rpms/logwatch
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Up-to-date SVN version of Logwatch

Browse Source
This commit is contained in:
Karel Klic 2011-01-13 17:17:36 +01:00
parent 4e4129e33d
commit c74780a7ca
76 changed files with 293 additions and 2982 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1 +1,2 @@
logwatch-7.3.6.tar.gz
/logwatch-20110113.tar.xz

87
logwatch-7.3.4-named.patch
View File

@ -1,87 +0,0 @@
--- logwatch-7.3.4/scripts/services/named.pom 2007-02-16 04:36:25.000000000 +0100
+++ logwatch-7.3.4/scripts/services/named 2007-05-07 14:47:29.000000000 +0200
@@ -156,7 +156,15 @@
# The message about the end of transfer is the interesting one
($ThisLine =~ /: Transfer started./) or
($ThisLine =~ /D-BUS service (disabled|enabled)./) or
- ($ThisLine =~ /D-BUS dhcdbd subscription disabled./)
+ ($ThisLine =~ /D-BUS dhcdbd subscription disabled./) or
+ ($ThisLine =~ /automatic empty zone/) or
+ ($ThisLine =~ /binding TCP socket: address in use/) or
+ ($ThisLine =~ /dbus_mgr initialization failed. D-BUS service is disabled./) or
+ ($ThisLine =~ /dbus_svc_add_filter failed/) or
+ ($ThisLine =~ /isc_log_open 'named.run' failed: permission denied/) or
+ ($ThisLine =~ /weak RSASHA1 \(5\) key found \(exponent=3\)/) or
+ ($ThisLine =~ /Bad file descriptor/) or
+ ($ThisLine =~ /open: .*: file not found/)
) {
# Don't care about these...
} elsif (
@@ -237,8 +245,19 @@
chomp($ThisLine);
$StartLog{$ThisLine}++;
} elsif ( (($File,$Line,$Problem) = ($ThisLine =~ /\/etc\/(rndc.key|named.conf):([0-9]+): (unknown option '[^ ]*')/)) or
- (($File,$Line,$Problem) = ($ThisLine =~ /\/etc\/(rndc.key|named.conf):([0-9]+): ('[^ ]' expected near end of file)/)) ) {
+ (($File,$Line,$Problem) = ($ThisLine =~ /\/etc\/(rndc.key|named.conf):([0-9]+): ('[^ ]' expected near end of file)/)) or
+ (($File,$Line,$Problem) = ($ThisLine =~ /\/etc\/(named.*.conf):([0-9]+): (.*)/)) or
+ (($File,$Line,$Problem) = ($ThisLine =~ /()()(could not configure root hints from '.*': file not found)/))) {
$ConfProb{$File}{"$Line,$Problem"}++;
+ } elsif ( (($ErrorText) = ($ThisLine =~ /^(RUNTIME_CHECK.*)/))or
+ (($ErrorText) = ($ThisLine =~ /^(.* REQUIRE.* failed.*)$/)) or
+ (($ErrorText) = ($ThisLine =~ /(.*: fatal error)/)) ) {
+ $NError{$ErrorText}++;
+ } elsif ( ($From,$Log) = ($ThisLine =~ /invalid command from ([.0-9]*)#[0-9]*: (.*)/) ) {
+ $CCMessages{"$From,$Log"}++;
+ } elsif ( (($Log) = ($ThisLine =~ /(freezing .*zone.*)/)) or
+ (($Log) = ($ThisLine =~ /(thawing .*zone.*)/)) ) {
+ $CCMessages2{$Log}++;
} else {
# Report any unmatched entries...
# remove PID from named messages
@@ -413,10 +432,18 @@
if (keys %ConfProb) {
print "\n Errors in configuration files\n";
foreach $File (sort keys %ConfProb) {
- print " file " . $File . "\n";
- foreach (keys %{$ConfProb{$File}}) {
- ($Line,$Problem) = split ",";
- print " " . $File . ":" . "$Line" . ": " . $Problem . ": " . $ConfProb{$File}{"$Line,$Problem"} . " Time(s)\n";
+ if ($File =~ /.+/) {
+ print " file " . $File . "\n";
+ foreach (keys %{$ConfProb{$File}}) {
+ ($Line,$Problem) = split ",";
+ print " " . $File . ":" . "$Line" . ": " . $Problem . ": " . $ConfProb{$File}{"$Line,$Problem"} . " Time(s)\n";
+ }
+ }
+ else {
+ foreach (keys %{$ConfProb{$File}}) {
+ ($Line,$Problem) = split ",";
+ print " " . $Problem . ": " . $ConfProb{$File}{"$Line,$Problem"} . " Time(s)\n";
+ }
}
}
}
@@ -442,6 +469,23 @@
}
}
+if (keys %NError) {
+ print "\n Errors:\n";
+ foreach $ThisOne (keys %NError) {
+ print " " . $ThisOne . ": " . $NError{$ThisOne} . " Time(s)\n";
+ }
+}
+
+if ((keys %CCMessages) or (keys %CCMessages2)){
+ print "\n Messages from control channel\n";
+ foreach (keys %CCMessages) {
+ ($From,$Log) = split ",";
+ print " " . $From . ": " . $Log . ": " . $CCMessages{"$From,$Log"} . " Time(s)\n";
+ }
+ foreach $ThisOne (keys %CCMessages2) {
+ print " " . $ThisOne . ": " . $CCMessages2{$ThisOne} . " Time(s)\n";
+ }
+}
if (keys %OtherList) {
print "\n**Unmatched Entries**\n";

11
logwatch-7.3.4-sshd.patch
View File

@ -1,11 +0,0 @@
--- logwatch-7.3.4/scripts/shared/onlyservice.pom 2005-12-01 00:52:27.000000000 +0100
+++ logwatch-7.3.4/scripts/shared/onlyservice 2007-04-13 15:15:15.000000000 +0200
@@ -20,7 +20,7 @@
}
while (defined($ThisLine = <STDIN>)) {
- if ($ThisLine =~ m/^... .. ..:..:.. [^ ]* $ServiceName\[[0123456789]*\]: /io) {
+ if ($ThisLine =~ m/^... .. ..:..:..[ ]*[^ ]* $ServiceName\[[0123456789]*\]: /io) {
print $ThisLine;
}
elsif ($ThisLine =~ m/^... .. ..:..:.. [^ ]* [^ ]*\[[0123456789]*\]: \[ID [0-9]+ $ServiceName/io) {

12
logwatch-7.3.4-sshd3.patch
View File

@ -1,12 +0,0 @@
--- logwatch-7.3.4/scripts/services/sshd.pom 2007-01-29 21:09:17.000000000 +0100
+++ logwatch-7.3.4/scripts/services/sshd 2007-05-07 12:14:01.000000000 +0200
@@ -223,7 +223,8 @@
($ThisLine =~ /^input_userauth_request: (illegal|invalid) user (.*)$/ ) or
($ThisLine =~ m/^(Illegal|Invalid) user (.*) from ([^ ]+)/ ) or
($ThisLine =~ /pam_krb5: authentication succeeds for `([^ ]*)'/) or
- ( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ )
+ ($ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or
+ ($ThisLine =~ /^debug1: /)
) {
# Ignore these
} elsif ( my ($Method,$User,$Host,$Port) = ($ThisLine =~ /^Accepted (\S+) for (\S+) from ([\d\.:a-f]+) port (\d+)/) ) {

11
logwatch-7.3.6-amavis.patch
View File

@ -1,11 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/amavis.pom logwatch-7.3.6/scripts/services/amavis
--- logwatch-7.3.6/scripts/services/amavis.pom 2007-05-16 06:27:17.000000000 +0200
+++ logwatch-7.3.6/scripts/services/amavis 2008-01-08 10:02:00.000000000 +0100
@@ -524,6 +524,7 @@ while (<>) {
or ($p1 =~ /email.txt no longer exists, can't re-use it/)
or ($p1 =~ /SPAM\.TAG2/)
or ($p1 =~ /BAD-HEADER\.TAG2/)
+ or ($p1 =~ /skip local delivery\([0-9]\): <> -> <(spam|bad-header)-quarantine>*/)
);
my ($ip, $from, $to, $key, $hits, $reason, $item, $decoder);

16
logwatch-7.3.6-amavis2.patch
View File

@ -1,16 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/amavis.pom logwatch-7.3.6/scripts/services/amavis
--- logwatch-7.3.6/scripts/services/amavis.pom 2008-01-21 10:10:45.000000000 +0100
+++ logwatch-7.3.6/scripts/services/amavis 2008-01-21 10:58:15.000000000 +0100
@@ -524,7 +524,11 @@ while (<>) {
or ($p1 =~ /email.txt no longer exists, can't re-use it/)
or ($p1 =~ /SPAM\.TAG2/)
or ($p1 =~ /BAD-HEADER\.TAG2/)
- or ($p1 =~ /skip local delivery\([0-9]\): <> -> <(spam|bad-header)-quarantine>*/)
+ or ($p1 =~ /skip local delivery\([0-9]\): <> -> <(spam|bad-header|banned|virus)-quarantine>*/)
+ or ($p1 =~ /config files read: .*amavisd.conf/)
+ or ($p1 =~ /mangling by .* \([0-9]\) done, new size: [0-9]*, orig [0-9]* bytes/)
+ or ($p1 =~ /mangling by: [0-9], <.*>/)
+ or ($p1 =~ /mangling YES: [0-9] \(orig: [0-9]\), discl_allowed=.*, <.*> -> <.*>/)
);
my ($ip, $from, $to, $key, $hits, $reason, $item, $decoder);

12
logwatch-7.3.6-audit.patch
View File

@ -1,12 +0,0 @@
--- logwatch-7.3.6/scripts/services/audit.pom 2007-02-16 04:25:17.000000000 +0100
+++ logwatch-7.3.6/scripts/services/audit 2007-07-04 12:15:55.000000000 +0200
@@ -82,7 +82,8 @@ while ($ThisLine = <STDIN>) {
( $ThisLine =~ /: user pid=[0-9]+ uid=[0-9]+ auid=[0-9]+ subj=system_u:system_r:system_dbusd_t:[0-9a-z]+ msg=/) or
( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): (selinux=[0-9]+|auid=[0-9]+|prom=[0-9]+|old_prom=[0-9]+|dev=[^ ]+| )+$/) or
( $ThisLine =~ /auditd[ ]+S [0-9A-F]+ [0-9]+ [0-9]+[ ]+[0-9]([ ]*[0-9]+[ ]*|[ ]*)[0-9]+ [0-9]+ \(NOTLB\)/) or
- ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/)
+ ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/) or
+ ( $ThisLine =~ /audit\([0-9.]*:[0-9]*\): bool=.* val=.* old_val=.* auid=[0-9]*/)
) {
# Ignore these entries
} elsif ( $ThisLine =~ /audit\([0-9]{10}.[0-9]{3}:[0-9]\): initialized$/) {

30
logwatch-7.3.6-audit2.patch
View File

@ -1,30 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/audit.pom logwatch-7.3.6/scripts/services/audit
--- logwatch-7.3.6/scripts/services/audit.pom 2008-03-05 11:18:41.000000000 +0100
+++ logwatch-7.3.6/scripts/services/audit 2008-04-04 11:05:07.000000000 +0200
@@ -115,6 +115,8 @@ while ($ThisLine = <STDIN>) {
$grants{$2.' '.$3.' ('.$1.$4 . ')'}++;
} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
$InvalidContext{$4." running as ".$2." acting on ".$3." \nshould transit to invalid ".$1}++;
+ } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
+ $InvalidContext{"context: ".$1}++;
} else {
$othercount++;
$ThisLine =~ s/^\s*//;
@@ -129,6 +131,8 @@ while ($ThisLine = <STDIN>) {
$grants{$1.' '.$2.' ('.$3 . ')'}++;
} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=\S+\s*tclass=(\S+)/ ) {
$InvalidContext{$3." running as ".$2." should transit to invalid ".$1}++;
+ } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
+ $InvalidContext{"context: ".$1}++;
} else {
$othercount++;
$ThisLine =~ s/^\s*//;
@@ -143,6 +147,8 @@ while ($ThisLine = <STDIN>) {
$grants{$1.' '.$2.' ('.$3 . ')'}++;
} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=\S+\s*tclass=(\S+)/ ) {
$InvalidContext{$3." running as ".$2." should transit to invalid ".$1}++;
+ } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
+ $InvalidContext{"context: ".$1}++;
} else {
$othercount++;
$ThisLine =~ s/^\s*//;

12
logwatch-7.3.6-audit3.patch
View File

@ -1,12 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/audit.pom logwatch-7.3.6/scripts/services/audit
--- logwatch-7.3.6/scripts/services/audit.pom 2008-06-10 14:34:52.000000000 +0200
+++ logwatch-7.3.6/scripts/services/audit 2008-06-20 09:31:34.000000000 +0200
@@ -79,7 +79,7 @@ while ($ThisLine = <STDIN>) {
( $ThisLine =~ /^audit\([0-9.]+:[0-9]+\): ( ?(path|cwd|item|name|flags)=["\/A-Za-z0-9]*)*$/) or
( $ThisLine =~ /: enforcing=[0-9]+ old_enforcing=[0-9]+ auid=[0-9]+/) or
( $ThisLine =~ /: policy loaded auid=[0-9]+/) or
- ( $ThisLine =~ /: user pid=[0-9]+ uid=[0-9]+ auid=[0-9]+ subj=system_u:system_r:system_dbusd_t:[0-9a-z]+ msg=/) or
+ ( $ThisLine =~ /: user pid=[0-9]+ uid=[0-9]+ auid=[0-9]+ subj=system_u:system_r:system_dbusd_t:[0-9a-z:.\-]+ msg=/) or
( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): (selinux=[0-9]+|auid=[0-9]+|prom=[0-9]+|old_prom=[0-9]+|dev=[^ ]+| )+$/) or
( $ThisLine =~ /auditd[ ]+S [0-9A-F]+ [0-9]+ [0-9]+[ ]+[0-9]([ ]*[0-9]+[ ]*|[ ]*)[0-9]+ [0-9]+ \(NOTLB\)/) or
( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/) or

22
logwatch-7.3.6-audit4.patch
View File

@ -1,22 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/audit.pom logwatch-7.3.6/scripts/services/audit
--- logwatch-7.3.6/scripts/services/audit.pom 2009-10-12 12:42:39.000000000 +0200
+++ logwatch-7.3.6/scripts/services/audit 2009-10-12 12:47:19.000000000 +0200
@@ -70,7 +70,7 @@ while ($ThisLine = <STDIN>) {
chomp($ThisLine);
if (( $ThisLine =~ /initializing netlink socket \(disabled\)/) or
( $ThisLine =~ /audit_pid=[0-9]* old=[0-9]*(?: by auid=[0-9]*)?/) or
- ( $ThisLine =~ /(arch=[0-9]+ )?syscall=[0-9]+ (success=(no|yes) )?exit=[0-9-]+( a[0-3]=[0-9a-f]+)* items=[0-9]+ pid=[0-9]+ (loginuid=[0-9-]+ )?(auid=[0-9]+ )?uid=[0-9]+ gid=[0-9]+ euid=[0-9]+ suid=[0-9]+ fsuid=[0-9]+ egid=[0-9]+ sgid=[0-9]+ fsgid=[0-9]+/) or
+ ( $ThisLine =~ /(arch=[0-9]+ )?syscall=[0-9]+ (success=(no|yes) )?exit=[0-9-]+( a[0-3]=[0-9a-f]+)* items=[0-9]+ (ppid=[0-9]+ )?pid=[0-9]+ (loginuid=[0-9-]+ )?(auid=[0-9]+ )?uid=[0-9]+ gid=[0-9]+ euid=[0-9]+ suid=[0-9]+ fsuid=[0-9]+ egid=[0-9]+ sgid=[0-9]+ fsgid=[0-9]+/) or
( $ThisLine =~ /Audit daemon rotating log files/) or
( $ThisLine =~ /audit_backlog_limit=[0-9]* old=[0-9]*(?: by auid=[0-9]*)?/) or
( $ThisLine =~ /SELinux: unrecognized netlink message type=[0-9]+ for sclass=[0-9]+/) or
@@ -83,7 +83,8 @@ while ($ThisLine = <STDIN>) {
( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): (selinux=[0-9]+|auid=[0-9]+|prom=[0-9]+|old_prom=[0-9]+|dev=[^ ]+| )+$/) or
( $ThisLine =~ /auditd[ ]+S [0-9A-F]+ [0-9]+ [0-9]+[ ]+[0-9]([ ]*[0-9]+[ ]*|[ ]*)[0-9]+ [0-9]+ \(NOTLB\)/) or
( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/) or
- ( $ThisLine =~ /audit\([0-9.]*:[0-9]*\): bool=.* val=.* old_val=.* auid=[0-9]*/)
+ ( $ThisLine =~ /audit\([0-9.]*:[0-9]*\): bool=.* val=.* old_val=.* auid=[0-9]*/) or
+ ( $ThisLine =~ /item=[0-9] name="\S*" inode=[0-9]+ dev=\S* mode=[0-9]* ouid=[0-9]* ogid=[0-9]* rdev=[0-9:]* obj=\S*/)
) {
# Ignore these entries
} elsif ( $ThisLine =~ /audit\([0-9]{10}.[0-9]{3}:[0-9]\): initialized$/) {

14
logwatch-7.3.6-clamav-milter.patch
View File

@ -1,14 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/clamav-milter.pom logwatch-7.3.6/scripts/services/clamav-milter
--- logwatch-7.3.6/scripts/services/clamav-milter.pom 2006-12-15 05:58:30.000000000 +0100
+++ logwatch-7.3.6/scripts/services/clamav-milter 2007-11-06 15:02:42.000000000 +0100
@@ -16,7 +16,9 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /^clamav-milter (startup|shutdown) succeeded$/ ) or
( $ThisLine =~ /^Quarantined infected mail as/ ) or
( $ThisLine =~ /^File quarantined as/ ) or
- ( $ThisLine =~ /^ClamAv: mi_stop/ )) {
+ ( $ThisLine =~ /^ClamAv: mi_stop/ ) or
+ ( $ThisLine =~ m#^\/tmp\/clamav-.* .* FOUND# )) {
+
# We do not care about these.
} elsif (($ThisLine =~ /clean message from/)) {
$CleanMessage++;

12
logwatch-7.3.6-conf.patch
View File

@ -1,12 +0,0 @@
diff -up logwatch-7.3.6/conf/logwatch.conf.pom logwatch-7.3.6/conf/logwatch.conf
--- logwatch-7.3.6/conf/logwatch.conf.pom 2007-05-15 07:12:18.000000000 +0200
+++ logwatch-7.3.6/conf/logwatch.conf 2007-11-13 14:35:48.000000000 +0100
@@ -45,7 +45,7 @@ MailFrom = Logwatch
# If set to 'Yes', the report will be sent to stdout instead of being
# mailed to above person.
-Print = Yes
+Print =
# if set, the results will be saved in <filename> instead of mailed
# or displayed.

98
logwatch-7.3.6-cron.patch
View File

@ -1,98 +0,0 @@
--- logwatch-7.3.6/scripts/services/cron.pom 2007-02-16 04:13:51.000000000 +0100
+++ logwatch-7.3.6/scripts/services/cron 2007-08-09 14:35:43.000000000 +0200
@@ -98,7 +98,12 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /INFO \(Running \@(re)?boot jobs\)/) or
($ThisLine =~ /INFO \(Skipping \@(re)?boot jobs -- not system startup\)/) or
($ThisLine =~ /INFO \(not boot nor reboot\)/) or
- ($ThisLine =~ /logfile turned over/) # newsyslog on OpenBSD
+ ($ThisLine =~ /logfile turned over/) or
+ ($ThisLine =~ /ready to process filesystem events/) or # newsyslog on OpenBSD
+ ($ThisLine =~ /loading (system|user) tables/) or
+ ($ThisLine =~ /loading table .*/) or
+ ($ThisLine =~ /void Inotify::Remove\(InotifyWatch\*\): removing watch failed/) or
+ ($ThisLine =~ /error: \(22\) Invalid argument/)
) {
# Ignore
} elsif (
@@ -175,6 +180,29 @@ while (defined($ThisLine = <STDIN>)) {
if ( $ntpdatemaxoffset < $offset ) { $ntpdatemaxoffset = $offset; }
} elsif ($ThisLine =~ /ntpdate\[\d+\]: no server suitable for synchronization found/) {
$ntpdatenosync++;
+ } elsif (($ThisLine =~ /incrond/) && ($ThisLine =~ /starting service/)) {
+ $INCRONDSS++;
+ } elsif (($ThisLine =~ /incrond/) && ($ThisLine =~ /stopping service/)) {
+ $INCRONDStS++;
+ } elsif (($ThisLine =~ /incrond/) && (($Table) = ($ThisLine =~ /system table (.*) created, loading/))) {
+ $INCRONDSTCr{$Table}++;
+ } elsif (($ThisLine =~ /incrond/) && (($User) = ($ThisLine =~ /table for user (.*) created, loading/))) {
+ $INCRONDUTCr{$User}++;
+ } elsif (($ThisLine =~ /incrond/) && (($Table) = ($ThisLine =~ /system table (.*) changed, reloading/))) {
+ $INCRONDSTCh{$Table}++;
+ } elsif (($ThisLine =~ /incrond/) && (($User) = ($ThisLine =~ /table for user (.*) changed, reloading/))) {
+ $INCRONDUTCh{$User}++;
+ } elsif (($ThisLine =~ /incrond/) && (($Table) = ($ThisLine =~ /system table (.*) destroyed, removing/))) {
+ $INCRONDSTDe{$Table}++;
+ } elsif (($ThisLine =~ /incrond/) && (($User) = ($ThisLine =~ /table for user (.*) destroyed, removing/))) {
+ $INCRONDUTDe{$User}++;
+ } elsif ( ($ThisLine =~ /incrond/) &&
+ ( (($Error) = ($ThisLine =~ /(cannot create watch for (system table|user) .*: \(2\) No such file or directory)/)) ||
+ (($Error) = ($ThisLine =~ /(access denied on (.*) - events will be discarded silently)/)) ||
+ (($Error) = ($ThisLine =~ /(unhandled exception occurred)/)) ||
+ (($Error) = ($ThisLine =~ /(cannot exec process.*)/))
+ ) ) {
+ $INCRONDErr{$Error}++;
} else {
# Report any unmatched entries...
push @OtherList, "$ThisLine\n";
@@ -262,6 +290,51 @@ if($ntpdatenosync) {
print "\nNtpDate could not sync: $ntpdatenosync times\n";
}
+if ($INCRONDSS) {
+ printf "\n service incrond started " . $INCRONDSS . ": time(s)\n";
+}
+
+if ($INCRONDStS) {
+ printf "\n service incrond stoped " . $INCRONDStS . ": time(s)\n";
+}
+
+if ((%INCRONDSTCr) || (%INCRONDUTCr)) {
+ printf "\n created tables \n";
+ for $key (keys %INCRONDSTCr) {
+ print " system table " . $key . " created " . $INCRONDSTCr{$key} . ": time(s)\n";
+ }
+ for $key (keys %INCRONDUTCr) {
+ print " table for user " . $key . " ceated " . $INCRONDUTCr{$key}. ": time(s)\n";
+ }
+}
+
+if ((%INCRONDSTCh) || (%INCRONDUTCh)) {
+ printf "\n changes of tables \n";
+ for $key (keys %INCRONDSTCh) {
+ print " system table " . $key . " changed " . $INCRONDSTCh{$key} . ": time(s)\n";
+ }
+ for $key (keys %INCRONDUTCh) {
+ print " table for user " . $key . "changed " . $INCRONDUTCh{$key} . ": time(s)\n";
+ }
+}
+
+if ((%INCRONDSTDe) || (%INCRONDUTDe)) {
+ printf "\n destroyed tables \n";
+ for $key (keys %INCRONDSTDe) {
+ print " system table " . $key . " destroyed " . $INCRONDSTDe{$key} . ": time(s)\n";
+ }
+ for $key (keys %INCRONDUTDe) {
+ print " table for user ". $key ." destroyed " .$INCRONDUTDe{$key} . ": time(s)\n";
+ }
+}
+
+if (%INCRONDErr) {
+ printf "\n incrond daemon errors \n";
+ for $key (keys %INCRONDErr) {
+ print " " . $key . ": " . $INCRONDErr{$key} . " time(s)\n";
+ }
+}
+
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";
print @OtherList;

