From bcfbf26e2aacc937668be64bfa265ee5b8271ff2 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Apr 10 2018 05:13:24 +0000 Subject: import logwatch-7.4.0-34.20130522svn140.el7 --- diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..12dfed2 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/logwatch-svn140.tar.xz diff --git a/.logwatch.metadata b/.logwatch.metadata new file mode 100644 index 0000000..029e0ae --- /dev/null +++ b/.logwatch.metadata @@ -0,0 +1 @@ +9131d3f0214d9655e8f1e3b5e44266c5756aefcc SOURCES/logwatch-svn140.tar.xz diff --git a/README.md b/README.md deleted file mode 100644 index 0e7897f..0000000 --- a/README.md +++ /dev/null @@ -1,5 +0,0 @@ -The master branch has no content - -Look at the c7 branch if you are working with CentOS-7, or the c4/c5/c6 branch for CentOS-4, 5 or 6 - -If you find this file in a distro specific branch, it means that no content has been checked in yet diff --git a/SOURCES/logwatch-base64.patch b/SOURCES/logwatch-base64.patch new file mode 100644 index 0000000..57b4cd0 --- /dev/null +++ b/SOURCES/logwatch-base64.patch @@ -0,0 +1,25 @@ +Resolves: #1123093 + +--- a/scripts/logwatch.pl 2016-03-16 14:27:25.770098250 +0100 ++++ b/scripts/logwatch.pl 2016-03-16 14:28:46.689067743 +0100 +@@ -1469,14 +1469,15 @@ sub parselogs { + if (defined fileno OUTFILE) { + print OUTFILE $out_mime if $out_mime; + if ( $Config{'encode'} eq "base64" ) { +- print OUTFILE encode_base64($out_head) if $out_head; +- print OUTFILE encode_base64($out_reference) if $out_reference; ++ my $out = ''; ++ $out .= $out_head if $out_head; ++ $out .= $out_reference if $out_reference; + foreach ( 0 .. $index_par ) { +- print OUTFILE encode_base64($out_body{$_}) if defined( $out_body{$_} ); +-#fixme ++ $out .= $out_body{$_} if defined( $out_body{$_} ); + $out_body{$_} = ''; #We should track this down out_body could be an array instead also -mgt + } +- print OUTFILE encode_base64($out_foot) if $out_foot; ++ $out .= $out_foot if $out_foot; ++ print OUTFILE encode_base64($out); + } else { + print OUTFILE $out_head if $out_head; + print OUTFILE $out_reference if $out_reference; diff --git a/SOURCES/logwatch-blank-files.patch b/SOURCES/logwatch-blank-files.patch new file mode 100644 index 0000000..41fc948 --- /dev/null +++ b/SOURCES/logwatch-blank-files.patch @@ -0,0 +1,10 @@ +--- logwatch-svn140/scripts/logwatch.pl 2016-04-22 13:36:55.290535535 +0200 ++++ logwatch-svn140-new/scripts/logwatch.pl 2016-04-22 13:40:44.117657038 +0200 +@@ -794,6 +794,7 @@ foreach $LogFile (@LogFileList) { + print "\n"; + next; + } ++ next if (-z $ThisFile); + #FIXME - We have a bug report for filenames with spaces, can be caught here needs test -mgt + $FileText .= ("'" . $ThisFile . "' "); + } #End foreach ThisFile diff --git a/SOURCES/logwatch-disk-space.patch b/SOURCES/logwatch-disk-space.patch new file mode 100644 index 0000000..6fc98a8 --- /dev/null +++ b/SOURCES/logwatch-disk-space.patch @@ -0,0 +1,45 @@ +--- logwatch-7.3.6/scripts/services/zz-disk_space 2015-11-18 15:03:12.271040764 +0100 ++++ logwatch-7.3.6-new/scripts/services/zz-disk_space 2015-11-18 15:03:01.594047694 +0100 +@@ -172,18 +172,30 @@ sub DiskSpace () + } + + sub DiskFull { +- my $o = `$disk_cmd`; +- my @rows = split('\n', $o); +- foreach my $row (@rows) { +- my @fields = split(' ', $row); +- my $use = $fields[4]; +- $use =~ s/%//; +- if (($use > $diskfull_threshhold) && ($fields[0] !~ /\/dev\/scd/ ) && ($fields[0] !~ /\/dev\/sr/ ) +- && ($fields[0] !~ /\/dev\/loop./)) { +- print "$fields[0] => $fields[4] Used. Warning. Disk Filling up.\n"; +- } +- } +-} ++ my $o = `$disk_cmd`; ++ my @good_rows = (); ++ my @rows = split('\n', $o); ++ for (my $i=0; $i $diskfull_threshhold) && ($filesystem !~ /\/dev\/scd/ ) && ($filesystem !~ /\/dev\/sr/ ) ++ && ($filesystem !~ /\/dev\/loop./)) ++ { ++ print "$filesystem => $use% Used. Warning. Disk Filling up.\n"; ++ } ++ } ++} + + ##################### + #Main diff --git a/SOURCES/logwatch-dovecot.patch b/SOURCES/logwatch-dovecot.patch new file mode 100644 index 0000000..111e998 --- /dev/null +++ b/SOURCES/logwatch-dovecot.patch @@ -0,0 +1,36 @@ +Update dovecot log parsing. + +Author: Frank Crawford +Author: Karel Klic +RH-Bugzilla: #645962 + +--- logwatch-svn127/scripts/services/dovecot.orig 2012-12-30 17:24:53.000000000 +0100 ++++ logwatch-svn127/scripts/services/dovecot 2013-01-09 09:09:45.256236296 +0100 +@@ -150,7 +150,7 @@ while (defined($ThisLine = )) { + # We don't care about these + } elsif ( $ThisLine =~ /Killed with signal /) { + $End++; +- } elsif ( $ThisLine =~ /Dovecot (v\d[^ ]* |)starting up( \(core dumps disabled\))?$/) { ++ } elsif ( $ThisLine =~ /Dovecot (v\d[^ ]* |)starting up( \(.*\))?$/) { + $Restarts++; + $End = 0; + } elsif ( ( ($User, $Host) = ( $ThisLine =~ /^pop3-login: Login: (.*?) \[(.*)\]/ ) ) or +@@ -181,15 +181,15 @@ while (defined($ThisLine = )) { + } + + # 'lda' for dovecot 2.0, 'deliver' for earlier versions +- } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^$dovecottag (?:lda|deliver)\((.*)\): msgid=.*: saved mail to (\S+)/ ) ) { ++ } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^$dovecottag (?:lda|deliver)\((.*)\): msgid=.*: saved mail to (.*)/ ) ) { + $Deliver{$User}{$Mailbox}++; + + # For Sieve-based delivery +- } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^$dovecottag (?:lda\(|deliver\(|lmtp\(\d+, )(.*)\): (?:[^:]+: )?sieve: msgid=.*: stored mail into mailbox '([^']*)'/ ) ) { ++ } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^$dovecottag (?:lda|deliver)\((.*)\): sieve: msgid=.*: stored mail into mailbox '(.*)'/ ) ) { + $Deliver{$User}{$Mailbox}++; + + # LMTP-based delivery +- } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^$dovecottag lmtp\(\d+, (.*)\): [^:]+: msgid=.*: saved mail to (\S+)/ ) ) { ++ } elsif ( ($User, $Mailbox) = ( $ThisLine =~ /^$dovecottag lmtp\(\d+, (.*)\): [^:]+: msgid=.*: saved mail to (.*)/ ) ) { + # dovecot: [ID 583609 mail.info] lmtp(12782, cloyce@headgear.org): jBt1EfjCMk3uMQAAm9eMBA: msgid=<4D32DB1F.3080707@c-dot.co.uk>: saved mail to INBOX + $Deliver{$User}{$Mailbox}++; + diff --git a/SOURCES/logwatch-journald.patch b/SOURCES/logwatch-journald.patch new file mode 100644 index 0000000..3870cc7 --- /dev/null +++ b/SOURCES/logwatch-journald.patch @@ -0,0 +1,168 @@ +3 upstreamed patches. + +Resolves: #1504984 + +From 63c05d4ea2f90fd54770d2487e9d18ee8c77823d Mon Sep 17 00:00:00 2001 +From: bjorn +Date: Sun, 15 May 2016 13:45:33 -0700 +Subject: [PATCH] - Initialized hostlimit variable to default empty string. - + Allow the use of /dev/null as logfile. + +--- + scripts/logwatch.pl | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/scripts/logwatch.pl b/scripts/logwatch.pl +index 6fcb5cb..0f863dc 100755 +--- a/scripts/logwatch.pl ++++ b/scripts/logwatch.pl +@@ -93,6 +93,7 @@ $Config{'encode'} = "none"; #8.0 + $Config{'hostformat'} = "none"; #8.0 + $Config{'html_wrap'} = 80; + $Config{'supress_ignores'} = 0; ++$Config{'hostlimit'} = ""; + + if (-e "$ConfigDir/conf/html/header.html") { + $Config{'html_header'} = "$ConfigDir/conf/html/header.html"; +@@ -778,8 +779,8 @@ foreach $LogFile (@LogFileList) { + my $FileText = ""; + + foreach my $ThisFile (@FileList) { +- #Existence check for files -mgt +- next unless (-f $ThisFile); ++ #Existence check for files and character devices such as /dev/null ++ next unless (-f $ThisFile || -c $ThisFile ); + if ($ThisFile =~ /'/) { + print "File $ThisFile has invalid embedded quotes. File ignored.\n"; + next; +-- +2.14.0 + +From 23e714ad43285d59c5b5852ef2c6013593d64671 Mon Sep 17 00:00:00 2001 +From: bjorn +Date: Sun, 15 May 2016 13:49:08 -0700 +Subject: [PATCH] [journalctl] Added shared script contributed by Mark Grimes. + +--- + scripts/shared/journalctl | 83 +++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 83 insertions(+) + create mode 100755 scripts/shared/journalctl + +diff --git a/scripts/shared/journalctl b/scripts/shared/journalctl +new file mode 100755 +index 0000000..1627fd4 +--- /dev/null ++++ b/scripts/shared/journalctl +@@ -0,0 +1,83 @@ ++#!/usr/bin/perl ++# ++# The purpose of this script is to pass the output of the journalctl ++# command to the logwatch parsers. The corresponding conf/logfile ++# can be simple. The following example shows a logfile with two lines: ++# LogFile = /dev/null ++# *JournalCtl = "--output=cat --unit=service_name.service" ++# ++# In the example above, the arguments to the JournalCtl command are ++# passed to the journalctl system command. It is advised to delimit ++# the arguments in double quotes to preserve mixed case, if ++# applicable. ++ ++use strict; ++use warnings; ++ ++eval "use Date::Manip"; ++my $hasDM = $@ ? 0 : 1; ++ ++# logwatch passes arguments as one string delimited by single quotes ++my @args = split(" ", $ARGV[0]); ++my @range = get_range( $ENV{LOGWATCH_DATE_RANGE} ); ++ ++my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0; ++ ++if ($Debug > 5) { ++ warn join " ", 'journalctl', @args, @range, "\n"; ++} ++ ++system( 'journalctl', @args, @range ); ++ ++sub get_range { ++ my $range = lc( shift || 'all' ); ++ my @range; ++ ++ if ( !