rpms/logwatch/devel logwatch-6.1.2-audit2.patch, NONE, 1.1 logwatch-6.1.2-cron.patch, NONE, 1.1 logwatch-6.1.2-sshd.patch, 1.1, 1.2 logwatch.spec, 1.23, 1.24

Mon Oct 3 13:06:48 UTC 2005

Author: varekova

Update of /cvs/dist/rpms/logwatch/devel
In directory cvs.devel.redhat.com:/tmp/cvs-serv20188

Modified Files:
	logwatch-6.1.2-sshd.patch logwatch.spec 
Added Files:
	logwatch-6.1.2-audit2.patch logwatch-6.1.2-cron.patch 
Log Message:
- add audit script patch recognized other unmatched logs
- add cron script patch
- change sshd script patch


logwatch-6.1.2-audit2.patch:
 audit |    7 +++++--
 1 files changed, 5 insertions(+), 2 deletions(-)

--- NEW FILE logwatch-6.1.2-audit2.patch ---
--- logwatch-6.1.2/scripts/services/audit.pom	2005-09-30 14:59:39.000000000 +0200
+++ logwatch-6.1.2/scripts/services/audit	2005-10-03 13:51:10.000000000 +0200
@@ -48,9 +48,12 @@
     chomp($ThisLine);
     if (( $ThisLine =~ /initializing netlink socket \(disabled\)/) or 
 	( $ThisLine =~ /audit_pid=[0-9]* old=[0-9]*(?: by auid=[0-9]*)?/) or
-	( $ThisLine =~ /syscall=[0-9]+ exit=[0-9]+( a[0-3]=[0-9a-f]*)* items=[0-9]* pid=[0-9]* loginuid=[0-9-]* uid=[0-9]* gid=[0-9]* euid=[0-9]* suid=[0-9]* fsuid=[0-9]* egid=[0-9]* sgid=[0-9]* fsgid=[0-9]*/) or
+	( $ThisLine =~ /(arch=[0-9]+ )?syscall=[0-9]+ (success=(no|yes) )?exit=[0-9-]+( a[0-3]=[0-9a-f]+)* items=[0-9]+ pid=[0-9]+ (loginuid=[0-9-]+ )?(auid=[0-9]+ )?uid=[0-9]+ gid=[0-9]+ euid=[0-9]+ suid=[0-9]+ fsuid=[0-9]+ egid=[0-9]+ sgid=[0-9]+ fsgid=[0-9]+/) or
 	( $ThisLine =~ /Audit daemon rotating log files/) or
-	( $ThisLine =~ /audit_backlog_limit=[0-9]* old=[0-9]*(?: by auid=[0-9]*)?/)
+	( $ThisLine =~ /audit_backlog_limit=[0-9]* old=[0-9]*(?: by auid=[0-9]*)?/) or
+	( $ThisLine =~ /SELinux:  unrecognized netlink message type=[0-9]+ for sclass=[0-9]+/) or
+	( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): saddr=[0-9]+/) or
+	( $ThisLine =~ /nargs=[0-9]+ a0=[0-9a-f]+ a1=[0-9a-f]+ a2=[0-9a-f]+ a3=[0-9a-f]+ a4=[0-9a-f]+ a5=[0-9a-f]+/)
     ) { 
 	# Ignore these entries
     } elsif ( $ThisLine =~ /audit\([0-9]{10}.[0-9]{3}:[0-9]\): initialized$/) {

logwatch-6.1.2-cron.patch:
 cron |   10 ++++++++++
 1 files changed, 10 insertions(+)

--- NEW FILE logwatch-6.1.2-cron.patch ---
--- logwatch-6.1.2/scripts/services/cron.pom	2005-05-11 22:41:22.000000000 +0200
+++ logwatch-6.1.2/scripts/services/cron	2005-09-26 12:06:57.772953128 +0200
@@ -60,6 +60,7 @@
 $Startups = 0;
 $Reloads = 0;
 $MailErrors = 0;
+$BFMFile = 0;
 
 while (defined($ThisLine = <STDIN>)) {
    chomp($ThisLine);
@@ -105,6 +106,8 @@
          # ignore
       } elsif ( ($Reason) = ($ThisLine =~ /^error \((.+)\)$/) ) {
          $Errors{$Reason}++;
+      } elsif ( $ThisLine =~ /BAD FILE MODE \((.+)\)/) {
+         $BFMFile{$1}++; 
       } else {
          # Report any unmatched entries...
          push @OtherList, "$ThisLine\n";
@@ -160,6 +163,13 @@
    print "\nMAIL sending errors $MailErrors Time(s)\n";
 }
 
