View previous topic :: View next topic |
Author |
Message |
musv Advocate
Joined: 01 Dec 2002 Posts: 3333 Location: de
|
Posted: Tue May 21, 2013 10:54 pm Post subject: systemd and denyhosts - ssh.log |
|
|
Hi there.
After switching to systemd denyhosts stopped working. The reason:
/etc/denyhosts.conf: | SECURE_LOG = /var/log/messages |
systemd doesn't fill that file anymore. And denyhosts uses the log file to put the attacking servers into /etc/hosts.deny. The systemd logs are binary trash in /var/log/journal/$strangeID/system.journal.
Is there a chance to get systemd and denyhosts working together? How do the other distributions handle that? |
|
Back to top |
|
|
ulenrich Veteran
Joined: 10 Oct 2010 Posts: 1480
|
Posted: Wed May 22, 2013 12:09 am Post subject: |
|
|
You can use any of the usual old syslog software to get the old log files available.
Perhaps you could even direct journald to directly put some text files there ... |
|
Back to top |
|
|
musv Advocate
Joined: 01 Dec 2002 Posts: 3333 Location: de
|
Posted: Wed May 22, 2013 9:34 am Post subject: |
|
|
ulenrich wrote: | You can use any of the usual old syslog software to get the old log files available. |
Yes, I found some "solutions", where I can start syslog-ng and connect it to the systemd-journal socket. But that's not my goal. I don't want to have 2 log daemons running.
ulenrich wrote: | Perhaps you could even direct journald to directly put some text files there ... |
That's the idea. Only the approach to realize that is missing. |
|
Back to top |
|
|
ulenrich Veteran
Joined: 10 Oct 2010 Posts: 1480
|
Posted: Wed May 22, 2013 10:36 am Post subject: |
|
|
Quote: | ulenrich wrote: | Perhaps you could even direct journald to directly put some text files there ... |
That's the idea. Only the approach to realize that is missing. |
Well, as an old user you should intuitively know the place to look at:
/etc/systemd/journald.conf
"man journald.conf" says:
SEE ALSO systemd-journald.service journalctl systemd.journal-fields
If you want specials with systemd there are many man pages ...
(Only if you just want to run the usual there is no need to read anything)
Or, if you pretty well know the traditional tools, why not "Storage=volatile"
and syslog-ng ? |
|
Back to top |
|
|
|