Package: oidentd Version: 2.4.0-1 ISSUE: oidentd is logged to syslog as 'sh[pid]:' after a recent apt-get dist-upgrade: Dec 31 15:38:36 machine sh[3469507]: Connection from xyz.xyz.com (159.x.x.5):34050
FIX/WORKAROUND: In /lib/systemd* these two files: oidentd.service oidentd@.service 1. /lib/systemd/system/oidentd.service 2. /lib/systemd/system/oidentd\@.service I had to remove the -S otherwise I was no longer seeing oidentd in the logs, instead it looked like this: Dec 31 15:38:36 machine sh[3469507]: Connection from xyz.xyz.com (159.x.x.5):34050 After removing the -S, logging works properly: Dec 31 17:06:51 atom oidentd[3511343]: Connection from xyz.xyz.com (159.x.x.5):34051 Kindly requesting if the -S can be removed from the oidentd setup package for the systemd service, otherwise fail2ban and similar applications won't be able to act on 'sh[pid]: Connection from' etc.. Fix/workaround: -------------------------------- +++ oidentd.service 2019-12-31 17:05:09.693101222 -0500 @@ -5,7 +5,7 @@ [Service] Environment=OIDENT_USER=nobody OIDENT_GROUP=nogroup EnvironmentFile=-/etc/default/oidentd -ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -S ${OIDENT_OPTIONS} -u \"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \ +ExecStart=/bin/sh -c "exec /usr/sbin/oidentd ${OIDENT_OPTIONS} -u \"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \ `[ \"${OIDENT_BEHIND_PROXY}\" = \"yes\" ] && ip route show to exact 0/0 | awk '{print \"-P \" $3}'`" ExecReload=/bin/kill -HUP $MAINPID Restart=on-failure Fix/workaround: -------------------------------- +++ oidentd@.service 2019-12-31 17:05:25.731724279 -0500 @@ -4,7 +4,7 @@ [Service] Environment=OIDENT_USER=nobody OIDENT_GROUP=nogroup EnvironmentFile=-/etc/default/oidentd -ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -IS ${OIDENT_OPTIONS} -u \"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \ +ExecStart=/bin/sh -c "exec /usr/sbin/oidentd -I ${OIDENT_OPTIONS} -u \"${OIDENT_USER}\" -g \"${OIDENT_GROUP}\" \ `[ \"${OIDENT_BEHIND_PROXY}\" = \"yes\" ] && ip route show to exact 0/0 | awk '{print \"-P \" $3}'`" StandardInput=socket StandardError=syslog Thanks, Justin.