diff --git a/logwatch-7.3.6-manpages.patch b/logwatch-7.3.6-manpages.patch new file mode 100644 index 0000000..c72005f --- /dev/null +++ b/logwatch-7.3.6-manpages.patch @@ -0,0 +1,148 @@ +>From f995c3a89d66be95959f45dda55d39309f663ac5 Mon Sep 17 00:00:00 2001 +From: Karel Klic +Date: Tue, 6 Apr 2010 14:52:25 +0200 +Subject: [PATCH 18/18] Added manpages for configuration files + +--- + ignore.conf.5 | 1 + + install_logwatch.sh | 28 ++++++++++++++++++++-------- + logwatch.conf.5 | 37 +++++++++++++++++++++++++++++++++++++ + override.conf.5 | 1 + + 4 files changed, 59 insertions(+), 8 deletions(-) + create mode 100644 ignore.conf.5 + mode change 100644 => 100755 install_logwatch.sh + create mode 100644 logwatch.conf.5 + create mode 100644 override.conf.5 + +diff --git a/ignore.conf.5 b/ignore.conf.5 +new file mode 100644 +index 0000000..f434964 +--- /dev/null ++++ b/ignore.conf.5 +@@ -0,0 +1 @@ ++.so man5/logwatch.conf.5 +\ No newline at end of file +diff --git a/install_logwatch.sh b/install_logwatch.sh +old mode 100644 +new mode 100755 +index 6e4f7c1..3a34ce5 +--- a/install_logwatch.sh ++++ b/install_logwatch.sh +@@ -130,7 +130,7 @@ else + fi + + printf "Enter the path for the Logwatch ConfigDir [$CONFIGDIR] : " +-read config ++read config + + if [ "$config" = "" ]; then + printf "### Using $CONFIGDIR\n" +@@ -263,22 +263,25 @@ for f in `echo $PATH | tr : ' '`; do + done + + #Man page +-if [ -d $MANDIR/man8 ] && [ $HAVE_MAKEWHATIS ]; then ++if [ -d $MANDIR/man5 ] && [ -d $MANDIR/man8 ] && [ $HAVE_MAKEWHATIS ]; then + install -m 0644 logwatch.8 $MANDIR/man8 ++ install -m 0644 logwatch.conf.5 $MANDIR/man5 ++ install -m 0644 override.conf.5 $MANDIR/man5 ++ install -m 0644 ignore.conf.5 $MANDIR/man5 + #OpenBSD no -s + if [ $OS = "OpenBSD" ]; then +- makewhatis -u $MANDIR/man8 ++ makewhatis -u $MANDIR/man5 $MANDIR/man8 + else + #FreeBSD and NetBSD no -s no -u + if [ $OS = "FreeBSD" ] || [ $OS = "NetBSD" ]; then +- makewhatis $MANDIR/man8 ++ makewhatis $MANDIR/man5 $MANDIR/man8 + else + #MacOS X aka Darwin no -u [even thought the manpage says] + if [ $OS = "Darwin" ]; then +- makewhatis -s 8 $MANDIR ++ makewhatis -s "5 8" $MANDIR + else + #Linux +- makewhatis -u -s 8 $MANDIR ++ makewhatis -u -s "5 8" $MANDIR + fi + fi + fi +@@ -287,12 +290,21 @@ else + #Go for the safe install rather then editing man.cf + mkdir -p $MANDIR/man1m > /dev/null 2>&1 + install -m 0644 logwatch.8 $MANDIR/man1m ++ install -m 0644 logwatch.conf.5 $MANDIR/man1m ++ install -m 0644 override.conf.5 $MANDIR/man1m ++ install -m 0644 ignore.conf.5 $MANDIR/man1m +- catman -w -M /usr/share/man/man1m ++ catman -w -M $MANDIR/man1m + else ++ install -m 0755 -d $MANDIR/man5 ++ install -m 0644 logwatch.conf.5 $MANDIR/man5 ++ install -m 0644 override.conf.5 $MANDIR/man5 ++ install -m 0644 ignore.conf.5 $MANDIR/man5 ++ + install -m 0755 -d $MANDIR/man8 + install -m 0644 logwatch.8 $MANDIR/man8 +- printf "Installed manpage in $MANDIR/man8.\n" +- printf "Check your man.cf or man.conf to enable MANSECTS 8\n" ++ ++ printf "Installed manpages in $MANDIR/man5 and $MANDIR/man8.