rpms/logwatch/devel logwatch-7.3.6-audit2.patch, NONE, 1.1 logwatch-7.3.6-openvpn2.patch, NONE, 1.1 logwatch-7.3.6-cron2.patch, 1.1, 1.2 logwatch.spec, 1.89, 1.90
Ivana Varekova (varekova)
fedora-extras-commits at redhat.com
Fri Apr 4 11:32:32 UTC 2008
Author: varekova
Update of /cvs/pkgs/rpms/logwatch/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv16391
Modified Files:
logwatch-7.3.6-cron2.patch logwatch.spec
Added Files:
logwatch-7.3.6-audit2.patch logwatch-7.3.6-openvpn2.patch
Log Message:
- Resolves: #440534
Some unmatched OpenVPN log lines
- add parsing of new logw to audit and cron service
logwatch-7.3.6-audit2.patch:
--- NEW FILE logwatch-7.3.6-audit2.patch ---
diff -up logwatch-7.3.6/scripts/services/audit.pom logwatch-7.3.6/scripts/services/audit
--- logwatch-7.3.6/scripts/services/audit.pom 2008-03-05 11:18:41.000000000 +0100
+++ logwatch-7.3.6/scripts/services/audit 2008-04-04 11:05:07.000000000 +0200
@@ -115,6 +115,8 @@ while ($ThisLine = <STDIN>) {
$grants{$2.' '.$3.' ('.$1.$4 . ')'}++;
} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=(\S+)\s*tclass=(\S+)/ ) {
$InvalidContext{$4." running as ".$2." acting on ".$3." \nshould transit to invalid ".$1}++;
+ } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
+ $InvalidContext{"context: ".$1}++;
} else {
$othercount++;
$ThisLine =~ s/^\s*//;
@@ -129,6 +131,8 @@ while ($ThisLine = <STDIN>) {
$grants{$1.' '.$2.' ('.$3 . ')'}++;
} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=\S+\s*tclass=(\S+)/ ) {
$InvalidContext{$3." running as ".$2." should transit to invalid ".$1}++;
+ } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
+ $InvalidContext{"context: ".$1}++;
} else {
$othercount++;
$ThisLine =~ s/^\s*//;
@@ -143,6 +147,8 @@ while ($ThisLine = <STDIN>) {
$grants{$1.' '.$2.' ('.$3 . ')'}++;
} elsif ($ThisLine =~ /security_compute_sid:\s*invalid context\s*(\S+)\s*for\s*scontext=(\S+)\s*tcontext=\S+\s*tclass=(\S+)/ ) {
$InvalidContext{$3." running as ".$2." should transit to invalid ".$1}++;
+ } elsif ($ThisLine =~ /security_sid_mls_copy:\s*invalid context\s*(\S+)/) {
+ $InvalidContext{"context: ".$1}++;
} else {
$othercount++;
$ThisLine =~ s/^\s*//;
logwatch-7.3.6-openvpn2.patch:
--- NEW FILE logwatch-7.3.6-openvpn2.patch ---
diff -up logwatch-7.3.6/scripts/services/openvpn.pom logwatch-7.3.6/scripts/services/openvpn
--- logwatch-7.3.6/scripts/services/openvpn.pom 2008-04-04 12:35:34.000000000 +0200
+++ logwatch-7.3.6/scripts/services/openvpn 2008-04-04 13:22:18.000000000 +0200
@@ -51,7 +51,7 @@ while (defined($ThisLine = <STDIN>)) {
($ThisLine =~ /^MULTI: multi_create_instance called/) or
($ThisLine =~ /^MULTI: primary virtual IP for/) or
($ThisLine =~ /^MULTI: TCP INIT maxclients=\d+ maxevents=\d+/) or
- ($ThisLine =~ /^MULTI: bad source address from client .*, packet dropped/) or
+ ($ThisLine =~ /MULTI: bad source address from client .*, packet dropped/) or
($ThisLine =~ /^Need IPv6 code in mroute_extract_addr_from_packet/) or
($ThisLine =~ /^NOTE: UID\/GID downgrade will be delayed because of --client, --pull, or --up-delay/) or
($ThisLine =~ /^OPTIONS IMPORT/) or
@@ -108,6 +108,9 @@ while (defined($ThisLine = <STDIN>)) {
$ConnErrors{$error}{"$proto"}++;
} elsif (($name) = ($ThisLine =~ /MULTI: new connection by client '(.*)' will cause previous active sessions by this client to be dropped. Remember to use the --duplicate-cn option if you want multiple clients using the same certificate or username to concurrently connect./)) {
$ConnectCauseDrop{$name}++;
+ } elsif ((($Err) = ($ThisLine =~ /(read UDPv4 \[ECONNREFUSED\]: Connection refused \(code=111\))/)) or
+ (($Err) = ($ThisLine =~ /(read UDPv4 \[EHOSTUNREACH\]: No route to host \(code=113\))/))) {
+ $Error{$Err}++;
