I’m having an issue with some sort of permissions. In Grafana and looking at the logs, I’m always getting an error on the log under “systemd-journal” and it states: “open /var/log/boot.log: permission denied” for several logs that are owned by root. Now I’ve read places that these logs are owned by root and give many people headaches, but specifically to Promtail, I’m not sure what I should do? Do I add Promtail to a specific group or something? Or maybe I’m missing something else?
Did you try running promtail as root? for me it fixed it.
Hmm, excuse my ignorance, but how would I do that, or tell if I’m doing it already? Not sure if it matters, but whenever I install new programs and such, I don’t use the root account (because of bad practices), so my main account has the “sudo” privileges. And I do it that way.
EDIT: Actually I got it to work. Had to manually go into the folder as root, and fire to start the program, and just like @dror1212 stated the errors went away. However, my question is now, is how can I start promtail as root as a service so it starts with root when the computer boots up?
EDIT 2: Well, a little more research and I found my solution: I edited the .service under
/etc/systemd/system for promtail, and changed the user from the promtail user to root, and it worked like a charm. Solved my own issue. I’m sure this info will come in handy for others if they run into the same problem.
I don’t think it is good practice to run promtail as root. It is better to have a promtail usr and add that user to the systemd-journal group:
$ sudo adduser --system promtail $ cd /var $ var/ sudo setfacl -R -m u:promtail:rX log $ sudo chown promtail:promtail /tmp/positions.yaml $ sudo usermod -a -G systemd-journal promtail