\n" ++ printf "Check your man.cf or man.conf to enable MANSECTS 5 and 8\n" + fi + fi + +diff --git a/logwatch.conf.5 b/logwatch.conf.5 +new file mode 100644 +index 0000000..691c533 +--- /dev/null ++++ b/logwatch.conf.5 +@@ -0,0 +1,37 @@ ++.\" Written by Ivana Varekova . ++.TH LOGWATCH.CONF 5 2010-02-10 "GNU" "Linux Programmer's Manual" ++.SH NAME ++logwatch.conf, ignore.conf, override.conf - logwatch configuration files ++.SH DESCRIPTION ++ ++.BR logwatch.conf ++- ( ++.BR /etc/logwatch/conf/logwatch.conf ++) ++- can contain the local configuration options. ++The list of valid settings and their default values are in ++.BR /usr/share/logwatch/default.conf/logwatch.conf. ++ ++.BR ignore.conf ++- ( ++.BR /etc/logwatch/conf/ignore.conf ++) ++is the list of regular expressions. ++The set of logs decribed by this set is ignored by logwatch. ++ ++.BR override.conf ++- ( ++.BR /etc/logwatch/conf/override.conf ++) ++contains the settings which overrides the standard configuration ++of specific log files or services. The syntax is the same as in ++log/service files. ++ ++.SH FILES ++.I /etc/logwatch/conf/logwatch.conf ++.I /etc/logwatch/conf/logwatch.conf ++.I /etc/logwatch/conf/logwatch.conf ++.I /usr/share/logwatch/default.conf/logwatch.conf ++ ++.SH "SEE ALSO" ++.BR logwatch (8) +diff --git a/override.conf.5 b/override.conf.5 +new file mode 100644 +index 0000000..775458f +--- /dev/null ++++ b/override.conf.5 +@@ -0,0 +1 @@ ++.so man5/logwatch.conf.5 +-- +1.6.6.1 + diff --git a/logwatch-7.3.6-named8.patch b/logwatch-7.3.6-named8.patch new file mode 100644 index 0000000..6dae15f --- /dev/null +++ b/logwatch-7.3.6-named8.patch @@ -0,0 +1,26 @@ +From 0848cea632ef7b153bf74fabf6797a37897fc90d Mon Sep 17 00:00:00 2001 +From: Karel Klic +Date: Mon, 12 Apr 2010 17:06:42 +0200 +Subject: [PATCH 1/2] Update for named script to ignore broken trust chain messages (rhbz#581186) + +--- + scripts/services/named | 5 +++-- + 1 files changed, 3 insertions(+), 2 deletions(-) + +diff --git a/scripts/services/named b/scripts/services/named +index 9097a73..811a4b9 100755 +--- a/scripts/services/named ++++ b/scripts/services/named +@@ -226,7 +226,8 @@ while (defined($ThisLine = )) { + ($ThisLine =~ /^must-be-secure resolving '.*': .*/) or + ($ThisLine =~ /^no valid (DS|KEY|RRSIG) resolving '.*': .*/) or + ($ThisLine =~ /^not insecure resolving '.*': .*/) or +- ($ThisLine =~ /^validating \@0x[[:xdigit:]]+: .* DS: must be secure failure/) ++ ($ThisLine =~ /^validating \@0x[[:xdigit:]]+: .* DS: must be secure failure/) or ++ ($ThisLine =~ /^broken trust chain resolving '.*': .*/) + # too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s) + ) { + # Don't care about these... +-- +1.6.6.1 + diff --git a/logwatch-7.3.6-zz-fortune.patch b/logwatch-7.3.6-zz-fortune.patch new file mode 100644 index 0000000..88e4c14 --- /dev/null +++ b/logwatch-7.3.6-zz-fortune.patch @@ -0,0 +1,63 @@ +From 767088a99774ee2b0b68433c158b8facd4368a6b Mon Sep 17 00:00:00 2001 +From: Karel Klic +Date: Wed, 14 Apr 2010 11:44:46 +0200 +Subject: [PATCH] Do not run zz-fortune if logwatch report is otherwise empty. + Patch by Penelope Fudd + Red Hat bugzilla #573450 + +--- + scripts/logwatch.pl | 4 ++++ + scripts/services/zz-fortune | 19 +++++++++++++------ + 2 files changed, 17 insertions(+), 6 deletions(-) + +diff --git a/scripts/logwatch.pl b/scripts/logwatch.pl +index 12c935e..452dde2 100755 +--- a/scripts/logwatch.pl ++++ b/scripts/logwatch.pl +@@ -1347,6 +1347,10 @@ sub parselogs { + &output( $index_par, "\n --------------------- $ServiceData{$Service}{'title'} $BeginVar ------------------------ \n\n", "line"); + } + $has_output = 1; ++ # Set the environment variable indicating that the report ++ # is not empty. zz-fortune service uses this to determine ++ # whether it should output something or not. ++ $ENV{'LOGWATCH_HAS_OUTPUT'} = 1; + } + &output( $index_par, $ThisLine, "line"); + } +diff --git a/scripts/services/zz-fortune b/scripts/services/zz-fortune +index 77902fa..e290b75 100755 +--- a/scripts/services/zz-fortune ++++ b/scripts/services/zz-fortune +@@ -22,15 +22,22 @@ + my $env = ( $ENV{'REAL_LANG'} ? "LANG=".$ENV{'REAL_LANG'}." " : "" ). + ( $ENV{'REAL_LC_ALL'} ? "LC_ALL=".$ENV{'REAL_LC_ALL'}." " : "" ); + ++# Do not call fortune if it is the only service that is active. ++# Solves the issue that the report is sent every time the logwatch ++# is run even when nothing happened on the machine. ++if (! defined $ENV{'LOGWATCH_HAS_OUTPUT'}) { ++ exit 0; ++} ++ + if (($ENV{'PRINTING'} eq "y" ) && (-f "/usr/games/fortune")) { +- #print "\n\n------------------ Fortune --------------------\n\n"; +- system("$env /usr/games/fortune"); +- print "\n"; ++ #print "\n\n------------------ Fortune --------------------\n\n"; ++ system("$env /usr/games/fortune"); ++ print "\n"; + } + elsif (($ENV{'PRINTING'} eq "y" ) && (-f "/usr/bin/fortune")) { +- #print "\n\n------------------ Fortune --------------------\n\n"; +- system("$env /usr/bin/fortune"); +- print "\n"; ++ #print "\n\n------------------ Fortune --------------------\n\n"; ++ system("$env /usr/bin/fortune"); ++ print "\n"; + } + + # vi: shiftwidth=3 tabstop=3 syntax=perl et +-- +1.6.6.1 + diff --git a/logwatch.spec b/logwatch.spec index ef92fa7..27446f6 100644 --- a/logwatch.spec +++ b/logwatch.spec @@ -1,7 +1,7 @@ Summary: A log file analysis program Name: logwatch Version: 7.3.6 -Release: 50%{?dist} +Release: 51%{?dist} License: MIT Group: Applications/System URL: http://www.logwatch.org/ @@ -97,34 +97,56 @@ Patch51: logwatch-7.3.6-openvpn3.patch Patch52: logwatch-7.3.6-smartd.patch # Applied by upstream. Patch53: logwatch-7.3.6-sshd2.patch -# Not applied by upstream. +# Sent. Not applied by upstream. Patch54: logwatch-7.3.6-exim2.patch # Applied by upstream. Patch55: logwatch-7.3.6-removeservice.patch # Fedora-specific change. It must be decided # whether it is right. Not applied to upstream. Patch56: logwatch-7.3.6-cron_conf.patch -# Not applied by the upstream. +# Sent. Not applied by the upstream. Patch57: logwatch-7.3.6-named5.patch # Sent to upstream. Patch58: logwatch-7.3.6-iptables.patch -# Not sent to upstream. +# Sent to upstream. Patch59: logwatch-7.3.6-lost-connection.patch -# Not applied by upstream. Not sent. +# Not applied by upstream. Sent. Patch60: logwatch-7.3.6-secure3.patch -# Not sent to upstream. +# Sent to upstream. Patch61: logwatch-7.3.6-audit4.patch -# Not applied by upstream. Not sent. +# Not applied by upstream. Sent. Patch62: logwatch-7.3.6-dovecot2.patch +# Sent, not applied yet. Patch63: logwatch-7.3.6-openvpn4.patch +# Sent, not applied yet. Patch64: logwatch-7.3.6-pam_unix4.patch +# Sent, not applied yet. Patch66: logwatch-7.3.6-named6.patch -# Not sent, not applied by upstream. +# Sent, not applied by upstream. Patch67: logwatch-7.3.6-sshd3.patch +# Sent, not applied yet. Patch68: logwatch-7.3.6-dhcpd2.patch +# Sent, not applied yet. Patch69: logwatch-7.3.6-named7.patch +# Sent, not applied yet. Patch70: logwatch-7.3.6-dovecot3.patch +# Sent, not applied yet. Patch71: logwatch-7.3.6-sendmail2.patch +# Not send to upstream. +# Do not send reports with zz-fortune only. +# rhbz#573450 +# Negative consequence is that it breaks +# `logwatch --service zz-fortune --print` +# but noboty runs this anyway. +Patch72: logwatch-7.3.6-zz-fortune.patch +# Sent to upstream. +# Adds manpages for configuration files. +# rhbz#525644 +Patch73: logwatch-7.3.6-manpages.patch +# Ignore broken trust chain messages in named service +# rhbz#581186 +Patch74: logwatch-7.3.6-named8.patch + Requires: textutils sh-utils grep mailx Requires: perl(Date::Manip) BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -199,6 +221,9 @@ of the package on many systems. %patch69 -p1 %patch70 -p1 %patch71 -p1 +%patch72 -p1 +%patch73 -p1 +%patch74 -p1 rm -f scripts/services/*.orig %build @@ -243,16 +268,7 @@ install -m 0755 -d %{buildroot}%{_mandir}/man8 install -m 0644 logwatch.8 %{buildroot}%{_mandir}/man8 rm -f %{buildroot}%{_sysconfdir}/cron.daily/logwatch \ - %{buildroot}%{_sbindir}/logwatch \ - %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune* \ - %{buildroot}%{_datadir}/logwatch/conf/services/zz-fortune* \ - %{buildroot}%{_datadir}/logwatch/conf/logfiles/fortune* -touch %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune -touch %{buildroot}%{_datadir}/logwatch/scripts/services/courier -touch %{buildroot}%{_datadir}/logwatch/scripts/services/dpkg -chmod 644 %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune -chmod 644 %{buildroot}%{_datadir}/logwatch/scripts/services/courier -chmod 644 %{buildroot}%{_datadir}/logwatch/scripts/services/dpkg + %{buildroot}%{_sbindir}/logwatch # install cron script install -m 0755 -d %{buildroot}%{_sysconfdir}/cron.daily @@ -319,9 +335,16 @@ rm -rf %{buildroot} %{_sysconfdir}/cron.daily/0logwatch %doc %{_mandir}/man8/logwatch.8* -%doc License project/CHANGES +%doc License project/CHANGES %changelog +* Wed Apr 14 2010 Karel Klic 7.3.6-51 +- Re-enabled zz-fortune with a patch that prevents sending reports + containing zz-fortune only (rhbz#573450) +- Removed obsolete chmod and touch calls from the spec file +- Added manpages for configuration files (rhbz#525644) +- Ignore broken trust chain messages in named service (rhbz#581186) + * Mon Feb 1 2010 Karel Klic 7.3.6-50 - Added patch from #555750: Not all methods to deny login via sshd are reported - Added patch from #555735: DHCPDv6 messages are not recognised