Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
On Sat, January 3, 2015 21:40, J?r?mie Courr?ges-Anglas wrote: Markus Lude markus.l...@gmx.de writes: ping unfortunately I didn't get any response from MAINTAINER yet. I could also take MAINTAINER for this port. Committed, thanks. I also have added you as MAINTAINER. FWIW, logsentry looks dead and those folks take care of an updated version. http://www.logcheck.org/ hi, At first I thought that the old story with renaming is still going on: http://marc.info/?l=openbsd-portsm=138563089115744w=2 But after a close look I can say that logcheck.org is a different project written in perl, while old logcheck/logsentry is written in C. Looking at the rule-files shipped with logcheck.org I ust say it's too linux-cenrtric so it couldn't be a straight replacement for old logsentry port.
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
Markus Lude markus.l...@gmx.de writes: ping unfortunately I didn't get any response from MAINTAINER yet. I could also take MAINTAINER for this port. Committed, thanks. I also have added you as MAINTAINER. FWIW, logsentry looks dead and those folks take care of an updated version. http://www.logcheck.org/ -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
ping
unfortunately I didn't get any response from MAINTAINER yet.
I could also take MAINTAINER for this port.
Regards,
Markus
On Sat, Nov 29, 2014 at 09:00:58PM +0100, Markus Lude wrote:
On Wed, Nov 26, 2014 at 11:06:10PM +, Christian Weisgerber wrote:
On 2014-11-26, Stuart Henderson st...@openbsd.org wrote:
since the move to /var/tmp/ no being a symlink to /tmp logwatch throws
errors after updating to newer snapshots. /var/tmp/logwatch/ is missing
then. This is the only place were /var/tmp/ appears in PLIST.
This is the scratch area for logcheck to handle it's(sic) files
Possibly /var/db/logwatch?
/var/cache/logwatch?
patch attach to use /var/cache/logsentry/
tested on sparc64
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/security/logsentry/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile 28 Nov 2013 10:54:09 - 1.10
+++ Makefile 29 Nov 2014 19:54:47 -
@@ -4,7 +4,7 @@ COMMENT= logfile auditing tool
DISTNAME=logcheck-1.1.1
PKGNAME= logsentry-1.1.1
-REVISION = 5
+REVISION = 6
CATEGORIES= security
MAINTAINER= Srebrenko Sehic ha...@insecure.dk
@@ -45,7 +45,7 @@ do-install:
${CFG_DIR}/${i:S/logcheck/logsentry/}
.endfor
@perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \
- -e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \
+ -e 's,%%LOGSENTRY_TMP%%,/var/cache/logsentry,;' \
-e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh
.include bsd.port.mk
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v
retrieving revision 1.10
diff -u -p -r1.10 PLIST
--- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10
+++ pkg/PLIST 29 Nov 2014 19:54:47 -
@@ -1,7 +1,7 @@
@comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $
@conflict logcheck-1.1.1
@conflict logtail-*
-@extraunexec rm -rf /var/tmp/logsentry/*
+@extraunexec rm -rf /var/cache/logsentry/*
@bin bin/logtail
share/doc/logsentry/
share/doc/logsentry/CREDITS
@@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola
share/examples/logsentry/logsentry.violations.ignore
@mode 600
@sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore
-@sample /var/tmp/logsentry/
+@mode 700
+@sample /var/cache/logsentry/
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
ping
On Sat, Nov 29, 2014 at 09:00:58PM +0100, Markus Lude wrote:
On Wed, Nov 26, 2014 at 11:06:10PM +, Christian Weisgerber wrote:
On 2014-11-26, Stuart Henderson st...@openbsd.org wrote:
since the move to /var/tmp/ no being a symlink to /tmp logwatch throws
errors after updating to newer snapshots. /var/tmp/logwatch/ is missing
then. This is the only place were /var/tmp/ appears in PLIST.
This is the scratch area for logcheck to handle it's(sic) files
Possibly /var/db/logwatch?
/var/cache/logwatch?
patch attach to use /var/cache/logsentry/
tested on sparc64
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/security/logsentry/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile 28 Nov 2013 10:54:09 - 1.10
+++ Makefile 29 Nov 2014 19:54:47 -
@@ -4,7 +4,7 @@ COMMENT= logfile auditing tool
DISTNAME=logcheck-1.1.1
PKGNAME= logsentry-1.1.1
-REVISION = 5
+REVISION = 6
CATEGORIES= security
MAINTAINER= Srebrenko Sehic ha...@insecure.dk
@@ -45,7 +45,7 @@ do-install:
${CFG_DIR}/${i:S/logcheck/logsentry/}
.endfor
@perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \
- -e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \
+ -e 's,%%LOGSENTRY_TMP%%,/var/cache/logsentry,;' \
-e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh
.include bsd.port.mk
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v
retrieving revision 1.10
diff -u -p -r1.10 PLIST
--- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10
+++ pkg/PLIST 29 Nov 2014 19:54:47 -
@@ -1,7 +1,7 @@
@comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $
@conflict logcheck-1.1.1
@conflict logtail-*
-@extraunexec rm -rf /var/tmp/logsentry/*
+@extraunexec rm -rf /var/cache/logsentry/*
@bin bin/logtail
share/doc/logsentry/
share/doc/logsentry/CREDITS
@@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola
share/examples/logsentry/logsentry.violations.ignore
@mode 600
@sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore
-@sample /var/tmp/logsentry/
+@mode 700
+@sample /var/cache/logsentry/
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
On Wed, Nov 26, 2014 at 08:56:45PM +, Stuart Henderson wrote:
On 2014/11/26 21:45, Markus Lude wrote:
Hi,
since the move to /var/tmp/ no being a symlink to /tmp logwatch throws
errors after updating to newer snapshots. /var/tmp/logwatch/ is missing
then. This is the only place were /var/tmp/ appears in PLIST.
