On Mon, 11 Dec 2017 21:03:21 +0000, Alan Mackenzie wrote: > OK. But it's still there taking up RAM, and (more importantly) makes a > systemd system a broader target for attacks. Whether a system has an > http server (or, for that matter, an SSH server), for whatever purpose, > should be for the system administrator to decide. I suspect this isn't > the case for systemd's http server.
You're guessing again. The HTTP server doesn't run by default (very little on systemd does). On Gentoo, it's not even built by default, but don't let a brief look at the USE flags in eix get in the way of a good argument! > In any case, I don't want an http server on my system: I have no http to > serve. Then don't install one, I didn't. > I installed sshd as one of the first things on my new system, to > facilitate the transfer of files to it (and, probably, reading logs from > it remotely). The thing with using SSH to read logs is that it presents a much larger attack vector when you only want to allow a user to read remote logs. > I don't want a binary logging daemon either: that means having to learn > a special purpose utility to be able to read its logs, and, in general, > not being able to read that log from a remote machine. "journalctl" is just the same as "less /var/log/messages" so here's not much to learn unless you want to use the search features. Reading the log from a remote machine is easy, using either SSH or HTTP, whichever you prefer. My one complaint about the systemd journal is that there is not, AFAIK, a standalone reader. If I want to boot from a live CD, I can only read the logs if it is a systemd live CD, or I chroot into the original system. Unless someone knows different... -- Neil Bothwick OPERATOR ERROR: Nyah, Nyah, Nyah, Nyah, Nyah!
pgpMVz6kl4m1w.pgp
Description: OpenPGP digital signature
