rpms/logwatch
7
0
Fork 0
Code Issues Pull Requests Releases Activity
67036da2a1
logwatch/logwatch-secure-update.patch
Jan Synacek 67036da2a1 Update secure-update patch 
Update systemd-logind patch
2012-05-04 13:02:41 +02:00

63 lines
3.6 KiB
Diff
Raw Blame History

--- scripts/services/secure.orig 2012-04-27 10:13:45.000000000 +0200
+++ scripts/services/secure 2012-05-04 12:44:23.350831876 +0200
@@ -210,6 +210,7 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /^pam_xauth\[\d+\]: call_xauth: child returned \d/) or
( $ThisLine =~ /^su\[\d+\]: pam_authenticate: Authentication failure/) or
( $ThisLine =~ /^passwd\[\d+\]:/) or
+ ( $ThisLine =~ /^passwd: gkr-pam: .*/) or
( $ThisLine =~ /^reboot:/) or
( $ThisLine =~ /^sudo:/) or
( $ThisLine =~ /^su: pam_unix2: session (started|finished) for user [^ ]+, service [^ ]+/) or
@@ -262,7 +263,11 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /(gdm-session-worker|gdm-password)\[\d+\]: gkr-pam: no password is available for user/) or
( $ThisLine =~ /gkr-pam: the password for the login keyring was invalid/) or
( $ThisLine =~ /groupadd\[\d+\]: group added to /) or # Details in other messages
- ( $ThisLine =~ /gdm-session-worker\[\d+\]: pam_namespace\(gdm:session\): Unmount of [^ ]* failed, Device or resource busy/)
+ ( $ThisLine =~ /groupmod\[\d+\]: group changed in \/etc\/gshadow /) or # Details in other messages
+ ( $ThisLine =~ /gdm-session-worker\[\d+\]: pam_namespace\(gdm:session\): Unmount of [^ ]* failed, Device or resource busy/) or
+ ( $ThisLine =~ /pkexec: pam_systemd(.*): /) or
+ ( $ThisLine =~ /pkexec: \S+: Executing command /) or
+ ( $ThisLine =~ /su: pam_systemd(.*): Failed to parse message: /)
) {
# Ignore these entries
} elsif ($ThisLine =~ /^spop3d/ || $ThisLine =~ /^pop\(\w+\)\[\d+\]:/) {
@@ -376,11 +381,11 @@ while (defined($ThisLine = <STDIN>)) {
$UserLogin{$User}++;
} elsif ( ($User,undef) = ($ThisLine =~ /^com.apple.SecurityServer: authinternal authenticated user ([^ ]+) .*/ )) {
$UserLogin{$User}++;
- } elsif ( $ThisLine =~ s/^userdel\[\d+\]: delete user `(.+)'/$1/ ) {
+ } elsif ( $ThisLine =~ s/^userdel\[\d+\]: delete user ['`](.+)'/$1/ ) {
$DeletedUsers .= " $ThisLine\n";
} elsif ( $ThisLine =~ s/^(?:useradd|adduser)\[\d+\]: new user: name=(.+), (?:uid|UID)=(\d+).*$/$1 ($2)/ ) {
$NewUsers .= " $ThisLine\n";
- } elsif ( $ThisLine =~ s/^userdel\[\d+\]: remove(?:d)? group `(\S+)'( owned by \S+)?/$1/ ) {
+ } elsif ( $ThisLine =~ s/^userdel(?:\[\d+\])?: remove(?:d)? group [`'](\S+)'( owned by \S+)?/$1/ ) {
$DeletedGroups .= " $ThisLine\n";
} elsif ( $ThisLine =~ s/^groupdel\[\d+\]: remove group `(.+)'/$1/ ) {
$DeletedGroups .= " $ThisLine\n";
@@ -421,6 +426,10 @@ while (defined($ThisLine = <STDIN>)) {
$XauthMessage{$Message}++;
} elsif ( ($Group,$NewName) = ($ThisLine =~ /^groupmod\[\d+\]: change group `(.*)' to `(.*)'/)) {
$GroupRenamed{"$Group -> $NewName"}++;
+ } elsif ( $ThisLine =~ s/^groupmod\[\d+\]: group changed in \/etc\/group \(group (.+)\/(\d+)\).*/$1 ($2)/) {
+ $GroupChanged{"$ThisLine"}++;
+ } elsif ( $ThisLine =~ s/^groupmod\[\d+\]: group changed in \/etc\/group \(group (.+)\/\d+, new name: (.+)\).*/$1 -> $2/) {
+ $GroupChanged{"$ThisLine"}++;
} elsif ( ($User,$Home,$NewHome) = ($ThisLine =~ /^usermod\[\d+\]: change user `(.*)' home from `(.*)' to `(.*)'/)) {
$HomeChange{$User}{"$Home -> $NewHome"}++;
} elsif ( ($User,$From,$To) = ($ThisLine =~ /^usermod\[\d+\]:change user `(.*)' UID from `(.*)' to `(.*)'/)) {
@@ -548,6 +557,13 @@ if (keys %GroupRenamed) {
print " $Group\n";
}
}
+
+if (keys %GroupChanged) {
+ print "Changed groups:\n";
+ foreach $Group (sort {$a cmp $b} keys %GroupChanged) {
+ print " $Group\n";
+ }
+}
if (keys %AddToGroup) {
print "\nAdded User to group:\n";
Reference in New Issue View Git Blame Copy Permalink