$range || $range eq 'all' ) { ++ @range = (); ++ } elsif ( $range eq 'yesterday' ) { ++ push @range, '--since', 'yesterday', '--until', 'today'; ++ } elsif ( $range eq 'today' ) { ++ push @range, '--since', 'today', '--until', 'tomorrow'; ++ } elsif ($hasDM) { ++ ++ # Strip off any period ++ $range =~ ++ s/for\s+(?:those|that|this)\s+((year|month|day|hour|minute|second)s?)\s*$//; ++ ++ # Look for between x and y ++ my ( $range1, $range2 ) = ++ ( $range =~ /^between\s+(.*)\s+and\s+(.*)\s*$/ ); ++ ++ # Look for since x ++ if ( $range =~ /^\s*since\s+/ ) { ++ ($range1) = ( $range =~ /\s*since\s+(.*)/ ); ++ $range2 = "now"; ++ } ++ ++ # Now convert to journalctl friendly dates ++ if ( $range1 && $range2 ) { ++ ++ # Parse dates ++ my $date1 = ParseDate($range1); ++ my $date2 = ParseDate($range2); ++ ++ # Switch if date2 is before date1 ++ if ( $date1 && $date2 and Date_Cmp( $date1, $date2 ) > 0 ) { ++ my $switch_date = $date1; ++ $date1 = $date2; ++ $date2 = $switch_date; ++ } ++ ++ # If we ask for 1/1 to 1/2, we mean 1/2 inclusive. DM returns ++ # 1/2 00:00:00. So we add 1 day to the end time. ++ $date2 = DateCalc( $date2, '1 day' ); ++ ++ my $fmt = "%Y-%m-%d %H:%M:%S"; ++ push @range, '--since', UnixDate( $date1, $fmt ), '--until', ++ UnixDate( $date2, $fmt ); ++ } ++ } ++ ++ return @range; ++} +-- +2.14.0 + +Cherry picked from commit ed6eb62f40cb97f71f3df4d982682de68cdf1037. +Related: #1504984 + +diff --git a/scripts/services/syslog-ng b/scripts/services/syslog-ng +--- a/scripts/services/syslog-ng ++++ b/scripts/services/syslog-ng +@@ -163,7 +163,8 @@ while (defined($ThisLine = )) { + } elsif ($processed[$i] eq "destination") { + $Stats_dest{$processed[$i+1]} = + $Stats_dest{$processed[$i+1]} + $processed[$i+2]; +- } elsif ($processed[$i] eq "source" || $processed[$i] eq "src.internal") { ++ } elsif ($processed[$i] eq "source" || $processed[$i] eq "src.internal" || ++ $processed[$i] eq "src.journald") { + $Stats_source{$processed[$i+1]} = + $Stats_source{$processed[$i+1]} + $processed[$i+2]; + } elsif ($processed[$i] eq "global") { +@@ -359,7 +360,7 @@ if (keys %Stats_center || keys %Stats_de + + if ($Stats_center{received} && %Stats_source) { + $lost_rcvd = 0 - $Stats_center{received}; +- map { $lost_rcvd = $lost_rcvd + $Stats_source{$_} } keys %Stats_source; ++ map { $lost_rcvd = $lost_rcvd + $Stats_source{$_} unless ($_ =~ /journal/); } keys %Stats_source; + } + if ($Stats_center{queued} && %Stats_dest) { + $lost_dest = $Stats_center{queued}; + diff --git a/SOURCES/logwatch-logdir-case.patch b/SOURCES/logwatch-logdir-case.patch new file mode 100644 index 0000000..c22cbf2 --- /dev/null +++ b/SOURCES/logwatch-logdir-case.patch @@ -0,0 +1,11 @@ +--- logwatch-svn140/scripts/logwatch.pl 2016-04-22 13:17:14.275096840 +0200 ++++ logwatch-svn140/scripts/logwatch.pl.new 2016-04-22 13:24:16.060709792 +0200 +@@ -952,7 +952,7 @@ sub getInt { + ###################################################################### + sub CleanVars { + foreach (keys %Config) { +- unless (defined $Config{$_} and $_ eq "hostname") { ++ unless (defined $Config{$_} and ($_ eq "hostname" or $_ eq "logdir")) { + $Config{$_} = getInt($Config{$_}); + } + } diff --git a/SOURCES/logwatch-man-disrupted-sentence.patch b/SOURCES/logwatch-man-disrupted-sentence.patch new file mode 100644 index 0000000..12d03a2 --- /dev/null +++ b/SOURCES/logwatch-man-disrupted-sentence.patch @@ -0,0 +1,28 @@ +From e16d1363b33344c53da355983445505843c3cfe1 Mon Sep 17 00:00:00 2001 +From: Jan Synacek +Date: Thu, 17 Mar 2016 09:57:25 +0100 +Subject: [PATCH 2/4] conf: fix disrupted sentence + +--- + conf/logwatch.conf | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/conf/logwatch.conf b/conf/logwatch.conf +index 6faae8f..e031a6b 100644 +--- a/conf/logwatch.conf ++++ b/conf/logwatch.conf +@@ -60,10 +60,9 @@ MailFrom = Logwatch + # (i.e. /var/log/messages.1 or /var/log/messages.1.gz) will + # be searched in addition to the /var/log/messages file. + # This usually will not do much if your range is set to just +-# 'Yesterday' or 'Today'... it is probably best used with ++# 'Yesterday' or 'Today'... it is probably best used with Range = All. + # By default this is now set to Yes. To turn off Archives uncomment this. + #Archives = No +-# Range = All + + # The default time range for the report... + # The current choices are All, Today, Yesterday +-- +2.7.3 + diff --git a/SOURCES/logwatch-man.patch b/SOURCES/logwatch-man.patch new file mode 100644 index 0000000..60626a0 --- /dev/null +++ b/SOURCES/logwatch-man.patch @@ -0,0 +1,37 @@ +Add --hostlimit and --html_wrap to the logwatch.8 manpage. + +Author: Jan Synacek + +--- logwatch-svn140/logwatch.8 2013-05-22 15:29:09.779339911 +0200 ++++ logwatch-svn140-dist/logwatch.8 2013-05-22 15:48:03.248311264 +0200 +@@ -21,8 +21,12 @@ logwatch \- system log analyzer and repo + .I file-name + .B ] [--logdir + .I directory ++.B ] [--hostlimit ++.I hosts + .B ] [--hostname + .I hostname ++.B ] [--html_wrap ++.I number of characters + .B ] [--hostformat + .I host based options + .B ] [--output +@@ -94,6 +98,8 @@ instead of displaying or mailing it. + Look in + .I directory + for log subdirectories or log files instead of the default directory. ++.IP "\fB--hostlimit\fR host1,host2" ++Limit report to hostname - host1, host2. + .IP "\fB--hostname\fR hostname" + Use + .I hostname +@@ -101,6 +107,8 @@ for the reports instead of this system's + if HostLimit is set in the logwatch.conf configuration file (see + \fBMORE INFORMATION\fR, below), + then only logs from this hostname will be processed (where appropriate). ++.IP "\fB--html_wrap\fR num-characters" ++Number of characters that html output should be wrapped to. Default is 80. + .IP "\fB--numeric\fR" + Inhibits additional name lookups, displaying IP addresses numerically. + .IP "\fB--no-oldfiles-log\fR" diff --git a/SOURCES/logwatch-named-dnssec.patch b/SOURCES/logwatch-named-dnssec.patch new file mode 100644 index 0000000..eb52053 --- /dev/null +++ b/SOURCES/logwatch-named-dnssec.patch @@ -0,0 +1,142 @@ +Handle DNSSEC messages in named. + +Author: Frank Crawford +RH-Bugzilla: #666394 + +diff -up logwatch-svn46/scripts/services/named.dnssec logwatch-svn46/scripts/services/named +--- logwatch-svn46/scripts/services/named.dnssec 2011-03-28 13:54:24.212725223 +0200 ++++ logwatch-svn46/scripts/services/named 2011-03-28 14:08:21.044509429 +0200 +@@ -228,6 +228,7 @@ while (defined($ThisLine = )) { + ($ThisLine =~ /too many timeouts resolving '.*' .*: disabling EDNS/) or + ($ThisLine =~ /too many timeouts resolving '.*' .*: reducing the advertised EDNS UDP packet size to .* octets/) or + ($ThisLine =~ /reloading zones succeeded/) or ++ ($ThisLine =~ /generating session key/) or + ($ThisLine =~ /success resolving '.*' \(in '.*'?\) after disabling EDNS/) or + ($ThisLine =~ /success resolving '.*' \(in '.*'?\) after reducing the advertised EDNS UDP packet size to 512 octets/) or + ($ThisLine =~ /the working directory is not writable/) or +@@ -250,6 +250,11 @@ while (defined($ThisLine = )) { + ($ThisLine =~ /refresh in progress, refresh check queued/) or + ($ThisLine =~ /refresh: NODATA response from master/) or + ($ThisLine =~ /update with no effect/) or ++ ($ThisLine =~ /reading built-in trusted keys from file/) or ++ ($ThisLine =~ /using built-in trusted-keys/) or ++ ($ThisLine =~ /set up managed keys zone/) or ++ # the following seems okay since it says "success" ++ ($ThisLine =~ /managed-keys-zone .*: No DNSKEY RRSIGs found for '.*': success/) or + ($ThisLine =~ /validating \@0x[[:xdigit:]]+: .* no valid signature found/) or + # ignore this line because the following line describes the error + ($ThisLine =~ /unexpected error/) +@@ -269,7 +275,8 @@ while (defined($ThisLine = )) { + $ShutdownNamed++; + } elsif ( $ThisLine =~ /named shutdown failed/ ) { + $ShutdownNamedFail++; +- } elsif ( ($Host, $Zone) = ( $ThisLine =~ /client ([^\#]+)#[^\:]+: zone transfer '(.+)' denied/ ) ) { ++ } elsif ( (($Host, $Zone) = ( $ThisLine =~ /client ([^\#]+)#[^\:]+: (?:view \w+: )?zone transfer '(.+)' denied/ )) or ++ (($Host, $Zone) = ( $ThisLine =~ /client ([^\#]+)#[^\:]+: (?:view \w+: )?bad zone transfer request: '(.+)':/ )) ) { + $DeniedZoneTransfers{$Host}{$Zone}++; + } elsif ( ($Zone) = ( $ThisLine =~ /zone (.+) zone transfer deferred due to quota/ ) ) { + $DeferredZoneTransfers{$Zone}++; +@@ -291,14 +298,13 @@ while (defined($ThisLine = )) { + $ZoneLoaded{$Zone}++; + } elsif ( (undef,$Addr,undef,$Server) = ( $ThisLine =~ /ame server (on|resolving) '(.+)' \(in .+\):\s+(\[.+\]\.\d+)?\s*'?(.+)'?:?/ ) ) { + $LameServer{"$Addr ($Server)"}++; +- } elsif ( ($Zone) = ( $ThisLine =~ /Zone \"(.+)\" was removed/ ) ) { ++ } elsif ( (($Zone) = ( $ThisLine =~ /Zone \"(.