[Logcheck-devel] Bug#441180: logcheck-database: pam change needs change in logcheck-database

Stephen Gran Fri, 07 Sep 2007 03:44:21 -0700

Package: logcheck-database
Version: 1.2.60
Severity: normal
Tags: patch

diff -u /etc/logcheck/violations.ignore.d/logcheck-su logcheck-su 
--- logcheck-su       2007-09-07 11:36:15.000000000 +0100
+++ logcheck-su 2007-09-07 11:36:04.000000000 +0100
@@ -1,7 +1,7 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: (\+|-) 
(pts/[0-9]{1,2}|tty[0-9]) [_[:alnum:]-]+:[_[:alnum:]-]+$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session 
opened for user [[:alnum:]-]+ by \(uid=[0-9]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session 
opened for user [[:alnum:]-]+ by [[:alnum:]-]+\(uid=[0-9]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \(pam_[[:alnum:]]+\) session 
closed for user [[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: 
pam_[[:alnum:]]+\(su:session\): session opened for user [[:alnum:]-]+ by 
\(uid=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: 
pam_[[:alnum:]]+\(su:session\): session opened for user [[:alnum:]-]+ by 
[[:alnum:]-]+\(uid=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: 
pam_[[:alnum:]]+\(su:session\): session closed for user [[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: \+ \?\?\? root:[_[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: Successful su for 
[[:alnum:]-]+ by [[:alnum:]-]+$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ su\[[0-9]+\]: pam_authenticate: 
Authentication failure$
diff -u /etc/logcheck/ignore.d.paranoid/cron cron
--- cron        2007-09-07 11:36:49.000000000 +0100
+++ cron        2007-09-07 11:33:33.000000000 +0100
@@ -4,5 +4,5 @@
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ /usr/sbin/cron\[[0-9]+\]: \(CRON\) INFO 
\(pidfile fd = [0-9]+\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ /usr/sbin/cron\[[0-9]+\]: \(CRON\) INFO 
\(Running @reboot jobs\)$
 ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ /usr/sbin/cron\[[0-9]+\]: \(CRON\) INFO 
\(Skipping @reboot jobs -- not system startup\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \(pam_[[:alnum:]]+\) 
session opened for user [[:alnum:]-]+ by \(uid=[0-9]+\)$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: \(pam_[[:alnum:]]+\) 
session closed for user [[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: 
pam_[[:alnum:]]+\(cron:session\): session opened for user [[:alnum:]-]+ by 
\(uid=[0-9]+\)$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ CRON\[[0-9]+\]: 
pam_[[:alnum:]]+\(cron:session\): session closed for user [[:alnum:]-]+$


Thanks,

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-1-686 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL 
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/bash

-- debconf information:
* logcheck-database/rules-directories-note:
  logcheck-database/standard-rename-note:
  logcheck-database/conffile-cleanup: false

-- 
 -----------------------------------------------------------------
|   ,''`.                                            Stephen Gran |
|  : :' :                                        [EMAIL PROTECTED] |
|  `. `'                        Debian user, admin, and developer |
|    `-                                     http://www.debian.org |
 -----------------------------------------------------------------

signature.asc
Description: Digital signature

_______________________________________________
Logcheck-devel mailing list
Logcheck-devel@lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/logcheck-devel

[Logcheck-devel] Bug#441180: logcheck-database: pam change needs change in logcheck-database

Reply via email to