I have configured xinetd to launch NSCA when a connection on port 5667 is made. I can start xinetd by command line as root and things work correctly:
/usr/sbin/xinetd -stayalive -pidfile /var/run/xinetd.pid
I can send a test NSCA message to myself, and /var/log/messages shows NSCA daemons getting spun up, writing to nagios.cmd pipe, etc.
But, when run by systemctl start xinetd, my test messages fail with "Server closed connection before init packet was received"
The xinetd service appears the same in ps -ef | grep xinetd regardless of which way it's run.
I don't think its a user or permissions problem, as it should be running as root.
Not having much luck getting NSCA or XINETD to log any relevant info on why its attempting to spin up the NSCA daemon but immediately exiting...
See below for my nsca file for xinetd
service nsca
{
flags = REUSE
socket_type = stream
wait = no
user = root
group = root
server = /usr/sbin/nsca
server_args = -c /usr/local/nagios/etc/nsca.cfg --inetd
log_on_failure += USERID
disable = no
only_from = <list of allowed hosts>
instances = UNLIMITED
per_source = UNLIMITED
cps = 5000 0
}
Solution: I learned that when systemd launches a process, its in a clean slate environment. So, anything run by xinetd that requires environment variables needs those env vars passed in xinetd's environment file (a field in /lib/systemd/system/xinetd.service called "EnvironmentFile"). For me that lives at: /etc/sysconfig/xinetd To find which vars I need, in the bash window in which running xinetd manually was WORKING, 'env' spit out all the vars. Copied them all into /etc/sysconfig/xinetd, then 'systemctl restart xinetd' and all worked. Then just through process of elimination determined the envvar I was missing was: LD_LIBRARY_PATH=:/usr/local/libmcrypt/lib