+)\" was removed/ )) or ++ (($Zone) = ( $ThisLine =~ /zone (.+): \(.*\) removed/ )) ) { + $ZoneRemoved{$Zone}++; + } elsif ( ($Zone) = ( $ThisLine =~ /received notify for zone '(.*)'/ ) ) { + $ZoneReceivedNotify{$Zone}++; + } elsif ( ($Zone) = ( $ThisLine =~ /zone (.*): notify from .* up to date/ ) ) { + $ZoneReceivedNotify{$Zone}++; +- } elsif ( ($Zone) = ( $ThisLine =~ /zone (.*): notify from .* up to date/ ) ) { +- $ZoneReceivedNotify{$Zone}++; + } elsif ( ($Zone) = ( $ThisLine =~ /zone (.+)\/IN: refused notify from non-master/ ) ) { + $ZoneRefusedNotify{$Zone}++; + # } elsif ( ($Rhost,$Ldom,$Reason) = ( $ThisLine =~ /client ([\d\.a-fA-F:]+) bad zone transfer request: '(.+)': (.+)$/ ) ) { +@@ -321,13 +327,13 @@ while (defined($ThisLine = )) { + } elsif ( ($Client) = ( $ThisLine =~ /warning: client (.*) no more TCP clients/ ) ) { + $FullClient = LookupIP ($Client); + $DeniedTCPClient{$FullClient}++; +- } elsif ( ($Client) = ( $ThisLine =~ /client (.*)#\d+: query \(cache\) denied/ ) ) { ++ } elsif ( ($Client) = ( $ThisLine =~ /client (.*)#\d+: (?:view \w+: )?query \(cache\) denied/ ) ) { + $FullClient = LookupIP ($Client); + $DeniedQuery{$FullClient}++; + } elsif ( ($Client) = ( $ThisLine =~ /client (.*)#\d+: query '.*\/IN' denied/ ) ) { + $FullClient = LookupIP ($Client); + $DeniedQueryNoCache{$FullClient}++; +- } elsif ( ($Rhost, $ViewName, $Ldom) = ($ThisLine =~ /client ([\.0-9a-fA-F:]+)#\d+:(?: view ([^ ]+):)? update '(.*)' denied/)) { ++ } elsif ( ($Rhost, $ViewName, $Ldom) = ($ThisLine =~ /client ([\.0-9a-fA-F:]+)#\d+: (?:view \w+: )?update '(.*)' denied/)) { + $ViewName = ($ViewName ? "/$ViewName" : ""); + $UpdateDenied{"$Rhost ($Ldom$ViewName)"}++; + } elsif ( ($Rhost, $Ldom) = ($ThisLine =~ /client ([\d\.]+)#\d+: update forwarding '(.*)' denied/)) { +@@ -384,6 +390,18 @@ while (defined($ThisLine = )) { + $NoSOA{$Client}++; + } elsif (($Hint) = ($ThisLine =~ /checkhints: (.*)/) ) { + $Hints{$Hint}++; ++ } elsif (($Zone,$RR) = ($ThisLine =~ /^\s*validating \@0x[[:xdigit:]]+: (.*) (\w+): got insecure response; parent indicates it should be secure/)) { ++ $DNSSECInsec{'__Total__'}++; ++ $DNSSECInsec{$Zone}{$RR}++; ++ } elsif (($Zone,$RR) = ($ThisLine =~ /^\s*validating \@0x[[:xdigit:]]+: (.*) (\w+): no valid signature found/)) { ++ $DNSSECInvalid{'__Total__'}++; ++ $DNSSECInvalid{$Zone}{$RR}++; ++ } elsif (($Zone,$RR) = ($ThisLine =~ /^\s*validating \@0x[[:xdigit:]]+: (.*) (\w+): bad cache hit/)) { ++ $DNSSECBadCache{'__Total__'}++; ++ $DNSSECBadCache{$Zone}{$RR}++; ++ } elsif (($Error,$Host) = ($ThisLine =~ /error \((.*)\) resolving '([^']+)':/)) { ++ $DNSSECError{$Error}{'__Total__'}++; ++ $DNSSECError{$Error}{$Host}++; + } else { + # Report any unmatched entries... + # remove PID from named messages +@@ -713,6 +731,51 @@ if (keys %Hints) { + } + } + ++if (($Detail >= 5) and (keys %DNSSECInsec)) { ++ print "\n DNSSEC Insecure Responses: " . $DNSSECInsec{'__Total__'} . " Time(s)\n"; ++ foreach $Zone (sort keys %DNSSECInsec) { ++ if (($Detail >= 10) and ($Zone =~ /.+/) and ($Zone ne '__Total__')) { ++ foreach $RR (sort keys %{$DNSSECInsec{$Zone}}) { ++ print " " . "$Zone/$RR: " . $DNSSECInsec{$Zone}{$RR} . " Time(s)\n"; ++ } ++ } ++ } ++} ++ ++if (($Detail >= 5) and (keys %DNSSECInvalid)) { ++ print "\n DNSSEC No Valid Signature: " . $DNSSECInvalid{'__Total__'} . " Time(s)\n"; ++ foreach $Zone (sort keys %DNSSECInvalid) { ++ if (($Detail >= 10) and ($Zone =~ /.+/) and ($Zone ne '__Total__')) { ++ foreach $RR (sort keys %{$DNSSECInvalid{$Zone}}) { ++ print " " . "$Zone/$RR: " . $DNSSECInvalid{$Zone}{$RR} . " Time(s)\n"; ++ } ++ } ++ } ++} ++ ++if (($Detail >= 5) and (keys %DNSSECBadCache)) { ++ print "\n DNSSEC Bad Cache hit: " . $DNSSECBadCache{'__Total__'} . " Time(s)\n"; ++ foreach $Zone (sort keys %DNSSECBadCache) { ++ if (($Detail >= 10) and ($Zone =~ /.+/) and ($Zone ne '__Total__')) { ++ foreach $RR (sort keys %{$DNSSECBadCache{$Zone}}) { ++ print " " . "$Zone/$RR: " . $DNSSECBadCache{$Zone}{$RR} . " Time(s)\n"; ++ } ++ } ++ } ++} ++ ++if (($Detail >= 5) and (keys %DNSSECError)) { ++ print "\n DNS Errors:\n"; ++ foreach $Error (sort keys %DNSSECError) { ++ print " $Error: " . $DNSSECError{$Error}{'__Total__'} . " Time(s)\n"; ++ if ($Detail >= 10) { ++ foreach $Host (sort keys %{$DNSSECError{$Error}}) { ++ print " " . "$Host: " . $DNSSECError{$Error}{$Host} . " Time(s)\n" unless ($Host eq '__Total__'); ++ } ++ } ++ } ++} ++ + if (keys %OtherList) { + print "\n**Unmatched Entries**\n"; + foreach $line (sort {$a cmp $b} keys %OtherList) { diff --git a/SOURCES/logwatch-oldfiles.patch b/SOURCES/logwatch-oldfiles.patch new file mode 100644 index 0000000..981aa4e --- /dev/null +++ b/SOURCES/logwatch-oldfiles.patch @@ -0,0 +1,72 @@ +Add '--no-oldfiles-log' option that suppresses a warning about old files in the +logwatch temporary directory. + +Author: Ivana Varekova +RH-Bugzilla: #230974 + +--- logwatch-20110113/logwatch.8.orig 2010-05-01 04:32:20.000000000 +0200 ++++ logwatch-20110113/logwatch.8 2011-01-13 11:49:28.631589520 +0100 +@@ -31,7 +31,7 @@ + .I report format + .B ] [--encode + .I encoding to use +-.B ] [--numeric] [--version] [--help|--usage] ++.B ] [--numeric] [--no-oldfiles-log] [--version] [--help|--usage] + .SH DESCRIPTION + .B Logwatch + is a customizable, pluggable log-monitoring system. It will go +@@ -104,6 +104,9 @@ + then only logs from this hostname will be processed (where appropriate). + .IP "\fB--numeric\fR" + Inhibits additional name lookups, displaying IP addresses numerically. ++.IP "\fB--no-oldfiles-log\fR" ++Suppress the logwatch log, which informs about the ++old files in logwatch tmpdir. + .IP "\fB--usage\fR" + Displays usage information + .IP "\fB--help\fR" +--- logwatch-20110113/scripts/logwatch.pl.orig 2011-01-13 11:40:57.083697486 +0100 ++++ logwatch-20110113/scripts/logwatch.pl 2011-01-13 11:48:07.477874059 +0100 +@@ -187,6 +187,7 @@ my @TempLogFileList = (); + my @TempServiceList = (); + my $Help = 0; + my $ShowVersion = 0; ++my $NoOldfilesLog = 0; + my ($tmp_mailto, $tmp_savefile); + + &GetOptions ("d|detail=s" => \$Config{'detail'}, +@@ -209,6 +210,7 @@ my ($tmp_mailto, $tmp_savefile); + "hostformat=s" => \$Config{'hostformat'}, + "hostlimit=s" => \$Config{'hostlimit'}, + "html_wrap=s" => \$Config{'html_wrap'}, ++ "no-oldfiles-log" => \$NoOldfilesLog, + "subject=s" => \$Config{'subject'} + ) or &Usage(); + +@@ -632,7 +634,7 @@ if ($Config{'debug'} > 7) { + opendir(TMPDIR, $Config{'tmpdir'}) or die "$Config{'tmpdir'} $!"; + my @old_dirs = grep { /^logwatch\.\w{8}$/ && -d "$Config{'tmpdir'}/$_" } + readdir(TMPDIR); +-if (@old_dirs) { ++if ((@old_dirs) && ($NoOldfilesLog==0)) { + print "You have old files in your logwatch tmpdir ($Config{'tmpdir'}):\n\t"; + print join("\n\t", @old_dirs); + print "\nThe directories listed above were most likely created by a\n"; +@@ -1077,7 +1079,7 @@ sub ReadConfigFile { + sub Usage () { + # Show usage for this program + print "\nUsage: $0 [--detail ] [--logfile ] [--output ]\n" . +- " [--format ] [--encode ] [--numeric]\n" . ++ " [--format ] [--encode ] [--numeric] [--no-oldfiles-log]\n" . + " [--mailto ] [--archives] [--range ] [--debug ]\n" . + " [--filename ] [--help|--usage] [--version] [--service ]\n" . + " [--hostformat ] [--hostlimit ] [--html_wrap ]\n\n"; +@@ -1088,6 +1090,8 @@ sub Usage () { + print "--output : Report Output - stdout [default], mail, file.\n"; #8.0 + print "--format : Report Format - text [default], html.\n"; #8.0 + print "--encode : Enconding to use - none [default], base64.\n"; #8.0 ++ print "--no-oldfiles-log: Suppress the logwatch log, which informs about the\n"; ++ print " old files in logwatch tmpdir.\n"; + print "--mailto : Mail report to .\n"; + print "--archives: Use archived log files too.\n"; + print "--filename : Used to specify they filename to save to. --filename [Forces output to file].\n"; diff --git a/SOURCES/logwatch-puppet.patch b/SOURCES/logwatch-puppet.patch new file mode 100644 index 0000000..f722875 --- /dev/null +++ b/SOURCES/logwatch-puppet.patch @@ -0,0 +1,25 @@ +From 7841afe66d5b2049b229e8b8faddafc84aa08b68 Mon Sep 17 00:00:00 2001 +From: Jan Synacek +Date: Thu, 17 Mar 2016 09:58:46 +0100 +Subject: [PATCH 3/4] puppet: improve counting of successful runs + +--- + scripts/services/puppet | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/scripts/services/puppet b/scripts/services/puppet +index 305dfff..1b86ae7 100644 +--- a/scripts/services/puppet ++++ b/scripts/services/puppet +@@ -66,6 +66,8 @@ while (defined($ThisLine = )) { + } + } elsif ($ThisLine =~ /Finished catalog run in [0-9]+\.[0-9]+ seconds/) { + $SuccessfulRuns++; ++ } elsif ($ThisLine =~ /Applied catalog in [0-9]+\.