Gentoo Archives: gentoo-user

From: Tom H <tomh0665@×××××.com>
To: Gentoo User <gentoo-user@l.g.o>
Subject: Re: [gentoo-user] Re: Is gnome becoming obligatory?
Date: Mon, 11 Dec 2017 22:00:27
In Reply to: Re: [gentoo-user] Re: Is gnome becoming obligatory? by Alan Mackenzie
1 On Mon, Dec 11, 2017 at 4:03 PM, Alan Mackenzie <acm@×××.de> wrote:
2 > On Mon, Dec 11, 2017 at 18:56:15 +0000, Neil Bothwick wrote:
5 >> This may come as a surprise to some, but some things you hear on
6 >> t'internet are not true...
7 >>
8 >> For example, the http server is there to allow access to logs from
9 >> another machine without needing to grant SSH access. It is not enabled by
10 >> default.
11 >
12 > OK. But it's still there taking up RAM, and (more importantly) makes a
13 > systemd system a broader target for attacks. Whether a system has an
14 > http server (or, for that matter, an SSH server), for whatever purpose,
15 > should be for the system administrator to decide. I suspect this isn't
16 > the case for systemd's http server.
17 >
18 > In any case, I don't want an http server on my system: I have no http to
19 > serve. I installed sshd as one of the first things on my new system, to
20 > facilitate the transfer of files to it (and, probably, reading logs from
21 > it remotely).
23 I don't use systemd on Gentoo but I assume that there's a USE flag for
24 the http server, because, in binary distributions, this http server's
25 in a standalone package - "systemd-journal-remote" on Ubuntu and
26 "systemd-journal-gateway" on RHEL and clones.
29 > I don't want a binary logging daemon either: that means having to learn
30 > a special purpose utility to be able to read its logs, and, in general,
31 > not being able to read that log from a remote machine.
33 You can set "Storage=none" and "ForwardToSyslog=yes" in
34 "/etc/systemd/journald.conf", install and enable rsyslog and you won't
35 have binary logs when running systemd.