rpms/logwatch/devel logwatch-7.3.6-init2.patch, NONE, 1.1 logwatch-7.3.6-pam_unix3.patch, NONE, 1.1 logwatch-7.3.6-secure2.patch, NONE, 1.1 logwatch.spec, 1.98, 1.99
Ivana Varekova
varekova at fedoraproject.org
Tue Oct 21 09:14:47 UTC 2008
Author: varekova
Update of /cvs/pkgs/rpms/logwatch/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv18812
Modified Files:
logwatch.spec
Added Files:
logwatch-7.3.6-init2.patch logwatch-7.3.6-pam_unix3.patch
logwatch-7.3.6-secure2.patch
Log Message:
- fix secure, pam_unix and init scripts
logwatch-7.3.6-init2.patch:
--- NEW FILE logwatch-7.3.6-init2.patch ---
diff -up logwatch-7.3.6/scripts/services/init.pom logwatch-7.3.6/scripts/services/init
--- logwatch-7.3.6/scripts/services/init.pom 2008-10-20 13:17:46.000000000 +0200
+++ logwatch-7.3.6/scripts/services/init 2008-10-20 13:41:17.000000000 +0200
@@ -16,7 +16,8 @@ $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'}
while (defined($ThisLine = <STDIN>)) {
if (( $ThisLine =~ /open\(.*\): No such file or directory/) or
( $ThisLine =~ /Id "r" respawning too fast: disabled for 5 minutes/) or
- ( $ThisLine =~ /Re-reading inittab/)) {
+ ( $ThisLine =~ /Re-reading inittab/) or
+ ( $ThisLine =~ /.* main process ended, respawning/)) {
# We don't care about these
}
elsif ( $ThisLine =~ s/Switching to runlevel: (.)\s*$/$1/ ) {
@@ -34,9 +35,15 @@ while (defined($ThisLine = <STDIN>)) {
chomp ($ThisLine);
$ReExecInit++;
}
+ elsif ( $ThisLine =~ /Re-executing \/sbin\/init/) {
+ $ReExecSbinInit++;
+ }
elsif ( ($Name,$Cause) = ($ThisLine =~ /(.*) main process \([0-9]*\) killed by (.*) /)) {
$ProcessKilled{"$Name,$Cause"}++;
}
+ elsif ( ($Name, $Status) = ($ThisLine =~ /(.*) main process \([0-9]*\) terminated with status ([0-9]*)/)) {
+ $ProcessTerminated{"$Name,Status"}++;
+ }
else {
# report any unmatched entries
push @OtherList,$ThisLine;
@@ -53,6 +60,11 @@ if ($ReExecInit) {
print "\n\nRe-execs of init: $ReExecInit times\n";
}
+if ($ReExecSbinInit) {
+ print "\n\nRe-executing \/sbin\/init/: $ReExecSbinInit times\n";
+}
+
+
if ((keys %ProcessKilled) and ($Detail >=10)) {
print "\nKilled processses:\n";
foreach (keys %ProcessKilled) {
@@ -61,6 +73,14 @@ if ((keys %ProcessKilled) and ($Detail >
}
}
+if ((keys %ProcessTerminated) and ($Detail >=10)) {
+ print "\nTerminated processses:\n";
+ foreach (keys %ProcessTerminated) {
+ my ($Name,$Status)=split ",";
+ print " Process " . $Name. " terminated with status " . $Cause . ": " . $ProcessTerminated{"$Name,$Status"} . " Time(s)\n";
+ }
+}
+
if ($#OtherList >= 0) {
print "\n**Unmatched Entries**\n";
print @OtherList;
logwatch-7.3.6-pam_unix3.patch:
--- NEW FILE logwatch-7.3.6-pam_unix3.patch ---
diff -up logwatch-7.3.6/scripts/services/pam_unix.pom logwatch-7.3.6/scripts/services/pam_unix
--- logwatch-7.3.6/scripts/services/pam_unix.pom 2008-10-20 13:17:46.000000000 +0200
+++ logwatch-7.3.6/scripts/services/pam_unix 2008-10-20 13:16:31.000000000 +0200
@@ -140,6 +140,8 @@ while ($line = <STDIN>) {
$data{$service}{'Expired Accounts'}{$line}++;
} elsif ($line =~ s/bad username \[(.*)\]/$1/) {
$data{$service}{'Invalid Users'}{"Bad User: $line"}++;
+ } elsif ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -165,12 +167,16 @@ while ($line = <STDIN>) {