} else {
# Report any unmatched entries...
# remove PID from named messages
@@ -199,6 +202,14 @@ if (keys %ConnectCauseDrop) {
}
}
+if (keys %Error) {
+ print "\n UDPv4 errors:\n";
+ foreach $Err (sort keys %Error) {
+ print " " . $Err . ": " .$Error{$Err}. " Time(s)\n";
+ }
+}
+
+
if (keys %OtherList) {
print "\n**Unmatched Entries**\n";
foreach $line (sort {$a cmp $b} keys %OtherList) {
logwatch-7.3.6-cron2.patch:
Index: logwatch-7.3.6-cron2.patch
===================================================================
RCS file: /cvs/pkgs/rpms/logwatch/devel/logwatch-7.3.6-cron2.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- logwatch-7.3.6-cron2.patch 9 Aug 2007 14:00:33 -0000 1.1
+++ logwatch-7.3.6-cron2.patch 4 Apr 2008 11:32:09 -0000 1.2
@@ -5,7 +5,7 @@
) ) {
$INCRONDErr{$Error}++;
+ } elsif ( ($ThisLine =~ /crond/) &&
-+ (($Error) = ($ThisLine =~ /(failed to open PAM security session: Permission denied)/))
++ (($Error) = ($ThisLine =~ /(failed to open PAM security session: (Permission denied|Module is unknown))/))
+ ) {
+ $CRONDErr{$Error}++;
} else {
Index: logwatch.spec
===================================================================
RCS file: /cvs/pkgs/rpms/logwatch/devel/logwatch.spec,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -r1.89 -r1.90
--- logwatch.spec 5 Mar 2008 10:27:07 -0000 1.89
+++ logwatch.spec 4 Apr 2008 11:32:09 -0000 1.90
@@ -1,7 +1,7 @@
Summary: A log file analysis program
Name: logwatch
Version: 7.3.6
-Release: 20%{?dist}
+Release: 21%{?dist}
License: MIT
Group: Applications/System
URL: http://www.logwatch.org/
@@ -37,6 +37,8 @@
Patch32: logwatch-7.3.6-postfix.patch
Patch33: logwatch-7.3.6-cron4.patch
Patch34: logwatch-7.3.6-dovecot_back.patch
+Patch35: logwatch-7.3.6-audit2.patch
+Patch36: logwatch-7.3.6-openvpn2.patch
Requires: textutils sh-utils grep mailx
Requires: perl(Date::Manip)
@@ -82,6 +84,8 @@
%patch32 -p1
%patch33 -p1
%patch34 -p1
+%patch35 -p1
+%patch36 -p1
rm -f scripts/services/*.orig
%build
@@ -195,8 +199,13 @@
%doc License project/CHANGES
%changelog
+* Fri Apr 4 2008 Ivana Varekova <varekova at redhat.com> 7.3.6-21
+- Resolves: #440534
+ Some unmatched OpenVPN log lines
+- add parsing of new logw to audit and cron service
+
* Wed Mar 5 2008 Ivana Varekova <varekova at redhat.com> 7.3.6-20
-- resolves 436058
+- Resolves: #436058
dovecot script for logwatch needs fix for IPv6
* Thu Feb 14 2008 Ivana Varekova <varekova at redhat.com> 7.3.6-19
More information about the scm-commits
mailing list