systemd docs
This commit is contained in:
parent
46a031695c
commit
fefd2d7e5c
1 changed files with 47 additions and 4 deletions
|
@ -1,7 +1,24 @@
|
|||
unit systemd con utente dinamico:
|
||||
- no adduser/altre conf
|
||||
- utente con pochi permessi
|
||||
- accesso consentito al gruppo adm
|
||||
## A simple start
|
||||
|
||||
The bare minimum you need to get circologd on a systemd-based system is this unit.
|
||||
Other options with more features or more security are provided below
|
||||
|
||||
[Unit]
|
||||
Description=In-memory logging
|
||||
|
||||
[Service]
|
||||
User=root
|
||||
Group=adm
|
||||
ExecStart=/usr/local/sbin/circologd -syslogd-socket /run/circolog/syslog.sock -buffer-size 2000 -query-socket /run/circolog/query.sock
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
|
||||
## A better unit
|
||||
|
||||
This is another unit, which has several security features, such as `DynamicUser`, filesystem restrictions, and
|
||||
more.
|
||||
|
||||
[Unit]
|
||||
Description=In-memory logging
|
||||
|
@ -27,3 +44,29 @@ unit systemd con utente dinamico:
|
|||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
## Journald
|
||||
|
||||
None of those are integrated with journald, however. The simplest way to integrate with journald is the
|
||||
following.
|
||||
|
||||
First of all, ensure `ForwardToSyslog=yes` in `/etc/systemd/journald.conf`.
|
||||
Then, you need to run circologd as root and bind it [to a special
|
||||
address](https://www.freedesktop.org/software/systemd/man/journald.conf.html#Forwarding%20to%20traditional%20syslog%20daemons).
|
||||
Ok, you don't strictly _need_ to run it as root, but that's the easiest way to run it.
|
||||
Here is a working unit for this:
|
||||
|
||||
[Unit]
|
||||
Description=In-memory logging
|
||||
|
||||
[Service]
|
||||
User=root
|
||||
Group=adm
|
||||
ExecStart=/usr/local/sbin/circologd -syslogd-socket /run/systemd/journal/syslog -buffer-size 2000 -query-socket /run/circolog/query.sock
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
|
||||
### journald with socket activation
|
||||
|
||||
To run circologd as non-root, while listening on a root-owned socket (`/run/systemd/journal/syslog`) use
|
||||
socket activation
|
||||
|
|
Loading…
Reference in a new issue