Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
On Sat, January 3, 2015 21:40, J?r?mie Courr?ges-Anglas wrote: Markus Lude markus.l...@gmx.de writes: ping unfortunately I didn't get any response from MAINTAINER yet. I could also take MAINTAINER for this port. Committed, thanks. I also have added you as MAINTAINER. FWIW, logsentry looks dead and those folks take care of an updated version. http://www.logcheck.org/ hi, At first I thought that the old story with renaming is still going on: http://marc.info/?l=openbsd-portsm=138563089115744w=2 But after a close look I can say that logcheck.org is a different project written in perl, while old logcheck/logsentry is written in C. Looking at the rule-files shipped with logcheck.org I ust say it's too linux-cenrtric so it couldn't be a straight replacement for old logsentry port.
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
Markus Lude markus.l...@gmx.de writes: ping unfortunately I didn't get any response from MAINTAINER yet. I could also take MAINTAINER for this port. Committed, thanks. I also have added you as MAINTAINER. FWIW, logsentry looks dead and those folks take care of an updated version. http://www.logcheck.org/ -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
ping unfortunately I didn't get any response from MAINTAINER yet. I could also take MAINTAINER for this port. Regards, Markus On Sat, Nov 29, 2014 at 09:00:58PM +0100, Markus Lude wrote: On Wed, Nov 26, 2014 at 11:06:10PM +, Christian Weisgerber wrote: On 2014-11-26, Stuart Henderson st...@openbsd.org wrote: since the move to /var/tmp/ no being a symlink to /tmp logwatch throws errors after updating to newer snapshots. /var/tmp/logwatch/ is missing then. This is the only place were /var/tmp/ appears in PLIST. This is the scratch area for logcheck to handle it's(sic) files Possibly /var/db/logwatch? /var/cache/logwatch? patch attach to use /var/cache/logsentry/ tested on sparc64 Regards, Markus Index: Makefile === RCS file: /cvs/ports/security/logsentry/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile 28 Nov 2013 10:54:09 - 1.10 +++ Makefile 29 Nov 2014 19:54:47 - @@ -4,7 +4,7 @@ COMMENT= logfile auditing tool DISTNAME=logcheck-1.1.1 PKGNAME= logsentry-1.1.1 -REVISION = 5 +REVISION = 6 CATEGORIES= security MAINTAINER= Srebrenko Sehic ha...@insecure.dk @@ -45,7 +45,7 @@ do-install: ${CFG_DIR}/${i:S/logcheck/logsentry/} .endfor @perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \ - -e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \ + -e 's,%%LOGSENTRY_TMP%%,/var/cache/logsentry,;' \ -e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh .include bsd.port.mk Index: pkg/PLIST === RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v retrieving revision 1.10 diff -u -p -r1.10 PLIST --- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10 +++ pkg/PLIST 29 Nov 2014 19:54:47 - @@ -1,7 +1,7 @@ @comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $ @conflict logcheck-1.1.1 @conflict logtail-* -@extraunexec rm -rf /var/tmp/logsentry/* +@extraunexec rm -rf /var/cache/logsentry/* @bin bin/logtail share/doc/logsentry/ share/doc/logsentry/CREDITS @@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola share/examples/logsentry/logsentry.violations.ignore @mode 600 @sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore -@sample /var/tmp/logsentry/ +@mode 700 +@sample /var/cache/logsentry/
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
ping On Sat, Nov 29, 2014 at 09:00:58PM +0100, Markus Lude wrote: On Wed, Nov 26, 2014 at 11:06:10PM +, Christian Weisgerber wrote: On 2014-11-26, Stuart Henderson st...@openbsd.org wrote: since the move to /var/tmp/ no being a symlink to /tmp logwatch throws errors after updating to newer snapshots. /var/tmp/logwatch/ is missing then. This is the only place were /var/tmp/ appears in PLIST. This is the scratch area for logcheck to handle it's(sic) files Possibly /var/db/logwatch? /var/cache/logwatch? patch attach to use /var/cache/logsentry/ tested on sparc64 Regards, Markus Index: Makefile === RCS file: /cvs/ports/security/logsentry/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile 28 Nov 2013 10:54:09 - 1.10 +++ Makefile 29 Nov 2014 19:54:47 - @@ -4,7 +4,7 @@ COMMENT= logfile auditing tool DISTNAME=logcheck-1.1.1 PKGNAME= logsentry-1.1.1 -REVISION = 5 +REVISION = 6 CATEGORIES= security MAINTAINER= Srebrenko Sehic ha...@insecure.dk @@ -45,7 +45,7 @@ do-install: ${CFG_DIR}/${i:S/logcheck/logsentry/} .endfor @perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \ - -e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \ + -e 's,%%LOGSENTRY_TMP%%,/var/cache/logsentry,;' \ -e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh .include bsd.port.mk Index: pkg/PLIST === RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v retrieving revision 1.10 diff -u -p -r1.10 PLIST --- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10 +++ pkg/PLIST 29 Nov 2014 19:54:47 - @@ -1,7 +1,7 @@ @comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $ @conflict logcheck-1.1.1 @conflict logtail-* -@extraunexec rm -rf /var/tmp/logsentry/* +@extraunexec rm -rf /var/cache/logsentry/* @bin bin/logtail share/doc/logsentry/ share/doc/logsentry/CREDITS @@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola share/examples/logsentry/logsentry.violations.ignore @mode 600 @sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore -@sample /var/tmp/logsentry/ +@mode 700 +@sample /var/cache/logsentry/
