On Mon, 22 Oct 2012 18:40:23 -0400 Dave Reisner <d@xxxxxxxxxxxxxx> wrote: >On Mon, Oct 22, 2012 at 11:19:37PM +0100, Whiskers wrote: >> Thank you to all those who responded :)) >> >> I now have Leafnode-2 up and running smoothly with systemd. >> >> I have created these files: >> >> $ cat /etc/systemd/system/leafnode.socket >> [Unit] >> Description=Leafnode NNTP Socket >> >> [Socket] >> ListenStream=119 >> Accept=yes >> >> [Install] >> WantedBy=sockets.target >> >> and >> >> $ cat /etc/systemd/system/leafnode@.service >> [Unit] >> Description=Leafnode NNTP service >> After=syslog.target > >This isn't needed. syslog is always available thanks to the journal >socket. OK. >> >> [Service] >> ExecStart=/usr/local/sbin/leafnode > >/usr/local? That's where Leafnode-2 puts itself by default. >> StandardInput=socket >> User=news >> >> Access control depends entirely on ufw (iptables), rather than >> specifying a hostname or IPv6 or IPv4 number in leafnode.socket, >> although that would > >Binding to a specifc IP is hardly what I'd call access control. Wouldn't "ListenStream=127.0.0.1;119" prevent anyone not logged in to localhost from using Leafnode? >> probably work instead. The ListenStream line could probably be omitted >> entirely, unless some port other than 119 is required. > >Without the ListenStream declaration, systemd has no idea what port to >open the socket on. It's needed. Xinetd doesn't need to be told. Isn't there a table of standard ports for specified services? [...] >> -- >> -- ^^^^^^^^^^ >> -- Whiskers >> -- ~~~~~~~~~~ -- -- ^^^^^^^^^^ -- Whiskers -- ~~~~~~~~~~