28
logwatch-7.3.6-cron2.patch
View File

@ -1,28 +0,0 @@
--- logwatch-7.3.6/scripts/services/cron.pom 2007-08-09 15:36:39.000000000 +0200
+++ logwatch-7.3.6/scripts/services/cron 2007-08-09 15:35:34.000000000 +0200
@@ -203,6 +203,10 @@ while (defined($ThisLine = <STDIN>)) {
(($Error) = ($ThisLine =~ /(cannot exec process.*)/))
) ) {
$INCRONDErr{$Error}++;
+ } elsif ( ($ThisLine =~ /crond/) &&
+ (($Error) = ($ThisLine =~ /(failed to open PAM security session: (Permission denied|Module is unknown))/))
+ ) {
+ $CRONDErr{$Error}++;
} else {
# Report any unmatched entries...
push @OtherList, "$ThisLine\n";
@@ -328,6 +332,14 @@ if ((%INCRONDSTDe) || (%INCRONDUTDe)) {
}
}
+if (%CRONDErr) {
+ printf "\n crond daemon errors \n";
+ for $key (keys %CRONDErr) {
+ print " " . $key . ": " . $CRONDErr{$key} . " time(s)\n";
+ }
+}
+
+
if (%INCRONDErr) {
printf "\n incrond daemon errors \n";
for $key (keys %INCRONDErr) {

38
logwatch-7.3.6-cron3.patch
View File

@ -1,38 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/cron.pom logwatch-7.3.6/scripts/services/cron
--- logwatch-7.3.6/scripts/services/cron.pom 2008-08-06 13:45:48.000000000 +0200
+++ logwatch-7.3.6/scripts/services/cron 2008-08-06 13:45:48.000000000 +0200
@@ -207,6 +207,9 @@ while (defined($ThisLine = <STDIN>)) {
(($Error) = ($ThisLine =~ /(failed to open PAM security session: (Permission denied|Module is unknown))/))
) {
$CRONDErr{$Error}++;
+ } elsif (( ($Error) = ($ThisLine =~ /ERROR: (failed to change SELinux context)/)) or
+ (($Error) = ($ThisLine =~ /ERROR:(Could not set exec context to .* for .*)/))) {
+ $SELCONTErr{$Error}++;
} else {
# Report any unmatched entries...
push @OtherList, "$ThisLine\n";
@@ -337,8 +340,7 @@ if (%CRONDErr) {
for $key (keys %CRONDErr) {
print " " . $key . ": " . $CRONDErr{$key} . " time(s)\n";
}
-}
-
+}
if (%INCRONDErr) {
printf "\n incrond daemon errors \n";
@@ -347,6 +349,14 @@ if (%INCRONDErr) {
}
}
+if (%SELCONTErr) {
+ printf "\n SELinux context error \n";
+ for $key (keys %SELCONTErr) {
+ print " " . $key . ": " . $SELCONTErr{$key} . "time(s)\n";
+ }
+}
+
+
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";
print @OtherList;

12
logwatch-7.3.6-cron4.patch
View File

@ -1,12 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/cron.pom logwatch-7.3.6/scripts/services/cron
--- logwatch-7.3.6/scripts/services/cron.pom 2008-01-28 12:02:48.000000000 +0100
+++ logwatch-7.3.6/scripts/services/cron 2008-02-14 14:23:46.000000000 +0100
@@ -146,7 +146,7 @@ while (defined($ThisLine = <STDIN>)) {
$Errors{$Reason}++;
} elsif ( ($FileName) = ($ThisLine =~ /BAD FILE MODE \((.+)\)/) ) {
$BFMFile{$FileName}++;
- } elsif ( ($FileName) = ($ThisLine = /WRONG FILE OWNER \((.+)\)/) ) {
+ } elsif ( ($FileName) = ($ThisLine =~ /WRONG FILE OWNER \((.+)\)/) ) {
$WFO{$FileName}++;
} else {
# Report any unmatched entries...

57
logwatch-7.3.6-cron5.patch
View File

@ -1,57 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/cron.pom logwatch-7.3.6/scripts/services/cron
--- logwatch-7.3.6/scripts/services/cron.pom 2008-06-20 10:42:20.000000000 +0200
+++ logwatch-7.3.6/scripts/services/cron 2008-08-06 12:55:21.000000000 +0200
@@ -103,7 +103,10 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /loading (system|user) tables/) or
($ThisLine =~ /loading table .*/) or
($ThisLine =~ /void Inotify::Remove\(InotifyWatch\*\): removing watch failed/) or
- ($ThisLine =~ /error: \(22\) Invalid argument/)
+ ($ThisLine =~ /error: \(22\) Invalid argument/) or
+ ($ThisLine =~ /INFO \(running with inotify support\)/) or
+ ($ThisLine =~ /INFO \(\@reboot jobs will be run at computer's startup.\)/)
+
) {
# Ignore
} elsif (
@@ -148,6 +151,12 @@ while (defined($ThisLine = <STDIN>)) {
$BFMFile{$FileName}++;
} elsif ( ($FileName) = ($ThisLine =~ /WRONG FILE OWNER \((.+)\)/) ) {
$WFO{$FileName}++;
+ } elsif ($ThisLine =~ /FAILED to authorize user with PAM \(User not known to the underlying authentication module\)/) {
+ $PAMAUTHErr++;
+ } elsif ( ($FileName,$Cause) = ($ThisLine =~ /ERROR chdir failed \((.*)\): (.*)/) ) {
+ $CHDIRErr{"$FileName,$Cause"}++;
+ } elsif ($ThisLine =~ /ERROR \(failed to change user\)/) {
+ $CHUSERHErr++;
} else {
# Report any unmatched entries...
push @OtherList, "$ThisLine\n";
@@ -352,10 +361,27 @@ if (%INCRONDErr) {
if (%SELCONTErr) {
printf "\n SELinux context error \n";
for $key (keys %SELCONTErr) {
- print " " . $key . ": " . $SELCONTErr{$key} . "time(s)\n";
+ print " " . $key . ": " . $SELCONTErr{$key} . " time(s)\n";
}
}
+if ($PAMAUTHErr) {
+ printf "\nPAM autentification error: " . $PAMAUTHErr . " time(s)\n";
+}
+
+if (%CHDIRErr) {
+ printf "\nchdir command failed\n";
+ foreach (keys %CHDIRErr) {
+ my ($File,$Cause) = split ",";
+ print " for directory " . $File . " (" . $Cause . ")". ": " . $CHDIRErr{"$File,$Cause"} . " time(s)\n";
+ }
+}
+
+if ($CHUSERHErr) {
+ printf "\nUser change error: " . $CHUSERHErr . " time(s)\n";
+}
+
+
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";

14
logwatch-7.3.6-cron_conf.patch
View File

@ -1,14 +0,0 @@
diff -up logwatch-7.3.6/conf/logwatch.conf.pom logwatch-7.3.6/conf/logwatch.conf
--- logwatch-7.3.6/conf/logwatch.conf.pom 2009-06-25 10:47:22.000000000 +0200
+++ logwatch-7.3.6/conf/logwatch.conf 2009-06-25 10:47:00.000000000 +0200
@@ -121,4 +121,10 @@ mailer = "sendmail -t"
#
#HostLimit = Yes
+# By default the cron daemon generates daily logwatch report
+# if you want to switch it off uncomment DailyReport tag.
+# The implicit value is Yes
+#
+# DailyReport = No
+
# vi: shiftwidth=3 tabstop=3 et

92
logwatch-7.3.6-dhcpd2.patch
View File

@ -1,92 +0,0 @@
--- logwatch-7.3.6/scripts/services/dhcpd 2006-10-20 22:12:27.000000000 +0100
+++ logwatch-7.3.6-fedora/scripts/services/dhcpd 2010-10-09 13:01:42.000000000 +0100
@@ -16,6 +16,8 @@
my %data;
+my %clientrequest;
+
# This filter is very basic... much more could be done with it
while (my $line = <STDIN>) {
@@ -46,13 +48,22 @@
($line =~ /^DHCPDISCOVER/) or
($line =~ /^DHCPREQUEST/) or
($line =~ /^DHCPRELEASE/) or
+ ($line =~ /^Solicit message from/) or
+ ($line =~ /^Sending Advertise to/) or
($line =~ /^pool [0-9a-f]+ /)
) {
# Ignore these lines
} elsif ($line =~ s/Listening on\s+//) {
+ if ($line =~ /\/[0-9a-fA-F:]+\/\d+$/) {
+ $data{'DHCP Server Listening On'}{'Configured for DHCPv6 (IPv6)'}++;
+ } else {
+ $data{'DHCP Server Listening On'}{'Configured for DHCPD (IPv4)'}++;
+ }
+ $data{'DHCP Server Listening On'}{$line}++;
+ } elsif ($line =~ s/Bound to\s+/IPv6 Port /) {
$data{'DHCP Server Listening On'}{$line}++;
} elsif (
- ($line =~ /^you want, please write a subnet declaration/) or
+ ($line =~ /^you want, please write a subnet6? declaration/) or
($line =~ /^in your dhcpd.conf file for the network segment/) or
($line =~ /^to which interface [a-z\d]+ is attached./) or
@@ -81,7 +92,11 @@
$data{'Generic error'}{$line}++;
} elsif ($line =~ s/^\*\* Ignoring requests on ([a-z\d]+). If this is not what\s*$/Ignoring interface $1/) {
$data{'Config error'}{$line}++;
- } elsif ($line =~ s/^No subnet declaration for ([a-z\d]+) ([()\d.]+).\s*$/No subnet declaration for $1 $2/) {
+ } elsif ($line =~ s/^No subnet6? declaration for ([a-z\d]+) ([()\d.ia-fA-F:]+).\s*$/No subnet declaration for $1 $2/) {
+ $data{'Config error'}{$line}++;
+ } elsif ($line =~ s/^WARNING: (Host declarations are global).\s+.*$/\1/) {
+ $data{'Config error'}{$line}++;
+ } elsif ($line =~ s/Not searching LDAP\s+.*$/No support for LDAP configured/) {
$data{'Config error'}{$line}++;
} elsif ($line =~ s/^DHCPOFFER on ([\d\.]+) to ([a-f\d:]+) via (\S+)\s*$/$1 -> $2 ($3)/) {
if ($Detail >= 5) {
@@ -99,6 +114,24 @@
if ($Detail >= 5) {
$data{'Addresses Leased'}{$line}++;
}
+ } elsif ($line =~ /^(Request|Confirm|Rebind|Renew|Information-request|Release) message from ([0-9a-fA-F:]+)/) {
+ $clientrequest{$2} = $1;
+ } elsif ($line =~ s/^Sending Reply to ([0-9a-fA-F:]+) port \d+/$1 (IPv6)/) {
+ my $clientrequest = $clientrequest{$1};
+ undef($clientrequest{$1});
+ if (($Detail >= 5) and ($clientrequest eq 'Request')) {
+ $data{'Addresses Leased'}{$line}++;
+ } elsif (($Detail >= 10) and ($clientrequest =~ /Rebind|Renew/)) {
+ $data{"Addresses $clientrequest"}{$line}++;
+ }
+ } elsif ($line =~ /^Client ([0-9a-fA-F:]+) releases address ([0-9a-fA-F:]+), which is not leased to it.$/) {
+ if ($Detail >= 5) {
+ $data{'Warnings'}{$line}++;
+ }
+ } elsif ($line =~ s/^Client ([0-9a-fA-F:]+) releases address ([0-9a-fA-F:]+)$/$1\n -> $2 (IPv6)/) {
+ if ($Detail >= 5) {
+ $data{'Addresses Released'}{$line}++;
+ }
} elsif ($line =~ s/^added reverse map from ([\d]+).([\d]+).([\d]+).([\d]+).in-addr.arpa. to ([a-zA-Z\d._-]+)\s*$/Add reverse $4.$3.$2.$1 -> $5/) {
if ($Detail >= 7) {
$data{'DNS Mappings'}{$line}++;
@@ -127,13 +160,17 @@
if ($Detail >= 3) {
$data{'Warnings'}{$line}++;
}
+ } elsif ($line =~ s/^uid lease ([\da-fA-F.:]+) for client ([\da-fA-F:]+) is duplicate on ([\da-fA-F.:\/]+)/Host $2: duplicate $1 (range $3)\n - probably both static and dynamic leases/) {
+ if ($Detail >= 3) {
+ $data{'Warnings'}{$line}++;
+ }
} else {
$data{'Unknown Entries'}{$line}++;
}
}
if (keys %data) {
- foreach my $type (keys %data) {
+ foreach my $type (sort keys %data) {
print "$type:\n";
foreach my $entry (sort {$a cmp $b} keys %{$data{$type}}) {
print " $entry: $data{$type}{$entry} Time(s)\n";

72
logwatch-7.3.6-dovecot.patch
View File

@ -1,72 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/dovecot.pom logwatch-7.3.6/scripts/services/dovecot
--- logwatch-7.3.6/scripts/services/dovecot.pom 2008-12-16 15:52:59.000000000 +0100
+++ logwatch-7.3.6/scripts/services/dovecot 2008-12-17 09:35:09.000000000 +0100
@@ -105,8 +105,10 @@ while (defined($ThisLine = <STDIN>)) {
$Disconnected{$Reason}++;
} elsif (($Reason, $Host) = ($ThisLine =~ /TLS initialization failed/) ) {
$TLSInitFail++;
- } elsif (($Host) = ($ThisLine =~ /Aborted login \[(.*)\]/) ) {
+ } elsif (($Host) = ($ThisLine =~ /Aborted login \[(.*)\]/)) {
$Aborted{$Host}++;
+ } elsif (($Reason) = ($ThisLine =~ /Aborted login \((.*)\):/)) {
+ $Aborted{$Reason}++;
# This is for Dovecot 1.0 series
@@ -114,17 +116,25 @@ while (defined($ThisLine = <STDIN>)) {
$Disconnected{"Inactivity"}++;
} elsif ($ThisLine =~ /Disconnected in IDLE/) {
$Disconnected{"in IDLE"}++;
- } elsif ($ThisLine =~ /Disconnected$/) {
+ } elsif (($ThisLine =~ /Disconnected$/) or
+ (($Reason) = ($ThisLine =~ /pop3-login: Disconnected: (.+)/)) or
+ (($Reason) = ($ThisLine =~ /imap-login: Disconnected: (.+)/)) ) {
$Disconnected{"no reason"}++;
- } elsif (($Reason) = ($ThisLine =~ /pop3-login: Disconnected: (.+)/) ) {
- $Disconnected{"no reason"}++;
- } elsif (($Reason) = ($ThisLine =~ /imap-login: Disconnected: (.+)/) ) {
- $Disconnected{"no reason"}++;
- } elsif (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+)/) ) {
- $Disconnected{$Reason}++;
- } elsif (($Reason) = ($ThisLine =~ /POP3.+: Disconnected: (.+) top/) ) {
+ } elsif ( (($Reason) = ($ThisLine =~ /POP3.+: Disconnected: (.+) top/)) or
+ (($Reason) = ($ThisLine =~ /pop3-login: Disconnected \((.+)\): /)) or
+ (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+) bytes=/)) or
+ (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+)/)) ) {
$Disconnected{$Reason}++;
-
+ } elsif (($Reason) = ($ThisLine =~ /IMAP.+: Connection closed bytes=/)) {
+ $ConnectionCl{"no reason"}++;
+ } elsif ( (($Reason) = ($ThisLine =~ /IMAP.+: Connection closed: (.*) bytes=/)) or
+ (($Reason) = ($ThisLine =~ /POP3.+: Connection closed: (.*) (top=|bytes=)/)) ) {
+ $ConnectionCl{$Reason}++;
+ } elsif ($ThisLine =~ /POP3.+: Connection closed top=.* retr=.* del=.* size=.*/) {
+ $ConnectionCl{"no reason"}++;
+ } elsif (($Error) = ($ThisLine =~ /child \d* \(login\) returned error (.*)/)) {
+ # dovecot: child 23747 (login) returned error 89
+ $ChildErr{$Error}++;
} else {
# Report any unmatched entries...
chomp($ThisLine);
@@ -225,6 +235,21 @@ if (keys %Disconnected) {
}
}
+if (keys %ConnectionCl) {
+ print "\n\nDovecot connections closed:";
+ foreach my $Reason (sort keys %ConnectionCl) {
+ print "\n $Reason: $ConnectionCl{$Reason} Time(s)";
+ }
+}
+
+if (keys %ChildErr) {
+ print "\n\nDovecot child error:";
+ foreach my $Error (sort keys %ChildErr) {
+ print "\n error number ". $Error . ": ". $ChildErr{$Error} ." Time(s)";
+ }
+}
+
+
if ((keys %Aborted) && ($Detail >= 10)) {
print "\n\nLogout/aborts:";
foreach my $Host (sort keys %Aborted) {

36
logwatch-7.3.6-dovecot2.patch
View File

@ -1,36 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/dovecot.pom logwatch-7.3.6/scripts/services/dovecot
--- logwatch-7.3.6/scripts/services/dovecot.pom 2009-10-12 12:48:21.000000000 +0200
+++ logwatch-7.3.6/scripts/services/dovecot 2009-10-12 13:19:04.000000000 +0200
@@ -103,6 +103,8 @@ while (defined($ThisLine = <STDIN>)) {
$Disconnected{"no reason"}++;
} elsif (($Reason) = ($ThisLine =~ /Disconnected: (.*) \[/) ) {
$Disconnected{$Reason}++;
+ } elsif (($Reason) = ($ThisLine =~ /Disconnected \((.*)\):/) ) {
+ $Disconnected{$Reason}++;
} elsif (($Reason, $Host) = ($ThisLine =~ /TLS initialization failed/) ) {
$TLSInitFail++;
} elsif (($Host) = ($ThisLine =~ /Aborted login \[(.*)\]/)) {
@@ -135,6 +137,9 @@ while (defined($ThisLine = <STDIN>)) {
} elsif (($Error) = ($ThisLine =~ /child \d* \(login\) returned error (.*)/)) {
# dovecot: child 23747 (login) returned error 89
$ChildErr{$Error}++;
+ } elsif (($Name) = ($ThisLine =~ /dovecot: IMAP\((.*)\): .*(.*) failed: Disk quota exceeded/)) {
+ # dovecot: IMAP(podracka): mkdir(/home/LF/KLINIKY/podracka/mail/.imap/saved-messages) failed: Disk quota exceeded
+ $DiskQuotaExceed{$Name}++;
} else {
# Report any unmatched entries...
chomp($ThisLine);
@@ -261,6 +266,13 @@ if ($TLSInitFail > 0) {
print "\n\nTLS Initialization failed $TLSInitFail Time(s)";
}
+if (keys %DiskQuotaExceed) {
+ print "\n\nDisk quota exceeded:";
+ foreach my $Name (sort keys %DiskQuotaExceed) {
+ print "\n disk quota for user '". $Name . "' exceeded: ". $DiskQuotaExceed{$Name} ." Time(s)";
+ }
+}
+
if (keys %OtherList) {
print "\n\n**Unmatched Entries**\n";
foreach $line (sort {$a cmp $b} keys %OtherList) {

39
logwatch-7.3.6-dovecot3.patch
View File

@ -1,39 +0,0 @@
--- logwatch/scripts/services/dovecot 2009-08-11 21:59:52.000000000 +1000
+++ dovecot 2010-01-16 16:08:55.000000000 +1100
@@ -82,6 +82,8 @@
$ConnectionIMAP{$Host}++;
$Connection{$Host}++;
}
+ } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^dovecot: deliver\((.*)\): msgid=.*: saved mail to (\S+)/ ) ) {
+ $Deliver{$User}{$Mailbox}++;
# This is for Dovecot 1.0 series
} elsif ( ($User, $Host) = ( $ThisLine =~ /^dovecot: pop3-login: Login: user=\<(.*?)\>.*rip=(.*)\, lip=/ ) ) {
@@ -198,6 +200,27 @@
" |" . " " x $totalSpaceLength . $TotalCount . "\n";
}
+if ( ( $Detail >= 10 ) and (keys %Deliver)) {
+ print "\n\nDovecot Deliveries:";
+ $DeliverCount = 0;
+ foreach my $User (keys %Deliver) {
+ print "\n\n User $User:";
+ $UserCount = 0;
+ $NumMailboxes = 0;
+ foreach $Mailbox (keys %{$Deliver{$User}}) {
+ $NumMailboxes++;
+ $MailboxCount = $Deliver{$User}{$Mailbox};
+ print "\n To $Mailbox: $MailboxCount Time(s)";
+ $UserCount += $MailboxCount;
+ }
+ $DeliverCount += $UserCount;
+ if ($NumMailboxes > 1) {
+ print "\n Total: $UserCount Time(s)";
+ }
+ }
+ print "\n\nTotal: $DeliverCount successful deliveries";
+}
+
if ( ( $Detail >= 10 ) and (keys %Login)) {
print "\n\nDovecot IMAP and POP3 Successful Logins:";
$LoginCount = 0;

