Re: Starting stunnel with systemd.

To: debian-user@lists.debian.org
Subject: Re: Starting stunnel with systemd.
From: Darac Marjal <mailinglist@darac.org.uk>
Date: Sun, 23 Apr 2023 19:09:16 +0100
Message-id: <[🔎] 0a2de6ba-15a9-0b01-50f1-b75ad750f176@darac.org.uk>
In-reply-to: <[🔎] 897c4593eca5f214cddd3d8af000cd51@easthope.ca>
References: <[🔎] 897c4593eca5f214cddd3d8af000cd51@easthope.ca>

1. stunnel hasn't been in Debian since etch (Debian 4.0).

2. stunnel4 comes with a service file template(https://sources.debian.org/src/stunnel4/3%3A5.68-2/debian/stunnel4%40.stunnel.service/),which is likely to have been tested to work.


3. Could the warning about protecting your POP3 connection be the cause?


On 23/04/2023 17:41, peter@easthope.ca wrote:

Hi,

After starting interactively, stunnel works.

To automate, this service file was created.

$ cat /etc/systemd/system/stunnel.service
[Unit]
Description=StunnelStarter
Documentation=man:stunnel(8)
After=network.target auditd.service

[Service]
ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.conf foreground=yes
Restart=no
Type=simple

[Install]
WantedBy=multi-user.target
Alias=stunnel.service

After booting, no stunnel.

$ ps aux | grep stunnel
root 1463 0.0 0.0 6244 700 pts/0 S+ 09:31 0:00grep stunnel
$ systemctl status stunnel
* stunnel.service - StunnelStarter
Loaded: loaded (/etc/systemd/system/stunnel.service; enabled;vendor preset: enabled)
     Active: inactive (dead) since Sun 2023-04-23 08:52:52 PDT; 7min ago
       Docs: man:stunnel(8)
Process: 572 ExecStart=/usr/bin/stunnel /etc/stunnel/stunnel.confforeground=yes (code=exited, status=0/SUCCESS)
   Main PID: 572 (code=exited, status=0/SUCCESS)
        CPU: 13ms
Apr 23 08:52:52 imager stunnel[572]: LOG5[ui]: Threading:PTHREADSockets:POLL,IPv6,SYSTEMD TLS:ENGINE,FIPS,OCSP,PSK,SNI Auth:LIBWRAPApr 23 08:52:52 imager stunnel[572]: LOG5[ui]: Reading configurationfrom file /etc/stunnel/stunnel.confApr 23 08:52:52 imager stunnel[572]: LOG5[ui]: UTF-8 byte order marknot detectedApr 23 08:52:52 imager stunnel[572]: LOG5[ui]: FIPS mode disabledApr23 08:52:52 imager stunnel[572]: LOG4[ui]: Service [pop3] needsauthenticati
on to prevent MITM attacks
Apr 23 08:52:52 imager stunnel[572]: LOG5[ui]: Configuration successful
Apr 23 08:52:52 imager stunnel[584]: LOG5[main]: Terminated
Apr 23 08:52:52 imager stunnel[584]: LOG5[main]: Terminating 1 servicethread(s)Apr 23 08:52:52 imager stunnel[584]: LOG5[main]: Service threadsterminated
Apr 23 08:52:52 imager systemd[1]: stunnel.service: Succeeded.

Terminated.  Why?

Thanks,               ... P.

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to:

Follow-Ups:
- Re: Starting stunnel with systemd.
  - From: Virgo Pärna <virgo.parna@mail.ee>

References:
- Starting stunnel with systemd.
  - From: peter@easthope.ca

Prev by Date: USB (permissions ?) problem on newly installed Bullseye : usb scanner wont communicate
Next by Date: Re: efi problem
Previous by thread: Starting stunnel with systemd.
Next by thread: Re: Starting stunnel with systemd.
Index(es):
- Date
- Thread