Re: [systemd-devel] inetd-style service with connection logging

[Brian Kroth]

Brian Kroth  2016-06-22 13:48:

On Jun 17, 2016 11:11, "Brian Kroth"  wrote:


Mantas Mikulėnas  2016-06-17 08:00:


On Fri, Jun 17, 2016 at 5:05 AM, Brian Kroth  wrote:


Hi, I'm trying to convert an old school inetd service into a systemd
socket activation.

More or less what was describe in [1] worked for me.  However, the bit

I'm

currently missing is connection logging.

With the openbsd-inetd package (Debian), one could enable libwrap style
logging with the -l option to inetd and get something like this:

Jun 16 00:00:16 faitest32 inetd[16032]: connection from 10.130.105.148,
service nrpe (tcp)

Anyone know how to do that with systemd socket/service pairs?  Does it
just require a ExecPreStart sort of rule to echo %i (or some such) into

a

logger pipe (or whatever the journal equivalent of that is), or is

there a

directive to get that that I'm just missing in my googling?



As of v209, the source address is *always* logged when the instance

starts


(well, technically, it's added to the service description) – search the
journal for MESSAGE_ID=39f53479d3a045ac8e11786248231fbf. (Can't filter by
unit unfortunately since UNIT= only has the unique name of the instance,
not the generic one...)

Jun 16 18:19:10 frost systemd[1]: Started OpenSSH Per-Connection Daemon
([fd80:56c2:e21c:288b:8199:931f:3a4e:cfb3]:56168).
Jun 16 18:22:07 frost systemd[1]: Started OpenSSH Per-Connection Daemon (
10.114.14.18:60064).
Jun 17 07:52:34 frost systemd[1]: Started Ident (RFC 1413) per-connection
server ([::1]:50860).



Hmm, I'm running v215 on a Debian Jessie machine, but that MESSAGE_ID

isn't turning anything up for the messages I was expecting.


# journalctl --all -x | grep -i nrpe
...
Jun 17 10:05:15 faitest64 systemd[1]:

[/etc/systemd/system/nagios-nrpe-server@.service:25] Failed to parse nice
priority, ignoring: $NICENESS.


(from before I took that out from my other question thread)


# journalctl MESSAGE_ID=39f53479d3a045ac8e11786248231fbf
-- Logs begin at Thu 2016-06-16 18:46:02 CDT, end at Fri 2016-06-17

11:09:04 CDT. --

Jun 17 00:19:35 faitest64 systemd[886]: Reached target Paths.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Timers.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Sockets.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Basic System.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Default.
Jun 17 00:19:40 faitest64 systemd[886]: Reached target Shutdown.


Do you know the commit id for that change offhand?  Maybe Debian stripped

the patch or something, though I'm not sure why that would have happened.


Thanks,
Brian


Anyone else have any other thoughts on the lack of inetd style connection
logs?

Thanks,
Brian


Ah, I figured it out.  Our grub setup had the "quiet" keyword on the 
boot command line, and the version of systemd (v215) in Debian Jessie 
doesn't include the fix [2] for the issue described in [1].


Basically, there was a hard call to "log_set_max_level(LOG_NOTICE);" in 
the main systemd process while processing the kernel command line 
arguments, which happens after parsing the /etc/systemd/system.conf 
config file, so any LogLevel value set there (mine was explicitly set to 
LogLevel=info) is overwritten.  That wasn't documented so it took a 
while for me to find.


I'll submit a bug to Debian to request a backport of that fix, but in 
the meantime, in case anyone else runs into this, an alternative 
workaround for the meantime is to also include "systemd.log_level=info" 
in the kernel boot parameters (possibly after the "quiet" keyword).


Thanks,
Brian

[1] 
https://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html 
(commit 5e07a79e)
[2] 
https://lists.freedesktop.org/archives/systemd-devel/2015-February/027946.html 
(commit d7b15e0a)


signature.asc
Description: Digital signature
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Erlang bindings for systemd-notify API

[Peter Lemenkov]

Sorry for resurrecting of an old thread, but I really hope to finish
this task :)
What should I do for moving this library under systemd umbrella?
What's the next step?

2016-05-30 12:18 GMT+02:00 Lennart Poettering :
> On Sun, 29.05.16 22:24, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
>
>> On Sun, May 29, 2016 at 10:59:23AM +0200, Peter Lemenkov wrote:
>> > Hello All!
>> > I'd like to introduce another systemd-related project -
>> > erlang-sd_notify. That's just a bindings for sd_notify API. Currently
>> > it implements bindings just for two functions - sd_notify and
>> > sd_notifyf, which is enough for using "Type=notify" as a service type.
>> >
>> > https://github.com/lemenkov/erlang-sd_notify
>> >
>> > Library is a very simple one. It has been in use in a production
>> > environments for a couple of years already.
>> >
>> > I wonder if it's possible to host it somewhere at github.com/systemd
>> > among other bindings or it's too small to be promoted?
>>
>> I think it'd be reasonable to move it under the systemd umbrella.
>> We already have "Erlang" team in systemd, that has one "ejournald"
>> repo: https://github.com/orgs/systemd/teams/erlang.
>
> Yeah, I agree, it certainly makes sense to add this to the systemd
> umbrella. Not entirely sure what the workflow is supposed to be though
> to make this happen...
>
> Lennart
>
> --
> Lennart Poettering, Red Hat



-- 
With best regards, Peter Lemenkov.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] Something wrong with sd_journal_add_match

[Dennis Semakin]

sd_journal_get_data() returns 0 (zero) in that case.


22.06.2016, 14:51, "Luca BRUNO" :
> On Wednesday 22 June 2016 12:10:14 Dennis Semakin wrote:
>
>>  The task is to obtain messages _only_ with specified fields (e.g.
>>  MESSAGE_ID=bla-bla-bla).
>
>>  And problem is that I can see incoming messages even when sending tool is
>>  not running (no execution). Looks like I got all messages from journal
>>  (kernel, other services, etc.).
>
>>  for (;;) {
>>
>>  const void *data;
>>  size_t length;
>>
>>  ret = sd_journal_next(sdj);
>>  if (ret == 0) {
>>  ret = sd_journal_wait(sdj, (uint64_t) -1);
>>  printf("wait ret = %d \n", ret);
>>  }
>>
>>  sd_journal_get_data(sdj, "MESSAGE", , );
>>  printf(">%.*s<\n", (int) length, data);
>
> I think I've seen something similar, so I'll note it here even if I'm not sure
> if my understanding is correct:
>
> sd_journal_wait() will trigger on *any* events, while sd_journal_get_data()
> will apply the filter and find no matching entries.
> I'm not sure why you see a consistent printing behavior, though. Can you check
> the return value of sd_journal_get_data() in that case?
>
> NB: I'm not much familiar with that codebase and haven't digged into the
> source enough to confirm my speculation, so take it cum grano salis.
>
> Cheers, Luca
>
> --
> «Доверяй, но проверяй»
> ,
>
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> https://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/systemd-devel