Re: problem with fwlogwatch.service (debian 12)

Wed, 20 Nov 2024 12:46:18 -0800 

Hello Marial :)

Le 20/11/2024 à 20:16, Darac Marjal a écrit :

On Wed, Nov 20, 2024 at 05:35:58PM +0100, Jean-François Bachelet wrote:
[cut]


'systemctl status fwlogwatch.service' :



fwlogwatch.service - Firewall log analyzer

     Loaded: loaded (/lib/systemd/system/fwlogwatch.service; enabled; 
preset: enabled)
     Active: failed (Result: exit-code) since Wed 2024-11-20 17:02:18 
CET; 1min 27s ago

       Docs: man:fwlogwatch

    Process: 294164 ExecStart=/bin/sh -c if [ "x${START_DAEMON}" != 
"xtrue" ]; then echo "aborted"; exit 1; fi;    exec /usr/sbin/ 
fwlogwatch -c /etc/fwlogwatch/fwlogwatch.config -R ${PARAMS} 
(code=exited, status=1/FAILURE)

        CPU: 16ms


nov. 20 17:02:18 deb systemd[1]: Starting fwlogwatch.service - 
Firewall log analyzer...

nov. 20 17:02:18 deb sh[294164]: aborted

nov. 20 17:02:18 deb systemd[1]: fwlogwatch.service: Control process 
exited, code=exited, status=1/FAILURE
nov. 20 17:02:18 deb systemd[1]: fwlogwatch.service: Failed with 
result 'exit-code'.
nov. 20 17:02:18 deb systemd[1]: Failed to start fwlogwatch.service - 
Firewall log analyzer.



I might be reading this wrong, but the "ExecStart" command is a shell 
script which basically says "if the $START_DAEMON variable does not 
equal 'true', then echo 'aborted' and stop". Given you get sh printing 
the word 'aborted', I think you're reading that branch.


Did you set "START_DAEMON=true" in /etc/default/fwlogwatch or similar?

there is no such stuff in the confs...

here is what the cron daily conf says for it :


/etc/cron.daily/fwlogwatch                                                                        
#!/bin/sh

# fwlogwatch's daily cron job
# Copyright 2001 Alberto Gonzalez Iniesta <a...@agi.as>
# Licensed under the GNU General Public License, version 2.  See the file
# /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
#
set -e
test $DEBIAN_SCRIPT_DEBUG && set -v -x

FWLOGWATCH=/usr/sbin/fwlogwatch
CONFIG=/etc/default/fwlogwatch
EXTRA_HEADER="Content-Type: text/plain"

test -x $FWLOGWATCH || exit 0
test -r $CONFIG || exit 0

# Source configuration generated from debconf's values
. $CONFIG

if [ "$CRON_EMAIL" = "none" ]; then
  exit 0
fi

OUTPUT=`$FWLOGWATCH $CRON_PARAMS`

(echo "$OUTPUT" | grep -q 'No valid time entries found') \
  && exit 0

## Mail results

TMPFILE=`mktemp /tmp/fwlogwatch.XXXXXXXXXX`

#echo "From: " >> $TMPFILE
echo "To: $CRON_EMAIL" >> $TMPFILE
echo "Subject: fwlogwatch daily news" >> $TMPFILE

(echo "$OUTPUT" | grep -q '</html>') \
  && echo "Content-Type: text/html" >> $TMPFILE

echo >> $TMPFILE>
echo "$OUTPUT" >> $TMPFILE

/usr/lib/sendmail -F `id -nu` "$CRON_EMAIL" < $TMPFILE

rm -f $TMPFILE

# vim:set ai et sts=2 sw=2 tw=0:



as said, /etc/fwlogwatch.config is all commented out except for the pid 
file.


btw, the pid file I've touched for fwlogwatch has disapeared from /run...























					Reply via email to