+if (keys %BFMFile) {
+   print "\nFiles with bad mode:\n";
+   foreach $i (keys %BFMFile) {
+      print "   $i\n";
+   }
+}
+
 if ($Detail >= 10) {
    if (keys %UserReloads) {
       print "   User crontabs reloaded:\n";

logwatch-6.1.2-sshd.patch:
 sshd |    6 +++++-
 1 files changed, 5 insertions(+), 1 deletion(-)

Index: logwatch-6.1.2-sshd.patch
===================================================================
RCS file: /cvs/dist/rpms/logwatch/devel/logwatch-6.1.2-sshd.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- logwatch-6.1.2-sshd.patch	26 Sep 2005 10:26:29 -0000	1.1
+++ logwatch-6.1.2-sshd.patch	3 Oct 2005 13:06:45 -0000	1.2
@@ -1,13 +1,15 @@
---- logwatch-6.1.2/scripts/services/sshd.p05	2005-05-22 00:47:48.000000000 +0200
-+++ logwatch-6.1.2/scripts/services/sshd	2005-09-22 14:12:23.000000000 +0200
-@@ -258,7 +258,9 @@
- if (keys %BindFailed) {
-    print "\nFailed to bind:\n";
-    foreach $ThisOne (sort {$a cmp $b} keys %BindFailed) {
--      print "   $ThisOne : $BindFailed{$ThisOne} Time(s)\n";
-+      unless ($ThisOne =~ /^0.0.0.0/) {
-+	 print "   $ThisOne : $BindFailed{$ThisOne} Time(s)\n";
+--- logwatch-6.1.2/scripts/services/sshd.ppp	2005-05-22 00:47:48.000000000 +0200
++++ logwatch-6.1.2/scripts/services/sshd	2005-10-03 14:04:55.356925040 +0200
+@@ -160,7 +160,11 @@
+       }
+    } elsif ( ($Port,$Address,$Reason) = ($ThisLine =~ /^error: Bind to port ([^ ]+) on ([^ ]+) failed: (.+).$/ )) {
+       $Temp = "$Address port $Port ($Reason)";
+-      $BindFailed{$Temp}++;
++      # Failed to bind on 0.0.0.0 likely due to configured "ListenAddress"
++      # on both IPv4 and IPv6 
++      unless ($Address =~ /^0.0.0.0$/) {
++        $BindFailed{$Temp}++;
 +      }
-    }
- }
- 
+    } elsif ( $ThisLine =~ m/^(log: )?Generating .* \w+ key\./ ) { # ssh/openssh
+       # Don't care about this...
+       if ( $Debug >= 5 ) {
\ No newline at end of file


Index: logwatch.spec
===================================================================
RCS file: /cvs/dist/rpms/logwatch/devel/logwatch.spec,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- logwatch.spec	30 Sep 2005 08:41:56 -0000	1.23
+++ logwatch.spec	3 Oct 2005 13:06:45 -0000	1.24
@@ -1,7 +1,7 @@
 Summary: A log file analysis program.
 Name: logwatch
 Version: 6.1.2
-Release: 6
+Release: 7
 License: MIT
 Group: Applications/System
 URL: http://www.logwatch.org/
@@ -15,6 +15,8 @@
 Patch8: logwatch-6.1.2-named.patch
 Patch9: logwatch-6.1.2-sshd.patch
 Patch10: logwatch-6.1.2-audit.patch
+Patch11: logwatch-6.1.2-cron.patch
+Patch12: logwatch-6.1.2-audit2.patch
 
 Requires: textutils sh-utils grep mailx
 BuildRoot: %{_tmppath}/logwatch-build
@@ -39,6 +41,8 @@
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch11 -p1 
+%patch12 -p1 
 
 %install
 rm -rf %{buildroot}
@@ -116,6 +120,11 @@
 %doc License project/CHANGES project/TODO
 
 %changelog
+* Mon Oct  3 2005 Ivana Varekova <varekova at redhat.com> 6.1.2-7
+- add audit script patch recognized other unmatched logs
+- add cron script patch 
+- change sshd script patch
+
 * Fri Sep 30 2005 Ivana Varekova <varekova at redhat.com> 6.1.2-6
 - add audit script patch to recognize number of unmatched entries
 


