From 2eaceed0b14228ad27b369db0ff3a9c8c45fb13e Mon Sep 17 00:00:00 2001 From: =?utf8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 7 Nov 2025 17:04:03 +0100 Subject: [PATCH] journald: do not allow persistent journal storage in the initrd If the user managed to configure persistent storage in the journal in the initrd, e.g. by creating /var/log/journal with default of 'auto', we could end up writing entries there. Let's make sure this doesn't happen. --- src/journal/journald-config.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/src/journal/journald-config.c b/src/journal/journald-config.c index de78a40008f..b524379b5c4 100644 --- a/src/journal/journald-config.c +++ b/src/journal/journald-config.c @@ -5,6 +5,7 @@ #include "conf-parser.h" #include "creds-util.h" #include "daemon-util.h" +#include "initrd-util.h" #include "journald-audit.h" #include "journald-config.h" #include "journald-context.h" @@ -117,6 +118,11 @@ void manager_merge_configs(Manager *m) { journal_config_done(&m->config); MERGE_NON_NEGATIVE(storage, JOURNAL_STORAGE_DEFAULT_VAL); + + /* In the initrd, only 'none' and 'volatile' make sense. */ + if (in_initrd() && IN_SET(m->config.storage, STORAGE_PERSISTENT, STORAGE_AUTO)) + m->config.storage = STORAGE_VOLATILE; + manager_merge_journal_compress_options(m); MERGE_NON_NEGATIVE(seal, true); /* By default, /dev/kmsg is read only by the main namespace instance. */ -- 2.47.3