[0-9]+ seconds/) { ++ $SuccessfulRuns++; + } elsif ($ThisLine =~ /skipping run/) { + $FailedRuns++; + } elsif ($ThisLine =~ /(Did not receive certificate)/) { +-- +2.7.3 + diff --git a/SOURCES/logwatch-rkhunter.patch b/SOURCES/logwatch-rkhunter.patch new file mode 100644 index 0000000..a6cad29 --- /dev/null +++ b/SOURCES/logwatch-rkhunter.patch @@ -0,0 +1,48 @@ +RootkitHunter support. + +Author: Jan Synacek +RH-Bugzilla: #818926 + +Index: scripts/services/secure +=================================================================== +--- scripts/services/secure (revision 110) ++++ scripts/services/secure (working copy) +@@ -180,6 +180,7 @@ + $PwdChange = 0; + $RequestKeyFailures = 0; + %OtherList = (); ++%RootkitHunter = (); + use Logwatch ':ip'; + + while (defined($ThisLine = )) { +@@ -519,6 +520,14 @@ + $e=''; + } + $KerbList{$response}{$type}{$from}{$service}{$client}{$e}++; ++ } elsif ($ThisLine =~ /Rootkit Hunter:/ ) { ++ if ($ThisLine =~ /Please inspect this machine/) { ++ $RootkitHunter{'inspect'}++; ++ } elsif ($ThisLine =~ /check started/) { ++ $RootkitHunter{'runs'}++; ++ } elsif (my ($mins, $secs) = ($ThisLine =~ /Scanning took ([0-9]*) minutes? and ([0-9]*) seconds?/)) { ++ $RootkitHunter{'time'}+= $mins*60 + $secs; ++ } + } else { + # Unmatched entries... + $ThisLine =~ s/\[\d+\]:/:/; +@@ -908,6 +917,15 @@ + } + } + ++if (keys %RootkitHunter) { ++ use integer; ++ my ($mins, $secs) = ($RootkitHunter{'time'} / 60, $RootkitHunter{'time'} % 60); ++ print "\nRootkitHunter:\n"; ++ print " Runs: $RootkitHunter{'runs'}\n"; ++ print " Suggested Inspection: $RootkitHunter{'inspect'} Time(s)\n"; ++ print " Total Runtime: $mins minute(s) $secs second(s)\n"; ++} ++ + if (keys %OtherList) { + print "\n**Unmatched Entries**\n"; + foreach $line (sort {$a cmp $b} keys %OtherList) { diff --git a/SOURCES/logwatch-secure-userhelper.patch b/SOURCES/logwatch-secure-userhelper.patch new file mode 100644 index 0000000..c24360a --- /dev/null +++ b/SOURCES/logwatch-secure-userhelper.patch @@ -0,0 +1,25 @@ +Fix misparsing of userhelper log entries for hddtemp that specify a device +using a name that includes a slash (e.g. '/usr/sbin/hddtemp -n -q /dev/sda'). +Additional slashes after the process name confuse logwatch as it considers the +last word behind the last slash the process' name. + +Author: Jan Synacek +RH-Bugzilla: #867290 + +--- logwatch-svn110/scripts/services/secure.orig 2012-10-18 11:13:33.000000000 +0200 ++++ logwatch-svn110/scripts/services/secure 2012-10-18 11:31:08.987571713 +0200 +@@ -843,8 +843,13 @@ if (keys %Executed_app) { + print "\nUserhelper executed applications:\n"; + foreach (keys %Executed_app) { + ($longapp,$asuser,$user) = split ","; ++ $longapp_orig = $longapp; ++ $i = index($longapp, " "); ++ if ($i > 0) { ++ $longapp = substr($longapp, 0, $i); ++ } + $app = substr($longapp,rindex($longapp,"/")+1); +- print " $user -> $app as $asuser: ".$Executed_app{"$longapp,$asuser,$user"}." Time(s)\n"; ++ print " $user -> $app as $asuser: ".$Executed_app{"$longapp_orig,$asuser,$user"}." Time(s)\n"; + } + } + diff --git a/SOURCES/logwatch-secure-username.patch b/SOURCES/logwatch-secure-username.patch new file mode 100644 index 0000000..6c9deb3 --- /dev/null +++ b/SOURCES/logwatch-secure-username.patch @@ -0,0 +1,18 @@ +Weaken username regexp restriction. Usernames can include more characters than +just letters (e.g. _ or [0-9]). + +Author: Jan Synacek +Reported-By: Robert Scheck +RH-Bugzilla: #894272 + +--- logwatch-svn127-dist/scripts/services/secure 2013-01-11 10:38:15.778804473 +0100 ++++ logwatch-svn127/scripts/services/secure 2013-01-11 10:49:13.381323119 +0100 +@@ -247,7 +247,7 @@ while (defined($ThisLine = )) { + ( $ThisLine =~ /userhelper\[\d+\]: running '([^ ]+)' with [^ ]+ context/) or + ( $ThisLine =~ /pam_timestamp\(.*:session\): updated timestamp file `\/var\/run\/sudo.*'/) or + ( $ThisLine =~ /[^ ]*: pam_keyinit(.*:.*): Unable to change GID to [0-9]* temporarily/) or +- ( $ThisLine =~ /password check failed for user \([a-zA-Z]*\)/) or ++ ( $ThisLine =~ /password check failed for user \(\S*\)/) or + ( $ThisLine =~ /PAM pam_set_item: attempt to set conv\(\) to NULL/) or + ( $ThisLine =~ /PAM pam_get_item: nowhere to place requested item/) or + ( $ThisLine =~ /pam_succeed_if\(.*:.*\): error retrieving information about user [a-zA-Z]*/ ) or diff --git a/SOURCES/logwatch-smartd-copyright.patch b/SOURCES/logwatch-smartd-copyright.patch new file mode 100644 index 0000000..676d58c --- /dev/null +++ b/SOURCES/logwatch-smartd-copyright.patch @@ -0,0 +1,12 @@ +--- logwatch/scripts/services/smartd 2011-02-28 12:08:10.000000000 +0100 ++++ logwatch/scripts/services/smartd.new 2013-06-06 13:55:44.835000202 +0200 +@@ -117,7 +117,8 @@ while (defined(my $ThisLine = )) + # ignore empty lines + } elsif ( ($ThisLine =~ /^smartd version/) + || ($ThisLine =~ /^Home page/) +- || ($ThisLine =~ /^smartd .*Copyright \(C\) [0-9-]+ by Bruce Allen/) ++ || ($ThisLine =~ /Copyright \(C\) [0-9-]+(?: by|,) Bruce Allen/) ++ || ($ThisLine =~ /^smartd [0-9\.]+ [0-9-]+/) + || ($ThisLine =~ /configuration file/i) + || ($ThisLine =~ /\[trip Temperature is \d+ Celsius\]/) + || ($ThisLine =~ /^Monitoring/) diff --git a/SOURCES/logwatch-sshd-detail.patch b/SOURCES/logwatch-sshd-detail.patch new file mode 100644 index 0000000..ae5198a --- /dev/null +++ b/SOURCES/logwatch-sshd-detail.patch @@ -0,0 +1,11 @@ +--- logwatch-svn140/scripts/services/sshd 2012-12-30 15:27:43.000000000 +0100 ++++ logwatch-svn140-new/scripts/services/sshd 2016-04-22 13:28:43.478562357 +0200 +@@ -799,7 +799,7 @@ if (keys %ChownErr) { + } + } + +-if ( ($Detail == 7 && keys %Krb_relm > 1) || ($Detail > 8 && keys %Krb_relm) ){ ++if ( ($Detail == 7 && keys %Krb_relm > 1) || ($Detail >= 8 && keys %Krb_relm) ){ + print "\nSucessfull Kerberos Authentication from ",(scalar keys %Krb_relm)," relm:\n"; + foreach my $relm (keys %Krb_relm) { + if($Detail > 9){ diff --git a/SOURCES/logwatch-sshd-format.patch b/SOURCES/logwatch-sshd-format.patch new file mode 100644 index 0000000..8367ba0 --- /dev/null +++ b/SOURCES/logwatch-sshd-format.patch @@ -0,0 +1,26 @@ +Resolves: #1422797 + +--- a/scripts/services/sshd 2017-08-28 13:11:02.078000000 +0200 ++++ b/scripts/services/sshd 2017-08-28 13:38:22.097000000 +0200 +@@ -290,7 +290,9 @@ + ($ThisLine =~ /^Failed keyboard-interactive for from/ ) or + ($ThisLine =~ /^Keyboard-interactive \(PAM\) userauth failed/ ) or + ($ThisLine =~ /^debug1: /) or +- ($ThisLine =~ /Nasty PTR record .* is set up for [\da-fA-F.:]+, ignoring/) ++ ($ThisLine =~ /Nasty PTR record .* is set up for [\da-fA-F.:]+, ignoring/) or ++ ($ThisLine =~ /Exiting on signal .*$/) or ++ ($ThisLine =~ /Disconnected from (?:[^ ]*) port .*$/) + ) { + # Ignore these + } elsif ( my ($Method,$User,$Host,$Port) = ($ThisLine =~ /^Accepted (\S+) for (\S+) from ([\d\.:a-f]+) port (\d+)/) ) { +@@ -379,7 +381,9 @@ + $RefusedConnections{$1}++; + } elsif ( my ($Reason) = ($ThisLine =~ /^Authentication refused: (.*)$/ ) ) { + $RefusedAuthentication{$Reason}++; +- } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*): (.*)$/)) { ++ # Old format: Received disconnect from 192.168.122.1: 11: disconnected by user ++ # New format: Received disconnect from 192.168.122.1 port 43680:11: disconnected by user ++ } elsif ( my ($Host,$Reason) = ($ThisLine =~ /^Received disconnect from ([^ ]*)(?: port \d+)?: ?(.*)$/)) { + $DisconnectReceived{$Reason}{$Host}++; + } elsif ( my ($Host) = ($ThisLine =~ /^ROOT LOGIN REFUSED FROM ([^ ]*)$/)) { + $RootLogin{$Host}++; diff --git a/SOURCES/logwatch-sshd-typos.patch b/SOURCES/logwatch-sshd-typos.patch new file mode 100644 index 0000000..73511de --- /dev/null +++ b/SOURCES/logwatch-sshd-typos.patch @@ -0,0 +1,12 @@ +diff -rup logwatch-svn140/scripts/services/sshd logwatch-svn140-new/scripts/services/sshd +--- logwatch-svn140/scripts/services/sshd 2016-05-19 14:30:15.950891232 +0200 ++++ logwatch-svn140-new/scripts/services/sshd 2016-05-19 14:30:51.436881734 +0200 +@@ -800,7 +800,7 @@ if (keys %ChownErr) { + } + + if ( ($Detail == 7 && keys %Krb_relm > 1) || ($Detail >= 8 && keys %Krb_relm) ){ +- print "\nSucessfull Kerberos Authentication from ",(scalar keys %Krb_relm)," relm:\n"; ++ print "\nSuccessful Kerberos Authentication from ",(scalar keys %Krb_relm)," realm:\n"; + foreach my $relm (keys %Krb_relm) { + if($Detail > 9){ + print " ",$relm,":\n"; diff --git a/SOURCES/logwatch-vsftpd.patch b/SOURCES/logwatch-vsftpd.patch new file mode 100644 index 0000000..86557d6 --- /dev/null +++ b/SOURCES/logwatch-vsftpd.patch @@ -0,0 +1,62 @@ +Correctly apply time filter when parsing vsftpd log messages. + +Author: Ivana Varekova +RH-Bugzilla: #217226 + +--- logwatch-7.3.1/scripts/logwatch.pl.pom 2006-09-16 06:04:14.000000000 +0200 ++++ logwatch-7.3.1/scripts/logwatch.pl 2006-11-29 13:16:22.000000000 +0100 +@@ -917,11 +917,16 @@ + my $FilterText = " "; + foreach (sort keys %{$LogFileData{$LogFile}}) { + my $cmd = $_; ++ + if ($cmd =~ s/^\d+-\*//) { + if (-f "$ConfigDir/scripts/shared/$cmd") { + $FilterText .= ("| $PerlVersion $ConfigDir/scripts/shared/$cmd '$LogFileData{$LogFile}{$_}'" ); + } elsif (-f "$BaseDir/scripts/shared/$cmd") { +- $FilterText .