Add secure patch (rhbz#836189)
This commit is contained in:
Jan Synacek
parent
47eb5193fe
commit
39fb7e08e8
48
logwatch-secure.patch
Normal file
48
logwatch-secure.patch
Normal file
@ -0,0 +1,48 @@
|
||||
--- logwatch-svn110-dist/scripts/services/secure 2012-09-27 10:01:34.178205179 +0200
|
||||
+++ logwatch-svn110-new/scripts/services/secure 2012-09-27 10:38:06.128565662 +0200
|
||||
@@ -198,7 +198,7 @@
|
||||
#Woody - specific, thanks to Michael Stovenour
|
||||
if ($ThisLine =~ /^PAM_unix[\[\]0-9]*:/i ) { next; }
|
||||
|
||||
- if (( $ThisLine =~ /pam_succeed_if(\([a-zA-Z]*:[a-zA-Z]*\))?: requirement \"uid < 100\" (was|not) met by user /) or
|
||||
+ if (( $ThisLine =~ /pam_succeed_if(\([a-zA-Z]*:[a-zA-Z]*\))?: requirement \"uid (<|>)=? 1000?\" (was|not) met by user /) or
|
||||
( $ThisLine =~ /pam_rhosts_auth\[\d+\]: allowed to [^ ]+ as \w+/) or
|
||||
( $ThisLine =~ /pam_rhosts_auth\([^\)]+\): allowed to [^ ]+ as \w+/) or
|
||||
( $ThisLine =~ /^(.*)\(pam_unix\)/) or
|
||||
@@ -226,6 +226,8 @@
|
||||
( $ThisLine =~ /^sshd\(\w+\)\[\d+\]: authentication failure/) or
|
||||
( $ThisLine =~ /^sshd\(\w+\)\[\d+\]: check pass; user unknown/) or
|
||||
( $ThisLine =~ /^sshd\(\w+\)\[\d+\]: session /) or
|
||||
+ ( $ThisLine =~ /sshd\[\d+\]: Server listening on/) or
|
||||
+ ( $ThisLine =~ /sshd\[\d+\]: Received signal \d+; terminating/) or
|
||||
( $ThisLine =~ /^ipop3d\[\d+\]:/) or
|
||||
( $ThisLine =~ /^su\[\d+\]: [+-] .+/) or
|
||||
( $ThisLine =~ /^su\[\d+\]: FAILED su for \S+ by \S+/) or #debian: done in pam_unix
|
||||
@@ -233,6 +235,8 @@
|
||||
( $ThisLine =~ /^login\[\d+\]: FAILED LOGIN \(\d+\) on ['`]\S+' FOR `\S+', (Authentication failure|User not known to the underlying authentication module)/) or #debian: done in pam_unix
|
||||
( $ThisLine =~ /^login: FAILED LOGIN 2 FROM (.*) FOR .*, (Authentication failure|User not known to the underlying authentication module)/) or
|
||||
( $ThisLine =~ /^login: pam_securetty(.*): unexpected response from failed conversation function/) or
|
||||
+ ( $ThisLine =~ /^login: pam_securetty(.*): access denied: tty '.*' is not secure/) or
|
||||
+ ( $ThisLine =~ /^login: pam_securetty(.*): cannot determine username/) or
|
||||
( $ThisLine =~ /^pam_limits\[\d+\]/ ) or
|
||||
( $ThisLine =~ /^kcheckpass(\[\d+\]|):/ ) or # done in pam_unix
|
||||
( $ThisLine =~ /^cyrus\/lmtpd\[\d+\]: [^ ]+ server step [12]/ ) or
|
||||
@@ -261,7 +265,8 @@
|
||||
( $ThisLine =~ /polkit-grant-helper\[\d+\]: granted authorization for [^ ]* to session .* \[uid=[0-9]*\]/) or
|
||||
( $ThisLine =~ /polkit-grant-helper-pam\[\d+\]: pam_thinkfinger\(polkit:auth\): conversation failed/) or
|
||||
( $ThisLine =~ /polkitd\(authority=.*\): (Unr|R)egistered Authentication Agent/) or
|
||||
- ( $ThisLine =~ /(gdm-session-worker|gdm-password)\[\d+\]: gkr-pam: no password is available for user/) or
|
||||
+ ( $ThisLine =~ /polkitd\(authority=.*\): Operator of unix-session:/) or
|
||||
+ ( $ThisLine =~ /(gdm-session-worker|gdm-password|gnome-screensaver-dialog)\[\d+\]: gkr-pam: no password is available for user/) or
|
||||
( $ThisLine =~ /gkr-pam: the password for the login keyring was invalid/) or
|
||||
( $ThisLine =~ /groupadd\[\d+\]: group added to /) or # Details in other messages
|
||||
( $ThisLine =~ /groupmod\[\d+\]: group changed in \/etc\/gshadow /) or # Details in other messages
|
||||
@@ -360,7 +365,7 @@
|
||||
$NoIP->{$ThisLine}++;
|
||||
} elsif ( ($Service,$Err) = ($ThisLine =~ /^([^ ]+)\[\d+\]: error: (.+)$/) ) {
|
||||
$Error{$Service}{$Err}++;
|
||||
- } elsif ( ($Service,$Err) = ($ThisLine =~ /^([^ ]+): (FAILED LOGIN SESSION FROM [^ ]+ FOR , .*)$/ ) ) {
|
||||
+ } elsif ( ($Service,$Err) = ($ThisLine =~ /^([^ ]+): (FAILED LOGIN SESSION FROM [^ ]+ FOR ([^ ]+)?, .*)$/ ) ) {
|
||||
$Error{$Service}{$Err}++;
|
||||
} elsif ( ($Service,$Err) = ($ThisLine =~ /^([^ ]+): (password mismatch for [^ ]+ in [^ ]+):.*$/ ) ) {
|
||||
$Error{$Service}{$Err}++;
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: A log file analysis program
|
||||
Name: logwatch
|
||||
Version: 7.4.0
|
||||
Release: 16.20120619svn110%{?dist}
|
||||
Release: 17.20120619svn110%{?dist}
|
||||
License: MIT
|
||||
Group: Applications/System
|
||||
URL: http://www.logwatch.org/
|
||||
@ -29,6 +29,7 @@ Patch10: logwatch-applystddate.patch
|
||||
Patch11: logwatch-http.patch
|
||||
Patch12: logwatch-pluto.patch
|
||||
Patch13: logwatch-xvc.patch
|
||||
Patch14: logwatch-secure.patch
|
||||
Requires: textutils sh-utils grep mailx
|
||||
Requires: perl(Date::Manip)
|
||||
Requires: perl(Sys::CPU)
|
||||
@ -56,6 +57,7 @@ of the package on many systems.
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
rm -f scripts/services/*.orig
|
||||
|
||||
%build
|
||||
@ -146,6 +148,9 @@ echo "# Configuration overrides for specific logfiles/services may be placed her
|
||||
%{_mandir}/man*/*
|
||||
|
||||
%changelog
|
||||
* Thu Sep 27 2012 Jan Synáček <jsynacek@redhat.com> - 7.4.0-17.20120619svn110
|
||||
- Add secure patch (rhbz#836189)
|
||||
|
||||
* Wed Aug 29 2012 Jan Synáček <jsynacek@redhat.com> - 7.4.0-16.20120619svn110
|
||||
- Add applystddate patch - support rsyslog timestamps
|
||||
- Add http patch - count .hdr files as archives
|
||||
|
||||
Loading…
Reference in New Issue
Block a user