Hello Marial :)

Le 20/11/2024 à 20:16, Darac Marjal a écrit :
On Wed, Nov 20, 2024 at 05:35:58PM +0100, Jean-François Bachelet wrote:
[cut]

'systemctl status fwlogwatch.service' :


fwlogwatch.service - Firewall log analyzer
     Loaded: loaded (/lib/systemd/system/fwlogwatch.service; enabled; preset: enabled)      Active: failed (Result: exit-code) since Wed 2024-11-20 17:02:18 CET; 1min 27s ago
       Docs: man:fwlogwatch
    Process: 294164 ExecStart=/bin/sh -c if [ "x${START_DAEMON}" != "xtrue" ]; then echo "aborted"; exit 1; fi;    exec /usr/sbin/ fwlogwatch -c /etc/fwlogwatch/fwlogwatch.config -R ${PARAMS} (code=exited, status=1/FAILURE)
        CPU: 16ms

nov. 20 17:02:18 deb systemd[1]: Starting fwlogwatch.service - Firewall log analyzer...
nov. 20 17:02:18 deb sh[294164]: aborted
nov. 20 17:02:18 deb systemd[1]: fwlogwatch.service: Control process exited, code=exited, status=1/FAILURE nov. 20 17:02:18 deb systemd[1]: fwlogwatch.service: Failed with result 'exit-code'. nov. 20 17:02:18 deb systemd[1]: Failed to start fwlogwatch.service - Firewall log analyzer.

I might be reading this wrong, but the "ExecStart" command is a shell script which basically says "if the $START_DAEMON variable does not equal 'true', then echo 'aborted' and stop". Given you get sh printing the word 'aborted', I think you're reading that branch.

Did you set "START_DAEMON=true" in /etc/default/fwlogwatch or similar?
there is no such stuff in the confs...

here is what the cron daily conf says for it :

/etc/cron.daily/fwlogwatch #!/bin/sh
# fwlogwatch's daily cron job
# Copyright 2001 Alberto Gonzalez Iniesta <a...@agi.as>
# Licensed under the GNU General Public License, version 2.  See the file
# /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
#
set -e
test $DEBIAN_SCRIPT_DEBUG && set -v -x

FWLOGWATCH=/usr/sbin/fwlogwatch
CONFIG=/etc/default/fwlogwatch
EXTRA_HEADER="Content-Type: text/plain"

test -x $FWLOGWATCH || exit 0
test -r $CONFIG || exit 0

# Source configuration generated from debconf's values
. $CONFIG

if [ "$CRON_EMAIL" = "none" ]; then
  exit 0
fi

OUTPUT=`$FWLOGWATCH $CRON_PARAMS`

(echo "$OUTPUT" | grep -q 'No valid time entries found') \
  && exit 0

## Mail results

TMPFILE=`mktemp /tmp/fwlogwatch.XXXXXXXXXX`

#echo "From: " >> $TMPFILE
echo "To: $CRON_EMAIL" >> $TMPFILE
echo "Subject: fwlogwatch daily news" >> $TMPFILE

(echo "$OUTPUT" | grep -q '</html>') \
  && echo "Content-Type: text/html" >> $TMPFILE

echo >> $TMPFILE>
echo "$OUTPUT" >> $TMPFILE

/usr/lib/sendmail -F `id -nu` "$CRON_EMAIL" < $TMPFILE

rm -f $TMPFILE

# vim:set ai et sts=2 sw=2 tw=0:

as said, /etc/fwlogwatch.config is all commented out except for the pid file.

btw, the pid file I've touched for fwlogwatch has disapeared from /run...

Reply via email to