From fda8ac5341784fe150b28e47fc5582ec1a1e08ef Mon Sep 17 00:00:00 2001 From: Ivana Varekova Date: Wed, 6 Aug 2008 11:31:40 +0000 Subject: [PATCH] - add cron service patch to parse more logs --- logwatch-7.3.6-cron5.patch | 57 ++++++++++++++++++++++++++++++++++++++ logwatch.spec | 7 ++++- 2 files changed, 63 insertions(+), 1 deletion(-) create mode 100644 logwatch-7.3.6-cron5.patch diff --git a/logwatch-7.3.6-cron5.patch b/logwatch-7.3.6-cron5.patch new file mode 100644 index 0000000..e3945e9 --- /dev/null +++ b/logwatch-7.3.6-cron5.patch @@ -0,0 +1,57 @@ +diff -up logwatch-7.3.6/scripts/services/cron.pom logwatch-7.3.6/scripts/services/cron +--- logwatch-7.3.6/scripts/services/cron.pom 2008-06-20 10:42:20.000000000 +0200 ++++ logwatch-7.3.6/scripts/services/cron 2008-08-06 12:55:21.000000000 +0200 +@@ -103,7 +103,10 @@ while (defined($ThisLine = )) { + ($ThisLine =~ /loading (system|user) tables/) or + ($ThisLine =~ /loading table .*/) or + ($ThisLine =~ /void Inotify::Remove\(InotifyWatch\*\): removing watch failed/) or +- ($ThisLine =~ /error: \(22\) Invalid argument/) ++ ($ThisLine =~ /error: \(22\) Invalid argument/) or ++ ($ThisLine =~ /INFO \(running with inotify support\)/) or ++ ($ThisLine =~ /INFO \(\@reboot jobs will be run at computer's startup.\)/) ++ + ) { + # Ignore + } elsif ( +@@ -148,6 +151,12 @@ while (defined($ThisLine = )) { + $BFMFile{$FileName}++; + } elsif ( ($FileName) = ($ThisLine =~ /WRONG FILE OWNER \((.+)\)/) ) { + $WFO{$FileName}++; ++ } elsif ($ThisLine =~ /FAILED to authorize user with PAM \(User not known to the underlying authentication module\)/) { ++ $PAMAUTHErr++; ++ } elsif ( ($FileName,$Cause) = ($ThisLine =~ /ERROR chdir failed \((.*)\): (.*)/) ) { ++ $CHDIRErr{"$FileName,$Cause"}++; ++ } elsif ($ThisLine =~ /ERROR \(failed to change user\)/) { ++ $CHUSERHErr++; + } else { + # Report any unmatched entries... + push @OtherList, "$ThisLine\n"; +@@ -352,10 +361,27 @@ if (%INCRONDErr) { + if (%SELCONTErr) { + printf "\n SELinux context error \n"; + for $key (keys %SELCONTErr) { +- print " " . $key . ": " . $SELCONTErr{$key} . "time(s)\n"; ++ print " " . $key . ": " . $SELCONTErr{$key} . " time(s)\n"; + } + } + ++if ($PAMAUTHErr) { ++ printf "\nPAM autentification error: " . $PAMAUTHErr . " time(s)\n"; ++} ++ ++if (%CHDIRErr) { ++ printf "\nchdir command failed\n"; ++ foreach (keys %CHDIRErr) { ++ my ($File,$Cause) = split ","; ++ print " for directory " . $File . " (" . $Cause . ")". ": " . $CHDIRErr{"$File,$Cause"} . " time(s)\n"; ++ } ++} ++ ++if ($CHUSERHErr) { ++ printf "\nUser change error: " . $CHUSERHErr . " time(s)\n"; ++} ++ ++ + + if ($#OtherList >= 0) { + print "\n**Unmatched Entries**\n"; diff --git a/logwatch.spec b/logwatch.spec index 8230af1..210777b 100644 --- a/logwatch.spec +++ b/logwatch.spec @@ -1,7 +1,7 @@ Summary: A log file analysis program Name: logwatch Version: 7.3.6 -Release: 24%{?dist} +Release: 25%{?dist} License: MIT Group: Applications/System URL: http://www.logwatch.org/ @@ -42,6 +42,7 @@ Patch36: logwatch-7.3.6-openvpn2.patch Patch37: logwatch-7.3.6-sendmail.patch Patch38: logwatch-7.3.6-audit3.patch Patch39: logwatch-7.3.6-init.patch +Patch40: logwatch-7.3.6-cron5.patch Requires: textutils sh-utils grep mailx Requires: perl(Date::Manip) @@ -92,6 +93,7 @@ of the package on many systems. %patch37 -p1 %patch38 -p1 %patch39 -p1 +%patch40 -p1 rm -f scripts/services/*.orig %build @@ -205,6 +207,9 @@ rm -rf %{buildroot} %doc License project/CHANGES %changelog +* Wed Aug 6 2008 Ivana Varekova 7.3.6-25 +- add cron service patch to parse more logs + * Fri Jun 20 2008 Ivana Varekova 7.3.6-24 - Resolves: #452044 handle 2.6.25+ audit messages