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
On Wed, Nov 26, 2014 at 08:56:45PM +, Stuart Henderson wrote: On 2014/11/26 21:45, Markus Lude wrote: Hi, since the move to /var/tmp/ no being a symlink to /tmp logwatch throws errors after updating to newer snapshots. /var/tmp/logwatch/ is missing then. This is the only place were /var/tmp/ appears in PLIST. How should one fix this? Better use another directory like /var/logwatch/ ? Or generate a random directory logwatch. in /var/tmp/ at the start of the software and use that? eh, of course I meant /var/tmp/logsentry/ This is the scratch area for logcheck to handle it's(sic) files Possibly /var/db/logwatch? patch attach to use /var/db/logsentry/ tested on sparc64 Regards, Markus Index: Makefile === RCS file: /cvs/ports/security/logsentry/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile28 Nov 2013 10:54:09 - 1.10 +++ Makefile26 Nov 2014 21:55:21 - @@ -4,7 +4,7 @@ COMMENT=logfile auditing tool DISTNAME= logcheck-1.1.1 PKGNAME= logsentry-1.1.1 -REVISION = 5 +REVISION = 6 CATEGORIES=security MAINTAINER=Srebrenko Sehic ha...@insecure.dk @@ -45,7 +45,7 @@ do-install: ${CFG_DIR}/${i:S/logcheck/logsentry/} .endfor @perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \ --e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \ +-e 's,%%LOGSENTRY_TMP%%,/var/db/logsentry,;' \ -e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh .include bsd.port.mk Index: pkg/PLIST === RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v retrieving revision 1.10 diff -u -p -r1.10 PLIST --- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10 +++ pkg/PLIST 26 Nov 2014 21:55:21 - @@ -1,7 +1,7 @@ @comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $ @conflict logcheck-1.1.1 @conflict logtail-* -@extraunexec rm -rf /var/tmp/logsentry/* +@extraunexec rm -rf /var/db/logsentry/* @bin bin/logtail share/doc/logsentry/ share/doc/logsentry/CREDITS @@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola share/examples/logsentry/logsentry.violations.ignore @mode 600 @sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore -@sample /var/tmp/logsentry/ +@mode 700 +@sample /var/db/logsentry/
Re: security/logsentry - problem with missing /var/tmp/logsentry/ dir
On 2014/11/26 23:01, Markus Lude wrote: On Wed, Nov 26, 2014 at 08:56:45PM +, Stuart Henderson wrote: On 2014/11/26 21:45, Markus Lude wrote: Hi, since the move to /var/tmp/ no being a symlink to /tmp logwatch throws errors after updating to newer snapshots. /var/tmp/logwatch/ is missing then. This is the only place were /var/tmp/ appears in PLIST. How should one fix this? Better use another directory like /var/logwatch/ ? Or generate a random directory logwatch. in /var/tmp/ at the start of the software and use that? eh, of course I meant /var/tmp/logsentry/ This is the scratch area for logcheck to handle it's(sic) files Possibly /var/db/logwatch? patch attach to use /var/db/logsentry/ Hmm, actually I was confused and thought this directory would be used for logtail (i.e. need to write persistent offset files there). But now I've tested it, it's only short-term transient storage and removes files during the logsentry.sh run, so actually using mktemp logsentry. probably would make more sense for this. Markus Index: Makefile === RCS file: /cvs/ports/security/logsentry/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- Makefile 28 Nov 2013 10:54:09 - 1.10 +++ Makefile 26 Nov 2014 21:55:21 - @@ -4,7 +4,7 @@ COMMENT= logfile auditing tool DISTNAME=logcheck-1.1.1 PKGNAME= logsentry-1.1.1 -REVISION = 5 +REVISION = 6 CATEGORIES= security MAINTAINER= Srebrenko Sehic ha...@insecure.dk @@ -45,7 +45,7 @@ do-install: ${CFG_DIR}/${i:S/logcheck/logsentry/} .endfor @perl -pi -e 's,%%LOCALBASE%%,${LOCALBASE},;' \ - -e 's,%%LOGSENTRY_TMP%%,/var/tmp/logsentry,;' \ + -e 's,%%LOGSENTRY_TMP%%,/var/db/logsentry,;' \ -e 's,%%SYSCONFDIR%%,${SYSCONFDIR},;' ${CFG_DIR}/logsentry.sh .include bsd.port.mk Index: pkg/PLIST === RCS file: /cvs/ports/security/logsentry/pkg/PLIST,v retrieving revision 1.10 diff -u -p -r1.10 PLIST --- pkg/PLIST 28 Nov 2013 10:54:09 - 1.10 +++ pkg/PLIST 26 Nov 2014 21:55:21 - @@ -1,7 +1,7 @@ @comment $OpenBSD: PLIST,v 1.10 2013/11/28 10:54:09 kirby Exp $ @conflict logcheck-1.1.1 @conflict logtail-* -@extraunexec rm -rf /var/tmp/logsentry/* +@extraunexec rm -rf /var/db/logsentry/* @bin bin/logtail share/doc/logsentry/ share/doc/logsentry/CREDITS @@ -33,4 +33,5 @@ share/examples/logsentry/logsentry.viola share/examples/logsentry/logsentry.violations.ignore @mode 600 @sample ${SYSCONFDIR}/logsentry/logsentry.violations.ignore -@sample /var/tmp/logsentry/ +@mode 700 +@sample /var/db/logsentry/