= ("| $PerlVersion $BaseDir/scripts/shared/$cmd '$LogFileData{$LogFile}{$_}'" ); ++ if ($LogFile =~ /^vsftpd$/ ) { ++ $FilterText .= ("| $PerlVersion $BaseDir/scripts/shared/applyvsftpddate '$LogFileData{$LogFile}{$_}'" ); ++ } else { ++ $FilterText .= ("| $PerlVersion $BaseDir/scripts/shared/$cmd '$LogFileData{$LogFile}{$_}'" ); ++ } + } else { + die "Cannot find shared script $cmd\n"; + } +--- logwatch-7.3.1/scripts/shared/applyvsftpddate.pom 2006-11-29 13:13:28.000000000 +0100 ++++ logwatch-7.3.1/scripts/shared/applyvsftpddate 2006-11-29 13:10:26.000000000 +0100 +@@ -0,0 +1,34 @@ ++########################################################################## ++# $Id: applystddate,v 1.18 2005/10/22 00:19:56 bjorn Exp $ ++########################################################################## ++ ++######################################################## ++# This was written and is maintained by: ++# Kirk Bauer ++# ++# Please send all comments, suggestions, bug reports, ++# etc, to logwatch-devel@logwatch.org ++######################################################## ++ ++use Logwatch ':dates'; ++ ++my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0; ++ ++$SearchDate = TimeFilter('%b %e %H:%M:%S 20%y'); ++ ++# The date might be "Dec 09", but it needs to be "Dec 9"... ++#$SearchDate =~ s/ 0/ /; ++# The format of Fri Nov 29 20:59:09 2005 ++ ++if ( $Debug > 5 ) { ++ print STDERR "DEBUG: Inside ApplyStdDate...\n"; ++ print STDERR "DEBUG: Looking For: " . $SearchDate . "\n"; ++} ++ ++while (defined($ThisLine = )) { ++ if ($ThisLine =~ m/(Mon|Tue|Wed|Thu|Fri|Sat|Sun) $SearchDate/o) { ++ print "$ThisLine"; ++ } ++} ++ ++# vi: shiftwidth=3 syntax=perl tabstop=3 et diff --git a/SOURCES/logwatch-xntpd.patch b/SOURCES/logwatch-xntpd.patch new file mode 100644 index 0000000..ad0d8bc --- /dev/null +++ b/SOURCES/logwatch-xntpd.patch @@ -0,0 +1,43 @@ +Update ntpd log parsing. + +RH-Bugzilla: #673756 + +Index: scripts/services/xntpd +=================================================================== +--- scripts/services/xntpd (revision 85) ++++ scripts/services/xntpd (working copy) +@@ -142,6 +142,7 @@ + ($ThisLine =~ m/tickadj = /) or # startup + ($ThisLine =~ m/precision = /) or # startup + ($ThisLine =~ m/ (succeeded|failed)/) or # startup ++ ($ThisLine =~ m/sendto\(\S+\): Success/) or # startup + ($ThisLine =~ m/kernel time (discipline|sync) status/) or # startup + ($ThisLine =~ m/kernel time sync (dis|en)abled /) or # startup + ($ThisLine =~ m/frequency initialized/) or # startup +@@ -154,6 +155,8 @@ + ($ThisLine =~ /Listening on interface .* Disabled/) or + ($ThisLine =~ /Listen and drop on /) or + ($ThisLine =~ /Listening on routing socket on/) or ++ ($ThisLine =~ /.* interface .* -> \(null\)/) or ++ ($ThisLine =~/Deferring DNS for/) or + ($ThisLine =~ /ntp_io: estimated max descriptors: \d*, initial socket boundary: \d*/) or + ($ThisLine =~ /peers refreshed$/) or + ($ThisLine =~ /restrict: error in address/) or +@@ -177,7 +180,7 @@ + } elsif ( my (undef,$TimeStep) = ($ThisLine =~ /(offset) ([^ ]+) sec/ )) { + push @TimeReset, $TimeStep; + # MEv end no leadin to line +- } elsif ( my ($ListenOn) = ($ThisLine =~ /Listening on interface (.*)(?: Enabled)?/ )) { ++ } elsif ( my ($ListenOn) = ($ThisLine =~ /Listening on interface(?: #\d+)? (.*)(?: Enabled)?/ )) { + $Interfaces{$ListenOn}++; + } elsif ( my ($ListenOn) = ($ThisLine =~ /Listen normally on \d+ (.*)/ )) { + $Interfaces{$ListenOn}++; +@@ -196,7 +199,7 @@ + $TwoInst{$name}++; + } elsif ( my ($Error) = ($ThisLine =~ /(no server(s reachable| suitable for synchronization found))/ )) { + $Errors{$Error}++; +- } elsif ( my ($Error) = ($ThisLine =~ /(can't find host \S+|no servers can be used, exiting)/ )) { ++ } elsif ( my ($Error) = ($ThisLine =~ /([Cc]an't find host \S+|no servers can be used, exiting)/ )) { + $Errors{$Error}++; + } elsif ( my ($Error) = ($ThisLine =~ /(sendto\(\S+\): Network is unreachable)/ )) { + $Errors{$Error}++; diff --git a/SPECS/logwatch.spec b/SPECS/logwatch.spec new file mode 100644 index 0000000..49e6565 --- /dev/null +++ b/SPECS/logwatch.spec @@ -0,0 +1,945 @@ +Summary: A log file analysis program +Name: logwatch +Version: 7.4.0 +Release: 34.20130522svn140%{?dist} +License: MIT +Group: Applications/System +URL: http://www.logwatch.org/ +# The source for this package was pulled from upstream's vcs. Use the +# following commands to generate the tarball: +# svn export -r 140 https://logwatch.svn.sourceforge.net/svnroot/logwatch logwatch-svn140 +# tar cJvf logwatch-svn140.tar.xz logwatch-svn140 +Source0: logwatch-svn140.tar.xz +#Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz +# Needs proper fix. Not applied by the upstream. +Patch0: logwatch-vsftpd.patch +# Not applied by upstream. +Patch1: logwatch-oldfiles.patch +# Fixes not yet in upstream for DNSSEC messages in named service (rhbz#666394) +Patch3: logwatch-named-dnssec.patch +Patch5: logwatch-xntpd.patch +Patch7: logwatch-dovecot.patch +# Rootkit Hunter patch - not applied by upstream +Patch9: logwatch-rkhunter.patch +# Not yet upstreamed +Patch16: logwatch-secure-userhelper.patch +Patch18: logwatch-secure-username.patch +Patch19: logwatch-man.patch +Patch20: logwatch-man-disrupted-sentence.patch +Patch21: logwatch-smartd-copyright.patch +Patch22: logwatch-disk-space.patch +Patch23: logwatch-logdir-case.patch +Patch24: logwatch-sshd-detail.patch +Patch25: logwatch-puppet.patch +Patch26: logwatch-blank-files.patch +Patch27: logwatch-sshd-typos.patch +Patch28: logwatch-sshd-format.patch +Patch29: logwatch-base64.patch +### upstreamed +Patch30: logwatch-journald.patch + +Requires: textutils sh-utils grep mailx +Requires: perl(Date::Manip) +Requires: perl(Sys::CPU) +Requires: perl(Sys::MemInfo) +BuildArchitectures: noarch + +%description +Logwatch is a customizable, pluggable log-monitoring system. It will go +through your logs for a given period of time and make a report in the areas +that you wish with the detail that you wish. Easy to use - works right out +of the package on many systems. + +%prep +%setup -q -n logwatch-svn140 +%patch0 -p1 +%patch1 -p1 +%patch3 -p1 +%patch5 -p0 +%patch7 -p1 +%patch9 -p0 +%patch16 -p1 +%patch18 -p1 +%patch19 -p1 +%patch20 -p1 +%patch21 -p1 +%patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 +%patch26 -p1 +%patch27 -p1 +%patch28 -p1 +%patch29 -p1 +%patch30 -p1 +rm -f scripts/services/*.orig + +%build + +%install +install -m 0755 -d %{buildroot}%{_var}/cache/logwatch +install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/scripts +install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/scripts/services +install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/conf +install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/conf/logfiles +install -m 0755 -d %{buildroot}%{_sysconfdir}/logwatch/conf/services +install -m 0755 -d %{buildroot}%{_sysconfdir}/cron.daily +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/default.conf/logfiles +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/default.conf/services +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/default.conf/html +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/dist.conf/logfiles +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/dist.conf/services +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/scripts/services +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/scripts/shared +install -m 0755 -d %{buildroot}%{_datadir}/logwatch/lib +install -m 0755 -d %{buildroot}%{_sbindir} +install -m 0755 -d %{buildroot}%{_mandir}/man5 +install -m 0755 -d %{buildroot}%{_mandir}/man8 + +for i in scripts/logfiles/*; do + if [ $(ls $i | wc -l) -ne 0 ]; then + install -m 0755 -d %{buildroot}%{_datadir}/logwatch/$i + install -m 0644 $i/* %{buildroot}%{_datadir}/logwatch/$i + fi +done + +install -m 0755 scripts/logwatch.pl %{buildroot}%{_datadir}/logwatch/scripts/logwatch.pl +install -m 0644 scripts/services/* %{buildroot}%{_datadir}/logwatch/scripts/services +install -m 0644 scripts/shared/* %{buildroot}%{_datadir}/logwatch/scripts/shared + +install -m 0644 conf/logwatch.conf %{buildroot}%{_datadir}/logwatch/default.conf/logwatch.conf + +install -m 0644 conf/logfiles/* %{buildroot}%{_datadir}/logwatch/default.conf/logfiles +install -m 0644 conf/services/* %{buildroot}%{_datadir}/logwatch/default.conf/services +install -m 0644 conf/html/* %{buildroot}%{_datadir}/logwatch/default.conf/html + +install -m 0644 lib/Logwatch.pm %{buildroot}%{_datadir}/logwatch/lib/Logwatch.pm + +install -m 0644 ignore.conf.5 %{buildroot}%{_mandir}/man5 +install -m 0644 override.conf.5 %{buildroot}%{_mandir}/man5 +install -m 0644 logwatch.conf.5 %{buildroot}%{_mandir}/man5 +install -m 0644 logwatch.8 %{buildroot}%{_mandir}/man8 + +install -m 0755 logwatch.cron %{buildroot}%{_sysconfdir}/cron.daily/0logwatch + +ln -s ../../%{_datadir}/logwatch/scripts/logwatch.pl %{buildroot}/%{_sbindir}/logwatch + +# Do not install zz-fortune service on RHEL +%if 0%{?rhel} +rm -f %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune* \ + %{buildroot}%{_datadir}/logwatch/conf/services/zz-fortune* \ + %{buildroot}%{_datadir}/logwatch/conf/logfiles/fortune* +touch %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune +chmod 644 %{buildroot}%{_datadir}/logwatch/scripts/services/zz-fortune +%endif + +echo "###### REGULAR EXPRESSIONS IN THIS FILE WILL BE TRIMMED FROM REPORT OUTPUT #####" > %{buildroot}%{_sysconfdir}/logwatch/conf/ignore.conf +echo "# Local configuration options go here (defaults are in %{_datadir}/logwatch/default.conf/logwatch.conf)" > %{buildroot}%{_sysconfdir}/logwatch/conf/logwatch.conf +echo "# Configuration overrides for specific logfiles/services may be placed here." > %{buildroot}%{_sysconfdir}/logwatch/conf/override.conf + +%files +%doc README HOWTO-Customize-LogWatch LICENSE +%dir %{_var}/cache/logwatch +%dir %{_sysconfdir}/logwatch +%dir %{_sysconfdir}/logwatch/scripts +%dir %{_sysconfdir}/logwatch/conf +%dir %{_sysconfdir}/logwatch/conf/logfiles +%dir %{_sysconfdir}/logwatch/conf/services +%dir %{_sysconfdir}/logwatch/scripts/services +%config(noreplace) %{_sysconfdir}/cron.daily/0logwatch +%config(noreplace) %{_sysconfdir}/logwatch/conf/*.conf +%dir %{_datadir}/logwatch +%dir %{_datadir}/logwatch/dist.conf +%dir %{_datadir}/logwatch/dist.conf/services +%dir %{_datadir}/logwatch/dist.conf/logfiles +%{_datadir}/logwatch/scripts/logwatch.pl +%config(noreplace) %{_datadir}/logwatch/default.conf/*.conf +%{_sbindir}/logwatch +%dir %{_datadir}/logwatch/scripts +%{_datadir}/logwatch/scripts/shared +%{_datadir}/logwatch/scripts/services +%{_datadir}/logwatch/scripts/logfiles +%dir %{_datadir}/logwatch/lib +%{_datadir}/logwatch/lib/Logwatch.pm +%dir %{_datadir}/logwatch/default.conf +%dir %{_datadir}/logwatch/default.conf/services +%{_datadir}/logwatch/default.conf/services/*.conf +%dir %{_datadir}/logwatch/default.conf/logfiles +%{_datadir}/logwatch/default.conf/logfiles/*.conf +%dir %{_datadir}/logwatch/default.conf/html +%{_datadir}/logwatch/default.conf/html/*.html +%{_mandir}/man*/* + +%changelog +* Mon Nov 27 2017 Jan Synáček - 7.4.0-34.20130522svn140 +- add support for systemd journal (#1504984) + +* Mon Oct 2 2017 Jan Synáček - 7.4.0-33.20130522svn140 +- SSHD log format is going to change (#1422797) +- logwatch encode=base64 generates invalid mime block (#1123093) + +* Thu May 19 2016 Jan Synáček - 7.4.0-32.20130522svn140 +- Refix logwatch fails with argument list too long (#1300170) +- Fix Typos in sshd service script output (#1335493) + +* Fri May 13 2016 Jan Synáček - 7.4.0-32.20130522svn140 +- Refix When filesystem name is long, the disk full check fails to work (#1293360) + +* Thu May 12 2016 Jan Synáček - 7.4.0-31.20130522svn140 +- remove incorrect changelog entry (Related: #1221903) + +* Thu May 12 2016 Jan Synáček - 7.4.0-30.20130522svn140 +- Fix smartd copyright message needs to be suppressed again (#1162741) + +* Fri Apr 22 2016 Jan Synáček - 7.4.0-29.20130522svn140 +- Fix disrupted sentence in default logwatch.conf file (#1126848) +- Fix smartd copyright message needs to be suppressed again (#1162741) +- Fix Logwatch cron files not marked correctly as %%config(noreplace) (#1221903) +- Fix When filesystem name is long, the disk full check fails to work (#1293360) +- Fix Should not change the case of $logdir (#1293624) +- Fix logwatch --service sshd --detail 8 does not print Kerberos summary (#1295888) +- Fix logwatch puppet-agent unknown entries (#1299181) +- Fix logwatch fails with argument list too long (#1300170) + +* Fri Dec 27 2013 Daniel Mach - 7.4.0-28.20130522svn140 +- Mass rebuild 2013-12-27 + +* Mon Jul 1 2013 Jan Synáček - 7.4.0-27.20130522svn140 +- Remove unused patch + +* Thu May 23 2013 Jan Synáček - 7.4.0-26.20130522svn140 +- Add missing options to logwatch.8 + +* Wed May 22 2013 Jan Synáček - 7.4.0-25.20130522svn140 +- Update to revision 140 and drop upstreamed patches +- Own directories correctly + +* Thu Feb 14 2013 Fedora Release Engineering - 7.4.0-24.20130102svn127 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Tue Jan 22 2013 Jan Synáček - 7.4.0-23.20130102svn127 +- Improve mdadm script + +* Fri Jan 11 2013 Jan Synáček - 7.4.0-22.20130102svn127 +- Add secure-username patch to properly ignore "password check failed for user" + (rhbz#894272) +- Fix dovecot timestamp misparsing (related: rhbz#886193) + +* Wed Jan 09 2013 Jan Synáček - 7.4.0-21.20130102svn127 +- Update to revision 127 and drop ustreamed patches +- Update dovecot patch + +* Mon Dec 10 2012 Jan Synáček - 7.4.0-20.20120619svn110 +- Comment patches + +* Tue Dec 04 2012 Jan Synáček - 7.4.0-19.20120619svn110 +- Don't use ApplyhttpDate (rhbz#881111) + +* Mon Oct 22 2012 Jan Synáček - 7.4.0-18.20120619svn110 +- Add secure-userhelper patch: Fix misparsing userhelper log entries + (rhbz#867290) + +* Thu Sep 27 2012 Jan Synáček - 7.4.0-17.20120619svn110 +- Add secure patch (rhbz#836189) +- Add pam_unix patch (rhbz#836183, rhbz#846725) + +* Wed Aug 29 2012 Jan Synáček - 7.4.0-16.20120619svn110 +- Add applystddate patch - support rsyslog timestamps +- Add http patch - count .hdr files as archives +- Add pluto patch - update openswan parsing +- Add xvc patch - support xen virtual console logins + +* Thu Jul 19 2012 Fedora Release Engineering - 7.4.0-15.20120619svn110 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Thu Jul 19 2012 Jan Synáček - 7.4.0-14.20120619svn110 +- Remove defattr to comply with Fedora Packaging Guidelines + +* Wed Jun 27 2012 Jan Synáček - 7.4.0-14.20120619svn110 +- Add rhhunter patch (rhbz#818926) + +* Tue Jun 19 2012 Jan Synáček - 7.4.0-13.20120619svn110 +- Update to revision 110 +- Drop unnecessary patches +- Add proper requires + +* Fri May 04 2012 Jan Synáček - 7.4.0-12.20120425svn100 +- Update secure-update patch +- Update systemd-logind patch + +* Fri Apr 27 2012 Jan Synáček - 7.4.0-11.20120425svn100 +- Add dovecot-proxy patch (rhbz#812883) +- Add secure-update patch (rhbz#809314) +- Add mail-headers patch (rhbz#811185) +- Add systemd-logind patch (rhbz#812880) +- Add sshd-undef patch (rhbz#783528) + +* Wed Apr 25 2012 Jan Synáček - 7.4.0-10.20120425svn100 +- Update to revision 100 +- Update logwatch-named-dnssec.patch + +* Thu Mar 01 2012 Jan Synáček - 7.4.0-9.20120229svn85 +- Get the release version right this time + +* Thu Mar 01 2012 Jan Synáček - 7.4.0-7.20120229svn85 +- Bump release version, so yum doesn't get confused when upgrading + +* Wed Feb 29 2012 Jan Synáček - 7.4.0-1.20120229svn85 +- Update to revision 85 +- Drop sendmail patch +- Update xntpd,secure and dovecot patches + +* Wed Jan 04 2012 Jan Synáček - 7.4.0-8.20110328svn50 +- Updated -manpage patch (rhbz#719061) + +* Wed Jan 04 2012 Jan Synáček - 7.4.0-7.20110328svn50 +- Renamed sendmail patch to match other patches' naming convention +- Added -secure-grammar patch (rhbz#716224) + +* Mon Dec 19 2011 Jan Synáček - 7.4.0-6.20110328svn50 +- Added -sendmail-typo patch (rhbz#708183) + +* Sat Apr 30 2011 Frank Crawford - 7.4.0-5.20110328svn50 +- Added -sshd patch to match more pam_systemd messages (rhbz#699558) +- Updated logwatch.spec to create empty files in /etc/logwatch/conf + +* Tue Apr 26 2011 Frank Crawford - 7.4.0-4.20110328svn50 +- Updated -secure patch to match more pam_systemd messages + +* Tue Apr 26 2011 Frank Crawford - 7.4.0-3.20110328svn50 +- Updated -secure patch for pam_systemd messages (rhbz#699558) +- Updated -dovecot patch for extended starting message from upstream + +* Thu Mar 31 2011 Karel Klíč - 7.4.0-2.20110328svn50 +- Added -dovecot patch to handle directory names with whitespaces (rhbz#645962) + +* Mon Mar 28 2011 Karel Klíč - 7.4.0-1.20110328svn50 +- Moved to the latest upstream SVN version + +* Mon Mar 28 2011 Karel Klíč - 7.3.6-71.20110228svn46 +- Added -smartd patch to suppress copyright message for smartd module (rhbz#673758) + +* Mon Mar 28 2011 Karel Klíč - 7.3.6-70.20110228svn46 +- Added -xntpd patch (rhbz#673756) + +* Mon Mar 28 2011 Karel Klíč - 7.3.6-69.20110228svn46 +- Added -manpage patch fixing a typo in logwatch(8) (rhbz#664883) +- Removed `rm -rf %%{buildroot}` from %%install section + +* Mon Mar 28 2011 Karel Klíč - 7.3.6-68.20110228svn46 +- Added -named-dnessec patch to handle DNSSEC messages in named (rhbz#666394) + +* Sun Mar 6 2011 Frank Crawford - 7.3.6-67.20110228svn46 +- Handle additional messages in /var/log/secure (rhbz#673760) + +* Mon Feb 28 2011 Karel Klic - 7.3.6-66.20110228svn46 +- Updated to the latest svn revision +- Fixes CVE-2011-1018: Privilege escalation due improper sanitization + of special characters in log file names (rhbz#680237) + +* Tue Feb 08 2011 Fedora Release Engineering - 7.3.6-65.20110203svn25 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Feb 3 2011 Karel Klic - 7.3.6-64.20110203svn25 +- Updated to the latest svn revision, removed dhcpd patch merged by + upstream +- Added LICENSE file, which became available in this revision + +* Wed Feb 2 2011 Karel Klic - 7.3.6-63.20110201svn23 +- Updated to the latest svn revision, removed patches merged by upstream + +* Sun Jan 23 2011 Richard Fearn - 7.3.6-62.20110113svn22 +- Fix rhbz#671201: make /etc/cron.daily/0logwatch executable + +* Tue Jan 18 2011 Karel Klic - 7.3.6-61.20110113svn22 +- Removed "Listening on interface .