110
logwatch-7.3.6-dovecot_back.patch
View File

@ -1,110 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/dovecot.pom logwatch-7.3.6/scripts/services/dovecot
--- logwatch-7.3.6/scripts/services/dovecot.pom 2007-03-17 20:13:13.000000000 +0100
+++ logwatch-7.3.6/scripts/services/dovecot 2008-03-05 11:12:56.000000000 +0100
@@ -1,7 +1,16 @@
########################################################
-# $Id: dovecot,v 1.6 2007/03/17 19:13:13 bjorn Exp $
+# $Id: dovecot,v 1.9 2008/02/14 18:19:51 mike Exp $
########################################################
# $Log: dovecot,v $
+# Revision 1.9 2008/02/14 18:19:51 mike
+# Patch from Gilles Detillieux summarize pop3/imap -mgt
+#
+# Revision 1.8 2008/01/16 20:11:04 bjorn
+# Filtering dovecot start-up message, by Gilles Detillieux.
+#
+# Revision 1.7 2007/06/18 03:54:45 bjorn
+# Better printing of IPv6 addresses, by Patrick Vande Walle.
+#
# Revision 1.6 2007/03/17 19:13:13 bjorn
# Now handling dovecot starts/kills.
#
@@ -56,18 +65,20 @@ while (defined($ThisLine = <STDIN>)) {
# We don't care about these
} elsif ( $ThisLine =~ /Killed with signal /) {
$End++;
- } elsif ( $ThisLine =~ /Dovecot starting up$/) {
+ } elsif ( $ThisLine =~ /Dovecot (v\d[^ ]* |)starting up$/) {
$Restarts++;
$End = 0;
} elsif ( ($User, $Host) = ( $ThisLine =~ /^pop3-login: Login: (.*?) \[(.*)\]/ ) ) {
if ($Host !~ /$IgnoreHost/) {
$Login{$User}{$Host}++;
+ $LoginPOP3{$User}++;
$ConnectionPOP3{$Host}++;
$Connection{$Host}++;
}
} elsif ( ($User, $Host) = ( $ThisLine =~ /^imap-login: Login: (.*?) \[(.*)\]/ ) ) {
if ($Host !~ /$IgnoreHost/) {
$Login{$User}{$Host}++;
+ $LoginIMAP{$User}++;
$ConnectionIMAP{$Host}++;
$Connection{$Host}++;
}
@@ -76,12 +87,14 @@ while (defined($ThisLine = <STDIN>)) {
} elsif ( ($User, $Host) = ( $ThisLine =~ /^dovecot: pop3-login: Login: user=\<(.*?)\>.*rip=(.*)\, lip=/ ) ) {
if ($Host !~ /$IgnoreHost/) {
$Login{$User}{$Host}++;
+ $LoginPOP3{$User}++;
$ConnectionPOP3{$Host}++;
$Connection{$Host}++;
}
} elsif ( ($User, $Host) = ( $ThisLine =~ /^dovecot: imap-login: Login: user=\<(.*?)\>.*rip=(.*)\, lip=/) ) {
if ($Host !~ /$IgnoreHost/) {
$Login{$User}{$Host}++;
+ $LoginIMAP{$User}++;
$ConnectionIMAP{$Host}++;
$Connection{$Host}++;
}
@@ -132,8 +145,8 @@ if ( ( $Detail >=5 ) and $Restarts ) {
if ( ( $Detail >= 5 ) and (keys %Connection)) {
print "\n[Dovecot IMAP and POP3] Connections:".
"\n====================================".
- "\n Host | POP3 | IMAP | Total ".
- "\n-------------------------- | ----------- |--------- | ---------";
+ "\n Host | POP3 | IMAP | Total ".
+ "\n-------------------------------------- | --------- |--------- | ---------";
$TLSInitFail = 0;
foreach $Host (sort keys %Connection) {
@@ -151,9 +164,9 @@ if ( ( $Detail >= 5 ) and (keys %Connect
# Cleanly display IPv4 addresses
$Host=~ s/::ffff://;
$HostLength = length($Host);
- $HostSpaceLength = 26 - $HostLength;
+ $HostSpaceLength = 38 - $HostLength;
$CountLength = length("$Conns");
- $CountSpaceLength = 12 - $CountLength;
+ $CountSpaceLength = 10 - $CountLength;
$IMAPLength = length("$IMAP");
$IMAPSpaceLength = 9 - $IMAPLength;
$TotalLenght = length("$Total");
@@ -165,12 +178,12 @@ if ( ( $Detail >= 5 ) and (keys %Connect
$TotalCount += $Total;
}
$POP3Length = length("$POP3Count");
- $POP3SpaceLength = 40 - $POP3Length;
+ $POP3SpaceLength = 50 - $POP3Length;
$IMAPLength = length("$IMAPCount");
$IMAPSpaceLength = 9 - $IMAPLength;
$TotalLength = length("$TotalCount");
$totalSpaceLength = 10 - $TotalLength;
- print "\n" . "-" x 63;
+ print "\n" . "-" x 73;
print "\n" . " " x $POP3SpaceLength . $POP3Count . " |" . " " x $IMAPSpaceLength . $IMAPCount .
" |" . " " x $totalSpaceLength . $TotalCount . "\n";
}
@@ -180,6 +193,13 @@ if ( ( $Detail >= 10 ) and (keys %Login)
$LoginCount = 0;
foreach my $User (keys %Login) {
print "\n\n User $User:";
+ if ($LoginPOP3{$User} > 0 || $LoginIMAP{$User} > 0) {
+ print " (";
+ if ($LoginPOP3{$User} > 0) { print "$LoginPOP3{$User} POP3"; };
+ if ($LoginPOP3{$User} > 0 && $LoginIMAP{$User} > 0) { print "/"; };
+ if ($LoginIMAP{$User} > 0) { print "$LoginIMAP{$User} IMAP"; };
+ print ")";
+ }
$UserCount = 0;
$NumHosts = 0;
foreach $Host (keys %{$Login{$User}}) {

22
logwatch-7.3.6-exim.patch
View File

@ -1,22 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/exim.pom logwatch-7.3.6/scripts/services/exim
--- logwatch-7.3.6/scripts/services/exim.pom 2007-02-11 02:50:47.000000000 +0100
+++ logwatch-7.3.6/scripts/services/exim 2008-11-13 12:33:35.000000000 +0100
@@ -275,11 +275,13 @@ if ($Detail >= $LvlRestart) {
}
if ($Detail >= $LvlRestart) {
- print "\n--- Queue Runners ---\n";
- # Start Queue
- $StartQueue and print " Start queue run: $StartQueue Time(s)\n";
- # End Queue
- $EndQueue and print " End queue run: $EndQueue Time(s)\n";
+ if (($StartQueue >0 ) or ($EndQueue > 0)) {
+ print "\n--- Queue Runners ---\n";
+ # Start Queue
+ $StartQueue and print " Start queue run: $StartQueue Time(s)\n";
+ # End Queue
+ $EndQueue and print " End queue run: $EndQueue Time(s)\n";
+ }
}
if ($Detail >= $LvlVerify) {

15
logwatch-7.3.6-exim2.patch
View File

@ -1,15 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/exim.pom logwatch-7.3.6/scripts/services/exim
--- logwatch-7.3.6/scripts/services/exim.pom 2009-03-30 15:49:39.000000000 +0200
+++ logwatch-7.3.6/scripts/services/exim 2009-03-31 08:48:45.000000000 +0200
@@ -240,9 +240,9 @@ while (defined($ThisLine = <STDIN>)) {
$Lookup++;
@LookupH = (@LookupH, $ThisLine);
}
- elsif ( $ThisLine =~ /^\d+\-\d+\-\d+\s\d+\:\d+\:\d+\s\w+\-\w+\-\w+\s/ ) { # inne wiadomosci przesylane przez EXIMA
+ elsif ( $ThisLine =~ /^\d+\-\d+\-\d+\s\d+\:\d+\:\d+\s(\+\d+\s)?\w+\-\w+\-\w+\s/ ) { # inne wiadomosci przesylane przez EXIMA
# Collect Message ID specific notes...
- ($mdate,$mtime,$mid,$mrest) = ($ThisLine =~ /^(\d+\-\d+\-\d+)\s(\d+\:\d+\:\d+)\s(\w+\-\w+\-\w+)(.+)/);
+ ($mdate,$mtime,$tz,$mid,$mrest) = ($ThisLine =~ /^(\d+\-\d+\-\d+)\s(\d+\:\d+\:\d+)\s(\+\d+\s)?(\w+\-\w+\-\w+)(.+)/);
# Count of individual Message Lines, used for sort
$licze++; # Dodaje taki licznik aby potem przy wypisaniu posortowac po nim, bo wypisywal nie po kolei
$mmsg{$mid}{$licze.$mrest} = "$mdate $mtime";

154
logwatch-7.3.6-fetchmail.patch
View File

@ -1,154 +0,0 @@
diff -up logwatch-7.3.6/conf/services/fetchmail.conf.fetchmail logwatch-7.3.6/conf/services/fetchmail.conf
--- logwatch-7.3.6/conf/services/fetchmail.conf.fetchmail 2010-08-19 18:24:37.307903687 +0200
+++ logwatch-7.3.6/conf/services/fetchmail.conf 2010-08-19 18:24:30.163903629 +0200
@@ -0,0 +1,31 @@
+###########################################################################
+# $Id: fetchmail $
+###########################################################################
+
+# You can put comments anywhere you want to. They are effective for the
+# rest of the line.
+
+# this is in the format of <name> = <value>. Whitespace at the beginning
+# and end of the lines is removed. Whitespace before and after the = sign
+# is removed. Everything is case *insensitive*.
+
+# Yes = True = On = 1
+# No = False = Off = 0
+
+Title = "Fetchmail"
+
+# Which logfile group...
+LogFile = maillog
+
+*OnlyService = fetchmail
+*RemoveHeaders
+
+#Fetchmail Global ENV Variables
+
+########################################################
+# This was written and is maintained by:
+# Oron Peled <oron \@\ actcom.net.il>
+#
+########################################################
+
+# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/scripts/services/fetchmail.fetchmail logwatch-7.3.6/scripts/services/fetchmail
--- logwatch-7.3.6/scripts/services/fetchmail.fetchmail 2010-08-19 18:24:04.172902531 +0200
+++ logwatch-7.3.6/scripts/services/fetchmail 2010-08-19 18:23:52.676902323 +0200
@@ -0,0 +1,115 @@
+##########################################################################
+# $Id: fetchmail $
+##########################################################################
+
+########################################################
+# This was written and is maintained by:
+# Oron Peled <oron \@\ actcom.net.il>
+#
+########################################################
+
+########################################################
+## Copyright (c) 2010 Oron Peled
+## Covered under the included MIT/X-Consortium License:
+## http://www.opensource.org/licenses/mit-license.php
+## All modifications and contributions by other persons to
+## this script are assumed to have been donated to the
+## Logwatch project and thus assume the above copyright
+## and licensing terms. If you want to make contributions
+## under your own copyright or a different license this
+## must be explicitly stated in the contribution an the
+## Logwatch project reserves the right to not accept such
+## contributions. If you have made significant
+## contributions to this script and want to claim
+## copyright please contact logwatch-devel@lists.sourceforge.net.
+#########################################################
+
+
+my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0;
+
+my %no_mail;
+my %messages_for;
+my %auth_fail;
+my %conn_fail;
+
+#Inits
+
+while (defined($ThisLine = <STDIN>)) {
+ chomp($ThisLine);
+ $ThisLine =~ s/^[a-zA-Z0-9]+: //;
+ if($ThisLine =~ s/^No mail for (\S+) at (\S+)//) {
+ $no_mail{"${1} at ${2}"}++;
+ } elsif($ThisLine =~ /^reading message /) {
+ # ignore
+ } elsif($ThisLine =~ s/^Query status=[23]//) {
+ # ignore. Counted below (Authorization, Connection)
+ } elsif($ThisLine =~ s/^Authorization failure on (\S+)//) {
+ $auth_fail{"${1}"}++;
+ } elsif($ThisLine =~ s/^\S+ connection to \S+ failed: .*//) {
+ # ignore. Counted below
+ } elsif($ThisLine =~ s/^connection to (\S+) \[[^]]+\] failed: (.*).//) {
+ $conn_fail{"${1} -- ${2}"}++;
+ } elsif($ThisLine =~ s/^(\d+) messages? for (\S+) at (\S+).*.//) {
+ $messages_for{"${2} at ${3}"} += $1;
+ } else {
+ chomp($ThisLine);
+ # Report any unmatched entries...
+ $OtherList{$ThisLine}++;
+ }
+}
+
+if (keys %messages_for) {
+ my $total;
+ print "\nMessages\n";
+ foreach my $who (sort keys %messages_for) {
+ print " $who: $messages_for{$who}\n";
+ $total += $messages_for{$who};
+ }
+ print " Total: $total\n";
+}
+
+if (keys %conn_fail) {
+ my $total;
+ print "\nConnection failures\n";
+ foreach my $who (sort keys %conn_fail) {
+ print " $who: $conn_fail{$who} Time(s)\n";
+ $total += $conn_fail{$who};
+ }
+ print " Total: $total\n";
+}
+
+if (keys %auth_fail) {
+ my $total;
+ print "\nAuthorization failures\n";
+ foreach my $who (sort keys %auth_fail) {
+ print " $who: $auth_fail{$who} Time(s)\n";
+ $total += $auth_fail{$who};
+ }
+ print " Total: $total\n";
+}
+
+if (keys %no_mail) {
+ my $total;
+ print "\nNo Mail\n";
+ foreach my $who (sort keys %no_mail) {
+ print " $who: $no_mail{$who} Time(s)\n";
+ $total += $no_mail{$who};
+ }
+ print " Total: $total\n";
+}
+
+if (keys %OtherList) {
+ print "\n**Unmatched Entries**\n";
+ foreach $line (sort {$OtherList{$b}<=>$OtherList{$a} } keys %OtherList) {
+ print " $line: $OtherList{$line} Time(s)\n";
+ }
+}
+
+exit(0);
+
+# vi: shiftwidth=3 tabstop=3 syntax=perl et
+# Local Variables:
+# mode: perl
+# perl-indent-level: 3
+# indent-tabs-mode: nil
+# End:

33
logwatch-7.3.6-init.patch
View File

@ -1,33 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/init.pom logwatch-7.3.6/scripts/services/init
--- logwatch-7.3.6/scripts/services/init.pom 2006-12-20 16:25:09.000000000 +0100
+++ logwatch-7.3.6/scripts/services/init 2008-08-26 12:58:15.000000000 +0200
@@ -34,6 +34,9 @@ while (defined($ThisLine = <STDIN>)) {
chomp ($ThisLine);
$ReExecInit++;
}
+ elsif ( ($Name,$Cause) = ($ThisLine =~ /(.*) main process \([0-9]*\) killed by (.*) /)) {
+ $ProcessKilled{"$Name,$Cause"}++;
+ }
else {
# report any unmatched entries
push @OtherList,$ThisLine;
@@ -45,10 +48,19 @@ if ((keys %RunLevel) and ($Detail >= 10)
print " Entered or switched to runlevel " . $Level . ": " . $RunLevel{$Level} . " Time(s)\n";
}
}
+
if ($ReExecInit) {
print "\n\nRe-execs of init: $ReExecInit times\n";
}
+if ((keys %ProcessKilled) and ($Detail >=10)) {
+ print "\nKilled processses:\n";
+ foreach (keys %ProcessKilled) {
+ my ($Name,$Cause)=split ",";
+ print " Process " . $Name. " killed by " . $Cause . ": " . $ProcessKilled{"$Name,$Cause"} . " Time(s)\n";
+ }
+}
+
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";
print @OtherList;

56
logwatch-7.3.6-init2.patch
View File

@ -1,56 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/init.pom logwatch-7.3.6/scripts/services/init
--- logwatch-7.3.6/scripts/services/init.pom 2008-10-20 13:17:46.000000000 +0200
+++ logwatch-7.3.6/scripts/services/init 2008-10-20 13:41:17.000000000 +0200
@@ -16,7 +16,8 @@ $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'}
while (defined($ThisLine = <STDIN>)) {
if (( $ThisLine =~ /open\(.*\): No such file or directory/) or
( $ThisLine =~ /Id "r" respawning too fast: disabled for 5 minutes/) or
- ( $ThisLine =~ /Re-reading inittab/)) {
+ ( $ThisLine =~ /Re-reading inittab/) or
+ ( $ThisLine =~ /.* main process ended, respawning/)) {
# We don't care about these
}
elsif ( $ThisLine =~ s/Switching to runlevel: (.)\s*$/$1/ ) {
@@ -34,9 +35,15 @@ while (defined($ThisLine = <STDIN>)) {
chomp ($ThisLine);
$ReExecInit++;
}
+ elsif ( $ThisLine =~ /Re-executing \/sbin\/init/) {
+ $ReExecSbinInit++;
+ }
elsif ( ($Name,$Cause) = ($ThisLine =~ /(.*) main process \([0-9]*\) killed by (.*) /)) {
$ProcessKilled{"$Name,$Cause"}++;
}
+ elsif ( ($Name, $Status) = ($ThisLine =~ /(.*) main process \([0-9]*\) terminated with status ([0-9]*)/)) {
+ $ProcessTerminated{"$Name,Status"}++;
+ }
else {
# report any unmatched entries
push @OtherList,$ThisLine;
@@ -53,6 +60,11 @@ if ($ReExecInit) {
print "\n\nRe-execs of init: $ReExecInit times\n";
}
+if ($ReExecSbinInit) {
+ print "\n\nRe-executing \/sbin\/init/: $ReExecSbinInit times\n";
+}
+
+
if ((keys %ProcessKilled) and ($Detail >=10)) {
print "\nKilled processses:\n";
foreach (keys %ProcessKilled) {
@@ -61,6 +73,14 @@ if ((keys %ProcessKilled) and ($Detail >
}
}
+if ((keys %ProcessTerminated) and ($Detail >=10)) {
+ print "\nTerminated processses:\n";
+ foreach (keys %ProcessTerminated) {
+ my ($Name,$Status)=split ",";
+ print " Process " . $Name. " terminated with status " . $Cause . ": " . $ProcessTerminated{"$Name,$Status"} . " Time(s)\n";
+ }
+}
+
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";
print @OtherList;

12
logwatch-7.3.6-iptables.patch
View File

@ -1,12 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/iptables.iptables logwatch-7.3.6/scripts/services/iptables
--- logwatch-7.3.6/scripts/services/iptables.iptables 2007-02-16 04:27:05.000000000 +0100
+++ logwatch-7.3.6/scripts/services/iptables 2009-12-02 16:20:20.446263041 +0100
@@ -120,7 +120,7 @@ while (defined($ThisLine = <STDIN>)) {
$ipt2{$actionType}{$if}{$toport}{$proto}{$fromip}{$toip}{"$chain,$if"}++;
}
# IPTABLES
- elsif (($chain,$ifin,$ifout,$fromip,$toip,$proto,$rest) = ($ThisLine =~ /^(.*?)\s*IN=(\w*).*?OUT=(\w*).*?SRC=([\w\.:]+).*?DST=([\w\.:]+).*?PROTO=(\w+)(.*)/ )) {
+ elsif (($chain,$ifin,$ifout,$fromip,$toip,$proto,$rest) = ($ThisLine =~ /^(.*?)\s*IN=([\w\.]*).*?OUT=([\w\.]*).*?SRC=([\w\.:]+).*?DST=([\w\.:]+).*?PROTO=(\w+)(.*)/ )) {
# get a destination port number (or icmp type) if there is one
if (! ( ($toport) = ( $rest =~ /TYPE=(\w+)/ ) ) ) {

