get their own journal files, and system users will log to the system journal.
+        See <ulink url="https://systemd.io/UIDS-GIDS">Users, Groups, UIDs and GIDs on systemd systems</ulink>
+        for more details about UID ranges.
+        If <literal>none</literal>, journal files are not split up by user and all messages are
         instead stored in the single system journal. In this mode unprivileged users generally do not have access to
         their own log data. Note that splitting up journal files by user is only available for journals stored
         persistently. If journals are stored on volatile storage (see <varname>Storage=</varname> above), only a single

diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml
index ea6fb5467397814db7543fc700b144410c4eacb6..ec9f974f2da5ea7ba164253b882a726fd1cb59ab 100644 (file)
--- a/man/systemd-journald.service.xml
+++ b/man/systemd-journald.service.xml
@@ -200,8 +200,11 @@ systemd-tmpfiles --create --prefix /var/log/journal</programlisting>
     writable. Adding a user to this group thus enables them to read
     the journal files.</para>
 
-    <para>By default, each logged in user will get their own set of
-    journal files in <filename>/var/log/journal/</filename>. These
+    <para>By default, each user, with a UID outside the range of system users,
+    dynamic service users, and the nobody user, will get their own set of
+    journal files in <filename>/var/log/journal/</filename>. See
+    <ulink url="https://systemd.io/UIDS-GIDS">Users, Groups, UIDs and GIDs on systemd systems</ulink>
+    for more details about UID ranges. These journal
     files will not be owned by the user, however, in order to avoid
     that the user can write to them directly. Instead, file system
     ACLs are used to ensure the user gets read access only.</para>