I'm taking care of a server (Debian Jessie) that several developers use for deploying and managing their work.
Now there is a script on this server (managed by one of the developers) that does some regular maintenance stuff and therefore should run all the time.
I added that script as a systemd service so that it automatically restarts if it should ever crash.
[Service]
ExecStart=...
Restart=on-failure
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=maintenanceScript
User=maintainer
Group=devGroup
[Install]
WantedBy=multi-user.target
The script itself works absolutely fine, but what I would like to improve is how the logs can be accessed. The script makes some console outputs from time to time and systemd does what I told it to do - it puts the console output into syslog.
But although the script runs under the account of the maintaining developer (verified using ps), I can only access the logs via journalctl when I'm logged in as root.
journalctl -u maintenanceScript
works perfectly fine as root and prints all log entries.
However, I would like the maintainer to be able to see those log entries aswell - but not necessarily see all other log entries in syslog (all I found so far says to add the users that should be able to access some sort of global logs to the journal admin group - but that would give him access to all global logs).
Can I configure journald to give some specified users access to global logs of some specified units?