373
logwatch-7.3.6-logrotate.patch
View File

@ -1,373 +0,0 @@
diff -up logwatch-7.3.6/conf/logfiles/tac_acc.conf.pom logwatch-7.3.6/conf/logfiles/tac_acc.conf
--- logwatch-7.3.6/conf/logfiles/tac_acc.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/tac_acc.conf 2008-08-15 10:45:26.000000000 +0200
@@ -5,6 +5,7 @@ LogFile = tac_acc.log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = tac_acc.log.*
+Archive = tac_acc.log-*
# Keep only the lines in the proper date range...
*ApplyStdDate
diff -up logwatch-7.3.6/conf/logfiles/extreme-networks.conf.pom logwatch-7.3.6/conf/logfiles/extreme-networks.conf
--- logwatch-7.3.6/conf/logfiles/extreme-networks.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/extreme-networks.conf 2008-08-15 10:18:58.000000000 +0200
@@ -18,6 +18,7 @@ LogFile = extreme-networks.log
# If the archives are searched, here is one or more line
# (optionally containing wildcards) that tell where they are...
Archive = extreme-networks.log.*
+Archive = extreme-networks.log-*
# Expand the repeats (actually just removes them now)
#*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/cisco.conf.pom logwatch-7.3.6/conf/logfiles/cisco.conf
--- logwatch-7.3.6/conf/logfiles/cisco.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/cisco.conf 2008-08-15 13:26:31.000000000 +0200
@@ -18,6 +18,7 @@ LogFile = cisco.log
# If the archives are searched, here is one or more line
# (optionally containing wildcards) that tell where they are...
Archive = cisco.log.*
+Archive = cisco.log-*
# Expand the repeats (actually just removes them now)
#*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/netscreen.conf.pom logwatch-7.3.6/conf/logfiles/netscreen.conf
--- logwatch-7.3.6/conf/logfiles/netscreen.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/netscreen.conf 2008-08-15 10:29:59.000000000 +0200
@@ -19,6 +19,7 @@ LogFile = netscreen.log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = netscreen.log.*
+Archive = netscreen.log-*
# Expand the repeats (actually just removes them now)
#*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/qmail-pop3ds-current.conf.pom logwatch-7.3.6/conf/logfiles/qmail-pop3ds-current.conf
diff -up logwatch-7.3.6/conf/logfiles/secure.conf.pom logwatch-7.3.6/conf/logfiles/secure.conf
--- logwatch-7.3.6/conf/logfiles/secure.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/secure.conf 2008-08-15 10:33:10.000000000 +0200
@@ -23,6 +23,11 @@ Archive = secure.*
Archive = archiv/secure.*
Archive = authlog.*
Archive = auth.log.*.gz
+Archive = secure-*
+Archive = archiv/secure-*
+Archive = authlog-*
+Archive = auth.log-*.gz
+
# Expand the repeats (actually just removes them now)
*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/syslog.conf.pom logwatch-7.3.6/conf/logfiles/syslog.conf
--- logwatch-7.3.6/conf/logfiles/syslog.conf.pom 2006-03-21 04:01:34.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/syslog.conf 2008-08-15 10:45:13.000000000 +0200
@@ -14,6 +14,7 @@ Archive =
LogFile = syslog
LogFile = syslog.0
Archive = syslog.*.gz
+Archive = syslog-*.gz
*ExpandRepeats
*RemoveService = talkd
*RemoveService = telnetd
diff -up logwatch-7.3.6/conf/logfiles/clam-update.conf.pom logwatch-7.3.6/conf/logfiles/clam-update.conf
--- logwatch-7.3.6/conf/logfiles/clam-update.conf.pom 2005-10-31 17:21:20.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/clam-update.conf 2008-08-15 09:54:27.000000000 +0200
@@ -53,5 +53,10 @@ Archive = freshclam.log.*
Archive = clamav/freshclam.log.*
Archive = archiv/clam-update.*
Archive = archiv/freshclam.log.*
+Archive = clam-update-*
+Archive = freshclam.log-*
+Archive = clamav/freshclam.log-*
+Archive = archiv/clam-update-*
+Archive = archiv/freshclam.log-*
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/emerge.conf.pom logwatch-7.3.6/conf/logfiles/emerge.conf
--- logwatch-7.3.6/conf/logfiles/emerge.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/emerge.conf 2008-08-15 10:02:51.000000000 +0200
@@ -18,6 +18,7 @@ LogFile = emerge.log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = emerge.log.*
+Archive = emerge.log-*
#*ApplyUSDate
diff -up logwatch-7.3.6/conf/logfiles/resolver.conf.pom logwatch-7.3.6/conf/logfiles/resolver.conf
diff -up logwatch-7.3.6/conf/logfiles/daemon.conf.pom logwatch-7.3.6/conf/logfiles/daemon.conf
--- logwatch-7.3.6/conf/logfiles/daemon.conf.pom 2006-03-21 04:01:34.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/daemon.conf 2008-08-15 09:57:00.000000000 +0200
@@ -12,6 +12,8 @@
LogFile = daemon.log
LogFile = daemon.log.0
Archive = daemon.log.*.gz
+Archive = daemon.log-*.gz
+
*ExpandRepeats
*OnlyHost
*ApplyStdDate
diff -up logwatch-7.3.6/conf/logfiles/netopia.conf.pom logwatch-7.3.6/conf/logfiles/netopia.conf
--- logwatch-7.3.6/conf/logfiles/netopia.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/netopia.conf 2008-08-15 10:29:49.000000000 +0200
@@ -19,6 +19,7 @@ LogFile = netopia.log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = netopia.log.*
+Archive = netopia.log-*
# Expand the repeats (actually just removes them now)
#*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/qmail-smtpd-current.conf.pom logwatch-7.3.6/conf/logfiles/qmail-smtpd-current.conf
diff -up logwatch-7.3.6/conf/logfiles/xferlog.conf.pom logwatch-7.3.6/conf/logfiles/xferlog.conf
--- logwatch-7.3.6/conf/logfiles/xferlog.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/xferlog.conf 2008-08-15 12:39:03.000000000 +0200
@@ -18,5 +18,7 @@ LogFile = xferlog
#If you use a "-" in naming add that as well -mgt
Archive = xferlog.*
Archive = archiv/xferlog.*
+Archive = xferlog-*
+Archive = archiv/xferlog-*
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/fail2ban.conf.pom logwatch-7.3.6/conf/logfiles/fail2ban.conf
--- logwatch-7.3.6/conf/logfiles/fail2ban.conf.pom 2006-12-15 05:53:39.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/fail2ban.conf 2008-08-15 12:44:41.000000000 +0200
@@ -28,4 +28,5 @@ LogFile = fail2ban.log
Archive = fail2ban.log.1
Archive = fail2ban.log.*.gz
+Archive = fail2ban.log-*
diff -up logwatch-7.3.6/conf/logfiles/samba.conf.pom logwatch-7.3.6/conf/logfiles/samba.conf
diff -up logwatch-7.3.6/conf/logfiles/iptables.conf.pom logwatch-7.3.6/conf/logfiles/iptables.conf
--- logwatch-7.3.6/conf/logfiles/iptables.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/iptables.conf 2008-08-15 10:26:20.000000000 +0200
@@ -17,6 +17,7 @@ LogFile = ulogd/ulogd.syslogemu
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = ulogd/ulogd.syslogmenu.*
+Archive = ulogd/ulogd.syslogmenu-*
# Keep only the lines in the proper date range...
*ApplyStdDate
diff -up logwatch-7.3.6/conf/logfiles/messages.conf.pom logwatch-7.3.6/conf/logfiles/messages.conf
--- logwatch-7.3.6/conf/logfiles/messages.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/messages.conf 2008-08-15 10:26:58.000000000 +0200
@@ -18,6 +18,8 @@ LogFile = messages
#If you use a "-" in naming add that as well -mgt
Archive = messages.*
Archive = archiv/messages.*
+Archive = messages-*
+Archive = archiv/messages-*
# Expand the repeats (actually just removes them now)
*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/pureftp.conf.pom logwatch-7.3.6/conf/logfiles/pureftp.conf
--- logwatch-7.3.6/conf/logfiles/pureftp.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/pureftp.conf 2008-08-15 10:30:47.000000000 +0200
@@ -17,6 +17,7 @@ LogFile = pureftp/syslog.log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = pureftp/syslog.log.*
+Archive = pureftp/syslog.log-*
# Keep only the lines in the proper date range...
*OnlyHost
diff -up logwatch-7.3.6/conf/logfiles/http.conf.pom logwatch-7.3.6/conf/logfiles/http.conf
--- logwatch-7.3.6/conf/logfiles/http.conf.pom 2007-04-15 23:56:53.000000000 +0200
+++ logwatch-7.3.6/conf/logfiles/http.conf 2008-08-15 10:26:09.000000000 +0200
@@ -22,7 +22,12 @@ Archive = apache/*access.log.*.gz
Archive = apache2/*access.log.*.gz
Archive = apache2/*access_log.*.gz
Archive = apache-ssl/*access.log.*.gz
-
+Archive = archiv/httpd/*access_log-*
+Archive = httpd/*access_log-*
+Archive = apache/*access.log-*.gz
+Archive = apache2/*access.log-*.gz
+Archive = apache2/*access_log-*.gz
+Archive = apache-ssl/*access.log-*.gz
# Expand the repeats (actually just removes them now)
*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/kernel.conf.pom logwatch-7.3.6/conf/logfiles/kernel.conf
--- logwatch-7.3.6/conf/logfiles/kernel.conf.pom 2006-03-21 04:01:34.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/kernel.conf 2008-08-15 10:26:30.000000000 +0200
@@ -12,6 +12,7 @@
LogFile = kern.log
LogFile = kern.log.0
Archive = kern.log.*.gz
+Archive = kern.log-*.gz
*ExpandRepeats
*OnlyHost
*ApplyStdDate
diff -up logwatch-7.3.6/conf/logfiles/exim.conf.pom logwatch-7.3.6/conf/logfiles/exim.conf
--- logwatch-7.3.6/conf/logfiles/exim.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/exim.conf 2008-08-15 10:18:30.000000000 +0200
@@ -20,6 +20,10 @@ Archive = exim/main.log.*
Archive = archiv/exim/main.log.*
Archive = exim/mainlog.*
Archive = exim4/mainlog.*
+Archive = exim/main.log-*
+Archive = archiv/exim/main.log-*
+Archive = exim/mainlog-*
+Archive = exim4/mainlog-*
########################################################
# This was written by:
diff -up logwatch-7.3.6/conf/logfiles/yum.conf.pom logwatch-7.3.6/conf/logfiles/yum.conf
diff -up logwatch-7.3.6/conf/logfiles/rt314.conf.pom logwatch-7.3.6/conf/logfiles/rt314.conf
--- logwatch-7.3.6/conf/logfiles/rt314.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/rt314.conf 2008-08-15 10:32:42.000000000 +0200
@@ -9,6 +9,7 @@ LogFile = netgear.log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = netgear.log.*
+Archive = netgear.log-*
# Keep only the lines in the proper date range...
*ApplyStdDate
diff -up logwatch-7.3.6/conf/logfiles/dpkg.conf.pom logwatch-7.3.6/conf/logfiles/dpkg.conf
--- logwatch-7.3.6/conf/logfiles/dpkg.conf.pom 2006-12-15 05:39:22.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/dpkg.conf 2008-08-15 10:02:32.000000000 +0200
@@ -17,6 +17,6 @@ LogFile = dpkg.log.1
# Note: if these are gzipped, you need to end with a .gz even if
# you use wildcards...
Archive = dpkg.log.*.gz
-
+Archive = dpkg.log-*.gz
*ApplyEuroDate
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/autorpm.conf.pom logwatch-7.3.6/conf/logfiles/autorpm.conf
diff -up logwatch-7.3.6/conf/logfiles/sonicwall.conf.pom logwatch-7.3.6/conf/logfiles/sonicwall.conf
--- logwatch-7.3.6/conf/logfiles/sonicwall.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/sonicwall.conf 2008-08-15 10:33:24.000000000 +0200
@@ -20,6 +20,8 @@ LogFile = sonicwall.log
#If you use a "-" in naming add that as well -mgt
Archive = sonicwall.log.*
Archive = archiv/sonicwall.log.*
+Archive = sonicwall.log-*
+Archive = archiv/sonicwall.log-*
# Keep only the lines in the proper date range...
*OnlyHost
diff -up logwatch-7.3.6/conf/logfiles/up2date.conf.pom logwatch-7.3.6/conf/logfiles/up2date.conf
--- logwatch-7.3.6/conf/logfiles/up2date.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/up2date.conf 2008-08-15 10:45:35.000000000 +0200
@@ -17,5 +17,6 @@ LogFile = up2date
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = up2date.*
+Archive = up2date-*
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/pix.conf.pom logwatch-7.3.6/conf/logfiles/pix.conf
--- logwatch-7.3.6/conf/logfiles/pix.conf.pom 2006-12-20 05:37:13.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/pix.conf 2008-08-15 10:30:26.000000000 +0200
@@ -9,5 +9,6 @@
LogFile = pix.log
Archive = pix.log.*
+Archive = pix.log-*
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/denyhosts.conf.pom logwatch-7.3.6/conf/logfiles/denyhosts.conf
--- logwatch-7.3.6/conf/logfiles/denyhosts.conf.pom 2006-11-12 19:32:54.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/denyhosts.conf 2008-08-15 09:57:19.000000000 +0200
@@ -7,7 +7,7 @@
#
###############################################################################
LogFile = denyhosts
-Archive =
Archive = denyhosts.*
+Archive = denyhosts-*
*ApplyEuroDate
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/bfd.conf.pom logwatch-7.3.6/conf/logfiles/bfd.conf
--- logwatch-7.3.6/conf/logfiles/bfd.conf.pom 2007-04-15 21:48:23.000000000 +0200
+++ logwatch-7.3.6/conf/logfiles/bfd.conf 2008-08-15 09:41:30.000000000 +0200
@@ -10,5 +10,6 @@
# Which logfile group...
LogFile = /var/log/bfd_log
Archive = /var/log/bfd_log.*
+Archive = /var/log/bfd_log-*
diff -up logwatch-7.3.6/conf/logfiles/maillog.conf.pom logwatch-7.3.6/conf/logfiles/maillog.conf
--- logwatch-7.3.6/conf/logfiles/maillog.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/maillog.conf 2008-08-15 10:26:46.000000000 +0200
@@ -24,6 +24,10 @@ Archive = maillog.*
Archive = syslog.*
Archive = archiv/maillog.*
Archive = mail.log.*.gz
+Archive = maillog-*
+Archive = syslog-*
+Archive = archiv/maillog-*
+Archive = mail.log-*.gz
# Expand the repeats (actually just removes them now)
diff -up logwatch-7.3.6/conf/logfiles/windows.conf.pom logwatch-7.3.6/conf/logfiles/windows.conf
--- logwatch-7.3.6/conf/logfiles/windows.conf.pom 2006-03-22 18:46:22.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/windows.conf 2008-08-15 10:55:33.000000000 +0200
@@ -19,6 +19,8 @@ LogFile = windows.log
# you use wildcards...
Archive = windows.log.*
Archive = windows.log.*.gz
+Archive = windows.log-*
+Archive = windows.log-*.gz
# Expand the repeats (actually just removes them now)
*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/cron.conf.pom logwatch-7.3.6/conf/logfiles/cron.conf
--- logwatch-7.3.6/conf/logfiles/cron.conf.pom 2005-02-24 18:05:18.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/cron.conf 2008-08-15 09:56:42.000000000 +0200
@@ -19,6 +19,8 @@ LogFile = cron
# (optionally containing wildcards) that tell where they are...
Archive = cron.*
Archive = archiv/cron.*
+Archive = cron-*
+Archive = archiv/cron-*
*OnlyHost
*RemoveService = anacron
diff -up logwatch-7.3.6/conf/logfiles/eventlog.conf.pom logwatch-7.3.6/conf/logfiles/eventlog.conf
--- logwatch-7.3.6/conf/logfiles/eventlog.conf.pom 2007-04-29 00:50:24.000000000 +0200
+++ logwatch-7.3.6/conf/logfiles/eventlog.conf 2008-08-15 13:50:52.000000000 +0200
@@ -20,6 +20,10 @@ Archive = eventlog.*
Archive = eventlog.*.gz
Archive = archiv/eventlog.*
Archive = archiv/eventlog.*.gz
+Archive = eventlog-*
+Archive = eventlog-*.gz
+Archive = archiv/eventlog-*
+Archive = archiv/eventlog-*.gz
# Expand the repeats (actually just removes them now)
*ExpandRepeats
diff -up logwatch-7.3.6/conf/logfiles/vsftpd.conf.pom logwatch-7.3.6/conf/logfiles/vsftpd.conf
--- logwatch-7.3.6/conf/logfiles/vsftpd.conf.pom 2006-03-21 02:47:28.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/vsftpd.conf 2008-08-15 10:55:20.000000000 +0200
@@ -19,6 +19,8 @@ LogFile = vsftpd.log
#If you use a "-" in naming add that as well -mgt
Archive = vsftpd.log.*
Archive = archiv/vsftpd.log.*
+Archive = vsftpd.log-*
+Archive = archiv/vsftpd.log-*
*ApplyStdDate =
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/php.conf.pom logwatch-7.3.6/conf/logfiles/php.conf
--- logwatch-7.3.6/conf/logfiles/php.conf.pom 2006-11-12 19:28:31.000000000 +0100
+++ logwatch-7.3.6/conf/logfiles/php.conf 2008-08-15 10:30:11.000000000 +0200
@@ -25,5 +25,6 @@ LogFile = httpd/php_log
# (optionally containing wildcards) that tell where they are...
#If you use a "-" in naming add that as well -mgt
Archive = httpd/php_log.*
+Archive = httpd/php_log-*
# vi: shiftwidth=3 tabstop=3 et
diff -up logwatch-7.3.6/conf/logfiles/qmail-pop3d-current.conf.pom logwatch-7.3.6/conf/logfiles/qmail-pop3d-current.conf
diff -up logwatch-7.3.6/conf/logfiles/dnssec.conf.pom logwatch-7.3.6/conf/logfiles/dnssec.conf
diff -up logwatch-7.3.6/conf/logfiles/qmail-send-current.conf.pom logwatch-7.3.6/conf/logfiles/qmail-send-current.conf

12
logwatch-7.3.6-lost-connection.patch
View File

@ -1,12 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/postfix.lost-connection logwatch-7.3.6/scripts/services/postfix
--- logwatch-7.3.6/scripts/services/postfix.lost-connection 2009-12-16 12:06:01.208255271 +0100
+++ logwatch-7.3.6/scripts/services/postfix 2009-12-16 12:06:17.115378576 +0100
@@ -1536,7 +1536,7 @@ while ( <> ) {
# end of $re_QID section
# see also ConnectionLost in $re_QID section
- elsif ( ($reason,$host,$hostip) = ($p1 =~ /lost connection (after [^ ]*) (\(\d+ bytes\) )?from ([^[]*)\[($re_IP|unknown)\]$/o )) {
+ elsif ( ($reason,$host,$hostip) = ($p1 =~ /lost connection (after [^ ]*) (?:\(\d+ bytes\) )?from ([^[]*)\[($re_IP|unknown)\]$/o )) {
unless ($hostip =~ /unknown/) {
#TD lost connection after DATA (0 bytes) from mail.example.com[192.168.0.1]
#TD lost connection after CONNECT from mail.example.com[192.168.0.1]

18
logwatch-7.3.6-maillog.patch
View File

@ -1,18 +0,0 @@
diff -up logwatch-7.3.6/scripts/logwatch.pl.pom logwatch-7.3.6/scripts/logwatch.pl
--- logwatch-7.3.6/scripts/logwatch.pl.pom 2008-06-10 14:29:41.000000000 +0200
+++ logwatch-7.3.6/scripts/logwatch.pl 2008-06-10 14:32:51.000000000 +0200
@@ -61,7 +61,13 @@ my (@ReadConfigNames, @ReadConfigValues)
# Default config here...
$Config{'detail'} = 0;
-$Config{'mailto'} = "root";
+# if MAILTO is set in the environment, grab it, as it may be used by cron
+# or anacron
+if ($ENV{'MAILTO'}) {
+ $Config{'mailto'} = $ENV{'MAILTO'};
+} else {
+ $Config{'mailto'} = "root";
+}
$Config{'mailfrom'} = "Logwatch";
$Config{'save'} = "";
$Config{'print'} = 1;

147
logwatch-7.3.6-manpages.patch
View File

@ -1,147 +0,0 @@
>From f995c3a89d66be95959f45dda55d39309f663ac5 Mon Sep 17 00:00:00 2001
From: Karel Klic <kklic@redhat.com>
Date: Tue, 6 Apr 2010 14:52:25 +0200
Subject: [PATCH 18/18] Added manpages for configuration files
---
ignore.conf.5 | 1 +
install_logwatch.sh | 28 ++++++++++++++++++++--------
logwatch.conf.5 | 37 +++++++++++++++++++++++++++++++++++++
override.conf.5 | 1 +
4 files changed, 59 insertions(+), 8 deletions(-)
create mode 100644 ignore.conf.5
mode change 100644 => 100755 install_logwatch.sh
create mode 100644 logwatch.conf.5
create mode 100644 override.conf.5
diff --git a/ignore.conf.5 b/ignore.conf.5
new file mode 100644
index 0000000..f434964
--- /dev/null
+++ b/ignore.conf.5
@@ -0,0 +1 @@
+.so man5/logwatch.conf.5
\ No newline at end of file
diff --git a/install_logwatch.sh b/install_logwatch.sh
old mode 100644
new mode 100755
index 6e4f7c1..3a34ce5
--- a/install_logwatch.sh
+++ b/install_logwatch.sh
@@ -130,7 +130,7 @@ else
fi
printf "Enter the path for the Logwatch ConfigDir [$CONFIGDIR] : "
-read config
+read config
if [ "$config" = "" ]; then
printf "### Using $CONFIGDIR\n"
@@ -263,22 +263,25 @@ for f in `echo $PATH | tr : ' '`; do
done
#Man page
-if [ -d $MANDIR/man8 ] && [ $HAVE_MAKEWHATIS ]; then
+if [ -d $MANDIR/man5 ] && [ -d $MANDIR/man8 ] && [ $HAVE_MAKEWHATIS ]; then
install -m 0644 logwatch.8 $MANDIR/man8
+ install -m 0644 logwatch.conf.5 $MANDIR/man5
+ install -m 0644 override.conf.5 $MANDIR/man5
+ install -m 0644 ignore.conf.5 $MANDIR/man5
#OpenBSD no -s
if [ $OS = "OpenBSD" ]; then
- makewhatis -u $MANDIR/man8
+ makewhatis -u $MANDIR/man5 $MANDIR/man8
else
#FreeBSD and NetBSD no -s no -u
if [ $OS = "FreeBSD" ] || [ $OS = "NetBSD" ]; then
- makewhatis $MANDIR/man8
+ makewhatis $MANDIR/man5 $MANDIR/man8
else
#MacOS X aka Darwin no -u [even thought the manpage says]
if [ $OS = "Darwin" ]; then
- makewhatis -s 8 $MANDIR
+ makewhatis -s "5 8" $MANDIR
else
#Linux
- makewhatis -u -s 8 $MANDIR
+ makewhatis -u -s "5 8" $MANDIR
fi
fi
fi
@@ -287,11 +290,20 @@ else
#Go for the safe install rather then editing man.cf
install -m 0644 logwatch.8 $MANDIR/man1m
+ install -m 0644 logwatch.conf.5 $MANDIR/man1m
+ install -m 0644 override.conf.5 $MANDIR/man1m
+ install -m 0644 ignore.conf.5 $MANDIR/man1m
- catman -w -M /usr/share/man/man1m
+ catman -w -M $MANDIR/man1m
else
+ install -m 0755 -d $MANDIR/man5
+ install -m 0644 logwatch.conf.5 $MANDIR/man5
+ install -m 0644 override.conf.5 $MANDIR/man5
+ install -m 0644 ignore.conf.5 $MANDIR/man5
+
install -m 0755 -d $MANDIR/man8
install -m 0644 logwatch.8 $MANDIR/man8
- printf "Installed manpage in $MANDIR/man8.\n"
- printf "Check your man.cf or man.conf to enable MANSECTS 8\n"
+
+ printf "Installed manpages in $MANDIR/man5 and $MANDIR/man8.\n"
+ printf "Check your man.cf or man.conf to enable MANSECTS 5 and 8\n"
fi
fi
diff --git a/logwatch.conf.5 b/logwatch.conf.5
new file mode 100644
index 0000000..691c533
--- /dev/null
+++ b/logwatch.conf.5
@@ -0,0 +1,37 @@
+.\" Written by Ivana Varekova <varekova@redhat.com>.
+.TH LOGWATCH.CONF 5 2010-02-10 "GNU" "Linux Programmer's Manual"
+.SH NAME
+logwatch.conf, ignore.conf, override.conf - logwatch configuration files
+.SH DESCRIPTION
+
+.BR logwatch.conf
+- (
+.BR /etc/logwatch/conf/logwatch.conf
+)
+- can contain the local configuration options.
+The list of valid settings and their default values are in
+.BR /usr/share/logwatch/default.conf/logwatch.conf.
+
+.BR ignore.conf
+- (
+.BR /etc/logwatch/conf/ignore.conf
+)
+is the list of regular expressions.
+The set of logs decribed by this set is ignored by logwatch.
+
+.BR override.conf
+- (
+.BR /etc/logwatch/conf/override.conf
+)
+contains the settings which overrides the standard configuration
+of specific log files or services. The syntax is the same as in
+log/service files.
+
+.SH FILES
+.I /etc/logwatch/conf/logwatch.conf
+.I /etc/logwatch/conf/logwatch.conf
+.I /etc/logwatch/conf/logwatch.conf
+.I /usr/share/logwatch/default.conf/logwatch.conf
+
+.SH "SEE ALSO"
+.BR logwatch (8)
diff --git a/override.conf.5 b/override.conf.5
new file mode 100644
index 0000000..775458f
--- /dev/null
+++ b/override.conf.5
@@ -0,0 +1 @@
+.so man5/logwatch.conf.5
--
1.6.6.1

42
logwatch-7.3.6-named10.patch
View File

@ -1,42 +0,0 @@
--- logwatch-7.3.6/scripts/services/named 2010-10-09 17:10:21.000000000 +0100
+++ logwatch-7.3.6-fedora/scripts/services/named 2010-10-09 17:16:40.000000000 +0100
@@ -195,12 +195,10 @@
($ThisLine =~ /max open files \([0-9]*\) is smaller than max sockets \([0-9]*\)/) or
($ThisLine =~ /clients-per-query (?:de|in)creased to .*/) or
($ThisLine =~ /^must-be-secure resolving '.*': .*/) or
- ($ThisLine =~ /^no valid DS resolving '.*': .*/) or
- ($ThisLine =~ /^no valid KEY resolving '.*': .*/) or
- ($ThisLine =~ /^no valid RRSIG resolving '.*': .*/) or
+ ($ThisLine =~ /^(error \()?no valid (DS|KEY|RRSIG)\)? resolving '.*': .*/) or
($ThisLine =~ /^not insecure resolving '.*': .*/) or
($ThisLine =~ /^validating \@0x[[:xdigit:]]+: .* DS: must be secure failure/) or
- ($ThisLine =~ /^broken trust chain resolving '.*': .*/)
+ ($ThisLine =~ /^(error \()?broken trust chain\)? resolving '.*': .*/)
# too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
) {
# Don't care about these...
@@ -274,9 +272,10 @@
$MasterFailure{"$Zone from $Host"}{$Reason}++;
} elsif ( ($Zone) = ($ThisLine =~ /zone ([^\/]+)\/.+: refresh: non-authoritative answer from master/)) {
$NonAuthoritative{$Zone}++;
- } elsif ( ($ThisLine =~ /unexpected RCODE \((.*)\) resolving/) ){
+ } elsif ( ($ThisLine =~ /(?:error \()?unexpected RCODE\)? \(?(.*?)\)? resolving/) ){
$UnexpRCODE{$1}++;
- } elsif ( ($ThisLine =~ /FORMERR resolving '[^ ]+: [.0-9a-fA-F:#]+/) ) {
+ } elsif ( ($ThisLine =~ /(?:error \()?FORMERR\)? resolving '[^ ]+: [.0-9a-fA-F:#]+/) or
+ ($ThisLine =~ /DNS format error from [^ ]+ resolving [^ ]+( for client [^ ]+)?: .*/) ) {
chomp($ThisLine);
$FormErr{$ThisLine}++;
} elsif ( ($ThisLine =~ /found [0-9]* CPU(s)?, using [0-9]* worker thread(s)?/) ) {
@@ -300,9 +299,9 @@
$UnknownCCCommands{$CCC}++;
} elsif (($CCC) = ($ThisLine =~ /received control channel command '(.*)'/)) {
$CCCommands{$CCC}++;
- } elsif (($Name,$Address) = ($ThisLine =~ /network unreachable resolving '(.*)': (.*)/)) {
+ } elsif (($Name,$Address) = ($ThisLine =~ /(?:error \()?network unreachable\)? resolving '(.*)': (.*)/)) {
$NUR{$Name}{$Address}++;
- } elsif (($Name,$Address) = ($ThisLine =~ /host unreachable resolving '(.*)': (.*)/)) {
+ } elsif (($Name,$Address) = ($ThisLine =~ /(?:error \()?host unreachable\)? resolving '(.*)': (.*)/)) {
$HUR{$Name}{$Address}++;
} else {
# Report any unmatched entries...

