Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

a simple systemd service file #2

Open
kapouer opened this issue May 19, 2015 · 7 comments
Open

a simple systemd service file #2

kapouer opened this issue May 19, 2015 · 7 comments

Comments

@kapouer
Copy link

kapouer commented May 19, 2015 

[Unit]
Description=Notify about journal log entries

[Service]
Type=simple
ExecStart=/usr/bin/journal-notify -m SYSLOG_IDENTIFIER=sshd -e -r "^(error:|Accepted)" -i security-high -X /usr/share/journal-notify/execute/mail.sh

[Install]
WantedBy=multi-user.target
@eworm-de
Copy link
Owner

This would send mails to [email protected] by default... :-p

With execute-only you can skip the icon (-i security-high), it does not have an effect.

@kapouer
Copy link
Author

kapouer commented May 19, 2015

Yep, my question was more like 'please provide an interesting example of a systemd service file setup'...
Here's a use case implemented using very simple tools:
https://github.com/kapouer/vigilante
i suppose the only missing thing is to add throttling in the executable script and i'll have a better tool with your software :)

@eworm-de
Copy link
Owner

Added a systemd unit file with babb114. Is that ok for you?

@kapouer
Copy link
Author

kapouer commented Jun 19, 2015

Awesome ! will test soon.

@ambiamber
Copy link
Contributor

I'm thinking that the systemd unit file could be generalized by using a configuration file.

To overcome distro incompatibilities the location of the configuration file in the unit file could be specified:

EnvironmentFile=-/etc/default/journal-notify
EnvironmentFile=-/etc/sysconfig/journal-notify

Then instead of

ExecStart=/usr/bin/journal-notify -m SYSLOG_IDENTIFIER=sshd -e -r "^(error:|Accepted)" -X /path/to/updated/execute/mail.sh

it could be

ExecStart=/usr/bin/journal-notify $SERVICE_OPTION $REGEX_OPTIONS $EXECUTABLE_OPTION

cat /etc/sysconfig/journal-notify
SERVICE_OPTION="-m SYSLOG_IDENTIFIER=sshd"
REGEX_OPTION="-e -r "^(error:|Accepted)"
EXECUTABLE_OPTION="-X /path/to/updated/execute/mail.sh"

I haven't tested this yet, it's just an idea. What do you think?

@traylenator
Copy link

traylenator commented Mar 21, 2023
edited
Loading

The way we went for this is to use a template unit: /etc/systemd/system/[email protected]

[Unit]
Description=Call journal notify with a configuration
Requires=dbus.socket
# Order after notification daemons to make sure it is stopped before.

[Service]
Type=simple
EnvironmentFile=/etc/journal-notify.d/%i
ExecStart=/usr/bin/journal-notify $JOURNAL_NOTIFY_OPTIONS
[Install]
WantedBy=multi-user.target

And then creating an instance of the service is as simple as creating a file: /etc/journal-notify.d/coredump-notify

JOURNAL_NOTIFY_OPTIONS=" -m MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1 -X /usr/libexec/journal-notify/mail.sh"

# Extra envs for the script
[email protected]

And start the service with: systemd enable --now [email protected]

@eworm-de
Copy link
Owner

eworm-de commented Jan 1, 2024

@traylenator, interesting idea... Want to create a pull request for this? I think this could be useful for others.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@kapouer @traylenator @eworm-de @ambiamber