Bug#1092466: systemd: /var/log/btmp is unconditionally created on boot

WHR whr at rivoreo.one
Wed Jan 8 09:07:29 GMT 2025 

Package: systemd
Version: 252.26-1~deb12u2
Severity: wishlist
X-Debbugs-Cc: whr at rivoreo.one

When system has a SSH service open to the internet, it is very common that
this service attracting a lot of brute force attacks, this is normal. An usual
system would already have logged such attacks in systemd journal and/or
traditional log files. I don't want a separate accounting database for the
failed login attempts.

In the days before systemd, an administrator can simply remove /var/log/btmp
file; this is enough to disable the database. But systemd ships
/usr/lib/tmpfiles.d/var.conf which would cause that file being created
unconditionally. Of course I can disable the shipped configuration file by
doing a 'ln -s /dev/null /etc/tmpfiles.d/var.conf', but this default still
creates an unexpected difference on systems with and without systemd.

The /var/log/btmp should be created once on 'base-files' package configuration
time (see its post-installation script), not on every time the system boots.


-- Package-specific info:

-- System Information:
Debian Release: 12.6
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 6.1.0-23-amd64 (SMP w/1 CPU thread; PREEMPT)
Locale: LANG=zh_TW.UTF-8, LC_CTYPE=zh_TW.UTF-8 (charmap=UTF-8), LANGUAGE=zh_CN:zh_TW:en_US:en_GB
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages systemd depends on:
ii  libacl1            2.3.1-3
ii  libaudit1          1:3.0.9-1
ii  libblkid1          2.38.1-5+deb12u1
ii  libc6              2.36-9+deb12u7
ii  libcap2            1:2.66-4
ii  libcryptsetup12    2:2.6.1-4~deb12u2
ii  libfdisk1          2.38.1-5+deb12u1
ii  libgcrypt20        1.10.1-3
ii  libkmod2           30+20221128-1
ii  liblz4-1           1.9.4-1
ii  liblzma5           5.4.1-0.2
ii  libmount1          2.38.1-5+deb12u1
ii  libp11-kit0        0.24.1-2
ii  libseccomp2        2.5.4-1+deb12u1
ii  libselinux1        3.4-1+b6
ii  libssl3            3.0.13-1~deb12u1
ii  libsystemd-shared  252.26-1~deb12u2
ii  libsystemd0        252.26-1~deb12u2
ii  libzstd1           1.5.4+dfsg2-5
ii  mount              2.38.1-5+deb12u1

Versions of packages systemd recommends:
ii  dbus [default-dbus-system-bus]   1.14.10-1~deb12u1
ii  systemd-timesyncd [time-daemon]  252.26-1~deb12u2

Versions of packages systemd suggests:
ii  libfido2-1             1.12.0-2+b1
pn  libqrencode4           <none>
pn  libtss2-esys-3.0.2-0   <none>
pn  libtss2-mu0            <none>
pn  libtss2-rc0            <none>
pn  polkitd | policykit-1  <none>
pn  systemd-boot           <none>
pn  systemd-container      <none>
pn  systemd-homed          <none>
pn  systemd-resolved       <none>
pn  systemd-userdbd        <none>

Versions of packages systemd is related to:
ii  dbus-user-session  1.14.10-1~deb12u1
pn  dracut             <none>
ii  initramfs-tools    0.142
ii  libnss-systemd     252.26-1~deb12u2
ii  libpam-systemd     252.26-1~deb12u2
ii  udev               252.26-1~deb12u2

-- no debconf information

More information about the Pkg-systemd-maintainers mailing list