12
logwatch-7.3.6-named2.patch
View File

@ -1,12 +0,0 @@
--- logwatch-7.3.6/scripts/services/named.pom 2007-06-04 13:46:17.000000000 +0200
+++ logwatch-7.3.6/scripts/services/named 2007-06-04 13:58:11.000000000 +0200
@@ -171,7 +171,8 @@
($ThisLine =~ /isc_log_open 'named.run' failed: permission denied/) or
($ThisLine =~ /weak RSASHA1 \(5\) key found \(exponent=3\)/) or
($ThisLine =~ /Bad file descriptor/) or
- ($ThisLine =~ /open: .*: file not found/)
+ ($ThisLine =~ /open: .*: file not found/) or
+ ($ThisLine =~ /queries: client [0-9.#:]* view localhost_resolver: query: .* IN .*/)
) {
# Don't care about these...
} elsif (

48
logwatch-7.3.6-named3.patch
View File

@ -1,48 +0,0 @@
--- logwatch-7.3.6/scripts/services/named.pom 2007-07-04 12:58:44.000000000 +0200
+++ logwatch-7.3.6/scripts/services/named 2007-07-04 14:16:20.000000000 +0200
@@ -172,7 +172,16 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /weak RSASHA1 \(5\) key found \(exponent=3\)/) or
($ThisLine =~ /Bad file descriptor/) or
($ThisLine =~ /open: .*: file not found/) or
- ($ThisLine =~ /queries: client [0-9.#:]* view localhost_resolver: query: .* IN .*/)
+ ($ThisLine =~ /queries: client [0-9.#:]* view localhost_resolver: query: .* IN .*/) or
+ ($ThisLine =~ /zone .*: NS '.*' is a CNAME \(illegal\)/) or
+ ($ThisLine =~ /zone .*: zone serial unchanged. zone may fail to transfer to slaves/) or
+ ($ThisLine =~ /zone .*: loading from master file .* failed/) or
+ ($ThisLine =~ /zone .*: NS '.*' has no address records/) or
+ ($ThisLine =~ /.*: not a valid number$/) or
+ ($ThisLine =~ /.*: unexpected end of input/) or
+ ($ThisLine =~ /too many timeouts resolving '.*' .*: disabling EDNS/) or
+ ($ThisLine =~ /reloading zones succeeded/)
+ # too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
) {
# Don't care about these...
} elsif (
@@ -265,6 +274,10 @@ while (defined($ThisLine = <STDIN>)) {
} elsif ( (($Log) = ($ThisLine =~ /(freezing .*zone.*)/)) or
(($Log) = ($ThisLine =~ /(thawing .*zone.*)/)) ) {
$CCMessages2{$Log}++;
+ } elsif (($CCC) = ($ThisLine =~ /unknown control channel command '(.*)'/)) {
+ $UnknownCCCommands{$CCC}++;
+ } elsif (($CCC) = ($ThisLine =~ /received control channel command '(.*)'/)) {
+ $CCCommands{$CCC}++;
} else {
# Report any unmatched entries...
# remove PID from named messages
@@ -494,6 +507,16 @@ if ((keys %CCMessages) or (keys %CCMessa
}
}
+if ((keys %CCCommands) or (keys %UnknownCCCommands)) {
+ print "\n Received control channel commands\n";
+ foreach $ThisOne (keys %CCCommands) {
+ print " " . $ThisOne . ": " . $CCCommands{$ThisOne} . " Time(s)\n";
+ }
+ foreach $ThisOne (keys %UnknownCCCommands) {
+ print " " . $ThisOne . "(unknown command): " . $CCCommands{$ThisOne} . " Time(s)\n";
+ }
+}
+
if (keys %OtherList) {
print "\n**Unmatched Entries**\n";
foreach $line (sort {$a cmp $b} keys %OtherList) {

85
logwatch-7.3.6-named4.patch
View File

@ -1,85 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/named.p1 logwatch-7.3.6/scripts/services/named
--- logwatch-7.3.6/scripts/services/named.p1 2008-12-17 13:13:49.000000000 +0100
+++ logwatch-7.3.6/scripts/services/named 2008-12-17 13:14:59.000000000 +0100
@@ -137,7 +137,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /Response from unexpected source/) or
($ThisLine =~ /No root nameservers for class IN/) or
($ThisLine =~ /recvfrom: No route to host/) or
- ($ThisLine =~ /Connection refused/) or
+ ($ThisLine =~ /(C|c)onnection refused/) or
($ThisLine =~ /lame server resolving/) or
($ThisLine =~ /transfer of/) or
($ThisLine =~ /using \d+ CPU/) or
@@ -150,6 +150,8 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /the default for the .* option is now/) or
($ThisLine =~ /stopping command channel on \S+/) or
($ThisLine =~ /Malformed response from/) or
+ ($ThisLine =~ /client .* response from Internet for .*/) or
+ ($ThisLine =~ /client .+ query \(cache\) '.*' denied/) or
($ThisLine =~ /client .+#\d+: query:/) or
# Do we really want to ignore these?
#($ThisLine =~ /unknown logging category/) or
@@ -180,6 +182,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /.*: not a valid number$/) or
($ThisLine =~ /.*: unexpected end of input/) or
($ThisLine =~ /too many timeouts resolving '.*' .*: disabling EDNS/) or
+ ($ThisLine =~ /too many timeouts resolving '.*' .*: reducing the advertised EDNS UDP packet size to .* octets/) or
($ThisLine =~ /reloading zones succeeded/)
# too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
) {
@@ -220,6 +223,8 @@ while (defined($ThisLine = <STDIN>)) {
$ZoneRemoved{$Zone}++;
} elsif ( ($Zone) = ( $ThisLine =~ /received notify for zone '(.*)'/ ) ) {
$ZoneReceivedNotify{$Zone}++;
+ } elsif ( ($Zone) = ( $ThisLine =~ /zone (.*): notify from .* up to date/ ) ) {
+ $ZoneReceivedNotify{$Zone}++;
} elsif ( ($Host) = ( $ThisLine =~ /([^ ]+) has CNAME and other data \(invalid\)/ ) ) {
push @CNAMEAndOther, $Host;
} elsif ( ($File,$Line,$Entry,$Error) = ( $ThisLine =~ /dns_master_load: ([^:]+):(\d+): ([^ ]+): (.+)$/ ) ) {
@@ -278,6 +283,10 @@ while (defined($ThisLine = <STDIN>)) {
$UnknownCCCommands{$CCC}++;
} elsif (($CCC) = ($ThisLine =~ /received control channel command '(.*)'/)) {
$CCCommands{$CCC}++;
+ } elsif (($Name,$Address) = ($ThisLine =~ /network unreachable resolving '(.*)': (.*)/)) {
+ $NUR{$Name}{$Address}++;
+ } elsif (($Name,$Address) = ($ThisLine =~ /host unreachable resolving '(.*)': (.*)/)) {
+ $HUR{$Name}{$Address}++;
} else {
# Report any unmatched entries...
# remove PID from named messages
@@ -418,6 +427,26 @@ if ( ( $Detail >= 10 ) and (keys %Networ
}
}
+if ( ( $Detail >= 10 ) and (keys %NUR) ) {
+ print "\nNetwork unreachable resolving for:\n";
+ foreach $ThisOne (sort {$a cmp $b} keys %NUR) {
+ print " $ThisOne:\n";
+ foreach $Host (sort {$a cmp $b} keys %{$NUR{$ThisOne}}) {
+ print " $Host: $NUR{$ThisOne}{$Host} Time(s)\n";
+ }
+ }
+}
+
+if ( ( $Detail >= 10 ) and (keys %HUR) ) {
+ print "\nHost unreachable resolving for:\n";
+ foreach $ThisOne (sort {$a cmp $b} keys %HUR) {
+ print " $ThisOne:\n";
+ foreach $Host (sort {$a cmp $b} keys %{$HUR{$ThisOne}}) {
+ print " $Host: $HUR{$ThisOne}{$Host} Time(s)\n";
+ }
+ }
+}
+
if ( ( $Detail >= 5 ) and (keys %ZoneUpdates) ) {
print "\nZone Updates:\n";
foreach $ThisOne (sort {$a cmp $b} keys %ZoneUpdates) {
@@ -508,7 +537,7 @@ if ((keys %CCMessages) or (keys %CCMessa
}
if ((keys %CCCommands) or (keys %UnknownCCCommands)) {
- print "\n Received control channel commands\n";
+ print "\nReceived control channel commands\n";
foreach $ThisOne (keys %CCCommands) {
print " " . $ThisOne . ": " . $CCCommands{$ThisOne} . " Time(s)\n";
}

19
logwatch-7.3.6-named5.patch
View File

@ -1,19 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/named.pom logwatch-7.3.6/scripts/services/named
--- logwatch-7.3.6/scripts/services/named.pom 2009-08-11 09:42:27.000000000 +0200
+++ logwatch-7.3.6/scripts/services/named 2009-08-11 13:36:47.000000000 +0200
@@ -183,7 +183,14 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /.*: unexpected end of input/) or
($ThisLine =~ /too many timeouts resolving '.*' .*: disabling EDNS/) or
($ThisLine =~ /too many timeouts resolving '.*' .*: reducing the advertised EDNS UDP packet size to .* octets/) or
- ($ThisLine =~ /reloading zones succeeded/)
+ ($ThisLine =~ /reloading zones succeeded/) or
+ ($ThisLine =~ /success resolving '.*' \(in '.*'?\) after disabling EDNS/) or
+ ($ThisLine =~ /success resolving '.*' \(in '.*'?\) after reducing the advertised EDNS UDP packet size to 512 octets/) or
+ ($ThisLine =~ /the working directory is not writable/) or
+ ($ThisLine =~ /using default UDP\/IPv[46] port range: \[[0-9]*, [0-9]*\]/) or
+ ($ThisLine =~ /adjusted limit on open files from [0-9]* to [0-9]*/) or
+ ($ThisLine =~ /using up to [0-9]* sockets/) or
+ ($ThisLine =~ /built with/)
# too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
) {
# Don't care about these...

21
logwatch-7.3.6-named6.patch
View File

@ -1,21 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/named.named6 logwatch-7.3.6/scripts/services/named
--- logwatch-7.3.6/scripts/services/named.named6 2009-12-16 15:04:47.000000000 +0100
+++ logwatch-7.3.6/scripts/services/named 2009-12-16 15:08:25.836379108 +0100
@@ -190,7 +190,16 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /using default UDP\/IPv[46] port range: \[[0-9]*, [0-9]*\]/) or
($ThisLine =~ /adjusted limit on open files from [0-9]* to [0-9]*/) or
($ThisLine =~ /using up to [0-9]* sockets/) or
- ($ThisLine =~ /built with/)
+ ($ThisLine =~ /built with/) or
+ ($ThisLine =~ /'.*': TTL differs in rdataset, adjusting [0-9]* -> [0-9]*/) or
+ ($ThisLine =~ /max open files \([0-9]*\) is smaller than max sockets \([0-9]*\)/) or
+ ($ThisLine =~ /clients-per-query decreased to .*/) or
+ ($ThisLine =~ /^must-be-secure resolving '.*': .*/) or
+ ($ThisLine =~ /^no valid DS resolving '.*': .*/) or
+ ($ThisLine =~ /^no valid KEY resolving '.*': .*/) or
+ ($ThisLine =~ /^no valid RRSIG resolving '.*': .*/) or
+ ($ThisLine =~ /^not insecure resolving '.*': .*/) or
+ ($ThisLine =~ /^validating \@0x[[:xdigit:]]+: .* DS: must be secure failure/)
# too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
) {
# Don't care about these...

47
logwatch-7.3.6-named7.patch
View File

@ -1,47 +0,0 @@
--- logwatch/scripts/services/named 2009-08-11 21:59:52.000000000 +1000
+++ named 2010-01-16 18:29:17.000000000 +1100
@@ -174,7 +174,7 @@
($ThisLine =~ /weak RSASHA1 \(5\) key found \(exponent=3\)/) or
($ThisLine =~ /Bad file descriptor/) or
($ThisLine =~ /open: .*: file not found/) or
- ($ThisLine =~ /queries: client [0-9.#:]* view localhost_resolver: query: .* IN .*/) or
+ ($ThisLine =~ /queries: client [.0-9a-fA-F#:]* view localhost_resolver: query: .* IN .*/) or
($ThisLine =~ /zone .*: NS '.*' is a CNAME \(illegal\)/) or
($ThisLine =~ /zone .*: zone serial unchanged. zone may fail to transfer to slaves/) or
($ThisLine =~ /zone .*: loading from master file .* failed/) or
@@ -252,7 +252,7 @@
} elsif ( ($Client) = ( $ThisLine =~ /client (.*)#\d+: query \(cache\) denied/ ) ) {
$FullClient = LookupIP ($Client);
$DeniedQuery{$FullClient}++;
- } elsif ( ($Rhost, $Ldom) = ($ThisLine =~ /client ([\d\.]+)#\d+: update '(.*)' denied/)) {
+ } elsif ( ($Rhost, $Ldom) = ($ThisLine =~ /client ([.0-9a-fA-F:]+)#\d+: update '(.*)' denied/)) {
$UpdateDenied{"$Rhost ($Ldom)"}++;
} elsif ( ($Zone) = ($ThisLine =~ /zone '([0-9a-zA-Z.-]+)' allows updates by IP address, which is insecure/)) {
$InsecUpdate{$Zone}++;
@@ -266,7 +266,7 @@
$NonAuthoritative{$Zone}++;
} elsif ( ($ThisLine =~ /unexpected RCODE \((.*)\) resolving/) ){
$UnexpRCODE{$1}++;
- } elsif ( ($ThisLine =~ /FORMERR resolving '[^ ]+: [0-9.#]+/) ) {
+ } elsif ( ($ThisLine =~ /FORMERR resolving '[^ ]+: [.0-9a-fA-F:#]+/) ) {
chomp($ThisLine);
$FormErr{$ThisLine}++;
} elsif ( ($ThisLine =~ /found [0-9]* CPU(s)?, using [0-9]* worker thread(s)?/) ) {
@@ -281,7 +281,7 @@
(($ErrorText) = ($ThisLine =~ /^(.* REQUIRE.* failed.*)$/)) or
(($ErrorText) = ($ThisLine =~ /(.*: fatal error)/)) ) {
$NError{$ErrorText}++;
- } elsif ( ($From,$Log) = ($ThisLine =~ /invalid command from ([.0-9]*)#[0-9]*: (.*)/) ) {
+ } elsif ( ($From,$Log) = ($ThisLine =~ /invalid command from ([.0-9a-fA-F:]*)#[0-9]*: (.*)/) ) {
$CCMessages{"$From,$Log"}++;
} elsif ( (($Log) = ($ThisLine =~ /(freezing .*zone.*)/)) or
(($Log) = ($ThisLine =~ /(thawing .*zone.*)/)) ) {
@@ -297,7 +297,7 @@
} else {
# Report any unmatched entries...
# remove PID from named messages
- $ThisLine =~ s/(client [.0-9]+)\S+/$1/;
+ $ThisLine =~ s/(client [.0-9a-fA-F:]+)\S+/$1/;
chomp($ThisLine);
$OtherList{$ThisLine}++;
}

23
logwatch-7.3.6-named8.patch
View File

@ -1,23 +0,0 @@
From 0848cea632ef7b153bf74fabf6797a37897fc90d Mon Sep 17 00:00:00 2001
From: Karel Klic <kklic@redhat.com>
Date: Mon, 12 Apr 2010 17:06:42 +0200
Subject: [PATCH 1/2] Update for named script to ignore broken trust chain messages (rhbz#581186)
---
scripts/services/named | 5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/scripts/services/named b/scripts/services/named
index 9097a73..811a4b9 100755
--- a/scripts/services/named
+++ b/scripts/services/named
@@ -226,7 +226,8 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^no valid KEY resolving '.*': .*/) or
($ThisLine =~ /^no valid RRSIG resolving '.*': .*/) or
($ThisLine =~ /^not insecure resolving '.*': .*/) or
- ($ThisLine =~ /^validating \@0x[[:xdigit:]]+: .* DS: must be secure failure/)
+ ($ThisLine =~ /^validating \@0x[[:xdigit:]]+: .* DS: must be secure failure/) or
+ ($ThisLine =~ /^broken trust chain resolving '.*': .*/)
# too many timeouts resolving 'ns-ext.nrt1.isc.org/AAAA' (in '.'?): disabling EDNS: 3 Time(s)
) {
# Don't care about these...

12
logwatch-7.3.6-named9.patch
View File

@ -1,12 +0,0 @@
diff -ur logwatch-7.3.6/scripts/services/named logwatch-7.3.6-fedora/scripts/services/named
--- logwatch-7.3.6/scripts/services/named 2010-10-09 13:45:17.000000000 +0100
+++ logwatch-7.3.6-fedora/scripts/services/named 2010-10-09 16:46:53.000000000 +0100
@@ -193,7 +193,7 @@
($ThisLine =~ /built with/) or
($ThisLine =~ /'.*': TTL differs in rdataset, adjusting [0-9]* -> [0-9]*/) or
($ThisLine =~ /max open files \([0-9]*\) is smaller than max sockets \([0-9]*\)/) or
- ($ThisLine =~ /clients-per-query decreased to .*/) or
+ ($ThisLine =~ /clients-per-query (?:de|in)creased to .*/) or
($ThisLine =~ /^must-be-secure resolving '.*': .*/) or
($ThisLine =~ /^no valid DS resolving '.*': .*/) or
($ThisLine =~ /^no valid KEY resolving '.*': .*/) or

71
logwatch-7.3.6-oldfiles.patch
View File

@ -1,71 +0,0 @@
diff -up logwatch-7.3.6/scripts/logwatch.pl.pom logwatch-7.3.6/scripts/logwatch.pl
--- logwatch-7.3.6/scripts/logwatch.pl.pom 2008-01-08 10:25:25.000000000 +0100
+++ logwatch-7.3.6/scripts/logwatch.pl 2008-01-08 10:31:24.000000000 +0100
@@ -113,7 +113,7 @@ sub Usage () {
" [--print] [--mailto <addr>] [--archives] [--range <range>] [--debug <level>]\n" .
" [--save <filename>] [--help] [--version] [--service <name>]\n" .
" [--numeric] [--output <output_type>]\n" .
- " [--splithosts] [--multiemail]\n\n";
+ " [--splithosts] [--multiemail] [--no-oldfiles-log]\n\n";
print "--detail <level>: Report Detail Level - High, Med, Low or any #.\n";
print "--logfile <name>: *Name of a logfile definition to report on.\n";
print "--logdir <name>: Name of default directory where logs are stored.\n";
@@ -134,6 +134,8 @@ sub Usage () {
print " not using --splithosts.\n";
print "--output <output type>: Report Format - mail, html or unformatted#.\n";
print "--encode: Use base64 encoding on output mail.\n";
+ print "--no-oldfiles-log: Suppress the logwatch log, which informs about the\n";
+ print " old files in logwatch tmpdir.\n";
print "--version: Displays current version.\n";
print "--help: This message.\n";
print "* = Switch can be specified multiple times...\n\n";
@@ -320,6 +322,7 @@ my @TempLogFileList = ();
my @TempServiceList = ();
my $Help = 0;
my $ShowVersion = 0;
+my $NoOldfilesLog = 0;
my $tmp_mailto;
GetOptions ( "d|detail=s" => \$Config{'detail'},
@@ -340,7 +343,8 @@ GetOptions ( "d|detail=s" => \$Config{
"multiemail" => \$Config{'multiemail'},
"o|output=s" => \$Config{'output'},
"encode" => \$Config{'encode'},
- "html_wrap=s" => \$Config{'html_wrap'}
+ "html_wrap=s" => \$Config{'html_wrap'},
+ "no-oldfiles-log" => \$NoOldfilesLog
) or Usage();
$Help and Usage();
@@ -751,7 +755,7 @@ if ($Config{'debug'} > 7) {
opendir(TMPDIR, $Config{'tmpdir'}) or die "$Config{'tmpdir'} $!";
my @old_dirs = grep { /^logwatch\.\w{8}$/ && -d "$Config{'tmpdir'}/$_" }
readdir(TMPDIR);
-if (@old_dirs) {
+if ((@old_dirs) && ($NoOldfilesLog==0)) {
print "You have old files in your logwatch tmpdir ($Config{'tmpdir'}):\n\t";
print join("\n\t", @old_dirs);
print "\nThe directories listed above were most likely created by a\n";
diff -up logwatch-7.3.6/logwatch.8.pom logwatch-7.3.6/logwatch.8
--- logwatch-7.3.6/logwatch.8.pom 2007-05-19 16:37:42.000000000 +0200
+++ logwatch-7.3.6/logwatch.8 2008-01-08 10:34:32.000000000 +0100
@@ -25,7 +25,8 @@ logwatch \- system log analyzer and repo
.I hostname
.B ] [--splithosts] [--multiemail] [--output
.I output-type
-.B ] [--numeric] [--version] [--help|--usage]
+.B ] [--numeric] [--no-oldfiles-log]
+.B [--version] [--help|--usage]
.SH DESCRIPTION
.B Logwatch
is a customizable, pluggable log-monitoring system. It will go
@@ -100,6 +101,9 @@ if HostLimit is set in the logwatch.conf
then only logs from this hostname will be processed (where appropriate).
.IP "\fB--numeric\fR"
Inhibits additional name lookups, displaying IP addresses numerically.
+.IP "\fB--no-oldfiles-log\fR"
+Suppress the logwatch log, which informs about the
+old files in logwatch tmpdir.
.IP "\fB--usage\fR"
Displays usage information
.IP "\fB--help\fR"

44
logwatch-7.3.6-openvpn.patch
View File

@ -1,44 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/openvpn.pom logwatch-7.3.6/scripts/services/openvpn
--- logwatch-7.3.6/scripts/services/openvpn.pom 2006-11-12 22:11:21.000000000 +0100
+++ logwatch-7.3.6/scripts/services/openvpn 2008-01-21 11:59:28.000000000 +0100
@@ -51,6 +51,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^MULTI: multi_create_instance called/) or
($ThisLine =~ /^MULTI: primary virtual IP for/) or
($ThisLine =~ /^MULTI: TCP INIT maxclients=\d+ maxevents=\d+/) or
+ ($ThisLine =~ /^MULTI: bad source address from client .*, packet dropped/) or
($ThisLine =~ /^Need IPv6 code in mroute_extract_addr_from_packet/) or
($ThisLine =~ /^NOTE: UID\/GID downgrade will be delayed because of --client, --pull, or --up-delay/) or
($ThisLine =~ /^OPTIONS IMPORT/) or
@@ -69,6 +70,9 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^TLS: Initial packet from/) or
($ThisLine =~ /^TLS: soft reset/) or
($ThisLine =~ /^TLS: tls_process: killed expiring key$/) or
+ ($ThisLine =~ /^TLS: move_session: dest=.* src=.* reinit_src=[0-9]*/) or
+ ($ThisLine =~ /^TLS: tls_multi_process: untrusted session promoted to trusted/) or
+ ($ThisLine =~ /^TLS: new session incoming connection from .*/) or
($ThisLine =~ /^TUN\/TAP device \w+ opened/) or
($ThisLine =~ /^UDPv4 link /) or
($ThisLine =~ /^UID set to/) or
@@ -102,6 +106,8 @@ while (defined($ThisLine = <STDIN>)) {
$ConnErrors{$error}{"$proto $host:$port"}++;
} elsif (($proto, $error) = ($ThisLine =~ /^read (\w+)_SERVER \[\]: (.*)/)) {
$ConnErrors{$error}{"$proto"}++;
+ } elsif (($name) = ($ThisLine =~ /MULTI: new connection by client '(.*)' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect./)) {
+ $ConnectCauseDrop{$name}++;
} else {
# Report any unmatched entries...
# remove PID from named messages
@@ -186,6 +192,13 @@ if (keys %VersionInfo) {
}
}
+if (keys %ConnectCauseDrop) {
+ print "\n Previous active sessions of the same client dropped upon new connection:\n";
+ foreach $name (sort keys %ConnectCauseDrop) {
+ print " client $name: $ConnectCauseDrop{$name} Time(s)\n"
+ }
+}
+
if (keys %OtherList) {
print "\n**Unmatched Entries**\n";
foreach $line (sort {$a cmp $b} keys %OtherList) {

