journald: podman events only show events for current user

I noticed this while running some things in parallel, podman events
would show events from other users. Because all events are written to
the journal everybody can see them. So when we read the journal we must
filter events for only the current UID.

To reproduce run `podman events` as user then in another window create a
container as root for example. After this patch it will correctly ignore
these events from other users.

[NO NEW TESTS NEEDED] I don't think we can test with two users at the same
time.

Signed-off-by: Paul Holzinger <pholzing@redhat.com>

libpod/events/journal_linux.go

@@ -11,6 +11,7 @@ import (
 	"strconv"
 	"time"
 
+	"github.com/containers/podman/v4/pkg/rootless"
 	"github.com/containers/podman/v4/pkg/util"
 	"github.com/coreos/go-systemd/v22/journal"
 	"github.com/coreos/go-systemd/v22/sdjournal"
@@ -108,7 +109,13 @@ func (e EventJournalD) Read(ctx context.Context, options ReadOptions) error {
 	// match only podman journal entries
 	podmanJournal := sdjournal.Match{Field: "SYSLOG_IDENTIFIER", Value: "podman"}
 	if err := j.AddMatch(podmanJournal.String()); err != nil {
-		return fmt.Errorf("failed to add journal filter for event log: %w", err)
+		return fmt.Errorf("failed to add SYSLOG_IDENTIFIER journal filter for event log: %w", err)
+	}
+
+	// make sure we only read events for the current user
+	uidMatch := sdjournal.Match{Field: "_UID", Value: strconv.Itoa(rootless.GetRootlessUID())}
+	if err := j.AddMatch(uidMatch.String()); err != nil {
+		return fmt.Errorf("failed to add _UID journal filter for event log: %w", err)
 	}
 
 	if len(options.Since) == 0 && len(options.Until) == 0 && options.Stream {