} elsif ($service eq 'gdm') {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
+ } elsif ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
} elsif ($line =~ s/^authentication failure; logname=.*user=(.+)$/$1/) {
$data{$service}{'Authentication Failures'}{$line}++;
} elsif ($line =~ /session closed for user/) {
# ignore this line
} elsif ($line =~ /bad username \[\]/) {
# ignore this line
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
@@ -183,7 +189,7 @@ while ($line = <STDIN>) {
$data{$service}{'Authentication Failures'}{$line}++;
}
- } elsif ($service eq 'xdm') {
+ } elsif ($service eq 'xdm') {
if ($line =~ s/^session opened for user (.+) by \(uid=\d+\)/$1/) {
($Detail >= 5) && $data{$service}{'Sessions Opened'}{$line}++;
} elsif ($line =~ /session closed for user/) {
@@ -273,8 +279,27 @@ while ($line = <STDIN>) {
} else {
$data{$service}{'Unknown Entries'}{$line}++;
}
+ } elsif ($service eq 'polkit') {
+ if ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
+ } elsif ($line =~ s/^authentication failure; logname=(\S*) uid=(\d+) .*user=(\S*)$/$1($2) -> $3/) {
+ $data{$service}{'Authentication Failures'}{$line}++;
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
+ } elsif ($service eq 'virt-manager') {
+ if ($line =~ s/auth could not identify password for \[(.*)\]/$1/) {
+ $data{$service}{'Not Identify Password For'}{$line}++;
+ } elsif ($line =~ /conversation failed/) {
+ # ignore this line
+ } else {
+ $data{$service}{'Unknown Entries'}{$line}++;
+ }
+
} else {
- $data{$service}{'Unknown Entries'}{$line}++;
+ $data{$service}{'Unknown Entries'}{$line}++;
}
}
logwatch-7.3.6-secure2.patch:
--- NEW FILE logwatch-7.3.6-secure2.patch ---
diff -up logwatch-7.3.6/scripts/services/secure.pom logwatch-7.3.6/scripts/services/secure
--- logwatch-7.3.6/scripts/services/secure.pom 2008-10-20 13:50:05.000000000 +0200
+++ logwatch-7.3.6/scripts/services/secure 2008-10-21 10:47:07.000000000 +0200
@@ -196,7 +196,9 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /^su\[\d+\]: [+-] .+/) or
( $ThisLine =~ /^su\[\d+\]: FAILED su for \S+ by \S+/) or #debian: done in pam_unix
( $ThisLine =~ /^login\[\d+\]: ROOT LOGIN on '\S+'/) or #debian: done in pam_unix (Similar message on other system is reported)
- ( $ThisLine =~ /^login\[\d+\]: FAILED LOGIN \(\d+\) on ['`]\S+' FOR `\S+', (Authentication failure|User not known to the underlying authentication module)/) or #debian: done in pam_unix
+ ( $ThisLine =~ /^login\[\d+\]: FAILED LOGIN \(\d+\) on ['`]\S+' FOR `\S+', (Authentication failure|User not known to the underlying authentication module)/) or
+ ( $ThisLine =~ /^login: FAILED LOGIN 2 FROM (.*) FOR .*, (Authentication failure|User not known to the underlying authentication module)/) or
+ ( $ThisLine =~ /^login: pam_securetty(.*): unexpected response from failed conversation function/) or
( $ThisLine =~ /^pam_limits\[\d+\]/ ) or
( $ThisLine =~ /^kcheckpass(\[\d+\]|):/ ) or # done in pam_unix
( $ThisLine =~ /^cyrus\/lmtpd\[\d+\]: [^ ]+ server step [12]/ ) or
@@ -213,8 +215,15 @@ while (defined($ThisLine = <STDIN>)) {
( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or
( $ThisLine =~ /logfile turned over/) or # newsyslog on OpenBSD
( $ThisLine =~ /Connection closed by/) or
- ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) or # ssh script reads this log )
- ( $ThisLine =~ /userhelper.*: running (.*) with context (.*)/)
+ ( $ThisLine =~ /sshd.*: Accepted \S+ for \S+ from [\d\.:a-f]+ port \d+/) or # ssh script reads this log ) or
+ ( $ThisLine =~ /userhelper.*: running (.*) with context (.*)/) or
+ ( $ThisLine =~ /userhelper.*: pam_thinkfinger(.*): conversation failed/) or
+ ( $ThisLine =~ /su: PAM [0-9] more authentication failure; .*/) or
+ ( $ThisLine =~ /polkit-grant-helper\[\d+\]: granted authorization for [^ ]* to uid [0-9]* \[auth=.*\]/) or
+ ( $ThisLine =~ /polkit-grant-helper\[\d+\]: granted authorization for [^ ]* to session .* \[uid=[0-9]*\]/) or
+ ( $ThisLine =~ /polkit-grant-helper-pam\[\d+\]: pam_thinkfinger\(polkit:auth\): conversation failed/) or
+ ( $ThisLine =~ /gdm-session-worker\[\d+\]: gkr-pam: no password is available for user/) or
+ ( $ThisLine =~ /gdm-session-worker\[\d+\]: pam_namespace\(gdm:session\): Unmount of [^ ]* failed, Device or resource busy/)
) {
# Ignore these entries
} elsif ($ThisLine =~ /^spop3d/ || $ThisLine =~ /^pop\(\w+\)\[\d+\]:/) {
@@ -423,6 +432,9 @@ while (defined($ThisLine = <STDIN>)) {
$ChangedUID{"$Name,$UID1,$UID2"}++;
} elsif (($Module,$Service) = ($ThisLine =~ /Deprecated (pam_[^ ]*) module called from service "([^ ]*)"/)) {
$DeprecateModule{"$Module,$Service"}++;
+ } elsif ( ($User) = ($ThisLine =~ /useradd.*failed adding user `(.*)', data deleted/) ) {# failed adding user/)) {# (.*), data deleted/)) {
+ # useradd: failed adding user `rpcuser', data deleted
+ $FailedAddUsers{$User}++;
} else {
# Unmatched entries...
$ThisLine =~ s/\[\d+\]:/:/;
@@ -440,6 +452,14 @@ if ($DeletedUsers) {
print "Deleted Users:\n$DeletedUsers\n";
}
+if (keys %FailedAddUsers) {
+ print "Failed adding users:\n";
+ foreach $User (keys %FailedAddUsers) {
+ print " $User: ". $FailedAddUsers{$User}. " Time(s)\n";
+ }
+ print"\n";
+}
+
if ($NewGroups) {
print "New Groups:\n$NewGroups\n";
}
Index: logwatch.spec
===================================================================
RCS file: /cvs/pkgs/rpms/logwatch/devel/logwatch.spec,v
retrieving revision 1.98
retrieving revision 1.99
diff -u -r1.98 -r1.99
--- logwatch.spec 17 Oct 2008 07:53:35 -0000 1.98
+++ logwatch.spec 21 Oct 2008 09:14:17 -0000 1.99
@@ -1,7 +1,7 @@
Summary: A log file analysis program
Name: logwatch
Version: 7.3.6
-Release: 29%{?dist}
+Release: 30%{?dist}
License: MIT
Group: Applications/System
URL: http://www.logwatch.org/
@@ -46,6 +46,9 @@
Patch41: logwatch-7.3.6-logrotate.patch
Patch42: logwatch-7.3.6-postfix2.patch
Patch43: logwatch-7.3.6-postfix3.patch
+Patch44: logwatch-7.3.6-pam_unix3.patch
+Patch45: logwatch-7.3.6-init2.patch
+Patch46: logwatch-7.3.6-secure2.patch
Requires: textutils sh-utils grep mailx
Requires: perl(Date::Manip)
@@ -100,6 +103,9 @@
%patch41 -p1
%patch42 -p1
%patch43 -p1
+%patch44 -p1
+%patch45 -p1
+%patch46 -p1
rm -f scripts/services/*.orig
%build
@@ -213,6 +219,9 @@
%doc License project/CHANGES
%changelog
+* Tue Oct 21 2008 Ivana Varekova <varekova at redhat.com> 7.3.6-30
+- fix secure, pam_unix and init scripts
+
* Fri Oct 17 2008 Ivana Varekova <varekova at redhat.com> 7.3.6-29
- fix postfix script again (#462174)
More information about the scm-commits
mailing list