37
logwatch-7.3.6-openvpn2.patch
View File

@ -1,37 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/openvpn.pom logwatch-7.3.6/scripts/services/openvpn
--- logwatch-7.3.6/scripts/services/openvpn.pom 2008-04-04 12:35:34.000000000 +0200
+++ logwatch-7.3.6/scripts/services/openvpn 2008-04-04 13:22:18.000000000 +0200
@@ -51,7 +51,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^MULTI: multi_create_instance called/) or
($ThisLine =~ /^MULTI: primary virtual IP for/) or
($ThisLine =~ /^MULTI: TCP INIT maxclients=\d+ maxevents=\d+/) or
- ($ThisLine =~ /^MULTI: bad source address from client .*, packet dropped/) or
+ ($ThisLine =~ /MULTI: bad source address from client .*, packet dropped/) or
($ThisLine =~ /^Need IPv6 code in mroute_extract_addr_from_packet/) or
($ThisLine =~ /^NOTE: UID\/GID downgrade will be delayed because of --client, --pull, or --up-delay/) or
($ThisLine =~ /^OPTIONS IMPORT/) or
@@ -108,6 +108,9 @@ while (defined($ThisLine = <STDIN>)) {
$ConnErrors{$error}{"$proto"}++;
} elsif (($name) = ($ThisLine =~ /MULTI: new connection by client '(.*)' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect./)) {
$ConnectCauseDrop{$name}++;
+ } elsif ((($Err) = ($ThisLine =~ /(read UDPv4 \[ECONNREFUSED\]: Connection refused \(code=111\))/)) or
+ (($Err) = ($ThisLine =~ /(read UDPv4 \[EHOSTUNREACH\]: No route to host \(code=113\))/))) {
+ $Error{$Err}++;
} else {
# Report any unmatched entries...
# remove PID from named messages
@@ -199,6 +202,14 @@ if (keys %ConnectCauseDrop) {
}
}
+if (keys %Error) {
+ print "\n UDPv4 errors:\n";
+ foreach $Err (sort keys %Error) {
+ print " " . $Err . ": " .$Error{$Err}. " Time(s)\n";
+ }
+}
+
+
if (keys %OtherList) {
print "\n**Unmatched Entries**\n";
foreach $line (sort {$a cmp $b} keys %OtherList) {

13
logwatch-7.3.6-openvpn3.patch
View File

@ -1,13 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/openvpn.pom logwatch-7.3.6/scripts/services/openvpn
--- logwatch-7.3.6/scripts/services/openvpn.pom 2008-12-16 15:52:59.000000000 +0100
+++ logwatch-7.3.6/scripts/services/openvpn 2008-12-17 12:37:48.000000000 +0100
@@ -80,7 +80,8 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^chroot to /) or
($ThisLine =~ /TUN\/TAP TX queue length set to [0-9]*/) or
($ThisLine =~ /Socket Buffers: R=\[[0-9]+->[0-9]+\] S=\[[0-9]+->[0-9]+\]/) or
- ($ThisLine =~ /OpenVPN .* built on [A-Z][a-z]{2} [ 12]?[0-9] [0-9]{4}/)
+ ($ThisLine =~ /OpenVPN .* built on [A-Z][a-z]{2} [ 12]?[0-9] [0-9]{4}/) or
+ ($ThisLine =~ /Authenticate\/Decrypt packet error: bad packet ID \(may be a replay\): \[ #.* \] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings/)
) {
# Don't care about these...
} elsif (($status, $dn) = ( $ThisLine =~ /^VERIFY (.*): depth=.*, (.*)\// )) {

24
logwatch-7.3.6-openvpn4.patch
View File

@ -1,24 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/openvpn.pom logwatch-7.3.6/scripts/services/openvpn
--- logwatch-7.3.6/scripts/services/openvpn.pom 2009-10-12 14:51:50.000000000 +0200
+++ logwatch-7.3.6/scripts/services/openvpn 2009-10-12 14:51:25.000000000 +0200
@@ -71,7 +71,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^TLS: soft reset/) or
($ThisLine =~ /^TLS: tls_process: killed expiring key$/) or
($ThisLine =~ /^TLS: move_session: dest=.* src=.* reinit_src=[0-9]*/) or
- ($ThisLine =~ /^TLS: tls_multi_process: untrusted session promoted to trusted/) or
+ ($ThisLine =~ /^TLS: tls_multi_process: untrusted session promoted to (semi-)?trusted/) or
($ThisLine =~ /^TLS: new session incoming connection from .*/) or
($ThisLine =~ /^TUN\/TAP device \w+ opened/) or
($ThisLine =~ /^UDPv4 link /) or
@@ -81,6 +81,11 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /TUN\/TAP TX queue length set to [0-9]*/) or
($ThisLine =~ /Socket Buffers: R=\[[0-9]+->[0-9]+\] S=\[[0-9]+->[0-9]+\]/) or
($ThisLine =~ /OpenVPN .* built on [A-Z][a-z]{2} [ 12]?[0-9] [0-9]{4}/) or
+ ($ThisLine =~ /CRL CHECK OK: \/.*\//) or
+ ($ThisLine =~ /TLS: tls_multi_process: killed expiring key/) or
+ ($ThisLine =~ /read UDPv4 \[.*\]: No route to host \(code=[0-9]*\)/) or
+ ($ThisLine =~ /TLS Error: TLS object -> incoming plaintext read error/) or
+ ($ThisLine =~ /TLS ERROR: received control packet with stale session-id=.*/) or
($ThisLine =~ /Authenticate\/Decrypt packet error: bad packet ID \(may be a replay\): \[ #.* \] -- see the man page entry for --no-replay and --replay-window for more info or silence this warning with --mute-replay-warnings/)
) {
# Don't care about these...

98
logwatch-7.3.6-pam_unix.patch
View File

@ -1,98 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/pam_unix.pom logwatch-7.3.6/scripts/services/pam_unix
--- logwatch-7.3.6/scripts/services/pam_unix.pom 2006-12-20 16:46:45.000000000 +0100
+++ logwatch-7.3.6/scripts/services/pam_unix 2008-11-11 11:12:35.000000000 +0100
@@ -121,7 +121,8 @@ while ($line = <STDIN>) {
}
#lowercase the service
$service = lc($service);
- if (($service eq 'sshd') or ($service eq 'login') or ($service eq 'ftp') or ($service eq 'rsh')) {
+ if (($service eq 'sshd') or ($service eq 'login') or ($service eq 'ftp') or ($service eq 'rsh') or
+ ($service eq 'remote') or ($service eq 'rlogin')) {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ s/^session opened for user ([^ ]*) by ([^ ]*)\(uid=\d+\)/$1 by $2/) {
@@ -148,6 +149,8 @@ while ($line = <STDIN>) {
$data{$service}{'Expired Accounts'}{$line}++;
} elsif ($line =~ s/bad username \[(.*)\]/$1/) {
$data{$service}{'Invalid Users'}{"Bad User: $line"}++;
+ } elsif ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -178,12 +181,16 @@ while ($line = <STDIN>) {
} elsif ($service eq 'gdm') {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
+ } elsif ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
} elsif ($line =~ s/^authentication failure; logname=.*user=(.+)$/$1/) {
$data{$service}{'Authentication Failures'}{$line}++;
} elsif ($line =~ /session closed for user/) {
# ignore this line
} elsif ($line =~ /bad username \[\]/) {
# ignore this line
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -196,7 +203,7 @@ while ($line = <STDIN>) {
$data{$service}{'Authentication Failures'}{$line}++;
}
- } elsif ($service eq 'xdm') {
+ } elsif ($service eq 'xdm') {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ /session closed for user/) {
@@ -249,7 +256,7 @@ while ($line = <STDIN>) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ /session closed for user/) {
# ignore this line
- } elsif ($line =~ /^account root has password changed in future/) {
+ } elsif ($line =~ /account (.+) has password changed in future/) {
#I'm not sure whether this info could not be reported
} else {
$data{$service}{'Unknown Entries'}{$line}++;
@@ -270,7 +277,7 @@ while ($line = <STDIN>) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
- } elsif ($service eq 'runuser') {
+ } elsif (($service eq 'runuser') or ($service eq 'runuser-l')){
if ($line =~/^session (opened)?(\/)?(closed)? for user [a-zA-Z\d]+/) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
@@ -287,9 +294,28 @@ while ($line = <STDIN>) {
$data{$service}{'Not Identify Password For'}{$line}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
- }
- } else {
- $data{$service}{'Unknown Entries'}{$line}++;
+ }
+ } elsif ($service eq 'polkit') {
+ if ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
+ } elsif ($line =~ s/^authentication failure; logname=(\S*) uid=(\d+) .*user=(\S*)$/$1($2) -> $3/) {
+ $data{$service}{'Authentication Failures'}{$line}++;
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
+ } elsif ($service eq 'virt-manager') {
+ if ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
+
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
}
}

54
logwatch-7.3.6-pam_unix4.patch
View File

@ -1,54 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/pam_unix.pom logwatch-7.3.6/scripts/services/pam_unix
--- logwatch-7.3.6/scripts/services/pam_unix.pom 2009-10-12 14:55:08.000000000 +0200
+++ logwatch-7.3.6/scripts/services/pam_unix 2009-10-12 15:06:46.000000000 +0200
@@ -204,6 +204,8 @@ while ($line = <STDIN>) {
} elsif ($service eq 'dovecot') {
if ($line =~ s/^authentication failure; .*user=(.+)$/$1/) {
$data{$service}{'Authentication Failures'}{$line}++;
+ } elsif ($line =~ /check pass; user unknown/) {
+ $data{$service}{'Invalid Users'}{'Unknown Account'}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -225,11 +227,13 @@ while ($line = <STDIN>) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
- } elsif ($service eq 'pure-ftpd') {
+ } elsif (($service eq 'pure-ftpd') || ($service eq 'vsftpd')){
if ($line =~ s/^session opened for user (.+)/$1/) {
$data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ s/^check pass; (.+)/$1/) {
$data{$service}{'Password Failures'}{$line}++;
+ } elsif ($line =~ s/^authentication failure; .*user=(.+)$/$1/) {
+ $data{$service}{'Authentication Failures'}{$line}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -255,7 +259,7 @@ while ($line = <STDIN>) {
$data{$service}{'Unknown Entries'}{$line}++;
}
} elsif (($service eq 'samba') or ($service eq 'smbd')) {
- if ($line =~ s/^session opened for user ([a-zA-Z\d]+) by (.+)/$1/) {
+ if ($line =~ s/^session opened for user (\S+) by (.+)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ s/^session closed for user (.+)/$1/) {
($Detail >= 8) && $data{$service}{'Sessions Closed'}{$line}++;
@@ -297,7 +301,16 @@ while ($line = <STDIN>) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
-
+ } elsif ($service eq 'smtp') {
+ if ($line =~ s/^authentication failure; logname=(\S*) uid=(\d+).*user=(\S*)$/$1($2) -> $3/) {
+ $data{$service}{'Authentication Failures'}{$line}++;
+ } elsif ($line =~ /authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=/) {
+ # ignore this line
+ } elsif ($line =~ /check pass; user unknown/) {
+ $data{$service}{'Invalid Users'}{'Unknown Account'}++;
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}

53
logwatch-7.3.6-removeservice.patch
View File

@ -1,53 +0,0 @@
diff -up logwatch-7.3.6/conf/logfiles/messages.conf.pom logwatch-7.3.6/conf/logfiles/messages.conf
--- logwatch-7.3.6/conf/logfiles/messages.conf.pom 2009-06-15 10:59:52.000000000 +0200
+++ logwatch-7.3.6/conf/logfiles/messages.conf 2009-06-15 11:03:48.000000000 +0200
@@ -25,13 +25,7 @@ Archive = archiv/messages-*
*ExpandRepeats
# Now, lets remove the services we don't care about at all...
-*RemoveService = talkd
-*RemoveService = telnetd
-*RemoveService = inetd
-*RemoveService = nfsd
-*RemoveService = /sbin/mingetty
-*RemoveService = netscreen
-*RemoveService = NetScreen
+*RemoveService = talkd,telnetd,inetd,nfsd,/sbin/mingetty,netscreen,NetScreen
# Keep only the lines in the proper date range...
*OnlyHost
diff -up logwatch-7.3.6/conf/logfiles/syslog.conf.pom logwatch-7.3.6/conf/logfiles/syslog.conf
--- logwatch-7.3.6/conf/logfiles/syslog.conf.pom 2009-06-15 10:59:52.000000000 +0200
+++ logwatch-7.3.6/conf/logfiles/syslog.conf 2009-06-15 11:04:23.000000000 +0200
@@ -16,11 +16,7 @@ LogFile = syslog.0
Archive = syslog.*.gz
Archive = syslog-*.gz
*ExpandRepeats
-*RemoveService = talkd
-*RemoveService = telnetd
-*RemoveService = inetd
-*RemoveService = nfsd
-*RemoveService = /sbin/mingetty
+*RemoveService = talkd,telnetd,inetd,nfsd,/sbin/mingetty
*OnlyHost
*ApplyStdDate
diff -up logwatch-7.3.6/scripts/shared/removeservice.pom logwatch-7.3.6/scripts/shared/removeservice
--- logwatch-7.3.6/scripts/shared/removeservice.pom 2005-02-24 18:08:05.000000000 +0100
+++ logwatch-7.3.6/scripts/shared/removeservice 2009-06-15 11:02:51.000000000 +0200
@@ -24,10 +24,13 @@ if ( $ENV{'LOGWATCH_DEBUG'} > 5 ) {
$ServiceName = $ARGV[0];
+#Change commas to pipes -mgt
+$ServiceName =~ s/,/|/g;
+
while (defined($ThisLine = <STDIN>)) {
$linesin++;
- unless ( ($ThisLine =~ m/^... .. ..:..:.. [^ ]* $ServiceName\[[0123456789]*\]: /oi) or
- ($ThisLine =~ m/^... .. ..:..:.. [^ ]* $ServiceName: /oi) ) {
+ unless ( ($ThisLine =~ m/^... .. ..:..:.. [^ ]* ($ServiceName)\[[0123456789]*\]: /oi) or
+ ($ThisLine =~ m/^... .. ..:..:.. [^ ]* (:\s*)?($ServiceName)\s*: /oi) ) {
$linesout++;
print $ThisLine;
}

12
logwatch-7.3.6-secure.patch
View File

@ -1,12 +0,0 @@
--- logwatch-7.3.6/scripts/services/secure.pom 2007-04-29 01:56:32.000000000 +0200
+++ logwatch-7.3.6/scripts/services/secure 2007-06-04 13:38:42.000000000 +0200
@@ -212,7 +212,8 @@
( $ThisLine =~ /PAM pam_get_item: nowhere to place requested item/) or
( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or
( $ThisLine =~ /logfile turned over/) or # newsyslog on OpenBSD
- ( $ThisLine =~ /Connection closed by/)
+ ( $ThisLine =~ /Connection closed by/) or
+ ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) # ssh script reads this log
) {
# Ignore these entries
} elsif ($ThisLine =~ /^spop3d/ || $ThisLine =~ /^pop\(\w+\)\[\d+\]:/) {

13
logwatch-7.3.6-secure1.patch
View File

@ -1,13 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/secure.pom logwatch-7.3.6/scripts/services/secure
--- logwatch-7.3.6/scripts/services/secure.pom 2007-10-10 14:35:11.000000000 +0200
+++ logwatch-7.3.6/scripts/services/secure 2007-10-10 15:33:22.000000000 +0200
@@ -213,7 +213,8 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or
( $ThisLine =~ /logfile turned over/) or # newsyslog on OpenBSD
( $ThisLine =~ /Connection closed by/) or
- ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) # ssh script reads this log
+ ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) or # ssh script reads this log )
+ ( $ThisLine =~ /userhelper.*: running (.*) with context (.*)/)
) {
# Ignore these entries
} elsif ($ThisLine =~ /^spop3d/ || $ThisLine =~ /^pop\(\w+\)\[\d+\]:/) {

57
logwatch-7.3.6-secure2.patch
View File

@ -1,57 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/secure.pom logwatch-7.3.6/scripts/services/secure
--- logwatch-7.3.6/scripts/services/secure.pom 2008-10-20 13:50:05.000000000 +0200
+++ logwatch-7.3.6/scripts/services/secure 2008-10-21 10:47:07.000000000 +0200
@@ -196,7 +196,9 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /^su\[\d+\]: [+-] .+/) or
( $ThisLine =~ /^su\[\d+\]: FAILED su for \S+ by \S+/) or #debian: done in pam_unix
( $ThisLine =~ /^login\[\d+\]: ROOT LOGIN on '\S+'/) or #debian: done in pam_unix (Similar message on other system is reported)
- ( $ThisLine =~ /^login\[\d+\]: FAILED LOGIN \(\d+\) on ['`]\S+' FOR `\S+', (Authentication failure|User not known to the underlying authentication module)/) or #debian: done in pam_unix
+ ( $ThisLine =~ /^login\[\d+\]: FAILED LOGIN \(\d+\) on ['`]\S+' FOR `\S+', (Authentication failure|User not known to the underlying authentication module)/) or
+ ( $ThisLine =~ /^login: FAILED LOGIN 2 FROM (.*) FOR .*, (Authentication failure|User not known to the underlying authentication module)/) or
+ ( $ThisLine =~ /^login: pam_securetty(.*): unexpected response from failed conversation function/) or
( $ThisLine =~ /^pam_limits\[\d+\]/ ) or
( $ThisLine =~ /^kcheckpass(\[\d+\]|):/ ) or # done in pam_unix
( $ThisLine =~ /^cyrus\/lmtpd\[\d+\]: [^ ]+ server step [12]/ ) or
@@ -213,8 +215,15 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or
( $ThisLine =~ /logfile turned over/) or # newsyslog on OpenBSD
( $ThisLine =~ /Connection closed by/) or
- ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) or # ssh script reads this log )
- ( $ThisLine =~ /userhelper.*: running (.*) with context (.*)/)
+ ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) or # ssh script reads this log ) or
+ ( $ThisLine =~ /userhelper.*: running (.*) with context (.*)/) or
+ ( $ThisLine =~ /userhelper.*: pam_thinkfinger(.*): conversation failed/) or
+ ( $ThisLine =~ /su: PAM [0-9] more authentication failure; .*/) or
+ ( $ThisLine =~ /polkit-grant-helper\[\d+\]: granted authorization for [^ ]* to uid [0-9]* \[auth=.*\]/) or
+ ( $ThisLine =~ /polkit-grant-helper\[\d+\]: granted authorization for [^ ]* to session .* \[uid=[0-9]*\]/) or
+ ( $ThisLine =~ /polkit-grant-helper-pam\[\d+\]: pam_thinkfinger\(polkit:auth\): conversation failed/) or
+ ( $ThisLine =~ /gdm-session-worker\[\d+\]: gkr-pam: no password is available for user/) or
+ ( $ThisLine =~ /gdm-session-worker\[\d+\]: pam_namespace\(gdm:session\): Unmount of [^ ]* failed, Device or resource busy/)
) {
# Ignore these entries
} elsif ($ThisLine =~ /^spop3d/ || $ThisLine =~ /^pop\(\w+\)\[\d+\]:/) {
@@ -423,6 +432,9 @@ while (defined($ThisLine = <STDIN>)) {
$ChangedUID{"$Name,$UID1,$UID2"}++;
} elsif (($Module,$Service) = ($ThisLine =~ /Deprecated (pam_[^ ]*) module called from service "([^ ]*)"/)) {
$DeprecateModule{"$Module,$Service"}++;
+ } elsif ( ($User) = ($ThisLine =~ /useradd.*failed adding user `(.*)', data deleted/) ) {# failed adding user/)) {# (.*), data deleted/)) {
+ # useradd: failed adding user `rpcuser', data deleted
+ $FailedAddUsers{$User}++;
} else {
# Unmatched entries...
$ThisLine =~ s/\[\d+\]:/:/;
@@ -440,6 +452,14 @@ if ($DeletedUsers) {
print "Deleted Users:\n$DeletedUsers\n";
}
+if (keys %FailedAddUsers) {
+ print "Failed adding users:\n";
+ foreach $User (keys %FailedAddUsers) {
+ print " $User: ". $FailedAddUsers{$User}. " Time(s)\n";
+ }
+ print"\n";
+}
+
if ($NewGroups) {
print "New Groups:\n$NewGroups\n";
}

36
logwatch-7.3.6-secure3.patch
View File

@ -1,36 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/secure.pom logwatch-7.3.6/scripts/services/secure
--- logwatch-7.3.6/scripts/services/secure.pom 2009-10-12 11:33:15.000000000 +0200
+++ logwatch-7.3.6/scripts/services/secure 2009-10-12 12:38:29.000000000 +0200
@@ -435,6 +435,9 @@ while (defined($ThisLine = <STDIN>)) {
} elsif ( ($User) = ($ThisLine =~ /useradd.*failed adding user `(.*)', data deleted/) ) {# failed adding user/)) {# (.*), data deleted/)) {
# useradd: failed adding user `rpcuser', data deleted
$FailedAddUsers{$User}++;
+ } elsif (($User,$Reason) = ($ThisLine =~ /dovecot-auth: pam_userdb\(dovecot:auth\): user `(.*)' denied access \((.*)\)/)) {
+ # dovecot-auth: pam_userdb(dovecot:auth): user `bobok' denied access (incorrect password)
+ $DeniedAccess{"$User,$Reason"}++;
} else {
# Unmatched entries...
$ThisLine =~ s/\[\d+\]:/:/;
@@ -535,6 +538,7 @@ if (keys %UnknownUser) {
if ($pwd_file_unknown > 0) {
print "\nUsers unknown in password database (pwd_file): $pwd_file_unknown\n";
}
+
if ($pwd_file_too_short > 0) {
print "\nPassword too short or NULL (pwd_file): $pwd_file_too_short Time(s)\n";
}
@@ -594,6 +598,14 @@ if (keys %{$FailedSaver}) {
}
}
+if (keys %DeniedAccess) {
+ print "\ndovecot-auth: Denied access\n";
+ foreach (keys %DeniedAccess) {
+ ($User,$Reason) = split ",";
+ print " for user " . $User . " (reason: " . $Reason . ") :" . $DeniedAccess{"$User,$Reason"} . " Time(s)\n";
+ }
+}
+
if (keys %NoIP) {
print "\nCouldn't get client IPs for connections to:\n";
foreach $ThisOne (sort {$a cmp $b} keys %NoIP) {

12
logwatch-7.3.6-sendmail.patch
View File

@ -1,12 +0,0 @@
diff -up logwatch-7.3.6/conf/services/sendmail.conf.pom logwatch-7.3.6/conf/services/sendmail.conf
--- logwatch-7.3.6/conf/services/sendmail.conf.pom 2005-12-01 00:58:59.000000000 +0100
+++ logwatch-7.3.6/conf/services/sendmail.conf 2008-04-30 15:32:38.000000000 +0200
@@ -34,7 +34,7 @@ LogFile = maillog
# logwatch Detail setting.
#
# Example:
-#Detail = 5
+Detail = 3
#
# The defined values of Detail are as follows:
# Detail >= 0: Will print:";

11
logwatch-7.3.6-sendmail2.patch
View File

@ -1,11 +0,0 @@
--- logwatch/scripts/services/sendmail 2009-08-11 21:59:52.000000000 +1000
+++ sendmail 2008-12-21 23:40:05.000000000 +1100
@@ -636,6 +636,8 @@
}
} elsif ($CleanTo =~ m/\w+\@[\w\.]+/) {
$ToList{$CleanTo}++;
+ } elsif ($CleanTo =~ m/\w+/) { # Match a simple name
+ $ToList{$CleanTo}++;
} #Else ignore it
if (defined $Msgs{$QueueID}{"Size"}) {

