[systemd-devel] inetd-style service with connection logging

Brian Kroth bpkroth at gmail.com
Fri Jun 17 16:11:32 UTC 2016


Mantas Mikulėnas <grawity at gmail.com> 2016-06-17 08:00:
>On Fri, Jun 17, 2016 at 5:05 AM, Brian Kroth <bpkroth at gmail.com> wrote:
>
>> Hi, I'm trying to convert an old school inetd service into a systemd
>> socket activation.
>>
>> More or less what was describe in [1] worked for me.  However, the bit I'm
>> currently missing is connection logging.
>>
>> With the openbsd-inetd package (Debian), one could enable libwrap style
>> logging with the -l option to inetd and get something like this:
>>
>> Jun 16 00:00:16 faitest32 inetd[16032]: connection from 10.130.105.148,
>> service nrpe (tcp)
>>
>> Anyone know how to do that with systemd socket/service pairs?  Does it
>> just require a ExecPreStart sort of rule to echo %i (or some such) into a
>> logger pipe (or whatever the journal equivalent of that is), or is there a
>> directive to get that that I'm just missing in my googling?
>>
>
>As of v209, the source address is *always* logged when the instance starts
>(well, technically, it's added to the service description) – search the
>journal for MESSAGE_ID=39f53479d3a045ac8e11786248231fbf. (Can't filter by
>unit unfortunately since UNIT= only has the unique name of the instance,
>not the generic one...)
>
>Jun 16 18:19:10 frost systemd[1]: Started OpenSSH Per-Connection Daemon
>([fd80:56c2:e21c:288b:8199:931f:3a4e:cfb3]:56168).
>Jun 16 18:22:07 frost systemd[1]: Started OpenSSH Per-Connection Daemon (
>10.114.14.18:60064).
>Jun 17 07:52:34 frost systemd[1]: Started Ident (RFC 1413) per-connection
>server ([::1]:50860).

Hmm, I'm running v215 on a Debian Jessie machine, but that MESSAGE_ID 
isn't turning anything up for the messages I was expecting.

# journalctl --all -x | grep -i nrpe
...
Jun 17 10:05:15 faitest64 systemd[1]: [/etc/systemd/system/nagios-nrpe-server at .service:25] Failed to parse nice priority, ignoring: $NICENESS.

(from before I took that out from my other question thread)


# journalctl MESSAGE_ID=39f53479d3a045ac8e11786248231fbf
-- Logs begin at Thu 2016-06-16 18:46:02 CDT, end at Fri 2016-06-17 11:09:04 CDT. --
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Paths.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Timers.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Sockets.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Basic System.
Jun 17 00:19:35 faitest64 systemd[886]: Reached target Default.
Jun 17 00:19:40 faitest64 systemd[886]: Reached target Shutdown.


Do you know the commit id for that change offhand?  Maybe Debian 
stripped the patch or something, though I'm not sure why that would have 
happened.

Thanks,
Brian
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20160617/a4f4e7a9/attachment.sig>


More information about the systemd-devel mailing list