Bug#1092466: systemd: /var/log/btmp is unconditionally created on boot
Luca Boccassi
bluca at debian.org
Wed Jan 8 11:01:02 GMT 2025
Control: tags -1 wontfix
Control: close -1
On Wed, 08 Jan 2025 17:07:29 +0800 WHR <whr at rivoreo.one> wrote:
> Package: systemd
> Version: 252.26-1~deb12u2
> Severity: wishlist
> X-Debbugs-Cc: whr at rivoreo.one
>
> When system has a SSH service open to the internet, it is very common
that
> this service attracting a lot of brute force attacks, this is normal.
An usual
> system would already have logged such attacks in systemd journal
and/or
> traditional log files. I don't want a separate accounting database
for the
> failed login attempts.
>
> In the days before systemd, an administrator can simply remove
/var/log/btmp
> file; this is enough to disable the database. But systemd ships
> /usr/lib/tmpfiles.d/var.conf which would cause that file being
created
> unconditionally. Of course I can disable the shipped configuration
file by
> doing a 'ln -s /dev/null /etc/tmpfiles.d/var.conf', but this default
still
> creates an unexpected difference on systems with and without systemd.
That's working as intended, if you wish to disable it, use masking, in
the way you described it, and it will do what you want.
More information about the Pkg-systemd-maintainers
mailing list