61
logwatch-7.3.6-smartd.patch
View File

@ -1,61 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/smartd.pom logwatch-7.3.6/scripts/services/smartd
--- logwatch-7.3.6/scripts/services/smartd.pom 2007-04-09 16:46:46.000000000 +0200
+++ logwatch-7.3.6/scripts/services/smartd 2009-01-06 13:45:00.000000000 +0100
@@ -8,6 +8,8 @@ use strict;
my ($Device, $Msg, $Test);
my %ParamChanges = ();
my %TempChanges = ();
+my %TempLimit = ();
+my %TempCritLimit = ();
my %Pendsectors = ();
my %NumPendsectors = ();
my %Offsectors = ();
@@ -94,7 +96,13 @@ while (defined(my $ThisLine = <STDIN>))
# smartd reports temperature changes this way only for SCSI disks
} elsif ( my ($Device,$NewVal) = ($ThisLine =~ /^Device: ([^,]+), initial Temperature is (\d+) Celsius/)) {
push @{$TempChanges{$Device}},$NewVal;
- } elsif ( my ($Device,$NewVal) = ($ThisLine =~ /^Device: ([^,]+), Temperature changed -?\d+ Celsius to (\d+) Celsius/)) {
+ } elsif ( my ($Device,$Limit) = ($ThisLine =~ /^Device: ([^,]+), Temperature \d+ Celsius reached limit of (\d+) Celsius/)) {
+ # Device: /dev/sda, Temperature 37 Celsius reached limit of 10 Celsius (Min/Max 37/37)
+ $TempLimit{"$Device,$Limit"}++;
+ } elsif ( my ($Device,$Limit) = ($ThisLine =~ /^Device: ([^,]+), Temperature \d+ Celsius reached critical limit of (\d+) Celsius/)) {
+ # Device: /dev/sda, Temperature 38 Celsius reached critical limit of 15 Celsius (Min/Max 38!/39)
+ $TempCritLimit{"$Device,$Limit"}++;
+ } elsif ( my ($Device,$NewVal) = ($ThisLine =~ /^Device: ([^,]+), Temperature changed [-+]?\d+ Celsius to (\d+) Celsius/)) {
push @{$TempChanges{$Device}},$NewVal;
} elsif ( my ($Device, $Num) = ($ThisLine =~ /^Device: ([^,]+), (\d+) Currently unreadable \(pending\) sectors/) ) {
$Pendsectors{$Device}++;
@@ -178,14 +186,31 @@ if (keys %TempChanges) {
print "\n";
}
}
- if($Detail < 10) {
+ if($Detail < 10) {
my @sorttemp = sort @min;
my $mint = $sorttemp[0];
my @sorttemp = sort @max;
my $maxt = $sorttemp[$#sorttemp];
print "All devices: $mint - $maxt\n";
- }
+ }
+}
+
+if (keys %TempCritLimit) {
+ printf "\nReached critical temperature limit:\n";
+ foreach (keys %TempCritLimit) {
+ my ($Device,$Limit)=split ",";
+ print "\t" . $Device . ": reached limit of " . $Limit . " Celsius: ". $TempCritLimit{"$Device,$Limit"} . " Time(s)\n";
+ }
+}
+
+if (keys %TempLimit) {
+ printf "\nReached temperature limit:\n";
+ foreach (keys %TempLimit) {
+ my ($Device,$Limit)=split ",";
+ print "\t" . $Device . ": reached limit of " . $Limit . " Celsius: ". $TempLimit{"$Device,$Limit"} . " Time(s)\n";
+ }
}
+
if (keys %Pendsectors){
print "\nCurrently unreadable (pending) sectors detected:\n";

48
logwatch-7.3.6-sshd1.patch
View File

@ -1,48 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/sshd.pom logwatch-7.3.6/scripts/services/sshd
--- logwatch-7.3.6/scripts/services/sshd.pom 2007-10-12 12:21:26.000000000 +0200
+++ logwatch-7.3.6/scripts/services/sshd 2007-10-12 13:01:22.000000000 +0200
@@ -172,6 +172,8 @@ my %KrbErr = ();
my @BadRSA = ();
my @Scanned = ();
my %OtherList = ();
+my %ChmodErr = ();
+my %ChownErr = ();
my $sftpRequests = 0;
my $NetworkErrors = 0;
@@ -355,6 +357,11 @@ while (defined(my $ThisLine = <STDIN>))
$KrbErr{"error removing file " . $Error}++;
} elsif ( my ($Pom,$Error) = ($ThisLine =~ /pam_krb5(\[\d*\]): error resolving user name '[^ ]*' to uid\/gid pai/)) {
$KrbErr{"error resolving user name '$Error' to uid\/gid pai"}++;
+ # error: chmod /dev/pts/0 0666 failed: Permission denied
+ } elsif (my ($File,$Perm,$Why) = ($ThisLine =~ /error: chmod (.*) (.*) failed: (.*)/)) {
+ $ChmodErr{"$File,$Perm,$Why"}++;
+ } elsif (my ($File,$From,$To,$Why) = ($ThisLine =~ /error: chown (.*) (.*) (.*) failed: (.*)/)) {
+ $ChownErr{"$File,$From,$To,$Why"}++;
} else {
# Report any unmatched entries...
unless ($ThisLine =~ /fwd X11 connect/) {
@@ -637,6 +644,23 @@ if ($sftpRequests > 0) {
print "\nSFTP subsystem requests: $sftpRequests Time(s)\n";
}
+if (keys %ChmodErr) {
+ print "\nChmod errors:\n";
+ foreach (keys %ChmodErr) {
+ my ($File,$Perm,$Why)= split ",";
+ print " " . $File . " " . $Perm . " failed(" . $Why . "): ". $ChmodErr{"$File,$Perm,$Why"} . " Time(s)\n";
+ }
+}
+
+if (keys %ChownErr) {
+ print "\nChown errors:\n";
+ foreach (keys %ChownErr) {
+ my ($File,$From,$To,$Why)= split ",";
+ print " " . $File . " " . $From . " " .$To . " failed(" . $Why . "): ". $ChmodErr{"$File,$From,$To,$Why"} . " Time(s)\n";
+ }
+}
+
+
if (keys %OtherList) {
print "\n**Unmatched Entries**\n";
print "$_ : $OtherList{$_} time(s)\n" foreach keys %OtherList;

13
logwatch-7.3.6-sshd2.patch
View File

@ -1,13 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/sshd.ppp logwatch-7.3.6/scripts/services/sshd
--- logwatch-7.3.6/scripts/services/sshd.ppp 2009-03-16 08:50:53.000000000 +0100
+++ logwatch-7.3.6/scripts/services/sshd 2009-03-30 15:42:46.000000000 +0200
@@ -306,7 +306,8 @@ while (defined(my $ThisLine = <STDIN>))
$BadLogins{$Host}{"$User/$Method"}++;
} elsif ($ThisLine =~ s/^(log: )?Could not reverse map address ([^ ]*).*$/$2/) {
$NoRevMap{$ThisLine}++;
- } elsif ( my ($Address) = ($ThisLine =~ /^reverse mapping checking getaddrinfo for ([^ ]*) failed - POSSIBLE BREAKIN ATTEMPT!/)) {
+ } elsif ( my ($Address) = ($ThisLine =~ /^reverse mapping checking getaddrinfo for ([^ ]*) failed - POSSIBLE BREAK-?IN ATTEMPT!/)) {
+
$NoRevMap{$Address}++;
} elsif ( my ($IP,$Address) = ($ThisLine =~ /^Address ([^ ]*) maps to ([^ ]*), but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!/)) {
$NoRevMap{"$Address($IP)"}++;

17
logwatch-7.3.6-sshd3.patch
View File

@ -1,17 +0,0 @@
--- logwatch/scripts/services/sshd 2009-08-11 21:59:52.000000000 +1000
+++ sshd 2009-07-27 22:14:54.000000000 +1000
@@ -342,6 +342,14 @@
$LockedAccount{$User}++;
} elsif ( my ($User) = ($ThisLine =~ /^User ([^ ]*)( from [0-9.]*)? not allowed because not listed in AllowUsers/)) {
$AllowUsers{$User}++;
+ } elsif ( my ($User) = ($ThisLine =~ /^User ([^ ]*)( from [0-9.]*)? not allowed because listed in DenyUsers/)) {
+ $AllowUsers{$User}++;
+ } elsif ( my ($User) = ($ThisLine =~ /^User ([^ ]*)( from [0-9.]*)? not allowed because not in any group/)) {
+ $AllowUsers{$User}++;
+ } elsif ( my ($User) = ($ThisLine =~ /^User ([^ ]*)( from [0-9.]*)? not allowed because a group is listed in DenyGroups/)) {
+ $AllowUsers{$User}++;
+ } elsif ( my ($User) = ($ThisLine =~ /^User ([^ ]*)( from [0-9.]*)? not allowed because none of user\'s groups are listed in AllowGroups/)) {
+ $AllowUsers{$User}++;
} elsif ( ($User) = ($ThisLine =~ /^User ([^ ]*) not allowed because shell (\S+) does not exist/)) {
$NoShellUsers{$User}++;
} elsif ( my ($IP) = ($ThisLine =~ /^scanned from ([^ ]*)/) ) {

16
logwatch-7.3.6-sudo.patch
View File

@ -1,16 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/sudo.pom logwatch-7.3.6/scripts/services/sudo
--- logwatch-7.3.6/scripts/services/sudo.pom 2006-04-13 01:17:09.000000000 +0200
+++ logwatch-7.3.6/scripts/services/sudo 2007-10-12 12:20:43.000000000 +0200
@@ -31,7 +31,11 @@ my $CmdsThresh = $ENV{'command_run_thres
my ($user, $error, $tty, $dir, $euser, $cmd, $args);
while (defined(my $ThisLine = <STDIN>)) {
- if ( ($user, $error, $tty, $dir, $euser, $cmd, $args) = $ThisLine =~ m/^\s*(\w+) : (.*; )?TTY=(\S+) ; PWD=(.*?) ; USER=(\S+) ; COMMAND=(\S+)( ?.*)/) {
+ if ($ThisLine =~ /pam_unix\(sudo:auth\): authentication failure; logname=\S* uid=[0-9]* euid=[0-9]* tty=\S* ruser=\S* rhost=\S* user=\S*/)
+ # this log is parsed in pam_unix section
+ {
+ # Ignore
+ }elsif ( ($user, $error, $tty, $dir, $euser, $cmd, $args) = $ThisLine =~ m/^\s*(\w+) : (.*; )?TTY=(\S+) ; PWD=(.*?) ; USER=(\S+) ; COMMAND=(\S+)( ?.*)/) {
push @{$byUser{$user}{$euser}}, [$error . $cmd,$args, $dir, $tty];
$byUserSum{$user}{$euser}{$cmd} += 1;
} elsif ( ($user,$euser) = $ThisLine =~ /^\s*(\w+) : no passwd entry for (\w+)\!$/) {

15
logwatch-7.3.6-usage.patch
View File

@ -1,15 +0,0 @@
diff -up logwatch-7.3.6/logwatch.8.pom logwatch-7.3.6/logwatch.8
--- logwatch-7.3.6/logwatch.8.pom 2008-01-08 10:37:13.000000000 +0100
+++ logwatch-7.3.6/logwatch.8 2008-01-08 10:39:46.000000000 +0100
@@ -104,10 +104,8 @@ Inhibits additional name lookups, displa
.IP "\fB--no-oldfiles-log\fR"
Suppress the logwatch log, which informs about the
old files in logwatch tmpdir.
-.IP "\fB--usage\fR"
-Displays usage information
.IP "\fB--help\fR"
-same as --usage.
+Displays usage information.
.SH FILES
.IP /usr/share/logwatch/
.RS

12
logwatch-7.3.6-xntpd.patch
View File

@ -1,12 +0,0 @@
--- logwatch-7.3.6/scripts/services/xntpd.pom 2007-04-16 05:11:11.000000000 +0200
+++ logwatch-7.3.6/scripts/services/xntpd 2007-05-22 12:44:45.000000000 +0200
@@ -112,7 +112,8 @@
($ThisLine =~ m/signal_no_reset: signal \d+ had flags \d+/) or
($ThisLine =~ /Deleting interface \#[0-9] [^,]*, [^,]*, interface stats: received=.*, sent=.*, dropped=.*, active_time=.* secs/) or
($ThisLine =~ /Invalid argument/) or
- ($ThisLine =~ /Listening on interface .* Disabled/)
+ ($ThisLine =~ /Listening on interface .* Disabled/) or
+ ($ThisLine =~ /Listening on interface .* Enabled/)
) {
# Ignore these
} elsif ($ThisLine =~ m/ntpd [\d\-\.\w@]+ ... ... .. ..:..:.. /) {

11
logwatch-7.3.6-zz-disk_space.patch
View File

@ -1,11 +0,0 @@
--- logwatch-7.3.6/scripts/services/zz-disk_space.pom 2007-03-13 23:07:27.000000000 +0100
+++ logwatch-7.3.6/scripts/services/zz-disk_space 2007-07-10 11:01:39.000000000 +0200
@@ -169,7 +169,7 @@ sub DiskFull
my @fields = split(' ', $row);
my $use = $fields[4];
$use =~ s/%//;
- if ($use > $diskfull_threshhold)
+ if (($use > $diskfull_threshhold) && ($fields[0] !~ /\/dev\/scd/ ) && ($fields[0] !~ /\/dev\/sr/ ))
{
print "$fields[0] => $fields[4] Used. Warning. Disk Filling up.\n";
}

13
logwatch-7.3.6-zz-disk_space2.patch
View File

@ -1,13 +0,0 @@
diff -up logwatch-7.3.6/scripts/services/zz-disk_space.pom logwatch-7.3.6/scripts/services/zz-disk_space
--- logwatch-7.3.6/scripts/services/zz-disk_space.pom 2008-11-13 12:42:45.000000000 +0100
+++ logwatch-7.3.6/scripts/services/zz-disk_space 2008-12-08 13:23:28.000000000 +0100
@@ -169,7 +169,8 @@ sub DiskFull
my @fields = split(' ', $row);
my $use = $fields[4];
$use =~ s/%//;
- if (($use > $diskfull_threshhold) && ($fields[0] !~ /\/dev\/scd/ ) && ($fields[0] !~ /\/dev\/sr/ ))
+ if (($use > $diskfull_threshhold) && ($fields[0] !~ /\/dev\/scd/ ) && ($fields[0] !~ /\/dev\/sr/ )
+ && ($fields[0] !~ /\/dev\/loop./))
{
print "$fields[0] => $fields[4] Used. Warning. Disk Filling up.\n";
}

11
logwatch-automount.patch Normal file
View File

@ -0,0 +1,11 @@
--- logwatch-20110113/scripts/services/automount.orig 2010-05-01 04:36:08.000000000 +0200
+++ logwatch-20110113/scripts/services/automount 2011-01-13 15:50:07.613984222 +0100
@@ -35,7 +35,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^expired .*$/) or
($ThisLine =~ /^lookup\(ldap\): got answer, but no first entry for /) or
($ThisLine =~ /^>>.*mount: .*$/) or
- ($ThisLine =~ /lookup_read_master: lookup\(nisplus\): couldn't locat nis\+ table auto.master/) or
+ ($ThisLine =~ /lookup_read_master: lookup\(nisplus\): couldn't locate? nis\+ table auto.master/) or
($ThisLine =~ /create_(tcp|udp)_client: hostname lookup failed: (No such process|Operation not permitted)/) or
($ThisLine =~ /lookup_mount: exports lookup failed for .*directory/) or
($ThisLine =~ /master_do_mount: failed to startup mount/)

14
logwatch-dhcpd.patch Normal file
View File

@ -0,0 +1,14 @@
--- logwatch-20110113/scripts/services/dhcpd.orig 2010-09-18 17:54:13.000000000 +0200
+++ logwatch-20110113/scripts/services/dhcpd 2011-01-13 15:57:00.131382686 +0100
@@ -188,9 +188,9 @@ while (my $line = <STDIN>) {
if ($Detail >= 3) {
$data{'Warnings'}{$line}++;
}
- } elsif ($line =~ s/^uid lease ([\da-fA-F\.:]+) for client ([\da-fA-F\.:]+) is duplicate on ([\da-fA-F\.:\/]+)/Host $2: duplicate $1 (range $3)\n - probably both static and dynamic leases/) {
+ } elsif ($line =~ s/^uid lease ([\da-fA-F\.:]+) for client ([^ ]*) is duplicate on ([^ ]*)/uid lease $1 for client $2 is duplicate/) {
if ($Detail >= 3) {
- $data{'Warnings'}{$line}++;
+ $data{'Duplicate lease'}{$line}++;
}
} elsif ($line =~ /^DHCPDISCOVER from .* via \S+: (.*): no free leases/) {
$data{'No Free Leases'}{$1}++;

67
logwatch-dovecot.patch Normal file
View File

@ -0,0 +1,67 @@
--- logwatch-20110113/scripts/services/dovecot.orig 2011-01-08 21:27:34.000000000 +0100
+++ logwatch-20110113/scripts/services/dovecot 2011-01-13 16:13:56.304183833 +0100
@@ -104,16 +104,15 @@ while (defined($ThisLine = <STDIN>)) {
# remove timestamp. We can't use *RemoveHeaders because we need the
# service name
$ThisLine =~ s/^\w{3} .\d \d\d:\d\d:\d\d [^ ]* //;
- if (
- ($ThisLine =~ /ssl-build-param: SSL parameters regeneration completed/) or
- ($ThisLine =~ /deliver.*/) or
- ($ThisLine =~ /auth-worker/) or
- ($ThisLine =~ /auth:.*: Connected to/) or
- ($ThisLine =~ /Connection closed/) or
- ($ThisLine =~ /IMAP.*: Connection closed bytes/) or
- ($ThisLine =~ /IMAP.* failed with mbox file/)
-) {
- # We don't care about these
+ if ( ($ThisLine =~ /(ssl-build-param|ssl-params): SSL parameters regeneration completed/) or
+ ($ThisLine =~ /ssl-params: Generating SSL parameters/) or
+ ($ThisLine =~ /deliver.*/) or
+ ($ThisLine =~ /auth-worker/) or
+ ($ThisLine =~ /auth:.*: Connected to/) or
+ ($ThisLine =~ /Connection closed/) or
+ ($ThisLine =~ /IMAP.*: Connection closed bytes/) or
+ ($ThisLine =~ /IMAP.* failed with mbox file/) ) {
+ # We don't care about these
} elsif ( $ThisLine =~ /Killed with signal /) {
$End++;
} elsif ( $ThisLine =~ /Dovecot (v\d[^ ]* |)starting up$/) {
@@ -140,7 +139,7 @@ while (defined($ThisLine = <STDIN>)) {
$ConnectionSieve{$Host}++;
$Connection{$Host}++;
}
- } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^dovecot: deliver\((.*)\): (?:sieve: )?msgid=.*: (?:saved|stored) mail (?:in)to (\S+)/ ) ) {
+ } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^dovecot: (?:deliver|lmtp)\((.*)\): (?:sieve: )?msgid=.*: (?:saved|stored) mail (?:in)to (\S+)/ ) ) {
$Deliver{$User}{$Mailbox}++;
#For Dovecot 2.0
@@ -195,22 +194,22 @@ while (defined($ThisLine = <STDIN>)) {
$Disconnected{"no reason"}++;
} elsif ( (($Reason) = ($ThisLine =~ /POP3.+: Disconnected: (.+) top/)) or
(($Reason) = ($ThisLine =~ /pop3-login: Disconnected \((.+)\): /)) or
- (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+) bytes=/)) or
- (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+)/)) ) {
+ (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+) bytes=/i)) or
+ (($Reason) = ($ThisLine =~ /IMAP.+: Disconnected: (.+)/i)) ) {
$Disconnected{$Reason}++;
- } elsif (($Reason) = ($ThisLine =~ /(IMAP|POP3).+: Connection closed (top|bytes)=/)) {
+ } elsif (($Reason) = ($ThisLine =~ /(IMAP|POP3).+: Connection closed (top|bytes)=/i)) {
$ConnectionCl{"no reason"}++;
- } elsif ( (($Reason) = ($ThisLine =~ /IMAP.+: Connection closed: (.*) bytes=/)) or
- (($Reason) = ($ThisLine =~ /POP3.+: Connection closed: (.*) (top=|bytes=)/)) ) {
+ } elsif ( (($Reason) = ($ThisLine =~ /IMAP.+: Connection closed: (.*) bytes=/i)) or
+ (($Reason) = ($ThisLine =~ /POP3.+: Connection closed: (.*) (top=|bytes=)/i)) ) {
$ConnectionCl{$Reason}++;
} elsif ($ThisLine =~ /(IMAP|POP3).+: (Connection closed.*)/) {
$Disconnected{$2}++;
- } elsif ($ThisLine =~ /POP3.+: Connection closed top=.* retr=.* del=.* size=.*/) {
+ } elsif ($ThisLine =~ /POP3.+: Connection closed top=.* retr=.* del=.* size=.*/i) {
$ConnectionCl{"no reason"}++;
} elsif (($Error) = ($ThisLine =~ /child \d* \(login\) returned error (.*)/)) {
# dovecot: child 23747 (login) returned error 89
$ChildErr{$Error}++;
- } elsif (($Name) = ($ThisLine =~ /dovecot: IMAP\((.*)\): .*(.*) failed: Disk quota exceeded/)) {
+ } elsif (($Name) = ($ThisLine =~ /dovecot: IMAP\((.*)\): .*(.*) failed: Disk quota exceeded/i)) {
# dovecot: IMAP(podracka): mkdir(/home/LF/KLINIKY/podracka/mail/.imap/saved-messages) failed: Disk quota exceeded
$DiskQuotaExceed{$Name}++;
} else {

14
logwatch-dovecot2.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up logwatch-20110113/scripts/services/dovecot.dovecot-child logwatch-20110113/scripts/services/dovecot
--- logwatch-20110113/scripts/services/dovecot.dovecot-child 2011-01-13 16:55:48.432483241 +0100
+++ logwatch-20110113/scripts/services/dovecot 2011-01-13 16:56:43.056625241 +0100
@@ -206,8 +206,9 @@ while (defined($ThisLine = <STDIN>)) {
$Disconnected{$2}++;
} elsif ($ThisLine =~ /POP3.+: Connection closed top=.* retr=.* del=.* size=.*/i) {
$ConnectionCl{"no reason"}++;
- } elsif (($Error) = ($ThisLine =~ /child \d* \(login\) returned error (.*)/)) {
+ } elsif (($Error) = ($ThisLine =~ /child \d* (?:\(login\) )?returned error (.*)/)) {
# dovecot: child 23747 (login) returned error 89
+ # dovecot: log: Error: service(auth): child 19654 returned error 89 (Fatal failure)
$ChildErr{$Error}++;
} elsif (($Name) = ($ThisLine =~ /dovecot: IMAP\((.*)\): .*(.*) failed: Disk quota exceeded/i)) {
# dovecot: IMAP(podracka): mkdir(/home/LF/KLINIKY/podracka/mail/.imap/saved-messages) failed: Disk quota exceeded

