Bug: cyrus-sasl fills systemd journal with SQL debug messages

P. Wagner patrick.wagner at rga-net.de
Tue Oct 6 14:25:35 EDT 2015


On 10/06/15 19:30, Dan White wrote:
> On 10/06/15 18:45 +0200, P. Wagner wrote:
>> On 10/06/15 15:30, Dan White wrote:
>>> The shotgun approach for reducing the impact on your syslog is to  > 
>>> modify your syslog daemon configuration to disregard auth.debug >
>> (auth.*).
>>
>> Not possible, because the systemd journal itself stores everything it 
>> gets sent, and _additionally_ (with CentOS default config) sends 
>> copies of all messages to an rsyslog daemon which is in fact 
>> configured to ignore auth.log messages by default, so none of the 
>> messages end up in a "plain text log file", but instead are piling up 
>> in the binary systemd journal file only. But I don't want this 
>> irrelevant noise in my journal if I didn't ask for it.
>
> Is this not configurable within systemd?
Not that I'm aware of, it's one of the selling points of the systemd 
journal that it includes all possible messages, even those logged during 
early stages of the boot process, and you can of course filter the 
journal output to not the debug messages, but this still consumes system 
resources for no reason at all and isn't really the point anyway - I've 
expressly told cyrus-sasl that I don't want anything logged, yet I do 
get logs, and really verbose ones at that.

>> You didn't comment on Viktor's findings/patch - is there a valid 
>> reason why the connection handle parameter of log() is set to NULL 
>> and prevents postfix from handling the messages? The messages are 
>> logged with facility "auth", not "mail", so it's not a message passed 
>> to postfix and then sent to syslog by postfix, but it's logged by the 
>> cyrus-sasl module itself straight to syslog, despite log_level set to 0
>>
>> Or, put another way, are you unable to confirm this behavior on a 
>> systemd distro, or on an arbitrary non-systemd distro whose syslog 
>> daemon has been configured to log auth.debug messages somewhere? If I 
>> reconfigure rsyslog on my old Ubuntu 12.04 servers to log auth.debug, 
>> I can see the auxprop sql messages there as well, despite log_level 
>> set to 0. If I understand correctly, I shouldn't, or what else do I 
>> need to set to make it stop?
>
> I suggest opening a bug report, or attaching your findings to any 
> existing
> bug reports, and include any links you have regarding systemd behavior in
> suppressing auth.debug. And of course, include links to any patches that
> you feel address this problem.

I didn't find a matching bug report in Cyrus Bugzilla, so will create a 
new one. Thanks.

--
Patrick Wagner




More information about the Cyrus-sasl mailing list