[Openvpn-devel] More specific syslog process name with systemd
Commit Message
Adds the `--syslog` option to specify the unit and configuration
name when using systemd.
Signed-off-by: François Kooman <fkooman@tuxed.net>
---
distro/systemd/openvpn-client@.service.in | 2 +-
distro/systemd/openvpn-server@.service.in | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
Comments
On 15/08/2019 09:28, François Kooman wrote:
> Adds the `--syslog` option to specify the unit and configuration
> name when using systemd.
Could you please provide a rationale to why this is needed? How things works
now, is that the systemd-journal picks up everything; including various
additional meta-data which syslog does not support.
Now you get the log data with: `journalctl -u openvpn-{client,server}@CONFIG}`
And this also provides filtering possibilities as well, like '-b' (only log
entries since last boot) or '--since yesterday'.
If you want logged data to syslog, have a look at the journal integration
rsyslog provides - which can also include the additional meta-data:
<https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/s1-interaction_of_rsyslog_and_journal>
On 15.08.19 14:31, David Sommerseth wrote:
> Could you please provide a rationale to why this is needed? How things works
> now, is that the systemd-journal picks up everything; including various
> additional meta-data which syslog does not support.
The rationale was that when viewing the log with journalctl you only see
the syslog identifier, i.e. "openvpn" and not the full unit name.
> Now you get the log data with: `journalctl -u openvpn-{client,server}@CONFIG}`
> And this also provides filtering possibilities as well, like '-b' (only log
> entries since last boot) or '--since yesterday'.
That's much better actually, there's also the journalctl -o verbose that
shows the _SYSTEMD_UNIT.
Thanks!
Please ignore the patch!
Cheers,
François
Hi,
On Thu, Aug 15, 2019 at 07:23:37PM +0200, François Kooman wrote:
> Please ignore the patch!
Argueing patches away is so much easier than ACKing :-))
gert
@@ -10,7 +10,7 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/client
-ExecStart=@sbindir@/openvpn --suppress-timestamps --nobind --config %i.conf
+ExecStart=@sbindir@/openvpn --syslog %p@%i --suppress-timestamps --nobind --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE
LimitNPROC=10
DeviceAllow=/dev/null rw
@@ -10,7 +10,7 @@ Documentation=https://community.openvpn.net/openvpn/wiki/HOWTO
Type=notify
PrivateTmp=true
WorkingDirectory=/etc/openvpn/server
-ExecStart=@sbindir@/openvpn --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
+ExecStart=@sbindir@/openvpn --syslog %p@%i --status %t/openvpn-server/status-%i.log --status-version 2 --suppress-timestamps --config %i.conf
CapabilityBoundingSet=CAP_IPC_LOCK CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_RAW CAP_SETGID CAP_SETUID CAP_SYS_CHROOT CAP_DAC_OVERRIDE CAP_AUDIT_WRITE
LimitNPROC=10
DeviceAllow=/dev/null rw