How should one fix this? Better use another directory like
/var/logwatch/ ? Or generate a random directory logwatch. in
/var/tmp/ at the start of the software and use that?
eh, of course I meant /var/tmp/logsentry/
This is the scratch area for logcheck to handle it's(sic) files
Possibly /var/db/logwatch?
patch attach to use /var/db/logsentry/
tested on sparc64
Regards,
Markus
Index: Makefile
===
RCS file: /cvs/ports/security/logsentry/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile28 Nov 2013 10:54:09 - 1.10
+++ Makefile26 Nov 2014 21:55:21 -
@@ -4,7 +4,7 @@ COMMENT=logfile auditing tool
DISTNAME= logcheck-1.1.1
PKGNAME= logsentry-1.1.1
-REVISION = 5
+REVISION = 6
CATEGORIES=security
MAINTAINER=Srebrenko Sehic ha...@insecure.dk
@@ -45,7 +45,7 @@ do-install:
${CFG_DIR}/${i:S/logcheck/logsentry/}
.endfor
@perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \
--e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \
+-e 's,%%LOGSENTRY_TMP%%,/var/db/logsentry,;' \
-e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh
.include bsd.port.mk
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v
retrieving revision 1.10
diff -u -p -r1.10 PLIST
--- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10
+++ pkg/PLIST 26 Nov 2014 21:55:21 -
@@ -1,7 +1,7 @@
@comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $
@conflict logcheck-1.1.1
@conflict logtail-*
-@extraunexec rm -rf /var/tmp/logsentry/*
+@extraunexec rm -rf /var/db/logsentry/*
@bin bin/logtail
share/doc/logsentry/
share/doc/logsentry/CREDITS
@@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola
share/examples/logsentry/logsentry.violations.ignore
@mode 600
@sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore
-@sample /var/tmp/logsentry/
+@mode 700
+@sample /var/db/logsentry/
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
On 2014/11/26 23:01, Markus Lude wrote:
On Wed, Nov 26, 2014 at 08:56:45PM +, Stuart Henderson wrote:
On 2014/11/26 21:45, Markus Lude wrote:
Hi,
since the move to /var/tmp/ no being a symlink to /tmp logwatch throws
errors after updating to newer snapshots. /var/tmp/logwatch/ is missing
then. This is the only place were /var/tmp/ appears in PLIST.
How should one fix this? Better use another directory like
/var/logwatch/ ? Or generate a random directory logwatch. in
/var/tmp/ at the start of the software and use that?
eh, of course I meant /var/tmp/logsentry/
This is the scratch area for logcheck to handle it's(sic) files
Possibly /var/db/logwatch?
patch attach to use /var/db/logsentry/
Hmm, actually I was confused and thought this directory would be used for
logtail (i.e. need to write persistent offset files there). But now I've
tested it, it's only short-term transient storage and removes files
during the logsentry.sh run, so actually using mktemp logsentry.
probably would make more sense for this.
Markus
Index: Makefile
===
RCS file: /cvs/ports/security/logsentry/Makefile,v
retrieving revision 1.10
diff -u -p -r1.10 Makefile
--- Makefile 28 Nov 2013 10:54:09 - 1.10
+++ Makefile 26 Nov 2014 21:55:21 -
@@ -4,7 +4,7 @@ COMMENT= logfile auditing tool
DISTNAME=logcheck-1.1.1
PKGNAME= logsentry-1.1.1
-REVISION = 5
+REVISION = 6
CATEGORIES= security
MAINTAINER= Srebrenko Sehic ha...@insecure.dk
@@ -45,7 +45,7 @@ do-install:
${CFG_DIR}/${i:S/logcheck/logsentry/}
.endfor
@perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \
- -e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \
+ -e 's,%%LOGSENTRY_TMP%%,/var/db/logsentry,;' \
-e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh
.include bsd.port.mk
Index: pkg/PLIST
===
RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v
retrieving revision 1.10
diff -u -p -r1.10 PLIST
--- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10
+++ pkg/PLIST 26 Nov 2014 21:55:21 -
@@ -1,7 +1,7 @@
@comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $
@conflict logcheck-1.1.1
@conflict logtail-*
-@extraunexec rm -rf /var/tmp/logsentry/*
+@extraunexec rm -rf /var/db/logsentry/*
@bin bin/logtail
share/doc/logsentry/
share/doc/logsentry/CREDITS
@@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola
share/examples/logsentry/logsentry.violations.ignore
@mode 600
@sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore
-@sample /var/tmp/logsentry/
+@mode 700
+@sample /var/db/logsentry/
