Add secure-update patch (rhbz#809314)
This commit is contained in:
Jan Synacek
parent
8c6a06bd2d
commit
e3fbb90c39
59
logwatch-secure-update.patch
Normal file
59
logwatch-secure-update.patch
Normal file
@ -0,0 +1,59 @@
|
||||
--- scripts/services/secure.orig 2012-04-27 10:13:45.400513896 +0200
|
||||
+++ scripts/services/secure 2012-05-03 10:46:17.000000000 +0200
|
||||
@@ -210,6 +210,7 @@ while (defined($ThisLine = <STDIN>)) {
|
||||
( $ThisLine =~ /^pam_xauth\[\d+\]: call_xauth: child returned \d/) or
|
||||
( $ThisLine =~ /^su\[\d+\]: pam_authenticate: Authentication failure/) or
|
||||
( $ThisLine =~ /^passwd\[\d+\]:/) or
|
||||
+ ( $ThisLine =~ /^passwd: gkr-pam: .*/) or
|
||||
( $ThisLine =~ /^reboot:/) or
|
||||
( $ThisLine =~ /^sudo:/) or
|
||||
( $ThisLine =~ /^su: pam_unix2: session (started|finished) for user [^ ]+, service [^ ]+/) or
|
||||
@@ -262,7 +263,10 @@ while (defined($ThisLine = <STDIN>)) {
|
||||
( $ThisLine =~ /(gdm-session-worker|gdm-password)\[\d+\]: gkr-pam: no password is available for user/) or
|
||||
( $ThisLine =~ /gkr-pam: the password for the login keyring was invalid/) or
|
||||
( $ThisLine =~ /groupadd\[\d+\]: group added to /) or # Details in other messages
|
||||
- ( $ThisLine =~ /gdm-session-worker\[\d+\]: pam_namespace\(gdm:session\): Unmount of [^ ]* failed, Device or resource busy/)
|
||||
+ ( $ThisLine =~ /gdm-session-worker\[\d+\]: pam_namespace\(gdm:session\): Unmount of [^ ]* failed, Device or resource busy/) or
|
||||
+ ( $ThisLine =~ /pkexec: pam_systemd(.*): /) or
|
||||
+ ( $ThisLine =~ /pkexec: \S+: Executing command /) or
|
||||
+ ( $ThisLine =~ /su: pam_systemd(.*): Failed to parse message: /)
|
||||
) {
|
||||
# Ignore these entries
|
||||
} elsif ($ThisLine =~ /^spop3d/ || $ThisLine =~ /^pop\(\w+\)\[\d+\]:/) {
|
||||
@@ -378,9 +382,11 @@ while (defined($ThisLine = <STDIN>)) {
|
||||
$UserLogin{$User}++;
|
||||
} elsif ( $ThisLine =~ s/^userdel\[\d+\]: delete user `(.+)'/$1/ ) {
|
||||
$DeletedUsers .= " $ThisLine\n";
|
||||
+ } elsif ( $ThisLine =~ s/^userdel: delete user '(.+)'/$1/ ) {
|
||||
+ $DeletedUsers .= " $ThisLine\n";
|
||||
} elsif ( $ThisLine =~ s/^(?:useradd|adduser)\[\d+\]: new user: name=(.+), (?:uid|UID)=(\d+).*$/$1 ($2)/ ) {
|
||||
$NewUsers .= " $ThisLine\n";
|
||||
- } elsif ( $ThisLine =~ s/^userdel\[\d+\]: remove(?:d)? group `(\S+)'( owned by \S+)?/$1/ ) {
|
||||
+ } elsif ( $ThisLine =~ s/^userdel(?:\[\d+\])?: remove(?:d)? group [`'](\S+)'( owned by \S+)?/$1/ ) {
|
||||
$DeletedGroups .= " $ThisLine\n";
|
||||
} elsif ( $ThisLine =~ s/^groupdel\[\d+\]: remove group `(.+)'/$1/ ) {
|
||||
$DeletedGroups .= " $ThisLine\n";
|
||||
@@ -421,6 +427,9 @@ while (defined($ThisLine = <STDIN>)) {
|
||||
$XauthMessage{$Message}++;
|
||||
} elsif ( ($Group,$NewName) = ($ThisLine =~ /^groupmod\[\d+\]: change group `(.*)' to `(.*)'/)) {
|
||||
$GroupRenamed{"$Group -> $NewName"}++;
|
||||
+ # } elsif ( ($Group) = ($ThisLine =~ /^groupmod: group changed in \/etc\/group (.*)'/)) {
|
||||
+ } elsif ( ($Group) = $ThisLine =~ /^groupmod: group changed in \/etc\/group \(group (\S+)\):.*/) {
|
||||
+ $GroupChanged{"$Group"}++;
|
||||
} elsif ( ($User,$Home,$NewHome) = ($ThisLine =~ /^usermod\[\d+\]: change user `(.*)' home from `(.*)' to `(.*)'/)) {
|
||||
$HomeChange{$User}{"$Home -> $NewHome"}++;
|
||||
} elsif ( ($User,$From,$To) = ($ThisLine =~ /^usermod\[\d+\]:change user `(.*)' UID from `(.*)' to `(.*)'/)) {
|
||||
@@ -548,6 +557,13 @@ if (keys %GroupRenamed) {
|
||||
print " $Group\n";
|
||||
}
|
||||
}
|
||||
+
|
||||
+if (keys %GroupChanged) {
|
||||
+ print "Changed groups:\n";
|
||||
+ foreach $Group (sort {$a cmp $b} keys %GroupChanged) {
|
||||
+ print " $Group\n";
|
||||
+ }
|
||||
+}
|
||||
|
||||
if (keys %AddToGroup) {
|
||||
print "\nAdded User to group:\n";
|
||||
@ -27,6 +27,8 @@ Patch7: logwatch-dovecot.patch
|
||||
Patch8: logwatch-sshd.patch
|
||||
Patch10: logwatch-secure-grammar.patch
|
||||
Patch11: logwatch-dovecot-proxy.patch
|
||||
# not yet in upstream
|
||||
Patch12: logwatch-secure-update.patch
|
||||
Requires: textutils sh-utils grep mailx
|
||||
Requires: perl(Date::Manip)
|
||||
BuildArchitectures: noarch
|
||||
@ -50,6 +52,7 @@ of the package on many systems.
|
||||
%patch8 -p1
|
||||
%patch10 -p1
|
||||
%patch11 -p0
|
||||
%patch12 -p0
|
||||
rm -f scripts/services/*.orig
|
||||
|
||||
%build
|
||||
@ -143,6 +146,7 @@ echo "# Configuration overrides for specific logfiles/services may be placed her
|
||||
%changelog
|
||||
* Fri Apr 27 2012 Jan Synáček <jsynacek@redhat.com> - 7.4.0-11.20120425svn100
|
||||
- Add dovecot-proxy patch (rhbz#812883)
|
||||
- Add secure-update patch (rhbz#809314)
|
||||
|
||||
* Wed Apr 25 2012 Jan Synáček <jsynacek@redhat.com> - 7.4.0-10.20120425svn100
|
||||
- Update to revision 100
|
||||
|
||||
Loading…
Reference in New Issue
Block a user