* Enabled" line in logwatch-xntpd.patch + +* Mon Jan 17 2011 Karel Klic - 7.3.6-60.20110113svn22 +- Added logwatch-pam_unix.patch by Frank Crawford (rhbz#666586), modified + +* Thu Jan 13 2011 Karel Klic - 7.3.6-59.20110113svn22 +- Correct date in the release number + +* Thu Jan 13 2011 Karel Klic - 7.3.6-59.20100113svn22 +- Updated to the latest SVN upstream revision +- Removed patches merged by upstream +- Removed logwatch-7.3.6-usage.patch, because --usage works in the new + version +- Removed logwatch-7.3.6-cron_conf.patch, because logwatch already + handles the same problem, only differently +- Removed logwatch-7.3.6-sendmail.patch: if the log level becomes + problem again, it should be fixed differently +- Removed Fedora-specific /etc/logwatch/conf/{logwatch,ignore}.conf, + upstream version is used instead +- Renamed logwatch-7.3.1-vsftpd.patch to logwatch-vsftpd.patch, + logwatch-7.3.6-oldfiles.patch to logwatch-oldfiles.patch, and + logwatch-7.3.6-postfix.patch to logwatch-postfix.patch, because + versioning no longer makes sense in Logwatch (the patches does not + necessarily apply to the last officially released version); + all patches updated to apply on the latest sources +- Added logwatch-automount.patch by Frank Crawford (rhbz#666582) +- Added logwatch-dhcpd.patch by Frank Crawford (rhbz#666393) +- Added logwatch-dovecot.patch by Frank Crawford (rhbz#666376) +- Added logwatch-smartd.patch by Frank Crawford (rhbz#666382) +- Added logwatch-xntpd.patch by Frank Crawford (rhbz#666498) +- Added logwatch-dovecot2.patch + +* Sat Oct 9 2010 Richard Fearn 7.3.6-58 +- named: match "DNS format error", and variants of existing messages + (rhbz#595222) + +* Sat Oct 9 2010 Richard Fearn 7.3.6-57 +- named: match "clients-per-query increased" as well as "decreased" + +* Sat Oct 9 2010 Richard Fearn 7.3.6-56 +- Update dhcpd patch so that "Information-request" messages are matched + (rhbz#624590) + +* Thu Aug 19 2010 Karel Klic 7.3.6-55 +- Removed BuildRoot tag and %%clean section +- Deleted trailing whitespaces in the spec file +- Updated patch upstream status +- Added fetchmail service (rhbz#528838) + +* Mon Apr 19 2010 Karel Klic 7.3.6-54 +- Do not install zz-fortune service when %%{rhel} is defined. + +* Mon Apr 19 2010 Karel Klic 7.3.6-53 +- Removed zz-fortune patch as zz-disk_space is run every + time anyway. + +* Fri Apr 16 2010 Karel Klic 7.3.6-52 +- Updated the previously added patches to apply with --fuzz=0 + +* Wed Apr 14 2010 Karel Klic 7.3.6-51 +- Re-enabled zz-fortune with a patch that prevents sending reports + containing zz-fortune only (rhbz#573450) +- Removed obsolete chmod and touch calls from the spec file +- Added manpages for configuration files (rhbz#525644) +- Ignore broken trust chain messages in named service (rhbz#581186) + +* Mon Feb 1 2010 Karel Klic 7.3.6-50 +- Added patch from #555750: Not all methods to deny login via sshd are reported +- Added patch from #555735: DHCPDv6 messages are not recognised +- Removed logwatch-7.3.6-dhcpd.patch, obsoleted by #555735 +- Added lines from #550873 to the logwatch-7.3.6-named6.patch +- Added named7 patch from #555980 +- Added dovecot3 patch from #555745 +- Added sendmail2 patch from #555753 + +* Wed Dec 2 2009 Karel Klic 7.3.6-49 +- Add 802.1q subinterface support to iptables report; iptables.patch (#507743) +- Fixed error in the RE that matches "lost connection" lines in postfix script; lost-connection.patch (#525903) +- Added patches parsing several unmatched entries (from F-10); + audit4.patch modified to make ppid optional; + openvpn4.patch modified to make "semi-" optional; + pam_unix4.patch modified (user name matched by \S+) + +* Tue Aug 11 2009 Ivana Varekova 7.3.6-48 +- parse a few unmatched entries in named script (#513853) + +* Sat Jul 25 2009 Fedora Release Engineering - 7.3.6-47 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Tue Jul 7 2009 Ivana Varekova 7.3.6-46 +- fix cron script + +* Thu Jul 2 2009 Ivana Varekova 7.3.6-45 +- fix cron script + +* Thu Jun 25 2009 Ivana Varekova 7.3.6-44 +- add the possibility to switch of cron job (#493063) + +* Mon Jun 15 2009 Ivana Varekova 7.3.6-43 +- fix removeservice script - to decrease the number of + perl instances running simultaneously + +* Tue Mar 31 2009 Ivana Varekova 7.3.6-42 +- fix exim script (#492269) + +* Mon Mar 30 2009 Ivana Varekova 7.3.6-41 +- fix sshd script (#492738) + +* Wed Feb 25 2009 Fedora Release Engineering - 7.3.6-40 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Tue Jan 6 2009 Ivana Varekova 7.3.6-39 +- fix smartd script + +* Tue Dec 16 2008 Ivana Varekova 7.3.6-38 +- remove obsolete patches +- fix dovecot,named and openvpn scrpts(#476620) + +* Mon Dec 8 2008 Ivana Varekova 7.3.6-37 +- fix zz-disk_space script (#474810) + +* Thu Nov 13 2008 Ivana Varekova 7.3.6-35 +- fix exim script + +* Tue Nov 11 2008 Ivana Varekova 7.3.6-34 +- fix pam-unix script patches + +* Thu Oct 30 2008 Ivana Varekova 7.3.6-33 +- mark logwatch.conf as a configure file (#468655) + +* Wed Oct 29 2008 Ivana Varekova 7.3.6-32 +- parse another postfix log, do postfix patches cleanup + +* Fri Oct 24 2008 Ivana Varekova 7.3.6-31 +- parse another bunch of postfix logs(#467378) + +* Tue Oct 21 2008 Ivana Varekova 7.3.6-30 +- fix secure, pam_unix and init scripts + +* Fri Oct 17 2008 Ivana Varekova 7.3.6-29 +- fix postfix script again (#462174) + +* Mon Sep 15 2008 Ivana Varekova 7.3.6-28 +- fix postfix script problem + (#462174) + +* Tue Aug 26 2008 Ivana Varekova 7.3.6-27 +- fix init script problem + (#459887) + +* Fri Aug 15 2008 Ivana Varekova 7.3.6-26 +- fix problem with changed logrotate suffixes (#458580) + +* Wed Aug 6 2008 Ivana Varekova 7.3.6-25 +- add cron service patch to parse more logs + +* Fri Jun 20 2008 Ivana Varekova 7.3.6-24 +- Resolves: #452044 + handle 2.6.25+ audit messages +- add init script logs parsing + +* Tue Jun 10 2008 Ivana Varekova 7.3.6-23 +- Resolves: #450494 + MailTo configuration parameter is ignored + +* Wed Apr 30 2008 Ivana Varekova 7.3.6-22 +- Resolves: #436719 + Logwatch doesn't show any usable sendmail section + +* Fri Apr 4 2008 Ivana Varekova 7.3.6-21 +- Resolves: #440534 + Some unmatched OpenVPN log lines +- add parsing of new logw to audit and cron service + +* Wed Mar 5 2008 Ivana Varekova 7.3.6-20 +- Resolves: #436058 + dovecot script for logwatch needs fix for IPv6 + +* Thu Feb 14 2008 Ivana Varekova 7.3.6-19 +- resolves cron service problem (#432766) + +* Mon Jan 28 2008 Ivana Varekova 7.3.6-18 +- resolves: #429933 fix postfix script + thanks Benjamin Gordon + +* Mon Jan 21 2008 Ivana Varekova 7.3.6-17 +- Resolves: #427734 + fix amavis script +- Resolves: #429452 + fix openvpn script + +* Tue Jan 8 2008 Ivana Varekova 7.3.6-16 +- Resolves: #427734 + fix amavis script +- Resolves: #427761 + remove *.orig scripts +- Resolves: #230974 + add no-oldfiles-log option +- remove usage option description +- Resolves: #427596 + fix mailto setting + +* Wed Jan 2 2008 Ivana Varekova 7.3.6-15 +- Resolves: #424171 + logwatch doesn't recognize dovecot starting up message .. + +* Wed Jan 2 2008 Ivana Varekova 7.3.6-14 +- Resolves: #426857 + is report cdrom "disk full" necessary + +* Thu Nov 22 2007 Ivana Varekova 7.3.6-13 +- fix pam_unix script output (#389311) + +* Tue Nov 13 2007 Ivana Varekova 7.3.6-12 +- change Print configuration (#378901) + +* Tue Nov 6 2007 Ivana Varekova 7.3.6-11 +- Resolves: #361921 + fix clamav-milter service + +* Tue Oct 30 2007 Ivana Varekova 7.3.6-10 +- add perl requirement (#356481) + +* Fri Oct 12 2007 Ivana Varekova 7.3.6-9 +- add sshd service patch +- add sudo service patch + +* Wed Oct 10 2007 Ivana Varekova 7.3.6-8 +- add secure service patch + +* Wed Oct 10 2007 Ivana Varekova 7.3.6-7 +- add cron service patch +- add pam-unix service patch + +* Thu Aug 9 2007 Ivana Varekova 7.3.6-6 +- add cron patch + +* Tue Jul 10 2007 Ivana Varekova 7.3.6-5 +- Resolves: #247511 + add zz-disk_space patch + +* Tue Jul 10 2007 Ivana Varekova 7.3.6-4 +- Resolves: #246655 + add cron service patch + +* Wed Jul 4 2007 Ivana Varekova 7.3.6-3 +- add named, pam_unix and audit service patches + +* Mon Jun 4 2007 Ivana Varekova 7.3.6-2 +- fix secure script +- Resolves: #242201 + fix named service + +* Tue May 22 2007 Ivana Varekova 7.3.6-1 +- update to 7.3.6 + +* Mon May 7 2007 Ivana Varekova 7.3.4-8 +- add named and sshd service patches + +* Fri Apr 20 2007 Ivana Varekova 7.3.4-7 +- Resolves: 236618 + (add anacron setting of mailto accept) + thanks Todd Denniston + +* Fri Apr 13 2007 Ivana Varekova 7.3.4-6 +- remove another xntpd service