Brian Kroth <bpkr...@gmail.com> 2016-06-22 13:48:
On Jun 17, 2016 11:11, "Brian Kroth" <bpkr...@gmail.com> wrote:Mantas Mikulėnas <graw...@gmail.com> 2016-06-17 08:00:On Fri, Jun 17, 2016 at 5:05 AM, Brian Kroth <bpkr...@gmail.com> wrote:Hi, I'm trying to convert an old school inetd service into a systemd socket activation. More or less what was describe in [1] worked for me. However, the bitI'mcurrently missing is connection logging. With the openbsd-inetd package (Debian), one could enable libwrap style logging with the -l option to inetd and get something like this: Jun 16 00:00:16 faitest32 inetd[16032]: connection from 10.130.105.148, service nrpe (tcp) Anyone know how to do that with systemd socket/service pairs? Does it just require a ExecPreStart sort of rule to echo %i (or some such) intoalogger pipe (or whatever the journal equivalent of that is), or isthere adirective to get that that I'm just missing in my googling?As of v209, the source address is *always* logged when the instancestarts(well, technically, it's added to the service description) – search the journal for MESSAGE_ID=39f53479d3a045ac8e11786248231fbf. (Can't filter by unit unfortunately since UNIT= only has the unique name of the instance, not the generic one...) Jun 16 18:19:10 frost systemd[1]: Started OpenSSH Per-Connection Daemon ([fd80:56c2:e21c:288b:8199:931f:3a4e:cfb3]:56168). Jun 16 18:22:07 frost systemd[1]: Started OpenSSH Per-Connection Daemon ( 10.114.14.18:60064). Jun 17 07:52:34 frost systemd[1]: Started Ident (RFC 1413) per-connection server ([::1]:50860).Hmm, I'm running v215 on a Debian Jessie machine, but that MESSAGE_IDisn't turning anything up for the messages I was expecting.# journalctl --all -x | grep -i nrpe ... Jun 17 10:05:15 faitest64 systemd[1]:[/etc/systemd/system/nagios-nrpe-server@.service:25] Failed to parse nice priority, ignoring: $NICENESS.(from before I took that out from my other question thread) # journalctl MESSAGE_ID=39f53479d3a045ac8e11786248231fbf -- Logs begin at Thu 2016-06-16 18:46:02 CDT, end at Fri 2016-06-1711:09:04 CDT. --Jun 17 00:19:35 faitest64 systemd[886]: Reached target Paths. Jun 17 00:19:35 faitest64 systemd[886]: Reached target Timers. Jun 17 00:19:35 faitest64 systemd[886]: Reached target Sockets. Jun 17 00:19:35 faitest64 systemd[886]: Reached target Basic System. Jun 17 00:19:35 faitest64 systemd[886]: Reached target Default. Jun 17 00:19:40 faitest64 systemd[886]: Reached target Shutdown. Do you know the commit id for that change offhand? Maybe Debian strippedthe patch or something, though I'm not sure why that would have happened.Thanks, BrianAnyone else have any other thoughts on the lack of inetd style connection logs? Thanks, Brian
Ah, I figured it out. Our grub setup had the "quiet" keyword on the boot command line, and the version of systemd (v215) in Debian Jessie doesn't include the fix [2] for the issue described in [1].
Basically, there was a hard call to "log_set_max_level(LOG_NOTICE);" in the main systemd process while processing the kernel command line arguments, which happens after parsing the /etc/systemd/system.conf config file, so any LogLevel value set there (mine was explicitly set to LogLevel=info) is overwritten. That wasn't documented so it took a while for me to find.
I'll submit a bug to Debian to request a backport of that fix, but in the meantime, in case anyone else runs into this, an alternative workaround for the meantime is to also include "systemd.log_level=info" in the kernel boot parameters (possibly after the "quiet" keyword).
Thanks, Brian [1] https://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html (commit 5e07a79e) [2] https://lists.freedesktop.org/archives/systemd-devel/2015-February/027946.html (commit d7b15e0a)
signature.asc
Description: Digital signature
_______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/systemd-devel