- add named, pam_unix and audit service patches

2007-07-04 12:26:52 +00:00 · 2007-07-04 12:26:52 +00:00 · 96c5e053ea
commit 96c5e053ea
parent b5d7ea406c
4 changed files with 82 additions and 1 deletions
--- a/logwatch-7.3.6-audit.patch
+++ b/logwatch-7.3.6-audit.patch
@ -0,0 +1,12 @@
+--- logwatch-7.3.6/scripts/services/audit.pom	2007-02-16 04:25:17.000000000 +0100
+++ logwatch-7.3.6/scripts/services/audit	2007-07-04 12:15:55.000000000 +0200
+@@ -82,7 +82,8 @@ while ($ThisLine = <STDIN>) {
+ 	( $ThisLine =~ /: user pid=[0-9]+ uid=[0-9]+ auid=[0-9]+ subj=system_u:system_r:system_dbusd_t:[0-9a-z]+ msg=/) or
+ 	( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): (selinux=[0-9]+|auid=[0-9]+|prom=[0-9]+|old_prom=[0-9]+|dev=[^ ]+| )+$/) or
+         ( $ThisLine =~ /auditd[ ]+S [0-9A-F]+  [0-9]+  [0-9]+[ ]+[0-9]([ ]*[0-9]+[ ]*|[ ]*)[0-9]+  [0-9]+ \(NOTLB\)/) or
+-        ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/)
+        ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/) or
+        ( $ThisLine =~ /audit\([0-9.]*:[0-9]*\): bool=.* val=.* old_val=.* auid=[0-9]*/)
+     ) { 
+ 	# Ignore these entries
+     } elsif ( $ThisLine =~ /audit\([0-9]{10}.[0-9]{3}:[0-9]\): initialized$/) {
--- a/logwatch-7.3.6-named3.patch
+++ b/logwatch-7.3.6-named3.patch
@ -0,0 +1,48 @@
+--- logwatch-7.3.6/scripts/services/named.pom	2007-07-04 12:58:44.000000000 +0200
+++ logwatch-7.3.6/scripts/services/named	2007-07-04 14:16:20.000000000 +0200
+@@ -172,7 +172,16 @@ while (defined($ThisLine = <STDIN>)) {
+       ($ThisLine =~ /weak RSASHA1 \(5\) key found \(exponent=3\)/) or 
+       ($ThisLine =~ /Bad file descriptor/) or 
+       ($ThisLine =~ /open: .*: file not found/) or
+-      ($ThisLine =~ /queries: client [0-9.#:]* view localhost_resolver: query: .* IN .*/)
+      ($ThisLine =~ /queries: client [0-9.#:]* view localhost_resolver: query: .* IN .*/) or
+      ($ThisLine =~ /zone .*: NS '.*' is a CNAME \(illegal\)/) or
+      ($ThisLine =~ /zone .*: zone serial unchanged. zone may fail to transfer to slaves/) or
+      ($ThisLine =~ /zone .*: loading from master file .* failed/) or
+      ($ThisLine =~ /zone .*: NS '.*' has no address records/) or
+      ($ThisLine =~ /.*: not a valid number$/) or
+      ($ThisLine =~ /.*: unexpected end of input/) or
+      ($ThisLine =~ /too many timeouts resolving '.*' .*: disabling EDNS/) or
+      ($ThisLine =~ /reloading zones succeeded/)
+      # too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
+    ) {
+       # Don't care about these...
+    } elsif (
+@@ -265,6 +274,10 @@ while (defined($ThisLine = <STDIN>)) {
+    } elsif ( (($Log) = ($ThisLine =~ /(freezing .*zone.*)/)) or
+ 	     (($Log) = ($ThisLine =~ /(thawing .*zone.*)/)) ) {
+       $CCMessages2{$Log}++;
+   } elsif (($CCC) = ($ThisLine =~ /unknown control channel command '(.*)'/)) {
+      $UnknownCCCommands{$CCC}++;
+   } elsif (($CCC) = ($ThisLine =~ /received control channel command '(.*)'/)) {
+      $CCCommands{$CCC}++;
+    } else {
+       # Report any unmatched entries...
+       # remove PID from named messages
+@@ -494,6 +507,16 @@ if ((keys %CCMessages) or (keys %CCMessa
+    }
+ }
+ 
+if ((keys %CCCommands) or (keys %UnknownCCCommands)) {
+   print "\n Received control channel commands\n";
+   foreach $ThisOne (keys %CCCommands) {
+      print "   " . $ThisOne . ": " . $CCCommands{$ThisOne} . " Time(s)\n";
+   }
+   foreach $ThisOne (keys %UnknownCCCommands) {
+      print "   " . $ThisOne . "(unknown command): " . $CCCommands{$ThisOne} . " Time(s)\n";
+   }               
+}
+
+ if (keys %OtherList) {
+    print "\n**Unmatched Entries**\n";
+    foreach $line (sort {$a cmp $b} keys %OtherList) {
--- a/logwatch-7.3.6-pam_unix.patch
+++ b/logwatch-7.3.6-pam_unix.patch
@ -0,0 +1,12 @@
+--- logwatch-7.3.6/scripts/services/pam_unix.pom	2007-07-04 12:34:02.000000000 +0200
+++ logwatch-7.3.6/scripts/services/pam_unix	2007-07-04 12:46:02.000000000 +0200
+@@ -112,7 +112,8 @@ while ($line = <STDIN>) {
+ 	}
+    #lowercase the service 
+    $service = lc($service); 
+-	if (($service eq 'sshd') or ($service eq 'login') or ($service eq 'ftp') or ($service eq 'rsh')) {
+	if (($service eq 'sshd') or ($service eq 'login') or ($service eq 'ftp') or ($service eq 'rsh') or 
+	    ($service eq 'remote') or ($service eq 'rlogin')) {
+ 		if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
+ 			($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
+       } elsif ($line =~ s/^session opened for user ([^ ]*) by ([^ ]*)\(uid=\d+\)/$1 by $2/) {
--- a/logwatch.spec
+++ b/logwatch.spec
@ -1,7 +1,7 @@
 Summary: A log file analysis program
 Name: logwatch
 Version: 7.3.6
-Release: 2%{?dist}
+Release: 3%{?dist}
 License: MIT
 Group: Applications/System
 URL: http://www.logwatch.org/
@ -15,6 +15,9 @@ Patch6: logwatch-7.3.4-sshd.patch
 Patch9: logwatch-7.3.4-sshd3.patch
 Patch10: logwatch-7.3.4-named.patch
 Patch11: logwatch-7.3.6-named2.patch
+Patch12: logwatch-7.3.6-audit.patch
+Patch13: logwatch-7.3.6-pam_unix.patch
+Patch14: logwatch-7.3.6-named3.patch

 Requires: textutils sh-utils grep mailx
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@ -37,6 +40,9 @@ of the package on many systems.
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
+%patch12 -p1
+%patch13 -p1
+%patch14 -p1

 %build

@ -149,6 +155,9 @@ rm -rf %{buildroot}
 %doc License project/CHANGES 

 %changelog
+* Wed Jul  4 2007 Ivana Varekova <varekova@redhat.com> 7.3.6-3
+- add named, pam_unix and audit service patches
+
 * Mon Jun  4 2007 Ivana Varekova <varekova@redhat.com> 7.3.6-2
 - fix secure script
 - Resolves: #242201