66
logwatch-oldfiles.patch Normal file
View File

@ -0,0 +1,66 @@
--- logwatch-20110113/logwatch.8.orig 2010-05-01 04:32:20.000000000 +0200
+++ logwatch-20110113/logwatch.8 2011-01-13 11:49:28.631589520 +0100
@@ -31,7 +31,7 @@
.I report format
.B ] [--encode
.I encoding to use
-.B ] [--numeric] [--version] [--help|--usage]
+.B ] [--numeric] [--no-oldfiles-log] [--version] [--help|--usage]
.SH DESCRIPTION
.B Logwatch
is a customizable, pluggable log-monitoring system. It will go
@@ -104,6 +104,9 @@
then only logs from this hostname will be processed (where appropriate).
.IP "\fB--numeric\fR"
Inhibits additional name lookups, displaying IP addresses numerically.
+.IP "\fB--no-oldfiles-log\fR"
+Suppress the logwatch log, which informs about the
+old files in logwatch tmpdir.
.IP "\fB--usage\fR"
Displays usage information
.IP "\fB--help\fR"
--- logwatch-20110113/scripts/logwatch.pl.orig 2011-01-13 11:40:57.083697486 +0100
+++ logwatch-20110113/scripts/logwatch.pl 2011-01-13 11:48:07.477874059 +0100
@@ -187,6 +187,7 @@ my @TempLogFileList = ();
my @TempServiceList = ();
my $Help = 0;
my $ShowVersion = 0;
+my $NoOldfilesLog = 0;
my ($tmp_mailto, $tmp_savefile);
&GetOptions ("d|detail=s" => \$Config{'detail'},
@@ -209,6 +210,7 @@ my ($tmp_mailto, $tmp_savefile);
"hostformat=s" => \$Config{'hostformat'},
"hostlimit=s" => \$Config{'hostlimit'},
"html_wrap=s" => \$Config{'html_wrap'},
+ "no-oldfiles-log" => \$NoOldfilesLog,
"subject=s" => \$Config{'subject'}
) or &Usage();
@@ -632,7 +634,7 @@ if ($Config{'debug'} > 7) {
opendir(TMPDIR, $Config{'tmpdir'}) or die "$Config{'tmpdir'} $!";
my @old_dirs = grep { /^logwatch\.\w{8}$/ && -d "$Config{'tmpdir'}/$_" }
readdir(TMPDIR);
-if (@old_dirs) {
+if ((@old_dirs) && ($NoOldfilesLog==0)) {
print "You have old files in your logwatch tmpdir ($Config{'tmpdir'}):\n\t";
print join("\n\t", @old_dirs);
print "\nThe directories listed above were most likely created by a\n";
@@ -1077,7 +1079,7 @@ sub ReadConfigFile {
sub Usage () {
# Show usage for this program
print "\nUsage: $0 [--detail <level>] [--logfile <name>] [--output <output_type>]\n" .
- " [--format <format_type>] [--encode <enconding>] [--numeric]\n" .
+ " [--format <format_type>] [--encode <enconding>] [--numeric] [--no-oldfiles-log]\n" .
" [--mailto <addr>] [--archives] [--range <range>] [--debug <level>]\n" .
" [--filename <filename>] [--help|--usage] [--version] [--service <name>]\n" .
" [--hostformat <host_format type>] [--hostlimit <host1,host2>] [--html_wrap <num_characters>]\n\n";
@@ -1088,6 +1090,8 @@ sub Usage () {
print "--output <output type>: Report Output - stdout [default], mail, file.\n"; #8.0
print "--format <formatting>: Report Format - text [default], html.\n"; #8.0
print "--encode <encoding>: Enconding to use - none [default], base64.\n"; #8.0
+ print "--no-oldfiles-log: Suppress the logwatch log, which informs about the\n";
+ print " old files in logwatch tmpdir.\n";
print "--mailto <addr>: Mail report to <addr>.\n";
print "--archives: Use archived log files too.\n";
print "--filename <filename>: Used to specify they filename to save to. --filename <filename> [Forces output to file].\n";

0
logwatch-7.3.6-postfix.patch → logwatch-postfix.patch
View File

13
logwatch-smartd.patch Normal file
View File

@ -0,0 +1,13 @@
--- logwatch-20110113/scripts/services/smartd.orig 2011-01-06 23:16:39.000000000 +0100
+++ logwatch-20110113/scripts/services/smartd 2011-01-13 16:16:44.880504722 +0100
@@ -102,6 +102,10 @@ while (defined(my $ThisLine = <STDIN>))
# ignore
} elsif ( ($Device) = ($ThisLine =~ /^Device: ([^,]+), is in STANDBY mode, skipping checks/ )) {
# ignore
+ } elsif ( ($Device) = ($ThisLine =~ /^Device: ([^,]+), self-test in progress, [0-9]+% remaining/ )) {
+ # ignore
+ } elsif ( ($Device) = ($ThisLine =~ /^Device: ([^,]+), previous self-test completed without error/ )) {
+ # ignore
} elsif ( ($Device) = ($ThisLine =~ /^Device: ([^,]+), type changed from \'\w+\' to \'\w+\'/ )) {
# ignore
} elsif ( ($Device) = ($ThisLine =~ /^Device: ([^,]+), state (?:read from|written to)/ )) {

0
logwatch-7.3.1-vsftpd.patch → logwatch-vsftpd.patch
View File

36
logwatch-xntpd.patch Normal file
View File

@ -0,0 +1,36 @@
--- logwatch-20110113/scripts/services/xntpd.orig 2010-05-10 01:24:57.000000000 +0200
+++ logwatch-20110113/scripts/services/xntpd 2011-01-13 16:30:11.573714329 +0100
@@ -146,12 +146,15 @@ while (defined(my $ThisLine = <STDIN>))
($ThisLine =~ m/kernel time sync (dis|en)abled /) or # startup
($ThisLine =~ m/frequency initialized/) or # startup
($ThisLine =~ m/using kernel phase-lock loop/) or # startup
+ ($ThisLine =~ m/0\.0\.0\.0 [[:xdigit:]]{4} [[:xdigit:]]{2} /) or # startup
($ThisLine =~ m/select([^\)]) error: Interrupted system call/) or
($ThisLine =~ m/signal_no_reset: signal \d+ had flags \d+/) or
($ThisLine =~ /Deleting interface \#[0-9]+ [^,]*, [^,]*, interface stats: received=.*, sent=.*, dropped=.*, active_time=.* secs/) or
($ThisLine =~ /Invalid argument/) or
($ThisLine =~ /Listening on interface .* Disabled/) or
($ThisLine =~ /Listening on interface .* Enabled/) or
+ ($ThisLine =~ /Listen and drop on /) or
+ ($ThisLine =~ /Listening on routing socket on/) or
($ThisLine =~ /ntp_io: estimated max descriptors: \d*, initial socket boundary: \d*/)
) {
# Ignore these
@@ -174,6 +177,8 @@ while (defined(my $ThisLine = <STDIN>))
# MEv end no leadin to line
} elsif ( my ($ListenOn) = ($ThisLine =~ /Listening on interface (.*)(?: Enabled)?/ )) {
$Interfaces{$ListenOn}++;
+ } elsif ( my ($ListenOn) = ($ThisLine =~ /Listen normally on \d+ (.*)/ )) {
+ $Interfaces{$ListenOn}++;
} elsif ( my ($SyncTo,$Stratum) = ($ThisLine =~ /synchronized to ([^ ]+), stratum[ =]([^ ]+)/ )) {
my $name = $SyncTo;
if ($Detail > 5 && $SyncTo =~ m/^[\d.]+$/) {
@@ -235,7 +240,7 @@ if (keys %Interfaces) {
print "\nListening on interfaces:\n" if ($Detail > 5);
foreach my $i (keys %Interfaces) {
print " $i - $Interfaces{$i} times\n" if ($Detail > 5);
- unless ($i =~ m/^(wildcard|lo)/) {
+ unless ($i =~ m/^(wildcard|v[46]wildcard|lo)/) {
$lt++;
}
$t++;

324
logwatch.spec
View File

@ -1,156 +1,30 @@
Summary: A log file analysis program
Name: logwatch
Version: 7.3.6
Release: 58%{?dist}
Release: 59.20100113svn22%{?dist}
License: MIT
Group: Applications/System
URL: http://www.logwatch.org/
Source: ftp://ftp.kaybee.org/pub/linux/logwatch-%{version}.tar.gz
# The source for this package was pulled from upstream's vcs. Use the
# following commands to generate the tarball:
# svn export -r 22 https://logwatch.svn.sourceforge.net/svnroot/logwatch logwatch-20110113
# tar cJvf logwatch-20110113.tar.xz logwatch-20110113
Source0: logwatch-20110113.tar.xz
#Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
# Needs proper fix. Not applied by the upstream.
Patch2: logwatch-7.3.1-vsftpd.patch
# Applied by upstream.
Patch4: logwatch-7.3.6-secure.patch
# Upstream fixed this another way.
Patch5: logwatch-7.3.6-xntpd.patch
# Applied by upstream.
Patch6: logwatch-7.3.4-sshd.patch
# Applied by upstream.
Patch9: logwatch-7.3.4-sshd3.patch
# Applied by upstream.
Patch10: logwatch-7.3.4-named.patch
# Applied by upstream.
Patch11: logwatch-7.3.6-named2.patch
# Applied by upstream.
Patch12: logwatch-7.3.6-audit.patch
# Applied by upstream.
Patch13: logwatch-7.3.6-pam_unix.patch
# Applied by upstream.
Patch14: logwatch-7.3.6-named3.patch
# Applied by upstream.
Patch15: logwatch-7.3.6-cron.patch
# Applied by upstream.
Patch16: logwatch-7.3.6-zz-disk_space.patch
# Applied by upstream.
Patch17: logwatch-7.3.6-cron2.patch
# Applied by upstream.
Patch18: logwatch-7.3.6-cron3.patch
# Applied by upstream.
Patch20: logwatch-7.3.6-secure1.patch
# Applied by upstream.
Patch21: logwatch-7.3.6-sudo.patch
# Applied by upstream.
Patch22: logwatch-7.3.6-sshd1.patch
# Applied by upstream.
Patch23: logwatch-7.3.6-clamav-milter.patch
# Upstream fixed this another way.
Patch24: logwatch-7.3.6-conf.patch
# Applied by upstream.
Patch26: logwatch-7.3.6-amavis.patch
Patch0: logwatch-vsftpd.patch
# Not applied by upstream.
Patch27: logwatch-7.3.6-oldfiles.patch
# Not applied by upstream.
Patch28: logwatch-7.3.6-usage.patch
# Applied by upstream.
Patch29: logwatch-7.3.6-maillog.patch
# Applied by upstream.
Patch30: logwatch-7.3.6-amavis2.patch
# Applied by upstream.
Patch31: logwatch-7.3.6-openvpn.patch
# Cannot be applied by upstream, as
# the postfix service has been reverted to some
# older version by upstream due to licensing issues.
# Some parts are solved by upstream.
Patch32: logwatch-7.3.6-postfix.patch
# Applied by upstream.
Patch33: logwatch-7.3.6-cron4.patch
# Applied by upstream.
Patch34: logwatch-7.3.6-dovecot_back.patch
# Applied by upstream.
Patch35: logwatch-7.3.6-audit2.patch
# Applied by upstream.
Patch36: logwatch-7.3.6-openvpn2.patch
# Fedora specific.
Patch37: logwatch-7.3.6-sendmail.patch
# Applied by upstream.
Patch38: logwatch-7.3.6-audit3.patch
# Applied by upstream.
Patch39: logwatch-7.3.6-init.patch
# Applied by upstream.
Patch40: logwatch-7.3.6-cron5.patch
# Not applied by upstream.
Patch41: logwatch-7.3.6-logrotate.patch
# Applied by upstream.
Patch45: logwatch-7.3.6-init2.patch
# Applied by upstream.
Patch46: logwatch-7.3.6-secure2.patch
# Applied by upstream.
Patch47: logwatch-7.3.6-exim.patch
# Applied by upstream.
Patch48: logwatch-7.3.6-zz-disk_space2.patch
# Applied by upstream.
Patch49: logwatch-7.3.6-dovecot.patch
# Applied by upstream.
Patch50: logwatch-7.3.6-named4.patch
# Applied by upstream.
Patch51: logwatch-7.3.6-openvpn3.patch
# Applied by upstream.
Patch52: logwatch-7.3.6-smartd.patch
# Applied by upstream.
Patch53: logwatch-7.3.6-sshd2.patch
# Applied by upstream.
Patch54: logwatch-7.3.6-exim2.patch
# Applied by upstream.
Patch55: logwatch-7.3.6-removeservice.patch
# Fedora-specific change. It must be decided
# whether it is right. Not applied to upstream.
Patch56: logwatch-7.3.6-cron_conf.patch
# Applied by upstream.
Patch57: logwatch-7.3.6-named5.patch
# Applied by upstream.
Patch58: logwatch-7.3.6-iptables.patch
# Applied by upstream.
Patch59: logwatch-7.3.6-lost-connection.patch
# Applied by upstream.
Patch60: logwatch-7.3.6-secure3.patch
# Applied by upstream.
Patch61: logwatch-7.3.6-audit4.patch
# Applied by upstream.
Patch62: logwatch-7.3.6-dovecot2.patch
# Applied by upstream.
Patch63: logwatch-7.3.6-openvpn4.patch
# Applied by upstream.
Patch64: logwatch-7.3.6-pam_unix4.patch
# Applied by upstream.
Patch66: logwatch-7.3.6-named6.patch
# Applied by upstream.
Patch67: logwatch-7.3.6-sshd3.patch
# Applied by upstream.
Patch68: logwatch-7.3.6-dhcpd2.patch
# Applied by upstream.
Patch69: logwatch-7.3.6-named7.patch
# Applied by upstream.
Patch70: logwatch-7.3.6-dovecot3.patch
# Applied by upstream.
Patch71: logwatch-7.3.6-sendmail2.patch
# Applied by upstream.
# Adds manpages for configuration files.
# rhbz#525644
Patch73: logwatch-7.3.6-manpages.patch
# Applied by upstream.
# Ignore broken trust chain messages in named service
# rhbz#581186
Patch74: logwatch-7.3.6-named8.patch
# Applied by upstream.
Patch75: logwatch-7.3.6-fetchmail.patch
# Match "clients-per-query increased" as well as "decreased"
# Already included upstream (rev 9)
Patch76: logwatch-7.3.6-named9.patch
# Match "DNS format error", and variants of existing messages
# Submitted upstream
Patch77: logwatch-7.3.6-named10.patch
Patch1: logwatch-oldfiles.patch
# Cannot be applied, as the postfix service has been reverted to some
# older version by upstream due to licensing issues. Some parts are
# solved by upstream.
Patch2: logwatch-postfix.patch
Patch3: logwatch-automount.patch
Patch4: logwatch-dhcpd.patch
Patch5: logwatch-dovecot.patch
Patch6: logwatch-smartd.patch
Patch7: logwatch-xntpd.patch
Patch8: logwatch-dovecot2.patch
Requires: textutils sh-utils grep mailx
Requires: perl(Date::Manip)
BuildArchitectures: noarch
@ -162,73 +36,16 @@ that you wish with the detail that you wish. Easy to use - works right out
of the package on many systems.
%prep
%setup -q
%patch2 -p1
%setup -q -n logwatch-20110113
%patch0 -p1
%patch1 -p1
#%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch9 -p1
%patch10 -p1
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
%patch15 -p1
%patch16 -p1
%patch17 -p1
%patch18 -p1
%patch20 -p1
%patch21 -p1
%patch22 -p1
%patch23 -p1
%patch24 -p1
%patch26 -p1
%patch27 -p1
%patch28 -p1
%patch29 -p1
%patch30 -p1
%patch31 -p1
%patch32 -p1
%patch33 -p1
%patch34 -p1
%patch35 -p1
%patch36 -p1
%patch37 -p1
%patch38 -p1
%patch39 -p1
%patch40 -p1
%patch41 -p1
%patch45 -p1
%patch46 -p1
%patch47 -p1
%patch48 -p1
%patch49 -p1
%patch50 -p1
%patch51 -p1
%patch52 -p1
%patch53 -p1
%patch54 -p1
%patch55 -p1
%patch56 -p1
%patch57 -p1
%patch58 -p1
%patch59 -p1
%patch60 -p1
%patch61 -p1
%patch62 -p1
%patch63 -p1
%patch64 -p1
%patch66 -p1
%patch67 -p1
%patch68 -p1
%patch69 -p1
%patch70 -p1
%patch71 -p1
%patch73 -p1
%patch74 -p1
%patch75 -p1
%patch76 -p1
%patch77 -p1
%patch7 -p1
%patch8 -p1
rm -f scripts/services/*.orig
%build
@ -242,6 +59,7 @@ install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/scripts/services
install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/conf
install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/conf/logfiles
install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/conf/services
install -m 0755 -d %{buildroot}%{_sysconfdir}/cron.daily
install -m 0755 -d %{buildroot}%{_datadir}/logwatch/default.conf/logfiles
install -m 0755 -d %{buildroot}%{_datadir}/logwatch/default.conf/services
install -m 0755 -d %{buildroot}%{_datadir}/logwatch/default.conf/html
@ -250,6 +68,9 @@ install -m 0755 -d %{buildroot}%{_datadir}/logwatch/dist.conf/services
install -m 0755 -d %{buildroot}%{_datadir}/logwatch/scripts/services
install -m 0755 -d %{buildroot}%{_datadir}/logwatch/scripts/shared
install -m 0755 -d %{buildroot}%{_datadir}/logwatch/lib
install -m 0755 -d %{buildroot}%{_sbindir}
install -m 0755 -d %{buildroot}%{_mandir}/man5
install -m 0755 -d %{buildroot}%{_mandir}/man8
for i in scripts/logfiles/*; do
if [ $(ls $i | wc -l) -ne 0 ]; then
@ -263,17 +84,23 @@ install -m 0644 scripts/services/* %{buildroot}%{_datadir}/logwatch/scripts/serv
install -m 0644 scripts/shared/* %{buildroot}%{_datadir}/logwatch/scripts/shared
install -m 0644 conf/logwatch.conf %{buildroot}%{_datadir}/logwatch/default.conf/logwatch.conf
install -m 0644 conf/logwatch.conf %{buildroot}%{_sysconfdir}/logwatch/conf/logwatch.conf
install -m 0644 conf/ignore.conf %{buildroot}%{_sysconfdir}/logwatch/conf/ignore.conf
install -m 0644 conf/logfiles/* %{buildroot}%{_datadir}/logwatch/default.conf/logfiles
install -m 0644 conf/services/* %{buildroot}%{_datadir}/logwatch/default.conf/services
install -m 0644 conf/html/* %{buildroot}%{_datadir}/logwatch/default.conf/html
install -m 0644 lib/Logwatch.pm %{buildroot}%{_datadir}/logwatch/lib/Logwatch.pm
install -m 0755 -d %{buildroot}%{_mandir}/man8
install -m 0644 ignore.conf.5 %{buildroot}%{_mandir}/man5
install -m 0644 override.conf.5 %{buildroot}%{_mandir}/man5
install -m 0644 logwatch.conf.5 %{buildroot}%{_mandir}/man5
install -m 0644 logwatch.8 %{buildroot}%{_mandir}/man8
rm -f %{buildroot}%{_sysconfdir}/cron.daily/logwatch \
%{buildroot}%{_sbindir}/logwatch
install -m 0644 logwatch.cron %{buildroot}%{_sysconfdir}/cron.daily/0logwatch
ln -s ../../%{_datadir}/logwatch/scripts/logwatch.pl %{buildroot}/%{_sbindir}/logwatch
# Do not install zz-fortune service on RHEL
%if 0%{?rhel}
@ -284,70 +111,59 @@ touch %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune
chmod 644 %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune
%endif
# install cron script
install -m 0755 -d %{buildroot}%{_sysconfdir}/cron.daily
cat > %{buildroot}/%{_sysconfdir}/cron.daily/0logwatch <<EOF
#!/bin/bash
DailyReport=\`grep -e "^[[:space:]]*DailyReport[[:space:]]*=[[:space:]]*" /usr/share/logwatch/default.conf/logwatch.conf | head -n1 | sed -e "s|^\s*DailyReport\s*=\s*||"\`
if [ "\$DailyReport" != "No" ] && [ "\$DailyReport" != "no" ]
then
logwatch
fi
EOF
chmod 755 %{buildroot}/%{_sysconfdir}/cron.daily/0logwatch
install -m 0755 -d %{buildroot}%{_sbindir}
ln -s ../../%{_datadir}/logwatch/scripts/logwatch.pl %{buildroot}/%{_sbindir}/logwatch
echo "###### REGULAR EXPRESSIONS IN THIS FILE WILL BE TRIMMED FROM REPORT OUTPUT #####" > %{buildroot}%{_sysconfdir}/logwatch/conf/ignore.conf
echo "# Local configuration options go here (defaults are in %{_datadir}/logwatch/default.conf/logwatch.conf)" > %{buildroot}%{_sysconfdir}/logwatch/conf/logwatch.conf
echo "# Configuration overrides for specific logfiles/services may be placed here." > %{buildroot}%{_sysconfdir}/logwatch/conf/override.conf
%files
%defattr(-,root,root)
%doc README HOWTO-Customize-LogWatch
%dir %{_var}/cache/logwatch
%dir %{_sysconfdir}/logwatch
%dir %{_sysconfdir}/logwatch/conf
%dir %{_sysconfdir}/logwatch/scripts
%dir %{_sysconfdir}/logwatch/conf/logfiles
%dir %{_sysconfdir}/logwatch/conf/services
%dir %{_sysconfdir}/logwatch/scripts/services
%dir %{_datadir}/logwatch
%dir %{_datadir}/logwatch/default.conf
%dir %{_datadir}/logwatch/default.conf/services
%dir %{_datadir}/logwatch/default.conf/logfiles
%dir %{_datadir}/logwatch/default.conf/html
%{_sysconfdir}/cron.daily/0logwatch
%config(noreplace) %{_sysconfdir}/logwatch/conf/*.conf
%dir %{_datadir}/logwatch/dist.conf
%dir %{_datadir}/logwatch/dist.conf/services
%dir %{_datadir}/logwatch/dist.conf/logfiles
%dir %{_datadir}/logwatch/scripts
%dir %{_datadir}/logwatch/scripts/logfiles
%dir %{_datadir}/logwatch/scripts/services
%dir %{_datadir}/logwatch/scripts/shared
%dir %{_datadir}/logwatch/scripts/logfiles/*
%dir %{_datadir}/logwatch/lib
%{_datadir}/logwatch/scripts/logwatch.pl
%config(noreplace) %{_sysconfdir}/logwatch/conf/*.conf
%config(noreplace) %{_datadir}/logwatch/default.conf/*.conf
%{_sbindir}/logwatch
%{_datadir}/logwatch/scripts/shared/*
%{_datadir}/logwatch/scripts/services/*
%{_datadir}/logwatch/scripts/logfiles/*/*
%{_datadir}/logwatch/scripts/shared
%{_datadir}/logwatch/scripts/services
%{_datadir}/logwatch/scripts/logfiles
%{_datadir}/logwatch/lib/Logwatch.pm
%{_datadir}/logwatch/default.conf/services/*.conf
%{_datadir}/logwatch/default.conf/logfiles/*.conf
%{_datadir}/logwatch/default.conf/html/*.html
%{_sysconfdir}/cron.daily/0logwatch
%doc %{_mandir}/man8/logwatch.8*
%doc License project/CHANGES
%{_mandir}/man*/*
#%doc License project/CHANGES
%changelog
* Thu Jan 13 2011 Karel Klíč <kklic@redhat.com> - 7.3.6-59.20100113svn22
- Updated to the latest SVN upstream revision
- Removed patches merged by upstream
- Removed logwatch-7.3.6-usage.patch, because --usage works in the new
version
- Removed logwatch-7.3.6-cron_conf.patch, because logwatch already
handles the same problem, only differently
- Removed logwatch-7.3.6-sendmail.patch: if the log level becomes
problem again, it should be fixed differently
- Removed Fedora-specific /etc/logwatch/conf/{logwatch,ignore}.conf,
upstream version is used instead
- Renamed logwatch-7.3.1-vsftpd.patch to logwatch-vsftpd.patch,
logwatch-7.3.6-oldfiles.patch to logwatch-oldfiles.patch, and
logwatch-7.3.6-postfix.patch to logwatch-postfix.patch, because
versioning no longer makes sense in Logwatch (the patches does not
necessarily apply to the last officially released version);
all patches updated to apply on the latest sources
- Added logwatch-automount.patch by Frank Crawford (rhbz#666582)
- Added logwatch-dhcpd.patch by Frank Crawford (rhbz#666393)
- Added logwatch-dovecot.patch by Frank Crawford (rhbz#666376)
- Added logwatch-smartd.patch by Frank Crawford (rhbz#666382)
- Added logwatch-xntpd.patch by Frank Crawford (rhbz#666498)
- Added logwatch-dovecot2.patch
* Sat Oct 9 2010 Richard Fearn <richardfearn@gmail.com> 7.3.6-58
- named: match "DNS format error", and variants of existing messages
(rhbz#595222)

2
sources
View File

@ -1 +1 @@
937d982006b2a76a83edfcfd2e5a9d7d logwatch-7.3.6.tar.gz
b64856e1ad7fe3e2dcc30f0032d4df66 logwatch-20110113.tar.xz