Out of the box I seem to get every log message from strongswan duplicated,
once logged by "charon", then again by "strongswan" after a delay, e.g.

Oct 10 12:26:32 sapphire charon: 05[ENC] generating INFORMATIONAL_V1
request 1411728704 [ HASH N(DPD) ]

followed later by:

Oct 10 12:29:32 sapphire strongswan[19104]: 05[ENC] generating
INFORMATIONAL_V1 request 1411728704 [ HASH N(DPD) ]

I believe this is because the systemd unit file (strongswan.service) has
the line:
StandardOutput=syslog, causing systemd to relay everything to syslog, but
the default /etc/strongswan/strongswan.d/charon-logging.conf also has a
syslog section so charon logs directly to syslog itself as well.

I suspect the delay between the two copies of the log entries may be
related to buffering on standard out, since the logs from "strongswan"
always appear in batches with the same timestamp, but I'm not sure.

In my case I'm using strongswan-5.4.0 on Centos 7 from EPEL
http://koji.fedoraproject.org/koji/buildinfo?buildID=774748 but I have
checked the strongswan 5.5 tarball and it appears the systemd unit file and
charon-logging.conf are unchanged.

I'm not really sure if this is a bug or something specific to my syslog
configuration, but given that charon is logging to syslog itself in the
default configuration, would it make more sense to set "StandardOutput =
null" from the unit file instead? I have made this change on my own system
and it appears to have the desired result.


James Birkett

Scanned by CyberHound

Confidentiality Notice: This email, including any attachments, is confidential 
and may be privileged.  If you are not the intended recipient please notify the 
sender immediately and delete it. You should not copy it or use it for any 
purpose or disclose its contents to any other person without CyberHound's prior 
written permission. CyberHound Pty Ltd reserves the right to monitor all email 
communications passing through its networks and devices.

Users mailing list

Reply via email to