logs +- add sshd logs with two spaces after the date tag + +* Tue Apr 10 2007 Ivana Varekova 7.3.4-5 +- logwatch will ignore more useless secure logs + +* Wed Apr 4 2007 Ivana Varekova 7.3.4-4 +- Resolves 234875 + logwatch warns about ntpd startup messages + +* Mon Apr 2 2007 Ivana Varekova 7.3.4-3 +- Resolves: 234767 + Unmatched Entries in mails since sysklogd 1.4.2-3/#223573 + +* Thu Mar 8 2007 Ivana Varekova 7.3.4-2 +- add pam_unix service patch + +* Tue Feb 20 2007 Ivana Varekova 7.3.4-1 +- update to 7.3.4 + +* Mon Feb 12 2007 Ivana Varekova 7.3.2-9 +- Resolves: 228258 + logwatch warns about dhcdbd subscripton enabled +- add xntpd, up2date and automount services + +* Fri Feb 9 2007 Ivana Varekova 7.3.2-8 +- incorporate the next part of package review comments +- Resolves: 227976 + logwatch warns about auditspd starting + +* Thu Feb 8 2007 Ivana Varekova 7.3.2-7 +- incorporate package review feedback +- Resolves: 227814 + logwatch warns about ntpd deletes interfaces on shutdown + +* Mon Feb 5 2007 Ivana Varekova 7.3.2-6 +- Resolves: 226999 + fix audit script + +* Fri Jan 26 2007 Ivana Varekova 7.3.2-5 +- add sendmail, automount, amvais and cron patch + +* Wed Jan 17 2007 Ivana Varekova 7.3.2-4 +- add xntpd patch + +* Tue Jan 16 2007 Ivana Varekova 7.3.2-3 +- Resolves: 222263 + sshd script problem + +* Fri Jan 5 2007 Ivana Varekova 7.3.2-2 +- Resolves: 221576 + add html conf files + +* Thu Dec 21 2006 Ivana Varekova 7.3.2-1 +- update to 7.3.2 +- remove obsolete patches + +* Wed Dec 20 2006 Ivana Varekova 7.3.1-9 +- add cron, pam_unix, audit, init service patches + +* Wed Dec 20 2006 Ivana Varekova 7.3.1-8 +- add dovecot, amavis and init patch +- cleanup spec file + +* Wed Nov 29 2006 Ivana Varekova 7.3.1-7 +- add postfix service patch (#208909) +- add vsftpd service patch (#217226) + +* Tue Nov 28 2006 Ivana Varekova 7.3.1-6 +- add automount and mountd service patch + +* Wed Nov 1 2006 Ivana Varekova 7.3.1-5 +- fix named patch (#213267) +- add openvpn patch + +* Mon Oct 30 2006 Ivana Varekova 7.3.1-4 +- fix #209405 - another sendmail service problem +- fix #212812 - add service script patch + patch created by Russell Coker + +* Mon Oct 23 2006 Ivana Varekova 7.3.1-3 +- fix #209405 - sendmail service problems + +* Fri Oct 20 2006 Ivana Varekova 7.3.1-2 +- fix #204078 - missing /etc/logwatch/scripts/services +- add yum service patch +- fix #209554 - automount service problem + +* Fri Oct 20 2006 Ivana Varekova 7.3.1-1 +- update to 7.3.1 + +* Tue Aug 29 2006 Ivana Varekova 7.3-5 +- fix amavis problem #204432 + +* Mon Aug 14 2006 Marcela Maslanova 7.3-4 +- add audit patch for SElinux (#200116) +- add patch for sshd (#200105) +- add patch from bugzilla, made by Allen Kistler (#200147) + +* Fri Jun 23 2006 Ivana Varekova 7.3-3 +- added secure-service patch + +* Fri May 5 2006 Ivana Varekova 7.3-2 +- added tests to file creation and access, clean up +resulting files when logwatch fails (upstream change) +(#190498) + +* Mon Mar 27 2006 Ivana Varekova 7.3-1 +- update to 7.3 +- added samba, up2date + +* Fri Mar 17 2006 Ivana Varekova 7.2.1-1 +- update to 7.2.1 +- update nosegfault, pam_unix, http patches +- added sshd, smart, named, audit, secure and mountd services + patches + +* Mon Feb 20 2006 Ivana Varekova 7.1-8 +- fix http exploit problem #181802 + +* Fri Jan 20 2006 Ivana Varekova 7.1-7 +- extended pam_unix patch (fix sshd service) + +* Wed Jan 18 2006 Ivana Varekova 7.1-6 +- removed nounicode patch +- added patch to fix pam_unix logs parsing (#178058) + +* Fri Dec 23 2005 Ivana Varekova 7.1-5 +- fix http exploits problem (bug 176324 - comment 2) + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Thu Dec 8 2005 Ivana Varekova 7.1-4 +- updated /etc/.../logwatch.conf file (bug 175233) + +* Tue Nov 29 2005 Ivana Varekova 7.1-3 +- add secure service patch +- add iptables patch created by Allen Kistler (bug 174954) +- add audit service patch + +* Wed Nov 24 2005 Ivana Varekova 7.1-2 +- add named script patch (bug 171631) +- change autdated description + +* Wed Nov 23 2005 Ivana Varekova 7.1-1 +- update to 7.1 +- added sshd and samba patches + +* Wed Nov 2 2005 Ivana Varekova 7.0-2 +- fix zz-disk_space problem (bug 172230) + used michal@harddata.com patch +- fix a few inconsistencies with new directory structure +- changed previous zz-disk_space +- add secure sript patch allow case insensitivity for GID, UID) + +* Thu Oct 13 2005 Ivana Varekova 7.0-1 +- update to 7.0 (new directory structure) +- add smartd and zz-disk_space patch + +* Mon Oct 3 2005 Ivana Varekova 6.1.2-7 +- add audit script patch recognized other unmatched logs +- add cron script patch +- change sshd script patch + +* Fri Sep 30 2005 Ivana Varekova 6.1.2-6 +- add audit script patch to recognize number of unmatched entries + +* Mon Sep 26 2005 Ivana Varekova 6.1.2-5 +- change secure script patch +- add sshd script patch (sshd part should not display 0.0.0.0 + in "Failed to bind" column) +- add one unmatch line to named script + +* Mon Sep 19 2005 Ivana Varekova 6.1.2-4 +- fixed secure script (part of bug 141116, added a few + unknown logs) +- bug 168469 - fixed up2date script + +* Mon Jul 25 2005 Ivana Varekova 6.1.2-3 +- bug 162689 - add noreplace option + +* Wed Jun 29 2005 Ivana Varekova 6.1.2-2 +- fix bug 161973 - The logwatch yum service doesn't properly +show removed entries +- used patch created by Dean Earley (patch5) + +* Thu Jun 23 2005 Ivana Varekova 6.1.2-1 +- update to 6.1.2-1 + +* Thu May 19 2005 Jiri Ryska 6.0.1-2 +- fixed temp dir creation #155795 + +* Thu Apr 15 2005 Jiri Ryska 6.0.1-1 +- update to 6.0.1 + +* Tue Nov 09 2004 Jiri Ryska +- Patch for #134288, #138285 + +* Wed Jul 14 2004 Elliot Lee 5.2.2-1 +- Update to 5.2.2 +- Patch for #126558, #101744 + +* Wed Jul 07 2004 Elliot Lee 5.1-6 +- Extra patch from #80496 + +* Tue Jun 15 2004 Elliot Lee +- rebuilt + +* Mon May 24 2004 Joe Orton 5.1-4 +- stop logging access_log entries with 2xx response codes + +* Wed Mar 17 2004 Elliot Lee 5.1-3 +- Fix the perl(Logwatch) problem the correct way, as per #118507 + +* Mon Mar 15 2004 Elliot Lee 5.1-2 +- Add provides perl(Logwatch) + +* Fri Mar 12 2004 Elliot Lee 5.1-1 +- Update (#113802) + +* Fri Feb 13 2004 Elliot Lee +- rebuilt + +* Fri Sep 05 2003 Elliot Lee 4.3.2-4 +- Fix #103720 + +* Wed Aug 13 2003 Elliot Lee 4.3.2-3 +- Fix a reported bug about MsgsSent/BytesTransferred stats not + counting locally-originated traffic. + +* Wed Jul 10 2003 Elliot Lee 4.3.2-2 +- Fix #81144 (nounicode), #85551 and part of #97421 (nosegfault), #87483 (funkyhn) + +* Wed Jan 22 2003 Tim Powers +- rebuilt + +* Wed Jan 15 2003 Elliot Lee 4.3.1-1 +- Update to new upstream version + +* Tue Dec 10 2002 Elliot Lee 4.0.3-3 +- Apply patch from #77173 + +* Wed Oct 16 2002 Elliot Lee 4.0.3-2 +- Update to new upstream version + +* Thu Aug 08 2002 Elliot Lee 2.6-8 +- Apply patch from #68804, #68806 + +* Mon Jul 15 2002 Elliot Lee 2.6-7 +- Fix #68869 (the other half of the expandrepeats job) + +* Thu Jul 11 2002 Elliot Lee 2.6-6 +- Remove expandrepeats (#67606) +- Patch6 (ftpd-messages.patch) from #68243 + +* Thu Jun 27 2002 Elliot Lee 2.6-5 +- logwatch-2.6-applydate-65655.patch to fix xferlog date parsing +- logwatch-2.6-xinetd_match-65856.patch to match more xinetd lines properly +- logwatch-2.6-confparse-65937.patch to properly parse lines with multiple + = chars in them + +* Fri Jun 21 2002 Tim Powers +- automated rebuild + +* Thu May 23 2002 Tim Powers +- automated rebuild + +* Mon Apr 15 2002 Elliot Lee 2.6-2 +- Fix #62787 (logwatch-2.6-newline-62787.patch) and #63279 (logwatch-2.6-applystddate-63279.patch) + +* Sun Mar 31 2002 Elliot Lee 2.6-1 +- Don't trust homebaked tempdir creation - always use mktemp. + +* Thu Mar 28 2002 Elliot Lee 2.5-4 +- Fix the /tmp race for real +- Merge changes from both spec files. + +* Thu Mar 28 2002 Kirk Bauer 2.5-2 +- Updated new changes from Red Hat's rawhide packaging + +* Tue Sep 04 2001 Elliot Lee 2.1.1-3 +- Fix #53077 + +* Thu Aug 09 2001 Elliot Lee 2.1.1-2 +- Fix warning in services/init (#51305) and don't include fortune module +(#51093). + +* Mon May 21 2001 Tim Powers +- updated to 2.1.1 +- adapted changes from Kirk Bauer's spec file into this one + +* Sat Aug 5 2000 Tim Powers +- fix bug #15478, spelling error in the description + +* Mon Jul 24 2000 Prospector +- rebuilt + +* Mon Jul 10 2000 Tim Powers +- rebuilt + +* Thu Jun 8 2000 Tim Powers +- fixed man page location to be FHS compliant +- use predefined RPM macros whenever possible + +* Mon May 15 2000 Tim Powers +- rebuilt for 7.0 + +* Mon Jul 19 1999 Tim Powers +- rebuilt for 6.1 + +* Thu Apr 15 1999 Michael Maher +- built package for 6.0 +- updated source + +* Wed Nov 18 1998 Kirk Bauer +- Modified to comply with RHCN standards + +* Fri Oct 2 1998 Michael Maher +- built package + +* Sun Feb 23 1998 Kirk Bauer +- Minor changes and addition of man-page + +* Sun Feb 22 1998 Kirk Bauer +- initial release